remove old dead code that used to fail compilation if regular expressions where detected in the rules and the apparmor kernel module did not support regular expression matching.
Signed-off-by: John Johansen <john.johan...@canonical.com> --- parser/parser.h | 2 +- parser/parser_policy.c | 50 -------------------------------------------------- 2 files changed, 1 insertion(+), 51 deletions(-) diff --git a/parser/parser.h b/parser/parser.h index 733e629..3642833 100644 --- a/parser/parser.h +++ b/parser/parser.h @@ -399,7 +399,7 @@ extern void free_policy(struct codomain *cod); extern void dump_policy(void); extern void dump_policy_hats(struct codomain *cod); extern void dump_policy_names(void); -extern int die_if_any_regex(void); + void free_policies(void); #ifdef UNIT_TEST diff --git a/parser/parser_policy.c b/parser/parser_policy.c index 3536d21..f147be7 100644 --- a/parser/parser_policy.c +++ b/parser/parser_policy.c @@ -271,56 +271,6 @@ int merge_hat_rules(struct codomain *cod) return 0; } -int die_if_any_regex(void); -static int die_if_any_hat_regex(struct codomain *cod); -static int any_regex_entries(struct cod_entry *entry_list); - -/* only call if regex is not allowed */ -static void __any_regex(const void *nodep, const VISIT value, - const int __unused depth) -{ - struct codomain **t = (struct codomain **) nodep; - - if (value == preorder || value == endorder) - return; - - if (any_regex_entries((*t)->entries)) { - PERROR(_("ERROR profile %s contains policy elements not usable with this kernel:\n" - "\t'*', '?', character ranges, and alternations are not allowed.\n" - "\t'**' may only be used at the end of a rule.\n"), - (*t)->name); - exit(1); - } - - die_if_any_hat_regex(*t); -} - -/* only call if regex is not allowed */ -int die_if_any_regex(void) -{ - twalk(policy_list, __any_regex); - return 0; -} - -/* only call if regex is not allowed */ -static int die_if_any_hat_regex(struct codomain *cod) -{ - twalk(cod->hat_table, __any_regex); - return 0; -} - -static int any_regex_entries(struct cod_entry *entry_list) -{ - struct cod_entry *entry; - - list_for_each(entry_list, entry) { - if (entry->pattern_type == ePatternRegex) - return TRUE; - } - - return FALSE; -} - static void __process_regex(const void *nodep, const VISIT value, const int __unused depth) { -- 1.8.1.2 -- AppArmor mailing list AppArmor@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor