2022-11-17 05:05:35 +08:00
|
|
|
/*
|
|
|
|
|
**********************************************************************************************
|
|
|
|
|
* File: maat_api.cpp
|
|
|
|
|
* Description: maat api entry
|
|
|
|
|
* Authors: Liu WenTan <liuwentan@geedgenetworks.com>
|
|
|
|
|
* Date: 2022-10-31
|
|
|
|
|
* Copyright: (c) 2018-2022 Geedge Networks, Inc. All rights reserved.
|
|
|
|
|
***********************************************************************************************
|
|
|
|
|
*/
|
|
|
|
|
|
2022-10-27 17:58:52 +08:00
|
|
|
#include <stdio.h>
|
2022-11-25 16:32:29 +08:00
|
|
|
#include <string.h>
|
2022-12-09 17:12:18 +08:00
|
|
|
#include <assert.h>
|
2022-10-27 17:58:52 +08:00
|
|
|
|
2022-12-09 17:12:18 +08:00
|
|
|
#include "maat_utils.h"
|
2022-12-03 22:23:41 +08:00
|
|
|
#include "json2iris.h"
|
2023-02-15 11:53:46 +08:00
|
|
|
#include "maat.h"
|
2022-11-17 05:05:35 +08:00
|
|
|
#include "maat_rule.h"
|
|
|
|
|
#include "maat_common.h"
|
2022-11-25 16:32:29 +08:00
|
|
|
#include "maat_kv.h"
|
2022-12-03 22:23:41 +08:00
|
|
|
#include "maat_command.h"
|
2022-12-09 17:12:18 +08:00
|
|
|
#include "maat_ex_data.h"
|
2023-01-30 21:59:35 +08:00
|
|
|
#include "maat_table.h"
|
2022-11-25 16:32:29 +08:00
|
|
|
#include "maat_config_monitor.h"
|
2022-12-03 22:23:41 +08:00
|
|
|
#include "maat_redis_monitor.h"
|
2023-01-30 21:59:35 +08:00
|
|
|
#include "maat_compile.h"
|
2022-12-14 15:28:21 +08:00
|
|
|
#include "alignment.h"
|
2023-01-31 20:39:53 +08:00
|
|
|
#include "maat_garbage_collection.h"
|
|
|
|
|
#include "maat_group.h"
|
|
|
|
|
#include "maat_expr.h"
|
2023-02-07 11:25:31 +08:00
|
|
|
#include "maat_flag.h"
|
2023-02-15 11:53:46 +08:00
|
|
|
#include "maat_interval.h"
|
2023-01-31 20:39:53 +08:00
|
|
|
#include "maat_ip.h"
|
2023-01-30 21:59:35 +08:00
|
|
|
#include "maat_plugin.h"
|
|
|
|
|
#include "maat_ip_plugin.h"
|
2023-02-06 08:14:25 +08:00
|
|
|
#include "maat_virtual.h"
|
2022-11-17 05:05:35 +08:00
|
|
|
|
2022-12-09 17:12:18 +08:00
|
|
|
#define MODULE_MAAT_API module_name_str("maat.api")
|
|
|
|
|
|
2023-02-03 17:28:14 +08:00
|
|
|
enum district_set_flag {
|
|
|
|
|
DISTRICT_FLAG_UNSET,
|
|
|
|
|
DISTRICT_FLAG_SET
|
|
|
|
|
};
|
2023-01-06 18:54:59 +08:00
|
|
|
|
2023-02-15 11:53:46 +08:00
|
|
|
struct maat_stream {
|
|
|
|
|
struct maat *maat_instance;
|
|
|
|
|
struct maat_runtime *ref_maat_rt;
|
|
|
|
|
int vtable_id;
|
|
|
|
|
};
|
|
|
|
|
|
2023-02-06 08:14:25 +08:00
|
|
|
enum scan_type maat_table_get_scan_type(enum table_type table_type)
|
|
|
|
|
{
|
|
|
|
|
enum scan_type ret = SCAN_TYPE_INVALID;
|
|
|
|
|
|
|
|
|
|
switch (table_type) {
|
|
|
|
|
case TABLE_TYPE_FLAG:
|
|
|
|
|
ret = SCAN_TYPE_FLAG;
|
|
|
|
|
break;
|
|
|
|
|
case TABLE_TYPE_EXPR:
|
|
|
|
|
case TABLE_TYPE_EXPR_PLUS:
|
|
|
|
|
ret = SCAN_TYPE_STRING;
|
|
|
|
|
break;
|
|
|
|
|
case TABLE_TYPE_INTERVAL:
|
|
|
|
|
case TABLE_TYPE_INTERVAL_PLUS:
|
|
|
|
|
ret = SCAN_TYPE_INTERVAL;
|
|
|
|
|
break;
|
|
|
|
|
case TABLE_TYPE_IP_PLUS:
|
|
|
|
|
ret = SCAN_TYPE_IP;
|
|
|
|
|
break;
|
|
|
|
|
case TABLE_TYPE_PLUGIN:
|
|
|
|
|
ret = SCAN_TYPE_PLUGIN;
|
|
|
|
|
break;
|
|
|
|
|
case TABLE_TYPE_IP_PLUGIN:
|
|
|
|
|
ret = SCAN_TYPE_IP;
|
|
|
|
|
break;
|
|
|
|
|
case TABLE_TYPE_FQDN_PLUGIN:
|
|
|
|
|
ret = SCAN_TYPE_FQDN_PLUGIN;
|
|
|
|
|
break;
|
|
|
|
|
case TABLE_TYPE_BOOL_PLUGIN:
|
|
|
|
|
ret = SCAN_TYPE_BOOL_PLUGIN;
|
|
|
|
|
break;
|
|
|
|
|
case TABLE_TYPE_COMPILE:
|
|
|
|
|
ret = SCAN_TYPE_NONE;
|
|
|
|
|
break;
|
|
|
|
|
default:
|
|
|
|
|
break;
|
|
|
|
|
}
|
2023-02-07 11:25:31 +08:00
|
|
|
|
2023-02-06 08:14:25 +08:00
|
|
|
return ret;
|
|
|
|
|
}
|
|
|
|
|
|
2022-11-17 05:05:35 +08:00
|
|
|
struct maat_options* maat_options_new(void)
|
|
|
|
|
{
|
|
|
|
|
struct maat_options *options = ALLOC(struct maat_options, 1);
|
|
|
|
|
|
|
|
|
|
options->nr_worker_threads = 1;
|
2022-11-25 16:32:29 +08:00
|
|
|
options->deferred_load_on = 0;
|
|
|
|
|
options->rule_effect_interval_ms = 60 * 1000;
|
|
|
|
|
options->rule_update_checking_interval_ms = 1 * 1000;
|
|
|
|
|
options->gc_timeout_ms = 10 * 1000;
|
|
|
|
|
options->input_mode = DATA_SOURCE_NONE;
|
2022-12-09 17:12:18 +08:00
|
|
|
options->log_level = 0;
|
2022-11-17 05:05:35 +08:00
|
|
|
|
|
|
|
|
return options;
|
|
|
|
|
}
|
|
|
|
|
|
2023-01-30 21:59:35 +08:00
|
|
|
void maat_options_free(struct maat_options *opts)
|
|
|
|
|
{
|
|
|
|
|
if (NULL == opts) {
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (opts->accept_tags != NULL) {
|
|
|
|
|
FREE(opts->accept_tags);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
FREE(opts);
|
|
|
|
|
}
|
|
|
|
|
|
2023-01-06 18:54:59 +08:00
|
|
|
int maat_options_set_caller_thread_number(struct maat_options *opts, size_t n_thread)
|
2022-11-17 05:05:35 +08:00
|
|
|
{
|
2023-01-06 18:54:59 +08:00
|
|
|
opts->nr_worker_threads = n_thread;
|
2022-11-17 05:05:35 +08:00
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2023-01-30 21:59:35 +08:00
|
|
|
int maat_options_set_accept_tags(struct maat_options *opts, const char *accept_tags)
|
|
|
|
|
{
|
|
|
|
|
opts->accept_tags = maat_strdup(accept_tags);
|
|
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2022-11-25 16:32:29 +08:00
|
|
|
int maat_options_set_rule_effect_interval_ms(struct maat_options *opts, int interval_ms)
|
|
|
|
|
{
|
|
|
|
|
opts->rule_effect_interval_ms = interval_ms;
|
|
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
int maat_options_set_rule_update_checking_interval_ms(struct maat_options *opts, int interval_ms)
|
|
|
|
|
{
|
|
|
|
|
opts->rule_update_checking_interval_ms = interval_ms;
|
|
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
int maat_options_set_gc_timeout_ms(struct maat_options *opts, int interval_ms)
|
|
|
|
|
{
|
|
|
|
|
opts->gc_timeout_ms = interval_ms;
|
|
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2023-02-03 17:28:14 +08:00
|
|
|
int maat_options_set_instance_name(struct maat_options *opts, const char *instance_name,
|
|
|
|
|
size_t name_len)
|
2022-12-09 17:12:18 +08:00
|
|
|
{
|
|
|
|
|
memcpy(opts->instance_name, instance_name, name_len);
|
|
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2022-11-25 16:32:29 +08:00
|
|
|
int maat_options_set_deferred_load_on(struct maat_options *opts)
|
|
|
|
|
{
|
|
|
|
|
opts->deferred_load_on = 1;
|
2022-12-03 22:23:41 +08:00
|
|
|
|
2022-11-25 16:32:29 +08:00
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2023-02-03 17:28:14 +08:00
|
|
|
int maat_options_set_iris(struct maat_options *opts, const char *full_directory,
|
|
|
|
|
const char *increment_directory)
|
2022-11-25 16:32:29 +08:00
|
|
|
{
|
2023-01-06 18:54:59 +08:00
|
|
|
if (strlen(full_directory) >= NAME_MAX || strlen(increment_directory) >= NAME_MAX) {
|
2022-11-25 16:32:29 +08:00
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
|
2023-01-06 18:54:59 +08:00
|
|
|
memcpy(opts->iris_ctx.full_idx_dir, full_directory, strlen(full_directory));
|
|
|
|
|
memcpy(opts->iris_ctx.inc_idx_dir, increment_directory, strlen(increment_directory));
|
2022-11-25 16:32:29 +08:00
|
|
|
opts->input_mode = DATA_SOURCE_IRIS_FILE;
|
2022-12-03 22:23:41 +08:00
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
int maat_options_set_json_file(struct maat_options *opts, const char *json_filename)
|
|
|
|
|
{
|
|
|
|
|
strncpy(opts->json_ctx.json_file, json_filename, sizeof(opts->json_ctx.json_file));
|
|
|
|
|
opts->input_mode = DATA_SOURCE_JSON_FILE;
|
|
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2023-02-03 17:28:14 +08:00
|
|
|
int maat_options_set_redis(struct maat_options *opts, const char *redis_ip,
|
|
|
|
|
uint16_t redis_port, int redis_db)
|
2022-12-03 22:23:41 +08:00
|
|
|
{
|
|
|
|
|
memcpy(opts->redis_ctx.redis_ip, redis_ip, strlen(redis_ip));
|
|
|
|
|
opts->redis_ctx.redis_port = redis_port;
|
2023-01-06 18:54:59 +08:00
|
|
|
opts->redis_ctx.redis_db = redis_db;
|
|
|
|
|
opts->input_mode = DATA_SOURCE_REDIS;
|
2022-12-03 22:23:41 +08:00
|
