[apparmor] [PATCH 1/5] Split aa_query_label into a base aa_query_cmd and it, aa_query_label
Christian Boltz
apparmor at cboltz.de
Sun Dec 18 00:03:04 UTC 2016
Hello,
first of all, I fail to parse the second half of the patch summary
(subject) - the "and it, aa_query_label" part looks broken.
Am Freitag, 16. Dezember 2016, 09:57:13 CET schrieb John Johansen:
> Split the basic transaction file query out of aa_query_label so that
> it can be reused by other query types.
>
> Signed-off-by: John Johansen <john.johansen at canonical.com>
> --- a/libraries/libapparmor/doc/aa_query_label.pod
> +++ b/libraries/libapparmor/doc/aa_query_label.pod
> @@ -32,11 +32,18 @@ aa_query_link_path, aa_query_link_path_len - query
> access permissions of a link
>
> B<#include E<lt>sys/apparmor.hE<gt>>
>
> -B<int aa_query_label(uint32_t mask, char *query, size_t size, int
> *allowed, int *audited);> +B<int aa_query_cmd(const char *cmd, size_t
> cmd_size, char *query, + size_t size, char *buffer, size_t bsize);>
>
> -B<int aa_query_file_path(uint32_t mask, const char *label, size_t
> label_len, const char *path, int *allowed, int *audited);> +B<int
> aa_query_label(uint32_t mask, char *query, size_t size, + int
> *allowed, int *audited);>
>
> -B<int aa_query_file_path_len(uint32_t mask, const char *label, size_t
> label_len, const char *path, size_t path_len, int *allowed, int
> *audited);> +B<int aa_query_file_path(uint32_t mask, const char
> *label, size_t label_len, + const char *path, int *allowed, int
> *audited);>
> +
> +B<int aa_query_file_path_len(uint32_t mask, const char *label,
> + size_t label_len, const char *path, size_t path_len,
> + int *allowed, int *audited);>
Re-formatting the existing paragraphs *and* adding a new one make the
patch unreadable (and KMail makes it even worse ;-)
If it isn't too much work, please split off the re-formatting of the
documentation for existing functions into a separate patch (0.5/5 ;-) or
outside of this series).
> diff --git a/libraries/libapparmor/src/libapparmor.map
> b/libraries/libapparmor/src/libapparmor.map index 5cbd4e8..69207d3
> 100644
> --- a/libraries/libapparmor/src/libapparmor.map
> +++ b/libraries/libapparmor/src/libapparmor.map
> @@ -95,6 +95,13 @@ APPARMOR_2.11 {
> *;
> } APPARMOR_2.10;
>
> +APPARMOR_2.12 {
> + global:
> + aa_query_cmd;
> + local:
> + *;
> +} APPARMOR_2.11;
Does this mean you expect this patch to land _after_ the 2.11 release?
(No objections - 2.11 was delayed more than enough ;-) and I can
foresee some reasons why this patch series could introduce another
delay.)
I didn't notice any obvious errors in the code. Either there aren't any,
or I overlooked them thanks to my limited C knownledge ;-)
Regards,
Christian Boltz
--
Pinguine sind picklige Geeks, die sich ihren
Sonnenbrand vorm Monitor holen. [Ratti]
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20161218/696834a5/attachment.pgp>
More information about the AppArmor
mailing list