[CRIU] [PATCH v2 4/9] check: add a feature test for apparmor_stacking
Tycho Andersen
tycho.andersen at canonical.com
Mon Oct 24 08:51:08 PDT 2016
v2: fail the check if apparmor isn't the current LSM too. This means that
we can use the feature check feature in the test framework, and since
the warning is listed as non-fatal hopefully it won't freak people out
:)
Signed-off-by: Tycho Andersen <tycho.andersen at canonical.com>
---
criu/cr-check.c | 14 ++++++++++++++
1 file changed, 14 insertions(+)
diff --git a/criu/cr-check.c b/criu/cr-check.c
index 352e9c7..f7a7bbd 100644
--- a/criu/cr-check.c
+++ b/criu/cr-check.c
@@ -43,10 +43,14 @@
#include "tun.h"
#include "namespaces.h"
#include "pstree.h"
+#include "lsm.h"
+#include "apparmor.h"
#include "cr_options.h"
#include "libnetlink.h"
#include "net.h"
+#include "images/inventory.pb-c.h"
+
static char *feature_name(int (*func)());
static int check_tty(void)
@@ -990,6 +994,14 @@ out:
return ret;
}
+static int check_apparmor_stacking(void)
+{
+ if (!check_aa_ns_dumping())
+ return -1;
+
+ return 0;
+}
+
static int (*chk_feature)(void);
/*
@@ -1089,6 +1101,7 @@ int cr_check(void)
ret |= check_cgroupns();
ret |= check_tcp_window();
ret |= check_nsid_manip();
+ ret |= check_apparmor_stacking();
}
/*
@@ -1169,6 +1182,7 @@ static struct feature_list feature_list[] = {
{ "cgroupns", check_cgroupns },
{ "autofs", check_autofs },
{ "nsid_manip", check_nsid_manip },
+ { "apparmor_stacking", check_apparmor_stacking },
{ NULL, NULL },
};
--
2.9.3
More information about the CRIU
mailing list