apparmor: extend permissions to support a label and tag string

add indexes for label and tag entries. Rename the domain table to the str_table as its a shared string table with label and tags. Signed-off-by: John Johansen <john.johansen@canonical.com>
author: John Johansen <john.johansen@canonical.com> 2022-07-16 13:33:43 +0300
committer: John Johansen <john.johansen@canonical.com> 2022-10-04 00:49:03 +0300
commit: 90917d5b6866df79d892087ba51b46c983d2fcfe (patch)
tree: fe97819dd9858b6fc79a8ee06665082b5df845c4 /security/apparmor/lib.c
parent: caa9f579ca7255e9d6c25f072447d895c5928c97 (diff)
download: linux-90917d5b6866df79d892087ba51b46c983d2fcfe.tar.xz
1 files changed, 19 insertions, 0 deletions
diff --git a/security/apparmor/lib.c b/security/apparmor/lib.c
index 60deb4dc30c7..69aeb2dbd6d6 100644
--- a/security/apparmor/lib.c
+++ b/security/apparmor/lib.c
@@ -26,6 +26,25 @@ struct aa_perms allperms = { .allow = ALL_PERMS_MASK,
 			     .hide = ALL_PERMS_MASK };
 
 /**
+ * aa_free_str_table - free entries str table
+ * @str: the string table to free  (MAYBE NULL)
+ */
+void aa_free_str_table(struct aa_str_table *t)
+{
+	int i;
+
+	if (t) {
+		if (!t->table)
+			return;
+
+		for (i = 0; i < t->size; i++)
+			kfree_sensitive(t->table[i]);
+		kfree_sensitive(t->table);
+		t->table = NULL;
+	}
+}
+
+/**
  * aa_split_fqname - split a fqname into a profile and namespace name
  * @fqname: a full qualified name in namespace profile format (NOT NULL)
  * @ns_name: pointer to portion of the string containing the ns name (NOT NULL)
author	John Johansen <john.johansen@canonical.com>	2022-07-16 13:33:43 +0300
committer	John Johansen <john.johansen@canonical.com>	2022-10-04 00:49:03 +0300
commit	90917d5b6866df79d892087ba51b46c983d2fcfe (patch)
tree	fe97819dd9858b6fc79a8ee06665082b5df845c4 /security/apparmor/lib.c
parent	caa9f579ca7255e9d6c25f072447d895c5928c97 (diff)
download	linux-90917d5b6866df79d892087ba51b46c983d2fcfe.tar.xz