Date: Tue, 26 Jun 2007 11:30:09 GMT From: Zhouyi ZHOU <zhouzhouyi@FreeBSD.org> To: Perforce Change Reviews <perforce@FreeBSD.org> Subject: PERFORCE change 122338 for review Message-ID: <200706261130.l5QBU9bP031348@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=122338 Change 122338 by zhouzhouyi@zhouzhouyi_mactest on 2007/06/26 11:29:35 MAC hook matching program. look at mactest.conf and try ./mactest open mactestparser.y O_RDONLY Affected files ... .. //depot/projects/soc2007/zhouzhouyi_mactest_soc/regression/mactest/Makefile#2 edit .. //depot/projects/soc2007/zhouzhouyi_mactest_soc/regression/mactest/mactest.c#2 edit .. //depot/projects/soc2007/zhouzhouyi_mactest_soc/regression/mactest/mactest.conf#1 add .. //depot/projects/soc2007/zhouzhouyi_mactest_soc/regression/mactest/mactest.h#1 add .. //depot/projects/soc2007/zhouzhouyi_mactest_soc/regression/mactest/mactestparser.tab.c#1 add .. //depot/projects/soc2007/zhouzhouyi_mactest_soc/regression/mactest/mactestparser.y#2 edit Differences ... ==== //depot/projects/soc2007/zhouzhouyi_mactest_soc/regression/mactest/Makefile#2 (text+ko) ==== @@ -6,10 +6,14 @@ #CFLAGS+=-DHAS_TRUNCATE64 #CFLAGS+=-DHAS_STAT64 -all: macproc +all: macproc mactest macproc: macproc.c gcc -Wall ${CFLAGS} macproc.c -o macproc -lutil +mactest: mactest.c mactestparser.tab.c + gcc ${CFLAGS} mactest.c mactestparser.tab.c -o mactest + clean: rm -f macproc + rm -f mactest ==== //depot/projects/soc2007/zhouzhouyi_mactest_soc/regression/mactest/mactest.c#2 (text+ko) ==== @@ -31,7 +31,9 @@ #include <sys/cdefs.h> #include <sys/param.h> #include <sys/stat.h> +#include <sys/types.h> #include <sys/mac.h> +#include <sys/wait.h> #include <stdio.h> #include <stdlib.h> #include <unistd.h> @@ -42,6 +44,7 @@ #include <errno.h> #include <assert.h> #include <signal.h> +#include "mactest.h" #ifndef HAS_TRUNCATE64 #define truncate64 truncate @@ -224,7 +227,7 @@ usage(void) { - fprintf(stderr, "usage: mactest [-m label_string] syscall args ...\n"); + fprintf(stderr, "usage: mactest -m label_string syscall args ...\n"); exit(1); } @@ -380,14 +383,12 @@ if (argv[i] == NULL || strcmp(argv[i], ":") == 0) break; fprintf(stderr, "too many arguments [%s]\n", argv[i]); - kill(getppid(),SIGUSER1); exit(1); } else { if (argv[i] == NULL || strcmp(argv[i], ":") == 0) { if (scall->sd_args[i] & TYPE_OPTIONAL) break; fprintf(stderr, "too few arguments\n"); - kill(getppid(),SIGUSER1); exit(1); } if (scall->sd_args[i] & TYPE_STRING) { @@ -401,7 +402,6 @@ args[i].num = strtoll(argv[i], &endp, 0); if (*endp != '\0' && !isspace((unsigned char)*endp)) { fprintf(stderr, "invalid argument %u, number expected [%s]\n", i, endp); - kill(getppid(),SIGUSER1); exit(1); } } @@ -421,14 +421,12 @@ if (flags & O_CREAT) { if (i == 2) { fprintf(stderr, "too few arguments\n"); - kill(getppid(),SIGUSER1); exit(1); } rval = open(STR(0), flags, (mode_t)NUM(2)); } else { if (i == 3) { fprintf(stderr, "too many arguments\n"); - kill(getppid(),SIGUSER1); exit(1); } rval = open(STR(0), flags); @@ -513,19 +511,46 @@ serrno = err2str(errno); fprintf(stderr, "%s returned %d\n", scall->sd_name, rval); printf("%s\n", serrno); - kill(getppid(),SIGUSER1); exit(1); } printf("0\n"); return (i); } -static int waitforsig = 1; +static volatile int waitforsig = 1; static void sig_usr(int signo){ waitforsig = 0; - printf("sig_usr got called %d!