diff mbox

[09/11] UBUNTU: SAUCE: apparmor: null profiles should inherit parent control flags

Message ID 20170331125744.16986-10-john.johansen@canonical.com
State New
Headers show

Commit Message

John Johansen March 31, 2017, 12:57 p.m. UTC 
null profiles that don't have the same control flags as the parent
behave in unexpected ways and can cause failures.

BugLink: http://bugs.launchpad.net/bugs/1656121
Signed-off-by: John Johansen <john.johansen@canonical.com>
Acked-by: Stefan Bader <stefan.bader@canonical.com>
Acked-by: Tim Gardner <tim.gardner@canonical.com>
Acked-by: Brad Figg <brad.figg@canonical.com>
Signed-off-by: Thadeu Lima de Souza Cascardo <cascardo@canonical.com>
---
 security/apparmor/policy.c | 1 +
 1 file changed, 1 insertion(+)
diff mbox

Patch

diff --git a/security/apparmor/policy.c b/security/apparmor/policy.c
index f2ffcf1..f5f286a 100644
--- a/security/apparmor/policy.c
+++ b/security/apparmor/policy.c
@@ -350,6 +350,7 @@  name:
 	profile->label.flags |= FLAG_NULL;
 	if (hat)
 		profile->label.flags |= FLAG_HAT;
+	profile->path_flags = parent->path_flags;
 
 	/* released on free_profile */
 	rcu_assign_pointer(profile->parent, aa_get_profile(parent));