diff --git a/include/maat.h b/include/maat.h index b1820ba..9e0693f 100644 --- a/include/maat.h +++ b/include/maat.h @@ -48,14 +48,6 @@ enum maat_scan_status { MAAT_SCAN_HIT //scan hit compile }; -#define MAX_SERVICE_DEFINE_LEN 128 -struct maat_rule { - long long config_id; - uint8_t reserved; - int serv_def_len; - char service_defined[MAX_SERVICE_DEFINE_LEN]; -}; - struct ip_addr { int ip_type; //4: IPv4, 6: IPv6 union { @@ -68,15 +60,9 @@ typedef void maat_start_callback_t(int update_type, void *u_param); typedef void maat_update_callback_t(int table_id, const char *table_line, void *u_para); typedef void maat_finish_callback_t(void *u_para); -typedef void maat_plugin_ex_new_func_t(int table_id, const char *key, const char *table_line, void **ad, long argl, void *argp); -typedef void maat_plugin_ex_free_func_t(int table_id, void **ad, long argl, void *argp); -typedef void maat_plugin_ex_dup_func_t(int table_id, void **to, void **from, long argl, void *argp); - -typedef void maat_rule_ex_new_func_t(int idx, const struct maat_rule *rule, const char *srv_def_large, - void **ex_data, long argl, void *argp); -typedef void maat_rule_ex_free_func_t(int idx, const struct maat_rule *rule, const char *srv_def_large, - void **ex_data, long argl, void *argp); -typedef void maat_rule_ex_dup_func_t(int idx, void **to, void **from, long argl, void *argp); +typedef void maat_ex_new_func_t(int table_id, const char *key, const char *table_line, void **ad, long argl, void *argp); +typedef void maat_ex_free_func_t(int table_id, void **ad, long argl, void *argp); +typedef void maat_ex_dup_func_t(int table_id, void **to, void **from, long argl, void *argp); /* maat_instance options API */ struct maat_options; @@ -111,18 +97,18 @@ int maat_table_callback_register(struct maat *instance, int table_id, /* maat compile table API */ int maat_compile_table_ex_schema_register(struct maat *instance, int table_id, - maat_rule_ex_new_func_t *new_func, - maat_rule_ex_free_func_t *free_func, - maat_rule_ex_dup_func_t *dup_func, + maat_ex_new_func_t *new_func, + maat_ex_free_func_t *free_func, + maat_ex_dup_func_t *dup_func, long argl, void *argp); void *maat_compile_table_get_ex_data(struct maat *instance, int compile_table_id, - long long compile_id, size_t idx); + long long compile_id); /* maat plugin table API */ int maat_plugin_table_ex_schema_register(struct maat *instance, int table_id, - maat_plugin_ex_new_func_t *new_func, - maat_plugin_ex_free_func_t *free_func, - maat_plugin_ex_dup_func_t *dup_func, + maat_ex_new_func_t *new_func, + maat_ex_free_func_t *free_func, + maat_ex_dup_func_t *dup_func, long argl, void *argp); /* returned data is duplicated by dup_func of maat_plugin_table_ex_schema_register, caller is responsible to free the data. */ diff --git a/src/inc_internal/maat_bool_plugin.h b/src/inc_internal/maat_bool_plugin.h index 4b6656c..8d06763 100644 --- a/src/inc_internal/maat_bool_plugin.h +++ b/src/inc_internal/maat_bool_plugin.h @@ -33,9 +33,9 @@ void bool_plugin_schema_free(void *bool_plugin_schema); struct ex_data_schema *bool_plugin_table_get_ex_data_schema(void *bool_plugin_schema); int bool_plugin_table_set_ex_data_schema(void *bool_plugin_schema, - maat_plugin_ex_new_func_t *new_func, - maat_plugin_ex_free_func_t *free_func, - maat_plugin_ex_dup_func_t *dup_func, + maat_ex_new_func_t *new_func, + maat_ex_free_func_t *free_func, + maat_ex_dup_func_t *dup_func, long argl, void *argp, struct log_handle *logger); diff --git a/src/inc_internal/maat_compile.h b/src/inc_internal/maat_compile.h index 5abf21b..3665988 100644 --- a/src/inc_internal/maat_compile.h +++ b/src/inc_internal/maat_compile.h @@ -21,16 +21,6 @@ extern "C" #include "maat_kv.h" #include "maat_rule.h" -struct compile_ex_data_schema { - maat_rule_ex_new_func_t *new_func; - maat_rule_ex_free_func_t *free_func; - maat_rule_ex_dup_func_t *dup_func; - long argl; - void *argp; - int idx; - int table_id; -}; - struct compile_schema; struct compile_runtime; struct maat_compile_state; @@ -46,17 +36,14 @@ void *group2compile_schema_new(cJSON *json, struct table_manager *tbl_mgr, void group2compile_schema_free(void *g2c_schema); int group2compile_associated_compile_table_id(void *g2c_schema); -int compile_table_set_rule_ex_data_schema(struct compile_schema *compile_schema, - int table_id, - maat_rule_ex_new_func_t *new_func, - maat_rule_ex_free_func_t *free_func, - maat_rule_ex_dup_func_t *dup_func, - long argl, void *argp, - struct log_handle *logger); -void *compile_table_get_rule_ex_data(struct compile_schema *compile_schema, long long compile_id, size_t idx); -void compile_table_rule_ex_data_iterate(struct compile_schema *compile_schema, int idx); - -size_t compile_table_rule_ex_data_schema_count(struct compile_schema *compile_schema); +int compile_table_set_ex_data_schema(struct compile_schema *compile_schema, int table_id, + maat_ex_new_func_t *new_func, + maat_ex_free_func_t *free_func, + maat_ex_dup_func_t *dup_func, + long argl, void *argp, + struct log_handle *logger); +void *compile_table_get_ex_data(struct compile_schema *compile_schema, long long compile_id); +void compile_table_ex_data_iterate(struct compile_schema *compile_schema); /* compile runtime API */ void *compile_runtime_new(void *compile_schema, int max_thread_num, diff --git a/src/inc_internal/maat_ex_data.h b/src/inc_internal/maat_ex_data.h index 8c277d3..3d5bf44 100644 --- a/src/inc_internal/maat_ex_data.h +++ b/src/inc_internal/maat_ex_data.h @@ -30,6 +30,14 @@ struct ex_container_ctx { struct ex_data_schema *ex_schema; }; +struct ex_data_schema { + maat_ex_new_func_t *new_func; + maat_ex_free_func_t *free_func; + maat_ex_dup_func_t *dup_func; + long argl; + void *argp; +}; + struct ex_data_runtime; /* ex_data_runtime API */ @@ -49,9 +57,9 @@ size_t ex_data_runtime_cached_row_count(struct ex_data_runtime *ex_data_rt); void ex_data_runtime_clear_row_cache(struct ex_data_runtime *ex_data_rt); /* set schema API */ -struct ex_data_schema *ex_data_schema_new(maat_plugin_ex_new_func_t *new_func, - maat_plugin_ex_free_func_t *free_func, - maat_plugin_ex_dup_func_t *dup_func, +struct ex_data_schema *ex_data_schema_new(maat_ex_new_func_t *new_func, + maat_ex_free_func_t *free_func, + maat_ex_dup_func_t *dup_func, long argl, void *argp); void ex_data_schema_free(struct ex_data_schema *ex_schema); diff --git a/src/inc_internal/maat_fqdn_plugin.h b/src/inc_internal/maat_fqdn_plugin.h index 799de81..23cedc6 100644 --- a/src/inc_internal/maat_fqdn_plugin.h +++ b/src/inc_internal/maat_fqdn_plugin.h @@ -33,9 +33,9 @@ void fqdn_plugin_schema_free(void *fqdn_plugin_schema); struct ex_data_schema *fqdn_plugin_table_get_ex_data_schema(void *fqdn_plugin_schema); int fqdn_plugin_table_set_ex_data_schema(void *fqdn_plugin_schema, - maat_plugin_ex_new_func_t *new_func, - maat_plugin_ex_free_func_t *free_func, - maat_plugin_ex_dup_func_t *dup_func, + maat_ex_new_func_t *new_func, + maat_ex_free_func_t *free_func, + maat_ex_dup_func_t *dup_func, long argl, void *argp, struct log_handle *logger); diff --git a/src/inc_internal/maat_ip_plugin.h b/src/inc_internal/maat_ip_plugin.h index 6af0a4d..6422ecf 100644 --- a/src/inc_internal/maat_ip_plugin.h +++ b/src/inc_internal/maat_ip_plugin.h @@ -33,9 +33,9 @@ void ip_plugin_schema_free(void *ip_plugin_schema); struct ex_data_schema *ip_plugin_table_get_ex_data_schema(void *ip_plugin_schema); void ip_plugin_table_set_ex_data_schema(void *ip_plugin_schema, - maat_plugin_ex_new_func_t *new_func, - maat_plugin_ex_free_func_t *free_func, - maat_plugin_ex_dup_func_t *dup_func, + maat_ex_new_func_t *new_func, + maat_ex_free_func_t *free_func, + maat_ex_dup_func_t *dup_func, long argl, void *argp, struct log_handle *logger); diff --git a/src/inc_internal/maat_plugin.h b/src/inc_internal/maat_plugin.h index 4e5539b..989af9c 100644 --- a/src/inc_internal/maat_plugin.h +++ b/src/inc_internal/maat_plugin.h @@ -41,9 +41,9 @@ int plugin_table_get_foreign_column(struct plugin_schema *plugin_schema, int *fo /* plugin table ex data API */ void plugin_table_set_ex_data_schema(void *plugin_schema, - maat_plugin_ex_new_func_t *new_func, - maat_plugin_ex_free_func_t *free_func, - maat_plugin_ex_dup_func_t *dup_func, + maat_ex_new_func_t *new_func, + maat_ex_free_func_t *free_func, + maat_ex_dup_func_t *dup_func, long argl, void *argp, struct log_handle *logger); struct ex_data_schema *plugin_table_get_ex_data_schema(void *custom_schema); diff --git a/src/inc_internal/maat_rule.h b/src/inc_internal/maat_rule.h index 128cc0b..c9ece45 100644 --- a/src/inc_internal/maat_rule.h +++ b/src/inc_internal/maat_rule.h @@ -60,12 +60,6 @@ enum tag_match { TAG_MATCH_MATCHED }; -struct maat_rule_head { - long long config_id; - char resevered; - int serv_def_len; -}; - #define ITEM_RULE_MAGIC 0x4d3c2b1a struct maat_item_inner { long long magic_num; @@ -88,8 +82,8 @@ struct maat_item { struct compile_rule { long long magic_num; long long compile_id; - struct maat_rule_head head;// fix len of Maat_rule_t - char *service_defined; + char *table_line; + size_t table_line_len; int declared_clause_num; double evaluation_order; struct compile_schema *ref_table; diff --git a/src/maat_api.c b/src/maat_api.c index 835fc8c..451177d 100644 --- a/src/maat_api.c +++ b/src/maat_api.c @@ -455,9 +455,9 @@ int maat_table_callback_register(struct maat *maat_instance, int table_id, } int maat_compile_table_ex_schema_register(struct maat *maat_instance, int table_id, - maat_rule_ex_new_func_t *new_func, - maat_rule_ex_free_func_t *free_func, - maat_rule_ex_dup_func_t *dup_func, + maat_ex_new_func_t *new_func, + maat_ex_free_func_t *free_func, + maat_ex_dup_func_t *dup_func, long argl, void *argp) { if (NULL == maat_instance || table_id < 0 || table_id >= MAX_TABLE_NUM) { @@ -475,36 +475,36 @@ int maat_compile_table_ex_schema_register(struct maat *maat_instance, int table_ assert(compile_schema != NULL); pthread_mutex_lock(&(maat_instance->background_update_mutex)); - int idx = compile_table_set_rule_ex_data_schema((struct compile_schema *)compile_schema, table_id, + int ret = compile_table_set_ex_data_schema((struct compile_schema *)compile_schema, table_id, new_func, free_func, dup_func, argl, argp, maat_instance->logger); - if (idx < 0) { + if (ret < 0) { pthread_mutex_unlock(&(maat_instance->background_update_mutex)); return -1; } if (maat_instance->maat_rt != NULL) { - compile_table_rule_ex_data_iterate((struct compile_schema *)compile_schema, idx); + compile_table_ex_data_iterate((struct compile_schema *)compile_schema); } pthread_mutex_unlock(&(maat_instance->background_update_mutex)); - return idx; + return 0; } void *maat_compile_table_get_ex_data(struct maat *maat_instance, int compile_table_id, - long long compile_id, size_t idx) + long long compile_id) { struct compile_schema *schema = (struct compile_schema *)table_manager_get_schema(maat_instance->tbl_mgr, compile_table_id); enum table_type table_type = table_manager_get_table_type(maat_instance->tbl_mgr, compile_table_id); assert(table_type == TABLE_TYPE_COMPILE); - return compile_table_get_rule_ex_data(schema, compile_id, idx); + return compile_table_get_ex_data(schema, compile_id); } int generic_plugin_table_ex_schema_register(struct table_manager *tbl_mgr, int table_id, - maat_plugin_ex_new_func_t *new_func, - maat_plugin_ex_free_func_t *free_func, - maat_plugin_ex_dup_func_t *dup_func, + maat_ex_new_func_t *new_func, + maat_ex_free_func_t *free_func, + maat_ex_dup_func_t *dup_func, long argl, void *argp, struct log_handle *logger) { if (NULL == tbl_mgr || NULL == new_func || NULL == free_func || NULL == dup_func) { @@ -650,9 +650,9 @@ void generic_plugin_runtime_commit_ex_schema(void *runtime, void *schema, int ta } int maat_plugin_table_ex_schema_register(struct maat *maat_instance, int table_id, - maat_plugin_ex_new_func_t *new_func, - maat_plugin_ex_free_func_t *free_func, - maat_plugin_ex_dup_func_t *dup_func, + maat_ex_new_func_t *new_func, + maat_ex_free_func_t *free_func, + maat_ex_dup_func_t *dup_func, long argl, void *argp) { if (NULL == maat_instance || table_id < 0 || table_id >= MAX_TABLE_NUM) { diff --git a/src/maat_bool_plugin.c b/src/maat_bool_plugin.c index 6b4445b..be99465 100644 --- a/src/maat_bool_plugin.c +++ b/src/maat_bool_plugin.c @@ -127,9 +127,9 @@ struct ex_data_schema *bool_plugin_table_get_ex_data_schema(void *bool_plugin_sc } int bool_plugin_table_set_ex_data_schema(void *bool_plugin_schema, - maat_plugin_ex_new_func_t *new_func, - maat_plugin_ex_free_func_t *free_func, - maat_plugin_ex_dup_func_t *dup_func, + maat_ex_new_func_t *new_func, + maat_ex_free_func_t *free_func, + maat_ex_dup_func_t *dup_func, long argl, void *argp, struct log_handle *logger) { diff --git a/src/maat_compile.c b/src/maat_compile.c index 422e86d..4c656ff 100644 --- a/src/maat_compile.c +++ b/src/maat_compile.c @@ -21,12 +21,12 @@ #include "maat_compile.h" #include "maat_garbage_collection.h" #include "maat_group.h" +#include "maat_ex_data.h" #include "rcu_hash.h" #include "maat_table.h" #define MODULE_COMPILE module_name_str("maat.compile") #define MAX_TABLE_LINE_SIZE (1024 * 16) -#define MAX_COMPILE_EX_DATA_NUM 2 enum user_region_encode { USER_REGION_ENCODE_NONE = 0, @@ -41,8 +41,7 @@ struct compile_schema { int declared_clause_num_column; int evaluation_order_column; enum user_region_encode user_region_encoding; - size_t n_ex_schema; - struct compile_ex_data_schema ex_schema[MAX_COMPILE_EX_DATA_NUM]; + struct ex_data_schema *ex_schema; int table_id; //ugly struct table_manager *ref_tbl_mgr; size_t unmatched_tag_cnt; @@ -157,31 +156,30 @@ struct maat_compile_state { UT_array *this_scan_hit_clauses; }; -int compile_table_set_rule_ex_data_schema(struct compile_schema *compile_schema, +int compile_table_set_ex_data_schema(struct compile_schema *compile_schema, int table_id, - maat_rule_ex_new_func_t *new_func, - maat_rule_ex_free_func_t *free_func, - maat_rule_ex_dup_func_t *dup_func, + maat_ex_new_func_t *new_func, + maat_ex_free_func_t *free_func, + maat_ex_dup_func_t *dup_func, long argl, void *argp, struct log_handle *logger) { - if (compile_schema->n_ex_schema == MAX_COMPILE_EX_DATA_NUM) { + if (compile_schema->ex_schema != NULL) { log_error(logger, MODULE_COMPILE, - "compile ex schema num reach maxium, can't set anymore"); + "compile ex schema has been set already, can't set anymore"); return -1; } - int idx = compile_schema->n_ex_schema; - compile_schema->ex_schema[idx].idx = idx; - compile_schema->ex_schema[idx].table_id = table_id; - compile_schema->ex_schema[idx].argl = argl; - compile_schema->ex_schema[idx].argp = argp; - compile_schema->ex_schema[idx].new_func = new_func; - compile_schema->ex_schema[idx].free_func = free_func; - compile_schema->ex_schema[idx].dup_func = dup_func; - compile_schema->n_ex_schema++; + //compile_schema->ex_schema[idx].table_id = table_id; + compile_schema->ex_schema = ALLOC(struct ex_data_schema, 1); - return idx; + compile_schema->ex_schema->argl = argl; + compile_schema->ex_schema->argp = argp; + compile_schema->ex_schema->new_func = new_func; + compile_schema->ex_schema->free_func = free_func; + compile_schema->ex_schema->dup_func = dup_func; + + return 0; } void *compile_runtime_get_user_data(struct compile_runtime *compile_rt, long long compile_id, int is_dettach) @@ -202,83 +200,68 @@ void *compile_runtime_get_user_data(struct compile_runtime *compile_rt, long lon return ret; } -void fill_maat_rule(struct maat_rule *rule, const struct maat_rule_head *rule_head, - const char *srv_def, int srv_def_len) -{ - memcpy(rule, rule_head, sizeof(struct maat_rule_head)); - memcpy(rule->service_defined, srv_def, MIN(srv_def_len, MAX_SERVICE_DEFINE_LEN)); -} - -void *rule_ex_data_new(const struct maat_rule_head *rule_head, const char *srv_def, - const struct compile_ex_data_schema *ex_schema) +void *rule_ex_data_new(int table_id, const char *table_line, + const struct ex_data_schema *ex_schema) { void *ex_data = NULL; - struct maat_rule rule; - fill_maat_rule(&rule, rule_head, srv_def, strlen(srv_def)+1); - ex_schema->new_func(ex_schema->idx, &rule, srv_def, &ex_data, ex_schema->argl, ex_schema->argp); + ex_schema->new_func(table_id, NULL, table_line, &ex_data, ex_schema->argl, ex_schema->argp); return ex_data; } -void rule_ex_data_free(const struct maat_rule_head *rule_head, const char *srv_def, - void *ex_data, const struct compile_ex_data_schema *ex_schema) +void rule_ex_data_free(int table_id, void **ex_data, const struct ex_data_schema *ex_schema) { - struct maat_rule rule; - - memset(&rule, 0, sizeof(rule)); - fill_maat_rule(&rule, rule_head, srv_def, strlen(srv_def)+1); - ex_schema->free_func(ex_schema->idx, &rule, srv_def, ex_data, - ex_schema->argl, ex_schema->argp); + ex_schema->free_func(table_id, ex_data, ex_schema->argl, ex_schema->argp); } -void rule_ex_data_new_cb(void *user_data, void *param) +void rule_ex_data_new_cb(void *user_data, void *param, int table_id) { - struct compile_ex_data_schema *ex_schema = (struct compile_ex_data_schema *)param; + struct ex_data_schema *ex_schema = (struct ex_data_schema *)param; struct compile_rule *compile = (struct compile_rule *)user_data; // if(compile->ref_table->table_id!=ex_desc->table_id) // { // return; // } - - void *ad = rule_ex_data_new(&(compile->head), compile->service_defined, ex_schema); - compile->ex_data[ex_schema->idx] = ad; + + void *ad = rule_ex_data_new(table_id, compile->table_line, ex_schema); + *compile->ex_data = ad; } void compile_runtime_user_data_iterate(struct compile_runtime *compile_rt, - void (*callback)(void *user_data, void *param), - void *param) + void (*callback)(void *user_data, void *param, int table_id), + void *param, int table_id) { struct maat_compile *compile = NULL, *tmp_compile = NULL; pthread_rwlock_rdlock(&compile_rt->rwlock); HASH_ITER(hh, compile_rt->compile_hash, compile, tmp_compile) { if (compile->user_data) { - callback(compile->user_data, param); + callback(compile->user_data, param, table_id); } } pthread_rwlock_unlock(&compile_rt->rwlock); } -void compile_table_rule_ex_data_iterate(struct compile_schema *compile_schema, int idx) +void compile_table_ex_data_iterate(struct compile_schema *compile_schema) { if (NULL == compile_schema) { return; } - if (idx >= compile_schema->n_ex_schema) { + if (NULL == compile_schema->ex_schema) { return; } - struct compile_ex_data_schema *ex_schema = (compile_schema->ex_schema + idx); + struct ex_data_schema *ex_schema = compile_schema->ex_schema; struct compile_runtime *compile_rt = NULL; compile_rt = (struct compile_runtime *)table_manager_get_runtime(compile_schema->ref_tbl_mgr, compile_schema->table_id); - compile_runtime_user_data_iterate(compile_rt, rule_ex_data_new_cb, ex_schema); + compile_runtime_user_data_iterate(compile_rt, rule_ex_data_new_cb, ex_schema, compile_schema->table_id); } -void *compile_table_get_rule_ex_data(struct compile_schema *compile_schema, long long compile_id, size_t idx) +void *compile_table_get_ex_data(struct compile_schema *compile_schema, long long compile_id) { if (NULL == compile_schema) { return NULL; @@ -293,24 +276,14 @@ void *compile_table_get_rule_ex_data(struct compile_schema *compile_schema, long if (NULL == compile_rule) { return NULL; } - + void *ex_data = NULL; - assert(idx < compile_schema->n_ex_schema); - struct compile_ex_data_schema *ex_schema = &(compile_schema->ex_schema[idx]); - ex_schema->dup_func(ex_schema->idx, &ex_data, compile_rule->ex_data + idx, ex_schema->argl, ex_schema->argp); + struct ex_data_schema *ex_schema = compile_schema->ex_schema; + ex_schema->dup_func(compile_schema->table_id, &ex_data, compile_rule->ex_data, ex_schema->argl, ex_schema->argp); return ex_data; } -size_t compile_table_rule_ex_data_schema_count(struct compile_schema *compile_schema) -{ - if (NULL == compile_schema) { - return 0; - } - - return compile_schema->n_ex_schema; -} - UT_icd ut_literal_id_icd = {sizeof(struct maat_literal_id), NULL, NULL, NULL}; UT_icd ut_clause_id_icd = {sizeof(long long), NULL, NULL, NULL}; UT_icd ut_hit_path_icd = {sizeof(struct maat_internal_hit_path), NULL, NULL, NULL}; @@ -1484,29 +1457,23 @@ int maat_compile_state_has_NOT_clause(struct maat_compile_state *compile_state) void compile_item_to_compile_rule(struct compile_item *compile_item, struct compile_schema *compile_schema, - struct compile_rule *compile_rule) + struct compile_rule *compile_rule, + const char *table_line) { - struct maat_rule_head rule_head; - rule_head.config_id = compile_item->compile_id; - compile_rule->magic_num = COMPILE_RULE_MAGIC; - compile_rule->head = rule_head; compile_rule->declared_clause_num = compile_item->declared_clause_num; - compile_rule->ex_data = ALLOC(void *, MAX_COMPILE_EX_DATA_NUM); - compile_rule->ref_table = compile_schema; - compile_rule->head.serv_def_len = strlen(compile_item->user_region); - compile_rule->service_defined = ALLOC(char, compile_rule->head.serv_def_len); - memcpy(compile_rule->service_defined, compile_item->user_region, - compile_rule->head.serv_def_len); + compile_rule->ex_data = ALLOC(void *, 1); + compile_rule->table_line_len = strlen(table_line) + 1; + compile_rule->table_line = ALLOC(char, compile_rule->table_line_len); + memcpy(compile_rule->table_line, table_line, compile_rule->table_line_len); compile_rule->evaluation_order = compile_item->evaluation_order; - size_t n_rule_ex_schema =compile_schema->n_ex_schema; - for (size_t i = 0; i < n_rule_ex_schema; i++) { - struct compile_ex_data_schema *ex_schema = &(compile_schema->ex_schema[i]); - compile_rule->ex_data[i] = rule_ex_data_new(&compile_rule->head, - compile_rule->service_defined, ex_schema); + if (compile_schema->ex_schema != NULL) { + *(compile_rule->ex_data) = rule_ex_data_new(compile_schema->table_id, compile_rule->table_line, + compile_schema->ex_schema); } + compile_rule->compile_id = compile_item->compile_id; pthread_rwlock_init(&compile_rule->rwlock, NULL); } @@ -1516,18 +1483,14 @@ void destroy_compile_rule(struct compile_rule *compile_rule) struct compile_schema *schema = compile_rule->ref_table; assert(compile_rule->magic_num==COMPILE_RULE_MAGIC); - size_t n_rule_ex_schema = schema->n_ex_schema; - for (size_t i = 0; i < n_rule_ex_schema; i++) { - struct compile_ex_data_schema *ex_schema = &(schema->ex_schema[i]); - rule_ex_data_free(&(compile_rule->head), compile_rule->service_defined, - compile_rule->ex_data+i, ex_schema); - compile_rule->ex_data[i] = NULL; - } - free(compile_rule->ex_data); + if (schema->ex_schema != NULL) { + rule_ex_data_free(schema->table_id, compile_rule->ex_data, schema->ex_schema); + *compile_rule->ex_data = NULL; + } + FREE(compile_rule->ex_data); compile_rule->declared_clause_num = -1; - free(compile_rule->service_defined); - compile_rule->service_defined = NULL; - free(compile_rule); + FREE(compile_rule->table_line); + FREE(compile_rule); } int compile_runtime_update(void *compile_runtime, void *compile_schema, @@ -1582,7 +1545,7 @@ int compile_runtime_update(void *compile_runtime, void *compile_schema, } struct compile_rule *compile_rule = ALLOC(struct compile_rule, 1); - compile_item_to_compile_rule(compile_item, schema, compile_rule); + compile_item_to_compile_rule(compile_item, schema, compile_rule, line); compile_item_free(compile_item); compile_item = NULL; diff --git a/src/maat_ex_data.c b/src/maat_ex_data.c index a56f3af..b803e9c 100644 --- a/src/maat_ex_data.c +++ b/src/maat_ex_data.c @@ -19,14 +19,6 @@ #define MODULE_EX_DATA module_name_str("maat.ex_data") -struct ex_data_schema { - maat_plugin_ex_new_func_t *new_func; - maat_plugin_ex_free_func_t *free_func; - maat_plugin_ex_dup_func_t *dup_func; - long argl; - void *argp; -}; - struct ex_data_runtime { UT_array *cache_rows; size_t cache_row_num; @@ -127,9 +119,9 @@ void ex_data_runtime_clear_row_cache(struct ex_data_runtime *ex_data_rt) ex_data_rt->cache_size = 0; } -struct ex_data_schema *ex_data_schema_new(maat_plugin_ex_new_func_t *new_func, - maat_plugin_ex_free_func_t *free_func, - maat_plugin_ex_dup_func_t *dup_func, +struct ex_data_schema *ex_data_schema_new(maat_ex_new_func_t *new_func, + maat_ex_free_func_t *free_func, + maat_ex_dup_func_t *dup_func, long argl, void *argp) { struct ex_data_schema *ex_schema = ALLOC(struct ex_data_schema, 1); diff --git a/src/maat_fqdn_plugin.c b/src/maat_fqdn_plugin.c index b524ce0..55b70a5 100644 --- a/src/maat_fqdn_plugin.c +++ b/src/maat_fqdn_plugin.c @@ -135,9 +135,9 @@ struct ex_data_schema *fqdn_plugin_table_get_ex_data_schema(void *fqdn_plugin_sc } int fqdn_plugin_table_set_ex_data_schema(void *fqdn_plugin_schema, - maat_plugin_ex_new_func_t *new_func, - maat_plugin_ex_free_func_t *free_func, - maat_plugin_ex_dup_func_t *dup_func, + maat_ex_new_func_t *new_func, + maat_ex_free_func_t *free_func, + maat_ex_dup_func_t *dup_func, long argl, void *argp, struct log_handle *logger) { diff --git a/src/maat_ip_plugin.c b/src/maat_ip_plugin.c index ec33d10..ef66d45 100644 --- a/src/maat_ip_plugin.c +++ b/src/maat_ip_plugin.c @@ -315,9 +315,9 @@ void ip_plugin_item_free(struct ip_plugin_item *item) } void ip_plugin_table_set_ex_data_schema(void *ip_plugin_schema, - maat_plugin_ex_new_func_t *new_func, - maat_plugin_ex_free_func_t *free_func, - maat_plugin_ex_dup_func_t *dup_func, + maat_ex_new_func_t *new_func, + maat_ex_free_func_t *free_func, + maat_ex_dup_func_t *dup_func, long argl, void *argp, struct log_handle *logger) { diff --git a/src/maat_plugin.c b/src/maat_plugin.c index 5933591..2eb2529 100644 --- a/src/maat_plugin.c +++ b/src/maat_plugin.c @@ -206,9 +206,9 @@ int plugin_table_get_foreign_column(struct plugin_schema *plugin_schema, } void plugin_table_set_ex_data_schema(void *plugin_schema, - maat_plugin_ex_new_func_t *new_func, - maat_plugin_ex_free_func_t *free_func, - maat_plugin_ex_dup_func_t *dup_func, + maat_ex_new_func_t *new_func, + maat_ex_free_func_t *free_func, + maat_ex_dup_func_t *dup_func, long argl, void *argp, struct log_handle *logger) { diff --git a/test/maat_framework_gtest.cpp b/test/maat_framework_gtest.cpp index 2beb892..6375525 100644 --- a/test/maat_framework_gtest.cpp +++ b/test/maat_framework_gtest.cpp @@ -453,6 +453,8 @@ protected: TEST_F(MaatIPScan, IPv4) { const char *table_name = "IP_PLUS_CONFIG"; int table_id = maat_table_get_id(g_maat_instance, table_name); + ASSERT_GT(table_id, 0); + char ip_str[32] = "10.0.7.100"; uint32_t sip; int ret = inet_pton(AF_INET, ip_str, &sip); @@ -881,25 +883,32 @@ struct rule_ex_param { pthread_mutex_t lock; }; -void compile_ex_param_new(int idx, const struct maat_rule *rule, const char *srv_def_large, - void **ad, long argl, void *argp) +void compile_ex_param_new(int table_id, const char *key, const char *table_line, void **ad, long argl, void *argp) { int *counter = (int *)argp; *ad = NULL; - ASSERT_GT(rule->serv_def_len, 4); struct rule_ex_param *param = (struct rule_ex_param *)calloc(sizeof(struct rule_ex_param), 1); param->ref_cnt = 1; pthread_mutex_init(&(param->lock), NULL); - sscanf(srv_def_large, "%*[^:]:%[^,],%d", param->name, &(param->id)); + int compile_id = 0; + int service_id = 0; + int action = 0; + int do_blacklist = 0; + int do_log = 0; + char tags[1024] = {0}; + + sscanf(table_line, "%d\t%d\t%d\t%d\t%d\t%s\t%*[^:]:%[^,],%d", + &compile_id, &service_id, &action, &do_blacklist, &do_log, + tags, param->name, &(param->id)); + (*counter)++; *ad = param; } -void compile_ex_param_free(int idx, const struct maat_rule *rule, const char *srv_def_large, - void **ad, long argl, void *argp) +void compile_ex_param_free(int table_id, void **ad, long argl, void *argp) { if (*ad == NULL) { return; @@ -915,7 +924,7 @@ void compile_ex_param_free(int idx, const struct maat_rule *rule, const char *sr free(param); } -void compile_ex_param_dup(int idx, void **to, void **from, long argl, void *argp) +void compile_ex_param_dup(int table_id, void **to, void **from, long argl, void *argp) { struct rule_ex_param *from_param = *((struct rule_ex_param **)from); pthread_mutex_lock(&(from_param->lock)); @@ -936,25 +945,27 @@ TEST_F(CompileTable, CompileEXData) { int compile_table_id = maat_table_get_id(g_maat_instance, compile_table_name); int ex_data_counter = 0; - int ex_param_idx = maat_compile_table_ex_schema_register(g_maat_instance, compile_table_id, - compile_ex_param_new, - compile_ex_param_free, - compile_ex_param_dup, - 0, &ex_data_counter); - ASSERT_TRUE(ex_param_idx >= 0); + int ret = maat_compile_table_ex_schema_register(g_maat_instance, compile_table_id, + compile_ex_param_new, + compile_ex_param_free, + compile_ex_param_dup, + 0, &ex_data_counter); + ASSERT_TRUE(ret == 0); - int ret = maat_scan_string(g_maat_instance, table_id, 0, url, strlen(url), + ret = maat_scan_string(g_maat_instance, table_id, 0, url, strlen(url), results, ARRAY_SIZE, &n_hit_result, &state); EXPECT_EQ(ret, MAAT_SCAN_HIT); EXPECT_EQ(n_hit_result, 1); EXPECT_EQ(results[0], 141); - void *ex_data = maat_compile_table_get_ex_data(g_maat_instance, compile_table_id, results[0], ex_param_idx); + void *ex_data = maat_compile_table_get_ex_data(g_maat_instance, compile_table_id, results[0]); ASSERT_TRUE(ex_data!=NULL); struct rule_ex_param *param = (struct rule_ex_param *)ex_data; EXPECT_EQ(param->id, 7799); + + str_unescape(param->name); EXPECT_EQ(strcmp(param->name, expect_name), 0); - compile_ex_param_free(0, NULL, NULL, &ex_data, 0, NULL); + compile_ex_param_free(compile_table_id, &ex_data, 0, NULL); maat_state_free(&state); }