In error conditions is possible to put a label that has not been added to a labelset. In this case just directly free it.
Signed-off-by: John Johansen <[email protected]> --- security/apparmor/label.c | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/security/apparmor/label.c b/security/apparmor/label.c index c369dcb..9a74c50 100644 --- a/security/apparmor/label.c +++ b/security/apparmor/label.c @@ -131,13 +131,18 @@ static bool __aa_label_remove(struct aa_labelset *ls, struct aa_label *label); void aa_label_kref(struct kref *kref) { struct aa_label *l = container_of(kref, struct aa_label, count); - struct aa_labelset *ls = labels_set(l); + struct aa_namespace *ns = labels_ns(l); unsigned long flags; + if (!ns) { + /* never live, no rcu call back just using the fn */ + label_free_rcu(&l->rcu); + return; + } - write_lock_irqsave(&ls->lock, flags); - (void) __aa_label_remove(ls, l); - write_unlock_irqrestore(&ls->lock, flags); + write_lock_irqsave(&ns->labels.lock, flags); + (void) __aa_label_remove(&ns->labels, l); + write_unlock_irqrestore(&ns->labels.lock, flags); /* TODO: if compound label and not invalid add to reclaim cache */ call_rcu(&l->rcu, label_free_rcu); -- 1.8.1.2 -- AppArmor mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
