1
2 /* Author : Stephen Smalley, <sds@epoch.ncsc.mil> */
3
4 /*
5 * Updated: Trusted Computer Solutions, Inc. <dgoeddel@trustedcs.com>
6 *
7 * Support for enhanced MLS infrastructure.
8 *
9 * Updated: Frank Mayer <mayerf@tresys.com> and Karl MacMillan <kmacmillan@tresys.com>
10 *
11 * Added conditional policy language extensions
12 *
13 * Updated: Joshua Brindle <jbrindle@tresys.com> and Jason Tang <jtang@tresys.org>
14 *
15 * Module writing support
16 *
17 * Copyright (C) 2004-2005 Trusted Computer Solutions, Inc.
18 * Copyright (C) 2003-2005 Tresys Technology, LLC
19 *
20 * This library is free software; you can redistribute it and/or
21 * modify it under the terms of the GNU Lesser General Public
22 * License as published by the Free Software Foundation; either
23 * version 2.1 of the License, or (at your option) any later version.
24 *
25 * This library is distributed in the hope that it will be useful,
26 * but WITHOUT ANY WARRANTY; without even the implied warranty of
27 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
28 * Lesser General Public License for more details.
29 *
30 * You should have received a copy of the GNU Lesser General Public
31 * License along with this library; if not, write to the Free Software
32 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
33 */
34 #include <assert.h>
35 #include <stdlib.h>
36
37 #include <sepol/policydb/ebitmap.h>
38 #include <sepol/policydb/avtab.h>
39 #include <sepol/policydb/policydb.h>
40 #include <sepol/policydb/conditional.h>
41 #include <sepol/policydb/expand.h>
42 #include <sepol/policydb/flask.h>
43
44 #include "debug.h"
45 #include "private.h"
46 #include "mls.h"
47
48 struct policy_data {
49 struct policy_file *fp;
50 struct policydb *p;
51 };
52
53 static int avrule_write_list(avrule_t * avrules, struct policy_file *fp);
54
ebitmap_write(ebitmap_t * e,struct policy_file * fp)55 static int ebitmap_write(ebitmap_t * e, struct policy_file *fp)
56 {
57 ebitmap_node_t *n;
58 uint32_t buf[32], bit, count;
59 uint64_t map;
60 size_t items;
61
62 buf[0] = cpu_to_le32(MAPSIZE);
63 buf[1] = cpu_to_le32(e->highbit);
64
65 count = 0;
66 for (n = e->node; n; n = n->next)
67 count++;
68 buf[2] = cpu_to_le32(count);
69
70 items = put_entry(buf, sizeof(uint32_t), 3, fp);
71 if (items != 3)
72 return POLICYDB_ERROR;
73
74 for (n = e->node; n; n = n->next) {
75 bit = cpu_to_le32(n->startbit);
76 items = put_entry(&bit, sizeof(uint32_t), 1, fp);
77 if (items != 1)
78 return POLICYDB_ERROR;
79 map = cpu_to_le64(n->map);
80 items = put_entry(&map, sizeof(uint64_t), 1, fp);
81 if (items != 1)
82 return POLICYDB_ERROR;
83
84 }
85
86 return POLICYDB_SUCCESS;
87 }
88
89 /* Ordering of datums in the original avtab format in the policy file. */
90 static uint16_t spec_order[] = {
91 AVTAB_ALLOWED,
92 AVTAB_AUDITDENY,
93 AVTAB_AUDITALLOW,
94 AVTAB_TRANSITION,
95 AVTAB_CHANGE,
96 AVTAB_MEMBER
97 };
98
avtab_write_item(policydb_t * p,avtab_ptr_t cur,struct policy_file * fp,unsigned merge,unsigned commit,uint32_t * nel)99 static int avtab_write_item(policydb_t * p,
100 avtab_ptr_t cur, struct policy_file *fp,
101 unsigned merge, unsigned commit, uint32_t * nel)
102 {
103 avtab_ptr_t node;
104 uint16_t buf16[4];
105 uint32_t buf32[10], lookup, val;
106 size_t items, items2;
107 unsigned set;
108 unsigned int oldvers = (p->policy_type == POLICY_KERN
109 && p->policyvers < POLICYDB_VERSION_AVTAB);
110 unsigned int i;
111
112 if (oldvers) {
113 /* Generate the old avtab format.
114 Requires merging similar entries if uncond avtab. */
115 if (merge) {
116 if (cur->merged)
117 return POLICYDB_SUCCESS; /* already merged by prior merge */
118 }
119
120 items = 1; /* item 0 is used for the item count */
121 val = cur->key.source_type;
122 buf32[items++] = cpu_to_le32(val);
123 val = cur->key.target_type;
124 buf32[items++] = cpu_to_le32(val);
125 val = cur->key.target_class;
126 buf32[items++] = cpu_to_le32(val);
127
128 val = cur->key.specified & ~AVTAB_ENABLED;
129 if (cur->key.specified & AVTAB_ENABLED)
130 val |= AVTAB_ENABLED_OLD;
131 set = 1;
132
133 if (merge) {
134 /* Merge specifier values for all similar (av or type)
135 entries that have the same key. */
136 if (val & AVTAB_AV)
137 lookup = AVTAB_AV;
138 else if (val & AVTAB_TYPE)
139 lookup = AVTAB_TYPE;
140 else
141 return POLICYDB_ERROR;
142 for (node = avtab_search_node_next(cur, lookup);
143 node;
144 node = avtab_search_node_next(node, lookup)) {
145 val |= (node->key.specified & ~AVTAB_ENABLED);
146 set++;
147 if (node->key.specified & AVTAB_ENABLED)
148 val |= AVTAB_ENABLED_OLD;
149 }
150 }
151
152 if (!(val & (AVTAB_AV | AVTAB_TYPE))) {
153 ERR(fp->handle, "null entry");
154 return POLICYDB_ERROR;
155 }
156 if ((val & AVTAB_AV) && (val & AVTAB_TYPE)) {
157 ERR(fp->handle, "entry has both access "
158 "vectors and types");
159 return POLICYDB_ERROR;
160 }
161
162 buf32[items++] = cpu_to_le32(val);
163
164 if (merge) {
165 /* Include datums for all similar (av or type)
166 entries that have the same key. */
167 for (i = 0;
168 i < (sizeof(spec_order) / sizeof(spec_order[0]));
169 i++) {
170 if (val & spec_order[i]) {
171 if (cur->key.specified & spec_order[i])
172 node = cur;
173 else {
174 node =
175 avtab_search_node_next(cur,
176 spec_order
177 [i]);
178 if (nel)
179 (*nel)--; /* one less node */
180 }
181
182 if (!node) {
183 ERR(fp->handle, "missing node");
184 return POLICYDB_ERROR;
185 }
186 buf32[items++] =
187 cpu_to_le32(node->datum.data);
188 set--;
189 node->merged = 1;
190 }
191 }
192 } else {
193 buf32[items++] = cpu_to_le32(cur->datum.data);
194 cur->merged = 1;
195 set--;
196 }
197
198 if (set) {
199 ERR(fp->handle, "data count wrong");
200 return POLICYDB_ERROR;
201 }
202
203 buf32[0] = cpu_to_le32(items - 1);
204
205 if (commit) {
206 /* Commit this item to the policy file. */
207 items2 = put_entry(buf32, sizeof(uint32_t), items, fp);
208 if (items != items2)
209 return POLICYDB_ERROR;
210 }
211
212 return POLICYDB_SUCCESS;
213 }
214
215 /* Generate the new avtab format. */
216 buf16[0] = cpu_to_le16(cur->key.source_type);
217 buf16[1] = cpu_to_le16(cur->key.target_type);
218 buf16[2] = cpu_to_le16(cur->key.target_class);
219 buf16[3] = cpu_to_le16(cur->key.specified);
220 items = put_entry(buf16, sizeof(uint16_t), 4, fp);
221 if (items != 4)
222 return POLICYDB_ERROR;
223 buf32[0] = cpu_to_le32(cur->datum.data);
224 items = put_entry(buf32, sizeof(uint32_t), 1, fp);
225 if (items != 1)
226 return POLICYDB_ERROR;
227 return POLICYDB_SUCCESS;
228 }
229
avtab_reset_merged(avtab_t * a)230 static inline void avtab_reset_merged(avtab_t * a)
231 {
232 unsigned int i;
233 avtab_ptr_t cur;
234 for (i = 0; i < a->nslot; i++) {
235 for (cur = a->htable[i]; cur; cur = cur->next)
236 cur->merged = 0;
237 }
238 }
239
avtab_write(struct policydb * p,avtab_t * a,struct policy_file * fp)240 static int avtab_write(struct policydb *p, avtab_t * a, struct policy_file *fp)
241 {
242 unsigned int i;
243 int rc;
244 avtab_t expa;
245 avtab_ptr_t cur;
246 uint32_t nel;
247 size_t items;
248 unsigned int oldvers = (p->policy_type == POLICY_KERN
249 && p->policyvers < POLICYDB_VERSION_AVTAB);
250
251 if (oldvers) {
252 /* Old avtab format.
253 First, we need to expand attributes. Then, we need to
254 merge similar entries, so we need to track merged nodes
255 and compute the final nel. */
256 if (avtab_init(&expa))
257 return POLICYDB_ERROR;
258 if (expand_avtab(p, a, &expa)) {
259 rc = -1;
260 goto out;
261 }
262 a = &expa;
263 avtab_reset_merged(a);
264 nel = a->nel;
265 } else {
266 /* New avtab format. nel is good to go. */
267 nel = cpu_to_le32(a->nel);
268 items = put_entry(&nel, sizeof(uint32_t), 1, fp);
269 if (items != 1)
270 return POLICYDB_ERROR;
271 }
272
273 for (i = 0; i < a->nslot; i++) {
274 for (cur = a->htable[i]; cur; cur = cur->next) {
275 /* If old format, compute final nel.
276 If new format, write out the items. */
277 if (avtab_write_item(p, cur, fp, 1, !oldvers, &nel)) {
278 rc = -1;
279 goto out;
280 }
281 }
282 }
283
284 if (oldvers) {
285 /* Old avtab format.
