• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 
2 /* Author : Stephen Smalley, <sds@epoch.ncsc.mil> */
3 
4 /*
5  * Updated: Joshua Brindle <jbrindle@tresys.com>
6  *	    Karl MacMillan <kmacmillan@tresys.com>
7  *	    Jason Tang <jtang@tresys.com>
8  *
9  *	Module support
10  *
11  * Updated: Trusted Computer Solutions, Inc. <dgoeddel@trustedcs.com>
12  *
13  *	Support for enhanced MLS infrastructure.
14  *
15  * Updated: Frank Mayer <mayerf@tresys.com> and Karl MacMillan <kmacmillan@tresys.com>
16  *
17  * 	Added conditional policy language extensions
18  *
19  * Updated: Red Hat, Inc.  James Morris <jmorris@redhat.com>
20  *
21  *      Fine-grained netlink support
22  *      IPv6 support
23  *      Code cleanup
24  *
25  * Copyright (C) 2004-2005 Trusted Computer Solutions, Inc.
26  * Copyright (C) 2003 - 2004 Tresys Technology, LLC
27  * Copyright (C) 2003 - 2004 Red Hat, Inc.
28  *
29  *  This library is free software; you can redistribute it and/or
30  *  modify it under the terms of the GNU Lesser General Public
31  *  License as published by the Free Software Foundation; either
32  *  version 2.1 of the License, or (at your option) any later version.
33  *
34  *  This library is distributed in the hope that it will be useful,
35  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
36  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
37  *  Lesser General Public License for more details.
38  *
39  *  You should have received a copy of the GNU Lesser General Public
40  *  License along with this library; if not, write to the Free Software
41  *  Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
42  */
43 
44 /* FLASK */
45 
46 /*
47  * A policy database (policydb) specifies the
48  * configuration data for the security policy.
49  */
50 
51 #ifndef _SEPOL_POLICYDB_POLICYDB_H_
52 #define _SEPOL_POLICYDB_POLICYDB_H_
53 
54 #include <stdio.h>
55 #include <stddef.h>
56 
57 #include <sepol/policydb.h>
58 
59 #include <sepol/policydb/flask_types.h>
60 #include <sepol/policydb/symtab.h>
61 #include <sepol/policydb/avtab.h>
62 #include <sepol/policydb/context.h>
63 #include <sepol/policydb/constraint.h>
64 #include <sepol/policydb/sidtab.h>
65 
66 #define ERRMSG_LEN 1024
67 
68 #define POLICYDB_SUCCESS      0
69 #define POLICYDB_ERROR       -1
70 #define POLICYDB_UNSUPPORTED -2
71 
72 /*
73  * A datum type is defined for each kind of symbol
74  * in the configuration data:  individual permissions,
75  * common prefixes for access vectors, classes,
76  * users, roles, types, sensitivities, categories, etc.
77  */
78 
79 /* type set preserves data needed by modules such as *, ~ and attributes */
80 typedef struct type_set {
81 	ebitmap_t types;
82 	ebitmap_t negset;
83 #define TYPE_STAR 1
84 #define TYPE_COMP 2
85 	uint32_t flags;
86 } type_set_t;
87 
88 typedef struct role_set {
89 	ebitmap_t roles;
90 #define ROLE_STAR 1
91 #define ROLE_COMP 2
92 	uint32_t flags;
93 } role_set_t;
94 
95 /* Permission attributes */
96 typedef struct perm_datum {
97 	symtab_datum_t s;
98 } perm_datum_t;
99 
100 /* Attributes of a common prefix for access vectors */
101 typedef struct common_datum {
102 	symtab_datum_t s;
103 	symtab_t permissions;	/* common permissions */
104 } common_datum_t;
105 
106 /* Class attributes */
107 typedef struct class_datum {
108 	symtab_datum_t s;
109 	char *comkey;		/* common name */
110 	common_datum_t *comdatum;	/* common datum */
111 	symtab_t permissions;	/* class-specific permission symbol table */
112 	constraint_node_t *constraints;	/* constraints on class permissions */
113 	constraint_node_t *validatetrans;	/* special transition rules */
114 /* Options how a new object user and role should be decided */
115 #define DEFAULT_SOURCE		1
116 #define DEFAULT_TARGET		2
117 	char default_user;
118 	char default_role;
119 	char default_type;
120 /* Options how a new object range should be decided */
121 #define DEFAULT_SOURCE_LOW	1
122 #define DEFAULT_SOURCE_HIGH	2
123 #define DEFAULT_SOURCE_LOW_HIGH	3
124 #define DEFAULT_TARGET_LOW	4
125 #define DEFAULT_TARGET_HIGH	5
126 #define DEFAULT_TARGET_LOW_HIGH	6
127 	char default_range;
128 } class_datum_t;
129 
130 /* Role attributes */
131 typedef struct role_datum {
132 	symtab_datum_t s;
133 	ebitmap_t dominates;	/* set of roles dominated by this role */
134 	type_set_t types;	/* set of authorized types for role */
135 	ebitmap_t cache;	/* This is an expanded set used for context validation during parsing */
136 	uint32_t bounds;	/* bounds role, if exist */
137 #define ROLE_ROLE 0		/* regular role in kernel policies */
138 #define ROLE_ATTRIB 1		/* attribute */
139 	uint32_t flavor;
140 	ebitmap_t roles;	/* roles with this attribute */
141 } role_datum_t;
142 
143 typedef struct role_trans {
144 	uint32_t role;		/* current role */
145 	uint32_t type;		/* program executable type, or new object type */
146 	uint32_t tclass;	/* process class, or new object class */
147 	uint32_t new_role;	/* new role */
148 	struct role_trans *next;
149 } role_trans_t;
150 
151 typedef struct role_allow {
152 	uint32_t role;		/* current role */
153 	uint32_t new_role;	/* new role */
154 	struct role_allow *next;
155 } role_allow_t;
156 
157 /* filename_trans rules */
158 typedef struct filename_trans {
159 	uint32_t stype;
160 	uint32_t ttype;
161 	uint32_t tclass;
162 	char *name;
163 	uint32_t otype;
164 	struct filename_trans *next;
165 } filename_trans_t;
166 
167 /* Type attributes */
168 typedef struct type_datum {
169 	symtab_datum_t s;
170 	uint32_t primary;	/* primary name? can be set to primary value if below is TYPE_ */
171 #define TYPE_TYPE 0		/* regular type or alias in kernel policies */
172 #define TYPE_ATTRIB 1		/* attribute */
173 #define TYPE_ALIAS 2		/* alias in modular policy */
174 	uint32_t flavor;
175 	ebitmap_t types;	/* types with this attribute */
176 #define TYPE_FLAGS_PERMISSIVE	0x01
177 	uint32_t flags;
178 	uint32_t bounds;	/* bounds type, if exist */
179 } type_datum_t;
180 
181 /*
182  * Properties of type_datum
183  * available on the policy version >= (MOD_)POLICYDB_VERSION_BOUNDARY
184  */
185 #define TYPEDATUM_PROPERTY_PRIMARY	0x0001
186 #define TYPEDATUM_PROPERTY_ATTRIBUTE	0x0002
187 #define TYPEDATUM_PROPERTY_ALIAS	0x0004	/* userspace only */
188 #define TYPEDATUM_PROPERTY_PERMISSIVE	0x0008	/* userspace only */
189 
190 /* User attributes */
191 typedef struct user_datum {
192 	symtab_datum_t s;
193 	role_set_t roles;	/* set of authorized roles for user */
194 	mls_semantic_range_t range;	/* MLS range (min. - max.) for user */
195 	mls_semantic_level_t dfltlevel;	/* default login MLS level for user */
196 	ebitmap_t cache;	/* This is an expanded set used for context validation during parsing */
197 	mls_range_t exp_range;     /* expanded range used for validation */
198 	mls_level_t exp_dfltlevel; /* expanded range used for validation */
