← Back to branch summary

~ubuntu-branches/ubuntu/wily/apparmor/wily

« back to all changes in this revision

Viewing changes to kernel-patches/for-mainline/rename-aa_switch_to_profile.diff

  • Committer: Bazaar Package Importer
  • Author(s): Kees Cook
  • Date: 2011-04-27 10:38:07 UTC
  • mfrom: (5.1.118 natty)
  • Revision ID: james.westby@ubuntu.com-20110427103807-ym3rhwys6o84ith0
Tags: 2.6.1-2
debian/copyright: clarify for some full organization names.

Show diffs side-by-side

added added

removed removed

Lines of Context:
kernel-patches/for-mainline/rename-aa_switch_to_profile.diff
1
 
Index: b/security/apparmor/inline.h
2
 
===================================================================
3
 
--- a/security/apparmor/inline.h
4
 
+++ b/security/apparmor/inline.h
5
 
@@ -62,28 +62,21 @@ static inline struct aa_profile *aa_find
6
 
 }
7
 
 
8
 
 /**
9
 
- * aa_switch_to_profile - change aa_task_context to use a new profile
10
 
+ * aa_change_profile - switch a task context to a new profile
11
 
  * @cxt: aa_task_context to switch the profile on
12
 
- * @newactive: new profile (NULL for unconfined)
13
 
+ * @profile: new profile (NULL for unconfined)
14
 
  * @hat_magic: hat value to switch to (0 for no hat)
15
 
- *
16
 
- * aa_switch_to_profile handles the changing of a aa_task_context's profile
17
 
- * profile.  The cxt_lock must be held to ensure consistency against
18
 
- * other writers.  Some write paths (ex. aa_register) require
19
 
- * cxt->profile not to change over several operations, so the calling
20
 
- * function is responsible for grabbing the cxt_lock to meet its
21
 
- * consistency constraints before calling aa_switch_to_profile
22
 
- */
23
 
-static inline void aa_switch_to_profile(struct aa_task_context *cxt,
24
 
-                                       struct aa_profile *newactive,
25
 
-                                       u32 hat_magic)
26
 
+ */
27
 
+static inline void aa_change_profile(struct aa_task_context *cxt,
28
 
+                                    struct aa_profile *profile,
29
 
+                                    u32 hat_magic)
30
 
 {
31
 
-       struct aa_profile *old = cxt->profile;
32
 
+       struct aa_profile *old_profile = cxt->profile;
33
 
 
34
 
        cxt->caps_logged = CAP_EMPTY_SET;
35
 
        cxt->hat_magic = hat_magic;
36
 
-       rcu_assign_pointer(cxt->profile, aa_dup_profile(newactive));
37
 
-       aa_put_profile(old);
38
 
+       rcu_assign_pointer(cxt->profile, aa_dup_profile(profile));
39
 
+       aa_put_profile(old_profile);
40
 
 }
41
 
 
42
 
 /**
43
 
Index: b/security/apparmor/lsm.c
44
 
===================================================================
45
 
--- a/security/apparmor/lsm.c
46
 
+++ b/security/apparmor/lsm.c
47
 
@@ -772,7 +772,7 @@ static void __exit apparmor_exit(void)
48
 
        read_lock(&task_context_list_lock);
49
 
        list_for_each_entry(cxt, &task_context_list, list) {
50
 
                if (cxt->profile)
51
 
-                       aa_switch_to_profile(cxt, NULL, 0);
52
 
+                       aa_change_profile(cxt, NULL, 0);
53
 
        }
54
 
        read_unlock(&task_context_list_lock);
55
 
        spin_unlock_irqrestore(&cxt_lock, flags);
56
 
Index: b/security/apparmor/main.c
57
 
===================================================================
58
 
--- a/security/apparmor/main.c
59
 
+++ b/security/apparmor/main.c
60
 
@@ -759,7 +759,7 @@ int aa_fork(struct task_struct *task)
61
 
                 * he new task would end up with an obsolete profile.
62
 
                 */
63
 
                spin_lock_irqsave(&cxt_lock, flags);
64
 
-               aa_switch_to_profile(newcxt, cxt->profile, cxt->hat_magic);
65
 
+               aa_change_profile(newcxt, cxt->profile, cxt->hat_magic);
66
 
                spin_unlock_irqrestore(&cxt_lock, flags);
67
 
 
68
 
                if (APPARMOR_COMPLAIN(cxt) &&
69
 
@@ -999,7 +999,7 @@ repeat:
70
 
                                ((unsigned long)bprm->security | bprm_flags);
71
 
                }
72
 
 
73
 
-               aa_switch_to_profile(cxt, newprofile, 0);
74
 
+               aa_change_profile(cxt, newprofile, 0);
75
 
 
76
 
                if (complain && newprofile == null_complain_profile)
77
 
                        LOG_HINT(newprofile, GFP_ATOMIC, HINT_CHGPROF,
78
 
@@ -1029,7 +1029,7 @@ cleanup:
79
 
  * removing a profile from a aa_task_context.  Once the aa_task_context has
80
 
  * been removed from the aa_task_context_list, we are no longer racing other
81
 
  * writers. There may still be other readers so we must still use
