From: Jarkko Sakkinen Date: Tue, 23 Nov 2010 23:36:50 +0000 (-0800) Subject: Label set support to rule set API. X-Git-Tag: accepted/trunk/20130107.204027~185 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=7669d0712f9961cc3b69359cc7527efdd98039c5;p=platform%2Fupstream%2Fsmack.git Label set support to rule set API. --- diff --git a/src/smack.h b/src/smack.h index d8b2a40..3160cca 100644 --- a/src/smack.h +++ b/src/smack.h @@ -80,6 +80,17 @@ extern SmackRuleSet smack_rule_set_new_from_file(const char *path, extern void smack_rule_set_delete(SmackRuleSet handle); /*! + * Attach label set to rule set to enabled transparent long name conversion. + * Note: does not take ownership of label set so caller must take care of + * freeing it. + * + * @param rules rule set + * @param labels label set + */ +extern void smack_rule_set_attach_label_set(SmackRuleSet rules, + SmackLabelSet labels); + +/*! * Write rules to a given file. * * @param handle handle to a rules diff --git a/src/smack_labels.c b/src/smack_labels.c index fac18b5..a284502 100644 --- a/src/smack_labels.c +++ b/src/smack_labels.c @@ -137,7 +137,12 @@ const char *smack_label_set_to_short_name(SmackLabelSet handle, const char *long_name) { struct smack_label *l; + HASH_FIND(long_name_hh, handle->label_by_long_name, long_name, strlen(long_name), l); + + if (l == NULL) + return NULL; + return l->short_name; } @@ -145,7 +150,12 @@ const char *smack_label_set_to_long_name(SmackLabelSet handle, const char *short_name) { struct smack_label *l; + HASH_FIND(short_name_hh, handle->label_by_short_name, short_name, strlen(short_name), l); + + if (l == NULL) + return NULL; + return l->long_name; } diff --git a/src/smack_rules.c b/src/smack_rules.c index d73ff97..7bbef86 100644 --- a/src/smack_rules.c +++ b/src/smack_rules.c @@ -51,6 +51,7 @@ struct smack_subject { struct _SmackRuleSet { struct smack_subject *subjects; + SmackLabelSet labels; }; static int update_rule(struct smack_subject **subjects, @@ -68,7 +69,7 @@ SmackRuleSet smack_rule_set_new(void) } SmackRuleSet smack_rule_set_new_from_file(const char *path, - const char *subject_filter) + const char *subject_filter) { SmackRuleSet rules; FILE *file; @@ -89,17 +90,18 @@ SmackRuleSet smack_rule_set_new_from_file(const char *path, } while (ret == 0 && getline(&buf, &size, file) != -1) { - subject = strtok(buf, " \n"); - object = strtok(NULL, " \n"); - access = strtok(NULL, " \n"); + subject = strtok(buf, " \t\n"); + object = strtok(NULL, " \t\n"); + access = strtok(NULL, " \t\n"); if (subject == NULL || object == NULL || access == NULL || - strtok(NULL, " \n") != NULL) { + strtok(NULL, " \t\n") != NULL) { ret = -1; } else if (subject_filter == NULL || strcmp(subject, subject_filter) == 0) { ac = str_to_ac(access); - ret = update_rule(&rules->subjects, subject, object, ac); + ret = update_rule(&rules->subjects, subject, object, + ac); } free(buf); @@ -140,6 +142,12 @@ void smack_rule_set_delete(SmackRuleSet handle) free(handle); } +void smack_rule_set_attach_label_set(SmackRuleSet rules, + SmackLabelSet labels) +{ + rules->labels = labels; +} + int smack_rule_set_save_to_file(SmackRuleSet handle, const char *path) { struct smack_subject *s, *stmp; @@ -198,25 +206,41 @@ int smack_rule_set_save_to_kernel(SmackRuleSet handle, const char *path) fclose(file); return 0; - } -int smack_rule_set_add(SmackRuleSet handle, const char *subject, - const char *object, const char *access_str) +int smack_rule_set_add(SmackRuleSet handle, const char *subject, + const char *object, const char *access_str) { unsigned access; int ret; + + if (handle->labels != NULL) { + subject = smack_label_set_to_short_name(handle->labels, subject); + object = smack_label_set_to_short_name(handle->labels, object); + + if (subject == NULL || object == NULL) + return -1; + } + access = str_to_ac(access_str); ret = update_rule(&handle->subjects, subject, object, access); return ret == 0 ? 0 : -1; } int smack_rule_set_remove(SmackRuleSet handle, const char *subject, - const char *object) + const char *object) { struct smack_subject *s = NULL; struct smack_object *o = NULL; + if (handle->labels != NULL) { + subject = smack_label_set_to_short_name(handle->labels, subject); + object = smack_label_set_to_short_name(handle->labels, object); + + if (subject == NULL || object == NULL) + return -1; + } + HASH_FIND_STR(handle->subjects, subject, s); if (s == NULL) return -1; @@ -235,6 +259,13 @@ void smack_rule_set_remove_by_subject(SmackRuleSet handle, const char *subject) struct smack_subject *s = NULL; struct smack_object *o = NULL, *tmp = NULL; + if (handle->labels != NULL) { + subject = smack_label_set_to_short_name(handle->labels, subject); + + if (subject == NULL) + return; + } + HASH_FIND_STR(handle->subjects, subject, s); if (s == NULL) return; @@ -250,6 +281,13 @@ void smack_rule_set_remove_by_object(SmackRuleSet handle, const char *object) struct smack_subject *s = NULL, *tmp = NULL; struct smack_object *o = NULL; + if (handle->labels != NULL) { + object = smack_label_set_to_short_name(handle->labels, object); + + if (object == NULL) + return; + } + HASH_ITER(hh, handle->subjects, s, tmp) { HASH_FIND_STR(s->objects, object, o); HASH_DEL(s->objects, o); @@ -258,12 +296,20 @@ void smack_rule_set_remove_by_object(SmackRuleSet handle, const char *object) } int smack_rule_set_have_access(SmackRuleSet handle, const char *subject, - const char *object, const char *access_str) + const char *object, const char *access_str) { struct smack_subject *s = NULL; struct smack_object *o = NULL; unsigned ac; + if (handle->labels != NULL) { + subject = smack_label_set_to_short_name(handle->labels, subject); + object = smack_label_set_to_short_name(handle->labels, object); + + if (subject == NULL || object == NULL) + return -1; + } + ac = str_to_ac(access_str); HASH_FIND_STR(handle->subjects, subject, s); diff --git a/tests/check_rules.c b/tests/check_rules.c index a29045f..3c56347 100644 --- a/tests/check_rules.c +++ b/tests/check_rules.c @@ -25,6 +25,9 @@ #include #include "../src/smack.h" +#define LONG_LABEL_1 "FooFooFooFooFooFooFooFooFooFooFooFooFoo" +#define LONG_LABEL_2 "BarBarBarBarBarBarBarBarBarBarBarBarBar" + static int files_equal(const char *filename1, const char *filename2); START_TEST(test_add_new_rule) @@ -42,6 +45,7 @@ START_TEST(test_add_new_rule) } END_TEST + START_TEST(test_modify_existing_rule) { int rc; @@ -150,6 +154,88 @@ START_TEST(test_have_access_removed_rule) } END_TEST +START_TEST(test_rule_set_attach_label_set_add_remove_rule) +{ + int rc; + + SmackRuleSet rules = smack_rule_set_new(); + fail_unless(rules != NULL, "Creating rule set failed"); + + SmackLabelSet labels = smack_label_set_new(); + fail_unless(labels != NULL, "Creating label set failed"); + + smack_rule_set_attach_label_set(rules, labels); + + rc = smack_label_set_add(labels, LONG_LABEL_1); + fail_unless(rc == 0, "Adding label was not succesful"); + + rc = smack_label_set_add(labels, LONG_LABEL_2); + fail_unless(rc == 0, "Adding label was not succesful"); + + rc = smack_rule_set_add(rules, LONG_LABEL_1, LONG_LABEL_2, "rx"); + fail_unless(rc == 0, "Adding rule was not succesful"); + + rc = smack_rule_set_remove(rules, LONG_LABEL_1, LONG_LABEL_2); + fail_unless(rc == 0, "Removign rule was not succesful"); + + smack_rule_set_delete(rules); + smack_label_set_delete(labels); +} +END_TEST + +START_TEST(test_rule_set_attach_label_set_add_rule_no_labels) +{ + int rc; + + SmackRuleSet rules = smack_rule_set_new(); + fail_unless(rules != NULL, "Creating rule set failed"); + + SmackLabelSet labels = smack_label_set_new(); + fail_unless(labels != NULL, "Creating label set failed"); + + smack_rule_set_attach_label_set(rules, labels); + + rc = smack_rule_set_add(rules, LONG_LABEL_1, LONG_LABEL_2, "rx"); + fail_unless(rc != 0, "Adding rule was succesful"); + + smack_rule_set_delete(rules); + smack_label_set_delete(labels); +} +END_TEST + +START_TEST(test_rule_set_attach_label_set_save_rules) +{ + int rc; + + SmackRuleSet rules = smack_rule_set_new(); + fail_unless(rules != NULL, "Creating rule set failed"); + + SmackLabelSet labels = smack_label_set_new(); + fail_unless(labels != NULL, "Creating label set failed"); + + smack_rule_set_attach_label_set(rules, labels); + + rc = smack_label_set_add(labels, LONG_LABEL_1); + fail_unless(rc == 0, "Adding label was not succesful"); + + rc = smack_label_set_add(labels, LONG_LABEL_2); + fail_unless(rc == 0, "Adding label was not succesful"); + + rc = smack_rule_set_add(rules, LONG_LABEL_1, LONG_LABEL_2, "rx"); + fail_unless(rc == 0, "Adding rule was not succesful"); + + rc = smack_rule_set_save_to_file(rules, "rule_set_attach_label_set_save_rules-result.txt"); + fail_unless(rc == 0, "Saving rule set was not succesful"); + + rc = files_equal("rule_set_attach_label_set_save_rules-result.txt", + "data/rule_set_attach_label_set_save_rules-excepted.txt"); + fail_unless(rc == 1, "Unexcepted result"); + + smack_rule_set_delete(rules); + smack_label_set_delete(labels); +} +END_TEST + Suite *ruleset_suite (void) { Suite *s; @@ -167,6 +253,9 @@ Suite *ruleset_suite (void) tcase_add_test(tc_core, test_remove_rules_by_object); tcase_add_test(tc_core, test_have_access_rule); tcase_add_test(tc_core, test_have_access_removed_rule); + tcase_add_test(tc_core, test_rule_set_attach_label_set_add_remove_rule); + tcase_add_test(tc_core, test_rule_set_attach_label_set_add_rule_no_labels); + tcase_add_test(tc_core, test_rule_set_attach_label_set_save_rules); suite_add_tcase(s, tc_core); return s; diff --git a/tests/data/rule_set_attach_label_set_save_rules-excepted.txt b/tests/data/rule_set_attach_label_set_save_rules-excepted.txt new file mode 100644 index 0000000..6abe972 --- /dev/null +++ b/tests/data/rule_set_attach_label_set_save_rules-excepted.txt @@ -0,0 +1 @@ +ooFooFooFooFooFooFooFoo arBarBarBarBarBarBarBar rx