\n",getpid()); +} + + +int modes_or_flags_compare(struct modes_or_flags * mf1, struct modes_or_flags *mf2){ + while (mf1) { + if (!mf2) + return 1; + if (strcmp(mf1->modflagname, mf2->modflagname)) + return 1; + mf1 = mf1->next; + mf2 = mf2->next; + } + if (mf2) + return 1; + return 0; +} + +int labelstrings_compare(struct labelstrings *ls1, struct labelstrings *ls2){ + while (ls1) { + if (!ls2) + return 1; + if (strcmp(ls1->labelstring, ls2->labelstring)) + return 1; + ls1 = ls1->next; + ls2 = ls2->next; + } + if (ls2) + return 1; + return 0; } int @@ -539,7 +564,7 @@ int mactestpipefd, logfd; char buf[2048]; int ch; - int fd[2]; + while ((ch = getopt(argc, argv, "m:")) != -1) { @@ -554,12 +579,11 @@ argc -= optind; argv += optind; - if (argc < 1) { + if (argc < 2) { fprintf(stderr, "too few arguments\n"); usage(); } - pipe(fd); if ((pid = fork()) == 0){ signal(SIGUSER1, sig_usr); @@ -570,7 +594,6 @@ if (label_string != NULL) { if (mac_from_text(&label, label_string) == -1) { - kill(getppid(),SIGUSER1); exit(-1); } @@ -581,7 +604,6 @@ mac_free(label); if (error != 0){ - kill(getppid(),SIGUSER1); exit(-1); } } @@ -591,7 +613,6 @@ scall = find_syscall(argv[0]); if (scall == NULL) { fprintf(stderr, "syscall '%s' not supported\n", argv[0]); - kill(getppid(),SIGUSER1); exit(1); } argc++; @@ -604,16 +625,11 @@ argc++; argv++; } + exit(1); - kill(getppid(),SIGUSER1); } else { - int i = 0; - int off; - struct stat sbuf; - static size_t bsize, nw; - signal(SIGUSR1, sig_usr); - printf("parent id = %d\n", getpid()); + logfd = open("/dev/mactest",O_RDWR); ioctl(logfd, BEGINLOG, NULL); kill(pid, SIGUSER1); @@ -621,6 +637,98 @@ close(logfd); } + + /* compare the configuration file and parse result */ + { + + struct mactestlog_record *record_from_log, *record_from_conf; + if ((inputfile = fopen("/var/log/mactest", "r")) < 0){ + fprintf(stderr,"/var/log/mactest do not exists!\n"); + exit(1); + } + + yyparse(); + fclose(inputfile); + record_from_log = mactestlog_record_chain; + if ((inputfile = fopen("mactest.conf", "r")) == NULL){ + fprintf(stderr, "mactest.conf do not exists!\n"); + exit(1); + } + + mactestlog_record_chain = 0; + yyparse(); + fclose(inputfile); + record_from_conf = mactestlog_record_chain; + + /* See if record_from_conf is contained in record_from_log */ + /* pid == -1 means matching the running pid */ + while (record_from_conf) { + struct mactestlog_record * iterator = record_from_log; + while (iterator) { + if (!(((record_from_conf->pid == -1)&& iterator->pid == pid)|| + record_from_conf->pid == iterator->pid)){ + iterator = iterator->next; + continue; + } + if (strcmp(record_from_conf->machookname, iterator->machookname)) + { + iterator = iterator->next; + continue; + } + if (modes_or_flags_compare(record_from_conf->modes_or_flags, + iterator->modes_or_flags)){ + iterator = iterator->next; + continue; + } + if (labelstrings_compare(record_from_conf->labelstrings, + iterator->labelstrings)){ + iterator = iterator->next; + continue; + } + break; + } + if (iterator) + record_from_conf = record_from_conf->next; + else{ + fprintf(stderr, "missing ...