From patchwork Mon Nov  9 20:41:55 2009
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: John Johansen <john.johansen@canonical.com>
X-Patchwork-Id: 38033
Return-Path: <kernel-team-bounces@lists.ubuntu.com>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Received: from chlorine.canonical.com (chlorine.canonical.com
	[91.189.94.204]) by ozlabs.org (Postfix) with ESMTP id 0C517B7B8F
	for <incoming@patchwork.ozlabs.org>;
	Tue, 10 Nov 2009 11:49:40 +1100 (EST)
Received: from localhost ([127.0.0.1] helo=chlorine.canonical.com)
	by chlorine.canonical.com with esmtp (Exim 4.60)
	(envelope-from <kernel-team-bounces@lists.ubuntu.com>)
	id 1N7b56-0002H0-Gj; Mon, 09 Nov 2009 20:43:20 +0000
Received: from adelie.canonical.com ([91.189.90.139])
	by chlorine.canonical.com with esmtp (Exim 4.60)
	(envelope-from <john.johansen@canonical.com>) id 1N7b42-0001o6-4B
	for kernel-team@lists.ubuntu.com; Mon, 09 Nov 2009 20:42:14 +0000
Received: from hutte.canonical.com ([91.189.90.181])
	by adelie.canonical.com with esmtp (Exim 4.69 #1 (Debian))
	id 1N7b42-0004BK-1u; Mon, 09 Nov 2009 20:42:14 +0000
Received: from pool-98-108-130-232.ptldor.fios.verizon.net ([98.108.130.232]
	helo=canonical.com) by hutte.canonical.com with esmtpsa
	(TLS-1.0:DHE_RSA_AES_128_CBC_SHA1:16) (Exim 4.69)
	(envelope-from <john.johansen@canonical.com>)
	id 1N7b41-0001ZW-Lh; Mon, 09 Nov 2009 20:42:14 +0000
From: John Johansen <john.johansen@canonical.com>
To: kernel-team@lists.ubuntu.com
Subject: [PATCH 3/4] UBUNTU: SAUCE: AppArmor: Fix cap audit_caching
	preemption disabling
Date: Mon,  9 Nov 2009 12:41:55 -0800
Message-Id: <1257799316-12573-4-git-send-email-john.johansen@canonical.com>
X-Mailer: git-send-email 1.6.3.3
In-Reply-To: <1257799316-12573-1-git-send-email-john.johansen@canonical.com>
References: <1257799316-12573-1-git-send-email-john.johansen@canonical.com>
X-BeenThere: kernel-team@lists.ubuntu.com
X-Mailman-Version: 2.1.8
Precedence: list
List-Id: Kernel team discussions <kernel-team.lists.ubuntu.com>
List-Unsubscribe: <https://lists.ubuntu.com/mailman/listinfo/kernel-team>,
	<mailto:kernel-team-request@lists.ubuntu.com?subject=unsubscribe>
List-Archive: <https://lists.ubuntu.com/archives/kernel-team>
List-Post: <mailto:kernel-team@lists.ubuntu.com>
List-Help: <mailto:kernel-team-request@lists.ubuntu.com?subject=help>
List-Subscribe: <https://lists.ubuntu.com/mailman/listinfo/kernel-team>,
	<mailto:kernel-team-request@lists.ubuntu.com?subject=subscribe>
MIME-Version: 1.0
Sender: kernel-team-bounces@lists.ubuntu.com
Errors-To: kernel-team-bounces@lists.ubuntu.com

BugLink: http://bugs.launchpad.net/bugs/479102

The auditing code of capabilities, has a simple cache to reduce capability
messages flooding the audit logs.  Checking and updating the cache
disables kernel preemption.  One potential exit path does not properly
put the per cpu var, thus not reenabling preemption.

Signed-off-by: John Johansen <john.johansen@canonical.com>
---
 ubuntu/apparmor/capability.c |    1 +
 1 files changed, 1 insertions(+), 0 deletions(-)

diff --git a/ubuntu/apparmor/capability.c b/ubuntu/apparmor/capability.c
index 65b91cf..5bb2eca 100644
--- a/ubuntu/apparmor/capability.c
+++ b/ubuntu/apparmor/capability.c
@@ -72,6 +72,7 @@ static int aa_audit_caps(struct aa_profile *profile, struct aa_audit_caps *sa)
 	/* Do simple duplicate message elimination */
 	ent = &get_cpu_var(audit_cache);
 	if (sa->base.task == ent->task && cap_raised(ent->caps, sa->cap)) {
+		put_cpu_var(audit_cache);
 		if (PROFILE_COMPLAIN(profile))
 			return 0;
 		return sa->base.error;