xiaomi-sm8450/android_kernel_xiaomi_sm8450
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

apparmor: add fn to test if profile supports a given mediation class

Browse Source 
Signed-off-by: John Johansen <john.johansen@canonical.com>
This commit is contained in:
John Johansen
2017-05-29 11:45:29 -07:00
parent 1dea3b41e8
commit b5b2557c0a
1 changed files with 10 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
security/apparmor/include/policy.h
View File

@@ -222,6 +222,16 @@ void __aa_profile_list_release(struct list_head *head);
#define unconfined(X) ((X)->mode == APPARMOR_UNCONFINED) #define unconfined(X) ((X)->mode == APPARMOR_UNCONFINED)
#define PROFILE_MEDIATES(P, T) ((P)->policy.start[(T)])
/* safe version of POLICY_MEDIATES for full range input */
static inline unsigned int PROFILE_MEDIATES_SAFE(struct aa_profile *profile,
unsigned char class)
{
if (profile->policy.dfa)
return aa_dfa_match_len(profile->policy.dfa,
profile->policy.start[0], &class, 1);
return 0;
}
/** /**
* aa_get_profile - increment refcount on profile @p * aa_get_profile - increment refcount on profile @p