From c092921219d227b13cb80dbecd3545ee66ab89b3 Mon Sep 17 00:00:00 2001 From: John Johansen Date: Mon, 31 Jul 2017 17:36:45 -0700 Subject: apparmor: add support for mapping secids and using secctxes Use a radix tree to provide a map between the secid and the label, and along with it a basic ability to provide secctx conversion. Shared/cached secctx will be added later. Signed-off-by: John Johansen --- security/apparmor/label.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'security/apparmor/label.c') diff --git a/security/apparmor/label.c b/security/apparmor/label.c index 523250e34837..152352755869 100644 --- a/security/apparmor/label.c +++ b/security/apparmor/label.c @@ -402,12 +402,12 @@ static void label_free_or_put_new(struct aa_label *label, struct aa_label *new) aa_put_label(new); } -bool aa_label_init(struct aa_label *label, int size) +bool aa_label_init(struct aa_label *label, int size, gfp_t gfp) { AA_BUG(!label); AA_BUG(size < 1); - label->secid = aa_alloc_secid(); + label->secid = aa_alloc_secid(label, gfp); if (label->secid == AA_SECID_INVALID) return false; @@ -441,7 +441,7 @@ struct aa_label *aa_label_alloc(int size, struct aa_proxy *proxy, gfp_t gfp) if (!new) goto fail; - if (!aa_label_init(new, size)) + if (!aa_label_init(new, size, gfp)) goto fail; if (!proxy) { -- cgit v1.2.3