[apparmor] [PATCH 01/14] Rename AA_MAY_XXX permission bits that conflict with new layout

John Johansen john.johansen at canonical.com
Thu Jun 4 18:21:31 UTC 2015

On 06/04/2015 06:56 AM, Tyler Hicks wrote:
> On 2015-06-04 03:56:30, John Johansen wrote:
>> The parser currently is still using the old permission layout, the kernel
>> uses a newer layout that allows for more permission bits. The newer
>> newer permission layout is needed by the library to query the kernel,
>> however that causes some of the permission bits to be redefined.
>> Rename the permission bits that cause redefination warnings to use
>> Signed-off-by: John Johansen <john.johansen at canonical.com>
> Out of curiosity, how can the parser and kernel be out of sync and
> things still work as expected? The kernel is doing some sort of
> conversion on the rules loaded by the parser?

yes the kernel is mapping the old perms format to the new. My plans for
the parser is to rework all the permission code so that there is a
remap method that can provide the correct layout for a given abi.

This unfortunately requires work in every stage of the parser, (front,
middle, and back) and I just haven't had the time to do it.

More information about the AppArmor mailing list