Skip to content

Commit

Permalink
apparmor: add custom apparmorfs that will be used by policy namespace…
Browse files Browse the repository at this point in the history 
… files

AppArmor policy needs to be able to be resolved based on the policy
namespace a task is confined by. Add a base apparmorfs filesystem that
(like nsfs) will exist as a kern mount and be accessed via jump_link
through a securityfs file.

Setup the base apparmorfs fns and data, but don't use it yet.

Signed-off-by: John Johansen <john.johansen@canonical.com>
Reviewed-by: Seth Arnold <seth.arnold@canonical.com>
Reviewed-by: Kees Cook <keescook@chromium.org>
  • Loading branch information
John Johansen committed Jun 8, 2017
1 parent 64c8697 commit a481f4d
Show file tree
Hide file tree
Showing 2 changed files with 338 additions and 17 deletions.
2 changes: 2 additions & 0 deletions include/uapi/linux/magic.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -80,6 +80,8 @@
#define BTRFS_TEST_MAGIC 0x73727279
#define NSFS_MAGIC 0x6e736673
#define BPF_FS_MAGIC 0xcafe4a11
#define AAFS_MAGIC 0x5a3c69f0

/* Since UDF 2.01 is ISO 13346 based... */
#define UDF_SUPER_MAGIC 0x15013346
#define BALLOON_KVM_MAGIC 0x13661366
Expand Down
Loading

0 comments on commit a481f4d

Please sign in to comment.