policy: Add missing input validations for ExecProcessRequest

This commit introduces validation for input fields in ExecProcessRequest to
harden security policy.

The changes include:
- update rules.rego to add null/empty field enforcements for String_user, SelinuxLabel and ApparmorProfile

Signed-off-by: Ankita Pareek <[email protected]>

Author: Ankita13-code

src/tools/genpolicy/rules.rego

@@ -314,7 +314,8 @@ allow_create_container_input(req) {
     i_process := i_oci.Process
     count(i_process.SelinuxLabel) == 0
     count(i_process.User.Username) == 0
-
+    count(i_process.ApparmorProfile) == 0
+    
     print("allow_create_container_input: true")
 }
 
@@ -1580,7 +1581,6 @@ allow_interactive_exec(p_container, i_process) {
     print("allow_interactive_exec: true")
 }
 
-# TODO: should other ExecProcessRequest input data fields be validated as well?
 ExecProcessRequest {
     print("ExecProcessRequest 1: input =", input)
     allow_exec_process_input