[apparmor] [PATCH] apparmor: add the ability to report a crypto hash of loaded policy

Seth Arnold seth.arnold at canonical.com
Fri Aug 9 02:09:43 UTC 2013


On Thu, Aug 08, 2013 at 05:41:31PM -0700, John Johansen wrote:
> Provide userspace the ability to validate what policy is loaded via
> an exported crypto hash value.
> 
> Signed-off-by: John Johansen <john.johansen at canonical.com>

Acked-by: Seth Arnold <seth.arnold at canonical.com>

... with one suggestion, either way:

> +static int aa_fs_seq_hash_show(struct seq_file *seq, void *v)
> +{
> +	unsigned char *string = seq->private;
> +	unsigned int i;
> +
> +	if (string) {
> +		for (i = 0; i < aa_hash_size(); i++)
> +			seq_printf(seq, "%.2x", string[i]);
> +		seq_printf(seq, "\n");
> +	}
> +
> +	return 0;
> +}

It might be kind to hoist aa_hash_size() out of the loop if gcc
doesn't do that for us. (It probably can't.)

Thanks
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: Digital signature
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20130808/9b9aa2c9/attachment.pgp>


More information about the AppArmor mailing list