OpenE2K
/
linux
6
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
linux/security
History
John Johansen e0d2bf5a01 apparmor: fix aa_xattrs_match() may sleep while holding a RCU lock 
commit 8c62ed27a1 upstream.

aa_xattrs_match() is unfortunately calling vfs_getxattr_alloc() from a
context protected by an rcu_read_lock. This can not be done as
vfs_getxattr_alloc() may sleep regardles of the gfp_t value being
passed to it.

Fix this by breaking the rcu_read_lock on the policy search when the
xattr match feature is requested and restarting the search if a policy
changes occur.

Fixes: 8e51f9087f ("apparmor: Add support for attaching profiles via xattr, presence and value")
Reported-by: Jia-Ju Bai <baijiaju1990@gmail.com>
Reported-by: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: John Johansen <john.johansen@canonical.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 		2020-01-09 10:20:00 +01:00
..
apparmor apparmor: fix aa_xattrs_match() may sleep while holding a RCU lock 2020-01-09 10:20:00 +01:00
integrity integrity: remove pointless subdir-$(CONFIG_...) 2019-10-05 15:29:49 +09:00
keys KEYS: trusted: correctly initialize digests and fix locking issue 2019-09-25 02:43:53 +03:00
loadpin
lockdown efi/efi_test: Lock down /dev/efi_test and require CAP_SYS_ADMIN 2019-10-31 09:40:21 +01:00
safesetid LSM: SafeSetID: Stop releasing uninitialized ruleset 2019-09-17 11:27:05 -07:00
selinux selinux/stable-5.4 PR 20191007 2019-10-08 10:51:37 -07:00
smack I have four patches for v5.4. Nothing is major. All but one are in 2019-09-23 14:25:45 -07:00
tomoyo tomoyo: Don't use nifty names on sockets. 2020-01-04 19:18:42 +01:00
yama
Kconfig Merge branch 'next-lockdown' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security 2019-09-28 08:14:15 -07:00
Kconfig.hardening
Makefile
commoncap.c
device_cgroup.c
inode.c
lsm_audit.c
min_addr.c
security.c Merge branch 'next-lockdown' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security 2019-09-28 08:14:15 -07:00