Lines Matching +full:out +full:- +full:file
22 * OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
82 switch (node->flavor) { in __cil_gather_statements_helper()
84 struct cil_block *blk = node->data; in __cil_gather_statements_helper()
85 if (blk->is_abstract == CIL_TRUE) { in __cil_gather_statements_helper()
127 struct cil_typeattribute *attr = node->data; in __cil_gather_statements_helper()
128 if (strcmp(attr->datum.fqn, "cil_gen_require") != 0) { in __cil_gather_statements_helper()
134 struct cil_roleattribute *attr = node->data; in __cil_gather_statements_helper()
135 if (strcmp(attr->datum.fqn, "cil_gen_require") != 0) { in __cil_gather_statements_helper()
150 struct cil_role *role = node->data; in __cil_gather_statements_helper()
151 if (strcmp(role->datum.fqn, "object_r") != 0) { in __cil_gather_statements_helper()
176 cil_list_append(lists[kind], node->flavor, node->data); in __cil_gather_statements_helper()
187 static void cil_simple_rules_to_policy(FILE *out, struct cil_list *rules, const char *kind) in cil_simple_rules_to_policy() argument
192 fprintf(out, "%s %s;\n", kind, DATUM(i1->data)->fqn); in cil_simple_rules_to_policy()
196 static void cil_cats_to_policy(FILE *out, struct cil_cats *cats) in cil_cats_to_policy() argument
202 cil_list_for_each(i1, cats->datum_expr) { in cil_cats_to_policy()
203 cat = i1->data; in cil_cats_to_policy()
207 if (cat->value == first->value + 1) { in cil_cats_to_policy()
210 fprintf(out, "%s%s", lead, DATUM(first)->fqn); in cil_cats_to_policy()
214 } else if (cat->value == last->value + 1) { in cil_cats_to_policy()
217 fprintf(out, "%s%s", lead, DATUM(first)->fqn); in cil_cats_to_policy()
219 if (last->value >= first->value + 1) { in cil_cats_to_policy()
220 fprintf(out, "."); in cil_cats_to_policy()
222 fprintf(out, ","); in cil_cats_to_policy()
224 fprintf(out, "%s", DATUM(last)->fqn); in cil_cats_to_policy()
230 fprintf(out, "%s%s", lead, DATUM(first)->fqn); in cil_cats_to_policy()
232 if (last->value >= first->value + 1) { in cil_cats_to_policy()
233 fprintf(out, "."); in cil_cats_to_policy()
235 fprintf(out, ","); in cil_cats_to_policy()
237 fprintf(out, "%s", DATUM(last)->fqn); in cil_cats_to_policy()
242 static void cil_level_to_policy(FILE *out, struct cil_level *level) in cil_level_to_policy() argument
244 fprintf(out, "%s", DATUM(level->sens)->fqn); in cil_level_to_policy()
245 if (level->cats != NULL) { in cil_level_to_policy()
246 fprintf(out, ":"); in cil_level_to_policy()
247 cil_cats_to_policy(out, level->cats); in cil_level_to_policy()
253 /* Mostly just want to detect s0 - s0 ranges */ in cil_levels_simple_and_equal()
257 if (l1->sens == l2->sens && (l1->cats == NULL && l2->cats == NULL)) in cil_levels_simple_and_equal()
263 static void cil_levelrange_to_policy(FILE *out, struct cil_levelrange *lvlrange) in cil_levelrange_to_policy() argument
265 cil_level_to_policy(out, lvlrange->low); in cil_levelrange_to_policy()
266 if (cil_levels_simple_and_equal(lvlrange->low, lvlrange->high) == CIL_FALSE) { in cil_levelrange_to_policy()
267 fprintf(out, " - "); in cil_levelrange_to_policy()
268 cil_level_to_policy(out, lvlrange->high); in cil_levelrange_to_policy()
272 static void cil_context_to_policy(FILE *out, struct cil_context *context, int mls) in cil_context_to_policy() argument
274 fprintf(out, "%s:", DATUM(context->user)->fqn); in cil_context_to_policy()
275 fprintf(out, "%s:", DATUM(context->role)->fqn); in cil_context_to_policy()
276 fprintf(out, "%s", DATUM(context->type)->fqn); in cil_context_to_policy()
278 fprintf(out, ":"); in cil_context_to_policy()
279 cil_levelrange_to_policy(out, context->range); in cil_context_to_policy()
283 static void cil_cond_expr_to_policy(FILE *out, struct cil_list *expr, int first) in cil_cond_expr_to_policy() argument
285 struct cil_list_item *i1 = expr->head; in cil_cond_expr_to_policy()
287 if (i1->flavor == CIL_OP) { in cil_cond_expr_to_policy()
288 enum cil_flavor op = (enum cil_flavor)(uintptr_t)i1->data; in cil_cond_expr_to_policy()
289 fprintf(out, "("); in cil_cond_expr_to_policy()
292 fprintf(out, "! "); in cil_cond_expr_to_policy()
293 cil_cond_expr_to_policy(out, i1->next->data, CIL_FALSE); in cil_cond_expr_to_policy()
296 cil_cond_expr_to_policy(out, i1->next->data, CIL_FALSE); in cil_cond_expr_to_policy()
297 fprintf(out, " || "); in cil_cond_expr_to_policy()
298 cil_cond_expr_to_policy(out, i1->next->next->data, CIL_FALSE); in cil_cond_expr_to_policy()
301 cil_cond_expr_to_policy(out, i1->next->data, CIL_FALSE); in cil_cond_expr_to_policy()
302 fprintf(out, " && "); in cil_cond_expr_to_policy()
303 cil_cond_expr_to_policy(out, i1->next->next->data, CIL_FALSE); in cil_cond_expr_to_policy()
306 cil_cond_expr_to_policy(out, i1->next->data, CIL_FALSE); in cil_cond_expr_to_policy()
307 fprintf(out, " ^ "); in cil_cond_expr_to_policy()
308 cil_cond_expr_to_policy(out, i1->next->next->data, CIL_FALSE); in cil_cond_expr_to_policy()
311 cil_cond_expr_to_policy(out, i1->next->data, CIL_FALSE); in cil_cond_expr_to_policy()
312 fprintf(out, " == "); in cil_cond_expr_to_policy()
313 cil_cond_expr_to_policy(out, i1->next->next->data, CIL_FALSE); in cil_cond_expr_to_policy()
316 cil_cond_expr_to_policy(out, i1->next->data, CIL_FALSE); in cil_cond_expr_to_policy()
317 fprintf(out, " != "); in cil_cond_expr_to_policy()
318 cil_cond_expr_to_policy(out, i1->next->next->data, CIL_FALSE); in cil_cond_expr_to_policy()
321 fprintf(out, "???"); in cil_cond_expr_to_policy()
324 fprintf(out, ")"); in cil_cond_expr_to_policy()
325 } else if (i1->flavor == CIL_DATUM) { in cil_cond_expr_to_policy()
327 fprintf(out, "("); in cil_cond_expr_to_policy()
329 fprintf(out, "%s", DATUM(i1->data)->fqn); in cil_cond_expr_to_policy()
331 fprintf(out, ")"); in cil_cond_expr_to_policy()
