summaryrefslogtreecommitdiffstats
path: root/security/apparmor/policy_unpack.c
diff options
context:
space:
mode:
authorJohn Johansen <john.johansen@canonical.com>2022-07-16 12:29:19 +0200
committerJohn Johansen <john.johansen@canonical.com>2022-10-03 23:49:03 +0200
commitae6d35ed0a481824a8730c39d5b319c8a76ea00e (patch)
tree920f39dc7574d2336cfdc0f00f948fd8122845fe /security/apparmor/policy_unpack.c
parentapparmor: move dfa perm macros into policy_unpack (diff)
downloadlinux-ae6d35ed0a481824a8730c39d5b319c8a76ea00e.tar.xz
linux-ae6d35ed0a481824a8730c39d5b319c8a76ea00e.zip
apparmor: extend xindex size
Allow the xindex to have 2^24 entries. Signed-off-by: John Johansen <john.johansen@canonical.com>
Diffstat (limited to 'security/apparmor/policy_unpack.c')
-rw-r--r--security/apparmor/policy_unpack.c8
1 files changed, 4 insertions, 4 deletions
diff --git a/security/apparmor/policy_unpack.c b/security/apparmor/policy_unpack.c
index 32cca5f27b8f..c578d9af785e 100644
--- a/security/apparmor/policy_unpack.c
+++ b/security/apparmor/policy_unpack.c
@@ -489,8 +489,8 @@ static bool unpack_trans_table(struct aa_ext *e, struct aa_profile *profile)
int i, size;
size = unpack_array(e, NULL);
- /* currently 4 exec bits and entries 0-3 are reserved iupcx */
- if (size > 16 - 4)
+ /* currently 2^24 bits entries 0-3 */
+ if (size > (1 << 24))
goto fail;
profile->file.trans.table = kcalloc(size, sizeof(char *),
GFP_KERNEL);
@@ -672,10 +672,10 @@ static int datacmp(struct rhashtable_compare_arg *arg, const void *obj)
}
/* remap old accept table embedded permissions to separate permission table */
-static u16 dfa_map_xindex(u16 mask)
+static u32 dfa_map_xindex(u16 mask)
{
u16 old_index = (mask >> 10) & 0xf;
- u16 index = 0;
+ u32 index = 0;
if (mask & 0x100)
index |= AA_X_UNSAFE;