diff --git a/include/maat.h b/include/maat.h index 6141791..e4f36ab 100644 --- a/include/maat.h +++ b/include/maat.h @@ -23,6 +23,7 @@ extern "C" #include #include +#include /* maat instance handle */ struct maat; @@ -32,15 +33,15 @@ struct maat_hit_path { int attribute_id; // 0 is not a attribute. int negate_option; // 1 means negate condition(condition) int condition_index; // 0 ~ 7 - long long item_id; - long long sub_object_id; - long long top_object_id; - long long rule_id; + uuid_t item_uuid; + uuid_t sub_object_uuid; + uuid_t top_object_uuid; + uuid_t rule_uuid; }; struct maat_hit_object { - long long item_id; - long long object_id; + uuid_t item_uuid; + uuid_t object_uuid; int attribute_id; }; @@ -259,11 +260,11 @@ struct maat_state; * MAAT_SCAN_HIT */ int maat_scan_flag(struct maat *instance, int attribute_id, long long flag, - long long *results, size_t n_result, size_t *n_hit_result, + uuid_t *results, size_t n_result, size_t *n_hit_result, struct maat_state *state); int maat_scan_integer(struct maat *instance, int attribute_id, long long integer, - long long *results, size_t n_result, size_t *n_hit_result, + uuid_t *results, size_t n_result, size_t *n_hit_result, struct maat_state *state); /** @@ -271,32 +272,32 @@ int maat_scan_integer(struct maat *instance, int attribute_id, long long integer * @param port: port in host order. If the port is not specified, use -1. Note that 0 is a valid port. */ int maat_scan_ipv4_port(struct maat *instance, int attribute_id, uint32_t ip_addr, int port, - long long *results, size_t n_result, size_t *n_hit_result, + uuid_t *results, size_t n_result, size_t *n_hit_result, struct maat_state *state); int maat_scan_ipv6_port(struct maat *instance, int attribute_id, uint8_t *ip_addr, int port, - long long *results, size_t n_result, size_t *n_hit_result, + uuid_t *results, size_t n_result, size_t *n_hit_result, struct maat_state *state); int maat_scan_ipv4(struct maat *instance, int attribute_id, uint32_t ip_addr, - long long *results, size_t n_result, size_t *n_hit_result, + uuid_t *results, size_t n_result, size_t *n_hit_result, struct maat_state *state); int maat_scan_ipv6(struct maat *instance, int attribute_id, uint8_t *ip_addr, - long long *results, size_t n_result, size_t *n_hit_result, + uuid_t *results, size_t n_result, size_t *n_hit_result, struct maat_state *state); int maat_scan_string(struct maat *instance, int attribute_id, const char *data, size_t data_len, - long long *results, size_t n_result, + uuid_t *results, size_t n_result, size_t *n_hit_result, struct maat_state *state); int maat_scan_object(struct maat *instance, int attribute_id, struct maat_hit_object *objects, size_t n_object, - long long *results, size_t n_result, + uuid_t *results, size_t n_result, size_t *n_hit_result, struct maat_state *state); int maat_scan_not_logic(struct maat *instance, int attribute_id, - long long *results, size_t n_result, + uuid_t *results, size_t n_result, size_t *n_hit_result, struct maat_state *state); struct maat_stream; @@ -304,7 +305,7 @@ struct maat_stream *maat_stream_new(struct maat *instance, int attribute_id, struct maat_state *state); int maat_stream_scan(struct maat_stream *stream, const char *data, int data_len, - long long *results, size_t n_result, size_t *n_hit_result, + uuid_t *results, size_t n_result, size_t *n_hit_result, struct maat_state *state); void maat_stream_free(struct maat_stream *stream); diff --git a/scanner/bool_matcher/bool_matcher.cpp b/scanner/bool_matcher/bool_matcher.cpp index 7f82342..5b78e0d 100644 --- a/scanner/bool_matcher/bool_matcher.cpp +++ b/scanner/bool_matcher/bool_matcher.cpp @@ -46,7 +46,7 @@ struct bool_matcher * bool_matcher_new(struct bool_expr * exprs, size_t expr_num mem_bytes+=(unsigned int)expr_num*(sizeof(struct bool_expr_match)+sizeof(struct bool_expr_item)); for(unsigned int i=0; ibool_expr_ids[i].expr_id =exprs[i].expr_id; + uuid_copy(matcher->bool_expr_ids[i].expr_uuid, exprs[i].expr_uuid); matcher->bool_expr_ids[i].user_tag =exprs[i].user_tag; matcher->bool_expr_items[i].item_num=exprs[i].item_num; matcher->bool_expr_items[i].items=new struct bool_item[exprs[i].item_num]; @@ -121,7 +121,7 @@ int res_comp(const void * lhs, const void * rhs) { bool_expr_match * _lhs=(bool_expr_match *)lhs; bool_expr_match * _rhs=(bool_expr_match *)rhs; - return (_lhs->expr_id<_rhs->expr_id) ? 1 : -1; + return (uuid_compare(_lhs->expr_uuid, _rhs->expr_uuid) < 0) ? 1 : -1; } int do_match(struct bool_expr_item * expr, unsigned long long * item_ids, size_t item_num) diff --git a/scanner/bool_matcher/bool_matcher.h b/scanner/bool_matcher/bool_matcher.h index ae21812..2cde893 100644 --- a/scanner/bool_matcher/bool_matcher.h +++ b/scanner/bool_matcher/bool_matcher.h @@ -24,6 +24,7 @@ extern "C" #endif #include +#include #define MAX_ITEMS_PER_BOOL_EXPR 8 @@ -37,7 +38,7 @@ extern "C" /* At least one item's negate_option should be 0. */ struct bool_expr { - unsigned long long expr_id; + uuid_t expr_uuid; void *user_tag; size_t item_num; struct bool_item items[MAX_ITEMS_PER_BOOL_EXPR]; @@ -45,7 +46,7 @@ extern "C" struct bool_expr_match { - unsigned long long expr_id; + uuid_t expr_uuid; void *user_tag; }; diff --git a/scanner/expr_matcher/expr_matcher.cpp b/scanner/expr_matcher/expr_matcher.cpp index 05aacad..3311ffd 100644 --- a/scanner/expr_matcher/expr_matcher.cpp +++ b/scanner/expr_matcher/expr_matcher.cpp @@ -144,10 +144,12 @@ static int expr_rule_pattern_count(struct expr_rule *rules, size_t n_rule, for (size_t i = 0; i < n_rule; i++) { if (rules[i].n_patterns > MAX_EXPR_PATTERN_NUM) { + char uuid_str[37]; + uuid_unparse(rules[i].expr_uuid, uuid_str); log_fatal(logger, MODULE_EXPR_MATCHER, - "[%s:%d] the number of patterns in expr_rule(rule_id:%lld)" + "[%s:%d] the number of patterns in expr_rule(rule_id:%s)" " should less than %d", __FUNCTION__, __LINE__, - rules[i].expr_id, MAX_EXPR_PATTERN_NUM); + uuid_str, MAX_EXPR_PATTERN_NUM); return -1; } @@ -224,7 +226,7 @@ static struct bool_expr *bool_exprs_new(struct expr_rule *rules, size_t n_rule, bool_exprs[i].items[j].negate_option = 0; } - bool_exprs[i].expr_id = rules[i].expr_id; + uuid_copy(bool_exprs[i].expr_uuid, rules[i].expr_uuid); bool_exprs[i].item_num = rules[i].n_patterns; bool_exprs[i].user_tag = rules[i].tag; } @@ -432,7 +434,7 @@ static int expr_matcher_bool_matcher_match(struct bool_matcher *bm, struct bool_ } for (int index = 0; index < bool_matcher_ret; index++) { - result_array[index].rule_id = match_buff[index].expr_id; + uuid_copy(result_array[index].rule_uuid, match_buff[index].expr_uuid); result_array[index].user_tag = match_buff[index].user_tag; } *n_hit_result = bool_matcher_ret; diff --git a/scanner/expr_matcher/expr_matcher.h b/scanner/expr_matcher/expr_matcher.h index d7a9cd3..8a84fec 100644 --- a/scanner/expr_matcher/expr_matcher.h +++ b/scanner/expr_matcher/expr_matcher.h @@ -17,6 +17,7 @@ extern "C" #endif #include +#include #include "log/log.h" @@ -65,13 +66,13 @@ struct expr_pattern { }; struct expr_scan_result { - long long rule_id; + uuid_t rule_uuid; void *user_tag; }; /* logic AND expression, such as (rule1 & rule2) */ struct expr_rule { - long long expr_id; /* AND expression ID */ + uuid_t expr_uuid; /* AND expression ID */ size_t n_patterns; struct expr_pattern patterns[MAX_EXPR_PATTERN_NUM]; void *tag; /* user defined data, return with hit result */ diff --git a/scanner/flag_matcher/flag_matcher.cpp b/scanner/flag_matcher/flag_matcher.cpp index 6b55eab..30e8a60 100644 --- a/scanner/flag_matcher/flag_matcher.cpp +++ b/scanner/flag_matcher/flag_matcher.cpp @@ -71,7 +71,7 @@ int flag_matcher_match(struct flag_matcher *flag_matcher, uint64_t flag, struct { if (!((flag ^ flag_matcher->rule_table[i].flag) & flag_matcher->rule_table[i].mask)) { - result[result_number].rule_id = flag_matcher->rule_table[i].rule_id; + uuid_copy(result[result_number].rule_uuid, flag_matcher->rule_table[i].rule_uuid); result[result_number ++].user_tag = flag_matcher->rule_table[i].user_tag; if (result_number >= n_result) diff --git a/scanner/flag_matcher/flag_matcher.h b/scanner/flag_matcher/flag_matcher.h index 9905781..0e0e114 100644 --- a/scanner/flag_matcher/flag_matcher.h +++ b/scanner/flag_matcher/flag_matcher.h @@ -10,6 +10,7 @@ #define FLAG_MATCHER_H #include #include +#include #ifdef __cplusplus extern "C" @@ -20,7 +21,7 @@ struct flag_rule { uint64_t flag; uint64_t mask; - uint64_t rule_id; // unique for a rule; + uuid_t rule_uuid; // unique for a rule; /* A transparent user tag for convenient accessing, the caller is responsible for its memory management. */ @@ -31,7 +32,7 @@ struct flag_rule // if matched, return id and tag; struct flag_result { - uint64_t rule_id; // unique for a rule; + uuid_t rule_uuid; // unique for a rule; void *user_tag; }; diff --git a/scanner/fqdn_engine/fqdn_engine.cpp b/scanner/fqdn_engine/fqdn_engine.cpp index cb1331e..3358552 100644 --- a/scanner/fqdn_engine/fqdn_engine.cpp +++ b/scanner/fqdn_engine/fqdn_engine.cpp @@ -84,7 +84,7 @@ static void aligned_free(void * aligned_ptr) /*************************************************************************************/ struct domain_impl_t { - unsigned int id; + uuid_t uuid; int suf_match; unsigned int len; unsigned long long hash; /*��64λ��ϣֵΨһ��ʾһ������*/ @@ -170,7 +170,7 @@ int CHashTrieFQDN::initialize(const struct FQDN_rule * rules, size_t n_rule) FOR(k, m_num) { - m_domains[k].id =rules[k].id; + uuid_copy(m_domains[k].uuid, rules[k].uuid); m_domains[k].suf_match=rules[k].is_suffix_match; m_domains[k].len=rules[k].len; m_domains[k].next=NULL; @@ -307,7 +307,7 @@ int CHashTrieFQDN::search(const char * FQDN, size_t FQDN_len, struct FQDN_match if(pt->len+P[t]==FQDN_len && pt->hash==HASH[t]) { //if(match_num>0 && P[t]!=results[match_num-1].offset) return match_num; - results[match_num].id=pt->id; + uuid_copy(results[match_num].uuid, pt->uuid); results[match_num].offset=P[t]; results[match_num].user_tag=pt->utag; ++match_num; diff --git a/scanner/fqdn_engine/fqdn_engine.h b/scanner/fqdn_engine/fqdn_engine.h index d2213fc..01a5d04 100644 --- a/scanner/fqdn_engine/fqdn_engine.h +++ b/scanner/fqdn_engine/fqdn_engine.h @@ -23,10 +23,11 @@ extern "C" { #endif #include + #include struct FQDN_rule { - unsigned int id; + uuid_t uuid; int is_suffix_match; /* is_suffix_match==0: exact match; is_suffix_match==1: longest suffix matching. */ size_t len; char * FQDN; /* Non-ASCII character is allowed. */ @@ -39,7 +40,7 @@ extern "C" { struct FQDN_match { - unsigned int id; + uuid_t uuid; unsigned int offset; /* offset==0 for exact matching; offset>0 for longest suffix matching. */ void * user_tag; }; diff --git a/scanner/interval_matcher/interval_matcher.h b/scanner/interval_matcher/interval_matcher.h index 936d3a9..1ea5e8c 100644 --- a/scanner/interval_matcher/interval_matcher.h +++ b/scanner/interval_matcher/interval_matcher.h @@ -8,6 +8,7 @@ #define INTERVAL_MATCHER_H #include #include +#include #ifdef __cplusplus extern "C" @@ -17,7 +18,7 @@ extern "C" // if matched, return id and tag; struct interval_result { - uint64_t rule_id; + uuid_t rule_uuid; /* A transparent user tag for convenient accessing, the caller is responsible for its memory management. */ diff --git a/scanner/ip_matcher/ip_matcher.cpp b/scanner/ip_matcher/ip_matcher.cpp index 2141a1d..8d34ab2 100644 --- a/scanner/ip_matcher/ip_matcher.cpp +++ b/scanner/ip_matcher/ip_matcher.cpp @@ -57,11 +57,10 @@ struct ip_matcher *ip_matcher_new(struct ip_rule *rules, size_t rule_num, map ipv4_rules; map ipv6_rules; for (size_t i = 0; i < rule_num; i++) { - long long id = rules[i].rule_id; if(rules[i].type == IPv4) - ipv4_rules[id] = rules[i]; + ipv4_rules[i] = rules[i]; if(rules[i].type == IPv6 ) - ipv6_rules[id] = rules[i]; + ipv6_rules[i] = rules[i]; } //����ipv4ɨ���� diff --git a/scanner/ip_matcher/ip_matcher.h b/scanner/ip_matcher/ip_matcher.h index bc7e215..96d41f7 100644 --- a/scanner/ip_matcher/ip_matcher.h +++ b/scanner/ip_matcher/ip_matcher.h @@ -19,6 +19,7 @@ #define H_IP_MATCHER_H #include +#include #include "../../deps/log/log.h" @@ -45,7 +46,7 @@ struct ipv6_range { /* common type for ip rule */ struct ip_rule { enum IP_TYPE type; /* IPv4 or IPv6 */ - long long rule_id; /* rule id */ + uuid_t rule_uuid; /* rule id */ void *user_tag; /* point to user-defined data which will return with hit results */ union { struct ipv4_range ipv4_rule; @@ -64,7 +65,7 @@ struct ip_data { /* data type for scan result */ struct scan_result { - long long rule_id; /* rule id */ + uuid_t rule_uuid; /* rule id */ void *tag; /* point to the same address as user_tag in struct ip_rule which has same rule_id */ }; diff --git a/scanner/ip_matcher/ipv4_match.cpp b/scanner/ip_matcher/ipv4_match.cpp index d5b2325..506b053 100644 --- a/scanner/ip_matcher/ipv4_match.cpp +++ b/scanner/ip_matcher/ipv4_match.cpp @@ -66,7 +66,7 @@ long long CIPv4Match::initialize(const map& rules) { struct ipv4_range arule = it->second.ipv4_rule; m_rules[i].rule = arule; - m_rules[i].rule_id = it->first; + uuid_copy(m_rules[i].rule_uuid, it->second.rule_uuid); m_rules[i++].tag = it->second.user_tag; } @@ -106,7 +106,7 @@ int CIPv4Match::search_rule(const struct ip_data * data, struct scan_result * pr return hit_num; unsigned int index = m_v[i]; - presult[hit_num].rule_id = m_rules[index].rule_id; + uuid_copy(presult[hit_num].rule_uuid, m_rules[index].rule_uuid); presult[hit_num++].tag = m_rules[index].tag; } diff --git a/scanner/ip_matcher/ipv4_match.h b/scanner/ip_matcher/ipv4_match.h index 429394f..9278b1e 100644 --- a/scanner/ip_matcher/ipv4_match.h +++ b/scanner/ip_matcher/ipv4_match.h @@ -26,7 +26,7 @@ typedef struct _ipv4_rule_t{ struct ipv4_range rule; void * tag; - long long rule_id; + uuid_t rule_uuid; }ipv4_rule_t; class CIPv4Match : public CRuleMatch diff --git a/scanner/ip_matcher/ipv6_match.cpp b/scanner/ip_matcher/ipv6_match.cpp index 9751cbc..ce87514 100644 --- a/scanner/ip_matcher/ipv6_match.cpp +++ b/scanner/ip_matcher/ipv6_match.cpp @@ -75,7 +75,7 @@ long long CIPv6Match::initialize(const map& rules) for (map::const_iterator it = rules.begin(); it != rules.end(); ++it) { struct ipv6_range arule = it->second.ipv6_rule;; m_rules[i].rule = arule; - m_rules[i].rule_id = it->first; + uuid_copy(m_rules[i].rule_uuid, it->second.rule_uuid); m_rules[i++].tag = it->second.user_tag; } @@ -119,7 +119,7 @@ int CIPv6Match::search_rule(const struct ip_data * data, struct scan_result * pr if(hit_num == size) return hit_num; unsigned int index = m_v[i]; - presult[hit_num].rule_id = m_rules[index].rule_id; + uuid_copy(presult[hit_num].rule_uuid, m_rules[index].rule_uuid); presult[hit_num++].tag = m_rules[index].tag; } diff --git a/scanner/ip_matcher/ipv6_match.h b/scanner/ip_matcher/ipv6_match.h index 59532d0..9e33e06 100644 --- a/scanner/ip_matcher/ipv6_match.h +++ b/scanner/ip_matcher/ipv6_match.h @@ -26,7 +26,7 @@ typedef struct _ipv6_rule_t{ struct ipv6_range rule; - long long rule_id; + uuid_t rule_uuid; void * tag; }ipv6_rule_t; diff --git a/scanner/ipport_matcher/ipport_matcher.c b/scanner/ipport_matcher/ipport_matcher.c index c4271c3..65073d1 100644 --- a/scanner/ipport_matcher/ipport_matcher.c +++ b/scanner/ipport_matcher/ipport_matcher.c @@ -15,7 +15,7 @@ #include "ipport_matcher.h" struct port_range { - long long rule_id; + uuid_t rule_uuid; void *tag; uint16_t min_port; /* host order */ uint16_t max_port; /* host order */ @@ -105,7 +105,7 @@ struct ipport_matcher *ipport_matcher_new(struct ipport_rule *rules, size_t rule struct port_range range; range.min_port = rules[i].min_port; range.max_port = rules[i].max_port; - range.rule_id = rules[i].rule_id; + uuid_copy(range.rule_uuid, rules[i].rule_uuid); range.tag = rules[i].user_tag; utarray_push_back(node->port_range_list, &range); } @@ -151,7 +151,7 @@ int ipport_matcher_match(struct ipport_matcher *matcher, const struct ip_addr *i tmp_range = (struct port_range *)utarray_find(node->port_range_list, &range, compare_port_range_for_find); if (tmp_range != NULL) { - result_array[0].rule_id = tmp_range->rule_id; + uuid_copy(result_array[0].rule_uuid, tmp_range->rule_uuid); result_array[0].tag = tmp_range->tag; return 1; } diff --git a/scanner/ipport_matcher/ipport_matcher.h b/scanner/ipport_matcher/ipport_matcher.h index 51bdc44..8dd94cc 100644 --- a/scanner/ipport_matcher/ipport_matcher.h +++ b/scanner/ipport_matcher/ipport_matcher.h @@ -21,7 +21,7 @@ extern "C" #include "maat.h" struct ipport_rule { - long long rule_id; /* rule id */ + uuid_t rule_uuid; /* rule id */ void *user_tag; /* point to user-defined data which will return with hit results */ struct ip_addr ip; uint16_t min_port; /* host order */ @@ -29,7 +29,7 @@ struct ipport_rule { }; struct ipport_result { - long long rule_id; /* matched rule id */ + uuid_t rule_uuid; /* matched rule id */ void *tag; /* point to the same address as user_tag in struct ipport_rule which has same rule_id */ }; diff --git a/src/inc_internal/maat_core.h b/src/inc_internal/maat_core.h index f861ee6..c138362 100644 --- a/src/inc_internal/maat_core.h +++ b/src/inc_internal/maat_core.h @@ -53,8 +53,8 @@ enum tag_match { }; struct maat_item { - long long item_id; - long long object_id; + uuid_t item_uuid; + uuid_t object_uuid; }; struct maat_runtime { diff --git a/src/inc_internal/maat_object.h b/src/inc_internal/maat_object.h index 5cdf824..6d13e46 100644 --- a/src/inc_internal/maat_object.h +++ b/src/inc_internal/maat_object.h @@ -28,28 +28,28 @@ struct object2object_runtime; /* object2object schema API */ void *object2object_schema_new(cJSON *json, struct table_manager *tbl_mgr, const char *table_name, struct log_handle *logger); -void object2object_schema_free(void *g2g_schema); +void object2object_schema_free(void *o2o_schema); /* object2object runtime API */ -void *object2object_runtime_new(void *g2g_schema, size_t max_thread_num, +void *object2object_runtime_new(void *o2o_schema, size_t max_thread_num, struct maat_garbage_bin *garbage_bin, struct log_handle *logger); -void object2object_runtime_free(void *g2g_runtime); +void object2object_runtime_free(void *o2o_runtime); -int object2object_runtime_update(void *g2g_runtime, void *g2g_schema, const char *table_name, +int object2object_runtime_update(void *o2o_runtime, void *o2o_schema, const char *table_name, const char *line, enum maat_operation op); -int object2object_runtime_commit(void *g2g_runtime, const char *table_name, long long maat_rt_version); +int object2object_runtime_commit(void *o2o_runtime, const char *table_name, long long maat_rt_version); -size_t object2object_runtime_get_super_objects(void *g2g_runtime, long long *object_ids, - size_t n_object_ids, long long *super_object_ids, - size_t super_object_ids_size); +size_t object2object_runtime_get_super_objects(void *o2o_runtime, uuid_t *object_uuids, + size_t n_object_uuids, uuid_t *super_object_uuids, + size_t super_object_uuids_size); -long long object2object_runtime_rule_count(void *g2g_runtime); +long long object2object_runtime_rule_count(void *o2o_runtime); -long long object2object_runtime_exclude_rule_count(void *g2g_runtime); +long long object2object_runtime_exclude_rule_count(void *o2o_runtime); -long long object2object_runtime_update_err_count(void *g2g_runtime); +long long object2object_runtime_update_err_count(void *o2o_runtime); #ifdef __cplusplus } diff --git a/src/inc_internal/maat_rule.h b/src/inc_internal/maat_rule.h index b2c3083..3b8008e 100644 --- a/src/inc_internal/maat_rule.h +++ b/src/inc_internal/maat_rule.h @@ -51,7 +51,7 @@ long long rule_runtime_rule_count(void *rule_runtime); long long rule_runtime_update_err_count(void *rule_runtime); -int rule_runtime_match(struct rule_runtime *rule_rt, long long *rule_ids, +int rule_runtime_match(struct rule_runtime *rule_rt, uuid_t *rule_uuids, size_t rule_ids_size, struct maat_state *state); size_t rule_runtime_get_hit_paths(struct rule_runtime *rule_rt, int thread_id, @@ -81,7 +81,7 @@ void rule_compile_state_not_logic_update(struct rule_compile_state *rule_compile size_t rule_compile_state_get_internal_hit_paths(struct rule_compile_state *rule_compile_state, struct rule_runtime *rule_rt, - struct object2object_runtime *g2g_rt, + struct object2object_runtime *o2o_rt, struct maat_hit_path *hit_path_array, size_t array_size); diff --git a/src/maat_api.c b/src/maat_api.c index 04f5be5..8db25ac 100644 --- a/src/maat_api.c +++ b/src/maat_api.c @@ -1184,7 +1184,7 @@ string_scan(struct table_manager *tbl_mgr, int thread_id, } static size_t -object_to_rule(struct maat *maat_inst, long long *results, size_t n_result, +object_to_rule(struct maat *maat_inst, uuid_t *results, size_t n_result, struct maat_state *state) { int rule_table_id = @@ -1205,7 +1205,7 @@ object_to_rule(struct maat *maat_inst, long long *results, size_t n_result, } int maat_scan_flag(struct maat *maat_inst, int attribute_id, - long long flag, long long *results, size_t n_result, + long long flag, uuid_t *results, size_t n_result, size_t *n_hit_result, struct maat_state *state) { if ((NULL == maat_inst) || attribute_id < 0 || attribute_id >= MAX_ATTRIBUTE_NUM || @@ -1284,7 +1284,7 @@ int maat_scan_flag(struct maat *maat_inst, int attribute_id, } int maat_scan_integer(struct maat *maat_inst, int attribute_id, - long long integer, long long *results, size_t n_result, + long long integer, uuid_t *results, size_t n_result, size_t *n_hit_result, struct maat_state *state) { if ((NULL == maat_inst) || attribute_id < 0 || attribute_id >= MAX_ATTRIBUTE_NUM || @@ -1364,7 +1364,7 @@ int maat_scan_integer(struct maat *maat_inst, int attribute_id, } int maat_scan_ipv4_port(struct maat *maat_inst, int attribute_id, uint32_t ip_addr, - int port, long long *results, size_t n_result, + int port, uuid_t *results, size_t n_result, size_t *n_hit_result, struct maat_state *state) { if ((NULL == maat_inst) || attribute_id < 0 || attribute_id >= MAX_ATTRIBUTE_NUM || @@ -1443,7 +1443,7 @@ int maat_scan_ipv4_port(struct maat *maat_inst, int attribute_id, uint32_t ip_ad } int maat_scan_ipv6_port(struct maat *maat_inst, int attribute_id, uint8_t *ip_addr, - int port, long long *results, size_t n_result, + int port, uuid_t *results, size_t n_result, size_t *n_hit_result, struct maat_state *state) { if ((NULL == maat_inst) || attribute_id < 0 || attribute_id >= MAX_ATTRIBUTE_NUM || @@ -1523,7 +1523,7 @@ int maat_scan_ipv6_port(struct maat *maat_inst, int attribute_id, uint8_t *ip_ad #define PORT_IGNORED -1 inline int maat_scan_ipv6(struct maat *instance, int attribute_id, uint8_t *ip_addr, - long long *results, size_t n_result, size_t *n_hit_result, + uuid_t *results, size_t n_result, size_t *n_hit_result, struct maat_state *state) { return maat_scan_ipv6_port(instance, attribute_id, ip_addr, PORT_IGNORED, @@ -1531,7 +1531,7 @@ inline int maat_scan_ipv6(struct maat *instance, int attribute_id, uint8_t *ip_a } inline int maat_scan_ipv4(struct maat *instance, int attribute_id, uint32_t ip_addr, - long long *results, size_t n_result, size_t *n_hit_result, + uuid_t *results, size_t n_result, size_t *n_hit_result, struct maat_state *state) { return maat_scan_ipv4_port(instance, attribute_id, ip_addr, PORT_IGNORED, @@ -1540,7 +1540,7 @@ inline int maat_scan_ipv4(struct maat *instance, int attribute_id, uint32_t ip_a int maat_scan_string(struct maat *maat_inst, int attribute_id, const char *data, size_t data_len, - long long *results, size_t n_result, + uuid_t *results, size_t n_result, size_t *n_hit_result, struct maat_state *state) { if ((NULL == maat_inst) || attribute_id < 0 || attribute_id >= MAX_ATTRIBUTE_NUM || @@ -1642,8 +1642,8 @@ static void maat_state_add_hit_object(struct maat_state *state, int attribute_id struct maat_item hit_items[n_hit_item]; for (size_t i = 0; i < n_hit_item; i++) { - hit_items[i].item_id = objects[i].item_id; - hit_items[i].object_id = objects[i].object_id; + uuid_copy(hit_items[i].item_uuid, objects[i].item_uuid); + uuid_copy(hit_items[i].object_uuid, objects[i].object_uuid); } rule_compile_state_update(state->rule_compile_state, maat_inst, attribute_id, @@ -1682,7 +1682,7 @@ maat_state_activate_hit_not_object(struct maat_state *state, int attribute_id) int maat_scan_object(struct maat *maat_inst, int attribute_id, struct maat_hit_object *objects, size_t n_object, - long long *results, size_t n_result, + uuid_t *results, size_t n_result, size_t *n_hit_result, struct maat_state *state) { if ((NULL == maat_inst) || attribute_id < 0 || attribute_id >= MAX_ATTRIBUTE_NUM || @@ -1724,7 +1724,7 @@ int maat_scan_object(struct maat *maat_inst, int attribute_id, } int maat_scan_not_logic(struct maat *maat_inst, int attribute_id, - long long *results, size_t n_result, + uuid_t *results, size_t n_result, size_t *n_hit_result, struct maat_state *state) { if ((NULL == maat_inst) || attribute_id < 0 || attribute_id >= MAX_ATTRIBUTE_NUM || @@ -1848,7 +1848,7 @@ static int expr_stream_scan(struct maat_stream *stream, const char *data, } int maat_stream_scan(struct maat_stream *maat_stream, const char *data, int data_len, - long long *results, size_t