[apparmor] [PATCH 07/10] From eef17d94fc6189d2303ef38e025f0ca6805adc18 Mon Sep 17 00:00:00 2001 From: John Johansen Date: Sat, 3 Nov 2012 08:19:51 -0700 Subject: [PATCH 07/10] Remove dead code around pattern matching in rules

Sun, 21 Jul 2013 22:35:01 -0700 

remove old dead code that used to fail compilation if regular expressions
where detected in the rules and the apparmor kernel module did not support
regular expression matching.

Signed-off-by: John Johansen <john.johan...@canonical.com>
---
 parser/parser.h        |  2 +-
 parser/parser_policy.c | 50 --------------------------------------------------
 2 files changed, 1 insertion(+), 51 deletions(-)

diff --git a/parser/parser.h b/parser/parser.h
index 733e629..3642833 100644
--- a/parser/parser.h
+++ b/parser/parser.h
@@ -399,7 +399,7 @@ extern void free_policy(struct codomain *cod);
 extern void dump_policy(void);
 extern void dump_policy_hats(struct codomain *cod);
 extern void dump_policy_names(void);
-extern int die_if_any_regex(void);
+
 void free_policies(void);
 
 #ifdef UNIT_TEST
diff --git a/parser/parser_policy.c b/parser/parser_policy.c
index 3536d21..f147be7 100644
--- a/parser/parser_policy.c
+++ b/parser/parser_policy.c
@@ -271,56 +271,6 @@ int merge_hat_rules(struct codomain *cod)
        return 0;
 }
 
-int die_if_any_regex(void);
-static int die_if_any_hat_regex(struct codomain *cod);
-static int any_regex_entries(struct cod_entry *entry_list);
-
-/* only call if regex is not allowed */
-static void __any_regex(const void *nodep, const VISIT value,
-                       const int __unused depth)
-{
-       struct codomain **t = (struct codomain **) nodep;
-
-       if (value == preorder || value == endorder)
-               return;
-
-       if (any_regex_entries((*t)->entries)) {
-               PERROR(_("ERROR profile %s contains policy elements not usable 
with this kernel:\n"
-                        "\t'*', '?', character ranges, and alternations are 
not allowed.\n"
-                        "\t'**' may only be used at the end of a rule.\n"),
-                       (*t)->name);
-               exit(1);
-       }
-
-       die_if_any_hat_regex(*t);
-}
-
-/* only call if regex is not allowed */
-int die_if_any_regex(void)
-{
-       twalk(policy_list, __any_regex);
-       return 0;
-}
-
-/* only call if regex is not allowed */
-static int die_if_any_hat_regex(struct codomain *cod)
-{
-       twalk(cod->hat_table, __any_regex);
-       return 0;
-}
-
-static int any_regex_entries(struct cod_entry *entry_list)
-{
-       struct cod_entry *entry;
-
-       list_for_each(entry_list, entry) {
-               if (entry->pattern_type == ePatternRegex)
-                       return TRUE;
-       }
-
-       return FALSE;
-}
-
 static void __process_regex(const void *nodep, const VISIT value,
                            const int __unused depth)
 {
-- 
1.8.1.2


-- 
AppArmor mailing list
AppArmor@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/apparmor

Reply via email to