TSG-21542 修改Tunnel扫描时，调用maat_scan_not_logic接口时机。日志接口变更

ci/travis.sh

@@ -33,7 +33,7 @@ env | sort
 : "${COMPILER_IS_GNUCXX:=OFF}"
 
 # Install dependency from YUM
-yum install -y libcjson-devel libmaatframe-devel libfieldstat4-devel libMESA_handle_logger-devel libMESA_prof_load-devel sapp-devel 
+yum install -y libcjson-devel libmaatframe-devel libfieldstat4-devel libMESA_prof_load-devel sapp-devel 
 
 mkdir build || true
 cd build

common/CMakeLists.txt

@@ -1,4 +1,4 @@
-add_library(common src/verify_policy_logging.cpp src/verify_policy_utils.cpp)
+add_library(common src/verify_policy_utils.cpp src/log.c)
 target_include_directories(common PUBLIC ${CMAKE_CURRENT_LIST_DIR}/include)
-target_link_libraries(common PUBLIC MESA_handle_logger libevent-static)
+target_link_libraries(common PUBLIC libevent-static)
 

common/include/log.h

@@ -0,0 +1,45 @@
+/**
+ * Copyright (c) 2020 rxi
+ *
+ * This library is free software; you can redistribute it and/or modify it
+ * under the terms of the MIT license. See `log.c` for details.
+ */
+
+#ifndef LOG_H
+#define LOG_H
+
+#ifdef __cplusplus
+extern "C"
+{
+#endif
+
+#include <stdio.h>
+#include <stdarg.h>
+#include <stdbool.h>
+#include <time.h>
+
+#define LOG_VERSION "0.1.0"
+
+struct log_handle;
+
+enum { LOG_TRACE, LOG_DEBUG, LOG_INFO, LOG_WARN, LOG_ERROR, LOG_FATAL};
+
+#define log_debug(handle, module, fmt, ...)    log_print(handle, LOG_DEBUG, module, fmt, ##__VA_ARGS__)
+#define log_trace(handle, module, fmt, ...)    log_print(handle, LOG_TRACE, module,  fmt, ##__VA_ARGS__)
+#define log_info(handle, module, fmt, ...)	    log_print(handle, LOG_INFO, module, fmt, ##__VA_ARGS__)
+#define log_warn(handle, module, fmt, ...)		log_print(handle, LOG_WARN, module, fmt, ##__VA_ARGS__)
+#define log_error(handle, module, fmt, ...)	log_print(handle, LOG_ERROR, module, fmt, ##__VA_ARGS__)
+#define log_fatal(handle, module, fmt, ...)	log_print(handle, LOG_FATAL, module, fmt, ##__VA_ARGS__)
+
+void log_print(struct log_handle *, int level, const char *module, const char *fmt, ...);
+void log_options_set_enable(struct log_handle *, int enable);
+void log_options_set_level(struct log_handle *, int level);
+
+struct log_handle * log_handle_create(const char *file_path, int level);
+void log_handle_destroy(struct log_handle *);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif

common/include/verify_policy.h

@@ -9,6 +9,7 @@
 #define _VERIFY_POLICY_H
 
 #include <event2/event.h>
+#include <log.h>
 #include "verify_policy_utils.h"
 
 struct breakpad_instance;
@@ -116,7 +117,7 @@ struct verify_policy_thread
 struct verify_policy
 {
 	char name[VERIFY_SYMBOL_MAX];
-	void * logger;
+    struct log_handle *logger;
 	unsigned int log_level;
 	unsigned int nr_work_threads;
 	unsigned int listen_port;

common/include/verify_policy_logging.h

@@ -1,49 +0,0 @@
-/*************************************************************************
-	> File Name: logging.h
-	> Author:
-	> Mail:
-	> Created Time: 2018年06月18日 星期一 22时45分58秒
- ************************************************************************/
-
-#ifndef _LOGGING_H
-#define _LOGGING_H
-
-#define MODULE_NAME "verify_policy"
-
-#define RLOG_LV_DEBUG       10
-#define RLOG_LV_INFO        20
-#define RLOG_LV_FATAL       30
-
-typedef struct RTLogInit2Data_ {
-    int debug_switch;
-
-	int run_log_level;
-
-	char run_log_path[256];
-
-	void *run_log_handle;
-} RTLogInit2Data;
-
-extern RTLogInit2Data logging_sc_lid;
-
-/* The maximum length of the log message */
-#define RT_LOG_MAX_LOG_MSG_LEN 4096
-
-#define mesa_log(x, y, ...)         do {                                       \
-                                  char _sc_log_msg[RT_LOG_MAX_LOG_MSG_LEN] = ""; \
-                                  char *_sc_log_temp = _sc_log_msg;      \
-                                  if ( !x )                       \
-                                  { } else {                             \
-                                      snprintf(_sc_log_temp,             \
-                                               (RT_LOG_MAX_LOG_MSG_LEN - \
-                                                (_sc_log_temp - _sc_log_msg)), \
-                                               __VA_ARGS__);             \
-                                      MESA_handle_runtime_log(logging_sc_lid.run_log_handle, y, __FUNCTION__, _sc_log_msg); \
-                                  }                                      \
-                              } while(0)
-
-#define mesa_runtime_log(level, ...)   mesa_log(logging_sc_lid.debug_switch, level, __VA_ARGS__)
-
-extern void * verify_syslog_init(const char *config);
-
-#endif

common/include/verify_policy_utils.h

@@ -51,7 +51,9 @@
 
 char* rt_strdup(const char* s);
 
+#define	MODULE_VERIFY_POLICY "verify-policy.init"
+
 #define CHECK_OR_EXIT(condition, fmt, ...)                                                                          \
-do { if(!(condition)) { mesa_runtime_log(RLOG_LV_FATAL, fmt, ##__VA_ARGS__); exit(EXIT_FAILURE);   }  } while(0) \
+do { if(!(condition)) { log_fatal(g_verify_proxy->logger, MODULE_VERIFY_POLICY, fmt, ##__VA_ARGS__); exit(EXIT_FAILURE);   }  } while(0) \
 
