apparmor/libraries/libapparmor/swig/SWIG/libapparmor.i

%module LibAppArmor

%{
#include <aalogparse.h>
#include <sys/apparmor.h>
#include <sys/apparmor_private.h>

%}

%include "typemaps.i"
%include <aalogparse.h>

/**
 * swig doesn't like the macro magic we do in apparmor.h and apparmor_private.h
 * so the function prototypes must be manually inserted.
 *
 * Functions that return a negative int and set errno upon error use a special
 * %exception directive and must be listed after the %exception below. All
 * other functions go here.
 */

/* apparmor.h */

extern char *aa_splitcon(char *con, char **mode);

/* apparmor_private.h */

extern int _aa_is_blacklisted(const char *name);

#ifdef SWIGPYTHON
%exception {
  $action
  if (result < 0) {
    PyErr_SetFromErrno(PyExc_OSError);
    return NULL;
  }
}
#endif

/* Functions that return a negative int and set errno upon error go here. */

/* apparmor.h */

extern int aa_is_enabled(void);
extern int aa_find_mountpoint(char **mnt);
extern int aa_change_hat(const char *subprofile, unsigned long magic_token);
extern int aa_change_profile(const char *profile);
extern int aa_change_onexec(const char *profile);
extern int aa_change_hatv(const char *subprofiles[], unsigned long token);
extern int aa_change_hat_vargs(unsigned long token, int count, ...);
extern int aa_stack_profile(const char *profile);
extern int aa_stack_onexec(const char *profile);
extern int aa_getprocattr_raw(pid_t tid, const char *attr, char *buf, int len,
			      char **mode);
extern int aa_getprocattr(pid_t tid, const char *attr, char **buf, char **mode);
extern int aa_gettaskcon(pid_t target, char **label, char **mode);
extern int aa_getcon(char **label, char **mode);
extern int aa_getpeercon_raw(int fd, char *buf, int *len, char **mode);
extern int aa_getpeercon(int fd, char **label, char **mode);
extern int aa_query_label(uint32_t mask, char *query, size_t size, int *allow,
			  int *audit);
extern int aa_query_file_path_len(uint32_t mask, const char *label,
				  size_t label_len, const char *path,
				  size_t path_len, int *allowed, int *audited);
extern int aa_query_file_path(uint32_t mask, const char *label,
			      const char *path, int *allowed, int *audited);
extern int aa_query_link_path_len(const char *label, size_t label_len,
				  const char *target, size_t target_len,
				  const char *link, size_t link_len,
				  int *allowed, int *audited);
extern int aa_query_link_path(const char *label, const char *target,
			      const char *link, int *allowed, int *audited);

%exception;
- Merged the library previously known as "libaalogparse" with libapparmor. - Moved the old libapparmor library to libapparmor-deprecated. 2007-07-28 15:41:04 +00:00			`%module LibAppArmor`

			`%{`
libapparmor: move public headers to separate directory This patch moves the apparmor.h and aalogparse.h headers from the libapparmor/src/ directory to a new directory libapparmor/include/. The apparmor.h header is stored in a sys/ directory within libapparmor/include/ to match its usual install location in /usr/include/sys/, simplifying the #include statements of source that wishes to include either the in-tree or system installed version of the header (i.e. #include <sys/apparmor.h> can be used everywhere). The patch size is inflated by the movements of the header files, which are unchanged except for their locations. Otherwise, the rest of the changes are to modify the include search path or to stop looking in $CWD for one of the headers. Signed-off-by: Steve Beattie <steve@nxnw.org> Acked-by: Tyler Hicks <tyhicks@canonical.com> 2014-01-06 14:08:55 -08:00			`#include <aalogparse.h>`
			`#include <sys/apparmor.h>`
libapparmor: Provide privately exported aa_is_blacklisted() through swig Signed-off-by: Tyler Hicks <tyhicks@canonical.com> Acked-by: Christian Boltz <apparmor@cboltz.de> Acked-by: John Johansen <john.johansen@canonical.com> 2015-06-16 15:49:24 -05:00			`#include <sys/apparmor_private.h>`
- Merged the library previously known as "libaalogparse" with libapparmor. - Moved the old libapparmor library to libapparmor-deprecated. 2007-07-28 15:41:04 +00:00
			`%}`

