diff options
author | Mike Salvatore <mike.salvatore@canonical.com> | 2020-05-31 17:52:06 +0300 |
---|---|---|
committer | John Johansen <john.johansen@canonical.com> | 2022-10-04 00:49:02 +0300 |
commit | b5b57993504f91785fa70e002e5e494fb549726e (patch) | |
tree | 3d3a6cc40d0949486554351e6889ed5fc594fb98 /security/apparmor/policy.c | |
parent | 408d53e923bd852d5d80243a642004163db53a87 (diff) | |
download | linux-b5b57993504f91785fa70e002e5e494fb549726e.tar.xz |
apparmor: compute xmatch permissions on profile load
Rather than computing xmatch permissions each time access is requested,
these permissions can be computed once on profile load and stored for
lookup.
Signed-off-by: Mike Salvatore <mike.salvatore@canonical.com>
Signed-off-by: John Johansen <john.johansen@canonical.com>
Diffstat (limited to 'security/apparmor/policy.c')
-rw-r--r-- | security/apparmor/policy.c | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/security/apparmor/policy.c b/security/apparmor/policy.c index fbdfcef91c61..e2d23cd85cd2 100644 --- a/security/apparmor/policy.c +++ b/security/apparmor/policy.c @@ -231,6 +231,7 @@ void aa_free_profile(struct aa_profile *profile) kfree_sensitive(profile->secmark); kfree_sensitive(profile->dirname); aa_put_dfa(profile->xmatch); + kvfree(profile->xmatch_perms); aa_put_dfa(profile->policy.dfa); if (profile->data) { |