1/* SPDX-License-Identifier: GPL-2.0-only */
2/*
3 * AppArmor security module
4 *
5 * This file contains AppArmor file mediation function definitions.
6 *
7 * Copyright 2017 Canonical Ltd.
8 */
9
10#ifndef __AA_MOUNT_H
11#define __AA_MOUNT_H
12
13#include <linux/fs.h>
14#include <linux/path.h>
15
16#include "domain.h"
17#include "policy.h"
18
19/* mount perms */
20#define AA_MAY_PIVOTROOT 0x01
21#define AA_MAY_MOUNT 0x02
22#define AA_MAY_UMOUNT 0x04
23#define AA_AUDIT_DATA 0x40
24#define AA_MNT_CONT_MATCH 0x40
25
26#define AA_MS_IGNORE_MASK (MS_KERNMOUNT | MS_NOSEC | MS_ACTIVE | MS_BORN)
27
28int aa_remount(const struct cred *subj_cred,
29 struct aa_label *label, const struct path *path,
30 unsigned long flags, void *data);
31
32int aa_bind_mount(const struct cred *subj_cred,
33 struct aa_label *label, const struct path *path,
34 const char *old_name, unsigned long flags);
35
36
37int aa_mount_change_type(const struct cred *subj_cred,
38 struct aa_label *label, const struct path *path,
39 unsigned long flags);
40
41int aa_move_mount_old(const struct cred *subj_cred,
42 struct aa_label *label, const struct path *path,
43 const char *old_name);
44int aa_move_mount(const struct cred *subj_cred,
45 struct aa_label *label, const struct path *from_path,
46 const struct path *to_path);
47
48int aa_new_mount(const struct cred *subj_cred,
49 struct aa_label *label, const char *dev_name,
50 const struct path *path, const char *type, unsigned long flags,
51 void *data);
52
53int aa_umount(const struct cred *subj_cred,
54 struct aa_label *label, struct vfsmount *mnt, int flags);
55
56int aa_pivotroot(const struct cred *subj_cred,
57 struct aa_label *label, const struct path *old_path,
58 const struct path *new_path);
59
60#endif /* __AA_MOUNT_H */
61

source code of linux/security/apparmor/include/mount.h