Lines Matching full:pdb
31 static char *cond_expr_to_str(struct policydb *pdb, struct cond_expr *expr) in cond_expr_to_str() argument
46 char *val1 = pdb->p_bool_val_to_name[curr->bool - 1]; in cond_expr_to_str()
121 static char *constraint_expr_to_str(struct policydb *pdb, struct constraint_expr *expr, int *use_ml… in constraint_expr_to_str() argument
185 names = ebitmap_to_str(&ts->types, pdb->p_type_val_to_name, 1); in constraint_expr_to_str()
187 names = ebitmap_to_str(&curr->names, pdb->p_user_val_to_name, 1); in constraint_expr_to_str()
189 names = ebitmap_to_str(&curr->names, pdb->p_role_val_to_name, 1); in constraint_expr_to_str()
270 static int class_constraint_rules_to_strs(struct policydb *pdb, char *classkey, in class_constraint_rules_to_strs() argument
288 expr = constraint_expr_to_str(pdb, curr->expr, &is_mls); in class_constraint_rules_to_strs()
294 perms = sepol_av_to_string(pdb, class->s.value, curr->permissions); in class_constraint_rules_to_strs()
317 static int class_validatetrans_rules_to_strs(struct policydb *pdb, char *classkey, in class_validatetrans_rules_to_strs() argument
330 expr = constraint_expr_to_str(pdb, curr->expr, &is_mls); in class_validatetrans_rules_to_strs()
355 static int constraint_rules_to_strs(struct policydb *pdb, struct strs *mls_strs, struct strs *non_m… in constraint_rules_to_strs() argument
362 for (i=0; i < pdb->p_classes.nprim; i++) { in constraint_rules_to_strs()
363 class = pdb->class_val_to_struct[i]; in constraint_rules_to_strs()
366 name = pdb->p_class_val_to_name[i]; in constraint_rules_to_strs()
367 … rc = class_constraint_rules_to_strs(pdb, name, class, class->constraints, mls_strs, non_mls_strs); in constraint_rules_to_strs()
381 static int validatetrans_rules_to_strs(struct policydb *pdb, struct strs *mls_strs, struct strs *no… in validatetrans_rules_to_strs() argument
388 for (i=0; i < pdb->p_classes.nprim; i++) { in validatetrans_rules_to_strs()
389 class = pdb->class_val_to_struct[i]; in validatetrans_rules_to_strs()
392 name = pdb->p_class_val_to_name[i]; in validatetrans_rules_to_strs()
393 rc = class_validatetrans_rules_to_strs(pdb, name, class->validatetrans, mls_strs, non_mls_strs); in validatetrans_rules_to_strs()
407 static int write_handle_unknown_to_cil(FILE *out, struct policydb *pdb) in write_handle_unknown_to_cil() argument
411 switch (pdb->handle_unknown) { in write_handle_unknown_to_cil()
422 sepol_log_err("Unknown value for handle-unknown: %i", pdb->handle_unknown); in write_handle_unknown_to_cil()
457 static int write_class_decl_rules_to_cil(FILE *out, struct policydb *pdb) in write_class_decl_rules_to_cil() argument
467 for (i=0; i < pdb->p_classes.nprim; i++) { in write_class_decl_rules_to_cil()
468 class = pdb->class_val_to_struct[i]; in write_class_decl_rules_to_cil()
470 name = pdb->p_class_val_to_name[i]; in write_class_decl_rules_to_cil()
483 for (i=0; i < pdb->p_classes.nprim; i++) { in write_class_decl_rules_to_cil()
487 name = pdb->p_class_val_to_name[i]; in write_class_decl_rules_to_cil()
495 for (i=0; i < pdb->p_classes.nprim; i++) { in write_class_decl_rules_to_cil()
496 class = pdb->class_val_to_struct[i]; in write_class_decl_rules_to_cil()
498 name = pdb->p_class_val_to_name[i]; in write_class_decl_rules_to_cil()
505 used = calloc(pdb->p_commons.nprim, sizeof(*used)); in write_class_decl_rules_to_cil()
511 for (i=0; i < pdb->p_classes.nprim; i++) { in write_class_decl_rules_to_cil()
512 class = pdb->class_val_to_struct[i]; in write_class_decl_rules_to_cil()
516 common = hashtab_search(pdb->p_commons.table, name); in write_class_decl_rules_to_cil()
