apparmor: convert policy lookup to use accept as an index

Remap polidydb dfa accept table from embedded perms to an index, and then move the perm lookup to use the accept entry as an index into the perm table. This is done so that the perm table can be separated from the dfa, allowing dfa accept to index to share expanded permission sets. Signed-off-by: John Johansen <john.johansen@canonical.com>
author: John Johansen <john.johansen@canonical.com> 2022-07-16 10:53:46 +0200
committer: John Johansen <john.johansen@canonical.com> 2022-10-03 23:49:03 +0200
commit: e844fe9b51c984472ea98be3b2d1201ba9ee3213 (patch)
tree: 167bf6c3beeec74821dd3f2d54b77b3c37b3a361 /security/apparmor/net.c
parent: apparmor: cleanup shared permission struct (diff)
download: linux-e844fe9b51c984472ea98be3b2d1201ba9ee3213.tar.xz
linux-e844fe9b51c984472ea98be3b2d1201ba9ee3213.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/security/apparmor/net.c b/security/apparmor/net.c
index 88e8a7ea54c0..fcfb97079e1b 100644
--- a/security/apparmor/net.c
+++ b/security/apparmor/net.c
@@ -125,7 +125,7 @@ int aa_profile_af_perm(struct aa_profile *profile, struct common_audit_data *sa,
 	buffer[1] = cpu_to_be16((u16) type);
 	state = aa_dfa_match_len(profile->policy.dfa, state, (char *) &buffer,
 				 4);
-	perms = *aa_lookup_perms(profile->policy.perms, state);
+	perms = *aa_lookup_perms(&profile->policy, state);
 	aa_apply_modes_to_perms(profile, &perms);
 
 	return aa_check_perms(profile, &perms, request, sa, audit_net_cb);
author	John Johansen <john.johansen@canonical.com>	2022-07-16 10:53:46 +0200
committer	John Johansen <john.johansen@canonical.com>	2022-10-03 23:49:03 +0200
commit	e844fe9b51c984472ea98be3b2d1201ba9ee3213 (patch)
tree	167bf6c3beeec74821dd3f2d54b77b3c37b3a361 /security/apparmor/net.c
parent	apparmor: cleanup shared permission struct (diff)
download	linux-e844fe9b51c984472ea98be3b2d1201ba9ee3213.tar.xz linux-e844fe9b51c984472ea98be3b2d1201ba9ee3213.zip