mirror of
https://gitlab.com/apparmor/apparmor.git
synced 2025-03-04 08:24:42 +01:00
f86fda02f5
The hfa stores next/check transitions in 16 bit fields to reduce memory usage. However this means the state machine can on contain 2^16 states. Allow the next/check tables to be 32 bit. This theoretically could allow for 2^32 states however the base table uses the top 8 bits as flags giving us only 2^24 bits to index into the next/check tables. With most states having at least 1 transition this effectively caps the number of states at 2^24. To obtain 2^32 possible states a flags table needs to be added. Add a skeleton around supporting a flags table, so we can note the remaining work that needs to be done. This patch will only allow for 2^24 states. Bug: https://gitlab.com/apparmor/apparmor/-/issues/419 Signed-off-by: John Johansen <john.johansen@canonical.com>
64 lines
2.2 KiB
C
64 lines
2.2 KiB
C
/*
|
|
* (C) 2006, 2007 Andreas Gruenbacher <agruen@suse.de>
|
|
* Copyright (c) 2003-2008 Novell, Inc. (All rights reserved)
|
|
* Copyright 2009-2012 Canonical Ltd.
|
|
*
|
|
* The libapparmor library is licensed under the terms of the GNU
|
|
* Lesser General Public License, version 2.1. Please see the file
|
|
* COPYING.LGPL.
|
|
*
|
|
* This library is distributed in the hope that it will be useful,
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
* GNU Lesser General Public License for more details.
|
|
*
|
|
* You should have received a copy of the GNU Lesser General Public License
|
|
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
*/
|
|
|
|
#ifndef APPARMOR_RE_H
|
|
#define APPARMOR_RE_H
|
|
|
|
#include "../common_flags.h"
|
|
|
|
#define CONTROL_DFA_EQUIV (1 << 0)
|
|
#define CONTROL_DFA_TREE_NORMAL (1 << 1)
|
|
#define CONTROL_DFA_TREE_SIMPLE (1 << 2)
|
|
#define CONTROL_DFA_TREE_LEFT (1 << 3)
|
|
#define CONTROL_DFA_MINIMIZE (1 << 4)
|
|
#define CONTROL_DFA_FILTER_DENY (1 << 6)
|
|
#define CONTROL_DFA_REMOVE_UNREACHABLE (1 << 7)
|
|
#define CONTROL_DFA_TRANS_HIGH (1 << 8)
|
|
#define CONTROL_DFA_DIFF_ENCODE (1 << 9)
|
|
#define CONTROL_RULE_MERGE (1 << 10)
|
|
#define CONTROL_DFA_STATE32 (1 << 11)
|
|
#define CONTROL_DFA_FLAGS_TABLE (1 << 12)
|
|
|
|
|
|
#define DUMP_DFA_DIFF_PROGRESS (1 << 0)
|
|
#define DUMP_DFA_DIFF_ENCODE (1 << 1)
|
|
#define DUMP_DFA_DIFF_STATS (1 << 2)
|
|
#define DUMP_DFA_MIN_PARTS (1 << 3)
|
|
#define DUMP_DFA_UNIQ_PERMS (1 << 4)
|
|
#define DUMP_DFA_MIN_UNIQ_PERMS (1 << 5)
|
|
#define DUMP_DFA_TREE_STATS (1 << 6)
|
|
#define DUMP_DFA_TREE (1 << 7)
|
|
#define DUMP_DFA_SIMPLE_TREE (1 << 8)
|
|
#define DUMP_DFA_PROGRESS (1 << 9)
|
|
#define DUMP_DFA_STATS (1 << 10)
|
|
#define DUMP_DFA_STATES (1 << 11)
|
|
#define DUMP_DFA_GRAPH (1 << 12)
|
|
#define DUMP_DFA_TRANS_PROGRESS (1 << 13)
|
|
#define DUMP_DFA_TRANS_STATS (1 << 14)
|
|
#define DUMP_DFA_TRANS_TABLE (1 << 15)
|
|
#define DUMP_DFA_EQUIV (1 << 16)
|
|
#define DUMP_DFA_EQUIV_STATS (1 << 17)
|
|
#define DUMP_DFA_MINIMIZE (1 << 18)
|
|
#define DUMP_DFA_UNREACHABLE (1 << 19)
|
|
#define DUMP_DFA_RULE_EXPR (1 << 20)
|
|
#define DUMP_DFA_NODE_TO_DFA (1 << 21)
|
|
#define DUMP_RULE_MERGE (1 << 22)
|
|
#define DUMP_DFA_STATE32 (1 << 23)
|
|
#define DUMP_DFA_FLAGS_TABLE (1 << 24)
|
|
|
|
#endif /* APPARMOR_RE_H */
|