[apparmor] [PATCH 02/11] Fix/cleanup the permission reporting for the dfa dumps
John Johansen
john.johansen at canonical.com
Wed Mar 7 14:17:21 UTC 2012
The permission reporting was not reporting the full set of permission
flags and was inconsistent between the dump routines.
Report permissions as the quad (allow/deny/audit/quiet) in hex.
Signed-off-by: John Johansen <john.johansen at canonical.com>
---
parser/libapparmor_re/aare_rules.cc | 2 +-
parser/libapparmor_re/hfa.cc | 22 ++++++++++++----------
2 files changed, 13 insertions(+), 11 deletions(-)
diff --git a/parser/libapparmor_re/aare_rules.cc b/parser/libapparmor_re/aare_rules.cc
index 3851115..52aee8f 100644
--- a/parser/libapparmor_re/aare_rules.cc
+++ b/parser/libapparmor_re/aare_rules.cc
@@ -223,7 +223,7 @@ extern "C" int aare_add_rule_vec(aare_ruleset_t *rules, int deny,
tree->dump(cerr);
if (deny)
cerr << " deny";
- cerr << " (" << hex << allow <<"/" << audit << dec << ")";
+ cerr << " (0x" << hex << allow <<"/" << audit << dec << ")";
accept->dump(cerr);
cerr << "\n\n";
}
diff --git a/parser/libapparmor_re/hfa.cc b/parser/libapparmor_re/hfa.cc
index b18be08..f6ad385 100644
--- a/parser/libapparmor_re/hfa.cc
+++ b/parser/libapparmor_re/hfa.cc
@@ -633,12 +633,12 @@ void DFA::dump(ostream & os)
if (*i == start || !(*i)->perms.is_null()) {
os << **i;
if (*i == start)
- os << " <==";
- if ((*i)->perms.allow) {
- os << " (0x" << hex << (*i)->perms.allow << " "
- << (*i)->perms.deny << " "
- << (*i)->perms.audit << " "
- << (*i)->perms.audit << dec << ')';
+ os << " <== (allow/deny/audit/quiet)";
+ if (!(*i)->perms.is_null()) {
+ os << " (0x " << hex << (*i)->perms.allow << "/"
+ << (*i)->perms.deny << "/"
+ << (*i)->perms.audit << "/"
+ << (*i)->perms.quiet << ')';
}
os << "\n";
}
@@ -672,10 +672,12 @@ void DFA::dump_dot_graph(ostream & os)
if (*i == start) {
os << "\t\tstyle=bold" << "\n";
}
- uint32_t perms = (*i)->perms.allow;
- if (perms) {
- os << "\t\tlabel=\"" << **i << "\\n("
- << perms << ")\"" << "\n";
+ if (!(*i)->perms.is_null()) {
+ os << "\t\tlabel=\"" << **i << "\\n(0x " << hex
+ << (*i)->perms.allow << "/"
+ << (*i)->perms.deny << "/"
+ << (*i)->perms.audit << "/"
+ << (*i)->perms.quiet << ")\"\n";
}
os << "\t]" << "\n";
}
--
1.7.9
More information about the AppArmor
mailing list