333 } else if (i1->flavor == CIL_LIST) { in cil_cond_expr_to_policy()
334 cil_cond_expr_to_policy(out, i1->data, CIL_FALSE); in cil_cond_expr_to_policy()
336 fprintf(out, "???"); in cil_cond_expr_to_policy()
346 ebitmap_for_each_positive_bit(attr->users, unode, i) { in __cil_userattribute_len()
347 len += strlen(DATUM(db->val_to_user[i])->fqn); in __cil_userattribute_len()
357 enum cil_flavor flavor = operand->flavor; in __cil_cons_leaf_operand_len()
363 struct cil_tree_node *node = NODE(operand->data); in __cil_cons_leaf_operand_len()
364 if (node->flavor == CIL_USERATTRIBUTE) { in __cil_cons_leaf_operand_len()
365 len = __cil_userattribute_len(db, operand->data); in __cil_cons_leaf_operand_len()
368 len = strlen(DATUM(operand->data)->fqn); in __cil_cons_leaf_operand_len()
372 cil_list_for_each(i1, (struct cil_list *)operand->data) { in __cil_cons_leaf_operand_len()
373 struct cil_tree_node *node = NODE(operand->data); in __cil_cons_leaf_operand_len()
374 if (node->flavor == CIL_USERATTRIBUTE) { in __cil_cons_leaf_operand_len()
375 len = __cil_userattribute_len(db, operand->data); in __cil_cons_leaf_operand_len()
377 len += strlen(DATUM(operand->data)->fqn); in __cil_cons_leaf_operand_len()
388 enum cil_flavor flavor = (enum cil_flavor)(uintptr_t)op->data; in __cil_cons_leaf_op_len()
421 i1 = cons_expr->head; in cil_cons_expr_len()
423 op = (enum cil_flavor)(uintptr_t)i1->data; in cil_cons_expr_len()
427 len += cil_cons_expr_len(db, i1->next->data); in cil_cons_expr_len()
431 len += cil_cons_expr_len(db, i1->next->data); in cil_cons_expr_len()
432 len += cil_cons_expr_len(db, i1->next->next->data); in cil_cons_expr_len()
436 len += cil_cons_expr_len(db, i1->next->data); in cil_cons_expr_len()
437 len += cil_cons_expr_len(db, i1->next->next->data); in cil_cons_expr_len()
441 len += __cil_cons_leaf_operand_len(db, i1->next); in cil_cons_expr_len()
443 len += __cil_cons_leaf_operand_len(db, i1->next->next); in cil_cons_expr_len()
456 ebitmap_for_each_positive_bit(attr->users, unode, i) { in __cil_userattribute_to_string()
457 str = DATUM(db->val_to_user[i])->fqn; in __cil_userattribute_to_string()
470 enum cil_flavor flavor = operand->flavor; in __cil_cons_leaf_operand_to_string()
475 enum cil_flavor o_flavor = (enum cil_flavor)(uintptr_t)operand->data; in __cil_cons_leaf_operand_to_string()
523 struct cil_tree_node *node = NODE(operand->data); in __cil_cons_leaf_operand_to_string()
524 if (node->flavor == CIL_USERATTRIBUTE) { in __cil_cons_leaf_operand_to_string()
526 new = __cil_userattribute_to_string(db, operand->data, new); in __cil_cons_leaf_operand_to_string()
527 new--; in __cil_cons_leaf_operand_to_string()
530 o_str = DATUM(operand->data)->fqn; in __cil_cons_leaf_operand_to_string()
537 cil_list_for_each(i1, (struct cil_list *)operand->data) { in __cil_cons_leaf_operand_to_string()
538 struct cil_tree_node *node = NODE(operand->data); in __cil_cons_leaf_operand_to_string()
539 if (node->flavor == CIL_USERATTRIBUTE) { in __cil_cons_leaf_operand_to_string()
540 new = __cil_userattribute_to_string(db, operand->data, new); in __cil_cons_leaf_operand_to_string()
542 o_str = DATUM(operand->data)->fqn; in __cil_cons_leaf_operand_to_string()
549 new--; in __cil_cons_leaf_operand_to_string()
558 enum cil_flavor flavor = (enum cil_flavor)(uintptr_t)op->data; in __cil_cons_leaf_op_to_string()
600 i1 = cons_expr->head; in __cil_cons_expr_to_string()
602 op = (enum cil_flavor)(uintptr_t)i1->data; in __cil_cons_expr_to_string()
608 new = __cil_cons_expr_to_string(db, i1->next->data, new); in __cil_cons_expr_to_string()
613 new = __cil_cons_expr_to_string(db, i1->next->data, new); in __cil_cons_expr_to_string()
616 new = __cil_cons_expr_to_string(db, i1->next->next->data, new); in __cil_cons_expr_to_string()
621 new = __cil_cons_expr_to_string(db, i1->next->data, new); in __cil_cons_expr_to_string()
624 new = __cil_cons_expr_to_string(db, i1->next->next->data, new); in __cil_cons_expr_to_string()
629 new = __cil_cons_leaf_operand_to_string(db, i1->next, new); in __cil_cons_expr_to_string()
631 new = __cil_cons_leaf_operand_to_string(db, i1->next->next, new); in __cil_cons_expr_to_string()
656 len += strlen(DATUM(classperms->class)->fqn) + 1; in cil_classperms_to_string()
657 cil_list_for_each(i1, classperms->perms) { in cil_classperms_to_string()
658 len += strlen(DATUM(i1->data)->fqn) + 1; in cil_classperms_to_string()
665 curr[len-1] = '\0'; in cil_classperms_to_string()
667 len = strlen(DATUM(classperms->class)->fqn); in cil_classperms_to_string()
668 memcpy(curr, DATUM(classperms->class)->fqn, len); in cil_classperms_to_string()
674 cil_list_for_each(i1, classperms->perms) { in cil_classperms_to_string()
675 len = strlen(DATUM(i1->data)->fqn); in cil_classperms_to_string()
676 memcpy(curr, DATUM(i1->data)->fqn, len); in cil_classperms_to_string()
690 if (i1->flavor == CIL_CLASSPERMS) { in cil_classperms_to_strings()
691 struct cil_classperms *cp = i1->data; in cil_classperms_to_strings()
692 if (FLAVOR(cp->class) == CIL_CLASS) { in cil_classperms_to_strings()
696 cil_list_for_each(i2, cp->perms) { in cil_classperms_to_strings()
697 struct cil_perm *cmp = i2->data; in cil_classperms_to_strings()
698 cil_classperms_to_strings(cmp->classperms, classperms_strs); in cil_classperms_to_strings()
702 struct cil_classperms_set *cp_set = i1->data; in cil_classperms_to_strings()
703 struct cil_classpermission *cp = cp_set->set; in cil_classperms_to_strings()
704 cil_classperms_to_strings(cp->classperms, classperms_strs); in cil_classperms_to_strings()
709 static void cil_class_decls_to_policy(FILE *out, struct cil_list *classorder) in cil_class_decls_to_policy() argument
714 fprintf(out, "class %s\n", DATUM(i1->data)->fqn); in cil_class_decls_to_policy()
