| /third_party/selinux/libsepol/src/ |
| D | assertion.c | 34 avrule_t *avrule; member
47 static void report_failure(sepol_handle_t *handle, policydb_t *p, const avrule_t *avrule, in report_failure() argument
51 if (avrule->source_filename) { in report_failure()
53 avrule->source_line, avrule->source_filename, avrule->line, policy_name(p), in report_failure()
58 } else if (avrule->line) { in report_failure()
60 avrule->line, p->p_type_val_to_name[stype], in report_failure()
146 policydb_t *p, const avrule_t *avrule, in report_assertion_extended_permissions() argument
178 rc = check_extended_permissions(avrule->xperms, xperms); in report_assertion_extended_permissions()
181 extended_permissions_violated(&error, avrule->xperms, xperms); in report_assertion_extended_permissions()
184 avrule->source_line, avrule->source_filename, avrule->line, policy_name(p), in report_assertion_extended_permissions()
[all …]
|
| D | policydb_validate.c | 872 static int validate_avrules(sepol_handle_t *handle, const avrule_t *avrule, int conditional, const … in validate_avrules() argument
876 for (; avrule; avrule = avrule->next) { in validate_avrules()
877 if (validate_type_set(&avrule->stypes, &flavors[SYM_TYPES])) in validate_avrules()
879 if (validate_type_set(&avrule->ttypes, &flavors[SYM_TYPES])) in validate_avrules()
882 switch(avrule->specified) { in validate_avrules()
903 for (classperm = avrule->perms; classperm; classperm = classperm->next) { in validate_avrules()
906 if ((avrule->specified & AVRULE_TYPE) && validate_simpletype(classperm->data, p, flavors)) in validate_avrules()
910 if (avrule->specified & AVRULE_XPERMS) { in validate_avrules()
911 if (!avrule->xperms) in validate_avrules()
913 switch (avrule->xperms->specified) { in validate_avrules()
[all …]
|
| D | write.c | 1743 static int avrule_write(policydb_t *p, avrule_t * avrule, in avrule_write() argument
1751 (avrule->specified & AVRULE_TYPE) && in avrule_write()
1752 (avrule->flags & RULE_SELF)) { in avrule_write()
1759 buf[items++] = cpu_to_le32(avrule->specified); in avrule_write()
1760 buf[items++] = cpu_to_le32(avrule->flags); in avrule_write()
1765 if (type_set_write(&avrule->stypes, fp)) in avrule_write()
1768 if (type_set_write(&avrule->ttypes, fp)) in avrule_write()
1771 cur = avrule->perms; in avrule_write()
1782 cur = avrule->perms; in avrule_write()
1794 if (avrule->specified & AVRULE_XPERMS) { in avrule_write()
[all …]
|
| D | module_to_cil.c | 1183 static int avrule_list_to_cil(int indent, struct policydb *pdb, struct avrule *avrule_list, struct … in avrule_list_to_cil()
1186 struct avrule *avrule; in avrule_list_to_cil() local
1192 for (avrule = avrule_list; avrule != NULL; avrule = avrule->next) { in avrule_list_to_cil()
1193 if ((avrule->specified & (AVRULE_NEVERALLOW|AVRULE_XPERMS_NEVERALLOW)) && in avrule_list_to_cil()
1194 avrule->source_filename) { in avrule_list_to_cil()
1195 cil_println(0, ";;* lmx %lu %s\n",avrule->source_line, avrule->source_filename); in avrule_list_to_cil()
1198 ts = &avrule->stypes; in avrule_list_to_cil()
1204 ts = &avrule->ttypes; in avrule_list_to_cil()
1212 if (avrule->specified & AVRULE_XPERMS) { in avrule_list_to_cil()
1213 …rc = avrulex_to_cil(indent, pdb, avrule->specified, snames[s], tnames[t], avrule->perms, avrule->x… in avrule_list_to_cil()
[all …]
|
| D | expand.c | 2639 avrule_t *avrule; in copy_neverallow() local
2653 avrule = (avrule_t *) malloc(sizeof(avrule_t)); in copy_neverallow()
2654 if (!avrule) in copy_neverallow()
2657 avrule_init(avrule); in copy_neverallow()
2658 avrule->specified = source_rule->specified; in copy_neverallow()
2659 avrule->line = source_rule->line; in copy_neverallow()
2660 avrule->flags = source_rule->flags; in copy_neverallow()
2661 avrule->source_line = source_rule->source_line; in copy_neverallow()
2663 avrule->source_filename = strdup(source_rule->source_filename); in copy_neverallow()
2664 if (!avrule->source_filename) in copy_neverallow()
[all …]
|
| D | policydb.c | 3515 avrule_t *avrule; in avrule_read() local
3518 avrule = (avrule_t *) malloc(sizeof(avrule_t)); in avrule_read()
3519 if (!avrule) in avrule_read()
3522 avrule_init(avrule); in avrule_read()
3528 avrule->specified = le32_to_cpu(buf[0]); in avrule_read()
3529 avrule->flags = le32_to_cpu(buf[1]); in avrule_read()
3531 if (type_set_read(&avrule->stypes, fp)) in avrule_read()
3534 if (type_set_read(&avrule->ttypes, fp)) in avrule_read()
3558 avrule->perms = cur; in avrule_read()
3565 if (avrule->specified & AVRULE_XPERMS) { in avrule_read()
[all …]
|
| /third_party/selinux/checkpolicy/test/ |
| D | dismod.c | 213 static int display_avrule(avrule_t * avrule, policydb_t * policy, in display_avrule() argument
