Commit c151694b2c48d956ac8c8c59c6927f89cc29ef70
Exists in
master
and in
20 other branches
Merge branch 'security-next' of git://git.kernel.org/pub/scm/linux/kernel/git/jj…
…/apparmor-dev into next
Showing 2 changed files Side-by-side Diff
security/apparmor/Makefile
... | ... | @@ -6,20 +6,48 @@ |
6 | 6 | path.o domain.o policy.o policy_unpack.o procattr.o lsm.o \ |
7 | 7 | resource.o sid.o file.o |
8 | 8 | |
9 | -clean-files: capability_names.h af_names.h | |
9 | +clean-files := capability_names.h rlim_names.h | |
10 | 10 | |
11 | + | |
12 | +# Build a lower case string table of capability names | |
13 | +# Transforms lines from | |
14 | +# #define CAP_DAC_OVERRIDE 1 | |
15 | +# to | |
16 | +# [1] = "dac_override", | |
11 | 17 | quiet_cmd_make-caps = GEN $@ |
12 | -cmd_make-caps = echo "static const char *capability_names[] = {" > $@ ; sed -n -e "/CAP_FS_MASK/d" -e "s/^\#define[ \\t]\\+CAP_\\([A-Z0-9_]\\+\\)[ \\t]\\+\\([0-9]\\+\\)\$$/[\\2] = \"\\1\",/p" $< | tr A-Z a-z >> $@ ; echo "};" >> $@ | |
18 | +cmd_make-caps = echo "static const char *capability_names[] = {" > $@ ;\ | |
19 | + sed $< >>$@ -r -n -e '/CAP_FS_MASK/d' \ | |
20 | + -e 's/^\#define[ \t]+CAP_([A-Z0-9_]+)[ \t]+([0-9]+)/[\2] = "\L\1",/p';\ | |
21 | + echo "};" >> $@ | |
13 | 22 | |
23 | + | |
24 | +# Build a lower case string table of rlimit names. | |
25 | +# Transforms lines from | |
26 | +# #define RLIMIT_STACK 3 /* max stack size */ | |
27 | +# to | |
28 | +# [RLIMIT_STACK] = "stack", | |
29 | +# | |
30 | +# and build a second integer table (with the second sed cmd), that maps | |
31 | +# RLIMIT defines to the order defined in asm-generic/resource.h Thi is | |
32 | +# required by policy load to map policy ordering of RLIMITs to internal | |
33 | +# ordering for architectures that redefine an RLIMIT. | |
34 | +# Transforms lines from | |
35 | +# #define RLIMIT_STACK 3 /* max stack size */ | |
36 | +# to | |
37 | +# RLIMIT_STACK, | |
14 | 38 | quiet_cmd_make-rlim = GEN $@ |
15 | -cmd_make-rlim = echo "static const char *rlim_names[] = {" > $@ ; sed -n --e "/AF_MAX/d" -e "s/^\# \\?define[ \\t]\\+RLIMIT_\\([A-Z0-9_]\\+\\)[ \\t]\\+\\([0-9]\\+\\)\\(.*\\)\$$/[\\2] = \"\\1\",/p" $< | tr A-Z a-z >> $@ ; echo "};" >> $@ ; echo "static const int rlim_map[] = {" >> $@ ; sed -n -e "/AF_MAX/d" -e "s/^\# \\?define[ \\t]\\+\\(RLIMIT_[A-Z0-9_]\\+\\)[ \\t]\\+\\([0-9]\\+\\)\\(.*\\)\$$/\\1,/p" $< >> $@ ; echo "};" >> $@ | |
39 | +cmd_make-rlim = echo "static const char *rlim_names[] = {" > $@ ;\ | |
40 | + sed $< >> $@ -r -n \ | |
41 | + -e 's/^\# ?define[ \t]+(RLIMIT_([A-Z0-9_]+)).*/[\1] = "\L\2",/p';\ | |
42 | + echo "};" >> $@ ;\ | |
43 | + echo "static const int rlim_map[] = {" >> $@ ;\ | |
44 | + sed -r -n "s/^\# ?define[ \t]+(RLIMIT_[A-Z0-9_]+).*/\1,/p" $< >> $@ ;\ | |
45 | + echo "};" >> $@ | |
16 | 46 | |
17 | 47 | $(obj)/capability.o : $(obj)/capability_names.h |
18 | 48 | $(obj)/resource.o : $(obj)/rlim_names.h |
19 | 49 | $(obj)/capability_names.h : $(srctree)/include/linux/capability.h |
20 | 50 | $(call cmd,make-caps) |
21 | -$(obj)/af_names.h : $(srctree)/include/linux/socket.h | |
22 | - $(call cmd,make-af) | |
23 | 51 | $(obj)/rlim_names.h : $(srctree)/include/asm-generic/resource.h |
24 | 52 | $(call cmd,make-rlim) |
security/apparmor/lsm.c
... | ... | @@ -693,11 +693,9 @@ |
693 | 693 | |
694 | 694 | static int param_set_audit(const char *val, struct kernel_param *kp); |
695 | 695 | static int param_get_audit(char *buffer, struct kernel_param *kp); |
696 | -#define param_check_audit(name, p) __param_check(name, p, int) | |
697 | 696 | |
698 | 697 | static int param_set_mode(const char *val, struct kernel_param *kp); |
699 | 698 | static int param_get_mode(char *buffer, struct kernel_param *kp); |
700 | -#define param_check_mode(name, p) __param_check(name, p, int) | |
701 | 699 | |
702 | 700 | /* Flag values, also controllable via /sys/module/apparmor/parameters |
703 | 701 | * We define special types as we want to do additional mediation. |