summaryrefslogtreecommitdiffstats
path: root/security/apparmor/file.c
diff options
context:
space:
mode:
authorJohn Johansen <john.johansen@canonical.com>2020-11-13 10:46:23 +0100
committerJohn Johansen <john.johansen@canonical.com>2022-10-03 23:49:03 +0200
commit7572fea31e3e5c4c19154ccc064eb1f83dfe1333 (patch)
tree1e8d88025b616942011630f911f4935a1533d740 /security/apparmor/file.c
parentapparmor: convert xmatch to using the new shared policydb struct (diff)
downloadlinux-7572fea31e3e5c4c19154ccc064eb1f83dfe1333.tar.xz
linux-7572fea31e3e5c4c19154ccc064eb1f83dfe1333.zip
apparmor: convert fperm lookup to use accept as an index
Remap file dfa accept table from embedded perms to index and then move fperm lookup to use the accept entry as an index into the fperm table. This is a step toward unifying permission lookup. Signed-off-by: John Johansen <john.johansen@canonical.com>
Diffstat (limited to 'security/apparmor/file.c')
-rw-r--r--security/apparmor/file.c6
1 files changed, 4 insertions, 2 deletions
diff --git a/security/apparmor/file.c b/security/apparmor/file.c
index d2be851be412..7bddec3df75f 100644
--- a/security/apparmor/file.c
+++ b/security/apparmor/file.c
@@ -188,13 +188,15 @@ struct aa_perms default_perms = {};
struct aa_perms *aa_lookup_fperms(struct aa_policydb *file_rules,
unsigned int state, struct path_cond *cond)
{
+ unsigned int index = ACCEPT_TABLE(file_rules->dfa)[state];
+
if (!(file_rules->perms))
return &default_perms;
if (uid_eq(current_fsuid(), cond->uid))
- return &(file_rules->perms[state * 2]);
+ return &(file_rules->perms[index]);
- return &(file_rules->perms[state * 2 + 1]);
+ return &(file_rules->perms[index + 1]);
}
/**