OrgACRN
/
acrn-kernel
mirror of https://github.com/projectacrn/acrn-kernel.git
1
0
Fork 0
Code Issues Releases Wiki Activity
acrn-kernel/security/apparmor
History
Christian Brauner 3cee6079f6
apparmor: handle idmapped mounts 
The i_uid and i_gid are mostly used when logging for AppArmor. This is
broken in a bunch of places where the global root id is reported instead
of the i_uid or i_gid of the file. Nonetheless, be kind and log the
mapped inode if we're coming from an idmapped mount. If the initial user
namespace is passed nothing changes so non-idmapped mounts will see
identical behavior as before.

Link: https://lore.kernel.org/r/20210121131959.646623-26-christian.brauner@ubuntu.com
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
 		2021-01-24 14:27:20 +01:00
..
include security: add const qualifier to struct sock in various places 2020-12-03 12:56:03 -08:00
.gitignore
Kconfig
Makefile
apparmorfs.c fs: make helpers idmap mount aware 2021-01-24 14:27:20 +01:00
audit.c
capability.c
crypto.c
domain.c apparmor: handle idmapped mounts 2021-01-24 14:27:20 +01:00
file.c apparmor: handle idmapped mounts 2021-01-24 14:27:20 +01:00
ipc.c
label.c
lib.c
lsm.c apparmor: handle idmapped mounts 2021-01-24 14:27:20 +01:00
match.c
mount.c
net.c security: add const qualifier to struct sock in various places 2020-12-03 12:56:03 -08:00
nulldfa.in
path.c
policy.c
policy_ns.c
policy_unpack.c
policy_unpack_test.c
procattr.c
resource.c
secid.c
stacksplitdfa.in
task.c