TSG-14946: 安全策略支持allow(deny)和monitor动作同时命中v6.0.13

author: 刘学利 <[email protected]> 2023-05-27 09:37:46 +0000
committer: 刘学利 <[email protected]> 2023-05-27 09:37:46 +0000
commit: 7abc5766214917aec7073093271442c4a6a69eca (patch)
tree: de42b79b27da6951b3c5386361e2dc410214a163 /src/tsg_rule.cpp
parent: bc7909e57bba412ff1f7f5d323f5c44c20486d3a (diff)
1 files changed, 21 insertions, 0 deletions
diff --git a/src/tsg_rule.cpp b/src/tsg_rule.cpp
index 619a62d..7de6a99 100644
--- a/src/tsg_rule.cpp
+++ b/src/tsg_rule.cpp
@@ -3080,6 +3080,27 @@ size_t tsg_matched_rules_select(struct maat *feather, TSG_SERVICE service, long
 	return offset;
 }
 
+size_t tsg_select_rules_by_action(struct maat_rule *matched_rules, size_t n_matched_rules, struct maat_rule *rules, size_t n_rules, unsigned char action)
+{
+	size_t offset=0;
+	for(size_t i=0; i<n_matched_rules; i++)
+	{
+		if(offset>=n_rules)
+		{
+			break;
+		}
+		
+		if(matched_rules[i].action!=action)
+		{
+			continue;
+		}
+
+		rules[offset++]=matched_rules[i];
+	}
+
+	return offset;
+}
+
 size_t tsg_select_rules_by_service_id(struct maat_rule *matched_rules, size_t n_matched_rules, struct maat_rule *rules, size_t n_rules, enum TSG_SERVICE service_id)
 {
 	size_t offset=0;
author	刘学利 <[email protected]>	2023-05-27 09:37:46 +0000
committer	刘学利 <[email protected]>	2023-05-27 09:37:46 +0000
commit	7abc5766214917aec7073093271442c4a6a69eca (patch)
tree	de42b79b27da6951b3c5386361e2dc410214a163 /src/tsg_rule.cpp
parent	bc7909e57bba412ff1f7f5d323f5c44c20486d3a (diff)