summaryrefslogtreecommitdiff
path: root/src/entry
diff options
context:
space:
mode:
Diffstat (limited to 'src/entry')
-rw-r--r--src/entry/Maat_command.cpp14
-rw-r--r--src/entry/Maat_rule.cpp13
-rw-r--r--src/entry/Maat_table_runtime.cpp54
-rw-r--r--src/entry/rcu_hash.cpp28
-rw-r--r--src/entry/stream_fuzzy_hash.c26
5 files changed, 78 insertions, 57 deletions
diff --git a/src/entry/Maat_command.cpp b/src/entry/Maat_command.cpp
index ae74f67..fa62db4 100644
--- a/src/entry/Maat_command.cpp
+++ b/src/entry/Maat_command.cpp
@@ -149,6 +149,9 @@ enum MAAT_TABLE_TYPE type_region2table(const struct Maat_region_t* p)
enum MAAT_TABLE_TYPE ret=TABLE_TYPE_IP;
switch(p->region_type)
{
+ case REGION_FLAG:
+ ret=TABLE_TYPE_FLAG;
+ break;
case REGION_IP:
ret=TABLE_TYPE_IP;
break;
@@ -189,6 +192,9 @@ int get_valid_flag_offset(const char* line, enum MAAT_TABLE_TYPE type, int valid
unsigned int column_seq=0, ret=0;
switch(type)
{
+ case TABLE_TYPE_FLAG:
+ column_seq=5;
+ break;
case TABLE_TYPE_EXPR:
column_seq=7;
break;
@@ -291,6 +297,10 @@ void serialize_region(const struct Maat_cmd_region* p, int group_id, char* buff,
UNUSED size_t ret=0;
switch(p->region_type)
{
+ case REGION_FLAG:
+ ret=snprintf(buff, sz, "%d\t%d\t%lu\t%lu\t1", p->region_id, group_id,
+ p->flag_rule.flag, p->flag_rule.flag_mask);
+ break;
case REGION_IP:
ret=snprintf(buff, sz, "%d\t%d\t%d\t%s\t%s\t%hu\t%hu\t%s\t%s\t%hu\t%hu\t%d\t%d\t1",
p->region_id,
@@ -1858,6 +1868,8 @@ void _maat_copy_region(struct Maat_region_t* dst,const struct Maat_region_t* src
}
switch(dst->region_type)
{
+ case REGION_FLAG:
+ break;
case REGION_IP:
dst->ip_rule.src_ip=_maat_strdup(src->ip_rule.src_ip);
dst->ip_rule.mask_src_ip=_maat_strdup(src->ip_rule.mask_src_ip);
@@ -1887,6 +1899,8 @@ void _maat_empty_region(struct Maat_region_t* p)
p->table_name=NULL;
switch(p->region_type)
{
+ case REGION_FLAG:
+ break;
case REGION_IP:
free((char*)p->ip_rule.src_ip);
free((char*)p->ip_rule.mask_src_ip);
diff --git a/src/entry/Maat_rule.cpp b/src/entry/Maat_rule.cpp
index 05735c3..99ec935 100644
--- a/src/entry/Maat_rule.cpp
+++ b/src/entry/Maat_rule.cpp
@@ -1338,7 +1338,7 @@ int add_flag_rule(struct Maat_table_schema* table, const char *line, struct db_f
{
struct Maat_region_inner* u_para=NULL;
struct Maat_table_runtime * table_rt=Maat_table_runtime_get(scanner->table_rt_mgr, table->table_id);
- int expr_id=0, ret=0;
+ int ret=0;
u_para=Maat_region_inner_new(db_flag_rule->group_id, db_flag_rule->region_id, table->table_id, -1);
ret=Maat_hierarchy_add_region_to_group(scanner->hier, db_flag_rule->group_id, db_flag_rule->region_id, table->table_id, u_para);
@@ -1349,12 +1349,9 @@ int add_flag_rule(struct Maat_table_schema* table, const char *line, struct db_f
return -1;
}
- expr_id=scanner->exprid_generator++;
- Maat_region_inner_add_expr_id(u_para, expr_id);
MESA_handle_runtime_log(logger,RLOG_LV_INFO,maat_module ,
- "Maat_table_runtime_flag_add expr_id:%d", expr_id);
-
- Maat_table_runtime_flag_add(table_rt, expr_id, db_flag_rule->flag, db_flag_rule->mask, u_para);
+ "add_flag_rule region_id:%d", db_flag_rule->region_id);
+ Maat_table_runtime_flag_add(table_rt, db_flag_rule->region_id, db_flag_rule->flag, db_flag_rule->mask, u_para);
return 0;
}
@@ -1487,9 +1484,7 @@ int del_region_rule(struct Maat_table_schema* table, int region_id, int group_id