616 static int write_sid_decl_rules_to_cil(FILE *out, struct policydb *pdb) in write_sid_decl_rules_to_cil() argument
620 if (pdb->target_platform == SEPOL_TARGET_SELINUX) { in write_sid_decl_rules_to_cil()
622 pdb->ocontexts[0]); in write_sid_decl_rules_to_cil()
623 } else if (pdb->target_platform == SEPOL_TARGET_XEN) { in write_sid_decl_rules_to_cil()
625 pdb->ocontexts[0]); in write_sid_decl_rules_to_cil()
627 sepol_log_err("Unknown target platform: %i", pdb->target_platform); in write_sid_decl_rules_to_cil()
729 static int write_default_rules_to_cil(FILE *out, struct policydb *pdb) in write_default_rules_to_cil() argument
736 for (i=0; i < pdb->p_classes.nprim; i++) { in write_default_rules_to_cil()
737 class = pdb->class_val_to_struct[i]; in write_default_rules_to_cil()
740 rc = write_default_user_to_cil(out, pdb->p_class_val_to_name[i], class); in write_default_rules_to_cil()
748 for (i=0; i < pdb->p_classes.nprim; i++) { in write_default_rules_to_cil()
749 class = pdb->class_val_to_struct[i]; in write_default_rules_to_cil()
752 rc = write_default_role_to_cil(out, pdb->p_class_val_to_name[i], class); in write_default_rules_to_cil()
760 for (i=0; i < pdb->p_classes.nprim; i++) { in write_default_rules_to_cil()
761 class = pdb->class_val_to_struct[i]; in write_default_rules_to_cil()
764 rc = write_default_type_to_cil(out, pdb->p_class_val_to_name[i], class); in write_default_rules_to_cil()
771 if (!pdb->mls) { in write_default_rules_to_cil()
776 for (i=0; i < pdb->p_classes.nprim; i++) { in write_default_rules_to_cil()
777 class = pdb->class_val_to_struct[i]; in write_default_rules_to_cil()
780 rc = write_default_range_to_cil(out, pdb->p_class_val_to_name[i], class); in write_default_rules_to_cil()
826 static int write_sensitivity_rules_to_cil(FILE *out, struct policydb *pdb) in write_sensitivity_rules_to_cil() argument
835 for (i=0; i < pdb->p_levels.nprim; i++) { in write_sensitivity_rules_to_cil()
836 name = pdb->p_sens_val_to_name[i]; in write_sensitivity_rules_to_cil()
843 for (i=0; i < pdb->p_levels.nprim; i++) { in write_sensitivity_rules_to_cil()
844 name = pdb->p_sens_val_to_name[i]; in write_sensitivity_rules_to_cil()
855 rc = hashtab_map(pdb->p_levels.table, map_count_sensitivity_aliases, &num); in write_sensitivity_rules_to_cil()
871 rc = hashtab_map(pdb->p_levels.table, map_sensitivity_aliases_to_strs, strs); in write_sensitivity_rules_to_cil()
887 level = hashtab_search(pdb->p_levels.table, name); in write_sensitivity_rules_to_cil()
892 actual = pdb->p_sens_val_to_name[level->level->sens - 1]; in write_sensitivity_rules_to_cil()
930 static int write_category_rules_to_cil(FILE *out, struct policydb *pdb) in write_category_rules_to_cil() argument
939 for (i=0; i < pdb->p_cats.nprim; i++) { in write_category_rules_to_cil()
940 name = pdb->p_cat_val_to_name[i]; in write_category_rules_to_cil()
947 for (i=0; i < pdb->p_cats.nprim; i++) { in write_category_rules_to_cil()
948 name = pdb->p_cat_val_to_name[i]; in write_category_rules_to_cil()
959 rc = hashtab_map(pdb->p_cats.table, map_count_category_aliases, &num); in write_category_rules_to_cil()
975 rc = hashtab_map(pdb->p_cats.table, map_category_aliases_to_strs, strs); in write_category_rules_to_cil()
991 cat = hashtab_search(pdb->p_cats.table, name); in write_category_rules_to_cil()
996 actual = pdb->p_cat_val_to_name[cat->s.value - 1]; in write_category_rules_to_cil()
1108 static int write_sensitivitycategory_rules_to_cil(FILE *out, struct policydb *pdb) in write_sensitivitycategory_rules_to_cil() argument
1116 for (i=0; i < pdb->p_levels.nprim; i++) { in write_sensitivitycategory_rules_to_cil()
1117 name = pdb->p_sens_val_to_name[i]; in write_sensitivitycategory_rules_to_cil()
1119 level = hashtab_search(pdb->p_levels.table, name); in write_sensitivitycategory_rules_to_cil()
1127 cats = cats_ebitmap_to_str(&level->level->cat, pdb->p_cat_val_to_name); in write_sensitivitycategory_rules_to_cil()
1141 static int write_mls_rules_to_cil(FILE *out, struct policydb *pdb) in write_mls_rules_to_cil() argument
1145 if (!pdb->mls) { in write_mls_rules_to_cil()
1154 rc = write_sensitivity_rules_to_cil(out, pdb); in write_mls_rules_to_cil()
1159 rc = write_category_rules_to_cil(out, pdb); in write_mls_rules_to_cil()
1164 rc = write_sensitivitycategory_rules_to_cil(out, pdb); in write_mls_rules_to_cil()
1177 static int write_polcap_rules_to_cil(FILE *out, struct policydb *pdb) in write_polcap_rules_to_cil() argument
1190 ebitmap_for_each_positive_bit(&pdb->policycaps, node, i) { in write_polcap_rules_to_cil()
1218 static int write_type_attributes_to_cil(FILE *out, struct policydb *pdb) in write_type_attributes_to_cil() argument
1226 rc = strs_init(&strs, pdb->p_types.nprim); in write_type_attributes_to_cil()
1231 for (i=0; i < pdb->p_types.nprim; i++) { in write_type_attributes_to_cil()
1232 type = pdb->type_val_to_struct[i]; in write_type_attributes_to_cil()
1234 rc = strs_add(strs, pdb->p_type_val_to_name[i]); in write_type_attributes_to_cil()
1263 static int write_role_attributes_to_cil(FILE *out, struct policydb *pdb) in write_role_attributes_to_cil() argument
1271 rc = strs_init(&strs, pdb->p_roles.nprim); in write_role_attributes_to_cil()
1276 for (i=0; i < pdb->p_roles.nprim; i++) { in write_role_attributes_to_cil()
1277 role = pdb->role_val_to_struct[i]; in write_role_attributes_to_cil()
1279 rc = strs_add(strs, pdb->p_role_val_to_name[i]); in write_role_attributes_to_cil()
1319 static int write_boolean_decl_rules_to_cil(FILE *out, struct policydb *pdb) in write_boolean_decl_rules_to_cil() argument
1329 rc = hashtab_map(pdb->p_bools.table, map_boolean_to_strs, strs); in write_boolean_decl_rules_to_cil()
1348 static int write_type_decl_rules_to_cil(FILE *out, struct policydb *pdb) in write_type_decl_rules_to_cil() argument
1356 rc = strs_init(&strs, pdb->p_types.nprim); in write_type_decl_rules_to_cil()
1361 for (i=0; i < pdb->p_types.nprim; i++) { in write_type_decl_rules_to_cil()
1362 type = pdb->type_val_to_struct[i]; in write_type_decl_rules_to_cil()
1364 rc = strs_add(strs, pdb->p_type_val_to_name[i]); in write_type_decl_rules_to_cil()
1416 static int write_type_alias_rules_to_cil(FILE *out, struct policydb *pdb) in write_type_alias_rules_to_cil() argument
1425 rc = hashtab_map(pdb->p_types.table, map_count_type_aliases, &num); in write_type_alias_rules_to_cil()
1435 rc = hashtab_map(pdb->p_types.table, map_type_aliases_to_strs, strs); in write_type_alias_rules_to_cil()
1457 alias = hashtab_search(pdb->p_types.table, name); in write_type_alias_rules_to_cil()
1462 type = pdb->p_type_val_to_name[alias->s.value - 1]; in write_type_alias_rules_to_cil()
1476 static int write_type_bounds_rules_to_cil(FILE *out, struct policydb *pdb) in write_type_bounds_rules_to_cil() argument
1485 rc = strs_init(&strs, pdb->p_types.nprim); in write_type_bounds_rules_to_cil()
1490 for (i=0; i < pdb->p_types.nprim; i++) { in write_type_bounds_rules_to_cil()
1491 type = pdb->type_val_to_struct[i]; in write_type_bounds_rules_to_cil()
1494 rc = strs_add(strs, pdb->p_type_val_to_name[i]); in write_type_bounds_rules_to_cil()
1511 type = hashtab_search(pdb->p_types.table, child); in write_type_bounds_rules_to_cil()
1516 parent = pdb->p_type_val_to_name[type->bounds - 1]; in write_type_bounds_rules_to_cil()
1530 static int write_type_attribute_sets_to_cil(FILE *out, struct policydb *pdb) in write_type_attribute_sets_to_cil() argument
1539 rc = strs_init(&strs, pdb->p_types.nprim); in write_type_attribute_sets_to_cil()
1544 for (i=0; i < pdb->p_types.nprim; i++) { in write_type_attribute_sets_to_cil()
1545 attr = pdb->type_val_to_struct[i]; in write_type_attribute_sets_to_cil()
1547 name = pdb->p_type_val_to_name[i]; in write_type_attribute_sets_to_cil()
1548 typemap = &pdb->attr_type_map[i]; in write_type_attribute_sets_to_cil()
1550 types = ebitmap_to_str(typemap, pdb->p_type_val_to_name, 1); in write_type_attribute_sets_to_cil()
1578 static int write_type_permissive_rules_to_cil(FILE *out, struct policydb *pdb) in write_type_permissive_rules_to_cil() argument
1586 rc = strs_init(&strs, pdb->p_types.nprim); in write_type_permissive_rules_to_cil()
1591 ebitmap_for_each_positive_bit(&pdb->permissive_map, node, i) { in write_type_permissive_rules_to_cil()
1592 rc = strs_add(strs, pdb->p_type_val_to_name[i-1]); in write_type_permissive_rules_to_cil()
1695 static char *avtab_node_to_str(struct policydb *pdb, avtab_key_t *key, avtab_datum_t *datum) in avtab_node_to_str() argument
1737 src = pdb->p_type_val_to_name[key->source_type - 1]; in avtab_node_to_str()
1738 tgt = pdb->p_type_val_to_name[key->target_type - 1]; in avtab_node_to_str()
1740 type = pdb->type_val_to_struct[key->source_type - 1]; in avtab_node_to_str()
1745 class = pdb->p_class_val_to_name[key->target_class - 1]; in avtab_node_to_str()
1748 perms = sepol_av_to_string(pdb, key->target_class, data); in avtab_node_to_str()
1765 new = pdb->p_type_val_to_name[data - 1]; in avtab_node_to_str()
1781 struct policydb *pdb; member
1790 struct policydb *pdb = map_args->pdb; in map_avtab_write_helper() local
1796 rule = avtab_node_to_str(pdb, key, datum); in map_avtab_write_helper()
1812 static int write_avtab_flavor_to_cil(FILE *out, struct policydb *pdb, uint32_t flavor, int indent) in write_avtab_flavor_to_cil() argument
1823 args.pdb = pdb; in write_avtab_flavor_to_cil()
1827 rc = avtab_map(&pdb->te_avtab, map_avtab_write_helper, &args); in write_avtab_flavor_to_cil()
1842 static int write_avtab_to_cil(FILE *out, struct policydb *pdb, int indent) in write_avtab_to_cil() argument
1848 rc = write_avtab_flavor_to_cil(out, pdb, avtab_flavors[i], indent); in write_avtab_to_cil()
1863 struct policydb *pdb; member
1872 struct policydb *pdb = map_args->pdb; in map_filename_trans_to_str() local
1879 tgt = pdb->p_type_val_to_name[ft->ttype - 1]; in map_filename_trans_to_str()
1880 class = pdb->p_class_val_to_name[ft->tclass - 1]; in map_filename_trans_to_str()
1883 new = pdb->p_type_val_to_name[datum->otype - 1]; in map_filename_trans_to_str()
1886 src = pdb->p_type_val_to_name[bit]; in map_filename_trans_to_str()
1900 static int write_filename_trans_rules_to_cil(FILE *out, struct policydb *pdb) in write_filename_trans_rules_to_cil() argument
1911 args.pdb = pdb; in write_filename_trans_rules_to_cil()
1914 rc = hashtab_map(pdb->filename_trans, map_filename_trans_to_str, &args); in write_filename_trans_rules_to_cil()
1933 static char *level_to_str(struct policydb *pdb, struct mls_level *level) in level_to_str() argument
1937 char *sens_str = pdb->p_sens_val_to_name[level->sens - 1]; in level_to_str()
1941 cats_str = cats_ebitmap_to_str(cats, pdb->p_cat_val_to_name); in level_to_str()
1951 static char *range_to_str(struct policydb *pdb, mls_range_t *range) in range_to_str() argument
1957 low = level_to_str(pdb, &range->level[0]); in range_to_str()
1962 high = level_to_str(pdb, &range->level[1]); in range_to_str()
1977 struct policydb *pdb; member
1986 struct policydb *pdb = map_args->pdb; in map_range_trans_to_str() local
