/** This method is the public entry point for the visitor. */ public static Set<AclLineMatchExpr> getLiterals(AclLineMatchExpr expr) { AclLineMatchExprLiterals aclLineMatchExprLiterals = new AclLineMatchExprLiterals(); aclLineMatchExprLiterals.visit(expr); return aclLineMatchExprLiterals._literals; }
public static IdentityHashMap<AclLineMatchExpr, IpAccessListLineIndex> literalsToLines( IpAccessList acl) { return literalsToLines(Collections.singleton(acl)); }
@Override public Void visitNotMatchExpr(NotMatchExpr notMatchExpr) { // normalization retains negation on literals but not in general, so we recurse either way this.visit(notMatchExpr.getOperand()); return null; }
public static IdentityHashMap<AclLineMatchExpr, IpAccessListLineIndex> literalsToLines( Collection<IpAccessList> acls) { IdentityHashMap<AclLineMatchExpr, IpAccessListLineIndex> literalsToLines = new IdentityHashMap<>(); acls.forEach( currAcl -> { List<IpAccessListLine> lines = currAcl.getLines(); IntStream.range(0, lines.size()) .forEach( i -> AclLineMatchExprLiterals.getLiterals(lines.get(i).getMatchCondition()) .forEach( lit -> literalsToLines.put(lit, new IpAccessListLineIndex(currAcl, i)))); }); return literalsToLines; }
/** * Explain the flow space permitted by an {@link IpAccessList}. Along with the explanation is its * provenance: a map from each literal in the explanation to the set of ACL lines on which the * literal depends. */ public static AclLineMatchExprWithProvenance<IpAccessListLineIndex> explainWithProvenance( BDDPacket bddPacket, BDDSourceManager mgr, AclLineMatchExpr invariantExpr, IpAccessList acl, Map<String, IpAccessList> namedAcls, Map<String, IpSpace> namedIpSpaces) { checkArgument( namedAcls.getOrDefault(acl.getName(), acl).equals(acl), "namedAcls contains a different ACL with the same name as acl"); IpAccessListToBDD ipAccessListToBDD = MemoizedIpAccessListToBDD.create(bddPacket, mgr, namedAcls, namedIpSpaces); // add the top-level acl to the list of named acls, because we are going to create // a new top-level acl to take into account the given invariant Map<String, IpAccessList> finalNamedAcls = new TreeMap<>(namedAcls); finalNamedAcls.putIfAbsent(acl.getName(), acl); IpAccessList aclWithInvariant = scopedAcl(invariantExpr, acl); IdentityHashMap<AclLineMatchExpr, IpAccessListLineIndex> literalsToLines = AclLineMatchExprLiterals.literalsToLines(finalNamedAcls.values()); // add the newly created ACL's literals here to get provenance tracking for the // user-provided invariant as well literalsToLines.putAll(AclLineMatchExprLiterals.literalsToLines(aclWithInvariant)); return explainWithProvenance( ipAccessListToBDD, aclWithInvariant, ImmutableMap.copyOf(finalNamedAcls), literalsToLines); }
AclLineMatchExprLiterals.literalsToLines(finalPermitNamedAcls.values()); AclLineMatchExprLiterals.literalsToLines(finalDenyNamedAcls.values()); for (Map.Entry<AclLineMatchExpr, IpAccessListLineIndex> entry : denyLiteralsToLines.entrySet()) {
literalsToLines.putAll(AclLineMatchExprLiterals.literalsToLines(diffAclWithInvariant));