parser: switch backend to perm32_t for permission bits

switch permission bits to use perm32_t type. This is just annotating
the code as it is no different than uint32_t at this time.

We do not convert the accept values as they may be mapped permission
bits or they may be and index value.

Signed-off-by: John Johansen <john.johansen@canonical.com>

parser/libapparmor_re/aare_rules.cc

@@ -44,8 +44,8 @@ aare_rules::~aare_rules(void)
 	expr_map.clear();
 }
 
-bool aare_rules::add_rule(const char *rule, rule_mode_t mode, uint32_t perms,
-			  uint32_t audit, optflags const &opts)
+bool aare_rules::add_rule(const char *rule, rule_mode_t mode, perm32_t perms,
+			  perm32_t audit, optflags const &opts)
 {
 	return add_rule_vec(mode, perms, audit, 1, &rule, opts, false);
 }
@@ -71,7 +71,7 @@ static Node *cat_with_oob_separator(Node *l, Node *r)
 	return new CatNode(new CatNode(l, new CharNode(transchar(-1, true))), r);
 }
 
-bool aare_rules::add_rule_vec(rule_mode_t mode, uint32_t perms, uint32_t audit,
+bool aare_rules::add_rule_vec(rule_mode_t mode, perm32_t perms, perm32_t audit,
 			      int count, const char **rulev, optflags const &opts,
 			      bool oob)
 {

parser/libapparmor_re/aare_rules.h

@@ -109,9 +109,9 @@ class aare_rules {
 	aare_rules(int reverse): root(NULL), unique_perms(), expr_map(), reverse(reverse), rule_count(0) { };
 	~aare_rules();
 
-	bool add_rule(const char *rule, rule_mode_t mode, uint32_t perms,
-		      uint32_t audit, optflags const &opts);
-	bool add_rule_vec(rule_mode_t mode, uint32_t perms, uint32_t audit,
+	bool add_rule(const char *rule, rule_mode_t mode, perm32_t perms,
+		      perm32_t audit, optflags const &opts);
+	bool add_rule_vec(rule_mode_t mode, perm32_t perms, perm32_t audit,
 			  int count, const char **rulev, optflags const &opts,
 			  bool oob);
 	bool append_rule(const char *rule, bool oob, bool with_perm, optflags const &opts);

parser/libapparmor_re/expr-tree.h

@@ -41,6 +41,7 @@
 
 #include <stdint.h>
 
+#include "../perms.h"
 #include "apparmor_re.h"
 
 using namespace std;
@@ -885,19 +886,19 @@ public:
 
 class MatchFlag: public AcceptNode {
 public:
-	MatchFlag(uint32_t flag, uint32_t audit): flag(flag), audit(audit)
+	MatchFlag(perm32_t perms, perm32_t audit): perms(perms), audit(audit)
 	{
 		type_flags |= NODE_TYPE_MATCHFLAG;
 	}
-	ostream &dump(ostream &os) { return os << "< 0x" << hex << flag << '>'; }
+	ostream &dump(ostream &os) { return os << "< 0x" << hex << perms << '>'; }
 
-	uint32_t flag;
-	uint32_t audit;
+	perm32_t perms;
+	perm32_t audit;
 };
 
 class ExactMatchFlag: public MatchFlag {
 public:
-	ExactMatchFlag(uint32_t flag, uint32_t audit): MatchFlag(flag, audit)
+	ExactMatchFlag(perm32_t perms, perm32_t audit): MatchFlag(perms, audit)
 	{
 		type_flags |= NODE_TYPE_EXACTMATCHFLAG;
 	}
@@ -905,7 +906,7 @@ public:
 
 class DenyMatchFlag: public MatchFlag {
 public:
-	DenyMatchFlag(uint32_t flag, uint32_t quiet): MatchFlag(flag, quiet)
+	DenyMatchFlag(perm32_t perms, perm32_t quiet): MatchFlag(perms, quiet)
 	{
 		type_flags |= NODE_TYPE_DENYMATCHFLAG;
 	}
@@ -913,7 +914,7 @@ public:
 
 class PromptMatchFlag: public MatchFlag {
 public:
-	PromptMatchFlag(uint32_t prompt, uint32_t audit): MatchFlag(prompt, audit) {}
+	PromptMatchFlag(perm32_t prompt, perm32_t audit): MatchFlag(prompt, audit) {}
 };
 