|
|
|
2022-11-25 16:32:29 +08:00
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2022-12-09 17:12:18 +08:00
|
|
|
int maat_options_set_logger(struct maat_options *opts, void *logger)
|
|
|
|
|
{
|
|
|
|
|
opts->logger = (struct log_handle *)logger;
|
|
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2022-11-25 16:32:29 +08:00
|
|
|
void maat_read_full_config(struct maat *maat_instance)
|
|
|
|
|
{
|
2022-12-03 22:23:41 +08:00
|
|
|
int ret = -1;
|
|
|
|
|
char err_str[NAME_MAX] = {0};
|
|
|
|
|
struct source_redis_ctx *mr_ctx = NULL;
|
|
|
|
|
|
2022-11-25 16:32:29 +08:00
|
|
|
switch (maat_instance->input_mode) {
|
2022-12-03 22:23:41 +08:00
|
|
|
case DATA_SOURCE_REDIS:
|
|
|
|
|
mr_ctx = &(maat_instance->mr_ctx);
|
2023-02-03 17:28:14 +08:00
|
|
|
log_info(maat_instance->logger, MODULE_MAAT_API,
|
|
|
|
|
"Maat initiate from Redis %s:%hu db%d",
|
2022-12-09 17:12:18 +08:00
|
|
|
mr_ctx->redis_ip, mr_ctx->redis_port, mr_ctx->redis_db);
|
2023-02-03 17:28:14 +08:00
|
|
|
mr_ctx->read_ctx = maat_cmd_connect_redis(mr_ctx->redis_ip,
|
|
|
|
|
mr_ctx->redis_port,
|
|
|
|
|
mr_ctx->redis_db,
|
|
|
|
|
maat_instance->logger);
|
2022-12-03 22:23:41 +08:00
|
|
|
if (mr_ctx->read_ctx != NULL) {
|
|
|
|
|
redis_monitor_traverse(maat_instance->maat_version, mr_ctx,
|
|
|
|
|
maat_start_cb, maat_update_cb, maat_finish_cb,
|
|
|
|
|
maat_instance);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (NULL == maat_instance->creating_maat_rt) {
|
2022-12-09 17:12:18 +08:00
|
|
|
log_error(maat_instance->logger, MODULE_MAAT_API,
|
|
|
|
|
"At initiation: NO effective rule in redis %s:%hu db%d",
|
|
|
|
|
mr_ctx->redis_ip, mr_ctx->redis_port, mr_ctx->redis_db);
|
2022-12-03 22:23:41 +08:00
|
|
|
}
|
|
|
|
|
break;
|
2022-11-25 16:32:29 +08:00
|
|
|
case DATA_SOURCE_IRIS_FILE:
|
|
|
|
|
config_monitor_traverse(maat_instance->maat_version,
|
2022-12-05 23:21:18 +08:00
|
|
|
maat_instance->iris_ctx.full_idx_dir,
|
2022-12-03 22:23:41 +08:00
|
|
|
maat_start_cb, maat_update_cb, maat_finish_cb,
|
2022-12-09 17:12:18 +08:00
|
|
|
maat_instance, maat_instance->logger);
|
2022-11-25 16:32:29 +08:00
|
|
|
if (NULL == maat_instance->creating_maat_rt) {
|
2022-12-09 17:12:18 +08:00
|
|
|
log_error(maat_instance->logger, MODULE_MAAT_API,
|
|
|
|
|
"At initiation: NO effective rule in %s",
|
|
|
|
|
maat_instance->iris_ctx.full_idx_dir);
|
2022-11-25 16:32:29 +08:00
|
|
|
}
|
|
|
|
|
break;
|
2022-12-03 22:23:41 +08:00
|
|
|
case DATA_SOURCE_JSON_FILE:
|
2023-02-03 17:28:14 +08:00
|
|
|
ret = load_maat_json_file(maat_instance, maat_instance->json_ctx.json_file,
|
|
|
|
|
err_str, sizeof(err_str));
|
2022-12-03 22:23:41 +08:00
|
|
|
if (ret < 0) {
|
2023-02-03 17:28:14 +08:00
|
|
|
log_error(maat_instance->logger, MODULE_MAAT_API,
|
|
|
|
|
"Maat re-initiate with JSON file %s failed: %s",
|
2022-12-09 17:12:18 +08:00
|
|
|
maat_instance->json_ctx.json_file, err_str);
|
2022-12-03 22:23:41 +08:00
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
config_monitor_traverse(maat_instance->maat_version,
|
|
|
|
|
maat_instance->json_ctx.iris_file,
|
|
|
|
|
maat_start_cb, maat_update_cb, maat_finish_cb,
|
2022-12-09 17:12:18 +08:00
|
|
|
maat_instance, maat_instance->logger);
|
2022-12-03 22:23:41 +08:00
|
|
|
if (NULL == maat_instance->creating_maat_rt) {
|
2023-02-03 17:28:14 +08:00
|
|
|
log_error(maat_instance->logger, MODULE_MAAT_API,
|
|
|
|
|
"At initiation: NO effective rule in %s",
|
2022-12-09 17:12:18 +08:00
|
|
|
maat_instance->json_ctx.iris_file);
|
2022-12-03 22:23:41 +08:00
|
|
|
}
|
|
|
|
|
break;
|
2022-11-25 16:32:29 +08:00
|
|
|
default:
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
maat_instance->maat_rt = maat_instance->creating_maat_rt;
|
|
|
|
|
maat_instance->creating_maat_rt = NULL;
|
|
|
|
|
maat_instance->is_running = 1;
|
|
|
|
|
if (maat_instance->maat_rt != NULL) {
|
|
|
|
|
maat_instance->maat_version = maat_instance->maat_rt->version;
|
|
|
|
|
maat_instance->last_full_version = maat_instance->maat_rt->version;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
struct maat *maat_new(struct maat_options *opts, const char *table_info_path)
|
2022-11-17 05:05:35 +08:00
|
|
|
{
|
|
|
|
|
if (NULL == table_info_path) {
|
|
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
|
2022-11-25 16:32:29 +08:00
|
|
|
int garbage_gc_timeout_s = 0;
|
2022-11-17 05:05:35 +08:00
|
|
|
struct maat *maat_instance = ALLOC(struct maat, 1);
|
|
|
|
|
|
2022-12-09 17:12:18 +08:00
|
|
|
if (opts->logger != NULL) {
|
|
|
|
|
maat_instance->logger = opts->logger;
|
|
|
|
|
} else {
|
|
|
|
|
char log_path[1024] = {0};
|
|
|
|
|
if (strlen(maat_instance->instance_name) > 0) {
|
2023-02-03 17:28:14 +08:00
|
|
|
snprintf(log_path, sizeof(log_path), "%s.log",
|
|
|
|
|
maat_instance->instance_name);
|
2022-12-09 17:12:18 +08:00
|
|
|
} else {
|
|
|
|
|
snprintf(log_path, sizeof(log_path), "maat.log");
|
|
|
|
|
}
|
|
|
|
|
maat_instance->logger = log_handle_create(log_path, opts->log_level);
|
|
|
|
|
}
|
2023-01-30 21:59:35 +08:00
|
|
|
|
2022-11-25 16:32:29 +08:00
|
|
|
maat_instance->input_mode = opts->input_mode;
|
2023-02-03 17:28:14 +08:00
|
|
|
|
2022-11-25 16:32:29 +08:00
|
|
|
switch (maat_instance->input_mode) {
|
2022-12-03 22:23:41 +08:00
|
|
|
case DATA_SOURCE_REDIS:
|
2023-02-03 17:28:14 +08:00
|
|
|
memcpy(maat_instance->mr_ctx.redis_ip, opts->redis_ctx.redis_ip,
|
|
|
|
|
strlen(opts->redis_ctx.redis_ip));
|
2022-12-03 22:23:41 +08:00
|
|
|
maat_instance->mr_ctx.redis_port = opts->redis_ctx.redis_port;
|
|
|
|
|
maat_instance->mr_ctx.redis_db = opts->redis_ctx.redis_db;
|
|
|
|
|
break;
|
2022-11-25 16:32:29 +08:00
|
|
|
case DATA_SOURCE_IRIS_FILE:
|
2023-02-03 17:28:14 +08:00
|
|
|
memcpy(maat_instance->iris_ctx.full_idx_dir, opts->iris_ctx.full_idx_dir,
|
|
|
|
|
strlen(opts->iris_ctx.full_idx_dir));
|
|
|
|
|
memcpy(maat_instance->iris_ctx.inc_idx_dir, opts->iris_ctx.inc_idx_dir,
|
|
|
|
|
strlen(opts->iris_ctx.inc_idx_dir));
|
2022-12-03 22:23:41 +08:00
|
|
|
break;
|
|
|
|
|
case DATA_SOURCE_JSON_FILE:
|
2023-02-03 17:28:14 +08:00
|
|
|
memcpy(maat_instance->json_ctx.json_file, opts->json_ctx.json_file,
|
|
|
|
|
strlen(opts->json_ctx.json_file));
|
2022-11-25 16:32:29 +08:00
|
|
|
break;
|
|
|
|
|
default:
|
2023-02-03 17:28:14 +08:00
|
|
|
log_error(maat_instance->logger, MODULE_MAAT_API,
|
|
|
|
|
"data source unsupported:%d", maat_instance->input_mode);
|
2022-11-25 16:32:29 +08:00
|
|
|
goto failed;
|
|
|
|
|
}
|
|
|
|
|
|
2022-11-17 05:05:35 +08:00
|
|
|
maat_instance->is_running = 0;
|
|
|
|
|
maat_instance->maat_version = 0;
|
|
|
|
|
maat_instance->last_full_version = 0;
|
2022-11-25 16:32:29 +08:00
|
|
|
maat_instance->nr_worker_thread = opts->nr_worker_threads;
|
|
|
|
|
maat_instance->rule_effect_interval_ms = opts->rule_effect_interval_ms;
|
|
|
|
|
maat_instance->gc_timeout_ms = opts->gc_timeout_ms;
|
|
|
|
|
maat_instance->deferred_load = opts->deferred_load_on;
|
|
|
|
|
garbage_gc_timeout_s = (maat_instance->rule_effect_interval_ms / 1000) +
|
|
|
|
|
(maat_instance->gc_timeout_ms / 1000);
|
|
|
|
|
maat_instance->garbage_bin = maat_garbage_bin_new(garbage_gc_timeout_s);
|
2022-12-14 15:28:21 +08:00
|
|
|
|
2023-02-07 11:25:31 +08:00
|
|
|
maat_instance->tbl_mgr = table_manager_create(table_info_path, opts->accept_tags,
|
|
|
|
|
maat_instance->garbage_bin, maat_instance->logger);
|
|
|
|
|
if (NULL == maat_instance->tbl_mgr) {
|
|
|
|
|
goto failed;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
maat_instance->default_compile_table_id = table_manager_get_defaut_compile_table_id(maat_instance->tbl_mgr);
|
|
|
|
|
maat_instance->g2g_table_id = table_manager_get_group2group_table_id(maat_instance->tbl_mgr);
|
|
|
|
|
|
2023-02-03 17:28:14 +08:00
|
|
|
maat_instance->outer_state_cnt = alignment_int64_array_alloc(opts->nr_worker_threads);
|
|
|
|
|
maat_instance->compile_state_cnt = alignment_int64_array_alloc(opts->nr_worker_threads);
|
2022-12-14 15:28:21 +08:00