82
 
- * aa_switch_to_profile to put the aa_task_context's reference safely.
83
 
+ * aa_change_profile to put the aa_task_context's reference safely.
84
 
  */
85
 
 void aa_release(struct task_struct *task)
86
 
 {
87
 
@@ -1038,7 +1038,7 @@ void aa_release(struct task_struct *task
88
 
                task->security = NULL;
89
 
 
90
 
                aa_task_context_list_remove(cxt);
91
 
-               aa_switch_to_profile(cxt, NULL, 0);
92
 
+               aa_change_profile(cxt, NULL, 0);
93
 
 
94
 
                kfree(cxt);
95
 
        }
96
 
@@ -1069,7 +1069,7 @@ static inline int do_change_hat(const ch
97
 
        sub = __aa_find_profile(hat_name, &cxt->profile->parent->sub);
98
 
        if (sub) {
99
 
                /* change hat */
100
 
-               aa_switch_to_profile(cxt, sub, hat_magic);
101
 
+               aa_change_profile(cxt, sub, hat_magic);
102
 
        } else {
103
 
                if (APPARMOR_COMPLAIN(cxt)) {
104
 
                        LOG_HINT(cxt->profile, GFP_ATOMIC, HINT_UNKNOWN_HAT,
105
 
@@ -1097,8 +1097,7 @@ static inline int do_change_hat(const ch
106
 
                 *
107
 
                 * In learning mode, this allows us to learn about new hats.
108
 
                 */
109
 
-               aa_switch_to_profile(cxt, cxt->profile->null_profile,
110
 
-                                    hat_magic);
111
 
+               aa_change_profile(cxt, cxt->profile->null_profile, hat_magic);
112
 
        }
113
 
 
114
 
        return error;
115
 
@@ -1186,8 +1185,7 @@ int aa_change_hat(const char *hat_name, 
116
 
                                 * Got here via changehat(NULL, magic)
117
 
                                 * Return from subprofile, back to parent
118
 
                                 */
119
 
-                               aa_switch_to_profile(cxt, cxt->profile->parent,
120
 
-                                                    0);
121
 
+                               aa_change_profile(cxt, cxt->profile->parent, 0);
122
 
                        } else {
123
 
                                /*
124
 
                                 * Change to another (sibling) profile, and
125
 
Index: b/security/apparmor/module_interface.c
126
 
===================================================================
127
 
--- a/security/apparmor/module_interface.c
128
 
+++ b/security/apparmor/module_interface.c
129
 
@@ -61,10 +61,10 @@ static inline void task_replace(struct a
130
 
                if (!nactive)
131
 
                        nactive = aa_dup_profile(new->null_profile);
132
 
 
133
 
-               aa_switch_to_profile(cxt, nactive, cxt->hat_magic);
134
 
+               aa_change_profile(cxt, nactive, cxt->hat_magic);
135
 
                aa_put_profile(nactive);
136
 
        } else
137
 
-               aa_switch_to_profile(cxt, new, cxt->hat_magic);
138
 
+               aa_change_profile(cxt, new, cxt->hat_magic);
139
 
 }
140
 
 
141
 
 static inline int aa_inbounds(struct aa_ext *e, size_t size)
142
 
@@ -522,7 +522,7 @@ ssize_t aa_file_prof_remove(const char *
143
 
        list_for_each_entry(cxt, &task_context_list, list) {
144
 
                if (cxt->profile && cxt->profile->parent == profile) {
145
 
                        spin_lock(&cxt_lock);
146
 
-                       aa_switch_to_profile(cxt, NULL, 0);
147
 
+                       aa_change_profile(cxt, NULL, 0);
148
 
                        spin_unlock(&cxt_lock);
149
 
                }
150
 
        }
151
 
Index: b/security/apparmor/procattr.c
152
 
===================================================================
153
 
--- a/security/apparmor/procattr.c
154
 
+++ b/security/apparmor/procattr.c
155
 
@@ -235,7 +235,7 @@ int aa_setprocattr_setprofile(struct tas
156
 
                                cxt->profile->parent->name,
157
 
                                cxt->profile->name);
158
 
 
159
 
-                       aa_switch_to_profile(cxt, NULL, 0);
160
 
+                       aa_change_profile(cxt, NULL, 0);
161
 
                } else {
162
 
                        AA_WARN("%s: task %s(%d) "
163
 
                                "is already unconstrained\n",
164
 
@@ -308,7 +308,7 @@ int aa_setprocattr_setprofile(struct tas
165
 
                        cxt->profile ? cxt->profile->name : "unconstrained",
166
 
                        name);
167
 
 
168
 
-               aa_switch_to_profile(cxt, profile, 0);
169
 
+               aa_change_profile(cxt, profile, 0);
170
 
                aa_put_profile(profile);
171
 
        }
172