apparmor: fix resource audit messages when auditing peer

commit b5beb07ad32ab533027aa988d96a44965ec116f7 upstream. Resource auditing is using the peer field which is not available when the rlim data struct is used, because it is a different element of the same union. Accessing peer during resource auditing could cause garbage log entries or even oops the kernel. Move the rlim data block into the same struct as the peer field so they can be used together. CC: <stable@vger.kernel.org> Fixes: 86b92cb782b3 ("apparmor: move resource checks to using labels") Signed-off-by: John Johansen <john.johansen@canonical.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
author: John Johansen <john.johansen@canonical.com> 2018-02-09 04:57:39 -0800
committer: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 2018-04-19 08:54:10 +0200
commit: d9d9fce9124a91b4711bdcad4001d582d9c772ce (patch)
tree: bf3626c1d89dfb55aaacbf4ad029b835364b4aa2 /security
parent: d12b8ce551d7914fc2c20b3f5ecc164cb31c6852 (diff)
1 files changed, 4 insertions, 4 deletions
diff --git a/security/apparmor/include/audit.h b/security/apparmor/include/audit.h
index 4ac095118717..2ebc00a579fd 100644
--- a/security/apparmor/include/audit.h
+++ b/security/apparmor/include/audit.h
@@ -126,6 +126,10 @@ struct apparmor_audit_data {
 					const char *target;
 					kuid_t ouid;
 				} fs;
+				struct {
+					int rlim;
+					unsigned long max;
+				} rlim;
 				int signal;
 			};
 		};
@@ -135,10 +139,6 @@ struct apparmor_audit_data {
 			long pos;
 		} iface;
 		struct {
-			int rlim;
-			unsigned long max;
-		} rlim;
-		struct {
 			const char *src_name;
 			const char *type;
 			const char *trans;
author	John Johansen <john.johansen@canonical.com>	2018-02-09 04:57:39 -0800
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>	2018-04-19 08:54:10 +0200
commit	d9d9fce9124a91b4711bdcad4001d582d9c772ce (patch)
tree	bf3626c1d89dfb55aaacbf4ad029b835364b4aa2 /security
parent	d12b8ce551d7914fc2c20b3f5ecc164cb31c6852 (diff)