mirror of https://github.com/torvalds/linux.git
796c146fa6
This patch doesn't change current functionality, it switches the two uses of the in_ns fns and macros into the two semantically different cases they are used for. xxx_in_scope for checking mediation interaction between profiles xxx_in_view to determine which profiles are visible.The scope will always be a subset of the view as profiles that can not see each other can not interact. The split can not be completely done for label_match because it has to distinct uses matching permission against label in scope, and checking if a transition to a profile is allowed. The transition to a profile can include profiles that are in view but not in scope, so retain this distinction as a parameter. While at the moment the two uses are very similar, in the future there will be additional differences. So make sure the semantics differences are present in the code. Reviewed-by: Georgia Garcia <georgia.garcia@canonical.com> Signed-off-by: John Johansen <john.johansen@canonical.com> |
||
|---|---|---|
| .. | ||
| af_unix.h | ||
| apparmor.h | ||
| apparmorfs.h | ||
| audit.h | ||
| capability.h | ||
| cred.h | ||
| crypto.h | ||
| domain.h | ||
| file.h | ||
| ipc.h | ||
| label.h | ||
| lib.h | ||
| match.h | ||
| mount.h | ||
| net.h | ||
| path.h | ||
| perms.h | ||
| policy.h | ||
| policy_compat.h | ||
| policy_ns.h | ||
| policy_unpack.h | ||
| procattr.h | ||
| resource.h | ||
| secid.h | ||
| sig_names.h | ||
| signal.h | ||
| task.h | ||