[apparmor] [PATCH 5/6] Update change_hatv and change_hat_vargs prototypes to use long

John Johansen john.johansen at canonical.com
Fri Feb 18 02:49:50 UTC 2011 

On 02/17/2011 05:57 PM, Seth Arnold wrote:
> I'm worried about this change.
> 
> First, if there are more than int-representable number of hats that
> may be requested, I'm already concerned that something funny is going
> on.
> 
its not the number of hats thats changing (kernel side that is still caped at 16,
and a single page of data.  Its the magic token

> Second, this will be an ABI change for at least some number of
> platforms -- otherwise you wouldn't bother making the change, right?
> Does the old version of the routine still need to be provided somehow,
> so already-compiled packages will continue to function?
> 
> I'd like some reassurances that this is safe and worthwhile.
> 
Normally I would agree with you that we need to keep the abi, and
provide a versioned compatible version of the function in the library.
However change_hatv and change_hat_varags are rather new, and have
no consumers at the moment, so I am willing to risk breaking the
abi, so that we can get them to be the same as change_hat.

And two the functions were actually already defined with long, its
just the apparmor.h prototypes that weren't (well I guess the swig
prototypes as well but those just got added too).

> Thanks
> 
> On Thu, Feb 17, 2011 at 5:22 PM, John Johansen
> <john.johansen at canonical.com> wrote:
>> Signed-off-by: John Johansen <john.johansen at canonical.com>
>> ---
>>  libraries/libapparmor/src/apparmor.h          |    4 ++--
>>  libraries/libapparmor/swig/SWIG/libapparmor.i |    4 ++--
>>  2 files changed, 4 insertions(+), 4 deletions(-)
>>
>> diff --git a/libraries/libapparmor/src/apparmor.h b/libraries/libapparmor/src/apparmor.h
>> index abb4c8a..4f6e465 100644
>> --- a/libraries/libapparmor/src/apparmor.h
>> +++ b/libraries/libapparmor/src/apparmor.h
>> @@ -23,8 +23,8 @@ extern int aa_change_hat(const char *subprofile, unsigned long magic_token);
>>  extern int aa_change_profile(const char *profile);
>>  extern int aa_change_onexec(const char *profile);
>>
>> -extern int aa_change_hatv(const char *subprofiles[], unsigned int token);
>> -extern int (aa_change_hat_vargs)(unsigned int token, int count, ...);
>> +extern int aa_change_hatv(const char *subprofiles[], unsigned long token);
>> +extern int (aa_change_hat_vargs)(unsigned long token, int count, ...);
>>
>>  #define __macroarg_counter(Y...) __macroarg_count1 ( , ##Y)
>>  #define __macroarg_count1(Y...) __macroarg_count2 (Y, 16,15,14,13,12,11,10,9,8,7,6,5,4,3,2,1,0)
>> diff --git a/libraries/libapparmor/swig/SWIG/libapparmor.i b/libraries/libapparmor/swig/SWIG/libapparmor.i
>> index f6d1001..1f2ede3 100644
>> --- a/libraries/libapparmor/swig/SWIG/libapparmor.i
>> +++ b/libraries/libapparmor/swig/SWIG/libapparmor.i
>> @@ -16,6 +16,6 @@
>>  extern int aa_change_hat(const char *subprofile, unsigned long magic_token);
>>  extern int aa_change_profile(const char *profile);
>>  extern int aa_change_onexec(const char *profile);
>> -extern int aa_change_hatv(const char *subprofiles[], unsigned int token);
>> -extern int aa_change_hat_vargs(unsigned int token, int count, ...);
>> +extern int aa_change_hatv(const char *subprofiles[], unsigned long token);
>> +extern int aa_change_hat_vargs(unsigned long token, int count, ...);
>>
>> --
>> 1.7.1
>>
>>
>> --
>> AppArmor mailing list
>> AppArmor at lists.ubuntu.com
>> Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
>>

More information about the AppArmor mailing list