|
|
|
maat_instance->thread_call_cnt = alignment_int64_array_alloc(opts->nr_worker_threads);
|
2023-02-03 17:28:14 +08:00
|
|
|
maat_instance->hit_cnt = alignment_int64_array_alloc(opts->nr_worker_threads);
|
|
|
|
|
maat_instance->not_grp_hit_cnt = alignment_int64_array_alloc(opts->nr_worker_threads);
|
2022-12-14 15:28:21 +08:00
|
|
|
|
2022-11-25 16:32:29 +08:00
|
|
|
pthread_mutex_init(&(maat_instance->background_update_mutex), NULL);
|
|
|
|
|
|
|
|
|
|
if (0 == maat_instance->deferred_load) {
|
|
|
|
|
maat_read_full_config(maat_instance);
|
|
|
|
|
}
|
2022-11-17 05:05:35 +08:00
|
|
|
|
2022-12-05 23:21:18 +08:00
|
|
|
pthread_create(&(maat_instance->cfg_mon_thread), NULL, rule_monitor_loop, (void *)maat_instance);
|
2022-11-17 05:05:35 +08:00
|
|
|
|
|
|
|
|
return maat_instance;
|
2022-11-25 16:32:29 +08:00
|
|
|
failed:
|
2022-12-05 23:21:18 +08:00
|
|
|
FREE(maat_instance);
|
2022-11-17 05:05:35 +08:00
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void maat_free(struct maat *maat_instance)
|
|
|
|
|
{
|
2022-12-05 23:21:18 +08:00
|
|
|
if (NULL == maat_instance) {
|
|
|
|
|
return;
|
|
|
|
|
}
|
2022-11-17 05:05:35 +08:00
|
|
|
|
2022-12-05 23:21:18 +08:00
|
|
|
void *ret = NULL;
|
2022-10-27 17:58:52 +08:00
|
|
|
|
2022-12-05 23:21:18 +08:00
|
|
|
maat_instance->is_running = 0;
|
|
|
|
|
pthread_join(maat_instance->cfg_mon_thread, &ret);
|
2022-11-17 05:05:35 +08:00
|
|
|
}
|
|
|
|
|
|
2022-11-25 16:32:29 +08:00
|
|
|
int maat_table_get_id(struct maat *maat_instance, const char *table_name)
|
|
|
|
|
{
|
|
|
|
|
int table_id = -1;
|
|
|
|
|
|
2023-01-30 21:59:35 +08:00
|
|
|
struct table_manager *table_mgr = maat_instance->tbl_mgr;
|
|
|
|
|
table_id = table_manager_get_table_id(table_mgr, table_name);
|
2022-11-25 16:32:29 +08:00
|
|
|
|
|
|
|
|
return table_id;
|
|
|
|
|
}
|
|
|
|
|
|
2023-02-15 11:53:46 +08:00
|
|
|
static inline void maat_runtime_ref_inc(struct maat_runtime *maat_rt, int thread_id)
|
2022-12-14 15:28:21 +08:00
|
|
|
{
|
|
|
|
|
alignment_int64_array_add(maat_rt->ref_cnt, thread_id, 1);
|
|
|
|
|
}
|
|
|
|
|
|
2023-02-15 11:53:46 +08:00
|
|
|
static inline void maat_runtime_ref_dec(struct maat_runtime *maat_rt, int thread_id)
|
2022-12-14 15:28:21 +08:00
|
|
|
{
|
|
|
|
|
alignment_int64_array_add(maat_rt->ref_cnt, thread_id, -1);
|
|
|
|
|
}
|
|
|
|
|
|
2023-01-30 21:59:35 +08:00
|
|
|
void fill_maat_rule(struct maat_rule *rule, const struct maat_rule_head *rule_head,
|
|
|
|
|
const char *srv_def, int srv_def_len)
|
|
|
|
|
{
|
|
|
|
|
memcpy(rule, rule_head, sizeof(struct maat_rule_head));
|
|
|
|
|
memcpy(rule->service_defined, srv_def, MIN(srv_def_len, MAX_SERVICE_DEFINE_LEN));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
size_t generic_plugin_runtime_cached_row_count(void *custom_rt, enum table_type table_type)
|
|
|
|
|
{
|
2023-01-31 20:39:53 +08:00
|
|
|
return 0;
|
2023-01-30 21:59:35 +08:00
|
|
|
}
|
|
|
|
|
|
2023-02-03 17:28:14 +08:00
|
|
|
const char *generic_plugin_runtime_get_cached_row(void *custom_rt, enum table_type table_type,
|
|
|
|
|
size_t row_id)
|
2023-01-30 21:59:35 +08:00
|
|
|
{
|
2023-01-31 20:39:53 +08:00
|
|
|
return NULL;
|
2023-01-30 21:59:35 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* must be plugin table */
|
2022-11-25 16:32:29 +08:00
|
|
|
int maat_table_callback_register(struct maat *maat_instance, int table_id,
|
|
|
|
|
maat_start_callback_t *start,
|
|
|
|
|
maat_update_callback_t *update,
|
|
|
|
|
maat_finish_callback_t *finish,
|
|
|
|
|
void *u_para)
|
|
|
|
|
{
|
|
|
|
|
int ret = -1;
|
|
|
|
|
|
|
|
|
|
pthread_mutex_lock(&(maat_instance->background_update_mutex));
|
2023-01-30 21:59:35 +08:00
|
|
|
void *schema = table_manager_get_schema(maat_instance->tbl_mgr, table_id);
|
|
|
|
|
ret = plugin_table_add_callback(schema, table_id, start, update, finish,
|
|
|
|
|
u_para, maat_instance->logger);
|
2022-11-25 16:32:29 +08:00
|
|
|
if (ret < 0) {
|
|
|
|
|
pthread_mutex_unlock(&(maat_instance->background_update_mutex));
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (!maat_instance->maat_rt) {
|
|
|
|
|
pthread_mutex_unlock(&(maat_instance->background_update_mutex));
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2023-01-30 21:59:35 +08:00
|
|
|
void *runtime = table_manager_get_runtime(maat_instance->tbl_mgr, table_id);
|
|
|
|
|
enum table_type table_type = table_manager_get_table_type(maat_instance->tbl_mgr, table_id);
|
|
|
|
|
size_t row_cnt = generic_plugin_runtime_cached_row_count(runtime, table_type);
|
|
|
|
|
|
|
|
|
|
if (row_cnt > 0) {
|
2022-11-25 16:32:29 +08:00
|
|
|
if (start != NULL) {
|
2023-02-03 17:28:14 +08:00
|
|
|
start(MAAT_UPDATE_TYPE_FULL, u_para);
|
2022-11-25 16:32:29 +08:00
|
|
|
}
|
|
|
|
|
|
2023-01-31 20:39:53 +08:00
|
|
|
for (size_t i = 0; i < row_cnt; i++) {
|
2023-01-30 21:59:35 +08:00
|
|
|
const char *line = generic_plugin_runtime_get_cached_row(runtime, table_type, i);
|
2022-11-25 16:32:29 +08:00
|
|
|
if (NULL == line) {
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
update(table_id, line, u_para);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (finish != NULL) {
|
|
|
|
|
finish(u_para);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
pthread_mutex_unlock(&(maat_instance->background_update_mutex));
|
|
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2023-02-09 22:13:15 +08:00
|
|
|
int maat_compile_table_ex_schema_register(struct maat *maat_instance, int table_id,
|
|
|
|
|
maat_rule_ex_new_func_t *new_func,
|
|
|
|
|
maat_rule_ex_free_func_t *free_func,
|
|
|
|
|
maat_rule_ex_dup_func_t *dup_func,
|
|
|
|
|
long argl, void *argp)
|
|
|
|
|
{
|
|
|
|
|
if (NULL == maat_instance || table_id < 0 || table_id > MAX_TABLE_NUM) {
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
enum table_type table_type = table_manager_get_table_type(maat_instance->tbl_mgr, table_id);
|
|
|
|
|
assert(table_type == TABLE_TYPE_COMPILE);
|
|
|
|
|
|
|
|
|
|
void *compile_schema = table_manager_get_schema(maat_instance->tbl_mgr, table_id);
|
|
|
|
|
assert(compile_schema != NULL);
|
|
|
|
|
|
|
|
|
|
return compile_table_set_rule_ex_data_schema((struct compile_schema *)compile_schema, table_id,
|
|
|
|
|
new_func, free_func, dup_func,
|
|
|
|
|
argl, argp, maat_instance->logger);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void *maat_compile_table_get_ex_data(struct maat *maat_instance, int table_id, int compile_id, size_t idx)
|
|
|
|
|
{
|
|
|
|
|
struct compile_schema *schema = (struct compile_schema *)table_manager_get_schema(maat_instance->tbl_mgr,
|
|
|
|
|
table_id);
|
|
|
|
|
return compile_table_get_rule_ex_data(schema, compile_id, idx);
|
|
|
|
|
}
|
|
|
|
|
|
2023-01-30 21:59:35 +08:00
|
|
|
int generic_plugin_table_ex_schema_register(struct table_manager *tbl_mgr, int table_id,
|
|
|
|
|
maat_plugin_ex_new_func_t *new_func,
|
|
|
|
|
maat_plugin_ex_free_func_t *free_func,
|
|
|
|
|
maat_plugin_ex_dup_func_t *dup_func,
|
2023-01-31 20:39:53 +08:00
|
|
|
long argl, void *argp, struct log_handle *logger)
|
2023-01-30 21:59:35 +08:00
|
|
|
{
|
|
|
|
|
if (NULL == tbl_mgr || NULL == new_func || NULL == free_func || NULL == dup_func) {
|
|
|
|
|
assert(0);
|
2023-01-31 20:39:53 +08:00
|
|
|
log_error(logger, MODULE_MAAT_API,
|
2023-01-30 21:59:35 +08:00
|
|
|
"table(table_id:%d) %s failed: invalid parameter", __FUNCTION__);
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void *schema = table_manager_get_schema(tbl_mgr, table_id);
|
|
|
|
|
if (NULL == schema) {
|
2023-01-31 20:39:53 +08:00
|
|
|
log_error(logger, MODULE_MAAT_API,
|
2023-01-30 21:59:35 +08:00
|
|
|
"Error: %s, table(table_id:%d) is not registered", __FUNCTION__, table_id);
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
struct ex_data_schema *ex_schema = NULL;
|
|
|
|
|
enum table_type table_type = table_manager_get_table_type(tbl_mgr, table_id);
|
|
|
|
|
switch (table_type) {
|
|
|
|
|
case TABLE_TYPE_PLUGIN:
|
|
|
|
|
ex_schema = plugin_table_get_ex_data_schema(schema);
|
|
|
|
|
if (NULL == ex_schema) {
|
2023-01-31 20:39:53 +08:00
|
|
|
log_error(logger, MODULE_MAAT_API,
|
2023-01-30 21:59:35 +08:00
|
|
|
"Error: %s, table(table_id:%d) is not a valid plugin table",
|
|
|
|
|
__FUNCTION__, table_id);
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
plugin_table_set_ex_data_schema(schema, new_func, free_func,
|
2023-01-31 20:39:53 +08:00
|
|
|
dup_func, argl, argp, logger);
|
2023-01-30 21:59:35 +08:00
|
|
|
break;
|
|
|
|
|
case TABLE_TYPE_IP_PLUGIN:
|
|
|
|
|
ex_schema = ip_plugin_table_get_ex_data_schema(schema);
|
|
|
|
|
if (NULL == ex_schema) {
|
2023-01-31 20:39:53 +08:00
|
|
|
log_error(logger, MODULE_MAAT_API,
|
2023-01-30 21:59:35 +08:00
|
|
|
"Error: %s, table(table_id:%d) is not a valid ip_plugin table",
|
|
|
|
|
__FUNCTION__, table_id);
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
ip_plugin_table_set_ex_data_schema(schema, new_func, free_func,
|
2023-01-31 20:39:53 +08:00
|
|
|
dup_func, argl, argp, logger);
|
2023-01-30 21:59:35 +08:00
|
|
|
break;
|
|
|
|
|
default:
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2023-02-03 17:28:14 +08:00
|
|
|
void generic_plugin_runtime_commit_ex_schema(void *runtime, void *schema,
|
|
|
|
|
int table_id, enum table_type table_type,
|
|
|
|
|
int valid_column)
|
2023-01-30 21:59:35 +08:00
|
|
|
{
|
|
|
|
|
struct ex_data_schema *ex_data_schema = NULL;
|
|
|
|
|
struct ex_data_runtime *ex_data_rt = NULL;
|
|
|
|
|
|
|
|
|
|
switch (table_type) {
|
|
|
|
|
case TABLE_TYPE_PLUGIN:
|
|
|
|
|
ex_data_schema = plugin_table_get_ex_data_schema(schema);
|
|
|
|
|
ex_data_rt = plugin_runtime_get_ex_data_rt(runtime);
|
|
|
|
|
break;
|
|
|
|
|
case TABLE_TYPE_IP_PLUGIN:
|
|
|
|
|
ex_data_schema = ip_plugin_table_get_ex_data_schema(schema);
|
|
|
|
|
ex_data_rt = ip_plugin_runtime_get_ex_data_rt(runtime);
|
|
|
|
|
break;
|
|
|
|
|
default:
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
ex_data_runtime_set_schema(ex_data_rt, ex_data_schema);
|
2023-01-31 20:39:53 +08:00
|
|
|
struct ex_container_ctx *ex_ctx = ALLOC(struct ex_container_ctx, 1);
|
|
|
|
|
ex_ctx->table_id = table_id;
|
|
|
|
|
ex_ctx->ex_schema = ex_data_schema;
|
|
|
|
|
ex_data_runtime_set_ex_container_ctx(ex_data_rt, ex_ctx);
|
2023-01-30 21:59:35 +08:00
|
|
|
|
|
|
|
|
size_t n_cached_row = ex_data_runtime_cached_row_count(ex_data_rt);
|
|
|
|
|
for (size_t i = 0; i < n_cached_row; i++) {
|
|
|
|
|
const char *row = ex_data_runtime_cached_row_get(ex_data_rt, i);
|
2023-01-31 20:39:53 +08:00
|
|
|
switch (table_type) {
|
2023-01-30 21:59:35 +08:00
|
|
|
case TABLE_TYPE_PLUGIN:
|
2023-01-31 20:39:53 +08:00
|
|
|
plugin_runtime_update(runtime, schema, row, valid_column);
|
2023-01-30 21:59:35 +08:00
|
|
|
break;
|
|
|
|
|
case TABLE_TYPE_IP_PLUGIN:
|
2023-01-31 20:39:53 +08:00
|
|
|
ip_plugin_runtime_update(runtime, schema, row, valid_column);
|
2023-01-30 21:59:35 +08:00
|
|
|
break;
|
|
|
|
|
default:
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
ex_data_runtime_clear_row_cache(ex_data_rt);
|
|
|
|
|
|
|
|
|
|
switch (table_type) {
|
|
|
|
|
case TABLE_TYPE_PLUGIN:
|
2023-02-09 22:13:15 +08:00
|
|
|
plugin_runtime_commit(runtime, "false_plugin_table");
|
2023-01-30 21:59:35 +08:00
|
|
|
break;
|
|
|
|
|
case TABLE_TYPE_IP_PLUGIN:
|
2023-02-09 22:13:15 +08:00
|
|
|
ip_plugin_runtime_commit(runtime, "false_plugin_table");
|
2023-01-30 21:59:35 +08:00
|
|
|
break;
|
|
|
|
|
default:
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2022-11-25 16:32:29 +08:00
|
|
|
int maat_plugin_table_ex_schema_register(struct maat *maat_instance, int table_id,
|
|
|
|
|
maat_plugin_ex_new_func_t *new_func,
|
|
|
|
|
maat_plugin_ex_free_func_t *free_func,
|
|
|
|
|
maat_plugin_ex_dup_func_t *dup_func,
|
|
|
|
|
long argl, void *argp)
|
2022-11-17 05:05:35 +08:00
|
|
|
{
|
2022-11-25 16:32:29 +08:00
|
|
|
pthread_mutex_lock(&(maat_instance->background_update_mutex));
|
2023-01-30 21:59:35 +08:00
|
|
|
int ret = generic_plugin_table_ex_schema_register(maat_instance->tbl_mgr, table_id,
|
2023-02-03 17:28:14 +08:00
|
|
|
new_func, free_func, dup_func,
|
|
|
|
|
argl, argp, maat_instance->logger);
|
2022-11-25 16:32:29 +08:00
|
|
|
if (ret < 0) {
|
|
|
|
|
pthread_mutex_unlock(&(maat_instance->background_update_mutex));
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
|
2023-02-03 17:28:14 +08:00
|
|
|
enum table_type table_type = TABLE_TYPE_INVALID;
|
|
|
|
|
int valid_column = -1;
|
2022-11-25 16:32:29 +08:00
|
|
|
if (maat_instance->maat_rt != NULL) {
|
2023-01-30 21:59:35 +08:00
|
|
|
void *runtime = table_manager_get_runtime(maat_instance->tbl_mgr, table_id);
|
|
|
|
|
void *schema = table_manager_get_schema(maat_instance->tbl_mgr, table_id);
|
2023-02-03 17:28:14 +08:00
|
|
|
assert(runtime != NULL && schema != NULL);
|
|
|
|
|
|
|
|
|
|
table_type = table_manager_get_table_type(maat_instance->tbl_mgr, table_id);
|
|
|
|
|
valid_column = table_manager_get_valid_column(maat_instance->tbl_mgr, table_id);
|
|
|
|
|
generic_plugin_runtime_commit_ex_schema(runtime, schema, table_id, table_type,
|
|
|
|
|
valid_column);
|
2022-11-25 16:32:29 +08:00
|
|
|
}
|
|
|
|
|
pthread_mutex_unlock(&(maat_instance->background_update_mutex));
|
|
|
|
|
|
2022-11-17 05:05:35 +08:00
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2023-02-09 22:13:15 +08:00
|
|
|
int maat_plugin_table_get_ex_data(struct maat *maat_instance, int table_id,
|
|
|
|
|
const char *key, size_t key_len,
|
|
|
|
|
void **ex_data_array, size_t n_ex_data)
|
2022-11-25 16:32:29 +08:00
|
|
|
{
|
|
|
|
|
struct maat_runtime *maat_rt = maat_instance->maat_rt;
|
|
|
|
|
if (NULL == maat_rt) {
|
2023-02-09 22:13:15 +08:00
|
|
|
return -1;
|
2022-11-25 16:32:29 +08:00
|
|
|
}
|
|
|
|
|
|
2023-01-30 21:59:35 +08:00
|
|
|
enum table_type table_type = table_manager_get_table_type(maat_rt->ref_tbl_mgr, table_id);
|
|
|
|
|
void *runtime = table_manager_get_runtime(maat_rt->ref_tbl_mgr, table_id);
|
|
|
|
|
if (NULL == runtime) {
|
2023-02-09 22:13:15 +08:00
|
|
|
return -1;
|
2022-12-09 17:12:18 +08:00
|
|
|
}
|
|
|
|
|
|
2023-01-30 21:59:35 +08:00
|
|
|
struct ex_data_runtime *ex_data_rt = NULL;
|
|
|
|
|
switch (table_type) {
|
|
|
|
|
case TABLE_TYPE_PLUGIN:
|
|
|
|
|
ex_data_rt = plugin_runtime_get_ex_data_rt(runtime);
|
|
|
|
|
break;
|
|
|
|
|
case TABLE_TYPE_IP_PLUGIN:
|
|
|
|
|
ex_data_rt = ip_plugin_runtime_get_ex_data_rt(runtime);
|
|
|
|
|
break;
|
|
|
|
|
default:
|
|
|
|
|
break;
|
2022-12-09 17:12:18 +08:00
|
|
|
}
|
2023-01-30 21:59:35 +08:00
|
|
|
|
2022-12-09 17:12:18 +08:00
|
|
|
if (NULL == ex_data_rt) {
|
2023-02-09 22:13:15 +08:00
|
|
|
return -1;
|
2022-12-09 17:12:18 +08:00
|
|
|
}
|
2022-11-25 16:32:29 +08:00
|
|
|
|
2023-02-09 22:13:15 +08:00
|
|
|
*ex_data_array = ex_data_runtime_get_ex_data(ex_data_rt, key, key_len);
|
|
|
|
|
return 0;
|
2022-11-25 16:32:29 +08:00
|
|
|
}
|
|
|
|
|
|
2022-12-14 15:28:21 +08:00
|
|
|
struct maat_state *make_outer_state(struct maat *maat_instance, int thread_id)
|
|
|
|
|
{
|
|
|
|
|
struct maat_state *outer_state = NULL;
|
|
|
|
|
|
|
|
|
|
outer_state = ALLOC(struct maat_state, 1);
|
|
|
|
|
outer_state->maat_instance = maat_instance;
|
|
|
|
|
outer_state->district_id = DISTRICT_ANY;
|
|
|
|
|
outer_state->thread_id = (signed short)thread_id;
|
2023-01-30 21:59:35 +08:00
|
|
|
outer_state->compile_table_id = -1; //-1 means caller not specify compile table, use default compile table
|
2022-12-14 15:28:21 +08:00
|
|
|
|
|
|
|
|
return outer_state;
|
|
|
|
|
}
|
|
|
|
|
|
2023-02-03 17:28:14 +08:00
|
|
|
struct maat_state *grab_state(struct maat_state **state, struct maat *maat_instance,
|
|
|
|
|
int thread_id)
|
2022-12-14 15:28:21 +08:00
|
|
|
{
|
|
|
|
|
struct maat_state *mid = *state;
|
|
|
|
|
|
|
|
|
|
if (NULL == mid) {
|
|
|
|
|
mid = make_outer_state(maat_instance, thread_id);
|
|
|
|
|
*state = mid;
|
|
|
|
|
//Maat_set_scan_status calls grap_mid() with thread_num=-1.
