diff mbox

[2/5] UBUNTU: SAUCE: apparmor: add information about the query inteface to the feature set

Message ID 20170331120508.16255-3-john.johansen@canonical.com
State New
Headers show

Commit Message

John Johansen March 31, 2017, 12:05 p.m. UTC 
Currently there is now way for userspace to determine what queries and
options are supported without trying them. Add the information to the
feature set exported in apparmorfs.

BugLink: http://bugs.launchpad.net/bugs/1678030
Signed-off-by: John Johansen <john.johansen@canonical.com>
---
 security/apparmor/apparmorfs.c | 10 ++++++++++
 1 file changed, 10 insertions(+)
diff mbox

Patch

diff --git a/security/apparmor/apparmorfs.c b/security/apparmor/apparmorfs.c
index 70a0e6a..7147b33 100644
--- a/security/apparmor/apparmorfs.c
+++ b/security/apparmor/apparmorfs.c
@@ -1566,6 +1566,15 @@  static struct aa_fs_entry aa_fs_entry_dbus[] = {
 	{ }
 };
 
+static struct aa_fs_entry aa_fs_entry_query_label[] = {
+	AA_FS_FILE_STRING("perms", "allow deny audit quiet"),
+	{ }
+};
+
+static struct aa_fs_entry aa_fs_entry_query[] = {
+	AA_FS_DIR("label",			aa_fs_entry_query_label),
+	{ }
+};
 static struct aa_fs_entry aa_fs_entry_features[] = {
 	AA_FS_DIR("policy",			aa_fs_entry_policy),
 	AA_FS_DIR("domain",			aa_fs_entry_domain),
@@ -1579,6 +1588,7 @@  static struct aa_fs_entry aa_fs_entry_features[] = {
 	AA_FS_DIR("ptrace",			aa_fs_entry_ptrace),
 	AA_FS_DIR("signal",			aa_fs_entry_signal),
 	AA_FS_DIR("dbus",			aa_fs_entry_dbus),
+	AA_FS_DIR("query",			aa_fs_entry_query),
 	{ }
 };