hollalinux
/
linux-sg2042
mirror of https://github.com/sophgo/linux-riscv.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

docs: ABI: ABI documentation for procfs attribute files used by multiple LSMs 

Provide basic ABI descriptions for the process attribute entries
that are shared between multiple Linux security modules.

Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
Link: https://lore.kernel.org/r/30c36660-3694-0c0d-d472-8f3b3ca4098e@schaufler-ca.com
Signed-off-by: Jonathan Corbet <corbet@lwn.net>
This commit is contained in:
Casey Schaufler 2020-11-10 09:28:41 -08:00 committed by Jonathan Corbet
parent 7d71788735
commit bfe7bf3114
3 changed files with 59 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
Documentation/ABI/testing/procfs-attr-current Normal file
View File

@ -0,0 +1,20 @@
What: /proc/*/attr/current
Contact: linux-security-module@vger.kernel.org,
selinux@vger.kernel.org,
apparmor@lists.ubuntu.com
Description: The current security information used by a Linux
security module (LSM) that is active on the system.
The details of permissions required to read from
this interface and hence obtain the security state
of the task identified is LSM dependent.
A process cannot write to this interface unless it
refers to itself.
The other details of permissions required to write to
this interface and hence change the security state of
the task identified are LSM dependent.
The format of the data used by this interface is LSM
dependent.
SELinux, Smack and AppArmor provide this interface.
Users: SELinux user-space
Smack user-space
AppArmor user-space

20
Documentation/ABI/testing/procfs-attr-exec Normal file
View File

@ -0,0 +1,20 @@
What: /proc/*/attr/exec
Contact: linux-security-module@vger.kernel.org,
selinux@vger.kernel.org,
apparmor@lists.ubuntu.com
Description: The security information to be used on the process
by a Linux security module (LSM) active on the system
after a subsequent exec() call.
The details of permissions required to read from
this interface and hence obtain the security state
of the task identified is LSM dependent.
A process cannot write to this interface unless it
refers to itself.
The other details of permissions required to write to
this interface and hence change the security state of
the task identified are LSM dependent.
The format of the data used by this interface is LSM
dependent.
SELinux and AppArmor provide this interface.
Users: SELinux user-space
AppArmor user-space

19
Documentation/ABI/testing/procfs-attr-prev Normal file
View File

@ -0,0 +1,19 @@
What: /proc/*/attr/prev
Contact: linux-security-module@vger.kernel.org,
selinux@vger.kernel.org,
apparmor@lists.ubuntu.com
Description: The security information used on the process by
a Linux security module (LSM) active on the system
prior to the most recent exec() call.
The details of permissions required to read from
this interface is LSM dependent.
A process cannot write to this interface unless it
refers to itself.
The other details of permissions required to write to
this interface are LSM dependent.
The format of the data used by this interface is LSM
dependent.
SELinux and AppArmor provide this interface.
Users: SELinux user-space
AppArmor user-space