mir/apparmor
2
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor synced 2025-08-30 22:05:27 +00:00
Code Issues Releases Wiki Activity

parser: minimization - remove unnecessary second minimization pass

Browse Source 
Moving apply_and_clear_deny() before the first minimization pass, which
was necessary to propperly support building accept information for
older none extended permission dfas, allows us to also get rid of doing a
second minimization pass if we want to force clearing explicit deny
info from extended permission tables.

Signed-off-by: John Johansen <john.johansen@canonical.com>
This commit is contained in:
John Johansen
2024-05-10 03:06:22 -07:00
parent 1fa45b7c1f
commit 2737cb2c2b
21 changed files with 477 additions and 150 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
parser/parser_misc.c
View File

@@ -984,6 +984,7 @@ struct cod_entry *new_entry(char *id, perm32_t perms, char *link_id)
if (!entry)
return NULL;
entry->priority = 0;
entry->name = id;
entry->link_name = link_id;
entry->perms = perms;
@@ -1010,6 +1011,7 @@ struct cod_entry *copy_cod_entry(struct cod_entry *orig)
DUP_STRING(orig, entry, name, err);
DUP_STRING(orig, entry, link_name, err);
DUP_STRING(orig, entry, nt_name, err);
entry->priority = orig->priority;
entry->perms = orig->perms;
entry->audit = orig->audit;
entry->rule_mode = orig->rule_mode;