collapse_log(): return merged profile names

... instead of the old [profile][hat] structure. This needs changes in do_logprof_pass() when calling ask_the_questions() (using merged_to_split() for now). Also adjust test-libapparmor-test_multi.py logfile_to_profile() to expect the merged structure.
2025-08-31 14:25:52 +00:00 · 2021-04-04 14:55:31 +02:00
parent bd3b62a8a1
commit a20865008f
2 changed files with 11 additions and 10 deletions
--- a/utils/apparmor/aa.py
+++ b/utils/apparmor/aa.py
@@ -1502,6 +1502,9 @@ def do_logprof_pass(logmark=''):

    log_dict = collapse_log(hashlog)

+    for aamode in log_dict:
+        log_dict[aamode] = merged_to_split(log_dict[aamode])
+
    ask_the_questions(log_dict)

    save_profiles()
@@ -1667,10 +1670,7 @@ def collapse_log(hashlog, ignore_null_profiles=True):
                            if not hat_exists or not is_known_rule(aa[profile][hat], 'signal', signal_event):
                                log_dict[aamode][full_profile]['signal'].add(signal_event)

-    compat = {}
-    for aamode in log_dict:
-        compat[aamode] = merged_to_split(log_dict[aamode])
-    return compat
+    return log_dict

 def read_profiles(ui_msg=False):
    # we'll read all profiles from disk, so reset the storage first (autodep() might have created/stored
--- a/utils/test/test-libapparmor-test_multi.py
+++ b/utils/test/test-libapparmor-test_multi.py
@@ -245,15 +245,15 @@ def logfile_to_profile(logfile):

    log_dict = apparmor.aa.collapse_log(hashlog, ignore_null_profiles=False)

-    if profile != hat:
+    if list(log_dict[aamode].keys()) != [parsed_event['profile']]:
+        raise Exception('log_dict[%s] contains unexpected keys. Logfile: %s, keys %s' % (aamode, logfile, log_dict.keys()))
+
+    if '//' in parsed_event['profile']:
        # log event for a child profile means log_dict only contains the child profile
        # initialize parent profile in log_dict as ProfileStorage to ensure writing the profile doesn't fail
        # (in "normal" usage outside of this test, log_dict will not be handed over to serialize_profile())

-        if log_dict[aamode][profile][profile] != {}:
-            raise Exception('event for child profile, but parent profile was initialized nevertheless. Logfile: %s' % logfile)
-
-        log_dict[aamode][profile][profile] = apparmor.aa.ProfileStorage('TEST DUMMY for empty parent profile', profile_dummy_file, 'logfile_to_profile()')
+        log_dict[aamode][profile] = apparmor.aa.ProfileStorage('TEST DUMMY for empty parent profile', profile_dummy_file, 'logfile_to_profile()')

    log_is_empty = True

@@ -273,7 +273,8 @@ def logfile_to_profile(logfile):
        if log_is_empty == True:
            raise Exception('got empty log for logfile not in log_to_profile_known_empty_log: %s %s' % (logfile, hashlog))

-    new_profile = apparmor.aa.serialize_profile(log_dict[aamode][profile], profile, {})
+    compat_log_dict_aamode = apparmor.aa.merged_to_split(log_dict[aamode])
+    new_profile = apparmor.aa.serialize_profile(compat_log_dict_aamode[profile], profile, {})

    return profile, new_profile