projects / packages / kernel.git / blame
| Commit | Line | Data |
|---|---|---|
| daaa955e AM |
1 | From 9934296cba701d429a0fc0cf071a40c8c3a1587e Mon Sep 17 00:00:00 2001 |
| 2 | From: Christos Gkekas <chris.gekas@gmail.com> | |
| 3 | Date: Sat, 8 Jul 2017 20:50:21 +0100 | |
| 4 | Subject: [PATCH 03/17] apparmor: Fix logical error in verify_header() | |
| 5 | ||
| 6 | verify_header() is currently checking whether interface version is less | |
| 7 | than 5 *and* greater than 7, which always evaluates to false. Instead it | |
| 8 | should check whether it is less than 5 *or* greater than 7. | |
| 9 | ||
| 10 | Signed-off-by: Christos Gkekas <chris.gekas@gmail.com> | |
| 11 | Signed-off-by: John Johansen <john.johansen@canonical.com> | |
| 12 | (cherry picked from commit c54a2175e3a6bf6c697d249bba1aa729e06c7ba8) | |
| 13 | --- | |
| 14 | security/apparmor/policy_unpack.c | 2 +- | |
| 15 | 1 file changed, 1 insertion(+), 1 deletion(-) | |
| 16 | ||
| 17 | diff --git a/security/apparmor/policy_unpack.c b/security/apparmor/policy_unpack.c | |
| 18 | index 2d5a1a007b06..bda0dce3b582 100644 | |
| 19 | --- a/security/apparmor/policy_unpack.c | |
| 20 | +++ b/security/apparmor/policy_unpack.c | |
| 21 | @@ -832,7 +832,7 @@ static int verify_header(struct aa_ext *e, int required, const char **ns) | |
| 22 | * if not specified use previous version | |
| 23 | * Mask off everything that is not kernel abi version | |
| 24 | */ | |
| 25 | - if (VERSION_LT(e->version, v5) && VERSION_GT(e->version, v7)) { | |
| 26 | + if (VERSION_LT(e->version, v5) || VERSION_GT(e->version, v7)) { | |
| 27 | audit_iface(NULL, NULL, NULL, "unsupported interface version", | |
| 28 | e, error); | |
| 29 | return error; | |
| 30 | -- | |
| 31 | 2.11.0 | |
| 32 |