| policy.c (60285eb3e7c8827e00e2f2b54561a8cca07d802f) | policy.c (a1bd627b46d169268a0ee5960899fb5be960a317) |
|---|---|
| 1/* 2 * AppArmor security module 3 * 4 * This file contains AppArmor policy manipulation functions 5 * 6 * Copyright (C) 1998-2008 Novell/SUSE 7 * Copyright 2009-2010 Canonical Ltd. 8 * --- 815 unchanged lines hidden (view full) --- 824 *info = "profile can not be replaced"; 825 return error; 826 } 827 } 828 829 return 0; 830} 831 | 1/* 2 * AppArmor security module 3 * 4 * This file contains AppArmor policy manipulation functions 5 * 6 * Copyright (C) 1998-2008 Novell/SUSE 7 * Copyright 2009-2010 Canonical Ltd. 8 * --- 815 unchanged lines hidden (view full) --- 824 *info = "profile can not be replaced"; 825 return error; 826 } 827 } 828 829 return 0; 830} 831 |
| 832static void share_name(struct aa_profile *old, struct aa_profile *new) 833{ 834 aa_put_str(new->base.hname); 835 aa_get_str(old->base.hname); 836 new->base.hname = old->base.hname; 837 new->base.name = old->base.name; 838} 839 |
|
| 832/** 833 * aa_replace_profiles - replace profile(s) on the profile list 834 * @policy_ns: namespace load is occurring on 835 * @label: label that is attempting to load/replace policy 836 * @mask: permission mask 837 * @udata: serialized data stream (NOT NULL) 838 * 839 * unpack and replace a profile on the profile list and uses of that profile --- 168 unchanged lines hidden (view full) --- 1008 /* 1009 * TODO: finer dedup based on profile range in data. Load set 1010 * can differ but profile may remain unchanged 1011 */ 1012 audit_policy(profile, op, NULL, ent->new->base.hname, 1013 NULL, error); 1014 1015 if (ent->old) { | 840/** 841 * aa_replace_profiles - replace profile(s) on the profile list 842 * @policy_ns: namespace load is occurring on 843 * @label: label that is attempting to load/replace policy 844 * @mask: permission mask 845 * @udata: serialized data stream (NOT NULL) 846 * 847 * unpack and replace a profile on the profile list and uses of that profile --- 168 unchanged lines hidden (view full) --- 1016 /* 1017 * TODO: finer dedup based on profile range in data. Load set 1018 * can differ but profile may remain unchanged 1019 */ 1020 audit_policy(profile, op, NULL, ent->new->base.hname, 1021 NULL, error); 1022 1023 if (ent->old) { |
| 1024 share_name(ent->old, ent->new); |
|
| 1016 __replace_profile(ent->old, ent->new, 1); 1017 if (ent->rename) { 1018 /* aafs interface uses proxy */ 1019 struct aa_proxy *r = ent->new->proxy; 1020 rcu_assign_pointer(r->profile, 1021 aa_get_profile(ent->new)); 1022 __replace_profile(ent->rename, ent->new, 0); 1023 } --- 150 unchanged lines hidden --- | 1025 __replace_profile(ent->old, ent->new, 1); 1026 if (ent->rename) { 1027 /* aafs interface uses proxy */ 1028 struct aa_proxy *r = ent->new->proxy; 1029 rcu_assign_pointer(r->profile, 1030 aa_get_profile(ent->new)); 1031 __replace_profile(ent->rename, ent->new, 0); 1032 } --- 150 unchanged lines hidden --- |