286 Write the computed nel value, then write the items. */
287 nel = cpu_to_le32(nel);
288 items = put_entry(&nel, sizeof(uint32_t), 1, fp);
289 if (items != 1) {
290 rc = -1;
291 goto out;
292 }
293 avtab_reset_merged(a);
294 for (i = 0; i < a->nslot; i++) {
295 for (cur = a->htable[i]; cur; cur = cur->next) {
296 if (avtab_write_item(p, cur, fp, 1, 1, NULL)) {
297 rc = -1;
298 goto out;
299 }
300 }
301 }
302 }
303
304 rc = 0;
305 out:
306 if (oldvers)
307 avtab_destroy(&expa);
308 return rc;
309 }
310
311 /*
312 * Write a semantic MLS level structure to a policydb binary
313 * representation file.
314 */
mls_write_semantic_level_helper(mls_semantic_level_t * l,struct policy_file * fp)315 static int mls_write_semantic_level_helper(mls_semantic_level_t * l,
316 struct policy_file *fp)
317 {
318 uint32_t buf[2], ncat = 0;
319 size_t items;
320 mls_semantic_cat_t *cat;
321
322 for (cat = l->cat; cat; cat = cat->next)
323 ncat++;
324
325 buf[0] = cpu_to_le32(l->sens);
326 buf[1] = cpu_to_le32(ncat);
327 items = put_entry(buf, sizeof(uint32_t), 2, fp);
328 if (items != 2)
329 return POLICYDB_ERROR;
330
331 for (cat = l->cat; cat; cat = cat->next) {
332 buf[0] = cpu_to_le32(cat->low);
333 buf[1] = cpu_to_le32(cat->high);
334 items = put_entry(buf, sizeof(uint32_t), 2, fp);
335 if (items != 2)
336 return POLICYDB_ERROR;
337 }
338
339 return POLICYDB_SUCCESS;
340 }
341
342 /*
343 * Read a semantic MLS range structure to a policydb binary
344 * representation file.
345 */
mls_write_semantic_range_helper(mls_semantic_range_t * r,struct policy_file * fp)346 static int mls_write_semantic_range_helper(mls_semantic_range_t * r,
347 struct policy_file *fp)
348 {
349 int rc;
350
351 rc = mls_write_semantic_level_helper(&r->level[0], fp);
352 if (rc)
353 return rc;
354
355 rc = mls_write_semantic_level_helper(&r->level[1], fp);
356
357 return rc;
358 }
359
360 /*
361 * Write a MLS level structure to a policydb binary
362 * representation file.
363 */
mls_write_level(mls_level_t * l,struct policy_file * fp)364 static int mls_write_level(mls_level_t * l, struct policy_file *fp)
365 {
366 uint32_t sens;
367 size_t items;
368
369 sens = cpu_to_le32(l->sens);
370 items = put_entry(&sens, sizeof(uint32_t), 1, fp);
371 if (items != 1)
372 return POLICYDB_ERROR;
373
374 if (ebitmap_write(&l->cat, fp))
375 return POLICYDB_ERROR;
376
377 return POLICYDB_SUCCESS;
378 }
379
380 /*
381 * Write a MLS range structure to a policydb binary
382 * representation file.
383 */
mls_write_range_helper(mls_range_t * r,struct policy_file * fp)384 static int mls_write_range_helper(mls_range_t * r, struct policy_file *fp)
385 {
386 uint32_t buf[3];
387 size_t items, items2;
388 int eq;
389
390 eq = mls_level_eq(&r->level[1], &r->level[0]);
391
392 items = 1; /* item 0 is used for the item count */
393 buf[items++] = cpu_to_le32(r->level[0].sens);
394 if (!eq)
395 buf[items++] = cpu_to_le32(r->level[1].sens);
396 buf[0] = cpu_to_le32(items - 1);
397
398 items2 = put_entry(buf, sizeof(uint32_t), items, fp);
399 if (items2 != items)
400 return POLICYDB_ERROR;
401
402 if (ebitmap_write(&r->level[0].cat, fp))
403 return POLICYDB_ERROR;
404 if (!eq)
405 if (ebitmap_write(&r->level[1].cat, fp))
406 return POLICYDB_ERROR;
407
408 return POLICYDB_SUCCESS;
409 }
410
sens_write(hashtab_key_t key,hashtab_datum_t datum,void * ptr)411 static int sens_write(hashtab_key_t key, hashtab_datum_t datum, void *ptr)
412 {
413 level_datum_t *levdatum;
414 uint32_t buf[32];
415 size_t items, items2, len;
416 struct policy_data *pd = ptr;
417 struct policy_file *fp = pd->fp;
418
419 levdatum = (level_datum_t *) datum;
420
421 len = strlen(key);
422 items = 0;
423 buf[items++] = cpu_to_le32(len);
424 buf[items++] = cpu_to_le32(levdatum->isalias);
425 items2 = put_entry(buf, sizeof(uint32_t), items, fp);
426 if (items != items2)
427 return POLICYDB_ERROR;
428
429 items = put_entry(key, 1, len, fp);
430 if (items != len)
431 return POLICYDB_ERROR;
432
433 if (mls_write_level(levdatum->level, fp))
434 return POLICYDB_ERROR;
435
436 return POLICYDB_SUCCESS;
437 }
438
cat_write(hashtab_key_t key,hashtab_datum_t datum,void * ptr)439 static int cat_write(hashtab_key_t key, hashtab_datum_t datum, void *ptr)
440 {
441 cat_datum_t *catdatum;
442 uint32_t buf[32];
443 size_t items, items2, len;
444 struct policy_data *pd = ptr;
445 struct policy_file *fp = pd->fp;
446
447 catdatum = (cat_datum_t *) datum;
448
449 len = strlen(key);
450 items = 0;
451 buf[items++] = cpu_to_le32(len);
452 buf[items++] = cpu_to_le32(catdatum->s.value);
453 buf[items++] = cpu_to_le32(catdatum->isalias);
454 items2 = put_entry(buf, sizeof(uint32_t), items, fp);
455 if (items != items2)
456 return POLICYDB_ERROR;
457
458 items = put_entry(key, 1, len, fp);
459 if (items != len)
460 return POLICYDB_ERROR;
461
462 return POLICYDB_SUCCESS;
463 }
464
role_trans_write(policydb_t * p,struct policy_file * fp)465 static int role_trans_write(policydb_t *p, struct policy_file *fp)
466 {
467 role_trans_t *r = p->role_tr;
468 role_trans_t *tr;
469 uint32_t buf[3];
470 size_t nel, items;
471 int new_roletr = (p->policy_type == POLICY_KERN &&
472 p->policyvers >= POLICYDB_VERSION_ROLETRANS);
473 int warning_issued = 0;
474
475 nel = 0;
476 for (tr = r; tr; tr = tr->next)
477 if(new_roletr || tr->tclass == SECCLASS_PROCESS)
478 nel++;
479
480 buf[0] = cpu_to_le32(nel);
481 items = put_entry(buf, sizeof(uint32_t), 1, fp);
482 if (items != 1)
483 return POLICYDB_ERROR;
484 for (tr = r; tr; tr = tr->next) {
485 if (!new_roletr && tr->tclass != SECCLASS_PROCESS) {
486 if (!warning_issued)
487 WARN(fp->handle, "Discarding role_transition "
488 "rules for security classes other than "
489 "\"process\"");
490 warning_issued = 1;
491 continue;
492 }
493 buf[0] = cpu_to_le32(tr->role);
494 buf[1] = cpu_to_le32(tr->type);
495 buf[2] = cpu_to_le32(tr->new_role);
496 items = put_entry(buf, sizeof(uint32_t), 3, fp);
497 if (items != 3)
498 return POLICYDB_ERROR;
499 if (new_roletr) {
500 buf[0] = cpu_to_le32(tr->tclass);
501 items = put_entry(buf, sizeof(uint32_t), 1, fp);
502 if (items != 1)
503 return POLICYDB_ERROR;
504 }
505 }
506
507 return POLICYDB_SUCCESS;
508 }
509
role_allow_write(role_allow_t * r,struct policy_file * fp)510 static int role_allow_write(role_allow_t * r, struct policy_file *fp)
511 {
512 role_allow_t *ra;
513 uint32_t buf[2];
514 size_t nel, items;
515
516 nel = 0;
517 for (ra = r; ra; ra = ra->next)
518 nel++;
519 buf[0] = cpu_to_le32(nel);
520 items = put_entry(buf, sizeof(uint32_t), 1, fp);
521 if (items != 1)
522 return POLICYDB_ERROR;
523 for (ra = r; ra; ra = ra->next) {
524 buf[0] = cpu_to_le32(ra->role);
525 buf[1] = cpu_to_le32(ra->new_role);
526 items = put_entry(buf, sizeof(uint32_t), 2, fp);
527 if (items != 2)
528 return POLICYDB_ERROR;
529 }
530 return POLICYDB_SUCCESS;
531 }
532
filename_trans_write(filename_trans_t * r,struct policy_file * fp)533 static int filename_trans_write(filename_trans_t * r, struct policy_file *fp)
534 {
535 filename_trans_t *ft;
536 uint32_t buf[4];
537 size_t nel, items, len;
538
539 nel = 0;
540 for (ft = r; ft; ft = ft->next)
541 nel++;
542 buf[0] = cpu_to_le32(nel);
543 items = put_entry(buf, sizeof(uint32_t), 1, fp);
544 if (items != 1)
545 return POLICYDB_ERROR;
546 for (ft = r; ft; ft = ft->next) {
547 len = strlen(ft->name);
548 buf[0] = cpu_to_le32(len);
549 items = put_entry(buf, sizeof(uint32_t), 1, fp);
550 if (items != 1)
551 return POLICYDB_ERROR;
552
553 items = put_entry(ft->name, sizeof(char), len, fp);
554 if (items != len)
555 return POLICYDB_ERROR;
556
557 buf[0] = cpu_to_le32(ft->stype);
558 buf[1] = cpu_to_le32(ft->ttype);
559 buf[2] = cpu_to_le32(ft->tclass);
560 buf[3] = cpu_to_le32(ft->otype);
561 items = put_entry(buf, sizeof(uint32_t), 4, fp);
562 if (items != 4)
563 return POLICYDB_ERROR;
564 }
565
566 return POLICYDB_SUCCESS;
567 }
568
role_set_write(role_set_t * x,struct policy_file * fp)569 static int role_set_write(role_set_t * x, struct policy_file *fp)
570 {
571 size_t items;
572 uint32_t buf[1];
573
574 if (ebitmap_write(&x->roles, fp))
575 return POLICYDB_ERROR;
576
577 buf[0] = cpu_to_le32(x->flags);
578 items = put_entry(buf, sizeof(uint32_t), 1, fp);
579 if (items != 1)
580 return POLICYDB_ERROR;
581
582 return POLICYDB_SUCCESS;
583 }
584
type_set_write(type_set_t * x,struct policy_file * fp)585 static int type_set_write(type_set_t * x, struct policy_file *fp)
586 {
587 size_t items;
588 uint32_t buf[1];
589
590 if (ebitmap_write(&x->types, fp))
591 return POLICYDB_ERROR;
592 if (ebitmap_write(&x->negset, fp))
593 return POLICYDB_ERROR;
594
595 buf[0] = cpu_to_le32(x->flags);
596 items = put_entry(buf, sizeof(uint32_t), 1, fp);
597 if (items != 1)
598 return POLICYDB_ERROR;
599
600 return POLICYDB_SUCCESS;
601 }
602
cond_write_bool(hashtab_key_t key,hashtab_datum_t datum,void * ptr)603 static int cond_write_bool(hashtab_key_t key, hashtab_datum_t datum, void *ptr)
604 {
605 cond_bool_datum_t *booldatum;
606 uint32_t buf[3], len;
607 unsigned int items, items2;
608 struct policy_data *pd = ptr;
609 struct policy_file *fp = pd->fp;
610 struct policydb *p = pd->p;
611
612 booldatum = (cond_bool_datum_t *) datum;
613
614 len = strlen(key);
615 items = 0;
616 buf[items++] = cpu_to_le32(booldatum->s.value);
617 buf[items++] = cpu_to_le32(booldatum->state);
618 buf[items++] = cpu_to_le32(len);
619 items2 = put_entry(buf, sizeof(uint32_t), items, fp);
620 if (items != items2)
621 return POLICYDB_ERROR;
622 items = put_entry(key, 1, len, fp);
623 if (items != len)
624 return POLICYDB_ERROR;
625
626 if (p->policy_type != POLICY_KERN &&
627 p->policyvers >= MOD_POLICYDB_VERSION_TUNABLE_SEP) {
628 buf[0] = cpu_to_le32(booldatum->flags);
629 items = put_entry(buf, sizeof(uint32_t), 1, fp);
630 if (items != 1)
631 return POLICYDB_ERROR;
632 }
633
634 return POLICYDB_SUCCESS;
635 }
636
637 /*
638 * cond_write_cond_av_list doesn't write out the av_list nodes.
