From 2c4119d98cda4972ed6c8759c3709be2765fc6b0 Mon Sep 17 00:00:00 2001
From: Kees Cook <kees.cook@canonical.com>
Date: Fri, 20 Jan 2017 17:01:50 -0800
Subject: [PATCH] glibc uses /proc/*/auxv and /proc/*/status files, too

Acked-by: Seth Arnold <seth.arnold@canonical.com>
---
 profiles/apparmor.d/abstractions/base | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/profiles/apparmor.d/abstractions/base b/profiles/apparmor.d/abstractions/base
index 314b9b352..373110d6d 100644
--- a/profiles/apparmor.d/abstractions/base
+++ b/profiles/apparmor.d/abstractions/base
@@ -85,7 +85,7 @@
   /sys/devices/system/cpu/online r,
 
   # glibc's *printf protections read the maps file
-  @{PROC}/@{pid}/maps            r,
+  @{PROC}/@{pid}/{maps,auxv,status} r,
 
   # libgcrypt reads some flags from /proc
   @{PROC}/sys/crypto/*           r,