[Apparmor-dev] AppArmor Development
John Johansen
jjohansen at suse.de
Tue Nov 11 15:27:18 MST 2008
Jacob I. Torrey wrote:
> John,
> I have checked out the code and I agree that it isn't the prettiest
> thing I've seen. What functionality should the parser be able to handle?
> I think that quite an extensive overhaul of the code is needed to make
> it cleaner.
>
yeah, basically a rewrite is needed.
The functionality that is needed is a parser library, so it can be
shared by the various tools (parser, genprof/logprof, merge tool,
profile editor, lint tool, ...)
I see the parser lib split into a few levels/sections
- Basic parsing
- multiple entry points so that it can be used to parse individual
statemetns, as well as whole files.
- manage the generated parse tree objects, iterate over them
- be able to add delete parsed rules. eg. a tool may add a rule at a
time as they are entered.
- output parse tree as a profile
- retain comments
- Tree manipulation
- variable resolution
- conditional resolution
- include expansion
- DFA generation and regex manipulation
- generate the dfa
- handle regex merging and overlapping
- output
- Profile loading
- loading, dumping profiles
- swig wrappers so it can be used by various languages.
I have been doing some work to clean up the dfa code, and plan to
continue with it. I also started coding a Basic parser in yacc/flex
with multiple entry points but haven't gotten very far (I could dig it
up and send it to you).
john
More information about the Apparmor-dev
mailing list