2
0
mirror of https://gitlab.com/apparmor/apparmor synced 2025-08-22 10:07:12 +00:00

Write an output typemap for errno-based functions

In Python, return status is signalled by exceptions (or lack thereof)
instead of int. Keep the typemap portable for any other languages we may
add in the future.

Signed-off-by: Ryan Lee <ryan.lee@canonical.com>
This commit is contained in:
Ryan Lee 2024-09-23 12:45:08 -07:00
parent 50d26beb00
commit a15768b0bf

View File

@ -123,15 +123,34 @@ extern char *aa_splitcon(char *con, char **mode);
/* apparmor.h */
extern int aa_is_enabled(void);
/* aa_find_mountpoint mnt is an output pointer to a heap-allocated string */
%cstring_output_allocate(char **mnt, free(*$1));
extern int aa_find_mountpoint(char **mnt);
/* These should not receive the VOID_Object typemap */
extern int aa_change_hat(const char *subprofile, unsigned long magic_token);
extern int aa_change_profile(const char *profile);
extern int aa_change_onexec(const char *profile);
extern int aa_change_hatv(const char *subprofiles[], unsigned long token);
extern int aa_stack_profile(const char *profile);
extern int aa_stack_onexec(const char *profile);
/* aa_find_mountpoint mnt is an output pointer to a heap-allocated string */
%cstring_output_allocate(char **mnt, free(*$1));
/* The other errno-based functions should not always be returning the int value:
* - Python exceptions signal success/failure status instead via the %exception
* handler above.
* - Perl (the other binding) has $! for accessing errno but would check the int
* return status first.
*
* The generated C code for (out) resets the return value to None
* before appending the returned data (argout generated by %cstring stuff)
*/
#ifdef SWIGPYTHON
%typemap(out,noblock=1) int {
#if defined(VOID_Object)
$result = VOID_Object;
#endif
}
#endif
extern int aa_find_mountpoint(char **mnt);
extern int aa_getprocattr(pid_t tid, const char *attr, char **label, char **mode);
extern int aa_gettaskcon(pid_t target, char **label, char **mode);
extern int aa_getcon(char **label, char **mode);