[apparmor] PATCH [3/6] - allow error= field to return negative error codes

Thu Sep 9 22:56:04 BST 2010

On Thu, Sep 09, 2010 at 08:36:32AM -0700, John Johansen wrote:
> The kernel can return negative error codes for error=
> 
> Index: libapparmor/src/grammar.y
> ===================================================================
> --- libapparmor.orig/src/grammar.y	2010-09-09 07:56:50.534193401 -0700
> +++ libapparmor/src/grammar.y	2010-09-09 07:59:37.364193121 -0700
> @@ -92,6 +92,7 @@
>  
>  %token TOK_EQUALS
>  %token TOK_COLON
> +%token TOK_MINUS
>  %token TOK_OPEN_PAREN
>  %token TOK_CLOSE_PAREN
>  %token TOK_PERIOD
> @@ -434,6 +435,8 @@
>  	{ ret_record->event = lookup_aa_event($3);}
>  	| TOK_KEY_ERROR TOK_EQUALS TOK_DIGITS
>  	{ ret_record->error_code = $3;}
> +	| TOK_KEY_ERROR TOK_EQUALS TOK_MINUS TOK_DIGITS
> +	{ ret_record->error_code = $4;}
>  	| TOK_KEY_FSUID TOK_EQUALS TOK_DIGITS
>  	{ ret_record->fsuid = $3;}
>  	| TOK_KEY_OUID TOK_EQUALS TOK_DIGITS
> Index: libapparmor/src/scanner.l
> ===================================================================
> --- libapparmor.orig/src/scanner.l	2010-09-09 07:56:45.844193401 -0700
> +++ libapparmor/src/scanner.l	2010-09-09 07:59:18.614191984 -0700
> @@ -77,6 +77,7 @@
>  digits		[0-9]+
>  hex		[A-F0-9]
>  colon		":"
> +minus		"-"
>  open_paren	"("
>  close_paren	")"
>  ID		[^ \t\n="'!]
> @@ -280,6 +281,7 @@
>  {equals}		{ return(TOK_EQUALS); }
>  {digits}		{ yylval->t_long = atol(yytext); return(TOK_DIGITS); }
>  {colon}			{ return(TOK_COLON); }
> +{minus}			{ return(TOK_MINUS); }
>  {open_paren}		{
>  			BEGIN(sub_id);
>  			return(TOK_OPEN_PAREN);

ACK from me for 2.5.1. Here's a testcase for this:

=== added file 'libraries/libapparmor/testsuite/test_multi/testcase_syslog_changehat_negative_error.err'
=== added file 'libraries/libapparmor/testsuite/test_multi/testcase_syslog_changehat_negative_error.in'

--- libraries/libapparmor/testsuite/test_multi/testcase_syslog_changehat_negative_error.in	1970-01-01 00:00:00 +0000
+++ libraries/libapparmor/testsuite/test_multi/testcase_syslog_changehat_negative_error.in	2010-09-09 21:39:54 +0000
@@ -0,0 +1,1 @@
+Sep  9 12:51:36 ubuntu-desktop kernel: [ 1597.774866] type=1400 audit(1284061896.005:28): apparmor="DENIED" operation="change_hat" info="unconfined" error=-1 pid=2698 comm="syscall_ptrace"

=== added file 'libraries/libapparmor/testsuite/test_multi/testcase_syslog_changehat_negative_error.out'
--- libraries/libapparmor/testsuite/test_multi/testcase_syslog_changehat_negative_error.out	1970-01-01 00:00:00 +0000
+++ libraries/libapparmor/testsuite/test_multi/testcase_syslog_changehat_negative_error.out	2010-09-09 21:50:12 +0000
@@ -0,0 +1,11 @@
+START
+File: test_multi/testcase_syslog_changehat_negative_error.in
+Event type: AA_RECORD_DENIED
+Audit ID: 1284061896.005:28
+Operation: change_hat
+Command: syscall_ptrace
+Info: unconfined
+ErrorCode: 1
+PID: 2698
+Epoch: 1284061896
+Audit subid: 28


-- 
Steve Beattie
<sbeattie at ubuntu.com>
http://NxNW.org/~steve/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
Url : https://lists.ubuntu.com/archives/apparmor/attachments/20100909/38bf5f72/attachment.pgp 
