OpenE2K
/
linux
6
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
linux/security/apparmor
History
John Johansen d79e57db45 apparmor: ensure that dfa state tables have entries 
commit c27c6bd2c4 upstream.

Currently it is possible to specify a state machine table with 0 length,
this is not valid as optional tables are specified by not defining
the table as present. Further this allows by-passing the base tables
range check against the next/check tables.

Fixes: d901d6a298 ("apparmor: dfa split verification of table headers")
Reported-by: Mike Salvatore <mike.salvatore@canonical.com>
Signed-off-by: John Johansen <john.johansen@canonical.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 		2020-07-22 09:33:05 +02:00
..
include apparmor: fix nnp subset test for unconfined 2020-06-24 17:50:20 +02:00
.gitignore
Kconfig
Makefile
apparmorfs.c apparmor: Fix aa_label refcnt leak in policy_update 2020-05-27 17:46:42 +02:00
audit.c
capability.c
crypto.c
domain.c apparmor: fix nnp subset test for unconfined 2020-06-24 17:50:20 +02:00
file.c
ipc.c
label.c apparmor: fix nnp subset test for unconfined 2020-06-24 17:50:20 +02:00
lib.c
lsm.c apparmor: check/put label on apparmor_sk_clone_security() 2020-06-24 17:50:19 +02:00
match.c apparmor: ensure that dfa state tables have entries 2020-07-22 09:33:05 +02:00
mount.c
net.c
nulldfa.in
path.c
policy.c
policy_ns.c
policy_unpack.c
procattr.c
resource.c
secid.c
stacksplitdfa.in
task.c