diff options
| author | Linus Torvalds <torvalds@linux-foundation.org> | 2018-08-24 13:00:33 -0700 |
|---|---|---|
| committer | Linus Torvalds <torvalds@linux-foundation.org> | 2018-08-24 13:00:33 -0700 |
| commit | 57bb8e37d71eac45b6ea9180698a9cc3db945e26 (patch) | |
| tree | a0ec057a95a4e2b0356d959808c33fd966b3a80d /security/apparmor/apparmorfs.c | |
| parent | aa5b1054badb60191f6a09e7ef65beacf837c5d4 (diff) | |
| parent | c037bd615885f1d9d3bdb48531bace79fae1505d (diff) | |
Merge tag 'apparmor-pr-2018-08-23' of git://git.kernel.org/pub/scm/linux/kernel/git/jj/linux-apparmor
Pull apparmor updates from John Johansen:
"There is nothing major this time just four bug fixes and a patch to
remove some dead code:
Cleanups:
- remove no-op permission check in policy_unpack
Bug fixes:
- fix an error code in __aa_create_ns()
- fix failure to audit context info in build_change_hat
- check buffer bounds when mapping permissions mask
- fully initialize aa_perms struct when answering userspace query"
* tag 'apparmor-pr-2018-08-23' of git://git.kernel.org/pub/scm/linux/kernel/git/jj/linux-apparmor:
apparmor: remove no-op permission check in policy_unpack
apparmor: fix an error code in __aa_create_ns()
apparmor: Fix failure to audit context info in build_change_hat
apparmor: Fully initialize aa_perms struct when answering userspace query
apparmor: Check buffer bounds when mapping permissions mask
Diffstat (limited to 'security/apparmor/apparmorfs.c')
| -rw-r--r-- | security/apparmor/apparmorfs.c | 5 |
1 files changed, 1 insertions, 4 deletions
diff --git a/security/apparmor/apparmorfs.c b/security/apparmor/apparmorfs.c index 949dd8a48164..e09fe4d7307c 100644 --- a/security/apparmor/apparmorfs.c +++ b/security/apparmor/apparmorfs.c @@ -603,7 +603,7 @@ static const struct file_operations aa_fs_ns_revision_fops = { static void profile_query_cb(struct aa_profile *profile, struct aa_perms *perms, const char *match_str, size_t match_len) { - struct aa_perms tmp; + struct aa_perms tmp = { }; struct aa_dfa *dfa; unsigned int state = 0; @@ -613,7 +613,6 @@ static void profile_query_cb(struct aa_profile *profile, struct aa_perms *perms, dfa = profile->file.dfa; state = aa_dfa_match_len(dfa, profile->file.start, match_str + 1, match_len - 1); - tmp = nullperms; if (state) { struct path_cond cond = { }; @@ -627,8 +626,6 @@ static void profile_query_cb(struct aa_profile *profile, struct aa_perms *perms, match_str, match_len); if (state) aa_compute_perms(dfa, state, &tmp); - else - tmp = nullperms; } aa_apply_modes_to_perms(profile, &tmp); aa_perms_accum_raw(perms, &tmp); |