199 	uint32_t bounds;	/* bounds user, if exist */
200 } user_datum_t;
201 
202 /* Sensitivity attributes */
203 typedef struct level_datum {
204 	mls_level_t *level;	/* sensitivity and associated categories */
205 	unsigned char isalias;	/* is this sensitivity an alias for another? */
206 	unsigned char defined;
207 } level_datum_t;
208 
209 /* Category attributes */
210 typedef struct cat_datum {
211 	symtab_datum_t s;
212 	unsigned char isalias;	/* is this category an alias for another? */
213 } cat_datum_t;
214 
215 typedef struct range_trans {
216 	uint32_t source_type;
217 	uint32_t target_type;
218 	uint32_t target_class;
219 	mls_range_t target_range;
220 	struct range_trans *next;
221 } range_trans_t;
222 
223 /* Boolean data type */
224 typedef struct cond_bool_datum {
225 	symtab_datum_t s;
226 	int state;
227 #define COND_BOOL_FLAGS_TUNABLE	0x01	/* is this a tunable? */
228 	uint32_t flags;
229 } cond_bool_datum_t;
230 
231 struct cond_node;
232 
233 typedef struct cond_node cond_list_t;
234 struct cond_av_list;
235 
236 typedef struct class_perm_node {
237 	uint32_t class;
238 	uint32_t data;		/* permissions or new type */
239 	struct class_perm_node *next;
240 } class_perm_node_t;
241 
242 typedef struct avrule {
243 /* these typedefs are almost exactly the same as those in avtab.h - they are
244  * here because of the need to include neverallow and dontaudit messages */
245 #define AVRULE_ALLOWED     1
246 #define AVRULE_AUDITALLOW  2
247 #define AVRULE_AUDITDENY   4
248 #define AVRULE_DONTAUDIT   8
249 #define AVRULE_NEVERALLOW 128
250 #define AVRULE_AV         (AVRULE_ALLOWED | AVRULE_AUDITALLOW | AVRULE_AUDITDENY | AVRULE_DONTAUDIT | AVRULE_NEVERALLOW)
251 #define AVRULE_TRANSITION 16
252 #define AVRULE_MEMBER     32
253 #define AVRULE_CHANGE     64
254 #define AVRULE_TYPE       (AVRULE_TRANSITION | AVRULE_MEMBER | AVRULE_CHANGE)
255 	uint32_t specified;
256 #define RULE_SELF 1
257 	uint32_t flags;
258 	type_set_t stypes;
259 	type_set_t ttypes;
260 	class_perm_node_t *perms;
261 	unsigned long line;	/* line number from policy.conf where
262 				 * this rule originated  */
263 	struct avrule *next;
264 } avrule_t;
265 
266 typedef struct role_trans_rule {
267 	role_set_t roles;	/* current role */
268 	type_set_t types;	/* program executable type, or new object type */
269 	ebitmap_t classes;	/* process class, or new object class */
270 	uint32_t new_role;	/* new role */
271 	struct role_trans_rule *next;
272 } role_trans_rule_t;
273 
274 typedef struct role_allow_rule {
275 	role_set_t roles;	/* current role */
276 	role_set_t new_roles;	/* new roles */
277 	struct role_allow_rule *next;
278 } role_allow_rule_t;
279 
280 typedef struct filename_trans_rule {
281 	type_set_t stypes;
282 	type_set_t ttypes;
283 	uint32_t tclass;
284 	char *name;
285 	uint32_t otype;	/* new type */
286 	struct filename_trans_rule *next;
287 } filename_trans_rule_t;
288 
289 typedef struct range_trans_rule {
290 	type_set_t stypes;
291 	type_set_t ttypes;
292 	ebitmap_t tclasses;
293 	mls_semantic_range_t trange;
294 	struct range_trans_rule *next;
295 } range_trans_rule_t;
296 
297 /*
298  * The configuration data includes security contexts for
299  * initial SIDs, unlabeled file systems, TCP and UDP port numbers,
300  * network interfaces, and nodes.  This structure stores the
301  * relevant data for one such entry.  Entries of the same kind
302  * (e.g. all initial SIDs) are linked together into a list.
