c88d4c7b04
The basic routines and defines for AppArmor policy. AppArmor policy
is defined by a few basic components.
profiles - the basic unit of confinement contain all the information
to enforce policy on a task
Profiles tend to be named after an executable that they
will attach to but this is not required.
namespaces - a container for a set of profiles that will be used
during attachment and transitions between profiles.
sids - which provide a unique id for each profile
Signed-off-by: John Johansen <john.johansen@canonical.com>
Signed-off-by: James Morris <jmorris@namei.org>
25 lines
519 B
C
25 lines
519 B
C
/*
|
|
* AppArmor security module
|
|
*
|
|
* This file contains AppArmor security identifier (sid) definitions
|
|
*
|
|
* Copyright 2009-2010 Canonical Ltd.
|
|
*
|
|
* This program is free software; you can redistribute it and/or
|
|
* modify it under the terms of the GNU General Public License as
|
|
* published by the Free Software Foundation, version 2 of the
|
|
* License.
|
|
*/
|
|
|
|
#ifndef __AA_SID_H
|
|
#define __AA_SID_H
|
|
|
|
#include <linux/types.h>
|
|
|
|
struct aa_profile;
|
|
|
|
u32 aa_alloc_sid(void);
|
|
void aa_free_sid(u32 sid);
|
|
|
|
#endif /* __AA_SID_H */
|