[apparmor] [PATCH 5/5] Function to test if apparmor support isenabled.
Kees Cook
kees.cook at canonical.com
Fri Jul 22 14:52:13 UTC 2011
On Thu, Jul 21, 2011 at 01:38:28PM -0700, John Johansen wrote:
> +int aa_is_enabled(void)
> +{
> + int rc;
> +
> + if (aa_state == 1) {
> + return 1;
> + } else if (aa_state != -1) {
> + errno = aa_state;
> + return 0;
> + }
> +
> + rc = aa_is_enabled_raw();
> + aa_state = errno;
> + return rc;
> +}
I'm not sure if I like the idea of this always being cached. Couldn't the
state change during execution, potentially? If using the cached value is
the way forward, maybe change _raw to _uncached ?
-Kees
--
Kees Cook
Ubuntu Security Team
More information about the AppArmor
mailing list