apparmor: move file context into file.h
Signed-off-by: John Johansen <john.johansen@canonical.com>
This commit is contained in:
John Johansen
parent
651e54953b
commit
af7caa8f8d
@ -25,38 +25,6 @@
|
|||||||
#define cred_ctx(X) ((X)->security)
|
#define cred_ctx(X) ((X)->security)
|
||||||
#define current_ctx() cred_ctx(current_cred())
|
#define current_ctx() cred_ctx(current_cred())
|
||||||
|
|
||||||
/* struct aa_file_ctx - the AppArmor context the file was opened in
|
|
||||||
* @perms: the permission the file was opened with
|
|
||||||
*
|
|
||||||
* The file_ctx could currently be directly stored in file->f_security
|
|
||||||
* as the profile reference is now stored in the f_cred. However the
|
|
||||||
* ctx struct will expand in the future so we keep the struct.
|
|
||||||
*/
|
|
||||||
struct aa_file_ctx {
|
|
||||||
u16 allow;
|
|
||||||
};
|
|
||||||
|
|
||||||
/**
|
|
||||||
* aa_alloc_file_context - allocate file_ctx
|
|
||||||
* @gfp: gfp flags for allocation
|
|
||||||
*
|
|
||||||
* Returns: file_ctx or NULL on failure
|
|
||||||
*/
|
|
||||||
static inline struct aa_file_ctx *aa_alloc_file_context(gfp_t gfp)
|
|
||||||
{
|
|
||||||
return kzalloc(sizeof(struct aa_file_ctx), gfp);
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* aa_free_file_context - free a file_ctx
|
|
||||||
* @ctx: file_ctx to free (MAYBE_NULL)
|
|
||||||
*/
|
|
||||||
static inline void aa_free_file_context(struct aa_file_ctx *ctx)
|
|
||||||
{
|
|
||||||
if (ctx)
|
|
||||||
kzfree(ctx);
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* struct aa_task_ctx - primary label for confined tasks
|
* struct aa_task_ctx - primary label for confined tasks
|
||||||
* @profile: the current profile (NOT NULL)
|
* @profile: the current profile (NOT NULL)
|
||||||
|
|||||||
@ -47,6 +47,38 @@ struct path;
|
|||||||
AA_MAY_CHMOD | AA_MAY_CHOWN | AA_MAY_LOCK | \
|
AA_MAY_CHMOD | AA_MAY_CHOWN | AA_MAY_LOCK | \
|
||||||
AA_EXEC_MMAP | AA_MAY_LINK)
|
AA_EXEC_MMAP | AA_MAY_LINK)
|
||||||
|
|
||||||
|
/* struct aa_file_ctx - the AppArmor context the file was opened in
|
||||||
|
* @perms: the permission the file was opened with
|
||||||
|
*
|
||||||
|
* The file_ctx could currently be directly stored in file->f_security
|
||||||
|
* as the profile reference is now stored in the f_cred. However the
|
||||||
|
* ctx struct will expand in the future so we keep the struct.
|
||||||
|
*/
|
||||||
|
struct aa_file_ctx {
|
||||||
|
u16 allow;
|
||||||
|
};
|
||||||
|
|
||||||
|
/**
|
||||||
|
* aa_alloc_file_context - allocate file_ctx
|
||||||
|
* @gfp: gfp flags for allocation
|
||||||
|
*
|
||||||
|
* Returns: file_ctx or NULL on failure
|
||||||
|
*/
|
||||||
|
static inline struct aa_file_ctx *aa_alloc_file_context(gfp_t gfp)
|
||||||
|
{
|
||||||
|
return kzalloc(sizeof(struct aa_file_ctx), gfp);
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* aa_free_file_context - free a file_ctx
|
||||||
|
* @ctx: file_ctx to free (MAYBE_NULL)
|
||||||
|
*/
|
||||||
|
static inline void aa_free_file_context(struct aa_file_ctx *ctx)
|
||||||
|
{
|
||||||
|
if (ctx)
|
||||||
|
kzfree(ctx);
|
||||||
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* The xindex is broken into 3 parts
|
* The xindex is broken into 3 parts
|
||||||
* - index - an index into either the exec name table or the variable table
|
* - index - an index into either the exec name table or the variable table
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user