UBUNTU: SAUCE: apparmor: profiles in one ns can affect mediation in another ns

When the ns hierarchy a//foo and b//foo are compared the are
incorrectly identified as being the same as they have the same depth
and the same basename.

Instead make sure to compare the full hname to distinguish this case.

BugLink: http://bugs.launchpad.net/bugs/1615887
Signed-off-by: John Johansen <john.johansen@canonical.com>
Acked-by: Tim Gardner <tim.gardner@canonical.com>
Signed-off-by: Kamal Mostafa <kamal@canonical.com>

diff --git a/security/apparmor/label.c b/security/apparmor/label.c
index c453fc815cb3810ebc426fb0be336b6c1935edde..0a1dabdad446b4bb0d8213682b025c679a7b44af 100644 (file)
--- a/security/apparmor/label.c
+++ b/security/apparmor/label.c
@@ -112,8 +112,8 @@ static int ns_cmp(struct aa_ns *a, struct aa_ns *b)
 
        AA_BUG(!a);
        AA_BUG(!b);
-       AA_BUG(!a->base.name);
-       AA_BUG(!b->base.name);
+       AA_BUG(!a->base.hname);
+       AA_BUG(!b->base.hname);
 
        if (a == b)
                return 0;
@@ -122,7 +122,7 @@ static int ns_cmp(struct aa_ns *a, struct aa_ns *b)
        if (res)
                return res;
 
-       return strcmp(a->base.name, b->base.name);
+       return strcmp(a->base.hname, b->base.hname);
 }
 
 /**