projects / platform / kernel / linux-rpi.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: b896c54) | patch
apparmor: Add support for audit rule filtering
authorMatthew Garrett <mjg59@google.com>
Mon, 16 Apr 2018 18:23:58 +0000 (11:23 -0700)
committerJohn Johansen <john.johansen@canonical.com>
Thu, 7 Jun 2018 08:50:47 +0000 (01:50 -0700)
commite79c26d04043b15de64f082d4da52e9fff7ca607
treecdca29dff22fd2e145e5fabf582d0e34cfd947d1tree | snapshot
parentb896c54e8d7bbf6d5d48f9296b26c9d3f10ec795commit | diff
apparmor: Add support for audit rule filtering

This patch adds support to Apparmor for integrating with audit rule
filtering. Right now it only handles SUBJ_ROLE, interpreting it as a
single component of a label. This is sufficient to get Apparmor working
with IMA's appraisal rules without any modifications on the IMA side.

Signed-off-by: Matthew Garrett <mjg59@google.com>
Signed-off-by: John Johansen <john.johansen@canonical.com>
security/apparmor/audit.c diff | blob | history
security/apparmor/include/audit.h diff | blob | history
security/apparmor/lsm.c diff | blob | history
Domain: System / Kernel;