diff options
author | Matthew Garrett | 2018-05-24 22:27:45 +0200 |
---|---|---|
committer | John Johansen | 2018-10-03 15:18:17 +0200 |
commit | 617a629c08bfffb05249131079d9a38322902e5b (patch) | |
tree | d2db7e4567b47d10a6e9e981dc834645108d5216 /security/apparmor/secid.c | |
parent | apparmor: don't try to replace stale label in ptrace access check (diff) | |
download | kernel-qcow2-linux-617a629c08bfffb05249131079d9a38322902e5b.tar.gz kernel-qcow2-linux-617a629c08bfffb05249131079d9a38322902e5b.tar.xz kernel-qcow2-linux-617a629c08bfffb05249131079d9a38322902e5b.zip |
apparmor: Add a wildcard secid
Reserve a secid value that we can use as a wildcard, allowing us to
define policy that's expected to match against all secids.
Signed-off-by: Matthew Garrett <mjg59@google.com>
Signed-off-by: John Johansen <john.johansen@canonical.com>
Diffstat (limited to 'security/apparmor/secid.c')
-rw-r--r-- | security/apparmor/secid.c | 3 |
1 files changed, 1 insertions, 2 deletions
diff --git a/security/apparmor/secid.c b/security/apparmor/secid.c index f2f22d00db18..8c951c493beb 100644 --- a/security/apparmor/secid.c +++ b/security/apparmor/secid.c @@ -32,8 +32,7 @@ * secids - do not pin labels with a refcount. They rely on the label * properly updating/freeing them */ - -#define AA_FIRST_SECID 1 +#define AA_FIRST_SECID 2 static DEFINE_IDR(aa_secids); static DEFINE_SPINLOCK(secid_lock); |