Adjust the libapparmor function prototypes, variable names, and comments that incorrectly used the name "con" when referring to the label.
Signed-off-by: Tyler Hicks <tyhi...@canonical.com> --- libraries/libapparmor/include/sys/apparmor.h | 9 ++- libraries/libapparmor/src/kernel_interface.c | 112 +++++++++++++------------- libraries/libapparmor/swig/SWIG/libapparmor.i | 6 +- 3 files changed, 64 insertions(+), 63 deletions(-) diff --git a/libraries/libapparmor/include/sys/apparmor.h b/libraries/libapparmor/include/sys/apparmor.h index 12a7691..361cde8 100644 --- a/libraries/libapparmor/include/sys/apparmor.h +++ b/libraries/libapparmor/include/sys/apparmor.h @@ -62,11 +62,12 @@ extern int (aa_change_hat_vargs)(unsigned long token, int count, ...); */ extern int aa_getprocattr_raw(pid_t tid, const char *attr, char *buf, int len, char **mode); -extern int aa_getprocattr(pid_t tid, const char *attr, char **con, char **mode); -extern int aa_gettaskcon(pid_t target, char **con, char **mode); -extern int aa_getcon(char **con, char **mode); +extern int aa_getprocattr(pid_t tid, const char *attr, char **label, + char **mode); +extern int aa_gettaskcon(pid_t target, char **label, char **mode); +extern int aa_getcon(char **label, char **mode); extern int aa_getpeercon_raw(int fd, char *buf, int *len, char **mode); -extern int aa_getpeercon(int fd, char **con, char **mode); +extern int aa_getpeercon(int fd, char **label, char **mode); /* A NUL character is used to separate the query command prefix string from the * rest of the query string. The query command sizes intentionally include the diff --git a/libraries/libapparmor/src/kernel_interface.c b/libraries/libapparmor/src/kernel_interface.c index e3ef04a..de856f7 100644 --- a/libraries/libapparmor/src/kernel_interface.c +++ b/libraries/libapparmor/src/kernel_interface.c @@ -152,13 +152,13 @@ static char *procattr_path(pid_t pid, const char *attr) } /** - * parse_confinement_mode - get the mode from the confinement string - * @con: the confinement string - * @size: size of the confinement string + * parse_confinement_mode - get the mode from the confinement context + * @con: the confinement context + * @size: size of the confinement context * * Modifies con to NUL-terminate the label string and the mode string. * - * Returns: a pointer to the NUL-terminated mode inside the confinement string + * Returns: a pointer to the NUL-terminated mode inside the confinement context * or NULL if the mode was not found */ static char *parse_confinement_mode(char *con, int size) @@ -262,27 +262,27 @@ out: #define INITIAL_GUESS_SIZE 128 /** - * aa_getprocattr - get the contents of @attr for @tid into @buf + * aa_getprocattr - get the contents of @attr for @tid into @label and @mode * @tid: tid of task to query * @attr: which /proc/<tid>/attr/<attr> to query - * @con: allocated buffer the result is stored in - * @mode: if non-NULL and a mode is present, will point to mode string in @con + * @label: allocated buffer the label is stored in + * @mode: if non-NULL and a mode is present, will point to mode string in @label * * Returns: size of data read or -1 on error, and sets errno * - * Guarantees that @con and @mode are null terminated. The length returned - * is for all data including both @con and @mode, and maybe > than strlen(@con) - * even if @mode is NULL + * Guarantees that @label and @mode are null terminated. The length returned + * is for all data including both @label and @mode, and maybe > than + * strlen(@label) even if @mode is NULL * - * Caller is responsible for freeing the buffer returned in @con. @mode is - * always contained within @con's buffer and so NEVER do free(@mode) + * Caller is responsible for freeing the buffer returned in @label. @mode is + * always contained within @label's buffer and so NEVER do free(@mode) */ -int aa_getprocattr(pid_t tid, const char *attr, char **con, char **mode) +int aa_getprocattr(pid_t tid, const char *attr, char **label, char **mode) { int rc, size = INITIAL_GUESS_SIZE/2; char *buffer = NULL; - if (!con) { + if (!label) { errno = EINVAL; return -1; } @@ -299,11 +299,11 @@ int aa_getprocattr(pid_t tid, const char *attr, char **con, char **mode) if (rc == -1) { free(buffer); - *con = NULL; + *label = NULL; if (mode) *mode = NULL; } else - *con = buffer; + *label = buffer; return rc; } @@ -527,42 +527,42 @@ int (aa_change_hat_vargs)(unsigned long token, int nhats, ...) } /** - * aa_gettaskcon - get the confinement for task @target in an allocated buffer + * aa_gettaskcon - get the confinement context for task @target in an allocated buffer * @target: task to query - * @con: pointer to returned buffer with the confinement string - * @mode: if non-NULL and a mode is present, will point to mode string in @con + * @label: pointer to returned buffer with the label + * @mode: if non-NULL and a mode is present, will point to mode string in @label * - * Returns: length of confinement data or -1 on error and sets errno + * Returns: length of confinement context or -1 on error and sets errno * - * Guarantees that @con and @mode are null terminated. The length returned - * is for all data including both @con and @mode, and maybe > than strlen(@con) - * even if @mode is NULL + * Guarantees that @label and @mode are null terminated. The length returned + * is for all data including both @label and @mode, and maybe > than + * strlen(@label) even if @mode is NULL * - * Caller is responsible for freeing the buffer returned in @con. @mode is - * always contained within @con's buffer and so NEVER do free(@mode) + * Caller is responsible for freeing the buffer returned in @label. @mode