summaryrefslogtreecommitdiffstats
path: root/security/apparmor
diff options
context:
space:
mode:
authorJohn Johansen <john.johansen@canonical.com>2017-06-09 16:24:18 +0200
committerJohn Johansen <john.johansen@canonical.com>2017-06-11 02:11:36 +0200
commitdca91402e999aa0824c4144ad216bd61dd4fe3ff (patch)
tree35afa1745ca388fa6606296a0b4d90940186abd7 /security/apparmor
parentapparmor: refactor updating profiles to the newest parent (diff)
downloadlinux-dca91402e999aa0824c4144ad216bd61dd4fe3ff.tar.xz
linux-dca91402e999aa0824c4144ad216bd61dd4fe3ff.zip
apparmor: cleanup remove unused and not fully implemented profile rename
Remove the partially implemented code, until this can be properly implemented. Signed-off-by: John Johansen <john.johansen@canonical.com>
Diffstat (limited to 'security/apparmor')
-rw-r--r--security/apparmor/policy.c39
1 files changed, 2 insertions, 37 deletions
diff --git a/security/apparmor/policy.c b/security/apparmor/policy.c
index 20613186b1d8..605cb5949c60 100644
--- a/security/apparmor/policy.c
+++ b/security/apparmor/policy.c
@@ -995,14 +995,7 @@ ssize_t aa_replace_profiles(struct aa_ns *policy_ns, struct aa_profile *profile,
}
}
list_for_each_entry(ent, &lh, list) {
- if (ent->old) {
- /* inherit old interface files */
-
- /* if (ent->rename)
- TODO: support rename */
- /* } else if (ent->rename) {
- TODO: support rename */
- } else {
+ if (!ent->old) {
struct dentry *parent;
if (rcu_access_pointer(ent->new->parent)) {
struct aa_profile *p;
@@ -1014,7 +1007,7 @@ ssize_t aa_replace_profiles(struct aa_ns *policy_ns, struct aa_profile *profile,
}
if (error) {
- info = "failed to create ";
+ info = "failed to create";
goto fail_lock;
}
}
@@ -1044,34 +1037,6 @@ ssize_t aa_replace_profiles(struct aa_ns *policy_ns, struct aa_profile *profile,
if (ent->old) {
share_name(ent->old, ent->new);
__replace_profile(ent->old, ent->new, 1);
- if (ent->rename) {
- /* aafs interface uses proxy */
- struct aa_proxy *r = ent->new->proxy;
- rcu_assign_pointer(r->profile,
- aa_get_profile(ent->new));
- __replace_profile(ent->rename, ent->new, 0);
- }
- } else if (ent->rename) {
- /* aafs interface uses proxy */
- rcu_assign_pointer(ent->new->proxy->profile,
- aa_get_profile(ent->new));
- __replace_profile(ent->rename, ent->new, 0);
- } else if (ent->new->parent) {
- struct aa_profile *parent, *newest;
- parent = aa_deref_parent(ent->new);
- newest = aa_get_newest_profile(parent);
-
- /* parent replaced in this atomic set? */
- if (newest != parent) {
- aa_get_profile(newest);
- rcu_assign_pointer(ent->new->parent, newest);
- aa_put_profile(parent);
- }
- /* aafs interface uses proxy */
- rcu_assign_pointer(ent->new->proxy->profile,
- aa_get_profile(ent->new));
- __list_add_profile(&newest->base.profiles, ent->new);
- aa_put_profile(newest);
} else {
struct list_head *lh;