rename attribute_name to field_name
This commit is contained in:
liuchang
@@ -25,14 +25,14 @@ extern "C"
|
||||
#include <netinet/in.h>
|
||||
#include <uuid/uuid.h>
|
||||
|
||||
#define MAX_ATTR_NAME_LEN 128
|
||||
#define MAX_FIELD_NAME_LEN 128
|
||||
|
||||
/* maat instance handle */
|
||||
struct maat;
|
||||
|
||||
struct maat_hit_path {
|
||||
int Nth_scan;
|
||||
char attribute_name[MAX_ATTR_NAME_LEN]; // 0 is not a attribute.
|
||||
char field_name[MAX_FIELD_NAME_LEN]; // 0 is not a field.
|
||||
int negate_option; // 1 means negate condition(condition)
|
||||
int condition_index; // 0 ~ 7
|
||||
uuid_t item_uuid;
|
||||
@@ -44,7 +44,7 @@ struct maat_hit_path {
|
||||
struct maat_hit_object {
|
||||
uuid_t item_uuid;
|
||||
uuid_t object_uuid;
|
||||
char attribute_name[MAX_ATTR_NAME_LEN];
|
||||
char field_name[MAX_FIELD_NAME_LEN];
|
||||
};
|
||||
|
||||
enum maat_scan_status {
|
||||
@@ -254,11 +254,11 @@ struct maat_state;
|
||||
* MAAT_SCAN_HALF_HIT
|
||||
* MAAT_SCAN_HIT
|
||||
*/
|
||||
int maat_scan_flag(struct maat *instance, const char *table_name, const char *attribute_name,
|
||||
int maat_scan_flag(struct maat *instance, const char *table_name, const char *field_name,
|
||||
long long flag, uuid_t *results, size_t n_result, size_t *n_hit_result,
|
||||
struct maat_state *state);
|
||||
|
||||
int maat_scan_integer(struct maat *instance, const char *table_name, const char *attribute_name,
|
||||
int maat_scan_integer(struct maat *instance, const char *table_name, const char *field_name,
|
||||
long long integer, uuid_t *results, size_t n_result, size_t *n_hit_result,
|
||||
struct maat_state *state);
|
||||
|
||||
@@ -266,34 +266,34 @@ int maat_scan_integer(struct maat *instance, const char *table_name, const char
|
||||
* @param ip_addr: ipv4 address in network order
|
||||
* @param port: port in host order. If the port is not specified, use -1. Note that 0 is a valid port.
|
||||
*/
|
||||
int maat_scan_ipv4_port(struct maat *instance, const char *table_name, const char *attribute_name,
|
||||
int maat_scan_ipv4_port(struct maat *instance, const char *table_name, const char *field_name,
|
||||
uint32_t ip_addr, int port, uuid_t *results, size_t n_result, size_t *n_hit_result,
|
||||
struct maat_state *state);
|
||||
|
||||
int maat_scan_ipv6_port(struct maat *instance, const char *table_name, const char *attribute_name,
|
||||
int maat_scan_ipv6_port(struct maat *instance, const char *table_name, const char *field_name,
|
||||
uint8_t *ip_addr, int port, uuid_t *results, size_t n_result, size_t *n_hit_result,
|
||||
struct maat_state *state);
|
||||
int maat_scan_ipv4(struct maat *instance, const char *table_name, const char *attribute_name,
|
||||
int maat_scan_ipv4(struct maat *instance, const char *table_name, const char *field_name,
|
||||
uint32_t ip_addr, uuid_t *results, size_t n_result, size_t *n_hit_result,
|
||||
struct maat_state *state);
|
||||
|
||||
int maat_scan_ipv6(struct maat *instance, const char *table_name, const char *attribute_name,
|
||||
int maat_scan_ipv6(struct maat *instance, const char *table_name, const char *field_name,
|
||||
uint8_t *ip_addr, uuid_t *results, size_t n_result, size_t *n_hit_result,
|
||||
struct maat_state *state);
|
||||
|
||||
int maat_scan_string(struct maat *instance, const char *table_name, const char *attribute_name,
|
||||
int maat_scan_string(struct maat *instance, const char *table_name, const char *field_name,
|
||||
const char *data, size_t data_len, uuid_t *results, size_t n_result,
|
||||
size_t *n_hit_result, struct maat_state *state);
|
||||
|
||||
int maat_scan_object(struct maat *instance, const char *table_name, const char *attribute_name,
|
||||
int maat_scan_object(struct maat *instance, const char *table_name, const char *field_name,
|
||||
struct maat_hit_object *objects, size_t n_object, uuid_t *results, size_t n_result,
|
||||
size_t *n_hit_result, struct maat_state *state);
|
||||
|
||||
int maat_scan_not_logic(struct maat *instance, const char *table_name, const char *attribute_name,
|
||||
int maat_scan_not_logic(struct maat *instance, const char *table_name, const char *field_name,
|
||||
uuid_t *results, size_t n_result, size_t *n_hit_result, struct maat_state *state);
|
||||
|
||||
struct maat_stream;
|
||||
struct maat_stream *maat_stream_new(struct maat *instance, const char *table_name, const char *attribute_name, struct maat_state *state);
|
||||
struct maat_stream *maat_stream_new(struct maat *instance, const char *table_name, const char *field_name, struct maat_state *state);
|
||||
|
||||
int maat_stream_scan(struct maat_stream *stream, const char *data, int data_len,
|
||||
uuid_t *results, size_t n_result, size_t *n_hit_result,
|
||||
|
||||
@@ -57,12 +57,12 @@ long long expr_runtime_get_version(void *expr_runtime);
|
||||
* @retval the num of hit object_id
|
||||
*/
|
||||
int expr_runtime_scan(struct expr_runtime *expr_rt, int thread_id, const char *data,
|
||||
size_t data_len, const char *attribute_name, struct maat_state *state);
|
||||
size_t data_len, const char *field_name, struct maat_state *state);
|
||||
|
||||
struct expr_runtime_stream *expr_runtime_stream_open(struct expr_runtime *expr_rt, int thread_id);
|
||||
|
||||
int expr_runtime_stream_scan(struct expr_runtime_stream *expr_rt_stream, const char *data,
|
||||
size_t data_len, const char *attribute_name, struct maat_state *state);
|
||||
size_t data_len, const char *field_name, struct maat_state *state);
|
||||
|
||||
void expr_runtime_stream_close(struct expr_runtime_stream *expr_rt_stream);
|
||||
|
||||
|
||||
@@ -48,7 +48,7 @@ long long flag_runtime_rule_count(void *flag_runtime);
|
||||
* @retval the num of hit object_id
|
||||
*/
|
||||
int flag_runtime_scan(struct flag_runtime *flag_rt, int thread_id, long long flag,
|
||||
const char *attribute_name, struct maat_state *state);
|
||||
const char *field_name, struct maat_state *state);
|
||||
|
||||
void flag_runtime_perf_stat(struct flag_runtime *flag_rt, struct timespec *start,
|
||||
struct timespec *end, int thread_id);
|
||||
|
||||
@@ -49,7 +49,7 @@ long long interval_runtime_rule_count(void *interval_runtime);
|
||||
* @retval the num of hit object_id
|
||||
*/
|
||||
int interval_runtime_scan(struct interval_runtime *interval_rt, int thread_id,
|
||||
long long integer, const char *attribute_name, struct maat_state *state);
|
||||
long long integer, const char *field_name, struct maat_state *state);
|
||||
|
||||
void interval_runtime_perf_stat(struct interval_runtime *interval_rt,
|
||||
struct timespec *start, struct timespec *end,
|
||||
|
||||
@@ -42,7 +42,7 @@ long long ip_runtime_ipv6_rule_count(void *ip_runtime);
|
||||
|
||||
/* ip runtime scan API */
|
||||
int ip_runtime_scan(struct ip_runtime *ip_rt, int thread_id, int ip_type,
|
||||
uint8_t *ip_addr, int port, const char *attribute_name, struct maat_state *state);
|
||||
uint8_t *ip_addr, int port, const char *field_name, struct maat_state *state);
|
||||
|
||||
void ip_runtime_perf_stat(struct ip_runtime *ip_rt, struct timespec *start,
|
||||
struct timespec *end, int thread_id);
|
||||
|
||||
