diff --git a/include/maat.h b/include/maat.h index 6c1b7a6..f609c61 100644 --- a/include/maat.h +++ b/include/maat.h @@ -303,8 +303,8 @@ void maat_state_reset(struct maat_state *state); void maat_state_free(struct maat_state *state); -int maat_state_get_hit_paths(struct maat_state *state, struct maat_hit_path *path_array, - size_t array_size); +int maat_state_get_hit_paths(struct maat_state *state, const char *table_name, + struct maat_hit_path *path_array, size_t array_size); /** * @brief get the total number of scans after maat_state_new diff --git a/src/inc_internal/maat_core.h b/src/inc_internal/maat_core.h index 9a2fcce..c1372e6 100644 --- a/src/inc_internal/maat_core.h +++ b/src/inc_internal/maat_core.h @@ -185,7 +185,6 @@ struct maat_state { struct rule_compile_state *rule_compile_state; int Nth_scan; uint16_t thread_id; - int16_t rule_table_id;//TODO: need remove ??? uint8_t logic_negate_option; }; diff --git a/src/inc_internal/maat_rule.h b/src/inc_internal/maat_rule.h index 3f8e7a7..194cfb9 100644 --- a/src/inc_internal/maat_rule.h +++ b/src/inc_internal/maat_rule.h @@ -74,7 +74,7 @@ int rule_runtime_match(int table_id, struct rule_runtime *rule_rt, uuid_t *rule_ int rule_runtime_need_compile(int table_id, struct rule_runtime *rule_rt, struct rule_compile_state *rule_compile_state); size_t rule_runtime_get_hit_paths(struct rule_runtime *rule_rt, int thread_id, - struct rule_compile_state *rule_compile_state, + struct maat_state *state, struct maat_hit_path *hit_path_array, size_t array_size, size_t n_hit_path); @@ -88,7 +88,7 @@ void rule_compile_state_free(struct rule_compile_state *rule_compile_state, struct maat *maat_instance, int thread_id); int rule_compile_state_update(struct rule_compile_state *rule_compile_state, struct maat *maat_inst, - const char *field_name, int custom_rule_tbl_id, int Nth_scan, + const char *field_name, int Nth_scan, struct maat_item *hit_items, size_t n_hit_item); void rule_compile_state_not_logic_update(struct maat *maat_inst, struct rule_compile_state *rule_compile_state, const char *field_name, int Nth_scan); diff --git a/src/inc_internal/maat_table.h b/src/inc_internal/maat_table.h index 3f6ec5c..4700078 100644 --- a/src/inc_internal/maat_table.h +++ b/src/inc_internal/maat_table.h @@ -80,7 +80,6 @@ const char *table_manager_get_table_schema_tag(struct table_manager *tbl_mgr, in enum table_type table_manager_get_table_type(struct table_manager *tbl_mgr, int table_id); -int table_manager_get_default_rule_table_id(struct table_manager *tbl_mgr); int table_manager_get_object_group_table_id(struct table_manager *tbl_mgr); enum maat_expr_engine table_manager_get_expr_engine(struct table_manager *tbl_mgr); diff --git a/src/maat_api.c b/src/maat_api.c index 1f837df..24e6e7e 100644 --- a/src/maat_api.c +++ b/src/maat_api.c @@ -1602,8 +1602,7 @@ static void maat_state_add_hit_object(struct maat_state *state, const char *fiel } rule_compile_state_update(state->rule_compile_state, maat_inst, field_name, - state->rule_table_id, state->Nth_scan, - hit_items, n_hit_item); + state->Nth_scan, hit_items, n_hit_item); } int maat_scan_object(struct maat *maat_inst, const char *table_name, const char *field_name, @@ -1848,7 +1847,6 @@ void maat_state_reset(struct maat_state *state) return; } - state->rule_table_id = 0; state->Nth_scan = 0; if (state->rule_compile_state != NULL) { @@ -1885,8 +1883,8 @@ void maat_state_free(struct maat_state *state) thread_id, sizeof(struct maat_state)); } -int maat_state_get_hit_paths(struct maat_state *state, struct maat_hit_path *path_array, - size_t array_size) +int maat_state_get_hit_paths(struct maat_state *state, const char *table_name, + struct maat_hit_path *path_array, size_t array_size) { if (NULL == state || NULL == path_array || 0 == array_size) { return -1; @@ -1903,10 +1901,9 @@ int maat_state_get_hit_paths(struct maat_state *state, struct maat_hit_path *pat return 0; } - int