diff options
| author | John Johansen <john.johansen@canonical.com> | 2025-11-24 15:07:42 -0800 |
|---|---|---|
| committer | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2026-02-26 14:59:41 -0800 |
| commit | ccb66a3c6c8f51b3ed1bc003b70bb9ff99e8d835 (patch) | |
| tree | 3a0599b1e8d51bf3804761d20b780d8ae54ef79a /security | |
| parent | fea017a7f6abe179decf575a2d8464c74edb3964 (diff) | |
apparmor: fix NULL sock in aa_sock_file_perm
[ Upstream commit 00b67657535dfea56e84d11492f5c0f61d0af297 ]
Deal with the potential that sock and sock-sk can be NULL during
socket setup or teardown. This could lead to an oops. The fix for NULL
pointer dereference in __unix_needs_revalidation shows this is at
least possible for af_unix sockets. While the fix for af_unix sockets
applies for newer mediation this is still the fall back path for older
af_unix mediation and other sockets, so ensure it is covered.
Fixes: 56974a6fcfef6 ("apparmor: add base infastructure for socket mediation")
Reviewed-by: Georgia Garcia <georgia.garcia@canonical.com>
Signed-off-by: John Johansen <john.johansen@canonical.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
Diffstat (limited to 'security')
| -rw-r--r-- | security/apparmor/net.c | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/security/apparmor/net.c b/security/apparmor/net.c index 45cf25605c34..44c04102062f 100644 --- a/security/apparmor/net.c +++ b/security/apparmor/net.c @@ -326,8 +326,10 @@ int aa_sock_file_perm(const struct cred *subj_cred, struct aa_label *label, struct socket *sock = (struct socket *) file->private_data; AA_BUG(!label); - AA_BUG(!sock); - AA_BUG(!sock->sk); + + /* sock && sock->sk can be NULL for sockets being set up or torn down */ + if (!sock || !sock->sk) + return 0; if (sock->sk->sk_family == PF_UNIX) return aa_unix_file_perm(subj_cred, label, op, request, file); |