 #endif

common/src/log.c

@@ -0,0 +1,281 @@
+/*
+ * Copyright (c) 2020 rxi
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to
+ * deal in the Software without restriction, including without limitation the
+ * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
+ * sell copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+ * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
+ * IN THE SOFTWARE.
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include <unistd.h>
+#include <pthread.h>
+#include <sys/stat.h>
+
+#include "log.h"
+
+#define ALLOC(type, number) ((type *)calloc(sizeof(type), number))
+
+typedef enum {
+    LOG_OP_IFACE_CONSOLE,
+    LOG_OP_IFACE_FILE,
+    RT_LOG_OP_IFACE_MAX,
+}log_op_iface;
+
+struct log_handle
+{
+    int level;
+    int enable;
+    FILE *fp;
+    va_list ap;
+	char defined_log_fn[1024];
+    char runtime_log_fn[1024];
+    pthread_mutex_t mutex;
+    log_op_iface iface;
+};
+
+static unsigned char weekday_str[7][4] = {"Sun", "Mon", "Tue", "Wed", "Thu", "Fri", "Sat"};
+
+static unsigned char month_str[12][4] = {"Jan", "Feb", "Mar", "Apr","May", "Jun", "Jul", "Aug", "Sep", "Oct", "Nov", "Dec"};
+
+static int log_create_dir(const char *dir_path, int path_len)
+{
+    if(dir_path == NULL)
+        return -1;
+
+    char *buf = (char *)calloc(path_len+1, 1);
+    int ret = -1;
+
+    memcpy(buf, dir_path, path_len);
+    if(access(buf, R_OK) != 0)
+    {
+        if(mkdir(buf, 0755)!= 0)
+            ret = -1;
+        else
+            ret =  0;
+    }
+    else
+        ret =  1;
+    free(buf);
+    buf = NULL;
+    return ret;
+}
+
+static void log_close_file(struct log_handle *handle)
+{
+	pthread_mutex_lock(&handle->mutex);
+	if(handle->fp != NULL)
+	{
+		fclose(handle->fp);
+		handle->fp = NULL;
+	}
+	pthread_mutex_unlock(&handle->mutex);
+	return;
+}
+
+int log_open_file(char *file_name, struct log_handle *handle)
+{
+	FILE *fp = NULL;
+	log_close_file(handle);
+	if(NULL == (fp = fopen(file_name, "a")))
+	{
+		return -1;
+	}
+    memcpy(handle->runtime_log_fn, file_name, strlen(file_name));
+    handle->fp = fp;
+	return 0;
+}
+
+static int log_create_path(const char *file_path)
+{
+    FILE *fp  = NULL;
+
+	if(file_path == NULL)
+		return 0;
+
+    char *p_path = rindex(file_path, '/');
+    if(p_path==0)
+    {
+        return 0;
+    }
+
+    const char *p_cur = file_path;
+    int path_len = p_path - file_path;
+    int i = 0;
+
+    if(log_create_dir(file_path, path_len) >= 0)
+        return 0;
+
+    for(;i<=path_len;i++,p_cur++)
+    {
+        if(*p_cur == '/')
+        {
+            if(log_create_dir(file_path, i+1) < 0)
+                return -1;
+        }
+    }
+    if(NULL == (fp = fopen(file_path, "w")))
+    {
+		return 0;
+    }
+    fclose(fp);
+    return 1;
+}
+
+int log_create_log_file(struct log_handle *handle)
+{
+    time_t t;
+    struct tm local_time;
+    char tmp_log_file_name[1024+128];
+
+    time(&t);
+    if(NULL == (localtime_r(&t, &local_time)))
+    {
+        return 0;
+    }
+    snprintf(tmp_log_file_name, sizeof(tmp_log_file_name), "%s.%04d-%02d-%02d", handle->defined_log_fn, local_time.tm_year + 1900, local_time.tm_mon + 1, local_time.tm_mday);
+
+    if(handle->fp == NULL)
+    {
+	    if(0 != log_open_file(tmp_log_file_name, handle)) return 0;
+    }
+    else
+    {
+	    if (0 != memcmp(tmp_log_file_name, handle->runtime_log_fn, strlen(tmp_log_file_name)))
+	    {
+		    if(0 != log_open_file(tmp_log_file_name, handle))return 0;
+	    }
+    }
+
+    return 1;
+}
+
+static void log_print_file(struct log_handle *handle, int level, const char *module, va_list ap, const char *fmt)
+{
+    char buf[64]={0};
+	time_t t;
+    struct tm local_time;
+	const char *level_str_map[]= {"TRACE", "DEBUG", "INFO", "WARN", "ERROR", "FATAL"};
+
+	time(&t);
+    if(NULL == (localtime_r(&t, &local_time))) return;
+    snprintf(buf, sizeof(buf), "%s %s %d %02d:%02d:%02d %d", weekday_str[local_time.tm_wday],
+             month_str[local_time.tm_mon], local_time.tm_mday, local_time.tm_hour, local_time.tm_min, local_time.tm_sec, local_time.tm_year+1900);
+
+    log_create_log_file(handle);
+    fprintf(handle->fp, "%s, %s, %s, ", buf, level_str_map[level], module);
+
+    vfprintf(handle->fp, fmt, ap);
+    fprintf(handle->fp, "\n");
+    fflush(handle->fp);
+}
+
+static void log_print_console(struct log_handle *handle, int level, const char *module, va_list ap, const char *fmt)
+{
+    char buf[64]={0};
+	time_t t;
+    struct tm local_time;
+	const char *level_str_map[]= {"TRACE", "DEBUG", "INFO", "WARN", "ERROR", "FATAL"};
+
+	time(&t);
+    if(NULL == (localtime_r(&t, &local_time))) return;
+    snprintf(buf, sizeof(buf), "%s %s %d %02d:%02d:%02d %d", weekday_str[local_time.tm_wday],
+             month_str[local_time.tm_mon], local_time.tm_mday, local_time.tm_hour, local_time.tm_min, local_time.tm_sec, local_time.tm_year+1900);
+    fprintf(handle->fp, "%s, %s, %s, ", buf, level_str_map[level], module);
+
+    vfprintf(handle->fp, fmt, ap);
+    fprintf(handle->fp, "\n");
+    fflush(handle->fp);
+}
+
+void log_options_set_level(struct log_handle * handle, int level)
+{
+    if(handle != NULL)
+    {
+        handle->level = level;
+    }
+}
+
+void log_options_set_enable(struct log_handle * handle, int enable)
+{
+    if(handle != NULL)
+    {
+        handle->enable = enable;
+    }
+}
+
+struct log_handle *log_handle_create(const char *file_path, int level)
+{
+    struct log_handle *handle = ALLOC(struct log_handle, 1);
+    if(!handle)
+    {
+        return NULL;
+    }
+	handle->enable=1;
+    handle->level = level;
+    strncpy(handle->defined_log_fn, file_path, 1023);
+    pthread_mutex_init(&handle->mutex,NULL);
+
+    if(handle->enable)
+    {
+        log_create_path(handle->defined_log_fn);
+    }
+
+    return handle;
+}
+
+void log_handle_destroy(struct log_handle * handle)
+{
+    if(!handle)
+    {
+        return;
+    }
+
+    if(handle->iface == LOG_OP_IFACE_FILE && handle->fp != NULL)
+    {
+        fclose(handle->fp);
+        handle->fp=NULL;
+    }
+
+    pthread_mutex_destroy(&(handle->mutex));
+    free(handle);
+    handle = NULL;
+    return;
+}
+
+void log_print(struct log_handle *handle, int level, const char *module, const char *fmt, ...)
+{
+    va_list ap;
+
+    if(handle->enable != 1 && level >= handle->level)
+    {
+        handle->fp = stdout;
+        handle->iface = LOG_OP_IFACE_CONSOLE;
+        va_start(handle->ap, fmt);
+        log_print_console(handle, level, module, ap, fmt);
+        va_end(handle->ap);
+    }
+    if (handle->enable == 1 && level >= handle->level)
+    {
+        handle->iface = LOG_OP_IFACE_FILE;
+        va_start(ap, fmt);
+        log_print_file(handle, level, module, ap, fmt);
+        va_end(ap);
+    }
+}
+