rule_table_id = - table_manager_get_default_rule_table_id(maat_inst->tbl_mgr); - if (state->rule_table_id > 0) { - rule_table_id = state->rule_table_id; + int rule_table_id = table_manager_get_table_id(maat_inst->tbl_mgr, table_name); + if (rule_table_id < 0) { + return -1; } void *rule_rt = table_manager_get_runtime(maat_inst->tbl_mgr, @@ -1925,7 +1922,7 @@ int maat_state_get_hit_paths(struct maat_state *state, struct maat_hit_path *pat path_array, array_size); return rule_runtime_get_hit_paths((struct rule_runtime *)rule_rt, - state->thread_id, state->rule_compile_state, + state->thread_id, state, path_array, array_size, hit_path_cnt); } diff --git a/src/maat_expr.c b/src/maat_expr.c index 7728569..e5bf72f 100644 --- a/src/maat_expr.c +++ b/src/maat_expr.c @@ -873,8 +873,7 @@ next: } return rule_compile_state_update(state->rule_compile_state, state->maat_inst, field_name, - state->rule_table_id, state->Nth_scan, - hit_maat_items, real_hit_item_num); + state->Nth_scan, hit_maat_items, real_hit_item_num); } struct expr_runtime_stream * @@ -961,8 +960,7 @@ next: } return rule_compile_state_update(state->rule_compile_state, state->maat_inst, field_name, - state->rule_table_id, state->Nth_scan, - hit_maat_items, real_hit_item_cnt); + state->Nth_scan, hit_maat_items, real_hit_item_cnt); } void expr_runtime_stream_close(struct expr_runtime_stream *expr_rt_stream) diff --git a/src/maat_flag.c b/src/maat_flag.c index e244a88..bcb70d5 100644 --- a/src/maat_flag.c +++ b/src/maat_flag.c @@ -454,8 +454,7 @@ next: } return rule_compile_state_update(state->rule_compile_state, state->maat_inst, field_name, - state->rule_table_id, state->Nth_scan, - hit_maat_items, real_hit_item_cnt); + state->Nth_scan, hit_maat_items, real_hit_item_cnt); } void flag_runtime_perf_stat(struct flag_runtime *flag_rt, struct timespec *start, diff --git a/src/maat_interval.c b/src/maat_interval.c index 0d00153..5355798 100644 --- a/src/maat_interval.c +++ b/src/maat_interval.c @@ -462,8 +462,7 @@ next: } return rule_compile_state_update(state->rule_compile_state, state->maat_inst, field_name, - state->rule_table_id, state->Nth_scan, - hit_maat_items, real_hit_item_cnt); + state->Nth_scan, hit_maat_items, real_hit_item_cnt); } void interval_runtime_perf_stat(struct interval_runtime *interval_rt, diff --git a/src/maat_ip.c b/src/maat_ip.c index 387bdf9..d963283 100644 --- a/src/maat_ip.c +++ b/src/maat_ip.c @@ -549,8 +549,7 @@ next: } return rule_compile_state_update(state->rule_compile_state, state->maat_inst, field_name, - state->rule_table_id, state->Nth_scan, - hit_maat_items, real_hit_item_cnt); + state->Nth_scan, hit_maat_items, real_hit_item_cnt); } void ip_runtime_perf_stat(struct ip_runtime *ip_rt, struct timespec *start, diff --git a/src/maat_rule.c b/src/maat_rule.c index 0f7320d..a5c4b52 100644 --- a/src/maat_rule.c +++ b/src/maat_rule.c @@ -67,9 +67,8 @@ struct field_hit_object_collection { UT_array *direct_items; UT_array *indirect_object_uuids;//TODO: change it to graph? UT_array *all_object_uuids; - UT_array *negate_object_uuids; int need_negate_condition; - int need_scan_not_object; + int need_negate_hit_path; int Nth_scan; UT_hash_handle hh; }; @@ -805,7 +804,7 @@ void rule_compile_state_reset(struct rule_compile_state *rule_compile_state) } attr_hit_obj->need_negate_condition = 0; - attr_hit_obj->need_scan_not_object = 0; + attr_hit_obj->need_negate_hit_path = 0; attr_hit_obj->Nth_scan = 0; } @@ -1043,79 +1042,6 @@ static void populate_hit_path_with_rule(struct maat_hit_path *hit_path_array, *n_new_hit_path = new_hit_path_cnt; } -size_t rule_runtime_get_hit_paths(struct rule_runtime *rule_rt, int thread_id, - struct rule_compile_state *rule_compile_state, - struct maat_hit_path *hit_path_array, - size_t array_size, size_t n_hit_path) -{ - /* assign hit_path_array[].rule_id */ - size_t n_new_hit_path = 0; - struct maat_rule *rule = NULL; - struct condition_query_key key; - struct