From b061155c9a07e3cd21aa1e9ee950eba3afda595d Mon Sep 17 00:00:00 2001 From: John Johansen Date: Sun, 19 Sep 2021 00:59:45 -0700 Subject: [PATCH] parser: add flags to rule_t In preparation for file rules and rule duplication removal add flags to rule_t with the first flag indicating if the rule is deleted. We do this instead of actually deleting the rule so we can hold on to the rule for debug and printing output in the future. Signed-off-by: John Johansen --- parser/parser_regex.c | 2 ++ parser/parser_variable.c | 4 +++- parser/profile.cc | 5 ++++- parser/rule.h | 12 +++++++++++- 4 files changed, 20 insertions(+), 3 deletions(-) diff --git a/parser/parser_regex.c b/parser/parser_regex.c index fa3b42ad7..f5df1635d 100644 --- a/parser/parser_regex.c +++ b/parser/parser_regex.c @@ -843,6 +843,8 @@ int clear_and_convert_entry(std::string& buffer, char *entry) int post_process_policydb_ents(Profile *prof) { for (RuleList::iterator i = prof->rule_ents.begin(); i != prof->rule_ents.end(); i++) { + if ((*i)->flags & RULE_FLAG_DELETED) + continue; if ((*i)->gen_policy_re(*prof) == RULE_ERROR) return FALSE; } diff --git a/parser/parser_variable.c b/parser/parser_variable.c index 3665fe773..15978538b 100644 --- a/parser/parser_variable.c +++ b/parser/parser_variable.c @@ -267,7 +267,9 @@ static int process_variables_in_entries(struct cod_entry *entry_list) static int process_variables_in_rules(Profile &prof) { for (RuleList::iterator i = prof.rule_ents.begin(); i != prof.rule_ents.end(); i++) { - int error = (*i)->expand_variables(); + if ((*i)->flags & RULE_FLAG_DELETED) + continue; + int error = (*i)->expand_variables(); if (error) return error; } diff --git a/parser/profile.cc b/parser/profile.cc index 79095d1d8..54ca6b9b5 100644 --- a/parser/profile.cc +++ b/parser/profile.cc @@ -280,8 +280,11 @@ void post_process_file_entries(Profile *prof) void post_process_rule_entries(Profile *prof) { - for (RuleList::iterator i = prof->rule_ents.begin(); i != prof->rule_ents.end(); i++) + for (RuleList::iterator i = prof->rule_ents.begin(); i != prof->rule_ents.end(); i++) { + if ((*i)->flags & RULE_FLAG_DELETED) + continue; (*i)->post_parse_profile(*prof); + } } diff --git a/parser/rule.h b/parser/rule.h index 053dfeb8e..5a59af9ad 100644 --- a/parser/rule.h +++ b/parser/rule.h @@ -38,11 +38,21 @@ class Profile; #define RULE_TYPE_CLASS 3 +typedef enum { RULE_FLAG_NONE = 0, + RULE_FLAG_DELETED = 1, // rule deleted - skip + RULE_FLAG_MERGED = 2, // rule merged with another rule + RULE_FLAG_EXPANDED = 4, // variable expanded + RULE_FLAG_SUB = 8, // rule expanded to subrule(s) + RULE_FLAG_IMPLIED = 16, // rule not specified in policy but + // added because it is implied +} rule_flags_t; + class rule_t { public: int rule_type; + rule_flags_t flags; - rule_t(int t): rule_type(t) { } + rule_t(int t): rule_type(t), flags(RULE_FLAG_NONE) { } virtual ~rule_t() { }; bool is_type(int type) { return rule_type == type; }