static void report_finding(struct result_info *res, llist *l, probe_ctx *ctx)
{
SEXP_t *item;
SEXP_t se_lport_mem, se_rport_mem, se_lfull_mem, se_ffull_mem, *se_uid_mem = NULL;
lnode *n = NULL;
if (l) {
n = list_get_cur(l);
}
if (n) {
item = probe_item_create(OVAL_LINUX_INET_LISTENING_SERVER, NULL,
"protocol", OVAL_DATATYPE_STRING, res->proto,
"local_address", OVAL_DATATYPE_STRING, res->laddr,
"local_port", OVAL_DATATYPE_SEXP, SEXP_number_newu_64_r(&se_lport_mem, res->lport),
"local_full_address", OVAL_DATATYPE_SEXP, SEXP_string_newf_r(&se_lfull_mem,
"%s:%u", res->laddr, res->lport),
"program_name", OVAL_DATATYPE_STRING, n->cmd,
"foreign_address", OVAL_DATATYPE_STRING, res->raddr,
"foreign_port", OVAL_DATATYPE_SEXP, SEXP_number_newu_64_r(&se_rport_mem, res->rport),
"foreign_full_address", OVAL_DATATYPE_SEXP, SEXP_string_newf_r(&se_ffull_mem,
"%s:%u", res->raddr, res->rport),
"pid", OVAL_DATATYPE_INTEGER, (int64_t)n->pid,
"user_id", OVAL_DATATYPE_SEXP, se_uid_mem = SEXP_number_newu_64(n->uid),
NULL);
} else {
item = probe_item_create(OVAL_LINUX_INET_LISTENING_SERVER, NULL,
"protocol", OVAL_DATATYPE_STRING, res->proto,
"local_address", OVAL_DATATYPE_STRING, res->laddr,
"local_port", OVAL_DATATYPE_SEXP, SEXP_number_newu_64_r(&se_lport_mem, res->lport),
"local_full_address", OVAL_DATATYPE_SEXP, SEXP_string_newf_r(&se_lfull_mem,
"%s:%u", res->laddr, res->lport),
"foreign_address", OVAL_DATATYPE_STRING, res->raddr,
"foreign_port", OVAL_DATATYPE_SEXP, SEXP_number_newu_64_r(&se_rport_mem, res->rport),
"foreign_full_address", OVAL_DATATYPE_SEXP, SEXP_string_newf_r(&se_ffull_mem,
"%s:%u", res->raddr, res->rport),
NULL);
}
probe_item_collect(ctx, item);
SEXP_free_r(&se_lport_mem);
SEXP_free_r(&se_rport_mem);
SEXP_free_r(&se_lfull_mem);
SEXP_free_r(&se_ffull_mem);
SEXP_free(se_uid_mem);
}
/* temporary workaround to generate ids */
static void _gen_item_id(SEXP_t *item)
{
static uint32_t id = 0;
SEXP_t sid, *name_ref, *tmp;
SEXP_string_newf_r(&sid, "1%05u%u", getpid(), ++id);
name_ref = SEXP_listref_first(item);
tmp = SEXP_list_replace(name_ref, 3, &sid);
SEXP_vfree(name_ref, tmp, NULL);
SEXP_free_r(&sid);
}
void probe_fini (void *arg)
{
_A((void *)arg == (void *)&__file_probe_mutex);
if (!SEXP_emptyp(&gr_lastpath))
SEXP_free_r(&gr_lastpath);
/*
* Destroy mutex.
