]>
Commit | Line | Data |
---|---|---|
8f69975d BS |
1 | From: John Johansen <jjohansen@suse.de> |
2 | Subject: AppArmor: Patch AppArmor for 2.6.25 kernel | |
3 | ||
4 | Add 64 bit capabilities support to AppArmor. | |
5 | ||
6 | Signed-off-by: John Johansen <jjohansen@suse.de> | |
7 | ||
8 | --- | |
9 | security/apparmor/module_interface.c | 22 ++++++++++++++++++---- | |
10 | 1 file changed, 18 insertions(+), 4 deletions(-) | |
11 | ||
12 | --- a/security/apparmor/module_interface.c | |
13 | +++ b/security/apparmor/module_interface.c | |
14 | @@ -395,15 +395,29 @@ static struct aa_profile *aa_unpack_prof | |
15 | if (!aa_is_nameX(e, AA_STRUCTEND, NULL)) | |
16 | goto fail; | |
17 | ||
18 | - if (!aa_is_u32(e, &(profile->capabilities), NULL)) | |
19 | + if (!aa_is_u32(e, &(profile->capabilities.cap[0]), NULL)) | |
20 | goto fail; | |
21 | - if (!aa_is_u32(e, &(profile->audit_caps), NULL)) | |
22 | + if (!aa_is_u32(e, &(profile->audit_caps.cap[0]), NULL)) | |
23 | goto fail; | |
24 | - if (!aa_is_u32(e, &(profile->quiet_caps), NULL)) | |
25 | + if (!aa_is_u32(e, &(profile->quiet_caps.cap[0]), NULL)) | |
26 | goto fail; | |
27 | - if (!aa_is_u32(e, &(profile->set_caps), NULL)) | |
28 | + if (!aa_is_u32(e, &(profile->set_caps.cap[0]), NULL)) | |
29 | goto fail; | |
30 | ||
31 | + if (aa_is_nameX(e, AA_STRUCT, "caps64")) { | |
32 | + /* optional upper half of 64 bit caps */ | |
33 | + if (!aa_is_u32(e, &(profile->capabilities.cap[1]), NULL)) | |
34 | + goto fail; | |
35 | + if (!aa_is_u32(e, &(profile->audit_caps.cap[1]), NULL)) | |
36 | + goto fail; | |
37 | + if (!aa_is_u32(e, &(profile->quiet_caps.cap[1]), NULL)) | |
38 | + goto fail; | |
39 | + if (!aa_is_u32(e, &(profile->set_caps.cap[1]), NULL)) | |
40 | + goto fail; | |
41 | + if (!aa_is_nameX(e, AA_STRUCTEND, NULL)) | |
42 | + goto fail; | |
43 | + } | |
44 | + | |
45 | if (!aa_unpack_rlimits(e, profile)) | |
46 | goto fail; | |
47 |