Refactor policydb entry processing so that post_process_policydb_ents is
just a driver for rule specific routines.
Signed-off-by: John Johansen <john.johan...@canonical.com>
---
parser/parser_regex.c | 13 +++++++++++--
1 file changed, 11 insertions(+), 2 deletions(-)
diff --git a/parser/parser_regex.c b/parser/parser_regex.c
index 0ba8114..30a86cc 100644
--- a/parser/parser_regex.c
+++ b/parser/parser_regex.c
@@ -1041,7 +1041,7 @@ fail:
}
-int post_process_policydb_ents(struct codomain *cod)
+int post_process_mnt_ents(struct codomain *cod)
{
int ret = TRUE;
int count = 0;
@@ -1058,10 +1058,19 @@ int post_process_policydb_ents(struct codomain *cod)
} else if (cod->mnt_ents && !kernel_supports_mount)
pwarn("profile %s mount rules not enforced\n", cod->name);
- cod->policy_rule_count = count;
+ cod->policy_rule_count += count;
+
return ret;
}
+int post_process_policydb_ents(struct codomain *cod)
+{
+ if (!post_process_mnt_ents(cod))
+ return FALSE;
+
+ return TRUE;
+}
+
int process_policydb(struct codomain *cod)
{
int error = -1;
--
1.7.10.4
--
AppArmor mailing list
AppArmor@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/apparmor
