From: wzt.wzt@gmail.com
To: linux-kernel@vger.kernel.org
Cc: john.johansen@canonical.com, apparmor@lists.ubuntu.com,
linux-security-module@vger.kernel.org
Subject: [PATCH] APPARMOR: code cleanup on context.h
Date: Sat, 13 Nov 2010 10:34:35 +0800 [thread overview]
Message-ID: <20101113023435.GB2713@localhost.localdomain> (raw)
Use current api to replace old codes.
Signed-off-by: Zhitong Wang <zhitong.wangzt@alibaba-inc.com>
---
security/apparmor/include/context.h | 34 +++++++++++++++-------------------
1 files changed, 15 insertions(+), 19 deletions(-)
diff --git a/security/apparmor/include/context.h b/security/apparmor/include/context.h
index a9cbee4..c9112f3 100644
--- a/security/apparmor/include/context.h
+++ b/security/apparmor/include/context.h
@@ -82,23 +82,6 @@ int aa_set_current_hat(struct aa_profile *profile, u64 token);
int aa_restore_previous_profile(u64 cookie);
/**
- * __aa_task_is_confined - determine if @task has any confinement
- * @task: task to check confinement of (NOT NULL)
- *
- * If @task != current needs to be called in RCU safe critical section
- */
-static inline bool __aa_task_is_confined(struct task_struct *task)
-{
- struct aa_task_cxt *cxt = __task_cred(task)->security;
-
- BUG_ON(!cxt || !cxt->profile);
- if (unconfined(aa_newest_version(cxt->profile)))
- return 0;
-
- return 1;
-}
-
-/**
* aa_cred_profile - obtain cred's profiles
* @cred: cred to obtain profiles from (NOT NULL)
*
@@ -138,9 +121,8 @@ static inline struct aa_profile *aa_current_profile(void)
{
const struct aa_task_cxt *cxt = current_cred()->security;
struct aa_profile *profile;
- BUG_ON(!cxt || !cxt->profile);
- profile = aa_newest_version(cxt->profile);
+ profile = __aa_current_profile();
/*
* Whether or not replacement succeeds, use newest profile so
* there is no need to update it after replacement.
@@ -151,4 +133,18 @@ static inline struct aa_profile *aa_current_profile(void)
return profile;
}
+/**
+ * __aa_task_is_confined - determine if @task has any confinement
+ * @task: task to check confinement of (NOT NULL)
+ *
+ * If @task != current needs to be called in RCU safe critical section
+ */
+static inline bool __aa_task_is_confined(struct task_struct *task)
+{
+ if (unconfined(aa_cred_profile(__task_cred(task))))
+ return 0;
+
+ return 1;
+}
+
#endif /* __AA_CONTEXT_H */
--
1.6.5.3
next reply other threads:[~2010-11-13 2:34 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-11-13 2:34 wzt.wzt [this message]
2010-11-15 23:29 ` [PATCH] APPARMOR: code cleanup on context.h wzt wzt
2010-11-16 0:25 ` John Johansen
2010-11-16 6:38 ` wzt wzt
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20101113023435.GB2713@localhost.localdomain \
--to=wzt.wzt@gmail.com \
--cc=apparmor@lists.ubuntu.com \
--cc=john.johansen@canonical.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).