Commit e76d733b authored by Ryan Lee's avatar Ryan Lee Committed by John Johansen
Browse files

apparmor: move the "conflicting profile attachments" infostr to a const declaration 



Instead of having a literal, making this a constant will allow for (hacky)
detection of conflicting profile attachments from inspection of the info
pointer. This is used in the next patch to augment the information provided
through domain.c:x_to_label for ix/ux fallback.

Signed-off-by: default avatarRyan Lee <ryan.lee@canonical.com>
Signed-off-by: default avatarJohn Johansen <john.johansen@canonical.com>
parent 89a3561e

security/apparmor/domain.c

+3 −1
Original line number Diff line number Diff line
@@ -28,6 +28,8 @@ 
#include "include/policy.h"

#include "include/policy_ns.h"



static const char * const CONFLICTING_ATTACH_STR = "conflicting profile attachments";



/**

 * may_change_ptraced_domain - check if can change profile on ptraced task

 * @to_cred: cred of task changing domain
@@ -485,7 +487,7 @@ static struct aa_label *find_attach(const struct linux_binprm *bprm, 


	if (!candidate || conflict) {

		if (conflict)

			*info = "conflicting profile attachments";

			*info = CONFLICTING_ATTACH_STR;

		rcu_read_unlock();

		return NULL;

	}