apparmor: compute xmatch permissions on profile load

Rather than computing xmatch permissions each time access is requested, these permissions can be computed once on profile load and stored for lookup. Signed-off-by: Mike Salvatore <mike.salvatore@canonical.com> Signed-off-by: John Johansen <john.johansen@canonical.com>
author: Mike Salvatore <mike.salvatore@canonical.com> 2020-05-31 17:52:06 +0300
committer: John Johansen <john.johansen@canonical.com> 2022-10-04 00:49:02 +0300
commit: b5b57993504f91785fa70e002e5e494fb549726e (patch)
tree: 3d3a6cc40d0949486554351e6889ed5fc594fb98 /security/apparmor/policy.c
parent: 408d53e923bd852d5d80243a642004163db53a87 (diff)
download: linux-b5b57993504f91785fa70e002e5e494fb549726e.tar.xz
1 files changed, 1 insertions, 0 deletions
diff --git a/security/apparmor/policy.c b/security/apparmor/policy.c
index fbdfcef91c61..e2d23cd85cd2 100644
--- a/security/apparmor/policy.c
+++ b/security/apparmor/policy.c
@@ -231,6 +231,7 @@ void aa_free_profile(struct aa_profile *profile)
 	kfree_sensitive(profile->secmark);
 	kfree_sensitive(profile->dirname);
 	aa_put_dfa(profile->xmatch);
+	kvfree(profile->xmatch_perms);
 	aa_put_dfa(profile->policy.dfa);
 
 	if (profile->data) {
author	Mike Salvatore <mike.salvatore@canonical.com>	2020-05-31 17:52:06 +0300
committer	John Johansen <john.johansen@canonical.com>	2022-10-04 00:49:02 +0300
commit	b5b57993504f91785fa70e002e5e494fb549726e (patch)
tree	3d3a6cc40d0949486554351e6889ed5fc594fb98 /security/apparmor/policy.c
parent	408d53e923bd852d5d80243a642004163db53a87 (diff)
download	linux-b5b57993504f91785fa70e002e5e494fb549726e.tar.xz