/// <summary>
/// Deserializes
/// </summary>
public static async Task <FileAccessWhitelist> DeserializeAsync(
BuildXLReader reader,
Task <PipExecutionContext> contextTask)
{
Contract.Requires(reader != null);
Contract.Requires(contextTask != null);
var context = await contextTask;
if (context == null)
{
return(null);
}
var result = new FileAccessWhitelist(context);
DeserializeCore(reader, result);
var moduleWhitelistCount = reader.ReadInt32Compact();
for (int j = 0; j < moduleWhitelistCount; j++)
{
var moduleId = reader.ReadModuleId();
FileAccessWhitelist moduleWhitelist = new FileAccessWhitelist(result);
DeserializeCore(reader, moduleWhitelist);
result.m_moduleWhitelists.Add(moduleId, moduleWhitelist);
}
return(result);
}
/// <inheritdoc />
public override FileAccessWhitelist.MatchType Matches(ReportedFileAccess reportedFileAccess, Process pip, PathTable pathTable)
{
Contract.Requires(pip != null);
Contract.Requires(pathTable != null);
// An access is whitelisted if:
// * The tool was in the whitelist (implicit here by lookup from FileAccessWhitelist.Matches) AND
// * the path filter matches (or is empty)
return(FileAccessWhitelist.Match(FileAccessWhitelist.PathFilterMatches(PathRegex.Regex, reportedFileAccess, pathTable), AllowsCaching));
}
/// <summary>
/// Construct a nested whitelist.
/// </summary>
private FileAccessWhitelist(FileAccessWhitelist parent)
{
Contract.Requires(parent != null);
m_context = parent.m_context;
m_valuePathEntries = new MultiValueDictionary <FullSymbol, ValuePathFileAccessWhitelistEntry>();
m_executablePathEntries = new MultiValueDictionary <AbsolutePath, ExecutablePathWhitelistEntry>();
m_counts = new ConcurrentDictionary <string, int>();
m_moduleWhitelists = null;
m_parent = parent;
}
/// <summary>
/// Creates a context. All <see cref="Counters"/> are initially zero and will increase as accesses are reported.
/// </summary>
public FileAccessReportingContext(LoggingContext loggingContext, PipExecutionContext context, ISandboxConfiguration config, Process pip, bool reportWhitelistedAccesses, FileAccessWhitelist whitelist = null)
{
Contract.Requires(loggingContext != null);
Contract.Requires(context != null);
Contract.Requires(config != null);
Contract.Requires(pip != null);
m_loggingContext = loggingContext;
m_context = context;
m_config = config;
m_pip = pip;
m_reportWhitelistedAccesses = reportWhitelistedAccesses;
m_fileAccessWhitelist = whitelist;
}
private static void DeserializeCore(BuildXLReader reader, FileAccessWhitelist whitelist)
{
var valuePathEntryCount = reader.ReadInt32Compact();
for (int i = 0; i < valuePathEntryCount; i++)
{
whitelist.Add(ValuePathFileAccessWhitelistEntry.Deserialize(reader));
}
var executablePathEntryCount = reader.ReadInt32Compact();
for (int i = 0; i < executablePathEntryCount; i++)
{
whitelist.Add(ExecutablePathWhitelistEntry.Deserialize(reader));
}
}
/// <summary>
/// Constructs a new FileAccessWhiteList from the root configuration.
/// </summary>
/// <remarks>Throws a BuildXLException on error.</remarks>
public void Initialize(IRootModuleConfiguration rootConfiguration)
{
Contract.Assert(m_parent == null, "Only root whitelist can be initialized");
Initialize((IModuleConfiguration)rootConfiguration);
foreach (var module in rootConfiguration.ModulePolicies.Values)
{
if ((module.FileAccessWhiteList.Count == 0) &&
(module.CacheableFileAccessWhitelist.Count == 0))
{
continue;
}
var moduleWhitelist = new FileAccessWhitelist(this);
moduleWhitelist.Initialize(module);
m_moduleWhitelists.Add(module.ModuleId, moduleWhitelist);
}
}
