i/b/shared-memory: handle "private" plug attribute in shared-memory interface correctly (#13107)
* i/b/shared-memory: error on invalid plug attribute
The isPrivate() method assumes that a plug has been sanitised by
BeforePreparePlug and panics if there's no "private" attribute.
There's been a customer report of this happening and even though the
it's unclear how the attribute is missing/wrong, we should handle it
as gracefully as we can instead of panicking.
Signed-off-by: Miguel Pires <email address hidden>
* i/b/shared-memory: split else/if
Signed-off-by: Miguel Pires <email address hidden>
* interfaces: deal with missing shared-mem `private` attr correctly
The private attribute in the shared-memory interface may be
not in the `isPrivate()` call. This can even happen if
"SanitizePlugsSlots()" is called (which in turn calls
BeforePreparePlug() which will set `private`).
The code-path in which this happens is an upgrade from snapd
2.54.4 where shared-memory did not have the "private" attribute
yet. Then the ConnectedPlug data is written into the
interface repo without this attribute and on regeneration
of security profiles the connectedPlug is loaded from the
interface repository in the state and not from the
snap.yaml so this attribute is missing.
The correct behavior is that `private` is set to false which
is the default when it's not set in snap.yaml as it can only
end up in this state if it was unset.
---------
Signed-off-by: Miguel Pires <email address hidden>
Co-authored-by: Michael Vogt <email address hidden>
sandbox/apparmor/notify: moved to protocol version 3
Additionally, clarified some comments about underlying apparmor structs,
fixed the Filter field to be a `[]byte` instead of a `string`, and
renamed the Flags field to NoCache.
Signed-off-by: Oliver Calder <email address hidden>