|
|
|
|
|
if (mid->thread_id >= 0) {
|
2023-02-03 17:28:14 +08:00
|
|
|
alignment_int64_array_add(maat_instance->outer_state_cnt, thread_id, 1);
|
2022-12-14 15:28:21 +08:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (mid->thread_id < 0 && thread_id >= 0) {
|
|
|
|
|
mid->thread_id = thread_id;
|
2023-02-03 17:28:14 +08:00
|
|
|
alignment_int64_array_add(maat_instance->outer_state_cnt, thread_id, 1);
|
2022-12-14 15:28:21 +08:00
|
|
|
}
|
|
|
|
|
|
2023-02-03 17:28:14 +08:00
|
|
|
if (NULL == mid->compile_state) {
|
|
|
|
|
mid->compile_state = maat_compile_state_new(thread_id);
|
|
|
|
|
alignment_int64_array_add(maat_instance->compile_state_cnt, thread_id, 1);
|
2023-01-30 21:59:35 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return mid;
|
2022-12-14 15:28:21 +08:00
|
|
|
}
|
|
|
|
|
|
2023-02-15 11:53:46 +08:00
|
|
|
static inline int scan_status_should_compile_NOT(struct maat_state *state)
|
2023-02-03 17:28:14 +08:00
|
|
|
{
|
|
|
|
|
if (state && (LAST_SCAN_SET == state->is_last_scan) && state->compile_state
|
|
|
|
|
&& maat_compile_state_has_NOT_clause(state->compile_state)) {
|
|
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2023-02-09 22:13:15 +08:00
|
|
|
size_t hit_group_to_compile(void *compile_runtime, int *compile_ids, size_t compile_ids_size,
|
|
|
|
|
struct maat_state *mid)
|
2023-01-06 18:54:59 +08:00
|
|
|
{
|
2023-02-09 22:13:15 +08:00
|
|
|
size_t n_hit_compile = compile_runtime_match((struct compile_runtime *)compile_runtime,
|
|
|
|
|
compile_ids, compile_ids_size, mid);
|
|
|
|
|
return n_hit_compile;
|
2023-02-03 17:28:14 +08:00
|
|
|
}
|
2023-01-06 18:54:59 +08:00
|
|
|
|
2023-02-07 11:25:31 +08:00
|
|
|
int maat_scan_flag(struct maat *maat_instance, int table_id, int thread_id,
|
2023-02-03 17:28:14 +08:00
|
|
|
uint64_t flag, int *results, size_t n_result,
|
|
|
|
|
size_t *n_hit_result, struct maat_state **state)
|
|
|
|
|
{
|
2023-02-15 11:53:46 +08:00
|
|
|
if ((NULL == maat_instance) || (table_id < 0) || (table_id >= MAX_TABLE_NUM)
|
2023-02-07 11:25:31 +08:00
|
|
|
|| (thread_id < 0) || (NULL == results) || (0 == n_result) || (NULL == state)) {
|
|
|
|
|
return MAAT_SCAN_ERR;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
struct maat_state *mid = NULL;
|
|
|
|
|
mid = grab_state(state, maat_instance, thread_id);
|
|
|
|
|
mid->scan_cnt++;
|
|
|
|
|
|
|
|
|
|
int physical_table_id = 0;
|
|
|
|
|
int vtable_id = 0;
|
|
|
|
|
|
|
|
|
|
enum table_type table_type = table_manager_get_table_type(maat_instance->tbl_mgr, table_id);
|
|
|
|
|
if (table_type == TABLE_TYPE_VIRTUAL) {
|
|
|
|
|
//find physical table id
|
|
|
|
|
void *virtual_schema = table_manager_get_schema(maat_instance->tbl_mgr, table_id);
|
|
|
|
|
physical_table_id = virtual_table_get_physical_table_id(virtual_schema, SCAN_TYPE_FLAG);
|
|
|
|
|
if (physical_table_id < 0) {
|
|
|
|
|
return MAAT_SCAN_ERR;
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
physical_table_id = table_id;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (NULL == maat_instance->maat_rt) {
|
|
|
|
|
log_error(maat_instance->logger, MODULE_MAAT_API,
|
|
|
|
|
"maat_scan_string error because of maat_runtime is NULL");
|
|
|
|
|
return MAAT_SCAN_OK;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
maat_runtime_ref_inc(maat_instance->maat_rt, thread_id);
|
|
|
|
|
alignment_int64_array_add(maat_instance->thread_call_cnt, thread_id, 1);
|
|
|
|
|
|
|
|
|
|
int group_ids[MAX_SCANNER_HIT_GROUP_NUM] = {-1};
|
|
|
|
|
void *flag_rt = table_manager_get_runtime(maat_instance->tbl_mgr, table_id);
|
|
|
|
|
if (NULL == flag_rt) {
|
|
|
|
|
return MAAT_SCAN_ERR;
|
|
|
|
|
}
|
|
|
|
|
|
2023-02-15 11:53:46 +08:00
|
|
|
int group_hit_cnt = flag_runtime_scan((struct flag_runtime *)flag_rt,
|
2023-02-07 11:25:31 +08:00
|
|
|
thread_id,
|
|
|
|
|
flag, group_ids,
|
|
|
|
|
MAX_SCANNER_HIT_GROUP_NUM,
|
|
|
|
|
vtable_id, mid);
|
|
|
|
|
if (group_hit_cnt < 0) {
|
|
|
|
|
return MAAT_SCAN_ERR;
|
|
|
|
|
}
|
|
|
|
|
|
2023-02-09 22:13:15 +08:00
|
|
|
size_t n_hit_compile = 0;
|
2023-02-07 11:25:31 +08:00
|
|
|
if (group_hit_cnt > 0 || scan_status_should_compile_NOT(mid)) {
|
|
|
|
|
// come here means group_hit_cnt > 0, at least MAAT_SCAN_HALF_HIT, or MAAT_SCAN_HIT
|
|
|
|
|
if (group_hit_cnt > 0) {
|
|
|
|
|
flag_runtime_scan_hit_inc((struct flag_runtime *)flag_rt, thread_id);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
int compile_table_id = -1;
|
|
|
|
|
if (mid->compile_table_id == -1) {
|
|
|
|
|
compile_table_id = maat_instance->default_compile_table_id;
|
|
|
|
|
} else {
|
|
|
|
|
compile_table_id = mid->compile_table_id;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void *compile_rt = table_manager_get_runtime(maat_instance->tbl_mgr, compile_table_id);
|
2023-02-09 22:13:15 +08:00
|
|
|
n_hit_compile = hit_group_to_compile(compile_rt, results, n_result, mid);
|
|
|
|
|
*n_hit_result = n_hit_compile;
|
2023-02-07 11:25:31 +08:00
|
|
|
|
|
|
|
|
assert(mid->is_last_scan < LAST_SCAN_FINISHED);
|
|
|
|
|
if (LAST_SCAN_SET == mid->is_last_scan) {
|
|
|
|
|
mid->is_last_scan = LAST_SCAN_FINISHED;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2023-02-09 22:13:15 +08:00
|
|
|
if (n_hit_compile > 0) {
|
2023-02-07 11:25:31 +08:00
|
|
|
alignment_int64_array_add(maat_instance->hit_cnt, thread_id, 1);
|
2023-02-09 22:13:15 +08:00
|
|
|
if (0 == group_hit_cnt) {
|
|
|
|
|
//hit NOT group
|
|
|
|
|
alignment_int64_array_add(maat_instance->not_grp_hit_cnt, thread_id, 1);
|
|
|
|
|
}
|
|
|
|
|
return MAAT_SCAN_HIT;
|
|
|
|
|
} else {
|
|
|
|
|
// n_hit_compile == 0
|
|
|
|
|
if (group_hit_cnt > 0) {
|
|
|
|
|
return MAAT_SCAN_HALF_HIT;
|
|
|
|
|
}
|
2023-02-07 11:25:31 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
maat_runtime_ref_dec(maat_instance->maat_rt, thread_id);
|
|
|
|
|
|
2023-02-09 22:13:15 +08:00
|
|
|
return MAAT_SCAN_OK;
|
2023-01-06 18:54:59 +08:00
|
|
|
}
|
|
|
|
|
|
2023-02-15 11:53:46 +08:00
|
|
|
int maat_scan_integer(struct maat *maat_instance, int table_id, int thread_id,
|
2023-01-30 21:59:35 +08:00
|
|
|
unsigned int intval, int *results, size_t n_result,
|
|
|
|
|
size_t *n_hit_result, struct maat_state **state)
|
2022-10-27 17:58:52 +08:00
|
|
|
{
|
2023-02-15 11:53:46 +08:00
|
|
|
if ((NULL == maat_instance) || (table_id < 0) || (table_id >= MAX_TABLE_NUM)
|
|
|
|
|
|| (thread_id < 0) || (NULL == results) || (0 == n_result) || (NULL == state)) {
|
|
|
|
|
return MAAT_SCAN_ERR;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
struct maat_state *mid = NULL;
|
|
|
|
|
mid = grab_state(state, maat_instance, thread_id);
|
|
|
|
|
mid->scan_cnt++;
|
|
|
|
|
|
|
|
|
|
int physical_table_id = 0;
|
|
|
|
|
int vtable_id = 0;
|
|
|
|
|
|
|
|
|
|
enum table_type table_type = table_manager_get_table_type(maat_instance->tbl_mgr, table_id);
|
|
|
|
|
if (table_type == TABLE_TYPE_VIRTUAL) {
|
|
|
|
|
//find physical table id
|
|
|
|
|
void *virtual_schema = table_manager_get_schema(maat_instance->tbl_mgr, table_id);
|
|
|
|
|
physical_table_id = virtual_table_get_physical_table_id(virtual_schema, SCAN_TYPE_FLAG);
|
|
|
|
|
if (physical_table_id < 0) {
|
|
|
|
|
return MAAT_SCAN_ERR;
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
physical_table_id = table_id;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (NULL == maat_instance->maat_rt) {
|
|
|
|
|
log_error(maat_instance->logger, MODULE_MAAT_API,
|
|
|
|
|
