From dbe0add4c655c1b073f62c40eff516d82ccd5311 Mon Sep 17 00:00:00 2001 From: Goldwyn Rodrigues Date: Jul 29 2020 18:54:11 +0000 Subject: Delete patches.suse/apparmor-Fix-memory-leak-of-profile-proxy.patch (bsc#1174627) --- diff --git a/patches.suse/apparmor-Fix-memory-leak-of-profile-proxy.patch b/patches.suse/apparmor-Fix-memory-leak-of-profile-proxy.patch deleted file mode 100644 index cddd114..0000000 --- a/patches.suse/apparmor-Fix-memory-leak-of-profile-proxy.patch +++ /dev/null @@ -1,103 +0,0 @@ -From 3622ad25d4d68fcbdef3bc084b5916873e785344 Mon Sep 17 00:00:00 2001 -From: John Johansen -Date: Sun Jun 7 04:10:33 2020 -0700 -Subject: [PATCH] apparmor: Fix memory leak of profile proxy -Git-commit: 3622ad25d4d68fcbdef3bc084b5916873e785344 -References: git-fixes -Patch-mainline: v5.8-rc1 - -When the proxy isn't replaced and the profile is removed, the proxy -is being leaked resulting in a kmemleak check message of - -unreferenced object 0xffff888077a3a490 (size 16): - comm "apparmor_parser", pid 128041, jiffies 4322684109 (age 1097.028s) - hex dump (first 16 bytes): - 03 00 00 00 00 00 00 00 b0 92 fd 4b 81 88 ff ff ...........K.... - backtrace: - [<0000000084d5daf2>] aa_alloc_proxy+0x58/0xe0 - [<00000000ecc0e21a>] aa_alloc_profile+0x159/0x1a0 - [<000000004cc9ce15>] unpack_profile+0x275/0x1c40 - [<000000007332b3ca>] aa_unpack+0x1e7/0x7e0 - [<00000000e25e31bd>] aa_replace_profiles+0x18a/0x1d10 - [<00000000350d9415>] policy_update+0x237/0x650 - [<000000003fbf934e>] profile_load+0x122/0x160 - [<0000000047f7b781>] vfs_write+0x139/0x290 - [<000000008ad12358>] ksys_write+0xcd/0x170 - [<000000001a9daa7b>] do_syscall_64+0x70/0x310 - [<00000000b9efb0cf>] entry_SYSCALL_64_after_hwframe+0x49/0xb3 - -Make sure to cleanup the profile's embedded label which will result -on the proxy being properly freed. - -Fixes: 637f688dc3dc ("apparmor: switch from profiles to using labels on contexts") -Signed-off-by: John Johansen -Acked-by: Goldwyn Rodrigues - ---- - security/apparmor/include/label.h | 1 + - security/apparmor/label.c | 13 +++++++------ - security/apparmor/policy.c | 1 + - 3 files changed, 9 insertions(+), 6 deletions(-) - ---- a/security/apparmor/include/label.h -+++ b/security/apparmor/include/label.h -@@ -275,6 +275,7 @@ - void aa_labelset_init(struct aa_labelset *ls); - void __aa_labelset_update_subtree(struct aa_ns *ns); - -+void aa_label_destroy(struct aa_label *label); - void aa_label_free(struct aa_label *label); - void aa_label_kref(struct kref *kref); - bool aa_label_init(struct aa_label *label, int size, gfp_t gfp); ---- a/security/apparmor/label.c -+++ b/security/apparmor/label.c -@@ -309,7 +309,7 @@ - } - - --static void label_destroy(struct aa_label *label) -+void aa_label_destroy(struct aa_label *label) - { - struct aa_label *tmp; - -@@ -328,16 +328,17 @@ - } - } - -- if (rcu_dereference_protected(label->proxy->label, true) == label) -- rcu_assign_pointer(label->proxy->label, NULL); -- -+ if (label->proxy) { -+ if (rcu_dereference_protected(label->proxy->label, true) == label) -+ rcu_assign_pointer(label->proxy->label, NULL); -+ aa_put_proxy(label->proxy); -+ } - aa_free_secid(label->secid); - - tmp = rcu_dereference_protected(label->proxy->label, true); - if (tmp == label) - rcu_assign_pointer(label->proxy->label, NULL); - -- aa_put_proxy(label->proxy); - label->proxy = (struct aa_proxy *) PROXY_POISON + 1; - } - -@@ -346,7 +347,7 @@ - if (!label) - return; - -- label_destroy(label); -+ aa_label_destroy(label); - kfree(label); - } - ---- a/security/apparmor/policy.c -+++ b/security/apparmor/policy.c -@@ -242,6 +242,7 @@ - - kzfree(profile->hash); - aa_put_loaddata(profile->rawdata); -+ aa_label_destroy(&profile->label); - - kzfree(profile); - } diff --git a/series.conf b/series.conf index 2bf1f73..aea33c9 100644 --- a/series.conf +++ b/series.conf @@ -12965,7 +12965,6 @@ patches.suse/apparmor-remove-useless-aafs_create_symlink.patch patches.suse/apparmor-ensure-that-dfa-state-tables-have-entries.patch patches.suse/apparmor-fix-introspection-of-of-task-mode-for-unconfined-tasks.patch - patches.suse/apparmor-Fix-memory-leak-of-profile-proxy.patch patches.suse/ntb-intel-Add-Icelake-gen4-support-for-Intel-NTB.patch patches.suse/ntb-intel-add-hw-workaround-for-NTB-BAR-alignment.patch patches.suse/ntb-intel-fix-static-declaration.patch