UBUNTU: SAUCE: apparmor: fix vec_unique for vectors larger than 8

the vec_unique path for large vectors is broken, leading to oopses
when a file handle is shared between 8 different security domains, and
then a profile replacement/removal causing a label invalidation (ie. not
all replacements) is done.

BugLink: http://bugs.launchpad.net/bugs/1579135
Signed-off-by: John Johansen <john.johansen@canonical.com>
Acked-by: Tim Gardner <tim.gardner@canonical.com>
Signed-off-by: Kamal Mostafa <kamal@canonical.com>

diff --git a/security/apparmor/label.c b/security/apparmor/label.c
index 144d759c859710d0573f9f3a24665a88b70e4f9f..c11ca99af8e1ca089fa4813f57bbda9605b706e2 100644 (file)
--- a/security/apparmor/label.c
+++ b/security/apparmor/label.c
@@ -229,7 +229,7 @@ static inline int unique(struct aa_profile **vec, int n)
        AA_BUG(!vec);
 
        pos = 0;
-       for (i = 1; 1 < n; i++) {
+       for (i = 1; i < n; i++) {
                int res = profile_cmp(vec[pos], vec[i]);
                AA_BUG(res > 0, "vec not sorted");
                if (res == 0) {