[apparmor] [PATCH 2/6] libapparmor: Rename aa_policy_cache_create
Tyler Hicks
tyhicks at canonical.com
Wed Mar 25 22:37:17 UTC 2015
The aa_policy_cache_create() function had a name that didn't quite match
its actions. It doesn't create a new policy cache. It actually requires
an existing policy cache, with some sort of .features file, to already
exist.
It unconditionally makes a policy cache "valid" by clearing all of the
files and creating a new .features file from the current running kernel.
Signed-off-by: Tyler Hicks <tyhicks at canonical.com>
---
libraries/libapparmor/include/sys/apparmor.h | 2 +-
libraries/libapparmor/src/libapparmor.map | 2 +-
libraries/libapparmor/src/policy_cache.c | 4 ++--
parser/parser_main.c | 2 +-
tests/regression/apparmor/aa_policy_cache.c | 14 +++++++-------
tests/regression/apparmor/aa_policy_cache.sh | 8 ++++----
6 files changed, 16 insertions(+), 16 deletions(-)
diff --git a/libraries/libapparmor/include/sys/apparmor.h b/libraries/libapparmor/include/sys/apparmor.h
index 99ce36b..43d6efc 100644
--- a/libraries/libapparmor/include/sys/apparmor.h
+++ b/libraries/libapparmor/include/sys/apparmor.h
@@ -147,7 +147,7 @@ aa_policy_cache *aa_policy_cache_ref(aa_policy_cache *policy_cache);
void aa_policy_cache_unref(aa_policy_cache *policy_cache);
bool aa_policy_cache_is_valid(aa_policy_cache *policy_cache);
-int aa_policy_cache_create(aa_policy_cache *policy_cache);
+int aa_policy_cache_make_valid(aa_policy_cache *policy_cache);
int aa_policy_cache_remove(const char *path);
int aa_policy_cache_replace_all(aa_policy_cache *policy_cache,
aa_kernel_interface *kernel_interface);
diff --git a/libraries/libapparmor/src/libapparmor.map b/libraries/libapparmor/src/libapparmor.map
index 3f43494..2f440f0 100644
--- a/libraries/libapparmor/src/libapparmor.map
+++ b/libraries/libapparmor/src/libapparmor.map
@@ -77,7 +77,7 @@ APPARMOR_2.10 {
aa_policy_cache_ref;
aa_policy_cache_unref;
aa_policy_cache_is_valid;
- aa_policy_cache_create;
+ aa_policy_cache_make_valid;
aa_policy_cache_remove;
aa_policy_cache_replace_all;
local:
diff --git a/libraries/libapparmor/src/policy_cache.c b/libraries/libapparmor/src/policy_cache.c
index a9e43bb..e438439 100644
--- a/libraries/libapparmor/src/policy_cache.c
+++ b/libraries/libapparmor/src/policy_cache.c
@@ -225,13 +225,13 @@ bool aa_policy_cache_is_valid(aa_policy_cache *policy_cache)
}
/**
- * aa_policy_cache_create - creates a valid policy_cache for the currently running kernel
+ * aa_policy_cache_make_valid - empties the policy_cache and makes it valid for the currently running kernel
* @policy_cache: the policy_cache
*
* Returns: 0 on success, -1 on error with errno set and features pointing to
* NULL
*/
-int aa_policy_cache_create(aa_policy_cache *policy_cache)
+int aa_policy_cache_make_valid(aa_policy_cache *policy_cache)
{
return create_cache(policy_cache, policy_cache->kernel_features);
}
diff --git a/parser/parser_main.c b/parser/parser_main.c
index 8aee148..1dc3088 100644
--- a/parser/parser_main.c
+++ b/parser/parser_main.c