303  */
304 typedef struct ocontext {
305 	union {
306 		char *name;	/* name of initial SID, fs, netif, fstype, path */
307 		struct {
308 			uint8_t protocol;
309 			uint16_t low_port;
310 			uint16_t high_port;
311 		} port;		/* TCP or UDP port information */
312 		struct {
313 			uint32_t addr; /* network order */
314 			uint32_t mask; /* network order */
315 		} node;		/* node information */
316 		struct {
317 			uint32_t addr[4]; /* network order */
318 			uint32_t mask[4]; /* network order */
319 		} node6;	/* IPv6 node information */
320 		uint32_t device;
321 		uint16_t pirq;
322 		struct {
323 			uint32_t low_iomem;
324 			uint32_t high_iomem;
325 		} iomem;
326 		struct {
327 			uint32_t low_ioport;
328 			uint32_t high_ioport;
329 		} ioport;
330 	} u;
331 	union {
332 		uint32_t sclass;	/* security class for genfs */
333 		uint32_t behavior;	/* labeling behavior for fs_use */
334 	} v;
335 	context_struct_t context[2];	/* security context(s) */
336 	sepol_security_id_t sid[2];	/* SID(s) */
337 	struct ocontext *next;
338 } ocontext_t;
339 
340 typedef struct genfs {
341 	char *fstype;
342 	struct ocontext *head;
343 	struct genfs *next;
344 } genfs_t;
345 
346 /* symbol table array indices */
347 #define SYM_COMMONS 0
348 #define SYM_CLASSES 1
349 #define SYM_ROLES   2
350 #define SYM_TYPES   3
351 #define SYM_USERS   4
352 #define SYM_BOOLS   5
353 #define SYM_LEVELS  6
354 #define SYM_CATS    7
355 #define SYM_NUM     8
356 
357 /* object context array indices */
358 #define OCON_ISID  0		/* initial SIDs */
359 #define OCON_FS    1		/* unlabeled file systems */
360 #define OCON_PORT  2		/* TCP and UDP port numbers */
361 #define OCON_NETIF 3		/* network interfaces */
362 #define OCON_NODE  4		/* nodes */
363 #define OCON_FSUSE 5		/* fs_use */
364 #define OCON_NODE6 6		/* IPv6 nodes */
365 #define OCON_GENFS 7            /* needed for ocontext_supported */
366 
367 /* object context array indices for Xen */
368 #define OCON_XEN_ISID  	    0    /* initial SIDs */
369 #define OCON_XEN_PIRQ       1    /* physical irqs */
370 #define OCON_XEN_IOPORT     2    /* io ports */
371 #define OCON_XEN_IOMEM	    3    /* io memory */
372 #define OCON_XEN_PCIDEVICE  4    /* pci devices */
373 
374 /* OCON_NUM needs to be the largest index in any platform's ocontext array */
375 #define OCON_NUM   7
376 
377 /* section: module information */
378 
379 /* scope_index_t holds all of the symbols that are in scope in a
380  * particular situation.  The bitmaps are indices (and thus must
381  * subtract one) into the global policydb->scope array. */
382 typedef struct scope_index {
383 	ebitmap_t scope[SYM_NUM];
384 #define p_classes_scope scope[SYM_CLASSES]
385 #define p_roles_scope scope[SYM_ROLES]
386 #define p_types_scope scope[SYM_TYPES]
387 #define p_users_scope scope[SYM_USERS]
388 #define p_bools_scope scope[SYM_BOOLS]
389 #define p_sens_scope scope[SYM_LEVELS]
390 #define p_cat_scope scope[SYM_CATS]
391 
392 	/* this array maps from class->value to the permissions within
393 	 * scope.  if bit (perm->value - 1) is set in map
394 	 * class_perms_map[class->value - 1] then that permission is
395 	 * enabled for this class within this decl.  */
396 	ebitmap_t *class_perms_map;
397 	/* total number of classes in class_perms_map array */
398 	uint32_t class_perms_len;
399 } scope_index_t;
400 
401 /* a list of declarations for a particular avrule_decl */
402 
403 /* These two structs declare a block of policy that has TE and RBAC
404  * statements and declarations.  The root block (the global policy)
405  * can never have an ELSE branch. */
406 typedef struct avrule_decl {
407 	uint32_t decl_id;
408 	uint32_t enabled;	/* whether this block is enabled */
409 
410 	cond_list_t *cond_list;
411 	avrule_t *avrules;
412 	role_trans_rule_t *role_tr_rules;
413 	role_allow_rule_t *role_allow_rules;
414 	range_trans_rule_t *range_tr_rules;
415 	scope_index_t required;	/* symbols needed to activate this block */
416 	scope_index_t declared;	/* symbols declared within this block */
417 
418 	/* type transition rules with a 'name' component */
419 	filename_trans_rule_t *filename_trans_rules;
420 
421 	/* for additive statements (type attribute, roles, and users) */
422 	symtab_t symtab[SYM_NUM];
423 
424 	/* In a linked module this will contain the name of the module
425 	 * from which this avrule_decl originated. */
426 	char *module_name;
427 
428 	struct avrule_decl *next;
429 } avrule_decl_t;
430 
431 typedef struct avrule_block {
432 	avrule_decl_t *branch_list;
433 	avrule_decl_t *enabled;	/* pointer to which branch is enabled.  this is
434 				   used in linking and never written to disk */
435 #define AVRULE_OPTIONAL 1
436 	uint32_t flags;		/* any flags for this block, currently just optional */
437 	struct avrule_block *next;
438 } avrule_block_t;
439 
440 /* Every identifier has its own scope datum.  The datum describes if
441  * the item is to be included into the final policy during
442  * expansion. */
443 typedef struct scope_datum {
444 /* Required for this decl */
445 #define SCOPE_REQ  1
446 /* Declared in this decl */
447 #define SCOPE_DECL 2
448 	uint32_t scope;
449 	uint32_t *decl_ids;
450 	uint32_t decl_ids_len;
451 	/* decl_ids is a list of avrule_decl's that declare/require
452 	 * this symbol.  If scope==SCOPE_DECL then this is a list of
453 	 * declarations.  If the symbol may only be declared once
454 	 * (types, bools) then decl_ids_len will be exactly 1.  For
455 	 * implicitly declared things (roles, users) then decl_ids_len
456 	 * will be at least 1. */
457 } scope_datum_t;
458 
459 /* The policy database */
460 typedef struct policydb {
461 #define POLICY_KERN SEPOL_POLICY_KERN
462 #define POLICY_BASE SEPOL_POLICY_BASE
463 #define POLICY_MOD SEPOL_POLICY_MOD
464 	uint32_t policy_type;
465 	char *name;
466 	char *version;
467 	int  target_platform;
468 
469 	/* Set when the policydb is modified such that writing is unsupported */
470 	int unsupported_format;
471 
472 	/* Whether this policydb is mls, should always be set */
473 	int mls;
474 
475 	/* symbol tables */
476 	symtab_t symtab[SYM_NUM];
477 #define p_commons symtab[SYM_COMMONS]
478 #define p_classes symtab[SYM_CLASSES]
479 #define p_roles symtab[SYM_ROLES]
480 #define p_types symtab[SYM_TYPES]
481 #define p_users symtab[SYM_USERS]
482 #define p_bools symtab[SYM_BOOLS]
483 #define p_levels symtab[SYM_LEVELS]
484 #define p_cats symtab[SYM_CATS]
485 
486 	/* symbol names indexed by (value - 1) */
487 	char **sym_val_to_name[SYM_NUM];
488 #define p_common_val_to_name sym_val_to_name[SYM_COMMONS]
