TSG-9756 修改默认工作线程数为3，拆分安全策略和管控策略maat句柄

2022-02-28 14:53:04 +08:00
parent 2f1dfd6580
commit 3dce53c1da
4 changed files with 22 additions and 8 deletions
--- a/common/src/verify_policy_logging.cpp
+++ b/common/src/verify_policy_logging.cpp
@@ -42,7 +42,7 @@ void * verify_syslog_init(const char *config)
 		goto finish;
 	}

-    logging_sc_lid.run_log_handle = MESA_create_runtime_log_handle("./logs", RLOG_LV_DEBUG);
+    logging_sc_lid.run_log_handle = MESA_create_runtime_log_handle("verify_policy", RLOG_LV_DEBUG);
    if(logging_sc_lid.run_log_handle == NULL){
        mesa_runtime_log(RLOG_LV_FATAL, MODULE_NAME, "Create log runtime_log_handle error, init failed!");
        goto finish;
--- a/conf/verify_policy.conf
+++ b/conf/verify_policy.conf
@@ -13,7 +13,7 @@ breakpad_upload_url="http://127.0.0.1/"

 [CONFIG]
 #Number of running threads
-thread-nu = 4
+thread-nu = 3

 [maat]
 # 0:json 1: redis 2: iris
--- a/conf/zlog.conf
+++ b/conf/zlog.conf
@@ -8,6 +8,7 @@ INFO=20
 FATAL=30
 [rules]
 *.fatal                               "./logs/error.log.%d(%F)";
-!*.debug        "./logs/verify_policy.log.%d(%F)"
-!*.info        "./logs/verify_policy.log.%d(%F)"
+verify_policy.fatal                   "./logs/verify_policy.log.%d(%F)";
+proxy_policy_maat.fatal	              "./logs/proxy_policy_maat.log.%d(%F)";
+security_policy_maat.fatal	      "./logs/security_policy_maat.log.%d(%F)";

--- a/scan/src/policy_scan.cpp
+++ b/scan/src/policy_scan.cpp
@@ -1342,12 +1342,19 @@ error_out:
 int proxy_policy_init(struct verify_policy * verify, const char* profile_path)
 {
 	int ret = -1;
+	void *local_logger = NULL;

 	g_pangu_rt = ALLOC(struct pangu_rt, 1);

-	g_pangu_rt->thread_num = verify->nr_work_threads;
+    local_logger = MESA_create_runtime_log_handle("proxy_policy_maat", RLOG_LV_DEBUG);
+    if(local_logger == NULL)
+	{
+		mesa_runtime_log(RLOG_LV_FATAL, MODULE_NAME, "Create log runtime_log_handle error, init failed!");
+    }
+
 	g_pangu_rt->local_logger = verify->logger;
-	g_pangu_rt->maat[PXY_TABLE_MANIPULATION] = create_maat_feather("static", profile_path, "MAAT", "table_info", g_pangu_rt->thread_num, g_pangu_rt->local_logger);
+	g_pangu_rt->thread_num = verify->nr_work_threads;
+	g_pangu_rt->maat[PXY_TABLE_MANIPULATION] = create_maat_feather("static", profile_path, "MAAT", "table_info", g_pangu_rt->thread_num, local_logger);
 	if (!g_pangu_rt->maat[PXY_TABLE_MANIPULATION])
 	{
 		goto error_out;
@@ -1392,7 +1399,13 @@ int security_policy_init(struct verify_policy * verify, const char* profile_path
 {
 	int ret = -1;

-	g_pangu_rt->maat[PXY_TABLE_SECURITY] = create_maat_feather("static", profile_path, "MAAT", "table_info_tsg", g_pangu_rt->thread_num, g_pangu_rt->local_logger);
+	void *local_logger = MESA_create_runtime_log_handle("security_policy_maat", RLOG_LV_DEBUG);
+    if(local_logger == NULL)
+	{
+		mesa_runtime_log(RLOG_LV_FATAL, MODULE_NAME, "Create log runtime_log_handle error, init failed!");
+    }
+
+	g_pangu_rt->maat[PXY_TABLE_SECURITY] = create_maat_feather("static", profile_path, "MAAT", "table_info_tsg", g_pangu_rt->thread_num, local_logger);
 	if (!g_pangu_rt->maat[PXY_TABLE_SECURITY])
 	{
 		goto error_out;