*/
(void) pthread_mutex_destroy (&__file_probe_mutex);
return;
}
static void report_finding(struct result_info *res, probe_ctx *ctx, oval_schema_version_t over)
{
SEXP_t *item;
item = probe_item_create(OVAL_UNIX_PASSWORD, NULL,
"username", OVAL_DATATYPE_STRING, res->username,
"password", OVAL_DATATYPE_STRING, res->password,
"user_id", OVAL_DATATYPE_INTEGER, (int64_t)res->user_id,
"group_id", OVAL_DATATYPE_INTEGER, (int64_t)res->group_id,
"gcos", OVAL_DATATYPE_STRING, res->gcos,
"home_dir", OVAL_DATATYPE_STRING, res->home_dir,
"login_shell", OVAL_DATATYPE_STRING, res->login_shell,
NULL);
if (oval_schema_version_cmp(over, OVAL_SCHEMA_VERSION(5.10)) >= 0) {
SEXP_t last_login;
SEXP_number_newi_64_r(&last_login, res->last_login);
probe_item_ent_add(item, "last_login", NULL, &last_login);
SEXP_free_r(&last_login);
}
probe_item_collect(ctx, item);
}
static void probe_icache_item_setID(SEXP_t *item, SEXP_ID_t item_ID)
{
SEXP_t *name_ref, *prev_id;
SEXP_t uniq_id;
uint32_t local_id;
/* ((foo_item :id "<int>") ... ) */
assume_d(item != NULL, /* void */);
assume_d(SEXP_listp(item), /* void */);
#if defined(HAVE_ATOMIC_FUNCTIONS)
local_id = __sync_fetch_and_add(&next_ID, 1);
#else
if (pthread_mutex_lock(&next_ID_mutex) != 0) {
dE("Can't lock the next_ID_mutex: %u, %s", errno, strerror(errno));
abort();
}
local_id = ++next_ID;
if (pthread_mutex_unlock(&next_ID_mutex) != 0) {
dE("Can't unlock the next_ID_mutex: %u, %s", errno, strerror(errno));
abort();
}
#endif
SEXP_string_newf_r(&uniq_id, "1%05u%u", getpid(), local_id);
name_ref = SEXP_listref_first(item);
prev_id = SEXP_list_replace(name_ref, 3, &uniq_id);
SEXP_free(prev_id);
SEXP_free_r(&uniq_id);
SEXP_free(name_ref);
return;
}
static int file_cb (const char *p, const char *f, void *ptr)
{
char path_buffer[PATH_MAX];
SEXP_t *item, xattr_name;
struct cbargs *args = (struct cbargs *) ptr;
const char *st_path;
ssize_t xattr_count = -1;
char *xattr_buf = NULL;
size_t xattr_buflen = 0, i;
if (f == NULL) {
st_path = p;
} else {
snprintf (path_buffer, sizeof path_buffer, "%s/%s", p, f);
st_path = path_buffer;
}
SEXP_init(&xattr_name);
do {
/* estimate the size of the buffer */
xattr_count = llistxattr(st_path, NULL, 0);
if (xattr_count == 0)
return (0);
if (xattr_count < 0) {
dI("FAIL: llistxattr(%s, %p, %zu): errno=%u, %s.", errno, strerror(errno));
return 0;
}
/* allocate space for xattr names */
xattr_buflen = xattr_count;
xattr_buf = oscap_realloc(xattr_buf, sizeof(char) * xattr_buflen);
/* fill the buffer */
xattr_count = llistxattr(st_path, xattr_buf, xattr_buflen);
/* check & retry if needed */
} while (errno == ERANGE);
if (xattr_count < 0) {
dI("FAIL: llistxattr(%s, %p, %zu): errno=%u, %s.", errno, strerror(errno));
oscap_free(xattr_buf);
}
/* update lastpath if needed */
if (!SEXP_emptyp(&gr_lastpath)) {
if (SEXP_strcmp(&gr_lastpath, p) != 0) {
SEXP_free_r(&gr_lastpath);
SEXP_string_new_r(&gr_lastpath, p, strlen(p));
}
} else
SEXP_string_new_r(&gr_lastpath, p, strlen(p));
i = 0;
/* collect */
do {
