linux/security/apparmor
John Johansen a481f4d917 apparmor: add custom apparmorfs that will be used by policy namespace files
AppArmor policy needs to be able to be resolved based on the policy
namespace a task is confined by. Add a base apparmorfs filesystem that
(like nsfs) will exist as a kern mount and be accessed via jump_link
through a securityfs file.

Setup the base apparmorfs fns and data, but don't use it yet.

Signed-off-by: John Johansen <john.johansen@canonical.com>
Reviewed-by: Seth Arnold <seth.arnold@canonical.com>
Reviewed-by: Kees Cook <keescook@chromium.org>
2017-06-08 12:51:51 -07:00
..
include apparmor: move to per loaddata files, instead of replicating in profiles 2017-06-08 12:51:49 -07:00
.gitignore AppArmor: remove af_names.h from .gitignore 2012-09-01 08:35:34 -07:00
apparmorfs.c apparmor: add custom apparmorfs that will be used by policy namespace files 2017-06-08 12:51:51 -07:00
audit.c apparmor: replace remaining BUG_ON() asserts with AA_BUG() 2017-01-16 01:18:56 -08:00
capability.c apparmor: update cap audit to check SECURITY_CAP_NOAUDIT 2017-01-16 01:18:50 -08:00
context.c apparmor: replace remaining BUG_ON() asserts with AA_BUG() 2017-01-16 01:18:56 -08:00
crypto.c apparmor: use SHASH_DESC_ON_STACK 2017-04-07 08:58:35 +10:00
domain.c apparmor: Move path lookup to using preallocated buffers 2017-06-08 11:29:34 -07:00
file.c apparmor: Move path lookup to using preallocated buffers 2017-06-08 11:29:34 -07:00
ipc.c apparmor: change aad apparmor_audit_data macro to a fn macro 2017-01-16 01:18:47 -08:00
Kconfig apparmor: add debug assert AA_BUG and Kconfig to control debug info 2017-01-16 01:18:24 -08:00
lib.c apparmor: make internal lib fn skipn_spaces available to the rest of apparmor 2017-06-08 11:29:33 -07:00
lsm.c apparmor: Make path_max parameter readonly 2017-04-07 08:58:36 +10:00
Makefile security/apparmor: Use POSIX-compatible "printf '%s'" 2017-06-08 11:29:27 -07:00
match.c mm: introduce kv[mz]alloc helpers 2017-05-08 17:15:12 -07:00
nulldfa.in apparmor: add a default null dfa 2017-01-16 01:18:34 -08:00
path.c apparmor: Move path lookup to using preallocated buffers 2017-06-08 11:29:34 -07:00
policy_ns.c apparmor: move to per loaddata files, instead of replicating in profiles 2017-06-08 12:51:49 -07:00
policy_unpack.c apparmor: move to per loaddata files, instead of replicating in profiles 2017-06-08 12:51:49 -07:00
policy.c apparmor: move to per loaddata files, instead of replicating in profiles 2017-06-08 12:51:49 -07:00
procattr.c apparmor: convert change_profile to use fqname later to give better control 2017-01-16 01:18:49 -08:00
resource.c apparmor: change aad apparmor_audit_data macro to a fn macro 2017-01-16 01:18:47 -08:00
secid.c apparmor: rename sid to secid 2017-01-16 00:42:17 -08:00