GitHub-Mirror/linux-bl808
2
0
Fork 0
mirror of https://github.com/Fishwaldo/linux-bl808.git synced 2025-06-17 20:25:19 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

apparmor: Parse secmark policy

Browse source 
Add support for parsing secmark policy provided by userspace, and
store that in the overall policy.

Signed-off-by: Matthew Garrett <mjg59@google.com>
Signed-off-by: John Johansen <john.johansen@canonical.com>
This commit is contained in:
Matthew Garrett 2018-05-24 13:27:46 -07:00 committed by John Johansen
parent 617a629c08
commit 9caafbe2b4
4 changed files with 77 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

10
security/apparmor/include/net.h
View file

@ -83,6 +83,13 @@ struct aa_sk_ctx {
__e; \
})
struct aa_secmark {
u8 audit;
u8 deny;
u32 secid;
char *label;
};
extern struct aa_sfs_entry aa_sfs_entry_network[];
void audit_net_cb(struct audit_buffer *ab, void *va);
@ -103,4 +110,7 @@ int aa_sk_perm(const char *op, u32 request, struct sock *sk);
int aa_sock_file_perm(struct aa_label *label, const char *op, u32 request,
struct socket *sock);
int apparmor_secmark_check(struct aa_label *label, char *op, u32 request,
u32 secid, struct sock *sk);
#endif /* __AA_NET_H */