diff options
| author | John Johansen <john.johansen@canonical.com> | 2017-06-10 02:11:17 +0200 |
|---|---|---|
| committer | John Johansen <john.johansen@canonical.com> | 2017-06-11 02:11:47 +0200 |
| commit | 40cde7fcc344bc77c1ec9d291dcc35ab12f078aa (patch) | |
| tree | 8ec61b4f1ea71f6876a6c8c6193362b71546421b /security/apparmor/include | |
| parent | apparmor: move change_profile mediation to using labels (diff) | |
| download | linux-40cde7fcc344bc77c1ec9d291dcc35ab12f078aa.tar.xz linux-40cde7fcc344bc77c1ec9d291dcc35ab12f078aa.zip | |
apparmor: add domain label stacking info to apparmorfs
Now that the domain label transition is complete advertise it to
userspace.
Signed-off-by: John Johansen <john.johansen@canonical.com>
Diffstat (limited to 'security/apparmor/include')
| -rw-r--r-- | security/apparmor/include/audit.h | 2 | ||||
| -rw-r--r-- | security/apparmor/include/domain.h | 1 |
2 files changed, 3 insertions, 0 deletions
diff --git a/security/apparmor/include/audit.h b/security/apparmor/include/audit.h index 99ed83cf6941..c68839a44351 100644 --- a/security/apparmor/include/audit.h +++ b/security/apparmor/include/audit.h @@ -92,6 +92,8 @@ enum audit_type { #define OP_CHANGE_HAT "change_hat" #define OP_CHANGE_PROFILE "change_profile" #define OP_CHANGE_ONEXEC "change_onexec" +#define OP_STACK "stack" +#define OP_STACK_ONEXEC "stack_onexec" #define OP_SETPROCATTR "setprocattr" #define OP_SETRLIMIT "setrlimit" diff --git a/security/apparmor/include/domain.h b/security/apparmor/include/domain.h index 255aa40ec1d1..bab5810b6e9a 100644 --- a/security/apparmor/include/domain.h +++ b/security/apparmor/include/domain.h @@ -27,6 +27,7 @@ struct aa_domain { #define AA_CHANGE_TEST 1 #define AA_CHANGE_CHILD 2 #define AA_CHANGE_ONEXEC 4 +#define AA_CHANGE_STACK 8 int apparmor_bprm_set_creds(struct linux_binprm *bprm); int apparmor_bprm_secureexec(struct linux_binprm *bprm); |