[PATCH 10/11] AppArmor: make the global side the correct type
john.johansen at canonical.com
john.johansen at canonical.com
Tue Apr 13 07:09:39 UTC 2010
From: John Johansen <john.johansen at canonical.com>
OriginalAuthor: John Johansen <john.johansen at canonical.com>
OriginalLocation: git://git.kernel.org/pub/scm/linux/kernel/git/jj/linux-apparm$
commit: e033dc48e794368f00fa70c2f17ee6e37165069e
BugLink: http://bugs.launchpad.net/bugs/562047
The global sid type was not properly updated when the sid was transitioned
from a u16:u16 pair of global and user sid to a single u32 sid. This
causes the sid to wrap, this won't cause problems for mediation, but could
conceivably cause problems for an extremely long lived learning session
where profile are frequently replaced.
Signed-off-by: John Johansen <john.johansen at canonical.com>
---
security/apparmor/sid.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/security/apparmor/sid.c b/security/apparmor/sid.c
index e0b76de..5e73c62 100644
--- a/security/apparmor/sid.c
+++ b/security/apparmor/sid.c
@@ -24,7 +24,7 @@
#include "include/sid.h"
/* global counter from which sids are allocated */
-static u16 global_sid;
+static u32 global_sid;
static DEFINE_SPINLOCK(sid_lock);
/* TODO FIXME: add sid to profile mapping, and sid recycling */
--
1.7.0
More information about the kernel-team
mailing list