From 429a21b0ce61b283d2466acb8ecbbe17a0d66445 Mon Sep 17 00:00:00 2001
From: daemon1024 <barun1024@gmail.com>
Date: Thu, 7 Mar 2024 03:57:01 +0530
Subject: [PATCH] fix(hsp/systemd): parse both matchpaths and matchdir together
 on hsp event

Signed-off-by: daemon1024 <barun1024@gmail.com>
---
 KubeArmor/core/kubeUpdate.go            |  8 ++++++--
 KubeArmor/core/unorchestratedUpdates.go | 13 ++++++-------
 2 files changed, 12 insertions(+), 9 deletions(-)

diff --git a/KubeArmor/core/kubeUpdate.go b/KubeArmor/core/kubeUpdate.go
index cf9877285b..822c70210b 100644
--- a/KubeArmor/core/kubeUpdate.go
+++ b/KubeArmor/core/kubeUpdate.go
@@ -1568,7 +1568,9 @@ func (dm *KubeArmorDaemon) ParseAndUpdateHostSecurityPolicy(event tp.K8sKubeArmo
 				}
 			}
 		}
-	} else if len(secPolicy.Spec.Process.MatchDirectories) > 0 {
+	}
+
+	if len(secPolicy.Spec.Process.MatchDirectories) > 0 {
 		for idx, dir := range secPolicy.Spec.Process.MatchDirectories {
 			if dir.Severity == 0 {
 				if secPolicy.Spec.Process.Severity != 0 {
@@ -1602,7 +1604,9 @@ func (dm *KubeArmorDaemon) ParseAndUpdateHostSecurityPolicy(event tp.K8sKubeArmo
 				}
 			}
 		}
-	} else if len(secPolicy.Spec.Process.MatchPatterns) > 0 {
+	}
+
+	if len(secPolicy.Spec.Process.MatchPatterns) > 0 {
 		for idx, pat := range secPolicy.Spec.Process.MatchPatterns {
 			if pat.Severity == 0 {
 				if secPolicy.Spec.Process.Severity != 0 {
diff --git a/KubeArmor/core/unorchestratedUpdates.go b/KubeArmor/core/unorchestratedUpdates.go
index 9915428f68..2d4a82e91e 100644
--- a/KubeArmor/core/unorchestratedUpdates.go
+++ b/KubeArmor/core/unorchestratedUpdates.go
@@ -677,9 +677,12 @@ func (dm *KubeArmorDaemon) restoreKubeArmorPolicies() {
 					}
 
 				} else { // HostSecurityPolicy
-					var hostPolicy tp.HostSecurityPolicy
+					var hostPolicy tp.K8sKubeArmorHostPolicy
 					if err := json.Unmarshal(data, &hostPolicy); err == nil {
-						dm.HostSecurityPolicies = append(dm.HostSecurityPolicies, hostPolicy)
+						dm.ParseAndUpdateHostSecurityPolicy(tp.K8sKubeArmorHostPolicyEvent{
+							Type:   "ADDED",
+							Object: hostPolicy,
+						})
 					} else {
 						kg.Errf("Failed to unmarshal host policy: %v", err)
 					}
@@ -687,11 +690,7 @@ func (dm *KubeArmorDaemon) restoreKubeArmorPolicies() {
 			}
 		}
 
-		if len(policyFiles) != 0 {
-			if len(dm.HostSecurityPolicies) != 0 {
-				dm.UpdateHostSecurityPolicies()
-			}
-		} else {
+		if len(policyFiles) == 0 {
 			kg.Warn("No policies found for restoration")
 		}
 	}