mir/apparmor
2
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor synced 2025-08-22 10:07:12 +00:00
Code Issues Releases Wiki Activity

Merge aa-notify: precompile filter regexes

Browse Source 
Precompile each filter regex with re.compile so they don't need to be
recompiled for each log message when using re.match directly.

Signed-off-by: Georgia Garcia <georgia.garcia@canonical.com>

MR: https://gitlab.com/apparmor/apparmor/-/merge_requests/1158
Approved-by: Christian Boltz <apparmor@cboltz.de>
Merged-by: Christian Boltz <apparmor@cboltz.de>
This commit is contained in:
Christian Boltz 2024-02-26 17:15:26 +00:00
commit 909e330fd0
1 changed files with 26 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
utils/aa-notify
View File

@ -94,17 +94,17 @@ def format_event(event, logsource):
def is_event_in_filter(event, filters): def is_event_in_filter(event, filters):
"""Checks if event is in filter""" """Checks if event is in filter"""
if filters['profile'] and event.profile and not re.match(filters['profile'], event.profile): if filters['profile'] and event.profile and not filters['profile_re'].match(event.profile):
return False return False
if filters['operation'] and event.operation and not re.match(filters['operation'], event.operation): if filters['operation'] and event.operation and not filters['operation_re'].match(event.operation):
return False return False
if filters['name'] and event.name and not re.match(filters['name'], event.name): if filters['name'] and event.name and not filters['name_re'].match(event.name):
return False return False
if filters['denied_mask'] and event.denied_mask and not re.match(filters['denied_mask'], event.denied_mask): if filters['denied_mask'] and event.denied_mask and not filters['denied_mask_re'].match(event.denied_mask):
return False return False
if filters['net_family'] and event.net_family and not re.match(filters['net_family'], event.net_family): if filters['net_family'] and event.net_family and not filters['net_family_re'].match(event.net_family):
return False return False
if filters['net_sock_type'] and event.net_sock_type and not re.match(filters['net_sock_type'], event.net_sock_type): if filters['net_sock_type'] and event.net_sock_type and not filters['net_sock_type_re'].match(event.net_sock_type):
return False return False
return True return True
@ -380,6 +380,24 @@ def read_notify_conf(path, shell_config):
return {} return {}
def compile_filter_regex(filters):
"""Compile each filter regex and add it to filters"""
if filters['profile']:
filters['profile_re'] = re.compile(filters['profile'])
if filters['operation']:
filters['operation_re'] = re.compile(filters['operation'])
if filters['name']:
filters['name_re'] = re.compile(filters['name'])
if filters['denied_mask']:
filters['denied_mask_re'] = re.compile(filters['denied_mask'])
if filters['net_family']:
filters['net_family_re'] = re.compile(filters['net_family'])
if filters['net_sock_type']:
filters['net_sock_type_re'] = re.compile(filters['net_sock_type'])
return filters
def main(): def main():
"""Run aa-notify. """Run aa-notify.
@ -561,6 +579,8 @@ def main():
if getattr(args, 'filter.socket'): if getattr(args, 'filter.socket'):
filters['net_sock_type'] = getattr(args, 'filter.socket') filters['net_sock_type'] = getattr(args, 'filter.socket')
filters = compile_filter_regex(filters)
# Warn if use_group is defined and current group does not match defined # Warn if use_group is defined and current group does not match defined
if 'use_group' in config['']: if 'use_group' in config['']:
user = pwd.getpwuid(os.geteuid())[0] user = pwd.getpwuid(os.geteuid())[0]