projects / cascardo / linux.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 4da05cc) | patch
apparmor: reserve and mask off the top 8 bits of the base field
authorJohn Johansen <john.johansen@canonical.com>
Tue, 19 Feb 2013 00:12:34 +0000 (16:12 -0800)
committerJohn Johansen <john.johansen@canonical.com>
Sun, 28 Apr 2013 07:37:32 +0000 (00:37 -0700)
commited686308c6837ff67f56e4115d0fd6bdc65a4313
treef883525ee2c10d846c0f9f4c6fcb01208bee5a26tree | snapshot
parent4da05cc08da3f2058cecbe42ed9f4803d669730acommit | diff
apparmor: reserve and mask off the top 8 bits of the base field

The top 8 bits of the base field have never been used, in fact can't
be used, by the current 'dfa16' format.  However they will be used in the
future as flags, so mask them off when using base as an index value.

Note: the use of the top 8 bits, without masking is trapped by the verify
      checks that base entries are within the size bounds.

Signed-off-by: John Johansen <john.johansen@canonical.com>
Acked-by: Kees Cook <kees@ubuntu.com>
security/apparmor/match.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.