[apparmor] [PATCH 11/31] parser: Move policy cache initialization code into its own function

John Johansen john.johansen at canonical.com
Tue Jan 27 18:12:55 UTC 2015 

On 12/05/2014 04:22 PM, Tyler Hicks wrote:
> This patch moves the logic that sets up the policy into a new function
> in policy_cache.c
> 
> Signed-off-by: Tyler Hicks <tyhicks at canonical.com>
Acked-by: John Johansen <john.johansen at canonical.com>

> ---
>  parser/Makefile       |  2 +-
>  parser/parser_main.c  | 48 ++----------------------------------------------
>  parser/policy_cache.c | 49 +++++++++++++++++++++++++++++++++++++++++++++++++
>  parser/policy_cache.h |  2 ++
>  4 files changed, 54 insertions(+), 47 deletions(-)
> 
> diff --git a/parser/Makefile b/parser/Makefile
> index b95b9da..c50398f 100644
> --- a/parser/Makefile
> +++ b/parser/Makefile
> @@ -246,7 +246,7 @@ common_optarg.o: common_optarg.c common_optarg.h parser.h libapparmor_re/apparmo
>  features.o: features.c features.h parser.h libapparmor_re/apparmor_re.h
>  	$(CXX) $(EXTRA_CFLAGS) -c -o $@ $<
>  
> -policy_cache.o: policy_cache.c policy_cache.h parser.h
> +policy_cache.o: policy_cache.c policy_cache.h parser.h features.h
>  	$(CXX) $(EXTRA_CFLAGS) -c -o $@ $<
>  
>  kernel_interface.o: kernel_interface.c kernel_interface.h
> diff --git a/parser/parser_main.c b/parser/parser_main.c
> index d3c9701..b11d042 100644
> --- a/parser/parser_main.c
> +++ b/parser/parser_main.c
> @@ -79,8 +79,6 @@ int mru_skip_cache = 1;
>  int debug_cache = 0;
>  struct timespec mru_tstamp;
>  
> -char *cacheloc = NULL;
> -
>  /* Make sure to update BOTH the short and long_options */
>  static const char *short_options = "adf:h::rRVvI:b:BCD:NSm:M:qQn:XKTWkL:O:po:";
>  struct option long_options[] = {
> @@ -837,9 +835,6 @@ static int binary_dir_cb(DIR *dir unused, const char *name, struct stat *st,
>  
>  static void setup_flags(void)
>  {
> -	autofree char *cache_features_path = NULL;
> -	autofree char *cache_flags = NULL;
> -
>  	/* Get the match string to determine type of regex support needed */
>  	set_supported_features();
>  
> @@ -852,36 +847,6 @@ static void setup_flags(void)
>  		skip_read_cache = 1;
>  		return;
>  	}
> -
> -
> -	/*
> -         * Deal with cache directory versioning:
> -         *  - If cache/.features is missing, create it if --write-cache.
> -         *  - If cache/.features exists, and does not match features_string,
> -         *    force cache reading/writing off.
> -         */
> -	if (asprintf(&cache_features_path, "%s/.features", cacheloc) == -1) {
> -		PERROR(_("Memory allocation error."));
> -		exit(1);
> -	}
> -
> -	cache_flags = load_features_file(cache_features_path);
> -	if (cache_flags) {
> -		if (strcmp(features_string, cache_flags) != 0) {
> -			if (write_cache && cond_clear_cache) {
> -				if (create_cache(cacheloc, cache_features_path,
> -						 features_string))
> -					skip_read_cache = 1;
> -			} else {
> -				if (show_cache)
> -					PERROR("Cache read/write disabled: %s does not match %s\n", FEATURES_FILE, cache_features_path);
> -				write_cache = 0;
> -				skip_read_cache = 1;
> -			}
> -		}
> -	} else if (write_cache) {
> -		create_cache(cacheloc, cache_features_path, features_string);
> -	}
>  }
>  
>  int main(int argc, char *argv[])
> @@ -908,17 +873,6 @@ int main(int argc, char *argv[])
>  		return retval;
>  	}
>  
> -	/* create the cacheloc once and use it everywhere */
> -	if (!cacheloc) {
