diff options
author | John Johansen <john.johansen@canonical.com> | 2017-01-16 09:42:35 +0100 |
---|---|---|
committer | John Johansen <john.johansen@canonical.com> | 2017-01-16 10:18:29 +0100 |
commit | 30b026a8d16bfa15bc24f4cca1604e47ac1a2f64 (patch) | |
tree | 56adf76fcfa79ed096ac06f5cfe9decf85d406b8 /security/apparmor | |
parent | apparmor: refactor prepare_ns() and make usable from different views (diff) | |
download | linux-30b026a8d16bfa15bc24f4cca1604e47ac1a2f64.tar.xz linux-30b026a8d16bfa15bc24f4cca1604e47ac1a2f64.zip |
apparmor: pass gfp_t parameter into profile allocation
Signed-off-by: John Johansen <john.johansen@canonical.com>
Diffstat (limited to 'security/apparmor')
-rw-r--r-- | security/apparmor/include/policy.h | 2 | ||||
-rw-r--r-- | security/apparmor/policy.c | 11 | ||||
-rw-r--r-- | security/apparmor/policy_ns.c | 2 | ||||
-rw-r--r-- | security/apparmor/policy_unpack.c | 2 |
4 files changed, 9 insertions, 8 deletions
diff --git a/security/apparmor/include/policy.h b/security/apparmor/include/policy.h index 1573cade8812..b44eaea2bd2c 100644 --- a/security/apparmor/include/policy.h +++ b/security/apparmor/include/policy.h @@ -172,7 +172,7 @@ void aa_add_profile(struct aa_policy *common, struct aa_profile *profile); void aa_free_proxy_kref(struct kref *kref); -struct aa_profile *aa_alloc_profile(const char *name); +struct aa_profile *aa_alloc_profile(const char *name, gfp_t gfp); struct aa_profile *aa_new_null_profile(struct aa_profile *parent, int hat); void aa_free_profile(struct aa_profile *profile); void aa_free_profile_kref(struct kref *kref); diff --git a/security/apparmor/policy.c b/security/apparmor/policy.c index e02ab20b0a8d..e310f3b63fbe 100644 --- a/security/apparmor/policy.c +++ b/security/apparmor/policy.c @@ -255,24 +255,25 @@ void aa_free_profile_kref(struct kref *kref) /** * aa_alloc_profile - allocate, initialize and return a new profile * @hname: name of the profile (NOT NULL) + * @gfp: allocation type * * Returns: refcount profile or NULL on failure */ -struct aa_profile *aa_alloc_profile(const char *hname) +struct aa_profile *aa_alloc_profile(const char *hname, gfp_t gfp) { struct aa_profile *profile; /* freed by free_profile - usually through aa_put_profile */ - profile = kzalloc(sizeof(*profile), GFP_KERNEL); + profile = kzalloc(sizeof(*profile), gfp); if (!profile) return NULL; - profile->proxy = kzalloc(sizeof(struct aa_proxy), GFP_KERNEL); + profile->proxy = kzalloc(sizeof(struct aa_proxy), gfp); if (!profile->proxy) goto fail; kref_init(&profile->proxy->count); - if (!aa_policy_init(&profile->base, NULL, hname, GFP_KERNEL)) + if (!aa_policy_init(&profile->base, NULL, hname, gfp)) goto fail; kref_init(&profile->count); @@ -312,7 +313,7 @@ struct aa_profile *aa_new_null_profile(struct aa_profile *parent, int hat) goto fail; sprintf(name, "%s//null-%x", parent->base.hname, uniq); - profile = aa_alloc_profile(name); + profile = aa_alloc_profile(name, GFP_KERNEL); kfree(name); if (!profile) goto fail; diff --git a/security/apparmor/policy_ns.c b/security/apparmor/policy_ns.c index f6cdc738ffcd..1e19bd3c7851 100644 --- a/security/apparmor/policy_ns.c +++ b/security/apparmor/policy_ns.c @@ -102,7 +102,7 @@ static struct aa_ns *alloc_ns(const char *prefix, const char *name) mutex_init(&ns->lock); /* released by aa_free_ns() */ - ns->unconfined = aa_alloc_profile("unconfined"); + ns->unconfined = aa_alloc_profile("unconfined", GFP_KERNEL); if (!ns->unconfined) goto fail_unconfined; diff --git a/security/apparmor/policy_unpack.c b/security/apparmor/policy_unpack.c index 138120698f83..9ddc6b2a7322 100644 --- a/security/apparmor/policy_unpack.c +++ b/security/apparmor/policy_unpack.c @@ -486,7 +486,7 @@ static struct aa_profile *unpack_profile(struct aa_ext *e) if (!unpack_str(e, &name, NULL)) goto fail; - profile = aa_alloc_profile(name); + profile = aa_alloc_profile(name, GFP_KERNEL); if (!profile) return ERR_PTR(-ENOMEM); |