"maat_scan_string error because of maat_runtime is NULL");
|
|
|
|
|
return MAAT_SCAN_OK;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
maat_runtime_ref_inc(maat_instance->maat_rt, thread_id);
|
|
|
|
|
alignment_int64_array_add(maat_instance->thread_call_cnt, thread_id, 1);
|
|
|
|
|
|
|
|
|
|
int group_ids[MAX_SCANNER_HIT_GROUP_NUM] = {-1};
|
|
|
|
|
void *interval_rt = table_manager_get_runtime(maat_instance->tbl_mgr, table_id);
|
|
|
|
|
if (NULL == interval_rt) {
|
|
|
|
|
return MAAT_SCAN_ERR;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
int group_hit_cnt = interval_runtime_scan((struct interval_runtime *)interval_rt,
|
2023-02-16 11:13:23 +08:00
|
|
|
thread_id, intval, group_ids,
|
|
|
|
|
MAX_SCANNER_HIT_GROUP_NUM,
|
|
|
|
|
vtable_id, mid);
|
2023-02-15 11:53:46 +08:00
|
|
|
if (group_hit_cnt < 0) {
|
|
|
|
|
return MAAT_SCAN_ERR;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
size_t n_hit_compile = 0;
|
|
|
|
|
if (group_hit_cnt > 0 || scan_status_should_compile_NOT(mid)) {
|
|
|
|
|
// come here means group_hit_cnt > 0, at least MAAT_SCAN_HALF_HIT, or MAAT_SCAN_HIT
|
|
|
|
|
if (group_hit_cnt > 0) {
|
|
|
|
|
interval_runtime_scan_hit_inc((struct interval_runtime *)interval_rt, thread_id);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
int compile_table_id = -1;
|
|
|
|
|
if (mid->compile_table_id == -1) {
|
|
|
|
|
compile_table_id = maat_instance->default_compile_table_id;
|
|
|
|
|
} else {
|
|
|
|
|
compile_table_id = mid->compile_table_id;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void *compile_rt = table_manager_get_runtime(maat_instance->tbl_mgr, compile_table_id);
|
|
|
|
|
n_hit_compile = hit_group_to_compile(compile_rt, results, n_result, mid);
|
|
|
|
|
*n_hit_result = n_hit_compile;
|
|
|
|
|
|
|
|
|
|
assert(mid->is_last_scan < LAST_SCAN_FINISHED);
|
|
|
|
|
if (LAST_SCAN_SET == mid->is_last_scan) {
|
|
|
|
|
mid->is_last_scan = LAST_SCAN_FINISHED;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (n_hit_compile > 0) {
|
|
|
|
|
alignment_int64_array_add(maat_instance->hit_cnt, thread_id, 1);
|
|
|
|
|
if (0 == group_hit_cnt) {
|
|
|
|
|
//hit NOT group
|
|
|
|
|
alignment_int64_array_add(maat_instance->not_grp_hit_cnt, thread_id, 1);
|
|
|
|
|
}
|
|
|
|
|
return MAAT_SCAN_HIT;
|
|
|
|
|
} else {
|
|
|
|
|
// n_hit_compile == 0
|
|
|
|
|
if (group_hit_cnt > 0) {
|
|
|
|
|
return MAAT_SCAN_HALF_HIT;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
maat_runtime_ref_dec(maat_instance->maat_rt, thread_id);
|
|
|
|
|
|
|
|
|
|
return MAAT_SCAN_OK;
|
2022-10-27 17:58:52 +08:00
|
|
|
}
|
|
|
|
|
|
2023-01-30 21:59:35 +08:00
|
|
|
int maat_scan_ipv4(struct maat *maat_instance, int table_id, int thread_id,
|
|
|
|
|
uint32_t ip_addr, int *results, size_t n_result,
|
|
|
|
|
size_t *n_hit_result, struct maat_state **state)
|
2022-12-09 17:12:18 +08:00
|
|
|
{
|
|
|
|
|
if ((NULL == maat_instance) || (table_id < 0) || (table_id >= MAX_TABLE_NUM) ||
|
2023-01-31 20:39:53 +08:00
|
|
|
(thread_id < 0) || (NULL == results) || (0 == n_result) || (NULL == state)) {
|
2023-02-03 17:28:14 +08:00
|
|
|
return MAAT_SCAN_ERR;
|
2022-12-09 17:12:18 +08:00
|
|
|
}
|
|
|
|
|
|
2022-12-14 15:28:21 +08:00
|
|
|
struct maat_state *mid = NULL;
|
2023-01-30 21:59:35 +08:00
|
|
|
mid = grab_state(state, maat_instance, thread_id);
|
2023-02-03 17:28:14 +08:00
|
|
|
mid->scan_cnt++;
|
2023-01-30 21:59:35 +08:00
|
|
|
|
2023-02-03 17:28:14 +08:00
|
|
|
maat_runtime_ref_inc(maat_instance->maat_rt, thread_id);
|
|
|
|
|
|
|
|
|
|
int vtable_id = 0;
|
2023-01-31 20:39:53 +08:00
|
|
|
// struct table_schema *table_schema = table_schema_get_by_scan_type(maat_instance->table_schema_mgr, table_id,
|
|
|
|
|
// SCAN_TYPE_IP, &virtual_table_id);
|
|
|
|
|
// if (NULL == table_schema) {
|
2023-02-03 17:28:14 +08:00
|
|
|
// return MAAT_SCAN_ERR;
|
2023-01-31 20:39:53 +08:00
|
|
|
// }
|
2022-12-14 15:28:21 +08:00
|
|
|
|
2023-01-31 20:39:53 +08:00
|
|
|
int group_ids[MAX_SCANNER_HIT_GROUP_NUM] = {-1};
|
2023-01-30 21:59:35 +08:00
|
|
|
enum table_type table_type = table_manager_get_table_type(maat_instance->tbl_mgr, table_id);
|
2023-01-31 20:39:53 +08:00
|
|
|
assert(table_type == TABLE_TYPE_IP_PLUS);
|
|
|
|
|
|
|
|
|
|
// int table_id = table_schema_get_table_id(real_table);
|
2023-02-03 17:28:14 +08:00
|
|
|
void *ip_rt = table_manager_get_runtime(maat_instance->tbl_mgr, table_id);
|
|
|
|
|
if (NULL == ip_rt) {
|
|
|
|
|
return MAAT_SCAN_ERR;
|
|
|
|
|
}
|
2023-01-31 20:39:53 +08:00
|
|
|
// size_t rule_num = table_runtime_rule_count(table_rt);
|
|
|
|
|
// if (0 == rule_num) {
|
|
|
|
|
// return 0;
|
|
|
|
|
// }
|
|
|
|
|
|
2023-02-15 11:53:46 +08:00
|
|
|
int group_hit_cnt = ip_runtime_scan((struct ip_runtime *)ip_rt, thread_id, IPv4,
|
2023-02-03 17:28:14 +08:00
|
|
|
(uint8_t *)&ip_addr, group_ids, sizeof(group_ids),
|
|
|
|
|
vtable_id, mid);
|
2023-01-31 20:39:53 +08:00
|
|
|
if (group_hit_cnt < 0) {
|
2023-02-03 17:28:14 +08:00
|
|
|
return MAAT_SCAN_ERR;
|
|
|
|
|
}
|
|
|
|
|
|
2023-02-09 22:13:15 +08:00
|
|
|
size_t n_hit_compile = 0;
|
2023-02-03 17:28:14 +08:00
|
|
|
if (group_hit_cnt > 0 || scan_status_should_compile_NOT(mid)) {
|
|
|
|
|
// come here means group_hit_cnt > 0, at least MAAT_SCAN_HALF_HIT, or MAAT_SCAN_HIT
|
|
|
|
|
if (group_hit_cnt > 0) {
|
|
|
|
|
ip_runtime_scan_hit_inc((struct ip_runtime *)ip_rt, thread_id);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
int compile_table_id = -1;
|
|
|
|
|
if (mid->compile_table_id == -1) {
|
|
|
|
|
compile_table_id = maat_instance->default_compile_table_id;
|
|
|
|
|
} else {
|
|
|
|
|
compile_table_id = mid->compile_table_id;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void *compile_rt = table_manager_get_runtime(maat_instance->tbl_mgr, compile_table_id);
|
2023-02-09 22:13:15 +08:00
|
|
|
n_hit_compile = hit_group_to_compile(compile_rt, results, n_result, mid);
|
|
|
|
|
*n_hit_result = n_hit_compile;
|
2023-02-03 17:28:14 +08:00
|
|
|
|
|
|
|
|
assert(mid->is_last_scan < LAST_SCAN_FINISHED);
|
|
|
|
|
if (LAST_SCAN_SET == mid->is_last_scan) {
|
|
|
|
|
mid->is_last_scan = LAST_SCAN_FINISHED;
|
|
|
|
|
}
|
2022-12-14 15:28:21 +08:00
|
|
|
}
|
2023-02-03 17:28:14 +08:00
|
|
|
|
2023-02-09 22:13:15 +08:00
|
|
|
if (n_hit_compile > 0) {
|
2023-02-03 17:28:14 +08:00
|
|
|
alignment_int64_array_add(maat_instance->hit_cnt, thread_id, 1);
|
2023-02-09 22:13:15 +08:00
|
|
|
if (0 == group_hit_cnt) {
|
|
|
|
|
//hit NOT group
|
|
|
|
|
alignment_int64_array_add(maat_instance->not_grp_hit_cnt, thread_id, 1);
|
|
|
|
|
}
|
|
|
|
|
return MAAT_SCAN_HIT;
|
|
|
|
|
} else {
|
|
|
|
|
// n_hit_compile == 0
|
|
|
|
|
if (group_hit_cnt > 0) {
|
|
|
|
|
return MAAT_SCAN_HALF_HIT;
|
|
|
|
|
}
|
2023-02-03 17:28:14 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
maat_runtime_ref_dec(maat_instance->maat_rt, thread_id);
|
|
|
|
|
|
2023-02-09 22:13:15 +08:00
|
|
|
return MAAT_SCAN_OK;
|
2023-01-30 21:59:35 +08:00
|
|
|
}
|
2022-12-14 15:28:21 +08:00
|
|
|
|
2023-01-30 21:59:35 +08:00
|
|
|
|
2023-02-03 17:28:14 +08:00
|
|
|
int maat_scan_ipv6(struct maat *maat_instance, int table_id, int thread_id,
|
2023-01-30 21:59:35 +08:00
|
|
|
uint8_t *ip_addr, int *results, size_t n_result,
|
|
|
|
|
size_t *n_hit_result, struct maat_state **state)
|
|
|
|
|
{
|
2023-02-03 17:28:14 +08:00
|
|
|
if ((NULL == maat_instance) || (table_id < 0) || (table_id >= MAX_TABLE_NUM) ||
|
|
|
|
|
