/third_party/selinux/secilc/docs/ |
D | cil_network_labeling_statements.md | 55 (nodecon ARG1 ARG2 netlabel_1)) 111 nodecon section in Network Labeling Statements 121 (nodecon subnet_id netmask_id context_id) 133 <td align="left"><p><code>nodecon</code></p></td> 134 <td align="left"><p>The <code>nodecon</code> keyword.</p></td> 153 These examples show named and anonymous [`nodecon`](cil_network_labeling_statements.md#nodecon) sta… 162 (nodecon ipv4_1 netmask_1 context_2) 163 (nodecon (192.0.2.64) (255.255.255.255) context_1) 164 (nodecon (192.0.2.64) netmask_1 (unconfined.user object_r unconfined.object ((s0) (s0 (c0))))) 171 (nodecon ipv6_2 netmask_2 context_3) [all …]
|
D | README.md | 101 * [nodecon](cil_network_labeling_statements.md#nodecon)
|
/third_party/selinux/libsepol/cil/test/integration_testing/ |
D | nonmls.cil | 29 ;(nodecon ip_v4 netmask con) 30 ;(nodecon ip_v6 netmask_v6 con_anon_l)
|
D | mls_policy.cil | 53 (nodecon ip_v4 netmask con) 54 (nodecon ip_v6 netmask_v6 con_anon_l)
|
/third_party/selinux/libsepol/cil/src/ |
D | cil_reset_ast.c | 349 static void cil_reset_nodecon(struct cil_nodecon *nodecon) in cil_reset_nodecon() argument 351 if (nodecon->context_str == NULL) { in cil_reset_nodecon() 352 cil_reset_context(nodecon->context); in cil_reset_nodecon() 354 nodecon->context = NULL; in cil_reset_nodecon()
|
D | cil_policy.c | 1791 struct cil_nodecon *nodecon; in cil_nodecons_to_policy() local 1795 nodecon = nodecons->array[i]; in cil_nodecons_to_policy() 1798 if (nodecon->addr->family == AF_INET) { in cil_nodecons_to_policy() 1801 inet_ntop(nodecon->addr->family, &nodecon->addr->ip.v4, addr, INET_ADDRSTRLEN); in cil_nodecons_to_policy() 1811 inet_ntop(nodecon->mask->family, &nodecon->mask->ip.v4, mask, INET_ADDRSTRLEN); in cil_nodecons_to_policy() 1821 inet_ntop(nodecon->addr->family, &nodecon->addr->ip.v6, addr, INET6_ADDRSTRLEN); in cil_nodecons_to_policy() 1831 inet_ntop(nodecon->mask->family, &nodecon->mask->ip.v6, mask, INET6_ADDRSTRLEN); in cil_nodecons_to_policy() 1840 cil_context_to_policy(out, nodecon->context, mls); in cil_nodecons_to_policy() 1978 cil_nodecons_to_policy(out, db->nodecon, db->mls); in cil_gen_policy()
|
D | cil_write_ast.c | 1308 struct cil_nodecon *nodecon = node->data; in cil_write_ast_node() local 1310 if (nodecon->addr) in cil_write_ast_node() 1311 write_ipaddr(out, nodecon->addr); in cil_write_ast_node() 1313 fprintf(out, "%s ", nodecon->addr_str); in cil_write_ast_node() 1315 if (nodecon->mask) in cil_write_ast_node() 1316 write_ipaddr(out, nodecon->mask); in cil_write_ast_node() 1318 fprintf(out, "%s ", nodecon->mask_str); in cil_write_ast_node() 1320 if (nodecon->context) in cil_write_ast_node() 1321 write_context(out, nodecon->context, CIL_TRUE); in cil_write_ast_node() 1323 fprintf(out, "%s", nodecon->context_str); in cil_write_ast_node()
|
D | cil.c | 416 cil_sort_init(&(*db)->nodecon); in cil_db_init() 471 cil_sort_destroy(&(*db)->nodecon); in cil_db_destroy() 2568 void cil_nodecon_init(struct cil_nodecon **nodecon) in cil_nodecon_init() argument 2570 *nodecon = cil_malloc(sizeof(**nodecon)); in cil_nodecon_init() 2572 (*nodecon)->addr_str = NULL; in cil_nodecon_init() 2573 (*nodecon)->addr = NULL; in cil_nodecon_init() 2574 (*nodecon)->mask_str = NULL; in cil_nodecon_init() 2575 (*nodecon)->mask = NULL; in cil_nodecon_init() 2576 (*nodecon)->context_str = NULL; in cil_nodecon_init() 2577 (*nodecon)->context = NULL; in cil_nodecon_init()
|
D | cil_build_ast.c | 4490 struct cil_nodecon *nodecon = NULL; in cil_gen_nodecon() local 4501 cil_nodecon_init(&nodecon); in cil_gen_nodecon() 4504 nodecon->addr_str = parse_current->next->data; in cil_gen_nodecon() 4506 cil_ipaddr_init(&nodecon->addr); in cil_gen_nodecon() 4508 rc = cil_fill_ipaddr(parse_current->next->cl_head, nodecon->addr); in cil_gen_nodecon() 4515 nodecon->mask_str = parse_current->next->next->data; in cil_gen_nodecon() 4517 cil_ipaddr_init(&nodecon->mask); in cil_gen_nodecon() 4519 rc = cil_fill_ipaddr(parse_current->next->next->cl_head, nodecon->mask); in cil_gen_nodecon() 4526 nodecon->context_str = parse_current->next->next->next->data; in cil_gen_nodecon() 4528 cil_context_init(&nodecon->context); in cil_gen_nodecon() [all …]
