1 | /* SPDX-License-Identifier: GPL-2.0-only */ |
2 | /* |
3 | * AppArmor security module |
4 | * |
5 | * This file contains AppArmor file mediation function definitions. |
6 | * |
7 | * Copyright 2017 Canonical Ltd. |
8 | */ |
9 | |
10 | #ifndef __AA_MOUNT_H |
11 | #define __AA_MOUNT_H |
12 | |
13 | #include <linux/fs.h> |
14 | #include <linux/path.h> |
15 | |
16 | #include "domain.h" |
17 | #include "policy.h" |
18 | |
19 | /* mount perms */ |
20 | #define AA_MAY_PIVOTROOT 0x01 |
21 | #define AA_MAY_MOUNT 0x02 |
22 | #define AA_MAY_UMOUNT 0x04 |
23 | #define AA_AUDIT_DATA 0x40 |
24 | #define AA_MNT_CONT_MATCH 0x40 |
25 | |
26 | #define AA_MS_IGNORE_MASK (MS_KERNMOUNT | MS_NOSEC | MS_ACTIVE | MS_BORN) |
27 | |
28 | int aa_remount(const struct cred *subj_cred, |
29 | struct aa_label *label, const struct path *path, |
30 | unsigned long flags, void *data); |
31 | |
32 | int aa_bind_mount(const struct cred *subj_cred, |
33 | struct aa_label *label, const struct path *path, |
34 | const char *old_name, unsigned long flags); |
35 | |
36 | |
37 | int aa_mount_change_type(const struct cred *subj_cred, |
38 | struct aa_label *label, const struct path *path, |
39 | unsigned long flags); |
40 | |
41 | int aa_move_mount_old(const struct cred *subj_cred, |
42 | struct aa_label *label, const struct path *path, |
43 | const char *old_name); |
44 | int aa_move_mount(const struct cred *subj_cred, |
45 | struct aa_label *label, const struct path *from_path, |
46 | const struct path *to_path); |
47 | |
48 | int aa_new_mount(const struct cred *subj_cred, |
49 | struct aa_label *label, const char *dev_name, |
50 | const struct path *path, const char *type, unsigned long flags, |
51 | void *data); |
52 | |
53 | int aa_umount(const struct cred *subj_cred, |
54 | struct aa_label *label, struct vfsmount *mnt, int flags); |
55 | |
56 | int aa_pivotroot(const struct cred *subj_cred, |
57 | struct aa_label *label, const struct path *old_path, |
58 | const struct path *new_path); |
59 | |
60 | #endif /* __AA_MOUNT_H */ |
61 | |