Apply modified rule presentation logic to audit-trail rule capis

Change-Id: I11ff9dbd46be5ad982f143b7a044679a023fc395
Signed-off-by: seolheui kim <s414.kim@samsung.com>

diff --git a/common/CMakeLists.txt b/common/CMakeLists.txt
index b943b36de2c64146860a615ddd044f8355c0c928..a5a1d4430608a32b8df7a6268fc7ff40f690f1e5 100644 (file)
--- a/common/CMakeLists.txt
+++ b/common/CMakeLists.txt
@@ -30,6 +30,6 @@ ADD_LIBRARY(${PROJECT_NAME}-common STATIC ${COMMON_SRCS})
 
 PKG_CHECK_MODULES(COMMON_DEPS REQUIRED ${DEPENDENCY})
 
-INCLUDE_DIRECTORIES(SYSTEM ${COMMON_DEPS_INCLUDE_DIRS} ${AUDIT_TRAIL_COMMON})
+INCLUDE_DIRECTORIES(SYSTEM ${COMMON_DEPS_INCLUDE_DIRS} ${AUDIT_TRAIL_COMMON} ${AUDIT_TRAIL_LIB})
 
 TARGET_LINK_LIBRARIES(${COMMON_NAME} ${COMMON_DEPS_LIBRARIES})

diff --git a/common/audit/audit.cpp b/common/audit/audit.cpp
index 14c138f2795593289ec7065d04a79ed446528f8e..d3d241968a10d4593de430443fc99e70776c1643 100644 (file)
--- a/common/audit/audit.cpp
+++ b/common/audit/audit.cpp
@@ -90,9 +90,9 @@ int Audit::isEnabled()
        return ret;
 }
 
-std::vector<AuditRule> Audit::getRules()
+std::vector<Rule> Audit::getRules()
 {
-       std::vector<AuditRule> ret;
+       std::vector<Rule> ret;
 
        std::lock_guard<std::mutex> lock(nlLock);
        nl.send(AUDIT_LIST_RULES, std::vector<char>());
@@ -104,7 +104,7 @@ std::vector<AuditRule> Audit::getRules()
                case NLMSG_DONE:
                        break;
                case AUDIT_LIST_RULES:
-                       ret.push_back(msg.second);
+                       ret.emplace_back(msg.second);
                default:
                        continue;
                }
@@ -114,14 +114,14 @@ std::vector<AuditRule> Audit::getRules()
        return ret;
 }
 
-void Audit::addRule(const AuditRule& rule)
+void Audit::addRule(const std::vector<char> &rule)
 {
        std::lock_guard<std::mutex> lock(nlLock);
-       nl.send(AUDIT_ADD_RULE, rule.data());
+       nl.send(AUDIT_ADD_RULE, rule);
 }
 
-void Audit::removeRule(const AuditRule& rule)
+void Audit::removeRule(const std::vector<char> &rule)
 {
        std::lock_guard<std::mutex> lock(nlLock);
-       nl.send(AUDIT_DEL_RULE, rule.data());
+       nl.send(AUDIT_DEL_RULE, rule);
 }

diff --git a/common/audit/audit.h b/common/audit/audit.h
index b1328578b3561353d357662c49435de0c8cff729..9f52b42d5eab85fe86ff155e14fc2369908fca14 100644 (file)
--- a/common/audit/audit.h
+++ b/common/audit/audit.h
@@ -22,7 +22,7 @@
 
 #include <klay/netlink/netlink.h>
 
-#include "audit/audit-rule.h"
+#include "audit-rule/rule.h"
 
 class Audit final {
 public:
@@ -37,9 +37,9 @@ public:
        void setEnabled(int enabled);
        int isEnabled();
 
-       std::vector<AuditRule> getRules();
-       void addRule(const AuditRule& rule);
-       void removeRule(const AuditRule& rule);
+       std::vector<Rule> getRules();
+       void addRule(const std::vector<char> &rule);
+       void removeRule(const std::vector<char> &rule);
 
        int getFd()
        {

diff --git a/lib/CMakeLists.txt b/lib/CMakeLists.txt
index b70dc270847d82927f78af4c07b4f57dc771bfc6..510d04d76785a8f4259ae3e993c6d19e08d0bf43 100755 (executable)
--- a/lib/CMakeLists.txt
+++ b/lib/CMakeLists.txt
@@ -50,7 +50,7 @@ TARGET_COMPILE_DEFINITIONS(${PROJECT_NAME} PRIVATE
 )
 