639 * Instead it writes out the key/value pairs from the avtab. This
640 * is necessary because there is no way to uniquely identifying rules
641 * in the avtab so it is not possible to associate individual rules
642 * in the avtab with a conditional without saving them as part of
643 * the conditional. This means that the avtab with the conditional
644 * rules will not be saved but will be rebuilt on policy load.
645 */
cond_write_av_list(policydb_t * p,cond_av_list_t * list,struct policy_file * fp)646 static int cond_write_av_list(policydb_t * p,
647 cond_av_list_t * list, struct policy_file *fp)
648 {
649 uint32_t buf[4];
650 cond_av_list_t *cur_list, *new_list = NULL;
651 avtab_t expa;
652 uint32_t len, items;
653 unsigned int oldvers = (p->policy_type == POLICY_KERN
654 && p->policyvers < POLICYDB_VERSION_AVTAB);
655 int rc = -1;
656
657 if (oldvers) {
658 if (avtab_init(&expa))
659 return POLICYDB_ERROR;
660 if (expand_cond_av_list(p, list, &new_list, &expa))
661 goto out;
662 list = new_list;
663 }
664
665 len = 0;
666 for (cur_list = list; cur_list != NULL; cur_list = cur_list->next) {
667 if (cur_list->node->parse_context)
668 len++;
669 }
670
671 buf[0] = cpu_to_le32(len);
672 items = put_entry(buf, sizeof(uint32_t), 1, fp);
673 if (items != 1)
674 goto out;
675
676 if (len == 0) {
677 rc = 0;
678 goto out;
679 }
680
681 for (cur_list = list; cur_list != NULL; cur_list = cur_list->next) {
682 if (cur_list->node->parse_context)
683 if (avtab_write_item(p, cur_list->node, fp, 0, 1, NULL))
684 goto out;
685 }
686
687 rc = 0;
688 out:
689 if (oldvers) {
690 cond_av_list_destroy(new_list);
691 avtab_destroy(&expa);
692 }
693
694 return rc;
695 }
696
cond_write_node(policydb_t * p,cond_node_t * node,struct policy_file * fp)697 static int cond_write_node(policydb_t * p,
698 cond_node_t * node, struct policy_file *fp)
699 {
700 cond_expr_t *cur_expr;
701 uint32_t buf[2];
702 uint32_t items, items2, len;
703
704 buf[0] = cpu_to_le32(node->cur_state);
705 items = put_entry(buf, sizeof(uint32_t), 1, fp);
706 if (items != 1)
707 return POLICYDB_ERROR;
708
709 /* expr */
710 len = 0;
711 for (cur_expr = node->expr; cur_expr != NULL; cur_expr = cur_expr->next)
712 len++;
713
714 buf[0] = cpu_to_le32(len);
715 items = put_entry(buf, sizeof(uint32_t), 1, fp);
716 if (items != 1)
717 return POLICYDB_ERROR;
718
719 for (cur_expr = node->expr; cur_expr != NULL; cur_expr = cur_expr->next) {
720 items = 0;
721 buf[items++] = cpu_to_le32(cur_expr->expr_type);
722 buf[items++] = cpu_to_le32(cur_expr->bool);
723 items2 = put_entry(buf, sizeof(uint32_t), items, fp);
724 if (items2 != items)
725 return POLICYDB_ERROR;
726 }
727
728 if (p->policy_type == POLICY_KERN) {
729 if (cond_write_av_list(p, node->true_list, fp) != 0)
730 return POLICYDB_ERROR;
731 if (cond_write_av_list(p, node->false_list, fp) != 0)
732 return POLICYDB_ERROR;
733 } else {
734 if (avrule_write_list(node->avtrue_list, fp))
735 return POLICYDB_ERROR;
736 if (avrule_write_list(node->avfalse_list, fp))
737 return POLICYDB_ERROR;
738 }
739
740 if (p->policy_type != POLICY_KERN &&
741 p->policyvers >= MOD_POLICYDB_VERSION_TUNABLE_SEP) {
742 buf[0] = cpu_to_le32(node->flags);
743 items = put_entry(buf, sizeof(uint32_t), 1, fp);
744 if (items != 1)
745 return POLICYDB_ERROR;
746 }
747
748 return POLICYDB_SUCCESS;
749 }
750
cond_write_list(policydb_t * p,cond_list_t * list,struct policy_file * fp)751 static int cond_write_list(policydb_t * p, cond_list_t * list,
752 struct policy_file *fp)
753 {
754 cond_node_t *cur;
755 uint32_t len, items;
756 uint32_t buf[1];
757
758 len = 0;
759 for (cur = list; cur != NULL; cur = cur->next)
760 len++;
761 buf[0] = cpu_to_le32(len);
762 items = put_entry(buf, sizeof(uint32_t), 1, fp);
763 if (items != 1)
764 return POLICYDB_ERROR;
765
766 for (cur = list; cur != NULL; cur = cur->next) {
767 if (cond_write_node(p, cur, fp) != 0)
768 return POLICYDB_ERROR;
769 }
770 return POLICYDB_SUCCESS;
771 }
772
773 /*
774 * Write a security context structure
775 * to a policydb binary representation file.
776 */
context_write(struct policydb * p,context_struct_t * c,struct policy_file * fp)777 static int context_write(struct policydb *p, context_struct_t * c,
778 struct policy_file *fp)
779 {
780 uint32_t buf[32];
781 size_t items, items2;
782
783 items = 0;
784 buf[items++] = cpu_to_le32(c->user);
785 buf[items++] = cpu_to_le32(c->role);
786 buf[items++] = cpu_to_le32(c->type);
787 items2 = put_entry(buf, sizeof(uint32_t), items, fp);
788 if (items2 != items)
789 return POLICYDB_ERROR;
790 if ((p->policyvers >= POLICYDB_VERSION_MLS
791 && p->policy_type == POLICY_KERN)
792 || (p->policyvers >= MOD_POLICYDB_VERSION_MLS
793 && p->policy_type == POLICY_BASE))
794 if (mls_write_range_helper(&c->range, fp))
795 return POLICYDB_ERROR;
796
797 return POLICYDB_SUCCESS;
798 }
799
800 /*
801 * The following *_write functions are used to
802 * write the symbol data to a policy database
803 * binary representation file.
