]> git.ipfire.org Git - thirdparty/kernel/stable.git/commitdiff
projects / thirdparty / kernel / stable.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 7384c6f)
apparmor: fix 'Do simple duplicate message elimination'
authorchao liu <liuzgyid@outlook.com>
Tue, 27 Jun 2023 02:03:16 +0000 (10:03 +0800)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Thu, 5 Dec 2024 09:59:38 +0000 (10:59 +0100)
[ Upstream commit 9b897132424fe76bf6c61f22f9cf12af7f1d1e6a ]

Multiple profiles shared 'ent->caps', so some logs missed.

Fixes: 0ed3b28ab8bf ("AppArmor: mediation of non file objects")
Signed-off-by: chao liu <liuzgyid@outlook.com>
Signed-off-by: John Johansen <john.johansen@canonical.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
security/apparmor/capability.c patch | blob | blame | history

diff --git a/security/apparmor/capability.c b/security/apparmor/capability.c
index 752f73980e3085e81daceccc269f45e09b812b3c..8c99e8150bab9b7a55e253131cbb4514b2e4f2c5 100644 (file)
--- a/security/apparmor/capability.c
+++ b/security/apparmor/capability.c
@@ -98,6 +98,8 @@ static int audit_caps(struct common_audit_data *sa, struct aa_profile *profile,
                return error;
        } else {
                aa_put_profile(ent->profile);
+               if (profile != ent->profile)
+                       cap_clear(ent->caps);
                ent->profile = aa_get_profile(profile);
                cap_raise(ent->caps, cap);
        }
Mirror https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git