diff --git a/security/apparmor/include/context.h b/security/apparmor/include/context.h index 5b18fedab4c898afe9539e09cbd5332a13a762e9..420cfd04121850d5f15e505c0e502815f3228e21 100644 --- a/security/apparmor/include/context.h +++ b/security/apparmor/include/context.h @@ -25,38 +25,6 @@ #define cred_ctx(X) ((X)->security) #define current_ctx() cred_ctx(current_cred()) -/* struct aa_file_ctx - the AppArmor context the file was opened in - * @perms: the permission the file was opened with - * - * The file_ctx could currently be directly stored in file->f_security - * as the profile reference is now stored in the f_cred. However the - * ctx struct will expand in the future so we keep the struct. - */ -struct aa_file_ctx { - u16 allow; -}; - -/** - * aa_alloc_file_context - allocate file_ctx - * @gfp: gfp flags for allocation - * - * Returns: file_ctx or NULL on failure - */ -static inline struct aa_file_ctx *aa_alloc_file_context(gfp_t gfp) -{ - return kzalloc(sizeof(struct aa_file_ctx), gfp); -} - -/** - * aa_free_file_context - free a file_ctx - * @ctx: file_ctx to free (MAYBE_NULL) - */ -static inline void aa_free_file_context(struct aa_file_ctx *ctx) -{ - if (ctx) - kzfree(ctx); -} - /** * struct aa_task_ctx - primary label for confined tasks * @profile: the current profile (NOT NULL) diff --git a/security/apparmor/include/file.h b/security/apparmor/include/file.h index 38f821bf49b6df18ee8ffec39b6acba123671dcb..eba39cb25f0261264e1143d838007acad98016fa 100644 --- a/security/apparmor/include/file.h +++ b/security/apparmor/include/file.h @@ -47,6 +47,38 @@ struct path; AA_MAY_CHMOD | AA_MAY_CHOWN | AA_MAY_LOCK | \ AA_EXEC_MMAP | AA_MAY_LINK) +/* struct aa_file_ctx - the AppArmor context the file was opened in + * @perms: the permission the file was opened with + * + * The file_ctx could currently be directly stored in file->f_security + * as the profile reference is now stored in the f_cred. However the + * ctx struct will expand in the future so we keep the struct. + */ +struct aa_file_ctx { + u16 allow; +}; + +/** + * aa_alloc_file_context - allocate file_ctx + * @gfp: gfp flags for allocation + * + * Returns: file_ctx or NULL on failure + */ +static inline struct aa_file_ctx *aa_alloc_file_context(gfp_t gfp) +{ + return kzalloc(sizeof(struct aa_file_ctx), gfp); +} + +/** + * aa_free_file_context - free a file_ctx + * @ctx: file_ctx to free (MAYBE_NULL) + */ +static inline void aa_free_file_context(struct aa_file_ctx *ctx) +{ + if (ctx) + kzfree(ctx); +} + /* * The xindex is broken into 3 parts * - index - an index into either the exec name table or the variable table