apparmor: add profile and ns params to aa_may_manage_policy()

Policy management will be expanded beyond traditional unconfined root. This will require knowning the profile of the task doing the management and the ns view. Signed-off-by: John Johansen <john.johansen@canonical.com>
author: John Johansen <john.johansen@canonical.com> 2017-01-16 11:42:52 +0300
committer: John Johansen <john.johansen@canonical.com> 2017-01-16 12:18:40 +0300
commit: 078c73c63fb2878689da334f112507639c72c14f (patch)
tree: a1e4ea3567f70f0863b35faac815e2658af8473e /security/apparmor/include
parent: fd2a80438d736012129977bec779db093979057e (diff)
download: linux-078c73c63fb2878689da334f112507639c72c14f.tar.xz
1 files changed, 1 insertions, 1 deletions
diff --git a/security/apparmor/include/policy.h b/security/apparmor/include/policy.h
index 27f9171fa31f..95641e235d47 100644
--- a/security/apparmor/include/policy.h
+++ b/security/apparmor/include/policy.h
@@ -301,6 +301,6 @@ static inline int AUDIT_MODE(struct aa_profile *profile)
 
 bool policy_view_capable(struct aa_ns *ns);
 bool policy_admin_capable(struct aa_ns *ns);
-bool aa_may_manage_policy(int op);
+int aa_may_manage_policy(struct aa_profile *profile, struct aa_ns *ns, int op);
 
 #endif /* __AA_POLICY_H */
author	John Johansen <john.johansen@canonical.com>	2017-01-16 11:42:52 +0300
committer	John Johansen <john.johansen@canonical.com>	2017-01-16 12:18:40 +0300
commit	078c73c63fb2878689da334f112507639c72c14f (patch)
tree	a1e4ea3567f70f0863b35faac815e2658af8473e /security/apparmor/include
parent	fd2a80438d736012129977bec779db093979057e (diff)
download	linux-078c73c63fb2878689da334f112507639c72c14f.tar.xz