On Sun, Jun 23, 2013 at 04:23:16PM -0700, Tyler Hicks wrote: > The functions that return the confinement information of a peer socket > connection should parse and return the mode like the task-based > functions. > > Signed-off-by: Tyler Hicks <tyhi...@canonical.com>
Acked-by: Seth Arnold <seth.arn...@canonical.com> > --- > libraries/libapparmor/src/apparmor.h | 4 ++-- > libraries/libapparmor/src/kernel_interface.c | 16 +++++++++++++--- > libraries/libapparmor/swig/SWIG/libapparmor.i | 4 ++-- > 3 files changed, 17 insertions(+), 7 deletions(-) > > diff --git a/libraries/libapparmor/src/apparmor.h > b/libraries/libapparmor/src/apparmor.h > index c93bee8..142d1e1 100644 > --- a/libraries/libapparmor/src/apparmor.h > +++ b/libraries/libapparmor/src/apparmor.h > @@ -48,8 +48,8 @@ extern int aa_getprocattr_raw(pid_t tid, const char *attr, > char *buf, int len, > extern int aa_getprocattr(pid_t tid, const char *attr, char **buf, char > **mode); > extern int aa_gettaskcon(pid_t target, char **con, char **mode); > extern int aa_getcon(char **con, char **mode); > -extern int aa_getpeercon_raw(int fd, char *buffer, int *size); > -extern int aa_getpeercon(int fd, char **con); > +extern int aa_getpeercon_raw(int fd, char *buffer, int *size, char **mode); > +extern int aa_getpeercon(int fd, char **con, char **mode); > > #define __macroarg_counter(Y...) __macroarg_count1 ( , ##Y) > #define __macroarg_count1(Y...) __macroarg_count2 (Y, > 16,15,14,13,12,11,10,9,8,7,6,5,4,3,2,1,0) > diff --git a/libraries/libapparmor/src/kernel_interface.c > b/libraries/libapparmor/src/kernel_interface.c > index afb51b5..0c02d15 100644 > --- a/libraries/libapparmor/src/kernel_interface.c > +++ b/libraries/libapparmor/src/kernel_interface.c > @@ -563,13 +563,15 @@ int aa_getcon(char **con, char **mode) > * @fd: socket to get peer confinement for > * @con: pointer to buffer to store confinement string > * @size: initially contains size of the buffer, returns size of data read > + * @mode: if set will point to mode string within buffer if it is present > * > * Returns: length of confinement data including null termination or -1 on > error > * if errno == ERANGE then @size will hold the size needed > */ > -int aa_getpeercon_raw(int fd, char *buffer, int *size) > +int aa_getpeercon_raw(int fd, char *buffer, int *size, char **mode) > { > socklen_t optlen = *size; > + char *mode_str; > int rc; > > if (optlen <= 0 || buffer == NULL) { > @@ -591,9 +593,14 @@ int aa_getpeercon_raw(int fd, char *buffer, int *size) > rc = -1; > errno = ERANGE; > optlen++; > + goto out; > } > } > > + mode_str = parse_confinement_mode(buffer, optlen); > + if (mode) > + *mode = mode_str; > + > rc = optlen; > out: > *size = optlen; > @@ -604,12 +611,13 @@ out: > * aa_getpeercon - get the confinement of the socket's peer (other end) > * @fd: socket to get peer confinement for > * @con: pointer to allocated buffer with the confinement string > + * @mode: if provided will point to the mode string in @con if present > * > * Returns: length of confinement data including null termination or -1 on > error > * > * Caller is responsible for freeing the buffer returned. > */ > -int aa_getpeercon(int fd, char **con) > +int aa_getpeercon(int fd, char **con, char **mode) > { > int rc, last_size, size = INITIAL_GUESS_SIZE; > char *buffer = NULL; > @@ -626,13 +634,15 @@ int aa_getpeercon(int fd, char **con) > return -1; > memset(buffer, 0, size); > > - rc = aa_getpeercon_raw(fd, buffer, &size); > + rc = aa_getpeercon_raw(fd, buffer, &size, mode); > /* size should contain actual size needed if errno == ERANGE */ > } while (rc == -1 && errno == ERANGE && size > last_size); > > if (rc == -1) { > free(buffer); > *con = NULL; > + if (mode) > + *mode = NULL; > size = -1; > } else > *con = buffer; > diff --git a/libraries/libapparmor/swig/SWIG/libapparmor.i > b/libraries/libapparmor/swig/SWIG/libapparmor.i > index f0ebf5a..13b86b8 100644 > --- a/libraries/libapparmor/swig/SWIG/libapparmor.i > +++ b/libraries/libapparmor/swig/SWIG/libapparmor.i > @@ -25,5 +25,5 @@ extern int aa_getprocattr_raw(pid_t tid, const char *attr, > char *buf, int len, > extern int aa_getprocattr(pid_t tid, const char *attr, char **buf, char > **mode); > extern int aa_gettaskcon(pid_t target, char **con, char **mode); > extern int aa_getcon(char **con, char **mode); > -extern int aa_getpeercon_raw(int fd, char *buffer, int *size); > -extern int aa_getpeercon(int fd, char **con); > +extern int aa_getpeercon_raw(int fd, char *buffer, int *size, char **mode); > +extern int aa_getpeercon(int fd, char **con, char **mode); > -- > 1.8.1.2 > > > -- > AppArmor mailing list > AppArmor@lists.ubuntu.com > Modify settings or unsubscribe at: > https://lists.ubuntu.com/mailman/listinfo/apparmor >
signature.asc
Description: Digital signature
-- AppArmor mailing list AppArmor@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor