projects / firefly-linux-kernel-4.4.55.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
apparmor: fix change_hat not finding hat after policy replacement
[firefly-linux-kernel-4.4.55.git] / security / apparmor / domain.c
diff --git a/security/apparmor/domain.c b/security/apparmor/domain.c
index dc0027b28b049fa86b83543e2ce0a0640e591c89..53426a6ee6dc535478e49d8a9a7f666447aa7e44 100644 (file)
--- a/security/apparmor/domain.c
+++ b/security/apparmor/domain.c
@@ -623,8 +623,8 @@ int aa_change_hat(const char *hats[], int count, u64 token, bool permtest)
        /* released below */
        cred = get_current_cred();
        cxt = cred_cxt(cred);
-       profile = aa_cred_profile(cred);
-       previous_profile = cxt->previous;
+       profile = aa_get_newest_profile(aa_cred_profile(cred));
+       previous_profile = aa_get_newest_profile(cxt->previous);
 
        if (unconfined(profile)) {
                info = "unconfined";
@@ -720,6 +720,8 @@ audit:
 out:
        aa_put_profile(hat);
        kfree(name);
+       aa_put_profile(profile);
+       aa_put_profile(previous_profile);
        put_cred(cred);
 
        return error;
Unnamed repository; edit this file 'description' to name the repository.