mirrors/apparmor
1
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor.git synced 2025-03-04 08:24:42 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Update apparmor_kernel_development_guide_notifications

John Johansen 2018-12-04 09:01:12 +00:00
parent 4dfc3f4763
commit 1c982446af
1 changed files with 5 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
apparmor_kernel_development_guide_notifications.md

@ -46,7 +46,7 @@ Each hook that allows notifications gets a aa_notify struct
And at hook exit
DO_NOTIFY(name, ...)
do_notify(name, ...)
If a notification is determined to be needed the audit message is queued up on the aa_notify struct. And it is handled in DO_NOTIFY at the end of the hook. This allows us to avoid apparmor internal locking and also to group multiple notifications into a single message.
@ -98,6 +98,8 @@ audit structs
# caching
Two different caches come into play with notifications.
## type cache
The type cache is used to cache permission lookups, when an object type is available. And is a generic cache to help accelerate permission lookup.
@ -117,6 +119,8 @@ The audit cache is used to dedup messages to the audit subsystem. This can great
- prompt messages: are only checked against the audit cache if the prompting results in an audited message.
needs to take cred ref, profile/label refs