[PATCH 2/2] AppArmor: Fix lsm_get_self_attr()

[John Johansen]

On 2/27/24 08:01, Paul Moore wrote:
> On Mon, Feb 26, 2024 at 2:59 PM Paul Moore <paul at paul-moore.com> wrote:
>> On Fri, Feb 23, 2024 at 4:07 PM Paul Moore <paul at paul-moore.com> wrote:
>>> On Fri, Feb 23, 2024 at 2:06 PM Mickaël Salaün <mic at digikod.net> wrote:
>>>>
>>>> aa_getprocattr() may not initialize the value's pointer in some case.
>>>> As for proc_pid_attr_read(), initialize this pointer to NULL in
>>>> apparmor_getselfattr() to avoid an UAF in the kfree() call.
>>>>
>>>> Cc: Casey Schaufler <casey at schaufler-ca.com>
>>>> Cc: John Johansen <john.johansen at canonical.com>
>>>> Cc: Paul Moore <paul at paul-moore.com>
>>>> Cc: stable at vger.kernel.org
>>>> Fixes: 223981db9baf ("AppArmor: Add selfattr hooks")
>>>> Signed-off-by: Mickaël Salaün <mic at digikod.net>
>>>> ---
>>>>   security/apparmor/lsm.c | 2 +-
>>>>   1 file changed, 1 insertion(+), 1 deletion(-)
>>>
>>> If you like John, I can send this up to Linus with the related SELinux
>>> fix, I would just need an ACK from you.
>>
>> Reviewed-by: Paul Moore <paul at paul-moore.com>
>>
>> This patch looks good to me, and while we've still got at least two
>> (maybe three?) more weeks before v6.8 is tagged, I think it would be
>> good to get this up to Linus ASAP.  I'll hold off for another day, but
>> if we don't see any comment from John I'll go ahead and merge this and
>> send it up to Linus with the SELinux fix; I'm sure John wouldn't be
>> happy if v6.8 went out the door without this fix.
> 
> I just merged this into lsm/stable-6.8 and once the automated
> build/test has done it's thing and come back clean I'll send this,
> along with the associated SELinux fix, up to Linus.  Thanks all.
> 
> John, if this commit is problematic please let me know and I'll send a
> fix or a revert.
> 

sorry, I am still trying to dig out of my backlog. This is good, you can
certainly have my ACK, I know its already in tree so no point in adding
it there but wanted to just make sure its on list