1991 src = pdb->p_type_val_to_name[rt->source_type - 1]; in map_range_trans_to_str()
1992 tgt = pdb->p_type_val_to_name[rt->target_type - 1]; in map_range_trans_to_str()
1993 class = pdb->p_class_val_to_name[rt->target_class - 1]; in map_range_trans_to_str()
1994 range = range_to_str(pdb, mls_range); in map_range_trans_to_str()
2011 static int write_range_trans_rules_to_cil(FILE *out, struct policydb *pdb) in write_range_trans_rules_to_cil() argument
2022 args.pdb = pdb; in write_range_trans_rules_to_cil()
2025 rc = hashtab_map(pdb->range_tr, map_range_trans_to_str, &args); in write_range_trans_rules_to_cil()
2044 static int write_cond_av_list_to_cil(FILE *out, struct policydb *pdb, cond_av_list_t *cond_list, in… in write_cond_av_list_to_cil() argument
2068 rule = avtab_node_to_str(pdb, key, datum); in write_cond_av_list_to_cil()
2107 static int write_cond_nodes_to_cil(FILE *out, struct policydb *pdb) in write_cond_nodes_to_cil() argument
2115 for (cond = pdb->cond_list; cond != NULL; cond = cond->next) { in write_cond_nodes_to_cil()
2126 for (cond = pdb->cond_list; cond != NULL; cond = cond->next) { in write_cond_nodes_to_cil()
2128 expr = cond_expr_to_str(pdb, cond->expr); in write_cond_nodes_to_cil()
2148 rc = write_cond_av_list_to_cil(out, pdb, cond->true_list, 2); in write_cond_nodes_to_cil()
2159 rc = write_cond_av_list_to_cil(out, pdb, cond->false_list, 2); in write_cond_nodes_to_cil()
2184 static int write_role_decl_rules_to_cil(FILE *out, struct policydb *pdb) in write_role_decl_rules_to_cil() argument
2194 rc = strs_init(&strs, pdb->p_roles.nprim); in write_role_decl_rules_to_cil()
2199 for (i=0; i < pdb->p_roles.nprim; i++) { in write_role_decl_rules_to_cil()
2200 role = pdb->role_val_to_struct[i]; in write_role_decl_rules_to_cil()
2202 rc = strs_add(strs, pdb->p_role_val_to_name[i]); in write_role_decl_rules_to_cil()
2226 role = hashtab_search(pdb->p_roles.table, child); in write_role_decl_rules_to_cil()
2233 parent = pdb->p_role_val_to_name[role->bounds - 1]; in write_role_decl_rules_to_cil()
2243 role = hashtab_search(pdb->p_roles.table, name); in write_role_decl_rules_to_cil()
2250 rc = strs_init(&type_strs, pdb->p_types.nprim); in write_role_decl_rules_to_cil()
2254 rc = ebitmap_to_strs(types, type_strs, pdb->p_type_val_to_name); in write_role_decl_rules_to_cil()
2272 rc = strs_init(&strs, pdb->p_types.nprim); in write_role_decl_rules_to_cil()
2277 for (i=0; i < pdb->p_types.nprim; i++) { in write_role_decl_rules_to_cil()
2278 type_datum = pdb->type_val_to_struct[i]; in write_role_decl_rules_to_cil()
2280 rc = strs_add(strs, pdb->p_type_val_to_name[i]); in write_role_decl_rules_to_cil()
2309 static int write_role_transition_rules_to_cil(FILE *out, struct policydb *pdb) in write_role_transition_rules_to_cil() argument
2311 role_trans_t *curr = pdb->role_tr; in write_role_transition_rules_to_cil()
2322 role = pdb->p_role_val_to_name[curr->role - 1]; in write_role_transition_rules_to_cil()
2323 type = pdb->p_type_val_to_name[curr->type - 1]; in write_role_transition_rules_to_cil()
2324 class = pdb->p_class_val_to_name[curr->tclass - 1]; in write_role_transition_rules_to_cil()
2325 new = pdb->p_role_val_to_name[curr->new_role - 1]; in write_role_transition_rules_to_cil()
2350 static int write_role_allow_rules_to_cil(FILE *out, struct policydb *pdb) in write_role_allow_rules_to_cil() argument
2352 role_allow_t *curr = pdb->role_allow; in write_role_allow_rules_to_cil()
2363 role = pdb->p_role_val_to_name[curr->role - 1]; in write_role_allow_rules_to_cil()
2364 new = pdb->p_role_val_to_name[curr->new_role - 1]; in write_role_allow_rules_to_cil()
