Merge tag 'apparmor-pr-2021-11-10' of git://git.kernel.org/pub/scm/linux/kernel/git...

[platform/kernel/linux-starfive.git] / security / apparmor / apparmorfs.c

diff --git a/security/apparmor/apparmorfs.c b/security/apparmor/apparmorfs.c
index 2ee3b3d..0797edb 100644 (file)
--- a/security/apparmor/apparmorfs.c
+++ b/security/apparmor/apparmorfs.c
@@ -812,8 +812,6 @@ struct multi_transaction {
 };
 
 #define MULTI_TRANSACTION_LIMIT (PAGE_SIZE - sizeof(struct multi_transaction))
-/* TODO: replace with per file lock */
-static DEFINE_SPINLOCK(multi_transaction_lock);
 
 static void multi_transaction_kref(struct kref *kref)
 {
@@ -847,10 +845,10 @@ static void multi_transaction_set(struct file *file,
        AA_BUG(n > MULTI_TRANSACTION_LIMIT);
 
        new->size = n;
-       spin_lock(&multi_transaction_lock);
+       spin_lock(&file->f_lock);
        old = (struct multi_transaction *) file->private_data;
        file->private_data = new;
-       spin_unlock(&multi_transaction_lock);
+       spin_unlock(&file->f_lock);
        put_multi_transaction(old);
 }
 
@@ -879,9 +877,10 @@ static ssize_t multi_transaction_read(struct file *file, char __user *buf,
        struct multi_transaction *t;
        ssize_t ret;
 
-       spin_lock(&multi_transaction_lock);
+       spin_lock(&file->f_lock);
        t = get_multi_transaction(file->private_data);
-       spin_unlock(&multi_transaction_lock);
+       spin_unlock(&file->f_lock);
+
        if (!t)
                return 0;
 
@@ -1358,7 +1357,7 @@ static int rawdata_open(struct inode *inode, struct file *file)
        struct aa_loaddata *loaddata;
        struct rawdata_f_data *private;
 
-       if (!policy_view_capable(NULL))
+       if (!aa_current_policy_view_capable(NULL))
                return -EACCES;
 
        loaddata = __aa_get_loaddata(inode->i_private);
@@ -2114,7 +2113,7 @@ static struct aa_profile *__first_profile(struct aa_ns *root,
 
 /**
  * __next_profile - step to the next profile in a profile tree
- * @profile: current profile in tree (NOT NULL)
+ * @p: current profile in tree (NOT NULL)
  *
  * Perform a depth first traversal on the profile tree in a namespace
  *
@@ -2265,7 +2264,7 @@ static const struct seq_operations aa_sfs_profiles_op = {
 
 static int profiles_open(struct inode *inode, struct file *file)
 {
-       if (!policy_view_capable(NULL))
+       if (!aa_current_policy_view_capable(NULL))
                return -EACCES;
 
        return seq_open(file, &aa_sfs_profiles_op);