[apparmor] [patch 16/26] Turn on diff-encoding if the kernel supports it

[john.johansen at canonical.com]

Signed-off-by: John Johansen <john.johansen at canonical.com>
---
 parser/parser.h        |    1 +
 parser/parser_common.c |    3 ++-
 parser/parser_main.c   |    6 ++++++
 3 files changed, 9 insertions(+), 1 deletion(-)

--- 2.9-test.orig/parser/parser.h
+++ 2.9-test/parser/parser.h
@@ -298,6 +298,7 @@
 extern int kernel_load;
 extern int kernel_supports_network;
 extern int kernel_supports_policydb;
+extern int kernel_supports_diff_encode;
 extern int kernel_supports_mount;
 extern int kernel_supports_dbus;
 extern int conf_verbose;
--- 2.9-test.orig/parser/parser_common.c
+++ 2.9-test/parser/parser_common.c
@@ -70,13 +70,14 @@
 int kernel_supports_policydb = 0;	/* kernel supports new policydb */
 int kernel_supports_mount = 0;	        /* kernel supports mount rules */
 int kernel_supports_dbus = 0;		/* kernel supports dbus rules */
+int kernel_supports_diff_encode = 0;	/* kernel supports diff_encode */
 int conf_verbose = 0;
 int conf_quiet = 0;
 int names_only = 0;
 int current_lineno = 1;
 int option = OPTION_ADD;
 
-dfaflags_t dfaflags = (dfaflags_t)(DFA_CONTROL_TREE_NORMAL | DFA_CONTROL_TREE_SIMPLE | DFA_CONTROL_MINIMIZE );
+dfaflags_t dfaflags = (dfaflags_t)(DFA_CONTROL_TREE_NORMAL | DFA_CONTROL_TREE_SIMPLE | DFA_CONTROL_MINIMIZE | DFA_CONTROL_DIFF_ENCODE);
 
 char *subdomainbase = NULL;
 const char *progname = __FILE__;
--- 2.9-test.orig/parser/parser_main.c
+++ 2.9-test/parser/parser_main.c
@@ -306,6 +306,7 @@
 			return 1;
 		}
 	}
+
 	return 0;
 }
 
@@ -847,6 +848,11 @@
 		kernel_supports_mount = 1;
 	if (strstr(features_string, "dbus"))
 		kernel_supports_dbus = 1;
+	if (strstr(features_string, "diff_encode"))
+		kernel_supports_diff_encode = 1;
+	else if (dfaflags & DFA_CONTROL_DIFF_ENCODE)
+		/* clear diff_encode because it is not supported */
+		dfaflags &= ~DFA_CONTROL_DIFF_ENCODE;
 }
 
 int process_binary(int option, const char *profilename)