GitHub-Mirror/Star64_linux
2
0
Fork 0
mirror of https://github.com/Fishwaldo/Star64_linux.git synced 2025-07-23 15:27:29 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

apparmor: add a default null dfa

Browse source 
Instead of testing whether a given dfa exists in every code path, have
a default null dfa that is used when loaded policy doesn't provide a
dfa.

This will let us get rid of special casing and avoid dereference bugs
when special casing is missed.

Signed-off-by: John Johansen <john.johansen@canonical.com>
This commit is contained in:
John Johansen 2017-01-16 00:42:42 -08:00
parent 6604d4c1c1
commit 11c236b89d
6 changed files with 46 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

7
security/apparmor/lsm.c
View file

@ -878,6 +878,12 @@ static int __init apparmor_init(void)
return 0;
}
error = aa_setup_dfa_engine();
if (error) {
AA_ERROR("Unable to setup dfa engine\n");
goto alloc_out;
}
error = aa_alloc_root_ns();
if (error) {
AA_ERROR("Unable to allocate default profile namespace\n");
@ -905,6 +911,7 @@ static int __init apparmor_init(void)
alloc_out:
aa_destroy_aafs();
aa_teardown_dfa_engine();
apparmor_enabled = 0;
return error;