@@ -69,14 +69,14 @@ void rule_compile_state_free(struct rule_compile_state *rule_compile_state,
|
||||
struct maat *maat_instance, int thread_id);
|
||||
|
||||
int rule_compile_state_update(struct maat_state *maat_state, struct maat *maat_inst,
|
||||
const char *attribute_name, int custom_rule_tbl_id, int Nth_scan,
|
||||
const char *field_name, int custom_rule_tbl_id, int Nth_scan,
|
||||
struct maat_item *hit_items, size_t n_hit_item);
|
||||
|
||||
void rule_compile_state_clear_last_hit_object(struct rule_compile_state *rule_state);
|
||||
|
||||
void rule_compile_state_not_logic_update(struct rule_compile_state *rule_compile_state,
|
||||
struct rule_runtime *rule_rt,
|
||||
struct maat *maat_inst, const char *attribute_name,
|
||||
struct maat *maat_inst, const char *field_name,
|
||||
int Nth_scan);
|
||||
|
||||
size_t rule_compile_state_get_internal_hit_paths(struct maat_state *maat_state,
|
||||
|
||||
@@ -56,7 +56,7 @@ struct maat_stream {
|
||||
struct log_handle *logger;
|
||||
int thread_id;
|
||||
int table_id;
|
||||
char attribute_name[MAX_ATTR_NAME_LEN];
|
||||
char field_name[MAX_FIELD_NAME_LEN];
|
||||
};
|
||||
|
||||
struct maat_options* maat_options_new(void)
|
||||
@@ -1024,7 +1024,7 @@ int maat_bool_plugin_table_get_ex_data(struct maat *maat_inst, const char *table
|
||||
|
||||
static int
|
||||
flag_scan(struct table_manager *tbl_mgr, int thread_id, long long flag,
|
||||
int table_id, const char *attribute_name, struct maat_state *state)
|
||||
int table_id, const char *field_name, struct maat_state *state)
|
||||
{
|
||||
enum table_type table_type =
|
||||
table_manager_get_table_type(tbl_mgr, table_id);
|
||||
@@ -1041,7 +1041,7 @@ flag_scan(struct table_manager *tbl_mgr, int thread_id, long long flag,
|
||||
flag_runtime_scan_times_inc((struct flag_runtime *)flag_rt, thread_id);
|
||||
|
||||
int object_hit_cnt = flag_runtime_scan((struct flag_runtime *)flag_rt,
|
||||
thread_id, flag, attribute_name, state);
|
||||
thread_id, flag, field_name, state);
|
||||
if (object_hit_cnt <= 0) {
|
||||
return object_hit_cnt;
|
||||
}
|
||||
@@ -1053,7 +1053,7 @@ flag_scan(struct table_manager *tbl_mgr, int thread_id, long long flag,
|
||||
|
||||
static int
|
||||
interval_scan(struct table_manager *tbl_mgr, int thread_id, long long integer,
|
||||
int table_id, const char *attribute_name, struct maat_state *state)
|
||||
int table_id, const char *field_name, struct maat_state *state)
|
||||
{
|
||||
|
||||
enum table_type table_type =
|
||||
@@ -1071,7 +1071,7 @@ interval_scan(struct table_manager *tbl_mgr, int thread_id, long long integer,
|
||||
interval_runtime_scan_times_inc((struct interval_runtime *)interval_rt, thread_id);
|
||||
|
||||
int object_hit_cnt = interval_runtime_scan((struct interval_runtime *)interval_rt,
|
||||
thread_id, integer, attribute_name, state);
|
||||
thread_id, integer, field_name, state);
|
||||
if (object_hit_cnt <= 0) {
|
||||
return object_hit_cnt;
|
||||
}
|
||||
@@ -1083,7 +1083,7 @@ interval_scan(struct table_manager *tbl_mgr, int thread_id, long long integer,
|
||||
|
||||
static int
|
||||
ipv4_scan(struct table_manager *tbl_mgr, int thread_id, uint32_t ip_addr,
|
||||
int port, int table_id, const char *attribute_name, struct maat_state *state)
|
||||
int port, int table_id, const char *field_name, struct maat_state *state)
|
||||
{
|
||||
|
||||
enum table_type table_type =
|
||||
@@ -1100,7 +1100,7 @@ ipv4_scan(struct table_manager *tbl_mgr, int thread_id, uint32_t ip_addr,
|
||||
ip_runtime_scan_times_inc(ip_rt, thread_id);
|
||||
|
||||
int object_hit_cnt = ip_runtime_scan((struct ip_runtime *)ip_rt, thread_id, IPv4,
|
||||
(uint8_t *)&ip_addr, port, attribute_name, state);
|
||||
(uint8_t *)&ip_addr, port, field_name, state);
|
||||
if (object_hit_cnt <= 0) {
|
||||
return object_hit_cnt;
|
||||
}
|
||||
@@ -1112,7 +1112,7 @@ ipv4_scan(struct table_manager *tbl_mgr, int thread_id, uint32_t ip_addr,
|
||||
|
||||
static int
|
||||
ipv6_scan(struct table_manager *tbl_mgr, int thread_id, uint8_t *ip_addr,
|
||||
int port, int table_id, const char *attribute_name, struct maat_state *state)
|
||||
int port, int table_id, const char *field_name, struct maat_state *state)
|
||||
{
|
||||
|
||||
enum table_type table_type =
|
||||
@@ -1129,7 +1129,7 @@ ipv6_scan(struct table_manager *tbl_mgr, int thread_id, uint8_t *ip_addr,
|
||||
ip_runtime_scan_times_inc(ip_rt, thread_id);
|
||||
|
||||
int object_hit_cnt = ip_runtime_scan((struct ip_runtime *)ip_rt, thread_id, IPv6,
|
||||
ip_addr, port, attribute_name, state);
|
||||
ip_addr, port, field_name, state);
|
||||
if (object_hit_cnt <= 0) {
|
||||
return object_hit_cnt;
|
||||
}
|
||||
@@ -1142,7 +1142,7 @@ ipv6_scan(struct table_manager *tbl_mgr, int thread_id, uint8_t *ip_addr,
|
||||
static int
|
||||
string_scan(struct table_manager *tbl_mgr, int thread_id,
|
||||
const char *data, size_t data_len, int table_id,
|
||||
const char *attribute_name, struct maat_state *state)
|
||||
const char *field_name, struct maat_state *state)
|
||||
{
|
||||
enum table_type table_type =
|
||||
table_manager_get_table_type(tbl_mgr, table_id);
|
||||
@@ -1161,7 +1161,7 @@ string_scan(struct table_manager *tbl_mgr, int thread_id,
|
||||
|
||||
int object_hit_cnt = expr_runtime_scan((struct expr_runtime *)expr_rt,
|
||||
thread_id, data, data_len,
|
||||
attribute_name, state);
|
||||
field_name, state);
|
||||
if (object_hit_cnt <= 0) {
|
||||
return object_hit_cnt;
|
||||
}
|
||||
@@ -1192,7 +1192,7 @@ object_to_rule(struct maat *maat_inst, uuid_t *results, size_t n_result,
|
||||
results, n_result, state);
|
||||
}
|
||||
|
||||
int maat_scan_flag(struct maat *maat_inst, const char *table_name, const char *attribute_name,
|
||||
int maat_scan_flag(struct maat *maat_inst, const char *table_name, const char *field_name,
|
||||
long long flag, uuid_t *results, size_t n_result,
|
||||
size_t *n_hit_result, struct maat_state *state)
|
||||
{
|
||||
@@ -1228,7 +1228,7 @@ int maat_scan_flag(struct maat *maat_inst, const char *table_name, const char *a
|
||||
|
||||
alignment_int64_array_add(maat_inst->stat->thread_call_cnt, state->thread_id, 1);
|
||||
int hit_object_cnt = flag_scan(maat_inst->tbl_mgr, state->thread_id, flag,
|
||||
table_id, attribute_name, state);
|
||||
table_id, field_name, state);
|
||||
if (hit_object_cnt < 0) {
|
||||
maat_inst->stat->scan_err_cnt++;
|
||||
return MAAT_SCAN_ERR;
|
||||
@@ -1268,7 +1268,7 @@ int maat_scan_flag(struct maat *maat_inst, const char *table_name, const char *a
|
||||
}
|
||||
}
|
||||
|
||||
int maat_scan_integer(struct maat *maat_inst, const char *table_name, const char *attribute_name,
|
||||
int maat_scan_integer(struct maat *maat_inst, const char *table_name, const char *field_name,
|
||||
long long integer, uuid_t *results, size_t n_result,
|
||||
size_t *n_hit_result, struct maat_state *state)
|
||||
{
|
||||
@@ -1304,7 +1304,7 @@ int maat_scan_integer(struct maat *maat_inst, const char *table_name, const char
|
||||
|
||||
alignment_int64_array_add(maat_inst->stat->thread_call_cnt, state->thread_id, 1);
|
||||
int hit_object_cnt = interval_scan(maat_inst->tbl_mgr, state->thread_id, integer,
