[apparmor] [patch] Add network 'smc' keyword in NetworkRule and apparmor.d manpage

Christian Boltz apparmor at cboltz.de
Tue Aug 29 20:55:07 UTC 2017 

Hello,

'smc' seems to be new in kernel 4.12.


I propose this patch for trunk, 2.11 and 2.10.

Note that the 2.10 apparmor.d manpage also misses the 'kcm' keyword, so
I'll also add it there.

2.9 doesn't have NetworkRule, and it's unlikely that someone expects the
manpage on that old branch to match the latest kernel ;-)


[ 04-network-smc.diff ]

=== modified file ./utils/apparmor/rule/network.py
--- utils/apparmor/rule/network.py      2016-10-01 20:33:23.421684000 +0200
+++ utils/apparmor/rule/network.py      2017-08-29 22:21:17.809764695 +0200
@@ -27,7 +27,7 @@
 network_domain_keywords   = [ 'unspec', 'unix', 'inet', 'ax25', 'ipx', 'appletalk', 'netrom', 'bridge', 'atmpvc', 'x25', 'inet6',
                               'rose', 'netbeui', 'security', 'key', 'netlink', 'packet', 'ash', 'econet', 'atmsvc', 'rds', 'sna',
                               'irda', 'pppox', 'wanpipe', 'llc', 'can', 'tipc', 'bluetooth', 'iucv', 'rxrpc', 'isdn', 'phonet',
-                              'ieee802154', 'caif', 'alg', 'nfc', 'vsock', 'mpls', 'ib', 'kcm' ]
+                              'ieee802154', 'caif', 'alg', 'nfc', 'vsock', 'mpls', 'ib', 'kcm', 'smc' ]
 
 network_type_keywords     = ['stream', 'dgram', 'seqpacket', 'rdm', 'raw', 'packet']
 network_protocol_keywords = ['tcp', 'udp', 'icmp']
--- parser/apparmor.d.pod       2017-07-16 21:43:30.710865535 +0200
+++ parser/apparmor.d.pod       2017-08-29 22:21:42.489684725 +0200
@@ -111,7 +111,7 @@
 
 B<NETWORK RULE> = [ I<QUALIFIERS> ] 'network' [ I<DOMAIN> ] [ I<TYPE> | I<PROTOCOL> ]
 
-B<DOMAIN> = ( 'inet' | 'ax25' | 'ipx' | 'appletalk' | 'netrom' | 'bridge' | 'atmpvc' | 'x25' | 'inet6' | 'rose' | 'netbeui' | 'security' | 'key' | 'packet' | 'ash' | 'econet' | 'atmsvc' | 'sna' | 'irda' | 'pppox' | 'wanpipe' | 'bluetooth' | 'netlink' | 'unix' | 'rds' | 'llc' | 'can' | 'tipc' | 'iucv' | 'rxrpc' | 'isdn' | 'phonet' | 'ieee802154' | 'caif' | 'alg' | 'nfc' | 'vsock' | 'mpls' | 'ib' | 'kcm' ) ','
+B<DOMAIN> = ( 'inet' | 'ax25' | 'ipx' | 'appletalk' | 'netrom' | 'bridge' | 'atmpvc' | 'x25' | 'inet6' | 'rose' | 'netbeui' | 'security' | 'key' | 'packet' | 'ash' | 'econet' | 'atmsvc' | 'sna' | 'irda' | 'pppox' | 'wanpipe' | 'bluetooth' | 'netlink' | 'unix' | 'rds' | 'llc' | 'can' | 'tipc' | 'iucv' | 'rxrpc' | 'isdn' | 'phonet' | 'ieee802154' | 'caif' | 'alg' | 'nfc' | 'vsock' | 'mpls' | 'ib' | 'kcm' | 'smc' ) ','
 
 B<TYPE> = ( 'stream' | 'dgram' | 'seqpacket' |  'rdm' | 'raw' | 'packet' )
 


Regards,

Christian Boltz
-- 
If it isn't broken dont fix it.
[Winston Graeme in opensuse]
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20170829/d037d773/attachment-0001.pgp>

More information about the AppArmor mailing list