Just add the labels to the tree to make sure insertions and deletions into the rb tree are working.
Signed-off-by: John Johansen <[email protected]> --- security/apparmor/policy.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/security/apparmor/policy.c b/security/apparmor/policy.c index e2dd3e8..7732168 100644 --- a/security/apparmor/policy.c +++ b/security/apparmor/policy.c @@ -1198,6 +1198,8 @@ ssize_t aa_replace_profiles(void *udata, size_t size, bool noreplace) if (old) { share_name(old, new); __replace_profile(old, new); + aa_label_replace(&ns->labels, &old->label, &new->label); + __aa_labelset_invalidate_all(ns, old); if (rename) { /* TODO: __replace_profile(rename, new); @@ -1208,6 +1210,7 @@ ssize_t aa_replace_profiles(void *udata, size_t size, bool noreplace) /* TODO: move children to new */ __aa_fs_profile_rmdir(rename); } else { + struct aa_label *l; /* * set replacedby backref to new only when, it * has a file in the interface fs. The backref will @@ -1216,6 +1219,8 @@ ssize_t aa_replace_profiles(void *udata, size_t size, bool noreplace) rcu_assign_pointer(new->replacedby->profile, aa_get_profile(new)); __list_add_profile(&policy->profiles, new); + l = aa_label_insert(&ns->labels, &new->label); + aa_put_label(l); } aa_put_profile(rename); aa_put_profile(old); @@ -1303,6 +1308,8 @@ ssize_t aa_remove_profiles(char *fqname, size_t size) } name = profile->base.hname; __remove_profile(profile); + aa_label_remove(&ns->labels, &profile->label); + __aa_labelset_invalidate_all(ns, profile); mutex_unlock(&ns->lock); } -- 1.7.10.4 -- AppArmor mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
