summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJohn Johansen <john.johansen@canonical.com>2017-09-08 01:13:41 -0700
committerJohn Johansen <john.johansen@canonical.com>2018-02-09 11:30:01 -0800
commit475bdda1f00074783e18403f3f38a36dd3488430 (patch)
treecc6ca412f44b7100dc6c417d9b7c6bd9a24ab86e
parent71fa373b784e13eb8d68f41b68b9482241e5288c (diff)
downloadop-kernel-dev-475bdda1f00074783e18403f3f38a36dd3488430.zip
op-kernel-dev-475bdda1f00074783e18403f3f38a36dd3488430.tar.gz
apparmor: root view labels should not be under user control
The root view of the label parse should not be exposed to user control. Signed-off-by: John Johansen <john.johansen@canonical.com> Acked-by: Seth Arnold <seth.arnold@canonical.com>
-rw-r--r--security/apparmor/label.c5
1 files changed, 2 insertions, 3 deletions
diff --git a/security/apparmor/label.c b/security/apparmor/label.c
index 4721338..69c7451 100644
--- a/security/apparmor/label.c
+++ b/security/apparmor/label.c
@@ -1871,8 +1871,9 @@ struct aa_label *aa_label_strn_parse(struct aa_label *base, const char *str,
AA_BUG(!str);
str = skipn_spaces(str, n);
- if (str == NULL)
+ if (str == NULL || (*str == '=' && base != &root_ns->unconfined->label))
return ERR_PTR(-EINVAL);
+
len = label_count_strn_entries(str, end - str);
if (*str == '&' || force_stack) {
/* stack on top of base */
@@ -1881,8 +1882,6 @@ struct aa_label *aa_label_strn_parse(struct aa_label *base, const char *str,
if (*str == '&')
str++;
}
- if (*str == '=')
- base = &root_ns->unconfined->label;
error = vec_setup(profile, vec, len, gfp);
if (error)
OpenPOWER on IntegriCloud