718 static void cil_sid_decls_to_policy(FILE *out, struct cil_list *sidorder) in cil_sid_decls_to_policy() argument
723 fprintf(out, "sid %s\n", DATUM(i1->data)->fqn); in cil_sid_decls_to_policy()
727 static void cil_commons_to_policy(FILE *out, struct cil_list *commons) in cil_commons_to_policy() argument
735 common = i1->data; in cil_commons_to_policy()
736 node = NODE(&common->datum); in cil_commons_to_policy()
737 perm = node->cl_head; in cil_commons_to_policy()
739 fprintf(out, "common %s {", common->datum.fqn); in cil_commons_to_policy()
741 fprintf(out, "%s ", DATUM(perm->data)->fqn); in cil_commons_to_policy()
742 perm = perm->next; in cil_commons_to_policy()
744 fprintf(out, "}\n"); in cil_commons_to_policy()
748 static void cil_classes_to_policy(FILE *out, struct cil_list *classorder) in cil_classes_to_policy() argument
755 class = i1->data; in cil_classes_to_policy()
756 node = NODE(&class->datum); in cil_classes_to_policy()
758 fprintf(out, "class %s", class->datum.fqn); in cil_classes_to_policy()
759 if (class->common != NULL) { in cil_classes_to_policy()
760 fprintf(out, " inherits %s", class->common->datum.fqn); in cil_classes_to_policy()
762 if (node->cl_head != NULL) { in cil_classes_to_policy()
763 struct cil_tree_node *perm = node->cl_head; in cil_classes_to_policy()
764 fprintf(out, " {"); in cil_classes_to_policy()
766 fprintf(out, " %s", DATUM(perm->data)->fqn); in cil_classes_to_policy()
767 perm = perm->next; in cil_classes_to_policy()
769 fprintf(out, " }"); in cil_classes_to_policy()
771 fprintf(out, "\n"); in cil_classes_to_policy()
775 static void cil_defaults_to_policy(FILE *out, struct cil_list *defaults, const char *kind) in cil_defaults_to_policy() argument
782 def = i1->data; in cil_defaults_to_policy()
783 fprintf(out, "%s {",kind); in cil_defaults_to_policy()
784 cil_list_for_each(i2, def->class_datums) { in cil_defaults_to_policy()
785 class_list = cil_expand_class(i2->data); in cil_defaults_to_policy()
787 fprintf(out, " %s", DATUM(i3->data)->fqn); in cil_defaults_to_policy()
791 fprintf(out, " }"); in cil_defaults_to_policy()
792 if (def->object == CIL_DEFAULT_SOURCE) { in cil_defaults_to_policy()
793 fprintf(out," %s",CIL_KEY_SOURCE); in cil_defaults_to_policy()
794 } else if (def->object == CIL_DEFAULT_TARGET) { in cil_defaults_to_policy()
795 fprintf(out," %s",CIL_KEY_TARGET); in cil_defaults_to_policy()
797 fprintf(out,";\n"); in cil_defaults_to_policy()
801 static void cil_default_ranges_to_policy(FILE *out, struct cil_list *defaults) in cil_default_ranges_to_policy() argument
808 def = i1->data; in cil_default_ranges_to_policy()
809 fprintf(out, "default_range {"); in cil_default_ranges_to_policy()
810 cil_list_for_each(i2, def->class_datums) { in cil_default_ranges_to_policy()
811 class_list = cil_expand_class(i2->data); in cil_default_ranges_to_policy()
813 fprintf(out, " %s", DATUM(i3->data)->fqn); in cil_default_ranges_to_policy()
817 fprintf(out, " }"); in cil_default_ranges_to_policy()
819 switch (def->object_range) { in cil_default_ranges_to_policy()
821 fprintf(out," %s %s", CIL_KEY_SOURCE, CIL_KEY_LOW); in cil_default_ranges_to_policy()
824 fprintf(out," %s %s", CIL_KEY_SOURCE, CIL_KEY_HIGH); in cil_default_ranges_to_policy()
827 fprintf(out," %s %s", CIL_KEY_SOURCE, CIL_KEY_LOW_HIGH); in cil_default_ranges_to_policy()
830 fprintf(out," %s %s", CIL_KEY_TARGET, CIL_KEY_LOW); in cil_default_ranges_to_policy()
833 fprintf(out," %s %s", CIL_KEY_TARGET, CIL_KEY_HIGH); in cil_default_ranges_to_policy()
836 fprintf(out," %s %s", CIL_KEY_TARGET, CIL_KEY_LOW_HIGH); in cil_default_ranges_to_policy()
839 fprintf(out," %s", CIL_KEY_GLBLUB); in cil_default_ranges_to_policy()
844 fprintf(out,";\n"); in cil_default_ranges_to_policy()
848 static void cil_sensitivities_to_policy(FILE *out, struct cil_list *sensorder, struct cil_list *all… in cil_sensitivities_to_policy() argument
858 sens = i1->data; in cil_sensitivities_to_policy()
861 alias = i2->data; in cil_sensitivities_to_policy()
862 actual = alias->actual; in cil_sensitivities_to_policy()
871 fprintf(out, "sensitivity %s", sens->datum.fqn); in cil_sensitivities_to_policy()
873 fprintf(out, " alias"); in cil_sensitivities_to_policy()
875 fprintf(out, " {"); in cil_sensitivities_to_policy()
878 alias = i2->data; in cil_sensitivities_to_policy()
879 fprintf(out, " %s", alias->datum.fqn); in cil_sensitivities_to_policy()
882 fprintf(out, " }"); in cil_sensitivities_to_policy()
886 fprintf(out, ";\n"); in cil_sensitivities_to_policy()
890 static void cil_dominance_to_policy(FILE *out, struct cil_list *sensorder) in cil_dominance_to_policy() argument
895 fprintf(out, "dominance {"); in cil_dominance_to_policy()
897 sens = item->data; in cil_dominance_to_policy()
898 fprintf(out, " %s", sens->datum.fqn); in cil_dominance_to_policy()
900 fprintf(out, " }\n"); in cil_dominance_to_policy()
903 static void cil_categories_to_policy(FILE *out, struct cil_list *catorder, struct cil_list *all_ali… in cil_categories_to_policy() argument
913 cat = i1->data; in cil_categories_to_policy()
916 alias = i2->data; in cil_categories_to_policy()
917 actual = alias->actual; in cil_categories_to_policy()
926 fprintf(out, "category %s",cat->datum.fqn); in cil_categories_to_policy()
928 fprintf(out, " alias"); in cil_categories_to_policy()
930 fprintf(out, " { "); in cil_categories_to_policy()
933 alias = i2->data; in cil_categories_to_policy()
934 fprintf(out, " %s", alias->datum.fqn); in cil_categories_to_policy()
937 fprintf(out, " }"); in cil_categories_to_policy()
941 fprintf(out, ";\n"); in cil_categories_to_policy()
945 static void cil_levels_to_policy(FILE *out, struct cil_list *sensorder) in cil_levels_to_policy() argument
951 sens = i1->data; in cil_levels_to_policy()
952 if (sens->cats_list) { in cil_levels_to_policy()
