[apparmor] [PATCH 5/9] Move state label, nodes, and permission setting into the State constructor
John Johansen
john.johansen at canonical.com
Wed Nov 10 22:02:26 GMT 2010
Signed-off-by: John Johansen <john.johansen at canonical.com>
---
parser/libapparmor_re/regexp.y | 46 ++++++++++++++++++++-------------------
1 files changed, 24 insertions(+), 22 deletions(-)
diff --git a/parser/libapparmor_re/regexp.y b/parser/libapparmor_re/regexp.y
index dc66236..ef04272 100644
--- a/parser/libapparmor_re/regexp.y
+++ b/parser/libapparmor_re/regexp.y
@@ -1393,6 +1393,9 @@ typedef struct Cases {
} Cases;
typedef list<State *> Partition;
+
+uint32_t accept_perms(NodeSet *state, uint32_t *audit_ctl, int *error);
+
/*
* State - DFA individual state information
* audit: the audit permission mask for the state
@@ -1401,7 +1404,22 @@ typedef list<State *> Partition;
*/
class State {
public:
-State() : label (0), audit(0), accept(0), cases() { }
+ State() : label (0), nodes(NULL), audit(0), accept(0), cases() { };
+ State(int l): label (l), nodes(NULL), audit(0), accept(0), cases() { };
+ State(int l, NodeSet *n):
+ label(l), nodes(n), audit(0), accept(0), cases()
+ {
+ int error;
+
+ /* Compute permissions associated with the State. */
+ accept = accept_perms(nodes, &audit, &error);
+ if (error) {
+ /* TODO!!!!!!!!!!!!!
+ * permission error checking here
+ */
+ }
+ };
+
int label;
union {
Partition *partition;
@@ -1442,8 +1460,6 @@ public:
Partition states;
};
-uint32_t accept_perms(NodeSet *state, uint32_t *audit_ctl, int *error);
-
typedef struct dfa_stats {
unsigned int duplicates, proto_max, proto_sum;
} dfa_stats_t;
@@ -1459,9 +1475,7 @@ do { \
/* set of nodes isn't known so create new state, and nodes to \
* state mapping \
*/ \
- TARGET = new State(); \
- (TARGET)->label = nodemap.size(); \
- (TARGET)->nodes = (NODES); \
+ TARGET = new State(nodemap.size(), (NODES)); \
states.push_back(TARGET); \
nodemap.insert(make_pair(index, TARGET)); \
work_queue.push_back(NODES); \
@@ -1512,18 +1526,15 @@ DFA::DFA(Node *root, dfaflags_t flags) : root(root)
}
NodeMap nodemap;
- nonmatching = new State;
- states.push_back(nonmatching);
NodeSet *emptynode = new NodeSet;
- nonmatching->nodes = emptynode;
+ nonmatching = new State(0, emptynode);
+ states.push_back(nonmatching);
nodemap.insert(make_pair(make_pair(hash_NodeSet(emptynode), emptynode), nonmatching));
/* there is no nodemapping for the nonmatching state */
- start = new State;
- start->label = 1;
- states.push_back(start);
NodeSet *first = new NodeSet(root->firstpos);
- start->nodes = first;
+ start = new State(1, first);
+ states.push_back(start);
nodemap.insert(make_pair(make_pair(hash_NodeSet(first), first), start));
/* the work_queue contains the proto-states (set of nodes that is
@@ -1542,19 +1553,10 @@ DFA::DFA(Node *root, dfaflags_t flags) : root(root)
fprintf(stderr, "\033[2KCreating dfa: queue %ld\tstates %ld\teliminated duplicates %d\r", work_queue.size(), states.size(), stats.duplicates);
i++;
- int error;
NodeSet *nodes = work_queue.front();
work_queue.pop_front();
State *from = nodemap[make_pair(hash_NodeSet(nodes), nodes)];
- /* Compute permissions associated with the State. */
- from->accept = accept_perms(nodes, &from->audit, &error);
- if (error) {
- /* TODO!!!!!!!!!!!!!
- * permission error checking here
- */
- }
-
/* Compute possible transitions for `nodes`. This is done by
* iterating over all the nodes in nodes and combining the
* transitions.
--
1.7.1
More information about the AppArmor
mailing list