Unify aa_getprocattr_raw() and aa_getpeercon_raw() function prototypes by hiding the len value-result parameter.
Signed-off-by: Tyler Hicks <[email protected]> Cc: Seth Arnold <[email protected]> Cc: John Johansen <[email protected]> --- Code speaks louder and more clearly than my poor explanation, so here's an RFC patch on the idea. I think that this addresses Seth's distaste of the len parameter. It makes the libapparmor API a little more predictable, but hides a useful feature of the getsockopt() syscall which will make external callers guess at buffer reallocation sizes (but they already do that with aa_getprocattr_raw()). I'm fine with or without this patch, as I don't expect (m)any applications to use aa_getpeercon_raw(). Tyler libraries/libapparmor/doc/aa_getcon.pod | 8 +------- libraries/libapparmor/src/apparmor.h | 2 +- libraries/libapparmor/src/kernel_interface.c | 23 ++++++++++++++++++++--- libraries/libapparmor/swig/SWIG/libapparmor.i | 2 +- 4 files changed, 23 insertions(+), 12 deletions(-) diff --git a/libraries/libapparmor/doc/aa_getcon.pod b/libraries/libapparmor/doc/aa_getcon.pod index d7f2ba6..e0a97e5 100644 --- a/libraries/libapparmor/doc/aa_getcon.pod +++ b/libraries/libapparmor/doc/aa_getcon.pod @@ -41,7 +41,7 @@ B<int aa_gettaskcon(pid_t target, char **con, char **mode);> B<int aa_getcon(char **con, char **mode);> -B<int aa_getpeercon_raw(int fd, char *buf, int *len, char **mode);> +B<int aa_getpeercon_raw(int fd, char *buf, int len, char **mode);> B<int aa_getpeercon(int fd, char **con, char **mode);> @@ -105,12 +105,6 @@ The confinement data is too large to fit in the supplied buffer. =back -=head1 NOTES - -If aa_getpeercon_raw returns -1 and errno is ERANGE, the value of size can be -used to reallocate buf so that it is sufficiently large enough to store the -confinement data. - =head1 BUGS None known. If you find any, please report them at diff --git a/libraries/libapparmor/src/apparmor.h b/libraries/libapparmor/src/apparmor.h index 79bc69c..f781fb7 100644 --- a/libraries/libapparmor/src/apparmor.h +++ b/libraries/libapparmor/src/apparmor.h @@ -48,7 +48,7 @@ extern int aa_getprocattr_raw(pid_t tid, const char *attr, char *buf, int len, extern int aa_getprocattr(pid_t tid, const char *attr, char **buf, char **mode); extern int aa_gettaskcon(pid_t target, char **con, char **mode); extern int aa_getcon(char **con, char **mode); -extern int aa_getpeercon_raw(int fd, char *buf, int *len, char **mode); +extern int aa_getpeercon_raw(int fd, char *buf, int len, char **mode); extern int aa_getpeercon(int fd, char **con, char **mode); #define __macroarg_counter(Y...) __macroarg_count1 ( , ##Y) diff --git a/libraries/libapparmor/src/kernel_interface.c b/libraries/libapparmor/src/kernel_interface.c index 7524188..59e6c82 100644 --- a/libraries/libapparmor/src/kernel_interface.c +++ b/libraries/libapparmor/src/kernel_interface.c @@ -559,7 +559,7 @@ int aa_getcon(char **con, char **mode) #endif /** - * aa_getpeercon_raw - get the confinement of the socket's peer (other end) + * getpeercon_raw - get the confinement of the socket's peer (other end) * @fd: socket to get peer confinement for * @buf: buffer to store the result in * @len: initially contains size of the buffer, returns size of data read @@ -568,7 +568,7 @@ int aa_getcon(char **con, char **mode) * Returns: length of confinement data including null termination or -1 on error * if errno == ERANGE then @len will hold the size needed */ -int aa_getpeercon_raw(int fd, char *buf, int *len, char **mode) +static int getpeercon_raw(int fd, char *buf, int *len, char **mode) { socklen_t optlen = *len; char *mode_str; @@ -608,6 +608,23 @@ out: } /** + * aa_getpeercon_raw - get the confinement of the socket's peer (other end) + * @fd: socket to get peer confinement for + * @buf: buffer to store the result in + * @len: the size of the buffer + * @mode: if set will point to mode string within buffer if it is present + * + * Returns: length of confinement data including null termination or -1 on error + */ + +int aa_getpeercon_raw(int fd, char *buf, int len, char **mode) +{ + int l = len; + + return getpeercon_raw(fd, buf, &l, mode); +} + +/** * aa_getpeercon - get the confinement of the socket's peer (other end) * @fd: socket to get peer confinement for * @con: pointer to allocated buffer with the confinement string @@ -634,7 +651,7 @@ int aa_getpeercon(int fd, char **con, char **mode) return -1; memset(buffer, 0, size); - rc = aa_getpeercon_raw(fd, buffer, &size, mode); + rc = getpeercon_raw(fd, buffer, &size, mode); /* size should contain actual size needed if errno == ERANGE */ } while (rc == -1 && errno == ERANGE && size > last_size); diff --git a/libraries/libapparmor/swig/SWIG/libapparmor.i b/libraries/libapparmor/swig/SWIG/libapparmor.i index 1d3ca07..a65dd28 100644 --- a/libraries/libapparmor/swig/SWIG/libapparmor.i +++ b/libraries/libapparmor/swig/SWIG/libapparmor.i @@ -25,5 +25,5 @@ extern int aa_getprocattr_raw(pid_t tid, const char *attr, char *buf, int len, extern int aa_getprocattr(pid_t tid, const char *attr, char **buf, char **mode); extern int aa_gettaskcon(pid_t target, char **con, char **mode); extern int aa_getcon(char **con, char **mode); -extern int aa_getpeercon_raw(int fd, char *buf, int *len, char **mode); +extern int aa_getpeercon_raw(int fd, char *buf, int len, char **mode); extern int aa_getpeercon(int fd, char **con, char **mode); -- 1.8.1.2 -- AppArmor mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
