FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Ubuntu > Ubuntu Kernel Team

 
 
LinkBack Thread Tools
 
Old 11-10-2009, 05:29 PM
John Johansen
 
Default UBUNTU: SAUCE: AppArmor: Fix oops there is no tracer and doing unsafe transition.

BugLink: http://bugs.launchpad.net/bugs/480112

SRU Justification: This bug can cause confined process to oops at address 0.
This can occur when executing a process if the LSM_UNSAFE_PTRACE |
LSM_UNSAFE_PTRACE_CAP flags are set. The likely hood of if/how often this
will occur depends on if ptrace is being used.

As reported by Tetsuo Handa on kernel-team mailing list:

In aa_may_change_ptraced_domain, if (!tracer) cred == NULL, and
put_cred(cred) will oops. This will only happen on exec if the task
is marked as LSM_UNSAFE_PTRACE | LSM_UNSAFE_PTRACE_CAP, so should
only happen to ptraced tasks that are confined.

Fix this by returning directly from aa_may_change_ptrace_domain if
there is now tracer.

Signed-off-by: John Johansen <john.johansen@canonical.com>
---
ubuntu/apparmor/domain.c | 4 ++++
1 files changed, 4 insertions(+), 0 deletions(-)

diff --git a/ubuntu/apparmor/domain.c b/ubuntu/apparmor/domain.c
index fe89ddc..12e45c6 100644
--- a/ubuntu/apparmor/domain.c
+++ b/ubuntu/apparmor/domain.c
@@ -64,6 +64,10 @@ static int aa_may_change_ptraced_domain(struct task_struct *task,
cred = aa_get_task_policy(tracer, &tracerp);
rcu_read_unlock();

+ /* not ptraced */
+ if (!tracer)
+ return 0;
+
if (!tracerp)
goto out;

--
1.6.3.3


--
kernel-team mailing list
kernel-team@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/kernel-team
 

Thread Tools




All times are GMT. The time now is 05:29 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org