(thread_id < 0) || (NULL == ip_addr) || (NULL == results) || (0 == n_result) ||
|
|
|
|
|
(NULL == state)) {
|
|
|
|
|
return MAAT_SCAN_ERR;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
struct maat_state *mid = NULL;
|
|
|
|
|
mid = grab_state(state, maat_instance, thread_id);
|
|
|
|
|
mid->scan_cnt++;
|
|
|
|
|
|
|
|
|
|
maat_runtime_ref_inc(maat_instance->maat_rt, thread_id);
|
|
|
|
|
int vtable_id = 0;
|
|
|
|
|
// struct table_schema *table_schema = table_schema_get_by_scan_type(maat_instance->table_schema_mgr, table_id,
|
|
|
|
|
// SCAN_TYPE_IP, &virtual_table_id);
|
|
|
|
|
// if (NULL == table_schema) {
|
|
|
|
|
// return MAAT_SCAN_ERR;
|
|
|
|
|
// }
|
|
|
|
|
|
|
|
|
|
int group_ids[MAX_SCANNER_HIT_GROUP_NUM] = {-1};
|
|
|
|
|
enum table_type table_type = table_manager_get_table_type(maat_instance->tbl_mgr, table_id);
|
|
|
|
|
assert(table_type == TABLE_TYPE_IP_PLUS);
|
|
|
|
|
|
|
|
|
|
// int table_id = table_schema_get_table_id(real_table);
|
|
|
|
|
void *ip_rt = table_manager_get_runtime(maat_instance->tbl_mgr, table_id);
|
|
|
|
|
if (NULL == ip_rt) {
|
|
|
|
|
return MAAT_SCAN_ERR;
|
|
|
|
|
}
|
|
|
|
|
// size_t rule_num = table_runtime_rule_count(table_rt);
|
|
|
|
|
// if (0 == rule_num) {
|
|
|
|
|
// return 0;
|
|
|
|
|
// }
|
|
|
|
|
|
2023-02-15 11:53:46 +08:00
|
|
|
int group_hit_cnt = ip_runtime_scan((struct ip_runtime *)ip_rt, thread_id, IPv6, ip_addr,
|
2023-02-03 17:28:14 +08:00
|
|
|
group_ids, sizeof(group_ids), vtable_id, mid);
|
|
|
|
|
if (group_hit_cnt < 0) {
|
|
|
|
|
return MAAT_SCAN_ERR;
|
|
|
|
|
}
|
|
|
|
|
|
2023-02-09 22:13:15 +08:00
|
|
|
size_t n_hit_compile = 0;
|
2023-02-03 17:28:14 +08:00
|
|
|
if (group_hit_cnt > 0 || scan_status_should_compile_NOT(mid)) {
|
|
|
|
|
// come here means group_hit_cnt > 0, at least MAAT_SCAN_HALF_HIT, or MAAT_SCAN_HIT
|
|
|
|
|
if (group_hit_cnt > 0) {
|
|
|
|
|
ip_runtime_scan_hit_inc((struct ip_runtime *)ip_rt, thread_id);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
int compile_table_id = -1;
|
|
|
|
|
if (mid->compile_table_id == -1) {
|
|
|
|
|
compile_table_id = maat_instance->default_compile_table_id;
|
|
|
|
|
} else {
|
|
|
|
|
compile_table_id = mid->compile_table_id;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void *compile_rt = table_manager_get_runtime(maat_instance->tbl_mgr, compile_table_id);
|
2023-02-09 22:13:15 +08:00
|
|
|
n_hit_compile = hit_group_to_compile(compile_rt, results, n_result, mid);
|
|
|
|
|
*n_hit_result = n_hit_compile;
|
2023-02-03 17:28:14 +08:00
|
|
|
|
|
|
|
|
assert(mid->is_last_scan < LAST_SCAN_FINISHED);
|
|
|
|
|
if (LAST_SCAN_SET == mid->is_last_scan) {
|
|
|
|
|
mid->is_last_scan = LAST_SCAN_FINISHED;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2023-02-09 22:13:15 +08:00
|
|
|
if (n_hit_compile > 0) {
|
2023-02-03 17:28:14 +08:00
|
|
|
alignment_int64_array_add(maat_instance->hit_cnt, thread_id, 1);
|
2023-02-09 22:13:15 +08:00
|
|
|
if (0 == group_hit_cnt) {
|
|
|
|
|
//hit NOT group
|
|
|
|
|
alignment_int64_array_add(maat_instance->not_grp_hit_cnt, thread_id, 1);
|
|
|
|
|
}
|
|
|
|
|
return MAAT_SCAN_HIT;
|
|
|
|
|
} else {
|
|
|
|
|
// n_hit_compile == 0
|
|
|
|
|
if (group_hit_cnt > 0) {
|
|
|
|
|
return MAAT_SCAN_HALF_HIT;
|
|
|
|
|
}
|
2023-02-03 17:28:14 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
maat_runtime_ref_dec(maat_instance->maat_rt, thread_id);
|
|
|
|
|
|
2023-02-09 22:13:15 +08:00
|
|
|
return MAAT_SCAN_OK;
|
2022-12-09 17:12:18 +08:00
|
|
|
}
|
|
|
|
|
|
2022-11-17 05:05:35 +08:00
|
|
|
int maat_scan_string(struct maat *maat_instance, int table_id, int thread_id,
|
2023-01-30 21:59:35 +08:00
|
|
|
const char *data, size_t data_len, int *results, size_t n_result,
|
|
|
|
|
size_t *n_hit_result, struct maat_state **state)
|
2022-10-27 17:58:52 +08:00
|
|
|
{
|
2023-02-03 17:28:14 +08:00
|
|
|
if ((NULL == maat_instance) || (table_id < 0) || (table_id >= MAX_TABLE_NUM)
|
|
|
|
|
|| (thread_id < 0) || (NULL == data) || (0 == data_len)
|
|
|
|
|
|| (NULL == results) || (0 == n_result) || (NULL == state)) {
|
|
|
|
|
return MAAT_SCAN_ERR;
|
2022-11-29 14:12:40 +08:00
|
|
|
}
|
|
|
|
|
|
2023-01-30 21:59:35 +08:00
|
|
|
struct maat_state *mid = NULL;
|
|
|
|
|
mid = grab_state(state, maat_instance, thread_id);
|
2023-02-03 17:28:14 +08:00
|
|
|
mid->scan_cnt++;
|
2023-01-30 21:59:35 +08:00
|
|
|
|
2023-02-07 11:25:31 +08:00
|
|
|
int physical_table_id = 0;
|
|
|
|
|
int vtable_id = 0;
|
|
|
|
|
|
2023-02-06 08:14:25 +08:00
|
|
|
enum table_type table_type = table_manager_get_table_type(maat_instance->tbl_mgr, table_id);
|
|
|
|
|
if (table_type == TABLE_TYPE_VIRTUAL) {
|
|
|
|
|
//find physical table id
|
2023-02-07 11:25:31 +08:00
|
|
|
void *virtual_schema = table_manager_get_schema(maat_instance->tbl_mgr, table_id);
|
|
|
|
|
physical_table_id = virtual_table_get_physical_table_id(virtual_schema, SCAN_TYPE_STRING);
|
2023-02-06 08:14:25 +08:00
|
|
|
if (physical_table_id < 0) {
|
|
|
|
|
return MAAT_SCAN_ERR;
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
physical_table_id = table_id;
|
|
|
|
|
}
|
2023-01-30 21:59:35 +08:00
|
|
|
|
2023-02-03 17:28:14 +08:00
|
|
|
if (NULL == maat_instance->maat_rt) {
|
|
|
|
|
log_error(maat_instance->logger, MODULE_MAAT_API,
|
|
|
|
|
"maat_scan_string error because of maat_runtime is NULL");
|
|
|
|
|
return MAAT_SCAN_OK;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
maat_runtime_ref_inc(maat_instance->maat_rt, thread_id);
|
|
|
|
|
|
2023-02-07 11:25:31 +08:00
|
|
|
table_type = table_manager_get_table_type(maat_instance->tbl_mgr, physical_table_id);
|
2023-02-03 17:28:14 +08:00
|
|
|
if ((table_type == TABLE_TYPE_EXPR_PLUS) &&
|
|
|
|
|
(NULL == mid || DISTRICT_FLAG_UNSET == mid->is_set_district)) {
|
|
|
|
|
maat_instance->scan_err_cnt++;
|
|
|
|
|
return MAAT_SCAN_ERR;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
alignment_int64_array_add(maat_instance->thread_call_cnt, thread_id, 1);
|
|
|
|
|
|
2023-01-30 21:59:35 +08:00
|
|
|
int group_ids[MAX_SCANNER_HIT_GROUP_NUM] = {-1};
|
2023-02-03 17:28:14 +08:00
|
|
|
void *expr_rt = table_manager_get_runtime(maat_instance->tbl_mgr, table_id);
|
|
|
|
|
if (NULL == expr_rt) {
|
|
|
|
|
return MAAT_SCAN_ERR;
|
|
|
|
|
}
|
|
|
|
|
|
2023-02-15 11:53:46 +08:00
|
|
|
int group_hit_cnt = expr_runtime_scan((struct expr_runtime *)expr_rt,
|
2023-02-16 11:13:23 +08:00
|
|
|
thread_id, data, data_len,
|
|
|
|
|
group_ids,
|
|
|
|
|
MAX_SCANNER_HIT_GROUP_NUM,
|
|
|
|
|
vtable_id, mid);
|
2023-01-31 20:39:53 +08:00
|
|
|
if (group_hit_cnt < 0) {
|
2023-02-03 17:28:14 +08:00
|
|
|
return MAAT_SCAN_ERR;
|
|
|
|
|
}
|
|
|
|
|
|
2023-02-09 22:13:15 +08:00
|
|
|
size_t n_hit_compile = 0;
|
2023-02-03 17:28:14 +08:00
|
|
|
if (group_hit_cnt > 0 || scan_status_should_compile_NOT(mid)) {
|
|
|
|
|
// come here means group_hit_cnt > 0, at least MAAT_SCAN_HALF_HIT, or MAAT_SCAN_HIT
|
|
|
|
|
if (group_hit_cnt > 0) {
|
|
|
|
|
expr_runtime_scan_hit_inc((struct expr_runtime *)expr_rt, thread_id);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
int compile_table_id = -1;
|
|
|
|
|
if (mid->compile_table_id == -1) {
|
|
|
|
|
compile_table_id = maat_instance->default_compile_table_id;
|
|
|
|
|
} else {
|
|
|
|
|
compile_table_id = mid->compile_table_id;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void *compile_rt = table_manager_get_runtime(maat_instance->tbl_mgr, compile_table_id);
|
