[apparmor] [patch 12/26] Turn on diff-encoding if the kernel supports it
Seth Arnold
seth.arnold at canonical.com
Thu Apr 17 06:14:51 UTC 2014
On Tue, Apr 15, 2014 at 10:22:19AM -0700, john.johansen at canonical.com wrote:
> Signed-off-by: John Johansen <john.johansen at canonical.com>
Acked-by: Seth Arnold <seth.arnold at canonical.com>
Thanks
> ---
> parser/parser.h | 1 +
> parser/parser_common.c | 3 ++-
> parser/parser_main.c | 6 ++++++
> 3 files changed, 9 insertions(+), 1 deletion(-)
>
> --- 2.9-test.orig/parser/parser.h
> +++ 2.9-test/parser/parser.h
> @@ -298,6 +298,7 @@
> extern int kernel_load;
> extern int kernel_supports_network;
> extern int kernel_supports_policydb;
> +extern int kernel_supports_diff_encode;
> extern int kernel_supports_mount;
> extern int kernel_supports_dbus;
> extern int conf_verbose;
> --- 2.9-test.orig/parser/parser_common.c
> +++ 2.9-test/parser/parser_common.c
> @@ -70,13 +70,14 @@
> int kernel_supports_policydb = 0; /* kernel supports new policydb */
> int kernel_supports_mount = 0; /* kernel supports mount rules */
> int kernel_supports_dbus = 0; /* kernel supports dbus rules */
> +int kernel_supports_diff_encode = 0; /* kernel supports diff_encode */
> int conf_verbose = 0;
> int conf_quiet = 0;
> int names_only = 0;
> int current_lineno = 1;
> int option = OPTION_ADD;
>
> -dfaflags_t dfaflags = (dfaflags_t)(DFA_CONTROL_TREE_NORMAL | DFA_CONTROL_TREE_SIMPLE | DFA_CONTROL_MINIMIZE );
> +dfaflags_t dfaflags = (dfaflags_t)(DFA_CONTROL_TREE_NORMAL | DFA_CONTROL_TREE_SIMPLE | DFA_CONTROL_MINIMIZE | DFA_CONTROL_DIFF_ENCODE);
>
> char *subdomainbase = NULL;
> const char *progname = __FILE__;
> --- 2.9-test.orig/parser/parser_main.c
> +++ 2.9-test/parser/parser_main.c
> @@ -306,6 +306,7 @@
> return 1;
> }
> }
> +
> return 0;
> }
>
> @@ -847,6 +848,11 @@
> kernel_supports_mount = 1;
> if (strstr(features_string, "dbus"))
> kernel_supports_dbus = 1;
> + if (strstr(features_string, "diff_encode"))
> + kernel_supports_diff_encode = 1;
> + else if (dfaflags & DFA_CONTROL_DIFF_ENCODE)
> + /* clear diff_encode because it is not supported */
> + dfaflags &= ~DFA_CONTROL_DIFF_ENCODE;
> }
>
> int process_binary(int option, const char *profilename)
>
>
> --
> AppArmor mailing list
> AppArmor at lists.ubuntu.com
> Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: Digital signature
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20140416/54e50f1f/attachment.pgp>
More information about the AppArmor
mailing list