projects / packages / kernel.git / blame
| Commit | Line | Data |
|---|---|---|
| daaa955e AM |
1 | From 763d17c9a18b0df7dbec2740f10dc40d378e3cc1 Mon Sep 17 00:00:00 2001 |
| 2 | From: John Johansen <john.johansen@canonical.com> | |
| 3 | Date: Sun, 6 Aug 2017 05:36:40 -0700 | |
| 4 | Subject: [PATCH 08/17] apparmor: cleanup conditional check for label in | |
| 5 | label_print | |
| 6 | ||
| 7 | Signed-off-by: John Johansen <john.johansen@canonical.com> | |
| 8 | Acked-by: Seth Arnold <seth.arnold@canonical.com> | |
| 9 | (cherry picked from commit 7e57939b9d67dcfc2c8348fd0e2c76a2f0349c75) | |
| 10 | --- | |
| 11 | security/apparmor/label.c | 22 ++++++++-------------- | |
| 12 | 1 file changed, 8 insertions(+), 14 deletions(-) | |
| 13 | ||
| 14 | diff --git a/security/apparmor/label.c b/security/apparmor/label.c | |
| 15 | index e324f4df3e34..38be7a89cc31 100644 | |
| 16 | --- a/security/apparmor/label.c | |
| 17 | +++ b/security/apparmor/label.c | |
| 18 | @@ -1450,9 +1450,11 @@ bool aa_update_label_name(struct aa_ns *ns, struct aa_label *label, gfp_t gfp) | |
| 19 | * cached label name is present and visible | |
| 20 | * @label->hname only exists if label is namespace hierachical | |
| 21 | */ | |
| 22 | -static inline bool use_label_hname(struct aa_ns *ns, struct aa_label *label) | |
| 23 | +static inline bool use_label_hname(struct aa_ns *ns, struct aa_label *label, | |
| 24 | + int flags) | |
| 25 | { | |
| 26 | - if (label->hname && labels_ns(label) == ns) | |
| 27 | + if (label->hname && (!ns || labels_ns(label) == ns) && | |
| 28 | + !(flags & ~FLAG_SHOW_MODE)) | |
| 29 | return true; | |
| 30 | ||
| 31 | return false; | |
| 32 | @@ -1710,10 +1712,8 @@ void aa_label_xaudit(struct audit_buffer *ab, struct aa_ns *ns, | |
| 33 | AA_BUG(!ab); | |
| 34 | AA_BUG(!label); | |
| 35 | ||
| 36 | - if (!ns) | |
| 37 | - ns = labels_ns(label); | |
| 38 | - | |
| 39 | - if (!use_label_hname(ns, label) || display_mode(ns, label, flags)) { | |
| 40 | + if (!use_label_hname(ns, label, flags) || | |
| 41 | + display_mode(ns, label, flags)) { | |
| 42 | len = aa_label_asxprint(&name, ns, label, flags, gfp); | |
| 43 | if (len == -1) { | |
| 44 | AA_DEBUG("label print error"); | |
| 45 | @@ -1738,10 +1738,7 @@ void aa_label_seq_xprint(struct seq_file *f, struct aa_ns *ns, | |
| 46 | AA_BUG(!f); | |
| 47 | AA_BUG(!label); | |
| 48 | ||
| 49 | - if (!ns) | |
| 50 | - ns = labels_ns(label); | |
| 51 | - | |
| 52 | - if (!use_label_hname(ns, label)) { | |
| 53 | + if (!use_label_hname(ns, label, flags)) { | |
| 54 | char *str; | |
| 55 | int len; | |
| 56 | ||
| 57 | @@ -1764,10 +1761,7 @@ void aa_label_xprintk(struct aa_ns *ns, struct aa_label *label, int flags, | |
| 58 | { | |
| 59 | AA_BUG(!label); | |
| 60 | ||
| 61 | - if (!ns) | |
| 62 | - ns = labels_ns(label); | |
| 63 | - | |
| 64 | - if (!use_label_hname(ns, label)) { | |
| 65 | + if (!use_label_hname(ns, label, flags)) { | |
| 66 | char *str; | |
| 67 | int len; | |
| 68 | ||
| 69 | -- | |
| 70 | 2.11.0 | |
| 71 |