[prev in list] [next in list] [prev in thread] [next in thread]
List: apparmor-dev
Subject: Re: [apparmor] [PATCH 2/3] Fix protocol error when loading policy to kernels without compat patches
From: John Johansen <john.johansen () canonical ! com>
Date: 2012-04-11 22:45:11
Message-ID: 4F860977.1020103 () canonical ! com
[Download RAW message or body]
On 04/11/2012 03:35 PM, Steve Beattie wrote:
> On Wed, Apr 11, 2012 at 01:53:41PM -0700, John Johansen wrote:
>> http://bugs.launchpad.net/bugs/968956
>>
>> The parser is incorrectly generating network rules for kernels that can
>> not support them. This occurs on kernels with the new features directory
>> but not the compatibility patches applied.
>>
>> Signed-off-by: John Johansen <john.johansen@canonical.com>
>
> Acked-By: Steve Beattie <sbeattie@ubuntu.com> though another way to
> address this would be to adjust where kernel_supports_network gets set
> initially to 0. (It's the reason a corresponding fix isn't needed for
> kernel_supports_mount.)
>
right I considered that, but figured its pretty late to be checking and
verifying those other paths for this release. This keeps it localized for now
>> ---
>> parser/parser_main.c | 2 ++
>> 1 files changed, 2 insertions(+), 0 deletions(-)
>>
>> diff --git a/parser/parser_main.c b/parser/parser_main.c
>> index fcb8554..f57cfb1 100644
>> --- a/parser/parser_main.c
>> +++ b/parser/parser_main.c
>> @@ -801,6 +801,8 @@ static void get_match_string(void) {
>> handle_features_dir(FLAGS_FILE, &flags_string, FLAGS_STRING_SIZE, flags_string);
>> if (strstr(flags_string, "network"))
>> kernel_supports_network = 1;
>> + else
>> + kernel_supports_network = 0;
>> if (strstr(flags_string, "mount"))
>> kernel_supports_mount = 1;
>> return;
>> --
>> 1.7.9.1
>>
>>
>> --
>> AppArmor mailing list
>> AppArmor@lists.ubuntu.com
>> Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
>
>
>
--
AppArmor mailing list
AppArmor@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic