mirror of
https://gitlab.com/apparmor/apparmor
synced 2025-09-03 07:45:50 +00:00
Remove dead code around pattern matching in rules
remove old dead code that used to fail compilation if regular expressions where detected in the rules and the apparmor kernel module did not support regular expression matching. Signed-off-by: John Johansen <john.johansen@canonical.com> Acked-by: Seth Arnold <seth.arnold@canonical.com> Acked-by: Steve Beattie <steve@nxnw.org>
This commit is contained in:
John Johansen
committed by
Tyler Hicks
Tyler Hicks
parent
a34059b1e5
commit
59dc00bc30
@@ -418,7 +418,7 @@ extern void free_policy(struct codomain *cod);
|
||||
extern void dump_policy(void);
|
||||
extern void dump_policy_hats(struct codomain *cod);
|
||||
extern void dump_policy_names(void);
|
||||
extern int die_if_any_regex(void);
|
||||
|
||||
void free_policies(void);
|
||||
|
||||
#ifdef UNIT_TEST
|
||||
|
||||
@@ -274,56 +274,6 @@ int merge_hat_rules(struct codomain *cod)
|
||||
return 0;
|
||||
}
|
||||
|
||||
int die_if_any_regex(void);
|
||||
static int die_if_any_hat_regex(struct codomain *cod);
|
||||
static int any_regex_entries(struct cod_entry *entry_list);
|
||||
|
||||
/* only call if regex is not allowed */
|
||||
static void __any_regex(const void *nodep, const VISIT value,
|
||||
const int __unused depth)
|
||||
{
|
||||
struct codomain **t = (struct codomain **) nodep;
|
||||
|
||||
if (value == preorder || value == endorder)
|
||||
return;
|
||||
|
||||
if (any_regex_entries((*t)->entries)) {
|
||||
PERROR(_("ERROR profile %s contains policy elements not usable with this kernel:\n"
|
||||
"\t'*', '?', character ranges, and alternations are not allowed.\n"
|
||||
"\t'**' may only be used at the end of a rule.\n"),
|
||||
(*t)->name);
|
||||
exit(1);
|
||||
}
|
||||
|
||||
die_if_any_hat_regex(*t);
|
||||
}
|
||||
|
||||
/* only call if regex is not allowed */
|
||||
int die_if_any_regex(void)
|
||||
{
|
||||
twalk(policy_list, __any_regex);
|
||||
return 0;
|
||||
}
|
||||
|
||||
/* only call if regex is not allowed */
|
||||
static int die_if_any_hat_regex(struct codomain *cod)
|
||||
{
|
||||
twalk(cod->hat_table, __any_regex);
|
||||
return 0;
|
||||
}
|
||||
|
||||
static int any_regex_entries(struct cod_entry *entry_list)
|
||||
{
|
||||
struct cod_entry *entry;
|
||||
|
||||
list_for_each(entry_list, entry) {
|
||||
if (entry->pattern_type == ePatternRegex)
|
||||
return TRUE;
|
||||
}
|
||||
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
static void __process_regex(const void *nodep, const VISIT value,
|
||||
const int __unused depth)
|
||||
{
|
||||
|
||||
Reference in New Issue
Block a user