is + * always contained within @label's buffer and so NEVER do free(@mode) */ -int aa_gettaskcon(pid_t target, char **con, char **mode) +int aa_gettaskcon(pid_t target, char **label, char **mode) { - return aa_getprocattr(target, "current", con, mode); + return aa_getprocattr(target, "current", label, mode); } /** - * aa_getcon - get the confinement for current task in an allocated buffer - * @con: pointer to return buffer with the confinement if successful - * @mode: if non-NULL and a mode is present, will point to mode string in @con + * aa_getcon - get the confinement context for current task in an allocated buffer + * @label: pointer to return buffer with the label if successful + * @mode: if non-NULL and a mode is present, will point to mode string in @label * - * Returns: length of confinement data or -1 on error and sets errno + * Returns: length of confinement context or -1 on error and sets errno * - * Guarantees that @con and @mode are null terminated. The length returned - * is for all data including both @con and @mode, and may > than strlen(@con) - * even if @mode is NULL + * Guarantees that @label and @mode are null terminated. The length returned + * is for all data including both @label and @mode, and may > than + * strlen(@label) even if @mode is NULL * - * Caller is responsible for freeing the buffer returned in @con. @mode is - * always contained within @con's buffer and so NEVER do free(@mode) + * Caller is responsible for freeing the buffer returned in @label. @mode is + * always contained within @label's buffer and so NEVER do free(@mode) */ -int aa_getcon(char **con, char **mode) +int aa_getcon(char **label, char **mode) { - return aa_gettaskcon(aa_gettid(), con, mode); + return aa_gettaskcon(aa_gettid(), label, mode); } @@ -571,14 +571,14 @@ int aa_getcon(char **con, char **mode) #endif /** - * aa_getpeercon_raw - get the confinement of the socket's peer (other end) - * @fd: socket to get peer confinement for + * aa_getpeercon_raw - get the confinement context of the socket's peer (other end) + * @fd: socket to get peer confinement context for * @buf: buffer to store the result in * @len: initially contains size of the buffer, returns size of data read * @mode: if non-NULL and a mode is present, will point to mode string in @buf * - * Returns: length of confinement data including null termination or -1 on error - * if errno == ERANGE then @len will hold the size needed + * Returns: length of confinement context including null termination or -1 on + * error if errno == ERANGE then @len will hold the size needed */ int aa_getpeercon_raw(int fd, char *buf, int *len, char **mode) { @@ -620,26 +620,26 @@ out: } /** - * aa_getpeercon - get the confinement of the socket's peer (other end) - * @fd: socket to get peer confinement for - * @con: pointer to allocated buffer with the confinement string - * @mode: if non-NULL and a mode is present, will point to mode string in @con + * aa_getpeercon - get the confinement context of the socket's peer (other end) + * @fd: socket to get peer confinement context for + * @label: pointer to allocated buffer with the label + * @mode: if non-NULL and a mode is present, will point to mode string in @label * - * Returns: length of confinement data including null termination or -1 on error + * Returns: length of confinement context including null termination or -1 on error * - * Guarantees that @con and @mode are null terminated. The length returned - * is for all data including both @con and @mode, and maybe > than strlen(@con) - * even if @mode is NULL + * Guarantees that @label and @mode are null terminated. The length returned + * is for all data including both @label and @mode, and maybe > than + * strlen(@label) even if @mode is NULL * - * Caller is responsible for freeing the buffer returned in @con. @mode is - * always contained within @con's buffer and so NEVER do free(@mode) + * Caller is responsible for freeing the buffer returned in @label. @mode is + * always contained within @label's buffer and so NEVER do free(@mode) */ -int aa_getpeercon(int fd, char **con, char **mode) +int aa_getpeercon(int fd, char **label, char **mode) { int rc, last_size, size = INITIAL_GUESS_SIZE; char *buffer = NULL; - if (!con) { + if (!label) { errno = EINVAL; return -1; } @@ -657,12 +657,12 @@ int aa_getpeercon(int fd, char **con, char **mode) if (rc == -1) { free(buffer); - *con = NULL; + *label = NULL; if (mode) *mode = NULL; size = -1; } else - *con = buffer; + *label = buffer; return size; } diff --git a/libraries/libapparmor/swig/SWIG/libapparmor.i b/libraries/libapparmor/swig/SWIG/libapparmor.i index 32a2fb3..6bae3f6 100644 --- a/libraries/libapparmor/swig/SWIG/libapparmor.i +++ b/libraries/libapparmor/swig/SWIG/libapparmor.i @@ -33,10 +33,10 @@ extern int aa_change_hat_vargs(unsigned long token, int count, ...); extern int aa_getprocattr_raw(pid_t tid, const char *attr, char *buf, int len, char **mode); extern int aa_getprocattr(pid_t tid, const char *attr, char **buf, char **mode); -extern int aa_gettaskcon(pid_t target, char **con, char **mode); -extern int aa_getcon(char **con, char **mode); +extern int aa_gettaskcon(pid_t target, char **label, char **mode); +extern int aa_getcon(char **label, char **mode); extern int aa_getpeercon_raw(int fd, char *buf, int *len, char **mode); -extern int aa_getpeercon(int fd, char **con, char **mode); +extern int aa_getpeercon(int fd, char **label, char **mode); extern int aa_query_label(uint32_t mask, char *query, size_t size, int *allow, int *audit); -- 2.1.0 -- AppArmor mailing list AppArmor@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor