• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 #include <stdio.h>
2 #include <stdarg.h>
3 #include <sys/types.h>
4 
5 #include <sepol/policydb/avtab.h>
6 #include <sepol/policydb/policydb.h>
7 
8 
9 #define STACK_SIZE 16
10 #define DEFAULT_LEVEL "systemlow"
11 #define DEFAULT_OBJECT "object_r"
12 
13 // initial sid names aren't actually stored in the pp files, need to a have
14 // a mapping, taken from the linux kernel
15 static const char * const selinux_sid_to_str[] = {
16 	"null",
17 	"kernel",
18 	"security",
19 	"unlabeled",
20 	"fs",
21 	"file",
22 	"file_labels",
23 	"init",
24 	"any_socket",
25 	"port",
26 	"netif",
27 	"netmsg",
28 	"node",
29 	"igmp_packet",
30 	"icmp_socket",
31 	"tcp_socket",
32 	"sysctl_modprobe",
33 	"sysctl",
34 	"sysctl_fs",
35 	"sysctl_kernel",
36 	"sysctl_net",
37 	"sysctl_net_unix",
38 	"sysctl_vm",
39 	"sysctl_dev",
40 	"kmod",
41 	"policy",
42 	"scmp_packet",
43 	"devnull",
44 };
45 
46 #define SELINUX_SID_SZ (sizeof(selinux_sid_to_str)/sizeof(selinux_sid_to_str[0]))
47 
48 static const char * const xen_sid_to_str[] = {
49 	"null",
50 	"xen",
51 	"dom0",
52 	"domio",
53 	"domxen",
54 	"unlabeled",
55 	"security",
56 	"ioport",
57 	"iomem",
58 	"irq",
59 	"device",
60 	"domU",
61 	"domDM",
62 };
63 
64 #define XEN_SID_SZ (sizeof(xen_sid_to_str)/sizeof(xen_sid_to_str[0]))
65 
66 static const uint32_t avtab_flavors[] = {
67 	AVTAB_ALLOWED,
68 	AVTAB_AUDITALLOW,
69 	AVTAB_AUDITDENY,
70 	AVTAB_XPERMS_ALLOWED,
71 	AVTAB_XPERMS_AUDITALLOW,
72 	AVTAB_XPERMS_DONTAUDIT,
73 	AVTAB_TRANSITION,
74 	AVTAB_MEMBER,
75 	AVTAB_CHANGE,
76 };
77 
78 #define AVTAB_FLAVORS_SZ (sizeof(avtab_flavors)/sizeof(avtab_flavors[0]))
79 
80 struct strs {
81 	char **list;
82 	unsigned num;
83 	size_t size;
84 };
85 
86 __attribute__ ((format(printf, 1, 2)))
87 void sepol_log_err(const char *fmt, ...);
88 void sepol_indent(FILE *out, int indent);
89 __attribute__ ((format(printf, 2, 3)))
90 void sepol_printf(FILE *out, const char *fmt, ...);
91 
92 __attribute__ ((format(printf, 1, 3)))
93 char *create_str(const char *fmt, int num, ...);
94 
95 int strs_init(struct strs **strs, size_t size);
96 void strs_destroy(struct strs **strs);
97 void strs_free_all(struct strs *strs);
98 int strs_add(struct strs *strs, char *s);
99 __attribute__ ((format(printf, 2, 4)))
100 int strs_create_and_add(struct strs *strs, const char *fmt, int num, ...);
101 char *strs_remove_last(struct strs *strs);
102 int strs_add_at_index(struct strs *strs, char *s, size_t index);
103 char *strs_read_at_index(struct strs *strs, size_t index);
104 void strs_sort(struct strs *strs);
105 unsigned strs_num_items(const struct strs *strs);
106 size_t strs_len_items(const struct strs *strs);
107 char *strs_to_str(const struct strs *strs);
108 void strs_write_each(const struct strs *strs, FILE *out);
109 void strs_write_each_indented(const struct strs *strs, FILE *out, int indent);
110 int hashtab_ordered_to_strs(char *key, void *data, void *args);
111 int ebitmap_to_strs(const struct ebitmap *map, struct strs *strs, char **val_to_name);
112 char *ebitmap_to_str(const struct ebitmap *map, char **val_to_name, int sort);
113 
114 int strs_stack_init(struct strs **stack);
115 void strs_stack_destroy(struct strs **stack);
116 int strs_stack_push(struct strs *stack, char *s);
117 char *strs_stack_pop(struct strs *stack);
118 int strs_stack_empty(const struct strs *stack);
119 
120 int sort_ocontexts(struct policydb *pdb);
121