Merge tag 'apparmor-pr-2022-12-14' of git://git.kernel.org/pub/scm/linux/kernel/git...

[linux-block.git] / security / apparmor / domain.c

diff --git a/security/apparmor/domain.c b/security/apparmor/domain.c
index b447bc13ea8e2cc833d13a5ca192187bf5575e23..6dd3cc5309bfe5a2daa97c11bcadcd7fbd22ee0c 100644 (file)
--- a/security/apparmor/domain.c
+++ b/security/apparmor/domain.c
@@ -299,11 +299,10 @@ static int aa_xattrs_match(const struct linux_binprm *bprm,
                           struct aa_profile *profile, aa_state_t state)
 {
        int i;
-       ssize_t size;
        struct dentry *d;
        char *value = NULL;
        struct aa_attachment *attach = &profile->attach;
-       int value_size = 0, ret = attach->xattr_count;
+       int size, value_size = 0, ret = attach->xattr_count;
 
        if (!bprm || !attach->xattr_count)
                return 0;
@@ -863,10 +862,10 @@ int apparmor_bprm_creds_for_exec(struct linux_binprm *bprm)
        const char *info = NULL;
        int error = 0;
        bool unsafe = false;
-       kuid_t i_uid = i_uid_into_mnt(file_mnt_user_ns(bprm->file),
-                                     file_inode(bprm->file));
+       vfsuid_t vfsuid = i_uid_into_vfsuid(file_mnt_user_ns(bprm->file),
+                                           file_inode(bprm->file));
        struct path_cond cond = {
-               i_uid,
+               vfsuid_into_kuid(vfsuid),
                file_inode(bprm->file)->i_mode
        };
 
@@ -974,7 +973,7 @@ audit:
        error = fn_for_each(label, profile,
                        aa_audit_file(profile, &nullperms, OP_EXEC, MAY_EXEC,
                                      bprm->filename, NULL, new,
-                                     i_uid, info, error));
+                                     vfsuid_into_kuid(vfsuid), info, error));
        aa_put_label(new);
        goto done;
 }