apparmor: add special .null file used to "close" fds at exec

Borrow the special null device file from selinux to "close" fds that don't have sufficient permissions at exec time. Signed-off-by: John Johansen <john.johansen@canonical.com>
author: John Johansen 2017-01-16 09:42:45 +0100
committer: John Johansen 2017-01-16 10:18:35 +0100
commit: a71ada305801e940ff69c2c58489778760e5148b (patch)
tree: 4fc18f426bff2471c50b87c5b5c6df4749deee11 /security/apparmor/include/apparmorfs.h
parent: apparmor: provide userspace flag indicating binfmt_elf_mmap change (diff)
download: kernel-qcow2-linux-a71ada305801e940ff69c2c58489778760e5148b.tar.gz
kernel-qcow2-linux-a71ada305801e940ff69c2c58489778760e5148b.tar.xz
kernel-qcow2-linux-a71ada305801e940ff69c2c58489778760e5148b.zip
1 files changed, 2 insertions, 0 deletions
diff --git a/security/apparmor/include/apparmorfs.h b/security/apparmor/include/apparmorfs.h
index 5626bd48d7cb..eeeae5b0cc36 100644
--- a/security/apparmor/include/apparmorfs.h
+++ b/security/apparmor/include/apparmorfs.h
@@ -15,6 +15,8 @@
 #ifndef __AA_APPARMORFS_H
 #define __AA_APPARMORFS_H
 
+extern struct path aa_null;
+
 enum aa_fs_type {
 	AA_FS_TYPE_BOOLEAN,
 	AA_FS_TYPE_STRING,
author	John Johansen	2017-01-16 09:42:45 +0100
committer	John Johansen	2017-01-16 10:18:35 +0100
commit	a71ada305801e940ff69c2c58489778760e5148b (patch)
tree	4fc18f426bff2471c50b87c5b5c6df4749deee11 /security/apparmor/include/apparmorfs.h
parent	apparmor: provide userspace flag indicating binfmt_elf_mmap change (diff)
download	kernel-qcow2-linux-a71ada305801e940ff69c2c58489778760e5148b.tar.gz kernel-qcow2-linux-a71ada305801e940ff69c2c58489778760e5148b.tar.xz kernel-qcow2-linux-a71ada305801e940ff69c2c58489778760e5148b.zip