[3/4] UBUNTU: SAUCE: AppArmor: Fix cap audit_caching preemption disabling

Submitted by John Johansen on Nov. 9, 2009, 8:41 p.m.

Details

Message ID 1257799316-12573-4-git-send-email-john.johansen@canonical.com
State Superseded
Headers show

Commit Message

John Johansen Nov. 9, 2009, 8:41 p.m.
BugLink: http://bugs.launchpad.net/bugs/479102

The auditing code of capabilities, has a simple cache to reduce capability
messages flooding the audit logs.  Checking and updating the cache
disables kernel preemption.  One potential exit path does not properly
put the per cpu var, thus not reenabling preemption.

Signed-off-by: John Johansen <john.johansen@canonical.com>
---
 ubuntu/apparmor/capability.c |    1 +
 1 files changed, 1 insertions(+), 0 deletions(-)

Patch hide | download patch | download mbox

diff --git a/ubuntu/apparmor/capability.c b/ubuntu/apparmor/capability.c
index 65b91cf..5bb2eca 100644
--- a/ubuntu/apparmor/capability.c
+++ b/ubuntu/apparmor/capability.c
@@ -72,6 +72,7 @@  static int aa_audit_caps(struct aa_profile *profile, struct aa_audit_caps *sa)
 	/* Do simple duplicate message elimination */
 	ent = &get_cpu_var(audit_cache);
 	if (sa->base.task == ent->task && cap_raised(ent->caps, sa->cap)) {
+		put_cpu_var(audit_cache);
 		if (PROFILE_COMPLAIN(profile))
 			return 0;
 		return sa->base.error;