utils: Allow Perl utils to store and write back unsupported rules

This patch:
- allows the unsupported rules to be stored when parsing profiles
- writes all the unsupported rules back to profile

Acked-by: Christian Boltz <apparmor@cboltz.de>

deprecated/utils/Immunix/AppArmor.pm

@@ -5440,7 +5440,12 @@ sub parse_profile_data($$$) {
             }
         } elsif (/^\s*(audit\s+)?(deny\s+)?(owner\s+)?(capability|dbus|file|mount|pivot_root|remount|umount|signal|unix|ptrace)/) {
 	    # ignore valid rules that are currently unsupported by AppArmor.pm
-            # BUG: when writing the profile, those rules are lost!
+            if (! defined $profile_data->{$profile}{$hat}{unsupported_rules}) {
+                $profile_data->{$profile}{$hat}{unsupported_rules} = [];
+            }
+            $_ =~ s/^\s+|\s+$//g;
+            push @{$profile_data->{$profile}{$hat}{unsupported_rules}}, $_ ;
+
         } else {
 	    # we hit something we don't understand in a profile...
 	    die sprintf(gettext('%s contains syntax errors. Line [%s]'), $file, $_) . "\n";
@@ -5894,6 +5899,25 @@ sub writepaths ($$) {
     return @data;
 }
 
+sub writeunsupportedrules ($$) {
+    my ($prof_data, $depth) = @_;
+
+    my @data;
+    my $pre = "  " x $depth;
+
+    if (defined $prof_data->{unsupported_rules}) {
+
+        for my $rule (@{$prof_data->{unsupported_rules}}){
+            push @data, "${pre}${rule}";
+        }
+
+        push @data, "";
+    }
+
+    return @data;
+
+}
+
 sub write_rules ($$) {
     my ($prof_data, $depth) = @_;
 
@@ -5904,6 +5928,7 @@ sub write_rules ($$) {
     push @data, writerlimits($prof_data, $depth);
     push @data, writecapabilities($prof_data, $depth);
     push @data, writenetdomain($prof_data, $depth);
+    push @data, writeunsupportedrules($prof_data, $depth); ## Legacy support for unknown/new rules
     push @data, writelinks($prof_data, $depth);
     push @data, writepaths($prof_data, $depth);
     push @data, writechange_profile($prof_data, $depth);