Commit 8813837a authored by Massimiliano Pellizzer's avatar Massimiliano Pellizzer Committed by John Johansen
Browse files

apparmor: return error on namespace mismatch in verify_header 



When profiles in a multi-profile load specify different namesapaces,
the audit record is generated but execution continues, causing the
function to return success. This violates the load requirement that
all profiles must target the same namespace.

Add the missing return statement after auditing the error.

Reported-by: default avatarQualys Security Advisory <qsa@qualys.com>
Fixes: dd51c848 ("apparmor: provide base for multiple profiles to be replaced at once")
Signed-off-by: default avatarMassimiliano Pellizzer <massimiliano.pellizzer@canonical.com>
Signed-off-by: default avatarJohn Johansen <john.johansen@canonical.com>
parent 4afc6170

security/apparmor/policy_unpack.c

+1 −0
Original line number Diff line number Diff line
@@ -1440,6 +1440,7 @@ static int verify_header(struct aa_ext *e, int required, const char **ns) 
		if (*ns && strcmp(*ns, name)) {

			audit_iface(NULL, NULL, NULL, "invalid ns change", e,

				    error);

			return error;

		} else if (!*ns) {

			*ns = kstrdup(name, GFP_KERNEL);

			if (!*ns)