Commit 6413f852 authored by John Johansen's avatar John Johansen
Browse files

apparmor: add proc subdir to attrs 



This patch provides a /proc/<pid>/attr/apparmor/
subdirectory. Enabling userspace to use the apparmor attributes
without having to worry about collisions with selinux or smack on
interface files in /proc/<pid>/attr.

Signed-off-by: default avatarJohn Johansen <john.johansen@canonical.com>
parent dae60293

fs/proc/base.c

+13 −0
Original line number Diff line number Diff line
@@ -2645,6 +2645,15 @@ static const struct pid_entry smack_attr_dir_stuff[] = { 
LSM_DIR_OPS(smack);

#endif



#ifdef CONFIG_SECURITY_APPARMOR

static const struct pid_entry apparmor_attr_dir_stuff[] = {

	ATTR("apparmor", "current",	0666),

	ATTR("apparmor", "prev",	0444),

	ATTR("apparmor", "exec",	0666),

};

LSM_DIR_OPS(apparmor);

#endif



static const struct pid_entry attr_dir_stuff[] = {

	ATTR(NULL, "current",		0666),

	ATTR(NULL, "prev",		0444),
@@ -2656,6 +2665,10 @@ static const struct pid_entry attr_dir_stuff[] = { 
	DIR("smack",			0555,

	    proc_smack_attr_dir_inode_ops, proc_smack_attr_dir_ops),

#endif

#ifdef CONFIG_SECURITY_APPARMOR

	DIR("apparmor",			0555,

	    proc_apparmor_attr_dir_inode_ops, proc_apparmor_attr_dir_ops),

#endif

};



static int proc_attr_dir_readdir(struct file *file, struct dir_context *ctx)

CRA Git | Maintained and supported by SUSTech CRA and CCSE