804 */
805
perm_write(hashtab_key_t key,hashtab_datum_t datum,void * ptr)806 static int perm_write(hashtab_key_t key, hashtab_datum_t datum, void *ptr)
807 {
808 perm_datum_t *perdatum;
809 uint32_t buf[32];
810 size_t items, items2, len;
811 struct policy_data *pd = ptr;
812 struct policy_file *fp = pd->fp;
813
814 perdatum = (perm_datum_t *) datum;
815
816 len = strlen(key);
817 items = 0;
818 buf[items++] = cpu_to_le32(len);
819 buf[items++] = cpu_to_le32(perdatum->s.value);
820 items2 = put_entry(buf, sizeof(uint32_t), items, fp);
821 if (items != items2)
822 return POLICYDB_ERROR;
823
824 items = put_entry(key, 1, len, fp);
825 if (items != len)
826 return POLICYDB_ERROR;
827
828 return POLICYDB_SUCCESS;
829 }
830
common_write(hashtab_key_t key,hashtab_datum_t datum,void * ptr)831 static int common_write(hashtab_key_t key, hashtab_datum_t datum, void *ptr)
832 {
833 common_datum_t *comdatum;
834 uint32_t buf[32];
835 size_t items, items2, len;
836 struct policy_data *pd = ptr;
837 struct policy_file *fp = pd->fp;
838
839 comdatum = (common_datum_t *) datum;
840
841 len = strlen(key);
842 items = 0;
843 buf[items++] = cpu_to_le32(len);
844 buf[items++] = cpu_to_le32(comdatum->s.value);
845 buf[items++] = cpu_to_le32(comdatum->permissions.nprim);
846 buf[items++] = cpu_to_le32(comdatum->permissions.table->nel);
847 items2 = put_entry(buf, sizeof(uint32_t), items, fp);
848 if (items != items2)
849 return POLICYDB_ERROR;
850
851 items = put_entry(key, 1, len, fp);
852 if (items != len)
853 return POLICYDB_ERROR;
854
855 if (hashtab_map(comdatum->permissions.table, perm_write, pd))
856 return POLICYDB_ERROR;
857
858 return POLICYDB_SUCCESS;
859 }
860
write_cons_helper(policydb_t * p,constraint_node_t * node,int allowxtarget,struct policy_file * fp)861 static int write_cons_helper(policydb_t * p,
862 constraint_node_t * node, int allowxtarget,
863 struct policy_file *fp)
864 {
865 constraint_node_t *c;
866 constraint_expr_t *e;
867 uint32_t buf[3], nexpr;
868 int items;
869
870 for (c = node; c; c = c->next) {
871 nexpr = 0;
872 for (e = c->expr; e; e = e->next) {
873 nexpr++;
874 }
875 buf[0] = cpu_to_le32(c->permissions);
876 buf[1] = cpu_to_le32(nexpr);
877 items = put_entry(buf, sizeof(uint32_t), 2, fp);
878 if (items != 2)
879 return POLICYDB_ERROR;
880 for (e = c->expr; e; e = e->next) {
881 items = 0;
882 buf[0] = cpu_to_le32(e->expr_type);
883 buf[1] = cpu_to_le32(e->attr);
884 buf[2] = cpu_to_le32(e->op);
885 items = put_entry(buf, sizeof(uint32_t), 3, fp);
886 if (items != 3)
887 return POLICYDB_ERROR;
888
889 switch (e->expr_type) {
890 case CEXPR_NAMES:
891 if (!allowxtarget && (e->attr & CEXPR_XTARGET))
892 return POLICYDB_ERROR;
893 if (ebitmap_write(&e->names, fp)) {
894 return POLICYDB_ERROR;
895 }
896 if (p->policy_type != POLICY_KERN &&
897 type_set_write(e->type_names, fp)) {
898 return POLICYDB_ERROR;
899 }
900 break;
901 default:
902 break;
903 }
904 }
905 }
906
907 return POLICYDB_SUCCESS;
908 }
909
class_write(hashtab_key_t key,hashtab_datum_t datum,void * ptr)910 static int class_write(hashtab_key_t key, hashtab_datum_t datum, void *ptr)
911 {
912 class_datum_t *cladatum;
913 constraint_node_t *c;
914 uint32_t buf[32], ncons;
915 size_t items, items2, len, len2;
916 struct policy_data *pd = ptr;
917 struct policy_file *fp = pd->fp;
918 struct policydb *p = pd->p;
919
920 cladatum = (class_datum_t *) datum;
921
922 len = strlen(key);
923 if (cladatum->comkey)
924 len2 = strlen(cladatum->comkey);
925 else
926 len2 = 0;
927
928 ncons = 0;
929 for (c = cladatum->constraints; c; c = c->next) {
930 ncons++;
931 }
932
933 items = 0;
934 buf[items++] = cpu_to_le32(len);
935 buf[items++] = cpu_to_le32(len2);
936 buf[items++] = cpu_to_le32(cladatum->s.value);
937 buf[items++] = cpu_to_le32(cladatum->permissions.nprim);
938 if (cladatum->permissions.table)
939 buf[items++] = cpu_to_le32(cladatum->permissions.table->nel);
940 else
941 buf[items++] = 0;
942 buf[items++] = cpu_to_le32(ncons);
943 items2 = put_entry(buf, sizeof(uint32_t), items, fp);
944 if (items != items2)
945 return POLICYDB_ERROR;
946
947 items = put_entry(key, 1, len, fp);
948 if (items != len)
949 return POLICYDB_ERROR;
950
951 if (cladatum->comkey) {
952 items = put_entry(cladatum->comkey, 1, len2, fp);
953 if (items != len2)
954 return POLICYDB_ERROR;
955 }
956 if (hashtab_map(cladatum->permissions.table, perm_write, pd))
957 return POLICYDB_ERROR;
958
959 if (write_cons_helper(p, cladatum->constraints, 0, fp))
960 return POLICYDB_ERROR;
961
962 if ((p->policy_type == POLICY_KERN
963 && p->policyvers >= POLICYDB_VERSION_VALIDATETRANS)
964 || (p->policy_type == POLICY_BASE
965 && p->policyvers >= MOD_POLICYDB_VERSION_VALIDATETRANS)) {
966 /* write out the validatetrans rule */
967 ncons = 0;
968 for (c = cladatum->validatetrans; c; c = c->next) {
969 ncons++;
970 }
971 buf[0] = cpu_to_le32(ncons);
972 items = put_entry(buf, sizeof(uint32_t), 1, fp);
973 if (items != 1)
974 return POLICYDB_ERROR;
975 if (write_cons_helper(p, cladatum->validatetrans, 1, fp))
976 return POLICYDB_ERROR;
977 }
978
979 return POLICYDB_SUCCESS;
980 }
981
role_write(hashtab_key_t key,hashtab_datum_t datum,void * ptr)982 static int role_write(hashtab_key_t key, hashtab_datum_t datum, void *ptr)
983 {
984 role_datum_t *role;
985 uint32_t buf[32];
986 size_t items, items2, len;
987 struct policy_data *pd = ptr;
988 struct policy_file *fp = pd->fp;
989 struct policydb *p = pd->p;
990
991 role = (role_datum_t *) datum;
992
993 /*
994 * Role attributes are redundant for policy.X, skip them
995 * when writing the roles symbol table. They are also skipped
996 * when pp is downgraded.
997 *
998 * Their numbers would be deducted in policydb_write().
999 */
1000 if ((role->flavor == ROLE_ATTRIB) &&
1001 ((p->policy_type == POLICY_KERN) ||
1002 (p->policy_type != POLICY_KERN &&
1003 p->policyvers < MOD_POLICYDB_VERSION_ROLEATTRIB)))
1004 return POLICYDB_SUCCESS;
1005
1006 len = strlen(key);
1007 items = 0;
1008 buf[items++] = cpu_to_le32(len);
1009 buf[items++] = cpu_to_le32(role->s.value);
1010 if (policydb_has_boundary_feature(p))
1011 buf[items++] = cpu_to_le32(role->bounds);
1012 items2 = put_entry(buf, sizeof(uint32_t), items, fp);
1013 if (items != items2)
1014 return POLICYDB_ERROR;
1015
1016 items = put_entry(key, 1, len, fp);
1017 if (items != len)
1018 return POLICYDB_ERROR;
1019
1020 if (ebitmap_write(&role->dominates, fp))
1021 return POLICYDB_ERROR;
1022 if (p->policy_type == POLICY_KERN) {
1023 if (ebitmap_write(&role->types.types, fp))
1024 return POLICYDB_ERROR;
1025 } else {
1026 if (type_set_write(&role->types, fp))
1027 return POLICYDB_ERROR;
1028 }
1029
1030 if (p->policy_type != POLICY_KERN &&
1031 p->policyvers >= MOD_POLICYDB_VERSION_ROLEATTRIB) {
1032 buf[0] = cpu_to_le32(role->flavor);
1033 items = put_entry(buf, sizeof(uint32_t), 1, fp);
1034 if (items != 1)
1035 return POLICYDB_ERROR;
1036
1037 if (ebitmap_write(&role->roles, fp))
1038 return POLICYDB_ERROR;
1039 }
1040
1041 return POLICYDB_SUCCESS;
1042 }
1043
type_write(hashtab_key_t key,hashtab_datum_t datum,void * ptr)1044 static int type_write(hashtab_key_t key, hashtab_datum_t datum, void *ptr)
1045 {
1046 type_datum_t *typdatum;
1047 uint32_t buf[32];
1048 size_t items, items2, len;
1049 struct policy_data *pd = ptr;
1050 struct policy_file *fp = pd->fp;
1051 struct policydb *p = pd->p;
1052
1053 typdatum = (type_datum_t *) datum;
1054
1055 /*
1056 * The kernel policy version less than 24 (= POLICYDB_VERSION_BOUNDARY)
1057 * does not support to load entries of attribute, so we skip to write it.
1058 */
1059 if (p->policy_type == POLICY_KERN
1060 && p->policyvers < POLICYDB_VERSION_BOUNDARY
1061 && typdatum->flavor == TYPE_ATTRIB)
1062 return POLICYDB_SUCCESS;
1063
1064 len = strlen(key);
1065 items = 0;
1066 buf[items++] = cpu_to_le32(len);
1067 buf[items++] = cpu_to_le32(typdatum->s.value);
1068 if (policydb_has_boundary_feature(p)) {
1069 uint32_t properties = 0;
1070
1071 if (p->policy_type != POLICY_KERN
1072 && p->policyvers >= MOD_POLICYDB_VERSION_BOUNDARY_ALIAS) {
1073 buf[items++] = cpu_to_le32(typdatum->primary);
1074 }
1075
1076 if (typdatum->primary)
1077 properties |= TYPEDATUM_PROPERTY_PRIMARY;
1078
1079 if (typdatum->flavor == TYPE_ATTRIB) {
1080 properties |= TYPEDATUM_PROPERTY_ATTRIBUTE;
1081 } else if (typdatum->flavor == TYPE_ALIAS
1082 && p->policy_type != POLICY_KERN)
1083 properties |= TYPEDATUM_PROPERTY_ALIAS;
1084
1085 if (typdatum->flags & TYPE_FLAGS_PERMISSIVE
1086 && p->policy_type != POLICY_KERN)
1087 properties |= TYPEDATUM_PROPERTY_PERMISSIVE;
1088
1089 buf[items++] = cpu_to_le32(properties);
1090 buf[items++] = cpu_to_le32(typdatum->bounds);
1091 } else {
1092 buf[items++] = cpu_to_le32(typdatum->primary);
1093
1094 if (p->policy_type != POLICY_KERN) {
1095 buf[items++] = cpu_to_le32(typdatum->flavor);
1096
1097 if (p->policyvers >= MOD_POLICYDB_VERSION_PERMISSIVE)
1098 buf[items++] = cpu_to_le32(typdatum->flags);
1099 else if (typdatum->flags & TYPE_FLAGS_PERMISSIVE)
1100 WARN(fp->handle, "Warning! Module policy "
1101 "version %d cannot support permissive "
1102 "types, but one was defined",
1103 p->policyvers);
1104 }
1105 }
1106 items2 = put_entry(buf, sizeof(uint32_t), items, fp);
1107 if (items != items2)
1108 return POLICYDB_ERROR;
1109
1110 if (p->policy_type != POLICY_KERN) {
1111 if (ebitmap_write(&typdatum->types, fp))
1112 return POLICYDB_ERROR;
1113 }
1114
1115 items = put_entry(key, 1, len, fp);
1116 if (items != len)
1117 return POLICYDB_ERROR;
1118
1119 return POLICYDB_SUCCESS;
1120 }
1121
user_write(hashtab_key_t key,hashtab_datum_t datum,void * ptr)1122 static int user_write(hashtab_key_t key, hashtab_datum_t datum, void *ptr)
1123 {
1124 user_datum_t *usrdatum;
1125 uint32_t buf[32];
1126 size_t items, items2, len;
1127 struct policy_data *pd = ptr;
1128 struct policy_file *fp = pd->fp;
1129 struct policydb *p = pd->p;
1130
1131 usrdatum = (user_datum_t *) datum;
1132
1133 len = strlen(key);
1134 items = 0;
1135 buf[items++] = cpu_to_le32(len);
1136 buf[items++] = cpu_to_le32(usrdatum->s.value);
1137 if (policydb_has_boundary_feature(p))
1138 buf[items++] = cpu_to_le32(usrdatum->bounds);
1139 items2 = put_entry(buf, sizeof(uint32_t), items, fp);
1140 if (items != items2)
1141 return POLICYDB_ERROR;
1142
1143 items = put_entry(key, 1, len, fp);
1144 if (items != len)
1145 return POLICYDB_ERROR;
1146
1147 if (p->policy_type == POLICY_KERN) {
1148 if (ebitmap_write(&usrdatum->roles.roles, fp))
1149 return POLICYDB_ERROR;
1150 } else {
1151 if (role_set_write(&usrdatum->roles, fp))
1152 return POLICYDB_ERROR;
1153 }
1154
1155 if ((p->policyvers >= POLICYDB_VERSION_MLS
1156 && p->policy_type == POLICY_KERN)
1157 || (p->policyvers >= MOD_POLICYDB_VERSION_MLS
1158 && p->policyvers < MOD_POLICYDB_VERSION_MLS_USERS
1159 && p->policy_type == POLICY_MOD)
1160 || (p->policyvers >= MOD_POLICYDB_VERSION_MLS
1161 && p->policyvers < MOD_POLICYDB_VERSION_MLS_USERS
1162 && p->policy_type == POLICY_BASE)) {
1163 if (mls_write_range_helper(&usrdatum->exp_range, fp))
1164 return POLICYDB_ERROR;
1165 if (mls_write_level(&usrdatum->exp_dfltlevel, fp))
1166 return POLICYDB_ERROR;
1167 } else if ((p->policyvers >= MOD_POLICYDB_VERSION_MLS_USERS
1168 && p->policy_type == POLICY_MOD)
1169 || (p->policyvers >= MOD_POLICYDB_VERSION_MLS_USERS
1170 && p->policy_type == POLICY_BASE)) {
1171 if (mls_write_semantic_range_helper(&usrdatum->range, fp))
1172 return -1;
1173 if (mls_write_semantic_level_helper(&usrdatum->dfltlevel, fp))
1174 return -1;
1175 }
1176
1177 return POLICYDB_SUCCESS;
1178 }
1179
1180 static int (*write_f[SYM_NUM]) (hashtab_key_t key, hashtab_datum_t datum,
1181 void *datap) = {
1182 common_write, class_write, role_write, type_write, user_write,
1183 cond_write_bool, sens_write, cat_write,};
1184
ocontext_write_xen(struct policydb_compat_info * info,policydb_t * p,struct policy_file * fp)1185 static int ocontext_write_xen(struct policydb_compat_info *info, policydb_t *p,
1186 struct policy_file *fp)
1187 {
1188 unsigned int i, j;
1189 size_t nel, items;
1190 uint32_t buf[32];
1191 ocontext_t *c;
1192 for (i = 0; i < info->ocon_num; i++) {
1193 nel = 0;
1194 for (c = p->ocontexts[i]; c; c = c->next)
1195 nel++;
1196 buf[0] = cpu_to_le32(nel);
1197 items = put_entry(buf, sizeof(uint32_t), 1, fp);
1198 if (items != 1)
1199 return POLICYDB_ERROR;
1200 for (c = p->ocontexts[i]; c; c = c->next) {
1201 switch (i) {
1202 case OCON_XEN_ISID:
1203 buf[0] = cpu_to_le32(c->sid[0]);
1204 items = put_entry(buf, sizeof(uint32_t), 1, fp);
1205 if (items != 1)
1206 return POLICYDB_ERROR;
1207 if (context_write(p, &c->context[0], fp))
1208 return POLICYDB_ERROR;
1209 break;
1210 case OCON_XEN_PIRQ:
1211 buf[0] = cpu_to_le32(c->u.pirq);
1212 items = put_entry(buf, sizeof(uint32_t), 1, fp);
1213 if (items != 1)
1214 return POLICYDB_ERROR;
1215 if (context_write(p, &c->context[0], fp))
1216 return POLICYDB_ERROR;
1217 break;
1218 case OCON_XEN_IOPORT:
1219 buf[0] = c->u.ioport.low_ioport;
1220 buf[1] = c->u.ioport.high_ioport;
1221 for (j = 0; j < 2; j++)
1222 buf[j] = cpu_to_le32(buf[j]);
1223 items = put_entry(buf, sizeof(uint32_t), 2, fp);
1224 if (items != 2)
1225 return POLICYDB_ERROR;
1226 if (context_write(p, &c->context[0], fp))
1227 return POLICYDB_ERROR;
1228 break;
1229 case OCON_XEN_IOMEM:
1230 buf[0] = c->u.iomem.low_iomem;
1231 buf[1] = c->u.iomem.high_iomem;
1232 for (j = 0; j < 2; j++)
1233 buf[j] = cpu_to_le32(buf[j]);
1234 items = put_entry(buf, sizeof(uint32_t), 2, fp);
1235 if (items != 2)
1236 return POLICYDB_ERROR;
1237 if (context_write(p, &c->context[0], fp))
1238 return POLICYDB_ERROR;
1239 break;
1240 case OCON_XEN_PCIDEVICE:
1241 buf[0] = cpu_to_le32(c->u.device);
1242 items = put_entry(buf, sizeof(uint32_t), 1, fp);
1243 if (items != 1)
1244 return POLICYDB_ERROR;
1245 if (context_write(p, &c->context[0], fp))
1246 return POLICYDB_ERROR;
1247 break;
1248 }
1249 }
1250 }
1251 return POLICYDB_SUCCESS;
1252 }
1253
ocontext_write_selinux(struct policydb_compat_info * info,policydb_t * p,struct policy_file * fp)1254 static int ocontext_write_selinux(struct policydb_compat_info *info,
1255 policydb_t *p, struct policy_file *fp)
1256 {
1257 unsigned int i, j;
1258 size_t nel, items, len;
1259 uint32_t buf[32];
1260 ocontext_t *c;
1261 for (i = 0; i < info->ocon_num; i++) {
1262 nel = 0;
1263 for (c = p->ocontexts[i]; c; c = c->next)
1264 nel++;
1265 buf[0] = cpu_to_le32(nel);
1266 items = put_entry(buf, sizeof(uint32_t), 1, fp);
1267 if (items != 1)
1268 return POLICYDB_ERROR;
1269 for (c = p->ocontexts[i]; c; c = c->next) {
1270 switch (i) {
1271 case OCON_ISID:
1272 buf[0] = cpu_to_le32(c->sid[0]);
1273 items = put_entry(buf, sizeof(uint32_t), 1, fp);
1274 if (items != 1)
1275 return POLICYDB_ERROR;
1276 if (context_write(p, &c->context[0], fp))
1277 return POLICYDB_ERROR;
1278 break;
1279 case OCON_FS:
1280 case OCON_NETIF:
1281 len = strlen(c->u.name);
1282 buf[0] = cpu_to_le32(len);
1283 items = put_entry(buf, sizeof(uint32_t), 1, fp);
1284 if (items != 1)
1285 return POLICYDB_ERROR;
1286 items = put_entry(c->u.name, 1, len, fp);
1287 if (items != len)
1288 return POLICYDB_ERROR;
1289 if (context_write(p, &c->context[0], fp))
1290 return POLICYDB_ERROR;
1291 if (context_write(p, &c->context[1], fp))
1292 return POLICYDB_ERROR;
1293 break;
1294 case OCON_PORT:
1295 buf[0] = c->u.port.protocol;
1296 buf[1] = c->u.port.low_port;
1297 buf[2] = c->u.port.high_port;
1298 for (j = 0; j < 3; j++) {
1299 buf[j] = cpu_to_le32(buf[j]);
1300 }
1301 items = put_entry(buf, sizeof(uint32_t), 3, fp);
1302 if (items != 3)
1303 return POLICYDB_ERROR;
1304 if (context_write(p, &c->context[0], fp))
1305 return POLICYDB_ERROR;
1306 break;
1307 case OCON_NODE:
1308 buf[0] = c->u.node.addr; /* network order */
1309 buf[1] = c->u.node.mask; /* network order */
1310 items = put_entry(buf, sizeof(uint32_t), 2, fp);
1311 if (items != 2)
1312 return POLICYDB_ERROR;
