1 From a5b2c5b2ad5853591a6cac6134cd0f599a720865 Mon Sep 17 00:00:00 2001
2 From: Kees Cook <kees.cook@canonical.com>
3 Date: Tue, 31 May 2011 11:31:41 -0700
4 Subject: AppArmor: fix oops in apparmor_setprocattr
6 From: Kees Cook <kees.cook@canonical.com>
8 commit a5b2c5b2ad5853591a6cac6134cd0f599a720865 upstream.
10 When invalid parameters are passed to apparmor_setprocattr a NULL deref
11 oops occurs when it tries to record an audit message. This is because
12 it is passing NULL for the profile parameter for aa_audit. But aa_audit
13 now requires that the profile passed is not NULL.
15 Fix this by passing the current profile on the task that is trying to
18 Signed-off-by: Kees Cook <kees@ubuntu.com>
19 Signed-off-by: John Johansen <john.johansen@canonical.com>
20 Signed-off-by: James Morris <jmorris@namei.org>
21 Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
24 security/apparmor/lsm.c | 3 ++-
25 1 file changed, 2 insertions(+), 1 deletion(-)
27 --- a/security/apparmor/lsm.c
28 +++ b/security/apparmor/lsm.c
29 @@ -592,7 +592,8 @@ static int apparmor_setprocattr(struct t
30 sa.aad.op = OP_SETPROCATTR;
32 sa.aad.error = -EINVAL;
33 - return aa_audit(AUDIT_APPARMOR_DENIED, NULL, GFP_KERNEL,
34 + return aa_audit(AUDIT_APPARMOR_DENIED,
35 + __aa_current_profile(), GFP_KERNEL,
38 } else if (strcmp(name, "exec") == 0) {