policyrep: Refactor base classes for loading attributes on construction.

This commit is contained in:
Chris PeBenito 2018-08-06 15:27:41 -04:00
parent 79b56f4fa8
commit 22967fa6a2
4 changed files with 32 additions and 87 deletions

View File

@ -22,48 +22,21 @@ cdef class PolicyRule(PolicySymbol):
"""This is base class for policy rules."""
# This is initialized to False
cdef readonly bint extended
cdef:
uintptr_t key
readonly object ruletype
readonly object source
readonly object target
readonly object origin
# This is initialized to False:
readonly bint extended
def __str__(self):
raise NotImplementedError
def __lt__(self, other):
return str(self) < str(other)
@property
def ruletype(self):
"""The rule type for the rule."""
raise NotImplementedError
@property
def source(self):
"""
The source for the rule. This should be overridden by
subclasses.
"""
raise NotImplementedError
@property
def target(self):
"""
The target for the rule. This should be overridden by
subclasses.
"""
raise NotImplementedError
@property
def tclass(self):
"""The object class for the rule."""
raise NotImplementedError
@property
def default(self):
"""
The default for the rule. This should be overridden by
subclasses.
"""
raise NotImplementedError
def _eq(self, PolicyRule other):
return self.key == other.key
@property
def conditional(self):

View File

@ -30,6 +30,15 @@ cdef class PolicySymbol:
def __hash__(self):
return hash(str(self))
def __copy__(self):
# Do not copy.
return self
def __deepcopy__(self, memo):
# Do not copy.
memo[id(self)] = self
return self
def __eq__(self, other):
try:
# This is a regular Python function, so it cannot
@ -68,16 +77,13 @@ cdef class Ocontext(PolicySymbol):
"""Base class for most in-policy labeling statements, (portcon, nodecon, etc.)"""
cdef sepol.ocontext_t *handle
cdef:
uintptr_t key
readonly Context context
def _eq(self, Ocontext other):
"""Low-level equality check (C pointers)."""
return self.handle == other.handle
@property
def context(self):
"""The context for this statement."""
return Context.factory(self.policy, self.handle.context)
return self.key == other.key
def statement(self):
return str(self)

View File

@ -45,42 +45,10 @@ cdef class BaseTERule(PolicyRule):
"""Base class for TE rules."""
cdef:
sepol.avtab_key_t *key
sepol.avtab_datum_t *datum
object rule_string
object _conditional
object _conditional_block
def __hash__(self):
return hash("{0.ruletype}|{0.source}|{0.target}|{0.tclass}|{1}|{2}".format(
self, self._conditional, self._conditional_block))
def _eq(self, BaseTERule other):
return self.key == other.key and self.datum == other.datum
@property
def ruletype(self):
"""The rule type."""
# mask the enabled bit for the ruletype lookup in conditional rules
return TERuletype(self.key.specified & ~sepol.AVTAB_ENABLED)
@property
def source(self):
"""The rule's source type/attribute."""
return type_or_attr_factory(self.policy,
self.policy.type_value_to_datum(self.key.source_type - 1))
@property
def target(self):
"""The rule's target type/attribute."""
return type_or_attr_factory(self.policy,
self.policy.type_value_to_datum(self.key.target_type - 1))
@property
def tclass(self):
"""The rule's object class."""
return ObjClass.factory(self.policy,
self.policy.class_value_to_datum(self.key.target_class - 1))
readonly ObjClass tclass
str rule_string
Conditional _conditional
bint _conditional_block
@property
def filename(self):

View File

@ -46,19 +46,17 @@ cdef class BaseType(PolicySymbol):
"""Type/attribute base class."""
cdef sepol.type_datum_t *handle
cdef:
sepol.type_datum_t *handle
readonly str name
def __str__(self):
return self.policy.type_value_to_name(self.handle.s.value - 1)
return self.name
def _eq(self, BaseType other):
"""Low-level equality check (C pointers)."""
return self.handle == other.handle
@property
def ispermissive(self):
raise NotImplementedError
def expand(self):
"""Generator that expands this attribute into its member types."""
raise NotImplementedError