apparmor: make str table more generic and be able to have multiple entries

The strtable is currently limited to a single entry string on unpack
even though domain has the concept of multiple entries within it. Make
this a reality as it will be used for tags and more advanced domain
transitions.

Reviewed-by: Georgia Garcia <georgia.garcia@canonical.com>
Signed-off-by: John Johansen <john.johansen@canonical.com>

1 files changed, 6 insertions, 5 deletions

diff --git a/security/apparmor/lib.c b/security/apparmor/lib.c
index acf7f5189bec..7ef1b9ba7fb6 100644
--- a/security/apparmor/lib.c
+++ b/security/apparmor/lib.c
@@ -44,6 +44,7 @@ static struct val_table_ent debug_values_table[] = {
 	{ "domain", DEBUG_DOMAIN },
 	{ "policy", DEBUG_POLICY },
 	{ "interface", DEBUG_INTERFACE },
+	{ "unpack", DEBUG_UNPACK },
 	{ NULL, 0 }
 };
 
@@ -118,7 +119,7 @@ int aa_print_debug_params(char *buffer)
 
 bool aa_resize_str_table(struct aa_str_table *t, int newsize, gfp_t gfp)
 {
-	char **n;
+	struct aa_str_table_ent *n;
 	int i;
 
 	if (t->size == newsize)
@@ -129,7 +130,7 @@ bool aa_resize_str_table(struct aa_str_table *t, int newsize, gfp_t gfp)
 	for (i = 0; i < min(t->size, newsize); i++)
 		n[i] = t->table[i];
 	for (; i < t->size; i++)
-		kfree_sensitive(t->table[i]);
+		kfree_sensitive(t->table[i].strs);
 	if (newsize > t->size)
 		memset(&n[t->size], 0, (newsize-t->size)*sizeof(*n));
 	kfree_sensitive(t->table);
@@ -140,10 +141,10 @@ bool aa_resize_str_table(struct aa_str_table *t, int newsize, gfp_t gfp)
 }
 
 /**
- * aa_free_str_table - free entries str table
+ * aa_destroy_str_table - free entries str table
  * @t: the string table to free  (MAYBE NULL)
  */
-void aa_free_str_table(struct aa_str_table *t)
+void aa_destroy_str_table(struct aa_str_table *t)
 {
 	int i;
 
@@ -152,7 +153,7 @@ void aa_free_str_table(struct aa_str_table *t)
 			return;
 
 		for (i = 0; i < t->size; i++)
-			kfree_sensitive(t->table[i]);
+			kfree_sensitive(t->table[i].strs);
 		kfree_sensitive(t->table);
 		t->table = NULL;
 		t->size = 0;