summaryrefslogtreecommitdiffstats
path: root/security
diff options
context:
space:
mode:
authorJohn Johansen <john.johansen@canonical.com>2017-01-16 09:42:35 +0100
committerJohn Johansen <john.johansen@canonical.com>2017-01-16 10:18:29 +0100
commit30b026a8d16bfa15bc24f4cca1604e47ac1a2f64 (patch)
tree56adf76fcfa79ed096ac06f5cfe9decf85d406b8 /security
parentapparmor: refactor prepare_ns() and make usable from different views (diff)
downloadlinux-30b026a8d16bfa15bc24f4cca1604e47ac1a2f64.tar.xz
linux-30b026a8d16bfa15bc24f4cca1604e47ac1a2f64.zip
apparmor: pass gfp_t parameter into profile allocation
Signed-off-by: John Johansen <john.johansen@canonical.com>
Diffstat (limited to 'security')
-rw-r--r--security/apparmor/include/policy.h2
-rw-r--r--security/apparmor/policy.c11
-rw-r--r--security/apparmor/policy_ns.c2
-rw-r--r--security/apparmor/policy_unpack.c2
4 files changed, 9 insertions, 8 deletions
diff --git a/security/apparmor/include/policy.h b/security/apparmor/include/policy.h
index 1573cade8812..b44eaea2bd2c 100644
--- a/security/apparmor/include/policy.h
+++ b/security/apparmor/include/policy.h
@@ -172,7 +172,7 @@ void aa_add_profile(struct aa_policy *common, struct aa_profile *profile);
void aa_free_proxy_kref(struct kref *kref);
-struct aa_profile *aa_alloc_profile(const char *name);
+struct aa_profile *aa_alloc_profile(const char *name, gfp_t gfp);
struct aa_profile *aa_new_null_profile(struct aa_profile *parent, int hat);
void aa_free_profile(struct aa_profile *profile);
void aa_free_profile_kref(struct kref *kref);
diff --git a/security/apparmor/policy.c b/security/apparmor/policy.c
index e02ab20b0a8d..e310f3b63fbe 100644
--- a/security/apparmor/policy.c
+++ b/security/apparmor/policy.c
@@ -255,24 +255,25 @@ void aa_free_profile_kref(struct kref *kref)
/**
* aa_alloc_profile - allocate, initialize and return a new profile
* @hname: name of the profile (NOT NULL)
+ * @gfp: allocation type
*
* Returns: refcount profile or NULL on failure
*/
-struct aa_profile *aa_alloc_profile(const char *hname)
+struct aa_profile *aa_alloc_profile(const char *hname, gfp_t gfp)
{
struct aa_profile *profile;
/* freed by free_profile - usually through aa_put_profile */
- profile = kzalloc(sizeof(*profile), GFP_KERNEL);
+ profile = kzalloc(sizeof(*profile), gfp);
if (!profile)
return NULL;
- profile->proxy = kzalloc(sizeof(struct aa_proxy), GFP_KERNEL);
+ profile->proxy = kzalloc(sizeof(struct aa_proxy), gfp);
if (!profile->proxy)
goto fail;
kref_init(&profile->proxy->count);
- if (!aa_policy_init(&profile->base, NULL, hname, GFP_KERNEL))
+ if (!aa_policy_init(&profile->base, NULL, hname, gfp))
goto fail;
kref_init(&profile->count);
@@ -312,7 +313,7 @@ struct aa_profile *aa_new_null_profile(struct aa_profile *parent, int hat)
goto fail;
sprintf(name, "%s//null-%x", parent->base.hname, uniq);
- profile = aa_alloc_profile(name);
+ profile = aa_alloc_profile(name, GFP_KERNEL);
kfree(name);
if (!profile)
goto fail;
diff --git a/security/apparmor/policy_ns.c b/security/apparmor/policy_ns.c
index f6cdc738ffcd..1e19bd3c7851 100644
--- a/security/apparmor/policy_ns.c
+++ b/security/apparmor/policy_ns.c
@@ -102,7 +102,7 @@ static struct aa_ns *alloc_ns(const char *prefix, const char *name)
mutex_init(&ns->lock);
/* released by aa_free_ns() */
- ns->unconfined = aa_alloc_profile("unconfined");
+ ns->unconfined = aa_alloc_profile("unconfined", GFP_KERNEL);
if (!ns->unconfined)
goto fail_unconfined;
diff --git a/security/apparmor/policy_unpack.c b/security/apparmor/policy_unpack.c
index 138120698f83..9ddc6b2a7322 100644
--- a/security/apparmor/policy_unpack.c
+++ b/security/apparmor/policy_unpack.c
@@ -486,7 +486,7 @@ static struct aa_profile *unpack_profile(struct aa_ext *e)
if (!unpack_str(e, &name, NULL))
goto fail;
- profile = aa_alloc_profile(name);
+ profile = aa_alloc_profile(name, GFP_KERNEL);
if (!profile)
return ERR_PTR(-ENOMEM);