diff options
| author | John Johansen <john.johansen@canonical.com> | 2018-08-22 03:19:53 +0300 | 
|---|---|---|
| committer | John Johansen <john.johansen@canonical.com> | 2018-08-23 04:44:42 +0300 | 
| commit | c037bd615885f1d9d3bdb48531bace79fae1505d (patch) | |
| tree | 0c1d606cf7c4de645658b3b9f97bfbbb319442db /tools/perf/scripts/python/export-to-sqlite.py | |
| parent | 0a6b29230ec336189bab32498df3f06c8a6944d8 (diff) | |
| download | linux-c037bd615885f1d9d3bdb48531bace79fae1505d.tar.xz | |
apparmor: remove no-op permission check in policy_unpack
The patch 736ec752d95e: "AppArmor: policy routines for loading and
unpacking policy" from Jul 29, 2010, leads to the following static
checker warning:
    security/apparmor/policy_unpack.c:410 verify_accept()
    warn: bitwise AND condition is false here
    security/apparmor/policy_unpack.c:413 verify_accept()
    warn: bitwise AND condition is false here
security/apparmor/policy_unpack.c
   392  #define DFA_VALID_PERM_MASK             0xffffffff
   393  #define DFA_VALID_PERM2_MASK            0xffffffff
   394
   395  /**
   396   * verify_accept - verify the accept tables of a dfa
   397   * @dfa: dfa to verify accept tables of (NOT NULL)
   398   * @flags: flags governing dfa
   399   *
   400   * Returns: 1 if valid accept tables else 0 if error
   401   */
   402  static bool verify_accept(struct aa_dfa *dfa, int flags)
   403  {
   404          int i;
   405
   406          /* verify accept permissions */
   407          for (i = 0; i < dfa->tables[YYTD_ID_ACCEPT]->td_lolen; i++) {
   408                  int mode = ACCEPT_TABLE(dfa)[i];
   409
   410                  if (mode & ~DFA_VALID_PERM_MASK)
   411                          return 0;
   412
   413                  if (ACCEPT_TABLE2(dfa)[i] & ~DFA_VALID_PERM2_MASK)
   414                          return 0;
fixes: 736ec752d95e ("AppArmor: policy routines for loading and unpacking policy")
Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: John Johansen <john.johansen@canonical.com>
Diffstat (limited to 'tools/perf/scripts/python/export-to-sqlite.py')
0 files changed, 0 insertions, 0 deletions