1313 if (context_write(p, &c->context[0], fp))
1314 return POLICYDB_ERROR;
1315 break;
1316 case OCON_FSUSE:
1317 buf[0] = cpu_to_le32(c->v.behavior);
1318 len = strlen(c->u.name);
1319 buf[1] = cpu_to_le32(len);
1320 items = put_entry(buf, sizeof(uint32_t), 2, fp);
1321 if (items != 2)
1322 return POLICYDB_ERROR;
1323 items = put_entry(c->u.name, 1, len, fp);
1324 if (items != len)
1325 return POLICYDB_ERROR;
1326 if (context_write(p, &c->context[0], fp))
1327 return POLICYDB_ERROR;
1328 break;
1329 case OCON_NODE6:
1330 for (j = 0; j < 4; j++)
1331 buf[j] = c->u.node6.addr[j]; /* network order */
1332 for (j = 0; j < 4; j++)
1333 buf[j + 4] = c->u.node6.mask[j]; /* network order */
1334 items = put_entry(buf, sizeof(uint32_t), 8, fp);
1335 if (items != 8)
1336 return POLICYDB_ERROR;
1337 if (context_write(p, &c->context[0], fp))
1338 return POLICYDB_ERROR;
1339 break;
1340 }
1341 }
1342 }
1343 return POLICYDB_SUCCESS;
1344 }
1345
ocontext_write(struct policydb_compat_info * info,policydb_t * p,struct policy_file * fp)1346 static int ocontext_write(struct policydb_compat_info *info, policydb_t * p,
1347 struct policy_file *fp)
1348 {
1349 int rc = POLICYDB_ERROR;
1350 switch (p->target_platform) {
1351 case SEPOL_TARGET_SELINUX:
1352 rc = ocontext_write_selinux(info, p, fp);
1353 break;
1354 case SEPOL_TARGET_XEN:
1355 rc = ocontext_write_xen(info, p, fp);
1356 break;
1357 }
1358 return rc;
1359 }
1360
genfs_write(policydb_t * p,struct policy_file * fp)1361 static int genfs_write(policydb_t * p, struct policy_file *fp)
1362 {
1363 genfs_t *genfs;
1364 ocontext_t *c;
1365 size_t nel = 0, items, len;
1366 uint32_t buf[32];
1367
1368 for (genfs = p->genfs; genfs; genfs = genfs->next)
1369 nel++;
1370 buf[0] = cpu_to_le32(nel);
1371 items = put_entry(buf, sizeof(uint32_t), 1, fp);
1372 if (items != 1)
1373 return POLICYDB_ERROR;
1374 for (genfs = p->genfs; genfs; genfs = genfs->next) {
1375 len = strlen(genfs->fstype);
1376 buf[0] = cpu_to_le32(len);
1377 items = put_entry(buf, sizeof(uint32_t), 1, fp);
1378 if (items != 1)
1379 return POLICYDB_ERROR;
1380 items = put_entry(genfs->fstype, 1, len, fp);
1381 if (items != len)
1382 return POLICYDB_ERROR;
1383 nel = 0;
1384 for (c = genfs->head; c; c = c->next)
1385 nel++;
1386 buf[0] = cpu_to_le32(nel);
1387 items = put_entry(buf, sizeof(uint32_t), 1, fp);
1388 if (items != 1)
1389 return POLICYDB_ERROR;
1390 for (c = genfs->head; c; c = c->next) {
1391 len = strlen(c->u.name);
1392 buf[0] = cpu_to_le32(len);
1393 items = put_entry(buf, sizeof(uint32_t), 1, fp);
1394 if (items != 1)
1395 return POLICYDB_ERROR;
1396 items = put_entry(c->u.name, 1, len, fp);
1397 if (items != len)
1398 return POLICYDB_ERROR;
1399 buf[0] = cpu_to_le32(c->v.sclass);
1400 items = put_entry(buf, sizeof(uint32_t), 1, fp);
1401 if (items != 1)
1402 return POLICYDB_ERROR;
1403 if (context_write(p, &c->context[0], fp))
1404 return POLICYDB_ERROR;
1405 }
1406 }
1407 return POLICYDB_SUCCESS;
1408 }
1409
range_write(policydb_t * p,struct policy_file * fp)1410 static int range_write(policydb_t * p, struct policy_file *fp)
1411 {
1412 size_t nel, items;
1413 struct range_trans *rt;
1414 uint32_t buf[2];
1415 int new_rangetr = (p->policy_type == POLICY_KERN &&
1416 p->policyvers >= POLICYDB_VERSION_RANGETRANS);
1417 int warning_issued = 0;
1418
1419 nel = 0;
1420 for (rt = p->range_tr; rt; rt = rt->next) {
1421 /* all range_transitions are written for the new format, only
1422 process related range_transitions are written for the old
1423 format, so count accordingly */
1424 if (new_rangetr || rt->target_class == SECCLASS_PROCESS)
1425 nel++;
1426 }
1427 buf[0] = cpu_to_le32(nel);
1428 items = put_entry(buf, sizeof(uint32_t), 1, fp);
1429 if (items != 1)
1430 return POLICYDB_ERROR;
1431 for (rt = p->range_tr; rt; rt = rt->next) {
1432 if (!new_rangetr && rt->target_class != SECCLASS_PROCESS) {
1433 if (!warning_issued)
1434 WARN(fp->handle, "Discarding range_transition "
1435 "rules for security classes other than "
1436 "\"process\"");
1437 warning_issued = 1;
1438 continue;
1439 }
1440 buf[0] = cpu_to_le32(rt->source_type);
1441 buf[1] = cpu_to_le32(rt->target_type);
1442 items = put_entry(buf, sizeof(uint32_t), 2, fp);
1443 if (items != 2)
1444 return POLICYDB_ERROR;
1445 if (new_rangetr) {
1446 buf[0] = cpu_to_le32(rt->target_class);
1447 items = put_entry(buf, sizeof(uint32_t), 1, fp);
1448 if (items != 1)
1449 return POLICYDB_ERROR;
1450 }
1451 if (mls_write_range_helper(&rt->target_range, fp))
1452 return POLICYDB_ERROR;
1453 }
1454 return POLICYDB_SUCCESS;
1455 }
1456
1457 /************** module writing functions below **************/
1458
avrule_write(avrule_t * avrule,struct policy_file * fp)1459 static int avrule_write(avrule_t * avrule, struct policy_file *fp)
1460 {
1461 size_t items, items2;
1462 uint32_t buf[32], len;
1463 class_perm_node_t *cur;
1464
1465 items = 0;
1466 buf[items++] = cpu_to_le32(avrule->specified);
1467 buf[items++] = cpu_to_le32(avrule->flags);
1468 items2 = put_entry(buf, sizeof(uint32_t), items, fp);
1469 if (items2 != items)
1470 return POLICYDB_ERROR;
1471
1472 if (type_set_write(&avrule->stypes, fp))
1473 return POLICYDB_ERROR;
1474
1475 if (type_set_write(&avrule->ttypes, fp))
1476 return POLICYDB_ERROR;
1477
1478 cur = avrule->perms;
1479 len = 0;
1480 while (cur) {
1481 len++;
1482 cur = cur->next;
1483 }
1484 items = 0;
1485 buf[items++] = cpu_to_le32(len);
1486 items2 = put_entry(buf, sizeof(uint32_t), items, fp);
1487 if (items2 != items)
1488 return POLICYDB_ERROR;
1489 cur = avrule->perms;
1490 while (cur) {
1491 items = 0;
1492 buf[items++] = cpu_to_le32(cur->class);
1493 buf[items++] = cpu_to_le32(cur->data);
1494 items2 = put_entry(buf, sizeof(uint32_t), items, fp);
1495 if (items2 != items)
1496 return POLICYDB_ERROR;
1497
1498 cur = cur->next;
1499 }
1500
1501 return POLICYDB_SUCCESS;
1502 }
1503
avrule_write_list(avrule_t * avrules,struct policy_file * fp)1504 static int avrule_write_list(avrule_t * avrules, struct policy_file *fp)
1505 {
1506 uint32_t buf[32], len;
1507 avrule_t *avrule;
1508
1509 avrule = avrules;
1510 len = 0;
1511 while (avrule) {
1512 len++;
1513 avrule = avrule->next;
1514 }
1515
1516 buf[0] = cpu_to_le32(len);
1517 if (put_entry(buf, sizeof(uint32_t), 1, fp) != 1)
1518 return POLICYDB_ERROR;
1519
1520 avrule = avrules;
1521 while (avrule) {
1522 avrule_write(avrule, fp);
1523 avrule = avrule->next;
1524 }
1525
1526 return POLICYDB_SUCCESS;
1527 }
1528
only_process(ebitmap_t * in)1529 static int only_process(ebitmap_t *in)
1530 {
1531 unsigned int i;
1532 ebitmap_node_t *node;
1533
1534 ebitmap_for_each_bit(in, node, i) {
1535 if (ebitmap_node_get_bit(node, i) &&
1536 i != SECCLASS_PROCESS - 1)
1537 return 0;
1538 }
1539 return 1;
1540 }
1541
role_trans_rule_write(policydb_t * p,role_trans_rule_t * t,struct policy_file * fp)1542 static int role_trans_rule_write(policydb_t *p, role_trans_rule_t * t,
1543 struct policy_file *fp)
1544 {
1545 int nel = 0;
1546 size_t items;
1547 uint32_t buf[1];
1548 role_trans_rule_t *tr;
1549 int warned = 0;
1550 int new_role = p->policyvers >= MOD_POLICYDB_VERSION_ROLETRANS;
1551
1552 for (tr = t; tr; tr = tr->next)
1553 if (new_role || only_process(&tr->classes))
1554 nel++;
1555
1556 buf[0] = cpu_to_le32(nel);
1557 items = put_entry(buf, sizeof(uint32_t), 1, fp);
1558 if (items != 1)
1559 return POLICYDB_ERROR;
1560 for (tr = t; tr; tr = tr->next) {
1561 if (!new_role && !only_process(&tr->classes)) {
1562 if (!warned)
1563 WARN(fp->handle, "Discarding role_transition "
1564 "rules for security classes other than "
1565 "\"process\"");
1566 warned = 1;
1567 continue;
1568 }
1569 if (role_set_write(&tr->roles, fp))
1570 return POLICYDB_ERROR;
1571 if (type_set_write(&tr->types, fp))
1572 return POLICYDB_ERROR;
1573 if (new_role)
1574 if (ebitmap_write(&tr->classes, fp))
1575 return POLICYDB_ERROR;
1576 buf[0] = cpu_to_le32(tr->new_role);
1577 items = put_entry(buf, sizeof(uint32_t), 1, fp);
1578 if (items != 1)
1579 return POLICYDB_ERROR;
1580 }
1581 return POLICYDB_SUCCESS;
1582 }
1583
role_allow_rule_write(role_allow_rule_t * r,struct policy_file * fp)1584 static int role_allow_rule_write(role_allow_rule_t * r, struct policy_file *fp)
1585 {
1586 int nel = 0;
1587 size_t items;
1588 uint32_t buf[1];
1589 role_allow_rule_t *ra;
1590
1591 for (ra = r; ra; ra = ra->next)
