summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--security/apparmor/include/file.h14
-rw-r--r--security/apparmor/lsm.c8
2 files changed, 11 insertions, 11 deletions
diff --git a/security/apparmor/include/file.h b/security/apparmor/include/file.h
index 967b2deda376..2c922b86bd44 100644
--- a/security/apparmor/include/file.h
+++ b/security/apparmor/include/file.h
@@ -186,11 +186,6 @@ static inline void aa_free_file_rules(struct aa_file_rules *rules)
aa_free_domain_entries(&rules->trans);
}
-#define ACC_FMODE(x) (("\000\004\002\006"[(x)&O_ACCMODE]) | (((x) << 1) & 0x40))
-
-/* from namei.c */
-#define MAP_OPEN_FLAGS(x) ((((x) + 1) & O_ACCMODE) ? (x) + 1 : (x))
-
/**
* aa_map_file_perms - map file flags to AppArmor permissions
* @file: open file to map flags to AppArmor permissions
@@ -199,8 +194,13 @@ static inline void aa_free_file_rules(struct aa_file_rules *rules)
*/
static inline u32 aa_map_file_to_perms(struct file *file)
{
- int flags = MAP_OPEN_FLAGS(file->f_flags);
- u32 perms = ACC_FMODE(file->f_mode);
+ int flags = file->f_flags;
+ u32 perms = 0;
+
+ if (file->f_mode & FMODE_WRITE)
+ perms |= MAY_WRITE;
+ if (file->f_mode & FMODE_READ)
+ perms |= MAY_READ;
if ((flags & O_APPEND) && (perms & MAY_WRITE))
perms = (perms & ~MAY_WRITE) | MAY_APPEND;
diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c
index ed7e3aadba3a..10843aa5a368 100644
--- a/security/apparmor/lsm.c
+++ b/security/apparmor/lsm.c
@@ -909,8 +909,11 @@ static int __init apparmor_init(void)
error = register_security(&apparmor_ops);
if (error) {
+ struct cred *cred = (struct cred *)current->real_cred;
+ aa_free_task_context(cred->security);
+ cred->security = NULL;
AA_ERROR("Unable to register AppArmor\n");
- goto set_init_cxt_out;
+ goto register_security_out;
}
/* Report that AppArmor successfully initialized */
@@ -924,9 +927,6 @@ static int __init apparmor_init(void)
return error;
-set_init_cxt_out:
- aa_free_task_context(current->real_cred->security);
-
register_security_out:
aa_free_root_ns();