[apparmor] Wish list

Christian Boltz apparmor at cboltz.de
Mon Dec 22 18:59:20 UTC 2014 

Hello,

Am Montag, 22. Dezember 2014 schrieb John Johansen:
> On 12/21/2014 09:15 AM, Christian Boltz wrote:
> > Dear Santa,
> > 
> > I have some AppArmor patches that nobody reviewed since some weeks.
> > Since I hope and assume I wasn't too naughty in the last year [1],
> > can I please have some comments or even Acks under my christmas
> > tree? ;-)
> Hehe, sorry December has been a uh interesting month, there has been a
> lot of vacation time burning going on and that has piled up all kinds
> of work.

Is that what people call "december panic"? ;-)

> > My pending patches are:
> > [apparmor] [patch] rule class - split out common parts from  is_covered() (Dec 19) 
> > [apparmor] [patch] delete unused functions check_include_syntax() and check_profile_syntax in aa.py (Dec 6)
> > [apparmor] [patch] improve severity.py test coverage (Dec 6)
> > [apparmor] [patch] update aa.py is_skippable_file() according to libapparmor (Dec 6)
> sorry I have been avoiding the aa.py stuff, I am just not where I want
> to be on it to feel comfortable acking larger changes but I promise
> to skim what is there today

Maybe someone else (Kshitij? Steve? or even Seth?) wants to review 
them? ;-)

That said - thanks for reviewing the profile patches!

> > Re: [apparmor] [patch] - performance again... small changes (Nov 29)
> 
> err, I thought this one was answered, with your ack to Peter's patch
> and a commit to the bzr tree. Seth acked your patch and you acked
> Peters which is enough, am I missing something?

There's a question after the Ack ;-)  (see also the non-random sig)

Let me paste it here in an updated variant:

    MODE_MAP_SET and MODE_HASH.keys() aren't too different:

    ['A', 'C', 'I', 'K', 'L', 'M', 'N', 'P', 'R', 'U', 'W', 'X', 'a', 'c', 'i', 'k', 'l', 'm', 'n', 'p', 'r', 'u', 'w', 'x']   <= sorted(MODE_HASH.keys()
    [     'C', 'I',                'N', 'P',      'U',           'a', 'c', 'i', 'k', 'l', 'm', 'n', 'p', 'r', 'u', 'w', 'x']   <= sorted(MODE_MAP_SET)

    This brings us to the questions if it makes sense to allow 
    uppercase A L M R W X in MODE_HASH.

> > Re: [apparmor] [patch] aa.py: change_profile vs. changes_profile
> > (Nov 29, with test patch)
> your patch was acked by sbeattie, as for the followup bug I have
> created https://bugs.launchpad.net/apparmor/+bug/1404893, hopefully
> sbeattie still has his full test case to add to it

I also hope so ;-) - thanks for opening the bugreport!

To answer your questions about how it is handling "hat" and "^" - 
there's a separate RE_PROFILE_HAT_DEF regex and code section.

> > Re: [apparmor] [patch] add tests for aamode.py (Nov 29)
> 
> through in my 2 cents

Thanks, patch sent ;-)

> > I'm also quite sure that Tyler would love to get some feedback for
> > his [apparmor] [PATCH 0/31] Prepare to move cache loading
> > functionality to libapparmor [apparmor] [PATCH 0/12] Move
> > aa_{match, features, kernel_interface, policy_cache} APIs patch
> > series ;-)
> 
> Indeed, I am working on it but its taking longer than I would like and
> I am trying to go through the entire series and let the end result
> feedback into earlier patches in the review.
> 
> I promise I'll get the review out before tyler is back from vacation.

We'll see how long Tyler needs to stay at vacation ;-))


Regards,

Christian Boltz

PS: non-random sig, as indicated above
-- 
[Re: Status of 2.2 release?]
Erm.. Christian tends to keep creating new 'blocker' tickets
(normally when he closes another!) ... :)
[GingerDog in https://sourceforge.net/forum/message.php?msg_id=4895826]

More information about the AppArmor mailing list