mir/apparmor
2
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor synced 2025-08-30 22:05:27 +00:00
Code Issues Releases Wiki Activity

Update capabilities to support 64 bit caps

Browse Source
This commit is contained in:
John Johansen
2009-07-24 23:37:03 +00:00
parent b8cde97ab7
commit c8fa7815a6
5 changed files with 50 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
parser/parser_interface.c
View File

@@ -610,7 +610,7 @@ int sd_serialize_profile(sd_serialize *p, struct codomain *profile,
int flattened)
{
struct cod_entry *entry;
u32 allowed_caps;
uint64_t allowed_caps;
if (!sd_write_struct(p, "profile"))
return 0;
@@ -642,14 +642,30 @@ int sd_serialize_profile(sd_serialize *p, struct codomain *profile,
return 0;
if (!sd_write_structend(p))
return 0;
#define low_caps(X) ((u32) (X))
#define high_caps(X) ((u32) ((X) >> 32))
allowed_caps = (profile->capabilities | profile->set_caps) & ~profile->deny_caps;
if (!sd_write32(p, allowed_caps))
if (!sd_write32(p, low_caps(allowed_caps & 0xff)))
return 0;
if (!sd_write32(p, allowed_caps & profile->audit_caps))
if (!sd_write32(p, low_caps(allowed_caps & profile->audit_caps)))
return 0;
if (!sd_write32(p, profile->deny_caps & profile->quiet_caps))
if (!sd_write32(p, low_caps(profile->deny_caps & profile->quiet_caps)))
return 0;
if (!sd_write32(p, profile->set_caps & ~profile->deny_caps))
if (!sd_write32(p, low_caps(profile->set_caps & ~profile->deny_caps)))
return 0;
if (!sd_write_struct(p, "caps64"))
return 0;
if (!sd_write32(p, high_caps(allowed_caps & 0xff)))
return 0;
if (!sd_write32(p, high_caps(allowed_caps & profile->audit_caps)))
return 0;
if (!sd_write32(p, high_caps(profile->deny_caps & profile->quiet_caps)))
return 0;
if (!sd_write32(p, high_caps(profile->set_caps & ~profile->deny_caps)))
return 0;
if (!sd_write_structend(p))
return 0;
if (!sd_serialize_rlimits(p, &profile->rlimits))