[apparmor] [PATCH 1/6] Factor all the permissions dump code into a single perms method

Steve Beattie steve at nxnw.org
Wed Mar 21 20:16:17 UTC 2012


On Wed, Mar 21, 2012 at 06:02:20AM -0700, John Johansen wrote:
> Also make sure the perms method properly switches to hex and back to dec
> as some of the previous perm dump code did not.
> 
> Signed-off-by: John Johansen <john.johansen at canonical.com>

Nice, Acked-By: Steve Beattie <sbeattie at ubuntu.com>

> ---
>  parser/libapparmor_re/hfa.cc |   44 ++++++++++++++++++-----------------------
>  parser/libapparmor_re/hfa.h  |    7 ++++++
>  2 files changed, 26 insertions(+), 25 deletions(-)
> 
> diff --git a/parser/libapparmor_re/hfa.cc b/parser/libapparmor_re/hfa.cc
> index 2c09eff..d043e75 100644
> --- a/parser/libapparmor_re/hfa.cc
> +++ b/parser/libapparmor_re/hfa.cc
> @@ -340,14 +340,8 @@ void DFA::remove_unreachable(dfaflags_t flags)
>  					cerr << "unreachable: " << **i;
>  					if (*i == start)
>  						cerr << " <==";
> -					if (!(*i)->perms.is_null()) {
> -						cerr << " (0x" << hex 
> -						     << (*i)->perms.allow << " " 
> -						     << (*i)->perms.deny << " "
> -						     << (*i)->perms.audit << " "
> -						     << (*i)->perms.quiet << dec
> -						     << ')';
> -					}
> +					if (!(*i)->perms.is_null())
> +						(*i)->perms.dump(cerr);
>  					cerr << "\n";
>  				}
>  				State *current = *i;
> @@ -632,12 +626,8 @@ void DFA::dump(ostream & os)
>  			os << **i;
>  			if (*i == start)
>  				os << " <== (allow/deny/audit/quiet)";
> -			if (!(*i)->perms.is_null()) {
> -				os << " (0x " << hex << (*i)->perms.allow << "/"
> -				   << (*i)->perms.deny << "/"
> -				   << (*i)->perms.audit << "/"
> -				   << (*i)->perms.quiet << ')';
> -			}
> +			if (!(*i)->perms.is_null())
> +				(*i)->perms.dump(os);
>  			os << "\n";
>  		}
>  	}
> @@ -651,16 +641,22 @@ void DFA::dump(ostream & os)
>  			if (j->second == nonmatching) {
>  				excluded.insert(j->first);
>  			} else {
> -				os << **i << " -> " << *(j)->second << ": 0x"
> +				os << **i;
> +				if (!(*i)->perms.is_null())
> +					os << " ", (*i)->perms.dump(os);
> +				os << " -> " << *(j)->second << ": 0x"
>  				   << hex << (int) j->first;
>  				if (isprint(j->first))
>  					os << " " << j->first;
> -				os << "\n";
> +				os << dec << "\n";
>  			}
>  		}
>  
>  		if ((*i)->otherwise != nonmatching) {
> -			os << **i << " -> " << *(*i)->otherwise << ": [";
> +			os << **i;
> +			if (!(*i)->perms.is_null())
> +				os << " ", (*i)->perms.dump(os);
> +			os << " -> " << *(*i)->otherwise << ": [";
>  			if (!excluded.empty()) {
>  				os << "^";
>  				for (Chars::iterator k = excluded.begin();
> @@ -668,7 +664,7 @@ void DFA::dump(ostream & os)
>  					if (isprint(*k))
>  						os << *k;
>  					else
> -						os << "\\0x" << hex << (int) *k;
> +						os << "\\0x" << hex << (int) *k << dec;
>  				}
>  			}
>  			os << "]\n";
> @@ -693,11 +689,9 @@ void DFA::dump_dot_graph(ostream & os)
>  			os << "\t\tstyle=bold" << "\n";
>  		}
>  		if (!(*i)->perms.is_null()) {
> -			os << "\t\tlabel=\"" << **i << "\\n(0x " << hex
> -			   << (*i)->perms.allow << "/"
> -			   << (*i)->perms.deny << "/"
> -			   << (*i)->perms.audit << "/"
> -			   << (*i)->perms.quiet << ")\"\n";
> +			os << "\t\tlabel=\"" << **i << "\\n";
> +			(*i)->perms.dump(os);
> +			os << "\"\n";
>  		}
>  		os << "\t]" << "\n";
>  	}
> @@ -714,7 +708,7 @@ void DFA::dump_dot_graph(ostream & os)
>  				if (isprint(j->first))
>  					os << j->first;
>  				else
> -					os << "\\0xhex" << (int) j->first;
> +					os << "\\0x" << hex << (int) j->first << dec;
>  
>  				os << "\"\n\t]" << "\n";
>  			}
> @@ -729,7 +723,7 @@ void DFA::dump_dot_graph(ostream & os)
>  					if (isprint(*i))
>  						os << *i;
>  					else
> -						os << "\\0x" << hex << (int) *i;
> +						os << "\\0x" << hex << (int) *i << dec;
>  				}
>  				os << "]\"" << "\n";
>  			}
> diff --git a/parser/libapparmor_re/hfa.h b/parser/libapparmor_re/hfa.h
> index 5364a6c..923c918 100644
> --- a/parser/libapparmor_re/hfa.h
> +++ b/parser/libapparmor_re/hfa.h
> @@ -45,6 +45,13 @@ public:
>  
>  	bool is_null(void) { return !(allow | deny | audit | quiet); }
>  
> +	void dump(ostream &os)
> +	{
> +		os << " (0x " << hex
> +		   << allow << "/" << deny << "/" << audit << "/" << quiet
> +		   << ')' << dec;
> +	}
> +
>  	void clear(void) { allow = deny = audit = quiet = 0; }
>  	void add(perms_t &rhs)
>  	{
> -- 
> 1.7.9.1
> 
> 
> -- 
> AppArmor mailing list
> AppArmor at lists.ubuntu.com
> Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor

-- 
Steve Beattie
<sbeattie at ubuntu.com>
http://NxNW.org/~steve/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20120321/55edd2b7/attachment.pgp>


More information about the AppArmor mailing list