While developing a patchset (emails for those forthcoming) to generate audit logs upon detection of conflicting attachments, I also discovered multiple bugs in the aa_dfa_leftmatch count generation logic (details in the commit messages for each patch). These are patches to fix those bugs and enable conflicting attachments to be detected in more cases.
Ryan Lee (2): apparmor: ensure WB_HISTORY_SIZE value is a power of 2 apparmor: fix loop detection used in conflicting attachment resolution security/apparmor/include/match.h | 8 +++----- security/apparmor/match.c | 23 ++++++++++++----------- 2 files changed, 15 insertions(+), 16 deletions(-) -- 2.43.0
