1 files changed, 14 insertions, 6 deletions
diff --git a/security/apparmor/policy_unpack.c b/security/apparmor/policy_unpack.c
index bdaef2e1b2a0..a689f10930b5 100644
--- a/security/apparmor/policy_unpack.c
+++ b/security/apparmor/policy_unpack.c
@@ -24,6 +24,7 @@
 #include "include/apparmor.h"
 #include "include/audit.h"
 #include "include/context.h"
+#include "include/crypto.h"
 #include "include/match.h"
 #include "include/policy.h"
 #include "include/policy_unpack.h"
@@ -758,10 +759,12 @@ int aa_unpack(void *udata, size_t size, struct list_head *lh, const char **ns)
        *ns = NULL;
        while (e.pos < e.end) {
+                void *start;
                error = verify_header(&e, e.pos == e.start, ns);
                if (error)
                        goto fail;
+                start = e.pos;
                profile = unpack_profile(&e);
                if (IS_ERR(profile)) {
                        error = PTR_ERR(profile);
@@ -769,16 +772,18 @@ int aa_unpack(void *udata, size_t size, struct list_head *lh, const char **ns)
                }
                error = verify_profile(profile);
-                if (error) {
+                if (error)
-                        aa_free_profile(profile);
+                        goto fail_profile;
-                        goto fail;
-                }
+                error = aa_calc_profile_hash(profile, e.version, start,
+                                             e.pos - start);
+                if (error)
+                        goto fail_profile;
                ent = aa_load_ent_alloc();
                if (!ent) {
                        error = -ENOMEM;
-                        aa_put_profile(profile);
+                        goto fail_profile;
-                        goto fail;
                }
                ent->new = profile;
@@ -787,6 +792,9 @@ int aa_unpack(void *udata, size_t size, struct list_head *lh, const char **ns)
        return 0;
+fail_profile:
+        aa_put_profile(profile);
 fail:
        list_for_each_entry_safe(ent, tmp, lh, list) {
                list_del_init(&ent->list);

diff --git a/security/apparmor/policy_unpack.c b/security/apparmor/policy_unpack.c index bdaef2e1b2a0..a689f10930b5 100644 --- a/security/apparmor/policy_unpack.c +++ b/security/apparmor/policy_unpack.c
@@ -24,6 +24,7 @@
24	#include "include/apparmor.h"	24	#include "include/apparmor.h"
25	#include "include/audit.h"	25	#include "include/audit.h"
26	#include "include/context.h"	26	#include "include/context.h"
		27	#include "include/crypto.h"
27	#include "include/match.h"	28	#include "include/match.h"
28	#include "include/policy.h"	29	#include "include/policy.h"
29	#include "include/policy_unpack.h"	30	#include "include/policy_unpack.h"
@@ -758,10 +759,12 @@ int aa_unpack(void udata, size_t size, struct list_head lh, const char **ns)
758		759
759	*ns = NULL;	760	*ns = NULL;
760	while (e.pos < e.end) {	761	while (e.pos < e.end) {
		762	void *start;
761	error = verify_header(&e, e.pos == e.start, ns);	763	error = verify_header(&e, e.pos == e.start, ns);
762	if (error)	764	if (error)
763	goto fail;	765	goto fail;
764		766
		767	start = e.pos;
765	profile = unpack_profile(&e);	768	profile = unpack_profile(&e);
766	if (IS_ERR(profile)) {	769	if (IS_ERR(profile)) {
767	error = PTR_ERR(profile);	770	error = PTR_ERR(profile);
@@ -769,16 +772,18 @@ int aa_unpack(void udata, size_t size, struct list_head lh, const char **ns)
769	}	772	}
770		773
771	error = verify_profile(profile);	774	error = verify_profile(profile);
772	if (error) {	775	if (error)
773	aa_free_profile(profile);	776	goto fail_profile;
774	goto fail;	777
775	}	778	error = aa_calc_profile_hash(profile, e.version, start,
		779	e.pos - start);
		780	if (error)
		781	goto fail_profile;
776		782
777	ent = aa_load_ent_alloc();	783	ent = aa_load_ent_alloc();
778	if (!ent) {	784	if (!ent) {
779	error = -ENOMEM;	785	error = -ENOMEM;
780	aa_put_profile(profile);	786	goto fail_profile;
781	goto fail;
782	}	787	}
783		788
784	ent->new = profile;	789	ent->new = profile;
@@ -787,6 +792,9 @@ int aa_unpack(void udata, size_t size, struct list_head lh, const char **ns)
787		792
788	return 0;	793	return 0;
789		794
		795	fail_profile:
		796	aa_put_profile(profile);
		797
790	fail:	798	fail:
791	list_for_each_entry_safe(ent, tmp, lh, list) {	799	list_for_each_entry_safe(ent, tmp, lh, list) {
792	list_del_init(&ent->list);	800	list_del_init(&ent->list);