kernel-packages team mailing list archive

Thread
Date

[Bug 479115] Re: AppArmor does not put cred reference causing a leak

To: kernel-packages@xxxxxxxxxxxxxxxxxxx
From: Brad Figg <brad.figg@xxxxxxxxxxxxx>
Date: Mon, 24 Feb 2014 15:23:22 -0000
Reply-to: Bug 479115 <479115@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

This bug is awaiting verification that the kernel in -proposed solves
the problem. Please test the kernel and update this bug with the
results. If the problem is solved, change the tag 'verification-needed-
lucid' to 'verification-done-lucid'.

If verification is not done by 5 working days from today, this fix will
be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how
to enable and use -proposed. Thank you!


** Tags added: verification-needed-lucid

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/479115

Title:
  AppArmor does not put cred reference causing a leak

Status in “linux” package in Ubuntu:
  Fix Released
Status in “linux” source package in Karmic:
  Fix Released

Bug description:
  SRU Justification: Failure to  put the cred causes a memory leak that
  is larger than the cred struct, as it leaks everything it references.
  This happens for every unconfined processes that does an exec,
  change_hat or change_profile and passes through this function.

  AppArmor fails to drop the cred reference in domain.c:aa_may_change_ptraced_domain
   if (tracer)
    cred = aa_get_task_policy(tracer, &tracerp);
   rcu_read_unlock();

   if (!tracerp)
                 return error;     <--------- cred reference needs to be dropped here

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/479115/+subscriptions