Commit c151694b2c48d956ac8c8c59c6927f89cc29ef70
Exists in
master
and in
20 other branches
Merge branch 'security-next' of git://git.kernel.org/pub/scm/linux/kernel/git/jj…
…/apparmor-dev into next
Showing 2 changed files Side-by-side Diff
security/apparmor/Makefile
| ... | ... | @@ -6,20 +6,48 @@ |
| 6 | 6 | path.o domain.o policy.o policy_unpack.o procattr.o lsm.o \ |
| 7 | 7 | resource.o sid.o file.o |
| 8 | 8 | |
| 9 | -clean-files: capability_names.h af_names.h | |
| 9 | +clean-files := capability_names.h rlim_names.h | |
| 10 | 10 | |
| 11 | + | |
| 12 | +# Build a lower case string table of capability names | |
| 13 | +# Transforms lines from | |
| 14 | +# #define CAP_DAC_OVERRIDE 1 | |
| 15 | +# to | |
| 16 | +# [1] = "dac_override", | |
| 11 | 17 | quiet_cmd_make-caps = GEN $@ |
| 12 | -cmd_make-caps = echo "static const char *capability_names[] = {" > $@ ; sed -n -e "/CAP_FS_MASK/d" -e "s/^\#define[ \\t]\\+CAP_\\([A-Z0-9_]\\+\\)[ \\t]\\+\\([0-9]\\+\\)\$$/[\\2] = \"\\1\",/p" $< | tr A-Z a-z >> $@ ; echo "};" >> $@ | |
| 18 | +cmd_make-caps = echo "static const char *capability_names[] = {" > $@ ;\ | |
| 19 | + sed $< >>$@ -r -n -e '/CAP_FS_MASK/d' \ | |
| 20 | + -e 's/^\#define[ \t]+CAP_([A-Z0-9_]+)[ \t]+([0-9]+)/[\2] = "\L\1",/p';\ | |
| 21 | + echo "};" >> $@ | |
| 13 | 22 | |
| 23 | + | |
| 24 | +# Build a lower case string table of rlimit names. | |
| 25 | +# Transforms lines from | |
| 26 | +# #define RLIMIT_STACK 3 /* max stack size */ | |
| 27 | +# to | |
| 28 | +# [RLIMIT_STACK] = "stack", | |
| 29 | +# | |
| 30 | +# and build a second integer table (with the second sed cmd), that maps | |
| 31 | +# RLIMIT defines to the order defined in asm-generic/resource.h Thi is | |
| 32 | +# required by policy load to map policy ordering of RLIMITs to internal | |
| 33 | +# ordering for architectures that redefine an RLIMIT. | |
| 34 | +# Transforms lines from | |
| 35 | +# #define RLIMIT_STACK 3 /* max stack size */ | |
| 36 | +# to | |
| 37 | +# RLIMIT_STACK, | |
| 14 | 38 | quiet_cmd_make-rlim = GEN $@ |
| 15 | -cmd_make-rlim = echo "static const char *rlim_names[] = {" > $@ ; sed -n --e "/AF_MAX/d" -e "s/^\# \\?define[ \\t]\\+RLIMIT_\\([A-Z0-9_]\\+\\)[ \\t]\\+\\([0-9]\\+\\)\\(.*\\)\$$/[\\2] = \"\\1\",/p" $< | tr A-Z a-z >> $@ ; echo "};" >> $@ ; echo "static const int rlim_map[] = {" >> $@ ; sed -n -e "/AF_MAX/d" -e "s/^\# \\?define[ \\t]\\+\\(RLIMIT_[A-Z0-9_]\\+\\)[ \\t]\\+\\([0-9]\\+\\)\\(.*\\)\$$/\\1,/p" $< >> $@ ; echo "};" >> $@ | |
| 39 | +cmd_make-rlim = echo "static const char *rlim_names[] = {" > $@ ;\ | |
| 40 | + sed $< >> $@ -r -n \ | |
| 41 | + -e 's/^\# ?define[ \t]+(RLIMIT_([A-Z0-9_]+)).*/[\1] = "\L\2",/p';\ | |
| 42 | + echo "};" >> $@ ;\ | |
| 43 | + echo "static const int rlim_map[] = {" >> $@ ;\ | |
| 44 | + sed -r -n "s/^\# ?define[ \t]+(RLIMIT_[A-Z0-9_]+).*/\1,/p" $< >> $@ ;\ | |
| 45 | + echo "};" >> $@ | |
| 16 | 46 | |
| 17 | 47 | $(obj)/capability.o : $(obj)/capability_names.h |
| 18 | 48 | $(obj)/resource.o : $(obj)/rlim_names.h |
| 19 | 49 | $(obj)/capability_names.h : $(srctree)/include/linux/capability.h |
| 20 | 50 | $(call cmd,make-caps) |
| 21 | -$(obj)/af_names.h : $(srctree)/include/linux/socket.h | |
| 22 | - $(call cmd,make-af) | |
| 23 | 51 | $(obj)/rlim_names.h : $(srctree)/include/asm-generic/resource.h |
| 24 | 52 | $(call cmd,make-rlim) |
security/apparmor/lsm.c
| ... | ... | @@ -693,11 +693,9 @@ |
| 693 | 693 | |
| 694 | 694 | static int param_set_audit(const char *val, struct kernel_param *kp); |
| 695 | 695 | static int param_get_audit(char *buffer, struct kernel_param *kp); |
| 696 | -#define param_check_audit(name, p) __param_check(name, p, int) | |
| 697 | 696 | |
| 698 | 697 | static int param_set_mode(const char *val, struct kernel_param *kp); |
| 699 | 698 | static int param_get_mode(char *buffer, struct kernel_param *kp); |
| 700 | -#define param_check_mode(name, p) __param_check(name, p, int) | |
| 701 | 699 | |
| 702 | 700 | /* Flag values, also controllable via /sys/module/apparmor/parameters |
| 703 | 701 | * We define special types as we want to do additional mediation. |