SEXP_string_new_r(&xattr_name, xattr_buf + i, strlen(xattr_buf +i));
if (probe_entobj_cmp(args->attr_ent, &xattr_name) == OVAL_RESULT_TRUE) {
ssize_t xattr_vallen = -1;
char *xattr_val = NULL;
xattr_vallen = lgetxattr(st_path, xattr_buf + i, NULL, 0);
retry_value:
if (xattr_vallen >= 0) {
// Check possible buffer overflow
if (sizeof(char) * (xattr_vallen + 1) <= sizeof(char) * xattr_vallen) {
dE("Attribute is too long.");
abort();
}
// Allocate buffer, '+1' is for trailing '\0'
xattr_val = oscap_realloc(xattr_val, sizeof(char) * (xattr_vallen + 1));
// we don't want to override space for '\0' by call of 'lgetxattr'
// we pass only 'xattr_vallen' instead of 'xattr_vallen + 1'
xattr_vallen = lgetxattr(st_path, xattr_buf + i, xattr_val, xattr_vallen);
if (xattr_vallen < 0 || errno == ERANGE)
goto retry_value;
xattr_val[xattr_vallen] = '\0';
item = probe_item_create(OVAL_UNIX_FILEEXTENDEDATTRIBUTE, NULL,
"filepath", OVAL_DATATYPE_STRING, f == NULL ? NULL : st_path,
"path", OVAL_DATATYPE_SEXP, &gr_lastpath,
"filename", OVAL_DATATYPE_STRING, f == NULL ? "" : f,
"attribute_name", OVAL_DATATYPE_SEXP, &xattr_name,
"value", OVAL_DATATYPE_STRING, xattr_val,
NULL);
oscap_free(xattr_val);
} else {
dI("FAIL: lgetxattr(%s, %s, NULL, 0): errno=%u, %s.", errno, strerror(errno));
item = probe_item_create(OVAL_UNIX_FILEEXTENDEDATTRIBUTE, NULL, NULL);
probe_item_setstatus(item, SYSCHAR_STATUS_ERROR);
if (xattr_val != NULL)
oscap_free(xattr_val);
}
probe_item_collect(args->ctx, item); /* XXX: handle ENOMEM */
}
SEXP_free_r(&xattr_name);
/* skip to next name */
while (i < xattr_buflen && xattr_buf[i] != '\0')
++i;
++i;
} while (xattr_buf + i < xattr_buf + xattr_buflen - 1);
oscap_free(xattr_buf);
return (0);
}
int probe_main(probe_ctx *ctx, void *mutex)
{
LDAP *ldp;
LDAPMessage *ldpres, *entry;
SEXP_t *se_ldap_behaviors = NULL, *se_relative_dn = NULL;
SEXP_t *se_suffix = NULL, *se_attribute = NULL;
SEXP_t *sa_scope, *sv_op;
SEXP_t *item;
SEXP_t *probe_in;
char *relative_dn = NULL;
char *suffix = NULL, *xattribute = NULL;
char *uri_list, *uri, *uri_save, *attr;
int scope;
char base[2048];
char *attrs[3];
bool a_pattern_match = false, rdn_pattern_match = false;
/* runtime */
#if defined(PROBE_LDAP_MUTEX)
assume_r(mutex != NULL, PROBE_EINIT);
#endif
probe_in = probe_ctx_getobject(ctx);
se_ldap_behaviors = probe_obj_getent(probe_in, "behaviors", 1);
if (se_ldap_behaviors != NULL) {
sa_scope = probe_ent_getattrval(se_ldap_behaviors, "scope");
SEXP_free(se_ldap_behaviors);
if (sa_scope == NULL) {
dE("Atrribute `scope' is missing!");
return (PROBE_ENOATTR);
}
if (!SEXP_stringp(sa_scope)) {
dE("Invalid value type of the `scope' attribute.");
SEXP_free(sa_scope);
return (PROBE_EINVAL);
}
if (SEXP_strcmp(sa_scope, "ONE") == 0)
scope = LDAP_SCOPE_ONELEVEL;
else if (SEXP_strcmp(sa_scope, "BASE") == 0)
scope = LDAP_SCOPE_BASE;
else if (SEXP_strcmp(sa_scope, "SUBTREE") == 0)
scope = LDAP_SCOPE_SUBTREE;
else {
dE("Invalid value of the `scope' attribute.");
SEXP_free(sa_scope);
return (PROBE_EINVAL);
}
SEXP_free(sa_scope);
} else
