diff options
-rw-r--r-- | security/apparmor/apparmorfs.c | 4 | ||||
-rw-r--r-- | security/apparmor/include/apparmor.h | 11 | ||||
-rw-r--r-- | security/apparmor/lsm.c | 5 |
3 files changed, 15 insertions, 5 deletions
diff --git a/security/apparmor/apparmorfs.c b/security/apparmor/apparmorfs.c index ddd64b8ebf05..2c138309ad66 100644 --- a/security/apparmor/apparmorfs.c +++ b/security/apparmor/apparmorfs.c @@ -1202,13 +1202,13 @@ static int seq_ns_name_show(struct seq_file *seq, void *v) static int seq_ns_compress_min_show(struct seq_file *seq, void *v) { - seq_printf(seq, "%d\n", zstd_min_clevel()); + seq_printf(seq, "%d\n", AA_MIN_CLEVEL); return 0; } static int seq_ns_compress_max_show(struct seq_file *seq, void *v) { - seq_printf(seq, "%d\n", zstd_max_clevel()); + seq_printf(seq, "%d\n", AA_MAX_CLEVEL); return 0; } diff --git a/security/apparmor/include/apparmor.h b/security/apparmor/include/apparmor.h index 6d9ca075fcb9..8a81557c9d59 100644 --- a/security/apparmor/include/apparmor.h +++ b/security/apparmor/include/apparmor.h @@ -51,4 +51,15 @@ extern bool aa_g_logsyscall; extern bool aa_g_paranoid_load; extern unsigned int aa_g_path_max; +#ifdef CONFIG_SECURITY_APPARMOR_EXPORT_BINARY +#define AA_MIN_CLEVEL zstd_min_clevel() +#define AA_MAX_CLEVEL zstd_max_clevel() +#define AA_DEFAULT_CLEVEL ZSTD_CLEVEL_DEFAULT +#else +#define AA_MIN_CLEVEL 0 +#define AA_MAX_CLEVEL 0 +#define AA_DEFAULT_CLEVEL 0 +#endif /* CONFIG_SECURITY_APPARMOR_EXPORT_BINARY */ + + #endif /* __APPARMOR_H */ diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c index a22e53e44123..8e2b951c4988 100644 --- a/security/apparmor/lsm.c +++ b/security/apparmor/lsm.c @@ -1365,7 +1365,7 @@ module_param_named(export_binary, aa_g_export_binary, aabool, 0600); #endif /* policy loaddata compression level */ -int aa_g_rawdata_compression_level = ZSTD_CLEVEL_DEFAULT; +int aa_g_rawdata_compression_level = AA_DEFAULT_CLEVEL; module_param_named(rawdata_compression_level, aa_g_rawdata_compression_level, aacompressionlevel, 0400); @@ -1547,8 +1547,7 @@ static int param_set_aacompressionlevel(const char *val, error = param_set_int(val, kp); aa_g_rawdata_compression_level = clamp(aa_g_rawdata_compression_level, - zstd_min_clevel(), - zstd_max_clevel()); + AA_MIN_CLEVEL, AA_MAX_CLEVEL); pr_info("AppArmor: policy rawdata compression level set to %d\n", aa_g_rawdata_compression_level); |