common/src/verify_policy_logging.cpp

@@ -1,54 +0,0 @@
-/*************************************************************************
-	> File Name: logging.c
-	> Author:
-	> Mail:
-	> Created Time: 2018年06月18日 星期一 22时45分43秒
- ************************************************************************/
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <stdint.h>
-#include <sys/types.h>
-#include <unistd.h>
-#include <pwd.h>
-#include <dirent.h>
-#include <ctype.h>
-
-#include "verify_policy_logging.h"
-#include <MESA/MESA_prof_load.h>
-#include <MESA/MESA_handle_logger.h>
-
-RTLogInit2Data logging_sc_lid;
-
-void * verify_syslog_init(const char *config)
-{
-
-	MESA_load_profile_int_def(config, (const char *)"SYSTEM",(const char *)"DEBUG_SWITCH",
-							&logging_sc_lid.debug_switch, 1);
-	MESA_load_profile_string_def(config, (const char *)"SYSTEM",(const char *)"RUN_LOG_PATH",
-	 							logging_sc_lid.run_log_path, 128, "conf/zlog.conf");
-
-	if (0 != MESA_handle_runtime_log_creation(logging_sc_lid.run_log_path))
-	{
-		fprintf(stderr, "Create log runtime_log_handle error, init failed\n");
-		goto finish;
-	}
-
-    logging_sc_lid.run_log_handle = MESA_create_runtime_log_handle("verify_policy", RLOG_LV_DEBUG);
-    if(logging_sc_lid.run_log_handle == NULL){
-        mesa_runtime_log(RLOG_LV_FATAL, "Create log runtime_log_handle error, init failed!");
-        goto finish;
-    }else{
-        mesa_runtime_log(RLOG_LV_INFO, "Log module initialization");
-    }
-
-	mesa_runtime_log(RLOG_LV_INFO, "%s:%d", "Log level", logging_sc_lid.run_log_level);
-	mesa_runtime_log(RLOG_LV_INFO, "%s:%s", "Log Directory", logging_sc_lid.run_log_path);
-
-	return logging_sc_lid.run_log_handle;
-finish:
-	return NULL;
-}
-
-

conf/verify_policy.conf

@@ -1,9 +1,7 @@
 [SYSTEM]
-#1:print on screen, 0:don't
+# kill -s SIGHUP "pid" to reload the configuration
-DEBUG_SWITCH = 1
+#0:LOG_TRACE 1:LOG_DEBUG 2:LOG_INFO 3:LOG_WARN 4:LOG_ERROR 5:LOG_FATAL
-#10:DEBUG, 20:INFO, 30:FATAL
+log_level=5
-RUN_LOG_LEVEL = 10
-RUN_LOG_PATH = "conf/zlog.conf"
 
 disable_coredump=0
 enable_breakpad=1

conf/zlog.conf

@@ -1,14 +0,0 @@
-# kill -s SIGHUP "pid"
-
-[global]
-default format = "%d(%c), %V, %F, %U, %m%n"
-[levels]
-DEBUG=10
-INFO=20
-FATAL=30
-[rules]
-*.fatal                               "./log/error.log.%d(%F)";
-verify_policy.fatal                   "./logs/verify_policy.log.%d(%F)";
-proxy_policy_maat.fatal	              "./logs/proxy_policy_maat.log.%d(%F)";
-security_policy_maat.fatal	      "./logs/security_policy_maat.log.%d(%F)";
-

platform/CMakeLists.txt

@@ -9,7 +9,6 @@ add_executable(verify-policy src/verify_policy.cpp src/verify_matcher.cpp)
 target_link_libraries(verify-policy common cjson maatframe)
 target_link_libraries(verify-policy pthread dl
 		libevent-static
-		MESA_handle_logger
 		MESA_prof_load
 		breakpad-client-static
 		cjson

platform/src/verify_matcher.cpp

@@ -12,7 +12,6 @@
 #include <pthread.h>
 
 #include <MESA/maat.h>
-#include <MESA/MESA_handle_logger.h>
 #include <MESA/MESA_prof_load.h>
 #include <MESA/stream.h>
 
@@ -20,11 +19,12 @@
 
 #include "verify_policy.h"
 #include "verify_policy_utils.h"
-#include "verify_policy_logging.h"
 
 #define HIT_PATH_SIZE           	4096
 #define	MAX_SCAN_RESULT				16
 
+#define	MODULE_VERIFY_MATCHER "verify-policy.matcher"
+
 enum policy_action
 {
 	PG_ACTION_NONE = 0,
@@ -195,7 +195,7 @@ struct policy_scan_ctx
 struct verify_policy_rt
 {
 	struct maat *feather[VSYS_ID_MAX];
-	void * local_logger;
+	struct log_handle *local_logger;
 	int log_level;
 	int thread_num;
 	int load_ip_location;
@@ -341,7 +341,7 @@ void ip_asn_table_new_cb(const char *table_name, int table_id, const char* key,
 	ret=sscanf(table_line, "%d\t%d\t%d\t%s\t%s\t%s\t%s\t%s\t%d", &profile_id, &group_id, &addr_type, addr_format, start_ip, end_ip, asn, organization, &is_valid);
 	if(ret!=9)
 	{
-		mesa_runtime_log(RLOG_LV_FATAL, "Policy table parse ip ASN failed, ret:%d, %s", ret, table_line);
+		log_fatal(g_verify_proxy->logger, MODULE_VERIFY_MATCHER, "Policy table parse ip ASN failed, ret:%d, %s", ret, table_line);
 		return;
 	}
 	verify_unescape(organization);
@@ -355,7 +355,7 @@ void ip_asn_table_new_cb(const char *table_name, int table_id, const char* key,
 	ip_asn->ref_cnt=1;
 	pthread_mutex_init(&(ip_asn->lock), NULL);
 
-	mesa_runtime_log(RLOG_LV_DEBUG, "Policy table add success %d", profile_id);
+	log_debug(g_verify_proxy->logger, MODULE_VERIFY_MATCHER, "Policy table add success %d", profile_id);
 	*ad = ip_asn;
 }
 
@@ -379,7 +379,7 @@ void ip_location_table_new_cb(const char *table_name, int table_id, const char*
 
 	if(ret != 24)
 	{
-		mesa_runtime_log(RLOG_LV_FATAL, "Policy table parse ip location failed, ret:%d, %s", ret, table_line);
+		log_fatal(g_verify_proxy->logger, MODULE_VERIFY_MATCHER, "Policy table parse ip location failed, ret:%d, %s", ret, table_line);
 		return;
 	}
 
@@ -402,7 +402,7 @@ void ip_location_table_new_cb(const char *table_name, int table_id, const char*
 	ip_location->subdivision_addr=strdup(subdivision_addr);
 	ip_location->ref_cnt=1;
 	pthread_mutex_init(&(ip_location->lock), NULL);
-	mesa_runtime_log(RLOG_LV_DEBUG, "Policy table add success %d", profile_id);
+	log_debug(g_verify_proxy->logger, MODULE_VERIFY_MATCHER, "Policy table add success %d", profile_id);
 	*ad = ip_location;
 }
 
@@ -458,7 +458,7 @@ void tunnel_catalog_table_new_cb(const char *table_name, int table_id, const cha
 	ret=sscanf(table_line, "%d\t%s\t%s\t%s\t%d\t%d", &tunnel_id, tunnel_name, tunnel_type, composition, &group_id, &is_valid);
 	if(ret!=6)
 	{
-		mesa_runtime_log(RLOG_LV_FATAL, "Policy catalog table parse tunnel catalog failed, ret:%d, %s", ret, table_line);
+		log_fatal(g_verify_proxy->logger, MODULE_VERIFY_MATCHER, "Policy catalog table parse tunnel catalog failed, ret:%d, %s", ret, table_line);
 		return;
 	}
 