bool_expr_match *expr_match = rule_rt->expr_match_buff + - (thread_id * MAX_HIT_RULE_NUM); - assert(thread_id >= 0); - - int bool_match_ret = - bool_matcher_match(rule_rt->bm, - (unsigned long long *)utarray_eltptr(rule_compile_state->all_hit_conditions, 0), - utarray_len(rule_compile_state->all_hit_conditions), expr_match, MAX_HIT_RULE_NUM);//TODO: maat_state_compile - - for (int idx = 0; idx < bool_match_ret; idx++) { - rule = (struct maat_rule *)expr_match[idx].user_tag; - assert(rule->magic_num == MAAT_RULE_MAGIC); - assert(uuid_compare(rule->rule_uuid, expr_match[idx].expr_uuid) == 0); - if (0 == rule->condition_num) { - continue; - } - - for (size_t j = 0; j < n_hit_path && (n_hit_path + n_new_hit_path) < array_size; j++) { - if (uuid_is_null(hit_path_array[j].top_object_uuid)) { - uuid_copy(key.object_uuid, hit_path_array[j].sub_object_uuid); - } else { - uuid_copy(key.object_uuid, hit_path_array[j].top_object_uuid); - } - - memcpy(key.field_name, hit_path_array[j].field_name, sizeof(key.field_name)); - key.negate_option = hit_path_array[j].negate_option; - if (maat_rule_has_condition_query_key(rule, &key)) { - populate_hit_path_with_rule(hit_path_array, j, n_hit_path, - &n_new_hit_path, key.field_name, rule); - } - } - } - - return (n_hit_path + n_new_hit_path); -} - -static void -rule_compile_state_add_direct_hit_objects(struct rule_compile_state *rule_compile_state, - struct maat_item *hit_items, - size_t n_hit_items, struct field_hit_object_collection * attr_hit_obj_coll) -{ - if (NULL == rule_compile_state || NULL == hit_items) { - return; - } - - for (size_t i = 0; i < n_hit_items; i++) { - utarray_push_back(attr_hit_obj_coll->direct_items, &hit_items[i]); - } -} - -static void -rule_compile_state_add_indirect_hit_objects(struct rule_compile_state *rule_compile_state, - uuid_t *object_uuids, size_t n_object_uuids, - struct field_hit_object_collection * attr_hit_obj_coll) -{ - if (NULL == rule_compile_state || NULL == object_uuids) { - return; - } - - for (size_t i = 0; i < n_object_uuids; i++) { - utarray_push_back(attr_hit_obj_coll->indirect_object_uuids, &object_uuids[i]); - } -} - static void rule_compile_state_add_hit_conditions(struct rule_compile_state *rule_compile_state, UT_array *condition_id_array) @@ -1204,6 +1130,151 @@ rule_compile_state_add_hit_not_conditions(struct rule_compile_state *rule_compil } } +static void rule_runtime_update_hit_conditions(struct maat *maat_inst, struct rule_runtime *rule_rt, + struct rule_compile_state *rule_compile_state, int need_add_hit_path) +{ + int clear_negate_hit_path_flag = 0; + + utarray_clear(rule_compile_state->all_hit_conditions); + utarray_clear(rule_compile_state->exclude_not_conditions); + + struct field_hit_object_collection *attr_hit_obj_coll = NULL, *tmp = NULL; + HASH_ITER(hh, rule_compile_state->attr_hit_objects_hashtbl, attr_hit_obj_coll, tmp) { + struct condition_query_key key; + memset(&key, 0, sizeof(key)); + snprintf(key.field_name, sizeof(key.field_name), "%s", attr_hit_obj_coll->field_name); + + for (int i = 0; i < utarray_len(attr_hit_obj_coll->all_object_uuids); i++) { + uuid_t *object_uuid = utarray_eltptr(attr_hit_obj_coll->all_object_uuids, i); + uuid_copy(key.object_uuid, *object_uuid); + key.negate_option = 0; + + struct condition_id_kv *condition_id_kv = NULL; + HASH_FIND(hh, rule_rt->condition_id_kv_hash, &key, sizeof(key), condition_id_kv); + if (condition_id_kv != NULL) { + rule_compile_state_add_hit_conditions(rule_compile_state, condition_id_kv->condition_ids); + } + + if (attr_hit_obj_coll->need_negate_condition) { + key.negate_option = 1; + HASH_FIND(hh, rule_rt->not_condition_id_kv_hash, &key, sizeof(key), condition_id_kv); + if (condition_id_kv != NULL) { + rule_compile_state_add_exclude_not_conditions(rule_compile_state, condition_id_kv->condition_ids); + } + } + } + } + + //not conditions + struct condition_id_kv *condition_id_kv = NULL, *tmp_condition_id_kv = NULL; + HASH_ITER(hh, rule_rt->not_condition_id_kv_hash, condition_id_kv, tmp_condition_id_kv) { + HASH_FIND_STR(rule_compile_state->attr_hit_objects_hashtbl, condition_id_kv->key.field_name, attr_hit_obj_coll); + if (attr_hit_obj_coll == NULL || attr_hit_obj_coll->need_negate_condition == 0) { + continue; + } + + if (utarray_find(attr_hit_obj_coll->all_object_uuids, &(condition_id_kv->key.object_uuid), compare_object_uuid) != NULL) { + continue; + } + + rule_compile_state_add_hit_not_conditions(rule_compile_state, condition_id_kv->condition_ids); + + if (need_add_hit_path && maat_inst->opts.hit_path_on && attr_hit_obj_coll->need_negate_hit_path) { + uuid_t null_uuid; + uuid_clear(null_uuid); + rule_compile_state_add_internal_hit_path(rule_compile_state, null_uuid, + condition_id_kv->key.object_uuid, + condition_id_kv->key.field_name, 1, + attr_hit_obj_coll->Nth_scan); + clear_negate_hit_path_flag = 1; + } + } + + if (clear_negate_hit_path_flag) { + HASH_ITER(hh, rule_compile_state->attr_hit_objects_hashtbl, attr_hit_obj_coll, tmp) { + attr_hit_obj_coll->need_negate_hit_path = 0; + } + } + + return; +} + +size_t rule_runtime_get_hit_paths(struct rule_runtime *rule_rt, int thread_id, + struct maat_state *state, + struct maat_hit_path *hit_path_array, + size_t array_size, size_t n_hit_path) +{ + /* assign hit_path_array[].rule_id */ + size_t n_new_hit_path = 0; + struct maat_rule *rule = NULL; + struct condition_query_key key; + struct rule_compile_state *rule_compile_state = state->rule_compile_state; + struct bool_expr_match *expr_match = rule_rt->expr_match_buff + + (thread_id * MAX_HIT_RULE_NUM); + assert(thread_id >= 0); + + rule_runtime_update_hit_conditions(state->maat_inst, rule_rt, rule_compile_state, 0); + + int bool_match_ret = + bool_matcher_match(rule_rt->bm, + (unsigned long long *)utarray_eltptr(rule_compile_state->all_hit_conditions, 0), + utarray_len(rule_compile_state->all_hit_conditions), expr_match, MAX_HIT_RULE_NUM);//TODO: maat_state_compile + + for (int idx = 0; idx < bool_match_ret; idx++) { + rule = (struct maat_rule *)expr_match[idx].user_tag; + assert(rule->magic_num == MAAT_RULE_MAGIC); + assert(uuid_compare(rule->rule_uuid, expr_match[idx].expr_uuid) == 0); + if (0 == rule->condition_num) { + continue; + } + + for (size_t j = 0; j < n_hit_path && (n_hit_path + n_new_hit_path) < array_size; j++) { + if (uuid_is_null(hit_path_array[j].top_object_uuid)) { + uuid_copy(key.object_uuid, hit_path_array[j].sub_object_uuid); + } else { + uuid_copy(key.object_uuid, hit_path_array[j].top_object_uuid); + } + + memcpy(key.field_name, hit_path_array[j].field_name, sizeof(key.field_name)); + key.negate_option = hit_path_array[j].negate_option; + if (maat_rule_has_condition_query_key(rule, &key)) { + populate_hit_path_with_rule(hit_path_array, j, n_hit_path, + &n_new_hit_path, key.field_name, rule); + } + } + } + + return (n_hit_path + n_new_hit_path); +} + +static void +rule_compile_state_add_direct_hit_objects(struct rule_compile_state *rule_compile_state, + struct maat_item *hit_items, + size_t n_hit_items, struct field_hit_object_collection * attr_hit_obj_coll) +{ + if (NULL == rule_compile_state || NULL == hit_items) { + return; + } + + for (size_t i = 0; i < n_hit_items; i++) { + utarray_push_back(attr_hit_obj_coll->direct_items, &hit_items[i]); + } +} + +static void +rule_compile_state_add_indirect_hit_objects(struct rule_compile_state *rule_compile_state, + uuid_t *object_uuids, size_t n_object_uuids, + struct field_hit_object_collection * attr_hit_obj_coll) +{ + if (NULL == rule_compile_state || NULL == object_uuids) { + return; + } + + for (size_t i = 0; i < n_object_uuids; i++) { + utarray_push_back(attr_hit_obj_coll->indirect_object_uuids, &object_uuids[i]); + } +} + int rule_runtime_update_rule_exdata(struct rule_runtime *rule_rt, struct rule_schema *rule_schema, const char *table_name, const char *row, @@ -1613,10 +1684,6 @@ int rule_runtime_match(int table_id, struct rule_runtime *rule_rt, uuid_t *rule_ { struct rule_compile_state *rule_compile_state = state->rule_compile_state; struct maat_rule *rules[rule_ids_size]; - int clear_scan_not_obj_flag = 0; - - utarray_clear(rule_compile_state->all_hit_conditions); - utarray_clear(rule_compile_state->exclude_not_conditions); struct rule_compile_runtime_state *rule_compile_rt_state = NULL; HASH_FIND_INT(rule_compile_state->rule_runtime_state_hash, &table_id, rule_compile_rt_state); @@ -1633,68 +1700,7 @@ int rule_runtime_match(int table_id, struct rule_runtime *rule_rt, uuid_t *rule_ rule_compile_rt_state->rule_rt_version = rule_rt->version; } - struct field_hit_object_collection *attr_hit_obj_coll = NULL, *tmp = NULL; - HASH_ITER(hh, rule_compile_state->attr_hit_objects_hashtbl, attr_hit_obj_coll, tmp) { - struct condition_query_key key; - memset(&key, 0, sizeof(key)); - snprintf(key.field_name, sizeof(key.field_name), "%s", attr_hit_obj_coll->field_name); - - for (int i = 0; i < utarray_len(attr_hit_obj_coll->all_object_uuids); i++) { - uuid_t *object_uuid = utarray_eltptr(attr_hit_obj_coll->all_object_uuids, i); - uuid_copy(key.object_uuid, *object_uuid); - key.negate_option = 0; - - struct condition_id_kv *condition_id_kv = NULL; - HASH_FIND(hh, rule_rt->condition_id_kv_hash, &key, sizeof(key), condition_id_kv); - if (condition_id_kv != NULL) { - rule_compile_state_add_hit_conditions(rule_compile_state, condition_id_kv->condition_ids); - } - - if (attr_hit_obj_coll->need_negate_condition) { - key.negate_option = 1; - HASH_FIND(hh, rule_rt->not_condition_id_kv_hash, &key, sizeof(key), condition_id_kv); - if (condition_id_kv != NULL) { - rule_compile_state_add_exclude_not_conditions(rule_compile_state, condition_id_kv->condition_ids); - } - } - } - - if (attr_hit_obj_coll->need_scan_not_object) { - clear_scan_not_obj_flag = 1; - } - } - - //not conditions - struct condition_id_kv *condition_id_kv = NULL, *tmp_condition_id_kv = NULL; - HASH_ITER(hh, rule_rt->not_condition_id_kv_hash, condition_id_kv, tmp_condition_id_kv) { - HASH_FIND_STR(rule_compile_state->attr_hit_objects_hashtbl, condition_id_kv->key.field_name, attr_hit_obj_coll); - if (attr_hit_obj_coll == NULL || attr_hit_obj_coll->need_negate_condition == 0) { - continue; - } - - if (utarray_find(attr_hit_obj_coll->all_object_uuids, &(condition_id_kv->key.object_uuid), compare_object_uuid) != NULL) { - continue; - } - - rule_compile_state_add_hit_not_conditions(rule_compile_state, condition_id_kv->condition_ids); - - if (state->maat_inst->opts.hit_path_on && attr_hit_obj_coll->need_scan_not_object) { - uuid_t null_uuid; - uuid_clear(null_uuid); - rule_compile_state_add_internal_hit_path(rule_compile_state, null_uuid, - condition_id_kv->key.object_uuid, - condition_id_kv->key.field_name, 1, - attr_hit_obj_coll->Nth_scan); - } - } - - if (clear_scan_not_obj_flag) { - HASH_ITER(hh, rule_compile_state->attr_hit_objects_hashtbl, attr_hit_obj_coll, tmp) { - if (attr_hit_obj_coll->need_scan_not_object) { - attr_hit_obj_coll->need_scan_not_object = 0; - } - } - } + rule_runtime_update_hit_conditions(state->maat_inst, rule_rt, rule_compile_state, 1); // all hit condition_id -> rule_id size_t bool_match_ret = @@ -1785,7 +1791,7 @@ static int rule_compile_state_add_hit_objects(struct rule_compile_state *rule_co } int rule_compile_state_update(struct rule_compile_state *rule_compile_state, struct maat *maat_inst, - const char *field_name, int custom_rule_tbl_id, int Nth_scan, + const char *field_name, int Nth_scan, struct maat_item *hit_items, size_t n_hit_item) { size_t i = 0, j = 0; @@ -1846,7 +1852,7 @@ void rule_compile_state_not_logic_update(struct maat *maat_inst, struct rule_com assert(attr_hit_obj_coll != NULL); attr_hit_obj_coll->need_negate_condition = 1; - attr_hit_obj_coll->need_scan_not_object = 1; + attr_hit_obj_coll->need_negate_hit_path = 