Merge logparser: adding support for comm in capability events

In order to act on capability denials, we need to parse comm.

Signed-off-by: Maxime Bélair <maxime.belair@canonical.com>

MR: https://gitlab.com/apparmor/apparmor/-/merge_requests/1294
Approved-by: John Johansen <john@jjmx.net>
Merged-by: John Johansen <john@jjmx.net>

utils/apparmor/logparser.py

@@ -238,6 +238,8 @@ class ReadLog:
 
             case 'io_uring':
                 ev['peer_profile'] = event.peer_profile
+            case 'capability':
+                ev['comm'] = event.comm
 
         if not ev['time']:
             ev['time'] = int(time.time())

utils/test/test-capability.py

@@ -138,6 +138,7 @@ class CapabilityTest(AATest):
             'active_hat': None,
             'pid': 15454,
             'task': 0,
+            'comm': 'ping',
             'attr': None,
             'name2': None,
             'name': 'net_raw',