 

parser/libapparmor_re/hfa.cc

@@ -1376,7 +1376,7 @@ map<ImportantNode *, AcceptNodes> dominance(DFA & dfa)
 }
 #endif
 
-static inline int diff_qualifiers(uint32_t perm1, uint32_t perm2)
+static inline int diff_qualifiers(perm32_t perm1, perm32_t perm2)
 {
 	return ((perm1 & AA_EXEC_TYPE) && (perm2 & AA_EXEC_TYPE) &&
 		(perm1 & AA_EXEC_TYPE) != (perm2 & AA_EXEC_TYPE));
@@ -1390,9 +1390,9 @@ static inline int diff_qualifiers(uint32_t perm1, uint32_t perm2)
 int accept_perms(NodeVec *state, perms_t &perms, bool filedfa)
 {
 	int error = 0;
-	uint32_t exact_match_allow = 0;
-	uint32_t exact_match_prompt = 0;
-	uint32_t exact_audit = 0;
+	perm32_t exact_match_allow = 0;
+	perm32_t exact_match_prompt = 0;
+	perm32_t exact_audit = 0;
 
 	perms.clear();
 
@@ -1407,20 +1407,20 @@ int accept_perms(NodeVec *state, perms_t &perms, bool filedfa)
 		if (match->is_type(NODE_TYPE_EXACTMATCHFLAG)) {
 			/* exact match only ever happens with x */
 			if (filedfa && !is_merged_x_consistent(exact_match_allow,
-						    match->flag))
+						    match->perms))
 				error = 1;;
-			exact_match_allow |= match->flag;
+			exact_match_allow |= match->perms;
 			exact_audit |= match->audit;
 		} else if (match->is_type(NODE_TYPE_DENYMATCHFLAG)) {
-			perms.deny |= match->flag;
+			perms.deny |= match->perms;
 			perms.quiet |= match->audit;
 		} else if (dynamic_cast<PromptMatchFlag *>(match)) {
-			perms.prompt |= match->flag;
+			perms.prompt |= match->perms;
 			perms.audit |= match->audit;
 		} else {
-			if (filedfa && !is_merged_x_consistent(perms.allow, match->flag))
+			if (filedfa && !is_merged_x_consistent(perms.allow, match->perms))
 				error = 1;
-			perms.allow |= match->flag;
+			perms.allow |= match->perms;
 			perms.audit |= match->audit;
 		}
 	}

parser/libapparmor_re/hfa.h

@@ -142,7 +142,7 @@ public:
 		return quiet < rhs.quiet;
 	}
 
-	uint32_t allow, deny, prompt, audit, quiet, exact;
+	perm32_t allow, deny, prompt, audit, quiet, exact;
 };
 
 int accept_perms(NodeVec *state, perms_t &perms, bool filedfa);
@@ -260,8 +260,8 @@ public:
 	void flatten_relative(State *, int upper_bound);
 
 	int apply_and_clear_deny(void) { return perms.apply_and_clear_deny(); }
-	void map_perms_to_accept(uint32_t &accept1, uint32_t &accept2,
-				 uint32_t &accept3, bool prompt)
+	void map_perms_to_accept(perm32_t &accept1, perm32_t &accept2,
+				 perm32_t &accept3, bool prompt)
 	{
 		accept1 = perms.allow;
 		if (prompt && prompt_compat_mode == PROMPT_COMPAT_DEV)