diff mbox series

apparmor: fix 'Do simple duplicate message elimination'

Message ID MEYP282MB1623FD643831C9B85EF45064C527A@MEYP282MB1623.AUSP282.PROD.OUTLOOK.COM (mailing list archive)
State Handled Elsewhere
Headers show
Series apparmor: fix 'Do simple duplicate message elimination' | expand

Commit Message

chao liu June 27, 2023, 2:03 a.m. UTC
Multiple profiles shared 'ent->caps', so some logs missed.

Signed-off-by: chao liu <liuzgyid@outlook.com>
---
 security/apparmor/capability.c | 2 ++
 1 file changed, 2 insertions(+)
diff mbox series

Patch

diff --git a/security/apparmor/capability.c b/security/apparmor/capability.c
index deccea865..1b13fd89d 100644
--- a/security/apparmor/capability.c
+++ b/security/apparmor/capability.c
@@ -94,6 +94,8 @@  static int audit_caps(struct common_audit_data *sa, struct aa_profile *profile,
 		return error;
 	} else {
 		aa_put_profile(ent->profile);
+		if (profile != ent->profile)
+			cap_clear(ent->caps);
 		ent->profile = aa_get_profile(profile);
 		cap_raise(ent->caps, cap);
 	}