file.c - OpenGrok cross reference for /openbmc/linux/security/apparmor/file.c

Deleted Added

sdiffudifftextold (7572fea3..)new (33fc95d8..)

file.c (7572fea31e3e5c4c19154ccc064eb1f83dfe1333)	file.c (33fc95d8293cfca352ac875668857293e22d7d51)
1// SPDX-License-Identifier: GPL-2.0-only 2/* 3 * AppArmor security module 4 * 5 * This file contains AppArmor mediation of files 6 * 7 * Copyright (C) 1998-2008 Novell/SUSE 8 * Copyright 2009-2010 Canonical Ltd. --- 172 unchanged lines hidden (view full) --- 181 * @cond: conditions to consider (NOT NULL) 182 * 183 * TODO: convert from dfa + state to permission entry 184 * 185 * Returns: a pointer to a file permission set 186 / 187struct aa_perms default_perms = {}; 188struct aa_perms aa_lookup_fperms(struct aa_policydb *file_rules,	1// SPDX-License-Identifier: GPL-2.0-only 2/* 3 * AppArmor security module 4 * 5 * This file contains AppArmor mediation of files 6 * 7 * Copyright (C) 1998-2008 Novell/SUSE 8 * Copyright 2009-2010 Canonical Ltd. --- 172 unchanged lines hidden (view full) --- 181 * @cond: conditions to consider (NOT NULL) 182 * 183 * TODO: convert from dfa + state to permission entry 184 * 185 * Returns: a pointer to a file permission set 186 / 187struct aa_perms default_perms = {}; 188struct aa_perms aa_lookup_fperms(struct aa_policydb *file_rules,
189 unsigned int state, struct path_cond *cond)	189 aa_state_t state, struct path_cond *cond)
190{ 191 unsigned int index = ACCEPT_TABLE(file_rules->dfa)[state]; 192 193 if (!(file_rules->perms)) 194 return &default_perms; 195 196 if (uid_eq(current_fsuid(), cond->uid)) 197 return &(file_rules->perms[index]); --- 6 unchanged lines hidden (view full) --- 204 * @dfa: to match against (MAYBE NULL) 205 * @state: state to start matching in 206 * @name: string to match against dfa (NOT NULL) 207 * @cond: conditions to consider for permission set computation (NOT NULL) 208 * @perms: Returns - the permissions found when matching @name 209 * 210 * Returns: the final state in @dfa when beginning @start and walking @name 211 */	190{ 191 unsigned int index = ACCEPT_TABLE(file_rules->dfa)[state]; 192 193 if (!(file_rules->perms)) 194 return &default_perms; 195 196 if (uid_eq(current_fsuid(), cond->uid)) 197 return &(file_rules->perms[index]); --- 6 unchanged lines hidden (view full) --- 204 * @dfa: to match against (MAYBE NULL) 205 * @state: state to start matching in 206 * @name: string to match against dfa (NOT NULL) 207 * @cond: conditions to consider for permission set computation (NOT NULL) 208 * @perms: Returns - the permissions found when matching @name 209 * 210 * Returns: the final state in @dfa when beginning @start and walking @name 211 */
212unsigned int aa_str_perms(struct aa_policydb file_rules, unsigned int start, 213 const char name, struct path_cond cond, 214 struct aa_perms perms)	212aa_state_t aa_str_perms(struct aa_policydb file_rules, aa_state_t start, 213 const char name, struct path_cond cond, 214 struct aa_perms perms)
215{	215{
216 unsigned int state;	216 aa_state_t state;
217 state = aa_dfa_match(file_rules->dfa, start, name); 218 perms = (aa_lookup_fperms(file_rules, state, cond)); 219 220 return state; 221} 222 223int __aa_path_perm(const char op, struct aa_profile profile, const char name, 224 u32 request, struct path_cond cond, int flags, --- 90 unchanged lines hidden (view full) --- 315 const struct path link, char buffer, 316 const struct path target, char buffer2, 317 struct path_cond cond) 318{ 319 const char lname, tname = NULL; 320 struct aa_perms lperms = {}, perms; 321 const char info = NULL; 322 u32 request = AA_MAY_LINK;	217 state = aa_dfa_match(file_rules->dfa, start, name); 218 perms = (aa_lookup_fperms(file_rules, state, cond)); 219 220 return state; 221} 222 223int __aa_path_perm(const char op, struct aa_profile profile, const char name, 224 u32 request, struct path_cond cond, int flags, --- 90 unchanged lines hidden (view full) --- 315 const struct path link, char buffer, 316 const struct path target, char buffer2, 317 struct path_cond cond) 318{ 319 const char lname, tname = NULL; 320 struct aa_perms lperms = {}, perms; 321 const char info = NULL; 322 u32 request = AA_MAY_LINK;
323 unsigned int state;	323 aa_state_t state;
324 int error; 325 326 error = path_name(OP_LINK, &profile->label, link, profile->path_flags, 327 buffer, &lname, cond, AA_MAY_LINK); 328 if (error) 329 goto audit; 330 331 /* buffer2 freed below, tname is pointer in buffer2 / --- 337 unchanged lines hidden* ---	324 int error; 325 326 error = path_name(OP_LINK, &profile->label, link, profile->path_flags, 327 buffer, &lname, cond, AA_MAY_LINK); 328 if (error) 329 goto audit; 330 331 /* buffer2 freed below, tname is pointer in buffer2 / --- 337 unchanged lines hidden* ---