[apparmor] [Patch][parser] if a cache load fails, attempt to rebuild and load it

John Johansen john.johansen at canonical.com
Sun Sep 21 11:04:48 UTC 2014 

On 09/19/2014 06:48 PM, Seth Arnold wrote:
> On Fri, Sep 19, 2014 at 01:48:09PM -0700, John Johansen wrote:
>> On 09/19/2014 12:37 PM, John Johansen wrote:
>>
>> fix: if the apparmor parser fails to load the cache try rebuilding
>>
>> v2. Change bail out condition, it should skip rebuilding the cache if the load succeed
>>
>> Signed-off-by: John Johansen <john.johansen at canonical.com>
> 
> Some quibbles on this one... First, the variable name makes a lot more
> sense to me than the command line option -- I'd rather the command line
> option match, "skip-rebuild-bad-cache" or "skip-rebuild-on-bad-cache".
> Second, the --help isn't updated yet.
> 
> But I think the logic works alright.
> 
How's this

fix: if the apparmor parser fails to load the cache try rebuilding

Signed-off-by: John Johansen <john.johansen at canonical.com>
---
 apparmor/2.9-new/parser/parser_main.c |    9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

--- jj.orig/apparmor/2.9-new/parser/parser_main.c
+++ jj/apparmor/2.9-new/parser/parser_main.c
@@ -75,6 +75,7 @@
 int preprocess_only = 0;
 int skip_mode_force = 0;
 int abort_on_error = 0;			/* stop processing profiles if error */
+int skip_bad_cache_rebuild = 0;
 struct timespec mru_tstamp;
 
 #define FEATURES_STRING_SIZE 8192
@@ -125,6 +126,7 @@
 	{"Optimize",		1, 0, 'O'},
 	{"preprocess",		0, 0, 'p'},
 	{"abort-on-error",	0, 0, 132},	/* no short option */
+	{"skip-bad-cache-rebuild",	0, 0, 133},	/* no short option */
 	{NULL, 0, 0, 0},
 };
 
@@ -175,6 +177,7 @@
 	       "-O [n], --Optimize	Control dfa optimizations\n"
 	       "-h [cmd], --help[=cmd]  Display this text or info about cmd\n"
 	       "--abort-on-error	Abort processing of profiles on first error\n"
+	       "--skip-bad-cache-rebuild Do not try rebuilding the cache if it is rejected by the kernel\n"
 	       ,command);
 }
 
@@ -416,6 +419,9 @@
 	case 132:
 		abort_on_error = 1;
 		break;
+	case 133:
+		skip_bad_cache_rebuild = 1;
+		break;
 	case 'L':
 		cacheloc = strdup(optarg);
 		break;
@@ -938,7 +944,8 @@
 			if (show_cache)
 				PERROR("Cache hit: %s\n", cachename);
 			retval = process_binary(option, cachename);
-			goto out;
+			if (!retval || skip_bad_cache_rebuild)
+				goto out;
 		}
 		if (write_cache) {
 			/* Otherwise, set up to save a cached copy */

More information about the AppArmor mailing list