[apparmor] [PATCH 04/13] Instead of using a special flags= token and keyword use TOK_CONDID
John Johansen
john.johansen at canonical.com
Tue Feb 14 20:51:55 UTC 2012
On 02/14/2012 11:10 AM, Kees Cook wrote:
> Hi John,
>
> On Tue, Feb 14, 2012 at 09:32:26AM -0800, John Johansen wrote:
>> Signed-off-by: John Johansen <john.johansen at canonical.com>
>> ---
>> parser/parser_lex.l | 31 +++++++++++++------------------
>> parser/parser_yacc.y | 8 +++++++-
>> 2 files changed, 20 insertions(+), 19 deletions(-)
>>
>> diff --git a/parser/parser_lex.l b/parser/parser_lex.l
>> index bfcbd57..8f549c8 100644
>> --- a/parser/parser_lex.l
>> +++ b/parser/parser_lex.l
>> @@ -192,7 +192,6 @@ QUOTED_ID \"{ALLOWED_QUOTED_ID}*\"
>>
>> IP {NUMBER}\.{NUMBER}\.{NUMBER}\.{NUMBER}
>>
>> -FLAGS flags{WS}*=?{WS}*
>> HAT hat{WS}*
>> PROFILE profile{WS}*
>> KEYWORD [[:alpha:]_]+
>> @@ -254,6 +253,19 @@ LT_EQUAL <=
>> if ( !YY_CURRENT_BUFFER ) yyterminate();
>> }
>>
>> +{VARIABLE_NAME}/{WS}*={WS}* {
>> + /* we match to the = in the lexer so that
>> + * can switch scanner state. By the time
>> + * the parser see the = it may be to late
>> + * as bison may have requested the next
>> + * token from the scanner
>> + */
>> + PDEBUG("conditional %s=\n", yytext);
>> + yylval.id = processid(yytext, yyleng);
>> + yy_push_state(EXTCOND_MODE);
>> + return TOK_CONDID;
>> + }
>> +
>
> Why the relocation of this chunk? Seems better to keep it near the other
> VARIABLE_NAME use...
>
Originally I did, but it got lifted and state shared as part of the mount
patch, and actually had other modifications done as well. I pulled most
of those changes back into the original.
We could always rework it into a couple of patches but I guess I am just
getting lazy
>> <SUB_NAME>{
>> ({IDS}|{QUOTED_ID}) {
>> /* Ugh, this is a gross hack. I used to use
>> @@ -535,11 +547,6 @@ LT_EQUAL <=
>> return TOK_MODE;
>> }
>>
>> -{FLAGS} {
>> - DUMP_PREPROCESS;
>> - return TOK_FLAGS;
>> - }
>> -
>> {HAT} {
>> DUMP_PREPROCESS;
>> yy_push_state(SUB_NAME);
>> @@ -565,18 +572,6 @@ LT_EQUAL <=
>> return TOK_OPENPAREN;
>> }
>>
>> -{VARIABLE_NAME}/{WS}*={WS}* {
>> - /* we match to the = in the lexer so that
>> - * can switch scanner state. By the time
>> - * the parser see the = it may be to late
>> - * as bison may have requested the next
>> - * token from the scanner
>> - */
>> - yylval.id = processid(yytext, yyleng);
>> - yy_push_state(EXTCOND_MODE);
>> - return TOK_CONDID;
>> - }
>> -
>> {VARIABLE_NAME} {
>> DUMP_PREPROCESS;
>> int token = get_keyword_token(yytext);
>> diff --git a/parser/parser_yacc.y b/parser/parser_yacc.y
>> index 516cf57..af56a20 100644
>> --- a/parser/parser_yacc.y
>> +++ b/parser/parser_yacc.y
>> @@ -162,6 +162,7 @@ void add_local_entry(struct codomain *cod);
>> }
>>
>> %type <id> TOK_ID
>> +%type <id> TOK_CONDID
>> %type <mode> TOK_MODE
>> %type <fmode> file_mode
>> %type <cod> profile_base
>> @@ -398,7 +399,12 @@ flags: { /* nothing */
>> };
>>
>> opt_flags: { /* nothing */ $$ = 0; }
>> - | TOK_FLAGS { $$ = 1; }
>> + | TOK_CONDID TOK_EQUALS
>> + {
>> + if (strcmp($1, "flags") != 0)
>> + yyerror("expected flags= got %s=", $1);
>> + $$ = 1;
>> + }
>>
>> flags: opt_flags TOK_OPENPAREN flagvals TOK_CLOSEPAREN
>> {
>> --
>> 1.7.9
>>
>>
>> --
>> AppArmor mailing list
>> AppArmor at lists.ubuntu.com
>> Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
More information about the AppArmor
mailing list