n_result, size_t *n_hit_result, + uuid_t *results, size_t n_result, size_t *n_hit_result, struct maat_state *state) { if ((NULL == maat_stream) || (NULL == data) || (0 == data_len) @@ -2135,13 +2135,13 @@ int maat_state_get_hit_paths(struct maat_state *state, struct maat_hit_path *pat return -1; } - int g2g_table_id = table_manager_get_object2object_table_id(maat_inst->tbl_mgr); - void *g2g_runtime = table_manager_get_runtime(maat_inst->tbl_mgr, g2g_table_id); + int o2o_table_id = table_manager_get_object2object_table_id(maat_inst->tbl_mgr); + void *o2o_runtime = table_manager_get_runtime(maat_inst->tbl_mgr, o2o_table_id); size_t hit_path_cnt = rule_compile_state_get_internal_hit_paths(state->rule_compile_state, (struct rule_runtime *)rule_rt, - (struct object2object_runtime *)g2g_runtime, + (struct object2object_runtime *)o2o_runtime, path_array, array_size); return rule_runtime_get_hit_paths((struct rule_runtime *)rule_rt, diff --git a/src/maat_bool_plugin.c b/src/maat_bool_plugin.c index 1751073..eac5433 100644 --- a/src/maat_bool_plugin.c +++ b/src/maat_bool_plugin.c @@ -314,7 +314,7 @@ bool_plugin_expr_new(struct bool_plugin_schema *schema, const char *table_name, __LINE__, table_name, schema->key_name, cJSON_Print(json)); goto error; } - bool_expr->expr_id = atoll(tmp_obj->valuestring); + uuid_parse(tmp_obj->valuestring, bool_expr->expr_uuid); tmp_obj = cJSON_GetObjectItem(json, "bool_expr"); if (NULL == tmp_obj || tmp_obj->type != cJSON_String) { diff --git a/src/maat_config_monitor.c b/src/maat_config_monitor.c index 6e091a7..6ecdeb9 100644 --- a/src/maat_config_monitor.c +++ b/src/maat_config_monitor.c @@ -153,7 +153,9 @@ void config_monitor_traverse(long long current_version, const cJSON *json_root, } } - config_load_json_content(json_root, object2object_table->valuestring, "object_groups", u_param, update_fn); + if (object2object_table) { + config_load_json_content(json_root, object2object_table->valuestring, "object_groups", u_param, update_fn); + } config_load_json_content(json_root, rule_table->valuestring, "rules", u_param, update_fn); if (finish_fn != NULL) { diff --git a/src/maat_expr.c b/src/maat_expr.c index 5d76522..4fbef51 100644 --- a/src/maat_expr.c +++ b/src/maat_expr.c @@ -57,8 +57,8 @@ enum match_method { }; struct expr_item { - long long item_id; - long long object_id; + uuid_t item_uuid; + uuid_t object_uuid; char keywords[MAX_KEYWORDS_STR_LEN + 1]; enum expr_type expr_type; void *user_data; @@ -152,7 +152,7 @@ int expr_runtime_set_scan_district(struct expr_runtime *expr_rt, const char *dis static struct expr_item * expr_item_new(struct expr_schema *expr_schema, const char *table_name, - const cJSON *json, struct expr_runtime *expr_rt, long long item_id) + const cJSON *json, struct expr_runtime *expr_rt, uuid_t item_uuid) { int expr_type = -1; enum table_type table_type = TABLE_TYPE_INVALID; @@ -161,18 +161,16 @@ expr_item_new(struct expr_schema *expr_schema, const char *table_name, size_t len = 0; int ret; - expr_item->item_id = item_id; + uuid_copy(expr_item->item_uuid, item_uuid); - tmp_obj = cJSON_GetObjectItem(json, "object_id"); - if (tmp_obj != NULL && tmp_obj->type == cJSON_String) { - expr_item->object_id = tmp_obj->valueint; - } else { + tmp_obj = cJSON_GetObjectItem(json, "object_uuid"); + if (tmp_obj == NULL && tmp_obj->type != cJSON_String) { log_fatal(expr_rt->logger, MODULE_EXPR, "[%s:%d] expr table:<%s> has no object_id in line:%s", __FUNCTION__, __LINE__, table_name, cJSON_Print(json)); goto error; } - expr_item->object_id = atoll(tmp_obj->valuestring); + uuid_parse(tmp_obj->valuestring, expr_item->object_uuid); tmp_obj = cJSON_GetObjectItem(json, "keywords"); if (tmp_obj == NULL || tmp_obj->type != cJSON_String) { @@ -209,10 +207,12 @@ expr_item_new(struct expr_schema *expr_schema, const char *table_name, } else if (expr_item->expr_type == EXPR_TYPE_REGEX) { ret = expr_matcher_verify_regex_expression(expr_item->keywords, expr_rt->logger); if (0 == ret) { + char uuid_str[UUID_STR_LEN] = {0}; + uuid_unparse(item_uuid, uuid_str); log_fatal(expr_rt->logger, MODULE_EXPR, - "[%s:%d] expr table:<%s> regex expression(item_id:%lld):%s illegal," + "[%s:%d] expr table:<%s> regex expression(item_id:%s):%s illegal," " will be dropped", __FUNCTION__, __LINE__, table_name, - expr_item->item_id, expr_item->keywords); + uuid_str, expr_item->keywords); goto error; } } @@ -432,9 +432,11 @@ static int expr_runtime_update_row(struct expr_runtime *expr_rt, char *key, //add ret = rcu_hash_add(expr_rt->item_hash, key, key_len, (void *)item); if (ret < 0) { + char uuid_str[UUID_STR_LEN] = {0}; + uuid_unparse(item->item_uuid, uuid_str); log_debug(expr_rt->logger, MODULE_EXPR, - "[%s:%d] expr item(item_id:%lld) add to item_hash failed", - __FUNCTION__, __LINE__, item->item_id); + "[%s:%d] expr item(item_id:%s) add to item_hash failed", + __FUNCTION__, __LINE__, uuid_str); return -1; } } @@ -602,6 +604,9 @@ static int expr_item_to_expr_rule(struct expr_item *expr_item, char *tmp = NULL; char *saveptr = NULL; char tmp_keywords[MAX_KEYWORDS_STR_LEN + 1]; + char uuid_str[UUID_STR_LEN] = {0}; + + uuid_unparse(expr_item->item_uuid, uuid_str); memcpy(tmp_keywords, expr_item->keywords, MAX_KEYWORDS_STR_LEN + 1); @@ -615,17 +620,17 @@ static int expr_item_to_expr_rule(struct expr_item *expr_item, if (i >= MAAT_MAX_EXPR_ITEM_NUM) { log_fatal(logger, MODULE_EXPR, - "[%s:%d]abandon config expr_item(item_id:%d) " + "[%s:%d]abandon config expr_item(item_id:%s) " "too many patterns", __FUNCTION__, __LINE__, - expr_item->item_id); + uuid_str); return -1; } if (expr_keywords_to_expr_pattern(tmp, &expr_rule->patterns[i], logger) < 0) { log_fatal(logger, MODULE_EXPR, - "[%s:%d]abandon config expr_item(item_id:%d) " + "[%s:%d]abandon config expr_item(item_id:%s) " "has invalid pattern %s", __FUNCTION__, __LINE__, - expr_item->item_id, tmp); + uuid_str, tmp); return -1; } expr_rule->patterns[i].type = EXPR_PATTERN_TYPE_STR; @@ -646,13 +651,13 @@ static int expr_item_to_expr_rule(struct expr_item *expr_item, break; default: log_fatal(logger, MODULE_EXPR, - "[%s:%d]abandon config expr_item(item_id:%lld) has " + "[%s:%d]abandon config expr_item(item_id:%s) has " "invalid expr type=%d", __FUNCTION__, __LINE__, - expr_item->item_id, expr_item->expr_type); + uuid_str, expr_item->expr_type); return -1; } - expr_rule->expr_id = expr_item->item_id; + uuid_copy(expr_rule->expr_uuid, expr_item->item_uuid); expr_rule->tag = expr_item->user_data; expr_rule->n_patterns = sub_expr_cnt; @@ -681,7 +686,7 @@ int expr_runtime_update(void *expr_runtime, void *expr_schema, return -1; } - tmp_obj = cJSON_GetObjectItem(json, "item_id"); + tmp_obj = cJSON_GetObjectItem(json, "uuid"); if (tmp_obj == NULL || tmp_obj->type != cJSON_String) { log_fatal(expr_rt->logger, MODULE_EXPR, "[%s:%d] expr table:<%s> has no item_id in line:%s", @@ -690,8 +695,9 @@ int expr_runtime_update(void *expr_runtime, void *expr_schema, goto ERROR; } - long long item_id = atoll(tmp_obj->valuestring); - if (item_id < 0) { + uuid_t item_uuid; + uuid_parse(tmp_obj->valuestring, item_uuid); + if (uuid_is_null(item_uuid)) { log_fatal(expr_rt->logger, MODULE_EXPR, "[%s:%d] expr table:<%s> item_id wrong" " in table_line:%s", __FUNCTION__, __LINE__, table_name, @@ -703,7 +709,7 @@ int expr_runtime_update(void *expr_runtime, void *expr_schema, struct expr_item *expr_item = NULL; if (MAAT_OP_ADD == op) { //add - expr_item = expr_item_new(schema, table_name, json, expr_rt, item_id); + expr_item = expr_item_new(schema, table_name, json, expr_rt, item_uuid); if (NULL == expr_item) { expr_rt->update_err_cnt++; goto ERROR; @@ -715,7 +721,7 @@ int expr_runtime_update(void *expr_runtime, void *expr_schema, expr_item->user_data = item_district_id; } - int ret = expr_runtime_update_row(expr_rt, (char *)&item_id, sizeof(long long), + int ret = expr_runtime_update_row(expr_rt, (char *)&item_uuid, sizeof(item_uuid), expr_item, op); if (ret < 0) { if (expr_item != NULL) { @@ -939,17 +945,16 @@ int expr_runtime_scan(struct expr_runtime *expr_rt, int thread_id, for (size_t i = 0; i < n_hit_item; i++) { int tag_district_id = *(int *)(hit_results[i].user_tag); if (tag_district_id == state->district_id || tag_district_id == DISTRICT_ANY) { - long long item_id = hit_results[i].rule_id; struct expr_item *expr_item = (struct expr_item *)rcu_hash_find(expr_rt->item_hash, - (char *)&item_id, - sizeof(long long)); + (char *)&hit_results[i].rule_uuid, + sizeof(uuid_t)); if (!expr_item) { // item config has been deleted continue; } - hit_maat_items[real_hit_item_num].item_id = item_id; - hit_maat_items[real_hit_item_num].object_id = expr_item->object_id; + uuid_copy(hit_maat_items[real_hit_item_num].item_uuid, expr_item->item_uuid); + uuid_copy(hit_maat_items[real_hit_item_num].object_uuid, expr_item->object_uuid); real_hit_item_num++; } } @@ -1034,17 +1039,16 @@ int expr_runtime_stream_scan(struct expr_runtime_stream *expr_rt_stream, } for (size_t i = 0; i < n_hit_item; i++) { - long long item_id = hit_results[i].rule_id; expr_item = (struct expr_item *)rcu_hash_find(expr_rt->item_hash, - (char *)&item_id, - sizeof(long long)); + (char *)&hit_results[i].rule_uuid, + sizeof(uuid_t)); if (!expr_item) { // item config has been deleted continue; } - hit_maat_items[real_hit_item_cnt].item_id = item_id; - hit_maat_items[real_hit_item_cnt].object_id = expr_item->object_id; + uuid_copy(hit_maat_items[real_hit_item_cnt].item_uuid, expr_item->item_uuid); + uuid_copy(hit_maat_items[real_hit_item_cnt].object_uuid, expr_item->object_uuid); real_hit_item_cnt++; } diff --git a/src/maat_flag.c b/src/maat_flag.c index 43cb2c2..dbc7458 100644 --- a/src/maat_flag.c +++ b/src/maat_flag.c @@ -30,8 +30,8 @@ struct flag_schema { }; struct flag_item { - long long item_id; - long long object_id; + uuid_t item_uuid; + uuid_t object_uuid; long long flag; long long flag_mask; void *user_data; @@ -197,9 +197,11 @@ static int flag_runtime_update_row(struct flag_runtime *flag_rt, char *key, //add ret = rcu_hash_add(flag_rt->item_hash, key, key_len, (void *)item); if (ret < 0) { + char uuid_str[UUID_STR_LEN] = {0}; + uuid_unparse(item->item_uuid, uuid_str); log_debug(flag_rt->logger, MODULE_FLAG, - "[%s:%d] flag item(item_id:%lld) add to item_hash failed", - __FUNCTION__, __LINE__, item->item_id); + "[%s:%d] flag item(item_uuid:%s) add to item_hash failed", + __FUNCTION__, __LINE__, uuid_str); return -1; } } @@ -242,22 +244,22 @@ int flag_runtime_set_scan_district(struct flag_runtime *flag_rt, const char *dis static struct flag_item * flag_item_new(struct flag_schema *schema, const char *table_name, - const cJSON *json, struct flag_runtime *flag_rt, long long item_id) + const cJSON *json, struct flag_runtime *flag_rt, uuid_t item_uuid) { cJSON *tmp_obj = NULL; enum table_type table_type = TABLE_TYPE_INVALID; struct flag_item *item = ALLOC(struct flag_item, 1); - item->item_id = item_id; + uuid_copy(item->item_uuid, item_uuid); - tmp_obj = cJSON_GetObjectItem(json, "object_id"); + tmp_obj = cJSON_GetObjectItem(json, "object_uuid"); if (tmp_obj == NULL || tmp_obj->type != cJSON_String) { log_fatal(flag_rt->logger, MODULE_FLAG, "[%s:%d] flag table:<%s> has no object_id in json:%s", __FUNCTION__, __LINE__, table_name, cJSON_Print(json)); goto error; } - item->object_id = atoll(tmp_obj->valuestring); + uuid_parse(tmp_obj->valuestring, item->object_uuid); table_type = table_manager_get_table_type(schema->ref_tbl_mgr, schema->table_id); if (table_type == TABLE_TYPE_INTERVAL_PLUS) { @@ -316,7 +318,7 @@ static struct flag_rule flag_item_to_flag_rule(struct flag_item *item) { struct flag_rule rule; - rule.rule_id = item->item_id; + uuid_copy(rule.rule_uuid, item->item_uuid); rule.flag = item->flag; rule.mask = item->flag_mask; rule.user_tag = item->user_data; @@ -344,7 +346,7 @@ int flag_runtime_update(void *flag_runtime, void *flag_schema, return -1; } - cJSON *item = cJSON_GetObjectItem(json, "item_id"); + cJSON *item = cJSON_GetObjectItem(json, "uuid"); if (NULL == item || item->type != cJSON_String) { log_fatal(flag_rt->logger, MODULE_FLAG, "[%s:%d] flag table:<%s> line:%s has no item_id", @@ -352,11 +354,12 @@ int flag_runtime_update(void *flag_runtime, void *flag_schema, goto ERROR; } - long long item_id = atoll(item->valuestring); + uuid_t item_uuid; + uuid_parse(item->valuestring, item_uuid); struct flag_item *flag_item = NULL; if (MAAT_OP_ADD == op) { - flag_item = flag_item_new(schema, table_name, json, flag_rt, item_id); + flag_item = flag_item_new(schema, table_name, json, flag_rt, item_uuid); if (NULL == flag_item) { flag_rt->update_err_cnt++; goto ERROR; @@ -368,7 +371,7 @@ int flag_runtime_update(void *flag_runtime, void *flag_schema, flag_item->user_data = item_district_id; } - int ret = flag_runtime_update_row(flag_rt, (char *)&item_id, sizeof(long long), + int ret = flag_runtime_update_row(flag_rt, (char *)&item_uuid, sizeof(item_uuid), flag_item, op); if (ret < 0) { if (flag_item != NULL) { @@ -520,18 +523,17 @@ int flag_runtime_scan(struct flag_runtime *flag_rt, int thread_id, int tag_district_id = *(int *)(hit_results[i].user_tag); if (tag_district_id == state->district_id || tag_district_id == DISTRICT_ANY) { - long long item_id = hit_results[i].rule_id; struct flag_item *flag_item = (struct flag_item *)rcu_hash_find(flag_rt->item_hash, - (char *)&item_id, - sizeof(long long)); + (char *)&hit_results[i].rule_uuid, + sizeof(hit_results[i].rule_uuid)); if (!flag_item) { // item config has been deleted continue; } - hit_maat_items[real_hit_item_cnt].item_id = item_id; - hit_maat_items[real_hit_item_cnt].object_id = flag_item->object_id; + uuid_copy(hit_maat_items[real_hit_item_cnt].item_uuid, hit_results[i].rule_uuid); + uuid_copy(hit_maat_items[real_hit_item_cnt].object_uuid, flag_item->object_uuid); real_hit_item_cnt++; } } diff --git a/src/maat_fqdn_plugin.c b/src/maat_fqdn_plugin.c index 0fb2034..6083439 100644 --- a/src/maat_fqdn_plugin.c +++ b/src/maat_fqdn_plugin.c @@ -265,7 +265,7 @@ fqdn_plugin_rule_new(const cJSON *json, struct fqdn_plugin_schema *schema, __FUNCTION__, __LINE__, table_name, cJSON_Print(json)); goto error; } - fqdn_plugin_rule->id = atoi(tmp_obj->valuestring); + uuid_parse(tmp_obj->valuestring, fqdn_plugin_rule->uuid); tmp_obj = cJSON_GetObjectItem(json, "fqdn"); if (NULL == tmp_obj || tmp_obj->type != cJSON_String) { diff --git a/src/maat_interval.c b/src/maat_interval.c index a52a336..8eb9311 100644 --- a/src/maat_interval.c +++ b/src/maat_interval.c @@ -27,8 +27,8 @@ struct interval_schema { }; struct interval_item { - long long item_id; - long long object_id; + uuid_t item_uuid; + uuid_t object_uuid; int low_boundary; int up_boundary; void *user_data; @@ -215,23 +215,23 @@ int interval_runtime_set_scan_district(struct interval_runtime *interval_rt, static struct interval_item * interval_item_new(struct interval_schema *schema, const char *table_name, - const cJSON *json, struct interval_runtime *interval_rt, long long item_id) + const cJSON *json, struct interval_runtime *interval_rt, uuid_t item_uuid) { enum table_type table_type = TABLE_TYPE_INVALID; char port_str[16] = {0}; struct interval_item *item = ALLOC(struct interval_item, 1); cJSON *tmp_obj = NULL; - item->item_id = item_id; + uuid_copy(item->item_uuid, item_uuid); - tmp_obj = cJSON_GetObjectItem(json, "object_id"); + tmp_obj = cJSON_GetObjectItem(json, "object_uuid"); if (NULL == tmp_obj || tmp_obj->type != cJSON_String) { log_fatal(interval_rt->logger, MODULE_INTERVAL, "[%s:%d] interval table:<%s> has no object_id in line:%s", __FUNCTION__, __LINE__, table_name, cJSON_Print(json)); goto error; } - item->object_id = atoll(tmp_obj->valuestring); + uuid_parse(tmp_obj->valuestring, item->object_uuid); table_type = table_manager_get_table_type(schema->ref_tbl_mgr, schema->table_id); if (table_type == TABLE_TYPE_INTERVAL_PLUS) { @@ -289,7 +289,7 @@ interval_item_to_interval_rule(struct interval_item *item) rule.start = item->low_boundary; rule.end = item->up_boundary; - rule.result.rule_id = item->item_id; + uuid_copy(rule.result.rule_uuid, item->item_uuid); rule.result.user_tag = item->user_data; return rule; @@ -308,10 +308,12 @@ static int interval_runtime_update_row(struct interval_runtime *interval_rt, //add ret = rcu_hash_add(interval_rt->item_hash, key, key_len, (void *)item); if (ret < 0) { + char uuid_str[UUID_STR_LEN] = {0}; + uuid_unparse(item->item_uuid, uuid_str); log_debug(interval_rt->logger, MODULE_INTERVAL, - "[%s:%d] interval item(item_id:%lld) add to " + "[%s:%d] interval item(item_id:%s) add to " "interavl_item_hash failed", __FUNCTION__, __LINE__, - item->item_id); + uuid_str); return -1; } } @@ -342,7 +344,7 @@ int interval_runtime_update(void *interval_runtime, void *interval_schema, goto ERROR; } - tmp_obj = cJSON_GetObjectItem(json, "item_id"); + tmp_obj = cJSON_GetObjectItem(json, "uuid"); if (NULL == tmp_obj || tmp_obj->type != cJSON_String) { log_fatal(interval_rt->logger, MODULE_INTERVAL, "[%s:%d] interval table:<%s> has no item_id in line:%s", @@ -351,8 +353,9 @@ int interval_runtime_update(void *interval_runtime, void *interval_schema, goto ERROR; } - long long item_id = atoll(tmp_obj->valuestring); - if (item_id < 0) { + uuid_t item_uuid; + uuid_parse(tmp_obj->valuestring, item_uuid); + if (uuid_is_null(item_uuid)) { log_fatal(interval_rt->logger, MODULE_INTERVAL, "[%s:%d] interval table:<%s> item_id wrong" " in table_line:%s", __FUNCTION__, __LINE__, table_name, @@ -364,7 +367,7 @@ int interval_runtime_update(void *interval_runtime, void *interval_schema, struct interval_item *interval_item = NULL; if (MAAT_OP_ADD == op) { //add - interval_item = interval_item_new(schema, table_name, json, interval_rt, item_id); + interval_item = interval_item_new(schema, table_name, json, interval_rt, item_uuid); if (NULL == interval_item) { interval_rt->update_err_cnt++; goto ERROR; @@ -376,7 +379,7 @@ int interval_runtime_update(void *interval_runtime, void *interval_schema, interval_item->user_data = item_district_id; } - int ret = interval_runtime_update_row(interval_rt, (char *)&item_id, sizeof(long long), + int ret = interval_runtime_update_row(interval_rt, (char *)&item_uuid, sizeof(uuid_t), interval_item, op); if (ret < 0) { if (interval_item != NULL) { @@ -531,18 +534,17 @@ int interval_runtime_scan(struct interval_runtime *interval_rt, int thread_id, int tag_district_id = *(int *)(hit_results[i].user_tag); if (tag_district_id == state->district_id || tag_district_id == DISTRICT_ANY) { - long long item_id = hit_results[i].rule_id; struct interval_item *int_item = (struct interval_item *)rcu_hash_find(interval_rt->item_hash, - (char *)&item_id, - sizeof(long long)); + (char *)&hit_results[i].rule_uuid, + sizeof(uuid_t)); if (!int_item) { // item config has been deleted continue; } - hit_maat_items[real_hit_item_cnt].item_id = item_id; - hit_maat_items[real_hit_item_cnt].object_id = int_item->object_id; + uuid_copy(hit_maat_items[real_hit_item_cnt].item_uuid, int_item->item_uuid); + uuid_copy(hit_maat_items[real_hit_item_cnt].object_uuid, int_item->object_uuid); real_hit_item_cnt++; } } diff --git a/src/maat_ip.c b/src/maat_ip.c index aa98c41..1597e34 100644 --- a/src/maat_ip.c +++ b/src/maat_ip.c @@ -39,8 +39,8 @@ struct ipv6_item_rule { }; struct ip_item { - long long item_id; - long long object_id; + uuid_t item_uuid; + uuid_t object_uuid; int addr_type; union { struct ipv4_item_rule ipv4; @@ -98,23 +98,23 @@ void ip_schema_free(void *ip_schema) static struct ip_item * ip_item_new(struct ip_schema *ip_schema, const char *table_name, - const cJSON *json, struct log_handle *logger, long long item_id) + const cJSON *json, struct log_handle *logger, uuid_t item_uuid) { char ip_str[128] = {0}; struct ip_item *ip_item = ALLOC(struct ip_item, 1); cJSON *tmp_obj = NULL; int ret = 0; - ip_item->item_id = item_id; + uuid_copy(ip_item->item_uuid, item_uuid); - tmp_obj = cJSON_GetObjectItem(json, "object_id"); + tmp_obj = cJSON_GetObjectItem(json, "object_uuid"); if (NULL == tmp_obj || tmp_obj->type != cJSON_String) { log_fatal(logger, MODULE_IP, "[%s:%d] ip table:<%s> has no object_id in line:%s", __FUNCTION__, __LINE__, table_name, cJSON_Print(json)); goto error; } - ip_item->object_id = atoll(tmp_obj->valuestring); + uuid_parse(tmp_obj->valuestring, ip_item->object_uuid); tmp_obj = cJSON_GetObjectItem(json, "ip"); if (NULL == tmp_obj || tmp_obj->type != cJSON_String) { @@ -268,7 +268,7 @@ static void ip_item_to_ip_rule(struct ip_item *item, struct ip_rule *rule) memcpy(rule->ipv6_rule.end_ip, item->ipv6.max_ip, sizeof(item->ipv6.max_ip)); } - rule->rule_id = item->item_id; + uuid_copy(rule->rule_uuid, item->item_uuid); } static int ip_runtime_update_row(struct ip_runtime *ip_rt, char *key, size_t key_len, @@ -283,9 +283,11 @@ static int ip_runtime_update_row(struct ip_runtime *ip_rt, char *key, size_t key // add ret = rcu_hash_add(ip_rt->item_hash, key, key_len, (void *)item); if (ret < 0) { + char uuid_str[37] = {0}; + uuid_unparse(item->item_uuid, uuid_str); log_debug(ip_rt->logger, MODULE_IP, - "[%s:%d] ip item(item_id:%lld) add to ip runtime htable failed", - __FUNCTION__, __LINE__, item->item_id); + "[%s:%d] ip item(item_id:%s) add to ip runtime htable failed", + __FUNCTION__, __LINE__, uuid_str); return -1; } } @@ -315,7 +317,7 @@ int ip_runtime_update(void *ip_runtime, void *ip_schema, goto ERROR; } - tmp_obj = cJSON_GetObjectItem(json, "item_id"); + tmp_obj = cJSON_GetObjectItem(json, "uuid"); if (NULL == tmp_obj || tmp_obj->type != cJSON_String) { log_fatal(ip_rt->logger, MODULE_IP, "[%s:%d] ip table:<%s> has no item_id in line:%s", @@ -323,19 +325,21 @@ int ip_runtime_update(void *ip_runtime, void *ip_schema, ip_rt->update_err_cnt++; goto ERROR; } - long long item_id = atoll(tmp_obj->valuestring); + + uuid_t item_uuid; + uuid_parse(tmp_obj->valuestring, item_uuid); struct ip_item *ip_item = NULL; if (MAAT_OP_ADD == op) { //add - ip_item = ip_item_new(schema, table_name, json, ip_rt->logger, item_id); + ip_item = ip_item_new(schema, table_name, json, ip_rt->logger, item_uuid); if (NULL == ip_item) { ip_rt->update_err_cnt++; goto ERROR; } } - int ret = ip_runtime_update_row(ip_rt, (char *)&item_id, sizeof(long long), + int ret = ip_runtime_update_row(ip_rt, (char *)&item_uuid, sizeof(uuid_t), ip_item, op); if (ret < 0) { if (ip_item != NULL) { @@ -505,10 +509,9 @@ int ip_runtime_scan(struct ip_runtime *ip_rt, int thread_id, int ip_type, } for (size_t i = 0; i < n_hit_ip_item; i++) { - long long item_id = ip_results[i].rule_id; struct ip_item *ip_item = (struct ip_item *)rcu_hash_find(ip_rt->item_hash, - (char *)&item_id, - sizeof(long long)); + (char *)&ip_results[i].rule_uuid, + sizeof(uuid_t)); if (!ip_item) { // item config has been deleted continue; @@ -524,8 +527,8 @@ int ip_runtime_scan(struct ip_runtime *ip_rt, int thread_id, int ip_type, continue; } - hit_maat_items[real_hit_item_cnt].item_id = ip_results[i].rule_id; - hit_maat_items[real_hit_item_cnt].object_id = ip_item->object_id; + uuid_copy(hit_maat_items[real_hit_item_cnt].item_uuid, ip_item->item_uuid); + uuid_copy(hit_maat_items[real_hit_item_cnt].object_uuid, ip_item->object_uuid); real_hit_item_cnt++; } diff --git a/src/maat_ip_plugin.c b/src/maat_ip_plugin.c index 9881c54..1419d12 100644 --- a/src/maat_ip_plugin.c +++ b/src/maat_ip_plugin.c @@ -159,7 +159,7 @@ ip_plugin_rule_new(struct ip_plugin_schema *schema, const char *table_name, __FUNCTION__, __LINE__, table_name, schema->key_name, cJSON_Print(json)); goto error; } - ip_plugin_rule->rule_id = atoll(tmp_obj->valuestring); + uuid_parse(tmp_obj->valuestring, ip_plugin_rule->rule_uuid); tmp_obj = cJSON_GetObjectItem(json, "ip"); if (NULL == tmp_obj || tmp_obj->type != cJSON_String) { diff --git a/src/maat_ipport_plugin.c b/src/maat_ipport_plugin.c index d26e5bd..bb735a7 100644 --- a/src/maat_ipport_plugin.c +++ b/src/maat_ipport_plugin.c @@ -42,7 +42,7 @@ struct ipv6_item { }; struct ipport_item { - long long item_id; + uuid_t item_uuid; int ip_type; //IPV4 or IPV6 union { struct ipv4_item ipv4; @@ -237,7 +237,7 @@ ipport_item_new(struct ipport_plugin_schema *schema, const char *table_name, __FUNCTION__, __LINE__, table_name, cJSON_Print(json)); goto error; } - ipport_item->item_id = atoll(tmp_obj->valuestring); + uuid_parse(tmp_obj->valuestring, ipport_item->item_uuid); tmp_obj = cJSON_GetObjectItem(json, "ip"); if (NULL == tmp_obj || tmp_obj->type != cJSON_String) { @@ -442,7 +442,7 @@ ipport_item_to_ipport_rule(struct ipport_item *item, struct ipport_rule *rule) rule->min_port = item->min_port; rule->max_port = item->max_port; } - rule->rule_id = item->item_id; + uuid_copy(rule->rule_uuid, item->item_uuid); } static void diff --git a/src/maat_object.c b/src/maat_object.c index 9b1d4f5..3222718 100644 --- a/src/maat_object.c +++ b/src/maat_object.c @@ -23,9 +23,9 @@ #define MODULE_OBJECT module_name_str("maat.object") struct object2object_item { - long long object_id; - UT_array *incl_sub_object_ids; - UT_array *excl_sub_object_ids; + uuid_t object_uuid; + UT_array *incl_sub_object_uuids; + UT_array *excl_sub_object_uuids; }; struct object2object_schema { @@ -35,22 +35,22 @@ struct object2object_schema { struct maat_object { igraph_integer_t vertex_id; - long long object_id; + uuid_t object_uuid; int ref_by_super_object_cnt; int ref_by_sub_object_cnt; - UT_array *incl_super_object_ids; - UT_array *excl_super_object_ids; - UT_array *incl_sub_object_ids; - UT_array *excl_sub_object_ids; + UT_array *incl_super_object_uuids; + UT_array *excl_super_object_uuids; + UT_array *incl_sub_object_uuids; + UT_array *excl_sub_object_uuids; - UT_hash_handle hh_object_id; + UT_hash_handle hh_object_uuid; UT_hash_handle hh_vertex_id; }; struct maat_object_topology { - struct maat_object *hash_by_object_id; //key: object_id, value: struct maat_object *. + struct maat_object *hash_by_object_uuid; //key: object_id, value: struct maat_object *. struct maat_object *hash_by_vertex_id; //key: vetex_id, value: struct maat_object *. igraph_t object_graph; igraph_integer_t grp_vertex_id_generator; @@ -61,7 +61,7 @@ struct object2object_runtime { struct maat_object_topology *object_topo; struct maat_object_topology *updating_object_topo; long long rule_num; - long long excl_rule_num; //exclude g2g rule num + long long excl_rule_num; //exclude o2o rule num long long update_err_cnt; int updating_flag; @@ -69,46 +69,38 @@ struct object2object_runtime { struct log_handle *logger; }; -UT_icd ut_object_id_icd = {sizeof(long long), NULL, NULL, NULL}; +UT_icd ut_object_uuid_icd = {sizeof(uuid_t), NULL, NULL, NULL}; -static inline int compare_object_id(const void *a, const void *b) +static inline int compare_object_uuid(const void *a, const void *b) { - long long ret = *(const long long *)a - *(const long long *)b; - - if (0 == ret) { - return 0; - } else if(ret < 0) { - return -1; - } else { - return 1; - } + return uuid_compare(*(uuid_t *)a, *(uuid_t *)b); } void *object2object_schema_new(cJSON *json, struct table_manager *tbl_mgr, const char *table_name, struct log_handle *logger) { - struct object2object_schema *g2g_schema = ALLOC(struct object2object_schema, 1); + struct object2object_schema *o2o_schema = ALLOC(struct object2object_schema, 1); cJSON *item = cJSON_GetObjectItem(json, "table_id"); if (item != NULL && item->type == cJSON_Number) { - g2g_schema->table_id = item->valueint; + o2o_schema->table_id = item->valueint; } else { log_fatal(logger, MODULE_OBJECT, - "[%s:%d] g2g table:<%s> schema has no table_id column", + "[%s:%d] o2o table:<%s> schema has no table_id column", __FUNCTION__, __LINE__, table_name); goto error; } - g2g_schema->ref_tbl_mgr = tbl_mgr; - return g2g_schema; + o2o_schema->ref_tbl_mgr = tbl_mgr; + return o2o_schema; error: - FREE(g2g_schema); + FREE(o2o_schema); return NULL; } -void object2object_schema_free(void *g2g_schema) +void object2object_schema_free(void *o2o_schema) { - FREE(g2g_schema); + FREE(o2o_schema); } static void object_vertex_free(struct maat_object *object) @@ -117,24 +109,24 @@ static void object_vertex_free(struct maat_object *object) return; } - if (object->incl_super_object_ids != NULL) { - utarray_free(object->incl_super_object_ids); - object->incl_super_object_ids = NULL; + if (object->incl_super_object_uuids != NULL) { + utarray_free(object->incl_super_object_uuids); + object->incl_super_object_uuids = NULL; } - if (object->excl_super_object_ids != NULL) { - utarray_free(object->excl_super_object_ids); - object->excl_super_object_ids = NULL; + if (object->excl_super_object_uuids != NULL) { + utarray_free(object->excl_super_object_uuids); + object->excl_super_object_uuids = NULL; } - if (object->incl_sub_object_ids != NULL) { - utarray_free(object->incl_sub_object_ids); - object->incl_sub_object_ids = NULL; + if (object->incl_sub_object_uuids != NULL) { + utarray_free(object->incl_sub_object_uuids); + object->incl_sub_object_uuids = NULL; } - if (object->excl_sub_object_ids != NULL) { - utarray_free(object->excl_sub_object_ids); - object->excl_sub_object_ids = NULL; + if (object->excl_sub_object_uuids != NULL) { + utarray_free(object->excl_sub_object_uuids); + object->excl_sub_object_uuids = NULL; } FREE(object); @@ -146,7 +138,7 @@ maat_object_topology_new(struct log_handle *logger) struct maat_object_topology *object_topo = ALLOC(struct maat_object_topology, 1); UNUSED int ret = 0; - object_topo->hash_by_object_id = NULL; + object_topo->hash_by_object_uuid = NULL; object_topo->hash_by_vertex_id = NULL; ret = igraph_empty(&(object_topo->object_graph), 0, IGRAPH_DIRECTED); @@ -166,11 +158,11 @@ static void maat_object_topology_free(struct maat_object_topology *object_topo) struct maat_object *object = NULL, *tmp_object = NULL; HASH_CLEAR(hh_vertex_id, object_topo->hash_by_vertex_id);//No need object memory clean up. - HASH_ITER(hh_object_id, object_topo->hash_by_object_id, object, tmp_object) { - HASH_DELETE(hh_object_id, object_topo->hash_by_object_id, object); + HASH_ITER(hh_object_uuid, object_topo->hash_by_object_uuid, object, tmp_object) { + HASH_DELETE(hh_object_uuid, object_topo->hash_by_object_uuid, object); object_vertex_free(object); } - assert(object_topo->hash_by_object_id == NULL); + assert(object_topo->hash_by_object_uuid == NULL); igraph_destroy(&object_topo->object_graph); FREE(object_topo); @@ -180,34 +172,34 @@ static struct maat_object *maat_object_clone(struct maat_object *object) { struct maat_object *object_copy = ALLOC(struct maat_object, 1); - object_copy->object_id = object->object_id; + uuid_copy(object_copy->object_uuid, object->object_uuid); object_copy->vertex_id = object->vertex_id; object_copy->ref_by_sub_object_cnt = object->ref_by_sub_object_cnt; object_copy->ref_by_super_object_cnt = object->ref_by_super_object_cnt; - utarray_new(object_copy->incl_super_object_ids, &ut_object_id_icd); - utarray_new(object_copy->excl_super_object_ids, &ut_object_id_icd); - utarray_new(object_copy->incl_sub_object_ids, &ut_object_id_icd); - utarray_new(object_copy->excl_sub_object_ids, &ut_object_id_icd); + utarray_new(object_copy->incl_super_object_uuids, &ut_object_uuid_icd); + utarray_new(object_copy->excl_super_object_uuids, &ut_object_uuid_icd); + utarray_new(object_copy->incl_sub_object_uuids, &ut_object_uuid_icd); + utarray_new(object_copy->excl_sub_object_uuids, &ut_object_uuid_icd); - long long *p = NULL; - for (p = (long long *)utarray_front(object->incl_super_object_ids); p != NULL; - p = (long long *)utarray_next(object->incl_super_object_ids, p)) { - utarray_push_back(object_copy->incl_super_object_ids, p); + uuid_t *p = NULL; + for (p = (uuid_t *)utarray_front(object->incl_super_object_uuids); p != NULL; + p = (uuid_t *)utarray_next(object->incl_super_object_uuids, p)) { + utarray_push_back(object_copy->incl_super_object_uuids, p); } - for (p = (long long *)utarray_front(object->excl_super_object_ids); p != NULL; - p = (long long *)utarray_next(object->excl_super_object_ids, p)) { - utarray_push_back(object_copy->excl_super_object_ids, p); + for (p = (uuid_t *)utarray_front(object->excl_super_object_uuids); p != NULL; + p = (uuid_t *)utarray_next(object->excl_super_object_uuids, p)) { + utarray_push_back(object_copy->excl_super_object_uuids, p); } - for (p = (long long *)utarray_front(object->incl_sub_object_ids); p != NULL; - p = (long long *)utarray_next(object->incl_sub_object_ids, p)) { - utarray_push_back(object_copy->incl_sub_object_ids, p); + for (p = (uuid_t *)utarray_front(object->incl_sub_object_uuids); p != NULL; + p = (uuid_t *)utarray_next(object->incl_sub_object_uuids, p)) { + utarray_push_back(object_copy->incl_sub_object_uuids, p); } - for (p = (long long *)utarray_front(object->excl_sub_object_ids); p != NULL; - p = (long long *)utarray_next(object->excl_sub_object_ids, p)) { - utarray_push_back(object_copy->excl_sub_object_ids, p); + for (p = (uuid_t *)utarray_front(object->excl_sub_object_uuids); p != NULL; + p = (uuid_t *)utarray_next(object->excl_sub_object_uuids, p)) { + utarray_push_back(object_copy->excl_sub_object_uuids, p); } return object_copy; @@ -223,11 +215,11 @@ maat_object_topology_clone(struct maat_object_topology *object_topo) struct maat_object_topology *object_topo_copy = ALLOC(struct maat_object_topology, 1); struct maat_object *object = NULL, *tmp_object = NULL; - HASH_ITER(hh_object_id, object_topo->hash_by_object_id, object, tmp_object) { + HASH_ITER(hh_object_uuid, object_topo->hash_by_object_uuid, object, tmp_object) { struct maat_object *object_copy = maat_object_clone(object); - HASH_ADD(hh_object_id, object_topo_copy->hash_by_object_id, object_id, - sizeof(object_copy->object_id), object_copy); + HASH_ADD(hh_object_uuid, object_topo_copy->hash_by_object_uuid, object_uuid, + sizeof(object_copy->object_uuid), object_copy); HASH_ADD(hh_vertex_id, object_topo_copy->hash_by_vertex_id, vertex_id, sizeof(object_copy->vertex_id), object_copy); } @@ -239,46 +231,46 @@ maat_object_topology_clone(struct maat_object_topology *object_topo) return object_topo_copy; } -void *object2object_runtime_new(void *g2g_schema, size_t max_thread_num, +void *object2object_runtime_new(void *o2o_schema, size_t max_thread_num, struct maat_garbage_bin *garbage_bin, struct log_handle *logger) { - if (NULL == g2g_schema) { + if (NULL == o2o_schema) { return NULL; } - struct object2object_runtime *g2g_rt = ALLOC(struct object2object_runtime, 1); + struct object2object_runtime *o2o_rt = ALLOC(struct object2object_runtime, 1); - g2g_rt->object_topo = maat_object_topology_new(logger); - g2g_rt->ref_garbage_bin = garbage_bin; - g2g_rt->logger = logger; + o2o_rt->object_topo = maat_object_topology_new(logger); + o2o_rt->ref_garbage_bin = garbage_bin; + o2o_rt->logger = logger; - return g2g_rt; + return o2o_rt; } -void object2object_runtime_free(void *g2g_runtime) +void object2object_runtime_free(void *o2o_runtime) { - if (NULL == g2g_runtime) { + if (NULL == o2o_runtime) { return; } - struct object2object_runtime *g2g_rt = (struct object2object_runtime *)g2g_runtime; + struct object2object_runtime *o2o_rt = (struct object2object_runtime *)o2o_runtime; - if (g2g_rt->object_topo != NULL) { - maat_object_topology_free(g2g_rt->object_topo); - g2g_rt->object_topo = NULL; + if (o2o_rt->object_topo != NULL) { + maat_object_topology_free(o2o_rt->object_topo); + o2o_rt->object_topo = NULL; } - if (g2g_rt->updating_object_topo != NULL) { - maat_object_topology_free(g2g_rt->updating_object_topo); - g2g_rt->updating_object_topo = NULL; + if (o2o_rt->updating_object_topo != NULL) { + maat_object_topology_free(o2o_rt->updating_object_topo); + o2o_rt->updating_object_topo = NULL; } - FREE(g2g_rt); + FREE(o2o_rt); } static struct object2object_item * -object2object_item_new(const char *line, struct object2object_schema *g2g_schema, +object2object_item_new(const char *line, struct object2object_schema *o2o_schema, const char *table_name, struct log_handle *logger) { cJSON *tmp_obj = NULL; @@ -286,28 +278,28 @@ object2object_item_new(const char *line, struct object2object_schema *g2g_schema if (json == NULL) { log_fatal(logger, MODULE_OBJECT, - "[%s:%d] g2g table:<%s> line:<%s> parse json failed", + "[%s:%d] o2o table:<%s> line:<%s> parse json failed", __FUNCTION__, __LINE__, table_name, line); return NULL; } - struct object2object_item *g2g_item = ALLOC(struct object2object_item, 1); - utarray_new(g2g_item->incl_sub_object_ids, &ut_object_id_icd); - utarray_new(g2g_item->excl_sub_object_ids, &ut_object_id_icd); + struct object2object_item *o2o_item = ALLOC(struct object2object_item, 1); + utarray_new(o2o_item->incl_sub_object_uuids, &ut_object_uuid_icd); + utarray_new(o2o_item->excl_sub_object_uuids, &ut_object_uuid_icd); - tmp_obj = cJSON_GetObjectItem(json, "object_id"); + tmp_obj = cJSON_GetObjectItem(json, "object_uuid"); if (tmp_obj == NULL || tmp_obj->type != cJSON_String) { log_fatal(logger, MODULE_OBJECT, - "[%s:%d] g2g table:<%s> has no object_id or format is not string in line:%s", + "[%s:%d] o2o table:<%s> has no object_id or format is not string in line:%s", __FUNCTION__, __LINE__, table_name, line); goto error; } - g2g_item->object_id = atoll(tmp_obj->valuestring); + uuid_parse(tmp_obj->valuestring, o2o_item->object_uuid); - tmp_obj = cJSON_GetObjectItem(json, "include_object_ids"); + tmp_obj = cJSON_GetObjectItem(json, "include_object_uuids"); if (tmp_obj == NULL || tmp_obj->type != cJSON_Array) { log_fatal(logger, MODULE_OBJECT, - "[%s:%d] g2g table:<%s> has no included_sub_object_ids or format is not array in line:%s", + "[%s:%d] o2o table:<%s> has no included_sub_object_ids or format is not array in line:%s", __FUNCTION__, __LINE__, table_name, line); goto error; } @@ -316,25 +308,26 @@ object2object_item_new(const char *line, struct object2object_schema *g2g_schema cJSON *item = cJSON_GetArrayItem(tmp_obj, i); if (item == NULL || item->type != cJSON_String) { log_fatal(logger, MODULE_OBJECT, - "[%s:%d] g2g table:<%s> included_sub_object_ids format error in line:%s", + "[%s:%d] o2o table:<%s> included_sub_object_ids format error in line:%s", __FUNCTION__, __LINE__, table_name, line); goto error; } - long long object_id = atoll(item->valuestring); - utarray_push_back(g2g_item->incl_sub_object_ids, &object_id); + uuid_t object_uuid; + uuid_parse(item->valuestring, object_uuid); + utarray_push_back(o2o_item->incl_sub_object_uuids, &object_uuid); } - if (utarray_len(g2g_item->incl_sub_object_ids) > MAX_OBJECT_CNT) { + if (utarray_len(o2o_item->incl_sub_object_uuids) > MAX_OBJECT_CNT) { log_fatal(logger, MODULE_OBJECT, - "[%s:%d] g2c table:<%s> included_sub_object_ids exceed maximum:%d in line:%s", + "[%s:%d] o2r table:<%s> included_sub_object_ids exceed maximum:%d in line:%s", __FUNCTION__, __LINE__, table_name, MAX_OBJECT_CNT, line); goto error; } - tmp_obj = cJSON_GetObjectItem(json, "exclude_object_ids"); + tmp_obj = cJSON_GetObjectItem(json, "exclude_object_uuids"); if (tmp_obj == NULL || tmp_obj->type != cJSON_Array) { log_fatal(logger, MODULE_OBJECT, - "[%s:%d] g2g table:<%s> has no excluded_sub_object_ids or format is not array in line:%s", + "[%s:%d] o2o table:<%s> has no excluded_sub_object_ids or format is not array in line:%s", __FUNCTION__, __LINE__, table_name, line); goto error; } @@ -343,44 +336,45 @@ object2object_item_new(const char *line, struct object2object_schema *g2g_schema cJSON *item = cJSON_GetArrayItem(tmp_obj, i); if (item == NULL || item->type != cJSON_String) { log_fatal(logger, MODULE_OBJECT, - "[%s:%d] g2g table:<%s> excluded_sub_object_ids format error in line:%s", + "[%s:%d] o2o table:<%s> excluded_sub_object_ids format error in line:%s", __FUNCTION__, __LINE__, table_name, line); goto error; } - long long object_id = atoll(item->valuestring); - utarray_push_back(g2g_item->excl_sub_object_ids, &object_id); + uuid_t object_uuid; + uuid_parse(item->valuestring, object_uuid); + utarray_push_back(o2o_item->excl_sub_object_uuids, &object_uuid); } - if (utarray_len(g2g_item->excl_sub_object_ids) > MAX_OBJECT_CNT) { + if (utarray_len(o2o_item->excl_sub_object_uuids) > MAX_OBJECT_CNT) { log_fatal(logger, MODULE_OBJECT, - "[%s:%d] g2c table:<%s> excluded_sub_object_ids exceed maximum:%d in line:%s", + "[%s:%d] o2r table:<%s> excluded_sub_object_ids exceed maximum:%d in line:%s", __FUNCTION__, __LINE__, table_name, MAX_OBJECT_CNT, line); goto error; } - return g2g_item; + return o2o_item; error: - FREE(g2g_item); + FREE(o2o_item); return NULL; } -static void object2object_item_free(struct object2object_item *g2g_item) +static void object2object_item_free(struct object2object_item *o2o_item) { - if (NULL == g2g_item) { + if (NULL == o2o_item) { return; } - if (g2g_item->incl_sub_object_ids != NULL) { - utarray_free(g2g_item->incl_sub_object_ids); - g2g_item->incl_sub_object_ids = NULL; + if (o2o_item->incl_sub_object_uuids != NULL) { + utarray_free(o2o_item->incl_sub_object_uuids); + o2o_item->incl_sub_object_uuids = NULL; } - if (g2g_item->excl_sub_object_ids != NULL) { - utarray_free(g2g_item->excl_sub_object_ids); - g2g_item->excl_sub_object_ids = NULL; + if (o2o_item->excl_sub_object_uuids != NULL) { + utarray_free(o2o_item->excl_sub_object_uuids); + o2o_item->excl_sub_object_uuids = NULL; } - FREE(g2g_item); + FREE(o2o_item); } static size_t print_igraph_vector(igraph_vector_t *v, char *buff, size_t sz) { @@ -396,23 +390,23 @@ static size_t print_igraph_vector(igraph_vector_t *v, char *buff, size_t sz) { } static struct maat_object * -object_topology_add_object(struct maat_object_topology *object_topo, long long object_id) +object_topology_add_object(struct maat_object_topology *object_topo, uuid_t object_uuid) { assert(object_topo != NULL); struct maat_object *object = ALLOC(struct maat_object, 1); - object->object_id = object_id; + uuid_copy(object->object_uuid, object_uuid); object->vertex_id = object_topo->grp_vertex_id_generator++; - utarray_new(object->incl_super_object_ids, &ut_object_id_icd); - utarray_new(object->excl_super_object_ids, &ut_object_id_icd); - utarray_new(object->incl_sub_object_ids, &ut_object_id_icd); - utarray_new(object->excl_sub_object_ids, &ut_object_id_icd); + utarray_new(object->incl_super_object_uuids, &ut_object_uuid_icd); + utarray_new(object->excl_super_object_uuids, &ut_object_uuid_icd); + utarray_new(object->incl_sub_object_uuids, &ut_object_uuid_icd); + utarray_new(object->excl_sub_object_uuids, &ut_object_uuid_icd); assert(igraph_vcount(&object_topo->object_graph)==object->vertex_id); igraph_add_vertices(&object_topo->object_graph, 1, NULL); //Add 1 vertice. - HASH_ADD(hh_object_id, object_topo->hash_by_object_id, object_id, - sizeof(object->object_id), object); + HASH_ADD(hh_object_uuid, object_topo->hash_by_object_uuid, object_uuid, + sizeof(object->object_uuid), object); HASH_ADD(hh_vertex_id, object_topo->hash_by_vertex_id, vertex_id, sizeof(object->vertex_id), object); @@ -444,152 +438,152 @@ static void object_topology_del_object(struct maat_object_topology *object_topo, //We should not call igraph_delete_vertices, because this is function changes the ids of the vertices. - HASH_DELETE(hh_object_id, object_topo->hash_by_object_id, object); + HASH_DELETE(hh_object_uuid, object_topo->hash_by_object_uuid, object); HASH_DELETE(hh_vertex_id, object_topo->hash_by_vertex_id, object); object_vertex_free(object); } static struct maat_object * -object_topology_find_object(struct maat_object_topology *object_topo, long long object_id) +object_topology_find_object(struct maat_object_topology *object_topo, uuid_t object_uuid) { - if (NULL == object_topo || object_id < 0) { + if (NULL == object_topo || uuid_is_null(object_uuid)) { return NULL; } struct maat_object *object = NULL; - HASH_FIND(hh_object_id, object_topo->hash_by_object_id, &object_id, sizeof(object_id), object); + HASH_FIND(hh_object_uuid, object_topo->hash_by_object_uuid, (char*)&object_uuid, sizeof(uuid_t), object); return object; } static void maat_object_reference_super_object(struct maat_object *object, - long long super_object_id, + uuid_t super_object_uuid, int is_exclude) { - if (NULL == object || super_object_id < 0) { + if (NULL == object || uuid_is_null(super_object_uuid)) { return; } if (0 == is_exclude) { //include superior object - if (!utarray_find(object->incl_super_object_ids, &super_object_id, - compare_object_id)) { - utarray_push_back(object->incl_super_object_ids, &super_object_id); - utarray_sort(object->incl_super_object_ids, compare_object_id); + if (!utarray_find(object->incl_super_object_uuids, &super_object_uuid, + compare_object_uuid)) { + utarray_push_back(object->incl_super_object_uuids, &super_object_uuid); + utarray_sort(object->incl_super_object_uuids, compare_object_uuid); } } else { //exclude superior object - if (!utarray_find(object->excl_super_object_ids, &super_object_id, - compare_object_id)) { - utarray_push_back(object->excl_super_object_ids, &super_object_id); - utarray_sort(object->excl_super_object_ids, compare_object_id); + if (!utarray_find(object->excl_super_object_uuids, &super_object_uuid, + compare_object_uuid)) { + utarray_push_back(object->excl_super_object_uuids, &super_object_uuid); + utarray_sort(object->excl_super_object_uuids, compare_object_uuid); } } } static void maat_object_reference_sub_object(struct maat_object *object, - long long sub_object_id, + uuid_t sub_object_uuid, int is_exclude) { - if (NULL == object || sub_object_id < 0) { + if (NULL == object || uuid_is_null(sub_object_uuid)) { return; } if (0 == is_exclude) { //include sub object - if (!utarray_find(object->incl_sub_object_ids, &sub_object_id, - compare_object_id)) { - utarray_push_back(object->incl_sub_object_ids, &sub_object_id); - utarray_sort(object->incl_sub_object_ids, compare_object_id); + if (!utarray_find(object->incl_sub_object_uuids, &sub_object_uuid, + compare_object_uuid)) { + utarray_push_back(object->incl_sub_object_uuids, &sub_object_uuid); + utarray_sort(object->incl_sub_object_uuids, compare_object_uuid); } } else { //exclude sub object - if (!utarray_find(object->excl_sub_object_ids, &sub_object_id, - compare_object_id)) { - utarray_push_back(object->excl_sub_object_ids, &sub_object_id); - utarray_sort(object->excl_sub_object_ids, compare_object_id); + if (!utarray_find(object->excl_sub_object_uuids, &sub_object_uuid, + compare_object_uuid)) { + utarray_push_back(object->excl_sub_object_uuids, &sub_object_uuid); + utarray_sort(object->excl_sub_object_uuids, compare_object_uuid); } } } static void maat_object_dereference_super_object(struct maat_object *object, - long long super_object_id, + uuid_t super_object_uuid, int is_exclude) { - if (NULL == object || super_object_id < 0) { + if (NULL == object || uuid_is_null(super_object_uuid)) { return; } size_t remove_idx = 0; - long long *tmp_id = NULL; + uuid_t *tmp_uuid = NULL; if (0 == is_exclude) { //include superior object - tmp_id = utarray_find(object->incl_super_object_ids, &super_object_id, - compare_object_id); - if (tmp_id != NULL) { - remove_idx = utarray_eltidx(object->incl_super_object_ids, tmp_id); - utarray_erase(object->incl_super_object_ids, remove_idx, 1); + tmp_uuid = utarray_find(object->incl_super_object_uuids, &super_object_uuid, + compare_object_uuid); + if (tmp_uuid != NULL) { + remove_idx = utarray_eltidx(object->incl_super_object_uuids, tmp_uuid); + utarray_erase(object->incl_super_object_uuids, remove_idx, 1); } } else { //exclude superior object - tmp_id = utarray_find(object->excl_super_object_ids, &super_object_id, - compare_object_id); - if (tmp_id != NULL) { - remove_idx = utarray_eltidx(object->excl_super_object_ids, tmp_id); - utarray_erase(object->excl_super_object_ids, remove_idx, 1); + tmp_uuid = utarray_find(object->excl_super_object_uuids, &super_object_uuid, + compare_object_uuid); + if (tmp_uuid != NULL) { + remove_idx = utarray_eltidx(object->excl_super_object_uuids, tmp_uuid); + utarray_erase(object->excl_super_object_uuids, remove_idx, 1); } } } static void maat_object_dereference_sub_object(struct maat_object *object, - long long sub_object_id, + uuid_t sub_object_uuid, int is_exclude) { - if (NULL == object || sub_object_id < 0) { + if (NULL == object || uuid_is_null(sub_object_uuid)) { return; } size_t remove_idx = 0; - long long *tmp_id = NULL; + uuid_t *tmp_uuid = NULL; if (0 == is_exclude) { //include superior object - tmp_id = utarray_find(object->incl_sub_object_ids, &sub_object_id, - compare_object_id); - if (tmp_id != NULL) { - remove_idx = utarray_eltidx(object->incl_sub_object_ids, tmp_id); - utarray_erase(object->incl_sub_object_ids, remove_idx, 1); + tmp_uuid = utarray_find(object->incl_sub_object_uuids, &sub_object_uuid, + compare_object_uuid); + if (tmp_uuid != NULL) { + remove_idx = utarray_eltidx(object->incl_sub_object_uuids, tmp_uuid); + utarray_erase(object->incl_sub_object_uuids, remove_idx, 1); } } else { //exclude superior object - tmp_id = utarray_find(object->excl_sub_object_ids, &sub_object_id, - compare_object_id); - if (tmp_id != NULL) { - remove_idx = utarray_eltidx(object->excl_sub_object_ids, tmp_id); - utarray_erase(object->excl_sub_object_ids, remove_idx, 1); + tmp_uuid = utarray_find(object->excl_sub_object_uuids, &sub_object_uuid, + compare_object_uuid); + if (tmp_uuid != NULL) { + remove_idx = utarray_eltidx(object->excl_sub_object_uuids, tmp_uuid); + utarray_erase(object->excl_sub_object_uuids, remove_idx, 1); } } } static int object_topology_add_object_to_object(struct maat_object_topology *object_topo, - long long object_id, long long sub_object_id, + uuid_t object_uuid, uuid_t sub_object_uuid, int is_exclude) { if (NULL == object_topo) { return -1; } - struct maat_object *sub_object = object_topology_find_object(object_topo, sub_object_id); + struct maat_object *sub_object = object_topology_find_object(object_topo, sub_object_uuid); if (NULL == sub_object) { - sub_object = object_topology_add_object(object_topo, sub_object_id); + sub_object = object_topology_add_object(object_topo, sub_object_uuid); } - struct maat_object *object = object_topology_find_object(object_topo, object_id); + struct maat_object *object = object_topology_find_object(object_topo, object_uuid); if (NULL == object) { - object = object_topology_add_object(object_topo, object_id); + object = object_topology_add_object(object_topo, object_uuid); } - maat_object_reference_super_object(sub_object, object_id, is_exclude); - maat_object_reference_sub_object(object, sub_object_id, is_exclude); + maat_object_reference_super_object(sub_object, object_uuid, is_exclude); + maat_object_reference_sub_object(object, sub_object_uuid, is_exclude); igraph_integer_t edge_id; int ret = igraph_get_eid(&object_topo->object_graph, &edge_id, sub_object->vertex_id, @@ -597,9 +591,13 @@ static int object_topology_add_object_to_object(struct maat_object_topology *obj //No duplicated edges between two objects. if (edge_id > 0) { + char object_uuid_str[37] = {0}; + char sub_object_uuid_str[37] = {0}; + uuid_unparse(object_uuid, object_uuid_str); + uuid_unparse(sub_object_uuid, sub_object_uuid_str); log_fatal(object_topo->logger, MODULE_OBJECT, - "[%s:%d] Add object %d to object %d failed, relation already existed.", - __FUNCTION__, __LINE__, sub_object->object_id, object->object_id); + "[%s:%d] Add object %s to object %s failed, relation already existed.", + __FUNCTION__, __LINE__, sub_object_uuid_str, object_uuid_str); ret = -1; } else { igraph_add_edge(&object_topo->object_graph, sub_object->vertex_id, @@ -612,9 +610,13 @@ static int object_topology_add_object_to_object(struct maat_object_topology *obj igraph_bool_t is_dag; igraph_is_dag(&(object_topo->object_graph), &is_dag); if (!is_dag) { + char object_uuid_str[37] = {0}; + char sub_object_uuid_str[37] = {0}; + uuid_unparse(object_uuid, object_uuid_str); + uuid_unparse(sub_object_uuid, sub_object_uuid_str); log_fatal(object_topo->logger, MODULE_OBJECT, - "[%s:%d] Sub object cycle detected, sub_object_id:%lld, object_id:%lld!", - __FUNCTION__, __LINE__, sub_object_id, object_id); + "[%s:%d] Sub object cycle detected, sub_object_id:%s, object_id:%s!", + __FUNCTION__, __LINE__, sub_object_uuid_str, object_uuid_str); return -1; } @@ -622,7 +624,7 @@ static int object_topology_add_object_to_object(struct maat_object_topology *obj } static int object_topology_del_object_from_object(struct maat_object_topology *object_topo, - long long object_id, long long sub_object_id, + uuid_t object_uuid, uuid_t sub_object_uuid, int is_exclude) { if (NULL == object_topo) { @@ -630,24 +632,32 @@ static int object_topology_del_object_from_object(struct maat_object_topology *o } //No hash write operation, LOCK protection is unnecessary. - struct maat_object *sub_object = object_topology_find_object(object_topo, sub_object_id); + struct maat_object *sub_object = object_topology_find_object(object_topo, sub_object_uuid); if (NULL == sub_object) { + char object_uuid_str[37] = {0}; + char sub_object_uuid_str[37] = {0}; + uuid_unparse(object_uuid, object_uuid_str); + uuid_unparse(sub_object_uuid, sub_object_uuid_str); log_fatal(object_topo->logger, MODULE_OBJECT, - "[%s:%d] Del object %d from object %d failed, object %d not existed.", - __FUNCTION__, __LINE__, sub_object_id, object_id, sub_object_id); + "[%s:%d] Del object %s from object %s failed, object %s not existed.", + __FUNCTION__, __LINE__, sub_object_uuid_str, object_uuid_str, sub_object_uuid_str); return -1; } - struct maat_object *object = object_topology_find_object(object_topo, object_id); + struct maat_object *object = object_topology_find_object(object_topo, object_uuid); if (NULL == object) { + char object_uuid_str[37] = {0}; + char sub_object_uuid_str[37] = {0}; + uuid_unparse(object_uuid, object_uuid_str); + uuid_unparse(sub_object_uuid, sub_object_uuid_str); log_fatal(object_topo->logger, MODULE_OBJECT, - "[%s:%d] Del object %d from object %d failed, object %d not existed.", - __FUNCTION__, __LINE__, sub_object_id, object_id, object_id); + "[%s:%d] Del object %s from object %s failed, object %s not existed.", + __FUNCTION__, __LINE__, sub_object_uuid_str, object_uuid_str, object_uuid_str); return -1; } - maat_object_dereference_super_object(sub_object, object_id, is_exclude); - maat_object_dereference_sub_object(object, sub_object_id, is_exclude); + maat_object_dereference_super_object(sub_object, object_uuid, is_exclude); + maat_object_dereference_sub_object(object, sub_object_uuid, is_exclude); igraph_es_t es; igraph_integer_t edge_num_before = 0, edge_num_after = 0; @@ -694,7 +704,7 @@ static int object_topology_build_super_objects(struct maat_object_topology *obje } struct maat_object *object = NULL, *tmp_object = NULL; - HASH_ITER (hh_object_id, object_topo->hash_by_object_id, object, tmp_object) { + HASH_ITER (hh_object_uuid, object_topo->hash_by_object_uuid, object, tmp_object) { //Orphan, Not reference by any one, free it. if (0 == object->ref_by_super_object_cnt && 0 == object->ref_by_sub_object_cnt) { @@ -706,93 +716,93 @@ static int object_topology_build_super_objects(struct maat_object_topology *obje return 0; } -int object2object_runtime_update(void *g2g_runtime, void *g2g_schema, +int object2object_runtime_update(void *o2o_runtime, void *o2o_schema, const char *table_name, const char *line, enum maat_operation op) { - if (NULL == g2g_runtime || NULL == g2g_schema || + if (NULL == o2o_runtime || NULL == o2o_schema || NULL == line) { return -1; } - struct object2object_schema *schema = (struct object2object_schema *)g2g_schema; - struct object2object_runtime *g2g_rt = (struct object2object_runtime *)g2g_runtime; + struct object2object_schema *schema = (struct object2object_schema *)o2o_schema; + struct object2object_runtime *o2o_rt = (struct object2object_runtime *)o2o_runtime; - struct object2object_item *g2g_item = object2object_item_new(line, schema, table_name, - g2g_rt->logger); - if (NULL == g2g_item) { - g2g_rt->update_err_cnt++; + struct object2object_item *o2o_item = object2object_item_new(line, schema, table_name, + o2o_rt->logger); + if (NULL == o2o_item) { + o2o_rt->update_err_cnt++; return -1; } - if (0 == g2g_rt->updating_flag) { - assert(g2g_rt->updating_object_topo == NULL); - g2g_rt->updating_object_topo = maat_object_topology_clone(g2g_rt->object_topo); - g2g_rt->updating_flag = 1; + if (0 == o2o_rt->updating_flag) { + assert(o2o_rt->updating_object_topo == NULL); + o2o_rt->updating_object_topo = maat_object_topology_clone(o2o_rt->object_topo); + o2o_rt->updating_flag = 1; } int ret = 0; size_t i = 0; int err_flag = 0; - long long *sub_object_id = NULL; + uuid_t *sub_object_uuid = NULL; if (MAAT_OP_DEL == op) { //delete - for (i = 0; i < utarray_len(g2g_item->incl_sub_object_ids); i++) { - sub_object_id = (long long *)utarray_eltptr(g2g_item->incl_sub_object_ids, i); - ret = object_topology_del_object_from_object(g2g_rt->updating_object_topo, - g2g_item->object_id, *sub_object_id, 0); + for (i = 0; i < utarray_len(o2o_item->incl_sub_object_uuids); i++) { + sub_object_uuid = (uuid_t *)utarray_eltptr(o2o_item->incl_sub_object_uuids, i); + ret = object_topology_del_object_from_object(o2o_rt->updating_object_topo, + o2o_item->object_uuid, *sub_object_uuid, 0); if (ret != 0) { err_flag = 1; } } - for (i = 0; i < utarray_len(g2g_item->excl_sub_object_ids); i++) { - sub_object_id = (long long *)utarray_eltptr(g2g_item->excl_sub_object_ids, i); - ret = object_topology_del_object_from_object(g2g_rt->updating_object_topo, - g2g_item->object_id, *sub_object_id, 1); + for (i = 0; i < utarray_len(o2o_item->excl_sub_object_uuids); i++) { + sub_object_uuid = (uuid_t *)utarray_eltptr(o2o_item->excl_sub_object_uuids, i); + ret = object_topology_del_object_from_object(o2o_rt->updating_object_topo, + o2o_item->object_uuid, *sub_object_uuid, 1); if (ret != 0) { err_flag = 1; } } if (1 == err_flag) { - g2g_rt->update_err_cnt++; + o2o_rt->update_err_cnt++; } else { - if (utarray_len(g2g_item->excl_sub_object_ids) > 0) { - g2g_rt->excl_rule_num--; + if (utarray_len(o2o_item->excl_sub_object_uuids) > 0) { + o2o_rt->excl_rule_num--; } - g2g_rt->rule_num--; + o2o_rt->rule_num--; } } else { //add - for (i = 0; i < utarray_len(g2g_item->incl_sub_object_ids); i++) { - sub_object_id = (long long *)utarray_eltptr(g2g_item->incl_sub_object_ids, i); - ret = object_topology_add_object_to_object(g2g_rt->updating_object_topo, - g2g_item->object_id, *sub_object_id, 0); + for (i = 0; i < utarray_len(o2o_item->incl_sub_object_uuids); i++) { + sub_object_uuid = (uuid_t *)utarray_eltptr(o2o_item->incl_sub_object_uuids, i); + ret = object_topology_add_object_to_object(o2o_rt->updating_object_topo, + o2o_item->object_uuid, *sub_object_uuid, 0); if (ret != 0) { err_flag = 1; } } - for (i = 0; i < utarray_len(g2g_item->excl_sub_object_ids); i++) { - sub_object_id = (long long *)utarray_eltptr(g2g_item->excl_sub_object_ids, i); - ret = object_topology_add_object_to_object(g2g_rt->updating_object_topo, - g2g_item->object_id, *sub_object_id, 1); + for (i = 0; i < utarray_len(o2o_item->excl_sub_object_uuids); i++) { + sub_object_uuid = (uuid_t *)utarray_eltptr(o2o_item->excl_sub_object_uuids, i); + ret = object_topology_add_object_to_object(o2o_rt->updating_object_topo, + o2o_item->object_uuid, *sub_object_uuid, 1); if (ret != 0) { err_flag = 1; } } if (1 == err_flag) { - g2g_rt->update_err_cnt++; + o2o_rt->update_err_cnt++; } else { - if (utarray_len(g2g_item->excl_sub_object_ids) > 0) { - g2g_rt->excl_rule_num++; + if (utarray_len(o2o_item->excl_sub_object_uuids) > 0) { + o2o_rt->excl_rule_num++; } - g2g_rt->rule_num++; + o2o_rt->rule_num++; } } - object2object_item_free(g2g_item); + object2object_item_free(o2o_item); return ret; } @@ -803,43 +813,43 @@ static void garbage_maat_object_topology_free(void *data, void *arg) maat_object_topology_free(object_topo); } -int object2object_runtime_commit(void *g2g_runtime, const char *table_name, +int object2object_runtime_commit(void *o2o_runtime, const char *table_name, long long maat_rt_version) { - if (NULL == g2g_runtime) { + if (NULL == o2o_runtime) { return -1; } - struct object2object_runtime *g2g_rt = (struct object2object_runtime *)g2g_runtime; - if (0 == g2g_rt->updating_flag) { + struct object2object_runtime *o2o_rt = (struct object2object_runtime *)o2o_runtime; + if (0 == o2o_rt->updating_flag) { return 0; } struct timespec start, end; clock_gettime(CLOCK_MONOTONIC, &start); - int ret = object_topology_build_super_objects(g2g_rt->updating_object_topo); + int ret = object_topology_build_super_objects(o2o_rt->updating_object_topo); clock_gettime(CLOCK_MONOTONIC, &end); long long time_elapse_ms = (end.tv_sec - start.tv_sec) * 1000 + (end.tv_nsec - start.tv_nsec) / 1000000; if (ret < 0) { - log_fatal(g2g_rt->logger, MODULE_OBJECT, + log_fatal(o2o_rt->logger, MODULE_OBJECT, "[%s:%d] table[%s] object2object runtime commit failed", __FUNCTION__, __LINE__, table_name); return -1; } - struct maat_object_topology *old_object_topo = g2g_rt->object_topo; - g2g_rt->object_topo = g2g_rt->updating_object_topo; - g2g_rt->updating_object_topo = NULL; - g2g_rt->updating_flag = 0; + struct maat_object_topology *old_object_topo = o2o_rt->object_topo; + o2o_rt->object_topo = o2o_rt->updating_object_topo; + o2o_rt->updating_object_topo = NULL; + o2o_rt->updating_flag = 0; - maat_garbage_bagging(g2g_rt->ref_garbage_bin, old_object_topo, NULL, + maat_garbage_bagging(o2o_rt->ref_garbage_bin, old_object_topo, NULL, garbage_maat_object_topology_free); - log_info(g2g_rt->logger, MODULE_OBJECT, - "table[%s] commit %zu g2g rules and rebuild super_objects completed," - " version:%lld, consume:%lldms", table_name, g2g_rt->rule_num, + log_info(o2o_rt->logger, MODULE_OBJECT, + "table[%s] commit %zu o2o rules and rebuild super_objects completed," + " version:%lld, consume:%lldms", table_name, o2o_rt->rule_num, maat_rt_version, time_elapse_ms); return 0; @@ -847,78 +857,78 @@ int object2object_runtime_commit(void *g2g_runtime, const char *table_name, #define MAX_RECURSION_DEPTH 5 static void get_candidate_super_object_ids(struct maat_object_topology *object_topo, - UT_array *hit_object_ids, - UT_array *super_object_ids) + UT_array *hit_object_uuids, + UT_array *super_object_uuids) { - long long *p = NULL; + uuid_t *p = NULL; //Find super candidates - for (p = (long long *)utarray_front(hit_object_ids); p != NULL; - p = (long long *)utarray_next(hit_object_ids, p)) { + for (p = (uuid_t *)utarray_front(hit_object_uuids); p != NULL; + p = (uuid_t *)utarray_next(hit_object_uuids, p)) { struct maat_object *object = object_topology_find_object(object_topo, *p); if (NULL == object) { //object_id not in object2object table continue; } - for (int i = 0; i < utarray_len(object->incl_super_object_ids); i++) { - long long *tmp = (long long *)utarray_eltptr(object->incl_super_object_ids, i); - utarray_push_back(super_object_ids, tmp); + for (int i = 0; i < utarray_len(object->incl_super_object_uuids); i++) { + uuid_t *tmp = (uuid_t *)utarray_eltptr(object->incl_super_object_uuids, i); + utarray_push_back(super_object_uuids, tmp); } } } static void verify_object_by_sub_include_objects(struct maat_object *object, - UT_array *candidate_object_ids, - UT_array *kept_super_object_ids, - UT_array *all_hit_object_ids) + UT_array *candidate_object_uuids, + UT_array *kept_super_object_uuids, + UT_array *all_hit_object_uuids) { size_t remove_idx = 0; - long long *tmp_id = NULL; + uuid_t *tmp_uuid = NULL; // delete objects whose all incl sub not in all_hit_object_ids - if (utarray_len(object->incl_sub_object_ids) != 0) { + if (utarray_len(object->incl_sub_object_uuids) != 0) { int sub_incl_flag = 0; - for (tmp_id = (long long *)utarray_front(object->incl_sub_object_ids); tmp_id != NULL; - tmp_id = (long long *)utarray_next(object->incl_sub_object_ids, tmp_id)) { - if (utarray_find(candidate_object_ids, tmp_id, compare_object_id)) { + for (tmp_uuid = (uuid_t *)utarray_front(object->incl_sub_object_uuids); tmp_uuid != NULL; + tmp_uuid = (uuid_t *)utarray_next(object->incl_sub_object_uuids, tmp_uuid)) { + if (utarray_find(candidate_object_uuids, tmp_uuid, compare_object_uuid)) { sub_incl_flag = 1; break; } } if (0 == sub_incl_flag) { - tmp_id = utarray_find(all_hit_object_ids, &(object->object_id), compare_object_id); - if (tmp_id != NULL) { - remove_idx = utarray_eltidx(all_hit_object_ids, tmp_id); - utarray_erase(all_hit_object_ids, remove_idx, 1); + tmp_uuid = utarray_find(all_hit_object_uuids, &(object->object_uuid), compare_object_uuid); + if (tmp_uuid != NULL) { + remove_idx = utarray_eltidx(all_hit_object_uuids, tmp_uuid); + utarray_erase(all_hit_object_uuids, remove_idx, 1); } - tmp_id = utarray_find(kept_super_object_ids, &(object->object_id), compare_object_id); - if (tmp_id != NULL) { - remove_idx = utarray_eltidx(kept_super_object_ids, tmp_id); - utarray_erase(kept_super_object_ids, remove_idx, 1); + tmp_uuid = utarray_find(kept_super_object_uuids, &(object->object_uuid), compare_object_uuid); + if (tmp_uuid != NULL) { + remove_idx = utarray_eltidx(kept_super_object_uuids, tmp_uuid); + utarray_erase(kept_super_object_uuids, remove_idx, 1); } } } } static void verify_object_by_sub_exclude_objects(struct maat_object *object, - UT_array *candidate_object_ids, - UT_array *kept_super_object_ids, - UT_array *all_hit_object_ids) + UT_array *candidate_object_uuids, + UT_array *kept_super_object_uuids, + UT_array *all_hit_object_uuids) { - if (0 == utarray_len(object->excl_sub_object_ids)) { + if (0 == utarray_len(object->excl_sub_object_uuids)) { return; } // delete objects whose excl sub in all_hit_object_ids int sub_excl_flag = 0; - long long *tmp_id = NULL; - for (tmp_id = (long long *)utarray_front(object->excl_sub_object_ids); tmp_id != NULL; - tmp_id = (long long *)utarray_next(object->excl_sub_object_ids, tmp_id)) { - if (utarray_find(candidate_object_ids, tmp_id, compare_object_id)) { + uuid_t *tmp_uuid = NULL; + for (tmp_uuid = (uuid_t *)utarray_front(object->excl_sub_object_uuids); tmp_uuid != NULL; + tmp_uuid = (uuid_t *)utarray_next(object->excl_sub_object_uuids, tmp_uuid)) { + if (utarray_find(candidate_object_uuids, tmp_uuid, compare_object_uuid)) { sub_excl_flag = 1; break; } @@ -926,54 +936,55 @@ static void verify_object_by_sub_exclude_objects(struct maat_object *object, if (1 == sub_excl_flag) { size_t remove_idx = 0; - tmp_id = utarray_find(all_hit_object_ids, &(object->object_id), compare_object_id); - if (tmp_id != NULL) { - remove_idx = utarray_eltidx(all_hit_object_ids, tmp_id); - utarray_erase(all_hit_object_ids, remove_idx, 1); + tmp_uuid = utarray_find(all_hit_object_uuids, &(object->object_uuid), compare_object_uuid); + if (tmp_uuid != NULL) { + remove_idx = utarray_eltidx(all_hit_object_uuids, tmp_uuid); + utarray_erase(all_hit_object_uuids, remove_idx, 1); } - tmp_id = utarray_find(kept_super_object_ids, &(object->object_id), compare_object_id); - if (tmp_id != NULL) { - remove_idx = utarray_eltidx(kept_super_object_ids, tmp_id); - utarray_erase(kept_super_object_ids, remove_idx, 1); + tmp_uuid = utarray_find(kept_super_object_uuids, &(object->object_uuid), compare_object_uuid); + if (tmp_uuid != NULL) { + remove_idx = utarray_eltidx(kept_super_object_uuids, tmp_uuid); + utarray_erase(kept_super_object_uuids, remove_idx, 1); } } } static void verify_candidate_super_object_ids(struct maat_object_topology *object_topo, - UT_array *candidate_super_object_ids, - UT_array *all_hit_object_ids, - UT_array *kept_super_object_ids) + UT_array *candidate_super_object_uuids, + UT_array *all_hit_object_uuids, + UT_array *kept_super_object_uuids) { - long long *p = NULL; - UT_array *candidate_object_ids; + uuid_t *p = NULL; + UT_array *candidate_object_uuids; - utarray_new(candidate_object_ids, &ut_object_id_icd); + utarray_new(candidate_object_uuids, &ut_object_uuid_icd); /* merge this round of candidate super objects with hit objects from the previous round */ - for (p = (long long *)utarray_front(candidate_super_object_ids); p != NULL; - p = (long long *)utarray_next(candidate_super_object_ids, p)) { - utarray_push_back(candidate_object_ids, p); + for (p = (uuid_t *)utarray_front(candidate_super_object_uuids); p != NULL; + p = (uuid_t *)utarray_next(candidate_super_object_uuids, p)) { + utarray_push_back(candidate_object_uuids, p); } - for (p = (long long *)utarray_front(all_hit_object_ids); p != NULL; - p = (long long *)utarray_next(all_hit_object_ids, p)) { - utarray_push_back(candidate_object_ids, p); + for (p = (uuid_t *)utarray_front(all_hit_object_uuids); p != NULL; + p = (uuid_t *)utarray_next(all_hit_object_uuids, p)) { + utarray_push_back(candidate_object_uuids, p); } - utarray_sort(candidate_object_ids, compare_object_id); + utarray_sort(candidate_object_uuids, compare_object_uuid); /** * verify sub exclude for candidate_super_object_ids */ - long long prev_object_id = -1; - for (p = (long long *)utarray_front(candidate_super_object_ids); p != NULL; - p = (long long *)utarray_next(candidate_super_object_ids, p)) { + uuid_t prev_object_uuid; + uuid_clear(prev_object_uuid); + for (p = (uuid_t *)utarray_front(candidate_super_object_uuids); p != NULL; + p = (uuid_t *)utarray_next(candidate_super_object_uuids, p)) { //filter duplicated object id - if (*p == prev_object_id) { + if (uuid_compare(*p, prev_object_uuid) == 0) { continue; } - prev_object_id = *p; + uuid_copy(prev_object_uuid, *p); struct maat_object *object = object_topology_find_object(object_topo, *p); if (NULL == object) { @@ -982,10 +993,10 @@ static void verify_candidate_super_object_ids(struct maat_object_topology *objec //if object's sub excl in candidate_object_ids int sub_excl_flag = 0; - long long *tmp_id = NULL; - for (tmp_id = (long long *)utarray_front(object->excl_sub_object_ids); tmp_id != NULL; - tmp_id = (long long *)utarray_next(object->excl_sub_object_ids, tmp_id)) { - if (utarray_find(candidate_object_ids, tmp_id, compare_object_id)) { + uuid_t *tmp_uuid = NULL; + for (tmp_uuid = (uuid_t *)utarray_front(object->excl_sub_object_uuids); tmp_uuid != NULL; + tmp_uuid = (uuid_t *)utarray_next(object->excl_sub_object_uuids, tmp_uuid)) { + if (utarray_find(candidate_object_uuids, tmp_uuid, compare_object_uuid)) { sub_excl_flag = 1; break; } @@ -996,64 +1007,66 @@ static void verify_candidate_super_object_ids(struct maat_object_topology *objec continue; } - utarray_push_back(kept_super_object_ids, p); - utarray_push_back(all_hit_object_ids, p); + utarray_push_back(kept_super_object_uuids, p); + utarray_push_back(all_hit_object_uuids, p); } - utarray_sort(all_hit_object_ids, compare_object_id); - utarray_sort(kept_super_object_ids, compare_object_id); + utarray_sort(all_hit_object_uuids, compare_object_uuid); + utarray_sort(kept_super_object_uuids, compare_object_uuid); /** * candidate_object_ids clone all_hit_object_ids */ - utarray_clear(candidate_object_ids); - for (p = (long long *)utarray_front(all_hit_object_ids); p != NULL; - p = (long long *)utarray_next(all_hit_object_ids, p)) { - utarray_push_back(candidate_object_ids, p); + utarray_clear(candidate_object_uuids); + for (p = (uuid_t *)utarray_front(all_hit_object_uuids); p != NULL; + p = (uuid_t *)utarray_next(all_hit_object_uuids, p)) { + utarray_push_back(candidate_object_uuids, p); } /** * 1. delete objects whose excl sub in all_hit_object_ids * 2. delete objects whose all incl sub is non-exist in all_hit_object_ids */ - for (p = (long long *)utarray_front(candidate_object_ids); p != NULL; - p = (long long *)utarray_next(candidate_object_ids, p)) { + for (p = (uuid_t *)utarray_front(candidate_object_uuids); p != NULL; + p = (uuid_t *)utarray_next(candidate_object_uuids, p)) { struct maat_object *object = object_topology_find_object(object_topo, *p); if (NULL == object) { continue; } - verify_object_by_sub_exclude_objects(object, candidate_object_ids, - kept_super_object_ids, all_hit_object_ids); - verify_object_by_sub_include_objects(object, candidate_object_ids, - kept_super_object_ids, all_hit_object_ids); + verify_object_by_sub_exclude_objects(object, candidate_object_uuids, + kept_super_object_uuids, all_hit_object_uuids); + verify_object_by_sub_include_objects(object, candidate_object_uuids, + kept_super_object_uuids, all_hit_object_uuids); } - utarray_free(candidate_object_ids); + utarray_free(candidate_object_uuids); } static void get_super_object_ids(struct maat_object_topology *object_topo, - UT_array *hit_object_ids, UT_array *all_hit_object_ids, + UT_array *hit_object_uuids, UT_array *all_hit_object_uuids, size_t depth) { - UT_array *candidate_super_object_ids; - UT_array *kept_super_object_ids; + UT_array *candidate_super_object_uuids; + UT_array *kept_super_object_uuids; if (depth >= MAX_RECURSION_DEPTH) { log_error(object_topo->logger, MODULE_OBJECT, "[%s:%d]exceed max recursion depth(5)", __FUNCTION__, __LINE__); - for (int i = 0; i < utarray_len(hit_object_ids); i++) { - long long *p = (long long *)utarray_eltptr(hit_object_ids, i); + for (int i = 0; i < utarray_len(hit_object_uuids); i++) { + uuid_t *p = (uuid_t *)utarray_eltptr(hit_object_uuids, i); + char uuid_str[UUID_STR_LEN] = {0}; + uuid_unparse(*p, uuid_str); log_error(object_topo->logger, MODULE_OBJECT, - "[%s:%d]object_id:%lld can't recursively get super object_id", - __FUNCTION__, __LINE__, *p); + "[%s:%d]object_id:%s can't recursively get super object_id", + __FUNCTION__, __LINE__, uuid_str); } return; } - utarray_new(kept_super_object_ids, &ut_object_id_icd); - utarray_new(candidate_super_object_ids, &ut_object_id_icd); + utarray_new(kept_super_object_uuids, &ut_object_uuid_icd); + utarray_new(candidate_super_object_uuids, &ut_object_uuid_icd); /** candidate super objects means all hit objects' super include object, @@ -1065,9 +1078,9 @@ static void get_super_object_ids(struct maat_object_topology *object_topo, candidate super objects = {g7, g8, g12} */ - get_candidate_super_object_ids(object_topo, hit_object_ids, candidate_super_object_ids); + get_candidate_super_object_ids(object_topo, hit_object_uuids, candidate_super_object_uuids); - if (0 == utarray_len(candidate_super_object_ids)) { + if (0 == utarray_len(candidate_super_object_uuids)) { goto next; } @@ -1095,114 +1108,114 @@ static void get_super_object_ids(struct maat_object_topology *object_topo, after verify candidates, kept super objects = {g7, g8}, all hit objects = {g4, g11, g7, g8} */ - verify_candidate_super_object_ids(object_topo, candidate_super_object_ids, all_hit_object_ids, - kept_super_object_ids); + verify_candidate_super_object_ids(object_topo, candidate_super_object_uuids, all_hit_object_uuids, + kept_super_object_uuids); depth++; - get_super_object_ids(object_topo, kept_super_object_ids, all_hit_object_ids, depth); + get_super_object_ids(object_topo, kept_super_object_uuids, all_hit_object_uuids, depth); next: - utarray_free(candidate_super_object_ids); - utarray_free(kept_super_object_ids); + utarray_free(candidate_super_object_uuids); + utarray_free(kept_super_object_uuids); } static size_t object_topology_get_super_objects(struct maat_object_topology *object_topo, - long long *object_ids, size_t n_object_ids, - long long *super_object_ids, - size_t super_object_ids_size) + uuid_t *object_uuids, size_t n_object_uuids, + uuid_t *super_object_uuids, + size_t super_object_uuids_size) { size_t i = 0, idx = 0; - UT_array *all_hit_object_ids; - UT_array *candidate_object_ids; + UT_array *all_hit_object_uuids; + UT_array *candidate_object_uuids; - utarray_new(all_hit_object_ids, &ut_object_id_icd); - utarray_new(candidate_object_ids, &ut_object_id_icd); + utarray_new(all_hit_object_uuids, &ut_object_uuid_icd); + utarray_new(candidate_object_uuids, &ut_object_uuid_icd); - for (i = 0; i < n_object_ids; i++) { - utarray_push_back(all_hit_object_ids, &(object_ids[i])); - utarray_push_back(candidate_object_ids, &(object_ids[i])); + for (i = 0; i < n_object_uuids; i++) { + utarray_push_back(all_hit_object_uuids, &(object_uuids[i])); + utarray_push_back(candidate_object_uuids, &(object_uuids[i])); } - get_super_object_ids(object_topo, candidate_object_ids, all_hit_object_ids, 0); + get_super_object_ids(object_topo, candidate_object_uuids, all_hit_object_uuids, 0); - for (i = 0; i < n_object_ids; i++) { - long long *tmp_id = utarray_find(all_hit_object_ids, &(object_ids[i]), - compare_object_id); + for (i = 0; i < n_object_uuids; i++) { + uuid_t *tmp_id = utarray_find(all_hit_object_uuids, &(object_uuids[i]), + compare_object_uuid); if (tmp_id != NULL) { - size_t remove_idx = utarray_eltidx(all_hit_object_ids, tmp_id); - utarray_erase(all_hit_object_ids, remove_idx, 1); + size_t remove_idx = utarray_eltidx(all_hit_object_uuids, tmp_id); + utarray_erase(all_hit_object_uuids, remove_idx, 1); } } - long long *p = NULL; - for (p = (long long *)utarray_front(all_hit_object_ids); p != NULL; - p = (long long *)utarray_next(all_hit_object_ids, p)) { - if (idx >= super_object_ids_size) { + uuid_t *p = NULL; + for (p = (uuid_t *)utarray_front(all_hit_object_uuids); p != NULL; + p = (uuid_t *)utarray_next(all_hit_object_uuids, p)) { + if (idx >= super_object_uuids_size) { break; } - super_object_ids[idx++] = *p; + uuid_copy(super_object_uuids[idx++], *p); } - utarray_free(all_hit_object_ids); - utarray_free(candidate_object_ids); + utarray_free(all_hit_object_uuids); + utarray_free(candidate_object_uuids); return idx; } -size_t object2object_runtime_get_super_objects(void *g2g_runtime, long long *object_ids, - size_t n_object_ids, long long *super_object_ids, - size_t super_object_ids_size) +size_t object2object_runtime_get_super_objects(void *o2o_runtime, uuid_t *object_uuids, + size_t n_object_uuids, uuid_t *super_object_uuids, + size_t super_object_uuids_size) { - if (NULL == g2g_runtime || NULL == object_ids || 0 == n_object_ids) { + if (NULL == o2o_runtime || NULL == object_uuids || 0 == n_object_uuids) { return 0; } - struct object2object_runtime *g2g_rt = (struct object2object_runtime *)g2g_runtime; - long long g2g_object_ids[n_object_ids]; - size_t g2g_object_ids_cnt = 0; + struct object2object_runtime *o2o_rt = (struct object2object_runtime *)o2o_runtime; + uuid_t o2o_object_uuids[n_object_uuids]; + size_t o2o_object_uuids_cnt = 0; - for (size_t i = 0; i < n_object_ids; i++) { - struct maat_object *object = object_topology_find_object(g2g_rt->object_topo, object_ids[i]); + for (size_t i = 0; i < n_object_uuids; i++) { + struct maat_object *object = object_topology_find_object(o2o_rt->object_topo, object_uuids[i]); if (NULL == object) { continue; } - g2g_object_ids[g2g_object_ids_cnt++] = object_ids[i]; + uuid_copy(o2o_object_uuids[o2o_object_uuids_cnt++], object_uuids[i]); } - if (0 == g2g_object_ids_cnt) { + if (0 == o2o_object_uuids_cnt) { return 0; } - return object_topology_get_super_objects(g2g_rt->object_topo, g2g_object_ids, g2g_object_ids_cnt, - super_object_ids, super_object_ids_size); + return object_topology_get_super_objects(o2o_rt->object_topo, o2o_object_uuids, o2o_object_uuids_cnt, + super_object_uuids, super_object_uuids_size); } -long long object2object_runtime_rule_count(void *g2g_runtime) +long long object2object_runtime_rule_count(void *o2o_runtime) { - if (NULL == g2g_runtime) { + if (NULL == o2o_runtime) { return 0; } - struct object2object_runtime *g2g_rt = (struct object2object_runtime *)g2g_runtime; - return g2g_rt->rule_num; + struct object2object_runtime *o2o_rt = (struct object2object_runtime *)o2o_runtime; + return o2o_rt->rule_num; } -long long object2object_runtime_exclude_rule_count(void *g2g_runtime) +long long object2object_runtime_exclude_rule_count(void *o2o_runtime) { - if (NULL == g2g_runtime) { + if (NULL == o2o_runtime) { return 0; } - struct object2object_runtime *g2g_rt = (struct object2object_runtime *)g2g_runtime; - return g2g_rt->excl_rule_num; + struct object2object_runtime *o2o_rt = (struct object2object_runtime *)o2o_runtime; + return o2o_rt->excl_rule_num; } -long long object2object_runtime_update_err_count(void *g2g_runtime) +long long object2object_runtime_update_err_count(void *o2o_runtime) { - if (NULL == g2g_runtime) { + if (NULL == o2o_runtime) { return 0; } - struct object2object_runtime *g2g_rt = (struct object2object_runtime *)g2g_runtime; - return g2g_rt->update_err_cnt; + struct object2object_runtime *o2o_rt = (struct object2object_runtime *)o2o_runtime; + return o2o_rt->update_err_cnt; } \ No newline at end of file diff --git a/src/maat_rule.c b/src/maat_rule.c index 4409148..a53d5d3 100644 --- a/src/maat_rule.c +++ b/src/maat_rule.c @@ -43,13 +43,13 @@ struct rule_schema { struct rule_item { int condition_num; - long long rule_id; + uuid_t rule_uuid; char *table_line; size_t table_line_len; }; struct condition_query_key { - long long object_id; + uuid_t object_uuid; int attribute_id; int negate_option; }; @@ -70,7 +70,7 @@ struct table_condition { struct table_object { int attribute_id; - UT_array *object_ids; + UT_array *object_uuids; UT_hash_handle hh; }; @@ -99,7 +99,7 @@ struct condition_literal { struct rule_condition { long long condition_id; - long long object_ids[MAX_OBJECT_CNT]; + uuid_t object_uuids[MAX_OBJECT_CNT]; int object_cnt; int attribute_id; char negate_option; // 1 byte @@ -109,7 +109,7 @@ struct rule_condition { struct rule_sort_para { int condition_num; - long long rule_id; + uuid_t rule_uuid; }; #define MAAT_RULE_MAGIC 0x4a5b6c7d @@ -117,21 +117,21 @@ struct maat_rule { uint32_t magic_num; int condition_num; int table_id; - long long rule_id; + uuid_t rule_uuid; void *user_data; // rule_item struct rule_condition conditions[MAX_ITEMS_PER_BOOL_EXPR]; }; struct internal_hit_path { - long long item_id; - long long object_id; + uuid_t item_uuid; + uuid_t object_uuid; int Nth_scan; int attribute_id; int negate_option; // 1 means negate condition }; struct rule2table_id { - long long rule_id; + uuid_t rule_uuid; int table_id; }; @@ -153,7 +153,7 @@ struct rule_compile_state { }; UT_icd ut_condition_id_icd = {sizeof(long long), NULL, NULL, NULL}; -UT_icd ut_rule_object_id_icd = {sizeof(long long), NULL, NULL, NULL}; +UT_icd ut_rule_object_uuid_icd = {sizeof(uuid_t), NULL, NULL, NULL}; UT_icd ut_maat_hit_object_icd = {sizeof(struct maat_hit_object), NULL, NULL, NULL}; UT_icd ut_hit_path_icd = {sizeof(struct internal_hit_path), NULL, NULL, NULL}; UT_icd ut_hit_rule_table_id_icd = {sizeof(struct rule2table_id), NULL, NULL, NULL}; @@ -226,7 +226,7 @@ static int validate_table_not_condition(struct rule_runtime *rule_rt, } static struct maat_rule *maat_rule_new(struct rule_runtime *rule_rt, struct rule_schema *schema, - const char *table_name, long long rule_id, + const char *table_name, uuid_t rule_uuid, const char *table_line, struct rule_item *rule_item) { struct maat_rule *rule = ALLOC(struct maat_rule, 1); @@ -235,7 +235,7 @@ static struct maat_rule *maat_rule_new(struct rule_runtime *rule_rt, struct rule cJSON *table_json = cJSON_Parse(table_line); rule->magic_num = MAAT_RULE_MAGIC; - rule->rule_id = rule_id; + uuid_copy(rule->rule_uuid, rule_uuid); for(int i = 0; i < MAX_ITEMS_PER_BOOL_EXPR; i++) { rule->conditions[i].in_use = 0; @@ -309,7 +309,7 @@ static struct maat_rule *maat_rule_new(struct rule_runtime *rule_rt, struct rule } } - tmp_obj = cJSON_GetObjectItem(condition_obj, "object_ids"); + tmp_obj = cJSON_GetObjectItem(condition_obj, "object_uuids"); if (tmp_obj && tmp_obj->type == cJSON_Array) { int n_object_ids = cJSON_GetArraySize(tmp_obj); @@ -318,8 +318,7 @@ static struct maat_rule *maat_rule_new(struct rule_runtime *rule_rt, struct rule for (int j = 0; j < n_object_ids; j++) { cJSON *object_id_obj = cJSON_GetArrayItem(tmp_obj, j); if (object_id_obj && object_id_obj->type == cJSON_String) { - long long object_id = atoll(object_id_obj->valuestring); - condition->object_ids[j] = object_id; + uuid_parse(object_id_obj->valuestring, condition->object_uuids[j]); } } } @@ -383,14 +382,14 @@ rule_item_new(const char *table_line, struct rule_schema *schema, struct rule_item *rule_item = ALLOC(struct rule_item, 1); cJSON *table_json = cJSON_Parse(table_line); - tmp_obj = cJSON_GetObjectItem(table_json, "rule_id"); + tmp_obj = cJSON_GetObjectItem(table_json, "uuid"); if (tmp_obj == NULL && tmp_obj->type != cJSON_String) { log_fatal(logger, MODULE_RULE, "[%s:%d] table: <%s> has no rule_id or not string format in line:%s", __FUNCTION__, __LINE__, table_name, cJSON_Print(table_json)); goto error; } - rule_item->rule_id = atoll(tmp_obj->valuestring); + uuid_parse(tmp_obj->valuestring, rule_item->rule_uuid); rule_item->table_line_len = strlen(table_line); rule_item->table_line = ALLOC(char, rule_item->table_line_len + 1); @@ -529,17 +528,9 @@ void rule_runtime_init(void *rule_runtime, struct maat_runtime *maat_rt) rule_rt->ref_maat_rt = maat_rt; } -static inline int compare_object_id(const void *a, const void *b) +static inline int compare_object_uuid(const void *a, const void *b) { - long long ret = *(const long long *)a - *(const long long *)b; - - if (0 == ret) { - return 0; - } else if(ret < 0) { - return -1; - } else { - return 1; - } + return uuid_compare(*(uuid_t *)a, *(uuid_t *)b); } static struct bool_matcher * @@ -588,7 +579,7 @@ maat_rule_bool_matcher_new(struct rule_runtime *rule_rt, // some rule may have zero objects, e.g. default policy. if (j == (size_t)iter_rule->condition_num && j > 0) { - bool_expr_array[expr_cnt].expr_id = iter_rule->rule_id; + uuid_copy(bool_expr_array[expr_cnt].expr_uuid, iter_rule->rule_uuid); bool_expr_array[expr_cnt].user_tag = iter_rule; bool_expr_array[expr_cnt].item_num = j; expr_cnt++; @@ -634,17 +625,9 @@ static inline int compare_condition_id(const void *a, const void *b) } } -static inline int compare_rule_id(const void *a, const void *b) +static inline int compare_rule_uuid(const void *a, const void *b) { - long long ret = *(const long long *)a - *(const long long *)b; - - if (0 == ret) { - return 0; - } else if (ret < 0) { - return -1; - } else { - return 1; - } + return uuid_compare(*(uuid_t *)a, *(uuid_t *)b); } /** @@ -687,9 +670,12 @@ build_condition_id_kv_hash(struct rule_runtime *rule_rt, int negate_option) } for (size_t k = 0; k < condition->object_cnt; k++) { - struct condition_query_key key = - {condition->object_ids[k], condition->attribute_id, condition->negate_option}; + struct condition_query_key key; struct condition_id_kv *condition_id_kv = NULL; + + key.attribute_id = condition->attribute_id; + key.negate_option = condition->negate_option; + uuid_copy(key.object_uuid, condition->object_uuids[k]); HASH_FIND(hh, condition_id_kv_hash, &key, sizeof(struct condition_query_key), condition_id_kv); @@ -768,13 +754,16 @@ rule_compile_state_if_new_hit_rule(struct rule_compile_state *rule_compile_state static void rule_compile_state_update_hit_rule_table_id(struct rule_compile_state *rule_compile_state, - long long rule_id, int table_id) + uuid_t rule_uuid, int table_id) { - if (!utarray_find(rule_compile_state->hit_rule_table_ids, &rule_id, - compare_rule_id)) { - struct rule2table_id rule_table_id = {rule_id, table_id}; + if (!utarray_find(rule_compile_state->hit_rule_table_ids, &rule_uuid, + compare_rule_uuid)) { + struct rule2table_id rule_table_id; + rule_table_id.table_id = table_id; + uuid_copy(rule_table_id.rule_uuid, rule_uuid); + utarray_push_back(rule_compile_state->hit_rule_table_ids, &rule_table_id); - utarray_sort(rule_compile_state->hit_rule_table_ids, compare_rule_id); + utarray_sort(rule_compile_state->hit_rule_table_ids, compare_rule_uuid); } } @@ -808,7 +797,8 @@ maat_rule_bool_matcher_match(struct rule_runtime *rule_rt, for (int i = 0; i < bool_match_ret && ud_result_cnt < ud_array_size; i++) { rule = (struct maat_rule *)expr_match[i].user_tag; assert(rule->magic_num == MAAT_RULE_MAGIC); - assert((unsigned long long)rule->rule_id == expr_match[i].expr_id); + assert(uuid_compare(rule->rule_uuid, expr_match[i].expr_uuid) == 0); + if (0 == rule->condition_num) { continue; } @@ -819,7 +809,7 @@ maat_rule_bool_matcher_match(struct rule_runtime *rule_rt, if (rule->user_data != NULL && n_new_hit_rule > 0) { user_data_array[ud_result_cnt] = rule->user_data; ud_result_cnt++; - rule_compile_state_update_hit_rule_table_id(rule_compile_state, rule->rule_id, + rule_compile_state_update_hit_rule_table_id(rule_compile_state, rule->rule_uuid, rule->table_id); } } @@ -856,11 +846,11 @@ rule_compile_state_hit_not_tbl_objects_free(struct rule_compile_state *rule_comp struct table_object *tbl_object = NULL, *tmp_tbl_object = NULL; HASH_ITER(hh, rule_compile_state->hit_not_tbl_objects, tbl_object, tmp_tbl_object) { free_bytes += - (sizeof(tbl_object) + utarray_len(tbl_object->object_ids) * sizeof(long long)); + (sizeof(tbl_object) + utarray_len(tbl_object->object_uuids) * sizeof(uuid_t)); HASH_DEL(rule_compile_state->hit_not_tbl_objects, tbl_object); - if (tbl_object->object_ids != NULL) { - utarray_free(tbl_object->object_ids); - tbl_object->object_ids = NULL; + if (tbl_object->object_uuids != NULL) { + utarray_free(tbl_object->object_uuids); + tbl_object->object_uuids = NULL; } FREE(tbl_object); } @@ -890,7 +880,7 @@ void rule_compile_state_reset(struct rule_compile_state *rule_compile_state) struct table_object *tbl_object = NULL, *tmp_tbl_object = NULL; HASH_ITER(hh, rule_compile_state->hit_not_tbl_objects, tbl_object, tmp_tbl_object) { - utarray_clear(tbl_object->object_ids); + utarray_clear(tbl_object->object_uuids); } } @@ -976,7 +966,7 @@ void rule_compile_state_free(struct rule_compile_state *rule_compile_state, static void rule_compile_state_add_internal_hit_path(struct rule_compile_state *rule_compile_state, - long long item_id, long long object_id, + uuid_t item_uuid, uuid_t object_uuid, int attribute_id, int negate_option, int Nth_scan) { if (NULL == rule_compile_state) { @@ -984,9 +974,9 @@ rule_compile_state_add_internal_hit_path(struct rule_compile_state *rule_compile } struct internal_hit_path new_path; - new_path.item_id = item_id; + uuid_copy(new_path.item_uuid, item_uuid); new_path.Nth_scan = Nth_scan; - new_path.object_id = object_id; + uuid_copy(new_path.object_uuid, object_uuid); new_path.attribute_id = attribute_id; new_path.negate_option = negate_option; @@ -1011,10 +1001,10 @@ static int maat_rule_has_condition_query_key(struct maat_rule *rule, continue; } - long long *tmp_object_id = bsearch(&(key->object_id), condition->object_ids, - condition->object_cnt, sizeof(long long), - compare_object_id); - if (tmp_object_id != NULL) { + uuid_t *tmp_object_uuid = bsearch(&(key->object_uuid), condition->object_uuids, + condition->object_cnt, sizeof(uuid_t), + compare_object_uuid); + if (tmp_object_uuid != NULL) { return 1; } } @@ -1024,7 +1014,7 @@ static int maat_rule_has_condition_query_key(struct maat_rule *rule, static size_t maat_rule_get_hit_condition_index(struct maat_rule *rule, - int attribute_id, long long hit_object_id, + int attribute_id, uuid_t hit_object_uuid, int *condition_idx_array, size_t array_size) { size_t hit_condition_cnt = 0; @@ -1041,10 +1031,10 @@ maat_rule_get_hit_condition_index(struct maat_rule *rule, continue; } - long long *tmp_object_id = bsearch(&hit_object_id, tmp_condition->object_ids, - tmp_condition->object_cnt, sizeof(long long), - compare_object_id); - if (tmp_object_id != NULL) { + uuid_t *tmp_object_uuid = bsearch(&hit_object_uuid, tmp_condition->object_uuids, + tmp_condition->object_cnt, sizeof(uuid_t), + compare_object_uuid); + if (tmp_object_uuid != NULL) { condition_idx_array[hit_condition_cnt++] = i; break; } @@ -1077,17 +1067,17 @@ void populate_hit_path_with_rule(struct maat_hit_path *hit_path_array, size_t new_hit_path_cnt = *n_new_hit_path; int condition_index_array[MAX_ITEMS_PER_BOOL_EXPR] = {0}; - if (hit_path_array[idx].top_object_id < 0) { - hit_path_array[idx].top_object_id = hit_path_array[idx].sub_object_id; + if (uuid_is_null(hit_path_array[idx].top_object_uuid)) { + uuid_copy(hit_path_array[idx].top_object_uuid, hit_path_array[idx].sub_object_uuid); } struct maat_hit_path tmp_path; - if (hit_path_array[idx].rule_id < 0) { - hit_path_array[idx].rule_id = rule->rule_id; + if (uuid_is_null(hit_path_array[idx].rule_uuid)) { + uuid_copy(hit_path_array[idx].rule_uuid, rule->rule_uuid); // find out which condition in rule hit n_condition_index = maat_rule_get_hit_condition_index(rule, hit_path_array[idx].attribute_id, - hit_path_array[idx].top_object_id, + hit_path_array[idx].top_object_uuid, condition_index_array, MAX_ITEMS_PER_BOOL_EXPR); hit_path_array[idx].condition_index = condition_index_array[0]; @@ -1102,12 +1092,12 @@ void populate_hit_path_with_rule(struct maat_hit_path *hit_path_array, } else { // means same condition_query_id hit more than one rule_id tmp_path = hit_path_array[idx]; - tmp_path.rule_id = rule->rule_id; + uuid_copy(tmp_path.rule_uuid, rule->rule_uuid); if (!maat_rule_is_hit_path_existed(hit_path_array, n_hit_path + new_hit_path_cnt, &tmp_path)) { hit_path_array[n_hit_path + new_hit_path_cnt] = tmp_path; new_hit_path_cnt++; n_condition_index = - maat_rule_get_hit_condition_index(rule, tmp_path.attribute_id, tmp_path.top_object_id, + maat_rule_get_hit_condition_index(rule, tmp_path.attribute_id, tmp_path.top_object_uuid, condition_index_array, MAX_ITEMS_PER_BOOL_EXPR); hit_path_array[n_hit_path + new_hit_path_cnt - 1].condition_index = condition_index_array[0]; if (n_condition_index > 1) { @@ -1132,7 +1122,7 @@ size_t rule_runtime_get_hit_paths(struct rule_runtime *rule_rt, int thread_id, /* assign hit_path_array[].rule_id */ size_t n_new_hit_path = 0; struct maat_rule *rule = NULL; - struct condition_query_key key = {0, 0, 0}; + struct condition_query_key key; struct bool_expr_match *expr_match = rule_rt->expr_match_buff + (thread_id * MAX_HIT_RULE_NUM); assert(thread_id >= 0); @@ -1149,16 +1139,16 @@ size_t rule_runtime_get_hit_paths(struct rule_runtime *rule_rt, int thread_id, for (int idx = 0; idx < bool_match_ret; idx++) { rule = (struct maat_rule *)expr_match[idx].user_tag; assert(rule->magic_num == MAAT_RULE_MAGIC); - assert((unsigned long long)rule->rule_id == expr_match[idx].expr_id); + assert(uuid_compare(rule->rule_uuid, expr_match[idx].expr_uuid) == 0); if (0 == rule->condition_num || NULL == rule->user_data) { continue; } for (size_t j = 0; j < n_hit_path && (n_hit_path + n_new_hit_path) < array_size; j++) { - if (hit_path_array[j].top_object_id < 0) { - key.object_id = hit_path_array[j].sub_object_id; + if (uuid_is_null(hit_path_array[j].top_object_uuid)) { + uuid_copy(key.object_uuid, hit_path_array[j].sub_object_uuid); } else { - key.object_id = hit_path_array[j].top_object_id; + uuid_copy(key.object_uuid, hit_path_array[j].top_object_uuid); } key.attribute_id = hit_path_array[j].attribute_id; @@ -1184,8 +1174,8 @@ rule_compile_state_add_direct_hit_objects(struct rule_compile_state *rule_compil struct maat_hit_object hit_object; for (size_t i = 0; i < n_hit_items; i++) { - hit_object.item_id = hit_items[i].item_id; - hit_object.object_id = hit_items[i].object_id; + uuid_copy(hit_object.item_uuid, hit_items[i].item_uuid); + uuid_copy(hit_object.object_uuid, hit_items[i].object_uuid); hit_object.attribute_id = attribute_id; utarray_push_back(rule_compile_state->direct_hit_objects, &hit_object); } @@ -1193,17 +1183,17 @@ rule_compile_state_add_direct_hit_objects(struct rule_compile_state *rule_compil static void rule_compile_state_add_indirect_hit_objects(struct rule_compile_state *rule_compile_state, - long long *object_ids, - size_t n_object_ids, int attribute_id) + uuid_t *object_uuids, + size_t n_object_uuids, int attribute_id) { - if (NULL == rule_compile_state || NULL == object_ids) { + if (NULL == rule_compile_state || NULL == object_uuids) { return; } struct maat_hit_object hit_object; - for (size_t i = 0; i < n_object_ids; i++) { - hit_object.item_id = 0; - hit_object.object_id = object_ids[i]; + for (size_t i = 0; i < n_object_uuids; i++) { + uuid_clear(hit_object.item_uuid); + uuid_copy(hit_object.object_uuid, object_uuids[i]); hit_object.attribute_id = attribute_id; utarray_push_back(rule_compile_state->indirect_hit_objects, &hit_object); } @@ -1288,15 +1278,19 @@ rule_compile_state_add_hit_not_conditions(struct rule_compile_state *rule_compil static void rule_compile_state_update_hit_conditions(struct rule_compile_state *rule_compile_state, struct rule_runtime *rule_rt, - long long object_id, int attribute_id) + uuid_t object_uuid, int attribute_id) { if (NULL == rule_compile_state || NULL == rule_rt) { return; } - struct condition_query_key key = {object_id, attribute_id, 0}; + struct condition_query_key key; struct condition_id_kv *condition_id_kv = NULL; + key.negate_option = 0; + key.attribute_id = attribute_id; + uuid_copy(key.object_uuid, object_uuid); + HASH_FIND(hh, rule_rt->condition_id_kv_hash, &key, sizeof(key), condition_id_kv); if (condition_id_kv != NULL) { rule_compile_state_add_hit_conditions(rule_compile_state, condition_id_kv->condition_ids); @@ -1312,29 +1306,29 @@ rule_compile_state_update_hit_conditions(struct rule_compile_state *rule_compile static void rule_compile_state_cache_hit_not_objects(struct rule_compile_state *rule_compile_state, struct rule_runtime *rule_rt, - long long *hit_object_ids, - size_t n_hit_object_id, int attribute_id) + uuid_t *hit_object_uuids, + size_t n_hit_object_uuid, int attribute_id) { if (NULL == rule_compile_state || NULL == rule_rt) { return; } - if (n_hit_object_id != 0) { - qsort(hit_object_ids, n_hit_object_id, sizeof(long long), compare_object_id); + if (n_hit_object_uuid != 0) { + qsort(hit_object_uuids, n_hit_object_uuid, sizeof(uuid_t), compare_object_uuid); } struct table_object *tbl_object = NULL; HASH_FIND(hh, rule_compile_state->hit_not_tbl_objects, &attribute_id, sizeof(int), tbl_object); if (tbl_object != NULL) { - for (size_t i = 0; i < n_hit_object_id; i++) { - long long *object_id = (long long *)utarray_find(tbl_object->object_ids, - &hit_object_ids[i], - compare_object_id); - if (NULL == object_id) { + for (size_t i = 0; i < n_hit_object_uuid; i++) { + uuid_t *object_uuid = (uuid_t *)utarray_find(tbl_object->object_uuids, + &hit_object_uuids[i], + compare_object_uuid); + if (NULL == object_uuid) { continue; } - size_t remove_idx = utarray_eltidx(tbl_object->object_ids, object_id); - utarray_erase(tbl_object->object_ids, remove_idx, 1); + size_t remove_idx = utarray_eltidx(tbl_object->object_uuids, object_uuid); + utarray_erase(tbl_object->object_uuids, remove_idx, 1); } } @@ -1344,28 +1338,28 @@ rule_compile_state_cache_hit_not_objects(struct rule_compile_state *rule_compile continue; } - long long *tmp_object_id = - bsearch(&(condition_id_kv->key.object_id), hit_object_ids, - n_hit_object_id, sizeof(long long), compare_object_id); - if (tmp_object_id != NULL) { + uuid_t *tmp_object_uuid = + bsearch(&(condition_id_kv->key.object_uuid), hit_object_uuids, + n_hit_object_uuid, sizeof(uuid_t), compare_object_uuid); + if (tmp_object_uuid != NULL) { continue; } if (NULL == tbl_object) { tbl_object = ALLOC(struct table_object, 1); tbl_object->attribute_id = attribute_id; - utarray_new(tbl_object->object_ids, &ut_rule_object_id_icd); + utarray_new(tbl_object->object_uuids, &ut_rule_object_uuid_icd); HASH_ADD_INT(rule_compile_state->hit_not_tbl_objects, attribute_id, tbl_object); } - if (!utarray_find(tbl_object->object_ids, &(condition_id_kv->key.object_id), - compare_object_id)) { - utarray_push_back(tbl_object->object_ids, &(condition_id_kv->key.object_id)); + if (!utarray_find(tbl_object->object_uuids, &(condition_id_kv->key.object_uuid), + compare_object_uuid)) { + utarray_push_back(tbl_object->object_uuids, &(condition_id_kv->key.object_uuid)); } } if (tbl_object != NULL) { - utarray_sort(tbl_object->object_ids, compare_object_id); + utarray_sort(tbl_object->object_uuids, compare_object_uuid); } } @@ -1375,7 +1369,7 @@ int rule_compile_state_get_rule_table_id(struct rule_compile_state *rule_compile struct rule2table_id *tmp = NULL; tmp = utarray_find(rule_compile_state->hit_rule_table_ids, &rule_id, - compare_rule_id); + compare_rule_uuid); if (NULL == tmp) { return -1; } @@ -1386,7 +1380,7 @@ int rule_compile_state_get_rule_table_id(struct rule_compile_state *rule_compile static int rule_runtime_add_rule(struct rule_runtime *rule_rt, struct rule_schema *schema, - long long rule_id, const char *table_name, + uuid_t rule_uuid, const char *table_name, const char *line, struct log_handle *logger) { struct maat_rule *rule = NULL; @@ -1407,18 +1401,20 @@ rule_runtime_add_rule(struct rule_runtime *rule_rt, int updating_flag = rcu_hash_is_updating(rule_rt->cfg_hash); if (1 == updating_flag) { - rule = rcu_updating_hash_find(rule_rt->cfg_hash, (char *)&rule_id, - sizeof(long long)); + rule = rcu_updating_hash_find(rule_rt->cfg_hash, (char *)&rule_uuid, + sizeof(uuid_t)); } else { - rule = rcu_hash_find(rule_rt->cfg_hash, (char *)&rule_id, sizeof(long long)); + rule = rcu_hash_find(rule_rt->cfg_hash, (char *)&rule_uuid, sizeof(uuid_t)); } if (rule != NULL) { + char rule_uuid_str[UUID_STR_LEN] = {0}; + uuid_unparse(rule_uuid, rule_uuid_str); log_fatal(logger, MODULE_RULE, - "[%s:%d]rule_id:%lld already existed in rule table, drop line:%s", - __FUNCTION__, __LINE__, rule_id, line); + "[%s:%d]rule_id:%s already existed in rule table, drop line:%s", + __FUNCTION__, __LINE__, rule_uuid_str, line); } - rule = maat_rule_new(rule_rt, schema, table_name, rule_id, line, rule_item); + rule = maat_rule_new(rule_rt, schema, table_name, rule_uuid, line, rule_item); if (NULL == rule) { log_fatal(logger, MODULE_RULE, "[%s:%d]maat_rule_new failed, drop line:%s", @@ -1426,14 +1422,14 @@ rule_runtime_add_rule(struct rule_runtime *rule_rt, return -1; } - rcu_hash_add(rule_rt->cfg_hash, (char *)&rule_id, sizeof(long long), rule); + rcu_hash_add(rule_rt->cfg_hash, (char *)&rule_uuid, sizeof(uuid_t), rule); return 0; } static void rule_runtime_del_rule(struct rule_runtime *rule_rt, struct rule_schema *schema, - long long rule_id, + uuid_t rule_uuid, struct log_handle *logger) { struct maat_rule *rule = NULL; @@ -1441,11 +1437,11 @@ static void rule_runtime_del_rule(struct rule_runtime *rule_rt, int updating_flag = rcu_hash_is_updating(rule_rt->cfg_hash); if (1 == updating_flag) { // find in updating hash - rule = rcu_updating_hash_find(rule_rt->cfg_hash, (char *)&rule_id, - sizeof(long long)); + rule = rcu_updating_hash_find(rule_rt->cfg_hash, (char *)&rule_uuid, + sizeof(uuid_t)); } else { // find in effective hash - rule = rcu_hash_find(rule_rt->cfg_hash, (char *)&rule_id, sizeof(long long)); + rule = rcu_hash_find(rule_rt->cfg_hash, (char *)&rule_uuid, sizeof(uuid_t)); } if (rule != NULL) { @@ -1456,7 +1452,7 @@ static void rule_runtime_del_rule(struct rule_runtime *rule_rt, } } - rcu_hash_del(rule_rt->cfg_hash, (char *)&rule_id, sizeof(long long)); + rcu_hash_del(rule_rt->cfg_hash, (char *)&rule_uuid, sizeof(uuid_t)); } } @@ -1480,7 +1476,7 @@ int rule_runtime_update(void *rule_runtime, void *rule_schema, return -1; } - tmp_obj = cJSON_GetObjectItem(json, "rule_id"); + tmp_obj = cJSON_GetObjectItem(json, "uuid"); if (NULL == tmp_obj || tmp_obj->type != cJSON_String) { log_fatal(rule_rt->logger, MODULE_RULE, "[%s:%d] rule table:<%s> has no rule_id or not string format in table_line:%s", @@ -1489,14 +1485,15 @@ int rule_runtime_update(void *rule_runtime, void *rule_schema, cJSON_Delete(json); return -1; } - long long rule_id = atoll(tmp_obj->valuestring); + uuid_t rule_uuid; + uuid_parse(tmp_obj->valuestring, rule_uuid); if (MAAT_OP_DEL == op) { // delete - rule_runtime_del_rule(rule_rt, schema, rule_id, rule_rt->logger); + rule_runtime_del_rule(rule_rt, schema, rule_uuid, rule_rt->logger); } else { // add - int ret = rule_runtime_add_rule(rule_rt, schema, rule_id, + int ret = rule_runtime_add_rule(rule_rt, schema, rule_uuid, table_name, line, rule_rt->logger); if (ret < 0) { rule_rt->update_err_cnt++; @@ -1621,14 +1618,14 @@ static int rule_sort_para_compare(const struct rule_sort_para *a, if (a->condition_num != b->condition_num) { return (a->condition_num - b->condition_num); } else { - return (b->rule_id - a->rule_id); + return uuid_compare(a->rule_uuid, b->rule_uuid); } } static void rule_sort_para_set(struct rule_sort_para *para, const struct rule_item *item) { - para->rule_id = item->rule_id; + uuid_copy(para->rule_uuid, item->rule_uuid); para->condition_num = item->condition_num; } @@ -1644,7 +1641,7 @@ static int compare_rule_item(const void *a, const void *b) return rule_sort_para_compare(&sa, &sb); } -int rule_runtime_match(struct rule_runtime *rule_rt, long long *rule_ids, +int rule_runtime_match(struct rule_runtime *rule_rt, uuid_t *rule_uuids, size_t rule_ids_size, struct maat_state *state) { struct rule_compile_state *rule_compile_state = state->rule_compile_state; @@ -1662,7 +1659,7 @@ int rule_runtime_match(struct rule_runtime *rule_rt, long long *rule_ids, } for (size_t i = 0; i < bool_match_ret; i++) { - rule_ids[i] = rule_items[i]->rule_id; + uuid_copy(rule_uuids[i], rule_items[i]->rule_uuid); } return MIN(bool_match_ret, rule_ids_size); @@ -1674,7 +1671,7 @@ int rule_compile_state_update(struct rule_compile_state *rule_compile_state, str { size_t i = 0, j = 0; size_t hit_cnt = n_hit_item; - long long hit_object_ids[MAX_HIT_OBJECT_NUM]; + uuid_t hit_object_uuids[MAX_HIT_OBJECT_NUM]; struct maat_hit_object hit_object; utarray_clear(rule_compile_state->this_scan_hit_conditions); @@ -1682,38 +1679,38 @@ int rule_compile_state_update(struct rule_compile_state *rule_compile_state, str rule_compile_state->Nth_scan = Nth_scan; for (i = 0; i < hit_cnt; i++) { - hit_object_ids[i] = hit_items[i].object_id; + uuid_copy(hit_object_uuids[i], hit_items[i].object_uuid); - hit_object.item_id = hit_items[i].item_id; - hit_object.object_id = hit_items[i].object_id; + uuid_copy(hit_object.item_uuid, hit_items[i].item_uuid); + uuid_copy(hit_object.object_uuid, hit_items[i].object_uuid); hit_object.attribute_id = attribute_id; utarray_push_back(rule_compile_state->last_hit_objects, &hit_object); } - int g2g_table_id = table_manager_get_object2object_table_id(maat_inst->tbl_mgr); - void *g2g_rt = table_manager_get_runtime(maat_inst->tbl_mgr, g2g_table_id); + int o2o_table_id = table_manager_get_object2object_table_id(maat_inst->tbl_mgr); + void *o2o_rt = table_manager_get_runtime(maat_inst->tbl_mgr, o2o_table_id); - long long super_object_ids[MAX_HIT_OBJECT_NUM]; - size_t super_object_cnt = object2object_runtime_get_super_objects(g2g_rt, hit_object_ids, - hit_cnt, super_object_ids, + uuid_t super_object_uuids[MAX_HIT_OBJECT_NUM]; + size_t super_object_cnt = object2object_runtime_get_super_objects(o2o_rt, hit_object_uuids, + hit_cnt, super_object_uuids, MAX_HIT_OBJECT_NUM); for (i = 0; i < super_object_cnt; i++) { - hit_object.item_id = 0; - hit_object.object_id = super_object_ids[i]; + uuid_clear(hit_object.item_uuid); + uuid_copy(hit_object.object_uuid, super_object_uuids[i]); hit_object.attribute_id = attribute_id; utarray_push_back(rule_compile_state->last_hit_objects, &hit_object); } if (1 == maat_inst->opts.hit_path_on && hit_cnt > 0) { for (i = 0; i < hit_cnt; i++) { - rule_compile_state_add_internal_hit_path(rule_compile_state, hit_items[i].item_id, - hit_items[i].object_id, attribute_id, 0, Nth_scan); + rule_compile_state_add_internal_hit_path(rule_compile_state, hit_items[i].item_uuid, + hit_items[i].object_uuid, attribute_id, 0, Nth_scan); } } if (1 == maat_inst->opts.hit_object_on) { rule_compile_state_add_direct_hit_objects(rule_compile_state, hit_items, hit_cnt, attribute_id); - rule_compile_state_add_indirect_hit_objects(rule_compile_state, super_object_ids, + rule_compile_state_add_indirect_hit_objects(rule_compile_state, super_object_uuids, super_object_cnt, attribute_id); } @@ -1730,15 +1727,15 @@ int rule_compile_state_update(struct rule_compile_state *rule_compile_state, str } for (j = 0; j < super_object_cnt && hit_cnt < MAX_HIT_OBJECT_NUM; j++) { - hit_object_ids[hit_cnt++] = super_object_ids[j]; + uuid_copy(hit_object_uuids[hit_cnt++], super_object_uuids[j]); } for (i = 0; i < hit_cnt; i++) { rule_compile_state_update_hit_conditions(rule_compile_state, rule_rt, - hit_object_ids[i], attribute_id); + hit_object_uuids[i], attribute_id); } - rule_compile_state_cache_hit_not_objects(rule_compile_state, rule_rt, hit_object_ids, + rule_compile_state_cache_hit_not_objects(rule_compile_state, rule_rt, hit_object_uuids, hit_cnt, attribute_id); return hit_cnt; } @@ -1772,9 +1769,12 @@ void rule_compile_state_not_logic_update(struct rule_compile_state *rule_compile } struct condition_id_kv *condition_id_kv = NULL; - for (size_t i = 0; i < utarray_len(tbl_object->object_ids); i++) { - long long *object_id = utarray_eltptr(tbl_object->object_ids, i); - struct condition_query_key key = {*object_id, attribute_id, 1}; + for (size_t i = 0; i < utarray_len(tbl_object->object_uuids); i++) { + uuid_t *object_uuid = utarray_eltptr(tbl_object->object_uuids, i); + struct condition_query_key key; + key.attribute_id = attribute_id; + key.negate_option = 1; + uuid_copy(key.object_uuid, *object_uuid); HASH_FIND(hh, rule_rt->not_condition_id_kv_hash, &key, sizeof(key), condition_id_kv); if (NULL == condition_id_kv) { @@ -1783,7 +1783,9 @@ void rule_compile_state_not_logic_update(struct rule_compile_state *rule_compile rule_compile_state_add_hit_not_conditions(rule_compile_state, condition_id_kv->condition_ids); if (1 == maat_inst->opts.hit_path_on) { - rule_compile_state_add_internal_hit_path(rule_compile_state, -1, *object_id, + uuid_t null_uuid; + uuid_clear(null_uuid); + rule_compile_state_add_internal_hit_path(rule_compile_state, null_uuid, *object_uuid, attribute_id, 1, Nth_scan); } } @@ -1798,8 +1800,8 @@ size_t rule_compile_state_get_indirect_hit_objects(struct rule_compile_state *ru for (i = 0; i < utarray_len(rule_compile_state->indirect_hit_objects) && i < array_size; i++) { hit_object = (struct maat_hit_object *)utarray_eltptr(rule_compile_state->indirect_hit_objects, i); - object_array[i].item_id = hit_object->item_id; - object_array[i].object_id = hit_object->object_id; + uuid_copy(object_array[i].item_uuid, hit_object->item_uuid); + uuid_copy(object_array[i].object_uuid, hit_object->object_uuid); object_array[i].attribute_id = hit_object->attribute_id; } @@ -1842,8 +1844,8 @@ size_t rule_compile_state_get_direct_hit_objects(struct rule_compile_state *rule struct maat_hit_object *object = NULL; for (i = 0; i < utarray_len(direct_hit_object) && i < array_size; i++) { object = (struct maat_hit_object *)utarray_eltptr(direct_hit_object, i); - object_array[i].item_id = object->item_id; - object_array[i].object_id = object->object_id; + uuid_copy(object_array[i].item_uuid, object->item_uuid); + uuid_copy(object_array[i].object_uuid, object->object_uuid); object_array[i].attribute_id = object->attribute_id; } @@ -1859,7 +1861,7 @@ size_t rule_compile_state_get_direct_hit_object_cnt(struct rule_compile_state *r size_t rule_compile_state_get_internal_hit_paths(struct rule_compile_state *rule_compile_state, struct rule_runtime *rule_rt, - struct object2object_runtime *g2g_rt, + struct object2object_runtime *o2o_rt, struct maat_hit_path *hit_path_array, size_t array_size) { @@ -1872,15 +1874,15 @@ size_t rule_compile_state_get_internal_hit_paths(struct rule_compile_state *rule /* NOTE: maybe one item has been deleted, but it's item_id still exist in internal_hit_paths */ - long long super_object_ids[MAX_HIT_OBJECT_NUM]; - UT_array *valid_super_object_ids; - utarray_new(valid_super_object_ids, &ut_rule_object_id_icd); + uuid_t super_object_uuids[MAX_HIT_OBJECT_NUM]; + UT_array *valid_super_object_uuids; + utarray_new(valid_super_object_uuids, &ut_rule_object_uuid_icd); size_t super_object_cnt = - object2object_runtime_get_super_objects(g2g_rt, &(internal_path->object_id), 1, - super_object_ids, MAX_HIT_OBJECT_NUM); + object2object_runtime_get_super_objects(o2o_rt, &(internal_path->object_uuid), 1, + super_object_uuids, MAX_HIT_OBJECT_NUM); for (size_t idx = 0; idx < super_object_cnt; idx++) { - utarray_push_back(valid_super_object_ids, &super_object_ids[idx]); + utarray_push_back(valid_super_object_uuids, &super_object_uuids[idx]); } /* @@ -1889,24 +1891,25 @@ size_t rule_compile_state_get_internal_hit_paths(struct rule_compile_state *rule ------------------------------------------------------------------------------ NOTE: Add the hit path as long as the item is hit */ - long long super_object_id = -1; - utarray_push_back(valid_super_object_ids, &super_object_id); + uuid_t super_object_uuid; + uuid_clear(super_object_uuid); + utarray_push_back(valid_super_object_uuids, &super_object_uuid); - long long *p = NULL; + uuid_t *p = NULL; struct maat_hit_path tmp_path; - for (p = utarray_front(valid_super_object_ids); + for (p = utarray_front(valid_super_object_uuids); p != NULL && hit_path_cnt < array_size; - p = utarray_next(valid_super_object_ids, p)) { + p = utarray_next(valid_super_object_uuids, p)) { memset(&tmp_path, 0, sizeof(tmp_path)); tmp_path.Nth_scan = internal_path->Nth_scan; - tmp_path.item_id = internal_path->item_id; - tmp_path.sub_object_id = internal_path->object_id; - tmp_path.top_object_id = *p; + uuid_copy(tmp_path.item_uuid, internal_path->item_uuid); + uuid_copy(tmp_path.sub_object_uuid, internal_path->object_uuid); + uuid_copy(tmp_path.top_object_uuid, *p); tmp_path.attribute_id = internal_path->attribute_id; tmp_path.negate_option = internal_path->negate_option; tmp_path.condition_index = -1; - tmp_path.rule_id = -1; + uuid_clear(tmp_path.rule_uuid); /* check if internal_path is duplicated from hit_path_array[] * element */ @@ -1920,7 +1923,7 @@ size_t rule_compile_state_get_internal_hit_paths(struct rule_compile_state *rule hit_path_array[hit_path_cnt] = tmp_path; hit_path_cnt++; } - utarray_free(valid_super_object_ids); + utarray_free(valid_super_object_uuids); } return hit_path_cnt; diff --git a/src/maat_stat.c b/src/maat_stat.c index 3b5c578..7132d31 100644 --- a/src/maat_stat.c +++ b/src/maat_stat.c @@ -244,7 +244,7 @@ static void fs_table_row_refresh(struct maat_stat *stat, int perf_on) long long total_rule_num = 0, total_scan_bytes = 0, total_update_err = 0; long long total_scan_times = 0, total_hit_times = 0, total_scan_cpu_time = 0; long long total_regv6_num = 0, total_hit_item_num = 0, total_hit_pattern_num = 0; - long long g2c_not_condition_num = 0, g2g_excl_rule_num = 0; + long long o2r_not_condition_num = 0, o2o_excl_rule_num = 0; struct field cell_tag = { .key = "TBL", .type = FIELD_VALUE_CSTRING @@ -273,7 +273,7 @@ static void fs_table_row_refresh(struct maat_stat *stat, int perf_on) plugin_rule_num += plugin_runtime_rule_count(runtime); break; case TABLE_TYPE_OBJECT2OBJECT: - g2g_excl_rule_num += object2object_runtime_exclude_rule_count(runtime); + o2o_excl_rule_num += object2object_runtime_exclude_rule_count(runtime); break; case TABLE_TYPE_EXPR: case TABLE_TYPE_EXPR_PLUS: @@ -412,11 +412,11 @@ static void fs_table_row_refresh(struct maat_stat *stat, int perf_on) fieldstat_easy_counter_set(stat->fs_handle, 0, stat->g_metric_id[STATUS_CONDITION_REF_NOT_NUM], - NULL, 0, g2c_not_condition_num); + NULL, 0, o2r_not_condition_num); fieldstat_easy_counter_set(stat->fs_handle, 0, stat->g_metric_id[STATUS_OBJECT_REF_EXCL_NUM], - NULL, 0, g2g_excl_rule_num); + NULL, 0, o2o_excl_rule_num); } diff --git a/src/maat_table.c b/src/maat_table.c index 2ecc143..f264319 100644 --- a/src/maat_table.c +++ b/src/maat_table.c @@ -59,7 +59,7 @@ struct table_manager { enum expr_engine_type engine_type; int default_rule_table_id; - int g2g_table_id; + int o2o_table_id; struct maat_kv_store *tbl_name2id_map; struct maat_kv_store *conj_tbl_name2id_map; struct maat_kv_store *attr_name2id_map; @@ -929,7 +929,7 @@ table_manager_create(const char *table_info_path, const char *accept_tags, } int default_rule_table_id = -1; - int g2g_table_id = -1; + int o2o_table_id = -1; struct maat_kv_store *reserved_word_map = maat_kv_store_new(); register_reserved_word(reserved_word_map); @@ -967,7 +967,7 @@ table_manager_create(const char *table_info_path, const char *accept_tags, } if (maat_tbl->table_type == TABLE_TYPE_OBJECT2OBJECT) { - g2g_table_id = maat_tbl->table_id; + o2o_table_id = maat_tbl->table_id; } if (maat_tbl->table_type >= TABLE_TYPE_FLAG && maat_tbl->table_type <= TABLE_TYPE_INTERVAL_PLUS) { @@ -984,10 +984,10 @@ table_manager_create(const char *table_info_path, const char *accept_tags, } tbl_mgr->default_rule_table_id = default_rule_table_id; - tbl_mgr->g2g_table_id = g2g_table_id; + tbl_mgr->o2o_table_id = o2o_table_id; log_info(logger, MODULE_TABLE, "default rule table id: %d", default_rule_table_id); - log_info(logger, MODULE_TABLE, "object2object table id: %d", g2g_table_id); + log_info(logger, MODULE_TABLE, "object2object table id: %d", o2o_table_id); next: FREE(json_buff); maat_kv_store_free(reserved_word_map); @@ -1241,7 +1241,7 @@ int table_manager_get_object2object_table_id(struct table_manager *tbl_mgr) return -1; } - return tbl_mgr->g2g_table_id; + return tbl_mgr->o2o_table_id; } void *table_manager_get_schema(struct table_manager *tbl_mgr, int table_id) diff --git a/test/json_update/corrupted.json b/test/json_update/corrupted.json index 623e6b3..e742979 100644 --- a/test/json_update/corrupted.json +++ b/test/json_update/corrupted.json @@ -3,7 +3,7 @@ "object_table": "OBJECT", "rules": [ { - "rule_id": 1, + "rule_id": "1", "service": 1, "action": 1, "do_blacklist": 1, @@ -13,6 +13,7 @@ "conditions": [ { "object_name": "Untitled", + "attribute_name": "HTTP_URL", "objects": [ { "items": [ diff --git a/test/json_update/new.json b/test/json_update/new.json index 650bb33..c0d20a5 100644 --- a/test/json_update/new.json +++ b/test/json_update/new.json @@ -3,7 +3,7 @@ "object2object_table": "OBJECT2OBJECT", "rules": [ { - "rule_id": 2, + "rule_id": "2", "service": 1, "action": 1, "do_blacklist": 1, @@ -12,7 +12,7 @@ "is_valid": "yes", "conditions": [ { - "attribute": "HTTP_URL", + "attribute_name": "HTTP_URL", "objects": [ { "items": [ diff --git a/test/maat_framework_gtest.cpp b/test/maat_framework_gtest.cpp index 0d6ff23..b427a24 100644 --- a/test/maat_framework_gtest.cpp +++ b/test/maat_framework_gtest.cpp @@ -671,7 +671,7 @@ TEST_F(HsStringScan, BackslashR_N_Escape_IncUpdate) { maat_state_reset(state); const char *rule_table_name = "RULE_DEFAULT"; - const char *g2c_table_name = "OBJECT2RULE_DEFAULT"; + const char *o2r_table_name = "OBJECT2RULE_DEFAULT"; /* rule table add line */ long long rule_id = maat_cmd_incrby(maat_inst, "TEST_SEQ", 1); @@ -681,7 +681,7 @@ TEST_F(HsStringScan, BackslashR_N_Escape_IncUpdate) { /* object2rule table add line */ long long object_id = maat_cmd_incrby(maat_inst, "SEQUENCE_OBJECT", 1); - ret = object2rule_table_set_line(maat_inst, g2c_table_name, MAAT_OP_ADD, + ret = object2rule_table_set_line(maat_inst, o2r_table_name, MAAT_OP_ADD, object_id, rule_id, 0, table_name, 1, 0); EXPECT_EQ(ret, 1); @@ -1444,7 +1444,7 @@ TEST_F(HsStringScan, dynamic_config) { maat_state_reset(state); const char *rule_table_name = "RULE_DEFAULT"; - const char *g2c_table_name = "OBJECT2RULE_DEFAULT"; + const char *o2r_table_name = "OBJECT2RULE_DEFAULT"; /* rule table add line */ long long rule_id = maat_cmd_incrby(maat_inst, "TEST_SEQ", 1); @@ -1454,7 +1454,7 @@ TEST_F(HsStringScan, dynamic_config) { /* object2rule table add line */ long long object_id = maat_cmd_incrby(maat_inst, "SEQUENCE_OBJECT", 1); - ret = object2rule_table_set_line(maat_inst, g2c_table_name, MAAT_OP_ADD, + ret = object2rule_table_set_line(maat_inst, o2r_table_name, MAAT_OP_ADD, object_id, rule_id, 0, table_name, 1, 0); EXPECT_EQ(ret, 1); @@ -1487,7 +1487,7 @@ TEST_F(HsStringScan, dynamic_config) { EXPECT_EQ(ret, 1); /* object2rule table del line */ - ret = object2rule_table_set_line(maat_inst, g2c_table_name, MAAT_OP_DEL, + ret = object2rule_table_set_line(maat_inst, o2r_table_name, MAAT_OP_DEL, object_id, rule_id, 0, table_name, 1, 0); EXPECT_EQ(ret, 1); @@ -1709,7 +1709,7 @@ TEST_F(RsStringScan, BackslashR_N_Escape_IncUpdate) { maat_state_reset(state); const char *rule_table_name = "RULE_DEFAULT"; - const char *g2c_table_name = "OBJECT2RULE_DEFAULT"; + const char *o2r_table_name = "OBJECT2RULE_DEFAULT"; /* rule table add line */ long long rule_id = maat_cmd_incrby(maat_inst, "TEST_SEQ", 1); @@ -1719,7 +1719,7 @@ TEST_F(RsStringScan, BackslashR_N_Escape_IncUpdate) { /* object2rule table add line */ long long object_id = maat_cmd_incrby(maat_inst, "SEQUENCE_OBJECT", 1); - ret = object2rule_table_set_line(maat_inst, g2c_table_name, MAAT_OP_ADD, + ret = object2rule_table_set_line(maat_inst, o2r_table_name, MAAT_OP_ADD, object_id, rule_id, 0, table_name, 1, 0); EXPECT_EQ(ret, 1); @@ -2489,7 +2489,7 @@ TEST_F(RsStringScan, dynamic_config) { EXPECT_EQ(ret, MAAT_SCAN_OK); const char *rule_table_name = "RULE_DEFAULT"; - const char *g2c_table_name = "OBJECT2RULE_DEFAULT"; + const char *o2r_table_name = "OBJECT2RULE_DEFAULT"; /* rule table add line */ long long rule_id = maat_cmd_incrby(maat_inst, "TEST_SEQ", 1); @@ -2499,7 +2499,7 @@ TEST_F(RsStringScan, dynamic_config) { /* object2rule table add line */ long long object_id = maat_cmd_incrby(maat_inst, "SEQUENCE_OBJECT", 1); - ret = object2rule_table_set_line(maat_inst, g2c_table_name, MAAT_OP_ADD, + ret = object2rule_table_set_line(maat_inst, o2r_table_name, MAAT_OP_ADD, object_id, rule_id, 0, table_name, 1, 0); EXPECT_EQ(ret, 1); @@ -2532,7 +2532,7 @@ TEST_F(RsStringScan, dynamic_config) { EXPECT_EQ(ret, 1); /* object2rule table del line */ - ret = object2rule_table_set_line(maat_inst, g2c_table_name, MAAT_OP_DEL, + ret = object2rule_table_set_line(maat_inst, o2r_table_name, MAAT_OP_DEL, object_id, rule_id, 0, table_name, 1, 0); EXPECT_EQ(ret, 1); @@ -3183,7 +3183,7 @@ TEST_F(IPScan, RuleUpdates) { maat_state_reset(state); const char *rule_table_name = "RULE_DEFAULT"; - const char *g2c_table_name = "OBJECT2RULE_DEFAULT"; + const char *o2r_table_name = "OBJECT2RULE_DEFAULT"; /* rule table add line */ long long rule_id = maat_cmd_incrby(maat_inst, "TEST_SEQ", 1); @@ -3193,7 +3193,7 @@ TEST_F(IPScan, RuleUpdates) { /* object2rule table add line */ long long object_id = maat_cmd_incrby(maat_inst, "SEQUENCE_OBJECT", 1); - ret = object2rule_table_set_line(maat_inst, g2c_table_name, MAAT_OP_ADD, + ret = object2rule_table_set_line(maat_inst, o2r_table_name, MAAT_OP_ADD, object_id, rule_id, 0, table_name, 1, 0); EXPECT_EQ(ret, 1); @@ -3223,7 +3223,7 @@ TEST_F(IPScan, RuleUpdates) { EXPECT_EQ(ret, 1); /* object2rule table del line */ - ret = object2rule_table_set_line(maat_inst, g2c_table_name, MAAT_OP_DEL, + ret = object2rule_table_set_line(maat_inst, o2r_table_name, MAAT_OP_DEL, object_id, rule_id, 0, table_name, 1, 0); EXPECT_EQ(ret, 1); @@ -3256,7 +3256,7 @@ TEST_F(IPScan, RuleChangeConditionId) { int ret; const char *rule_table_name = "RULE_DEFAULT"; - const char *g2c_table_name = "OBJECT2RULE_DEFAULT"; + const char *o2r_table_name = "OBJECT2RULE_DEFAULT"; /* rule table add line */ long long rule_id = maat_cmd_incrby(maat_inst, "TEST_SEQ", 1); @@ -3266,7 +3266,7 @@ TEST_F(IPScan, RuleChangeConditionId) { /* object2rule table add line */ long long object_id1 = maat_cmd_incrby(maat_inst, "SEQUENCE_OBJECT", 1); - ret = object2rule_table_set_line(maat_inst, g2c_table_name, MAAT_OP_ADD, + ret = object2rule_table_set_line(maat_inst, o2r_table_name, MAAT_OP_ADD, object_id1, rule_id, 0, src_table_name, 1, 0); EXPECT_EQ(ret, 1); @@ -3278,7 +3278,7 @@ TEST_F(IPScan, RuleChangeConditionId) { /* object2rule table add line */ long long object_id2 = maat_cmd_incrby(maat_inst, "SEQUENCE_OBJECT", 1); - ret = object2rule_table_set_line(maat_inst, g2c_table_name, MAAT_OP_ADD, + ret = object2rule_table_set_line(maat_inst, o2r_table_name, MAAT_OP_ADD, object_id2, rule_id, 0, dst_table_name, 2, 0); EXPECT_EQ(ret, 1); @@ -3327,15 +3327,15 @@ TEST_F(IPScan, RuleChangeConditionId) { /* object2rule table del line */ - ret = object2rule_table_set_line(maat_inst, g2c_table_name, MAAT_OP_DEL, + ret = object2rule_table_set_line(maat_inst, o2r_table_name, MAAT_OP_DEL, object_id1, rule_id, 0, src_table_name, 1, 0); EXPECT_EQ(ret, 1); - ret = object2rule_table_set_line(maat_inst, g2c_table_name, MAAT_OP_DEL, + ret = object2rule_table_set_line(maat_inst, o2r_table_name, MAAT_OP_DEL, object_id2, rule_id, 0, dst_table_name, 2, 0); EXPECT_EQ(ret, 1); - ret = object2rule_table_set_line(maat_inst, g2c_table_name, MAAT_OP_ADD, + ret = object2rule_table_set_line(maat_inst, o2r_table_name, MAAT_OP_ADD, object_id1, rule_id, 0, src_table_name, 2, 0); EXPECT_EQ(ret, 1); @@ -3343,7 +3343,7 @@ TEST_F(IPScan, RuleChangeConditionId) { int app_id_table_id = maat_get_table_id(maat_inst, app_id_table_name); /* object2rule table add line */ long long object_id3 = maat_cmd_incrby(maat_inst, "SEQUENCE_OBJECT", 1); - ret = object2rule_table_set_line(maat_inst, g2c_table_name, MAAT_OP_ADD, + ret = object2rule_table_set_line(maat_inst, o2r_table_name, MAAT_OP_ADD, object_id3, rule_id, 0, app_id_table_name, 1, 0); EXPECT_EQ(ret, 1); @@ -6198,7 +6198,7 @@ TEST_F(TableSchemaTag, RuleTable) { const char *rule1_table_name = "RULE_DEFAULT"; const char *rule2_table_name = "RULE_ALIAS"; const char *rule3_table_name = "RULE_CONJUNCTION"; - const char *g2c_table_name = "OBJECT2RULE"; + const char *o2r_table_name = "OBJECT2RULE"; struct maat *maat_inst = TableSchemaTag::_shared_maat_inst; //RULE_DEFAULT @@ -6229,10 +6229,10 @@ TEST_F(TableSchemaTag, RuleTable) { EXPECT_EQ(ret, 0); //OBJECT2RULE - int g2c_table_id = maat_get_table_id(maat_inst, g2c_table_name); - EXPECT_EQ(g2c_table_id, 3); + int o2r_table_id = maat_get_table_id(maat_inst, o2r_table_name); + EXPECT_EQ(o2r_table_id, 3); - const char *tag4 = maat_get_table_schema_tag(maat_inst, g2c_table_id); + const char *tag4 = maat_get_table_schema_tag(maat_inst, o2r_table_id); EXPECT_TRUE(tag4 != NULL); ret = strcmp(tag4, "{\"object2rule\": \"object2rule\"}"); @@ -7484,7 +7484,7 @@ TEST_F(MaatCmd, SetIP) { int thread_id = 0; const char *ip_table_name = "IP_CONFIG"; const char *rule_table_name = "RULE_DEFAULT"; - const char *g2c_table_name = "OBJECT2RULE_DEFAULT"; + const char *o2r_table_name = "OBJECT2RULE_DEFAULT"; struct maat *maat_inst = MaatCmd::_shared_maat_inst; struct maat_state *state = maat_state_new(maat_inst, thread_id); maat_reload_log_level(maat_inst, LOG_LEVEL_INFO); @@ -7497,7 +7497,7 @@ TEST_F(MaatCmd, SetIP) { /* object2rule table add line */ long long object_id = maat_cmd_incrby(maat_inst, "SEQUENCE_OBJECT", 1); - ret = object2rule_table_set_line(maat_inst, g2c_table_name, MAAT_OP_ADD, + ret = object2rule_table_set_line(maat_inst, o2r_table_name, MAAT_OP_ADD, object_id, rule_id, 0, ip_table_name, 1, 0); EXPECT_EQ(ret, 1); @@ -7609,7 +7609,7 @@ TEST_F(MaatCmd, SetExpr8) { const char *scan_data7 = "string1, string2, string3, string4, string5, string6, string7"; const char *rule_table_name = "RULE_DEFAULT"; - const char *g2c_table_name = "OBJECT2RULE_DEFAULT"; + const char *o2r_table_name = "OBJECT2RULE_DEFAULT"; const char *table_name = "KEYWORDS_TABLE"; const char *keywords8 = "string1&string2&string3&string4&string5&string6&string7&string8"; @@ -7629,7 +7629,7 @@ TEST_F(MaatCmd, SetExpr8) { /* object2rule table add line */ long long object_id = maat_cmd_incrby(maat_inst, "SEQUENCE_OBJECT", 1); - ret = object2rule_table_set_line(maat_inst, g2c_table_name, MAAT_OP_ADD, + ret = object2rule_table_set_line(maat_inst, o2r_table_name, MAAT_OP_ADD, object_id, rule_id, 0, table_name, 1, 0); EXPECT_EQ(ret, 1); @@ -7686,7 +7686,7 @@ TEST_F(MaatCmd, ObjectScan) { int thread_id = 0; const char *table_name = "HTTP_URL"; const char *rule_table_name = "RULE_DEFAULT"; - const char *g2c_table_name = "OBJECT2RULE_DEFAULT"; + const char *o2r_table_name = "OBJECT2RULE_DEFAULT"; struct maat *maat_inst = MaatCmd::_shared_maat_inst; struct maat_state *state = maat_state_new(maat_inst, thread_id); @@ -7701,7 +7701,7 @@ TEST_F(MaatCmd, ObjectScan) { /* object2rule table add line */ long long object_id = maat_cmd_incrby(maat_inst, "SEQUENCE_OBJECT", 1); - ret = object2rule_table_set_line(maat_inst, g2c_table_name, MAAT_OP_ADD, + ret = object2rule_table_set_line(maat_inst, o2r_table_name, MAAT_OP_ADD, object_id, rule_id, 0, table_name, 1, 0); EXPECT_EQ(ret, 1); @@ -7729,7 +7729,7 @@ TEST_F(MaatCmd, SameFilterRefByOneRule) { const char *scan_data = "http://filtermenot.com"; const char *keywords = "menot.com"; const char *rule_table_name = "RULE_DEFAULT"; - const char *g2c_table_name = "OBJECT2RULE_DEFAULT"; + const char *o2r_table_name = "OBJECT2RULE_DEFAULT"; long long results[ARRAY_SIZE] = {0}; size_t n_hit_result = 0; int thread_id = 0; @@ -7746,11 +7746,11 @@ TEST_F(MaatCmd, SameFilterRefByOneRule) { //condition1 & condition2 has same filter => {attribute_id, object_id} long long object_id = maat_cmd_incrby(maat_inst, "SEQUENCE_OBJECT", 1); - ret = object2rule_table_set_line(maat_inst, g2c_table_name, MAAT_OP_ADD, + ret = object2rule_table_set_line(maat_inst, o2r_table_name, MAAT_OP_ADD, object_id, rule_id, 0, attribute_name, 1, 0); EXPECT_EQ(ret, 1); - ret = object2rule_table_set_line(maat_inst, g2c_table_name, MAAT_OP_ADD, + ret = object2rule_table_set_line(maat_inst, o2r_table_name, MAAT_OP_ADD, object_id, rule_id, 0, attribute_name, 2, 0); EXPECT_EQ(ret, 1); @@ -7881,8 +7881,8 @@ TEST_F(MaatCmd, ReturnRuleIDWithDescendingOrder) { TEST_F(MaatCmd, SubObject) { const char *table_name = "HTTP_URL"; const char *rule_table_name = "RULE_DEFAULT"; - const char *g2c_table_name = "OBJECT2RULE_DEFAULT"; - const char *g2g_table_name = "OBJECT2OBJECT"; + const char *o2r_table_name = "OBJECT2RULE_DEFAULT"; + const char *o2o_table_name = "OBJECT2OBJECT"; const char *scan_data1 = "www.v2ex.com/t/573028#程序员的核心竞争力是什么"; const char *keyword1 = "程序员&核心竞争力"; const char *scan_data2 = "https://ask.leju.com/bj/detail/12189672562229248/?bi=tg&type=sina-pc" @@ -7912,18 +7912,18 @@ TEST_F(MaatCmd, SubObject) { /* object2rule table add line */ //object1 -> rule1 long long object1_id = maat_cmd_incrby(maat_inst, "SEQUENCE_OBJECT", 1); - ret = object2rule_table_set_line(maat_inst, g2c_table_name, MAAT_OP_ADD, + ret = object2rule_table_set_line(maat_inst, o2r_table_name, MAAT_OP_ADD, object1_id, rule1_id, 0, table_name, 1, 0); EXPECT_EQ(ret, 1); //object1 -> rule2 - ret = object2rule_table_set_line(maat_inst, g2c_table_name, MAAT_OP_ADD, + ret = object2rule_table_set_line(maat_inst, o2r_table_name, MAAT_OP_ADD, object1_id, rule2_id, 0, table_name, 1, 0); EXPECT_EQ(ret, 1); //object2 -> object1 -> rule1 long long object2_id = maat_cmd_incrby(maat_inst, "SEQUENCE_OBJECT", 1); - ret = object2object_table_set_line(maat_inst, g2g_table_name, MAAT_OP_ADD, + ret = object2object_table_set_line(maat_inst, o2o_table_name, MAAT_OP_ADD, object1_id, object2_id, 0); EXPECT_EQ(ret, 1); @@ -7956,7 +7956,7 @@ TEST_F(MaatCmd, SubObject) { \ \_ X -> rule2 */ - ret = object2rule_table_set_line(maat_inst, g2c_table_name, MAAT_OP_DEL, + ret = object2rule_table_set_line(maat_inst, o2r_table_name, MAAT_OP_DEL, object1_id, rule2_id, 0, table_name, 1, 0); EXPECT_EQ(ret, 1); sleep(WAIT_FOR_EFFECTIVE_S); @@ -7977,14 +7977,14 @@ TEST_F(MaatCmd, SubObject) { \ \_ -> rule2 */ - ret = object2rule_table_set_line(maat_inst, g2c_table_name, MAAT_OP_DEL, + ret = object2rule_table_set_line(maat_inst, o2r_table_name, MAAT_OP_DEL, object1_id, rule1_id, 0, table_name, 1, 0); EXPECT_EQ(ret, 1); ret = rule_table_set_line(maat_inst, rule_table_name, MAAT_OP_DEL, rule1_id, "null", 1, 0); EXPECT_EQ(ret, 1); - ret = object2rule_table_set_line(maat_inst, g2c_table_name, MAAT_OP_ADD, + ret = object2rule_table_set_line(maat_inst, o2r_table_name, MAAT_OP_ADD, object2_id, rule2_id, 0, table_name, 1, 0); EXPECT_EQ(ret, 1); @@ -8007,7 +8007,7 @@ TEST_F(MaatCmd, SubObject) { item2 -> object3 */ long long object3_id = maat_cmd_incrby(maat_inst, "SEQUENCE_OBJECT", 1); - ret = object2object_table_set_line(maat_inst, g2g_table_name, MAAT_OP_ADD, + ret = object2object_table_set_line(maat_inst, o2o_table_name, MAAT_OP_ADD, object1_id, object3_id, 0); EXPECT_EQ(ret, 1); @@ -8033,14 +8033,14 @@ TEST_F(MaatCmd, SubObject) { ret = rule_table_set_line(maat_inst, rule_table_name, MAAT_OP_ADD, rule1_id, "null", 1, 0); EXPECT_EQ(ret, 1); - ret = object2rule_table_set_line(maat_inst, g2c_table_name, MAAT_OP_ADD, + ret = object2rule_table_set_line(maat_inst, o2r_table_name, MAAT_OP_ADD, object1_id, rule1_id, 0, table_name, 1, 0); EXPECT_EQ(ret, 1); ret = rule_table_set_line(maat_inst, rule_table_name, MAAT_OP_DEL, rule1_id, "null", 1, 0); EXPECT_EQ(ret, 1); - ret = object2rule_table_set_line(maat_inst, g2c_table_name, MAAT_OP_DEL, + ret = object2rule_table_set_line(maat_inst, o2r_table_name, MAAT_OP_DEL, object1_id, rule1_id, 0, table_name, 1, 0); EXPECT_EQ(ret, 1); @@ -8062,7 +8062,7 @@ TEST_F(MaatCmd, SubObject) { TEST_F(MaatCmd, RefObject) { const char *table_name = "HTTP_URL"; const char* rule_table_name = "RULE_DEFAULT"; - const char* g2c_table_name = "OBJECT2RULE_DEFAULT"; + const char* o2r_table_name = "OBJECT2RULE_DEFAULT"; const char* scan_data1 = "m.facebook.com/help/2297503110373101?helpref=hc_nav&refid=69"; const char* keyword1 = "something-should-not-hit"; const char* keyword2 = "facebook.com/help/2297503110373101"; @@ -8081,7 +8081,7 @@ TEST_F(MaatCmd, RefObject) { //object1 -> rule1 long long object1_id = maat_cmd_incrby(maat_inst, "SEQUENCE_OBJECT", 1); - ret = object2rule_table_set_line(maat_inst, g2c_table_name, MAAT_OP_ADD, + ret = object2rule_table_set_line(maat_inst, o2r_table_name, MAAT_OP_ADD, object1_id, rule1_id, 0, table_name, 1, 0); EXPECT_EQ(ret, 1); @@ -8099,7 +8099,7 @@ TEST_F(MaatCmd, RefObject) { item2 -> object2 */ long long object2_id = maat_cmd_incrby(maat_inst, "SEQUENCE_OBJECT", 1); - ret = object2rule_table_set_line(maat_inst, g2c_table_name, MAAT_OP_ADD, + ret = object2rule_table_set_line(maat_inst, o2r_table_name, MAAT_OP_ADD, object2_id, rule1_id, 0, table_name, 1, 0); EXPECT_EQ(ret, 1); @@ -8114,10 +8114,10 @@ TEST_F(MaatCmd, RefObject) { ret = rule_table_set_line(maat_inst, rule_table_name, MAAT_OP_ADD, rule1_id, "null", 1, 0); EXPECT_EQ(ret, 1); - ret = object2rule_table_set_line(maat_inst, g2c_table_name, MAAT_OP_DEL, + ret = object2rule_table_set_line(maat_inst, o2r_table_name, MAAT_OP_DEL, object1_id, rule1_id, 0, table_name, 1, 0); EXPECT_EQ(ret, 1); - ret = object2rule_table_set_line(maat_inst, g2c_table_name, MAAT_OP_ADD, + ret = object2rule_table_set_line(maat_inst, o2r_table_name, MAAT_OP_ADD, object2_id, rule1_id, 0, table_name, 1, 0); EXPECT_EQ(ret, 1); @@ -8141,7 +8141,7 @@ TEST_F(MaatCmd, RefObject) { TEST_F(MaatCmd, Attribute) { const char* rule_table_name = "RULE_DEFAULT"; - const char* g2c_table_name = "OBJECT2RULE_DEFAULT"; + const char* o2r_table_name = "OBJECT2RULE_DEFAULT"; const char* table_name="HTTP_SIGNATURE"; int thread_id = 0; struct maat *maat_inst = MaatCmd::_shared_maat_inst; @@ -8154,7 +8154,7 @@ TEST_F(MaatCmd, Attribute) { //object1 -> rule1 long long object1_id = maat_cmd_incrby(maat_inst, "SEQUENCE_OBJECT", 1); - ret = object2rule_table_set_line(maat_inst, g2c_table_name, MAAT_OP_ADD, + ret = object2rule_table_set_line(maat_inst, o2r_table_name, MAAT_OP_ADD, object1_id, rule1_id, 0, "HTTP_REQUEST_HEADER", 1, 0); EXPECT_EQ(ret, 1); @@ -8170,7 +8170,7 @@ TEST_F(MaatCmd, Attribute) { object2_/ */ long long object2_id = maat_cmd_incrby(maat_inst, "SEQUENCE_OBJECT", 1); - ret = object2rule_table_set_line(maat_inst, g2c_table_name, MAAT_OP_ADD, + ret = object2rule_table_set_line(maat_inst, o2r_table_name, MAAT_OP_ADD, object2_id, rule1_id, 0, "HTTP_RESPONSE_HEADER", 2, 0); EXPECT_EQ(ret, 1); @@ -8231,7 +8231,7 @@ TEST_F(MaatCmd, Attribute) { maat_state_reset(state); //delete object1 - ret = object2rule_table_set_line(maat_inst, g2c_table_name, MAAT_OP_DEL, + ret = object2rule_table_set_line(maat_inst, o2r_table_name, MAAT_OP_DEL, object1_id, rule1_id, 0, "HTTP_REQUEST_HEADER", 1, 0); EXPECT_EQ(ret, 1); @@ -8936,7 +8936,7 @@ TEST_F(MaatCmd, UpdateBoolPlugin) { #define RULE_ID_NUMS 1000 TEST_F(MaatCmd, ObjectInMassRules) { - const char* g2c_table_name = "OBJECT2RULE_DEFAULT"; + const char* o2r_table_name = "OBJECT2RULE_DEFAULT"; const char* rule_table_name = "RULE_DEFAULT"; const char* table_url = "HTTP_URL"; const char* table_appid = "APP_ID"; @@ -8979,11 +8979,11 @@ TEST_F(MaatCmd, ObjectInMassRules) { } for (i = 0; i < RULE_ID_NUMS; i++) { - ret = object2rule_table_set_line(maat_inst, g2c_table_name, MAAT_OP_ADD, + ret = object2rule_table_set_line(maat_inst, o2r_table_name, MAAT_OP_ADD, object1_id, rule_id[i], 0, table_url, 0, 0); EXPECT_EQ(ret, 1); - ret = object2rule_table_set_line(maat_inst, g2c_table_name, MAAT_OP_ADD, + ret = object2rule_table_set_line(maat_inst, o2r_table_name, MAAT_OP_ADD, object3_id, rule_id[i], 0, table_appid, 2, 0); EXPECT_EQ(ret, 1); } @@ -8996,10 +8996,10 @@ TEST_F(MaatCmd, ObjectInMassRules) { ret = rule_table_set_line(maat_inst, rule_table_name, MAAT_OP_ADD, target_rule_id, "null", 2, 0); EXPECT_EQ(ret, 1); - ret = object2rule_table_set_line(maat_inst, g2c_table_name, MAAT_OP_ADD, + ret = object2rule_table_set_line(maat_inst, o2r_table_name, MAAT_OP_ADD, object2_id, target_rule_id, 0, table_url, 1, 0); EXPECT_EQ(ret, 1); - ret = object2rule_table_set_line(maat_inst, g2c_table_name, MAAT_OP_ADD, + ret = object2rule_table_set_line(maat_inst, o2r_table_name, MAAT_OP_ADD, object3_id, target_rule_id, 0, table_appid, 2, 0); EXPECT_EQ(ret, 1); @@ -9060,8 +9060,8 @@ TEST_F(MaatCmd, ObjectInMassRules) { TEST_F(MaatCmd, HitObject) { const char *rule_table_name = "RULE_DEFAULT"; - const char *g2c_table_name = "OBJECT2RULE_DEFAULT"; - const char *g2g_table_name = "OBJECT2OBJECT"; + const char *o2r_table_name = "OBJECT2RULE_DEFAULT"; + const char *o2o_table_name = "OBJECT2OBJECT"; const char *http_sig_table_name = "HTTP_SIGNATURE"; const char *ip_table_name = "IP_CONFIG"; const char *keywords_table_name = "KEYWORDS_TABLE"; @@ -9077,7 +9077,7 @@ TEST_F(MaatCmd, HitObject) { //object1 -> rule1 long long object1_id = maat_cmd_incrby(maat_inst, "SEQUENCE_OBJECT", 1); - ret = object2rule_table_set_line(maat_inst, g2c_table_name, MAAT_OP_ADD, + ret = object2rule_table_set_line(maat_inst, o2r_table_name, MAAT_OP_ADD, object1_id, rule1_id, 0, "HTTP_REQUEST_HEADER", 1, 0); EXPECT_EQ(ret, 1); @@ -9094,7 +9094,7 @@ TEST_F(MaatCmd, HitObject) { object21_/ */ long long object21_id = maat_cmd_incrby(maat_inst, "SEQUENCE_OBJECT", 1); - ret = object2rule_table_set_line(maat_inst, g2c_table_name, MAAT_OP_ADD, + ret = object2rule_table_set_line(maat_inst, o2r_table_name, MAAT_OP_ADD, object21_id, rule1_id, 0, "HTTP_RESPONSE_HEADER", 2, 0); EXPECT_EQ(ret, 1); @@ -9104,7 +9104,7 @@ TEST_F(MaatCmd, HitObject) { object2 -> object21 _/ */ long long object2_id = maat_cmd_incrby(maat_inst, "SEQUENCE_OBJECT", 1); - ret = object2object_table_set_line(maat_inst, g2g_table_name, MAAT_OP_ADD, + ret = object2object_table_set_line(maat_inst, o2o_table_name, MAAT_OP_ADD, object21_id, object2_id, 0); EXPECT_EQ(ret, 1); @@ -9126,7 +9126,7 @@ TEST_F(MaatCmd, HitObject) { item2 -> object2 -> object21 _/ */ long long object11_id = maat_cmd_incrby(maat_inst, "SEQUENCE_OBJECT", 1); - ret = object2object_table_set_line(maat_inst, g2g_table_name, MAAT_OP_ADD, + ret = object2object_table_set_line(maat_inst, o2o_table_name, MAAT_OP_ADD, object11_id, object1_id, 0); EXPECT_EQ(ret, 1); @@ -9338,8 +9338,8 @@ TEST_F(MaatCmd, HitObject) { } TEST_F(MaatCmd, HitPathBasic) { - const char *g2g_table_name = "OBJECT2OBJECT"; - const char *g2c_table_name = "OBJECT2RULE_DEFAULT"; + const char *o2o_table_name = "OBJECT2OBJECT"; + const char *o2r_table_name = "OBJECT2RULE_DEFAULT"; const char *rule_table_name = "RULE_DEFAULT"; const char *http_sig_table_name = "HTTP_SIGNATURE"; const char *ip_table_name = "IP_CONFIG"; @@ -9356,7 +9356,7 @@ TEST_F(MaatCmd, HitPathBasic) { //object1 -> rule1 long long object1_id = maat_cmd_incrby(maat_inst, "SEQUENCE_OBJECT", 1); - ret = object2rule_table_set_line(maat_inst, g2c_table_name, MAAT_OP_ADD, + ret = object2rule_table_set_line(maat_inst, o2r_table_name, MAAT_OP_ADD, object1_id, rule1_id, 0, "HTTP_REQUEST_HEADER", 1, 0); EXPECT_EQ(ret, 1); @@ -9373,7 +9373,7 @@ TEST_F(MaatCmd, HitPathBasic) { object21_/ */ long long object21_id = maat_cmd_incrby(maat_inst, "SEQUENCE_OBJECT", 1); - ret = object2rule_table_set_line(maat_inst, g2c_table_name, MAAT_OP_ADD, + ret = object2rule_table_set_line(maat_inst, o2r_table_name, MAAT_OP_ADD, object21_id, rule1_id, 0, "HTTP_RESPONSE_HEADER", 2, 0); EXPECT_EQ(ret, 1); @@ -9383,7 +9383,7 @@ TEST_F(MaatCmd, HitPathBasic) { object2 -> object21 _/ */ long long object2_id = maat_cmd_incrby(maat_inst, "SEQUENCE_OBJECT", 1); - ret = object2object_table_set_line(maat_inst, g2g_table_name, MAAT_OP_ADD, + ret = object2object_table_set_line(maat_inst, o2o_table_name, MAAT_OP_ADD, object21_id, object2_id, 0); EXPECT_EQ(ret, 1); @@ -9405,7 +9405,7 @@ TEST_F(MaatCmd, HitPathBasic) { item2 -> object2 -> object21 _/ */ long long object11_id = maat_cmd_incrby(maat_inst, "SEQUENCE_OBJECT", 1); - ret = object2object_table_set_line(maat_inst, g2g_table_name, MAAT_OP_ADD, + ret = object2object_table_set_line(maat_inst, o2o_table_name, MAAT_OP_ADD, object11_id, object1_id, 0); EXPECT_EQ(ret, 1); @@ -9639,8 +9639,8 @@ that the edges be all directed in the same direction."; item4 -> object4 -/ */ TEST_F(MaatCmd, HitPathAdvanced) { - const char *g2g_table_name = "OBJECT2OBJECT"; - const char *g2c_table_name = "OBJECT2RULE_DEFAULT"; + const char *o2o_table_name = "OBJECT2OBJECT"; + const char *o2r_table_name = "OBJECT2RULE_DEFAULT"; const char *rule_table_name = "RULE_DEFAULT"; const char *ip_table_name = "IP_CONFIG"; const char *keywords_table_name = "KEYWORDS_TABLE"; @@ -9656,7 +9656,7 @@ TEST_F(MaatCmd, HitPathAdvanced) { //object1 -> rule1 long long object1_id = maat_cmd_incrby(maat_inst, "SEQUENCE_OBJECT", 1); - ret = object2rule_table_set_line(maat_inst, g2c_table_name, MAAT_OP_ADD, + ret = object2rule_table_set_line(maat_inst, o2r_table_name, MAAT_OP_ADD, object1_id, rule1_id, 0, "KEYWORDS_TABLE", 1, 0); //condition_index:1 EXPECT_EQ(ret, 1); @@ -9673,7 +9673,7 @@ TEST_F(MaatCmd, HitPathAdvanced) { object21_/ */ long long object21_id = maat_cmd_incrby(maat_inst, "SEQUENCE_OBJECT", 1); - ret = object2rule_table_set_line(maat_inst, g2c_table_name, MAAT_OP_ADD, + ret = object2rule_table_set_line(maat_inst, o2r_table_name, MAAT_OP_ADD, object21_id, rule1_id, 0, "KEYWORDS_TABLE", 2, 0); //condition_index:2 EXPECT_EQ(ret, 1); @@ -9683,7 +9683,7 @@ TEST_F(MaatCmd, HitPathAdvanced) { object2 -> object21 _/ */ long long object2_id = maat_cmd_incrby(maat_inst, "SEQUENCE_OBJECT", 1); - ret = object2object_table_set_line(maat_inst, g2g_table_name, MAAT_OP_ADD, + ret = object2object_table_set_line(maat_inst, o2o_table_name, MAAT_OP_ADD, object21_id, object2_id, 0); EXPECT_EQ(ret, 1); @@ -9710,7 +9710,7 @@ TEST_F(MaatCmd, HitPathAdvanced) { \ rule2 */ - ret = object2rule_table_set_line(maat_inst, g2c_table_name, MAAT_OP_ADD, + ret = object2rule_table_set_line(maat_inst, o2r_table_name, MAAT_OP_ADD, object21_id, rule2_id, 0, "KEYWORDS_TABLE", 3, 0); //condition_index:3 EXPECT_EQ(ret, 1); @@ -9728,7 +9728,7 @@ TEST_F(MaatCmd, HitPathAdvanced) { object3_id, "220.181.38.168-220.181.38.169", 0); EXPECT_EQ(ret, 1); - ret = object2rule_table_set_line(maat_inst, g2c_table_name, MAAT_OP_ADD, + ret = object2rule_table_set_line(maat_inst, o2r_table_name, MAAT_OP_ADD, object3_id, rule2_id, 0, "IP_CONFIG", 4, 0); //condition_index:4 EXPECT_EQ(ret, 1); @@ -9747,7 +9747,7 @@ TEST_F(MaatCmd, HitPathAdvanced) { rule3_id, "null", 2, 0); EXPECT_EQ(ret, 1); - ret = object2rule_table_set_line(maat_inst, g2c_table_name, MAAT_OP_ADD, + ret = object2rule_table_set_line(maat_inst, o2r_table_name, MAAT_OP_ADD, object3_id, rule3_id, 0, "IP_CONFIG", 5, 0); //condition_index:5 EXPECT_EQ(ret, 1); @@ -9774,7 +9774,7 @@ TEST_F(MaatCmd, HitPathAdvanced) { NULL, 0, 0); /*EXPR_TYPE_STRING MATCH_METHOD_SUB*/ EXPECT_EQ(ret, 1); - ret = object2rule_table_set_line(maat_inst, g2c_table_name, MAAT_OP_ADD, + ret = object2rule_table_set_line(maat_inst, o2r_table_name, MAAT_OP_ADD, object4_id, rule3_id, 0, "KEYWORDS_TABLE", 6, 0); //condition_index:6 EXPECT_EQ(ret, 1); @@ -9998,8 +9998,8 @@ TEST_F(MaatCmd, HitPathAdvanced) { } TEST_F(MaatCmd, HitPathHasNotObject) { - const char *g2g_table_name = "OBJECT2OBJECT"; - const char *g2c_table_name = "OBJECT2RULE_DEFAULT"; + const char *o2o_table_name = "OBJECT2OBJECT"; + const char *o2r_table_name = "OBJECT2RULE_DEFAULT"; const char *rule_table_name = "RULE_DEFAULT"; const char *http_sig_table_name = "HTTP_SIGNATURE"; const char *ip_table_name = "IP_CONFIG"; @@ -10016,7 +10016,7 @@ TEST_F(MaatCmd, HitPathHasNotObject) { // !object1 -> rule1 long long object1_id = maat_cmd_incrby(maat_inst, "SEQUENCE_OBJECT", 1); - ret = object2rule_table_set_line(maat_inst, g2c_table_name, MAAT_OP_ADD, + ret = object2rule_table_set_line(maat_inst, o2r_table_name, MAAT_OP_ADD, object1_id, rule1_id, 1, "HTTP_REQUEST_HEADER", 1, 0); EXPECT_EQ(ret, 1); @@ -10032,7 +10032,7 @@ TEST_F(MaatCmd, HitPathHasNotObject) { object21_/ */ long long object21_id = maat_cmd_incrby(maat_inst, "SEQUENCE_OBJECT", 1); - ret = object2rule_table_set_line(maat_inst, g2c_table_name, MAAT_OP_ADD, + ret = object2rule_table_set_line(maat_inst, o2r_table_name, MAAT_OP_ADD, object21_id, rule1_id, 0, "HTTP_RESPONSE_HEADER", 2, 0); EXPECT_EQ(ret, 1); @@ -10042,7 +10042,7 @@ TEST_F(MaatCmd, HitPathHasNotObject) { object2 -> object21 _/ */ long long object2_id = maat_cmd_incrby(maat_inst, "SEQUENCE_OBJECT", 1); - ret = object2object_table_set_line(maat_inst, g2g_table_name, MAAT_OP_ADD, + ret = object2object_table_set_line(maat_inst, o2o_table_name, MAAT_OP_ADD, object21_id, object2_id, 0); EXPECT_EQ(ret, 1); @@ -10064,7 +10064,7 @@ TEST_F(MaatCmd, HitPathHasNotObject) { item2 -> object2 -> object21 _/ */ long long object11_id = maat_cmd_incrby(maat_inst, "SEQUENCE_OBJECT", 1); - ret = object2object_table_set_line(maat_inst, g2g_table_name, MAAT_OP_ADD, + ret = object2object_table_set_line(maat_inst, o2o_table_name, MAAT_OP_ADD, object11_id, object1_id, 0); EXPECT_EQ(ret, 1); @@ -10291,8 +10291,8 @@ TEST_F(MaatCmd, HitPathHasNotObject) { TEST_F(MaatCmd, SameSuperObjectRefByMultiRule) { int thread_id = 0; - const char *g2g_table_name = "OBJECT2OBJECT"; - const char *g2c_table_name = "OBJECT2RULE_DEFAULT"; + const char *o2o_table_name = "OBJECT2OBJECT"; + const char *o2r_table_name = "OBJECT2RULE_DEFAULT"; const char *rule_table_name = "RULE_DEFAULT"; const char *http_sig_table_name = "HTTP_SIGNATURE"; struct maat *maat_inst = MaatCmd::_shared_maat_inst; @@ -10310,7 +10310,7 @@ TEST_F(MaatCmd, SameSuperObjectRefByMultiRule) { EXPECT_EQ(ret, 1); long long object52_id = maat_cmd_incrby(maat_inst, "SEQUENCE_OBJECT", 1); - ret = object2object_table_set_line(maat_inst, g2g_table_name, MAAT_OP_ADD, + ret = object2object_table_set_line(maat_inst, o2o_table_name, MAAT_OP_ADD, object52_id, object5_id, 0); EXPECT_EQ(ret, 1); @@ -10319,7 +10319,7 @@ TEST_F(MaatCmd, SameSuperObjectRefByMultiRule) { rule2_id, "HTTP_RESPONSE_HEADER", 1, 0); EXPECT_EQ(ret, 1); - ret = object2rule_table_set_line(maat_inst, g2c_table_name, MAAT_OP_ADD, + ret = object2rule_table_set_line(maat_inst, o2r_table_name, MAAT_OP_ADD, object52_id, rule2_id, 0, "HTTP_RESPONSE_HEADER", 0, 0); EXPECT_EQ(ret, 1); @@ -10329,7 +10329,7 @@ TEST_F(MaatCmd, SameSuperObjectRefByMultiRule) { rule3_id, "HTTP_RESPONSE_HEADER", 1, 0); EXPECT_EQ(ret, 1); - ret = object2rule_table_set_line(maat_inst, g2c_table_name, MAAT_OP_ADD, + ret = object2rule_table_set_line(maat_inst, o2r_table_name, MAAT_OP_ADD, object52_id, rule3_id, 0, "HTTP_RESPONSE_HEADER", 0, 0); EXPECT_EQ(ret, 1); @@ -10390,7 +10390,7 @@ TEST_F(MaatCmd, SameSuperObjectRefByMultiRule) { } TEST_F(MaatCmd, SameScanStatusWhenConditionUpdate_TSG6419) { - const char *g2c_table_name = "OBJECT2RULE_DEFAULT"; + const char *o2r_table_name = "OBJECT2RULE_DEFAULT"; const char* rule_table_name = "RULE_DEFAULT"; const char* ip_table_name = "IP_PLUS_CONFIG"; const char *app_id_table_name = "APP_ID"; @@ -10408,7 +10408,7 @@ TEST_F(MaatCmd, SameScanStatusWhenConditionUpdate_TSG6419) { item21 -> object21 -> condition2 _/ */ long long object11_id = maat_cmd_incrby(maat_inst, "SEQUENCE_OBJECT", 1); - ret = object2rule_table_set_line(maat_inst, g2c_table_name, MAAT_OP_ADD, + ret = object2rule_table_set_line(maat_inst, o2r_table_name, MAAT_OP_ADD, object11_id, rule1_id, 0, ip_table_name, 1, 0); EXPECT_EQ(ret, 1); @@ -10418,7 +10418,7 @@ TEST_F(MaatCmd, SameScanStatusWhenConditionUpdate_TSG6419) { EXPECT_EQ(ret, 1); long long object21_id = maat_cmd_incrby(maat_inst, "SEQUENCE_OBJECT", 1); - ret = object2rule_table_set_line(maat_inst, g2c_table_name, MAAT_OP_ADD, + ret = object2rule_table_set_line(maat_inst, o2r_table_name, MAAT_OP_ADD, object21_id, rule1_id, 0, app_id_table_name, 2, 0); EXPECT_EQ(ret, 1); @@ -10465,7 +10465,7 @@ TEST_F(MaatCmd, SameScanStatusWhenConditionUpdate_TSG6419) { EXPECT_EQ(ret, 1); long long object22_id = maat_cmd_incrby(maat_inst, "SEQUENCE_OBJECT", 1); - ret = object2rule_table_set_line(maat_inst, g2c_table_name, MAAT_OP_ADD, + ret = object2rule_table_set_line(maat_inst, o2r_table_name, MAAT_OP_ADD, object22_id, rule1_id, 0, app_id_table_name, 3, 0); EXPECT_EQ(ret, 1); @@ -10500,7 +10500,7 @@ TEST_F(MaatCmd, SameScanStatusWhenConditionUpdate_TSG6419) { } TEST_F(MaatCmd, ObjectEdit) { - const char *g2c_table_name = "OBJECT2RULE_DEFAULT"; + const char *o2r_table_name = "OBJECT2RULE_DEFAULT"; const char *rule_table_name = "RULE_DEFAULT"; const char *ip_table_name = "IP_PLUS_CONFIG"; const char *app_id_table_name = "APP_ID"; @@ -10517,7 +10517,7 @@ TEST_F(MaatCmd, ObjectEdit) { item21 -> object21 -> condition2 _/ */ long long object11_id = maat_cmd_incrby(maat_inst, "SEQUENCE_OBJECT", 1); - ret = object2rule_table_set_line(maat_inst, g2c_table_name, MAAT_OP_ADD, + ret = object2rule_table_set_line(maat_inst, o2r_table_name, MAAT_OP_ADD, object11_id, rule1_id, 0, ip_table_name, 1, 0); EXPECT_EQ(ret, 1); @@ -10527,7 +10527,7 @@ TEST_F(MaatCmd, ObjectEdit) { EXPECT_EQ(ret, 1); long long object21_id = maat_cmd_incrby(maat_inst, "SEQUENCE_OBJECT", 1); - ret = object2rule_table_set_line(maat_inst, g2c_table_name, MAAT_OP_ADD, + ret = object2rule_table_set_line(maat_inst, o2r_table_name, MAAT_OP_ADD, object21_id, rule1_id, 0, app_id_table_name, 2, 0); EXPECT_EQ(ret, 1); @@ -10642,7 +10642,7 @@ TEST_F(MaatCmd, ObjectEdit) { } TEST_F(MaatCmd, RuleDelete_TSG6548) { - const char* g2c_table_name = "OBJECT2RULE_DEFAULT"; + const char* o2r_table_name = "OBJECT2RULE_DEFAULT"; const char* rule_table_name = "RULE_DEFAULT"; const char* ip_table_name = "IP_PLUS_CONFIG"; int thread_id = 0; @@ -10656,7 +10656,7 @@ TEST_F(MaatCmd, RuleDelete_TSG6548) { //item11 -> object11 -> condition1 -> rule1 long long object11_id = maat_cmd_incrby(maat_inst, "SEQUENCE_OBJECT", 1); - ret = object2rule_table_set_line(maat_inst, g2c_table_name, MAAT_OP_ADD, + ret = object2rule_table_set_line(maat_inst, o2r_table_name, MAAT_OP_ADD, object11_id, rule1_id, 0, ip_table_name, 1, 0); EXPECT_EQ(ret, 1); @@ -10690,7 +10690,7 @@ TEST_F(MaatCmd, RuleDelete_TSG6548) { rule1_id, "null", 1, 0); EXPECT_EQ(ret, 1); - ret = object2rule_table_set_line(maat_inst, g2c_table_name, MAAT_OP_DEL, + ret = object2rule_table_set_line(maat_inst, o2r_table_name, MAAT_OP_DEL, object11_id, rule1_id, 0, ip_table_name, 1, 0); EXPECT_EQ(ret, 1); @@ -10717,7 +10717,7 @@ TEST_F(MaatCmd, RuleDelete_TSG6548) { } TEST_F(MaatCmd, UpdateDeadLockDetection) { - const char* g2c_table_name = "OBJECT2RULE_DEFAULT"; + const char* o2r_table_name = "OBJECT2RULE_DEFAULT"; const char* rule_table_name = "RULE_DEFAULT"; const char* table_http_url = "HTTP_URL"; int thread_id = 0; @@ -10731,7 +10731,7 @@ TEST_F(MaatCmd, UpdateDeadLockDetection) { //object1 -> rule1 long long object1_id = maat_cmd_incrby(maat_inst, "SEQUENCE_OBJECT", 1); - ret = object2rule_table_set_line(maat_inst, g2c_table_name, MAAT_OP_ADD, + ret = object2rule_table_set_line(maat_inst, o2r_table_name, MAAT_OP_ADD, object1_id, rule1_id, 0, table_http_url, 0, 0); EXPECT_EQ(ret, 1); @@ -10769,7 +10769,7 @@ TEST_F(MaatCmd, UpdateDeadLockDetection) { //object2 -> rule2 long long object2_id = maat_cmd_incrby(maat_inst, "SEQUENCE_OBJECT", 1); - ret = object2rule_table_set_line(maat_inst, g2c_table_name, MAAT_OP_ADD, + ret = object2rule_table_set_line(maat_inst, o2r_table_name, MAAT_OP_ADD, object2_id, rule2_id, 0, table_http_url, 0, 0); EXPECT_EQ(ret, 1); @@ -10802,7 +10802,7 @@ TEST_F(MaatCmd, UpdateDeadLockDetection) { } TEST_F(MaatCmd, StreamScanWhenExprTableIncUpdate) { - const char* g2c_table_name = "OBJECT2RULE_DEFAULT"; + const char* o2r_table_name = "OBJECT2RULE_DEFAULT"; const char* rule_table_name = "RULE_DEFAULT"; const char* scan_table_name = "KEYWORDS_TABLE"; int thread_id = 0; @@ -10816,7 +10816,7 @@ TEST_F(MaatCmd, StreamScanWhenExprTableIncUpdate) { //object1 -> rule1 long long object1_id = maat_cmd_incrby(maat_inst, "SEQUENCE_OBJECT", 1); - ret = object2rule_table_set_line(maat_inst, g2c_table_name, MAAT_OP_ADD, + ret = object2rule_table_set_line(maat_inst, o2r_table_name, MAAT_OP_ADD, object1_id, rule1_id, 0, scan_table_name, 0, 0); EXPECT_EQ(ret, 1); @@ -10877,7 +10877,7 @@ TEST_F(MaatCmd, StreamScanWhenExprTableIncUpdate) { } TEST_F(MaatCmd, StreamScanSegfaultWhenVersionRollBack_TSG6324) { - const char* g2c_table_name = "OBJECT2RULE_DEFAULT"; + const char* o2r_table_name = "OBJECT2RULE_DEFAULT"; const char* rule_table_name = "RULE_DEFAULT"; const char* scan_table_name = "KEYWORDS_TABLE"; int thread_id = 0; @@ -10891,7 +10891,7 @@ TEST_F(MaatCmd, StreamScanSegfaultWhenVersionRollBack_TSG6324) { //object1 -> rule1 long long object1_id = maat_cmd_incrby(maat_inst, "SEQUENCE_OBJECT", 1); - ret = object2rule_table_set_line(maat_inst, g2c_table_name, MAAT_OP_ADD, + ret = object2rule_table_set_line(maat_inst, o2r_table_name, MAAT_OP_ADD, object1_id, rule1_id, 0, scan_table_name, 0, 0); EXPECT_EQ(ret, 1); @@ -10944,7 +10944,7 @@ TEST_F(MaatCmd, StreamScanSegfaultWhenVersionRollBack_TSG6324) { } TEST_F(MaatCmd, IPAndStreamScanWhenIncUpdate) { - const char *g2c_table_name = "OBJECT2RULE_DEFAULT"; + const char *o2r_table_name = "OBJECT2RULE_DEFAULT"; const char *rule_table_name = "RULE_DEFAULT"; const char *expr_table_name = "KEYWORDS_TABLE"; const char *ip_table_name = "IP_PLUS_CONFIG"; @@ -10959,7 +10959,7 @@ TEST_F(MaatCmd, IPAndStreamScanWhenIncUpdate) { //object1 -> rule1 long long object1_id = maat_cmd_incrby(maat_inst, "SEQUENCE_OBJECT", 1); - ret = object2rule_table_set_line(maat_inst, g2c_table_name, MAAT_OP_ADD, + ret = object2rule_table_set_line(maat_inst, o2r_table_name, MAAT_OP_ADD, object1_id, rule1_id, 0, expr_table_name, 0, 0); EXPECT_EQ(ret, 1); @@ -10979,7 +10979,7 @@ TEST_F(MaatCmd, IPAndStreamScanWhenIncUpdate) { object2_id, "100.100.100.1", 0); EXPECT_EQ(ret, 1); - ret = object2rule_table_set_line(maat_inst, g2c_table_name, MAAT_OP_ADD, + ret = object2rule_table_set_line(maat_inst, o2r_table_name, MAAT_OP_ADD, object2_id, rule1_id, 0, ip_table_name, 1, 0); EXPECT_EQ(ret, 1); @@ -11045,7 +11045,7 @@ TEST_F(MaatCmd, IPAndStreamScanWhenIncUpdate) { } TEST_F(MaatCmd, IPAndStreamScanWhenFullUpdate) { - const char *g2c_table_name = "OBJECT2RULE_DEFAULT"; + const char *o2r_table_name = "OBJECT2RULE_DEFAULT"; const char *rule_table_name = "RULE_DEFAULT"; const char *ip_table_name = "IP_PLUS_CONFIG"; const char *expr_table_name = "KEYWORDS_TABLE"; @@ -11060,7 +11060,7 @@ TEST_F(MaatCmd, IPAndStreamScanWhenFullUpdate) { //object1 -> rule1 long long object1_id = maat_cmd_incrby(maat_inst, "SEQUENCE_OBJECT", 1); - ret = object2rule_table_set_line(maat_inst, g2c_table_name, MAAT_OP_ADD, + ret = object2rule_table_set_line(maat_inst, o2r_table_name, MAAT_OP_ADD, object1_id, rule1_id, 0, expr_table_name, 0, 0); EXPECT_EQ(ret, 1); @@ -11081,7 +11081,7 @@ TEST_F(MaatCmd, IPAndStreamScanWhenFullUpdate) { item2_id, object2_id, "100.100.100.2", 0); EXPECT_EQ(ret, 1); - ret = object2rule_table_set_line(maat_inst, g2c_table_name, MAAT_OP_ADD, + ret = object2rule_table_set_line(maat_inst, o2r_table_name, MAAT_OP_ADD, object2_id, rule1_id, 0, ip_table_name, 1, 0); EXPECT_EQ(ret, 1); @@ -11145,7 +11145,7 @@ TEST_F(MaatCmd, IPAndStreamScanWhenFullUpdate) { } TEST_F(MaatCmd, IPAndStringScanWhenIncUpdate) { - const char *g2c_table_name = "OBJECT2RULE_DEFAULT"; + const char *o2r_table_name = "OBJECT2RULE_DEFAULT"; const char *rule_table_name = "RULE_DEFAULT"; const char *expr_table_name = "HTTP_URL"; const char *ip_table_name = "IP_PLUS_CONFIG"; @@ -11161,7 +11161,7 @@ TEST_F(MaatCmd, IPAndStringScanWhenIncUpdate) { //object1 -> rule1 long long object1_id = maat_cmd_incrby(maat_inst, "SEQUENCE_OBJECT", 1); - ret = object2rule_table_set_line(maat_inst, g2c_table_name, MAAT_OP_ADD, + ret = object2rule_table_set_line(maat_inst, o2r_table_name, MAAT_OP_ADD, object1_id, rule1_id, 0, expr_table_name, 0, 0); EXPECT_EQ(ret, 1); @@ -11181,7 +11181,7 @@ TEST_F(MaatCmd, IPAndStringScanWhenIncUpdate) { object2_id, "100.100.100.1", 0); EXPECT_EQ(ret, 1); - ret = object2rule_table_set_line(maat_inst, g2c_table_name, MAAT_OP_ADD, + ret = object2rule_table_set_line(maat_inst, o2r_table_name, MAAT_OP_ADD, object2_id, rule1_id, 0, ip_table_name, 1, 0); EXPECT_EQ(ret, 1); @@ -11245,7 +11245,7 @@ TEST_F(MaatCmd, IPAndStringScanWhenIncUpdate) { } TEST_F(MaatCmd, IPAndStringScanWhenFullupdate) { - const char *g2c_table_name = "OBJECT2RULE_DEFAULT"; + const char *o2r_table_name = "OBJECT2RULE_DEFAULT"; const char *rule_table_name = "RULE_DEFAULT"; const char *ip_table_name = "IP_PLUS_CONFIG"; const char *expr_table_name = "HTTP_URL"; @@ -11261,7 +11261,7 @@ TEST_F(MaatCmd, IPAndStringScanWhenFullupdate) { //object1 -> rule1 long long object1_id = maat_cmd_incrby(maat_inst, "SEQUENCE_OBJECT", 1); - ret = object2rule_table_set_line(maat_inst, g2c_table_name, MAAT_OP_ADD, + ret = object2rule_table_set_line(maat_inst, o2r_table_name, MAAT_OP_ADD, object1_id, rule1_id, 0, expr_table_name, 0, 0); EXPECT_EQ(ret, 1); @@ -11281,7 +11281,7 @@ TEST_F(MaatCmd, IPAndStringScanWhenFullupdate) { object2_id, "100.100.100.3", 0); EXPECT_EQ(ret, 1); - ret = object2rule_table_set_line(maat_inst, g2c_table_name, MAAT_OP_ADD, + ret = object2rule_table_set_line(maat_inst, o2r_table_name, MAAT_OP_ADD, object2_id, rule1_id, 0, ip_table_name, 1, 0); EXPECT_EQ(ret, 1); diff --git a/test/maat_json.json b/test/maat_json.json index 936a651..b41ab6d 100644 --- a/test/maat_json.json +++ b/test/maat_json.json @@ -1137,7 +1137,7 @@ "is_valid": "yes", "conditions": [ { - "g2c_table_name": "OBJECT2RULE_ALIAS", + "o2r_table_name": "OBJECT2RULE_ALIAS", "attribute": "HTTP_URL", "objects": [ { @@ -3050,7 +3050,7 @@ "is_valid": "yes", "conditions": [ { - "g2c_table_name": "OBJECT2RULE_FIREWALL", + "o2r_table_name": "OBJECT2RULE_FIREWALL", "attribute": "HTTP_URL", "objects": [ { diff --git a/test/object_nesting/object_nesting_gtest.cpp b/test/object_nesting/object_nesting_gtest.cpp index ac59dc9..1c7fcc1 100644 --- a/test/object_nesting/object_nesting_gtest.cpp +++ b/test/object_nesting/object_nesting_gtest.cpp @@ -13,7 +13,7 @@ #define MAX_IDS_STR_LEN 64 #define MAX_ITEM_NUM 64 #define WAIT_FOR_EFFECTIVE_S 2 -#define MAX_G2G_SCAN_TIMES (1000 * 1000) +#define MAX_O2O_SCAN_TIMES (1000 * 1000) const char *g_table_info_path = "./object_exclude_table_info.json"; const char *log_file = "./object_exclude_gtest.log"; @@ -140,11 +140,11 @@ protected: assert(0); } - g2g_schema = object2object_schema_new(root, NULL, "EXCLUDE_OBJECT2OBJECT", logger); + o2o_schema = object2object_schema_new(root, NULL, "EXCLUDE_OBJECT2OBJECT", logger); FREE(json_buff); cJSON_Delete(root); - if (NULL == g2g_schema) { + if (NULL == o2o_schema) { log_fatal(logger, MODULE_OBJECT_NESTING_GTEST, "object2object_schema_new failed."); assert(0); } @@ -153,15 +153,15 @@ protected: static void TearDownTestCase() { log_handle_destroy(logger); maat_garbage_bin_free(garbage_bin); - object2object_schema_free(g2g_schema); + object2object_schema_free(o2o_schema); } - static void *g2g_schema; + static void *o2o_schema; static struct log_handle *logger; static struct maat_garbage_bin *garbage_bin; }; -void *MaatObjectExclude::g2g_schema; +void *MaatObjectExclude::o2o_schema; struct log_handle *MaatObjectExclude::logger; struct maat_garbage_bin *MaatObjectExclude::garbage_bin; @@ -170,8 +170,8 @@ TEST_F(MaatObjectExclude, level_3_function) { struct object2object_rule rules; const char *table_name = "EXCLUDE_OBJECT2OBJECT"; - void *g2g_runtime = object2object_runtime_new(g2g_schema, 1, garbage_bin, logger); - if (NULL == g2g_runtime) { + void *o2o_runtime = object2object_runtime_new(o2o_schema, 1, garbage_bin, logger); + if (NULL == o2o_runtime) { log_fatal(logger, MODULE_OBJECT_NESTING_GTEST, "object2object_runtime_new failed."); assert(0); } @@ -185,14 +185,14 @@ TEST_F(MaatObjectExclude, level_3_function) { sprintf(table_line, "%lld\t%s\t%s\t%d", rules.add_items[i].object_id, rules.add_items[i].incl_sub_ids_str, rules.add_items[i].excl_sub_ids_str, 1); - object2object_runtime_update(g2g_runtime, g2g_schema, table_name, table_line, MAAT_OP_ADD); + object2object_runtime_update(o2o_runtime, o2o_schema, table_name, table_line, MAAT_OP_ADD); } - object2object_runtime_commit(g2g_runtime, table_name, 1); + object2object_runtime_commit(o2o_runtime, table_name, 1); long long hit_object_ids[2] = {11, 13}; long long super_object_ids[MAX_ITEM_NUM]; - size_t super_object_cnt = object2object_runtime_get_super_objects(g2g_runtime, hit_object_ids, 2, + size_t super_object_cnt = object2object_runtime_get_super_objects(o2o_runtime, hit_object_ids, 2, super_object_ids, MAX_ITEM_NUM); EXPECT_EQ(super_object_cnt, 2); EXPECT_EQ(super_object_ids[0], 2); @@ -202,10 +202,10 @@ TEST_F(MaatObjectExclude, level_3_function) { memset(table_line, 0, sizeof(table_line)); sprintf(table_line, "%lld\t%s\t%s\t%d", rules.del_items[0].object_id, rules.del_items[0].incl_sub_ids_str, rules.del_items[0].excl_sub_ids_str, 0); - object2object_runtime_update(g2g_runtime, g2g_schema, table_name, table_line, MAAT_OP_DEL); - object2object_runtime_commit(g2g_runtime, table_name, 2); + object2object_runtime_update(o2o_runtime, o2o_schema, table_name, table_line, MAAT_OP_DEL); + object2object_runtime_commit(o2o_runtime, table_name, 2); - super_object_cnt = object2object_runtime_get_super_objects(g2g_runtime, hit_object_ids, 2, + super_object_cnt = object2object_runtime_get_super_objects(o2o_runtime, hit_object_ids, 2, super_object_ids, MAX_ITEM_NUM); EXPECT_EQ(super_object_cnt, 3); EXPECT_EQ(super_object_ids[0], 1); @@ -216,10 +216,10 @@ TEST_F(MaatObjectExclude, level_3_function) { memset(table_line, 0, sizeof(table_line)); sprintf(table_line, "%lld\t%s\t%s\t%d", rules.del_items[1].object_id, rules.del_items[1].incl_sub_ids_str, rules.del_items[1].excl_sub_ids_str, 0); - object2object_runtime_update(g2g_runtime, g2g_schema, table_name, table_line, MAAT_OP_DEL); - object2object_runtime_commit(g2g_runtime, table_name, 3); + object2object_runtime_update(o2o_runtime, o2o_schema, table_name, table_line, MAAT_OP_DEL); + object2object_runtime_commit(o2o_runtime, table_name, 3); - super_object_cnt = object2object_runtime_get_super_objects(g2g_runtime, hit_object_ids, 2, + super_object_cnt = object2object_runtime_get_super_objects(o2o_runtime, hit_object_ids, 2, super_object_ids, MAX_ITEM_NUM); EXPECT_EQ(super_object_cnt, 4); EXPECT_EQ(super_object_ids[0], 1); @@ -227,7 +227,7 @@ TEST_F(MaatObjectExclude, level_3_function) { EXPECT_EQ(super_object_ids[2], 6); EXPECT_EQ(super_object_ids[3], 7); - object2object_runtime_free(g2g_runtime); + object2object_runtime_free(o2o_runtime); } TEST_F(MaatObjectExclude, level_3_perf) { @@ -235,8 +235,8 @@ TEST_F(MaatObjectExclude, level_3_perf) { struct object2object_rule rules; const char *table_name = "EXCLUDE_OBJECT2OBJECT"; - void *g2g_runtime = object2object_runtime_new(g2g_schema, 1, garbage_bin, logger); - if (NULL == g2g_runtime) { + void *o2o_runtime = object2object_runtime_new(o2o_schema, 1, garbage_bin, logger); + if (NULL == o2o_runtime) { log_fatal(logger, MODULE_OBJECT_NESTING_GTEST, "object2object_runtime_new failed."); assert(0); } @@ -250,10 +250,10 @@ TEST_F(MaatObjectExclude, level_3_perf) { sprintf(table_line, "%lld\t%s\t%s\t%d", rules.add_items[i].object_id, rules.add_items[i].incl_sub_ids_str, rules.add_items[i].excl_sub_ids_str, 1); - object2object_runtime_update(g2g_runtime, g2g_schema, table_name, table_line, MAAT_OP_ADD); + object2object_runtime_update(o2o_runtime, o2o_schema, table_name, table_line, MAAT_OP_ADD); } - object2object_runtime_commit(g2g_runtime, table_name, 4); + object2object_runtime_commit(o2o_runtime, table_name, 4); long long hit_object_ids[2] = {11, 13}; long long super_object_ids[MAX_ITEM_NUM]; @@ -261,8 +261,8 @@ TEST_F(MaatObjectExclude, level_3_perf) { struct log_handle *logger = MaatObjectExclude::logger; clock_gettime(CLOCK_MONOTONIC, &start); - for (int i = 0; i < MAX_G2G_SCAN_TIMES; i++) { - object2object_runtime_get_super_objects(g2g_runtime, hit_object_ids, 2, + for (int i = 0; i < MAX_O2O_SCAN_TIMES; i++) { + object2object_runtime_get_super_objects(o2o_runtime, hit_object_ids, 2, super_object_ids, MAX_ITEM_NUM); } clock_gettime(CLOCK_MONOTONIC, &end); @@ -274,12 +274,12 @@ TEST_F(MaatObjectExclude, level_3_perf) { memset(table_line, 0, sizeof(table_line)); sprintf(table_line, "%lld\t%s\t%s\t%d", rules.del_items[0].object_id, rules.del_items[0].incl_sub_ids_str, rules.del_items[0].excl_sub_ids_str, 0); - object2object_runtime_update(g2g_runtime, g2g_schema, table_name, table_line, MAAT_OP_DEL); - object2object_runtime_commit(g2g_runtime, table_name, 5); + object2object_runtime_update(o2o_runtime, o2o_schema, table_name, table_line, MAAT_OP_DEL); + object2object_runtime_commit(o2o_runtime, table_name, 5); clock_gettime(CLOCK_MONOTONIC, &start); - for (int i = 0; i < MAX_G2G_SCAN_TIMES; i++) { - object2object_runtime_get_super_objects(g2g_runtime, hit_object_ids, 2, + for (int i = 0; i < MAX_O2O_SCAN_TIMES; i++) { + object2object_runtime_get_super_objects(o2o_runtime, hit_object_ids, 2, super_object_ids, MAX_ITEM_NUM); } clock_gettime(CLOCK_MONOTONIC, &end); @@ -291,12 +291,12 @@ TEST_F(MaatObjectExclude, level_3_perf) { memset(table_line, 0, sizeof(table_line)); sprintf(table_line, "%lld\t%s\t%s\t%d", rules.del_items[1].object_id, rules.del_items[1].incl_sub_ids_str, rules.del_items[1].excl_sub_ids_str, 0); - object2object_runtime_update(g2g_runtime, g2g_schema, table_name, table_line, MAAT_OP_DEL); - object2object_runtime_commit(g2g_runtime, table_name, 6); + object2object_runtime_update(o2o_runtime, o2o_schema, table_name, table_line, MAAT_OP_DEL); + object2object_runtime_commit(o2o_runtime, table_name, 6); clock_gettime(CLOCK_MONOTONIC, &start); - for (int i = 0; i < MAX_G2G_SCAN_TIMES; i++) { - object2object_runtime_get_super_objects(g2g_runtime, hit_object_ids, 2, + for (int i = 0; i < MAX_O2O_SCAN_TIMES; i++) { + object2object_runtime_get_super_objects(o2o_runtime, hit_object_ids, 2, super_object_ids, MAX_ITEM_NUM); } clock_gettime(CLOCK_MONOTONIC, &end); @@ -304,7 +304,7 @@ TEST_F(MaatObjectExclude, level_3_perf) { log_info(logger, MODULE_OBJECT_NESTING_GTEST, "level_3_basic hit 4 super_objects scan consume time %lldms", time_elapse_ms); - object2object_runtime_free(g2g_runtime); + object2object_runtime_free(o2o_runtime); } TEST_F(MaatObjectExclude, level_4_function) { @@ -312,8 +312,8 @@ TEST_F(MaatObjectExclude, level_4_function) { struct object2object_rule rules; const char *table_name = "EXCLUDE_OBJECT2OBJECT"; - void *g2g_runtime = object2object_runtime_new(g2g_schema, 1, garbage_bin, logger); - if (NULL == g2g_runtime) { + void *o2o_runtime = object2object_runtime_new(o2o_schema, 1, garbage_bin, logger); + if (NULL == o2o_runtime) { log_fatal(logger, MODULE_OBJECT_NESTING_GTEST, "object2object_runtime_new failed."); assert(0); } @@ -327,14 +327,14 @@ TEST_F(MaatObjectExclude, level_4_function) { sprintf(table_line, "%lld\t%s\t%s\t%d", rules.add_items[i].object_id, rules.add_items[i].incl_sub_ids_str, rules.add_items[i].excl_sub_ids_str, 1); - object2object_runtime_update(g2g_runtime, g2g_schema, table_name, table_line, MAAT_OP_ADD); + object2object_runtime_update(o2o_runtime, o2o_schema, table_name, table_line, MAAT_OP_ADD); } - object2object_runtime_commit(g2g_runtime, table_name, 7); + object2object_runtime_commit(o2o_runtime, table_name, 7); long long hit_object_ids[2] = {14, 16}; long long super_object_ids[MAX_ITEM_NUM]; - size_t super_object_cnt = object2object_runtime_get_super_objects(g2g_runtime, hit_object_ids, 2, + size_t super_object_cnt = object2object_runtime_get_super_objects(o2o_runtime, hit_object_ids, 2, super_object_ids, MAX_ITEM_NUM); EXPECT_EQ(super_object_cnt, 5); EXPECT_EQ(super_object_ids[0], 4); @@ -347,10 +347,10 @@ TEST_F(MaatObjectExclude, level_4_function) { memset(table_line, 0, sizeof(table_line)); sprintf(table_line, "%lld\t%s\t%s\t%d", rules.del_items[0].object_id, rules.del_items[0].incl_sub_ids_str, rules.del_items[0].excl_sub_ids_str, 0); - object2object_runtime_update(g2g_runtime, g2g_schema, table_name, table_line, MAAT_OP_DEL); - object2object_runtime_commit(g2g_runtime, table_name, 8); + object2object_runtime_update(o2o_runtime, o2o_schema, table_name, table_line, MAAT_OP_DEL); + object2object_runtime_commit(o2o_runtime, table_name, 8); - super_object_cnt = object2object_runtime_get_super_objects(g2g_runtime, hit_object_ids, 2, + super_object_cnt = object2object_runtime_get_super_objects(o2o_runtime, hit_object_ids, 2, super_object_ids, MAX_ITEM_NUM); EXPECT_EQ(super_object_cnt, 7); EXPECT_EQ(super_object_ids[0], 1); @@ -361,7 +361,7 @@ TEST_F(MaatObjectExclude, level_4_function) { EXPECT_EQ(super_object_ids[5], 9); EXPECT_EQ(super_object_ids[6], 10); - object2object_runtime_free(g2g_runtime); + object2object_runtime_free(o2o_runtime); } TEST_F(MaatObjectExclude, level_4_perf) { @@ -369,8 +369,8 @@ TEST_F(MaatObjectExclude, level_4_perf) { struct object2object_rule rules; const char *table_name = "EXCLUDE_OBJECT2OBJECT"; - void *g2g_runtime = object2object_runtime_new(g2g_schema, 1, garbage_bin, logger); - if (NULL == g2g_runtime) { + void *o2o_runtime = object2object_runtime_new(o2o_schema, 1, garbage_bin, logger); + if (NULL == o2o_runtime) { log_fatal(logger, MODULE_OBJECT_NESTING_GTEST, "object2object_runtime_new failed."); assert(0); } @@ -384,10 +384,10 @@ TEST_F(MaatObjectExclude, level_4_perf) { sprintf(table_line, "%lld\t%s\t%s\t%d", rules.add_items[i].object_id, rules.add_items[i].incl_sub_ids_str, rules.add_items[i].excl_sub_ids_str, 1); - object2object_runtime_update(g2g_runtime, g2g_schema, table_name, table_line, MAAT_OP_ADD); + object2object_runtime_update(o2o_runtime, o2o_schema, table_name, table_line, MAAT_OP_ADD); } - object2object_runtime_commit(g2g_runtime, table_name, 7); + object2object_runtime_commit(o2o_runtime, table_name, 7); long long hit_object_ids[2] = {14, 16}; long long super_object_ids[MAX_ITEM_NUM]; @@ -395,8 +395,8 @@ TEST_F(MaatObjectExclude, level_4_perf) { struct log_handle *logger = MaatObjectExclude::logger; clock_gettime(CLOCK_MONOTONIC, &start); - for (int i = 0; i < MAX_G2G_SCAN_TIMES; i++) { - object2object_runtime_get_super_objects(g2g_runtime, hit_object_ids, 2, + for (int i = 0; i < MAX_O2O_SCAN_TIMES; i++) { + object2object_runtime_get_super_objects(o2o_runtime, hit_object_ids, 2, super_object_ids, MAX_ITEM_NUM); } clock_gettime(CLOCK_MONOTONIC, &end); @@ -408,12 +408,12 @@ TEST_F(MaatObjectExclude, level_4_perf) { memset(table_line, 0, sizeof(table_line)); sprintf(table_line, "%lld\t%s\t%s\t%d", rules.del_items[0].object_id, rules.del_items[0].incl_sub_ids_str, rules.del_items[0].excl_sub_ids_str, 0); - object2object_runtime_update(g2g_runtime, g2g_schema, table_name, table_line, MAAT_OP_DEL); - object2object_runtime_commit(g2g_runtime, table_name, 8); + object2object_runtime_update(o2o_runtime, o2o_schema, table_name, table_line, MAAT_OP_DEL); + object2object_runtime_commit(o2o_runtime, table_name, 8); clock_gettime(CLOCK_MONOTONIC, &start); - for (int i = 0; i < MAX_G2G_SCAN_TIMES; i++) { - object2object_runtime_get_super_objects(g2g_runtime, hit_object_ids, 2, + for (int i = 0; i < MAX_O2O_SCAN_TIMES; i++) { + object2object_runtime_get_super_objects(o2o_runtime, hit_object_ids, 2, super_object_ids, MAX_ITEM_NUM); } clock_gettime(CLOCK_MONOTONIC, &end); @@ -421,7 +421,7 @@ TEST_F(MaatObjectExclude, level_4_perf) { log_info(logger, MODULE_OBJECT_NESTING_GTEST, "level_4_basic hit 7 super_objects scan consume time %lldms", time_elapse_ms); - object2object_runtime_free(g2g_runtime); + object2object_runtime_free(o2o_runtime); } TEST_F(MaatObjectExclude, level_exceed_function) { @@ -429,8 +429,8 @@ TEST_F(MaatObjectExclude, level_exceed_function) { struct object2object_rule rules; const char *table_name = "EXCLUDE_OBJECT2OBJECT"; - void *g2g_runtime = object2object_runtime_new(g2g_schema, 1, garbage_bin, logger); - if (NULL == g2g_runtime) { + void *o2o_runtime = object2object_runtime_new(o2o_schema, 1, garbage_bin, logger); + if (NULL == o2o_runtime) { log_fatal(logger, MODULE_OBJECT_NESTING_GTEST, "object2object_runtime_new failed."); assert(0); } @@ -444,14 +444,14 @@ TEST_F(MaatObjectExclude, level_exceed_function) { sprintf(table_line, "%lld\t%s\t%s\t%d", rules.add_items[i].object_id, rules.add_items[i].incl_sub_ids_str, rules.add_items[i].excl_sub_ids_str, 1); - object2object_runtime_update(g2g_runtime, g2g_schema, table_name, table_line, MAAT_OP_ADD); + object2object_runtime_update(o2o_runtime, o2o_schema, table_name, table_line, MAAT_OP_ADD); } - object2object_runtime_commit(g2g_runtime, table_name, 8); + object2object_runtime_commit(o2o_runtime, table_name, 8); long long hit_object_ids[2] = {7, 13}; long long super_object_ids[MAX_ITEM_NUM]; - size_t super_object_cnt = object2object_runtime_get_super_objects(g2g_runtime, hit_object_ids, 2, + size_t super_object_cnt = object2object_runtime_get_super_objects(o2o_runtime, hit_object_ids, 2, super_object_ids, MAX_ITEM_NUM); EXPECT_EQ(super_object_cnt, 6); EXPECT_EQ(super_object_ids[0], 4); @@ -465,12 +465,12 @@ TEST_F(MaatObjectExclude, level_exceed_function) { memset(table_line, 0, sizeof(table_line)); sprintf(table_line, "%lld\t%s\t%s\t%d", rules.del_items[0].object_id, rules.del_items[0].incl_sub_ids_str, rules.del_items[0].excl_sub_ids_str, 0); - object2object_runtime_update(g2g_runtime, g2g_schema, table_name, table_line, MAAT_OP_DEL); - object2object_runtime_commit(g2g_runtime, table_name, 9); + object2object_runtime_update(o2o_runtime, o2o_schema, table_name, table_line, MAAT_OP_DEL); + object2object_runtime_commit(o2o_runtime, table_name, 9); hit_object_ids[0] = 7; hit_object_ids[1] = 10; - super_object_cnt = object2object_runtime_get_super_objects(g2g_runtime, hit_object_ids, 2, + super_object_cnt = object2object_runtime_get_super_objects(o2o_runtime, hit_object_ids, 2, super_object_ids, MAX_ITEM_NUM); EXPECT_EQ(super_object_cnt, 5); EXPECT_EQ(super_object_ids[0], 2); @@ -479,7 +479,7 @@ TEST_F(MaatObjectExclude, level_exceed_function) { EXPECT_EQ(super_object_ids[3], 8); EXPECT_EQ(super_object_ids[4], 11); - object2object_runtime_free(g2g_runtime); + object2object_runtime_free(o2o_runtime); } int main(int argc, char ** argv)