apparmor: account for in_atomic removal in common_file_perm

[ Upstream commit 9b829c0aa96e9385b1e9a308d3eb054b95fbeda2 ] If we are not in an atomic context in common_file_perm, then we don't have to use the atomic versions, resulting in improved performance outside of atomic contexts. Signed-off-by: Ryan Lee <ryan.lee@canonical.com> Signed-off-by: John Johansen <john.johansen@canonical.com> Stable-dep-of: 4a134723f9f1 ("apparmor: move check for aa_null file to cover all cases") Signed-off-by: Sasha Levin <sashal@kernel.org>
author: Ryan Lee <ryan.lee@canonical.com> 2026-01-07 11:47:02 -0800
committer: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 2026-02-26 15:01:34 -0800
commit: d201732418d50a00f0ed6e64801e305a940900f0 (patch)
tree: f0ecf45954801f74738d9c62d0419ffe95e7f2a1 /security
parent: bbd1b4e2f5ce552e25331981e5459f15eafa4124 (diff)
1 files changed, 2 insertions, 3 deletions
diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c
index e59e9bc7250b..f47d60d8c40a 100644
--- a/security/apparmor/lsm.c
+++ b/security/apparmor/lsm.c
@@ -524,15 +524,14 @@ static int common_file_perm(const char *op, struct file *file, u32 mask)
 {
 	struct aa_label *label;
 	int error = 0;
-	bool needput;
 
 	/* don't reaudit files closed during inheritance */
 	if (unlikely(file->f_path.dentry == aa_null.dentry))
 		return -EACCES;
 
-	label = __begin_current_label_crit_section(&needput);
+	label = begin_current_label_crit_section();
 	error = aa_file_perm(op, current_cred(), label, file, mask, false);
-	__end_current_label_crit_section(label, needput);
+	end_current_label_crit_section(label);
 
 	return error;
 }
author	Ryan Lee <ryan.lee@canonical.com>	2026-01-07 11:47:02 -0800
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>	2026-02-26 15:01:34 -0800
commit	d201732418d50a00f0ed6e64801e305a940900f0 (patch)
tree	f0ecf45954801f74738d9c62d0419ffe95e7f2a1 /security
parent	bbd1b4e2f5ce552e25331981e5459f15eafa4124 (diff)