2388 static int write_user_decl_rules_to_cil(FILE *out, struct policydb *pdb) in write_user_decl_rules_to_cil() argument
2397 rc = strs_init(&strs, pdb->p_users.nprim); in write_user_decl_rules_to_cil()
2402 for (i=0; i < pdb->p_users.nprim; i++) { in write_user_decl_rules_to_cil()
2403 if (!pdb->p_user_val_to_name[i]) continue; in write_user_decl_rules_to_cil()
2404 rc = strs_add(strs, pdb->p_user_val_to_name[i]); in write_user_decl_rules_to_cil()
2428 user = hashtab_search(pdb->p_users.table, name); in write_user_decl_rules_to_cil()
2436 rc = strs_init(&role_strs, pdb->p_roles.nprim); in write_user_decl_rules_to_cil()
2440 rc = ebitmap_to_strs(roles, role_strs, pdb->p_role_val_to_name); in write_user_decl_rules_to_cil()
2469 user = hashtab_search(pdb->p_users.table, name); in write_user_decl_rules_to_cil()
2477 if (pdb->mls) { in write_user_decl_rules_to_cil()
2478 level = level_to_str(pdb, &user->exp_dfltlevel); in write_user_decl_rules_to_cil()
2497 user = hashtab_search(pdb->p_users.table, name); in write_user_decl_rules_to_cil()
2504 if (pdb->mls) { in write_user_decl_rules_to_cil()
2505 range = range_to_str(pdb, &user->exp_range); in write_user_decl_rules_to_cil()
2529 static char *context_to_str(struct policydb *pdb, struct context_struct *con) in context_to_str() argument
2534 user = pdb->p_user_val_to_name[con->user - 1]; in context_to_str()
2535 role = pdb->p_role_val_to_name[con->role - 1]; in context_to_str()
2536 type = pdb->p_type_val_to_name[con->type - 1]; in context_to_str()
2538 if (pdb->mls) { in context_to_str()
2539 range = range_to_str(pdb, &con->range); in context_to_str()
2554 static int write_sid_context_rules_to_cil(FILE *out, struct policydb *pdb, const char *const *sid_t… in write_sid_context_rules_to_cil() argument
2569 for (isid = pdb->ocontexts[0]; isid != NULL; isid = isid->next) { in write_sid_context_rules_to_cil()
2578 ctx = context_to_str(pdb, &isid->context[0]); in write_sid_context_rules_to_cil()
2611 static int write_selinux_isid_rules_to_cil(FILE *out, struct policydb *pdb) in write_selinux_isid_rules_to_cil() argument
2613 return write_sid_context_rules_to_cil(out, pdb, selinux_sid_to_str, in write_selinux_isid_rules_to_cil()
2617 static int write_selinux_fsuse_rules_to_cil(FILE *out, struct policydb *pdb) in write_selinux_fsuse_rules_to_cil() argument
2624 for (fsuse = pdb->ocontexts[5]; fsuse != NULL; fsuse = fsuse->next) { in write_selinux_fsuse_rules_to_cil()
2636 ctx = context_to_str(pdb, &fsuse->context[0]); in write_selinux_fsuse_rules_to_cil()
2655 static int write_genfscon_rules_to_cil(FILE *out, struct policydb *pdb) in write_genfscon_rules_to_cil() argument
2670 for (genfs = pdb->genfs; genfs != NULL; genfs = genfs->next) { in write_genfscon_rules_to_cil()
2678 const char *class_name = pdb->p_class_val_to_name[sclass-1]; in write_genfscon_rules_to_cil()
2699 ctx = context_to_str(pdb, &ocon->context[0]); in write_genfscon_rules_to_cil()
2733 static int write_selinux_port_rules_to_cil(FILE *out, struct policydb *pdb) in write_selinux_port_rules_to_cil() argument
2743 for (portcon = pdb->ocontexts[2]; portcon != NULL; portcon = portcon->next) { in write_selinux_port_rules_to_cil()
2767 ctx = context_to_str(pdb, &portcon->context[0]); in write_selinux_port_rules_to_cil()
2788 static int write_selinux_netif_rules_to_cil(FILE *out, struct policydb *pdb) in write_selinux_netif_rules_to_cil() argument
2794 for (netif = pdb->ocontexts[3]; netif != NULL; netif = netif->next) { in write_selinux_netif_rules_to_cil()
2796 ctx1 = context_to_str(pdb, &netif->context[0]); in write_selinux_netif_rules_to_cil()
