projects / platform / kernel / linux-starfive.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 92de220) | patch
apparmor: switch to apparmor to internal capable check for policy management
authorJohn Johansen <john.johansen@canonical.com>
Wed, 1 Jul 2020 09:18:18 +0000 (02:18 -0700)
committerJohn Johansen <john.johansen@canonical.com>
Sun, 7 Feb 2021 12:14:57 +0000 (04:14 -0800)
commit31ec99e13346c22a7c8ca18e044684a870063cef
treeb5e94a01244c0f7610363e9b4548b9e981adc735tree | snapshot
parent92de220a7f336367127351da58cff691da5bb17bcommit | diff
apparmor: switch to apparmor to internal capable check for policy management

With LSM stacking calling back into capable to check for MAC_ADMIN
for apparmor policy results in asking the other stacked LSMs for
MAC_ADMIN resulting in the other LSMs answering based on their
policy management.

For apparmor policy management we just need to call apparmor's
capability fn directly.

Signed-off-by: John Johansen <john.johansen@canonical.com>
security/apparmor/policy.c diff | blob | history
Domain: System / Kernel;