scope = LDAP_SCOPE_BASE;
#define get_string(dst, se_dst, obj, ent_name) \
do { \
SEXP_t *__sval; \
\
__sval = probe_obj_getentval (obj, ent_name, 1); \
\
if (__sval != NULL) { \
(dst) = SEXP_string_cstr (__sval); \
\
if ((dst) == NULL) { \
SEXP_free(__sval); \
return (PROBE_EINVAL); \
} \
\
(se_dst) = __sval; \
} else { \
return (PROBE_ENOATTR); \
} \
} while (0)
get_string(suffix, se_suffix, probe_in, "suffix");
get_string(relative_dn, se_relative_dn, probe_in, "relative_dn");
get_string(xattribute, se_attribute, probe_in, "attribute");
if ((sv_op = probe_ent_getattrval(se_relative_dn, "operation")) != NULL) {
if (SEXP_number_geti_32(sv_op) == OVAL_OPERATION_PATTERN_MATCH)
rdn_pattern_match = true;
SEXP_free(sv_op);
}
if ((sv_op = probe_ent_getattrval(se_attribute, "operation")) != NULL) {
if (SEXP_number_geti_32(sv_op) == OVAL_OPERATION_PATTERN_MATCH)
a_pattern_match = true;
SEXP_free(sv_op);
}
/*
* Construct the attribute array for ldap_search_*
*
* nil -> "1.1"
* .* -> "*"
* "foo" -> "foo"
*/
attrs[0] = "objectClass";
if (xattribute == NULL)
attrs[1] = strdup("1.1"); /* no attibutes */
else if (a_pattern_match)
attrs[1] = strdup("*"); /* collect all, we'll filter them afterwards */
else
attrs[1] = xattribute; /* no pattern match, use the string directly */
attrs[2] = NULL;
/*
* Construct `base'
*/
assume_r(((relative_dn ? strlen(relative_dn) : 0) +
( suffix ? strlen(suffix) : 0) + 2) < (sizeof base/sizeof(char)),
PROBE_ERANGE);
if (relative_dn != NULL) {
strcpy(base, relative_dn);
strcat(base, ",");
strcat(base, suffix);
} else
strcpy(base, suffix);
/*
* Get URIs
*/
if (ldap_get_option(NULL, LDAP_OPT_URI, &uri_list) != LDAP_OPT_SUCCESS) {
item = probe_item_creat("ldap57_item", NULL, NULL);
probe_item_setstatus(item, SYSCHAR_STATUS_ERROR);
probe_item_collect(ctx, item);
dE("ldap_get_option failed");
goto fail0;
}
/*
* Query each URI
*/
for (;;) {
char *entry_dn = NULL;
if ((uri = strtok_r(uri_list, " ,", &uri_save)) == NULL)
break;
ldp = NULL;
if (ldap_initialize(&ldp, uri) != LDAP_SUCCESS)
continue;
if (ldap_search_ext_s(ldp, base, scope, NULL, attrs, 0,
NULL /* serverctrls */,
NULL /* clientctrls */,
NULL /* timeout */,
0, &ldpres) != LDAP_SUCCESS)
{
item = probe_item_creat("ldap57_item", NULL, NULL);
probe_item_setstatus(item, SYSCHAR_STATUS_ERROR);
probe_item_collect(ctx, item);
dE("ldap_search_ext_s failed");
goto fail0;
}
entry = ldap_first_entry(ldp, ldpres);
entry_dn = ldap_get_dn(ldp, entry);
while (entry != NULL) {
BerElement *berelm = NULL;
attr = ldap_first_attribute(ldp, entry, &berelm);
/* XXX: pattern match filter */
while (attr != NULL) {
SEXP_t *se_value = NULL;
ber_tag_t bertag = LBER_DEFAULT;
ber_len_t berlen = 0;
Sockbuf *berbuf = NULL;
SEXP_t se_tmp_mem;
berbuf = ber_sockbuf_alloc();
/*
* Prepare the value (record) entity. Collect only
* primitive (i.e. simple) types.
*/
se_value = probe_ent_creat1("value", NULL, NULL);
probe_ent_setdatatype(se_value, OVAL_DATATYPE_RECORD);
/*
* XXX: does ber_get_next() return LBER_ERROR after the last value?