1592 nel++;
1593 buf[0] = cpu_to_le32(nel);
1594 items = put_entry(buf, sizeof(uint32_t), 1, fp);
1595 if (items != 1)
1596 return POLICYDB_ERROR;
1597 for (ra = r; ra; ra = ra->next) {
1598 if (role_set_write(&ra->roles, fp))
1599 return POLICYDB_ERROR;
1600 if (role_set_write(&ra->new_roles, fp))
1601 return POLICYDB_ERROR;
1602 }
1603 return POLICYDB_SUCCESS;
1604 }
1605
filename_trans_rule_write(filename_trans_rule_t * t,struct policy_file * fp)1606 static int filename_trans_rule_write(filename_trans_rule_t * t, struct policy_file *fp)
1607 {
1608 int nel = 0;
1609 size_t items;
1610 uint32_t buf[2], len;
1611 filename_trans_rule_t *ftr;
1612
1613 for (ftr = t; ftr; ftr = ftr->next)
1614 nel++;
1615
1616 buf[0] = cpu_to_le32(nel);
1617 items = put_entry(buf, sizeof(uint32_t), 1, fp);
1618 if (items != 1)
1619 return POLICYDB_ERROR;
1620
1621 for (ftr = t; ftr; ftr = ftr->next) {
1622 len = strlen(ftr->name);
1623 buf[0] = cpu_to_le32(len);
1624 items = put_entry(buf, sizeof(uint32_t), 1, fp);
1625 if (items != 1)
1626 return POLICYDB_ERROR;
1627
1628 items = put_entry(ftr->name, sizeof(char), len, fp);
1629 if (items != len)
1630 return POLICYDB_ERROR;
1631
1632 if (type_set_write(&ftr->stypes, fp))
1633 return POLICYDB_ERROR;
1634 if (type_set_write(&ftr->ttypes, fp))
1635 return POLICYDB_ERROR;
1636
1637 buf[0] = cpu_to_le32(ftr->tclass);
1638 buf[1] = cpu_to_le32(ftr->otype);
1639
1640 items = put_entry(buf, sizeof(uint32_t), 2, fp);
1641 if (items != 2)
1642 return POLICYDB_ERROR;
1643 }
1644 return POLICYDB_SUCCESS;
1645 }
1646
range_trans_rule_write(range_trans_rule_t * t,struct policy_file * fp)1647 static int range_trans_rule_write(range_trans_rule_t * t,
1648 struct policy_file *fp)
1649 {
1650 int nel = 0;
1651 size_t items;
1652 uint32_t buf[1];
1653 range_trans_rule_t *rt;
1654
1655 for (rt = t; rt; rt = rt->next)
1656 nel++;
1657 buf[0] = cpu_to_le32(nel);
1658 items = put_entry(buf, sizeof(uint32_t), 1, fp);
1659 if (items != 1)
1660 return POLICYDB_ERROR;
1661 for (rt = t; rt; rt = rt->next) {
1662 if (type_set_write(&rt->stypes, fp))
1663 return POLICYDB_ERROR;
1664 if (type_set_write(&rt->ttypes, fp))
1665 return POLICYDB_ERROR;
1666 if (ebitmap_write(&rt->tclasses, fp))
1667 return POLICYDB_ERROR;
1668 if (mls_write_semantic_range_helper(&rt->trange, fp))
1669 return POLICYDB_ERROR;
1670 }
1671 return POLICYDB_SUCCESS;
1672 }
1673
scope_index_write(scope_index_t * scope_index,unsigned int num_scope_syms,struct policy_file * fp)1674 static int scope_index_write(scope_index_t * scope_index,
1675 unsigned int num_scope_syms,
1676 struct policy_file *fp)
1677 {
1678 unsigned int i;
1679 uint32_t buf[1];
1680 for (i = 0; i < num_scope_syms; i++) {
1681 if (ebitmap_write(scope_index->scope + i, fp) == -1) {
1682 return POLICYDB_ERROR;
1683 }
1684 }
1685 buf[0] = cpu_to_le32(scope_index->class_perms_len);
1686 if (put_entry(buf, sizeof(uint32_t), 1, fp) != 1) {
1687 return POLICYDB_ERROR;
1688 }
1689 for (i = 0; i < scope_index->class_perms_len; i++) {
1690 if (ebitmap_write(scope_index->class_perms_map + i, fp) == -1) {
1691 return POLICYDB_ERROR;
1692 }
1693 }
1694 return POLICYDB_SUCCESS;
1695 }
1696
avrule_decl_write(avrule_decl_t * decl,int num_scope_syms,policydb_t * p,struct policy_file * fp)1697 static int avrule_decl_write(avrule_decl_t * decl, int num_scope_syms,
1698 policydb_t * p, struct policy_file *fp)
1699 {
1700 struct policy_data pd;
1701 uint32_t buf[2];
1702 int i;
1703 buf[0] = cpu_to_le32(decl->decl_id);
1704 buf[1] = cpu_to_le32(decl->enabled);
1705 if (put_entry(buf, sizeof(uint32_t), 2, fp) != 2) {
1706 return POLICYDB_ERROR;
1707 }
1708 if (cond_write_list(p, decl->cond_list, fp) == -1 ||
1709 avrule_write_list(decl->avrules, fp) == -1 ||
1710 role_trans_rule_write(p, decl->role_tr_rules, fp) == -1 ||
1711 role_allow_rule_write(decl->role_allow_rules, fp) == -1) {
1712 return POLICYDB_ERROR;
1713 }
1714
1715 if (p->policyvers >= MOD_POLICYDB_VERSION_FILENAME_TRANS &&
1716 filename_trans_rule_write(decl->filename_trans_rules, fp))
1717 return POLICYDB_ERROR;
1718
1719 if (p->policyvers >= MOD_POLICYDB_VERSION_RANGETRANS &&
1720 range_trans_rule_write(decl->range_tr_rules, fp) == -1) {
1721 return POLICYDB_ERROR;
1722 }
1723 if (scope_index_write(&decl->required, num_scope_syms, fp) == -1 ||
1724 scope_index_write(&decl->declared, num_scope_syms, fp) == -1) {
1725 return POLICYDB_ERROR;
1726 }
1727 pd.fp = fp;
1728 pd.p = p;
1729 for (i = 0; i < num_scope_syms; i++) {
1730 buf[0] = cpu_to_le32(decl->symtab[i].nprim);
1731 buf[1] = cpu_to_le32(decl->symtab[i].table->nel);
1732 if (put_entry(buf, sizeof(uint32_t), 2, fp) != 2) {
1733 return POLICYDB_ERROR;
1734 }
1735 if (hashtab_map(decl->symtab[i].table, write_f[i], &pd)) {
1736 return POLICYDB_ERROR;
1737 }
1738 }
1739 return POLICYDB_SUCCESS;
1740 }
1741
avrule_block_write(avrule_block_t * block,int num_scope_syms,policydb_t * p,struct policy_file * fp)1742 static int avrule_block_write(avrule_block_t * block, int num_scope_syms,
1743 policydb_t * p, struct policy_file *fp)
1744 {
1745 /* first write a count of the total number of blocks */
1746 uint32_t buf[1], num_blocks = 0;
1747 avrule_block_t *cur;
1748 for (cur = block; cur != NULL; cur = cur->next) {
1749 num_blocks++;
1750 }
1751 buf[0] = cpu_to_le32(num_blocks);
1752 if (put_entry(buf, sizeof(uint32_t), 1, fp) != 1) {
1753 return POLICYDB_ERROR;
1754 }
1755
1756 /* now write each block */
1757 for (cur = block; cur != NULL; cur = cur->next) {
1758 uint32_t num_decls = 0;
1759 avrule_decl_t *decl;
1760 /* write a count of number of branches */
1761 for (decl = cur->branch_list; decl != NULL; decl = decl->next) {
1762 num_decls++;
1763 }
1764 buf[0] = cpu_to_le32(num_decls);
1765 if (put_entry(buf, sizeof(uint32_t), 1, fp) != 1) {
1766 return POLICYDB_ERROR;
1767 }
1768 for (decl = cur->branch_list; decl != NULL; decl = decl->next) {
1769 if (avrule_decl_write(decl, num_scope_syms, p, fp) ==
1770 -1) {
1771 return POLICYDB_ERROR;
1772 }
1773 }
1774 }
1775 return POLICYDB_SUCCESS;
1776 }
1777
scope_write(hashtab_key_t key,hashtab_datum_t datum,void * ptr)1778 static int scope_write(hashtab_key_t key, hashtab_datum_t datum, void *ptr)
1779 {
1780 scope_datum_t *scope = (scope_datum_t *) datum;
1781 struct policy_data *pd = ptr;
1782 struct policy_file *fp = pd->fp;
1783 uint32_t static_buf[32], *dyn_buf = NULL, *buf;
1784 size_t key_len = strlen(key);
1785 unsigned int items = 2 + scope->decl_ids_len, i;
1786
1787 if (items >= (sizeof(static_buf) / 4)) {
1788 /* too many things required, so dynamically create a
1789 * buffer. this would have been easier with C99's
1790 * dynamic arrays... */
1791 if ((dyn_buf = malloc(items * sizeof(*dyn_buf))) == NULL) {
1792 return POLICYDB_ERROR;
1793 }
1794 buf = dyn_buf;
1795 } else {
1796 buf = static_buf;
1797 }
1798 buf[0] = cpu_to_le32(key_len);
1799 if (put_entry(buf, sizeof(*buf), 1, fp) != 1 ||
1800 put_entry(key, 1, key_len, fp) != key_len) {
1801 return POLICYDB_ERROR;
1802 }
1803 buf[0] = cpu_to_le32(scope->scope);
1804 buf[1] = cpu_to_le32(scope->decl_ids_len);
1805 for (i = 0; i < scope->decl_ids_len; i++) {
1806 buf[2 + i] = cpu_to_le32(scope->decl_ids[i]);
1807 }
1808 if (put_entry(buf, sizeof(*buf), items, fp) != items) {
1809 free(dyn_buf);
1810 return POLICYDB_ERROR;
1811 }
1812 free(dyn_buf);
1813 return POLICYDB_SUCCESS;
1814 }
1815
type_attr_uncount(hashtab_key_t key,hashtab_datum_t datum,void * args)1816 static int type_attr_uncount(hashtab_key_t key __attribute__ ((unused)),
1817 hashtab_datum_t datum, void *args)
1818 {
1819 type_datum_t *typdatum = datum;
1820 uint32_t *p_nel = args;
1821
1822 if (typdatum->flavor == TYPE_ATTRIB) {
1823 /* uncount attribute from total number of types */
1824 (*p_nel)--;
1825 }
1826 return 0;
1827 }
1828
role_attr_uncount(hashtab_key_t key,hashtab_datum_t datum,void * args)1829 static int role_attr_uncount(hashtab_key_t key __attribute__ ((unused)),
1830 hashtab_datum_t datum, void *args)
1831 {
1832 role_datum_t *role = datum;
1833 uint32_t *p_nel = args;
1834
1835 if (role->flavor == ROLE_ATTRIB) {
1836 /* uncount attribute from total number of roles */
1837 (*p_nel)--;
1838 }
1839 return 0;
1840 }
1841
1842 /*
1843 * Write the configuration data in a policy database
1844 * structure to a policy database binary representation
1845 * file.
