diff options
| -rw-r--r-- | security/apparmor/include/policy.h | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/security/apparmor/include/policy.h b/security/apparmor/include/policy.h index 1ce4e9bdac48..b5b4b8190e65 100644 --- a/security/apparmor/include/policy.h +++ b/security/apparmor/include/policy.h | |||
| @@ -213,7 +213,16 @@ static inline struct aa_profile *aa_get_newest_profile(struct aa_profile *p) | |||
| 213 | return labels_profile(aa_get_newest_label(&p->label)); | 213 | return labels_profile(aa_get_newest_label(&p->label)); |
| 214 | } | 214 | } |
| 215 | 215 | ||
| 216 | #define PROFILE_MEDIATES(P, T) ((P)->policy.start[(unsigned char) (T)]) | 216 | static inline unsigned int PROFILE_MEDIATES(struct aa_profile *profile, |
| 217 | unsigned char class) | ||
| 218 | { | ||
| 219 | if (class <= AA_CLASS_LAST) | ||
| 220 | return profile->policy.start[class]; | ||
| 221 | else | ||
| 222 | return aa_dfa_match_len(profile->policy.dfa, | ||
| 223 | profile->policy.start[0], &class, 1); | ||
| 224 | } | ||
| 225 | |||
| 217 | static inline unsigned int PROFILE_MEDIATES_AF(struct aa_profile *profile, | 226 | static inline unsigned int PROFILE_MEDIATES_AF(struct aa_profile *profile, |
| 218 | u16 AF) { | 227 | u16 AF) { |
| 219 | unsigned int state = PROFILE_MEDIATES(profile, AA_CLASS_NET); | 228 | unsigned int state = PROFILE_MEDIATES(profile, AA_CLASS_NET); |