Minki/linux
1
0
Fork 1
mirror of https://github.com/torvalds/linux.git synced 2024-11-11 06:31:49 +00:00
Code Issues Packages Projects Releases Wiki Activity
9c95a278ba
linux/security/apparmor
History
Patrick Steinhardt 9c95a278ba apparmor: fix bind mounts aborting with -ENOMEM 
With commit df323337e5 ("apparmor: Use a memory pool instead per-CPU
caches, 2019-05-03"), AppArmor code was converted to use memory pools. In
that conversion, a bug snuck into the code that polices bind mounts that
causes all bind mounts to fail with -ENOMEM, as we erroneously error out
if `aa_get_buffer` returns a pointer instead of erroring out when it
does _not_ return a valid pointer.

Fix the issue by correctly checking for valid pointers returned by
`aa_get_buffer` to fix bind mounts with AppArmor.

Fixes: df323337e5 ("apparmor: Use a memory pool instead per-CPU caches")
Signed-off-by: Patrick Steinhardt <ps@pks.im>
Signed-off-by: John Johansen <john.johansen@canonical.com>
2020-01-02 05:31:40 -08:00
..
include + Features 2019-12-03 12:51:35 -08:00
.gitignore apparmor: add base infastructure for socket mediation 2018-03-13 17:25:48 -07:00
apparmorfs.c + Features 2019-12-03 12:51:35 -08:00
audit.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 441 2019-06-05 17:37:17 +02:00
capability.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 441 2019-06-05 17:37:17 +02:00
crypto.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 441 2019-06-05 17:37:17 +02:00
domain.c + Features 2019-12-03 12:51:35 -08:00
file.c + Features 2019-12-03 12:51:35 -08:00
ipc.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 441 2019-06-05 17:37:17 +02:00
Kconfig + Features 2019-12-03 12:51:35 -08:00
label.c + Features 2019-12-03 12:51:35 -08:00
lib.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 441 2019-06-05 17:37:17 +02:00
lsm.c + Features 2019-12-03 12:51:35 -08:00
Makefile apparmor: add base infastructure for socket mediation 2018-03-13 17:25:48 -07:00
match.c + Features 2019-12-03 12:51:35 -08:00
mount.c apparmor: fix bind mounts aborting with -ENOMEM 2020-01-02 05:31:40 -08:00
net.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 441 2019-06-05 17:37:17 +02:00
nulldfa.in apparmor: cleanup add proper line wrapping to nulldfa.in 2018-02-09 11:30:01 -08:00
path.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 441 2019-06-05 17:37:17 +02:00
policy_ns.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 441 2019-06-05 17:37:17 +02:00
policy_unpack.c + Features 2019-12-03 12:51:35 -08:00
policy.c + Features 2019-12-03 12:51:35 -08:00
procattr.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 441 2019-06-05 17:37:17 +02:00
resource.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 441 2019-06-05 17:37:17 +02:00
secid.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 441 2019-06-05 17:37:17 +02:00
stacksplitdfa.in apparmor: use the dfa to do label parse string splitting 2018-02-09 11:30:01 -08:00
task.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 441 2019-06-05 17:37:17 +02:00