From 2be46bbabcb5f06b76d3dbf7ae130122b3bcf8e2 Mon Sep 17 00:00:00 2001 From: John Johansen Date: Fri, 10 Jul 2015 18:11:28 -0700 Subject: [PATCH] Fix @{profile_name} variable to not be a fqname The @{profile_name} is incorrectly expanded as a fully qualified path including its namespace if one was specified in the profile declaration. ie. profile :ns://a { ptrace @{profile_name}, # expands to # ptrace :ns://a, } This is wrong however because within a profile if a rule refers to a namespace it will be wrt a sub-namespace. That is in the above example the ptrace rule is refering to a profile in a subnamespace "ns". Or from the current profile declaration scope :ns//ns://a Instead @{profile_name} should expand into the hname (hierarchical name), which is the profile hierarchy specification within the namespace the profile is part of. In this case a or for a child profile case profile :ns://a { profile b { ptrace @{profile_name}, } } the hname expansion would be a//b Signed-off-by: John Johansen Acked-by: Steve Beattie --- parser/parser_variable.c | 2 +- parser/tst/equality.sh | 24 ++++++++++++++++++++++++ 2 files changed, 25 insertions(+), 1 deletion(-) diff --git a/parser/parser_variable.c b/parser/parser_variable.c index 7250c0be9..d8f77f3b1 100644 --- a/parser/parser_variable.c +++ b/parser/parser_variable.c @@ -297,7 +297,7 @@ int process_profile_variables(Profile *prof) error = process_variables_in_name(*prof); if (!error) - error = new_set_var(PROFILE_NAME_VARIABLE, prof->get_name(true).c_str()); + error = new_set_var(PROFILE_NAME_VARIABLE, prof->get_name(false).c_str()); if (!error) error = process_variables_in_entries(prof->entries); diff --git a/parser/tst/equality.sh b/parser/tst/equality.sh index 3beed2743..723c06d48 100755 --- a/parser/tst/equality.sh +++ b/parser/tst/equality.sh @@ -464,6 +464,30 @@ verify_binary_equality "change_profile == change_profile -> **" \ "/t { change_profile /**, }" \ "/t { change_profile /** -> **, }" +verify_binary_equality "profile name is hname in rule" \ + ":ns:/hname { signal peer=/hname, }" \ + ":ns:/hname { signal peer=@{profile_name}, }" + +verify_binary_inequality "profile name is NOT fq name in rule" \ + ":ns:/hname { signal peer=:ns:/hname, }" \ + ":ns:/hname { signal peer=@{profile_name}, }" + +verify_binary_equality "profile name is hname in sub pofile rule" \ + ":ns:/hname { profile child { signal peer=/hname//child, } }" \ + ":ns:/hname { profile child { signal peer=@{profile_name}, } }" + +verify_binary_inequality "profile name is NOT fq name in sub profile rule" \ + ":ns:/hname { profile child { signal peer=:ns:/hname//child, } }" \ + ":ns:/hname { profile child { signal peer=@{profile_name}, } }" + +verify_binary_equality "profile name is hname in hat rule" \ + ":ns:/hname { ^child { signal peer=/hname//child, } }" \ + ":ns:/hname { ^child { signal peer=@{profile_name}, } }" + +verify_binary_inequality "profile name is NOT fq name in hat rule" \ + ":ns:/hname { ^child { signal peer=:ns:/hname//child, } }" \ + ":ns:/hname { ^child { signal peer=@{profile_name}, } }" + if [ $fails -ne 0 -o $errors -ne 0 ] then printf "ERRORS: %d\nFAILS: %d\n" $errors $fails 2>&1