Commit c74581a2 authored by John Johansen's avatar John Johansen Committed by Kamal Mostafa

UBUNTU: SAUCE: apparmor: reduction of vec to single entry is just that entry

If the result of a merge/update/parse is a vec with a single entry
we should not be returning a reference label, but just the label
it self.

BugLink: http://bugs.launchpad.net/bugs/1615889Signed-off-by: default avatarJohn Johansen <john.johansen@canonical.com>
Acked-by: default avatarTim Gardner <tim.gardner@canonical.com>
Signed-off-by: default avatarKamal Mostafa <kamal@canonical.com>
parent e9603d7f
...@@ -1077,6 +1077,12 @@ static struct aa_label *label_merge_insert(struct aa_label *new, ...@@ -1077,6 +1077,12 @@ static struct aa_label *label_merge_insert(struct aa_label *new,
if (invcount) { if (invcount) {
new->size -= aa_vec_unique(&new->vec[0], new->size, new->size -= aa_vec_unique(&new->vec[0], new->size,
VEC_FLAG_TERMINATE); VEC_FLAG_TERMINATE);
/* TODO: deal with reference labels */
if (new->size == 1) {
label = aa_get_label(&new->vec[0]->label);
aa_put_label(new);
return label;
}
} else if (!stale) { } else if (!stale) {
/* merge could be same as a || b, note: it is not possible /* merge could be same as a || b, note: it is not possible
* for new->size == a->size == b->size unless a == b */ * for new->size == a->size == b->size unless a == b */
...@@ -1876,6 +1882,11 @@ struct aa_label *aa_label_parse(struct aa_label *base, const char *str, ...@@ -1876,6 +1882,11 @@ struct aa_label *aa_label_parse(struct aa_label *base, const char *str,
return &vec[0]->label; return &vec[0]->label;
len -= aa_vec_unique(vec, len, VEC_FLAG_TERMINATE); len -= aa_vec_unique(vec, len, VEC_FLAG_TERMINATE);
/* TODO: deal with reference labels */
if (len == 1) {
label = aa_get_label(&vec[0]->label);
goto out;
}
if (create) if (create)
label = aa_vec_find_or_create_label(vec, len, gfp); label = aa_vec_find_or_create_label(vec, len, gfp);
...@@ -2001,6 +2012,12 @@ static struct aa_label *__label_update(struct aa_label *label) ...@@ -2001,6 +2012,12 @@ static struct aa_label *__label_update(struct aa_label *label)
if (invcount) { if (invcount) {
new->size -= aa_vec_unique(&new->vec[0], new->size, new->size -= aa_vec_unique(&new->vec[0], new->size,
VEC_FLAG_TERMINATE); VEC_FLAG_TERMINATE);
/* TODO: deal with reference labels */
if (new->size == 1) {
tmp = aa_get_label(&new->vec[0]->label);
AA_BUG(tmp == label);
goto remove;
}
if (labels_set(label) != labels_set(new)) { if (labels_set(label) != labels_set(new)) {
write_unlock_irqrestore(&ls->lock, flags); write_unlock_irqrestore(&ls->lock, flags);
tmp = aa_label_insert(labels_set(new), new); tmp = aa_label_insert(labels_set(new), new);
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment