apparmor: Restore Y/N in /sys for apparmor's "enabled"
authorKees Cook <keescook@chromium.org>
Mon, 8 Apr 2019 16:07:06 +0000 (09:07 -0700)
committerJohn Johansen <john.johansen@canonical.com>
Wed, 10 Apr 2019 11:24:48 +0000 (04:24 -0700)
commite33c1b9923775d17ad246946fe67fcb9be288677
tree11ff1477557e9608883f7d8986cb54f4fadfe239
parent771acc7e4a6e5dba779cb1a7fd851a164bc81033
apparmor: Restore Y/N in /sys for apparmor's "enabled"

Before commit c5459b829b71 ("LSM: Plumb visibility into optional "enabled"
state"), /sys/module/apparmor/parameters/enabled would show "Y" or "N"
since it was using the "bool" handler. After being changed to "int",
this switched to "1" or "0", breaking the userspace AppArmor detection
of dbus-broker. This restores the Y/N output while keeping the LSM
infrastructure happy.

Before:
$ cat /sys/module/apparmor/parameters/enabled
1

After:
$ cat /sys/module/apparmor/parameters/enabled
Y

Reported-by: David Rheinsberg <david.rheinsberg@gmail.com>
Reviewed-by: David Rheinsberg <david.rheinsberg@gmail.com>
Link: https://lkml.kernel.org/r/CADyDSO6k8vYb1eryT4g6+EHrLCvb68GAbHVWuULkYjcZcYNhhw@mail.gmail.com
Fixes: c5459b829b71 ("LSM: Plumb visibility into optional "enabled" state")
Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: John Johansen <john.johansen@canonical.com>
security/apparmor/lsm.c