mirror of
https://github.com/edk2-porting/linux-next.git
synced 2024-11-20 00:26:39 +08:00
Smack: don't show empty rules when /smack/load or /smack/load2 is read
This patch removes empty rules (i.e. with access set to '-') from the rule list presented to user space. Smack by design never removes labels nor rules from its lists. Access for a rule may be set to '-' to effectively disable it. Such rules would show up in the listing generated when /smack/load or /smack/load2 is read. This may cause clutter if many rules were disabled. As a rule with access set to '-' is equivalent to no rule at all, they may be safely hidden from the listing. Targeted for git://git.gitorious.org/smack-next/kernel.git Signed-off-by: Rafal Krypa <r.krypa@samsung.com> Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
This commit is contained in:
parent
3518721a89
commit
65ee7f45cf
@ -518,6 +518,9 @@ static void smk_rule_show(struct seq_file *s, struct smack_rule *srp, int max)
|
||||
if (strlen(srp->smk_subject) >= max || strlen(srp->smk_object) >= max)
|
||||
return;
|
||||
|
||||
if (srp->smk_access == 0)
|
||||
return;
|
||||
|
||||
seq_printf(s, "%s %s", srp->smk_subject, srp->smk_object);
|
||||
|
||||
seq_putc(s, ' ');
|
||||
@ -532,8 +535,6 @@ static void smk_rule_show(struct seq_file *s, struct smack_rule *srp, int max)
|
||||
seq_putc(s, 'a');
|
||||
if (srp->smk_access & MAY_TRANSMUTE)
|
||||
seq_putc(s, 't');
|
||||
if (srp->smk_access == 0)
|
||||
seq_putc(s, '-');
|
||||
|
||||
seq_putc(s, '\n');
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user