@@ -472,7 +472,7 @@ void tunnel_catalog_table_new_cb(const char *table_name, int table_id, const cha
 	tunnel->ref_cnt=1;
 	pthread_mutex_init(&(tunnel->lock), NULL);
 
-	mesa_runtime_log(RLOG_LV_DEBUG, "Policy table add success %d", tunnel_id);
+	log_debug(g_verify_proxy->logger, MODULE_VERIFY_MATCHER, "Policy table add success %d", tunnel_id);
 	*ad = tunnel;
 }
 
@@ -486,7 +486,7 @@ void tunnel_endpoint_table_new_cb(const char *table_name, int table_id, const ch
 	ret=sscanf(table_line, "%d\t%d\t%s\t%s\t%s\t%d", &endpoint_id, &addr_type, start_ip, end_ip, description, &is_valid);
 	if(ret!=6)
 	{
-		mesa_runtime_log(RLOG_LV_FATAL, "Policy table parse tunnel end point failed, ret:%d, %s", ret, table_line);
+		log_fatal(g_verify_proxy->logger, MODULE_VERIFY_MATCHER, "Policy table parse tunnel end point failed, ret:%d, %s", ret, table_line);
 		return;
 	}
 
@@ -497,7 +497,7 @@ void tunnel_endpoint_table_new_cb(const char *table_name, int table_id, const ch
 	tunnel->ref_cnt=1;
 	pthread_mutex_init(&(tunnel->lock), NULL);
 
-	mesa_runtime_log(RLOG_LV_DEBUG, "Policy endpoint table add success %d", endpoint_id);
+	log_debug(g_verify_proxy->logger, MODULE_VERIFY_MATCHER, "Policy endpoint table add success %d", endpoint_id);
 	*ad = tunnel;
 }
 
@@ -509,7 +509,7 @@ void tunnel_label_table_new_cb(const char *table_name, int table_id, const char*
 	ret=sscanf(table_line, "%d\t%d", &label_id, &is_valid);
 	if(ret!=2)
 	{
-		mesa_runtime_log(RLOG_LV_FATAL, "Policy table tunnel label failed, ret:%d, %s", ret, table_line);
+		log_fatal(g_verify_proxy->logger, MODULE_VERIFY_MATCHER, "Policy table tunnel label failed, ret:%d, %s", ret, table_line);
 		return;
 	}
 
@@ -519,7 +519,7 @@ void tunnel_label_table_new_cb(const char *table_name, int table_id, const char*
 	tunnel->ref_cnt=1;
 	pthread_mutex_init(&(tunnel->lock), NULL);
 
-	mesa_runtime_log(RLOG_LV_DEBUG, "Policy label table add success %d", label_id);
+	log_debug(g_verify_proxy->logger, MODULE_VERIFY_MATCHER, "Policy label table add success %d", label_id);
 	*ad = tunnel;
 }
 
@@ -560,7 +560,7 @@ int maat_tunnel_table_init(int profile_idx,int vsys_id,
 		table_id=maat_plugin_table_ex_schema_register(g_policy_rt->feather[vsys_id], table_name, new_func[profile_idx], free_func, dup_func, 0, NULL);
 		return table_id;
 	}
-	mesa_runtime_log(RLOG_LV_FATAL, "Register table %s failed.", table_name);
+	log_fatal(g_verify_proxy->logger, MODULE_VERIFY_MATCHER, "Register table %s failed.", table_name);
 	return -1;
 }
 
@@ -626,7 +626,7 @@ int maat_plugin_table_ex_init(int profile_idx, int vsys_id,
 		ret=maat_plugin_table_ex_schema_register(g_policy_rt->feather[vsys_id], table_name, new_func, free_func, dup_func, 0, NULL);
 		return ret;
 	}
-	mesa_runtime_log(RLOG_LV_FATAL, "Register maat plugin table %s failed.", table_name);
+	log_fatal(g_verify_proxy->logger, MODULE_VERIFY_MATCHER, "Register maat plugin table %s failed.", table_name);
 	return -1;
 }
 
@@ -721,7 +721,7 @@ int maat_ip_table_init(int profile_idx,int vsys_id,
 									  				  0, NULL);
 		return 0;
 	}
-	mesa_runtime_log(RLOG_LV_FATAL, "Register table %s failed.", table_name);
+	log_fatal(g_verify_proxy->logger, MODULE_VERIFY_MATCHER, "Register table %s failed.", table_name);
 	return -1;
 }
 
@@ -746,7 +746,7 @@ void fqdn_cat_new_data(const char *table_name, int table_id, const char* key, co
 	if(ret!=6)
 	{
 		FREE(&fqdn_cat);
-		mesa_runtime_log(RLOG_LV_FATAL, "Parse fqdn category failed, ret: %d table_id: %d table_line: %s", ret, table_id, table_line);
+		log_fatal(g_verify_proxy->logger, MODULE_VERIFY_MATCHER, "Parse fqdn category failed, ret: %d table_id: %d table_line: %s", ret, table_id, table_line);
 		return;
 	}
 	fqdn_cat->ref_cnt=1;
@@ -795,7 +795,7 @@ void compile_table_new_cb(const char *table_name, int table_id, const char* key,
 	ret=sscanf(table_line, "%d\t%d\t%d\t%d\t%d\t%s\t%s\t%d\t%d", &config_id, &service_id, &action, &do_blacklist, &do_log,effective_range,srv_def_large,&group_num,&is_valid);
 	if(ret!=9)
 	{
-		mesa_runtime_log(RLOG_LV_FATAL, "Security compile table parse failed, ret:%d, %s", ret, table_line);
+		log_fatal(g_verify_proxy->logger, MODULE_VERIFY_MATCHER, "Security compile table parse failed, ret:%d, %s", ret, table_line);
 		return;
 	}
 	do_log=do_log;
@@ -1411,21 +1411,22 @@ static int group_scan(struct policy_scan_ctx *ctx, int vsys_id, int hit_cnt, str
 	return hit_cnt_group;
 }
 
-static int get_group_id_by_location(struct ip_data_table* ip_location, int level)
+
+static int get_group_id_by_location(const struct ip_data_table* ip_location, size_t level)
 {
-	switch(level)
+    const int* group_ids[] = {
-	{
+		&ip_location->country_region_group_id,
-		case 0:
+        &ip_location->province_group_id,
-			return ip_location->country_region_group_id;
+        &ip_location->city_group_id,
-		case 1:
+        &ip_location->subdivision_group_id
-			return ip_location->province_group_id;
+    };
-		case 2:
+
-			return ip_location->city_group_id;
+    if (level >= 0 && level < sizeof(group_ids) / sizeof(group_ids[0]))
-		case 3:
+    {
-			return ip_location->subdivision_group_id;
+        return *group_ids[level];
-		default:
+    }
-			return 0;
+
-	}
+    return 0;
 }
 
 int ip_location_scan(struct policy_scan_ctx *ctx, int vsys_id, struct ip_addr *sip, struct ip_addr *dip, int hit_cnt)
@@ -1804,12 +1805,14 @@ int tunnel_scan(struct request_query_obj *request, struct policy_scan_ctx *ctx,
 	size_t n_hit_result=0;
 	long long result[MAX_SCAN_RESULT]={0};
 
