[apparmor] [patch] Add network 'smc' keyword in NetworkRule and apparmor.d manpage

Tue, 29 Aug 2017 13:55:40 -0700 

Hello,

'smc' seems to be new in kernel 4.12.


I propose this patch for trunk, 2.11 and 2.10.

Note that the 2.10 apparmor.d manpage also misses the 'kcm' keyword, so
I'll also add it there.

2.9 doesn't have NetworkRule, and it's unlikely that someone expects the
manpage on that old branch to match the latest kernel ;-)


[ 04-network-smc.diff ]

=== modified file ./utils/apparmor/rule/network.py
--- utils/apparmor/rule/network.py      2016-10-01 20:33:23.421684000 +0200
+++ utils/apparmor/rule/network.py      2017-08-29 22:21:17.809764695 +0200
@@ -27,7 +27,7 @@
 network_domain_keywords   = [ 'unspec', 'unix', 'inet', 'ax25', 'ipx', 
'appletalk', 'netrom', 'bridge', 'atmpvc', 'x25', 'inet6',
                               'rose', 'netbeui', 'security', 'key', 'netlink', 
'packet', 'ash', 'econet', 'atmsvc', 'rds', 'sna',
                               'irda', 'pppox', 'wanpipe', 'llc', 'can', 
'tipc', 'bluetooth', 'iucv', 'rxrpc', 'isdn', 'phonet',
-                              'ieee802154', 'caif', 'alg', 'nfc', 'vsock', 
'mpls', 'ib', 'kcm' ]
+                              'ieee802154', 'caif', 'alg', 'nfc', 'vsock', 
'mpls', 'ib', 'kcm', 'smc' ]
 
 network_type_keywords     = ['stream', 'dgram', 'seqpacket', 'rdm', 'raw', 
'packet']
 network_protocol_keywords = ['tcp', 'udp', 'icmp']
--- parser/apparmor.d.pod       2017-07-16 21:43:30.710865535 +0200
+++ parser/apparmor.d.pod       2017-08-29 22:21:42.489684725 +0200
@@ -111,7 +111,7 @@
 
 B<NETWORK RULE> = [ I<QUALIFIERS> ] 'network' [ I<DOMAIN> ] [ I<TYPE> | 
I<PROTOCOL> ]
 
-B<DOMAIN> = ( 'inet' | 'ax25' | 'ipx' | 'appletalk' | 'netrom' | 'bridge' | 
'atmpvc' | 'x25' | 'inet6' | 'rose' | 'netbeui' | 'security' | 'key' | 'packet' 
| 'ash' | 'econet' | 'atmsvc' | 'sna' | 'irda' | 'pppox' | 'wanpipe' | 
'bluetooth' | 'netlink' | 'unix' | 'rds' | 'llc' | 'can' | 'tipc' | 'iucv' | 
'rxrpc' | 'isdn' | 'phonet' | 'ieee802154' | 'caif' | 'alg' | 'nfc' | 'vsock' | 
'mpls' | 'ib' | 'kcm' ) ','
+B<DOMAIN> = ( 'inet' | 'ax25' | 'ipx' | 'appletalk' | 'netrom' | 'bridge' | 
'atmpvc' | 'x25' | 'inet6' | 'rose' | 'netbeui' | 'security' | 'key' | 'packet' 
| 'ash' | 'econet' | 'atmsvc' | 'sna' | 'irda' | 'pppox' | 'wanpipe' | 
'bluetooth' | 'netlink' | 'unix' | 'rds' | 'llc' | 'can' | 'tipc' | 'iucv' | 
'rxrpc' | 'isdn' | 'phonet' | 'ieee802154' | 'caif' | 'alg' | 'nfc' | 'vsock' | 
'mpls' | 'ib' | 'kcm' | 'smc' ) ','
 
 B<TYPE> = ( 'stream' | 'dgram' | 'seqpacket' |  'rdm' | 'raw' | 'packet' )
 


Regards,

Christian Boltz
-- 
If it isn't broken dont fix it.
[Winston Graeme in opensuse]

Attachment: signature.asc
Description: This is a digitally signed message part.

-- 
AppArmor mailing list
AppArmor@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/apparmor

Reply via email to