953 cil_list_for_each(i2, sens->cats_list) { in cil_levels_to_policy()
954 fprintf(out, "level %s:",sens->datum.fqn); in cil_levels_to_policy()
955 cil_cats_to_policy(out, i2->data); in cil_levels_to_policy()
956 fprintf(out,";\n"); in cil_levels_to_policy()
959 fprintf(out, "level %s;\n",sens->datum.fqn); in cil_levels_to_policy()
964 static void cil_mlsconstrains_to_policy(FILE *out, struct cil_db *db, struct cil_list *mlsconstrain… in cil_mlsconstrains_to_policy() argument
973 cons = i1->data; in cil_mlsconstrains_to_policy()
975 cil_classperms_to_strings(cons->classperms, classperms_strs); in cil_mlsconstrains_to_policy()
976 expr_str = cil_cons_expr_to_string(db, cons->datum_expr); in cil_mlsconstrains_to_policy()
978 cp_str = i2->data; in cil_mlsconstrains_to_policy()
979 fprintf(out, "mlsconstrain %s %s;\n", cp_str, expr_str); in cil_mlsconstrains_to_policy()
987 static void cil_validatetrans_to_policy(FILE *out, struct cil_db *db, struct cil_list *validatetran… in cil_validatetrans_to_policy() argument
996 trans = i1->data; in cil_validatetrans_to_policy()
997 class_list = cil_expand_class(trans->class); in cil_validatetrans_to_policy()
998 expr_str = cil_cons_expr_to_string(db, trans->datum_expr); in cil_validatetrans_to_policy()
1000 class = i2->data; in cil_validatetrans_to_policy()
1001 fprintf(out, "%s %s %s;\n", kind, class->datum.fqn, expr_str); in cil_validatetrans_to_policy()
1008 static void cil_bools_to_policy(FILE *out, struct cil_list *bools) in cil_bools_to_policy() argument
1015 bool = i1->data; in cil_bools_to_policy()
1016 value = bool->value ? "true" : "false"; in cil_bools_to_policy()
1017 fprintf(out, "bool %s %s;\n", bool->datum.fqn, value); in cil_bools_to_policy()
1021 static void cil_typealiases_to_policy(FILE *out, struct cil_list *types, struct cil_list *all_alias… in cil_typealiases_to_policy() argument
1031 type = i1->data; in cil_typealiases_to_policy()
1034 alias = i2->data; in cil_typealiases_to_policy()
1035 actual = alias->actual; in cil_typealiases_to_policy()
1045 fprintf(out, "typealias %s alias", type->datum.fqn); in cil_typealiases_to_policy()
1047 fprintf(out, " {"); in cil_typealiases_to_policy()
1050 alias = i2->data; in cil_typealiases_to_policy()
1051 fprintf(out, " %s", alias->datum.fqn); in cil_typealiases_to_policy()
1054 fprintf(out, " }"); in cil_typealiases_to_policy()
1056 fprintf(out, ";\n"); in cil_typealiases_to_policy()
1062 static void cil_typebounds_to_policy(FILE *out, struct cil_list *types) in cil_typebounds_to_policy() argument
1069 child = i1->data; in cil_typebounds_to_policy()
1070 if (child->bounds != NULL) { in cil_typebounds_to_policy()
1071 parent = child->bounds; in cil_typebounds_to_policy()
1072 fprintf(out, "typebounds %s %s;\n", parent->datum.fqn, child->datum.fqn); in cil_typebounds_to_policy()
1077 static void cil_typeattributes_to_policy(FILE *out, struct cil_list *types, struct cil_list *attrib… in cil_typeattributes_to_policy() argument
1085 type = i1->data; in cil_typeattributes_to_policy()
1087 attribute = i2->data; in cil_typeattributes_to_policy()
1088 if (!attribute->keep) in cil_typeattributes_to_policy()
1090 if (ebitmap_get_bit(attribute->types, type->value)) { in cil_typeattributes_to_policy()
1092 fprintf(out, "typeattribute %s %s", type->datum.fqn, attribute->datum.fqn); in cil_typeattributes_to_policy()
1095 fprintf(out, ", %s", attribute->datum.fqn); in cil_typeattributes_to_policy()
1100 fprintf(out, ";\n"); in cil_typeattributes_to_policy()
1106 static void cil_xperms_to_policy(FILE *out, struct cil_permissionx *permx) in cil_xperms_to_policy() argument
1113 if (permx->kind == CIL_PERMX_KIND_IOCTL) { in cil_xperms_to_policy()
1119 fprintf(out, "%s %s {", DATUM(permx->obj)->fqn, kind); in cil_xperms_to_policy()
1121 ebitmap_for_each_positive_bit(permx->perms, node, i) { in cil_xperms_to_policy()
1130 fprintf(out, " 0x%x", first); in cil_xperms_to_policy()
1137 fprintf(out, " 0x%x-0x%x", first, last); in cil_xperms_to_policy()
1139 fprintf(out, " 0x%x 0x%x", first, last); in cil_xperms_to_policy()
1147 fprintf(out, " 0x%x-0x%x", first, last); in cil_xperms_to_policy()
1149 fprintf(out, " 0x%x", first); in cil_xperms_to_policy()
1152 fprintf(out," }"); in cil_xperms_to_policy()
1155 static void cil_av_rulex_to_policy(FILE *out, struct cil_avrule *rule) in cil_av_rulex_to_policy() argument
1160 src = rule->src; in cil_av_rulex_to_policy()
1161 tgt = rule->tgt; in cil_av_rulex_to_policy()
1163 switch (rule->rule_kind) { in cil_av_rulex_to_policy()
1181 fprintf(out, "%s %s %s : ", kind, src->fqn, tgt->fqn); in cil_av_rulex_to_policy()
1182 cil_xperms_to_policy(out, rule->perms.x.permx); in cil_av_rulex_to_policy()
1183 fprintf(out, ";\n"); in cil_av_rulex_to_policy()
1186 static void cil_av_rule_to_policy(FILE *out, struct cil_avrule *rule) in cil_av_rule_to_policy() argument
1193 src = rule->src; in cil_av_rule_to_policy()
1194 tgt = rule->tgt; in cil_av_rule_to_policy()
1196 switch (rule->rule_kind) { in cil_av_rule_to_policy()
1215 cil_classperms_to_strings(rule->perms.classperms, classperms_strs); in cil_av_rule_to_policy()
1217 char *cp_str = i1->data; in cil_av_rule_to_policy()
1218 fprintf(out, "%s %s %s : %s;\n", kind, src->fqn, tgt->fqn, cp_str); in cil_av_rule_to_policy()
1224 static void cil_type_rule_to_policy(FILE *out, struct cil_type_rule *rule) in cil_type_rule_to_policy() argument
1231 src = rule->src; in cil_type_rule_to_policy()
1232 tgt = rule->tgt; in cil_type_rule_to_policy()
1233 res = rule->result; in cil_type_rule_to_policy()
1235 switch (rule->rule_kind) { in cil_type_rule_to_policy()
1250 class_list = cil_expand_class(rule->obj); in cil_type_rule_to_policy()
