Refactor policydb entry processing so that post_process_policydb_ents is just a driver for rule specific routines.
Signed-off-by: John Johansen <john.johan...@canonical.com> --- parser/parser_regex.c | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/parser/parser_regex.c b/parser/parser_regex.c index 0ba8114..30a86cc 100644 --- a/parser/parser_regex.c +++ b/parser/parser_regex.c @@ -1041,7 +1041,7 @@ fail: } -int post_process_policydb_ents(struct codomain *cod) +int post_process_mnt_ents(struct codomain *cod) { int ret = TRUE; int count = 0; @@ -1058,10 +1058,19 @@ int post_process_policydb_ents(struct codomain *cod) } else if (cod->mnt_ents && !kernel_supports_mount) pwarn("profile %s mount rules not enforced\n", cod->name); - cod->policy_rule_count = count; + cod->policy_rule_count += count; + return ret; } +int post_process_policydb_ents(struct codomain *cod) +{ + if (!post_process_mnt_ents(cod)) + return FALSE; + + return TRUE; +} + int process_policydb(struct codomain *cod) { int error = -1; -- 1.7.10.4 -- AppArmor mailing list AppArmor@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor