[apparmor] [PATCH 07/10] From eef17d94fc6189d2303ef38e025f0ca6805adc18 Mon Sep 17 00:00:00 2001 From: John Johansen <john.johansen at canonical.com> Date: Sat, 3 Nov 2012 08:19:51 -0700 Subject: [PATCH 07/10] Remove dead code around pattern matching in rules

Seth Arnold seth.arnold at canonical.com
Thu Jul 25 23:02:49 UTC 2013 

On Sun, Jul 21, 2013 at 10:32:50PM -0700, John Johansen wrote:
> remove old dead code that used to fail compilation if regular expressions
> where detected in the rules and the apparmor kernel module did not support
> regular expression matching.
> 
> Signed-off-by: John Johansen <john.johansen at canonical.com>

Acked-by: Seth Arnold <seth.arnold at canonical.com>

> ---
>  parser/parser.h        |  2 +-
>  parser/parser_policy.c | 50 --------------------------------------------------
>  2 files changed, 1 insertion(+), 51 deletions(-)
> 
> diff --git a/parser/parser.h b/parser/parser.h
> index 733e629..3642833 100644
> --- a/parser/parser.h
> +++ b/parser/parser.h
> @@ -399,7 +399,7 @@ extern void free_policy(struct codomain *cod);
>  extern void dump_policy(void);
>  extern void dump_policy_hats(struct codomain *cod);
>  extern void dump_policy_names(void);
> -extern int die_if_any_regex(void);
> +
>  void free_policies(void);
>  
>  #ifdef UNIT_TEST
> diff --git a/parser/parser_policy.c b/parser/parser_policy.c
> index 3536d21..f147be7 100644
> --- a/parser/parser_policy.c
> +++ b/parser/parser_policy.c
> @@ -271,56 +271,6 @@ int merge_hat_rules(struct codomain *cod)
>  	return 0;
>  }
>  
> -int die_if_any_regex(void);
> -static int die_if_any_hat_regex(struct codomain *cod);
> -static int any_regex_entries(struct cod_entry *entry_list);
> -
> -/* only call if regex is not allowed */
> -static void __any_regex(const void *nodep, const VISIT value,
> -		        const int __unused depth)
> -{
> -	struct codomain **t = (struct codomain **) nodep;
> -
> -	if (value == preorder || value == endorder)
> -		return;
> -
> -	if (any_regex_entries((*t)->entries)) {
> -		PERROR(_("ERROR profile %s contains policy elements not usable with this kernel:\n"
> -			 "\t'*', '?', character ranges, and alternations are not allowed.\n"
> -			 "\t'**' may only be used at the end of a rule.\n"),
> -			(*t)->name);
> -		exit(1);
> -	}
> -
> -	die_if_any_hat_regex(*t);
> -}
> -
> -/* only call if regex is not allowed */
> -int die_if_any_regex(void)
> -{
> -	twalk(policy_list, __any_regex);
> -	return 0;
> -}
> -
> -/* only call if regex is not allowed */
> -static int die_if_any_hat_regex(struct codomain *cod)
> -{
> -	twalk(cod->hat_table, __any_regex);
> -	return 0;
> -}
> -
> -static int any_regex_entries(struct cod_entry *entry_list)
> -{
> -	struct cod_entry *entry;
> -
> -	list_for_each(entry_list, entry) {
> -		if (entry->pattern_type == ePatternRegex)
> -			return TRUE;
> -	}
> -
> -	return FALSE;
> -}
> -
>  static void __process_regex(const void *nodep, const VISIT value,
>  			    const int __unused depth)
>  {
> -- 
> 1.8.1.2
> 
> 
> -- 
> AppArmor mailing list
> AppArmor at lists.ubuntu.com
> Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
> 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: Digital signature
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20130725/2508f86d/attachment-0001.pgp>

More information about the AppArmor mailing list