diff options
| author | Thomas Gleixner <tglx@linutronix.de> | 2011-05-14 12:06:36 +0200 |
|---|---|---|
| committer | Thomas Gleixner <tglx@linutronix.de> | 2011-05-14 12:06:36 +0200 |
| commit | a18f22a968de17b29f2310cdb7ba69163e65ec15 (patch) | |
| tree | a7d56d88fad5e444d7661484109758a2f436129e /security/apparmor/lsm.c | |
| parent | a1c57e0fec53defe745e64417eacdbd3618c3e66 (diff) | |
| parent | 798778b8653f64b7b2162ac70eca10367cff6ce8 (diff) | |
Merge branch 'consolidate-clksrc-i8253' of master.kernel.org:~rmk/linux-2.6-arm into timers/clocksource
Conflicts:
arch/ia64/kernel/cyclone.c
arch/mips/kernel/i8253.c
arch/x86/kernel/i8253.c
Reason: Resolve conflicts so further cleanups do not conflict further
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Diffstat (limited to 'security/apparmor/lsm.c')
| -rw-r--r-- | security/apparmor/lsm.c | 7 |
1 files changed, 3 insertions, 4 deletions
diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c index b7106f192b7..ae3a698415e 100644 --- a/security/apparmor/lsm.c +++ b/security/apparmor/lsm.c @@ -22,6 +22,7 @@ #include <linux/ctype.h> #include <linux/sysctl.h> #include <linux/audit.h> +#include <linux/user_namespace.h> #include <net/sock.h> #include "include/apparmor.h" @@ -136,11 +137,11 @@ static int apparmor_capget(struct task_struct *target, kernel_cap_t *effective, } static int apparmor_capable(struct task_struct *task, const struct cred *cred, - int cap, int audit) + struct user_namespace *ns, int cap, int audit) { struct aa_profile *profile; /* cap_capable returns 0 on success, else -EPERM */ - int error = cap_capable(task, cred, cap, audit); + int error = cap_capable(task, cred, ns, cap, audit); if (!error) { profile = aa_cred_profile(cred); if (!unconfined(profile)) @@ -693,11 +694,9 @@ static struct kernel_param_ops param_ops_aalockpolicy = { static int param_set_audit(const char *val, struct kernel_param *kp); static int param_get_audit(char *buffer, struct kernel_param *kp); -#define param_check_audit(name, p) __param_check(name, p, int) static int param_set_mode(const char *val, struct kernel_param *kp); static int param_get_mode(char *buffer, struct kernel_param *kp); -#define param_check_mode(name, p) __param_check(name, p, int) /* Flag values, also controllable via /sys/module/apparmor/parameters * We define special types as we want to do additional mediation. |