*/
while ((bertag = ber_get_next(berbuf, &berlen, berelm)) != LBER_ERROR) {
SEXP_t *field = NULL;
oval_datatype_t field_type = OVAL_DATATYPE_UNKNOWN;
switch(bertag & LBER_ENCODING_MASK) {
case LBER_PRIMITIVE:
dI("Found primitive value, bertag = %u", bertag);
break;
case LBER_CONSTRUCTED:
dW("Don't know how to handle LBER_CONSTRUCTED values");
/* FALLTHROUGH */
default:
dW("Skipping attribute value, bertag = %u", bertag);
continue;
}
assume_d(bertag & LBER_PRIMITIVE, NULL);
switch(bertag & LBER_BIG_TAG_MASK) {
case LBER_BOOLEAN:
{ /* LDAPTYPE_BOOLEAN */
ber_int_t val = -1;
if (ber_get_boolean(berelm, &val) == LBER_ERROR) {
dW("ber_get_boolean: LBER_ERROR");
/* XXX: set error status on field */
continue;
}
assume_d(val != -1, NULL);
field = probe_ent_creat1("field", NULL, SEXP_number_newb_r(&se_tmp_mem, (bool)val));
field_type = OVAL_DATATYPE_BOOLEAN;
SEXP_free_r(&se_tmp_mem);
} break;
case LBER_INTEGER:
{ /* LDAPTYPE_INTEGER */
ber_int_t val = -1;
if (ber_get_int(berelm, &val) == LBER_ERROR) {
dW("ber_get_int: LBER_ERROR");
/* XXX: set error status on field */
continue;
}
field = probe_ent_creat1("field", NULL, SEXP_number_newi_r(&se_tmp_mem, (int)val));
field_type = OVAL_DATATYPE_INTEGER;
SEXP_free_r(&se_tmp_mem);
} break;
case LBER_BITSTRING:
/* LDAPTYPE_BIT_STRING */
dW("LBER_BITSTRING: not implemented");
continue;
case LBER_OCTETSTRING:
{ /*
* LDAPTYPE_PRINTABLE_STRING
* LDAPTYPE_NUMERIC_STRING
* LDAPTYPE_DN_STRING
* LDAPTYPE_BINARY (?)
*/
char *val = NULL;
if (ber_get_stringa(berelm, &val) == LBER_ERROR) {
dW("ber_get_stringa: LBER_ERROR");
/* XXX: set error status on field */
continue;
}
assume_d(val != NULL, NULL);
field = probe_ent_creat1("field", NULL, SEXP_string_new_r(&se_tmp_mem, val, strlen(val)));
field_type = OVAL_DATATYPE_STRING;
SEXP_free_r(&se_tmp_mem);
ber_memfree(val);
} break;
case LBER_NULL:
/* XXX: no equivalent LDAPTYPE_? or empty */
dI("LBER_NULL: skipped");
continue;
case LBER_ENUMERATED:
/* XXX: no equivalent LDAPTYPE_? */
dW("Don't know how to handle LBER_ENUMERATED type");
continue;
default:
dW("Unknown attribute value type, bertag = %u", bertag);
continue;
}
if (field != NULL) {
assume_d(field_type != OVAL_DATATYPE_UNKNOWN, NULL);
probe_ent_setdatatype(field, field_type);
probe_ent_attr_add(field, "name", SEXP_string_new_r(&se_tmp_mem, attr, strlen(attr)));
SEXP_list_add(se_value, field);
SEXP_free_r(&se_tmp_mem);
SEXP_free(field);
}
}
ber_sockbuf_free(berbuf);
/*
* Create the item
*/
item = probe_item_create(OVAL_INDEPENDENT_LDAP57, NULL,
"suffix", OVAL_DATATYPE_STRING, suffix,
"relative_dn", OVAL_DATATYPE_STRING, relative_dn, /* XXX: pattern match */
"attribute", OVAL_DATATYPE_STRING, attr,
"object_class", OVAL_DATATYPE_STRING, "",
"ldaptype", OVAL_DATATYPE_STRING, "",
NULL);
SEXP_list_add(item, se_value);
SEXP_free(se_value);
probe_item_collect(ctx, item);
attr = ldap_next_attribute(ldp, entry, berelm);
}
ber_free(berelm, 0);
ldap_memfree(entry_dn);
entry = ldap_next_entry(ldp, entry);
entry_dn = ldap_get_dn(ldp, entry);
}
/*
* Close the LDAP connection and free resources
*/
