[apparmor] [patch 12/26] Turn on diff-encoding if the kernel supports it

Seth Arnold seth.arnold at canonical.com
Thu Apr 17 06:14:51 UTC 2014 

On Tue, Apr 15, 2014 at 10:22:19AM -0700, john.johansen at canonical.com wrote:
> Signed-off-by: John Johansen <john.johansen at canonical.com>

Acked-by: Seth Arnold <seth.arnold at canonical.com>

Thanks

> ---
>  parser/parser.h        |    1 +
>  parser/parser_common.c |    3 ++-
>  parser/parser_main.c   |    6 ++++++
>  3 files changed, 9 insertions(+), 1 deletion(-)
> 
> --- 2.9-test.orig/parser/parser.h
> +++ 2.9-test/parser/parser.h
> @@ -298,6 +298,7 @@
>  extern int kernel_load;
>  extern int kernel_supports_network;
>  extern int kernel_supports_policydb;
> +extern int kernel_supports_diff_encode;
>  extern int kernel_supports_mount;
>  extern int kernel_supports_dbus;
>  extern int conf_verbose;
> --- 2.9-test.orig/parser/parser_common.c
> +++ 2.9-test/parser/parser_common.c
> @@ -70,13 +70,14 @@
>  int kernel_supports_policydb = 0;	/* kernel supports new policydb */
>  int kernel_supports_mount = 0;	        /* kernel supports mount rules */
>  int kernel_supports_dbus = 0;		/* kernel supports dbus rules */
> +int kernel_supports_diff_encode = 0;	/* kernel supports diff_encode */
>  int conf_verbose = 0;
>  int conf_quiet = 0;
>  int names_only = 0;
>  int current_lineno = 1;
>  int option = OPTION_ADD;
>  
> -dfaflags_t dfaflags = (dfaflags_t)(DFA_CONTROL_TREE_NORMAL | DFA_CONTROL_TREE_SIMPLE | DFA_CONTROL_MINIMIZE );
> +dfaflags_t dfaflags = (dfaflags_t)(DFA_CONTROL_TREE_NORMAL | DFA_CONTROL_TREE_SIMPLE | DFA_CONTROL_MINIMIZE | DFA_CONTROL_DIFF_ENCODE);
>  
>  char *subdomainbase = NULL;
>  const char *progname = __FILE__;
> --- 2.9-test.orig/parser/parser_main.c
> +++ 2.9-test/parser/parser_main.c
> @@ -306,6 +306,7 @@
>  			return 1;
>  		}
>  	}
> +
>  	return 0;
>  }
>  
> @@ -847,6 +848,11 @@
>  		kernel_supports_mount = 1;
>  	if (strstr(features_string, "dbus"))
>  		kernel_supports_dbus = 1;
> +	if (strstr(features_string, "diff_encode"))
> +		kernel_supports_diff_encode = 1;
> +	else if (dfaflags & DFA_CONTROL_DIFF_ENCODE)
> +		/* clear diff_encode because it is not supported */
> +		dfaflags &= ~DFA_CONTROL_DIFF_ENCODE;
>  }
>  
>  int process_binary(int option, const char *profilename)
> 
> 
> -- 
> AppArmor mailing list
> AppArmor at lists.ubuntu.com
> Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
> 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: Digital signature
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20140416/54e50f1f/attachment.pgp>

More information about the AppArmor mailing list