original_kernel/security/apparmor
Christian Brauner 3cee6079f6
apparmor: handle idmapped mounts
The i_uid and i_gid are mostly used when logging for AppArmor. This is
broken in a bunch of places where the global root id is reported instead
of the i_uid or i_gid of the file. Nonetheless, be kind and log the
mapped inode if we're coming from an idmapped mount. If the initial user
namespace is passed nothing changes so non-idmapped mounts will see
identical behavior as before.

Link: https://lore.kernel.org/r/20210121131959.646623-26-christian.brauner@ubuntu.com
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
2021-01-24 14:27:20 +01:00
..
include
.gitignore
Kconfig
Makefile
apparmorfs.c fs: make helpers idmap mount aware 2021-01-24 14:27:20 +01:00
audit.c
capability.c
crypto.c
domain.c apparmor: handle idmapped mounts 2021-01-24 14:27:20 +01:00
file.c apparmor: handle idmapped mounts 2021-01-24 14:27:20 +01:00
ipc.c
label.c
lib.c
lsm.c apparmor: handle idmapped mounts 2021-01-24 14:27:20 +01:00
match.c
mount.c
net.c
nulldfa.in
path.c
policy.c
policy_ns.c
policy_unpack.c
policy_unpack_test.c
procattr.c
resource.c
secid.c
stacksplitdfa.in
task.c