489 #define p_class_val_to_name sym_val_to_name[SYM_CLASSES]
490 #define p_role_val_to_name sym_val_to_name[SYM_ROLES]
491 #define p_type_val_to_name sym_val_to_name[SYM_TYPES]
492 #define p_user_val_to_name sym_val_to_name[SYM_USERS]
493 #define p_bool_val_to_name sym_val_to_name[SYM_BOOLS]
494 #define p_sens_val_to_name sym_val_to_name[SYM_LEVELS]
495 #define p_cat_val_to_name sym_val_to_name[SYM_CATS]
496 
497 	/* class, role, and user attributes indexed by (value - 1) */
498 	class_datum_t **class_val_to_struct;
499 	role_datum_t **role_val_to_struct;
500 	user_datum_t **user_val_to_struct;
501 	type_datum_t **type_val_to_struct;
502 
503 	/* module stuff section -- used in parsing and for modules */
504 
505 	/* keep track of the scope for every identifier.  these are
506 	 * hash tables, where the key is the identifier name and value
507 	 * a scope_datum_t.  as a convenience, one may use the
508 	 * p_*_macros (cf. struct scope_index_t declaration). */
509 	symtab_t scope[SYM_NUM];
510 
511 	/* module rule storage */
512 	avrule_block_t *global;
513 	/* avrule_decl index used for link/expand */
514 	avrule_decl_t **decl_val_to_struct;
515 
516 	/* compiled storage of rules - use for the kernel policy */
517 
518 	/* type enforcement access vectors and transitions */
519 	avtab_t te_avtab;
520 
521 	/* bools indexed by (value - 1) */
522 	cond_bool_datum_t **bool_val_to_struct;
523 	/* type enforcement conditional access vectors and transitions */
524 	avtab_t te_cond_avtab;
525 	/* linked list indexing te_cond_avtab by conditional */
526 	cond_list_t *cond_list;
527 
528 	/* role transitions */
529 	role_trans_t *role_tr;
530 
531 	/* type transition rules with a 'name' component */
532 	filename_trans_t *filename_trans;
533 
534 	/* role allows */
535 	role_allow_t *role_allow;
536 
537 	/* security contexts of initial SIDs, unlabeled file systems,
538 	   TCP or UDP port numbers, network interfaces and nodes */
539 	ocontext_t *ocontexts[OCON_NUM];
540 
541 	/* security contexts for files in filesystems that cannot support
542 	   a persistent label mapping or use another
543 	   fixed labeling behavior. */
544 	genfs_t *genfs;
545 
546 	/* range transitions */
547 	range_trans_t *range_tr;
548 
549 	ebitmap_t *type_attr_map;
550 
551 	ebitmap_t *attr_type_map;	/* not saved in the binary policy */
552 
553 	ebitmap_t policycaps;
554 
555 	/* this bitmap is referenced by type NOT the typical type-1 used in other
556 	   bitmaps.  Someday the 0 bit may be used for global permissive */
557 	ebitmap_t permissive_map;
558 
559 	unsigned policyvers;
560 
561 	unsigned handle_unknown;
562 } policydb_t;
563 
564 struct sepol_policydb {
565 	struct policydb p;
566 };
567 
568 extern int policydb_init(policydb_t * p);
569 
570 extern int policydb_from_image(sepol_handle_t * handle,
571 			       void *data, size_t len, policydb_t * policydb);
572 
573 extern int policydb_to_image(sepol_handle_t * handle,
574 			     policydb_t * policydb, void **newdata,
575 			     size_t * newlen);
576 
577 extern int policydb_index_classes(policydb_t * p);
578 
579 extern int policydb_index_bools(policydb_t * p);
580 
581 extern int policydb_index_others(sepol_handle_t * handle, policydb_t * p,
582 				 unsigned int verbose);
583 
584 extern int policydb_reindex_users(policydb_t * p);