1846 */
policydb_write(policydb_t * p,struct policy_file * fp)1847 int policydb_write(policydb_t * p, struct policy_file *fp)
1848 {
1849 unsigned int i, num_syms;
1850 uint32_t buf[32], config;
1851 size_t items, items2, len;
1852 struct policydb_compat_info *info;
1853 struct policy_data pd;
1854 char *policydb_str;
1855
1856 if (p->unsupported_format)
1857 return POLICYDB_UNSUPPORTED;
1858
1859 pd.fp = fp;
1860 pd.p = p;
1861
1862 config = 0;
1863 if (p->mls) {
1864 if ((p->policyvers < POLICYDB_VERSION_MLS &&
1865 p->policy_type == POLICY_KERN) ||
1866 (p->policyvers < MOD_POLICYDB_VERSION_MLS &&
1867 p->policy_type == POLICY_BASE) ||
1868 (p->policyvers < MOD_POLICYDB_VERSION_MLS &&
1869 p->policy_type == POLICY_MOD)) {
1870 ERR(fp->handle, "policy version %d cannot support MLS",
1871 p->policyvers);
1872 return POLICYDB_ERROR;
1873 }
1874 config |= POLICYDB_CONFIG_MLS;
1875 }
1876
1877 config |= (POLICYDB_CONFIG_UNKNOWN_MASK & p->handle_unknown);
1878
1879 /* Write the magic number and string identifiers. */
1880 items = 0;
1881 if (p->policy_type == POLICY_KERN) {
1882 buf[items++] = cpu_to_le32(POLICYDB_MAGIC);
1883 len = strlen(policydb_target_strings[p->target_platform]);
1884 policydb_str = policydb_target_strings[p->target_platform];
1885 } else {
1886 buf[items++] = cpu_to_le32(POLICYDB_MOD_MAGIC);
1887 len = strlen(POLICYDB_MOD_STRING);
1888 policydb_str = POLICYDB_MOD_STRING;
1889 }
1890 buf[items++] = cpu_to_le32(len);
1891 items2 = put_entry(buf, sizeof(uint32_t), items, fp);
1892 if (items != items2)
1893 return POLICYDB_ERROR;
1894 items = put_entry(policydb_str, 1, len, fp);
1895 if (items != len)
1896 return POLICYDB_ERROR;
1897
1898 /* Write the version, config, and table sizes. */
1899 items = 0;
1900 info = policydb_lookup_compat(p->policyvers, p->policy_type,
1901 p->target_platform);
1902 if (!info) {
1903 ERR(fp->handle, "compatibility lookup failed for policy "
1904 "version %d", p->policyvers);
1905 return POLICYDB_ERROR;
1906 }
1907
1908 if (p->policy_type != POLICY_KERN) {
1909 buf[items++] = cpu_to_le32(p->policy_type);
1910 }
1911 buf[items++] = cpu_to_le32(p->policyvers);
1912 buf[items++] = cpu_to_le32(config);
1913 buf[items++] = cpu_to_le32(info->sym_num);
1914 buf[items++] = cpu_to_le32(info->ocon_num);
1915
1916 items2 = put_entry(buf, sizeof(uint32_t), items, fp);
1917 if (items != items2)
1918 return POLICYDB_ERROR;
1919
1920 if (p->policy_type == POLICY_MOD) {
1921 /* Write module name and version */
1922 len = strlen(p->name);
1923 buf[0] = cpu_to_le32(len);
1924 items = put_entry(buf, sizeof(uint32_t), 1, fp);
1925 if (items != 1)
1926 return POLICYDB_ERROR;
1927 items = put_entry(p->name, 1, len, fp);
1928 if (items != len)
1929 return POLICYDB_ERROR;
1930 len = strlen(p->version);
1931 buf[0] = cpu_to_le32(len);
1932 items = put_entry(buf, sizeof(uint32_t), 1, fp);
1933 if (items != 1)
1934 return POLICYDB_ERROR;
1935 items = put_entry(p->version, 1, len, fp);
1936 if (items != len)
1937 return POLICYDB_ERROR;
1938 }
1939
1940 if ((p->policyvers >= POLICYDB_VERSION_POLCAP &&
1941 p->policy_type == POLICY_KERN) ||
1942 (p->policyvers >= MOD_POLICYDB_VERSION_POLCAP &&
1943 p->policy_type == POLICY_BASE) ||
1944 (p->policyvers >= MOD_POLICYDB_VERSION_POLCAP &&
1945 p->policy_type == POLICY_MOD)) {
1946 if (ebitmap_write(&p->policycaps, fp) == -1)
1947 return POLICYDB_ERROR;
1948 }
1949
1950 if (p->policyvers < POLICYDB_VERSION_PERMISSIVE &&
1951 p->policy_type == POLICY_KERN) {
1952 ebitmap_node_t *tnode;
1953
1954 ebitmap_for_each_bit(&p->permissive_map, tnode, i) {
1955 if (ebitmap_node_get_bit(tnode, i)) {
1956 WARN(fp->handle, "Warning! Policy version %d cannot "
1957 "support permissive types, but some were defined",
1958 p->policyvers);
1959 break;
1960 }
1961 }
1962 }
1963
1964 if (p->policyvers >= POLICYDB_VERSION_PERMISSIVE &&
1965 p->policy_type == POLICY_KERN) {
1966 if (ebitmap_write(&p->permissive_map, fp) == -1)
1967 return POLICYDB_ERROR;
1968 }
1969
1970 num_syms = info->sym_num;
1971 for (i = 0; i < num_syms; i++) {
1972 buf[0] = cpu_to_le32(p->symtab[i].nprim);
1973 buf[1] = p->symtab[i].table->nel;
1974
1975 /*
1976 * A special case when writing type/attribute symbol table.
1977 * The kernel policy version less than 24 does not support
1978 * to load entries of attribute, so we have to re-calculate
1979 * the actual number of types except for attributes.
1980 */
1981 if (i == SYM_TYPES &&
1982 p->policyvers < POLICYDB_VERSION_BOUNDARY &&
1983 p->policy_type == POLICY_KERN) {
1984 hashtab_map(p->symtab[i].table, type_attr_uncount, &buf[1]);
1985 }
1986
1987 /*
1988 * Another special case when writing role/attribute symbol
1989 * table, role attributes are redundant for policy.X, or
1990 * when the pp's version is not big enough. So deduct
1991 * their numbers from p_roles.table->nel.
1992 */
1993 if ((i == SYM_ROLES) &&
1994 ((p->policy_type == POLICY_KERN) ||
1995 (p->policy_type != POLICY_KERN &&
1996 p->policyvers < MOD_POLICYDB_VERSION_ROLEATTRIB)))
1997 hashtab_map(p->symtab[i].table, role_attr_uncount, &buf[1]);
1998
1999 buf[1] = cpu_to_le32(buf[1]);
2000 items = put_entry(buf, sizeof(uint32_t), 2, fp);
2001 if (items != 2)
2002 return POLICYDB_ERROR;
2003 if (hashtab_map(p->symtab[i].table, write_f[i], &pd))
2004 return POLICYDB_ERROR;
2005 }
2006
2007 if (p->policy_type == POLICY_KERN) {
2008 if (avtab_write(p, &p->te_avtab, fp))
2009 return POLICYDB_ERROR;
2010 if (p->policyvers < POLICYDB_VERSION_BOOL) {
2011 if (p->p_bools.nprim)
2012 WARN(fp->handle, "Discarding "
2013 "booleans and conditional rules");
2014 } else {
2015 if (cond_write_list(p, p->cond_list, fp))
2016 return POLICYDB_ERROR;
2017 }
2018 if (role_trans_write(p, fp))
2019 return POLICYDB_ERROR;
2020 if (role_allow_write(p->role_allow, fp))
2021 return POLICYDB_ERROR;
2022 if (p->policyvers >= POLICYDB_VERSION_FILENAME_TRANS) {
2023 if (filename_trans_write(p->filename_trans, fp))
2024 return POLICYDB_ERROR;
2025 } else {
2026 if (p->filename_trans)
2027 WARN(fp->handle, "Discarding filename type transition rules");
2028 }
2029 } else {
2030 if (avrule_block_write(p->global, num_syms, p, fp) == -1) {
2031 return POLICYDB_ERROR;
2032 }
2033
2034 for (i = 0; i < num_syms; i++) {
2035 buf[0] = cpu_to_le32(p->scope[i].table->nel);
2036 if (put_entry(buf, sizeof(uint32_t), 1, fp) != 1) {
2037 return POLICYDB_ERROR;
2038 }
2039 if (hashtab_map(p->scope[i].table, scope_write, &pd))
2040 return POLICYDB_ERROR;
2041 }
2042 }
2043
2044 if (ocontext_write(info, p, fp) == -1 || genfs_write(p, fp) == -1) {
2045 return POLICYDB_ERROR;
2046 }
2047
2048 if ((p->policyvers >= POLICYDB_VERSION_MLS
2049 && p->policy_type == POLICY_KERN)
2050 || (p->policyvers >= MOD_POLICYDB_VERSION_MLS
2051 && p->policyvers < MOD_POLICYDB_VERSION_RANGETRANS
2052 && p->policy_type == POLICY_BASE)) {
2053 if (range_write(p, fp)) {
2054 return POLICYDB_ERROR;
2055 }
2056 }
2057
2058 if (p->policy_type == POLICY_KERN
2059 && p->policyvers >= POLICYDB_VERSION_AVTAB) {
2060 for (i = 0; i < p->p_types.nprim; i++) {
2061 if (ebitmap_write(&p->type_attr_map[i], fp) == -1)
2062 return POLICYDB_ERROR;
2063 }
2064 }
2065
2066 return POLICYDB_SUCCESS;
2067 }
2068