On Wed, May 01, 2013 at 02:31:02PM -0700, John Johansen wrote: > For profiles that have been replaced reuse the name string so the > old and new version of the profile share the same string. This will > make some checks/comparisons in labeling quicker.
> +static void share_name(struct aa_profile *old, struct aa_profile *new)
> +{
> + aa_put_str(new->base.hname);
> + aa_get_str(old->base.hname);
> + new->base.hname = old->base.hname;
> + new->base.name = old->base.name;
> +}
> +
> /**
> * aa_replace_profiles - replace profile(s) on the profile list
> * @udata: serialized data stream (NOT NULL)
> @@ -1197,6 +1211,7 @@ ssize_t aa_replace_profiles(void *udata, size_t size,
> bool noreplace)
> audit_policy(op, GFP_ATOMIC, ent->new->base.name, NULL, error);
>
> if (ent->old) {
> + share_name(ent->old, ent->new);
> __replace_profile(ent->old, ent->new, 1);
> if (ent->rename) {
> /* aafs interface uses replacedby */
Is this the proper location for share_name()? In the ent->rename case,
wouldn't you want the new name and hname to survive, rather than be
replaced by the old name and hname?
Thanks
signature.asc
Description: Digital signature
-- AppArmor mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
