apparmor: track ns level so it can be used to help in view checks

Signed-off-by: John Johansen <john.johansen@canonical.com>

diff --git a/security/apparmor/policy_ns.c b/security/apparmor/policy_ns.c
index 1e19bd3..93d1826 100644 (file)
--- a/security/apparmor/policy_ns.c
+++ b/security/apparmor/policy_ns.c
@@ -204,6 +204,7 @@ static struct aa_ns *__aa_create_ns(struct aa_ns *parent, const char *name,
                return ERR_PTR(error);
        }
        ns->parent = aa_get_ns(parent);
+       ns->level = parent->level + 1;
        list_add_rcu(&ns->base.list, &parent->sub_ns);
        /* add list ref */
        aa_get_ns(ns);