+	int hit_cnt_group=0;
+
 	if(ctx->tunnel_scan_mid == NULL)
 	{
 		ctx->tunnel_scan_mid = maat_state_new(g_policy_rt->feather[vsys_id], ctx->thread_id);
 		maat_state_set_scan_compile_table(ctx->tunnel_scan_mid, g_policy_rt->compile_table_id[TSG_TUNNEL]);
 	}
-
+	
 	int tunnel_table_id = get_tunnel_type_table_id(request->tunnel_type);
 	if (ip_addr->addrtype == ADDR_TYPE_IPV4)
 	{
@@ -1853,10 +1856,11 @@ int tunnel_scan(struct request_query_obj *request, struct policy_scan_ctx *ctx,
 			{
 				logic=0;
 			}
-			scan_ret = group_scan(ctx, vsys_id, hit_cnt, hit_group, TSG_OBJ_TUNNEL, logic);
+			scan_ret = maat_scan_group(g_policy_rt->feather[vsys_id], g_policy_rt->scan_table_id[TSG_OBJ_TUNNEL], &hit_group, 1,
-			if(scan_ret > 0)
+							   		  ctx->result+hit_cnt+hit_cnt_group, MAX_SCAN_RESULT-hit_cnt-hit_cnt_group, &n_hit_result, ctx->scan_mid);
+			if(scan_ret == MAAT_SCAN_HIT)
 			{
-				hit_cnt_tunnel+=scan_ret; 
+				hit_cnt_tunnel+=n_hit_result;
 			}
 			if(scan_ret >= MAAT_SCAN_OK)
 			{
@@ -1868,6 +1872,16 @@ int tunnel_scan(struct request_query_obj *request, struct policy_scan_ctx *ctx,
 			}
 		}
 	}
+	if(logic)
+	{
+		scan_ret = maat_scan_not_logic(g_policy_rt->feather[vsys_id], g_policy_rt->scan_table_id[TSG_OBJ_TUNNEL], ctx->result+hit_cnt+hit_cnt_group,
+								   MAX_SCAN_RESULT-hit_cnt-hit_cnt_group, &n_hit_result, ctx->scan_mid);
+		if (scan_ret == MAAT_SCAN_HIT)
+		{
+			hit_cnt_tunnel+=n_hit_result;
+		}
+	}
+
 	ctx->tunnel_scan++;
 	request->merge_nth_scan_num = hit_path_cnt;
 finish:
@@ -2267,7 +2281,7 @@ size_t policy_verify_scan(int vsys_id, int compile_table_id, struct request_quer
 			hit_cnt+=scan_ret;
 		}
 	}
-
+	
 	scan_ret = maat_scan_string(g_policy_rt->feather[vsys_id], g_policy_rt->scan_table_id[table_id],
 								value, strlen(value), ctx->result+hit_cnt, MAX_SCAN_RESULT-hit_cnt,
 						 	    &n_hit_result, ctx->scan_mid);
@@ -2324,7 +2338,7 @@ static struct maat *create_maat_feather(const char * instance_name, const char *
 	}
 	else
 	{
-		mesa_runtime_log(RLOG_LV_FATAL, "Invalid redis port range %s, MAAT init failed.", redis_port_range);
+		log_fatal(g_verify_proxy->logger, MODULE_VERIFY_MATCHER, "Invalid redis port range %s, MAAT init failed.", redis_port_range);
 	}
 	MESA_load_profile_string_def(profile, section, "inc_cfg_dir", inc_cfg_dir, sizeof(inc_cfg_dir), "");
 	MESA_load_profile_string_def(profile, section, "full_cfg_dir", ful_cfg_dir, sizeof(ful_cfg_dir), "");
@@ -2347,7 +2361,7 @@ static struct maat *create_maat_feather(const char * instance_name, const char *
 		case MAAT_INPUT_FILE:
 			maat_options_set_iris(opts, ful_cfg_dir, inc_cfg_dir);
 			break;
-		default: mesa_runtime_log(RLOG_LV_FATAL, "Invalid MAAT Input Mode: %d.", input_mode);
+		default: log_fatal(g_verify_proxy->logger, MODULE_VERIFY_MATCHER, "Invalid MAAT Input Mode: %d.", input_mode);
 			goto error_out;
 			break;
 	}
@@ -2371,13 +2385,13 @@ static struct maat *create_maat_feather(const char * instance_name, const char *
 	target = maat_new(opts, table_info);
 	if (!target)
 	{
-		mesa_runtime_log(RLOG_LV_FATAL, "%s MAAT init failed.", __FUNCTION__);
+		log_fatal(g_verify_proxy->logger, MODULE_VERIFY_MATCHER, "%s MAAT init failed.", __FUNCTION__);
 		goto error_out;
 	}
 
-	mesa_runtime_log(RLOG_LV_INFO, "%s:%s", "Maat Redis Ip", redis_ip);
+	log_info(g_verify_proxy->logger, MODULE_VERIFY_MATCHER, "%s:%s", "Maat Redis Ip", redis_ip);
-	mesa_runtime_log(RLOG_LV_INFO, "%s:%s", "Maat Redis Port", redis_port_range);
+	log_info(g_verify_proxy->logger, MODULE_VERIFY_MATCHER, "%s:%s", "Maat Redis Port", redis_port_range);
-	mesa_runtime_log(RLOG_LV_INFO, "%s:%d", "Maat Redis_db_index", db_index);
+	log_info(g_verify_proxy->logger, MODULE_VERIFY_MATCHER, "%s:%d", "Maat Redis_db_index", db_index);
 
     maat_options_free(opts);
 	return target;
@@ -2499,6 +2513,9 @@ void verify_reload_loglevel()
 	int load_vsys_num=0, log_level=0;
 	const char * profile_path = "./conf/verify_policy.conf";
 
+	MESA_load_profile_int_def(profile_path, "SYSTEM", "log_level", &log_level, LOG_FATAL);
+	log_options_set_level(g_verify_proxy->logger, log_level);
+
 	MESA_load_profile_int_def(profile_path, "MAAT", "load_vsys_num", &(load_vsys_num), 255);
 	MESA_load_profile_int_def(profile_path, "MAAT", "log_level", &(log_level), LOG_LEVEL_FATAL);
 
@@ -2551,10 +2568,10 @@ int maat_table_init(struct verify_policy * verify, const char* profile_path)
 			g_policy_rt->scan_table_id[i] = maat_get_table_id(g_policy_rt->feather[vsys_id], table_name[i]);
 			if (g_policy_rt->scan_table_id[i] < 0)
 			{
-				mesa_runtime_log(RLOG_LV_FATAL, "Maat table %s register failed.", table_name[i]);
+				log_fatal(g_policy_rt->local_logger, MODULE_VERIFY_MATCHER, "Maat table %s register failed.", table_name[i]);
 				goto error_out;
 			}
-			mesa_runtime_log(RLOG_LV_DEBUG, "Register maat %p, table name %s, table id %d", g_policy_rt->feather[vsys_id], table_name[i], g_policy_rt->scan_table_id[i]);
+			log_debug(g_policy_rt->local_logger, MODULE_VERIFY_MATCHER, "Register maat %p, table name %s, table id %d", g_policy_rt->feather[vsys_id], table_name[i], g_policy_rt->scan_table_id[i]);
 		}
 
 		for(int i = 0; i < PXY_TABLE_DEFENCE; i++)

platform/src/verify_policy.cpp

@@ -30,9 +30,7 @@
 
 #include "verify_policy.h"
 #include <MESA/MESA_prof_load.h>
-#include <MESA/MESA_handle_logger.h>
 #include "verify_policy_utils.h"
-#include "verify_policy_logging.h"
 
 struct verify_policy * g_verify_proxy = NULL;
 