break;
case TABLE_TYPE_FLAG:
table_rt=Maat_table_runtime_get(maat_scanner->table_rt_mgr, table->table_id);
- MESA_handle_runtime_log(logger,RLOG_LV_INFO,maat_module ,
- "Maat_table_runtime_flag_del expr_id:%d", region->expr_id_cnt);
- Maat_table_runtime_flag_del(table_rt, region->expr_id_cnt);
+ Maat_table_runtime_flag_del(table_rt, region->region_id);
break;
default:
assert(0);
diff --git a/src/entry/Maat_table_runtime.cpp b/src/entry/Maat_table_runtime.cpp
index ba08fbd..3f0a995 100644
--- a/src/entry/Maat_table_runtime.cpp
+++ b/src/entry/Maat_table_runtime.cpp
@@ -96,11 +96,11 @@ struct Maat_table_runtime_manager
struct Maat_garbage_bin* ref_bin;
};
-static struct flag_rule *create_flag_rule(uint32_t id, uint64_t flag, uint64_t flag_mask, void *tag)
+static struct flag_rule *create_flag_rule(uint32_t region_id, uint64_t flag, uint64_t flag_mask, void *tag)
{
struct flag_rule *rule = ALLOC(struct flag_rule, 1);
- rule->flag_rule_id = id;
+ rule->flag_rule_id = region_id;
rule->flag = flag;
rule->mask = flag_mask;
rule->user_tag = tag;
@@ -462,15 +462,15 @@ void Maat_table_runtime_plugin_commit_update(struct Maat_table_runtime* table_rt
return;
}
-void Maat_table_runtime_flag_add(struct Maat_table_runtime *table_rt, int expr_id, uint64_t flag, uint64_t mask, void *tag)
+void Maat_table_runtime_flag_add(struct Maat_table_runtime *table_rt, int region_id, uint64_t flag, uint64_t mask, void *tag)
{
- struct flag_rule *rule = create_flag_rule(expr_id, flag, mask, tag);
- rcu_hash_add(table_rt->flag.htable, (const char *)&expr_id, sizeof(int), rule);
+ struct flag_rule *rule = create_flag_rule(region_id, flag, mask, tag);
+ rcu_hash_add(table_rt->flag.htable, (const char *)&region_id, sizeof(int), rule);
}
-void Maat_table_runtime_flag_del(struct Maat_table_runtime* table_rt, int expr_id)
+void Maat_table_runtime_flag_del(struct Maat_table_runtime* table_rt, int region_id)
{
- rcu_hash_del(table_rt->flag.htable, (const char *)&expr_id, sizeof(int));
+ rcu_hash_del(table_rt->flag.htable, (const char *)&region_id, sizeof(int));
}
void Maat_table_runtime_digest_add(struct Maat_table_runtime* table_rt, int expr_id, const char* digest, short confidence_degree, void* tag)
@@ -914,23 +914,26 @@ int Maat_table_runtime_flag_commit_update(struct Maat_table_runtime *table_rt, v
{
int ret = 0;
void **rule_array = NULL;
+ struct flag_rule *rules = NULL;
struct flag_runtime *flag_rt = &(table_rt->flag);
assert(table_rt->table_type==TABLE_TYPE_FLAG);
- size_t rule_cnt = rcu_hash_list_updating_data(flag_rt->htable, &rule_array);
- MESA_handle_runtime_log(logger, RLOG_LV_INFO, maat_module,
- "new_flag_matcher commit rule_cnt:%zu", rule_cnt);
- if (0 == rule_cnt) {
- free(rule_array);
- rule_array = NULL;
+ int updating_flag = rcu_hash_is_updating(flag_rt->htable);
+ if (0 == updating_flag) {
return 0;
}
- struct flag_rule *rules=ALLOC(struct flag_rule, rule_cnt);
- for (size_t i = 0; i < rule_cnt; i++)
- {
- rules[i] = *(struct flag_rule *)rule_array[i];
- }
+ rcu_hash_commit(flag_rt->htable);
+
+ size_t rule_cnt = rcu_hash_list(flag_rt->htable, &rule_array);
+ MESA_handle_runtime_log(logger, RLOG_LV_INFO, maat_module,
+ "new_flag_matcher commit rule_cnt:%zu", rule_cnt);
+ if (rule_cnt > 0) {
