mir/apparmor
2
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor synced 2025-08-31 06:16:03 +00:00
Code Issues Releases Wiki Activity

add pix transition mode

Browse Source
This commit is contained in:
John Johansen
2007-11-16 09:27:34 +00:00
parent 92a569fdb3
commit 230b04231c
41 changed files with 428 additions and 71 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
parser/parser_merge.c
View File

@@ -88,25 +88,21 @@ static int process_file_entries(struct codomain *cod)
qsort(table, count, sizeof(struct cod_entry *), file_comp);
table[count] = NULL;
#define CHECK_CONFLICT_UNSAFE(a, b) \
((HAS_EXEC_UNSAFE(a) ^ HAS_EXEC_UNSAFE(b)) && \
((HAS_EXEC_PROFILE(a) && HAS_EXEC_PROFILE(b)) || \
(HAS_EXEC_UNCONFINED(a) && HAS_EXEC_UNCONFINED(b))))
#define X_CONFLICT(a, b) \
(HAS_MAY_EXEC(a) && HAS_MAY_EXEC(b) && \
(((a) & (AA_EXEC_MODIFIERS | AA_EXEC_UNSAFE)) != \
((b) & (AA_EXEC_MODIFIERS | AA_EXEC_UNSAFE))))
/* walk the sorted table merging similar entries */
for (cur = table[0], next = table[1], n = 1; next != NULL; n++, next = table[n]) {
if (file_comp(&cur, &next) == 0) {
int conflict = CHECK_CONFLICT_UNSAFE(cur->mode, next->mode);
cur->mode |= next->mode;
/* check for merged x consistency */
if (HAS_MAY_EXEC(cur->mode) &&
(!AA_EXEC_SINGLE_MODIFIER_SET(cur->mode) ||
conflict)) {
if (X_CONFLICT(cur->mode, next->mode)) {
PERROR(_("profile %s: has merged rule %s with multiple x modifiers\n"),
cod->name, cur->name);
return 0;
}
cur->mode |= next->mode;
free(next->name);
free(next);
table[n] = NULL;