From: Kees Cook <kees@outflux.net>
To: Tetsuo Handa <penguin-kernel@i-love.sakura.ne.jp>
Cc: linux-security-module@vger.kernel.org
Subject: Re: [PATCH] apparmor: Adjust offset when accessing task blob.
Date: Tue, 22 Jan 2019 09:41:28 -0800 [thread overview]
Message-ID: <20190122174128.GI5875@outflux.net> (raw)
In-Reply-To: <201901210125.x0L1PAwO046352@www262.sakura.ne.jp>
On Mon, Jan 21, 2019 at 10:25:10AM +0900, Tetsuo Handa wrote:
> AppArmor will no longer be the only user of task blob
> after TOMOYO started using task blob.
>
> Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
I just noticed this today too! You beat me to sending the patch. ;)
Fixes: f4ad8f2c4076 ("LSM: Infrastructure management of the task security")
Acked-by: Kees Cook <keescook@chromium.org>
James, this should get into v5.0 fixes tree.
-Kees
> ---
> security/apparmor/include/task.h | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/security/apparmor/include/task.h b/security/apparmor/include/task.h
> index 039c1e6..311e652 100644
> --- a/security/apparmor/include/task.h
> +++ b/security/apparmor/include/task.h
> @@ -16,7 +16,7 @@
>
> static inline struct aa_task_ctx *task_ctx(struct task_struct *task)
> {
> - return task->security;
> + return task->security + apparmor_blob_sizes.lbs_task;
> }
>
> /*
> --
> 1.8.3.1
--
Kees Cook @outflux.net
next prev parent reply other threads:[~2019-01-22 17:50 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-01-21 1:25 [PATCH] apparmor: Adjust offset when accessing task blob Tetsuo Handa
2019-01-22 17:41 ` Kees Cook [this message]
2019-01-22 22:41 ` James Morris
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190122174128.GI5875@outflux.net \
--to=kees@outflux.net \
--cc=linux-security-module@vger.kernel.org \
--cc=penguin-kernel@i-love.sakura.ne.jp \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.