On 05/01/2013 05:28 PM, Seth Arnold wrote: > On Wed, May 01, 2013 at 02:30:52PM -0700, John Johansen wrote: >> aa_put_profile causes profiles to go throw an rcu based delayed free >> cycle. Discard profiles that can't be in use and hence don't need the >> delayed >> free call free_profile directly. > > This description doesn't seem to match the code, which looks like a > simple sed s/free_profile/aa_free_profile/ -- does the patch header need > updating? or has the corresponding code been placed into another patch? > Not sure sure how missed this ...
yep, description reworked > Thanks > >> Signed-off-by: John Johansen <[email protected]> >> --- >> security/apparmor/include/policy.h | 1 + >> security/apparmor/policy.c | 10 +++++----- >> security/apparmor/policy_unpack.c | 4 ++-- >> 3 files changed, 8 insertions(+), 7 deletions(-) >> >> diff --git a/security/apparmor/include/policy.h >> b/security/apparmor/include/policy.h >> index 587cb28..6d2b949 100644 >> --- a/security/apparmor/include/policy.h >> +++ b/security/apparmor/include/policy.h >> @@ -227,6 +227,7 @@ struct aa_namespace *aa_find_namespace(struct >> aa_namespace *root, >> void aa_free_replacedby_kref(struct kref *kref); >> struct aa_profile *aa_alloc_profile(const char *name); >> struct aa_profile *aa_new_null_profile(struct aa_profile *parent, int hat); >> +void aa_free_profile(struct aa_profile *profile); >> void aa_free_profile_kref(struct kref *kref); >> struct aa_profile *aa_find_child(struct aa_profile *parent, const char >> *name); >> struct aa_profile *aa_lookup_profile(struct aa_namespace *ns, const char >> *name); >> diff --git a/security/apparmor/policy.c b/security/apparmor/policy.c >> index 53a0573..5fe1559 100644 >> --- a/security/apparmor/policy.c >> +++ b/security/apparmor/policy.c >> @@ -307,7 +307,7 @@ fail_ns: >> return NULL; >> } >> >> -static void free_profile(struct aa_profile *profile); >> +void aa_free_profile(struct aa_profile *profile); >> /** >> * free_namespace - free a profile namespace >> * @ns: the namespace to free (MAYBE NULL) >> @@ -324,7 +324,7 @@ static void free_namespace(struct aa_namespace *ns) >> aa_put_namespace(ns->parent); >> >> ns->unconfined->ns = NULL; >> - free_profile(ns->unconfined); >> + aa_free_profile(ns->unconfined); >> kzfree(ns); >> } >> >> @@ -568,7 +568,7 @@ void aa_free_replacedby_kref(struct kref *kref) >> } >> >> /** >> - * free_profile - free a profile >> + * aa_free_profile - free a profile >> * @profile: the profile to free (MAYBE NULL) >> * >> * Free a profile, its hats and null_profile. All references to the profile, >> @@ -577,7 +577,7 @@ void aa_free_replacedby_kref(struct kref *kref) >> * If the profile was referenced from a task context, free_profile() will >> * be called from an rcu callback routine, so we must not sleep here. >> */ >> -static void free_profile(struct aa_profile *profile) >> +void aa_free_profile(struct aa_profile *profile) >> { >> AA_DEBUG("%s(%p)\n", __func__, profile); >> >> @@ -619,7 +619,7 @@ static void aa_free_profile_rcu(struct rcu_head *head) >> if (p->flags & PFLAG_NS_COUNT) >> free_namespace(p->ns); >> else >> - free_profile(p); >> + aa_free_profile(p); >> } >> >> /** >> diff --git a/security/apparmor/policy_unpack.c >> b/security/apparmor/policy_unpack.c >> index f47b882..69894ad 100644 >> --- a/security/apparmor/policy_unpack.c >> +++ b/security/apparmor/policy_unpack.c >> @@ -615,7 +615,7 @@ fail: >> else if (!name) >> name = "unknown"; >> audit_iface(profile, name, "failed to unpack profile", e, error); >> - aa_put_profile(profile); >> + aa_free_profile(profile); >> >> return ERR_PTR(error); >> } >> @@ -763,7 +763,7 @@ int aa_unpack(void *udata, size_t size, struct list_head >> *lh, const char **ns) >> >> error = verify_profile(profile); >> if (error) { >> - aa_put_profile(profile); >> + aa_free_profile(profile); >> goto fail; >> } >> >> -- >> 1.8.1.2 >> >> >> -- >> AppArmor mailing list >> [email protected] >> Modify settings or unsubscribe at: >> https://lists.ubuntu.com/mailman/listinfo/apparmor >> >> >> -- AppArmor mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
