| policy.c (5d5182cae40115c03933989473288e54afb39c7c) | policy.c (c97204baf840bf850e14ef4f5f43251239ca43b6) |
|---|---|
| 1/* 2 * AppArmor security module 3 * 4 * This file contains AppArmor policy manipulation functions 5 * 6 * Copyright (C) 1998-2008 Novell/SUSE 7 * Copyright 2009-2010 Canonical Ltd. 8 * --- 146 unchanged lines hidden (view full) --- 155 * Requires: namespace list lock be held, or list not be shared 156 */ 157static void __remove_profile(struct aa_profile *profile) 158{ 159 /* release any children lists first */ 160 __aa_profile_list_release(&profile->base.profiles); 161 /* released by free_profile */ 162 __aa_update_proxy(profile, profile->ns->unconfined); | 1/* 2 * AppArmor security module 3 * 4 * This file contains AppArmor policy manipulation functions 5 * 6 * Copyright (C) 1998-2008 Novell/SUSE 7 * Copyright 2009-2010 Canonical Ltd. 8 * --- 146 unchanged lines hidden (view full) --- 155 * Requires: namespace list lock be held, or list not be shared 156 */ 157static void __remove_profile(struct aa_profile *profile) 158{ 159 /* release any children lists first */ 160 __aa_profile_list_release(&profile->base.profiles); 161 /* released by free_profile */ 162 __aa_update_proxy(profile, profile->ns->unconfined); |
| 163 __aa_fs_profile_rmdir(profile); | 163 __aafs_profile_rmdir(profile); |
| 164 __list_remove_profile(profile); 165} 166 167/** 168 * __aa_profile_list_release - remove all profiles on the list and put refs 169 * @head: list of profiles (NOT NULL) 170 * 171 * Requires: namespace lock be held --- 607 unchanged lines hidden (view full) --- 779 __aa_update_proxy(old, new); 780 if (share_proxy) { 781 aa_put_proxy(new->proxy); 782 new->proxy = aa_get_proxy(old->proxy); 783 } else if (!rcu_access_pointer(new->proxy->profile)) 784 /* aafs interface uses proxy */ 785 rcu_assign_pointer(new->proxy->profile, 786 aa_get_profile(new)); | 164 __list_remove_profile(profile); 165} 166 167/** 168 * __aa_profile_list_release - remove all profiles on the list and put refs 169 * @head: list of profiles (NOT NULL) 170 * 171 * Requires: namespace lock be held --- 607 unchanged lines hidden (view full) --- 779 __aa_update_proxy(old, new); 780 if (share_proxy) { 781 aa_put_proxy(new->proxy); 782 new->proxy = aa_get_proxy(old->proxy); 783 } else if (!rcu_access_pointer(new->proxy->profile)) 784 /* aafs interface uses proxy */ 785 rcu_assign_pointer(new->proxy->profile, 786 aa_get_profile(new)); |
| 787 __aa_fs_profile_migrate_dents(old, new); | 787 __aafs_profile_migrate_dents(old, new); |
| 788 789 if (list_empty(&new->base.list)) { 790 /* new is not on a list already */ 791 list_replace_rcu(&old->base.list, &new->base.list); 792 aa_get_profile(new); 793 aa_put_profile(old); 794 } else 795 __list_remove_profile(old); --- 170 unchanged lines hidden (view full) --- 966 } else { 967 struct dentry *parent; 968 if (rcu_access_pointer(ent->new->parent)) { 969 struct aa_profile *p; 970 p = aa_deref_parent(ent->new); 971 parent = prof_child_dir(p); 972 } else 973 parent = ns_subprofs_dir(ent->new->ns); | 788 789 if (list_empty(&new->base.list)) { 790 /* new is not on a list already */ 791 list_replace_rcu(&old->base.list, &new->base.list); 792 aa_get_profile(new); 793 aa_put_profile(old); 794 } else 795 __list_remove_profile(old); --- 170 unchanged lines hidden (view full) --- 966 } else { 967 struct dentry *parent; 968 if (rcu_access_pointer(ent->new->parent)) { 969 struct aa_profile *p; 970 p = aa_deref_parent(ent->new); 971 parent = prof_child_dir(p); 972 } else 973 parent = ns_subprofs_dir(ent->new->ns); |
| 974 error = __aa_fs_profile_mkdir(ent->new, parent); | 974 error = __aafs_profile_mkdir(ent->new, parent); |
| 975 } 976 977 if (error) { 978 info = "failed to create "; 979 goto fail_lock; 980 } 981 } 982 --- 180 unchanged lines hidden --- | 975 } 976 977 if (error) { 978 info = "failed to create "; 979 goto fail_lock; 980 } 981 } 982 --- 180 unchanged lines hidden --- |