summaryrefslogtreecommitdiffstats
path: root/security/apparmor/include
diff options
context:
space:
mode:
authorJohn Johansen <john.johansen@canonical.com>2018-03-03 10:59:02 +0100
committerJohn Johansen <john.johansen@canonical.com>2018-03-14 01:25:49 +0100
commitb9590ad4c4f2fedc364016613f2af74ea7758bea (patch)
tree580811b3b62f4f5ba5ae2ab14e28cc27b1e0b72a /security/apparmor/include
parentapparmor: add base infastructure for socket mediation (diff)
downloadlinux-b9590ad4c4f2fedc364016613f2af74ea7758bea.tar.xz
linux-b9590ad4c4f2fedc364016613f2af74ea7758bea.zip
apparmor: remove POLICY_MEDIATES_SAFE
The unpack code now makes sure every profile has a dfa so the safe version of POLICY_MEDIATES is no longer needed. Signed-off-by: John Johansen <john.johansen@canonical.com>
Diffstat (limited to 'security/apparmor/include')
-rw-r--r--security/apparmor/include/policy.h12
1 files changed, 1 insertions, 11 deletions
diff --git a/security/apparmor/include/policy.h b/security/apparmor/include/policy.h
index ffe12a2366e0..ab64c6b5db5a 100644
--- a/security/apparmor/include/policy.h
+++ b/security/apparmor/include/policy.h
@@ -214,17 +214,7 @@ static inline struct aa_profile *aa_get_newest_profile(struct aa_profile *p)
return labels_profile(aa_get_newest_label(&p->label));
}
-#define PROFILE_MEDIATES(P, T) ((P)->policy.start[(T)])
-/* safe version of POLICY_MEDIATES for full range input */
-static inline unsigned int PROFILE_MEDIATES_SAFE(struct aa_profile *profile,
- unsigned char class)
-{
- if (profile->policy.dfa)
- return aa_dfa_match_len(profile->policy.dfa,
- profile->policy.start[0], &class, 1);
- return 0;
-}
-
+#define PROFILE_MEDIATES(P, T) ((P)->policy.start[(unsigned char) (T)])
static inline unsigned int PROFILE_MEDIATES_AF(struct aa_profile *profile,
u16 AF) {
unsigned int state = PROFILE_MEDIATES(profile, AA_CLASS_NET);