apparmor: add domain label stacking info to apparmorfs

Now that the domain label transition is complete advertise it to userspace. Signed-off-by: John Johansen <john.johansen@canonical.com>
author: John Johansen <john.johansen@canonical.com> 2017-06-09 17:11:17 -0700
committer: John Johansen <john.johansen@canonical.com> 2017-06-10 17:11:47 -0700
commit: 40cde7fcc344bc77c1ec9d291dcc35ab12f078aa (patch)
tree: 8ec61b4f1ea71f6876a6c8c6193362b71546421b /security/apparmor/include
parent: e00b02bb6ac2a1893227ce8014b649028d6425d2 (diff)
2 files changed, 3 insertions, 0 deletions
diff --git a/security/apparmor/include/audit.h b/security/apparmor/include/audit.h
index 99ed83cf6941..c68839a44351 100644
--- a/security/apparmor/include/audit.h
+++ b/security/apparmor/include/audit.h
@@ -92,6 +92,8 @@ enum audit_type {
 #define OP_CHANGE_HAT "change_hat"
 #define OP_CHANGE_PROFILE "change_profile"
 #define OP_CHANGE_ONEXEC "change_onexec"
+#define OP_STACK "stack"
+#define OP_STACK_ONEXEC "stack_onexec"
 
 #define OP_SETPROCATTR "setprocattr"
 #define OP_SETRLIMIT "setrlimit"
diff --git a/security/apparmor/include/domain.h b/security/apparmor/include/domain.h
index 255aa40ec1d1..bab5810b6e9a 100644
--- a/security/apparmor/include/domain.h
+++ b/security/apparmor/include/domain.h
@@ -27,6 +27,7 @@ struct aa_domain {
 #define AA_CHANGE_TEST 1
 #define AA_CHANGE_CHILD 2
 #define AA_CHANGE_ONEXEC  4
+#define AA_CHANGE_STACK 8
 
 int apparmor_bprm_set_creds(struct linux_binprm *bprm);
 int apparmor_bprm_secureexec(struct linux_binprm *bprm);
author	John Johansen <john.johansen@canonical.com>	2017-06-09 17:11:17 -0700
committer	John Johansen <john.johansen@canonical.com>	2017-06-10 17:11:47 -0700
commit	40cde7fcc344bc77c1ec9d291dcc35ab12f078aa (patch)
tree	8ec61b4f1ea71f6876a6c8c6193362b71546421b /security/apparmor/include
parent	e00b02bb6ac2a1893227ce8014b649028d6425d2 (diff)