From patchwork Thu Mar 10 16:11:43 2011
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Paolo Pisati <paolo.pisati@canonical.com>
X-Patchwork-Id: 86318
Return-Path: <kernel-team-bounces@lists.ubuntu.com>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Received: from chlorine.canonical.com (chlorine.canonical.com
	[91.189.94.204]) by ozlabs.org (Postfix) with ESMTP id B7A631007D5
	for <incoming@patchwork.ozlabs.org>;
	Fri, 11 Mar 2011 04:11:59 +1100 (EST)
Received: from localhost ([127.0.0.1] helo=chlorine.canonical.com)
	by chlorine.canonical.com with esmtp (Exim 4.71)
	(envelope-from <kernel-team-bounces@lists.ubuntu.com>)
	id 1PxjOw-0000dZ-6K; Thu, 10 Mar 2011 17:11:50 +0000
Received: from adelie.canonical.com ([91.189.90.139])
	by chlorine.canonical.com with esmtp (Exim 4.71)
	(envelope-from <paolo.pisati@canonical.com>) id 1PxjOu-0000dP-EX
	for kernel-team@lists.ubuntu.com; Thu, 10 Mar 2011 17:11:48 +0000
Received: from youngberry.canonical.com ([91.189.89.112])
	by adelie.canonical.com with esmtp (Exim 4.71 #1 (Debian))
	id 1PxjOu-0008Gi-7a
	for <kernel-team@lists.ubuntu.com>; Thu, 10 Mar 2011 17:11:48 +0000
Received: from [91.189.88.12] (helo=[10.45.43.108])
	by youngberry.canonical.com with esmtpsa
	(TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71)
	(envelope-from <paolo.pisati@canonical.com>) id 1PxjOu-0008Cc-6I
	for kernel-team@lists.ubuntu.com; Thu, 10 Mar 2011 17:11:48 +0000
Message-ID: <4D78F83F.7070109@canonical.com>
Date: Thu, 10 Mar 2011 17:11:43 +0100
From: Paolo Pisati <paolo.pisati@canonical.com>
User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US;
	rv:1.9.2.14) Gecko/20110223 Thunderbird/3.1.8
MIME-Version: 1.0
To: kernel-team@lists.ubuntu.com
Subject: [lucid, maverick] SRU: apparmor_parser triggers a kernel panic
X-Enigmail-Version: 1.1.2
X-BeenThere: kernel-team@lists.ubuntu.com
X-Mailman-Version: 2.1.13
Precedence: list
List-Id: Kernel team discussions <kernel-team.lists.ubuntu.com>
List-Unsubscribe: <https://lists.ubuntu.com/mailman/options/kernel-team>,
	<mailto:kernel-team-request@lists.ubuntu.com?subject=unsubscribe>
List-Archive: <https://lists.ubuntu.com/archives/kernel-team>
List-Post: <mailto:kernel-team@lists.ubuntu.com>
List-Help: <mailto:kernel-team-request@lists.ubuntu.com?subject=help>
List-Subscribe: <https://lists.ubuntu.com/mailman/listinfo/kernel-team>,
	<mailto:kernel-team-request@lists.ubuntu.com?subject=subscribe>
Sender: kernel-team-bounces@lists.ubuntu.com
Errors-To: kernel-team-bounces@lists.ubuntu.com

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

SRU Justification:

    Impact: kernel panic when loading a malformed apparmor profile.
    Fix: see attached patch.
    Testcase: /etc/init.d/apparmor restart


Buglink:
https://bugs.launchpad.net/ubuntu/+source/linux-mvl-dove/+bug/732700

This affetcs lucid/master, lucid/mvl-dove and maverick/mvl-dove.

This fix a regression in the lucid/mvl-dove -proposed kernel.

bye,
p
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQEcBAEBAgAGBQJNePg/AAoJEMupOQaAohtUSQEH/1PcnD0apOvdM4WFt0G2fOwz
2ZMT89kPoytAmYu3FSdICiXWJUKhFkQHEyou+RhkBmNrXjmT/JW9v16LTsAOUxBx
vWjlbeU8KZ0hpNfxF4lZQJBe9CmVgzP6OM48fvz01NLhhahUF8VmEDyGAIxQJq+h
E5vMLzVBYTWvyapRee7KV+mNzWJAMVXbSRfKtKg2s3Cx5yCpwzFWdghAept2nPvO
1qAWIGhZfWcId5r8IV8Gqj+Yp1FifJkZMd06TT6/QFogJdGtjgdGps/e+4zshHsB
pDMDk3xLNA0c6bm6Dgnw5n9CV9bRl+jQ00Lzohk38ukQwzj+q16zy411zXKLuxA=
=pmpz
-----END PGP SIGNATURE-----
Acked-by: Tim Gardner <tim.gardner@canonical.com>
Acked-by: John Johansen <john.johansen@canonical.com>

From 7bb336c3ec41400853a5130870206dcc08849572 Mon Sep 17 00:00:00 2001
From: Paolo Pisati <paolo.pisati@canonical.com>
Date: Thu, 10 Mar 2011 16:42:41 +0100
Subject: [PATCH] UBUNTU: SAUCE: Clear new_profile in error path

BugLink: http://bugs.launchpad.net/bugs/732700

Signed-off-by: Paolo Pisati <paolo.pisati@canonical.com>
---
 security/apparmor/policy.c |    1 +
 1 files changed, 1 insertions(+), 0 deletions(-)

diff --git a/security/apparmor/policy.c b/security/apparmor/policy.c
index 61f0043..e1db319 100644
--- a/security/apparmor/policy.c
+++ b/security/apparmor/policy.c
@@ -922,6 +922,7 @@ ssize_t aa_interface_replace_profiles(void *udata, size_t size, bool add_only)
 	new_profile = aa_unpack(udata, size, &sa);
 	if (IS_ERR(new_profile)) {
 		sa.base.error = PTR_ERR(new_profile);
+		new_profile = NULL;
 		goto fail;
 	}
 
-- 
1.7.1