linux-stable/security/apparmor/include
John Johansen 2672f3eb7a apparmor: fix overlapping attachment computation
commit 2504db2071 upstream.

When finding the profile via patterned attachments, the longest left
match is being set to the static compile time value and not using the
runtime computed value.

Fix this by setting the candidate value to the greater of the
precomputed value or runtime computed value.

Fixes: 21f6066105 ("apparmor: improve overlapping domain attachment resolution")
Signed-off-by: John Johansen <john.johansen@canonical.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2022-08-25 11:37:53 +02:00
..
apparmor.h + Features 2019-12-03 12:51:35 -08:00
apparmorfs.h
audit.h
capability.h
cred.h
crypto.h
domain.h exec: Factor security_bprm_creds_for_exec out of security_bprm_set_creds 2020-05-20 14:45:31 -05:00
file.h mm, treewide: rename kzfree() to kfree_sensitive() 2020-08-07 11:33:22 -07:00
ipc.h
label.h apparmor: Fix memory leak of profile proxy 2020-06-07 13:38:55 -07:00
lib.h apparmor: fix absroot causing audited secids to begin with = 2022-08-25 11:37:52 +02:00
match.h apparmor: add outofband transition and use it in xattr match 2020-01-21 06:00:20 -08:00
mount.h
net.h
path.h + Features 2019-12-03 12:51:35 -08:00
perms.h
policy.h apparmor: fix overlapping attachment computation 2022-08-25 11:37:53 +02:00
policy_ns.h
policy_unpack.h + Features 2019-12-03 12:51:35 -08:00
procattr.h
resource.h
secid.h
sig_names.h
task.h