mir/apparmor
2
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor synced 2025-08-31 06:16:03 +00:00
Code Issues Releases Wiki Activity

Add the ability to control how path mediation is done at the profile level

Browse Source
This commit is contained in:
John Johansen
2010-02-17 12:21:52 -08:00
parent 4f5686901b
commit 5709d94710
3 changed files with 59 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
parser/parser_interface.c
View File

@@ -653,6 +653,21 @@ int sd_serialize_profile(sd_serialize *p, struct codomain *profile,
return 0;
if (!sd_write_structend(p))
return 0;
if (profile->flags.path) {
int flags = 0;
if (profile->flags.path & PATH_CHROOT_REL)
flags |= 0x8;
if (profile->flags.path & PATH_MEDIATE_DELETED)
flags |= 0x10000;
if (profile->flags.path & PATH_ATTACH)
flags |= 0x4;
if (profile->flags.path & PATH_CHROOT_NSATTACH)
flags |= 0x10;
if (!sd_write_name(p, "path_flags") ||
!sd_write32(p, flags))
return 0;
}
#define low_caps(X) ((u32) ((X) & 0xffffffff))
#define high_caps(X) ((u32) (((X) >> 32) & 0xffffffff))