From patchwork Wed Feb 15 23:13:50 2017
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: John Johansen <john.johansen@canonical.com>
X-Patchwork-Id: 728408
Return-Path: <kernel-team-bounces@lists.ubuntu.com>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Received: from huckleberry.canonical.com (huckleberry.canonical.com
	[91.189.94.19])
	by ozlabs.org (Postfix) with ESMTP id 3vNw8X0sypz9s7J;
	Thu, 16 Feb 2017 10:14:04 +1100 (AEDT)
Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com)
	by huckleberry.canonical.com with esmtp (Exim 4.76)
	(envelope-from <kernel-team-bounces@lists.ubuntu.com>)
	id 1ce8lr-0005AM-Mv; Wed, 15 Feb 2017 23:13:59 +0000
Received: from youngberry.canonical.com ([91.189.89.112])
	by huckleberry.canonical.com with esmtps
	(TLS1.0:RSA_AES_256_CBC_SHA1:32)
	(Exim 4.76) (envelope-from <john.johansen@canonical.com>)
	id 1ce8lm-0005AB-5m
	for kernel-team@lists.ubuntu.com; Wed, 15 Feb 2017 23:13:54 +0000
Received: from static-50-53-52-155.bvtn.or.frontiernet.net ([50.53.52.155]
	helo=[192.168.192.153]) by youngberry.canonical.com with esmtpsa
	(TLS1.0:DHE_RSA_AES_128_CBC_SHA1:16)
	(Exim 4.76) (envelope-from <john.johansen@canonical.com>)
	id 1ce8ll-00045h-Og
	for kernel-team@lists.ubuntu.com; Wed, 15 Feb 2017 23:13:53 +0000
To: Kernel team list <kernel-team@lists.ubuntu.com>
From: John Johansen <john.johansen@canonical.com>
Subject: [Xenial/Yakkety/Zesty] [SRU] [PATCH] UBUNTU: SAUCE: apparmor: fix
	link auditing failure due to, uninitialized var
Organization: Canonical
Message-ID: <ac482709-66b6-eb40-18f7-ab6cbd603552@canonical.com>
Date: Wed, 15 Feb 2017 15:13:50 -0800
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101
	Thunderbird/45.7.0
MIME-Version: 1.0
X-BeenThere: kernel-team@lists.ubuntu.com
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: Kernel team discussions <kernel-team.lists.ubuntu.com>
List-Unsubscribe: <https://lists.ubuntu.com/mailman/options/kernel-team>,
	<mailto:kernel-team-request@lists.ubuntu.com?subject=unsubscribe>
List-Archive: <https://lists.ubuntu.com/archives/kernel-team>
List-Post: <mailto:kernel-team@lists.ubuntu.com>
List-Help: <mailto:kernel-team-request@lists.ubuntu.com?subject=help>
List-Subscribe: <https://lists.ubuntu.com/mailman/listinfo/kernel-team>,
	<mailto:kernel-team-request@lists.ubuntu.com?subject=subscribe>
Errors-To: kernel-team-bounces@lists.ubuntu.com
Sender: kernel-team-bounces@lists.ubuntu.com

The lperms struct is uninitialized for use with auditing if there is
an early failure due to a path name error. This can result in incorrect
logging or in the extreme case apparmor killing the task with a signal
which results in the failure in the referenced bug.

BugLink: http://bugs.launchpad.net/bugs/1664912
Signed-off-by: John Johansen <john.johansen@canonical.com>
---
 security/apparmor/file.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/security/apparmor/file.c b/security/apparmor/file.c
index ae0b7c7..6a0411c 100644
--- a/security/apparmor/file.c
+++ b/security/apparmor/file.c
@@ -374,7 +374,7 @@ static int profile_path_link(struct aa_profile *profile,
 			     struct path_cond *cond)
 {
 	const char *lname, *tname = NULL;
-	struct aa_perms lperms, perms;
+	struct aa_perms lperms = {}, perms;
 	const char *info = NULL;
 	u32 request = AA_MAY_LINK;
 	unsigned int state;