 INCLUDE_DIRECTORIES(SYSTEM ${LIBS_DEPS_INCLUDE_DIRS} ${AUDIT_TRAIL_LIB} ${AUDIT_TRAIL_COMMON} ${PROJECT_SOURCE_DIR})
-TARGET_LINK_LIBRARIES(${PROJECT_NAME} ${LIBS_DEPS_LIBRARIES} ${PROJECT_NAME}-common pthread)
+TARGET_LINK_LIBRARIES(${PROJECT_NAME} ${LIBS_DEPS_LIBRARIES} ${PROJECT_NAME}-common pthread audit-rule)
 
 CONFIGURE_FILE(${PC_FILE}.in ${CMAKE_BINARY_DIR}/${PC_FILE} @ONLY)
 

diff --git a/lib/audit-rule/field.h b/lib/audit-rule/field.h
index 5e0c707e4c82887752251bd1e84577bcf1f8121c..11d1336f1d1d002d7fdcb730dfdcc0fa9a7d3ce2 100644 (file)
--- a/lib/audit-rule/field.h
+++ b/lib/audit-rule/field.h
@@ -19,6 +19,7 @@
 
 #include <linux/audit.h>
 #include <vector>
+#include <type_traits>
 
 #define INT_FIELD(name) \
 class name : public Field<int> { \
@@ -76,6 +77,14 @@ class FieldBase {
 public:
        virtual void emit(std::vector<char> &rule) const = 0;
        virtual unsigned int type() const = 0;
+
+       static bool isString(unsigned int type)
+       {
+               FieldType ftype = static_cast<FieldType>(type);
+               return (ftype == FieldType::Tag) ||
+                       (ftype == FieldType::WatchPath) ||
+                       (ftype == FieldType::Arch);
+       }
 };
 
 template <typename T>
@@ -92,6 +101,8 @@ public:
        Field(unsigned int type, unsigned int op, T value)
                : _type(type), _op(op), _value(value)
        {
+               if (FieldBase::isString(type) && std::is_same<int, T>::value)
+                       throw runtime::Exception("Wrong field value type");
        }
        virtual ~Field()
        {

diff --git a/lib/audit-rule/rule.cpp b/lib/audit-rule/rule.cpp
index a95523e7dd417efdeea7801988836e30e9dcf53b..d7fecb6fa32179a5d3d6068a8e5ae7dbdffdd3eb 100644 (file)
--- a/lib/audit-rule/rule.cpp
+++ b/lib/audit-rule/rule.cpp
@@ -116,14 +116,6 @@ std::vector<unsigned int> Rule::getMask()
        return ret;
 }
 
-bool Rule::isStringField(unsigned int type) const
-{
-       FieldType ftype = static_cast<FieldType>(type);
-       return (ftype == FieldType::WatchPath) ||
-               (ftype == FieldType::Tag) ||
-               (ftype == FieldType::Arch);
-}
-
 void Rule::setComponents(const std::vector<char> &rule)
 {
        std::vector<char> bufdata(rule);
@@ -138,7 +130,7 @@ void Rule::setComponents(const std::vector<char> &rule)
        }
 
        for (unsigned int i = 0; i < r->field_count; i++) {
-               if (isStringField(r->fields[i])) {
+               if (FieldBase::isString(r->fields[i])) {
                        std::string value(ruleBuf, ruleBuf + r->values[i]);
                        conditions[r->fields[i]].reset(new Field<std::string>(r->fields[i], r->fieldflags[i], value));
                        ruleBuf += r->values[i];

