mir/apparmor
2
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor synced 2025-09-01 06:45:38 +00:00
Code Issues Releases Wiki Activity

parser: convert audit from bool to enum

Browse Source 
Audit control support is going to be extended to support allowing
policy to which rules should quiet auditing. Update the frontend
internals to prepare for this.

Signed-off-by: John Johansen <john.johansen@canonical.com>
This commit is contained in:
John Johansen
2021-08-28 02:11:11 -07:00
parent 134e95f783
commit 7a318d99f2
22 changed files with 111 additions and 109 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
parser/parser_regex.c
View File

@@ -632,12 +632,12 @@ static int process_dfa_entry(aare_rules *dfarules, struct cod_entry *entry)
!is_change_profile_perms(entry->perms) &&
!dfarules->add_rule(tbuf.c_str(), entry->deny,
entry->perms & ~(AA_LINK_BITS | AA_CHANGE_PROFILE),
entry->audit ? entry->perms & ~(AA_LINK_BITS | AA_CHANGE_PROFILE) : 0,
entry->audit.audit_mode == AUDIT_FORCE ? entry->perms & ~(AA_LINK_BITS | AA_CHANGE_PROFILE) : 0,
dfaflags))
return FALSE;
} else if (!is_change_profile_perms(entry->perms)) {
if (!dfarules->add_rule(tbuf.c_str(), entry->deny, entry->perms,
entry->audit ? entry->perms : 0, dfaflags))
entry->audit.audit_mode == AUDIT_FORCE ? entry->perms : 0, dfaflags))
return FALSE;
}
@@ -660,7 +660,7 @@ static int process_dfa_entry(aare_rules *dfarules, struct cod_entry *entry)
perms |= LINK_TO_LINK_SUBSET(perms);
vec[1] = "/[^/].*";
}
if (!dfarules->add_rule_vec(entry->deny, perms, entry->audit ? perms & AA_LINK_BITS : 0, 2, vec, dfaflags, false))
if (!dfarules->add_rule_vec(entry->deny, perms, entry->audit.audit_mode == AUDIT_FORCE ? perms & AA_LINK_BITS : 0, 2, vec, dfaflags, false))
return FALSE;
}
if (is_change_profile_perms(entry->perms)) {
@@ -671,7 +671,7 @@ static int process_dfa_entry(aare_rules *dfarules, struct cod_entry *entry)
int index = 1;
uint32_t onexec_perms = AA_ONEXEC;
if ((warnflags & WARN_RULE_DOWNGRADED) && entry->audit && warn_change_profile) {
if ((warnflags & WARN_RULE_DOWNGRADED) && entry->audit.audit_mode == AUDIT_FORCE && warn_change_profile) {
/* don't have profile name here, so until this code
* gets refactored just throw out a generic warning
*/