2023-02-09 22:13:15 +08:00
|
|
|
n_hit_compile = hit_group_to_compile(compile_rt, results, n_result, mid);
|
|
|
|
|
*n_hit_result = n_hit_compile;
|
2023-02-03 17:28:14 +08:00
|
|
|
|
|
|
|
|
assert(mid->is_last_scan < LAST_SCAN_FINISHED);
|
|
|
|
|
if (LAST_SCAN_SET == mid->is_last_scan) {
|
|
|
|
|
mid->is_last_scan = LAST_SCAN_FINISHED;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2023-02-09 22:13:15 +08:00
|
|
|
if (n_hit_compile > 0) {
|
2023-02-03 17:28:14 +08:00
|
|
|
alignment_int64_array_add(maat_instance->hit_cnt, thread_id, 1);
|
2023-02-09 22:13:15 +08:00
|
|
|
if (0 == group_hit_cnt) {
|
|
|
|
|
//hit NOT group
|
|
|
|
|
alignment_int64_array_add(maat_instance->not_grp_hit_cnt, thread_id, 1);
|
|
|
|
|
}
|
|
|
|
|
return MAAT_SCAN_HIT;
|
|
|
|
|
} else {
|
|
|
|
|
// n_hit_compile == 0
|
|
|
|
|
if (group_hit_cnt > 0) {
|
|
|
|
|
return MAAT_SCAN_HALF_HIT;
|
|
|
|
|
}
|
2023-01-30 21:59:35 +08:00
|
|
|
}
|
2023-02-03 17:28:14 +08:00
|
|
|
|
|
|
|
|
maat_runtime_ref_dec(maat_instance->maat_rt, thread_id);
|
|
|
|
|
|
2023-02-09 22:13:15 +08:00
|
|
|
return MAAT_SCAN_OK;
|
2022-11-17 05:05:35 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
struct maat_stream *maat_scan_stream_open(struct maat *instance, int table_id, int thread_id)
|
|
|
|
|
{
|
|
|
|
|
return NULL;
|
|
|
|
|
}
|
2022-10-27 17:58:52 +08:00
|
|
|
|
2023-02-03 17:28:14 +08:00
|
|
|
int maat_scan_stream(struct maat_stream **stream, int thread_id,
|
|
|
|
|
const char *data, int data_len, int results[],
|
|
|
|
|
size_t *n_result, struct maat_state **state)
|
2022-11-17 05:05:35 +08:00
|
|
|
{
|
2022-10-27 17:58:52 +08:00
|
|
|
return 0;
|
2022-11-17 05:05:35 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void maat_scan_stream_close(struct maat_stream **stream)
|
|
|
|
|
{
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
2023-02-03 17:28:14 +08:00
|
|
|
int maat_state_set_scan_district(struct maat *maat_instance,
|
|
|
|
|
struct maat_state **state,
|
|
|
|
|
const char *district,
|
|
|
|
|
size_t district_len)
|
2022-12-14 15:28:21 +08:00
|
|
|
{
|
2023-02-03 17:28:14 +08:00
|
|
|
if (NULL == maat_instance->maat_rt || NULL == district ||
|
|
|
|
|
district_len <= 0) {
|
2023-01-30 21:59:35 +08:00
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
struct maat_state *mid = grab_state(state, maat_instance, -1);
|
2023-02-03 17:28:14 +08:00
|
|
|
int ret = table_manager_set_scan_district(maat_instance->tbl_mgr,
|
|
|
|
|
district, district_len,
|
|
|
|
|
&(mid->district_id));
|
|
|
|
|
if (ret < 0) {
|
2023-01-30 21:59:35 +08:00
|
|
|
mid->district_id = DISTRICT_UNKNOWN;
|
|
|
|
|
}
|
2022-12-14 15:28:21 +08:00
|
|
|
|
2023-02-03 17:28:14 +08:00
|
|
|
mid->is_set_district = DISTRICT_FLAG_SET;
|
2023-01-30 21:59:35 +08:00
|
|
|
|
|
|
|
|
return 0;
|
2022-12-14 15:28:21 +08:00
|
|
|
}
|
|
|
|
|
|
2023-01-30 21:59:35 +08:00
|
|
|
int maat_state_set_last_scan(struct maat *maat_instance, struct maat_state **state)
|
2022-12-14 15:28:21 +08:00
|
|
|
{
|
2023-01-30 21:59:35 +08:00
|
|
|
if (NULL == maat_instance->maat_rt) {
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
2022-12-14 15:28:21 +08:00
|
|
|
|
2023-01-30 21:59:35 +08:00
|
|
|
struct maat_state *mid = grab_state(state, maat_instance, -1);
|
2023-02-03 17:28:14 +08:00
|
|
|
assert(mid->is_last_scan == LAST_SCAN_UNSET);
|
|
|
|
|
mid->is_last_scan = LAST_SCAN_SET;
|
2023-01-30 21:59:35 +08:00
|
|
|
|
|
|
|
|
return 0;
|
2022-12-14 15:28:21 +08:00
|
|
|
}
|
|
|
|
|
|
2023-01-31 20:39:53 +08:00
|
|
|
int maat_state_set_scan_compile_table(struct maat *maat_instance, struct maat_state **state,
|
|
|
|
|
int compile_table_id)
|
2023-01-06 18:54:59 +08:00
|
|
|
{
|
2023-01-30 21:59:35 +08:00
|
|
|
if (NULL == maat_instance->maat_rt) {
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
2023-01-06 18:54:59 +08:00
|
|
|
|
2023-01-30 21:59:35 +08:00
|
|
|
struct maat_state *mid = grab_state(state, maat_instance, -1);
|
|
|
|
|
mid->compile_table_id = compile_table_id;
|
|
|
|
|
|
|
|
|
|
return 0;
|
2023-01-06 18:54:59 +08:00
|
|
|
}
|
|
|
|
|
|
2023-02-03 17:28:14 +08:00
|
|
|
size_t maat_get_hit_paths(struct maat *maat_instance, struct maat_state *state,
|
2023-01-31 20:39:53 +08:00
|
|
|
struct maat_hit_path *paths, size_t n_path)
|
2022-11-17 05:05:35 +08:00
|
|
|
{
|
2023-01-30 21:59:35 +08:00
|
|
|
int compile_table_id = -1;
|
|
|
|
|
|
2023-02-03 17:28:14 +08:00
|
|
|
if (state->compile_table_id == -1) {
|
2023-01-30 21:59:35 +08:00
|
|
|
compile_table_id = maat_instance->default_compile_table_id;
|
|
|
|
|
} else {
|
2023-02-03 17:28:14 +08:00
|
|
|
compile_table_id = state->compile_table_id;
|
2023-01-30 21:59:35 +08:00
|
|
|
}
|
2022-11-17 05:05:35 +08:00
|
|
|
|
2023-01-31 20:39:53 +08:00
|
|
|
void *compile_rt = table_manager_get_runtime(maat_instance->tbl_mgr, compile_table_id);
|
|
|
|
|
void *g2g_runtime = table_manager_get_runtime(maat_instance->tbl_mgr, maat_instance->g2g_table_id);
|
2023-02-03 17:28:14 +08:00
|
|
|
assert(NULL != compile_rt && NULL != g2g_runtime);
|
|
|
|
|
return compile_runtime_get_hit_paths((struct compile_runtime *)compile_rt,
|
|
|
|
|
(struct group2group_runtime *)g2g_runtime,
|
|
|
|
|
state->compile_state, paths, n_path);
|
2023-01-30 21:59:35 +08:00
|
|
|
}
|
|
|
|
|
|
2023-02-03 17:28:14 +08:00
|
|
|
size_t maat_get_hit_objects(struct maat_compile_state *compile_state,
|
|
|
|
|
struct maat_hit_object *objs, size_t n_objs)
|
2023-01-30 21:59:35 +08:00
|
|
|
{
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2023-01-31 20:39:53 +08:00
|
|
|
int maat_state_get_hit_paths(struct maat *maat_instance, struct maat_state **state,
|
|
|
|
|
struct maat_hit_path *paths, size_t n_path)
|
2023-01-30 21:59:35 +08:00
|
|
|
{
|
|
|
|
|
struct maat_state *mid = NULL;
|
|
|
|
|
|
|
|
|
|
mid = grab_state(state, maat_instance, 0);
|
2023-02-03 17:28:14 +08:00
|
|
|
if (NULL == mid->compile_state || NULL == maat_instance->maat_rt) {
|
2023-01-30 21:59:35 +08:00
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
int n_read = maat_get_hit_paths(mid->maat_instance, mid, paths, n_path);
|
|
|
|
|
|
|
|
|
|
return n_read;
|
|
|
|
|
}
|
|
|
|
|
|
2023-01-31 20:39:53 +08:00
|
|
|
int maat_state_get_hit_objects(struct maat *instance, struct maat_state **state,
|
|
|
|
|
struct maat_hit_object *objs, size_t n_obj)
|
2023-01-30 21:59:35 +08:00
|
|
|
{
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void maat_state_free(struct maat_state **state)
|
|
|
|
|
{
|
|
|
|
|
struct maat_state *mid = NULL;
|
|
|
|
|
if (NULL == *state) {
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
mid = *state;
|
|
|
|
|
if (mid->thread_id >= 0) {
|
2023-02-03 17:28:14 +08:00
|
|
|
alignment_int64_array_add(mid->maat_instance->outer_state_cnt, mid->thread_id, -1);
|
2023-01-30 21:59:35 +08:00
|
|
|
}
|
|
|
|
|
|
2023-02-03 17:28:14 +08:00
|
|
|
if (mid->compile_state != NULL) {
|
|
|
|
|
maat_compile_state_free(mid->compile_state);
|
|
|
|
|
mid->compile_state = NULL;
|
|
|
|
|
alignment_int64_array_add(mid->maat_instance->compile_state_cnt, mid->thread_id, -1);
|
2023-01-30 21:59:35 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
mid->maat_instance = NULL;
|
|
|
|
|
free(mid);
|
|
|
|
|
*state = NULL;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
int maat_hit_object_compile_id(struct maat *instance, struct maat_hit_object *obj)
|
|
|
|
|
{
|
|
|
|
|
return 0;
|
2023-02-03 17:28:14 +08:00
|
|
|
}
|