1252 fprintf(out, "%s %s %s : %s %s;\n", kind, src->fqn, tgt->fqn, DATUM(i1->data)->fqn, res->fqn); in cil_type_rule_to_policy()
1257 static void cil_nametypetransition_to_policy(FILE *out, struct cil_nametypetransition *trans) in cil_nametypetransition_to_policy() argument
1264 src = trans->src; in cil_nametypetransition_to_policy()
1265 tgt = trans->tgt; in cil_nametypetransition_to_policy()
1266 name = trans->name; in cil_nametypetransition_to_policy()
1267 res = trans->result; in cil_nametypetransition_to_policy()
1269 class_list = cil_expand_class(trans->obj); in cil_nametypetransition_to_policy()
1271 …fprintf(out, "type_transition %s %s : %s %s \"%s\";\n", src->fqn, tgt->fqn, DATUM(i1->data)->fqn, … in cil_nametypetransition_to_policy()
1276 static void cil_rangetransition_to_policy(FILE *out, struct cil_rangetransition *trans) in cil_rangetransition_to_policy() argument
1282 src = trans->src; in cil_rangetransition_to_policy()
1283 exec = trans->exec; in cil_rangetransition_to_policy()
1285 class_list = cil_expand_class(trans->obj); in cil_rangetransition_to_policy()
1287 fprintf(out, "range_transition %s %s : %s ", src->fqn, exec->fqn, DATUM(i1->data)->fqn); in cil_rangetransition_to_policy()
1288 cil_levelrange_to_policy(out, trans->range); in cil_rangetransition_to_policy()
1289 fprintf(out, ";\n"); in cil_rangetransition_to_policy()
1294 static void cil_typepermissive_to_policy(FILE *out, struct cil_typepermissive *rule) in cil_typepermissive_to_policy() argument
1296 fprintf(out, "permissive %s;\n", DATUM(rule->type)->fqn); in cil_typepermissive_to_policy()
1300 FILE *out; member
1309 switch (node->flavor) { in __cil_block_te_rules_to_policy_helper()
1311 struct cil_block *blk = node->data; in __cil_block_te_rules_to_policy_helper()
1312 if (blk->is_abstract == CIL_TRUE) { in __cil_block_te_rules_to_policy_helper()
1325 if (args->flavor == node->flavor) { in __cil_block_te_rules_to_policy_helper()
1326 struct cil_avrule *rule = node->data; in __cil_block_te_rules_to_policy_helper()
1327 if (args->rule_kind == rule->rule_kind) { in __cil_block_te_rules_to_policy_helper()
1328 if (rule->is_extended) { in __cil_block_te_rules_to_policy_helper()
1329 cil_av_rulex_to_policy(args->out, rule); in __cil_block_te_rules_to_policy_helper()
1331 cil_av_rule_to_policy(args->out, rule); in __cil_block_te_rules_to_policy_helper()
1337 if (args->flavor == node->flavor) { in __cil_block_te_rules_to_policy_helper()
1338 struct cil_type_rule *rule = node->data; in __cil_block_te_rules_to_policy_helper()
1339 if (args->rule_kind == rule->rule_kind) { in __cil_block_te_rules_to_policy_helper()
1340 cil_type_rule_to_policy(args->out, rule); in __cil_block_te_rules_to_policy_helper()
1346 if (args->flavor == node->flavor) { in __cil_block_te_rules_to_policy_helper()
1347 cil_nametypetransition_to_policy(args->out, node->data); in __cil_block_te_rules_to_policy_helper()
1351 if (args->flavor == node->flavor) { in __cil_block_te_rules_to_policy_helper()
1352 cil_rangetransition_to_policy(args->out, node->data); in __cil_block_te_rules_to_policy_helper()
1357 if (args->flavor == node->flavor) { in __cil_block_te_rules_to_policy_helper()
1358 cil_typepermissive_to_policy(args->out, node->data); in __cil_block_te_rules_to_policy_helper()
1368 static void cil_block_te_rules_to_policy(FILE *out, struct cil_tree_node *start, int mls) in cil_block_te_rules_to_policy() argument
1372 args.out = out; in cil_block_te_rules_to_policy()
1420 FILE *out; member
1428 switch (node->flavor) { in __cil_te_rules_to_policy_helper()
1430 struct cil_block *blk = node->data; in __cil_te_rules_to_policy_helper()
1431 if (blk->is_abstract == CIL_TRUE) { in __cil_te_rules_to_policy_helper()
1440 struct cil_booleanif *bool = node->data; in __cil_te_rules_to_policy_helper()
1444 fprintf(args->out, "if "); in __cil_te_rules_to_policy_helper()
1445 cil_cond_expr_to_policy(args->out, bool->datum_expr, CIL_TRUE); in __cil_te_rules_to_policy_helper()
1446 fprintf(args->out," {\n"); in __cil_te_rules_to_policy_helper()
1447 n = node->cl_head; in __cil_te_rules_to_policy_helper()
1448 cb = n != NULL ? n->data : NULL; in __cil_te_rules_to_policy_helper()
1449 if (cb && cb->flavor == CIL_CONDTRUE) { in __cil_te_rules_to_policy_helper()
1450 cil_block_te_rules_to_policy(args->out, n, args->mls); in __cil_te_rules_to_policy_helper()
1451 n = n->next; in __cil_te_rules_to_policy_helper()
1452 cb = n != NULL ? n->data : NULL; in __cil_te_rules_to_policy_helper()
1454 if (cb && cb->flavor == CIL_CONDFALSE) { in __cil_te_rules_to_policy_helper()
1455 fprintf(args->out,"} else {\n"); in __cil_te_rules_to_policy_helper()
1456 cil_block_te_rules_to_policy(args->out, n, args->mls); in __cil_te_rules_to_policy_helper()
1458 fprintf(args->out,"}\n"); in __cil_te_rules_to_policy_helper()
1469 static void cil_te_rules_to_policy(FILE *out, struct cil_tree_node *head, int mls) in cil_te_rules_to_policy() argument
1473 args.out = out; in cil_te_rules_to_policy()
1476 cil_block_te_rules_to_policy(out, head, mls); in cil_te_rules_to_policy()
1480 static void cil_roles_to_policy(FILE *out, struct cil_list *rules) in cil_roles_to_policy() argument
1486 role = i1->data; in cil_roles_to_policy()
1487 if (strcmp(role->datum.fqn,"object_r") == 0) in cil_roles_to_policy()
1489 fprintf(out, "role %s;\n", role->datum.fqn); in cil_roles_to_policy()
1493 static void cil_role_types_to_policy(FILE *out, struct cil_list *roles, struct cil_list *types) in cil_role_types_to_policy() argument
1501 role = i1->data; in cil_role_types_to_policy()
1502 if (strcmp(role->datum.fqn,"object_r") == 0) in cil_role_types_to_policy()
1504 if (role->types) { in cil_role_types_to_policy()
1506 type = i2->data; in cil_role_types_to_policy()
1507 if (ebitmap_get_bit(role->types, type->value)) { in cil_role_types_to_policy()
