redonkable
/
alistair23-linux
1
0
Fork 0
Code Releases Activity
alistair23-linux/security/apparmor
History
Matthew Garrett 1a3881d305 apparmor: Fix regression in profile conflict logic 
The intended behaviour in apparmor profile matching is to flag a
conflict if two profiles match equally well. However, right now a
conflict is generated if another profile has the same match length even
if that profile doesn't actually match. Fix the logic so we only
generate a conflict if the profiles match.

Fixes: 844b8292b6 ("apparmor: ensure that undecidable profile attachments fail")
Cc: Stable <stable@vger.kernel.org>
Signed-off-by: Matthew Garrett <mjg59@google.com>
Signed-off-by: John Johansen <john.johansen@canonical.com>
 		2018-01-12 15:56:50 -08:00
..
include apparmor: fix ptrace label match when matching stacked labels 2018-01-12 15:49:59 -08:00
.gitignore Revert "apparmor: add base infastructure for socket mediation" 2017-10-26 19:35:35 +02:00
Kconfig apparmor: add debug assert AA_BUG and Kconfig to control debug info 2017-01-16 01:18:24 -08:00
Makefile License cleanup: add SPDX license identifiers to some files 2017-11-02 10:04:46 -07:00
apparmorfs.c Rename superblock flags (MS_xyz -> SB_xyz) 2017-11-27 13:05:09 -08:00
audit.c apparmor: switch from profiles to using labels on contexts 2017-06-10 17:11:38 -07:00
capability.c apparmor: move capability checks to using labels 2017-06-10 17:11:40 -07:00
context.c apparmor: switch from profiles to using labels on contexts 2017-06-10 17:11:38 -07:00
crypto.c apparmor: use SHASH_DESC_ON_STACK 2017-04-07 08:58:35 +10:00
domain.c apparmor: Fix regression in profile conflict logic 2018-01-12 15:56:50 -08:00
file.c apparmor: initialized returned struct aa_perms 2017-11-21 02:15:50 -08:00
ipc.c apparmor: fix ptrace label match when matching stacked labels 2018-01-12 15:49:59 -08:00
label.c + Cleanups 2017-11-23 20:48:26 -10:00
lib.c apparmor: remove unused redundant variable stop 2017-11-21 02:17:13 -08:00
lsm.c + Cleanups 2017-11-23 20:48:26 -10:00
match.c doc: ReSTify apparmor.txt 2017-05-18 10:32:38 -06:00
mount.c apparmor: fix regression in mount mediation when feature set is pinned 2018-01-05 15:07:42 -08:00
nulldfa.in apparmor: add a default null dfa 2017-01-16 01:18:34 -08:00
path.c apparmor: Move path lookup to using preallocated buffers 2017-06-08 11:29:34 -07:00
policy.c apparmor: fix possible recursive lock warning in __aa_create_ns 2017-11-21 02:17:16 -08:00
policy_ns.c apparmor: fix possible recursive lock warning in __aa_create_ns 2017-11-21 02:17:16 -08:00
policy_unpack.c apparmor: fix possible recursive lock warning in __aa_create_ns 2017-11-21 02:17:16 -08:00
procattr.c apparmor: switch getprocattr to using label_print fns() 2017-06-10 17:11:39 -07:00
resource.c apparmor: fix spelling mistake: "resoure" -> "resource" 2017-11-21 00:25:44 -08:00
secid.c apparmor: rename sid to secid 2017-01-16 00:42:17 -08:00