2801 ctx2 = context_to_str(pdb, &netif->context[1]); in write_selinux_netif_rules_to_cil()
2822 static int write_selinux_node_rules_to_cil(FILE *out, struct policydb *pdb) in write_selinux_node_rules_to_cil() argument
2830 for (node = pdb->ocontexts[4]; node != NULL; node = node->next) { in write_selinux_node_rules_to_cil()
2843 ctx = context_to_str(pdb, &node->context[0]); in write_selinux_node_rules_to_cil()
2862 static int write_selinux_node6_rules_to_cil(FILE *out, struct policydb *pdb) in write_selinux_node6_rules_to_cil() argument
2870 for (node = pdb->ocontexts[6]; node != NULL; node = node->next) { in write_selinux_node6_rules_to_cil()
2883 ctx = context_to_str(pdb, &node->context[0]); in write_selinux_node6_rules_to_cil()
2902 static int write_selinux_ibpkey_rules_to_cil(FILE *out, struct policydb *pdb) in write_selinux_ibpkey_rules_to_cil() argument
2913 for (ibpkeycon = pdb->ocontexts[OCON_IBPKEY]; ibpkeycon != NULL; in write_selinux_ibpkey_rules_to_cil()
2937 ctx = context_to_str(pdb, &ibpkeycon->context[0]); in write_selinux_ibpkey_rules_to_cil()
2958 static int write_selinux_ibendport_rules_to_cil(FILE *out, struct policydb *pdb) in write_selinux_ibendport_rules_to_cil() argument
2965 for (ibendportcon = pdb->ocontexts[OCON_IBENDPORT]; in write_selinux_ibendport_rules_to_cil()
2973 ctx = context_to_str(pdb, &ibendportcon->context[0]); in write_selinux_ibendport_rules_to_cil()
2995 static int write_xen_isid_rules_to_cil(FILE *out, struct policydb *pdb) in write_xen_isid_rules_to_cil() argument
2997 return write_sid_context_rules_to_cil(out, pdb, xen_sid_to_str, XEN_SID_SZ); in write_xen_isid_rules_to_cil()
3000 static int write_xen_pirq_rules_to_cil(FILE *out, struct policydb *pdb) in write_xen_pirq_rules_to_cil() argument
3007 for (pirq = pdb->ocontexts[1]; pirq != NULL; pirq = pirq->next) { in write_xen_pirq_rules_to_cil()
3014 ctx = context_to_str(pdb, &pirq->context[0]); in write_xen_pirq_rules_to_cil()
3035 static int write_xen_ioport_rules_to_cil(FILE *out, struct policydb *pdb) in write_xen_ioport_rules_to_cil() argument
3044 for (ioport = pdb->ocontexts[2]; ioport != NULL; ioport = ioport->next) { in write_xen_ioport_rules_to_cil()
3057 ctx = context_to_str(pdb, &ioport->context[0]); in write_xen_ioport_rules_to_cil()
3078 static int write_xen_iomem_rules_to_cil(FILE *out, struct policydb *pdb) in write_xen_iomem_rules_to_cil() argument
3087 for (iomem = pdb->ocontexts[3]; iomem != NULL; iomem = iomem->next) { in write_xen_iomem_rules_to_cil()
3100 ctx = context_to_str(pdb, &iomem->context[0]); in write_xen_iomem_rules_to_cil()
3121 static int write_xen_pcidevice_rules_to_cil(FILE *out, struct policydb *pdb) in write_xen_pcidevice_rules_to_cil() argument
3128 for (pcid = pdb->ocontexts[4]; pcid != NULL; pcid = pcid->next) { in write_xen_pcidevice_rules_to_cil()
3135 ctx = context_to_str(pdb, &pcid->context[0]); in write_xen_pcidevice_rules_to_cil()
3156 static int write_xen_devicetree_rules_to_cil(FILE *out, struct policydb *pdb) in write_xen_devicetree_rules_to_cil() argument
3162 for (dtree = pdb->ocontexts[5]; dtree != NULL; dtree = dtree->next) { in write_xen_devicetree_rules_to_cil()
3164 ctx = context_to_str(pdb, &dtree->context[0]); in write_xen_devicetree_rules_to_cil()
3183 int sepol_kernel_policydb_to_cil(FILE *out, struct policydb *pdb) in sepol_kernel_policydb_to_cil() argument
3211 if (pdb == NULL) { in sepol_kernel_policydb_to_cil()
3217 if (pdb->policy_type != SEPOL_POLICY_KERN) { in sepol_kernel_policydb_to_cil()
3223 if (pdb->policyvers >= POLICYDB_VERSION_AVTAB && pdb->policyvers <= POLICYDB_VERSION_PERMISSIVE) { in sepol_kernel_policydb_to_cil()
