commit b79473f2de3eb3320e2a145da8a2ea03c7331784
author John Johansen <john.johansen@canonical.com> Mon Jan 16 00:42:47 2017 -0800
committer John Johansen <john.johansen@canonical.com> Mon Jan 16 01:18:37 2017 -0800
tree e02004ebe5b7e02d900c603d988126fb0ece719a
parent ee2351e4b07cb7e3609f8661effe0382fb23646b

apparmor: Make aa_remove_profile() callable from a different view

This is prep work for fs operations being able to remove namespaces.

Signed-off-by: John Johansen <john.johansen@canonical.com>

security/apparmor/policy.c

diff --git a/security/apparmor/policy.c b/security/apparmor/policy.c
index 046edec..0314fae 100644
--- a/security/apparmor/policy.c
+++ b/security/apparmor/policy.c
@@ -944,6 +944,7 @@
 
 /**
  * aa_remove_profiles - remove profile(s) from the system
+ * @view: namespace the remove is being done from
  * @fqname: name of the profile or namespace to remove  (NOT NULL)
  * @size: size of the name
  *
@@ -954,9 +955,9 @@
  *
  * Returns: size of data consume else error code if fails
  */
-ssize_t aa_remove_profiles(char *fqname, size_t size)
+ssize_t aa_remove_profiles(struct aa_ns *view, char *fqname, size_t size)
 {
-	struct aa_ns *root, *ns = NULL;
+	struct aa_ns *root = NULL, *ns = NULL;
 	struct aa_profile *profile = NULL;
 	const char *name = fqname, *info = NULL;
 	ssize_t error = 0;
@@ -967,7 +968,7 @@
 		goto fail;
 	}
 
-	root = aa_current_profile()->ns;
+	root = view;
 
 	if (fqname[0] == ':') {
 		char *ns_name;