Update apparmor_kernel_development_guide

2025-03-04 08:24:42 +01:00 · 2018-11-30 04:28:03 +00:00 · 2018-11-30 04:28:03 +00:00 · 33008c648a
commit 33008c648a
parent e9015bcbb4
1 changed files with 57 additions and 0 deletions
--- a/apparmor_kernel_development_guide.md
+++ b/apparmor_kernel_development_guide.md
@ -413,5 +413,62 @@ policydb

 # stacking

+# Notifications
+
+Notifications are based on apparmor audit messages. However instead of being converted to a text format they are passed in machine native binary structure.
+
+profile flags
+rule flags
+
+multiple notification
+- profile loads
+- per profile in stack
+
+apparmor audit msg -> audit msg cache -> dedup -> copy msg -> insert in msg cache -> send to audit subsystem
+                   |                          |            |
+                   |                           -> drop msg |
+                   |                                        -> send to audit subsystem
+                   -> notify queue -> insert queue on waiting
+
+multicast
+- policy changes
+- complain messages
+prompting
+- synchronous
+- asynch + ptrace and restart
+
+prompt failing
+- interrupts
+- time outs
+
+how to keep alive
+restarting request
+
+down grading prompt
+
+## ???
+audit structs
+
+
+## user space api
+
+### include file
+
+### setting up notifications
+
+open file
+use ioctl to set notification
+wait for notifications
+read file
+- reply
+
+link to userspace api provided by library.
+
+## ???
+
+
+
+
+
 # Delegation
 - TODO: this is not implemented yet.