From patchwork Tue Nov 10 18:29:09 2009
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Subject: [1/5] UBUNTU: SAUCE: AppArmor: Fix oops after profile removal
Date: Tue, 10 Nov 2009 08:29:09 -0000
From: John Johansen <john.johansen@canonical.com>
X-Patchwork-Id: 38068
Message-Id: <1257877753-9448-2-git-send-email-john.johansen@canonical.com>
To: kernel-team@lists.ubuntu.com

BugLink: http://bugs.launchpad.net/bugs/475619

SRU Justicication: this bug can cause a null pointer dereference kernel
oops. This will occur any time children profiles are attached to running
processes. This can occur when change_hat, children profiles or profile
learning is used.
Signed-off-by: John Johansen <john.johansen@canonical.com>
Acked-by: Stefan Bader <stefan.bader@canonical.com>
Acked-by: Andy Whitcroft <apw@canonical.com>

---
ubuntu/apparmor/policy.c |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/ubuntu/apparmor/policy.c b/ubuntu/apparmor/policy.c
index 390bbf6..a772801 100644
--- a/ubuntu/apparmor/policy.c
+++ b/ubuntu/apparmor/policy.c
@@ -322,7 +322,7 @@ void __aa_remove_profile(struct aa_profile *profile,
 	if (replacement)
 		profile->replacedby = aa_get_profile(replacement);
 	else
-		profile->replacedby = ERR_PTR(-EINVAL);
+		profile->replacedby = aa_get_profile(profile->ns->unconfined);
 	list_del_init(&profile->base.list);
 	if (!(profile->flags & PFLAG_NO_LIST_REF))
 		aa_put_profile(profile);