apparmor: move to per loaddata files, instead of replicating in profiles
authorJohn Johansen <john.johansen@canonical.com>
Tue, 9 May 2017 07:08:41 +0000 (00:08 -0700)
committerJohn Johansen <john.johansen@canonical.com>
Thu, 8 Jun 2017 19:51:49 +0000 (12:51 -0700)
commit5d5182cae40115c03933989473288e54afb39c7c
treead17fd4482d130039eb61b62e9c32ef3fa283d04
parent6623ec7c4dbe18a5a2878e2d888be70d08a91826
apparmor: move to per loaddata files, instead of replicating in profiles

The loaddata sets cover more than just a single profile and should
be tracked at the ns level. Move the load data files under the namespace
and reference the files from the profiles via a symlink.

Signed-off-by: John Johansen <john.johansen@canonical.com>
Reviewed-by: Seth Arnold <seth.arnold@canonical.com>
Reviewed-by: Kees Cook <keescook@chromium.org>
security/apparmor/apparmorfs.c
security/apparmor/include/apparmorfs.h
security/apparmor/include/policy_ns.h
security/apparmor/include/policy_unpack.h
security/apparmor/policy.c
security/apparmor/policy_ns.c
security/apparmor/policy_unpack.c