> -		if (asprintf(&cacheloc, "%s/cache", basedir) == -1) {
> -			PERROR(_("Memory allocation error."));
> -			exit(1);
> -		}
> -	}
> -
> -	if (force_clear_cache) 
> -		exit(clear_cache_files(cacheloc));
> -
>  	/* Check to make sure there is an interface to load policy */
>  	if (!(UNPRIVILEGED_OPS) && (subdomainbase == NULL) &&
>  	    !find_subdomainfs_mountpoint()) {
> @@ -929,6 +883,8 @@ int main(int argc, char *argv[])
>  
>  	setup_flags();
>  
> +	setup_cache();
> +
>  	retval = last_error = 0;
>  	for (i = optind; i <= argc; i++) {
>  		struct stat stat_file;
> diff --git a/parser/policy_cache.c b/parser/policy_cache.c
> index 7d9818a..aa1455c 100644
> --- a/parser/policy_cache.c
> +++ b/parser/policy_cache.c
> @@ -30,9 +30,12 @@
>  #define _(s) gettext(s)
>  
>  #include "lib.h"
> +#include "features.h"
>  #include "parser.h"
>  #include "policy_cache.h"
>  
> +char *cacheloc = NULL;
> +
>  #define le16_to_cpu(x) ((uint16_t)(le16toh (*(uint16_t *) x)))
>  
>  const char header_string[] = "\004\010\000version\000\002";
> @@ -226,3 +229,49 @@ void install_cache(const char *cachetmpname, const char *cachename)
>  		}
>  	}
>  }
> +
> +void setup_cache(void)
> +{
> +	autofree char *cache_features_path = NULL;
> +	autofree char *cache_flags = NULL;
> +
> +	/* create the cacheloc once and use it everywhere */
> +	if (!cacheloc) {
> +		if (asprintf(&cacheloc, "%s/cache", basedir) == -1) {
> +			PERROR(_("Memory allocation error."));
> +			exit(1);
> +		}
> +	}
> +
> +	if (force_clear_cache)
> +		exit(clear_cache_files(cacheloc));
> +
> +	/*
> +         * Deal with cache directory versioning:
> +         *  - If cache/.features is missing, create it if --write-cache.
> +         *  - If cache/.features exists, and does not match features_string,
> +         *    force cache reading/writing off.
> +         */
> +	if (asprintf(&cache_features_path, "%s/.features", cacheloc) == -1) {
> +		PERROR(_("Memory allocation error."));
> +		exit(1);
> +	}
> +
> +	cache_flags = load_features_file(cache_features_path);
> +	if (cache_flags) {
> +		if (strcmp(features_string, cache_flags) != 0) {
> +			if (write_cache && cond_clear_cache) {
> +				if (create_cache(cacheloc, cache_features_path,
> +						 features_string))
> +					skip_read_cache = 1;
> +			} else {
> +				if (show_cache)
> +					PERROR("Cache read/write disabled: %s does not match %s\n", FEATURES_FILE, cache_features_path);
> +				write_cache = 0;
> +				skip_read_cache = 1;
> +			}
> +		}
> +	} else if (write_cache) {
> +		create_cache(cacheloc, cache_features_path, features_string);
> +	}
> +}
> diff --git a/parser/policy_cache.h b/parser/policy_cache.h
> index 8572ff6..05b05bd 100644
> --- a/parser/policy_cache.h
> +++ b/parser/policy_cache.h
> @@ -35,6 +35,7 @@ extern int force_clear_cache;		/* force clearing regargless of state */
>  extern int create_cache_dir;		/* create the cache dir if missing? */
>  extern int mru_skip_cache;
>  extern int debug_cache;
> +extern char *cacheloc;
>  
>  void set_mru_tstamp(struct timespec t);
>  void update_mru_tstamp(FILE *file, const char *path);
> @@ -46,5 +47,6 @@ void valid_read_cache(const char *cachename);
>  int cache_hit(const char *cachename);
>  int setup_cache_tmp(const char **cachetmpname, const char *cachename);
>  void install_cache(const char *cachetmpname, const char *cachename);
> +void setup_cache(void);
>  
>  #endif /* __AA_POLICY_CACHE_H */
>

More information about the AppArmor mailing list