From 47f6e5cc7355e4ff2fd7ace919aa9e291077c26b Mon Sep 17 00:00:00 2001 From: John Johansen Date: Mon, 16 Jan 2017 00:43:01 -0800 Subject: apparmor: change op from int to const char * Having ops be an integer that is an index into an op name table is awkward and brittle. Every op change requires an edit for both the op constant and a string in the table. Instead switch to using const strings directly, eliminating the need for the table that needs to be kept in sync. Signed-off-by: John Johansen --- security/apparmor/include/file.h | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) (limited to 'security/apparmor/include/file.h') diff --git a/security/apparmor/include/file.h b/security/apparmor/include/file.h index 4803c97d1992..0eb54363e033 100644 --- a/security/apparmor/include/file.h +++ b/security/apparmor/include/file.h @@ -145,7 +145,7 @@ static inline u16 dfa_map_xindex(u16 mask) dfa_map_xindex((ACCEPT_TABLE(dfa)[state] >> 14) & 0x3fff) int aa_audit_file(struct aa_profile *profile, struct file_perms *perms, - gfp_t gfp, int op, u32 request, const char *name, + gfp_t gfp, const char *op, u32 request, const char *name, const char *target, kuid_t ouid, const char *info, int error); /** @@ -171,13 +171,14 @@ unsigned int aa_str_perms(struct aa_dfa *dfa, unsigned int start, const char *name, struct path_cond *cond, struct file_perms *perms); -int aa_path_perm(int op, struct aa_profile *profile, const struct path *path, - int flags, u32 request, struct path_cond *cond); +int aa_path_perm(const char *op, struct aa_profile *profile, + const struct path *path, int flags, u32 request, + struct path_cond *cond); int aa_path_link(struct aa_profile *profile, struct dentry *old_dentry, const struct path *new_dir, struct dentry *new_dentry); -int aa_file_perm(int op, struct aa_profile *profile, struct file *file, +int aa_file_perm(const char *op, struct aa_profile *profile, struct file *file, u32 request); static inline void aa_free_file_rules(struct aa_file_rules *rules) -- cgit From ef88a7ac55fdd3bf6ac3942b83aa29311b45339b Mon Sep 17 00:00:00 2001 From: John Johansen Date: Mon, 16 Jan 2017 00:43:02 -0800 Subject: apparmor: change aad apparmor_audit_data macro to a fn macro The aad macro can replace aad strings when it is not intended to. Switch to a fn macro so it is only applied when intended. Also at the same time cleanup audit_data initialization by putting common boiler plate behind a macro, and dropping the gfp_t parameter which will become useless. Signed-off-by: John Johansen --- security/apparmor/include/file.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'security/apparmor/include/file.h') diff --git a/security/apparmor/include/file.h b/security/apparmor/include/file.h index 0eb54363e033..38f821bf49b6 100644 --- a/security/apparmor/include/file.h +++ b/security/apparmor/include/file.h @@ -145,7 +145,7 @@ static inline u16 dfa_map_xindex(u16 mask) dfa_map_xindex((ACCEPT_TABLE(dfa)[state] >> 14) & 0x3fff) int aa_audit_file(struct aa_profile *profile, struct file_perms *perms, - gfp_t gfp, const char *op, u32 request, const char *name, + const char *op, u32 request, const char *name, const char *target, kuid_t ouid, const char *info, int error); /** -- cgit