linux

iv/linux

Fork 0

Commit Graph

Author	SHA1	Message	Date
James Morris	33f8bf5880	apparmor: sparse fix: include ipc.h Include ipc.h to eliminate sparse warnings. security/apparmor/ipc.c:61:5: warning: symbol 'aa_may_ptrace' was not declared. Should it be static? security/apparmor/ipc.c:83:5: warning: symbol 'aa_ptrace' was not declared. Should it be static Signed-off-by: James Morris <jmorris@namei.org> Acked-by: John Johansen <john.johansen@canonical.com>	2011-09-09 16:56:27 -07:00
James Morris	77c80e6b2f	AppArmor: fix build warnings for non-const use of get_task_cred Fix build warnings for non-const use of get_task_cred. Signed-off-by: James Morris <jmorris@namei.org>	2010-08-02 15:49:00 +10:00
John Johansen	0ed3b28ab8	AppArmor: mediation of non file objects ipc: AppArmor ipc is currently limited to mediation done by file mediation and basic ptrace tests. Improved mediation is a wip. rlimits: AppArmor provides basic abilities to set and control rlimits at a per profile level. Only resources specified in a profile are controled or set. AppArmor rules set the hard limit to a value <= to the current hard limit (ie. they can not currently raise hard limits), and if necessary will lower the soft limit to the new hard limit value. AppArmor does not track resource limits to reset them when a profile is left so that children processes inherit the limits set by the parent even if they are not confined by the same profile. Capabilities: AppArmor provides a per profile mask of capabilities, that will further restrict. Signed-off-by: John Johansen <john.johansen@canonical.com> Signed-off-by: James Morris <jmorris@namei.org>	2010-08-02 15:38:35 +10:00

Author

SHA1

Message

Date

James Morris

33f8bf5880

apparmor: sparse fix: include ipc.h

Include ipc.h to eliminate sparse warnings.

security/apparmor/ipc.c:61:5: warning: symbol 'aa_may_ptrace' was not declared. Should it be static?
security/apparmor/ipc.c:83:5: warning: symbol 'aa_ptrace' was not declared. Should it be static

Signed-off-by: James Morris <jmorris@namei.org>
Acked-by: John Johansen <john.johansen@canonical.com>

2011-09-09 16:56:27 -07:00

James Morris

77c80e6b2f

AppArmor: fix build warnings for non-const use of get_task_cred

Fix build warnings for non-const use of get_task_cred.

Signed-off-by: James Morris <jmorris@namei.org>

2010-08-02 15:49:00 +10:00

John Johansen

0ed3b28ab8

AppArmor: mediation of non file objects

ipc:
AppArmor ipc is currently limited to mediation done by file mediation
and basic ptrace tests.  Improved mediation is a wip.

rlimits:
AppArmor provides basic abilities to set and control rlimits at
a per profile level.  Only resources specified in a profile are controled
or set.  AppArmor rules set the hard limit to a value <= to the current
hard limit (ie. they can not currently raise hard limits), and if
necessary will lower the soft limit to the new hard limit value.

AppArmor does not track resource limits to reset them when a profile
is left so that children processes inherit the limits set by the
parent even if they are not confined by the same profile.

Capabilities:  AppArmor provides a per profile mask of capabilities,
that will further restrict.

Signed-off-by: John Johansen <john.johansen@canonical.com>
Signed-off-by: James Morris <jmorris@namei.org>

2010-08-02 15:38:35 +10:00

3 Commits