|
||||
table_id, attribute_name, state);
|
||||
table_id, field_name, state);
|
||||
if (hit_object_cnt < 0) {
|
||||
maat_inst->stat->scan_err_cnt++;
|
||||
return MAAT_SCAN_ERR;
|
||||
@@ -1344,7 +1344,7 @@ int maat_scan_integer(struct maat *maat_inst, const char *table_name, const char
|
||||
}
|
||||
}
|
||||
|
||||
int maat_scan_ipv4_port(struct maat *maat_inst, const char *table_name, const char *attribute_name,
|
||||
int maat_scan_ipv4_port(struct maat *maat_inst, const char *table_name, const char *field_name,
|
||||
uint32_t ip_addr, int port, uuid_t *results, size_t n_result,
|
||||
size_t *n_hit_result, struct maat_state *state)
|
||||
{
|
||||
@@ -1380,7 +1380,7 @@ int maat_scan_ipv4_port(struct maat *maat_inst, const char *table_name, const ch
|
||||
|
||||
alignment_int64_array_add(maat_inst->stat->thread_call_cnt, state->thread_id, 1);
|
||||
int hit_object_cnt = ipv4_scan(maat_inst->tbl_mgr, state->thread_id, ip_addr, port,
|
||||
table_id, attribute_name, state);
|
||||
table_id, field_name, state);
|
||||
if (hit_object_cnt < 0) {
|
||||
maat_inst->stat->scan_err_cnt++;
|
||||
return MAAT_SCAN_ERR;
|
||||
@@ -1420,7 +1420,7 @@ int maat_scan_ipv4_port(struct maat *maat_inst, const char *table_name, const ch
|
||||
}
|
||||
}
|
||||
|
||||
int maat_scan_ipv6_port(struct maat *maat_inst, const char *table_name, const char *attribute_name,
|
||||
int maat_scan_ipv6_port(struct maat *maat_inst, const char *table_name, const char *field_name,
|
||||
uint8_t *ip_addr, int port, uuid_t *results, size_t n_result,
|
||||
size_t *n_hit_result, struct maat_state *state)
|
||||
{
|
||||
@@ -1456,7 +1456,7 @@ int maat_scan_ipv6_port(struct maat *maat_inst, const char *table_name, const ch
|
||||
|
||||
alignment_int64_array_add(maat_inst->stat->thread_call_cnt, state->thread_id, 1);
|
||||
int hit_object_cnt = ipv6_scan(maat_inst->tbl_mgr, state->thread_id, ip_addr, port,
|
||||
table_id, attribute_name, state);
|
||||
table_id, field_name, state);
|
||||
if (hit_object_cnt < 0) {
|
||||
maat_inst->stat->scan_err_cnt++;
|
||||
return MAAT_SCAN_ERR;
|
||||
@@ -1497,23 +1497,23 @@ int maat_scan_ipv6_port(struct maat *maat_inst, const char *table_name, const ch
|
||||
}
|
||||
|
||||
#define PORT_IGNORED -1
|
||||
inline int maat_scan_ipv6(struct maat *instance, const char *table_name, const char *attribute_name,
|
||||
inline int maat_scan_ipv6(struct maat *instance, const char *table_name, const char *field_name,
|
||||
uint8_t *ip_addr, uuid_t *results, size_t n_result, size_t *n_hit_result,
|
||||
struct maat_state *state)
|
||||
{
|
||||
return maat_scan_ipv6_port(instance, table_name, attribute_name, ip_addr, PORT_IGNORED,
|
||||
return maat_scan_ipv6_port(instance, table_name, field_name, ip_addr, PORT_IGNORED,
|
||||
results, n_result, n_hit_result, state);
|
||||
}
|
||||
|
||||
inline int maat_scan_ipv4(struct maat *instance, const char *table_name, const char *attribute_name,
|
||||
inline int maat_scan_ipv4(struct maat *instance, const char *table_name, const char *field_name,
|
||||
uint32_t ip_addr, uuid_t *results, size_t n_result, size_t *n_hit_result,
|
||||
struct maat_state *state)
|
||||
{
|
||||
return maat_scan_ipv4_port(instance, table_name, attribute_name, ip_addr, PORT_IGNORED,
|
||||
return maat_scan_ipv4_port(instance, table_name, field_name, ip_addr, PORT_IGNORED,
|
||||
results, n_result, n_hit_result, state);
|
||||
}
|
||||
|
||||
int maat_scan_string(struct maat *maat_inst, const char *table_name, const char *attribute_name,
|
||||
int maat_scan_string(struct maat *maat_inst, const char *table_name, const char *field_name,
|
||||
const char *data, size_t data_len, uuid_t *results, size_t n_result,
|
||||
size_t *n_hit_result, struct maat_state *state)
|
||||
{
|
||||
@@ -1550,7 +1550,7 @@ int maat_scan_string(struct maat *maat_inst, const char *table_name, const char
|
||||
|
||||
alignment_int64_array_add(maat_inst->stat->thread_call_cnt, state->thread_id, 1);
|
||||
int hit_object_cnt = string_scan(maat_inst->tbl_mgr, state->thread_id, data,
|
||||
data_len, table_id, attribute_name, state);
|
||||
data_len, table_id, field_name, state);
|
||||
if (hit_object_cnt < 0) {
|
||||
maat_inst->stat->scan_err_cnt++;
|
||||
return MAAT_SCAN_ERR;
|
||||
@@ -1590,7 +1590,7 @@ int maat_scan_string(struct maat *maat_inst, const char *table_name, const char
|
||||
}
|
||||
}
|
||||
|
||||
static void maat_state_add_hit_object(struct maat_state *state, const char *attribute_name,
|
||||
static void maat_state_add_hit_object(struct maat_state *state, const char *field_name,
|
||||
struct maat_hit_object *objects, size_t n_object)
|
||||
{
|
||||
struct maat *maat_inst = state->maat_inst;
|
||||
@@ -1617,13 +1617,13 @@ static void maat_state_add_hit_object(struct maat_state *state, const char *attr
|
||||
uuid_copy(hit_items[i].object_uuid, objects[i].object_uuid);
|
||||
}
|
||||
|
||||
rule_compile_state_update(state, maat_inst, attribute_name,
|
||||
rule_compile_state_update(state, maat_inst, field_name,
|
||||
state->rule_table_id, state->Nth_scan,
|
||||
hit_items, n_hit_item);
|
||||
}
|
||||
|
||||
static void
|
||||
maat_state_activate_hit_not_object(struct maat_state *state, const char *attribute_name)
|
||||
maat_state_activate_hit_not_object(struct maat_state *state, const char *field_name)
|
||||
{
|
||||
if (NULL == state) {
|
||||
return;
|
||||
@@ -1648,10 +1648,10 @@ maat_state_activate_hit_not_object(struct maat_state *state, const char *attribu
|
||||
}
|
||||
|
||||
rule_compile_state_not_logic_update(state->rule_compile_state, rule_rt, maat_inst,
|
||||
attribute_name, state->Nth_scan);
|
||||
field_name, state->Nth_scan);
|
||||
}
|
||||
|
||||
int maat_scan_object(struct maat *maat_inst, const char *table_name, const char *attribute_name,
|
||||
int maat_scan_object(struct maat *maat_inst, const char *table_name, const char *field_name,
|
||||
struct maat_hit_object *objects, size_t n_object,
|
||||
uuid_t *results, size_t n_result,
|
||||
size_t *n_hit_result, struct maat_state *state)
|
||||
@@ -1678,7 +1678,7 @@ int maat_scan_object(struct maat *maat_inst, const char *table_name, const char
|
||||
maat_runtime_ref_inc(maat_rt, state->thread_id);
|
||||
alignment_int64_array_add(maat_inst->stat->thread_call_cnt, state->thread_id, 1);
|
||||
|
||||
maat_state_add_hit_object(state, attribute_name, objects, n_object);
|
||||
maat_state_add_hit_object(state, field_name, objects, n_object);
|
||||
size_t hit_rule_cnt = object_to_rule(maat_inst, results, n_result, state);
|
||||
*n_hit_result = hit_rule_cnt;
|
||||
|
||||
@@ -1692,7 +1692,7 @@ int maat_scan_object(struct maat *maat_inst, const char *table_name, const char
|
||||
return MAAT_SCAN_OK;
|
||||
}
|
||||
|
||||
int maat_scan_not_logic(struct maat *maat_inst, const char *table_name, const char *attribute_name,
|
||||
int maat_scan_not_logic(struct maat *maat_inst, const char *table_name, const char *field_name,
|
||||
uuid_t *results, size_t n_result,
|
||||
size_t *n_hit_result, struct maat_state *state)
|
||||
{
|
||||
@@ -1713,7 +1713,7 @@ int maat_scan_not_logic(struct maat *maat_inst, const char *table_name, const ch
|
||||
maat_runtime_ref_inc(maat_rt, state->thread_id);
|
||||
alignment_int64_array_add(maat_inst->stat->thread_call_cnt, state->thread_id, 1);
|
||||
|
||||
maat_state_activate_hit_not_object(state, attribute_name);
|
||||
maat_state_activate_hit_not_object(state, field_name);
|
||||
size_t hit_rule_cnt = object_to_rule(maat_inst, results, n_result, state);
|
||||
*n_hit_result = hit_rule_cnt;
|
||||
|
||||
@@ -1727,7 +1727,7 @@ int maat_scan_not_logic(struct maat *maat_inst, const char *table_name, const ch
|
||||
return MAAT_SCAN_OK;
|
||||
}
|
||||
|
||||
struct maat_stream *maat_stream_new(struct maat *maat_inst, const char *table_name, const char *attribute_name, struct maat_state *state)
|
||||
struct maat_stream *maat_stream_new(struct maat *maat_inst, const char *table_name, const char *field_name, struct maat_state *state)
|
||||
{
|
||||
if ((NULL == maat_inst) || (NULL == state) || (state->thread_id < 0)) {
|
||||
return NULL;
|
||||
@@ -1738,7 +1738,7 @@ struct maat_stream *maat_stream_new(struct maat *maat_inst, const char *table_na
|
||||
stream->last_full_version = maat_inst->last_full_version;
|
||||
stream->thread_id = state->thread_id;
|
||||
stream->table_id = table_manager_get_table_id(maat_inst->tbl_mgr, table_name);
|
||||
snprintf(stream->attribute_name, sizeof(stream->attribute_name), "%s", attribute_name);
|
||||
snprintf(stream->field_name, sizeof(stream->field_name), "%s", field_name);
|
||||
stream->logger = maat_inst->logger;
|
||||
|
||||
enum table_type table_type = TABLE_TYPE_INVALID;
|
||||
@@ -1797,7 +1797,7 @@ static int expr_stream_scan(struct maat_stream *stream, const char *data,
|
||||
data_len);
|
||||
|
||||
int object_hit_cnt = expr_runtime_stream_scan(stream->expr_rt_stream, data,
|
||||
data_len, stream->attribute_name, state);
|
||||
data_len, stream->field_name, state);
|
||||
if (object_hit_cnt <= 0) {
|
||||
return object_hit_cnt;
|
||||
}
|
||||
|
||||
@@ -348,10 +348,10 @@ void convert_maat_json_rule(cJSON **json_root, unsigned char *json_buff)
|
||||
/*
|
||||
"rules": [ "items":[
|
||||
{ {
|
||||
"uuid": "201", "table_name": "ATTR_APP_ID",
|
||||
"uuid": "201", "table_name": "FIELD_APP_ID",
|
||||
"conditions": [ "table_content": {
|
||||
{ "uuid": "1",
|
||||
"attribute_name": "ATTR_APP_ID", "object_uuid": "1",
|
||||
"field_name": "FIELD_APP_ID", "object_uuid": "1",
|
||||
"objects": [ "interval": "4001"
|
||||
{
|
||||
"items":[ --------------> }
|
||||
@@ -363,7 +363,7 @@ void convert_maat_json_rule(cJSON **json_root, unsigned char *json_buff)
|
||||
] "uuid": "201",
|
||||
} "conditions": [
|
||||
], {
|
||||
"misc": "blah, blah" "attribute_name": "ATTR_APP_ID",
|
||||
"misc": "blah, blah" "field_name": "FIELD_APP_ID",
|
||||
} "object_uuids": ["1"]
|
||||
] }
|
||||
]
|
||||
|
||||
@@ -813,7 +813,7 @@ long long expr_runtime_get_version(void *expr_runtime)
|
||||
|
||||
int expr_runtime_scan(struct expr_runtime *expr_rt, int thread_id,
|
||||
const char *data, size_t data_len,
|
||||
const char *attribute_name, struct maat_state *state)
|
||||
const char *field_name, struct maat_state *state)
|
||||
{
|
||||
//clear rule_state->last_hit_object
|
||||
if (state != NULL && state->rule_compile_state != NULL) {
|
||||
@@ -877,7 +877,7 @@ next:
|
||||
state->thread_id, 1);
|
||||
}
|
||||
|
||||
return rule_compile_state_update(state, state->maat_inst, attribute_name,
|
||||
return rule_compile_state_update(state, state->maat_inst, field_name,
|
||||
state->rule_table_id, state->Nth_scan,
|
||||
hit_maat_items, real_hit_item_num);
|
||||
}
|
||||
@@ -903,7 +903,7 @@ expr_runtime_stream_open(struct expr_runtime *expr_rt, int thread_id)
|
||||
|
||||
int expr_runtime_stream_scan(struct expr_runtime_stream *expr_rt_stream,
|
||||
const char *data, size_t data_len,
|
||||
const char *attribute_name, struct maat_state *state)
|
||||
const char *field_name, struct maat_state *state)
|
||||
{
|
||||
struct expr_runtime *expr_rt = expr_rt_stream->ref_expr_rt;
|
||||
|
||||
@@ -970,7 +970,7 @@ next:
|
||||
state->thread_id, 1);
|
||||
}
|
||||
|
||||
return rule_compile_state_update(state, state->maat_inst, attribute_name,
|
||||
return rule_compile_state_update(state, state->maat_inst, field_name,
|
||||
state->rule_table_id, state->Nth_scan,
|
||||
hit_maat_items, real_hit_item_cnt);
|
||||
}
|
||||
|
||||
@@ -401,7 +401,7 @@ long long flag_runtime_rule_count(void *flag_runtime)
|
||||
}
|
||||
|
||||
int flag_runtime_scan(struct flag_runtime *flag_rt, int thread_id,
|
||||
long long flag, const char *attribute_name, struct maat_state *state)
|
||||
long long flag, const char *field_name, struct maat_state *state)
|
||||
{
|
||||
//clear rule_state->last_hit_object
|
||||
if (state != NULL && state->rule_compile_state != NULL) {
|
||||
@@ -458,7 +458,7 @@ next:
|
||||
state->thread_id, 1);
|
||||
}
|
||||
|
||||
return rule_compile_state_update(state, state->maat_inst, attribute_name,
|
||||
return rule_compile_state_update(state, state->maat_inst, field_name,
|
||||
state->rule_table_id, state->Nth_scan,
|
||||
hit_maat_items, real_hit_item_cnt);
|
||||
}
|
||||
|
||||
@@ -409,7 +409,7 @@ long long interval_runtime_rule_count(void *interval_runtime)
|
||||
}
|
||||
|
||||
int interval_runtime_scan(struct interval_runtime *interval_rt, int thread_id,
|
||||
long long integer, const char *attribute_name, struct maat_state *state)
|
||||
long long integer, const char *field_name, struct maat_state *state)
|
||||
{
|
||||
//clear rule_state->last_hit_object
|
||||
if (state != NULL && state->rule_compile_state != NULL) {
|
||||
@@ -466,7 +466,7 @@ next:
|
||||
state->thread_id, 1);
|
||||
}
|
||||
|
||||
return rule_compile_state_update(state, state->maat_inst, attribute_name,
|
||||
return rule_compile_state_update(state, state->maat_inst, field_name,
|
||||
state->rule_table_id, state->Nth_scan,
|
||||
hit_maat_items, real_hit_item_cnt);
|
||||
}
|
||||
|
||||
@@ -475,7 +475,7 @@ long long ip_runtime_ipv6_rule_count(void *ip_runtime)
|
||||
}
|
||||
|
||||
int ip_runtime_scan(struct ip_runtime *ip_rt, int thread_id, int ip_type,
|
||||
uint8_t *ip_addr, int port, const char *attribute_name, struct maat_state *state)
|
||||
uint8_t *ip_addr, int port, const char *field_name, struct maat_state *state)
|
||||
{
|
||||
//clear rule_state->last_hit_object
|
||||
if (state != NULL && state->rule_compile_state != NULL) {
|
||||
@@ -553,7 +553,7 @@ next:
|
||||
state->thread_id, 1);
|
||||
}
|
||||
|
||||
return rule_compile_state_update(state, state->maat_inst, attribute_name,
|
||||
return rule_compile_state_update(state, state->maat_inst, field_name,
|
||||
state->rule_table_id, state->Nth_scan,
|
||||
hit_maat_items, real_hit_item_cnt);
|
||||
}
|
||||
|
||||
136
src/maat_rule.c
136
src/maat_rule.c
@@ -50,7 +50,7 @@ struct rule_item {
|
||||
|
||||
struct condition_query_key {
|
||||
uuid_t object_uuid;
|
||||
char attribute_name[MAX_ATTR_NAME_LEN];
|
||||
char field_name[MAX_FIELD_NAME_LEN];
|
||||
int negate_option;
|
||||
};
|
||||
|
||||
@@ -61,15 +61,15 @@ struct condition_id_kv {
|
||||
};
|
||||
|
||||
struct table_condition {
|
||||
char attribute_name[MAX_ATTR_NAME_LEN];