ldap_unbind_ext_s(ldp, NULL, NULL);
}
ldap_memfree(uri_list);
fail0:
SEXP_free(se_suffix);
SEXP_free(se_relative_dn);
SEXP_free(se_attribute);
free(suffix);
free(relative_dn);
free(attrs[1]); /* attribute */
return (0);
}
int oval_object_to_sexp(void *sess, const char *typestr, struct oval_syschar *syschar, SEXP_t **out_sexp)
{
unsigned int ent_cnt, varref_cnt;
int ret;
SEXP_t *obj_sexp, *elm, *varrefs, *ent_lst, *lst, *stmp;
SEXP_t *r0, *r1, *r2, *obj_attr, sm0, sm1;
struct oval_object *object;
struct oval_object_content_iterator *cit;
struct oval_behavior_iterator *bit;
struct oval_object_content *content;
struct oval_entity *entity;
char obj_name[128];
const char *obj_id;
object = oval_syschar_get_object(syschar);
/*
* Object name & attributes (id)
*/
ret = snprintf(obj_name, sizeof obj_name, "%s_object", typestr);
if (ret<0 || (unsigned int) ret > sizeof obj_name) {
dE("obj_name length too short");
return -1;
}
// even though it returns const char* it has to be freed :-(
char *obj_over = (char*)oval_schema_version_to_cstr(oval_object_get_platform_schema_version(object));
obj_id = oval_object_get_id(object);
obj_attr = probe_attr_creat("id", SEXP_string_new_r(&sm0, obj_id, strlen(obj_id)),
"oval_version", SEXP_string_new_r(&sm1, obj_over, strlen(obj_over)),
NULL);
free(obj_over);
obj_sexp = probe_obj_new(obj_name, obj_attr);
SEXP_free_r(&sm0);
SEXP_free_r(&sm1);
SEXP_free(obj_attr);
/*
* Object content
*/
ent_lst = SEXP_list_new(NULL);
varrefs = NULL;
ent_cnt = varref_cnt = 0;
cit = oval_object_get_object_contents(object);
while (oval_object_content_iterator_has_more(cit)) {
oval_check_t ochk;
oval_entity_varref_type_t vr_type;
content = oval_object_content_iterator_next(cit);
elm = NULL;
lst = ent_lst;
switch (oval_object_content_get_type(content)) {
case OVAL_OBJECTCONTENT_ENTITY:
entity = oval_object_content_get_entity(content);
elm = oval_entity_to_sexp(entity);
if (elm == NULL)
break;
ochk = oval_object_content_get_varCheck(content);
if (ochk != OVAL_CHECK_UNKNOWN) {
probe_ent_attr_add(elm, "var_check",
r0 = SEXP_number_newu_32(ochk));
SEXP_free(r0);
}
ret = 0;
vr_type = oval_entity_get_varref_type(entity);
if (vr_type == OVAL_ENTITY_VARREF_ATTRIBUTE) {
const char *var_id = oval_variable_get_id(oval_entity_get_variable(entity));
const char *field_name = oval_object_content_get_field_name(content);
dI("Object '%s' references variable '%s' in '%s' field.", obj_id, var_id, field_name);
ret = oval_varref_attr_to_sexp(sess, entity, syschar, &stmp);
if (ret == 0) {
if (varrefs == NULL)
varrefs = SEXP_list_new(NULL);
SEXP_list_add(varrefs, stmp);
SEXP_free(stmp);
// todo: don't add duplicates
++varref_cnt;
lst = obj_sexp;
++ent_cnt;
}
} else if (vr_type == OVAL_ENTITY_VARREF_ELEMENT) {
SEXP_t *val_lst;
struct oval_variable *var;
oval_datatype_t dt;
var = oval_entity_get_variable(entity);
dt = oval_entity_get_datatype(entity);
ret = oval_varref_elm_to_sexp(sess, var, dt, &val_lst, syschar);
if (ret == 0) {
SEXP_list_add(elm, val_lst);
SEXP_free(val_lst);
}
}
if (ret != 0) {
SEXP_t s_flag;