@@ -54,15 +52,17 @@ static int load_system_conf(struct verify_policy * verify, const char *profile)
     int xret = -1;
 
     xret = MESA_load_profile_uint_nodef(profile, "CONFIG", "thread-nu", &(verify->nr_work_threads));
-    if (xret < 0){
+    if (xret < 0)
-        mesa_runtime_log(RLOG_LV_FATAL, "Reading the number of running threads failed");
+	{
+        log_fatal(verify->logger, MODULE_VERIFY_POLICY, "Reading the number of running threads failed");
     }
 	xret = MESA_load_profile_short_nodef(profile, "LISTEN", "port", (short *)&(verify->listen_port));
-	if (xret < 0){
+	if (xret < 0)
-		mesa_runtime_log(RLOG_LV_FATAL, "Listen Port invalid");
+	{
+		log_fatal(verify->logger, MODULE_VERIFY_POLICY, "Reading the listening port failed");
 	}
-	mesa_runtime_log(RLOG_LV_INFO, "%s:%d", "The Threads", verify->nr_work_threads);
+	log_info(verify->logger, MODULE_VERIFY_POLICY, "%s:%d", "The Threads", verify->nr_work_threads);
-	mesa_runtime_log(RLOG_LV_INFO, "%s:%d", "Libevent Port", verify->listen_port);
+	log_info(verify->logger, MODULE_VERIFY_POLICY, "%s:%d", "Libevent Port", verify->listen_port);
     return xret;
 }
 
@@ -86,7 +86,7 @@ int tsg_policy_type_str2idx(const char *action_str)
 		if (0 == strcasecmp(action_str, policy_name[i]))
 			break;
 	}
-	mesa_runtime_log(RLOG_LV_INFO, "[I]   policyType= %s", action_str);
+	log_info(g_verify_proxy->logger, MODULE_VERIFY_POLICY, "[I]   policyType= %s", action_str);
 	return i;
 }
 
@@ -204,7 +204,7 @@ struct ipaddr *ip_to_stream_addr(const char *clientIp1, unsigned int clientPort1
 		v6_addr->dest=serverPort1;
 		ip_addr->v6=v6_addr;
 	}
-	mesa_runtime_log(RLOG_LV_INFO, " [I]   %s, clientIp1=%s, clientPort1=%d, serverIp=%s, serverPort=%d, addr_type=%d, protocol=%d", buff,
+	log_info(g_verify_proxy->logger, MODULE_VERIFY_POLICY, " [I]   %s, clientIp1=%s, clientPort1=%d, serverIp=%s, serverPort=%d, addr_type=%d, protocol=%d", buff,
 					clientIp1, clientPort1, serverIp1, serverPort1, addr_type, *protocol);
 
 	return ip_addr;
@@ -227,7 +227,7 @@ struct ipaddr *tunnel_to_stream_addr(const char *Ip, int addr_type)
 		inet_pton(AF_INET6,Ip,&(v6_addr->saddr));
 		ip_addr->v6=v6_addr;
 	}
-	mesa_runtime_log(RLOG_LV_DEBUG, "[I]    attributeName = ip, clientIp1=%s, addr_type = %d", Ip, addr_type);
+	log_debug(g_verify_proxy->logger, MODULE_VERIFY_POLICY, "[I]    attributeName = ip, clientIp1=%s, addr_type = %d", Ip, addr_type);
 
 	return ip_addr;
 }
@@ -259,7 +259,7 @@ static struct ipaddr * get_ip_from_json(cJSON *attributeValue, const char *attri
 
 	if(attributeName==NULL)
 	{
-		mesa_runtime_log(RLOG_LV_FATAL, "The attributeType is of type iP, but the attributeName is empty, resulting in IP type parsing failure.");
+		log_fatal(g_verify_proxy->logger, MODULE_VERIFY_POLICY, "The attributeType is of type iP, but the attributeName is empty, resulting in IP type parsing failure.");
 		return NULL;
 	}
 
@@ -274,7 +274,7 @@ static struct ipaddr * get_ip_from_json(cJSON *attributeValue, const char *attri
 
 	if(strcasecmp(attributeName, "ip_protocol") == 0)
 	{
-		mesa_runtime_log(RLOG_LV_INFO, "  [I]   %s, protocol=%d", buff, *protocol);
+		log_info(g_verify_proxy->logger, MODULE_VERIFY_POLICY, "  [I]   %s, protocol=%d", buff, *protocol);
 		return NULL;
 	}
 
@@ -306,8 +306,8 @@ static char* get_port_from_json(cJSON *attributeValue, int *protocol, char *buff
 	if(item && item->type==cJSON_Number)
 	{
 		*protocol = item->valueint;
-	} 
+	}
-	mesa_runtime_log(RLOG_LV_INFO, "[I]   %s, port=%s, protocol=%d", buff, string, *protocol);
+	log_info(g_verify_proxy->logger, MODULE_VERIFY_POLICY, "[I]   %s, port=%s, protocol=%d", buff, string, *protocol);
 
 	return string;
 }
@@ -354,7 +354,7 @@ static int get_attribute_from_json(int curr_id, cJSON* subchild, struct verify_p
 		policy_query->request_object[curr_id].table_id = protoco_field_type_str2idx(item->valuestring, buff, &p);
 		if(policy_query->request_object[curr_id].table_id == __TSG_OBJ_MAX)
 		{
-			mesa_runtime_log(RLOG_LV_FATAL, "Get table id failed form table name:%s", item->valuestring);
+			log_fatal(g_verify_proxy->logger, MODULE_VERIFY_POLICY, "Get table id failed form table name:%s", item->valuestring);
 			return xret;
 		}
 	}
@@ -408,7 +408,7 @@ static int get_attribute_from_json(int curr_id, cJSON* subchild, struct verify_p
 			p += snprintf(p, sizeof(buff) - (p - buff), ", content = %s",policy_query->request_object[curr_id].string);
 		}
 	}
-	mesa_runtime_log(RLOG_LV_INFO, "[I]    %s", buff);
+	log_info(g_verify_proxy->logger, MODULE_VERIFY_POLICY, "[I]    %s", buff);
 	memset(buff, 0, VERIFY_STRING_MAX*2);
 end:
 	xret = 1;
@@ -433,7 +433,7 @@ enum verify_type get_verify_type(cJSON* data_json)
 		{
 			q_type = VERIFY_TYPE_REGEX;
 		}
-		mesa_runtime_log(RLOG_LV_INFO, " [I]   verifyType= %s", item->valuestring);
+		log_info(g_verify_proxy->logger, MODULE_VERIFY_POLICY, " [I]   verifyType= %s", item->valuestring);
 	}
 	return q_type;
 }
@@ -508,7 +508,7 @@ int get_query_result_policy(cJSON *subitem, cJSON *data_obj, int thread_id)
 		verify_policy->compile_table_id = tsg_policy_type_str2idx(item->valuestring);
 		if (verify_policy->compile_table_id >= __SCAN_POLICY_MAX)
 		{
-			mesa_runtime_log(RLOG_LV_FATAL, "policy type error, policy id = %d", verify_policy->compile_table_id);
+			log_fatal(g_verify_proxy->logger, MODULE_VERIFY_POLICY, "policy type error, policy id = %d", verify_policy->compile_table_id);
 			goto free;
 		}
 	}
@@ -518,7 +518,7 @@ int get_query_result_policy(cJSON *subitem, cJSON *data_obj, int thread_id)
 	{
 		verify_policy->vsys_id = item->valueint;
 	}
-	mesa_runtime_log(RLOG_LV_INFO, "[I]   vsysId= %d", verify_policy->vsys_id);
+	log_info(g_verify_proxy->logger, MODULE_VERIFY_POLICY, "[I]   vsysId= %d", verify_policy->vsys_id);
 
