[apparmor] [PATCH v2 00/42] Create libapparmor API for policy cache loading

[Tyler Hicks]

This patch set creates a libapparmor API to allow for in-process AppArmor
policy cache loading. At the moment, this API will be useful for
apparmor_parser and systemd.

I've combined two different proposed patch sets[1][2] into one since they both
work towards the same goal of providing a policy cache loading API. Sorry for
the number of patches involved here.

In this version 2 set, I've addressed a few important feedback items that I got
from v1 of the two patchsets:

 * Don't throw away the debug/error logging in the code that is moved from the
   parser to libapparmor
   - The "libapparmor: Add basic logging functionality" patch adds equivalent
     PDEBUG() and PERROR() logging macros to libapparmor
   - I've went back and reintroduced all of the PDEBUG() and PERROR() calls
     that were removed in v1
 * Don't expose anything about the match file support in libapparmor
   - The "parser: Begin to flesh out library interface for features" patch
     leaves the match file parsing in parsing_main.c and all related patches to
     the previously proposed aa_match interface have been dropped
   - Only apparmor_parser will properly support the match file. Users of the
     new libapparmor API, such as systemd, will not work with a match file
     based system.
 * Create a string based aa_features API rather than using a design that
   require libapparmor to be updated when the kernel and/or parser receives new
   features
   - The "parser: Add functions for features support tests" patch has been
     rewritten to use a string based API and those changes have been propagated
     throughout the set

I left ack's on patches that didn't see much churn and tried to remember to
drop them if I made any large changes.

Tyler

[1] https://lists.ubuntu.com/archives/apparmor/2014-December/006929.html
[2] https://lists.ubuntu.com/archives/apparmor/2014-December/006973.html