1 files changed, 15 insertions, 3 deletions
diff --git a/security/apparmor/domain.c b/security/apparmor/domain.c
index ad456546df5b..04ba9d0718ea 100644
--- a/security/apparmor/domain.c
+++ b/security/apparmor/domain.c
@@ -561,9 +561,21 @@ static struct aa_label *profile_transition(struct aa_profile *profile,
                }
        } else if (COMPLAIN_MODE(profile)) {
                /* no exec permission - learning mode */
-                struct aa_profile *new_profile = aa_new_null_profile(profile,
+                struct aa_profile *new_profile = NULL;
-                                                              false, name,
+                char *n = kstrdup(name, GFP_ATOMIC);
-                                                              GFP_ATOMIC);
+                if (n) {
+                        /* name is ptr into buffer */
+                        long pos = name - buffer;
+                        /* break per cpu buffer hold */
+                        put_buffers(buffer);
+                        new_profile = aa_new_null_profile(profile, false, n,
+                                                          GFP_KERNEL);
+                        get_buffers(buffer);
+                        name = buffer + pos;
+                        strcpy((char *)name, n);
+                        kfree(n);
+                }
                if (!new_profile) {
                        error = -ENOMEM;
                        info = "could not create null profile";

diff --git a/security/apparmor/domain.c b/security/apparmor/domain.c index ad456546df5b..04ba9d0718ea 100644 --- a/security/apparmor/domain.c +++ b/security/apparmor/domain.c
@@ -561,9 +561,21 @@ static struct aa_label profile_transition(struct aa_profile profile,
561	}	561	}
562	} else if (COMPLAIN_MODE(profile)) {	562	} else if (COMPLAIN_MODE(profile)) {
563	/* no exec permission - learning mode */	563	/* no exec permission - learning mode */
564	struct aa_profile *new_profile = aa_new_null_profile(profile,	564	struct aa_profile *new_profile = NULL;
565	false, name,	565	char *n = kstrdup(name, GFP_ATOMIC);
566	GFP_ATOMIC);	566
		567	if (n) {
		568	/* name is ptr into buffer */
		569	long pos = name - buffer;
		570	/* break per cpu buffer hold */
		571	put_buffers(buffer);
		572	new_profile = aa_new_null_profile(profile, false, n,
		573	GFP_KERNEL);
		574	get_buffers(buffer);
		575	name = buffer + pos;
		576	strcpy((char *)name, n);
		577	kfree(n);
		578	}
567	if (!new_profile) {	579	if (!new_profile) {
568	error = -ENOMEM;	580	error = -ENOMEM;
569	info = "could not create null profile";	581	info = "could not create null profile";