提交 8486adf0 编写于 作者: K Kees Cook 提交者: John Johansen

apparmor: use designated initializers

Prepare to mark sensitive kernel structures for randomization by making
sure they're using designated initializers. These were identified during
allyesconfig builds of x86, arm, and arm64, with most initializer fixes
extracted from grsecurity.
Signed-off-by: NKees Cook <keescook@chromium.org>
Signed-off-by: NJohn Johansen <john.johansen@canonical.com>
上级 a7f6c1b6
...@@ -349,8 +349,8 @@ static inline bool xindex_is_subset(u32 link, u32 target) ...@@ -349,8 +349,8 @@ static inline bool xindex_is_subset(u32 link, u32 target)
int aa_path_link(struct aa_profile *profile, struct dentry *old_dentry, int aa_path_link(struct aa_profile *profile, struct dentry *old_dentry,
const struct path *new_dir, struct dentry *new_dentry) const struct path *new_dir, struct dentry *new_dentry)
{ {
struct path link = { new_dir->mnt, new_dentry }; struct path link = { .mnt = new_dir->mnt, .dentry = new_dentry };
struct path target = { new_dir->mnt, old_dentry }; struct path target = { .mnt = new_dir->mnt, .dentry = old_dentry };
struct path_cond cond = { struct path_cond cond = {
d_backing_inode(old_dentry)->i_uid, d_backing_inode(old_dentry)->i_uid,
d_backing_inode(old_dentry)->i_mode d_backing_inode(old_dentry)->i_mode
......
...@@ -176,7 +176,7 @@ static int common_perm_dir_dentry(int op, const struct path *dir, ...@@ -176,7 +176,7 @@ static int common_perm_dir_dentry(int op, const struct path *dir,
struct dentry *dentry, u32 mask, struct dentry *dentry, u32 mask,
struct path_cond *cond) struct path_cond *cond)
{ {
struct path path = { dir->mnt, dentry }; struct path path = { .mnt = dir->mnt, .dentry = dentry };
return common_perm(op, &path, mask, cond); return common_perm(op, &path, mask, cond);
} }
...@@ -306,8 +306,10 @@ static int apparmor_path_rename(const struct path *old_dir, struct dentry *old_d ...@@ -306,8 +306,10 @@ static int apparmor_path_rename(const struct path *old_dir, struct dentry *old_d
profile = aa_current_profile(); profile = aa_current_profile();
if (!unconfined(profile)) { if (!unconfined(profile)) {
struct path old_path = { old_dir->mnt, old_dentry }; struct path old_path = { .mnt = old_dir->mnt,
struct path new_path = { new_dir->mnt, new_dentry }; .dentry = old_dentry };
struct path new_path = { .mnt = new_dir->mnt,
.dentry = new_dentry };
struct path_cond cond = { d_backing_inode(old_dentry)->i_uid, struct path_cond cond = { d_backing_inode(old_dentry)->i_uid,
d_backing_inode(old_dentry)->i_mode d_backing_inode(old_dentry)->i_mode
}; };
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册