Linux kernel stable tree (mirror) https://git.radix-linux.su/kernel/linux.git/atom?h=v5.0.15 2018-09-13T16:44:56+00:00 2018-09-13T16:44:56+00:00 Jann Horn jannh@google.com 2018-09-13T16:12:09+00:00 urn:sha1:1f8266ff58840d698a1e96d2274189de1bdf7969 As a comment above begin_current_label_crit_section() explains, begin_current_label_crit_section() must run in sleepable context because when label_is_stale() is true, aa_replace_current_label() runs, which uses prepare_creds(), which can sleep. Until now, the ptrace access check (which runs with a task lock held) violated this rule. Also add a might_sleep() assertion to begin_current_label_crit_section(), because asserts are less likely to be ignored than comments. Fixes: b2d09ae449ced ("apparmor: move ptrace checks to using labels") Signed-off-by: Jann Horn <jannh@google.com> Signed-off-by: John Johansen <john.johansen@canonical.com> 2018-02-09T19:30:01+00:00 John Johansen john.johansen@canonical.com 2017-10-11T08:04:48+00:00 urn:sha1:d8889d49e414b371eb235c08c3a759ab3e0cfa51 Now that file contexts have been moved into file, and task context fns() and data have been split from the context, only the cred context remains in context.h so rename to cred.h to better reflect what it deals with. Signed-off-by: John Johansen <john.johansen@canonical.com>