219 if (avrule == NULL) { in display_avrule()
223 if (avrule->specified & AVRULE_AV) { in display_avrule()
224 if (avrule->specified & AVRULE_ALLOWED) { in display_avrule()
227 if (avrule->specified & AVRULE_AUDITALLOW) { in display_avrule()
230 if (avrule->specified & AVRULE_DONTAUDIT) { in display_avrule()
233 } else if (avrule->specified & AVRULE_TYPE) { in display_avrule()
234 if (avrule->specified & AVRULE_TRANSITION) { in display_avrule()
237 if (avrule->specified & AVRULE_MEMBER) { in display_avrule()
240 if (avrule->specified & AVRULE_CHANGE) { in display_avrule()
[all …]
|
| /third_party/selinux/checkpolicy/ |
| D | policy_define.c | 1610 avrule_t *avrule; in define_compute_type_helper() local
1615 avrule = malloc(sizeof(avrule_t)); in define_compute_type_helper()
1616 if (!avrule) { in define_compute_type_helper()
1620 avrule_init(avrule); in define_compute_type_helper()
1621 avrule->specified = which; in define_compute_type_helper()
1622 avrule->line = policydb_lineno; in define_compute_type_helper()
1623 avrule->source_line = source_lineno; in define_compute_type_helper()
1624 avrule->source_filename = strdup(source_file); in define_compute_type_helper()
1625 if (!avrule->source_filename) { in define_compute_type_helper()
1631 if (set_types(&avrule->stypes, id, &add, 0)) in define_compute_type_helper()
[all …]
|
| D | module_compiler.c | 25 avrule_block_t *avrule; member
1238 void append_avrule(avrule_t * avrule) in append_avrule() argument
1250 decl->avrules = avrule; in append_avrule()
1252 stack_top->last_avrule->next = avrule; in append_avrule()
1254 stack_top->last_avrule = avrule; in append_avrule()
1463 s->u.avrule = va_arg(ap, avrule_block_t *); in push_stack()
|
| D | module_compiler.h | 82 void append_avrule(avrule_t * avrule);
|
| /third_party/selinux/libsepol/cil/src/ |
| D | cil_find.c | 295 static int cil_find_matching_avrule(struct cil_tree_node *node, struct cil_avrule *avrule, struct c… in cil_find_matching_avrule() argument
298 struct cil_symtab_datum *s1 = avrule->src; in cil_find_matching_avrule()
299 struct cil_symtab_datum *t1 = avrule->tgt; in cil_find_matching_avrule()
303 if (match_self != CIL_TRUE && avrule == target) goto exit; in cil_find_matching_avrule()
305 if (avrule->rule_kind != target->rule_kind) goto exit; in cil_find_matching_avrule()
307 if (avrule->is_extended != target->is_extended) goto exit; in cil_find_matching_avrule()
336 if (cil_classperms_list_match_any(avrule->perms.classperms, target->perms.classperms)) { in cil_find_matching_avrule()
340 if (cil_permissionx_match_any(avrule->perms.x.permx, target->perms.x.permx)) { in cil_find_matching_avrule()
|
| D | cil.c | 2448 void cil_avrule_init(struct cil_avrule **avrule) in cil_avrule_init() argument
2450 *avrule = cil_malloc(sizeof(**avrule)); in cil_avrule_init()
2452 (*avrule)->is_extended = 0; in cil_avrule_init()
2453 (*avrule)->rule_kind = CIL_NONE; in cil_avrule_init()
2454 (*avrule)->src_str = NULL; in cil_avrule_init()
2455 (*avrule)->src = NULL; in cil_avrule_init()
2456 (*avrule)->tgt_str = NULL; in cil_avrule_init()
2457 (*avrule)->tgt = NULL; in cil_avrule_init()
2458 memset(&((*avrule)->perms), 0, sizeof((*avrule)->perms)); in cil_avrule_init()
|
| D | cil_binary.c | 4614 avrule_t *avrule; in __cil_init_sepol_avrule() local
4620 avrule = cil_malloc(sizeof(avrule_t)); in __cil_init_sepol_avrule()
4621 avrule->specified = kind; in __cil_init_sepol_avrule()
4622 avrule->flags = 0; in __cil_init_sepol_avrule()
4623 __cil_init_sepol_type_set(&avrule->stypes); in __cil_init_sepol_avrule()
4624 __cil_init_sepol_type_set(&avrule->ttypes); in __cil_init_sepol_avrule()
4625 avrule->perms = NULL; in __cil_init_sepol_avrule()
4626 avrule->line = node->line; in __cil_init_sepol_avrule()
4628 avrule->source_filename = NULL; in __cil_init_sepol_avrule()
4629 avrule->source_line = node->line; in __cil_init_sepol_avrule()
[all …]
|
| D | cil_verify.c | 1030 struct cil_avrule *avrule = NULL; in __cil_verify_booleanif_helper() local
1031 avrule = rule_node->data; in __cil_verify_booleanif_helper()
1032 if (avrule->rule_kind == CIL_AVRULE_NEVERALLOW) { in __cil_verify_booleanif_helper()
|
| D | cil_internal.h | 1038 void cil_avrule_init(struct cil_avrule **avrule);
|
| D | cil_post.c | 2222 struct cil_avrule *avrule = node->data; in __cil_post_db_classperms_helper() local
2223 rc = __evaluate_classperms_list(avrule->perms.classperms, db); in __cil_post_db_classperms_helper()
|
| /third_party/selinux/libsepol/include/sepol/policydb/ |
| D | policydb.h | 268 typedef struct avrule { struct
299 struct avrule *next; argument
699 extern int check_assertion(policydb_t *p, avrule_t *avrule);
|