diff options
author | John Johansen <john.johansen@canonical.com> | 2018-04-13 22:33:10 -0700 |
---|---|---|
committer | John Johansen <john.johansen@canonical.com> | 2018-06-07 01:51:01 -0700 |
commit | 3ddae9876a7045a8d08ab372eff232a5da5199b8 (patch) | |
tree | 64527d11e578e1130953d468ff1aeb37d63d54b6 | |
parent | 11c92f144bf39f448f65202cccba672097a1100b (diff) | |
download | linux-stable-3ddae9876a7045a8d08ab372eff232a5da5199b8.tar.gz linux-stable-3ddae9876a7045a8d08ab372eff232a5da5199b8.tar.bz2 linux-stable-3ddae9876a7045a8d08ab372eff232a5da5199b8.zip |
apparmor: fix memory leak when deduping profile load
AppArmor is leaking the newly loaded profile and its proxy when
the profile is an exact match to the currently loaded version.
In this case the dedup check results in the profile being skipped and
put without dealing with the proxy ref thus not breaking a circular
refcount and causing a leak.
BugLink: http://bugs.launchpad.net/bugs/1750594
Fixes: 5d5182cae401 ("apparmor: move to per loaddata files, instead of replicating in profiles")
Signed-off-by: John Johansen <john.johansen@canonical.com>
-rw-r--r-- | security/apparmor/policy.c | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/security/apparmor/policy.c b/security/apparmor/policy.c index b367fef33d03..1590e2de4e84 100644 --- a/security/apparmor/policy.c +++ b/security/apparmor/policy.c @@ -1008,6 +1008,9 @@ ssize_t aa_replace_profiles(struct aa_ns *policy_ns, struct aa_label *label, audit_policy(label, op, ns_name, ent->new->base.hname, "same as current profile, skipping", error); + /* break refcount cycle with proxy. */ + aa_put_proxy(ent->new->label.proxy); + ent->new->label.proxy = NULL; goto skip; } |