summaryrefslogtreecommitdiffstats
path: root/security/apparmor/apparmorfs.c
diff options
context:
space:
mode:
authorJohn Johansen <john.johansen@canonical.com>2017-05-25 15:31:46 +0200
committerJohn Johansen <john.johansen@canonical.com>2017-06-08 21:51:52 +0200
commit98407f0a0d378df27bfea79301a3aba42d7cea1c (patch)
tree402c0ff7608565ce409eed578905be45c14e651f /security/apparmor/apparmorfs.c
parentapparmor: rename apparmor file fns and data to indicate use (diff)
downloadlinux-98407f0a0d378df27bfea79301a3aba42d7cea1c.tar.xz
linux-98407f0a0d378df27bfea79301a3aba42d7cea1c.zip
apparmor: allow specifying an already created dir to create ns entries in
Signed-off-by: John Johansen <john.johansen@canonical.com> Reviewed-by: Seth Arnold <seth.arnold@canonical.com> Reviewed-by: Kees Cook <keescook@chromium.org>
Diffstat (limited to 'security/apparmor/apparmorfs.c')
-rw-r--r--security/apparmor/apparmorfs.c9
1 files changed, 5 insertions, 4 deletions
diff --git a/security/apparmor/apparmorfs.c b/security/apparmor/apparmorfs.c
index 35b822c4a079..a18f14ab7a8b 100644
--- a/security/apparmor/apparmorfs.c
+++ b/security/apparmor/apparmorfs.c
@@ -1339,11 +1339,12 @@ static int __aafs_ns_mkdir_entries(struct aa_ns *ns, struct dentry *dir)
/*
* Requires: @ns->lock held
*/
-int __aafs_ns_mkdir(struct aa_ns *ns, struct dentry *parent, const char *name)
+int __aafs_ns_mkdir(struct aa_ns *ns, struct dentry *parent, const char *name,
+ struct dentry *dent)
{
struct aa_ns *sub;
struct aa_profile *child;
- struct dentry *dent, *dir;
+ struct dentry *dir;
int error;
AA_BUG(!ns);
@@ -1373,7 +1374,7 @@ int __aafs_ns_mkdir(struct aa_ns *ns, struct dentry *parent, const char *name)
/* subnamespaces */
list_for_each_entry(sub, &ns->sub_ns, base.list) {
mutex_lock(&sub->lock);
- error = __aafs_ns_mkdir(sub, ns_subns_dir(ns), NULL);
+ error = __aafs_ns_mkdir(sub, ns_subns_dir(ns), NULL, NULL);
mutex_unlock(&sub->lock);
if (error)
goto fail2;
@@ -1929,7 +1930,7 @@ static int __init aa_create_aafs(void)
ns_subremove(root_ns) = dent;
mutex_lock(&root_ns->lock);
- error = __aafs_ns_mkdir(root_ns, aa_sfs_entry.dentry, "policy");
+ error = __aafs_ns_mkdir(root_ns, aa_sfs_entry.dentry, "policy", NULL);
mutex_unlock(&root_ns->lock);
if (error)