[apparmor] [PATCH 02/11] Fix/cleanup the permission reporting for the dfa dumps

Steve Beattie steve at nxnw.org
Wed Mar 7 18:11:30 UTC 2012 

On Wed, Mar 07, 2012 at 06:17:21AM -0800, John Johansen wrote:
> The permission reporting was not reporting the full set of permission
> flags and was inconsistent between the dump routines.
> 
> Report permissions as the quad (allow/deny/audit/quiet) in hex.
> 
> Signed-off-by: John Johansen <john.johansen at canonical.com>

Acked-By: Steve Beattie <sbeattie at ubuntu.com> though some abstraction
here might be nice so that you're not repeating code.

> ---
>  parser/libapparmor_re/aare_rules.cc |    2 +-
>  parser/libapparmor_re/hfa.cc        |   22 ++++++++++++----------
>  2 files changed, 13 insertions(+), 11 deletions(-)
> 
> diff --git a/parser/libapparmor_re/aare_rules.cc b/parser/libapparmor_re/aare_rules.cc
> index 3851115..52aee8f 100644
> --- a/parser/libapparmor_re/aare_rules.cc
> +++ b/parser/libapparmor_re/aare_rules.cc
> @@ -223,7 +223,7 @@ extern "C" int aare_add_rule_vec(aare_ruleset_t *rules, int deny,
>  		tree->dump(cerr);
>  		if (deny)
>  			cerr << " deny";
> -		cerr << " (" << hex << allow <<"/" << audit << dec << ")";
> +		cerr << " (0x" << hex << allow <<"/" << audit << dec << ")";
>  		accept->dump(cerr);
>   		cerr << "\n\n";
>  	}
> diff --git a/parser/libapparmor_re/hfa.cc b/parser/libapparmor_re/hfa.cc
> index b18be08..f6ad385 100644
> --- a/parser/libapparmor_re/hfa.cc
> +++ b/parser/libapparmor_re/hfa.cc
> @@ -633,12 +633,12 @@ void DFA::dump(ostream & os)
>  		if (*i == start || !(*i)->perms.is_null()) {
>  			os << **i;
>  			if (*i == start)
> -				os << " <==";
> -			if ((*i)->perms.allow) {
> -				os << " (0x" << hex << (*i)->perms.allow << " "
> -				   << (*i)->perms.deny << " "
> -				   << (*i)->perms.audit << " "
> -				   << (*i)->perms.audit << dec << ')';
> +				os << " <== (allow/deny/audit/quiet)";
> +			if (!(*i)->perms.is_null()) {
> +				os << " (0x " << hex << (*i)->perms.allow << "/"
> +				   << (*i)->perms.deny << "/"
> +				   << (*i)->perms.audit << "/"
> +				   << (*i)->perms.quiet << ')';
>  			}
>  			os << "\n";
>  		}
> @@ -672,10 +672,12 @@ void DFA::dump_dot_graph(ostream & os)
>  		if (*i == start) {
>  			os << "\t\tstyle=bold" << "\n";
>  		}
> -		uint32_t perms = (*i)->perms.allow;
> -		if (perms) {
> -			os << "\t\tlabel=\"" << **i << "\\n("
> -			   << perms << ")\"" << "\n";
> +		if (!(*i)->perms.is_null()) {
> +			os << "\t\tlabel=\"" << **i << "\\n(0x " << hex
> +			   << (*i)->perms.allow << "/"
> +			   << (*i)->perms.deny << "/"
> +			   << (*i)->perms.audit << "/"
> +			   << (*i)->perms.quiet << ")\"\n";
>  		}
>  		os << "\t]" << "\n";
>  	}
> -- 
> 1.7.9
> 
> 
> -- 
> AppArmor mailing list
> AppArmor at lists.ubuntu.com
> Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor

-- 
Steve Beattie
<sbeattie at ubuntu.com>
http://NxNW.org/~steve/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20120307/b56fa7b7/attachment.pgp>

More information about the AppArmor mailing list