3235 rc = constraint_rules_to_strs(pdb, mls_constraints, non_mls_constraints); in sepol_kernel_policydb_to_cil()
3240 rc = validatetrans_rules_to_strs(pdb, mls_validatetrans, non_mls_validatetrans); in sepol_kernel_policydb_to_cil()
3245 rc = write_handle_unknown_to_cil(out, pdb); in sepol_kernel_policydb_to_cil()
3250 rc = write_class_decl_rules_to_cil(out, pdb); in sepol_kernel_policydb_to_cil()
3255 rc = write_sid_decl_rules_to_cil(out, pdb); in sepol_kernel_policydb_to_cil()
3260 rc = write_default_rules_to_cil(out, pdb); in sepol_kernel_policydb_to_cil()
3265 rc = write_mls_rules_to_cil(out, pdb); in sepol_kernel_policydb_to_cil()
3273 rc = write_polcap_rules_to_cil(out, pdb); in sepol_kernel_policydb_to_cil()
3278 rc = write_type_attributes_to_cil(out, pdb); in sepol_kernel_policydb_to_cil()
3283 rc = write_role_attributes_to_cil(out, pdb); in sepol_kernel_policydb_to_cil()
3288 rc = write_boolean_decl_rules_to_cil(out, pdb); in sepol_kernel_policydb_to_cil()
3293 rc = write_type_decl_rules_to_cil(out, pdb); in sepol_kernel_policydb_to_cil()
3298 rc = write_type_alias_rules_to_cil(out, pdb); in sepol_kernel_policydb_to_cil()
3303 rc = write_type_bounds_rules_to_cil(out, pdb); in sepol_kernel_policydb_to_cil()
3308 rc = write_type_attribute_sets_to_cil(out, pdb); in sepol_kernel_policydb_to_cil()
3313 rc = write_type_permissive_rules_to_cil(out, pdb); in sepol_kernel_policydb_to_cil()
3318 rc = write_avtab_to_cil(out, pdb, 0); in sepol_kernel_policydb_to_cil()
3323 rc = write_filename_trans_rules_to_cil(out, pdb); in sepol_kernel_policydb_to_cil()
3328 if (pdb->mls) { in sepol_kernel_policydb_to_cil()
3329 rc = write_range_trans_rules_to_cil(out, pdb); in sepol_kernel_policydb_to_cil()
3335 rc = write_cond_nodes_to_cil(out, pdb); in sepol_kernel_policydb_to_cil()
3340 rc = write_role_decl_rules_to_cil(out, pdb); in sepol_kernel_policydb_to_cil()
3345 rc = write_role_transition_rules_to_cil(out, pdb); in sepol_kernel_policydb_to_cil()
3350 rc = write_role_allow_rules_to_cil(out, pdb); in sepol_kernel_policydb_to_cil()
3355 rc = write_user_decl_rules_to_cil(out, pdb); in sepol_kernel_policydb_to_cil()
3363 rc = sort_ocontexts(pdb); in sepol_kernel_policydb_to_cil()
3368 if (pdb->target_platform == SEPOL_TARGET_SELINUX) { in sepol_kernel_policydb_to_cil()
3369 rc = write_selinux_isid_rules_to_cil(out, pdb); in sepol_kernel_policydb_to_cil()
3374 rc = write_selinux_fsuse_rules_to_cil(out, pdb); in sepol_kernel_policydb_to_cil()
3379 rc = write_genfscon_rules_to_cil(out, pdb); in sepol_kernel_policydb_to_cil()
3384 rc = write_selinux_port_rules_to_cil(out, pdb); in sepol_kernel_policydb_to_cil()
3389 rc = write_selinux_netif_rules_to_cil(out, pdb); in sepol_kernel_policydb_to_cil()
3394 rc = write_selinux_node_rules_to_cil(out, pdb); in sepol_kernel_policydb_to_cil()
3399 rc = write_selinux_node6_rules_to_cil(out, pdb); in sepol_kernel_policydb_to_cil()
3404 rc = write_selinux_ibpkey_rules_to_cil(out, pdb); in sepol_kernel_policydb_to_cil()
3409 rc = write_selinux_ibendport_rules_to_cil(out, pdb); in sepol_kernel_policydb_to_cil()
3413 } else if (pdb->target_platform == SEPOL_TARGET_XEN) { in sepol_kernel_policydb_to_cil()
3414 rc = write_xen_isid_rules_to_cil(out, pdb); in sepol_kernel_policydb_to_cil()
3419 rc = write_xen_pirq_rules_to_cil(out, pdb); in sepol_kernel_policydb_to_cil()
3424 rc = write_xen_ioport_rules_to_cil(out, pdb); in sepol_kernel_policydb_to_cil()
3429 rc = write_xen_iomem_rules_to_cil(out, pdb); in sepol_kernel_policydb_to_cil()
3434 rc = write_xen_pcidevice_rules_to_cil(out, pdb); in sepol_kernel_policydb_to_cil()
3439 rc = write_xen_devicetree_rules_to_cil(out, pdb); in sepol_kernel_policydb_to_cil()