apparmor: move to per loaddata files, instead of replicating in profiles

The loaddata sets cover more than just a single profile and should be tracked at the ns level. Move the load data files under the namespace and reference the files from the profiles via a symlink. Signed-off-by: John Johansen <john.johansen@canonical.com> Reviewed-by: Seth Arnold <seth.arnold@canonical.com> Reviewed-by: Kees Cook <keescook@chromium.org>
author: John Johansen <john.johansen@canonical.com> 2017-05-09 10:08:41 +0300
committer: John Johansen <john.johansen@canonical.com> 2017-06-08 22:51:49 +0300
commit: 5d5182cae40115c03933989473288e54afb39c7c (patch)
tree: ad17fd4482d130039eb61b62e9c32ef3fa283d04 /security/apparmor/policy_ns.c
parent: 6623ec7c4dbe18a5a2878e2d888be70d08a91826 (diff)
download: linux-5d5182cae40115c03933989473288e54afb39c7c.tar.xz
1 files changed, 1 insertions, 0 deletions
diff --git a/security/apparmor/policy_ns.c b/security/apparmor/policy_ns.c
index 93d1826c4b09..c94ec6ef9e35 100644
--- a/security/apparmor/policy_ns.c
+++ b/security/apparmor/policy_ns.c
@@ -99,6 +99,7 @@ static struct aa_ns *alloc_ns(const char *prefix, const char *name)
 		goto fail_ns;
 
 	INIT_LIST_HEAD(&ns->sub_ns);
+	INIT_LIST_HEAD(&ns->rawdata_list);
 	mutex_init(&ns->lock);
 
 	/* released by aa_free_ns() */
author	John Johansen <john.johansen@canonical.com>	2017-05-09 10:08:41 +0300
committer	John Johansen <john.johansen@canonical.com>	2017-06-08 22:51:49 +0300
commit	5d5182cae40115c03933989473288e54afb39c7c (patch)
tree	ad17fd4482d130039eb61b62e9c32ef3fa283d04 /security/apparmor/policy_ns.c
parent	6623ec7c4dbe18a5a2878e2d888be70d08a91826 (diff)
download	linux-5d5182cae40115c03933989473288e54afb39c7c.tar.xz