[apparmor] [Patch 0/7] Prepare getpeercon functions for upcoming kernel support

Tyler Hicks tyhicks at canonical.com
Sun Jun 23 23:23:12 UTC 2013

In preparation for AppArmor's support of the SO_PEERSEC socket option (which
allows a process to query the confinement information of a task on the other
end of a socket), the existing libappamor getpeercon API needs some

John provided a couple bug fixes and I've added mode parsing to the getpeercon
functions, updated the appropriate man page, and bumped our library version.

John Johansen (2):
      libapparmor: Safeguard aa_getpeercon buffer reallocation
      libapparmor: fix return value of aa_getpeercon_raw

Tyler Hicks (5):
      libapparmor: Move mode parsing into separate function
      libapparmor: Parse mode from confinement string in getpeercon functions
      libapparmor: Make aa_getpeercon_raw() similar to aa_getprocattr_raw()
      libapparmor: Update aa_getcon man page to reflect getpeercon changes
      libapparmor: Update library version info

 libraries/libapparmor/doc/aa_getcon.pod       | 15 +++++++++--
 libraries/libapparmor/src/Makefile.am         |  4 +--
 libraries/libapparmor/src/apparmor.h          |  4 +--
 libraries/libapparmor/src/kernel_interface.c  | 92 +++++++++++++++++++++++++++++++++++++++++-------------------------
 libraries/libapparmor/swig/SWIG/libapparmor.i |  4 +--
 5 files changed, 77 insertions(+), 42 deletions(-)

More information about the AppArmor mailing list