Merge pull request #125 from draios/add-pmatch

Add the new pmatch operator.

userspace/engine/lua/compiler.lua

@@ -143,7 +143,7 @@ function check_for_ignored_syscalls_events(ast, filter_type, source)
 	 (node.left.value == "evt.type" or
 	  node.left.value == "syscall.type") then
 
-	    if node.operator == "in" then
+	    if node.operator == "in" or node.operator == "pmatch" then
 	       for i, v in ipairs(node.right.elements) do
 		  if v.type == "BareString" then
 		     if node.left.value == "evt.type" then
@@ -200,7 +200,7 @@ function get_evttypes(name, ast, source)
 	    if found_not then
 	       found_event_after_not = true
 	    end
-	    if node.operator == "in" then
+	    if node.operator == "in" or node.operator == "pmatch" then
 	       for i, v in ipairs(node.right.elements) do
 		  if v.type == "BareString" then
 		     evtnames[v.value] = 1

userspace/engine/lua/parser.lua

@@ -199,6 +199,7 @@ local G = {
   RelationalExpression =
      rel(terminal "FieldName", V"RelOp", V"Value") +
      rel(terminal "FieldName", V"InOp", V"InList") +
+     rel(terminal "FieldName", V"PmatchOp", V"InList") +
      V"PrimaryExp";
 
   PrimaryExp = symb("(") * V"Filter" * symb(")");
@@ -248,6 +249,7 @@ local G = {
           symb("glob") / "glob" +
           symb("startswith") / "startswith";
   InOp = kw("in") / "in";
+  PmatchOp = kw("pmatch") / "pmatch";
   UnaryBoolOp = kw("not") / "not";
   ExistsOp = kw("exists") / "exists";
 

userspace/engine/lua/rule_loader.lua

@@ -72,7 +72,7 @@ local function install_filter(node, parent_bool_op)
       filter.unnest() -- io.write(")")
 
    elseif t == "BinaryRelOp" then
-      if (node.operator == "in") then
+      if (node.operator == "in" or node.operator == "pmatch") then
 	 elements = map(function (el) return el.value end, node.right.elements)
 	 filter.rel_expr(node.left.value, node.operator, elements, node.index)
       else