apparmor: replace recursive profile removal with iterative approach - kernel

diff options

author	Massimiliano Pellizzer <massimiliano.pellizzer@canonical.com>	2026-01-13 09:09:43 +0100
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>	2026-03-13 17:26:03 +0100
commit	a6a941a1294ac5abe22053dc501d25aed96e48fe (patch)
tree	639e5c2a5e25c3c9f5a2ad6de2fe9127b901b285 /include/net/aligned_data.h
parent	42fd831abfc15d0643c14688f0522556b347e7e6 (diff)

apparmor: replace recursive profile removal with iterative approach

commit ab09264660f9de5d05d1ef4e225aa447c63a8747 upstream. The profile removal code uses recursion when removing nested profiles, which can lead to kernel stack exhaustion and system crashes. Reproducer: $ pf='a'; for ((i=0; i<1024; i++)); do echo -e "profile $pf { \n }" | apparmor_parser -K -a; pf="$pf//x"; done $ echo -n a > /sys/kernel/security/apparmor/.remove Replace the recursive __aa_profile_list_release() approach with an iterative approach in __remove_profile(). The function repeatedly finds and removes leaf profiles until the entire subtree is removed, maintaining the same removal semantic without recursion. Fixes: c88d4c7b049e ("AppArmor: core policy routines") Reported-by: Qualys Security Advisory <qsa@qualys.com> Tested-by: Salvatore Bonaccorso <carnil@debian.org> Reviewed-by: Georgia Garcia <georgia.garcia@canonical.com> Reviewed-by: Cengiz Can <cengiz.can@canonical.com> Signed-off-by: Massimiliano Pellizzer <massimiliano.pellizzer@canonical.com> Signed-off-by: John Johansen <john.johansen@canonical.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

Diffstat (limited to 'include/net/aligned_data.h')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: