Commit da3f1c7b authored by James Morris's avatar James Morris
Browse files

Merge branch 'for-security' of... 

Merge branch 'for-security' of git://git.kernel.org/pub/scm/linux/kernel/git/jj/apparmor-dev into next
parents 5b944a71 25e75dff

security/apparmor/domain.c

+1 −1
Original line number Diff line number Diff line
@@ -73,7 +73,6 @@ static int may_change_ptraced_domain(struct task_struct *task, 
		cred = get_task_cred(tracer);

		tracerp = aa_cred_profile(cred);

	}

	rcu_read_unlock();



	/* not ptraced */

	if (!tracer || unconfined(tracerp))
@@ -82,6 +81,7 @@ static int may_change_ptraced_domain(struct task_struct *task, 
	error = aa_may_ptrace(tracer, tracerp, to_profile, PTRACE_MODE_ATTACH);



out:

	rcu_read_unlock();

	if (cred)

		put_cred(cred);

security/apparmor/lsm.c

+1 −1
Original line number Diff line number Diff line
@@ -127,7 +127,7 @@ static int apparmor_capget(struct task_struct *target, kernel_cap_t *effective, 
	*inheritable = cred->cap_inheritable;

	*permitted = cred->cap_permitted;



	if (!unconfined(profile)) {

	if (!unconfined(profile) && !COMPLAIN_MODE(profile)) {

		*effective = cap_intersect(*effective, profile->caps.allow);

		*permitted = cap_intersect(*permitted, profile->caps.allow);

	}

CRA Git | Maintained and supported by SUSTech CRA and CCSE