review.tizen.org Git - platform/kernel/linux-exynos.git/commit

author	John Johansen <john.johansen@canonical.com>
	Fri, 26 May 2017 23:27:58 +0000 (16:27 -0700)
committer	John Johansen <john.johansen@canonical.com>
	Sun, 11 Jun 2017 00:11:27 +0000 (17:11 -0700)
commit	d9bf2c268be6064ae0c9980e4c37fdd262c7effc
tree	2899522e36e8d9d2cac79678647fcf6ecc36ca1d	tree \| snapshot
parent	18e99f191a8e66ec8fd06e4820de44bd9faa296a	commit \| diff

apparmor: add policy revision file interface

Add a policy revision file to find the current revision of a ns's policy.
There is a revision file per ns, as well as a virtualized global revision
file in the base apparmor fs directory. The global revision file when
opened will provide the revision of the opening task namespace.

The revision file can be waited on via select/poll to detect apparmor
policy changes from the last read revision of the opened file. This
means that the revision file must be read after the select/poll other
wise update data will remain ready for reading.

Signed-off-by: John Johansen <john.johansen@canonical.com>

security/apparmor/apparmorfs.c		diff \| blob \| history
security/apparmor/include/apparmorfs.h		diff \| blob \| history
security/apparmor/include/policy_ns.h		diff \| blob \| history
security/apparmor/policy_ns.c		diff \| blob \| history