aboutsummaryrefslogtreecommitdiff
path: root/security/apparmor/procattr.c
AgeCommit message (Collapse)AuthorFilesLines
2017-01-16apparmor: convert change_profile to use fqname later to give better controlGravatar John Johansen 1-16/+0
Moving the use of fqname to later allows learning profiles to be based on the fqname request instead of just the hname. It also allows cleaning up some of the name parsing and lookup by allowing the use of the fqlookupn_profile() lib fn. Signed-off-by: John Johansen <john.johansen@canonical.com>
2017-01-16apparmor: fix change_hat debug outputGravatar John Johansen 1-4/+5
Signed-off-by: John Johansen <john.johansen@canonical.com>
2017-01-16apparmor: change op from int to const char *Gravatar John Johansen 1-2/+2
Having ops be an integer that is an index into an op name table is awkward and brittle. Every op change requires an edit for both the op constant and a string in the table. Instead switch to using const strings directly, eliminating the need for the table that needs to be kept in sync. Signed-off-by: John Johansen <john.johansen@canonical.com>
2017-01-16apparmor: allow ns visibility question to consider subnsesGravatar John Johansen 1-2/+2
Signed-off-by: John Johansen <john.johansen@canonical.com>
2017-01-16apparmor: rename namespace to ns to improve code line lengthsGravatar John Johansen 1-2/+2
Signed-off-by: John Johansen <john.johansen@canonical.com>
2017-01-16apparmor: split apparmor policy namespaces code into its own fileGravatar John Johansen 1-0/+1
Policy namespaces will be diverging from profile management and expanding so put it in its own file. Signed-off-by: John Johansen <john.johansen@canonical.com>
2013-08-14apparmor: add interface files for profiles and namespacesGravatar John Johansen 1-1/+1
Add basic interface files to access namespace and profile information. The interface files are created when a profile is loaded and removed when the profile or namespace is removed. Signed-off-by: John Johansen <john.johansen@canonical.com>
2013-04-28apparmor: remove "permipc" commandGravatar John Johansen 1-6/+0
The "permipc" command is unused and unfinished, remove it. Signed-off-by: John Johansen <john.johansen@canonical.com> Acked-by: Kees Cook <kees@ubuntu.com>
2011-09-09apparmor: sparse fix: include procattr.h in procattr.cGravatar James Morris 1-0/+1
Fix sparse warnings: security/apparmor/procattr.c:35:5: warning: symbol 'aa_getprocattr' was not declared. Should it be static? security/apparmor/procattr.c:113:5: warning: symbol 'aa_setprocattr_changehat' was not declared. Should it be static? security/apparmor/procattr.c:158:5: warning: symbol 'aa_setprocattr_changeprofile' was not declared. Should it be static? security/apparmor/procattr.c:166:5: warning: symbol 'aa_setprocattr_permipc' was not declared. Should it be static? Signed-off-by: James Morris <jmorris@namei.org> Acked-by: John Johansen <john.johansen@canonical.com>
2010-08-02AppArmor: userspace interfacesGravatar John Johansen 1-0/+170
The /proc/<pid>/attr/* interface is used for process introspection and commands. While the apparmorfs interface is used for global introspection and loading and removing policy. The interface currently only contains the files necessary for loading policy, and will be extended in the future to include sysfs style single per file introspection inteface. The old AppArmor 2.4 interface files have been removed into a compatibility patch, that distros can use to maintain backwards compatibility. Signed-off-by: John Johansen <john.johansen@canonical.com> Signed-off-by: James Morris <jmorris@namei.org>
Copyright © 1990 – 2022 jet tsang zeon-git.
All Rights Reverse Engineered.