AppArmor: Update dfa matching routines.

Update aa_dfa_match so that it doesn't result in an input string being walked twice (once to get its length and another time to match) Add a single step functions aa_dfa_next Signed-off-by: John Johansen <john.johansen@canonical.com> Acked-by: Kees Cook <kees@ubuntu.com>
2012-02-16 06:20:26 -08:00 · 2012-02-16 06:20:26 -08:00 · 0fe1212d05
commit 0fe1212d05
parent 3372b68a3c
3 changed files with 81 additions and 4 deletions
--- a/security/apparmor/include/apparmor.h
+++ b/security/apparmor/include/apparmor.h
@ -81,7 +81,7 @@ static inline unsigned int aa_dfa_null_transition(struct aa_dfa *dfa,
 						  unsigned int start)
 {
 	/* the null transition only needs the string's null terminator byte */
-	return aa_dfa_match_len(dfa, start, "", 1);
+	return aa_dfa_next(dfa, start, 0);
 }

 static inline bool mediated_filesystem(struct inode *inode)