mirrors/apparmor
1
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor.git synced 2025-03-04 08:24:42 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

parser: Add warning flag for ABI messages

Browse source 
ABI warnings can be to much for a deployed system. Add

  --warn=abi

to control output of abi warnings

MR: https://gitlab.com/apparmor/apparmor/-/merge_requests/600
Signed-off-by: John Johansen <john.johansen@canonical.com>
This commit is contained in:
John Johansen 2020-08-28 07:13:28 -07:00
parent eb8f9302aa
commit 0d0686becc
3 changed files with 6 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
parser/parser.h
View file

@ -54,6 +54,7 @@ extern int parser_token;
#define WARN_RULE_NOT_ENFORCED 1
#define WARN_RULE_DOWNGRADED 2
#define WARN_ABI 4
extern dfaflags_t warnflags;
@ -331,6 +332,8 @@ extern int read_implies_exec;
extern void pwarn(const char *fmt, ...) __attribute__((__format__(__printf__, 1, 2)));
extern void common_warn_once(const char *name, const char *msg, const char **warned_name);
#define pwarn_onflag(F, args...) do { if (warnflags & (F)) pwarn(args); } while (0)
/* from parser_main (cannot be used in tst builds) */
extern int force_complain;
extern void display_version(void);

1
parser/parser_main.c
View file

@ -249,6 +249,7 @@ static void display_usage(const char *command)
optflag_table_t warnflag_table[] = {
{ 0, "rule-not-enforced", "warn if a rule is not enforced", WARN_RULE_NOT_ENFORCED },
{ 0, "rule-downgraded", "warn if a rule is downgraded to a lesser but still enforcing rule", WARN_RULE_DOWNGRADED },
{ 0, "abi", "warn if there are abi issues in the profile", WARN_ABI },
{ 0, NULL, NULL, 0 },
};

4
parser/parser_yacc.y
View file

@ -305,7 +305,7 @@ list: preamble
strlen(default_features_abi))) {
yyerror(_("Failed to setup default policy feature abi"));
}
pwarn(_("%s: File '%s' missing feature abi, falling back to default policy feature abi\n"), progname, current_filename);
pwarn_onflag(WARN_ABI, _("%s: File '%s' missing feature abi, falling back to default policy feature abi\n"), progname, current_filename);
}
}
if (!add_cap_feature_mask(policy_features,
@ -1813,7 +1813,7 @@ static void abi_features(char *filename, bool search)
}
if (policy_features) {
if (!aa_features_is_equal(tmp_features, policy_features)) {
pwarn(_("%s: %s features abi '%s' differes from policy declared feature abi, using the features abi declared in policy\n"), progname, current_filename, filename);
pwarn_onflag(WARN_ABI, _("%s: %s features abi '%s' differs from policy declared feature abi, using the features abi declared in policy\n"), progname, current_filename, filename);
}
aa_features_unref(tmp_features);
} else {