apparmor: add proc subdir to attrs
This patch provides a /proc/<pid>/attr/apparmor/ subdirectory. Enabling userspace to use the apparmor attributes without having to worry about collisions with selinux or smack on interface files in /proc/<pid>/attr. Signed-off-by: John Johansen <john.johansen@canonical.com>
This commit is contained in:
John Johansen
Родитель
dae6029325
Коммит
6413f852ce
|
|
@ -2645,6 +2645,15 @@ static const struct pid_entry smack_attr_dir_stuff[] = {
|
||||||
LSM_DIR_OPS(smack);
|
LSM_DIR_OPS(smack);
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
#ifdef CONFIG_SECURITY_APPARMOR
|
||||||
|
static const struct pid_entry apparmor_attr_dir_stuff[] = {
|
||||||
|
ATTR("apparmor", "current", 0666),
|
||||||
|
ATTR("apparmor", "prev", 0444),
|
||||||
|
ATTR("apparmor", "exec", 0666),
|
||||||
|
};
|
||||||
|
LSM_DIR_OPS(apparmor);
|
||||||
|
#endif
|
||||||
|
|
||||||
static const struct pid_entry attr_dir_stuff[] = {
|
static const struct pid_entry attr_dir_stuff[] = {
|
||||||
ATTR(NULL, "current", 0666),
|
ATTR(NULL, "current", 0666),
|
||||||
ATTR(NULL, "prev", 0444),
|
ATTR(NULL, "prev", 0444),
|
||||||
|
|
@ -2656,6 +2665,10 @@ static const struct pid_entry attr_dir_stuff[] = {
|
||||||
DIR("smack", 0555,
|
DIR("smack", 0555,
|
||||||
proc_smack_attr_dir_inode_ops, proc_smack_attr_dir_ops),
|
proc_smack_attr_dir_inode_ops, proc_smack_attr_dir_ops),
|
||||||
#endif
|
#endif
|
||||||
|
#ifdef CONFIG_SECURITY_APPARMOR
|
||||||
|
DIR("apparmor", 0555,
|
||||||
|
proc_apparmor_attr_dir_inode_ops, proc_apparmor_attr_dir_ops),
|
||||||
|
#endif
|
||||||
};
|
};
|
||||||
|
|
||||||
static int proc_attr_dir_readdir(struct file *file, struct dir_context *ctx)
|
static int proc_attr_dir_readdir(struct file *file, struct dir_context *ctx)
|
||||||
|
|
|
||||||
Загрузка…
Ссылка в новой задаче