korg/linux
0
0
Fork 0
mirror of https://mirrors.bfsu.edu.cn/git/linux.git synced 2024-11-23 20:24:12 +08:00
Code Issues Packages Projects Releases Wiki Activity
2504db2071
linux/security/apparmor
History
John Johansen 2504db2071 apparmor: fix overlapping attachment computation 
When finding the profile via patterned attachments, the longest left
match is being set to the static compile time value and not using the
runtime computed value.

Fix this by setting the candidate value to the greater of the
precomputed value or runtime computed value.

Fixes: 21f6066105 ("apparmor: improve overlapping domain attachment resolution")
Signed-off-by: John Johansen <john.johansen@canonical.com>
2022-07-19 02:52:36 -07:00
..
include apparmor: fix overlapping attachment computation 2022-07-19 02:52:36 -07:00
.gitignore .gitignore: add SPDX License Identifier 2020-03-25 11:50:48 +01:00
apparmorfs.c apparmor: Fix memleak in aa_simple_write_to_buffer() 2022-07-09 15:13:59 -07:00
audit.c apparmor: fix quiet_denied for file rules 2022-07-09 15:13:59 -07:00
capability.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 441 2019-06-05 17:37:17 +02:00
crypto.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 441 2019-06-05 17:37:17 +02:00
domain.c apparmor: fix overlapping attachment computation 2022-07-19 02:52:36 -07:00
file.c apparmor: handle idmapped mounts 2021-01-24 14:27:20 +01:00
ipc.c audit: purge audit_log_string from the intra-kernel audit API 2020-07-21 11:12:31 -04:00
Kconfig apparmor: Enable tuning of policy paranoid load for embedded systems 2022-07-09 15:13:59 -07:00
label.c apparmor: fix aa_label_asxprint return check 2022-07-09 15:13:59 -07:00
lib.c apparmor: Use struct_size() helper in kmalloc() 2022-07-09 15:13:59 -07:00
lsm.c apparmor: disable showing the mode as part of a secid to secctx 2022-07-13 17:18:29 -07:00
Makefile apparmor: add base infastructure for socket mediation 2018-03-13 17:25:48 -07:00
match.c apparmor: ensure that dfa state tables have entries 2020-04-08 04:42:48 -07:00
mount.c apparmor: fix reference count leak in aa_pivotroot() 2022-07-09 15:13:59 -07:00
net.c apparmor: add a kernel label to use on kernel objects 2022-07-13 16:37:21 -07:00
nulldfa.in apparmor: cleanup add proper line wrapping to nulldfa.in 2018-02-09 11:30:01 -08:00
path.c security: apparmor: delete repeated words in comments 2021-02-07 04:15:46 -08:00
policy_ns.c apparmor: Fix some kernel-doc comments 2022-07-19 02:39:15 -07:00
policy_unpack_test.c apparmor: test: Remove some casts which are no-longer required 2022-07-09 15:14:14 -07:00
policy_unpack.c apparmor: fix setting unconfined mode on a loaded profile 2022-07-19 02:43:12 -07:00
policy.c apparmor: make export of raw binary profile to userspace optional 2022-07-09 15:13:59 -07:00
procattr.c apparmor: Fix kernel-doc 2022-07-09 15:13:59 -07:00
resource.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 441 2019-06-05 17:37:17 +02:00
secid.c apparmor: disable showing the mode as part of a secid to secctx 2022-07-13 17:18:29 -07:00
stacksplitdfa.in apparmor: use the dfa to do label parse string splitting 2018-02-09 11:30:01 -08:00
task.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 441 2019-06-05 17:37:17 +02:00