+ rules = ALLOC(struct flag_rule, rule_cnt);
+ for (size_t i = 0; i < rule_cnt; i++) {
+ rules[i] = *(struct flag_rule *)rule_array[i];
+ }
+ }
struct flag_matcher *new_flag_matcher = NULL;
struct flag_matcher *old_flag_matcher = NULL;
@@ -943,18 +946,23 @@ int Maat_table_runtime_flag_commit_update(struct Maat_table_runtime *table_rt, v
old_flag_matcher = flag_rt->matcher;
flag_rt->matcher = new_flag_matcher;
+
if (old_flag_matcher != NULL)
{
Maat_garbage_bagging(table_rt->ref_garbage_bin, old_flag_matcher, (void (*)(void*))flag_matcher_free);
}
- rcu_hash_commit(flag_rt->htable);
table_rt->origin_rule_num=rcu_hash_count(flag_rt->htable);
- free(rules);
- rules = NULL;
- free(rule_array);
- rule_array=NULL;
+ if (rules != NULL) {
+ free(rules);
+ rules = NULL;
+ }
+
+ if (rule_array != NULL) {
+ free(rule_array);
+ rule_array=NULL;
+ }
return ret;
}
diff --git a/src/entry/rcu_hash.cpp b/src/entry/rcu_hash.cpp
index 5062787..70712de 100644
--- a/src/entry/rcu_hash.cpp
+++ b/src/entry/rcu_hash.cpp
@@ -198,12 +198,12 @@ void rcu_hash_add(struct rcu_hash_table *htable, const char *key, size_t key_len
if (htable->effective_hash == 'a') {
HASH_FIND(hh_b, htable->hashmap_b, key, key_len, tmp);
if (NULL == tmp) {
- HASH_ADD_KEYPTR(hh_b, htable->hashmap_b, key, key_len, node);
+ HASH_ADD_KEYPTR(hh_b, htable->hashmap_b, node->key, node->key_len, node);
}
} else {
HASH_FIND(hh_a, htable->hashmap_a, key, key_len, tmp);
if (NULL == tmp) {
- HASH_ADD_KEYPTR(hh_a, htable->hashmap_a, key, key_len, node);
+ HASH_ADD_KEYPTR(hh_a, htable->hashmap_a, node->key, node->key_len, node);
}
}
}
@@ -272,6 +272,15 @@ size_t rcu_hash_count(struct rcu_hash_table *htable)
}
}
+int rcu_hash_is_updating(struct rcu_hash_table *htable)
+{
+ if (NULL == htable) {
+ return 0;
+ }
+
+ return htable->is_updating;
+}
+
void rcu_hash_commit(struct rcu_hash_table *htable)
{
if (NULL == htable) {
@@ -313,32 +322,27 @@ void rcu_hash_commit(struct rcu_hash_table *htable)
pthread_mutex_unlock(&htable->update_mutex);
}
-size_t rcu_hash_list_updating_data(struct rcu_hash_table *htable, void ***data_array)
+size_t rcu_hash_list(struct rcu_hash_table *htable, void ***data_array)
{
size_t i = 0;
size_t node_cnt = 0;
struct rcu_hash_node *node = NULL, *tmp = NULL;
if (htable->effective_hash == 'a') {
- node_cnt = HASH_CNT(hh_b, htable->hashmap_b);
+ node_cnt = HASH_CNT(hh_a, htable->hashmap_a);
*data_array = ALLOC(void *, node_cnt);
- HASH_ITER(hh_b, htable->hashmap_b, node, tmp) {
+ HASH_ITER(hh_a, htable->hashmap_a, node, tmp) {
(*data_array)[i] = node->data;
i++;
}
} else {
- node_cnt = HASH_CNT(hh_a, htable->hashmap_a);
+ node_cnt = HASH_CNT(hh_b, htable->hashmap_b);
*data_array = ALLOC(void *, node_cnt);
- HASH_ITER(hh_a, htable->hashmap_a, node, tmp) {
+ HASH_ITER(hh_b, htable->hashmap_b, node, tmp) {
(*data_array)[i] = node->data;
i++;
}
}
return node_cnt;
-}
-
-int rcu_hash_updating_flag(struct rcu_hash_table *htable)
-{
- return htable->is_updating;
} \ No newline at end of file
diff --git a/src/entry/stream_fuzzy_hash.c b/src/entry/stream_fuzzy_hash.c
index 5adf5b9..fb59086 100644
--- a/src/entry/stream_fuzzy_hash.c
+++ b/src/entry/stream_fuzzy_hash.c
@@ -24,7 +24,7 @@ void sfh_rs_entropy(IVI_seg_t * seg, void * user_para);
void sfh_output_state_t(IVI_seg_t * seg, void * user_para);
