mir/apparmor
2
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor synced 2025-08-31 14:25:52 +00:00
Code Issues Releases Wiki Activity

parser: move cap code around to consolidate

Browse Source 
Just some basic cleanup bringing capability structs and fns together.

Signed-off-by: John Johansen <john.johansen@canonical.com>
This commit is contained in:
John Johansen
2020-07-02 06:25:38 -07:00
parent 168b141cc2
commit 8a1260db47
1 changed files with 40 additions and 34 deletions
Download Patch File Download Diff File Expand all files Collapse all files

74
parser/parser_misc.c
View File

@@ -165,6 +165,18 @@ static int get_table_token(const char *name unused, struct keyword_table *table,
return -1;
}
/* for alpha matches, check for keywords */
int get_keyword_token(const char *keyword)
{
return get_table_token("keyword", keyword_table, keyword);
}
int get_rlimit(const char *name)
{
return get_table_token("rlimit", rlimit_table, name);
}
#define NO_BACKMAP_CAP 0xff
#ifndef CAP_PERFMON
@@ -175,6 +187,12 @@ static int get_table_token(const char *name unused, struct keyword_table *table,
#define CAP_BPF 39
#endif
typedef enum capability_flags {
CAP_KERNEL_FEATURE = 1,
CAP_POLICY_FEATURE = 2,
CAP_EXTERNAL_FEATURE = 4,
} capability_flags;
struct capability_table {
const char *cap;
unsigned int token;
@@ -206,21 +224,34 @@ static int get_cap_token(const char *name unused, struct capability_table *table
return -1;
}
/* for alpha matches, check for keywords */
int get_keyword_token(const char *keyword)
{
return get_table_token("keyword", keyword_table, keyword);
}
int name_to_capability(const char *keyword)
{
return get_cap_token("capability", base_capability_table, keyword);
}
int get_rlimit(const char *name)
const char *capability_to_name(unsigned int cap)
{
return get_table_token("rlimit", rlimit_table, name);
int i;
for (i = 0; base_capability_table[i].cap; i++) {
if (base_capability_table[i].token == cap)
return base_capability_table[i].cap;
}
return "invalid-capability";
}
void __debug_capabilities(uint64_t capset, const char *name)
{
unsigned int i;
printf("%s:", name);
for (i = 0; base_capability_table[i].cap; i++) {
if ((1ull << base_capability_table[i].token) & capset)
printf (" %s", base_capability_table[i].cap);
}
printf("\n");
}
char *processunquoted(const char *string, int len)
@@ -866,31 +897,6 @@ void debug_cod_entries(struct cod_entry *list)
}
}
const char *capability_to_name(unsigned int cap)
{
int i;
for (i = 0; base_capability_table[i].cap; i++) {
if (base_capability_table[i].token == cap)
return base_capability_table[i].cap;
}
return "invalid-capability";
}
void __debug_capabilities(uint64_t capset, const char *name)
{
unsigned int i;
printf("%s:", name);
for (i = 0; base_capability_table[i].cap; i++) {
if ((1ull << base_capability_table[i].token) & capset)
printf (" %s", base_capability_table[i].cap);
}
printf("\n");
}
struct value_list *new_value_list(char *value)
{
struct value_list *val = (struct value_list *) calloc(1, sizeof(struct value_list));