\n"); + struct modes_or_flags *iterator1, *tmp1; + struct labelstrings *iterator2, *tmp2; + + fprintf(stderr, "pid = %d ", record_from_conf->pid); + fprintf(stderr, "hookname: %s\n", record_from_conf->machookname); + + iterator1 = record_from_conf->modes_or_flags; + if (iterator1) { + while (iterator1) { + tmp1 = iterator1; + iterator1 = iterator1->next; + } + fprintf(stderr, " with modes or flags:"); + while (tmp1) { + fprintf(stderr, " %s", tmp1->modflagname); + tmp1 = tmp1->prev; + } + fprintf(stderr, "\n"); + } + + iterator2 = record_from_conf->labelstrings; + if (iterator2) { + while (iterator2) { + tmp2 = iterator2; + iterator2 = iterator2->next; + } + fprintf(stderr, " with labels:"); + while (tmp2) { + fprintf(stderr, " %s", tmp2->labelstring); + tmp2 = tmp2->prev; + } + fprintf(stderr, "\n"); + } + exit(1); + } + } + } + exit(0); } ==== //depot/projects/soc2007/zhouzhouyi_mactest_soc/regression/mactest/mactestparser.y#2 (text+ko) ==== @@ -9,37 +9,16 @@ #include <unistd.h> #include <fcntl.h> #include <openssl/md5.h> + #include "mactest.h" void yyerror (const char *); - struct modes_or_flags { - struct modes_or_flags * next; - struct modes_or_flags * prev; - char * modflagname; - }; - - struct labelstrings { - struct labelstrings * next; - struct labelstrings * prev; - char * labelstring; - }; - - struct mactestpipe_record - { - struct mactestpipe_record * next; - struct mactestpipe_record * prev; - int pid; - char * machookname; - struct modes_or_flags * modes_or_flags; - struct labelstrings * labelstrings; - }; - - struct mactestpipe_record *mactestpipe_record_chain = 0; + struct mactestlog_record *mactestlog_record_chain = 0; struct labelstrings *labelstring_chain = 0; struct modes_or_flags *modorflag_chain = 0; - void inserttail_mactestpipe_record_chain(struct mactestpipe_record *); + void inserttail_mactestlog_record_chain(struct mactestlog_record *); - struct mactestpipe_record *new_mactestpipe_record(char *, int); + struct mactestlog_record *new_mactestlog_record(char *, int); void new_labelstrings(char *); void new_modes_or_flags(char *); @@ -51,7 +30,7 @@ %start program -%union {long itype; char * namestring; struct mactestpipe_record * mtpipetype; +%union {long itype; char * namestring; struct mactestlog_record * mtpipetype; struct labelstrings * lstype; struct modes_or_flags * mftype;}; %token PID @@ -60,8 +39,8 @@ %token MAC_TEST %type <namestring> identifier %type <namestring> mac_test -%type <mtpipetype> mactestpipe_records -%type <mtpipetype> mactestpipe_record +%type <mtpipetype> mactestlog_records +%type <mtpipetype> mactestlog_record %type <namestring> hook_elements %type <itype> label_elements %type <itype> modflag_elements @@ -72,22 +51,22 @@ program: - |mactestpipe_records + |mactestlog_records ; -mactestpipe_records: - mactestpipe_record {inserttail_mactestpipe_record_chain($1);} - |mactestpipe_records mactestpipe_record {inserttail_mactestpipe_record_chain($2);} - |mactestpipe_records error +mactestlog_records: + mactestlog_record {inserttail_mactestlog_record_chain($1);} + |mactestlog_records mactestlog_record {inserttail_mactestlog_record_chain($2);} + |mactestlog_records error ; -mactestpipe_record: - PID '=' pid hook_elements '\n' {$$ = new_mactestpipe_record(strdup($4), $3);} +mactestlog_record: + PID '=' pid hook_elements '\n' {$$ = new_mactestlog_record(strdup($4), $3);} |PID '=' pid hook_elements label_elements '\n' { - $$ = new_mactestpipe_record(stringsave, $3);stringsave = 0;} + $$ = new_mactestlog_record(stringsave, $3);stringsave = 0;} |PID '=' pid