summaryrefslogtreecommitdiff
path: root/security/apparmor/context.c
diff options
context:
space:
mode:
authorJohn Johansen <john.johansen@canonical.com>2013-02-19 04:05:34 +0400
committerJohn Johansen <john.johansen@canonical.com>2013-04-28 11:36:20 +0400
commit7a2871b566f34d980556072943295efd107eb53c (patch)
tree7f991bd472872e62780ba9119d8e3a3784008dfc /security/apparmor/context.c
parent0ca554b9fca425eb58325a36290deef698cef34b (diff)
downloadlinux-7a2871b566f34d980556072943295efd107eb53c.tar.xz
apparmor: use common fn to clear task_context for domain transitions
Signed-off-by: John Johansen <john.johansen@canonical.com> Acked-by: Steve Beattie <sbeattie@ubuntu.com>
Diffstat (limited to 'security/apparmor/context.c')
-rw-r--r--security/apparmor/context.c17
1 files changed, 6 insertions, 11 deletions
diff --git a/security/apparmor/context.c b/security/apparmor/context.c
index 611e6ce70b03..3f911afa2bb9 100644
--- a/security/apparmor/context.c
+++ b/security/apparmor/context.c
@@ -105,16 +105,12 @@ int aa_replace_current_profile(struct aa_profile *profile)
return -ENOMEM;
cxt = new->security;
- if (unconfined(profile) || (cxt->profile->ns != profile->ns)) {
+ if (unconfined(profile) || (cxt->profile->ns != profile->ns))
/* if switching to unconfined or a different profile namespace
* clear out context state
*/
- aa_put_profile(cxt->previous);
- aa_put_profile(cxt->onexec);
- cxt->previous = NULL;
- cxt->onexec = NULL;
- cxt->token = 0;
- }
+ aa_clear_task_cxt_trans(cxt);
+
/* be careful switching cxt->profile, when racing replacement it
* is possible that cxt->profile->replacedby is the reference keeping
* @profile valid, so make sure to get its reference before dropping
@@ -222,11 +218,10 @@ int aa_restore_previous_profile(u64 token)
aa_get_profile(cxt->profile);
aa_put_profile(cxt->previous);
}
- /* clear exec && prev information when restoring to previous context */
+ /* ref has been transfered so avoid putting ref in clear_task_cxt */
cxt->previous = NULL;
- cxt->token = 0;
- aa_put_profile(cxt->onexec);
- cxt->onexec = NULL;
+ /* clear exec && prev information when restoring to previous context */
+ aa_clear_task_cxt_trans(cxt);
commit_creds(new);
return 0;