585 
586 extern void policydb_destroy(policydb_t * p);
587 
588 extern int policydb_load_isids(policydb_t * p, sidtab_t * s);
589 
590 /* Deprecated */
591 extern int policydb_context_isvalid(const policydb_t * p,
592 				    const context_struct_t * c);
593 
594 extern void symtabs_destroy(symtab_t * symtab);
595 extern int scope_destroy(hashtab_key_t key, hashtab_datum_t datum, void *p);
596 typedef void (*hashtab_destroy_func_t) (hashtab_key_t k, hashtab_datum_t d,
597 					void *args);
598 extern hashtab_destroy_func_t get_symtab_destroy_func(int sym_num);
599 
600 extern void class_perm_node_init(class_perm_node_t * x);
601 extern void type_set_init(type_set_t * x);
602 extern void type_set_destroy(type_set_t * x);
603 extern int type_set_cpy(type_set_t * dst, type_set_t * src);
604 extern int type_set_or_eq(type_set_t * dst, type_set_t * other);
605 extern void role_set_init(role_set_t * x);
606 extern void role_set_destroy(role_set_t * x);
607 extern void avrule_init(avrule_t * x);
608 extern void avrule_destroy(avrule_t * x);
609 extern void avrule_list_destroy(avrule_t * x);
610 extern void role_trans_rule_init(role_trans_rule_t * x);
611 extern void role_trans_rule_list_destroy(role_trans_rule_t * x);
612 extern void filename_trans_rule_init(filename_trans_rule_t * x);
613 extern void filename_trans_rule_list_destroy(filename_trans_rule_t * x);
614 
615 extern void role_datum_init(role_datum_t * x);
616 extern void role_datum_destroy(role_datum_t * x);
617 extern void role_allow_rule_init(role_allow_rule_t * x);
618 extern void role_allow_rule_destroy(role_allow_rule_t * x);
619 extern void role_allow_rule_list_destroy(role_allow_rule_t * x);
620 extern void range_trans_rule_init(range_trans_rule_t *x);
621 extern void range_trans_rule_destroy(range_trans_rule_t *x);
622 extern void range_trans_rule_list_destroy(range_trans_rule_t *x);
623 extern void type_datum_init(type_datum_t * x);
624 extern void type_datum_destroy(type_datum_t * x);
625 extern void user_datum_init(user_datum_t * x);
626 extern void user_datum_destroy(user_datum_t * x);
627 extern void level_datum_init(level_datum_t * x);
628 extern void level_datum_destroy(level_datum_t * x);
629 extern void cat_datum_init(cat_datum_t * x);
630 extern void cat_datum_destroy(cat_datum_t * x);
631 
632 extern int check_assertions(sepol_handle_t * handle,
633 			    policydb_t * p, avrule_t * avrules);
634 
635 extern int symtab_insert(policydb_t * x, uint32_t sym,
636 			 hashtab_key_t key, hashtab_datum_t datum,
637 			 uint32_t scope, uint32_t avrule_decl_id,
638 			 uint32_t * value);
639 
640 /* A policy "file" may be a memory region referenced by a (data, len) pair
641    or a file referenced by a FILE pointer. */
642 typedef struct policy_file {
643 #define PF_USE_MEMORY  0
644 #define PF_USE_STDIO   1
645 #define PF_LEN         2	/* total up length in len field */
646 	unsigned type;
647 	char *data;
648 	size_t len;
649 	size_t size;
650 	FILE *fp;
651 	struct sepol_handle *handle;
652 } policy_file_t;
653 
654 struct sepol_policy_file {
655 	struct policy_file pf;
656 };
657 
658 extern void policy_file_init(policy_file_t * x);
659 
660 extern int policydb_read(policydb_t * p, struct policy_file *fp,
661 			 unsigned int verbose);
