Merge from trunk rev 2034: fix aa-logprof rewrite of PUx modes

When writing out a profile, aa-logprof incorrectly converts PUx execute
permission modes to the syntactically invalid UPx mode, because the
function that converts the internal representation of permissions to
a string emits the U(nconfined) mode bit before the P bit.

This patch corrects this by reordering the way the exec permissions
are emitted, so that P and C modes come before U and i. Based on
http://wiki.apparmor.net/index.php/AppArmor_Core_Policy_Reference#Execute_rules
this should emit the modes correctly in all combined exec modes.
Other approaches to fixing this would require adjusting the data
structure that contains the permission modes, resulting in a more
invasive patch.

Nominated-By: Steve Beattie <sbeattie@ubuntu.com>
Signed-Off-By: John Johansen <john.johansen@canonical.com>

Bug: https://launchpad.net/bugs/982619

utils/Immunix/AppArmor.pm

@@ -4797,13 +4797,9 @@ sub sub_mode_to_str($) {
     $str .= "a" if ($mode & $AA_MAY_APPEND);
     $str .= "l" if ($mode & $AA_MAY_LINK);
     $str .= "k" if ($mode & $AA_MAY_LOCK);
-    if ($mode & $AA_EXEC_UNCONFINED) {
-	if ($mode & $AA_EXEC_UNSAFE) {
-	    $str .= "u";
-	} else {
-	    $str .= "U";
-	}
-    }
+
+    # modes P and C *must* come before I and U; otherwise syntactically
+    # invalid profiles result
     if ($mode & ($AA_EXEC_PROFILE | $AA_EXEC_NT)) {
 	if ($mode & $AA_EXEC_UNSAFE) {
 	    $str .= "p";
@@ -4818,7 +4814,18 @@ sub sub_mode_to_str($) {
 	    $str .= "C";
 	}
     }
+
+    # modes P and C *must* come before I and U; otherwise syntactically
+    # invalid profiles result
+    if ($mode & $AA_EXEC_UNCONFINED) {
+	if ($mode & $AA_EXEC_UNSAFE) {
+	    $str .= "u";
+	} else {
+	    $str .= "U";
+	}
+    }
     $str .= "i" if ($mode & $AA_EXEC_INHERIT);
+
     $str .= "x" if ($mode & $AA_MAY_EXEC);
 
     return $str;