mirror of
https://gitlab.com/apparmor/apparmor.git
synced 2025-03-04 08:24:42 +01:00
95c419dc45
af_protos.h is a generated table of the protocols created by looking for definitions of IPPROTO_* in netinet/in.h. Depending on the architecture, the order of the table may change when using -dM in the compiler during the extraction of the defines. This causes an issue because there is more than one IPPROTO defined by the value 0: IPPROTO_IP and IPPROTO_HOPOPTS which is a header extension used by IPv6. So if IPPROTO_HOPOPTS was first in the table, then protocol=0 in the audit logs would be translated to hopopts. This caused a failure in arm 32bit: Output doesn't match expected data: --- ./test_multi/testcase_unix_01.out 2024-08-15 01:47:53.000000000 +0000 +++ ./test_multi/out/testcase_unix_01.out 2024-08-15 23:42:10.187416392 +0000 @@ -12,7 +12,7 @@ Peer Addr: @test_abstract_socket Network family: unix Socket type: stream -Protocol: ip +Protocol: hopopts Class: net Epoch: 1711454639 Audit subid: 322 By the time protocol is resolved in grammar.y, we don't have have access to the net family to check if it's inet6. Instead of making protocol dependent on the net family, make the order of the af_protos.h table consistent between architectures using -dD. Signed-off-by: Georgia Garcia <georgia.garcia@canonical.com> |
||
|---|---|---|
| .. | ||
| doc | ||
| include | ||
| m4 | ||
| src | ||
| swig | ||
| testsuite | ||
| AUTHORS | ||
| autogen.sh | ||
| ChangeLog | ||
| configure.ac | ||
| COPYING.LGPL | ||
| INSTALL | ||
| Makefile.am | ||
| NEWS | ||
| README | ||
What little documentation exists is in include/aalogparse.h. Please file bugs using https://gitlab.com/apparmor/apparmor/-/issues