1509 fprintf(out, "role %s types { %s", role->datum.fqn, type->datum.fqn); in cil_role_types_to_policy()
1512 fprintf(out, " %s", type->datum.fqn); in cil_role_types_to_policy()
1517 fprintf(out, " }"); in cil_role_types_to_policy()
1520 fprintf(out, ";\n"); in cil_role_types_to_policy()
1525 static void cil_roleattributes_to_policy(FILE *out, struct cil_list *roles, struct cil_list *attrib… in cil_roleattributes_to_policy() argument
1533 role = i1->data; in cil_roleattributes_to_policy()
1534 if (strcmp(role->datum.fqn,"object_r") == 0) in cil_roleattributes_to_policy()
1537 attribute = i2->data; in cil_roleattributes_to_policy()
1538 if (ebitmap_get_bit(attribute->roles, role->value)) { in cil_roleattributes_to_policy()
1540 fprintf(out, "roleattribute %s %s", role->datum.fqn, attribute->datum.fqn); in cil_roleattributes_to_policy()
1543 fprintf(out, ", %s", attribute->datum.fqn); in cil_roleattributes_to_policy()
1548 fprintf(out, ";\n"); in cil_roleattributes_to_policy()
1554 static void cil_roleallows_to_policy(FILE *out, struct cil_list *roleallows) in cil_roleallows_to_policy() argument
1560 allow = i1->data; in cil_roleallows_to_policy()
1561 fprintf(out, "allow %s %s;\n", DATUM(allow->src)->fqn, DATUM(allow->tgt)->fqn); in cil_roleallows_to_policy()
1565 static void cil_roletransitions_to_policy(FILE *out, struct cil_list *roletransitions) in cil_roletransitions_to_policy() argument
1573 trans = i1->data; in cil_roletransitions_to_policy()
1574 class_list = cil_expand_class(trans->obj); in cil_roletransitions_to_policy()
1576 …fprintf(out, "role_transition %s %s : %s %s;\n", DATUM(trans->src)->fqn, DATUM(trans->tgt)->fqn, D… in cil_roletransitions_to_policy()
1582 static void cil_users_to_policy(FILE *out, int mls, struct cil_list *users, struct cil_list *all_ro… in cil_users_to_policy() argument
1591 user = i1->data; in cil_users_to_policy()
1593 fprintf(out, "user %s",user->datum.fqn); in cil_users_to_policy()
1595 role = i2->data; in cil_users_to_policy()
1596 if (ebitmap_get_bit(user->roles, role->value)) { in cil_users_to_policy()
1605 fprintf(out, " roles"); in cil_users_to_policy()
1607 fprintf(out, " {"); in cil_users_to_policy()
1610 role = i2->data; in cil_users_to_policy()
1611 fprintf(out, " %s", role->datum.fqn); in cil_users_to_policy()
1614 fprintf(out, " }"); in cil_users_to_policy()
1619 if (mls == CIL_TRUE && user->dftlevel != NULL) { in cil_users_to_policy()
1620 fprintf(out, " level "); in cil_users_to_policy()
1621 cil_level_to_policy(out, user->dftlevel); in cil_users_to_policy()
1624 if (mls == CIL_TRUE && user->range != NULL) { in cil_users_to_policy()
1625 fprintf(out, " range "); in cil_users_to_policy()
1626 cil_levelrange_to_policy(out, user->range); in cil_users_to_policy()
1629 fprintf(out,";\n"); in cil_users_to_policy()
1633 static void cil_constrains_to_policy(FILE *out, struct cil_db *db, struct cil_list *constrains) in cil_constrains_to_policy() argument
1642 cons = i1->data; in cil_constrains_to_policy()
1644 cil_classperms_to_strings(cons->classperms, classperms_strs); in cil_constrains_to_policy()
1645 expr_str = cil_cons_expr_to_string(db, cons->datum_expr); in cil_constrains_to_policy()
1647 cp_str = i2->data; in cil_constrains_to_policy()
1648 fprintf(out, "constrain %s %s;\n",cp_str, expr_str); in cil_constrains_to_policy()
1656 static void cil_sid_contexts_to_policy(FILE *out, struct cil_list *sids, int mls) in cil_sid_contexts_to_policy() argument
1662 sid = i1->data; in cil_sid_contexts_to_policy()
1663 if (sid->context) { in cil_sid_contexts_to_policy()
1664 fprintf(out, "sid %s ", sid->datum.fqn); in cil_sid_contexts_to_policy()
1665 cil_context_to_policy(out, sid->context, mls); in cil_sid_contexts_to_policy()
1666 fprintf(out,"\n"); in cil_sid_contexts_to_policy()
1671 static void cil_fsuses_to_policy(FILE *out, struct cil_sort *fsuses, int mls) in cil_fsuses_to_policy() argument
1676 for (i=0; i<fsuses->count; i++) { in cil_fsuses_to_policy()
1677 fsuse = fsuses->array[i]; in cil_fsuses_to_policy()
1678 if (fsuse->type == CIL_FSUSE_XATTR) { in cil_fsuses_to_policy()
1679 fprintf(out, "fs_use_xattr %s ", fsuse->fs_str); in cil_fsuses_to_policy()
1680 cil_context_to_policy(out, fsuse->context, mls); in cil_fsuses_to_policy()
1681 fprintf(out,";\n"); in cil_fsuses_to_policy()
1685 for (i=0; i<fsuses->count; i++) { in cil_fsuses_to_policy()
1686 fsuse = fsuses->array[i]; in cil_fsuses_to_policy()
1687 if (fsuse->type == CIL_FSUSE_TASK) { in cil_fsuses_to_policy()
1688 fprintf(out, "fs_use_task %s ", fsuse->fs_str); in cil_fsuses_to_policy()
1689 cil_context_to_policy(out, fsuse->context, mls); in cil_fsuses_to_policy()
1690 fprintf(out,";\n"); in cil_fsuses_to_policy()
1694 for (i=0; i<fsuses->count; i++) { in cil_fsuses_to_policy()
1695 fsuse = fsuses->array[i]; in cil_fsuses_to_policy()
1696 if (fsuse->type == CIL_FSUSE_TRANS) { in cil_fsuses_to_policy()
1697 fprintf(out, "fs_use_trans %s ", fsuse->fs_str); in cil_fsuses_to_policy()
1698 cil_context_to_policy(out, fsuse->context, mls); in cil_fsuses_to_policy()
1699 fprintf(out,";\n"); in cil_fsuses_to_policy()
1704 static void cil_genfscons_to_policy(FILE *out, struct cil_sort *genfscons, int mls) in cil_genfscons_to_policy() argument
1709 for (i=0; i<genfscons->count; i++) { in cil_genfscons_to_policy()
1710 genfscon = genfscons->array[i]; in cil_genfscons_to_policy()
1711 fprintf(out, "genfscon %s %s ", genfscon->fs_str, genfscon->path_str); in cil_genfscons_to_policy()
1712 cil_context_to_policy(out, genfscon->context, mls); in cil_genfscons_to_policy()
1713 fprintf(out, "\n"); in cil_genfscons_to_policy()
1717 static void cil_ibpkeycons_to_policy(FILE *out, struct cil_sort *ibpkeycons, int mls) in cil_ibpkeycons_to_policy() argument