SEXP_number_newi_32_r(&s_flag, SYSCHAR_FLAG_DOES_NOT_EXIST);
probe_item_attr_add(obj_sexp, "skip_eval", &s_flag);
SEXP_free_r(&s_flag);
SEXP_free(elm);
SEXP_free(ent_lst);
if (varrefs != NULL)
SEXP_free(varrefs);
oval_object_content_iterator_free(cit);
*out_sexp = obj_sexp;
return (0);
}
break;
case OVAL_OBJECTCONTENT_SET:
elm = oval_set_to_sexp(oval_object_content_get_setobject(content));
break;
case OVAL_OBJECTCONTENT_FILTER: {
struct oval_filter *filter = oval_object_content_get_filter(content);
struct oval_state *ste = oval_filter_get_state(filter);
const char *ste_id = oval_state_get_id(ste);
oval_filter_action_t action = oval_filter_get_filter_action(filter);
const char *action_text = oval_filter_action_get_text(action);
dI("Object '%s' has a filter that %ss items conforming to state '%s'.",
obj_id, action_text, ste_id);
elm = oval_filter_to_sexp(filter);
}
break;
case OVAL_OBJECTCONTENT_UNKNOWN:
break;
}
if (elm == NULL) {
SEXP_free(obj_sexp);
SEXP_free(ent_lst);
if (varrefs != NULL)
SEXP_free(varrefs);
oval_object_content_iterator_free(cit);
return -1;
}
SEXP_list_add(lst, elm);
SEXP_free(elm);
}
if (varrefs != NULL) {
// todo: SEXP_list_push()
stmp = SEXP_list_new(r0 = SEXP_string_new("varrefs", 7),
r1 = SEXP_number_newu(varref_cnt), r2 = SEXP_number_newu(ent_cnt), NULL);
SEXP_vfree(r0, r1, r2, NULL);
r0 = SEXP_list_join(stmp, varrefs);
SEXP_list_add(obj_sexp, r0);
SEXP_vfree(stmp, varrefs, r0, NULL);
}
stmp = SEXP_list_join(obj_sexp, ent_lst);
SEXP_free(obj_sexp);
SEXP_free(ent_lst);
obj_sexp = stmp;
oval_object_content_iterator_free(cit);
/*
* Object behaviors
*/
bit = oval_object_get_behaviors(object);
if (oval_behavior_iterator_has_more(bit)) {
elm = oval_behaviors_to_sexp(bit);
SEXP_list_add(obj_sexp, elm);
SEXP_free(elm);
}
oval_behavior_iterator_free(bit);
*out_sexp = obj_sexp;
return (0);
}
static void *probe_icache_worker(void *arg)
{
probe_icache_t *cache = (probe_icache_t *)(arg);
probe_iqpair_t *pair, pair_mem;
SEXP_ID_t item_ID;
assume_d(cache != NULL, NULL);
pthread_setname_np(pthread_self(), "icache_worker");
if (pthread_mutex_lock(&cache->queue_mutex) != 0) {
dE("An error ocured while locking the queue mutex: %u, %s",
errno, strerror(errno));
return (NULL);
}
pair = &pair_mem;
dD("icache worker ready");
switch (errno = pthread_barrier_wait(&OSCAP_GSYM(th_barrier)))
{
case 0:
case PTHREAD_BARRIER_SERIAL_THREAD:
break;
default:
dE("pthread_barrier_wait: %d, %s.",
errno, strerror(errno));
pthread_mutex_unlock(&cache->queue_mutex);
return (NULL);
}
while(pthread_cond_wait(&cache->queue_notempty, &cache->queue_mutex) == 0) {
assume_d(cache->queue_cnt > 0, NULL);
next:
dD("Extracting item from the cache queue: cnt=%"PRIu16", beg=%"PRIu16"", cache->queue_cnt, cache->queue_beg);
/*
* Extract an item from the queue and update queue beg, end & cnt
*/
pair_mem = cache->queue[cache->queue_beg];
#ifndef NDEBUG
memset(cache->queue + cache->queue_beg, 0, sizeof(probe_iqpair_t));
#endif
--cache->queue_cnt;
++cache->queue_beg;
if (cache->queue_beg == cache->queue_max)
cache->queue_beg = 0;
assume_d(cache->queue_cnt == 0 ?