 	item = cJSON_GetObjectItem(subitem,"verifySession");
 	if(item == NULL || item->type!=cJSON_Object)
@@ -581,7 +581,7 @@ cJSON *get_query_from_request(const char *data, ssize_t data_len, int thread_id)
 	cJSON* data_json = cJSON_Parse(data);
 	if(data_json == NULL)
 	{
-		mesa_runtime_log(RLOG_LV_FATAL, "invalid policy parameter");
+		log_fatal(g_verify_proxy->logger, MODULE_VERIFY_POLICY, "Failed to parse the request data.");
 		return NULL;
 	}
 	cJSON  *policy_obj=NULL, *data_obj=NULL;
@@ -603,7 +603,7 @@ cJSON *get_query_from_request(const char *data, ssize_t data_len, int thread_id)
 		{
 			if(verify_type == VERIFY_TYPE_REGEX)
 			{
-				mesa_runtime_log(RLOG_LV_INFO, " [I]   data= %.*s", (int)data_len, data);
+				log_info(g_verify_proxy->logger, MODULE_VERIFY_POLICY, " [I]   data= %.*s", (int)data_len, data);
 				hit_cnt = get_query_result_regex(subitem, data_obj);
 			}
 
@@ -659,13 +659,13 @@ void evhttp_request_cb(struct evhttp_request *evh_req, void *arg)
 
 	if (evhttp_request_get_command(evh_req) != EVHTTP_REQ_POST)
 	{
-		mesa_runtime_log(RLOG_LV_FATAL, "FAILED (post type)");
+		log_fatal(g_verify_proxy->logger, MODULE_VERIFY_POLICY, "FAILED (post type)");
 		goto error;
 	}
 	evbuf_body = evhttp_request_get_input_buffer(evh_req);
 	if (!evbuf_body || 0==(inputlen = evbuffer_get_length(evbuf_body)) ||!(input = (char *)evbuffer_pullup(evbuf_body,inputlen)))
 	{
-		mesa_runtime_log(RLOG_LV_FATAL, "Failed to get post data information.");
+		log_fatal(g_verify_proxy->logger, MODULE_VERIFY_POLICY, "Failed to get post data information.");
 		goto error;
 	}
 
@@ -676,7 +676,7 @@ void evhttp_request_cb(struct evhttp_request *evh_req, void *arg)
 	}
 
 	policy_payload = cJSON_PrintUnformatted(policy_obj);
-	mesa_runtime_log(RLOG_LV_INFO, "[O]   %s", policy_payload);
+	log_info(g_verify_proxy->logger, MODULE_VERIFY_POLICY, "[O]   %s", policy_payload);
 	evhttp_socket_send(evh_req, policy_payload);
 
 	cJSON_Delete(policy_obj);
@@ -698,13 +698,13 @@ void * verify_policy_thread_func(void * arg)
     thread_ctx->base = event_base_new();
 	if (! thread_ctx->base)
 	{
-        mesa_runtime_log(RLOG_LV_FATAL, "Can'thread_ctx allocate event base");
+        log_fatal(g_verify_proxy->logger, MODULE_VERIFY_POLICY, "Can'thread_ctx allocate event base");
         goto finish;
     }
     thread_ctx->http = evhttp_new(thread_ctx->base);
 	if (!thread_ctx->http)
 	{
-        mesa_runtime_log(RLOG_LV_FATAL, "couldn'thread_ctx create evhttp. Exiting.");
+        log_fatal(g_verify_proxy->logger, MODULE_VERIFY_POLICY, "couldn'thread_ctx create evhttp. Exiting.");
 		goto error;
 	}
 
@@ -713,10 +713,10 @@ void * verify_policy_thread_func(void * arg)
 	bound = evhttp_accept_socket_with_handle(thread_ctx->http, thread_ctx->accept_fd);
 	if (bound != NULL)
 	{
-		mesa_runtime_log(RLOG_LV_INFO, "Bound(%p) to port %d - Awaiting connections ... ", bound,
+		log_info(g_verify_proxy->logger, MODULE_VERIFY_POLICY, "Bound(%p) to port %d - Awaiting connections ... ", bound,
 						g_verify_proxy->listen_port);
 	}
-	mesa_runtime_log(RLOG_LV_FATAL, "Work thread %u is run...", thread_ctx->id);
+	log_fatal(g_verify_proxy->logger, MODULE_VERIFY_POLICY, "Work thread %u is run...", thread_ctx->id);
 
 	event_base_dispatch(thread_ctx->base);
 error:
@@ -832,7 +832,7 @@ int verify_policy_work_thread_run(struct verify_policy * verify)
     evutil_socket_t accept_fd = evhttp_listen_socket_byuser((struct sockaddr*)&sin, sizeof(struct sockaddr_in),LEV_OPT_REUSEABLE_PORT|LEV_OPT_CLOSE_ON_FREE, -1);
     if (accept_fd < 0)
 	{
-        mesa_runtime_log(RLOG_LV_FATAL, "Could not create a listen!");
+        log_fatal(verify->logger, MODULE_VERIFY_POLICY, "Could not create a listen!");
         goto finish;
     }
 
@@ -846,12 +846,12 @@ int verify_policy_work_thread_run(struct verify_policy * verify)
 
 		if (pthread_create(&thread_ctx->pid, thread_ctx->attr, thread_ctx->routine, thread_ctx))
 		{
-            mesa_runtime_log(RLOG_LV_FATAL, "%s", strerror(errno));
+            log_fatal(verify->logger, MODULE_VERIFY_POLICY, "%s", strerror(errno));
 			goto finish;
 		}
 		if (pthread_detach(thread_ctx->pid))
 		{
-            mesa_runtime_log(RLOG_LV_FATAL, "%s", strerror(errno));
+            log_fatal(verify->logger, MODULE_VERIFY_POLICY, "%s", strerror(errno));
 			goto finish;
 		}
 	}
@@ -910,14 +910,14 @@ int breakpad_init_minidump_upload(struct breakpad_instance * instance, const cha
 
 	if (unlikely(ret < 0))
 	{
-		mesa_runtime_log(RLOG_LV_FATAL, "breakpad_upload_url is necessary, failed. ");
+		log_fatal(g_verify_proxy->logger, MODULE_VERIFY_POLICY, "breakpad_upload_url is necessary, failed. ");
 		goto errout;
 	}
 
