apparmor: move the "conflicting profile attachments" infostr to a const declaration

Instead of having a literal, making this a constant will allow for (hacky)
detection of conflicting profile attachments from inspection of the info
pointer. This is used in the next patch to augment the information provided
through domain.c:x_to_label for ix/ux fallback.

Signed-off-by: Ryan Lee <ryan.lee@canonical.com>
Signed-off-by: John Johansen <john.johansen@canonical.com>

diff --git a/security/apparmor/domain.c b/security/apparmor/domain.c
index 4263bb1ee4a8ee02a22fb4a1b34cc9291a2fbc25..ca8cd7ea088bec0f3dfbe7233d0e499a763329bd 100644 (file)
--- a/security/apparmor/domain.c
+++ b/security/apparmor/domain.c
@@ -28,6 +28,8 @@
 #include "include/policy.h"
 #include "include/policy_ns.h"
 
+static const char * const CONFLICTING_ATTACH_STR = "conflicting profile attachments";
+
 /**
  * may_change_ptraced_domain - check if can change profile on ptraced task
  * @to_cred: cred of task changing domain
@@ -485,7 +487,7 @@ restart:
 
        if (!candidate || conflict) {
                if (conflict)
-                       *info = "conflicting profile attachments";
+                       *info = CONFLICTING_ATTACH_STR;
                rcu_read_unlock();
                return NULL;
        }