[apparmor] patch: override AF_MAX for kernels that don't support proper masking
kees.cook at canonical.com
Thu Mar 3 23:42:42 UTC 2011
On Thu, Mar 03, 2011 at 01:42:13PM -0800, John Johansen wrote:
> Older versions of the apparmor kernel patches didn't handle receiving
> network tables of a larger size than expected.
> Allow the parser to detect the kernel version and override the AF_MAX
> value for those kernels.
> This also replaces the hack using a hardcoded limit of 36 for kernels
> missing the features flag.
Oh, nice fix. Excellent; ACK.
Ubuntu Security Team
More information about the AppArmor