apparmor: pass cred through to audit info.

[ Upstream commit 90c436a64a6e20482a9a613c47eb4af2e8a5328e ] The cred is needed to properly audit some messages, and will be needed in the future for uid conditional mediation. So pass it through to where the apparmor_audit_data struct gets defined. Reviewed-by: Georgia Garcia <georgia.garcia@canonical.com> Signed-off-by: John Johansen <john.johansen@canonical.com> Stable-dep-of: 157a3537d6bc ("apparmor: Fix regression in mount mediation") Signed-off-by: Sasha Levin <sashal@kernel.org>
author: John Johansen <john.johansen@canonical.com> 2022-09-20 06:48:48 +0300
committer: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 2023-11-28 20:20:07 +0300
commit: 690f33e1edf5cd996b54094409de0067ae3fa216 (patch)
tree: bf88ba28f66e1bfa25301032c491b14a88266b94 /security/apparmor/include/capability.h
parent: 30b3669d40ad2400dfac75d1250596b5b0cb241b (diff)
download: linux-690f33e1edf5cd996b54094409de0067ae3fa216.tar.xz
1 files changed, 2 insertions, 1 deletions
diff --git a/security/apparmor/include/capability.h b/security/apparmor/include/capability.h
index d420e2d10b31..d6dcc604ec0c 100644
--- a/security/apparmor/include/capability.h
+++ b/security/apparmor/include/capability.h
@@ -36,7 +36,8 @@ struct aa_caps {
 
 extern struct aa_sfs_entry aa_sfs_entry_caps[];
 
-int aa_capable(struct aa_label *label, int cap, unsigned int opts);
+int aa_capable(const struct cred *subj_cred, struct aa_label *label,
+	       int cap, unsigned int opts);
 
 static inline void aa_free_cap_rules(struct aa_caps *caps)
 {
author	John Johansen <john.johansen@canonical.com>	2022-09-20 06:48:48 +0300
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>	2023-11-28 20:20:07 +0300
commit	690f33e1edf5cd996b54094409de0067ae3fa216 (patch)
tree	bf88ba28f66e1bfa25301032c491b14a88266b94 /security/apparmor/include/capability.h
parent	30b3669d40ad2400dfac75d1250596b5b0cb241b (diff)
download	linux-690f33e1edf5cd996b54094409de0067ae3fa216.tar.xz