diff options
author | John Johansen <john.johansen@canonical.com> | 2017-01-16 00:42:17 -0800 |
---|---|---|
committer | John Johansen <john.johansen@canonical.com> | 2017-01-16 00:42:17 -0800 |
commit | 121d4a91e3c12ddfb167edafb9aa64cc5cc3a406 (patch) | |
tree | 2eac91ce9be962bd2c2d7600f9f86f464767d1e3 /security/apparmor/secid.c | |
parent | 98849dff90e270af3b34889b9e08252544f40b5b (diff) |
apparmor: rename sid to secid
Move to common terminology with other LSMs and kernel infrastucture
Signed-off-by: John Johansen <john.johansen@canonical.com>
Diffstat (limited to 'security/apparmor/secid.c')
-rw-r--r-- | security/apparmor/secid.c | 55 |
1 files changed, 55 insertions, 0 deletions
diff --git a/security/apparmor/secid.c b/security/apparmor/secid.c new file mode 100644 index 000000000000..3a3edbad0b21 --- /dev/null +++ b/security/apparmor/secid.c @@ -0,0 +1,55 @@ +/* + * AppArmor security module + * + * This file contains AppArmor security identifier (secid) manipulation fns + * + * Copyright 2009-2010 Canonical Ltd. + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License as + * published by the Free Software Foundation, version 2 of the + * License. + * + * + * AppArmor allocates a unique secid for every profile loaded. If a profile + * is replaced it receives the secid of the profile it is replacing. + * + * The secid value of 0 is invalid. + */ + +#include <linux/spinlock.h> +#include <linux/errno.h> +#include <linux/err.h> + +#include "include/secid.h" + +/* global counter from which secids are allocated */ +static u32 global_secid; +static DEFINE_SPINLOCK(secid_lock); + +/* TODO FIXME: add secid to profile mapping, and secid recycling */ + +/** + * aa_alloc_secid - allocate a new secid for a profile + */ +u32 aa_alloc_secid(void) +{ + u32 secid; + + /* + * TODO FIXME: secid recycling - part of profile mapping table + */ + spin_lock(&secid_lock); + secid = (++global_secid); + spin_unlock(&secid_lock); + return secid; +} + +/** + * aa_free_secid - free a secid + * @secid: secid to free + */ +void aa_free_secid(u32 secid) +{ + ; /* NOP ATM */ +} |