aboutsummaryrefslogtreecommitdiffstats
path: root/security/apparmor/capability.c
diff options
context:
space:
mode:
authorIngo Molnar <mingo@kernel.org>2013-12-17 09:27:08 -0500
committerIngo Molnar <mingo@kernel.org>2013-12-17 09:27:08 -0500
commitbb799d3b980eb803ca2da4a4eefbd9308f8d988a (patch)
tree69fbe0cd6d47b23a50f5e1d87bf7489532fae149 /security/apparmor/capability.c
parent919fc6e34831d1c2b58bfb5ae261dc3facc9b269 (diff)
parent319e2e3f63c348a9b66db4667efa73178e18b17d (diff)
Merge tag 'v3.13-rc4' into core/locking
Merge Linux 3.13-rc4, to refresh this rather old tree with the latest fixes. Signed-off-by: Ingo Molnar <mingo@kernel.org>
Diffstat (limited to 'security/apparmor/capability.c')
-rw-r--r--security/apparmor/capability.c15
1 files changed, 5 insertions, 10 deletions
diff --git a/security/apparmor/capability.c b/security/apparmor/capability.c
index 84d1f5f53877..1101c6f64bb7 100644
--- a/security/apparmor/capability.c
+++ b/security/apparmor/capability.c
@@ -53,8 +53,7 @@ static void audit_cb(struct audit_buffer *ab, void *va)
53 53
54/** 54/**
55 * audit_caps - audit a capability 55 * audit_caps - audit a capability
56 * @profile: profile confining task (NOT NULL) 56 * @profile: profile being tested for confinement (NOT NULL)
57 * @task: task capability test was performed against (NOT NULL)
58 * @cap: capability tested 57 * @cap: capability tested
59 * @error: error code returned by test 58 * @error: error code returned by test
60 * 59 *
@@ -63,8 +62,7 @@ static void audit_cb(struct audit_buffer *ab, void *va)
63 * 62 *
64 * Returns: 0 or sa->error on success, error code on failure 63 * Returns: 0 or sa->error on success, error code on failure
65 */ 64 */
66static int audit_caps(struct aa_profile *profile, struct task_struct *task, 65static int audit_caps(struct aa_profile *profile, int cap, int error)
67 int cap, int error)
68{ 66{
69 struct audit_cache *ent; 67 struct audit_cache *ent;
70 int type = AUDIT_APPARMOR_AUTO; 68 int type = AUDIT_APPARMOR_AUTO;
@@ -73,7 +71,6 @@ static int audit_caps(struct aa_profile *profile, struct task_struct *task,
73 sa.type = LSM_AUDIT_DATA_CAP; 71 sa.type = LSM_AUDIT_DATA_CAP;
74 sa.aad = &aad; 72 sa.aad = &aad;
75 sa.u.cap = cap; 73 sa.u.cap = cap;
76 sa.aad->tsk = task;
77 sa.aad->op = OP_CAPABLE; 74 sa.aad->op = OP_CAPABLE;
78 sa.aad->error = error; 75 sa.aad->error = error;
79 76
@@ -124,8 +121,7 @@ static int profile_capable(struct aa_profile *profile, int cap)
124 121
125/** 122/**
126 * aa_capable - test permission to use capability 123 * aa_capable - test permission to use capability
127 * @task: task doing capability test against (NOT NULL) 124 * @profile: profile being tested against (NOT NULL)
128 * @profile: profile confining @task (NOT NULL)
129 * @cap: capability to be tested 125 * @cap: capability to be tested
130 * @audit: whether an audit record should be generated 126 * @audit: whether an audit record should be generated
131 * 127 *
@@ -133,8 +129,7 @@ static int profile_capable(struct aa_profile *profile, int cap)
133 * 129 *
134 * Returns: 0 on success, or else an error code. 130 * Returns: 0 on success, or else an error code.
135 */ 131 */
136int aa_capable(struct task_struct *task, struct aa_profile *profile, int cap, 132int aa_capable(struct aa_profile *profile, int cap, int audit)
137 int audit)
138{ 133{
139 int error = profile_capable(profile, cap); 134 int error = profile_capable(profile, cap);
140 135
@@ -144,5 +139,5 @@ int aa_capable(struct task_struct *task, struct aa_profile *profile, int cap,
144 return error; 139 return error;
145 } 140 }
146 141
147 return audit_caps(profile, task, cap, error); 142 return audit_caps(profile, cap, error);
148} 143}
generated by cgit v1.2.2 (git 2.25.0) at 2026-04-08 16:02:22 -0400