diff --git a/lib/audit-rule/rule.h b/lib/audit-rule/rule.h
index 28a30a4d9239269b1eb0da323cefff9e62341b48..ee0f43d62820f731e3d1891779ee6c1d85f71254 100644 (file)
--- a/lib/audit-rule/rule.h
+++ b/lib/audit-rule/rule.h
@@ -110,8 +110,6 @@ private:
        {
                return reinterpret_cast<RuleData*>(buf.data());
        }
-
-       bool isStringField(unsigned int type) const;
        void setComponents(const std::vector<char> &rule);
 private:
        RuleType _type;

diff --git a/lib/audit-trail/rule.cpp b/lib/audit-trail/rule.cpp
index e52749391b697f559803cf588370fb5be50e6022..107ea6c1e2177c76a85179e664bed5216498057d 100644 (file)
--- a/lib/audit-trail/rule.cpp
+++ b/lib/audit-trail/rule.cpp
@@ -19,21 +19,21 @@
 #include "rule.h"
 
 #include "client.h"
-#include "audit/audit-rule.h"
+#include "audit-rule/rule.h"
 
 #include "rmi/rule-management.h"
 
 using namespace AuditTrail;
 
-static inline AuditRule& GetAuditRule(void* handle)
+static inline Rule& GetAuditRule(void* handle)
 {
-    return *reinterpret_cast<AuditRule*>(handle);
+    return *reinterpret_cast<Rule*>(handle);
 }
 
 int audit_rule_create(audit_rule_h* handle)
 {
        RET_ON_FAILURE(handle, AUDIT_TRAIL_ERROR_INVALID_PARAMETER);
-       *handle = reinterpret_cast<audit_rule_h>(new AuditRule());
+       *handle = reinterpret_cast<audit_rule_h>(new Rule());
 
        return AUDIT_TRAIL_ERROR_NONE;
 }
@@ -51,7 +51,7 @@ int audit_rule_add_systemcall(audit_rule_h handle, unsigned int syscall)
 {
        RET_ON_FAILURE(handle, AUDIT_TRAIL_ERROR_INVALID_PARAMETER);
 
-       GetAuditRule(handle).addSystemcall(syscall);
+       GetAuditRule(handle).setMask(syscall);
 
        return AUDIT_TRAIL_ERROR_NONE;
 }
@@ -60,7 +60,7 @@ int audit_rule_remove_systemcall(audit_rule_h handle, unsigned int syscall)
 {
        RET_ON_FAILURE(handle, AUDIT_TRAIL_ERROR_INVALID_PARAMETER);
 
-       GetAuditRule(handle).removeSystemcall(syscall);
+       GetAuditRule(handle).unsetMask(syscall);
 
        return AUDIT_TRAIL_ERROR_NONE;
 }
@@ -69,7 +69,7 @@ int audit_rule_add_all_systemcalls(audit_rule_h handle)
 {
        RET_ON_FAILURE(handle, AUDIT_TRAIL_ERROR_INVALID_PARAMETER);
 
-       GetAuditRule(handle).addAllSystemcalls();
+       GetAuditRule(handle).setMask();
 
        return AUDIT_TRAIL_ERROR_NONE;
 }
@@ -78,7 +78,7 @@ int audit_rule_remove_all_systemcall(audit_rule_h handle)
 {
        RET_ON_FAILURE(handle, AUDIT_TRAIL_ERROR_INVALID_PARAMETER);
 
-       GetAuditRule(handle).removeAllSystemcalls();
+       GetAuditRule(handle).unsetMask();
 
        return AUDIT_TRAIL_ERROR_NONE;
 }
@@ -89,12 +89,12 @@ int audit_rule_add_condition(audit_rule_h handle, unsigned int field,
        RET_ON_FAILURE(handle, AUDIT_TRAIL_ERROR_INVALID_PARAMETER);
 
        try {
-               GetAuditRule(handle).addCondition({field, op, (int)(intptr_t)value});
+               GetAuditRule(handle).setCondition(Field<int>{field, op, (int)(intptr_t)value});
                return AUDIT_TRAIL_ERROR_NONE;
        } catch (std::exception &e) {}
 
        try {
-               GetAuditRule(handle).addCondition({field, op, (char *)value});
+               GetAuditRule(handle).setCondition(Field<std::string>{field, op, (char *)value});
                return AUDIT_TRAIL_ERROR_NONE;
        } catch (std::exception &e) {}
 