662 extern int avrule_read_list(policydb_t * p, avrule_t ** avrules,
663 			    struct policy_file *fp);
664 
665 extern int policydb_write(struct policydb *p, struct policy_file *pf);
666 extern int policydb_set_target_platform(policydb_t *p, int platform);
667 
668 #define PERM_SYMTAB_SIZE 32
669 
670 /* Identify specific policy version changes */
671 #define POLICYDB_VERSION_BASE		15
672 #define POLICYDB_VERSION_BOOL		16
673 #define POLICYDB_VERSION_IPV6		17
674 #define POLICYDB_VERSION_NLCLASS	18
675 #define POLICYDB_VERSION_VALIDATETRANS	19
676 #define POLICYDB_VERSION_MLS		19
677 #define POLICYDB_VERSION_AVTAB		20
678 #define POLICYDB_VERSION_RANGETRANS	21
679 #define POLICYDB_VERSION_POLCAP		22
680 #define POLICYDB_VERSION_PERMISSIVE	23
681 #define POLICYDB_VERSION_BOUNDARY	24
682 #define POLICYDB_VERSION_FILENAME_TRANS	25
683 #define POLICYDB_VERSION_ROLETRANS	26
684 #define POLICYDB_VERSION_NEW_OBJECT_DEFAULTS	27
685 #define POLICYDB_VERSION_DEFAULT_TYPE	28
686 #define POLICYDB_VERSION_CONSTRAINT_NAMES	29
687 
688 /* Range of policy versions we understand*/
689 #define POLICYDB_VERSION_MIN	POLICYDB_VERSION_BASE
690 #define POLICYDB_VERSION_MAX	POLICYDB_VERSION_CONSTRAINT_NAMES
691 
692 /* Module versions and specific changes*/
693 #define MOD_POLICYDB_VERSION_BASE		4
694 #define MOD_POLICYDB_VERSION_VALIDATETRANS	5
695 #define MOD_POLICYDB_VERSION_MLS		5
696 #define MOD_POLICYDB_VERSION_RANGETRANS 	6
697 #define MOD_POLICYDB_VERSION_MLS_USERS		6
698 #define MOD_POLICYDB_VERSION_POLCAP		7
699 #define MOD_POLICYDB_VERSION_PERMISSIVE		8
700 #define MOD_POLICYDB_VERSION_BOUNDARY		9
701 #define MOD_POLICYDB_VERSION_BOUNDARY_ALIAS	10
702 #define MOD_POLICYDB_VERSION_FILENAME_TRANS	11
703 #define MOD_POLICYDB_VERSION_ROLETRANS		12
704 #define MOD_POLICYDB_VERSION_ROLEATTRIB		13
705 #define MOD_POLICYDB_VERSION_TUNABLE_SEP	14
706 #define MOD_POLICYDB_VERSION_NEW_OBJECT_DEFAULTS	15
707 #define MOD_POLICYDB_VERSION_DEFAULT_TYPE	16
708 #define MOD_POLICYDB_VERSION_CONSTRAINT_NAMES  17
709 
710 #define MOD_POLICYDB_VERSION_MIN MOD_POLICYDB_VERSION_BASE
711 #define MOD_POLICYDB_VERSION_MAX MOD_POLICYDB_VERSION_CONSTRAINT_NAMES
712 
713 #define POLICYDB_CONFIG_MLS    1
714 
715 /* macros to check policy feature */
716 
717 /* TODO: add other features here */
718 
719 #define policydb_has_boundary_feature(p)			\
720 	(((p)->policy_type == POLICY_KERN			\
721 	  && p->policyvers >= POLICYDB_VERSION_BOUNDARY) ||	\
722 	 ((p)->policy_type != POLICY_KERN			\
723 	  && p->policyvers >= MOD_POLICYDB_VERSION_BOUNDARY))
724 
725 /* the config flags related to unknown classes/perms are bits 2 and 3 */
726 #define DENY_UNKNOWN	SEPOL_DENY_UNKNOWN
727 #define REJECT_UNKNOWN	SEPOL_REJECT_UNKNOWN
728 #define ALLOW_UNKNOWN 	SEPOL_ALLOW_UNKNOWN
729 
730 #define POLICYDB_CONFIG_UNKNOWN_MASK	(DENY_UNKNOWN | REJECT_UNKNOWN | ALLOW_UNKNOWN)
731 
732 #define OBJECT_R "object_r"
733 #define OBJECT_R_VAL 1
734 
735 #define POLICYDB_MAGIC SELINUX_MAGIC
736 #define POLICYDB_STRING "SE Linux"
737 #define POLICYDB_XEN_STRING "XenFlask"
738 #define POLICYDB_STRING_MAX_LENGTH 32
739 #define POLICYDB_MOD_MAGIC SELINUX_MOD_MAGIC
740 #define POLICYDB_MOD_STRING "SE Linux Module"
741 #define SEPOL_TARGET_SELINUX 0
742 #define SEPOL_TARGET_XEN     1
743 
744 
745 #endif				/* _POLICYDB_H_ */
746 
747 /* FLASK */
748