From: seolheui kim <s414.kim@samsung.com>
Date: Thu, 26 Apr 2018 06:49:49 +0000 (+0900)
Subject: Fix to put multiple syscall number to rule
X-Git-Tag: submit/tizen/20180502.041736~3
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=ae4fcf4c3460db6ed6fb160072d07179d2cfa2ee;p=platform%2Fcore%2Fsecurity%2Faudit-trail.git

Fix to put multiple syscall number to rule

Change-Id: I22b59fb25dcefbec8e9666ff4bc2cf07a3cb3073
Signed-off-by: seolheui kim <s414.kim@samsung.com>
---

diff --git a/lib/audit-rule/rule.cpp b/lib/audit-rule/rule.cpp
index d7fecb6..63ceac4 100644
--- a/lib/audit-rule/rule.cpp
+++ b/lib/audit-rule/rule.cpp
@@ -43,6 +43,11 @@ Rule::~Rule()
 std::vector<char> Rule::data() const
 {
 	std::vector<char> ret(buf);
+	if (!isSetMask(ret)) {
+		auto r = reinterpret_cast<RuleData*>(ret.data());
+		std::fill_n(r->mask, AUDIT_BITMASK_SIZE, ~0);
+	}
+
 	for (auto &c : conditions) {
 		if (c.second)
 			c.second->emit(ret);
@@ -50,6 +55,16 @@ std::vector<char> Rule::data() const
 	return ret;
 }
 
+bool Rule::isSetMask(std::vector<char> rule) const
+{
+	auto r = reinterpret_cast<RuleData*>(rule.data());
+	for (auto &m : r->mask) {
+		if (m != 0)
+			return true;
+	}
+	return false;
+}
+
 void Rule::setTag(const std::string &tag)
 {
 	//[TODO]: save tags
@@ -68,9 +83,7 @@ void Rule::set(Filter filter)
 
 void Rule::setMask()
 {
-	for (auto &m : ruleData()->mask) {
-		m = ~0;
-	}
+	std::fill_n(ruleData()->mask, AUDIT_BITMASK_SIZE, ~0);
 }
 
 void Rule::setMask(unsigned int syscall)
@@ -86,9 +99,7 @@ void Rule::setMask(unsigned int syscall)
 
 void Rule::unsetMask()
 {
-	for (auto &m : ruleData()->mask) {
-		m = 0;
-	}
+	std::fill_n(ruleData()->mask, AUDIT_BITMASK_SIZE, 0);
 }
 
 void Rule::unsetMask(unsigned int syscall)
diff --git a/lib/audit-rule/rule.h b/lib/audit-rule/rule.h
index 0b707d8..a791f65 100644
--- a/lib/audit-rule/rule.h
+++ b/lib/audit-rule/rule.h
@@ -71,6 +71,12 @@ public:
 		return *this;
 	}
 
+	Rule &operator + (unsigned int mask)
+	{
+		setMask(mask);
+		return *this;
+	}
+
 	bool operator == (const Rule &rule)
 	{
 		return (data() == rule.data());
@@ -117,6 +123,7 @@ private:
 		return reinterpret_cast<RuleData*>(buf.data());
 	}
 	void setComponents(const std::vector<char> &rule);
+	bool isSetMask(std::vector<char> rule) const;
 private:
 	RuleType _type;
 	std::vector<char> buf;
diff --git a/lib/audit-rule/syscall-rule.h b/lib/audit-rule/syscall-rule.h
index e2ed572..563e8d6 100644
--- a/lib/audit-rule/syscall-rule.h
+++ b/lib/audit-rule/syscall-rule.h
@@ -24,6 +24,12 @@ public:
 	SyscallRule(int syscall) {
 		setMask(syscall);
 	}
+	template <typename T, typename ...T2>
+	SyscallRule(T syscall, T2... syscalls) : SyscallRule(syscalls...)
+	{
+		setMask(syscall);
+	}
+
 	~SyscallRule() {}
 };