1 | /* SPDX-License-Identifier: GPL-2.0-only */ |
2 | /* |
3 | * AppArmor security module |
4 | * |
5 | * Code to provide backwards compatibility with older policy versions, |
6 | * by converting/mapping older policy formats into the newer internal |
7 | * formats. |
8 | * |
9 | * Copyright 2022 Canonical Ltd. |
10 | */ |
11 | |
12 | #ifndef __POLICY_COMPAT_H |
13 | #define __POLICY_COMPAT_H |
14 | |
15 | #include "policy.h" |
16 | |
17 | #define K_ABI_MASK 0x3ff |
18 | #define FORCE_COMPLAIN_FLAG 0x800 |
19 | #define VERSION_LT(X, Y) (((X) & K_ABI_MASK) < ((Y) & K_ABI_MASK)) |
20 | #define VERSION_LE(X, Y) (((X) & K_ABI_MASK) <= ((Y) & K_ABI_MASK)) |
21 | #define VERSION_GT(X, Y) (((X) & K_ABI_MASK) > ((Y) & K_ABI_MASK)) |
22 | |
23 | #define v5 5 /* base version */ |
24 | #define v6 6 /* per entry policydb mediation check */ |
25 | #define v7 7 |
26 | #define v8 8 /* full network masking */ |
27 | #define v9 9 /* xbits are used as permission bits in policydb */ |
28 | |
29 | int aa_compat_map_xmatch(struct aa_policydb *policy); |
30 | int aa_compat_map_policy(struct aa_policydb *policy, u32 version); |
31 | int aa_compat_map_file(struct aa_policydb *policy); |
32 | |
33 | #endif /* __POLICY_COMPAT_H */ |
34 | |