From dcda617a0c5160c73e0aa02813c871339ea08004 Mon Sep 17 00:00:00 2001 From: John Johansen Date: Mon, 11 Apr 2016 16:55:10 -0700 Subject: [PATCH] apparmor: fix refcount bug in profile replacement Signed-off-by: John Johansen Acked-by: Seth Arnold --- security/apparmor/policy.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/security/apparmor/policy.c b/security/apparmor/policy.c index 705c2879d3a9..222052f64e2c 100644 --- a/security/apparmor/policy.c +++ b/security/apparmor/policy.c @@ -1189,12 +1189,12 @@ ssize_t aa_replace_profiles(void *udata, size_t size, bool noreplace) aa_get_profile(newest); aa_put_profile(parent); rcu_assign_pointer(ent->new->parent, newest); - } else - aa_put_profile(newest); + } /* aafs interface uses replacedby */ rcu_assign_pointer(ent->new->replacedby->profile, aa_get_profile(ent->new)); __list_add_profile(&parent->base.profiles, ent->new); + aa_put_profile(newest); } else { /* aafs interface uses replacedby */ rcu_assign_pointer(ent->new->replacedby->profile, -- 2.39.5