diff options
-rw-r--r-- | security/apparmor/include/file.h | 17 | ||||
-rw-r--r-- | security/apparmor/lsm.c | 10 |
2 files changed, 16 insertions, 11 deletions
diff --git a/security/apparmor/include/file.h b/security/apparmor/include/file.h index 365ca7ead133..19c483850770 100644 --- a/security/apparmor/include/file.h +++ b/security/apparmor/include/file.h @@ -30,6 +30,8 @@ struct path; AA_MAY_CHMOD | AA_MAY_CHOWN | AA_MAY_LOCK | \ AA_EXEC_MMAP | AA_MAY_LINK) +#define file_ctx(X) ((struct aa_file_ctx *)(X)->f_security) + /* struct aa_file_ctx - the AppArmor context the file was opened in * @perms: the permission the file was opened with * @@ -42,21 +44,26 @@ struct aa_file_ctx { }; /** - * aa_alloc_file_context - allocate file_ctx + * aa_alloc_file_ctx - allocate file_ctx + * @label: initial label of task creating the file * @gfp: gfp flags for allocation * * Returns: file_ctx or NULL on failure */ -static inline struct aa_file_ctx *aa_alloc_file_context(gfp_t gfp) +static inline struct aa_file_ctx *aa_alloc_file_ctx(gfp_t gfp) { - return kzalloc(sizeof(struct aa_file_ctx), gfp); + struct aa_file_ctx *ctx; + + ctx = kzalloc(sizeof(struct aa_file_ctx), gfp); + + return ctx; } /** - * aa_free_file_context - free a file_ctx + * aa_free_file_ctx - free a file_ctx * @ctx: file_ctx to free (MAYBE_NULL) */ -static inline void aa_free_file_context(struct aa_file_ctx *ctx) +static inline void aa_free_file_ctx(struct aa_file_ctx *ctx) { if (ctx) kzfree(ctx); diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c index e07dd5a204d7..3c6fa9753675 100644 --- a/security/apparmor/lsm.c +++ b/security/apparmor/lsm.c @@ -398,9 +398,9 @@ static int apparmor_file_alloc_security(struct file *file) /* freed by apparmor_file_free_security */ struct aa_profile *profile = begin_current_profile_crit_section(); - file->f_security = aa_alloc_file_context(GFP_KERNEL); - if (!file->f_security) - return -ENOMEM; + file->f_security = aa_alloc_file_ctx(GFP_KERNEL); + if (!file_ctx(file)) + error = -ENOMEM; end_current_profile_crit_section(profile); return error; @@ -408,9 +408,7 @@ static int apparmor_file_alloc_security(struct file *file) static void apparmor_file_free_security(struct file *file) { - struct aa_file_ctx *ctx = file->f_security; - - aa_free_file_context(ctx); + aa_free_file_ctx(file_ctx(file)); } static int common_file_perm(const char *op, struct file *file, u32 mask) |