summaryrefslogtreecommitdiff
path: root/security/apparmor/secid.c
diff options
context:
space:
mode:
authorJohn Johansen <john.johansen@canonical.com>2017-01-16 00:42:17 -0800
committerJohn Johansen <john.johansen@canonical.com>2017-01-16 00:42:17 -0800
commit121d4a91e3c12ddfb167edafb9aa64cc5cc3a406 (patch)
tree2eac91ce9be962bd2c2d7600f9f86f464767d1e3 /security/apparmor/secid.c
parent98849dff90e270af3b34889b9e08252544f40b5b (diff)
apparmor: rename sid to secid
Move to common terminology with other LSMs and kernel infrastucture Signed-off-by: John Johansen <john.johansen@canonical.com>
Diffstat (limited to 'security/apparmor/secid.c')
-rw-r--r--security/apparmor/secid.c55
1 files changed, 55 insertions, 0 deletions
diff --git a/security/apparmor/secid.c b/security/apparmor/secid.c
new file mode 100644
index 000000000000..3a3edbad0b21
--- /dev/null
+++ b/security/apparmor/secid.c
@@ -0,0 +1,55 @@
+/*
+ * AppArmor security module
+ *
+ * This file contains AppArmor security identifier (secid) manipulation fns
+ *
+ * Copyright 2009-2010 Canonical Ltd.
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License as
+ * published by the Free Software Foundation, version 2 of the
+ * License.
+ *
+ *
+ * AppArmor allocates a unique secid for every profile loaded. If a profile
+ * is replaced it receives the secid of the profile it is replacing.
+ *
+ * The secid value of 0 is invalid.
+ */
+
+#include <linux/spinlock.h>
+#include <linux/errno.h>
+#include <linux/err.h>
+
+#include "include/secid.h"
+
+/* global counter from which secids are allocated */
+static u32 global_secid;
+static DEFINE_SPINLOCK(secid_lock);
+
+/* TODO FIXME: add secid to profile mapping, and secid recycling */
+
+/**
+ * aa_alloc_secid - allocate a new secid for a profile
+ */
+u32 aa_alloc_secid(void)
+{
+ u32 secid;
+
+ /*
+ * TODO FIXME: secid recycling - part of profile mapping table
+ */
+ spin_lock(&secid_lock);
+ secid = (++global_secid);
+ spin_unlock(&secid_lock);
+ return secid;
+}
+
+/**
+ * aa_free_secid - free a secid
+ * @secid: secid to free
+ */
+void aa_free_secid(u32 secid)
+{
+ ; /* NOP ATM */
+}