|
||||
char field_name[MAX_FIELD_NAME_LEN];
|
||||
int actual_condition_num;
|
||||
UT_array *condition_ids;
|
||||
UT_array *object_ids;
|
||||
UT_hash_handle hh;
|
||||
};
|
||||
|
||||
struct negate_attribute_object {
|
||||
char attribute_name[MAX_ATTR_NAME_LEN];
|
||||
struct negate_field_object {
|
||||
char field_name[MAX_FIELD_NAME_LEN];
|
||||
UT_array *object_uuids;
|
||||
UT_hash_handle hh;
|
||||
};
|
||||
@@ -83,7 +83,7 @@ struct rule_runtime {
|
||||
struct condition_id_kv *not_condition_id_kv_hash; //store NOT_condition_ids(negate_option == 1)
|
||||
struct bool_expr_match *expr_match_buff;
|
||||
struct maat_garbage_bin *ref_garbage_bin;
|
||||
struct table_condition *tbl_not_condition_hash; //each attribute's negate condition number <= MAX_NOT_CONDITION_NUM
|
||||
struct table_condition *tbl_not_condition_hash; //each field's negate condition number <= MAX_NOT_CONDITION_NUM
|
||||
struct log_handle *logger;
|
||||
time_t version;
|
||||
|
||||
@@ -94,7 +94,7 @@ struct rule_runtime {
|
||||
struct condition_literal {
|
||||
uuid_t object_uuids[MAX_OBJECT_CNT];
|
||||
int object_cnt;
|
||||
char attribute_name[MAX_ATTR_NAME_LEN];
|
||||
char field_name[MAX_FIELD_NAME_LEN];
|
||||
};
|
||||
|
||||
struct rule_condition {
|
||||
@@ -125,7 +125,7 @@ struct internal_hit_path {
|
||||
uuid_t object_uuid;
|
||||
int Nth_scan;
|
||||
int negate_option; // 1 means negate condition
|
||||
char attribute_name[MAX_ATTR_NAME_LEN];
|
||||
char field_name[MAX_FIELD_NAME_LEN];
|
||||
};
|
||||
|
||||
struct rule2table_id {
|
||||
@@ -147,7 +147,7 @@ struct rule_compile_state {
|
||||
UT_array *indirect_hit_objects;
|
||||
UT_array *last_hit_objects;
|
||||
UT_array *hit_rule_table_ids;
|
||||
struct negate_attribute_object *hit_negate_attribute_objects;
|
||||
struct negate_field_object *hit_negate_field_objects;
|
||||
};
|
||||
|
||||
UT_icd ut_condition_id_icd = {sizeof(long long), NULL, NULL, NULL};
|
||||
@@ -194,11 +194,11 @@ static void maat_rule_free(struct maat_rule *rule)
|
||||
}
|
||||
|
||||
static int validate_table_not_condition(struct rule_runtime *rule_rt,
|
||||
struct table_manager *tbl_mgr, const char *attribute_name,
|
||||
struct table_manager *tbl_mgr, const char *field_name,
|
||||
enum maat_operation op, struct log_handle *logger)
|
||||
{
|
||||
struct table_condition *not_condition = NULL;
|
||||
HASH_FIND_STR(rule_rt->tbl_not_condition_hash, attribute_name, not_condition);
|
||||
HASH_FIND_STR(rule_rt->tbl_not_condition_hash, field_name, not_condition);
|
||||
|
||||
if (MAAT_OP_DEL == op) {
|
||||
//delete
|
||||
@@ -211,14 +211,14 @@ static int validate_table_not_condition(struct rule_runtime *rule_rt,
|
||||
//add
|
||||
if (NULL == not_condition) {
|
||||
not_condition = ALLOC(struct table_condition, 1);
|
||||
snprintf(not_condition->attribute_name, sizeof(not_condition->attribute_name), "%s", attribute_name);
|
||||
snprintf(not_condition->field_name, sizeof(not_condition->field_name), "%s", field_name);
|
||||
not_condition->actual_condition_num++;
|
||||
HASH_ADD_STR(rule_rt->tbl_not_condition_hash, attribute_name, not_condition);
|
||||
HASH_ADD_STR(rule_rt->tbl_not_condition_hash, field_name, not_condition);
|
||||
} else {
|
||||
if (not_condition->actual_condition_num >= MAX_NOT_CONDITION_NUM) {
|
||||
log_fatal(logger, MODULE_RULE,
|
||||
"[%s:%d]attribute:<%s> negate condition num exceed maximum:%d",
|
||||
__FUNCTION__, __LINE__, attribute_name, MAX_NOT_CONDITION_NUM);
|
||||
"[%s:%d]field:<%s> negate condition num exceed maximum:%d",
|
||||
__FUNCTION__, __LINE__, field_name, MAX_NOT_CONDITION_NUM);
|
||||
return -1;
|
||||
}
|
||||
not_condition->actual_condition_num++;
|
||||
@@ -296,24 +296,24 @@ static struct maat_rule *maat_rule_new(struct rule_runtime *rule_rt, struct rule
|
||||
struct condition_literal tmp_literal;
|
||||
memset(&tmp_literal, 0, sizeof(tmp_literal));
|
||||
|
||||
tmp_obj = cJSON_GetObjectItem(literal_obj, "attribute_name");
|
||||
tmp_obj = cJSON_GetObjectItem(literal_obj, "field_name");
|
||||
if (tmp_obj == NULL || tmp_obj->type != cJSON_String) {
|
||||
log_fatal(rule_rt->logger, MODULE_RULE,
|
||||
"[%s:%d] table: <%s> has no attribute_name or not string format",
|
||||
"[%s:%d] table: <%s> has no field_name or not string format",
|
||||
__FUNCTION__, __LINE__, table_name);
|
||||
goto error;
|
||||
}
|
||||
|
||||
if (strlen(tmp_obj->valuestring) >= sizeof(tmp_literal.attribute_name)) {
|
||||
if (strlen(tmp_obj->valuestring) >= sizeof(tmp_literal.field_name)) {
|
||||
log_fatal(logger, MODULE_RULE,
|
||||
"[%s:%d] table: <%s> attribute_name:%s length exceed maximum:%d",
|
||||
__FUNCTION__, __LINE__, table_name, tmp_obj->valuestring, sizeof(tmp_literal.attribute_name));
|
||||
"[%s:%d] table: <%s> field_name:%s length exceed maximum:%d",
|
||||
__FUNCTION__, __LINE__, table_name, tmp_obj->valuestring, sizeof(tmp_literal.field_name));
|
||||
goto error;
|
||||
}
|
||||
snprintf(tmp_literal.attribute_name, sizeof(tmp_literal.attribute_name), "%s", tmp_obj->valuestring);
|
||||
snprintf(tmp_literal.field_name, sizeof(tmp_literal.field_name), "%s", tmp_obj->valuestring);
|
||||
|
||||
if (condition->negate_option == CONDITION_NEGATE_OPTION_SET) {
|
||||
int ret = validate_table_not_condition(rule_rt, schema->ref_tbl_mgr, tmp_literal.attribute_name, MAAT_OP_ADD, logger);
|
||||
int ret = validate_table_not_condition(rule_rt, schema->ref_tbl_mgr, tmp_literal.field_name, MAAT_OP_ADD, logger);
|
||||
if (ret < 0) {
|
||||
log_fatal(logger, MODULE_RULE,
|
||||
"[%s:%d] table: <%s> validate negate_option failed, line: %s",
|
||||
@@ -732,7 +732,7 @@ build_condition_id_kv_hash(struct rule_runtime *rule_rt, int negate_option)
|
||||
|
||||
memset(&key, 0, sizeof(key));
|
||||
|
||||
memcpy(key.attribute_name, tmp_literal->attribute_name, sizeof(key.attribute_name));
|
||||
memcpy(key.field_name, tmp_literal->field_name, sizeof(key.field_name));
|
||||
key.negate_option = condition->negate_option;
|
||||
uuid_copy(key.object_uuid, tmp_literal->object_uuids[k]);
|
||||
|
||||
@@ -890,7 +890,7 @@ struct rule_compile_state *rule_compile_state_new(void)
|
||||
utarray_new(rule_compile_state->indirect_hit_objects, &ut_maat_hit_object_icd);
|
||||
utarray_new(rule_compile_state->last_hit_objects, &ut_maat_hit_object_icd);
|
||||
utarray_new(rule_compile_state->hit_rule_table_ids, &ut_hit_rule_table_id_icd);
|
||||
rule_compile_state->hit_negate_attribute_objects = NULL;
|
||||
rule_compile_state->hit_negate_field_objects = NULL;
|
||||
|
||||
return rule_compile_state;
|
||||
}
|
||||
@@ -903,11 +903,11 @@ rule_compile_state_hit_not_condition_objects_free(struct rule_compile_state *rul
|
||||
}
|
||||
|
||||
long long free_bytes = 0;
|
||||
struct negate_attribute_object *negate_attr_obj = NULL, *tmp_negate_attr_obj = NULL;
|
||||
HASH_ITER(hh, rule_compile_state->hit_negate_attribute_objects, negate_attr_obj, tmp_negate_attr_obj) {
|
||||
struct negate_field_object *negate_attr_obj = NULL, *tmp_negate_attr_obj = NULL;
|
||||
HASH_ITER(hh, rule_compile_state->hit_negate_field_objects, negate_attr_obj, tmp_negate_attr_obj) {
|
||||
free_bytes +=
