Signed-off-by: John Johansen <john.johan...@canonical.com> --- security/apparmor/apparmorfs.c | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-)
diff --git a/security/apparmor/apparmorfs.c b/security/apparmor/apparmorfs.c index e33a4c5..6d0f0f8 100644 --- a/security/apparmor/apparmorfs.c +++ b/security/apparmor/apparmorfs.c @@ -20,6 +20,7 @@ #include <linux/uaccess.h> #include <linux/namei.h> #include <linux/capability.h> +#include <linux/rcupdate.h> #include "include/apparmor.h" #include "include/apparmorfs.h" @@ -531,16 +532,16 @@ static struct aa_namespace *__next_namespace(struct aa_namespace *root, if (!list_empty(&ns->sub_ns)) { struct aa_namespace *next; next = list_first_entry(&ns->sub_ns, typeof(*ns), base.list); - read_lock(&next->lock); + mutex_lock(&next->lock); return next; } /* check if the next ns is a sibling, parent, gp, .. */ parent = ns->parent; while (parent) { - read_unlock(&ns->lock); + mutex_unlock(&ns->lock); list_for_each_entry_continue(ns, &parent->sub_ns, base.list) { - read_lock(&ns->lock); + mutex_lock(&ns->lock); return ns; } if (parent == root) @@ -590,13 +591,13 @@ static struct aa_profile *__next_profile(struct aa_profile *p) base.list); /* is next profile a sibling, parent sibling, gp, subling, .. */ - parent = p->parent; + parent = rcu_dereference_protected(p->parent, mutex_is_locked(&p->ns->lock)); while (parent) { list_for_each_entry_continue(p, &parent->base.profiles, base.list) return p; p = parent; - parent = parent->parent; + parent = rcu_dereference_protected(parent->parent, mutex_is_locked(&parent->ns->lock)); } /* is next another profile in the namespace */ @@ -643,7 +644,7 @@ static void *p_start(struct seq_file *f, loff_t *pos) /* find the first profile */ - read_lock(&root->lock); + mutex_lock(&root->lock); profile = __first_profile(root, root); /* skip to position */ @@ -687,9 +688,9 @@ static void p_stop(struct seq_file *f, void *p) if (profile) { for (ns = profile->ns; ns && ns != root; ns = ns->parent) - read_unlock(&ns->lock); + mutex_unlock(&ns->lock); } - read_unlock(&root->lock); + mutex_unlock(&root->lock); aa_put_namespace(root); } -- 1.8.1.2 -- AppArmor mailing list AppArmor@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor