[apparmor] [PATCH 8/8] Convert codomain to a class
Tyler Hicks
tyhicks at canonical.com
Fri Sep 27 22:32:35 UTC 2013
On 2013-09-20 17:16:01, Steve Beattie wrote:
> On Fri, Sep 20, 2013 at 12:29:31PM -0700, Steve Beattie wrote:
> > On Fri, Sep 20, 2013 at 12:26:11PM -0700, Steve Beattie wrote:
> > > On Wed, Sep 11, 2013 at 01:47:47AM -0700, Tyler Hicks wrote:
> > > > From: John Johansen <john.johansen at canonical.com>
> > > >
> > > > Convert the codomain to a class, and the policy lists that store
> > > > codomains to stl containers instead of glibc twalk.
> > > >
> > > > Signed-off-by: John Johansen <john.johansen at canonical.com>
> > > > [tyhicks: Merge with dbus changes and process_file_entries() cleanup]
> > > > Signed-off-by: Tyler Hicks <tyhicks at canonical.com>
> > >
> > > There's still a problem with this patch (even with the other fixes I
> > > made to it), it's not loading profiles with multiple hats properly:
> > >
> > > $ cat /tmp/example_profile
> > > /tests/regression/apparmor/changehat {
> > >
> > > ^sub {
> > > /proc/*/attr/current w,
> > > /tmp/sdtest.1713-15650-z0Mlub/file2 rw,
> > > }
> > >
> > > ^sub2 {
> > > /proc/*/attr/current w,
> > > /tmp/sdtest.1713-15650-z0Mlub/file2 rw,
> > > }
> > >
> > > ^sub3 {
> > > /proc/*/attr/current w,
> > > /tmp/sdtest.1713-15650-z0Mlub/file2 rw,
> > > }
> > > }
> > >
> > > $ sudo ./apparmor_parser /tmp/example_profile
> > >
> > > $ sudo grep changehat /sys/kernel/security/apparmor/profiles
> > > /tests/regression/apparmor/changehat (enforce)
> > > /tests/regression/apparmor/changehat//sub (enforce)
>
> Alright, I traced it down and the following patch fixes it:
>
> Signed-off-by: Steve Beattie <steve at nxnw.org>
This looks good to me.
> ---
> parser/parser_interface.c | 2 +-
> parser/parser_policy.c | 2 +-
> 2 files changed, 2 insertions(+), 2 deletions(-)
>
> Index: b/parser/parser_interface.c
> ===================================================================
> --- a/parser/parser_interface.c
> +++ b/parser/parser_interface.c
> @@ -837,7 +837,7 @@ int __sd_serialize_profile(int option, P
> close(fd);
>
> if (!prof->hat_table.empty() && option != OPTION_REMOVE) {
> - if (load_flattened_hats(prof, option) != 0)
> + if (load_flattened_hats(prof, option) == 0)
> return 0;
> }
>
> Index: b/parser/parser_policy.c
> ===================================================================
> --- a/parser/parser_policy.c
> +++ b/parser/parser_policy.c
> @@ -248,7 +248,7 @@ int load_policy_list(ProfileList &list,
>
> for (ProfileList::iterator i = list.begin(); i != list.end(); i++) {
> res = load_profile(option, *i);
> - if (!res)
> + if (res != 0)
> break;
> }
>
>
> The problem is a result of our sometimes returning non-zero to indicate
> errors and sometimes zero for errors.
>
> Tracking it down was made slightly more confusing because the original
> patch ended up creating two functions named sd_serialize_profile,
> with different parameters. While that's legal in C++ (name binding
> includes the argument types), it was confusing for this human to
> understand. Thus, I'd like to see something like the following as well
> (alternate suggestions for renaming accepted):
>
> Signed-off-by: Steve Beattie <steve at nxnw.org>
> ---
I agree that it is a good idea to have different function names. I'm not
familiar enough with the code to suggest a better name right now, so
lets go with the __ prefix.
I'll roll both of these patches in.
Tyler
> parser/parser_interface.c | 6 +++---
> 1 file changed, 3 insertions(+), 3 deletions(-)
>
> Index: b/parser/parser_interface.c
> ===================================================================
> --- a/parser/parser_interface.c
> +++ b/parser/parser_interface.c
> @@ -60,7 +60,7 @@
>
> #define SUBDOMAIN_INTERFACE_DFA_VERSION 5
>
> -int sd_serialize_profile(int option, Profile *prof);
> +int __sd_serialize_profile(int option, Profile *prof);
>
> static void print_error(int error)
> {
> @@ -107,7 +107,7 @@ int load_profile(int option, Profile *pr
> int error = 0;
>
> PDEBUG("Serializing policy for %s.\n", prof->name);
> - retval = sd_serialize_profile(option, prof);
> + retval = __sd_serialize_profile(option, prof);
>
> if (retval < 0) {
> error = retval; /* yeah, we'll just report the last error */
> @@ -700,7 +700,7 @@ int sd_serialize_top_profile(sd_serializ
> }
>
> int cache_fd = -1;
> -int sd_serialize_profile(int option, Profile *prof)
> +int __sd_serialize_profile(int option, Profile *prof)
> {
> int fd = -1;
> int error = -ENOMEM, size, wsize;
>
> --
> Steve Beattie
> <sbeattie at ubuntu.com>
> http://NxNW.org/~steve/
> --
> AppArmor mailing list
> AppArmor at lists.ubuntu.com
> Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20130927/c90b26eb/attachment.pgp>
More information about the AppArmor
mailing list