Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
L
linux
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
linux
Commits
30b026a8
Commit
30b026a8
authored
Jan 16, 2017
by
John Johansen
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
apparmor: pass gfp_t parameter into profile allocation
Signed-off-by:
John Johansen
<
john.johansen@canonical.com
>
parent
73688d1e
Changes
4
Show whitespace changes
Inline
Side-by-side
Showing
4 changed files
with
9 additions
and
8 deletions
+9
-8
security/apparmor/include/policy.h
security/apparmor/include/policy.h
+1
-1
security/apparmor/policy.c
security/apparmor/policy.c
+6
-5
security/apparmor/policy_ns.c
security/apparmor/policy_ns.c
+1
-1
security/apparmor/policy_unpack.c
security/apparmor/policy_unpack.c
+1
-1
No files found.
security/apparmor/include/policy.h
View file @
30b026a8
...
@@ -172,7 +172,7 @@ void aa_add_profile(struct aa_policy *common, struct aa_profile *profile);
...
@@ -172,7 +172,7 @@ void aa_add_profile(struct aa_policy *common, struct aa_profile *profile);
void
aa_free_proxy_kref
(
struct
kref
*
kref
);
void
aa_free_proxy_kref
(
struct
kref
*
kref
);
struct
aa_profile
*
aa_alloc_profile
(
const
char
*
name
);
struct
aa_profile
*
aa_alloc_profile
(
const
char
*
name
,
gfp_t
gfp
);
struct
aa_profile
*
aa_new_null_profile
(
struct
aa_profile
*
parent
,
int
hat
);
struct
aa_profile
*
aa_new_null_profile
(
struct
aa_profile
*
parent
,
int
hat
);
void
aa_free_profile
(
struct
aa_profile
*
profile
);
void
aa_free_profile
(
struct
aa_profile
*
profile
);
void
aa_free_profile_kref
(
struct
kref
*
kref
);
void
aa_free_profile_kref
(
struct
kref
*
kref
);
...
...
security/apparmor/policy.c
View file @
30b026a8
...
@@ -255,24 +255,25 @@ void aa_free_profile_kref(struct kref *kref)
...
@@ -255,24 +255,25 @@ void aa_free_profile_kref(struct kref *kref)
/**
/**
* aa_alloc_profile - allocate, initialize and return a new profile
* aa_alloc_profile - allocate, initialize and return a new profile
* @hname: name of the profile (NOT NULL)
* @hname: name of the profile (NOT NULL)
* @gfp: allocation type
*
*
* Returns: refcount profile or NULL on failure
* Returns: refcount profile or NULL on failure
*/
*/
struct
aa_profile
*
aa_alloc_profile
(
const
char
*
hname
)
struct
aa_profile
*
aa_alloc_profile
(
const
char
*
hname
,
gfp_t
gfp
)
{
{
struct
aa_profile
*
profile
;
struct
aa_profile
*
profile
;
/* freed by free_profile - usually through aa_put_profile */
/* freed by free_profile - usually through aa_put_profile */
profile
=
kzalloc
(
sizeof
(
*
profile
),
GFP_KERNEL
);
profile
=
kzalloc
(
sizeof
(
*
profile
),
gfp
);
if
(
!
profile
)
if
(
!
profile
)
return
NULL
;
return
NULL
;
profile
->
proxy
=
kzalloc
(
sizeof
(
struct
aa_proxy
),
GFP_KERNEL
);
profile
->
proxy
=
kzalloc
(
sizeof
(
struct
aa_proxy
),
gfp
);
if
(
!
profile
->
proxy
)
if
(
!
profile
->
proxy
)
goto
fail
;
goto
fail
;
kref_init
(
&
profile
->
proxy
->
count
);
kref_init
(
&
profile
->
proxy
->
count
);
if
(
!
aa_policy_init
(
&
profile
->
base
,
NULL
,
hname
,
GFP_KERNEL
))
if
(
!
aa_policy_init
(
&
profile
->
base
,
NULL
,
hname
,
gfp
))
goto
fail
;
goto
fail
;
kref_init
(
&
profile
->
count
);
kref_init
(
&
profile
->
count
);
...
@@ -312,7 +313,7 @@ struct aa_profile *aa_new_null_profile(struct aa_profile *parent, int hat)
...
@@ -312,7 +313,7 @@ struct aa_profile *aa_new_null_profile(struct aa_profile *parent, int hat)
goto
fail
;
goto
fail
;
sprintf
(
name
,
"%s//null-%x"
,
parent
->
base
.
hname
,
uniq
);
sprintf
(
name
,
"%s//null-%x"
,
parent
->
base
.
hname
,
uniq
);
profile
=
aa_alloc_profile
(
name
);
profile
=
aa_alloc_profile
(
name
,
GFP_KERNEL
);
kfree
(
name
);
kfree
(
name
);
if
(
!
profile
)
if
(
!
profile
)
goto
fail
;
goto
fail
;
...
...
security/apparmor/policy_ns.c
View file @
30b026a8
...
@@ -102,7 +102,7 @@ static struct aa_ns *alloc_ns(const char *prefix, const char *name)
...
@@ -102,7 +102,7 @@ static struct aa_ns *alloc_ns(const char *prefix, const char *name)
mutex_init
(
&
ns
->
lock
);
mutex_init
(
&
ns
->
lock
);
/* released by aa_free_ns() */
/* released by aa_free_ns() */
ns
->
unconfined
=
aa_alloc_profile
(
"unconfined"
);
ns
->
unconfined
=
aa_alloc_profile
(
"unconfined"
,
GFP_KERNEL
);
if
(
!
ns
->
unconfined
)
if
(
!
ns
->
unconfined
)
goto
fail_unconfined
;
goto
fail_unconfined
;
...
...
security/apparmor/policy_unpack.c
View file @
30b026a8
...
@@ -486,7 +486,7 @@ static struct aa_profile *unpack_profile(struct aa_ext *e)
...
@@ -486,7 +486,7 @@ static struct aa_profile *unpack_profile(struct aa_ext *e)
if
(
!
unpack_str
(
e
,
&
name
,
NULL
))
if
(
!
unpack_str
(
e
,
&
name
,
NULL
))
goto
fail
;
goto
fail
;
profile
=
aa_alloc_profile
(
name
);
profile
=
aa_alloc_profile
(
name
,
GFP_KERNEL
);
if
(
!
profile
)
if
(
!
profile
)
return
ERR_PTR
(
-
ENOMEM
);
return
ERR_PTR
(
-
ENOMEM
);
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment