[CRIU] [PATCH v2 4/6] check: add a feature test for apparmor_stacking
Tycho Andersen
tycho.andersen at canonical.com
Thu Oct 6 12:22:50 PDT 2016
v2: fail the check if apparmor isn't the current LSM too. This means that
we can use the feature check feature in the test framework, and since
the warning is listed as non-fatal hopefully it won't freak people out
:)
Signed-off-by: Tycho Andersen <tycho.andersen at canonical.com>
---
criu/cr-check.c | 14 ++++++++++++++
1 file changed, 14 insertions(+)
diff --git a/criu/cr-check.c b/criu/cr-check.c
index bb4d978..841f100 100644
--- a/criu/cr-check.c
+++ b/criu/cr-check.c
@@ -40,8 +40,12 @@
#include "tun.h"
#include "namespaces.h"
#include "pstree.h"
+#include "lsm.h"
+#include "apparmor.h"
#include "cr_options.h"
+#include "images/inventory.pb-c.h"
+
static char *feature_name(int (*func)());
static int check_tty(void)
@@ -933,6 +937,14 @@ static int check_tcp_window(void)
return 0;
}
+static int check_apparmor_stacking(void)
+{
+ if (!check_aa_ns_dumping())
+ return -1;
+
+ return 0;
+}
+
static int (*chk_feature)(void);
/*
@@ -1031,6 +1043,7 @@ int cr_check(void)
ret |= check_clone_parent_vs_pid();
ret |= check_cgroupns();
ret |= check_tcp_window();
+ ret |= check_apparmor_stacking();
}
/*
@@ -1110,6 +1123,7 @@ static struct feature_list feature_list[] = {
{ "loginuid", check_loginuid },
{ "cgroupns", check_cgroupns },
{ "autofs", check_autofs },
+ { "apparmor_stacking", check_apparmor_stacking },
{ NULL, NULL },
};
--
2.9.3
More information about the CRIU
mailing list