[PATCH 2/2] AppArmor: Fix lsm_get_self_attr()
Paul Moore
paul at paul-moore.com
Mon May 13 14:57:57 UTC 2024
On Fri, May 10, 2024 at 12:10 PM John Johansen
<john.johansen at canonical.com> wrote:
> On 2/27/24 08:01, Paul Moore wrote:
> > On Mon, Feb 26, 2024 at 2:59 PM Paul Moore <paul at paul-moore.com> wrote:
> >> On Fri, Feb 23, 2024 at 4:07 PM Paul Moore <paul at paul-moore.com> wrote:
> >>> On Fri, Feb 23, 2024 at 2:06 PM Mickaël Salaün <mic at digikod.net> wrote:
> >>>>
> >>>> aa_getprocattr() may not initialize the value's pointer in some case.
> >>>> As for proc_pid_attr_read(), initialize this pointer to NULL in
> >>>> apparmor_getselfattr() to avoid an UAF in the kfree() call.
> >>>>
> >>>> Cc: Casey Schaufler <casey at schaufler-ca.com>
> >>>> Cc: John Johansen <john.johansen at canonical.com>
> >>>> Cc: Paul Moore <paul at paul-moore.com>
> >>>> Cc: stable at vger.kernel.org
> >>>> Fixes: 223981db9baf ("AppArmor: Add selfattr hooks")
> >>>> Signed-off-by: Mickaël Salaün <mic at digikod.net>
> >>>> ---
> >>>> security/apparmor/lsm.c | 2 +-
> >>>> 1 file changed, 1 insertion(+), 1 deletion(-)
> >>>
> >>> If you like John, I can send this up to Linus with the related SELinux
> >>> fix, I would just need an ACK from you.
> >>
> >> Reviewed-by: Paul Moore <paul at paul-moore.com>
> >>
> >> This patch looks good to me, and while we've still got at least two
> >> (maybe three?) more weeks before v6.8 is tagged, I think it would be
> >> good to get this up to Linus ASAP. I'll hold off for another day, but
> >> if we don't see any comment from John I'll go ahead and merge this and
> >> send it up to Linus with the SELinux fix; I'm sure John wouldn't be
> >> happy if v6.8 went out the door without this fix.
> >
> > I just merged this into lsm/stable-6.8 and once the automated
> > build/test has done it's thing and come back clean I'll send this,
> > along with the associated SELinux fix, up to Linus. Thanks all.
> >
> > John, if this commit is problematic please let me know and I'll send a
> > fix or a revert.
>
> sorry, I am still trying to dig out of my backlog. This is good, you can
> certainly have my ACK, I know its already in tree so no point in adding
> it there but wanted to just make sure its on list
No worries, reviews are still appreciated; just because a patch has
made its way up to Linus is no guarantee there isn't something wrong
with it ;)
--
paul-moore.com
More information about the Linux-security-module-archive
mailing list