diff options
author | John Johansen <john.johansen@canonical.com> | 2019-02-04 05:23:14 -0800 |
---|---|---|
committer | John Johansen <john.johansen@canonical.com> | 2020-01-18 15:38:21 -0800 |
commit | 6413f852ce086c0f95817012c08d481ce24d8b1a (patch) | |
tree | 687db9de0b06cf7392df4f0d99f309a86ecafded /fs/proc | |
parent | dae6029325a4744e639eb048c13f53c24320aeda (diff) |
apparmor: add proc subdir to attrs
This patch provides a /proc/<pid>/attr/apparmor/
subdirectory. Enabling userspace to use the apparmor attributes
without having to worry about collisions with selinux or smack on
interface files in /proc/<pid>/attr.
Signed-off-by: John Johansen <john.johansen@canonical.com>
Diffstat (limited to 'fs/proc')
-rw-r--r-- | fs/proc/base.c | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/fs/proc/base.c b/fs/proc/base.c index ebea9501afb8..7bc192465e39 100644 --- a/fs/proc/base.c +++ b/fs/proc/base.c @@ -2645,6 +2645,15 @@ static const struct pid_entry smack_attr_dir_stuff[] = { LSM_DIR_OPS(smack); #endif +#ifdef CONFIG_SECURITY_APPARMOR +static const struct pid_entry apparmor_attr_dir_stuff[] = { + ATTR("apparmor", "current", 0666), + ATTR("apparmor", "prev", 0444), + ATTR("apparmor", "exec", 0666), +}; +LSM_DIR_OPS(apparmor); +#endif + static const struct pid_entry attr_dir_stuff[] = { ATTR(NULL, "current", 0666), ATTR(NULL, "prev", 0444), @@ -2656,6 +2665,10 @@ static const struct pid_entry attr_dir_stuff[] = { DIR("smack", 0555, proc_smack_attr_dir_inode_ops, proc_smack_attr_dir_ops), #endif +#ifdef CONFIG_SECURITY_APPARMOR + DIR("apparmor", 0555, + proc_apparmor_attr_dir_inode_ops, proc_apparmor_attr_dir_ops), +#endif }; static int proc_attr_dir_readdir(struct file *file, struct dir_context *ctx) |