summaryrefslogtreecommitdiff
path: root/security/apparmor/task.c
diff options
context:
space:
mode:
Diffstat (limited to 'security/apparmor/task.c')
-rw-r--r--security/apparmor/task.c7
1 files changed, 7 insertions, 0 deletions
diff --git a/security/apparmor/task.c b/security/apparmor/task.c
index 44b9b938e06d..c6b78a14da91 100644
--- a/security/apparmor/task.c
+++ b/security/apparmor/task.c
@@ -45,6 +45,7 @@ struct aa_label *aa_get_task_label(struct task_struct *task)
int aa_replace_current_label(struct aa_label *label)
{
struct aa_label *old = aa_current_raw_label();
+ struct aa_task_ctx *ctx = task_ctx(current);
struct cred *new;
AA_BUG(!label);
@@ -59,6 +60,12 @@ int aa_replace_current_label(struct aa_label *label)
if (!new)
return -ENOMEM;
+ if (ctx->nnp && label_is_stale(ctx->nnp)) {
+ struct aa_label *tmp = ctx->nnp;
+
+ ctx->nnp = aa_get_newest_label(tmp);
+ aa_put_label(tmp);
+ }
if (unconfined(label) || (labels_ns(old) != labels_ns(label)))
/*
* if switching to unconfined or a different label namespace
generated by cgit v1.2.3 (git 2.39.0) at 2024-08-10 22:19:04 +0300