1721 for (i = 0; i < ibpkeycons->count; i++) { in cil_ibpkeycons_to_policy()
1722 struct cil_ibpkeycon *ibpkeycon = (struct cil_ibpkeycon *)ibpkeycons->array[i]; in cil_ibpkeycons_to_policy()
1724 fprintf(out, "ibpkeycon %s ", ibpkeycon->subnet_prefix_str); in cil_ibpkeycons_to_policy()
1725 fprintf(out, "%d ", ibpkeycon->pkey_low); in cil_ibpkeycons_to_policy()
1726 fprintf(out, "%d ", ibpkeycon->pkey_high); in cil_ibpkeycons_to_policy()
1727 cil_context_to_policy(out, ibpkeycon->context, mls); in cil_ibpkeycons_to_policy()
1728 fprintf(out, "\n"); in cil_ibpkeycons_to_policy()
1732 static void cil_ibendportcons_to_policy(FILE *out, struct cil_sort *ibendportcons, int mls) in cil_ibendportcons_to_policy() argument
1736 for (i = 0; i < ibendportcons->count; i++) { in cil_ibendportcons_to_policy()
1737 struct cil_ibendportcon *ibendportcon = (struct cil_ibendportcon *)ibendportcons->array[i]; in cil_ibendportcons_to_policy()
1739 fprintf(out, "ibendportcon %s ", ibendportcon->dev_name_str); in cil_ibendportcons_to_policy()
1740 fprintf(out, "%u ", ibendportcon->port); in cil_ibendportcons_to_policy()
1741 cil_context_to_policy(out, ibendportcon->context, mls); in cil_ibendportcons_to_policy()
1742 fprintf(out, "\n"); in cil_ibendportcons_to_policy()
1746 static void cil_portcons_to_policy(FILE *out, struct cil_sort *portcons, int mls) in cil_portcons_to_policy() argument
1751 for (i=0; i<portcons->count; i++) { in cil_portcons_to_policy()
1752 portcon = portcons->array[i]; in cil_portcons_to_policy()
1753 fprintf(out, "portcon "); in cil_portcons_to_policy()
1754 if (portcon->proto == CIL_PROTOCOL_UDP) { in cil_portcons_to_policy()
1755 fprintf(out, "udp "); in cil_portcons_to_policy()
1756 } else if (portcon->proto == CIL_PROTOCOL_TCP) { in cil_portcons_to_policy()
1757 fprintf(out, "tcp "); in cil_portcons_to_policy()
1758 } else if (portcon->proto == CIL_PROTOCOL_DCCP) { in cil_portcons_to_policy()
1759 fprintf(out, "dccp "); in cil_portcons_to_policy()
1760 } else if (portcon->proto == CIL_PROTOCOL_SCTP) { in cil_portcons_to_policy()
1761 fprintf(out, "sctp "); in cil_portcons_to_policy()
1763 if (portcon->port_low == portcon->port_high) { in cil_portcons_to_policy()
1764 fprintf(out, "%d ", portcon->port_low); in cil_portcons_to_policy()
1766 fprintf(out, "%d-%d ", portcon->port_low, portcon->port_high); in cil_portcons_to_policy()
1768 cil_context_to_policy(out, portcon->context, mls); in cil_portcons_to_policy()
1769 fprintf(out, "\n"); in cil_portcons_to_policy()
1773 static void cil_netifcons_to_policy(FILE *out, struct cil_sort *netifcons, int mls) in cil_netifcons_to_policy() argument
1778 for (i=0; i<netifcons->count; i++) { in cil_netifcons_to_policy()
1779 netifcon = netifcons->array[i]; in cil_netifcons_to_policy()
1780 fprintf(out, "netifcon %s ", netifcon->interface_str); in cil_netifcons_to_policy()
1781 cil_context_to_policy(out, netifcon->if_context, mls); in cil_netifcons_to_policy()
1782 fprintf(out, " "); in cil_netifcons_to_policy()
1783 cil_context_to_policy(out, netifcon->packet_context, mls); in cil_netifcons_to_policy()
1784 fprintf(out, "\n"); in cil_netifcons_to_policy()
1788 static void cil_nodecons_to_policy(FILE *out, struct cil_sort *nodecons, int mls) in cil_nodecons_to_policy() argument
1794 for (i=0; i<nodecons->count; i++) { in cil_nodecons_to_policy()
1795 nodecon = nodecons->array[i]; in cil_nodecons_to_policy()
1796 fprintf(out, "nodecon "); in cil_nodecons_to_policy()
1798 if (nodecon->addr->family == AF_INET) { in cil_nodecons_to_policy()
1801 inet_ntop(nodecon->addr->family, &nodecon->addr->ip.v4, addr, INET_ADDRSTRLEN); in cil_nodecons_to_policy()
1803 fprintf(out, "%s ",addr); in cil_nodecons_to_policy()
1805 fprintf(out, "[INVALID] "); in cil_nodecons_to_policy()
1811 inet_ntop(nodecon->mask->family, &nodecon->mask->ip.v4, mask, INET_ADDRSTRLEN); in cil_nodecons_to_policy()
1813 fprintf(out, "%s ",mask); in cil_nodecons_to_policy()
1815 fprintf(out, "[INVALID] "); in cil_nodecons_to_policy()
1821 inet_ntop(nodecon->addr->family, &nodecon->addr->ip.v6, addr, INET6_ADDRSTRLEN); in cil_nodecons_to_policy()
1823 fprintf(out, "%s ",addr); in cil_nodecons_to_policy()
1825 fprintf(out, "[INVALID] "); in cil_nodecons_to_policy()
1831 inet_ntop(nodecon->mask->family, &nodecon->mask->ip.v6, mask, INET6_ADDRSTRLEN); in cil_nodecons_to_policy()
1833 fprintf(out, "%s ",mask); in cil_nodecons_to_policy()
1835 fprintf(out, "[INVALID] "); in cil_nodecons_to_policy()
1840 cil_context_to_policy(out, nodecon->context, mls); in cil_nodecons_to_policy()
1841 fprintf(out, "\n"); in cil_nodecons_to_policy()
1845 static void cil_pirqcons_to_policy(FILE *out, struct cil_sort *pirqcons, int mls) in cil_pirqcons_to_policy() argument
1850 for (i = 0; i<pirqcons->count; i++) { in cil_pirqcons_to_policy()
1851 pirqcon = pirqcons->array[i]; in cil_pirqcons_to_policy()
1852 fprintf(out, "pirqcon %d ", pirqcon->pirq); in cil_pirqcons_to_policy()
1853 cil_context_to_policy(out, pirqcon->context, mls); in cil_pirqcons_to_policy()
1854 fprintf(out, ";\n"); in cil_pirqcons_to_policy()
1858 static void cil_iomemcons_to_policy(FILE *out, struct cil_sort *iomemcons, int mls) in cil_iomemcons_to_policy() argument
1863 for (i = 0; i<iomemcons->count; i++) { in cil_iomemcons_to_policy()
1864 iomemcon = iomemcons->array[i]; in cil_iomemcons_to_policy()
1865 if (iomemcon->iomem_low == iomemcon->iomem_high) { in cil_iomemcons_to_policy()
1866 fprintf(out, "iomemcon %"PRIx64" ", iomemcon->iomem_low); in cil_iomemcons_to_policy()
1868 fprintf(out, "iomemcon %"PRIx64"-%"PRIx64" ", iomemcon->iomem_low, iomemcon->iomem_high); in cil_iomemcons_to_policy()
1870 cil_context_to_policy(out, iomemcon->context, mls); in cil_iomemcons_to_policy()
1871 fprintf(out, ";\n"); in cil_iomemcons_to_policy()
