• John Johansen's avatar
    apparmor: add policy revision file interface · d9bf2c26
    John Johansen authored
    Add a policy revision file to find the current revision of a ns's policy.
    There is a revision file per ns, as well as a virtualized global revision
    file in the base apparmor fs directory. The global revision file when
    opened will provide the revision of the opening task namespace.
    
    The revision file can be waited on via select/poll to detect apparmor
    policy changes from the last read revision of the opened file. This
    means that the revision file must be read after the select/poll other
    wise update data will remain ready for reading.
    Signed-off-by: default avatarJohn Johansen <john.johansen@canonical.com>
    d9bf2c26
apparmorfs.c 49.5 KB