int write_uint_array(unsigned int ** array, unsigned int *index,unsigned int *size,unsigned int value);
/**
- * roll_state��ʼ��
+ * roll_state��ʼ��
*/
static inline void roll_init(struct roll_state_t * self)
{
@@ -32,7 +32,7 @@ static inline void roll_init(struct roll_state_t * self)
}
/**
- * ����roll_hashֵ�����ⲿ���ݶ�ȡ��������
+ * ����roll_hashֵ�����ⲿ���ݶ�ȡ��������
*/
static inline void roll_hash(struct roll_state_t * self, unsigned char c)
{
@@ -53,7 +53,7 @@ static inline void roll_hash(struct roll_state_t * self, unsigned char c)
}
/**
- * ���㴰�������roll_hashֵ��ÿ��roll_hashֵ����һ����������Ƭ
+ * ���㴰�������roll_hashֵ��ÿ��roll_hashֵ����һ����������Ƭ
*/
static inline unsigned int roll_sum(const struct roll_state_t * self)
{
@@ -61,7 +61,7 @@ static inline unsigned int roll_sum(const struct roll_state_t * self)
}
/**
- * �����Ƭ��FNVֵ
+ * �����Ƭ��FNVֵ
*/
static inline unsigned int sum_hash(unsigned char c, unsigned int h)
{
@@ -69,7 +69,7 @@ static inline unsigned int sum_hash(unsigned char c, unsigned int h)
}
/**
- * ����handle
+ * ����handle
*/
sfh_instance_t * SFH_instance(unsigned long long origin_len)
{
@@ -98,7 +98,7 @@ sfh_instance_t * SFH_instance(unsigned long long origin_len)
/**
- * IVI_destroy�Ļص�����������IVI�е�����
+ * IVI_destroy�Ļص�����������IVI�е�����
*/
void fuzzy_node_free(IVI_seg_t * seg, void * usr_para)
{
@@ -293,7 +293,7 @@ int destroy_sfh_seg(sfh_seg_t*p)
return ret_size;
}
/**
- * �ж������Ƿ����Ѿ�������������и���
+ * �ж������Ƿ����Ѿ�������������и���
*/
unsigned int segment_overlap(fuzzy_handle_inner_t * _handle, unsigned int size, unsigned long long offset, const char * data)
{
@@ -307,7 +307,7 @@ unsigned int segment_overlap(fuzzy_handle_inner_t * _handle, unsigned int size,
//printf("size: %u\n",size);
//printf("before query\n");
- /*��ѯ�Ƿ��и��ǣ�����и��ǣ����ظ��ǵ�segment��Ƭ�������û�и��ǣ�����0*/
+ /*��ѯ�Ƿ��и��ǣ�����и��ǣ����ظ��ǵ�segment��Ƭ�������û�и��ǣ�����0*/
if(offset>0)
{
overlap_segnum = IVI_query(_handle->ivi, offset-1, offset + size, &overlap_segs);
@@ -583,7 +583,7 @@ int sfh_merge_seg(fuzzy_handle_inner_t * _handle, sfh_seg_t * p, sfh_seg_t * n,u
}
/**
- * ȡ���������������hash_resultֵ��������ƴ�ӣ��γ�����result�������������abc[1:100]def[200:300]���ָ�ʽ
+ * ȡ���������������hash_resultֵ��������ƴ�ӣ��γ�����result�������������abc[1:100]def[200:300]���ָ�ʽ
*/
int SFH_digest(sfh_instance_t * handle, char * hash_buffer, unsigned int size)
{
@@ -687,7 +687,7 @@ void sfh_output_callback(IVI_seg_t * seg, void * user_para)
}
/**
- * ����fuzzy_hash�ĸ��ֳ���
+ * ����fuzzy_hash�ĸ��ֳ���
*/
unsigned long long SFH_status(sfh_instance_t * handle, int type)
{
@@ -697,13 +697,13 @@ unsigned long long SFH_status(sfh_instance_t * handle, int type)
char buffer[64];
switch(type)
{
- case TOTAL_LENGTH: //�Ѿ������hashֵ��ȫ������
+ case TOTAL_LENGTH: //�Ѿ������hashֵ��ȫ������
length = IVI_seg_length(_handle->ivi);
break;
- case EFFECTIVE_LENGTH: //�����ڼ���hashֵ�������Ч����
+ case EFFECTIVE_LENGTH: //�����ڼ���hashֵ�������Ч����
length = _handle->effective_length;
break;
- case HASH_LENGTH: //��������ϣ����ij���
+ case HASH_LENGTH: //��������ϣ����ij���
tmp_length.hash_length = 0;
tmp_length.first_ZTH_offset = 0;
tmp_length.last_ZTH_offset = 0;
generated by cgit v1.2.3 (git 2.39.1) at 2025-12-30 18:17:12 +0000