sieni
/
linux
mirror of git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
linux/security/apparmor/include
History
John Johansen 8e135b8aee apparmor: fix race between freeing data and fs accessing it 
AppArmor was putting the reference to i_private data on its end after
removing the original entry from the file system. However the inode
can aand does live beyond that point and it is possible that some of
the fs call back functions will be invoked after the reference has
been put, which results in a race between freeing the data and
accessing it through the fs.

While the rawdata/loaddata is the most likely candidate to fail the
race, as it has the fewest references. If properly crafted it might be
possible to trigger a race for the other types stored in i_private.

Fix this by moving the put of i_private referenced data to the correct
place which is during inode eviction.

Fixes: c961ee5f21 ("apparmor: convert from securityfs to apparmorfs for policy ns files")
Reported-by: Qualys Security Advisory <qsa@qualys.com>
Reviewed-by: Georgia Garcia <georgia.garcia@canonical.com>
Reviewed-by: Maxime Bélair <maxime.belair@canonical.com>
Reviewed-by: Cengiz Can <cengiz.can@canonical.com>
Signed-off-by: John Johansen <john.johansen@canonical.com>
 		2026-03-09 16:05:44 -07:00
..
af_unix.h apparmor: fix regression in fs based unix sockets when using old abi 2025-07-15 22:39:43 -07:00
apparmor.h apparmor: add fine grained af_unix mediation 2025-01-18 06:47:12 -08:00
apparmorfs.h apparmor: move initcalls to the LSM framework 2025-10-22 19:24:27 -04:00
audit.h apparmor: add support loading per permission tagging 2026-01-29 01:27:47 -08:00
capability.h apparmor: add ability to mediate caps with policy state machine 2025-01-18 06:47:12 -08:00
cred.h apparmor: refactor/cleanup cred helper fns. 2026-01-29 01:27:54 -08:00
crypto.h apparmor: move initcalls to the LSM framework 2025-10-22 19:24:27 -04:00
domain.h apparmor: extend permissions to support a label and tag string 2022-10-03 14:49:03 -07:00
file.h apparmor: fix some kernel-doc issues in header files 2025-05-17 01:52:25 -07:00
ipc.h apparmor: add support for profiles to define the kill signal 2025-01-18 06:47:12 -08:00
label.h apparmor: fix race between freeing data and fs accessing it 2026-03-09 16:05:44 -07:00
lib.h apparmor: fix race between freeing data and fs accessing it 2026-03-09 16:05:44 -07:00
match.h apparmor: fix differential encoding verification 2026-03-09 16:05:43 -07:00
mount.h apparmor: Fix regression in mount mediation 2023-10-18 16:01:32 -07:00
net.h apparmor: make sure unix socket labeling is correctly updated. 2025-07-20 02:19:27 -07:00
path.h apparmor: add fine grained af_unix mediation 2025-01-18 06:47:12 -08:00
perms.h apparmor: fix some kernel-doc issues in header files 2025-05-17 01:52:25 -07:00
policy.h apparmor: fix race between freeing data and fs accessing it 2026-03-09 16:05:44 -07:00
policy_compat.h apparmor: isolate policy backwards compatibility to its own file 2022-10-03 14:49:03 -07:00
policy_ns.h apparmor: fix: limit the number of levels of policy namespaces 2026-03-09 16:05:43 -07:00
policy_unpack.h apparmor: fix race between freeing data and fs accessing it 2026-03-09 16:05:44 -07:00
procattr.h AppArmor: Add selfattr hooks 2023-11-12 22:54:42 -05:00
resource.h apparmor: pass cred through to audit info. 2023-10-18 15:30:38 -07:00
secid.h lsm: replace context+len with lsm_context 2024-12-04 14:42:31 -05:00
sig_names.h apparmor: add support for profiles to define the kill signal 2025-01-18 06:47:12 -08:00
signal.h apparmor: add support for profiles to define the kill signal 2025-01-18 06:47:12 -08:00
task.h apparmor: add user namespace creation mediation 2023-10-18 15:49:02 -07:00