From f79ea041a43b4e8e43d4d6e4db3070a70a29d4ed Mon Sep 17 00:00:00 2001
From: John Johansen <john.johansen@canonical.com>
Date: Thu, 11 Feb 2021 03:54:44 -0800
Subject: [PATCH] libapparmor: alphasort directory traversals

Directory traversal does not have a guaranteed walk order which can
cause ordering problems on profile loads when explicit dependencies
are missing.

Combined with MR:703 this provides a userspace work around for issue
147.

Fixes: https://gitlab.com/apparmor/apparmor/-/issues/147
MR: https://gitlab.com/apparmor/apparmor/-/merge_requests/706
Signed-off-by: John Johansen <john.johansen@canonical.com>
Acked-by: Steve Beattie <steve.beattie@canonical.com>
(cherry picked from commit fe477af62a90a7ce80191708a5ecb419c33d4042)
Signed-off-by: John Johansen <john.johansen@canonical.com>
---
 libraries/libapparmor/src/private.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/libraries/libapparmor/src/private.c b/libraries/libapparmor/src/private.c
index 69e87eb1a..88273bb96 100644
--- a/libraries/libapparmor/src/private.c
+++ b/libraries/libapparmor/src/private.c
@@ -474,7 +474,7 @@ int _aa_dirat_for_each(int dirfd, const char *name, void *data,
 		return -1;
 	}
 
-	num_dirs = readdirfd(cb_dirfd, &namelist, NULL);
+	num_dirs = readdirfd(cb_dirfd, &namelist, alphasort);
 	if (num_dirs == -1) {
 		PDEBUG("scandirat of directory '%s' failed: %m\n", name);
 		return -1;