			`%include "typemaps.i"`
libapparmor: move public headers to separate directory This patch moves the apparmor.h and aalogparse.h headers from the libapparmor/src/ directory to a new directory libapparmor/include/. The apparmor.h header is stored in a sys/ directory within libapparmor/include/ to match its usual install location in /usr/include/sys/, simplifying the #include statements of source that wishes to include either the in-tree or system installed version of the header (i.e. #include <sys/apparmor.h> can be used everywhere). The patch size is inflated by the movements of the header files, which are unchanged except for their locations. Otherwise, the rest of the changes are to modify the include search path or to stop looking in $CWD for one of the headers. Signed-off-by: Steve Beattie <steve@nxnw.org> Acked-by: Tyler Hicks <tyhicks@canonical.com> 2014-01-06 14:08:55 -08:00			`%include <aalogparse.h>`
Update swig to export all current interface fns Signed-off-by: John Johansen <john.johansen@canonical.com> 2011-02-22 03:54:35 -08:00
libapparmor: Don't apply special SWIG %exception to some functions Only use the special %exception directive for functions that return a negative int and set errno upon error. This prevents, for example, _aa_is_blacklisted() from raising an exception when it returns -1. This is important because it doesn't set errno so an exception based on the value of errno would be unpredictable. Signed-off-by: Tyler Hicks <tyhicks@canonical.com> Acked-by: John Johansen <john.johansen@canonical.com> 2015-06-16 15:51:19 -05:00			`/**`
			`* swig doesn't like the macro magic we do in apparmor.h and apparmor_private.h`
			`* so the function prototypes must be manually inserted.`
			`*`
			`* Functions that return a negative int and set errno upon error use a special`
			`* %exception directive and must be listed after the %exception below. All`
			`* other functions go here.`
			`*/`

			`/* apparmor.h */`

			`extern char aa_splitcon(char con, char **mode);`

			`/* apparmor_private.h */`

			`extern int _aa_is_blacklisted(const char *name);`

libapparmor: raise exception in python bindings when something fails Current libapparmor python bindings are very "unpythonic". Also lack ability to access "why" information in case of failure. In python when something fail the normal behaviour is exception to occur. In case of apparmor functions die silently and require user to verify returned value. And here comes second problem. In C api when return value is -1 (and the same value is returned in python API) we can access errno to get information why this occured. Unfortunately in python there is no way to access the same information. Pythonic way of accessing errno is via exception (which is never raised in python bindings currently). So the patch adds exceptions on failures. First %exception creates a wrapper that swig adds to each function listed below. Empty %exception causes that the rest of code (beside listed functions) won't be wrapped. How this works? Example on apparmor disabled system: Before: >>> LibAppArmor.aa_change_hat(hat, random.randint(1, sys.maxint)) -1 After: >>> LibAppArmor.aa_change_hat(hat, random.randint(1, sys.maxint)) Traceback (most recent call last): File "<stdin>", line 1, in <module> OSError: [Errno 22] Invalid argument so pythonic way of accessing "why": >>> try: ... LibAppArmor.aa_change_hat(hat, random.randint(1, sys.maxint)) ... except OSError, e: ... print e.errno ... 22 Signed-off-by: Arkadiusz Miśkiewicz <arekm@maven.pl> Acked-by: Steve Beattie <steve@nxnw.org> 2014-03-07 11:54:12 -08:00			`#ifdef SWIGPYTHON`
			`%exception {`
			`$action`
			`if (result < 0) {`
			`PyErr_SetFromErrno(PyExc_OSError);`
			`return NULL;`
			`}`
			`}`
			`#endif`

libapparmor: Don't apply special SWIG %exception to some functions Only use the special %exception directive for functions that return a negative int and set errno upon error. This prevents, for example, _aa_is_blacklisted() from raising an exception when it returns -1. This is important because it doesn't set errno so an exception based on the value of errno would be unpredictable. Signed-off-by: Tyler Hicks <tyhicks@canonical.com> Acked-by: John Johansen <john.johansen@canonical.com> 2015-06-16 15:51:19 -05:00			`/* Functions that return a negative int and set errno upon error go here. */`
Update swig to export all current interface fns Signed-off-by: John Johansen <john.johansen@canonical.com> 2011-02-22 03:54:35 -08:00
libapparmor: Provide privately exported aa_is_blacklisted() through swig Signed-off-by: Tyler Hicks <tyhicks@canonical.com> Acked-by: Christian Boltz <apparmor@cboltz.de> Acked-by: John Johansen <john.johansen@canonical.com> 2015-06-16 15:49:24 -05:00			`/* apparmor.h */`

