summaryrefslogtreecommitdiffstats
path: root/security/apparmor/capability.c
diff options
context:
space:
mode:
authorJohn Johansen <john.johansen@canonical.com>2017-01-16 09:43:02 +0100
committerJohn Johansen <john.johansen@canonical.com>2017-01-16 10:18:47 +0100
commitef88a7ac55fdd3bf6ac3942b83aa29311b45339b (patch)
tree54c6b15e2101650dd169caf745bdb17521db899c /security/apparmor/capability.c
parentapparmor: change op from int to const char * (diff)
downloadlinux-ef88a7ac55fdd3bf6ac3942b83aa29311b45339b.tar.xz
linux-ef88a7ac55fdd3bf6ac3942b83aa29311b45339b.zip
apparmor: change aad apparmor_audit_data macro to a fn macro
The aad macro can replace aad strings when it is not intended to. Switch to a fn macro so it is only applied when intended. Also at the same time cleanup audit_data initialization by putting common boiler plate behind a macro, and dropping the gfp_t parameter which will become useless. Signed-off-by: John Johansen <john.johansen@canonical.com>
Diffstat (limited to 'security/apparmor/capability.c')
-rw-r--r--security/apparmor/capability.c10
1 files changed, 3 insertions, 7 deletions
diff --git a/security/apparmor/capability.c b/security/apparmor/capability.c
index 1101c6f64bb7..1d2e2de5515f 100644
--- a/security/apparmor/capability.c
+++ b/security/apparmor/capability.c
@@ -66,13 +66,9 @@ static int audit_caps(struct aa_profile *profile, int cap, int error)
{
struct audit_cache *ent;
int type = AUDIT_APPARMOR_AUTO;
- struct common_audit_data sa;
- struct apparmor_audit_data aad = {0,};
- sa.type = LSM_AUDIT_DATA_CAP;
- sa.aad = &aad;
+ DEFINE_AUDIT_DATA(sa, LSM_AUDIT_DATA_CAP, OP_CAPABLE);
sa.u.cap = cap;
- sa.aad->op = OP_CAPABLE;
- sa.aad->error = error;
+ aad(&sa)->error = error;
if (likely(!error)) {
/* test if auditing is being forced */
@@ -104,7 +100,7 @@ static int audit_caps(struct aa_profile *profile, int cap, int error)
}
put_cpu_var(audit_cache);
- return aa_audit(type, profile, GFP_ATOMIC, &sa, audit_cb);
+ return aa_audit(type, profile, &sa, audit_cb);
}
/**