projects / linux-2.6-microblaze.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 549c729) | patch
apparmor: handle idmapped mounts
authorChristian Brauner <christian.brauner@ubuntu.com>
Thu, 21 Jan 2021 13:19:44 +0000 (14:19 +0100)
committerChristian Brauner <christian.brauner@ubuntu.com>
Sun, 24 Jan 2021 13:27:20 +0000 (14:27 +0100)
commit3cee6079f62f4d3a37d9dda2e0851677e08028ff
treed06df042d5feaadad59ccd3c53f7611740db0f3etree | snapshot
parent549c7297717c32ee53f156cd949e055e601f67bbcommit | diff
apparmor: handle idmapped mounts

The i_uid and i_gid are mostly used when logging for AppArmor. This is
broken in a bunch of places where the global root id is reported instead
of the i_uid or i_gid of the file. Nonetheless, be kind and log the
mapped inode if we're coming from an idmapped mount. If the initial user
namespace is passed nothing changes so non-idmapped mounts will see
identical behavior as before.

Link: https://lore.kernel.org/r/20210121131959.646623-26-christian.brauner@ubuntu.com
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
security/apparmor/domain.c diff | blob | history
security/apparmor/file.c diff | blob | history
security/apparmor/lsm.c diff | blob | history
MicroBlaze GIT Repository