Commit 98407f0a authored by John Johansen's avatar John Johansen

apparmor: allow specifying an already created dir to create ns entries in

Signed-off-by: default avatarJohn Johansen <john.johansen@canonical.com>
Reviewed-by: default avatarSeth Arnold <seth.arnold@canonical.com>
Reviewed-by: default avatarKees Cook <keescook@chromium.org>
parent c97204ba
...@@ -1339,11 +1339,12 @@ static int __aafs_ns_mkdir_entries(struct aa_ns *ns, struct dentry *dir) ...@@ -1339,11 +1339,12 @@ static int __aafs_ns_mkdir_entries(struct aa_ns *ns, struct dentry *dir)
/* /*
* Requires: @ns->lock held * Requires: @ns->lock held
*/ */
int __aafs_ns_mkdir(struct aa_ns *ns, struct dentry *parent, const char *name) int __aafs_ns_mkdir(struct aa_ns *ns, struct dentry *parent, const char *name,
struct dentry *dent)
{ {
struct aa_ns *sub; struct aa_ns *sub;
struct aa_profile *child; struct aa_profile *child;
struct dentry *dent, *dir; struct dentry *dir;
int error; int error;
AA_BUG(!ns); AA_BUG(!ns);
...@@ -1373,7 +1374,7 @@ int __aafs_ns_mkdir(struct aa_ns *ns, struct dentry *parent, const char *name) ...@@ -1373,7 +1374,7 @@ int __aafs_ns_mkdir(struct aa_ns *ns, struct dentry *parent, const char *name)
/* subnamespaces */ /* subnamespaces */
list_for_each_entry(sub, &ns->sub_ns, base.list) { list_for_each_entry(sub, &ns->sub_ns, base.list) {
mutex_lock(&sub->lock); mutex_lock(&sub->lock);
error = __aafs_ns_mkdir(sub, ns_subns_dir(ns), NULL); error = __aafs_ns_mkdir(sub, ns_subns_dir(ns), NULL, NULL);
mutex_unlock(&sub->lock); mutex_unlock(&sub->lock);
if (error) if (error)
goto fail2; goto fail2;
...@@ -1929,7 +1930,7 @@ static int __init aa_create_aafs(void) ...@@ -1929,7 +1930,7 @@ static int __init aa_create_aafs(void)
ns_subremove(root_ns) = dent; ns_subremove(root_ns) = dent;
mutex_lock(&root_ns->lock); mutex_lock(&root_ns->lock);
error = __aafs_ns_mkdir(root_ns, aa_sfs_entry.dentry, "policy"); error = __aafs_ns_mkdir(root_ns, aa_sfs_entry.dentry, "policy", NULL);
mutex_unlock(&root_ns->lock); mutex_unlock(&root_ns->lock);
if (error) if (error)
......
...@@ -112,8 +112,8 @@ void __aafs_profile_migrate_dents(struct aa_profile *old, ...@@ -112,8 +112,8 @@ void __aafs_profile_migrate_dents(struct aa_profile *old,
struct aa_profile *new); struct aa_profile *new);
int __aafs_profile_mkdir(struct aa_profile *profile, struct dentry *parent); int __aafs_profile_mkdir(struct aa_profile *profile, struct dentry *parent);
void __aafs_ns_rmdir(struct aa_ns *ns); void __aafs_ns_rmdir(struct aa_ns *ns);
int __aafs_ns_mkdir(struct aa_ns *ns, struct dentry *parent, int __aafs_ns_mkdir(struct aa_ns *ns, struct dentry *parent, const char *name,
const char *name); struct dentry *dent);
struct aa_loaddata; struct aa_loaddata;
void __aa_fs_remove_rawdata(struct aa_loaddata *rawdata); void __aa_fs_remove_rawdata(struct aa_loaddata *rawdata);
......
...@@ -196,7 +196,7 @@ static struct aa_ns *__aa_create_ns(struct aa_ns *parent, const char *name, ...@@ -196,7 +196,7 @@ static struct aa_ns *__aa_create_ns(struct aa_ns *parent, const char *name,
if (!ns) if (!ns)
return NULL; return NULL;
mutex_lock(&ns->lock); mutex_lock(&ns->lock);
error = __aafs_ns_mkdir(ns, ns_subns_dir(parent), name); error = __aafs_ns_mkdir(ns, ns_subns_dir(parent), name, dir);
if (error) { if (error) {
AA_ERROR("Failed to create interface for ns %s\n", AA_ERROR("Failed to create interface for ns %s\n",
ns->base.name); ns->base.name);
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment