lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Tue, 16 Nov 2010 07:29:30 +0800
From:	wzt wzt <wzt.wzt@...il.com>
To:	john.johansen@...onical.com
Cc:	linux-kernel@...r.kernel.org, apparmor@...ts.ubuntu.com,
	linux-security-module@...r.kernel.org
Subject: Re: [PATCH] APPARMOR: code cleanup on context.h

hi, john, any comments?

On Sat, Nov 13, 2010 at 10:34 AM,  <wzt.wzt@...il.com> wrote:
> Use current api to replace old codes.
>
> Signed-off-by: Zhitong Wang <zhitong.wangzt@...baba-inc.com>
>
> ---
>  security/apparmor/include/context.h |   34 +++++++++++++++-------------------
>  1 files changed, 15 insertions(+), 19 deletions(-)
>
> diff --git a/security/apparmor/include/context.h b/security/apparmor/include/context.h
> index a9cbee4..c9112f3 100644
> --- a/security/apparmor/include/context.h
> +++ b/security/apparmor/include/context.h
> @@ -82,23 +82,6 @@ int aa_set_current_hat(struct aa_profile *profile, u64 token);
>  int aa_restore_previous_profile(u64 cookie);
>
>  /**
> - * __aa_task_is_confined - determine if @task has any confinement
> - * @task: task to check confinement of  (NOT NULL)
> - *
> - * If @task != current needs to be called in RCU safe critical section
> - */
> -static inline bool __aa_task_is_confined(struct task_struct *task)
> -{
> -       struct aa_task_cxt *cxt = __task_cred(task)->security;
> -
> -       BUG_ON(!cxt || !cxt->profile);
> -       if (unconfined(aa_newest_version(cxt->profile)))
> -               return 0;
> -
> -       return 1;
> -}
> -
> -/**
>  * aa_cred_profile - obtain cred's profiles
>  * @cred: cred to obtain profiles from  (NOT NULL)
>  *
> @@ -138,9 +121,8 @@ static inline struct aa_profile *aa_current_profile(void)
>  {
>        const struct aa_task_cxt *cxt = current_cred()->security;
>        struct aa_profile *profile;
> -       BUG_ON(!cxt || !cxt->profile);
>
> -       profile = aa_newest_version(cxt->profile);
> +       profile = __aa_current_profile();
>        /*
>         * Whether or not replacement succeeds, use newest profile so
>         * there is no need to update it after replacement.
> @@ -151,4 +133,18 @@ static inline struct aa_profile *aa_current_profile(void)
>        return profile;
>  }
>
> +/**
> + * __aa_task_is_confined - determine if @task has any confinement
> + * @task: task to check confinement of  (NOT NULL)
> + *
> + * If @task != current needs to be called in RCU safe critical section
> + */
> +static inline bool __aa_task_is_confined(struct task_struct *task)
> +{
> +       if (unconfined(aa_cred_profile(__task_cred(task))))
> +               return 0;
> +
> +       return 1;
> +}
> +
>  #endif /* __AA_CONTEXT_H */
> --
> 1.6.5.3
>
>
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