1875 static void cil_ioportcons_to_policy(FILE *out, struct cil_sort *ioportcons, int mls) in cil_ioportcons_to_policy() argument
1880 for (i = 0; i < ioportcons->count; i++) { in cil_ioportcons_to_policy()
1881 ioportcon = ioportcons->array[i]; in cil_ioportcons_to_policy()
1882 fprintf(out, "ioportcon 0x%x-0x%x ", ioportcon->ioport_low, ioportcon->ioport_high); in cil_ioportcons_to_policy()
1883 cil_context_to_policy(out, ioportcon->context, mls); in cil_ioportcons_to_policy()
1884 fprintf(out, ";\n"); in cil_ioportcons_to_policy()
1888 static void cil_pcidevicecons_to_policy(FILE *out, struct cil_sort *pcidevicecons, int mls) in cil_pcidevicecons_to_policy() argument
1893 for (i = 0; i < pcidevicecons->count; i++) { in cil_pcidevicecons_to_policy()
1894 pcidevicecon = pcidevicecons->array[i]; in cil_pcidevicecons_to_policy()
1895 fprintf(out, "pcidevicecon 0x%x ", pcidevicecon->dev); in cil_pcidevicecons_to_policy()
1896 cil_context_to_policy(out, pcidevicecon->context, mls); in cil_pcidevicecons_to_policy()
1897 fprintf(out, ";\n"); in cil_pcidevicecons_to_policy()
1901 static void cil_devicetreecons_to_policy(FILE *out, struct cil_sort *devicetreecons, int mls) in cil_devicetreecons_to_policy() argument
1906 for (i = 0; i < devicetreecons->count; i++) { in cil_devicetreecons_to_policy()
1907 devicetreecon = devicetreecons->array[i]; in cil_devicetreecons_to_policy()
1908 fprintf(out, "devicetreecon %s ", devicetreecon->path); in cil_devicetreecons_to_policy()
1909 cil_context_to_policy(out, devicetreecon->context, mls); in cil_devicetreecons_to_policy()
1910 fprintf(out, ";\n"); in cil_devicetreecons_to_policy()
1914 void cil_gen_policy(FILE *out, struct cil_db *db) in cil_gen_policy() argument
1917 struct cil_tree_node *head = db->ast->root; in cil_gen_policy()
1926 cil_class_decls_to_policy(out, db->classorder); in cil_gen_policy()
1928 cil_sid_decls_to_policy(out, db->sidorder); in cil_gen_policy()
1930 cil_commons_to_policy(out, lists[CIL_LIST_COMMON]); in cil_gen_policy()
1931 cil_classes_to_policy(out, db->classorder); in cil_gen_policy()
1933 cil_defaults_to_policy(out, lists[CIL_LIST_DEFAULT_USER], "default_user"); in cil_gen_policy()
1934 cil_defaults_to_policy(out, lists[CIL_LIST_DEFAULT_ROLE], "default_role"); in cil_gen_policy()
1935 cil_defaults_to_policy(out, lists[CIL_LIST_DEFAULT_TYPE], "default_type"); in cil_gen_policy()
1937 if (db->mls == CIL_TRUE) { in cil_gen_policy()
1938 cil_default_ranges_to_policy(out, lists[CIL_LIST_DEFAULT_RANGE]); in cil_gen_policy()
1939 cil_sensitivities_to_policy(out, db->sensitivityorder, lists[CIL_LIST_SENSALIAS]); in cil_gen_policy()
1940 cil_dominance_to_policy(out, db->sensitivityorder); in cil_gen_policy()
1941 cil_categories_to_policy(out, db->catorder, lists[CIL_LIST_CATALIAS]); in cil_gen_policy()
1942 cil_levels_to_policy(out, db->sensitivityorder); in cil_gen_policy()
1943 cil_mlsconstrains_to_policy(out, db, lists[CIL_LIST_MLSCONSTRAIN]); in cil_gen_policy()
1944 cil_validatetrans_to_policy(out, db, lists[CIL_LIST_MLSVALIDATETRANS], CIL_KEY_MLSVALIDATETRANS); in cil_gen_policy()
1947 cil_simple_rules_to_policy(out, lists[CIL_LIST_POLICYCAP], CIL_KEY_POLICYCAP); in cil_gen_policy()
1949 cil_simple_rules_to_policy(out, lists[CIL_LIST_TYPEATTRIBUTE], "attribute"); in cil_gen_policy()
1950 cil_simple_rules_to_policy(out, lists[CIL_LIST_ROLEATTRIBUTE], "attribute_role"); in cil_gen_policy()
1952 cil_bools_to_policy(out, lists[CIL_LIST_BOOL]); in cil_gen_policy()
1954 cil_simple_rules_to_policy(out, lists[CIL_LIST_TYPE], "type"); in cil_gen_policy()
1955 cil_typealiases_to_policy(out, lists[CIL_LIST_TYPE], lists[CIL_LIST_TYPEALIAS]); in cil_gen_policy()
1956 cil_typebounds_to_policy(out, lists[CIL_LIST_TYPE]); in cil_gen_policy()
1957 cil_typeattributes_to_policy(out, lists[CIL_LIST_TYPE], lists[CIL_LIST_TYPEATTRIBUTE]); in cil_gen_policy()
1958 cil_te_rules_to_policy(out, head, db->mls); in cil_gen_policy()
1960 cil_roles_to_policy(out, lists[CIL_LIST_ROLE]); in cil_gen_policy()
1961 cil_role_types_to_policy(out, lists[CIL_LIST_ROLE], lists[CIL_LIST_TYPE]); in cil_gen_policy()
1962 cil_roleattributes_to_policy(out, lists[CIL_LIST_ROLE], lists[CIL_LIST_ROLEATTRIBUTE]); in cil_gen_policy()
1963 cil_roleallows_to_policy(out, lists[CIL_LIST_ROLEALLOW]); in cil_gen_policy()
1964 cil_roletransitions_to_policy(out, lists[CIL_LIST_ROLETRANSITION]); in cil_gen_policy()
1966 cil_users_to_policy(out, db->mls, lists[CIL_LIST_USER], lists[CIL_LIST_ROLE]); in cil_gen_policy()
1968 cil_constrains_to_policy(out, db, lists[CIL_LIST_CONSTRAINT]); in cil_gen_policy()
1969 cil_validatetrans_to_policy(out, db, lists[CIL_LIST_VALIDATETRANS], CIL_KEY_VALIDATETRANS); in cil_gen_policy()
1971 cil_sid_contexts_to_policy(out, db->sidorder, db->mls); in cil_gen_policy()
1972 cil_fsuses_to_policy(out, db->fsuse, db->mls); in cil_gen_policy()
1973 cil_genfscons_to_policy(out, db->genfscon, db->mls); in cil_gen_policy()
1974 cil_portcons_to_policy(out, db->portcon, db->mls); in cil_gen_policy()
1975 cil_netifcons_to_policy(out, db->netifcon, db->mls); in cil_gen_policy()
1976 cil_ibpkeycons_to_policy(out, db->ibpkeycon, db->mls); in cil_gen_policy()
1977 cil_ibendportcons_to_policy(out, db->ibendportcon, db->mls); in cil_gen_policy()
1978 cil_nodecons_to_policy(out, db->nodecon, db->mls); in cil_gen_policy()
1979 cil_pirqcons_to_policy(out, db->pirqcon, db->mls); in cil_gen_policy()
1980 cil_iomemcons_to_policy(out, db->iomemcon, db->mls); in cil_gen_policy()
1981 cil_ioportcons_to_policy(out, db->ioportcon, db->mls); in cil_gen_policy()
1982 cil_pcidevicecons_to_policy(out, db->pcidevicecon, db->mls); in cil_gen_policy()
1983 cil_devicetreecons_to_policy(out, db->devicetreecon, db->mls); in cil_gen_policy()