@@ -929,7 +929,7 @@ int main(int argc, char *argv[])
skip_read_cache = 0;
} else if (!aa_policy_cache_is_valid(policy_cache)) {
if (write_cache && cond_clear_cache &&
- aa_policy_cache_create(policy_cache)) {
+ aa_policy_cache_make_valid(policy_cache)) {
if (show_cache)
PERROR("Cache write disabled: Cannot create cache '%s': %m\n",
cacheloc);
diff --git a/tests/regression/apparmor/aa_policy_cache.c b/tests/regression/apparmor/aa_policy_cache.c
index b08fd1f..cb4bc71 100644
--- a/tests/regression/apparmor/aa_policy_cache.c
+++ b/tests/regression/apparmor/aa_policy_cache.c
@@ -22,7 +22,7 @@
#include <sys/apparmor.h>
-#define OPT_CREATE "create"
+#define OPT_MAKE_VALID "make-valid"
#define OPT_IS_VALID "is-valid"
#define OPT_NEW "new"
#define OPT_NEW_CREATE "new-create"
@@ -40,12 +40,12 @@ static void usage(const char *prog)
" %s %s <PATH>\n"
" %s %s <PROFILE_NAME>\n"
" %s %s <PATH>\n",
- prog, OPT_CREATE, prog, OPT_IS_VALID, prog, OPT_NEW,
+ prog, OPT_MAKE_VALID, prog, OPT_IS_VALID, prog, OPT_NEW,
prog, OPT_NEW_CREATE, prog, OPT_REMOVE, prog, OPT_REMOVE_POLICY,
prog, OPT_REPLACE_ALL);
}
-static int test_create(const char *path)
+static int test_make_valid(const char *path)
{
aa_features *features = NULL;
aa_policy_cache *policy_cache = NULL;
@@ -61,8 +61,8 @@ static int test_create(const char *path)
goto out;
}
- if (aa_policy_cache_create(policy_cache)) {
- perror("FAIL - aa_policy_cache_create");
+ if (aa_policy_cache_make_valid(policy_cache)) {
+ perror("FAIL - aa_policy_cache_make_valid");
goto out;
}
@@ -204,8 +204,8 @@ int main(int argc, char **argv)
exit(1);
}
- if (strcmp(argv[1], OPT_CREATE) == 0) {
- rc = test_create(argv[2]);
+ if (strcmp(argv[1], OPT_MAKE_VALID) == 0) {
+ rc = test_make_valid(argv[2]);
} else if (strcmp(argv[1], OPT_IS_VALID) == 0) {
rc = test_is_valid(argv[2]);
} else if (strcmp(argv[1], OPT_NEW) == 0) {
diff --git a/tests/regression/apparmor/aa_policy_cache.sh b/tests/regression/apparmor/aa_policy_cache.sh
index fb9a830..427ddfa 100755
--- a/tests/regression/apparmor/aa_policy_cache.sh
+++ b/tests/regression/apparmor/aa_policy_cache.sh
@@ -117,12 +117,12 @@ runchecktest "AA_POLICY_CACHE is-valid (no cachedir)" fail is-valid "$cachedir"
create_cachedir
install_bad_features_file
-runchecktest "AA_POLICY_CACHE create (bad .features)" pass create "$cachedir"
-runchecktest "AA_POLICY_CACHE create (good .features)" pass create "$cachedir"
+runchecktest "AA_POLICY_CACHE make-valid (bad .features)" pass make-valid "$cachedir"
+runchecktest "AA_POLICY_CACHE make-valid (good .features)" pass make-valid "$cachedir"
remove_features_file
-runchecktest "AA_POLICY_CACHE create (no .features)" fail create "$cachedir"
+runchecktest "AA_POLICY_CACHE make-valid (no .features)" fail make-valid "$cachedir"
remove_cachedir
-runchecktest "AA_POLICY_CACHE create (no cachedir)" fail create "$cachedir"
+runchecktest "AA_POLICY_CACHE make-valid (no cachedir)" fail make-valid "$cachedir"
# Make sure that no test policies are already loaded
verify_policies_are_not_loaded
--
2.1.4
More information about the AppArmor
mailing list