AppArmor: add "file" details to securityfs

Create the "file" directory in the securityfs for tracking features
related to files.

Signed-off-by: Kees Cook <kees@ubuntu.com>
Signed-off-by: John Johansen <john.johansen@canonical.com>

1 files changed, 6 insertions, 0 deletions

diff --git a/security/apparmor/include/apparmorfs.h b/security/apparmor/include/apparmorfs.h
index 16e654530f30..7ea4769fab3f 100644
--- a/security/apparmor/include/apparmorfs.h
+++ b/security/apparmor/include/apparmorfs.h
@@ -17,6 +17,7 @@
 
 enum aa_fs_type {
         AA_FS_TYPE_BOOLEAN,
+        AA_FS_TYPE_STRING,
         AA_FS_TYPE_U64,
         AA_FS_TYPE_FOPS,
         AA_FS_TYPE_DIR,
@@ -31,6 +32,7 @@ struct aa_fs_entry {
         enum aa_fs_type v_type;
         union {
                 bool boolean;
+                char *string;
                 unsigned long u64;
                 struct aa_fs_entry *files;
         } v;
@@ -43,6 +45,10 @@ extern const struct file_operations aa_fs_seq_file_ops;
         { .name = (_name), .mode = 0444, \
           .v_type = AA_FS_TYPE_BOOLEAN, .v.boolean = (_value), \
           .file_ops = &aa_fs_seq_file_ops }
+#define AA_FS_FILE_STRING(_name, _value) \
+        { .name = (_name), .mode = 0444, \
+          .v_type = AA_FS_TYPE_STRING, .v.string = (_value), \
+          .file_ops = &aa_fs_seq_file_ops }
 #define AA_FS_FILE_U64(_name, _value) \
         { .name = (_name), .mode = 0444, \
           .v_type = AA_FS_TYPE_U64, .v.u64 = (_value), \