[apparmor] [PATCH 16/31] parser: Move match file handling to separate file

Tyler Hicks tyhicks at canonical.com
Sat Dec 6 00:22:15 UTC 2014 

In addition, define MATCH_STRING_SIZE macro instead of using a magic
number.

Signed-off-by: Tyler Hicks <tyhicks at canonical.com>
---
 parser/Makefile      | 10 +++++++---
 parser/features.c    | 19 -------------------
 parser/features.h    |  1 -
 parser/match.c       | 46 ++++++++++++++++++++++++++++++++++++++++++++++
 parser/match.h       | 26 ++++++++++++++++++++++++++
 parser/parser_main.c |  1 +
 6 files changed, 80 insertions(+), 23 deletions(-)
 create mode 100644 parser/match.c
 create mode 100644 parser/match.h

diff --git a/parser/Makefile b/parser/Makefile
index c50398f..7f2a532 100644
--- a/parser/Makefile
+++ b/parser/Makefile
@@ -81,10 +81,11 @@ SRCS = parser_common.c parser_include.c parser_interface.c parser_lex.c \
        parser_yacc.c parser_regex.c parser_variable.c parser_policy.c \
        parser_alias.c common_optarg.c lib.c network.c \
        mount.cc dbus.cc profile.cc rule.cc signal.cc ptrace.cc \
-       af_rule.cc af_unix.cc features.c policy_cache.c kernel_interface.c
+       af_rule.cc af_unix.cc features.c policy_cache.c kernel_interface.c \
+       match.c
 HDRS = parser.h parser_include.h immunix.h mount.h dbus.h lib.h profile.h \
        rule.h common_optarg.h signal.h ptrace.h network.h af_rule.h af_unix.h \
-       features.h policy_cache.h kernel_interface.h
+       features.h policy_cache.h kernel_interface.h match.h
 TOOLS = apparmor_parser
 
 OBJECTS = $(patsubst %.cc, %.o, $(SRCS:.c=.o))
@@ -243,7 +244,10 @@ mount.o: mount.cc mount.h parser.h immunix.h rule.h
 common_optarg.o: common_optarg.c common_optarg.h parser.h libapparmor_re/apparmor_re.h
 	$(CXX) $(EXTRA_CFLAGS) -c -o $@ $<
 
-features.o: features.c features.h parser.h libapparmor_re/apparmor_re.h
+features.o: features.c features.h parser.h match.h libapparmor_re/apparmor_re.h
+	$(CXX) $(EXTRA_CFLAGS) -c -o $@ $<
+
+match.o: match.c match.h parser.h
 	$(CXX) $(EXTRA_CFLAGS) -c -o $@ $<
 
 policy_cache.o: policy_cache.c policy_cache.h parser.h features.h
diff --git a/parser/features.c b/parser/features.c
index d195e2b..1adeba9 100644
--- a/parser/features.c
+++ b/parser/features.c
@@ -166,22 +166,3 @@ int load_features(const char *name)
 
 	return 0;
 }
-
-void set_features_by_match_file(void)
-{
-	autofclose FILE *ms = fopen(MATCH_FILE, "r");
-	if (ms) {
-		autofree char *match_string = (char *) malloc(1000);
-		if (!match_string)
-			goto no_match;
-		if (!fgets(match_string, 1000, ms))
-			goto no_match;
-		if (strstr(match_string, " perms=c"))
-			perms_create = 1;
-		kernel_supports_network = 1;
-		return;
-	}
-
-no_match:
-	perms_create = 1;
-}
diff --git a/parser/features.h b/parser/features.h
index f0d9adc..aaa4229 100644
--- a/parser/features.h
+++ b/parser/features.h
@@ -21,7 +21,6 @@
 
 #include "parser.h"
 
-#define MATCH_FILE "/sys/kernel/security/" MODULE_NAME "/matching"
 #define FEATURES_FILE "/sys/kernel/security/" MODULE_NAME "/features"
 
 extern char *features_string;
diff --git a/parser/match.c b/parser/match.c
new file mode 100644
index 0000000..770d548
--- /dev/null
+++ b/parser/match.c
@@ -0,0 +1,46 @@
+/*
+ *   Copyright (c) 2014
+ *   Canonical, Ltd. (All rights reserved)
+ *
+ *   This program is free software; you can redistribute it and/or
+ *   modify it under the terms of version 2 of the GNU General Public
+ *   License published by the Free Software Foundation.
+ *
+ *   This program is distributed in the hope that it will be useful,
+ *   but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *   GNU General Public License for more details.
+ *
+ *   You should have received a copy of the GNU General Public License
+ *   along with this program; if not, contact Novell, Inc. or Canonical
+ *   Ltd.
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+
+#include "match.h"
+#include "lib.h"
+#include "parser.h"
+
+#define MATCH_STRING_SIZE 1000
+
+void set_features_by_match_file(void)
+{
+	autofclose FILE *ms = fopen(MATCH_FILE, "r");
+	if (ms) {
+		autofree char *match_string = (char *) malloc(MATCH_STRING_SIZE);
+		if (!match_string)
+			goto no_match;
+		if (!fgets(match_string, MATCH_STRING_SIZE, ms))
+			goto no_match;
+		if (strstr(match_string, " perms=c"))
+			perms_create = 1;
+		kernel_supports_network = 1;
+		return;
+	}
+
+no_match:
+	perms_create = 1;
+}
diff --git a/parser/match.h b/parser/match.h
new file mode 100644
index 0000000..deb7c00
--- /dev/null
+++ b/parser/match.h
@@ -0,0 +1,26 @@
+/*
+ *   Copyright (c) 2014
+ *   Canonical, Ltd. (All rights reserved)
+ *
+ *   This program is free software; you can redistribute it and/or
+ *   modify it under the terms of version 2 of the GNU General Public
+ *   License published by the Free Software Foundation.
+ *
+ *   This program is distributed in the hope that it will be useful,
+ *   but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *   GNU General Public License for more details.
+ *
+ *   You should have received a copy of the GNU General Public License
+ *   along with this program; if not, contact Novell, Inc. or Canonical
+ *   Ltd.
+ */
+
+#ifndef __AA_MATCH_H
+#define __AA_MATCH_H
+
+#define MATCH_FILE "/sys/kernel/security/" MODULE_NAME "/matching"
+
+void set_features_by_match_file(void);
+
+#endif /* __AA_MATCH_H */
diff --git a/parser/parser_main.c b/parser/parser_main.c
index 4af54a5..2888a1a 100644
--- a/parser/parser_main.c
+++ b/parser/parser_main.c
@@ -41,6 +41,7 @@
 
 #include "lib.h"
 #include "features.h"
+#include "match.h"
 #include "kernel_interface.h"
 #include "parser.h"
 #include "parser_version.h"
-- 
2.1.0

More information about the AppArmor mailing list