← Back to branch summary

~ubuntu-branches/ubuntu/raring/apparmor/raring

« back to all changes in this revision

Viewing changes to kernel-patches/for-mainline/constrained-to-confined.diff

  • Committer: Bazaar Package Importer
  • Author(s): Kees Cook
  • Date: 2007-03-23 16:42:01 UTC
  • Revision ID: james.westby@ubuntu.com-20070323164201-jkax6f0oku087b7l
Tags: upstream-2.0.1+510.dfsg
ImportĀ upstreamĀ versionĀ 2.0.1+510.dfsg

Show diffs side-by-side

added added

removed removed

Lines of Context:
kernel-patches/for-mainline/constrained-to-confined.diff
 
1
Index: b/security/apparmor/apparmor.h
 
2
===================================================================
 
3
--- a/security/apparmor/apparmor.h
 
4
+++ b/security/apparmor/apparmor.h
 
5
@@ -25,14 +25,14 @@
 
6
  */
 
7
 #define AA_MAY_LINK                    0x0010
 
8
 #define AA_EXEC_INHERIT                        0x0020
 
9
-#define AA_EXEC_UNCONSTRAINED          0x0040
 
10
+#define AA_EXEC_UNCONFINED             0x0040
 
11
 #define AA_EXEC_PROFILE                        0x0080
 
12
 #define AA_EXEC_MMAP                   0x0100
 
13
 #define AA_EXEC_UNSAFE                 0x0200
 
14
 #define AA_INVALID_PERM                        0x0400
 
15
 
 
16
 #define AA_EXEC_MODIFIERS              (AA_EXEC_INHERIT | \
 
17
-                                        AA_EXEC_UNCONSTRAINED | \
 
18
+                                        AA_EXEC_UNCONFINED | \
 
19
                                         AA_EXEC_PROFILE)
 
20
 
 
21
 /* Control parameters (0 or 1), settable thru module/boot flags or
 
22
Index: b/security/apparmor/main.c
 
23
===================================================================
 
24
--- a/security/apparmor/main.c
 
25
+++ b/security/apparmor/main.c
 
26
@@ -802,7 +802,7 @@ aa_register_find(struct aa_profile *prof
 
27
                }
 
28
        } else {
 
29
                /* Only way we can get into this code is if task
 
30
-                * is unconstrained.
 
31
+                * is unconfined.
 
32
                 */
 
33
                AA_DEBUG("%s: No profile found for exec image %s\n",
 
34
                         __FUNCTION__,
 
35
@@ -838,7 +838,7 @@ repeat:
 
36
        if (profile) {
 
37
                complain = PROFILE_COMPLAIN(profile);
 
38
 
 
39
-               /* Confined task, determine what mode inherit, unconstrained or
 
40
+               /* Confined task, determine what mode inherit, unconfined or
 
41
                 * mandatory to load new profile
 
42
                 */
 
43
                exec_mode = aa_match(profile->file_rules, filename);
 
44
@@ -852,8 +852,8 @@ repeat:
 
45
                                /* nothing to be done here */
 
46
                                goto cleanup;
 
47
 
 
48
-                       case MAY_EXEC | AA_EXEC_UNCONSTRAINED:
 
49
-                               AA_DEBUG("%s: UNCONSTRAINED %s\n",
 
50
+                       case MAY_EXEC | AA_EXEC_UNCONFINED:
 
51
+                               AA_DEBUG("%s: UNCONFINED %s\n",
 
52
                                         __FUNCTION__,
 
53
                                         filename);
 
54
 
 
55
Index: b/security/apparmor/procattr.c
 
56
===================================================================
 
57
--- a/security/apparmor/procattr.c
 
58
+++ b/security/apparmor/procattr.c
 
59
@@ -58,12 +58,12 @@ size_t aa_getprocattr(struct aa_profile 
 
60
                        error = -ERANGE;
 
61
                }
 
62
        } else {
 
63
-               const char *unconstrained_str = "unconstrained\n";
 
64
-               len = strlen(unconstrained_str);
 
65
+               const char *unconfined_str = "unconfined\n";
 
66
+               len = strlen(unconfined_str);
 
67
 
 
68
                /* DONT null terminate strings we output via proc */
 
69
                if (len <= size) {
 
70
-                       memcpy(str, unconstrained_str, len);
 
71
+                       memcpy(str, unconfined_str, len);
 
72
                        error = len;
 
73
                } else if (size == 0) {
 
74
                        error = len;
 
75
@@ -194,7 +194,7 @@ int aa_setprocattr_setprofile(struct tas
 
76
        name_copy[size] = 0;
 
77
 
 
78
 repeat:
 
79
-       if (strcmp(name_copy, "unconstrained") != 0) {
 
80
+       if (strcmp(name_copy, "unconfined") != 0) {
 
81
                new_profile = aa_find_profile(name_copy);
 
82
                if (!new_profile) {
 
83
                        AA_WARN("%s: Unable to switch task %s(%d) to profile"
 
84
@@ -224,12 +224,12 @@ repeat:
 
85
                        __FUNCTION__,
 
86
                        task->comm, task->pid,
 
87
                        old_profile ? old_profile->parent->name :
 
88
-                               "unconstrained",
 
89
-                       old_profile ? old_profile->name : "unconstrained",
 
90
+                               "unconfined",
 
91
+                       old_profile ? old_profile->name : "unconfined",
 
92
                        name_copy);
 
93
        } else {
 
94
                if (old_profile) {
 
95
-                       AA_WARN("%s: Unconstraining task %s(%d) "
 
96
+                       AA_WARN("%s: Unconfining task %s(%d) "
 
97
                                "profile %s active %s\n",
 
98
                                __FUNCTION__,
 
99
                                task->comm, task->pid,
 
100
@@ -237,7 +237,7 @@ repeat:
 
101
                                old_profile->name);
 
102
                } else {
 
103
                        AA_WARN("%s: task %s(%d) "
 
104
-                               "is already unconstrained\n",
 
105
+                               "is already unconfined\n",
 
106
                                __FUNCTION__, task->comm, task->pid);
 
107
                }
 
108
        }