From 8bd4ee319a029669787588e648bce3c28adf4369 Mon Sep 17 00:00:00 2001
From: John Johansen <john.johansen@canonical.com>
Date: Mon, 28 Aug 2023 10:10:20 -0700
Subject: [PATCH] UBUNTU: SAUCE: apparmor4.0.0 [67/90]: userns - add the
 ability to reference a global variable for a feature value

BugLink: http://bugs.launchpad.net/bugs/2028253

Some features when present can be turned on/off by boot parameters.
Allow for a reference type to allow the features directory to
reflect whether the feature is currently enabled.

BugLink: http://bugs.launchpad.net/bugs/2032602
Signed-off-by: John Johansen <john.johansen@canonical.com>
(cherry picked from https://gitlab.com/jjohansen/apparmor-kernel)
Signed-off-by: Andrea Righi <andrea.righi@canonical.com>
(cherry picked from commit 965de04e35f281306b1783e94500fff6ea5c8dae
https://git.launchpad.net/~apparmor-dev/ubuntu-kernel-next)
Signed-off-by: Paolo Pisati <paolo.pisati@canonical.com>
---
 security/apparmor/apparmorfs.c         | 3 +++
 security/apparmor/include/apparmorfs.h | 6 ++++++
 2 files changed, 9 insertions(+)

diff --git a/security/apparmor/apparmorfs.c b/security/apparmor/apparmorfs.c
index e86b731b9457..872b96fd574e 100644
--- a/security/apparmor/apparmorfs.c
+++ b/security/apparmor/apparmorfs.c
@@ -1216,6 +1216,9 @@ static int aa_sfs_seq_show(struct seq_file *seq, void *v)
 	case AA_SFS_TYPE_U64:
 		seq_printf(seq, "%#08lx\n", fs_file->v.u64);
 		break;
+	case AA_SFS_TYPE_INTPTR:
+		seq_printf(seq, "%d\n", READ_ONCE(*fs_file->v.intptr));
+		break;
 	default:
 		/* Ignore unpritable entry types. */
 		break;
diff --git a/security/apparmor/include/apparmorfs.h b/security/apparmor/include/apparmorfs.h
index a21855ad7fb8..3f954194a0e7 100644
--- a/security/apparmor/include/apparmorfs.h
+++ b/security/apparmor/include/apparmorfs.h
@@ -17,6 +17,7 @@ enum aa_sfs_type {
 	AA_SFS_TYPE_BOOLEAN,
 	AA_SFS_TYPE_STRING,
 	AA_SFS_TYPE_U64,
+	AA_SFS_TYPE_INTPTR,
 	AA_SFS_TYPE_FOPS,
 	AA_SFS_TYPE_DIR,
 };
@@ -33,6 +34,7 @@ struct aa_sfs_entry {
 		char *string;
 		unsigned long u64;
 		struct aa_sfs_entry *files;
+		int *intptr;
 	} v;
 	const struct file_operations *file_ops;
 };
@@ -51,6 +53,10 @@ extern const struct file_operations aa_sfs_seq_file_ops;
 	{ .name = (_name), .mode = 0444, \
 	  .v_type = AA_SFS_TYPE_U64, .v.u64 = (_value), \
 	  .file_ops = &aa_sfs_seq_file_ops }
+#define AA_SFS_FILE_INTPTR(_name, _value) \
+	{ .name = (_name), .mode = 0444, \
+	  .v_type = AA_SFS_TYPE_INTPTR, .v.intptr = &(_value), \
+	  .file_ops = &aa_sfs_seq_file_ops }
 #define AA_SFS_FILE_FOPS(_name, _mode, _fops) \
 	{ .name = (_name), .v_type = AA_SFS_TYPE_FOPS, \
 	  .mode = (_mode), .file_ops = (_fops) }