apparmor: combine file_rules and aa_policydb into a single shared struct

file_rules and policydb are almost the same and will need the same
features in the future so combine them.

Signed-off-by: John Johansen <john.johansen@canonical.com>

1 files changed, 6 insertions, 5 deletions

diff --git a/security/apparmor/policy_unpack.c b/security/apparmor/policy_unpack.c
index ed063385a83b..726fa02026b5 100644
--- a/security/apparmor/policy_unpack.c
+++ b/security/apparmor/policy_unpack.c
@@ -1048,18 +1048,19 @@ static struct aa_profile *unpack_profile(struct aa_ext *e, char **ns_name)
 		info = "failed to unpack profile file rules";
 		goto fail;
 	} else if (profile->file.dfa) {
-		if (!unpack_u32(e, &profile->file.start, "dfa_start"))
+		if (!unpack_u32(e, &profile->file.start[AA_CLASS_FILE],
+				"dfa_start"))
 			/* default start state */
-			profile->file.start = DFA_START;
+			profile->file.start[AA_CLASS_FILE] = DFA_START;
 	} else if (profile->policy.dfa &&
 		   profile->policy.start[AA_CLASS_FILE]) {
 		profile->file.dfa = aa_get_dfa(profile->policy.dfa);
-		profile->file.start = profile->policy.start[AA_CLASS_FILE];
+		profile->file.start[AA_CLASS_FILE] = profile->policy.start[AA_CLASS_FILE];
 	} else
 		profile->file.dfa = aa_get_dfa(nulldfa);
 
-	profile->file.fperms_table = compute_fperms(profile->file.dfa);
-	if (!profile->file.fperms_table) {
+	profile->file.perms = compute_fperms(profile->file.dfa);
+	if (!profile->file.perms) {
 		info = "failed to remap file permission table";
 		goto fail;
 	}