diff options
| author | John Johansen | 2017-01-16 09:42:55 +0100 |
|---|---|---|
| committer | John Johansen | 2017-01-16 10:18:42 +0100 |
| commit | 5ac8c355ae0013d82b3a07b49aebeadfce9b6e52 (patch) | |
| tree | 41f24f5f9198ef4ba7a34624938e51b2305e21f0 /security/apparmor/include/policy.h | |
| parent | apparmor: add ns name to the audit data for policy loads (diff) | |
| download | kernel-qcow2-linux-5ac8c355ae0013d82b3a07b49aebeadfce9b6e52.tar.gz kernel-qcow2-linux-5ac8c355ae0013d82b3a07b49aebeadfce9b6e52.tar.xz kernel-qcow2-linux-5ac8c355ae0013d82b3a07b49aebeadfce9b6e52.zip | |
apparmor: allow introspecting the loaded policy pre internal transform
Store loaded policy and allow introspecting it through apparmorfs. This
has several uses from debugging, policy validation, and policy checkpoint
and restore for containers.
Signed-off-by: John Johansen <john.johansen@canonical.com>
Diffstat (limited to 'security/apparmor/include/policy.h')
| -rw-r--r-- | security/apparmor/include/policy.h | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/security/apparmor/include/policy.h b/security/apparmor/include/policy.h index 95641e235d47..fbbc8677f527 100644 --- a/security/apparmor/include/policy.h +++ b/security/apparmor/include/policy.h @@ -161,6 +161,7 @@ struct aa_profile { struct aa_caps caps; struct aa_rlimit rlimits; + struct aa_loaddata *rawdata; unsigned char *hash; char *dirname; struct dentry *dents[AAFS_PROF_SIZEOF]; @@ -187,8 +188,8 @@ struct aa_profile *aa_fqlookupn_profile(struct aa_profile *base, const char *fqname, size_t n); struct aa_profile *aa_match_profile(struct aa_ns *ns, const char *name); -ssize_t aa_replace_profiles(struct aa_ns *view, void *udata, size_t size, - bool noreplace); +ssize_t aa_replace_profiles(struct aa_ns *view, bool noreplace, + struct aa_loaddata *udata); ssize_t aa_remove_profiles(struct aa_ns *view, char *name, size_t size); void __aa_profile_list_release(struct list_head *head); |