038165070a
Allow emulating the default profile behavior from boot, by allowing loading of a profile in the unconfined state into a new NS. Signed-off-by: John Johansen <john.johansen@canonical.com> Acked-by: Seth Arnold <seth.arnold@canonical.com>
39 lines
976 B
C
39 lines
976 B
C
/*
|
|
* AppArmor security module
|
|
*
|
|
* This file contains AppArmor policy loading interface function definitions.
|
|
*
|
|
* Copyright (C) 1998-2008 Novell/SUSE
|
|
* Copyright 2009-2010 Canonical Ltd.
|
|
*
|
|
* This program is free software; you can redistribute it and/or
|
|
* modify it under the terms of the GNU General Public License as
|
|
* published by the Free Software Foundation, version 2 of the
|
|
* License.
|
|
*/
|
|
|
|
#ifndef __POLICY_INTERFACE_H
|
|
#define __POLICY_INTERFACE_H
|
|
|
|
#include <linux/list.h>
|
|
|
|
struct aa_load_ent {
|
|
struct list_head list;
|
|
struct aa_profile *new;
|
|
struct aa_profile *old;
|
|
struct aa_profile *rename;
|
|
};
|
|
|
|
void aa_load_ent_free(struct aa_load_ent *ent);
|
|
struct aa_load_ent *aa_load_ent_alloc(void);
|
|
|
|
#define PACKED_FLAG_HAT 1
|
|
|
|
#define PACKED_MODE_ENFORCE 0
|
|
#define PACKED_MODE_COMPLAIN 1
|
|
#define PACKED_MODE_KILL 2
|
|
#define PACKED_MODE_UNCONFINED 3
|
|
|
|
int aa_unpack(void *udata, size_t size, struct list_head *lh, const char **ns);
|
|
|
|
#endif /* __POLICY_INTERFACE_H */
|