diff options
| -rw-r--r-- | security/apparmor/domain.c | 3 | ||||
| -rw-r--r-- | security/apparmor/file.c | 2 |
2 files changed, 4 insertions, 1 deletions
diff --git a/security/apparmor/domain.c b/security/apparmor/domain.c index 7c69599a69e1..6327685c101e 100644 --- a/security/apparmor/domain.c +++ b/security/apparmor/domain.c | |||
| @@ -410,7 +410,8 @@ int apparmor_bprm_set_creds(struct linux_binprm *bprm) | |||
| 410 | * exec\0change_profile | 410 | * exec\0change_profile |
| 411 | */ | 411 | */ |
| 412 | state = aa_dfa_null_transition(profile->file.dfa, state); | 412 | state = aa_dfa_null_transition(profile->file.dfa, state); |
| 413 | cp = change_profile_perms(profile, cxt->onexec->ns, name, | 413 | cp = change_profile_perms(profile, cxt->onexec->ns, |
| 414 | cxt->onexec->base.name, | ||
| 414 | AA_MAY_ONEXEC, state); | 415 | AA_MAY_ONEXEC, state); |
| 415 | 416 | ||
| 416 | if (!(cp.allow & AA_MAY_ONEXEC)) | 417 | if (!(cp.allow & AA_MAY_ONEXEC)) |
diff --git a/security/apparmor/file.c b/security/apparmor/file.c index 3022c0f4f0db..5d176f2530c9 100644 --- a/security/apparmor/file.c +++ b/security/apparmor/file.c | |||
| @@ -215,6 +215,8 @@ static struct file_perms compute_perms(struct aa_dfa *dfa, unsigned int state, | |||
| 215 | /* change_profile wasn't determined by ownership in old mapping */ | 215 | /* change_profile wasn't determined by ownership in old mapping */ |
| 216 | if (ACCEPT_TABLE(dfa)[state] & 0x80000000) | 216 | if (ACCEPT_TABLE(dfa)[state] & 0x80000000) |
| 217 | perms.allow |= AA_MAY_CHANGE_PROFILE; | 217 | perms.allow |= AA_MAY_CHANGE_PROFILE; |
| 218 | if (ACCEPT_TABLE(dfa)[state] & 0x40000000) | ||
| 219 | perms.allow |= AA_MAY_ONEXEC; | ||
| 218 | 220 | ||
| 219 | return perms; | 221 | return perms; |
| 220 | } | 222 | } |