* [RFC PATCH] docs: ABI: ABI documentation for procfs attribute files used by multiple LSMs
[not found] <30c36660-3694-0c0d-d472-8f3b3ca4098e.ref@schaufler-ca.com>
@ 2020-11-10 17:28 ` Casey Schaufler
2020-11-13 22:02 ` Jonathan Corbet
0 siblings, 1 reply; 2+ messages in thread
From: Casey Schaufler @ 2020-11-10 17:28 UTC (permalink / raw)
To: Jonathan Corbet, Linux API, linux-doc; +Cc: Linux Security Module list, SELinux
Provide basic ABI descriptions for the process attribute entries
that are shared between multiple Linux security modules.
Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
---
Documentation/ABI/testing/procfs-attr-current | 20 ++++++++++++++++++++
Documentation/ABI/testing/procfs-attr-exec | 20 ++++++++++++++++++++
Documentation/ABI/testing/procfs-attr-prev | 19 +++++++++++++++++++
3 files changed, 59 insertions(+)
diff --git a/Documentation/ABI/testing/procfs-attr-current b/Documentation/ABI/testing/procfs-attr-current
new file mode 100644
index 000000000000..198b9fe1c8e8
--- /dev/null
+++ b/Documentation/ABI/testing/procfs-attr-current
@@ -0,0 +1,20 @@
+What: /proc/*/attr/current
+Contact: linux-security-module@vger.kernel.org,
+ selinux@vger.kernel.org,
+ apparmor@lists.ubuntu.com
+Description: The current security information used by a Linux
+ security module (LSM) that is active on the system.
+ The details of permissions required to read from
+ this interface and hence obtain the security state
+ of the task identified is LSM dependent.
+ A process cannot write to this interface unless it
+ refers to itself.
+ The other details of permissions required to write to
+ this interface and hence change the security state of
+ the task identified are LSM dependent.
+ The format of the data used by this interface is LSM
+ dependent.
+ SELinux, Smack and AppArmor provide this interface.
+Users: SELinux user-space
+ Smack user-space
+ AppArmor user-space
diff --git a/Documentation/ABI/testing/procfs-attr-exec b/Documentation/ABI/testing/procfs-attr-exec
new file mode 100644
index 000000000000..34593866a7ab
--- /dev/null
+++ b/Documentation/ABI/testing/procfs-attr-exec
@@ -0,0 +1,20 @@
+What: /proc/*/attr/exec
+Contact: linux-security-module@vger.kernel.org,
+ selinux@vger.kernel.org,
+ apparmor@lists.ubuntu.com
+Description: The security information to be used on the process
+ by a Linux security module (LSM) active on the system
+ after a subsequent exec() call.
+ The details of permissions required to read from
+ this interface and hence obtain the security state
+ of the task identified is LSM dependent.
+ A process cannot write to this interface unless it
+ refers to itself.
+ The other details of permissions required to write to
+ this interface and hence change the security state of
+ the task identified are LSM dependent.
+ The format of the data used by this interface is LSM
+ dependent.
+ SELinux and AppArmor provide this interface.
+Users: SELinux user-space
+ AppArmor user-space
diff --git a/Documentation/ABI/testing/procfs-attr-prev b/Documentation/ABI/testing/procfs-attr-prev
new file mode 100644
index 000000000000..f990b3595839
--- /dev/null
+++ b/Documentation/ABI/testing/procfs-attr-prev
@@ -0,0 +1,19 @@
+What: /proc/*/attr/prev
+Contact: linux-security-module@vger.kernel.org,
+ selinux@vger.kernel.org,
+ apparmor@lists.ubuntu.com
+Description: The security information used on the process by
+ a Linux security module (LSM) active on the system
+ prior to the most recent exec() call.
+ The details of permissions required to read from
+ this interface is LSM dependent.
+ A process cannot write to this interface unless it
+ refers to itself.
+ The other details of permissions required to write to
+ this interface are LSM dependent.
+ The format of the data used by this interface is LSM
+ dependent.
+ SELinux and AppArmor provide this interface.
+Users: SELinux user-space
+ AppArmor user-space
+
^ permalink raw reply related [flat|nested] 2+ messages in thread
* Re: [RFC PATCH] docs: ABI: ABI documentation for procfs attribute files used by multiple LSMs
2020-11-10 17:28 ` [RFC PATCH] docs: ABI: ABI documentation for procfs attribute files used by multiple LSMs Casey Schaufler
@ 2020-11-13 22:02 ` Jonathan Corbet
0 siblings, 0 replies; 2+ messages in thread
From: Jonathan Corbet @ 2020-11-13 22:02 UTC (permalink / raw)
To: Casey Schaufler; +Cc: Linux API, linux-doc, Linux Security Module list, SELinux
On Tue, 10 Nov 2020 09:28:41 -0800
Casey Schaufler <casey@schaufler-ca.com> wrote:
> Provide basic ABI descriptions for the process attribute entries
> that are shared between multiple Linux security modules.
>
> Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
> ---
> Documentation/ABI/testing/procfs-attr-current | 20 ++++++++++++++++++++
> Documentation/ABI/testing/procfs-attr-exec | 20 ++++++++++++++++++++
> Documentation/ABI/testing/procfs-attr-prev | 19 +++++++++++++++++++
> 3 files changed, 59 insertions(+)
I've applied this, thanks.
jon
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2020-11-13 22:03 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
[not found] <30c36660-3694-0c0d-d472-8f3b3ca4098e.ref@schaufler-ca.com>
2020-11-10 17:28 ` [RFC PATCH] docs: ABI: ABI documentation for procfs attribute files used by multiple LSMs Casey Schaufler
2020-11-13 22:02 ` Jonathan Corbet
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).