1; attr_hit_obj_coll->Nth_scan = Nth_scan; struct rule_compile_runtime_state *rule_compile_rt_state = NULL, *tmp = NULL; diff --git a/src/maat_table.c b/src/maat_table.c index 7cd1997..a2ecb2d 100644 --- a/src/maat_table.c +++ b/src/maat_table.c @@ -50,7 +50,6 @@ struct table_manager { size_t n_accept_tag; enum expr_engine_type engine_type; - int default_rule_table_id; int object_group_table_id; struct maat_kv_store *tbl_name2id_map; struct maat_kv_store *conj_tbl_name2id_map; @@ -697,18 +696,6 @@ static int register_tbl_name2id(struct maat_kv_store *tbl_name2id_map, cJSON *ro return 0; } -int maat_default_rule_table_id(cJSON *json, struct log_handle *logger) -{ - cJSON *item = cJSON_GetObjectItem(json, "default_rule_table"); - if (NULL == item || item->type != cJSON_Number) { - return -1; - } - - item = cJSON_GetObjectItem(json, "table_id"); - //item is cJSON_Number which has been checked in maat_table_new - return item->valueint; -} - struct table_manager * table_manager_create(const char *table_info_path, const char *accept_tags, enum maat_expr_engine engine_type, struct maat_garbage_bin *garbage_bin, @@ -777,7 +764,6 @@ table_manager_create(const char *table_info_path, const char *accept_tags, return NULL; } - int default_rule_table_id = -1; int object_group_table_id = -1; struct maat_kv_store *reserved_word_map = maat_kv_store_new(); register_reserved_word(reserved_word_map); @@ -809,12 +795,6 @@ table_manager_create(const char *table_info_path, const char *accept_tags, } } - if (maat_tbl->table_type == TABLE_TYPE_RULE) { - if (default_rule_table_id < 0) { - default_rule_table_id = maat_default_rule_table_id(json, logger); - } - } - if (maat_tbl->table_type == TABLE_TYPE_OBJECT_GROUP) { object_group_table_id = maat_tbl->table_id; } @@ -828,10 +808,8 @@ table_manager_create(const char *table_info_path, const char *accept_tags, } } - tbl_mgr->default_rule_table_id = default_rule_table_id; tbl_mgr->object_group_table_id = object_group_table_id; - log_info(logger, MODULE_TABLE, "default rule table id: %d", default_rule_table_id); log_info(logger, MODULE_TABLE, "object_group table id: %d", object_group_table_id); next: FREE(json_buff); @@ -1040,15 +1018,6 @@ enum table_type table_manager_get_table_type(struct table_manager *tbl_mgr, int return tbl_mgr->tbl[table_id]->table_type; } -int table_manager_get_default_rule_table_id(struct table_manager *tbl_mgr) -{ - if (NULL == tbl_mgr) { - return -1; - } - - return tbl_mgr->default_rule_table_id; -} - int table_manager_get_object_group_table_id(struct table_manager *tbl_mgr) { if (NULL == tbl_mgr) { diff --git a/test/maat_framework_gtest.cpp b/test/maat_framework_gtest.cpp index 9b01196..a26c60e 100644 --- a/test/maat_framework_gtest.cpp +++ b/test/maat_framework_gtest.cpp @@ -267,7 +267,7 @@ TEST_F(FlagScan, basic) { struct maat_hit_path hit_path[HIT_PATH_SIZE]; int n_read = 0; memset(hit_path, 0, sizeof(hit_path)); - n_read = maat_state_get_hit_paths(state, hit_path, HIT_PATH_SIZE); + n_read = maat_state_get_hit_paths(state, default_rule_table_name, hit_path, HIT_PATH_SIZE); EXPECT_NE(n_read, 0); maat_state_reset(state); @@ -337,7 +337,7 @@ TEST_F(FlagScan, withExprRegion) { int n_read = 0; memset(hit_path, 0, sizeof(hit_path)); - n_read = maat_state_get_hit_paths(state, hit_path, HIT_PATH_SIZE); + n_read = maat_state_get_hit_paths(state, default_rule_table_name, hit_path, HIT_PATH_SIZE); EXPECT_NE(n_read, 0); const char *expr_scan_data = "hello world"; @@ -407,7 +407,7 @@ TEST_F(FlagScan, hitMultiRule) { int n_read = 0; memset(hit_path, 0, sizeof(hit_path)); - n_read = maat_state_get_hit_paths(state, hit_path, HIT_PATH_SIZE); + n_read = maat_state_get_hit_paths(state, default_rule_table_name, hit_path, HIT_PATH_SIZE); EXPECT_NE(n_read, 0); maat_state_free(state); @@ -478,7 +478,7 @@ TEST_F(FlagScan, hitRepeatedRule) { int n_read = 0; memset(hit_path, 0, sizeof(hit_path)); - n_read = maat_state_get_hit_paths(state, hit_path, HIT_PATH_SIZE); + n_read = maat_state_get_hit_paths(state, default_rule_table_name, hit_path, HIT_PATH_SIZE); EXPECT_NE(n_read, 0); maat_state_free(state); @@ -840,7 +840,7 @@ TEST_P(StringScan, Expr8) { int n_read = 0; memset(hit_path, 0, sizeof(hit_path)); - n_read = maat_state_get_hit_paths(state, hit_path, HIT_PATH_SIZE); + n_read = maat_state_get_hit_paths(state, default_rule_table_name, hit_path, HIT_PATH_SIZE); EXPECT_NE(n_read, 0); maat_state_free(state); @@ -5250,7 +5250,7 @@ TEST_F(RuleTable, Conjunction1) { EXPECT_STREQ(uuid_str, "00000000-0000-0000-0000-000000000141"); struct maat_hit_path hit_path[HIT_PATH_SIZE]; - int n_read = maat_state_get_hit_paths(state, hit_path, HIT_PATH_SIZE); + int n_read = maat_state_get_hit_paths(state, default_rule_table_name, hit_path, HIT_PATH_SIZE); EXPECT_EQ(n_read, 2); maat_state_free(state); @@ -5285,7 +5285,7 @@ TEST_F(RuleTable, Conjunction2) { struct maat_hit_path hit_path[HIT_PATH_SIZE]; - int n_read = maat_state_get_hit_paths(state, hit_path, HIT_PATH_SIZE); + int n_read = maat_state_get_hit_paths(state, default_rule_table_name, hit_path, HIT_PATH_SIZE); EXPECT_EQ(n_read, 2); ret = maat_scan_string(maat_inst, table_name, field_name, scan_data, strlen(scan_data), state); @@ -5298,7 +5298,7 @@ TEST_F(RuleTable, Conjunction2) { EXPECT_EQ(n_hit_result, 2); memset(hit_path, 0, sizeof(hit_path)); - n_read = maat_state_get_hit_paths(state, hit_path, HIT_PATH_SIZE); + n_read = maat_state_get_hit_paths(state, default_rule_table_name, hit_path, HIT_PATH_SIZE); EXPECT_EQ(n_read, 4); maat_state_free(state); @@ -5554,7 +5554,7 @@ TEST_F(Policy, EvaluationOrder) { struct maat_hit_path hit_path[128]; memset(hit_path, 0, sizeof(hit_path)); - size_t n_hit_path = maat_state_get_hit_paths(state, hit_path, 128); + size_t n_hit_path = maat_state_get_hit_paths(state, default_rule_table_name, hit_path, 128); EXPECT_EQ(n_hit_path, 6); EXPECT_STREQ(hit_path[0].field_name, field_name); @@ -5669,7 +5669,7 @@ TEST_F(Policy, NotConditionHitPath) { struct maat_hit_path hit_path[128]; memset(hit_path, 0, sizeof(hit_path)); - size_t n_hit_path = maat_state_get_hit_paths(state, hit_path, 128); + size_t n_hit_path = maat_state_get_hit_paths(state, default_rule_table_name, hit_path, 128); EXPECT_EQ(n_hit_path, 4); EXPECT_EQ(hit_path[0].Nth_scan, 1); @@ -8351,7 +8351,7 @@ TEST_F(MaatCmd, HitPathBasic) { struct maat_hit_path hit_path[128]; memset(hit_path, 0, sizeof(hit_path)); - int n_read = maat_state_get_hit_paths(state, hit_path, sizeof(hit_path)); + int n_read = maat_state_get_hit_paths(state, default_rule_table_name, hit_path, sizeof(hit_path)); EXPECT_EQ(n_read, 2); int path_idx = 0; @@ -8392,7 +8392,7 @@ TEST_F(MaatCmd, HitPathBasic) { scan_times = maat_state_get_scan_count(state); EXPECT_EQ(scan_times, 2); - n_read = maat_state_get_hit_paths(state, hit_path, sizeof(hit_path)); + n_read = maat_state_get_hit_paths(state, default_rule_table_name, hit_path, sizeof(hit_path)); EXPECT_EQ(n_read, 4); path_idx = 0; @@ -8462,7 +8462,7 @@ that the edges be all directed in the same direction."; scan_times = maat_state_get_scan_count(state); EXPECT_EQ(scan_times, 3); - n_read = maat_state_get_hit_paths(state, hit_path, sizeof(hit_path)); + n_read = maat_state_get_hit_paths(state, default_rule_table_name, hit_path, sizeof(hit_path)); EXPECT_EQ(n_read, 5); path_idx++; @@ -8492,7 +8492,7 @@ that the edges be all directed in the same direction."; scan_times = maat_state_get_scan_count(state); EXPECT_EQ(scan_times, 4); - n_read = maat_state_get_hit_paths(state, hit_path, sizeof(hit_path)); + n_read = maat_state_get_hit_paths(state, default_rule_table_name, hit_path, sizeof(hit_path)); EXPECT_EQ(n_read, 6); path_idx++; @@ -8519,7 +8519,7 @@ that the edges be all directed in the same direction."; scan_times = maat_state_get_scan_count(state); EXPECT_EQ(scan_times, 5); - n_read = maat_state_get_hit_paths(state, hit_path, sizeof(hit_path)); + n_read = maat_state_get_hit_paths(state, default_rule_table_name, hit_path, sizeof(hit_path)); EXPECT_EQ(n_read, 7); path_idx++; @@ -8731,7 +8731,7 @@ TEST_F(MaatCmd, HitPathAdvanced) { struct maat_hit_path hit_path[128]; memset(hit_path, 0, sizeof(hit_path)); - int n_read = maat_state_get_hit_paths(state, hit_path, sizeof(hit_path)); + int n_read = maat_state_get_hit_paths(state, default_rule_table_name, hit_path, sizeof(hit_path)); EXPECT_EQ(n_read, 1); int path_idx = 0; @@ -8755,7 +8755,7 @@ TEST_F(MaatCmd, HitPathAdvanced) { uuid_unparse(results[0], uuid_str); EXPECT_STREQ(uuid_str, rule1_uuid_str); - n_read = maat_state_get_hit_paths(state, hit_path, sizeof(hit_path)); + n_read = maat_state_get_hit_paths(state, default_rule_table_name, hit_path, sizeof(hit_path)); EXPECT_EQ(n_read, 3); path_idx = 0; @@ -8809,7 +8809,7 @@ TEST_F(MaatCmd, HitPathAdvanced) { EXPECT_STREQ(uuid_str, rule2_uuid_str); memset(hit_path, 0, sizeof(hit_path)); - n_read = maat_state_get_hit_paths(state, hit_path, sizeof(hit_path)); + n_read = maat_state_get_hit_paths(state, default_rule_table_name, hit_path, sizeof(hit_path)); EXPECT_EQ(n_read, 5); path_idx = 0; @@ -8890,7 +8890,7 @@ TEST_F(MaatCmd, HitPathAdvanced) { EXPECT_STREQ(uuid_str, rule3_uuid_str); memset(hit_path, 0, sizeof(hit_path)); - n_read = maat_state_get_hit_paths(state, hit_path, sizeof(hit_path)); + n_read = maat_state_get_hit_paths(state, default_rule_table_name, hit_path, sizeof(hit_path)); EXPECT_EQ(n_read, 7); path_idx = 0; @@ -9134,7 +9134,7 @@ TEST_F(MaatCmd, HitPathHasNotObject) { struct maat_hit_path hit_path[128]; memset(hit_path, 0, sizeof(hit_path)); - int n_read = maat_state_get_hit_paths(state, hit_path, sizeof(hit_path)); + int n_read = maat_state_get_hit_paths(state, default_rule_table_name, hit_path, sizeof(hit_path)); EXPECT_EQ(n_read, 2); int path_idx = 0; @@ -9176,7 +9176,7 @@ TEST_F(MaatCmd, HitPathHasNotObject) { scan_times = maat_state_get_scan_count(state); EXPECT_EQ(scan_times, 2); - n_read = maat_state_get_hit_paths(state, hit_path, sizeof(hit_path)); + n_read = maat_state_get_hit_paths(state, default_rule_table_name, hit_path, sizeof(hit_path)); EXPECT_EQ(n_read, 4); path_idx = 0; @@ -9247,7 +9247,7 @@ TEST_F(MaatCmd, HitPathHasNotObject) { scan_times = maat_state_get_scan_count(state); EXPECT_EQ(scan_times, 3); - n_read = maat_state_get_hit_paths(state, hit_path, sizeof(hit_path)); + n_read = maat_state_get_hit_paths(state, default_rule_table_name, hit_path, sizeof(hit_path)); EXPECT_EQ(n_read, 5); path_idx++; @@ -9277,7 +9277,7 @@ TEST_F(MaatCmd, HitPathHasNotObject) { scan_times = maat_state_get_scan_count(state); EXPECT_EQ(scan_times, 4); - n_read = maat_state_get_hit_paths(state, hit_path, sizeof(hit_path)); + n_read = maat_state_get_hit_paths(state, default_rule_table_name, hit_path, sizeof(hit_path)); EXPECT_EQ(n_read, 6); path_idx++; @@ -9305,7 +9305,7 @@ TEST_F(MaatCmd, HitPathHasNotObject) { scan_times = maat_state_get_scan_count(state); EXPECT_EQ(scan_times, 5); - n_read = maat_state_get_hit_paths(state, hit_path, sizeof(hit_path)); + n_read = maat_state_get_hit_paths(state, default_rule_table_name, hit_path, sizeof(hit_path)); EXPECT_EQ(n_read, 7); path_idx++; @@ -9404,7 +9404,7 @@ TEST_F(MaatCmd, SameSuperObjectRefByMultiRule) { EXPECT_STREQ(uuid_str, rule2_uuid_str); memset(hit_path, 0, sizeof(hit_path)); - int n_read = maat_state_get_hit_paths(state, hit_path, sizeof(hit_path)); + int n_read = maat_state_get_hit_paths(state, default_rule_table_name, hit_path, sizeof(hit_path)); EXPECT_EQ(n_read, 3); int path_idx = 0; @@ -9557,7 +9557,7 @@ TEST_F(MaatCmd, ObjectEdit) { struct maat_hit_path hit_path[128]; memset(hit_path, 0, sizeof(hit_path)); - int n_read = maat_state_get_hit_paths(state, hit_path, sizeof(hit_path)); + int n_read = maat_state_get_hit_paths(state, default_rule_table_name, hit_path, sizeof(hit_path)); EXPECT_EQ(n_read, 2); maat_state_reset(state);