releases/2.6.38.8/apparmor-fix-oops-in-apparmor_setprocattr.patch

   1 From a5b2c5b2ad5853591a6cac6134cd0f599a720865 Mon Sep 17 00:00:00 2001
   2 From: Kees Cook <kees.cook@canonical.com>
   3 Date: Tue, 31 May 2011 11:31:41 -0700
   4 Subject: AppArmor: fix oops in apparmor_setprocattr
   5
   6 From: Kees Cook <kees.cook@canonical.com>
   7
   8 commit a5b2c5b2ad5853591a6cac6134cd0f599a720865 upstream.
   9
  10 When invalid parameters are passed to apparmor_setprocattr a NULL deref
  11 oops occurs when it tries to record an audit message. This is because
  12 it is passing NULL for the profile parameter for aa_audit. But aa_audit
  13 now requires that the profile passed is not NULL.
  14
  15 Fix this by passing the current profile on the task that is trying to
  16 setprocattr.
  17
  18 Signed-off-by: Kees Cook <kees@ubuntu.com>
  19 Signed-off-by: John Johansen <john.johansen@canonical.com>
  20 Signed-off-by: James Morris <jmorris@namei.org>
  21 Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
  22
  23 ---
  24  security/apparmor/lsm.c |    3 ++-
  25  1 file changed, 2 insertions(+), 1 deletion(-)
  26
  27 --- a/security/apparmor/lsm.c
  28 +++ b/security/apparmor/lsm.c
  29 @@ -592,7 +592,8 @@ static int apparmor_setprocattr(struct t
  30                         sa.aad.op = OP_SETPROCATTR;
  31                         sa.aad.info = name;
  32                         sa.aad.error = -EINVAL;
  33 -                       return aa_audit(AUDIT_APPARMOR_DENIED, NULL, GFP_KERNEL,
  34 +                       return aa_audit(AUDIT_APPARMOR_DENIED,
  35 +                                       __aa_current_profile(), GFP_KERNEL,
  36                                         &sa, NULL);
  37                 }
  38         } else if (strcmp(name, "exec") == 0) {