[apparmor] PATCH [4/6] - handle offset key

John Johansen john.johansen at canonical.com
Fri Sep 10 00:46:37 BST 2010 

On 09/09/2010 02:57 PM, Steve Beattie wrote:
> On Thu, Sep 09, 2010 at 08:38:09AM -0700, John Johansen wrote:
>> Status messages have and offset field used to debug why and where a policy
>> load failed.  For now just ignore it.
>>
>> Index: libapparmor/src/grammar.y
>> ===================================================================
>> --- libapparmor.orig/src/grammar.y	2010-09-09 08:01:10.524193402 -0700
>> +++ libapparmor/src/grammar.y	2010-09-09 08:04:25.814193202 -0700
>> @@ -163,6 +163,7 @@
>>  %token TOK_KEY_COMM
>>  %token TOK_KEY_CAPABILITY
>>  %token TOK_KEY_CAPNAME
>> +%token TOK_KEY_OFFSET
>>  
>>  %token TOK_SYSLOG_KERNEL
>>  
>> @@ -454,6 +455,11 @@
>>  	{ /* capname used to be reported in name */
>>  	  ret_record->name = $3;
>>  	}
>> +	| TOK_KEY_OFFSET TOK_EQUALS TOK_DIGITS
>> +	{ /* offset is used for reporting where an error occured unpacking
>> +	   * loaded policy.  We can just drop this currently
>> +	   */
>> +	}
>>  	;
>>  
>>  apparmor_event:
>> Index: libapparmor/src/scanner.l
>> ===================================================================
>> --- libapparmor.orig/src/scanner.l	2010-09-09 08:01:04.374193402 -0700
>> +++ libapparmor/src/scanner.l	2010-09-09 08:04:03.974193401 -0700
>> @@ -161,6 +161,7 @@
>>  key_comm		"comm"
>>  key_capability		"capability"
>>  key_capname		"capname"
>> +key_offset		"offset"
>>  audit			"audit"
>>  
>>  /* syslog tokens */
>> @@ -348,6 +349,7 @@
>>  {key_comm}		{ return(TOK_KEY_COMM); }
>>  {key_capability}	{ return(TOK_KEY_CAPABILITY); }
>>  {key_capname}		{ return(TOK_KEY_CAPNAME); }
>> +{key_offset}		{ return(TOK_KEY_OFFSET); }
>>  
>>  {syslog_kernel}		{ BEGIN(dmesg_timestamp); return(TOK_SYSLOG_KERNEL); }
>>  {syslog_month}		{ yylval->t_str = strdup(yytext); return(TOK_DATE_MONTH); }
> 
> ACKed from me for 2.5.1. Do you have a sample log message that can be
> turned into a testcase?
> 
> 

Sep  8 16:42:16 jj-desktop kernel: [ 2143.902340] type=1400 audit(1283989336.064:272335): apparmor="STATUS" info="failed to unpack profile" error=-71 pid=4958 comm="apparmor_parser" name="/home/jj/master/tests/regression/apparmor/net_raw" offset=159

More information about the AppArmor mailing list