hook_elements modflag_and_label_elements '\n' { - $$ = new_mactestpipe_record(stringsave, $3);stringsave = 0;} + $$ = new_mactestlog_record(stringsave, $3);stringsave = 0;} |'\n' {$$ = 0;} ; @@ -131,27 +110,33 @@ yylex (void) { - int c; + int c,c1; char buf[1024]; int i; /* Skip white space. */ - while ((c = getchar ()) == ' ' || c == '\t' /*|| c == '\n'*/) + while ((c = fgetc (inputfile)) == ' ' || c == '\t' /*|| c == '\n'*/) if (c == '\n'){ // yylloc.first_line = line; line ++; } - + if (c == '-' && ((c1 = fgetc(inputfile)) == '.' || isdigit(c1))){ + ungetc(c1, inputfile); + ungetc(c, inputfile); + fscanf (inputfile, "%d", &yylval.itype); + return NUM; + } + if (c == '.' || isdigit (c)){ - ungetc (c, stdin); - scanf ("%d", &yylval.itype); + ungetc (c, inputfile); + fscanf (inputfile, "%d", &yylval.itype); return NUM; } if (c == '"') { i = 0; - while ((c = getchar()) != '"') { + while ((c = fgetc(inputfile)) != '"') { if (c == EOF) { printf("beginning \"expecting ending \"!\n"); exit(1); @@ -179,7 +164,7 @@ i = 0; buf[i] = c; - while ((c = getchar()) != ' ' && c != '\t' && c != '\n' && c!= EOF && c !=':' + while ((c = fgetc(inputfile)) != ' ' && c != '\t' && c != '\n' && c!= EOF && c !=':' && c != '#') { @@ -192,22 +177,22 @@ // i++; // buf[i] = c; // yylloc.first_line = line; - ungetc (c,stdin); + ungetc (c,inputfile); line ++; } buf[++i] = 0; if (c == EOF){ - ungetc (c,stdin); + ungetc (c,inputfile); } if (c == ':'){ - ungetc (c,stdin); + ungetc (c,inputfile); } if (c == '#'){ - ungetc (c,stdin); + ungetc (c,inputfile); } yylval.namestring = buf; @@ -236,7 +221,7 @@ { struct labelstrings * new = malloc(sizeof (struct labelstrings)); - struct labelstrings * tmp; +/* struct labelstrings * tmp;*/ new->labelstring = labelstring; new->next = 0; new->prev = 0; @@ -272,9 +257,9 @@ } -struct mactestpipe_record *new_mactestpipe_record(char * hookname, int pid) +struct mactestlog_record *new_mactestlog_record(char * hookname, int pid) { - struct mactestpipe_record *new = malloc(sizeof(struct mactestpipe_record)); + struct mactestlog_record *new = malloc(sizeof(struct mactestlog_record)); new->machookname = hookname; new->pid = pid; new->modes_or_flags = modorflag_chain; @@ -286,30 +271,32 @@ return new; } -void inserttail_mactestpipe_record_chain(struct mactestpipe_record *new) +void inserttail_mactestlog_record_chain(struct mactestlog_record *new) { if (new == 0) return; - if (mactestpipe_record_chain == 0){ - mactestpipe_record_chain = new; + if (mactestlog_record_chain == 0){ + mactestlog_record_chain = new; return; } - new->next = mactestpipe_record_chain; - mactestpipe_record_chain->prev = new; - mactestpipe_record_chain = new; + new->next = mactestlog_record_chain; + mactestlog_record_chain->prev = new; + mactestlog_record_chain = new; return; } + +/* int main (int argc, char *argv[]) { int fd, record = 0; - struct mactestpipe_record *iterator, *tmp; + struct mactestlog_record *iterator, *tmp; if (argc != 2){ - printf("Usage: mactestpipeparser filename\n"); + printf("Usage: mactestlogparser filename\n"); return; } @@ -321,7 +308,7 @@ dup2(fd,0); yyparse (); - iterator = mactestpipe_record_chain; + iterator = mactestlog_record_chain; while (iterator) { tmp = iterator; @@ -371,3 +358,4 @@ return 0; } +*/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200706261130.l5QBU9bP031348>