mir/apparmor
2
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor synced 2025-09-05 16:55:32 +00:00
Code Issues Releases Wiki Activity

libapparmor: add APPARMOR_1.1 version for aa_query_label symbol

Browse Source 
In the course of developing apparmor dbus mediation, the aa_query_label
symbol was added to libapparmor on trunk, and given the symbol version
(via libapparmor.map) of APPARMOR_3.0. As apparmor upstream, we have
not made a release where this would have been exported.

Unfortunately, in Ubuntu, a version was released in 13.10 that included
the aa_query_label() symbol with a version of APPARMOR_1.1. This
can cause a breakage on that platform with the incorporation of the
impending apparmor 2.9 release.

This patch provides both versions (APPARMOR_1.1 and APPARMOR_2.9)
of the aa_query_label() symbol. It requires the function name in
kernel_interface.c to be renamed (similar to how the deprecated
change_hat() symbol is named in the source as __change_hat()),
otherwise linking fails with duplicated symbols. The default symbol
used will still be the APPARMOR_2.9 version, but binaries linked with
the APPARMOR_1.1 version would still continue to work unchanged.

Signed-off-by: Steve Beattie <steve@nxnw.org>
Acked-by: John Johansen <john.johansen@canonical.com>
This commit is contained in:
Steve Beattie
2014-03-01 15:46:42 -08:00
parent 6a44e0eef5
commit 09af9efd5c
3 changed files with 23 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
libraries/libapparmor/src/kernel_interface.c
View File

@@ -702,8 +702,8 @@ static void aafs_access_init_once(void)
* ENOENT, the subject label in the query string is unknown to the
* kernel.
*/
int aa_query_label(uint32_t mask, char *query, size_t size, int *allowed,
int *audited)
int query_label(uint32_t mask, char *query, size_t size, int *allowed,
int *audited)
{
char buf[QUERY_LABEL_REPLY_LEN];
uint32_t allow, deny, audit, quiet;
@@ -770,3 +770,9 @@ int aa_query_label(uint32_t mask, char *query, size_t size, int *allowed,
return 0;
}
/* export multiple aa_query_label symbols to compensate for downstream
* releases with differing symbol versions. */
extern typeof((query_label)) __aa_query_label __attribute__((alias ("query_label")));
symbol_version(__aa_query_label, aa_query_label, APPARMOR_1.1);
default_symbol_version(query_label, aa_query_label, APPARMOR_3.0);