Linux kernel mirror (for testing)
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel
os
linux
apparmor: fix NULL sock in aa_sock_file_perm
Deal with the potential that sock and sock-sk can be NULL during
socket setup or teardown. This could lead to an oops. The fix for NULL
pointer dereference in __unix_needs_revalidation shows this is at
least possible for af_unix sockets. While the fix for af_unix sockets
applies for newer mediation this is still the fall back path for older
af_unix mediation and other sockets, so ensure it is covered.
Fixes: 56974a6fcfef6 ("apparmor: add base infastructure for socket mediation")
Reviewed-by: Georgia Garcia <georgia.garcia@canonical.com>
Signed-off-by: John Johansen <john.johansen@canonical.com>
+4
-2
+4
-2
security/apparmor/net.c
+4
-2
security/apparmor/net.c
···
326
326
struct socket *sock = (struct socket *) file->private_data;
327
327
328
328
AA_BUG(!label);
329
-
AA_BUG(!sock);
330
-
AA_BUG(!sock->sk);
329
+
330
+
/* sock && sock->sk can be NULL for sockets being set up or torn down */
331
+
if (!sock || !sock->sk)
332
+
return 0;
331
333
332
334
if (sock->sk->sk_family == PF_UNIX)
333
335
return aa_unix_file_perm(subj_cred, label, op, request, file);