From 5262ef60b1bcc40e17476fda53284621af9b0bab Mon Sep 17 00:00:00 2001 From: John Johansen Date: Fri, 9 Jun 2017 02:28:19 -0700 Subject: apparmor: fix apparmor_query data The data being queried isn't always the current profile and a lookup relative to the current profile should be done. Signed-off-by: John Johansen --- security/apparmor/apparmorfs.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) (limited to 'security') diff --git a/security/apparmor/apparmorfs.c b/security/apparmor/apparmorfs.c index 4f4cd98d2b3b..818b70130bae 100644 --- a/security/apparmor/apparmorfs.c +++ b/security/apparmor/apparmorfs.c @@ -650,7 +650,7 @@ static ssize_t query_data(char *buf, size_t buf_len, { char *out; const char *key; - struct aa_profile *profile; + struct aa_profile *profile, *curr; struct aa_data *data; u32 bytes, blocks; __le32 outle32; @@ -667,7 +667,10 @@ static ssize_t query_data(char *buf, size_t buf_len, if (buf_len < sizeof(bytes) + sizeof(blocks)) return -EINVAL; /* not enough space */ - profile = aa_current_profile(); + curr = aa_current_profile(); + profile = aa_fqlookupn_profile(curr, query, strnlen(query, query_len)); + if (!profile) + return -ENOENT; /* We are going to leave space for two numbers. The first is the total * number of bytes we are writing after the first number. This is so @@ -696,6 +699,7 @@ static ssize_t query_data(char *buf, size_t buf_len, blocks++; } } + aa_put_profile(profile); outle32 = __cpu_to_le32(out - buf - sizeof(bytes)); memcpy(buf, &outle32, sizeof(outle32)); -- cgit v1.2.3-58-ga151