|
||||
(sizeof(negate_attr_obj) + utarray_len(negate_attr_obj->object_uuids) * sizeof(uuid_t));
|
||||
HASH_DEL(rule_compile_state->hit_negate_attribute_objects, negate_attr_obj);
|
||||
HASH_DEL(rule_compile_state->hit_negate_field_objects, negate_attr_obj);
|
||||
if (negate_attr_obj->object_uuids != NULL) {
|
||||
utarray_free(negate_attr_obj->object_uuids);
|
||||
negate_attr_obj->object_uuids = NULL;
|
||||
@@ -938,8 +938,8 @@ void rule_compile_state_reset(struct rule_compile_state *rule_compile_state)
|
||||
utarray_clear(rule_compile_state->last_hit_objects);
|
||||
utarray_clear(rule_compile_state->hit_rule_table_ids);
|
||||
|
||||
struct negate_attribute_object *negate_attr_obj = NULL, *tmp_negate_attr_obj = NULL;
|
||||
HASH_ITER(hh, rule_compile_state->hit_negate_attribute_objects, negate_attr_obj, tmp_negate_attr_obj) {
|
||||
struct negate_field_object *negate_attr_obj = NULL, *tmp_negate_attr_obj = NULL;
|
||||
HASH_ITER(hh, rule_compile_state->hit_negate_field_objects, negate_attr_obj, tmp_negate_attr_obj) {
|
||||
utarray_clear(negate_attr_obj->object_uuids);
|
||||
}
|
||||
}
|
||||
@@ -1027,7 +1027,7 @@ void rule_compile_state_free(struct rule_compile_state *rule_compile_state,
|
||||
static void
|
||||
rule_compile_state_add_internal_hit_path(struct rule_compile_state *rule_compile_state,
|
||||
uuid_t item_uuid, uuid_t object_uuid,
|
||||
const char *attribute_name, int negate_option, int Nth_scan)
|
||||
const char *field_name, int negate_option, int Nth_scan)
|
||||
{
|
||||
if (NULL == rule_compile_state) {
|
||||
return;
|
||||
@@ -1037,7 +1037,7 @@ rule_compile_state_add_internal_hit_path(struct rule_compile_state *rule_compile
|
||||
uuid_copy(new_path.item_uuid, item_uuid);
|
||||
new_path.Nth_scan = Nth_scan;
|
||||
uuid_copy(new_path.object_uuid, object_uuid);
|
||||
snprintf(new_path.attribute_name, sizeof(new_path.attribute_name), "%s", attribute_name);
|
||||
snprintf(new_path.field_name, sizeof(new_path.field_name), "%s", field_name);
|
||||
new_path.negate_option = negate_option;
|
||||
|
||||
utarray_push_back(rule_compile_state->internal_hit_paths, &new_path);
|
||||
@@ -1056,7 +1056,7 @@ static int maat_rule_has_condition_query_key(struct maat_rule *rule,
|
||||
for (size_t j = 0; j < utarray_len(condition->literals); j++) {
|
||||
tmp_literal = (struct condition_literal *)utarray_eltptr(condition->literals, j);
|
||||
|
||||
if (strncmp(tmp_literal->attribute_name, key->attribute_name, sizeof(key->attribute_name)) != 0) {
|
||||
if (strncmp(tmp_literal->field_name, key->field_name, sizeof(key->field_name)) != 0) {
|
||||
continue;
|
||||
}
|
||||
|
||||
@@ -1078,7 +1078,7 @@ static int maat_rule_has_condition_query_key(struct maat_rule *rule,
|
||||
|
||||
static size_t
|
||||
maat_rule_get_hit_condition_index(struct maat_rule *rule,
|
||||
const char *attribute_name, uuid_t *hit_object_uuid,
|
||||
const char *field_name, uuid_t *hit_object_uuid,
|
||||
int *condition_idx_array, size_t array_size)
|
||||
{
|
||||
size_t hit_condition_cnt = 0;
|
||||
@@ -1094,7 +1094,7 @@ maat_rule_get_hit_condition_index(struct maat_rule *rule,
|
||||
for (size_t j = 0; j < utarray_len(tmp_condition->literals); j++) {
|
||||
tmp_literal = (struct condition_literal *)utarray_eltptr(tmp_condition->literals, j);
|
||||
|
||||
if (strncmp(tmp_literal->attribute_name, attribute_name, sizeof(tmp_literal->attribute_name)) != 0) {
|
||||
if (strncmp(tmp_literal->field_name, field_name, sizeof(tmp_literal->field_name)) != 0) {
|
||||
continue;
|
||||
}
|
||||
|
||||
@@ -1126,7 +1126,7 @@ maat_rule_is_hit_path_existed(const struct maat_hit_path *hit_paths,
|
||||
|
||||
static void populate_hit_path_with_rule(struct maat_hit_path *hit_path_array,
|
||||
size_t array_idx, size_t n_hit_path,
|
||||
size_t *n_new_hit_path, const char *attribute_name,
|
||||
size_t *n_new_hit_path, const char *field_name,
|
||||
struct maat_rule *rule)
|
||||
{
|
||||
size_t i = 0;
|
||||
@@ -1144,7 +1144,7 @@ static void populate_hit_path_with_rule(struct maat_hit_path *hit_path_array,
|
||||
uuid_copy(hit_path_array[idx].rule_uuid, rule->rule_uuid);
|
||||
// find out which condition in rule hit
|
||||
n_condition_index =
|
||||
maat_rule_get_hit_condition_index(rule, attribute_name,
|
||||
maat_rule_get_hit_condition_index(rule, field_name,
|
||||
&hit_path_array[idx].top_object_uuid,
|
||||
condition_index_array,
|
||||
MAX_ITEMS_PER_BOOL_EXPR);
|
||||
@@ -1165,7 +1165,7 @@ static void populate_hit_path_with_rule(struct maat_hit_path *hit_path_array,
|
||||
hit_path_array[n_hit_path + new_hit_path_cnt] = tmp_path;
|
||||
new_hit_path_cnt++;
|
||||
n_condition_index =
|
||||
maat_rule_get_hit_condition_index(rule, attribute_name, &tmp_path.top_object_uuid,
|
||||
maat_rule_get_hit_condition_index(rule, field_name, &tmp_path.top_object_uuid,
|
||||
condition_index_array, MAX_ITEMS_PER_BOOL_EXPR);
|
||||
hit_path_array[n_hit_path + new_hit_path_cnt - 1].condition_index = condition_index_array[0];
|
||||
if (n_condition_index > 1) {
|
||||
@@ -1219,11 +1219,11 @@ size_t rule_runtime_get_hit_paths(struct rule_runtime *rule_rt, int thread_id,
|
||||
uuid_copy(key.object_uuid, hit_path_array[j].top_object_uuid);
|
||||
}
|
||||
|
||||
memcpy(key.attribute_name, hit_path_array[j].attribute_name, sizeof(key.attribute_name));
|
||||
memcpy(key.field_name, hit_path_array[j].field_name, sizeof(key.field_name));
|
||||
key.negate_option = hit_path_array[j].negate_option;
|
||||
if (maat_rule_has_condition_query_key(rule, &key)) {
|
||||
populate_hit_path_with_rule(hit_path_array, j, n_hit_path,
|
||||
&n_new_hit_path, key.attribute_name, rule);
|
||||
&n_new_hit_path, key.field_name, rule);
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -1234,7 +1234,7 @@ size_t rule_runtime_get_hit_paths(struct rule_runtime *rule_rt, int thread_id,
|
||||
static void
|
||||
rule_compile_state_add_direct_hit_objects(struct rule_compile_state *rule_compile_state,
|
||||
struct maat_item *hit_items,
|
||||
size_t n_hit_items, const char *attribute_name)
|
||||
size_t n_hit_items, const char *field_name)
|
||||
{
|
||||
if (NULL == rule_compile_state || NULL == hit_items) {
|
||||
return;
|
||||
@@ -1244,7 +1244,7 @@ rule_compile_state_add_direct_hit_objects(struct rule_compile_state *rule_compil
|
||||
for (size_t i = 0; i < n_hit_items; i++) {
|
||||
uuid_copy(hit_object.item_uuid, hit_items[i].item_uuid);
|
||||
uuid_copy(hit_object.object_uuid, hit_items[i].object_uuid);
|
||||
snprintf(hit_object.attribute_name, sizeof(hit_object.attribute_name), "%s", attribute_name);
|
||||
snprintf(hit_object.field_name, sizeof(hit_object.field_name), "%s", field_name);
|
||||
utarray_push_back(rule_compile_state->direct_hit_objects, &hit_object);
|
||||
}
|
||||
}
|
||||
@@ -1252,7 +1252,7 @@ rule_compile_state_add_direct_hit_objects(struct rule_compile_state *rule_compil
|
||||
static void
|
||||
rule_compile_state_add_indirect_hit_objects(struct rule_compile_state *rule_compile_state,
|
||||
uuid_t *object_uuids,
|
||||
size_t n_object_uuids, const char *attribute_name)
|
||||
size_t n_object_uuids, const char *field_name)
|
||||
{
|
||||
