aboutsummaryrefslogtreecommitdiffstats
path: root/security/apparmor/policy.c
diff options
context:
space:
mode:
Diffstat (limited to 'security/apparmor/policy.c')
-rw-r--r--security/apparmor/policy.c6
1 files changed, 4 insertions, 2 deletions
diff --git a/security/apparmor/policy.c b/security/apparmor/policy.c
index 3cdc1ad0787e..52cc865f1464 100644
--- a/security/apparmor/policy.c
+++ b/security/apparmor/policy.c
@@ -1151,12 +1151,14 @@ ssize_t aa_remove_profiles(char *fqname, size_t size)
1151 /* released below */ 1151 /* released below */
1152 ns = aa_get_namespace(root); 1152 ns = aa_get_namespace(root);
1153 1153
1154 write_lock(&ns->lock);
1155 if (!name) { 1154 if (!name) {
1156 /* remove namespace - can only happen if fqname[0] == ':' */ 1155 /* remove namespace - can only happen if fqname[0] == ':' */
1156 write_lock(&ns->parent->lock);
1157 __remove_namespace(ns); 1157 __remove_namespace(ns);
1158 write_unlock(&ns->parent->lock);
1158 } else { 1159 } else {
1159 /* remove profile */ 1160 /* remove profile */
1161 write_lock(&ns->lock);
1160 profile = aa_get_profile(__lookup_profile(&ns->base, name)); 1162 profile = aa_get_profile(__lookup_profile(&ns->base, name));
1161 if (!profile) { 1163 if (!profile) {
1162 error = -ENOENT; 1164 error = -ENOENT;
@@ -1165,8 +1167,8 @@ ssize_t aa_remove_profiles(char *fqname, size_t size)
1165 } 1167 }
1166 name = profile->base.hname; 1168 name = profile->base.hname;
1167 __remove_profile(profile); 1169 __remove_profile(profile);
1170 write_unlock(&ns->lock);
1168 } 1171 }
1169 write_unlock(&ns->lock);
1170 1172
1171 /* don't fail removal if audit fails */ 1173 /* don't fail removal if audit fails */
1172 (void) audit_policy(OP_PROF_RM, GFP_KERNEL, name, info, error); 1174 (void) audit_policy(OP_PROF_RM, GFP_KERNEL, name, info, error);
generated by cgit v1.2.2 (git 2.25.0) at 2025-11-12 17:38:02 -0500