[apparmor] [PATCH 0/2] Fix various bugs involving aa_dfa_leftmatch and conflicting attachment resolution
Ryan Lee
ryan.lee at canonical.com
Thu May 1 19:54:37 UTC 2025
While developing a patchset (emails for those forthcoming) to generate
audit logs upon detection of conflicting attachments, I also discovered
multiple bugs in the aa_dfa_leftmatch count generation logic (details in
the commit messages for each patch). These are patches to fix those bugs
and enable conflicting attachments to be detected in more cases.
Ryan Lee (2):
apparmor: ensure WB_HISTORY_SIZE value is a power of 2
apparmor: fix loop detection used in conflicting attachment resolution
security/apparmor/include/match.h | 8 +++-----
security/apparmor/match.c | 23 ++++++++++++-----------
2 files changed, 15 insertions(+), 16 deletions(-)
--
2.43.0
More information about the AppArmor
mailing list