[apparmor] Questions about AppArmor's Code

Wed, 12 Jun 2019 05:33:27 -0700 

Hi,

I have a few questions about AppArmor's code and would be grateful if you could 
kindly answer them.

1) The documentation at this link 
https://gitlab.com/apparmor/apparmor/wikis/AppArmor_Core_Policy_Reference#address-expr<https://link.getmailspring.com/link/9a7f1fd4-2a3e-4f39-b6f2-7e351f787...@getmailspring.com/0?redirect=https%3A%2F%2Fgitlab.com%2Fapparmor%2Fapparmor%2Fwikis%2FAppArmor_Core_Policy_Reference%23address-expr&recipient=YXBwYXJtb3JAbGlzdHMudWJ1bnR1LmNvbQ%3D%3D>
 mentions the possibility of specifying a network rule as "network tcp src 
192.168.1.1:80 dst 170.1.1.0:80". However this doesn't work, and after a little 
digging, I found out that the productions rules for this policy were available 
only in the grammar specification of AppArmor 2.1 (line number 670 of 
https://gitlab.com/apparmor/apparmor/blob/apparmor-2.1/parser/parser_yacc.y<https://link.getmailspring.com/link/9a7f1fd4-2a3e-4f39-b6f2-7e351f787...@getmailspring.com/1?redirect=https%3A%2F%2Fgitlab.com%2Fapparmor%2Fapparmor%2Fblob%2Fapparmor-2.1%2Fparser%2Fparser_yacc.y&recipient=YXBwYXJtb3JAbGlzdHMudWJ1bnR1LmNvbQ%3D%3D>
 ). I find this extremely useful, and am considering trying to add this to 
AppArmor as part of a larger project. Could you kindly clarify the reason for 
its removal? Were there any hurdles that made it difficult to accomplish this?

2) At what stage during the kernel boot process does AppArmor load the 
profiles? And from where does it obtain them? (am I correct in understanding 
that the profiles are stored in /sys/kernel/security/apparmor/policy ?)

3) Why does function 'aa_alloc_profile( )' allocate extra memory ? It seems to 
be allocating memory for 3 objects of type 'struct aa_profile'. (line number 
262 of 
https://github.com/torvalds/linux/blob/master/security/apparmor/policy.c<https://link.getmailspring.com/link/9a7f1fd4-2a3e-4f39-b6f2-7e351f787...@getmailspring.com/2?redirect=https%3A%2F%2Fgithub.com%2Ftorvalds%2Flinux%2Fblob%2Fmaster%2Fsecurity%2Fapparmor%2Fpolicy.c&recipient=YXBwYXJtb3JAbGlzdHMudWJ1bnR1LmNvbQ%3D%3D>
 )

Thank you,
Abhishek.


-- 
AppArmor mailing list
AppArmor@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/apparmor

Reply via email to