[apparmor] [PATCH 01/14] Rename AA_MAY_XXX permission bits that conflict with new layout

John Johansen john.johansen at canonical.com
Thu Jun 4 18:21:31 UTC 2015


On 06/04/2015 06:56 AM, Tyler Hicks wrote:
> On 2015-06-04 03:56:30, John Johansen wrote:
>> The parser currently is still using the old permission layout, the kernel
>> uses a newer layout that allows for more permission bits. The newer
>> newer permission layout is needed by the library to query the kernel,
>> however that causes some of the permission bits to be redefined.
>>
>> Rename the permission bits that cause redefination warnings to use
>> AA_OLD_MAY_XXX
>>
>> Signed-off-by: John Johansen <john.johansen at canonical.com>
> 
> Out of curiosity, how can the parser and kernel be out of sync and
> things still work as expected? The kernel is doing some sort of
> conversion on the rules loaded by the parser?
> 

yes the kernel is mapping the old perms format to the new. My plans for
the parser is to rework all the permission code so that there is a
remap method that can provide the correct layout for a given abi.

This unfortunately requires work in every stage of the parser, (front,
middle, and back) and I just haven't had the time to do it.





More information about the AppArmor mailing list