 	ret = readlink("/proc/self/exe", execpath, sizeof(execpath));
 	if(unlikely(ret < 0))
 	{
-		mesa_runtime_log(RLOG_LV_FATAL, "Failed at readlink /proc/self/exec: %s", strerror(errno));
+		log_fatal(g_verify_proxy->logger, MODULE_VERIFY_POLICY, "Failed at readlink /proc/self/exec: %s", strerror(errno));
 		/* after log, reset errno */
 		errno = 0;
 		goto errout;
@@ -1018,7 +1018,7 @@ struct breakpad_instance * breakpad_init(const char * profile)
 		ret = setrlimit(RLIMIT_CORE, &__rlimit_vars);
 		if (ret < 0)
 		{
-			mesa_runtime_log(RLOG_LV_FATAL, "setrlimit(RLIMIT_CORE, 0) failed: %s", strerror(errno));
+			log_fatal(g_verify_proxy->logger, MODULE_VERIFY_POLICY, "setrlimit(RLIMIT_CORE, 0) failed: %s", strerror(errno));
 			/* after log, reset errno */
 			errno = 0;
 		}
@@ -1027,7 +1027,7 @@ struct breakpad_instance * breakpad_init(const char * profile)
 	MESA_load_profile_uint_def(profile, "system", "enable_breakpad", &instance->en_breakpad, 1);
 	if (instance->en_breakpad <= 0)
 	{
-		mesa_runtime_log(RLOG_LV_FATAL, "Breakpad Crash Reporting System is disabled. ");
+		log_fatal(g_verify_proxy->logger, MODULE_VERIFY_POLICY, "Breakpad Crash Reporting System is disabled. ");
 		return instance;
 	}
 
@@ -1046,7 +1046,7 @@ struct breakpad_instance * breakpad_init(const char * profile)
 		ret = breakpad_init_minidump_upload(instance, profile);
 		if (ret < 0)
 		{
-			mesa_runtime_log(RLOG_LV_FATAL, "Breakpad upload init failed, using local breakpad dumpfile");
+			log_fatal(g_verify_proxy->logger, MODULE_VERIFY_POLICY, "Breakpad upload init failed, using local breakpad dumpfile");
 			instance->en_breakpad_upload = 0;
 		}
 
@@ -1055,7 +1055,7 @@ struct breakpad_instance * breakpad_init(const char * profile)
 		ret = setrlimit(RLIMIT_CORE, &__rlimit_vars);
 		if (ret < 0)
 		{
-			mesa_runtime_log(RLOG_LV_FATAL, "setrlimit(RLIMIT_CORE, 0) failed: %s", strerror(errno));
+			log_fatal(g_verify_proxy->logger, MODULE_VERIFY_POLICY, "setrlimit(RLIMIT_CORE, 0) failed: %s", strerror(errno));
 			/* after log, reset errno */
 			errno = 0;
 		}
@@ -1073,8 +1073,8 @@ struct breakpad_instance * breakpad_init(const char * profile)
 			google_breakpad::MinidumpDescriptor(instance->minidump_dir_prefix), NULL,
 			tfe_breakpad_dump_to_file, NULL, true, -1);
 	}
-	mesa_runtime_log(RLOG_LV_INFO, "Breakpad Crash Report is enable. ");
+	log_info(g_verify_proxy->logger, MODULE_VERIFY_POLICY, "Breakpad Crash Report is enable. ");
-	mesa_runtime_log(RLOG_LV_INFO, "Minidump Dir: %s", instance->minidump_dir_prefix);
+	log_info(g_verify_proxy->logger, MODULE_VERIFY_POLICY, "Minidump Dir: %s", instance->minidump_dir_prefix);
 	return instance;
 }
 
@@ -1083,8 +1083,7 @@ void __signal_handler_cb(int sig)
 	switch (sig)
 	{
 		case SIGHUP:
-			mesa_runtime_log(RLOG_LV_INFO, "Reload log config");
+			log_info(g_verify_proxy->logger, MODULE_VERIFY_POLICY, "Reload log config");
-            MESA_handle_runtime_log_reconstruction(NULL);
 			verify_reload_loglevel();
             break;
 		case SIGPIPE:
@@ -1102,7 +1101,7 @@ int main(int argc, char * argv[])
 	const char * main_profile = "./conf/verify_policy.conf";
 	struct timespec start_time, end_time;
 
-	int ret = 0, opt = 0;
+	int ret = 0, opt = 0, log_level=0;
 	while ((opt = getopt(argc, argv, "v")) != -1)
 	{
 		switch (opt)
@@ -1118,7 +1117,9 @@ int main(int argc, char * argv[])
 	assert(g_verify_proxy);
 	strcpy(g_verify_proxy->name, "verify_policy");
 
-	g_verify_proxy->logger = verify_syslog_init(main_profile);
+	const char *log_path="./logs/verify_policy.log";
+	MESA_load_profile_int_def(main_profile, "SYSTEM", "log_level", &log_level, LOG_FATAL);
+	g_verify_proxy->logger = log_handle_create(log_path, log_level);
 	CHECK_OR_EXIT(g_verify_proxy->logger != NULL, "Failed at init log module. Exit.");
 
 	ret = load_system_conf(g_verify_proxy, main_profile);
@@ -1128,7 +1129,8 @@ int main(int argc, char * argv[])
 	ret = maat_table_init(g_verify_proxy, main_profile);
 	CHECK_OR_EXIT(ret == 0, "Failed at init maat module, Exit.");
 	clock_gettime(CLOCK_REALTIME, &(end_time));
-	mesa_runtime_log(RLOG_LV_FATAL, "Read table_info.conf, take time %lu(s)", end_time.tv_sec - start_time.tv_sec);
+
+	log_fatal(g_verify_proxy->logger, MODULE_VERIFY_POLICY, "Read table_info.conf, take time %lu(s)", end_time.tv_sec - start_time.tv_sec);
 	printf("Read table_info.conf, take time %lu(s)\n", end_time.tv_sec - start_time.tv_sec);
 
 	g_verify_proxy->breakpad = breakpad_init(main_profile);

vendor/CMakeLists.txt

@@ -103,10 +103,6 @@ set_property(TARGET gperftools-static PROPERTY INTERFACE_INCLUDE_DIRECTORIES ${I
 set(MESA_FRAMEWORK_LIB_DIR /opt/MESA/lib)
 set(MESA_FRAMEWORK_INCLUDE_DIR /opt/MESA/include)
 
-add_library(MESA_handle_logger SHARED IMPORTED GLOBAL)
-set_property(TARGET MESA_handle_logger PROPERTY IMPORTED_LOCATION ${MESA_FRAMEWORK_LIB_DIR}/libMESA_handle_logger.so)
-set_property(TARGET MESA_handle_logger PROPERTY INTERFACE_INCLUDE_DIRECTORIES ${MESA_FRAMEWORK_INCLUDE_DIR})
-
 add_library(MESA_prof_load SHARED IMPORTED GLOBAL)
 set_property(TARGET MESA_prof_load PROPERTY IMPORTED_LOCATION ${MESA_FRAMEWORK_LIB_DIR}/libMESA_prof_load.so)
 set_property(TARGET MESA_prof_load PROPERTY INTERFACE_INCLUDE_DIRECTORIES ${MESA_FRAMEWORK_INCLUDE_DIR})