if (NULL == rule_compile_state || NULL == object_uuids) {
|
||||
return;
|
||||
@@ -1262,7 +1262,7 @@ rule_compile_state_add_indirect_hit_objects(struct rule_compile_state *rule_comp
|
||||
for (size_t i = 0; i < n_object_uuids; i++) {
|
||||
uuid_clear(hit_object.item_uuid);
|
||||
uuid_copy(hit_object.object_uuid, object_uuids[i]);
|
||||
snprintf(hit_object.attribute_name, sizeof(hit_object.attribute_name), "%s", attribute_name);
|
||||
snprintf(hit_object.field_name, sizeof(hit_object.field_name), "%s", field_name);
|
||||
utarray_push_back(rule_compile_state->indirect_hit_objects, &hit_object);
|
||||
}
|
||||
}
|
||||
@@ -1346,7 +1346,7 @@ rule_compile_state_add_hit_not_conditions(struct rule_compile_state *rule_compil
|
||||
static void
|
||||
rule_compile_state_update_hit_conditions(struct rule_compile_state *rule_compile_state,
|
||||
struct rule_runtime *rule_rt,
|
||||
uuid_t object_uuid, const char *attribute_name)
|
||||
uuid_t object_uuid, const char *field_name)
|
||||
{
|
||||
if (NULL == rule_compile_state || NULL == rule_rt) {
|
||||
return;
|
||||
@@ -1357,7 +1357,7 @@ rule_compile_state_update_hit_conditions(struct rule_compile_state *rule_compile
|
||||
|
||||
memset(&key, 0, sizeof(key));
|
||||
key.negate_option = 0;
|
||||
snprintf(key.attribute_name, sizeof(key.attribute_name), "%s", attribute_name);
|
||||
snprintf(key.field_name, sizeof(key.field_name), "%s", field_name);
|
||||
uuid_copy(key.object_uuid, object_uuid);
|
||||
|
||||
HASH_FIND(hh, rule_rt->condition_id_kv_hash, &key, sizeof(key), condition_id_kv);
|
||||
@@ -1376,27 +1376,27 @@ static void
|
||||
rule_compile_state_cache_hit_not_objects(struct rule_compile_state *rule_compile_state,
|
||||
struct rule_runtime *rule_rt,
|
||||
uuid_t *hit_object_uuids,
|
||||
size_t n_hit_object_uuid, const char *attribute_name)
|
||||
size_t n_hit_object_uuid, const char *field_name)
|
||||
{
|
||||
if (NULL == rule_compile_state || NULL == rule_rt) {
|
||||
return;
|
||||
}
|
||||
|
||||
struct negate_attribute_object *negate_attr_obj = NULL;
|
||||
HASH_FIND_STR(rule_compile_state->hit_negate_attribute_objects, attribute_name, negate_attr_obj);
|
||||
struct negate_field_object *negate_attr_obj = NULL;
|
||||
HASH_FIND_STR(rule_compile_state->hit_negate_field_objects, field_name, negate_attr_obj);
|
||||
|
||||
if (negate_attr_obj == NULL || utarray_len(negate_attr_obj->object_uuids) == 0) {
|
||||
struct condition_id_kv *condition_id_kv = NULL, *tmp_condition_id_kv = NULL;
|
||||
HASH_ITER(hh, rule_rt->not_condition_id_kv_hash, condition_id_kv, tmp_condition_id_kv) {
|
||||
if (strncmp(condition_id_kv->key.attribute_name, attribute_name, strlen(attribute_name)) != 0) {
|
||||
if (strncmp(condition_id_kv->key.field_name, field_name, strlen(field_name)) != 0) {
|
||||
continue;
|
||||
}
|
||||
|
||||
if (NULL == negate_attr_obj) {
|
||||
negate_attr_obj = ALLOC(struct negate_attribute_object, 1);
|
||||
snprintf(negate_attr_obj->attribute_name, sizeof(negate_attr_obj->attribute_name), "%s", attribute_name);
|
||||
negate_attr_obj = ALLOC(struct negate_field_object, 1);
|
||||
snprintf(negate_attr_obj->field_name, sizeof(negate_attr_obj->field_name), "%s", field_name);
|
||||
utarray_new(negate_attr_obj->object_uuids, &ut_rule_object_uuid_icd);
|
||||
HASH_ADD_STR(rule_compile_state->hit_negate_attribute_objects, attribute_name, negate_attr_obj);
|
||||
HASH_ADD_STR(rule_compile_state->hit_negate_field_objects, field_name, negate_attr_obj);
|
||||
}
|
||||
|
||||
if (!utarray_find(negate_attr_obj->object_uuids, &(condition_id_kv->key.object_uuid),
|
||||
@@ -1519,7 +1519,7 @@ static void rule_runtime_del_rule(struct rule_runtime *rule_rt,
|
||||
if (condition->in_use && condition->negate_option == CONDITION_NEGATE_OPTION_SET) {
|
||||
for (size_t j = 0; j < utarray_len(condition->literals); j++) {
|
||||
struct condition_literal *literal = (struct condition_literal *)utarray_eltptr(condition->literals, j);
|
||||
validate_table_not_condition(rule_rt, schema->ref_tbl_mgr, literal->attribute_name, MAAT_OP_DEL, logger);
|
||||
validate_table_not_condition(rule_rt, schema->ref_tbl_mgr, literal->field_name, MAAT_OP_DEL, logger);
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -1738,7 +1738,7 @@ int rule_runtime_match(struct rule_runtime *rule_rt, uuid_t *rule_uuids,
|
||||
}
|
||||
|
||||
int rule_compile_state_update(struct maat_state *maat_state, struct maat *maat_inst,
|
||||
const char *attribute_name, int custom_rule_tbl_id, int Nth_scan,
|
||||
const char *field_name, int custom_rule_tbl_id, int Nth_scan,
|
||||
struct maat_item *hit_items, size_t n_hit_item)
|
||||
{
|
||||
size_t i = 0, j = 0;
|
||||
@@ -1756,7 +1756,7 @@ int rule_compile_state_update(struct maat_state *maat_state, struct maat *maat_i
|
||||
|
||||
uuid_copy(hit_object.item_uuid, hit_items[i].item_uuid);
|
||||
uuid_copy(hit_object.object_uuid, hit_items[i].object_uuid);
|
||||
snprintf(hit_object.attribute_name, sizeof(hit_object.attribute_name), "%s", attribute_name);
|
||||
snprintf(hit_object.field_name, sizeof(hit_object.field_name), "%s", field_name);
|
||||
utarray_push_back(rule_compile_state->last_hit_objects, &hit_object);
|
||||
}
|
||||
|
||||
@@ -1770,21 +1770,21 @@ int rule_compile_state_update(struct maat_state *maat_state, struct maat *maat_i
|
||||
for (i = 0; i < super_object_cnt; i++) {
|
||||
uuid_clear(hit_object.item_uuid);
|
||||
uuid_copy(hit_object.object_uuid, super_object_uuids[i]);
|
||||
snprintf(hit_object.attribute_name, sizeof(hit_object.attribute_name), "%s", attribute_name);
|
||||
snprintf(hit_object.field_name, sizeof(hit_object.field_name), "%s", field_name);
|
||||
utarray_push_back(rule_compile_state->last_hit_objects, &hit_object);
|
||||
}
|
||||
|
||||
if (1 == maat_inst->opts.hit_path_on && hit_cnt > 0) {
|
||||
for (i = 0; i < hit_cnt; i++) {
|
||||
rule_compile_state_add_internal_hit_path(rule_compile_state, hit_items[i].item_uuid,
|
||||
hit_items[i].object_uuid, attribute_name, 0, Nth_scan);
|
||||
hit_items[i].object_uuid, field_name, 0, Nth_scan);
|
||||
}
|
||||
}
|
||||
|
||||
if (1 == maat_inst->opts.hit_object_on) {
|
||||
rule_compile_state_add_direct_hit_objects(rule_compile_state, hit_items, hit_cnt, attribute_name);
|
||||
rule_compile_state_add_direct_hit_objects(rule_compile_state, hit_items, hit_cnt, field_name);
|
||||
rule_compile_state_add_indirect_hit_objects(rule_compile_state, super_object_uuids,
|
||||
super_object_cnt, attribute_name);
|
||||
super_object_cnt, field_name);
|
||||
}
|
||||
|
||||
/* update hit condition */
|
||||
@@ -1805,11 +1805,11 @@ int rule_compile_state_update(struct maat_state *maat_state, struct maat *maat_i
|
||||
|
||||
for (i = 0; i < hit_cnt; i++) {
|
||||
rule_compile_state_update_hit_conditions(rule_compile_state, rule_rt,
|
||||
hit_object_uuids[i], attribute_name);
|
||||
hit_object_uuids[i], field_name);
|
||||
}
|
||||
|
||||
rule_compile_state_cache_hit_not_objects(rule_compile_state, rule_rt, hit_object_uuids,
|
||||
hit_cnt, attribute_name);
|
||||
hit_cnt, field_name);
|
||||
return hit_cnt;
|
||||
}
|
||||
|
||||
@@ -1824,7 +1824,7 @@ void rule_compile_state_clear_last_hit_object(struct rule_compile_state *rule_co
