1 From: John Johansen <jjohansen@suse.de>
2 Subject: AppArmor: Patch AppArmor for 2.6.25 kernel
4 Add 64 bit capabilities support to AppArmor.
6 Signed-off-by: John Johansen <jjohansen@suse.de>
9 security/apparmor/module_interface.c | 22 ++++++++++++++++++----
10 1 file changed, 18 insertions(+), 4 deletions(-)
12 --- a/security/apparmor/module_interface.c
13 +++ b/security/apparmor/module_interface.c
14 @@ -395,15 +395,29 @@ static struct aa_profile *aa_unpack_prof
15 if (!aa_is_nameX(e, AA_STRUCTEND, NULL))
18 - if (!aa_is_u32(e, &(profile->capabilities), NULL))
19 + if (!aa_is_u32(e, &(profile->capabilities.cap[0]), NULL))
21 - if (!aa_is_u32(e, &(profile->audit_caps), NULL))
22 + if (!aa_is_u32(e, &(profile->audit_caps.cap[0]), NULL))
24 - if (!aa_is_u32(e, &(profile->quiet_caps), NULL))
25 + if (!aa_is_u32(e, &(profile->quiet_caps.cap[0]), NULL))
27 - if (!aa_is_u32(e, &(profile->set_caps), NULL))
28 + if (!aa_is_u32(e, &(profile->set_caps.cap[0]), NULL))
31 + if (aa_is_nameX(e, AA_STRUCT, "caps64")) {
32 + /* optional upper half of 64 bit caps */
33 + if (!aa_is_u32(e, &(profile->capabilities.cap[1]), NULL))
35 + if (!aa_is_u32(e, &(profile->audit_caps.cap[1]), NULL))
37 + if (!aa_is_u32(e, &(profile->quiet_caps.cap[1]), NULL))
39 + if (!aa_is_u32(e, &(profile->set_caps.cap[1]), NULL))
41 + if (!aa_is_nameX(e, AA_STRUCTEND, NULL))
45 if (!aa_unpack_rlimits(e, profile))