[apparmor] [Patch 0/1] userspace dfa/hfa

[John Johansen]

This adds basic userspace dfa/hfa matching, and a couple of utilities.
Currently it is setup so the fns are all private and only used by
a couple of dev tools.

A new dir is added with the dev-tools and the new dev tools serve
as a base showing how to use the fns, and also provide some basic
debug abilities.

the test_re util is a start of testing and validation of the dfa/hfa
in userspace. It has a timing facillity and basic dfa/hfa build and
matching. Eventually it is planned to split this into separate
utils, for generating and testing.

The print_hfa util can do a text dump of a compressed dfa. This can
be used to introspect what is generated for policy and ensure that
it is the same as what the dfa/hfa reports it is building.

It is currently not sufficient to introspect generated policy but it is
possible (with some work) to extract the hfa portion of policy and
run print_hfa on that.


There is further work to do
- add dfa/hfa comparison routines so we can do automated checking
- convertion of chfa back to hfa, to add further automated testing
- var matching
- policy load, and printing to complement hfa printing/dump
- tool to run matches again policy in userspace and report back states
  etc, traversed