From d06260859bd83071e1000b1372d45f64fe8e21a8 Mon Sep 17 00:00:00 2001
From: Christian Boltz <apparmor@cboltz.de>
Date: Tue, 11 Mar 2025 21:02:52 +0100
Subject: [PATCH] add support for writing quoted mount source and mountpoints

Add quotes if a mount source or mountpoint includes whitespace.
Also explicitely handle empty mount source (known from
1f33fc9b29c174698fdf0116a4a9f50680ec4fdb)

As usual, some tests can't hurt ;-)
---
 utils/apparmor/rule/mount.py | 9 ++++++---
 utils/test/test-mount.py     | 3 +++
 2 files changed, 9 insertions(+), 3 deletions(-)

diff --git a/utils/apparmor/rule/mount.py b/utils/apparmor/rule/mount.py
index a90f60d26..0c4345283 100644
--- a/utils/apparmor/rule/mount.py
+++ b/utils/apparmor/rule/mount.py
@@ -17,7 +17,7 @@ from apparmor.common import AppArmorBug, AppArmorException
 
 from apparmor.regex import RE_PROFILE_MOUNT, strip_parenthesis, strip_quotes
 from apparmor.rule import AARE
-from apparmor.rule import BaseRule, BaseRuleset, parse_modifiers, logprof_value_or_all, check_and_split_list
+from apparmor.rule import BaseRule, BaseRuleset, parse_modifiers, logprof_value_or_all, check_and_split_list, quote_if_needed
 
 from apparmor.translations import init_translation
 
@@ -201,10 +201,13 @@ class MountRule(BaseRule):
 
         if self.operation == 'mount':
             if not self.all_source:
-                source = ' ' + str(self.source.regex)
+                if self.source.regex == '':
+                    source = ' ""'
+                else:
+                    source = ' ' + quote_if_needed(str(self.source.regex))
 
             if not self.all_dest:
-                dest = ' -> ' + str(self.dest.regex)
+                dest = ' -> ' + quote_if_needed(str(self.dest.regex))
 
         else:
             if not self.all_dest:
diff --git a/utils/test/test-mount.py b/utils/test/test-mount.py
index 0a3483bf6..754a62648 100644
--- a/utils/test/test-mount.py
+++ b/utils/test/test-mount.py
@@ -207,6 +207,9 @@ class MountTestClean(AATest):
         ('     mount                                fstype  in (  sysfs  ,  procfs  )           ,           ', 'mount fstype in (procfs, sysfs),'),
         ('     mount  options  in (  rw  )                                                      ,           ', 'mount options in (rw),'),
         ('     mount  options  in (  rw , noatime  )                                            ,           ', 'mount options in (noatime, rw),'),
+        ('     mount     none -> /foo                                                           ,           ', 'mount none -> /foo,'),
+        ('     mount     ""   -> /foo                                                           ,           ', 'mount "" -> /foo,'),
+        ('     mount  "/f /b" -> "/foo bar"                                                     ,           ', 'mount "/f /b" -> "/foo bar",'),
         ('     umount                                                                           ,           ', 'umount,'),
         ('     umount                                                            /foo           ,           ', 'umount /foo,'),
         ('     remount                                                                          ,           ', 'remount,'),