apparmor: add ns being viewed as a param to policy_admin_capable()

Prepare for a tighter pairing of user namespaces and apparmor policy namespaces, by making the ns to be viewed available. Signed-off-by: John Johansen <john.johansen@canonical.com>
2017-01-16 00:42:51 -08:00
parent 2bd8dbbf22
commit fd2a80438d
3 changed files with 16 additions and 10 deletions
--- a/security/apparmor/include/policy.h
+++ b/security/apparmor/include/policy.h
@@ -300,7 +300,7 @@ static inline int AUDIT_MODE(struct aa_profile *profile)
 }

 bool policy_view_capable(struct aa_ns *ns);
-bool policy_admin_capable(void);
+bool policy_admin_capable(struct aa_ns *ns);
 bool aa_may_manage_policy(int op);

 #endif /* __AA_POLICY_H */