Hello Matthew, thanks for this; I'll let John comment on the larger design of the patch, I'll just nitpick one little piece:
On Tue, Nov 28, 2017 at 04:08:15PM -0800, Matthew Garrett wrote:
> --- a/security/apparmor/include/policy.h
> +++ b/security/apparmor/include/policy.h
> @@ -148,6 +148,12 @@ struct aa_profile {
> struct aa_policydb policy;
> struct aa_file_rules file;
> struct aa_caps caps;
> +
> + int xattr_count;
> + const char **xattrs;
> + size_t *xattr_lens;
> + char **xattr_values;
> +
> struct aa_rlimit rlimits;
>
> struct aa_loaddata *rawdata;
> diff --git a/security/apparmor/policy.c b/security/apparmor/policy.c
> index b0b58848c248..168b1d5272d9 100644
> --- a/security/apparmor/policy.c
> +++ b/security/apparmor/policy.c
> @@ -227,6 +227,9 @@ void aa_free_profile(struct aa_profile *profile)
> aa_free_cap_rules(&profile->caps);
> aa_free_rlimit_rules(&profile->rlimits);
>
> + kzfree(profile->xattrs);
> + kzfree(profile->xattr_lens);
> + kzfree(profile->xattr_values);
> kzfree(profile->dirname);
> aa_put_dfa(profile->xmatch);
> aa_put_dfa(profile->policy.dfa);
profile->xattr_values is a vector of strings, but only the pointers are
cleaned up here, leaking all the xattr values themselves when the profile
is freed.
Thanks
signature.asc
Description: PGP signature
-- AppArmor mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
