diff options
author | John Johansen <john.johansen@canonical.com> | 2017-01-16 09:43:02 +0100 |
---|---|---|
committer | John Johansen <john.johansen@canonical.com> | 2017-01-16 10:18:47 +0100 |
commit | ef88a7ac55fdd3bf6ac3942b83aa29311b45339b (patch) | |
tree | 54c6b15e2101650dd169caf745bdb17521db899c /security/apparmor/capability.c | |
parent | apparmor: change op from int to const char * (diff) | |
download | linux-ef88a7ac55fdd3bf6ac3942b83aa29311b45339b.tar.xz linux-ef88a7ac55fdd3bf6ac3942b83aa29311b45339b.zip |
apparmor: change aad apparmor_audit_data macro to a fn macro
The aad macro can replace aad strings when it is not intended to. Switch
to a fn macro so it is only applied when intended.
Also at the same time cleanup audit_data initialization by putting
common boiler plate behind a macro, and dropping the gfp_t parameter
which will become useless.
Signed-off-by: John Johansen <john.johansen@canonical.com>
Diffstat (limited to 'security/apparmor/capability.c')
-rw-r--r-- | security/apparmor/capability.c | 10 |
1 files changed, 3 insertions, 7 deletions
diff --git a/security/apparmor/capability.c b/security/apparmor/capability.c index 1101c6f64bb7..1d2e2de5515f 100644 --- a/security/apparmor/capability.c +++ b/security/apparmor/capability.c @@ -66,13 +66,9 @@ static int audit_caps(struct aa_profile *profile, int cap, int error) { struct audit_cache *ent; int type = AUDIT_APPARMOR_AUTO; - struct common_audit_data sa; - struct apparmor_audit_data aad = {0,}; - sa.type = LSM_AUDIT_DATA_CAP; - sa.aad = &aad; + DEFINE_AUDIT_DATA(sa, LSM_AUDIT_DATA_CAP, OP_CAPABLE); sa.u.cap = cap; - sa.aad->op = OP_CAPABLE; - sa.aad->error = error; + aad(&sa)->error = error; if (likely(!error)) { /* test if auditing is being forced */ @@ -104,7 +100,7 @@ static int audit_caps(struct aa_profile *profile, int cap, int error) } put_cpu_var(audit_cache); - return aa_audit(type, profile, GFP_ATOMIC, &sa, audit_cb); + return aa_audit(type, profile, &sa, audit_cb); } /** |