|
D | cil_resolve_ast.c | 2024 struct cil_nodecon *nodecon = current->data; in cil_resolve_nodecon() local 2030 if (nodecon->addr_str != NULL) { in cil_resolve_nodecon() 2031 rc = cil_resolve_name(current, nodecon->addr_str, CIL_SYM_IPADDRS, extra_args, &addr_datum); in cil_resolve_nodecon() 2035 nodecon->addr = (struct cil_ipaddr*)addr_datum; in cil_resolve_nodecon() 2038 if (nodecon->mask_str != NULL) { in cil_resolve_nodecon() 2039 rc = cil_resolve_name(current, nodecon->mask_str, CIL_SYM_IPADDRS, extra_args, &mask_datum); in cil_resolve_nodecon() 2043 nodecon->mask = (struct cil_ipaddr*)mask_datum; in cil_resolve_nodecon() 2046 if (nodecon->context_str != NULL) { in cil_resolve_nodecon() 2047 …rc = cil_resolve_name(current, nodecon->context_str, CIL_SYM_CONTEXTS, extra_args, &context_datum); in cil_resolve_nodecon() 2051 nodecon->context = (struct cil_context*)context_datum; in cil_resolve_nodecon() [all …]
|
D | cil_internal.h | 299 struct cil_sort *nodecon; member 1049 void cil_nodecon_init(struct cil_nodecon **nodecon);
|
D | cil_post.c | 637 db->nodecon->count++; in __cil_post_db_count_helper() 780 struct cil_sort *sort = db->nodecon; in __cil_post_db_array_helper() 1942 struct cil_nodecon *nodecon = node->data; in __cil_post_db_cat_helper() local 1943 rc = __evaluate_levelrange_expression(nodecon->context->range, db); in __cil_post_db_cat_helper() 2407 …rc = __cil_post_process_context_rules(db->nodecon, cil_post_nodecon_compare, cil_post_nodecon_cont… in cil_post_db()
|
/third_party/selinux/secilc/test/ |
D | integration.cil | 171 (nodecon ip_v4 netmask system_u_bin_t_l2h) 172 (nodecon ip_v6 netmask_v6 system_u_bin_t_l2h)
|
D | anonymous_arg_test.cil | 83 (nodecon ip nm (u ROLE TYPE ((s0) (s0))))
|
/third_party/selinux/libsepol/tests/policies/test-hooks/ |
D | small-base.conf | 467 nodecon ::1 FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF gen_context(g_b_user_1:object_r:g_b_type_1, s0)
|
D | cmp_policy.conf | 467 nodecon ::1 FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF gen_context(g_b_user_1:object_r:g_b_type_1, s0)
|
/third_party/selinux/libsepol/tests/policies/test-expander/ |
D | role-base.conf | 479 nodecon ::1 FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF gen_context(system_u:object_r:system_t, s0)
|
D | alias-base.conf | 497 nodecon ::1 FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF gen_context(system_u:object_r:system_t, s0)
|
D | user-base.conf | 483 nodecon ::1 FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF gen_context(system_u:object_r:system_t, s0)
|
/third_party/selinux/libsepol/tests/policies/test-deps/ |
D | small-base.conf | 507 nodecon ::1 FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF gen_context(system_u:object_r:net_foo_t, s0)
|
D | base-notmetreq.conf | 506 nodecon ::1 FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF gen_context(system_u:object_r:net_foo_t, s0)
|
D | base-metreq.conf | 519 nodecon ::1 FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF gen_context(system_u:object_r:net_foo_t, s0)
|
/third_party/selinux/checkpolicy/ |
D | policy_scan.l | 209 nodecon |
|
/third_party/selinux/libsepol/tests/policies/test-linker/ |
D | small-base.conf | 596 nodecon ::1 FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF gen_context(g_b_user_1:object_r:g_b_type_1, s0)
|
/third_party/selinux/libsepol/tests/policies/test-cond/ |
D | refpolicy-base.conf | 1933 nodecon :: ffff:ffff:ffff:ffff:ffff:ffff:: system_u:object_r:compat_ipv4_node_t:s0 1934 nodecon 0.0.0.0 255.255.255.255 system_u:object_r:inaddr_any_node_t:s0 1935 nodecon fe80:: ffff:ffff:ffff:ffff:: system_u:object_r:link_local_node_t:s0 1936 nodecon 127.0.0.1 255.255.255.255 system_u:object_r:lo_node_t:s0 1937 nodecon ::ffff:0000:0000 ffff:ffff:ffff:ffff:ffff:ffff:: system_u:object_r:mapped_ipv4_node_t:s0 1938 nodecon ff00:: ff00:: system_u:object_r:multicast_node_t:s0 1939 nodecon fec0:: ffc0:: system_u:object_r:site_local_node_t:s0 1940 nodecon :: ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff system_u:object_r:unspec_node_t:s0
|