apparmor: Make aa_remove_profile() callable from a different view
This is prep work for fs operations being able to remove namespaces. Signed-off-by: John Johansen <john.johansen@canonical.com>
This commit is contained in:
parent
ee2351e4b0
commit
b79473f2de
@ -180,7 +180,8 @@ static ssize_t profile_remove(struct file *f, const char __user *buf,
|
||||
error = PTR_ERR(data);
|
||||
if (!IS_ERR(data)) {
|
||||
data[size] = 0;
|
||||
error = aa_remove_profiles(data, size);
|
||||
error = aa_remove_profiles(__aa_current_profile()->ns, data,
|
||||
size);
|
||||
kvfree(data);
|
||||
}
|
||||
|
||||
|
@ -187,7 +187,7 @@ struct aa_profile *aa_match_profile(struct aa_ns *ns, const char *name);
|
||||
|
||||
ssize_t aa_replace_profiles(struct aa_ns *view, void *udata, size_t size,
|
||||
bool noreplace);
|
||||
ssize_t aa_remove_profiles(char *name, size_t size);
|
||||
ssize_t aa_remove_profiles(struct aa_ns *view, char *name, size_t size);
|
||||
void __aa_profile_list_release(struct list_head *head);
|
||||
|
||||
#define PROF_ADD 1
|
||||
|
@ -944,6 +944,7 @@ free:
|
||||
|
||||
/**
|
||||
* aa_remove_profiles - remove profile(s) from the system
|
||||
* @view: namespace the remove is being done from
|
||||
* @fqname: name of the profile or namespace to remove (NOT NULL)
|
||||
* @size: size of the name
|
||||
*
|
||||
@ -954,9 +955,9 @@ free:
|
||||
*
|
||||
* Returns: size of data consume else error code if fails
|
||||
*/
|
||||
ssize_t aa_remove_profiles(char *fqname, size_t size)
|
||||
ssize_t aa_remove_profiles(struct aa_ns *view, char *fqname, size_t size)
|
||||
{
|
||||
struct aa_ns *root, *ns = NULL;
|
||||
struct aa_ns *root = NULL, *ns = NULL;
|
||||
struct aa_profile *profile = NULL;
|
||||
const char *name = fqname, *info = NULL;
|
||||
ssize_t error = 0;
|
||||
@ -967,7 +968,7 @@ ssize_t aa_remove_profiles(char *fqname, size_t size)
|
||||
goto fail;
|
||||
}
|
||||
|
||||
root = aa_current_profile()->ns;
|
||||
root = view;
|
||||
|
||||
if (fqname[0] == ':') {
|
||||
char *ns_name;
|
||||
|
Loading…
Reference in New Issue
Block a user