tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

apparmor: return -ENOMEM in unpack_perms_table upon alloc failure

In policy_unpack.c:unpack_perms_table, the perms struct is allocated via
kcalloc, with the position being reset if the allocation fails. However,
the error path results in -EPROTO being retured instead of -ENOMEM. Fix
this to return the correct error code.

Reported-by: Zygmunt Krynicki <zygmunt.krynicki@canonical.com>
Fixes: fd1b2b95a2117 ("apparmor: add the ability for policy to specify a permission table")
Reviewed-by: Tyler Hicks <code@tyhicks.com>
Signed-off-by: Ryan Lee <ryan.lee@canonical.com>
Signed-off-by: John Johansen <john.johansen@canonical.com>

authored by

Ryan Lee and committed by
John Johansen 74b7105e 9b829c0a

+4 -2
+4 -2
security/apparmor/policy_unpack.c
··· 923 923 if (!aa_unpack_array(e, NULL, &size)) 924 924 goto fail_reset; 925 925 *perms = kcalloc(size, sizeof(struct aa_perms), GFP_KERNEL); 926 - if (!*perms) 927 - goto fail_reset; 926 + if (!*perms) { 927 + e->pos = pos; 928 + return -ENOMEM; 929 + } 928 930 for (i = 0; i < size; i++) { 929 931 if (!unpack_perm(e, version, &(*perms)[i])) 930 932 goto fail;