|
||||
|
||||
void rule_compile_state_not_logic_update(struct rule_compile_state *rule_compile_state,
|
||||
struct rule_runtime *rule_rt,
|
||||
struct maat *maat_inst, const char *attribute_name,
|
||||
struct maat *maat_inst, const char *field_name,
|
||||
int Nth_scan)
|
||||
{
|
||||
if (NULL == rule_compile_state || NULL == maat_inst) {
|
||||
@@ -1835,8 +1835,8 @@ void rule_compile_state_not_logic_update(struct rule_compile_state *rule_compile
|
||||
rule_compile_state->Nth_scan = Nth_scan;
|
||||
utarray_clear(rule_compile_state->this_scan_hit_not_conditions);
|
||||
|
||||
struct negate_attribute_object *negate_attr_obj = NULL;
|
||||
HASH_FIND_STR(rule_compile_state->hit_negate_attribute_objects, attribute_name, negate_attr_obj);
|
||||
struct negate_field_object *negate_attr_obj = NULL;
|
||||
HASH_FIND_STR(rule_compile_state->hit_negate_field_objects, field_name, negate_attr_obj);
|
||||
if (NULL == negate_attr_obj) {
|
||||
return;
|
||||
}
|
||||
@@ -1848,7 +1848,7 @@ void rule_compile_state_not_logic_update(struct rule_compile_state *rule_compile
|
||||
uuid_t *object_uuid = utarray_eltptr(negate_attr_obj->object_uuids, i);
|
||||
memset(&key, 0, sizeof(key));
|
||||
|
||||
snprintf(key.attribute_name, sizeof(key.attribute_name), "%s", attribute_name);
|
||||
snprintf(key.field_name, sizeof(key.field_name), "%s", field_name);
|
||||
key.negate_option = 1;
|
||||
uuid_copy(key.object_uuid, *object_uuid);
|
||||
|
||||
@@ -1862,7 +1862,7 @@ void rule_compile_state_not_logic_update(struct rule_compile_state *rule_compile
|
||||
uuid_t null_uuid;
|
||||
uuid_clear(null_uuid);
|
||||
rule_compile_state_add_internal_hit_path(rule_compile_state, null_uuid, *object_uuid,
|
||||
attribute_name, 1, Nth_scan);
|
||||
field_name, 1, Nth_scan);
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -1878,7 +1878,7 @@ size_t rule_compile_state_get_indirect_hit_objects(struct rule_compile_state *ru
|
||||
(struct maat_hit_object *)utarray_eltptr(rule_compile_state->indirect_hit_objects, i);
|
||||
uuid_copy(object_array[i].item_uuid, hit_object->item_uuid);
|
||||
uuid_copy(object_array[i].object_uuid, hit_object->object_uuid);
|
||||
memcpy(object_array[i].attribute_name, hit_object->attribute_name, sizeof(object_array[i].attribute_name));
|
||||
memcpy(object_array[i].field_name, hit_object->field_name, sizeof(object_array[i].field_name));
|
||||
}
|
||||
|
||||
utarray_clear(rule_compile_state->indirect_hit_objects);
|
||||
@@ -1922,7 +1922,7 @@ size_t rule_compile_state_get_direct_hit_objects(struct rule_compile_state *rule
|
||||
object = (struct maat_hit_object *)utarray_eltptr(direct_hit_object, i);
|
||||
uuid_copy(object_array[i].item_uuid, object->item_uuid);
|
||||
uuid_copy(object_array[i].object_uuid, object->object_uuid);
|
||||
memcpy(object_array[i].attribute_name, object->attribute_name, sizeof(object_array[i].attribute_name));
|
||||
memcpy(object_array[i].field_name, object->field_name, sizeof(object_array[i].field_name));
|
||||
}
|
||||
|
||||
utarray_clear(rule_compile_state->direct_hit_objects);
|
||||
@@ -1984,7 +1984,7 @@ size_t rule_compile_state_get_internal_hit_paths(struct maat_state *maat_state,
|
||||
uuid_copy(tmp_path.sub_object_uuid, internal_path->object_uuid);
|
||||
uuid_copy(tmp_path.top_object_uuid, *p);
|
||||
|
||||
memcpy(tmp_path.attribute_name, internal_path->attribute_name, sizeof(tmp_path.attribute_name));
|
||||
memcpy(tmp_path.field_name, internal_path->field_name, sizeof(tmp_path.field_name));
|
||||
tmp_path.negate_option = internal_path->negate_option;
|
||||
tmp_path.condition_index = -1;
|
||||
uuid_clear(tmp_path.rule_uuid);
|
||||
|
||||
@@ -42,7 +42,7 @@ struct maat_table {
|
||||
void *updating_runtime;
|
||||
};
|
||||
|
||||
struct maat_attribute {
|
||||
struct maat_field {
|
||||
int table_id;
|
||||
int attr_id;
|
||||
char attr_name[MAX_NAME_STR_LEN + 1];
|
||||
|
||||
@@ -136,7 +136,7 @@ void generate_rule_sample(const char *table_name, int sample_count)
|
||||
fclose(fp);
|
||||
}
|
||||
|
||||
void generate_object2rule_sample(const char *table_name, const char *attribute_name,
|
||||
void generate_object2rule_sample(const char *table_name, const char *field_name,
|
||||
int sample_count)
|
||||
{
|
||||
FILE *fp = fopen(table_name, "w+");
|
||||
@@ -148,7 +148,7 @@ void generate_object2rule_sample(const char *table_name, const char *attribute_n
|
||||
fprintf(fp, "%d\n", sample_count);
|
||||
|
||||
for (int i = 0; i < sample_count; i++) {
|
||||
fprintf(fp, "%d\t%d\t0\t%s\t1\t1\n", i+1, 100+i, attribute_name);
|
||||
fprintf(fp, "%d\t%d\t0\t%s\t1\t1\n", i+1, 100+i, field_name);
|
||||
}
|
||||
|
||||
fclose(fp);
|
||||
|
||||
@@ -573,7 +573,7 @@
|
||||
"object_id":1,
|
||||
"rule_id":2,
|
||||
"negate_option":3,
|
||||
"attribute_name":4,
|
||||
"field_name":4,
|
||||
"condition_index":5
|
||||
}
|
||||
},
|
||||
|
||||
@@ -13,7 +13,7 @@
|
||||
"and_conditions": [
|
||||
{
|
||||
"object_name": "Untitled",
|
||||
"attribute_name": "HTTP_URL",
|
||||
"field_name": "HTTP_URL",
|
||||
"objects": [
|
||||
{
|
||||
"items": [
|
||||
|
||||
@@ -12,7 +12,7 @@
|
||||
"is_valid": "yes",
|
||||
"and_conditions": [
|
||||
{
|
||||
"attribute_name": "HTTP_URL",
|
||||
"field_name": "HTTP_URL",
|
||||
"objects": [
|
||||
{
|
||||
"items": [
|
||||
|
||||
@@ -12,7 +12,7 @@
|
||||
"is_valid": "yes",
|
||||
"and_conditions": [
|
||||
{
|
||||
"attribute_name": "HTTP_URL",
|
||||
"field_name": "HTTP_URL",
|
||||
"objects": [
|
||||
{
|
||||
"items": [
|
||||
|
||||
File diff suppressed because it is too large
Load Diff
File diff suppressed because it is too large
Load Diff
@@ -68,7 +68,7 @@
|
||||
"table_id":11,
|
||||
"table_name":"KEYWORDS_TABLE",
|
||||
"table_type":"expr",
|
||||
"schema_tag": "{\"http_response_keywords\": \"attribute\"}"
|
||||
"schema_tag": "{\"http_response_keywords\": \"field\"}"
|
||||
},
|
||||
{
|
||||
"table_id":12,
|
||||
@@ -155,7 +155,7 @@
|
||||
"table_id":24,
|
||||
"table_name":"IP_PLUS_CONFIG",
|
||||
"table_type":"ip",
|
||||
"schema_tag": "{\"attribute_ip_plus_table\": \"attribute\"}"
|
||||
"schema_tag": "{\"field_ip_plus_table\": \"field\"}"
|
||||
},
|
||||
{
|
||||
"table_id":29,
|
||||
|
||||
@@ -155,7 +155,7 @@ int rule_table_set_line(struct maat *maat_inst, const char *table_name,
|
||||
cJSON_AddItemToArray(object_uuids_array, cJSON_CreateString(and_conditions[i].or_conditions[j].object_uuids_str[k]));
|
||||
}
|
||||
cJSON_AddItemToObject(or_condition, "object_uuids", object_uuids_array);
|
||||
cJSON_AddStringToObject(or_condition, "attribute_name", and_conditions[i].or_conditions[j].attribute_name);
|
||||
cJSON_AddStringToObject(or_condition, "field_name", and_conditions[i].or_conditions[j].field_name);
|
||||
|
||||
cJSON_AddItemToArray(or_conditions_array, or_condition);
|
||||
}
|
||||
|
||||
@@ -8,7 +8,7 @@
|
||||
struct maat_cmd_or_condition {
|
||||
const char *object_uuids_str[8];
|
||||
int object_num;
|
||||
const char *attribute_name;
|
||||
const char *field_name;
|
||||
};
|
||||
|
||||
struct maat_cmd_and_condition {
|
||||
|
||||
Reference in New Issue
Block a user