summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJohn Johansen <john.johansen@canonical.com>2017-06-09 17:25:03 -0700
committerJohn Johansen <john.johansen@canonical.com>2017-06-10 17:11:48 -0700
commit33f2eadabba59cf1c763c46c4470279ec2054099 (patch)
tree225f5b54df9bc454a0172d3693cc1b1776660d33
parent6c5fc8f17a2528052bace1d91a3bef003bd1331d (diff)
downloadlinux-33f2eadabba59cf1c763c46c4470279ec2054099.tar.gz
linux-33f2eadabba59cf1c763c46c4470279ec2054099.tar.bz2
linux-33f2eadabba59cf1c763c46c4470279ec2054099.zip
apparmor: export that basic profile namespaces are supported
Allow userspace to detect that basic profile policy namespaces are available. Signed-off-by: John Johansen <john.johansen@canonical.com>
-rw-r--r--security/apparmor/apparmorfs.c7
1 files changed, 7 insertions, 0 deletions
diff --git a/security/apparmor/apparmorfs.c b/security/apparmor/apparmorfs.c
index 229845009a95..853c2ec8e0c9 100644
--- a/security/apparmor/apparmorfs.c
+++ b/security/apparmor/apparmorfs.c
@@ -2151,6 +2151,12 @@ static struct aa_sfs_entry aa_sfs_entry_policy[] = {
{ }
};
+static struct aa_sfs_entry aa_sfs_entry_ns[] = {
+ AA_SFS_FILE_BOOLEAN("profile", 1),
+ AA_SFS_FILE_BOOLEAN("pivot_root", 1),
+ { }
+};
+
static struct aa_sfs_entry aa_sfs_entry_query_label[] = {
AA_SFS_FILE_STRING("perms", "allow deny audit quiet"),
AA_SFS_FILE_BOOLEAN("data", 1),
@@ -2166,6 +2172,7 @@ static struct aa_sfs_entry aa_sfs_entry_features[] = {
AA_SFS_DIR("policy", aa_sfs_entry_policy),
AA_SFS_DIR("domain", aa_sfs_entry_domain),
AA_SFS_DIR("file", aa_sfs_entry_file),
+ AA_SFS_DIR("namespaces", aa_sfs_entry_ns),
AA_SFS_FILE_U64("capability", VFS_CAP_FLAGS_MASK),
AA_SFS_DIR("rlimit", aa_sfs_entry_rlimit),
AA_SFS_DIR("caps", aa_sfs_entry_caps),