@@ -107,12 +107,12 @@ int audit_rule_remove_condition(audit_rule_h handle, unsigned int field,
        RET_ON_FAILURE(handle, AUDIT_TRAIL_ERROR_INVALID_PARAMETER);
 
        try {
-               GetAuditRule(handle).addCondition({field, op, (int)(intptr_t)value});
+               GetAuditRule(handle).unsetCondition(Field<int>{field, op, (int)(intptr_t)value});
                return AUDIT_TRAIL_ERROR_NONE;
        } catch (std::exception &e) {}
 
        try {
-               GetAuditRule(handle).addCondition({field, op, (char *)value});
+               GetAuditRule(handle).unsetCondition(Field<std::string>{field, op, (char *)value});
                return AUDIT_TRAIL_ERROR_NONE;
        } catch (std::exception &e) {}
 
@@ -126,7 +126,7 @@ int audit_rule_foreach_systemcall(audit_rule_h handle,
        RET_ON_FAILURE(handle, AUDIT_TRAIL_ERROR_INVALID_PARAMETER);
        RET_ON_FAILURE(callback, AUDIT_TRAIL_ERROR_INVALID_PARAMETER);
 
-       auto syscalls = GetAuditRule(handle).getSystemcalls();
+       auto syscalls = GetAuditRule(handle).getMask();
        for (auto syscall : syscalls) {
                callback(syscall, user_data);
        }
@@ -141,19 +141,22 @@ int audit_rule_foreach_condition(audit_rule_h handle,
        RET_ON_FAILURE(handle, AUDIT_TRAIL_ERROR_INVALID_PARAMETER);
        RET_ON_FAILURE(callback, AUDIT_TRAIL_ERROR_INVALID_PARAMETER);
 
-       auto intConds = GetAuditRule(handle).getConditions<int>();
-       auto strConds = GetAuditRule(handle).getConditions<std::string>();
-
-       for (auto cond : intConds) {
-               callback(cond.getField(), cond.getOperator(),
-                                       (void*)(intptr_t)cond.getValue(), user_data);
-       }
-
-       for (auto cond : strConds) {
-               callback(cond.getField(), cond.getOperator(),
-                                       (void*)cond.getValue().c_str(), user_data);
+       std::vector<char> buf(GetAuditRule(handle).data());
+
+       auto r = reinterpret_cast<struct audit_rule_data *>(buf.data());
+       char *tmp = r->buf;
+
+       for (unsigned int i = 0; i < r->field_count; i++) {
+               if (FieldBase::isString(r->fields[i])) {
+                       std::string value(tmp, tmp + r->values[i]);
+                       callback(r->fields[i], r->fieldflags[i],
+                                       (void*)(value.c_str()), user_data);
+                       tmp += r->values[i];
+               } else {
+                       callback(r->fields[i], r->fieldflags[i],
+                                       (void*)(intptr_t)(r->values[i]), user_data);
+               }
        }
-
        return AUDIT_TRAIL_ERROR_NONE;
 }
 
@@ -196,7 +199,7 @@ int audit_trail_foreach_rule(audit_trail_h handle,
        auto rulesData = manager.getRules();
 
        for (auto data : rulesData) {
-               callback(reinterpret_cast<audit_rule_h>(new AuditRule(data)),
+               callback(reinterpret_cast<audit_rule_h>(new Rule(data)),
                                        user_data);
        }
 

diff --git a/server/rule-management.cpp b/server/rule-management.cpp
index efa114746f12c3a81b4f21624a4becaa2dcde3cf..10f11638bf82e0a8d0ed867aca4fec784687a709 100644 (file)
--- a/server/rule-management.cpp
+++ b/server/rule-management.cpp
@@ -36,13 +36,13 @@ RuleManagement::~RuleManagement()
 
 int RuleManagement::addRule(std::vector<char> data)
 {
-       context.getAudit().addRule(AuditRule(data));
+       context.getAudit().addRule(data);
        return 0;
 }
 
 int RuleManagement::removeRule(std::vector<char> data)
 {
-       context.getAudit().removeRule(AuditRule(data));
+       context.getAudit().removeRule(data);
        return 0;
 }