Function to test if apparmor support is enabled. Signed-off-by: John Johansen <john.johansen@canonical.com> Acked-by: Kees Cook <kees.cook@canonical.com> 2011-08-09 06:48:56 -07:00			`extern int aa_is_enabled(void);`
Library function to find the apparmorfs filesystem mount point Signed-off-by: John Johansen <john.johansen@canonical.com> 2011-08-09 06:48:17 -07:00			`extern int aa_find_mountpoint(char **mnt);`
Rename change_hat(2) to aa_change_hat(2) (a backwards compatibility macro is in place) and support 64 bit magic tokens. 2007-08-16 04:26:19 +00:00			`extern int aa_change_hat(const char *subprofile, unsigned long magic_token);`
Update swig to export all current interface fns Signed-off-by: John Johansen <john.johansen@canonical.com> 2011-02-22 03:54:35 -08:00			`extern int aa_change_profile(const char *profile);`
			`extern int aa_change_onexec(const char *profile);`
Update change_hatv and change_hat_vargs prototypes to use long Signed-off-by: John Johansen <john.johansen@canonical.com> 2011-02-22 03:55:16 -08:00			`extern int aa_change_hatv(const char *subprofiles[], unsigned long token);`
			`extern int aa_change_hat_vargs(unsigned long token, int count, ...);`
libapparmor: Implement aa_stack_profile and aa_stack_onexec Based on the existing implementations of aa_change_profile(2) and aa_change_onexec(2). Signed-off-by: Tyler Hicks <tyhicks@canonical.com> Acked-by: John Johansen <john.johansen@canonical.com> 2016-03-18 17:28:50 -05:00			`extern int aa_stack_profile(const char *profile);`
			`extern int aa_stack_onexec(const char *profile);`
Add the ability to read proc attr interfaces Signed-off-by: John Johansen <john.johansen@canonical.com> Acked-by: Kees Cook <kees.cook@canonical.com> 2011-08-09 06:45:51 -07:00			`extern int aa_getprocattr_raw(pid_t tid, const char attr, char buf, int len,`
			`char **mode);`
			`extern int aa_getprocattr(pid_t tid, const char attr, char buf, char *mode);`
libapparmor: Update code to correctly use the terms context and label Adjust the libapparmor function prototypes, variable names, and comments that incorrectly used the name "con" when referring to the label. Signed-off-by: Tyler Hicks <tyhicks@canonical.com> Acked-by: John Johansen <john.johansen@canonical.com> 2015-02-09 18:46:46 -06:00			`extern int aa_gettaskcon(pid_t target, char label, char mode);`
			`extern int aa_getcon(char label, char mode);`
Subject: libapparmor: Make aa_getpeercon_raw() similar to aa_getprocattr_raw() The parameter names are slightly different in the two functions. Rename buffer to buf and rename size to len to make the two function prototypes look similar. Signed-off-by: Tyler Hicks <tyhicks@canonical.com> Acked-by: Seth Arnold <seth.arnold@canonical.com> 2013-06-25 15:55:08 -07:00			`extern int aa_getpeercon_raw(int fd, char buf, int len, char **mode);`
libapparmor: Update code to correctly use the terms context and label Adjust the libapparmor function prototypes, variable names, and comments that incorrectly used the name "con" when referring to the label. Signed-off-by: Tyler Hicks <tyhicks@canonical.com> Acked-by: John Johansen <john.johansen@canonical.com> 2015-02-09 18:46:46 -06:00			`extern int aa_getpeercon(int fd, char label, char mode);`
libapparmor: Export a label-based query interface Add an interface for trusted applications to use when they need to query AppArmor kernel policy to determine if an action should be allowed. This is a simplified interface that tries to make it as easy as possible for applications to use. They provide a permissions mask and query string and they get a pair of booleans back that let them know if the action should be allowed and/or audited. Signed-off-by: Tyler Hicks <tyhicks@canonical.com> Acked-by: Seth Arnold <seth.arnold@canonical.com> 2013-07-31 09:22:40 -07:00			`extern int aa_query_label(uint32_t mask, char query, size_t size, int allow,`
			`int *audit);`
add helper fn to query file path permissions Signed-off-by: John Johansen <john.johansen@canonical.com> Acked-by: Tyler Hicks <tyhicks@canonical.com> 2015-06-06 01:26:03 -07:00			`extern int aa_query_file_path_len(uint32_t mask, const char *label,`
			`size_t label_len, const char *path,`
			`size_t path_len, int allowed, int audited);`
			`extern int aa_query_file_path(uint32_t mask, const char *label,`
			`const char path, int allowed, int *audited);`
add query helper for link permissions Signed-off-by: John Johansen <john.johansen@canonical.com> Acked-by: Tyler Hicks <tyhicks@canonical.com> 2015-06-06 01:27:49 -07:00			`extern int aa_query_link_path_len(const char *label, size_t label_len,`
			`const char *target, size_t target_len,`
			`const char *link, size_t link_len,`
			`int allowed, int audited);`
			`extern int aa_query_link_path(const char label, const char target,`
			`const char link, int allowed, int *audited);`
libapparmor: raise exception in python bindings when something fails Current libapparmor python bindings are very "unpythonic". Also lack ability to access "why" information in case of failure. In python when something fail the normal behaviour is exception to occur. In case of apparmor functions die silently and require user to verify returned value. And here comes second problem. In C api when return value is -1 (and the same value is returned in python API) we can access errno to get information why this occured. Unfortunately in python there is no way to access the same information. Pythonic way of accessing errno is via exception (which is never raised in python bindings currently). So the patch adds exceptions on failures. First %exception creates a wrapper that swig adds to each function listed below. Empty %exception causes that the rest of code (beside listed functions) won't be wrapped. How this works? Example on apparmor disabled system: Before: >>> LibAppArmor.aa_change_hat(hat, random.randint(1, sys.maxint)) -1 After: >>> LibAppArmor.aa_change_hat(hat, random.randint(1, sys.maxint)) Traceback (most recent call last): File "<stdin>", line 1, in <module> OSError: [Errno 22] Invalid argument so pythonic way of accessing "why": >>> try: ... LibAppArmor.aa_change_hat(hat, random.randint(1, sys.maxint)) ... except OSError, e: ... print e.errno ... 22 Signed-off-by: Arkadiusz Miśkiewicz <arekm@maven.pl> Acked-by: Steve Beattie <steve@nxnw.org> 2014-03-07 11:54:12 -08:00
			`%exception;`