mir/apparmor
2
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor synced 2025-08-22 10:07:12 +00:00
Code Issues Releases Wiki Activity

parser: add a method for profiles to do rule merging

Browse Source 
In preparation for file rules converting to use rule_t add a method
to do rule merging.

Signed-off-by: John Johansen <john.johansen@canonical.com>
This commit is contained in:
John Johansen 2021-10-16 03:00:26 -07:00
parent 8470760e85
commit dad26e6cd2
2 changed files with 43 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

37
parser/profile.cc
View File

@ -18,6 +18,8 @@
#include <stdio.h> #include <stdio.h>
#include <stdlib.h> #include <stdlib.h>
#include <vector>
#include <algorithm>
const char *profile_mode_table[] = { const char *profile_mode_table[] = {
"", "",
@ -119,6 +121,41 @@ Profile::~Profile()
free(net.quiet); free(net.quiet);
} }
static bool comp (rule_t *lhs, rule_t *rhs) { return (*lhs < *rhs); }
bool Profile::merge_rules(void)
{
int count = 0;
for (RuleList::iterator i = rule_ents.begin(); i != rule_ents.end(); ) {
if ((*i)->is_mergeable())
count++;
}
if (count < 2)
return 0;
std::vector<rule_t *> table(count);
int n = 0;
for (RuleList::iterator i = rule_ents.begin(); i != rule_ents.end(); ) {
if ((*i)->is_mergeable())
table[n++] = *i;
}
std::sort(table.begin(), table.end(), comp);
for (int i = 0, j = 1; j < count; j++) {
if (table[i]->cmp(*table[j]) == 0) {
if (!table[i]->merge(*table[j]))
return false;
continue;
}
i = j;
}
return true;
}
int add_entry_to_x_table(Profile *prof, char *name) int add_entry_to_x_table(Profile *prof, char *name)
{ {
int i; int i;

6
parser/profile.h
View File

@ -251,6 +251,12 @@ public:
return strcmp(name, rhs.name) < 0; return strcmp(name, rhs.name) < 0;
} }
/*
* Requires the merged rules have customized methods
* cmp(), is_mergeable() and merge()
*/
virtual bool merge_rules(void);
void dump(void) void dump(void)
{ {
if (ns) if (ns)