cache->queue_end == cache->queue_beg :
cache->queue_end != cache->queue_beg, NULL);
/*
* Release the mutex
*/
if (pthread_mutex_unlock(&cache->queue_mutex) != 0) {
dE("An error ocured while unlocking the queue mutex: %u, %s",
errno, strerror(errno));
abort();
}
dD("Signaling `notfull'");
if (pthread_cond_signal(&cache->queue_notfull) != 0) {
dE("An error ocured while signaling the `notfull' condition: %u, %s",
errno, strerror(errno));
abort();
}
if (pair->cobj == NULL) {
/*
* Handle NOP case (synchronization)
*/
assume_d(pair->p.cond != NULL, NULL);
dD("Handling NOP");
if (pthread_cond_signal(pair->p.cond) != 0) {
dE("An error ocured while signaling NOP condition: %u, %s",
errno, strerror(errno));
abort();
}
} else {
probe_citem_t *cached = NULL;
dD("Handling cache request");
/*
* Compute item ID
*/
item_ID = SEXP_ID_v(pair->p.item);
dD("item ID=%"PRIu64"", item_ID);
/*
* Perform cache lookup
*/
if (rbt_i64_get(cache->tree, (int64_t)item_ID, (void *)&cached) == 0) {
register uint16_t i;
SEXP_t rest1, rest2;
/*
* Maybe a cache HIT
*/
dD("cache HIT #1");
for (i = 0; i < cached->count; ++i) {
if (SEXP_deepcmp(SEXP_list_rest_r(&rest1, pair->p.item),
SEXP_list_rest_r(&rest2, cached->item[i])))
{
SEXP_free_r(&rest1);
SEXP_free_r(&rest2);
break;
}
SEXP_free_r(&rest1);
SEXP_free_r(&rest2);
}
if (i == cached->count) {
/*
* Cache MISS
*/
dD("cache MISS");
cached->item = oscap_realloc(cached->item, sizeof(SEXP_t *) * ++cached->count);
cached->item[cached->count - 1] = pair->p.item;
/* Assign an unique item ID */
probe_icache_item_setID(pair->p.item, item_ID);
} else {
/*
* Cache HIT
*/
dD("cache HIT #2 -> real HIT");
SEXP_free(pair->p.item);
pair->p.item = cached->item[i];
}
} else {
/*
* Cache MISS
*/
dD("cache MISS");
cached = oscap_talloc(probe_citem_t);
cached->item = oscap_talloc(SEXP_t *);
cached->item[0] = pair->p.item;
cached->count = 1;
/* Assign an unique item ID */
probe_icache_item_setID(pair->p.item, item_ID);
if (rbt_i64_add(cache->tree, (int64_t)item_ID, (void *)cached, NULL) != 0) {
dE("Can't add item (k=%"PRIi64" to the cache (%p)", (int64_t)item_ID, cache->tree);
oscap_free(cached->item);
oscap_free(cached);
/* now what? */
abort();
}
}
if (probe_cobj_add_item(pair->cobj, pair->p.item) != 0) {
dW("An error ocured while adding the item to the collected object");
}
}
if (pthread_mutex_lock(&cache->queue_mutex) != 0) {
dE("An error ocured while re-locking the queue mutex: %u, %s",
errno, strerror(errno));
abort();
}
if (cache->queue_cnt > 0)
goto next;
}
return (NULL);
}
