Message ID | 1257799316-12573-4-git-send-email-john.johansen@canonical.com |
---|---|
State | Superseded |
Headers | show |
diff --git a/ubuntu/apparmor/capability.c b/ubuntu/apparmor/capability.c index 65b91cf..5bb2eca 100644 --- a/ubuntu/apparmor/capability.c +++ b/ubuntu/apparmor/capability.c @@ -72,6 +72,7 @@ static int aa_audit_caps(struct aa_profile *profile, struct aa_audit_caps *sa) /* Do simple duplicate message elimination */ ent = &get_cpu_var(audit_cache); if (sa->base.task == ent->task && cap_raised(ent->caps, sa->cap)) { + put_cpu_var(audit_cache); if (PROFILE_COMPLAIN(profile)) return 0; return sa->base.error;
BugLink: http://bugs.launchpad.net/bugs/479102 The auditing code of capabilities, has a simple cache to reduce capability messages flooding the audit logs. Checking and updating the cache disables kernel preemption. One potential exit path does not properly put the per cpu var, thus not reenabling preemption. Signed-off-by: John Johansen <john.johansen@canonical.com> --- ubuntu/apparmor/capability.c | 1 + 1 files changed, 1 insertions(+), 0 deletions(-)