From cd23a5df10b0465c99f91b5f9c4e160480078c1a Mon Sep 17 00:00:00 2001
From: Tyler Hicks <tyhicks@canonical.com>
Date: Thu, 13 Feb 2014 09:59:53 -0600
Subject: Store AppArmor label of connecting processes

When processes connect the bus, the AppArmor confinement context should
be stored for later use when checks are to be done during message
sending/receiving, acquire a name, and eavesdropping.

Code outside of apparmor.c will need to initialize and unreference the
confinement context, so bus_apparmor_confinement_unref() can no longer
be a static function.

[Move bus_apparmor_confinement_unref back to its old location for
a more reasonable diff -smcv]

Bug: https://bugs.freedesktop.org/show_bug.cgi?id=75113
Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
---
 bus/apparmor.h | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'bus/apparmor.h')

diff --git a/bus/apparmor.h b/bus/apparmor.h
index 66a77c0e..861094e7 100644
--- a/bus/apparmor.h
+++ b/bus/apparmor.h
@@ -27,6 +27,7 @@
 #define BUS_APPARMOR_H
 
 #include <dbus/dbus.h>
+#include "bus.h"
 
 void bus_apparmor_audit_init (void);
 dbus_bool_t bus_apparmor_pre_init (void);
@@ -36,4 +37,8 @@ dbus_bool_t bus_apparmor_full_init (DBusError *error);
 void bus_apparmor_shutdown (void);
 dbus_bool_t bus_apparmor_enabled (void);
 
+void bus_apparmor_confinement_unref (BusAppArmorConfinement *confinement);
+BusAppArmorConfinement* bus_apparmor_init_connection_confinement (DBusConnection *connection,
+                                                                  DBusError      *error);
+
 #endif /* BUS_APPARMOR_H */
-- 
cgit v1.2.1