diff options
author | John Johansen <john.johansen@canonical.com> | 2018-03-03 10:59:02 +0100 |
---|---|---|
committer | John Johansen <john.johansen@canonical.com> | 2018-03-14 01:25:49 +0100 |
commit | b9590ad4c4f2fedc364016613f2af74ea7758bea (patch) | |
tree | 580811b3b62f4f5ba5ae2ab14e28cc27b1e0b72a /security/apparmor/include | |
parent | apparmor: add base infastructure for socket mediation (diff) | |
download | linux-b9590ad4c4f2fedc364016613f2af74ea7758bea.tar.xz linux-b9590ad4c4f2fedc364016613f2af74ea7758bea.zip |
apparmor: remove POLICY_MEDIATES_SAFE
The unpack code now makes sure every profile has a dfa so the safe
version of POLICY_MEDIATES is no longer needed.
Signed-off-by: John Johansen <john.johansen@canonical.com>
Diffstat (limited to 'security/apparmor/include')
-rw-r--r-- | security/apparmor/include/policy.h | 12 |
1 files changed, 1 insertions, 11 deletions
diff --git a/security/apparmor/include/policy.h b/security/apparmor/include/policy.h index ffe12a2366e0..ab64c6b5db5a 100644 --- a/security/apparmor/include/policy.h +++ b/security/apparmor/include/policy.h @@ -214,17 +214,7 @@ static inline struct aa_profile *aa_get_newest_profile(struct aa_profile *p) return labels_profile(aa_get_newest_label(&p->label)); } -#define PROFILE_MEDIATES(P, T) ((P)->policy.start[(T)]) -/* safe version of POLICY_MEDIATES for full range input */ -static inline unsigned int PROFILE_MEDIATES_SAFE(struct aa_profile *profile, - unsigned char class) -{ - if (profile->policy.dfa) - return aa_dfa_match_len(profile->policy.dfa, - profile->policy.start[0], &class, 1); - return 0; -} - +#define PROFILE_MEDIATES(P, T) ((P)->policy.start[(unsigned char) (T)]) static inline unsigned int PROFILE_MEDIATES_AF(struct aa_profile *profile, u16 AF) { unsigned int state = PROFILE_MEDIATES(profile, AA_CLASS_NET); |