path: root/security/apparmor/label.c
diff options
authorJohn Johansen <>2017-07-31 17:36:45 -0700
committerJohn Johansen <>2018-05-02 00:48:55 -0700
commitc092921219d227b13cb80dbecd3545ee66ab89b3 (patch)
tree9047e3ecae86ec35208de3a2f60ed31f3c7a3e1b /security/apparmor/label.c
parent552c69b36ebd966186573b9c7a286b390935cce1 (diff)
apparmor: add support for mapping secids and using secctxes
Use a radix tree to provide a map between the secid and the label, and along with it a basic ability to provide secctx conversion. Shared/cached secctx will be added later. Signed-off-by: John Johansen <>
Diffstat (limited to 'security/apparmor/label.c')
1 files changed, 3 insertions, 3 deletions
diff --git a/security/apparmor/label.c b/security/apparmor/label.c
index 523250e34837..152352755869 100644
--- a/security/apparmor/label.c
+++ b/security/apparmor/label.c
@@ -402,12 +402,12 @@ static void label_free_or_put_new(struct aa_label *label, struct aa_label *new)
-bool aa_label_init(struct aa_label *label, int size)
+bool aa_label_init(struct aa_label *label, int size, gfp_t gfp)
AA_BUG(size < 1);
- label->secid = aa_alloc_secid();
+ label->secid = aa_alloc_secid(label, gfp);
if (label->secid == AA_SECID_INVALID)
return false;
@@ -441,7 +441,7 @@ struct aa_label *aa_label_alloc(int size, struct aa_proxy *proxy, gfp_t gfp)
if (!new)
goto fail;
- if (!aa_label_init(new, size))
+ if (!aa_label_init(new, size, gfp))
goto fail;
if (!proxy) {