On 03/06/2015 01:48 PM, Tyler Hicks wrote: > This patch set creates a libapparmor API to allow for in-process AppArmor > policy cache loading. At the moment, this API will be useful for > apparmor_parser and systemd. > > I've combined two different proposed patch sets[1][2] into one since they both > work towards the same goal of providing a policy cache loading API. Sorry for > the number of patches involved here. > > In this version 2 set, I've addressed a few important feedback items that I > got > from v1 of the two patchsets: > > * Don't throw away the debug/error logging in the code that is moved from the > parser to libapparmor > - The "libapparmor: Add basic logging functionality" patch adds equivalent > PDEBUG() and PERROR() logging macros to libapparmor > - I've went back and reintroduced all of the PDEBUG() and PERROR() calls > that were removed in v1 > * Don't expose anything about the match file support in libapparmor > - The "parser: Begin to flesh out library interface for features" patch > leaves the match file parsing in parsing_main.c and all related patches > to > the previously proposed aa_match interface have been dropped > - Only apparmor_parser will properly support the match file. Users of the > new libapparmor API, such as systemd, will not work with a match file > based system. > * Create a string based aa_features API rather than using a design that > require libapparmor to be updated when the kernel and/or parser receives > new > features > - The "parser: Add functions for features support tests" patch has been > rewritten to use a string based API and those changes have been > propagated > throughout the set > > I left ack's on patches that didn't see much churn and tried to remember to > drop them if I made any large changes. > So as before I skipped the patches I sent or those that already have an ack
-- AppArmor mailing list AppArmor@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
