• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /* Author : Stephen Smalley, <sds@epoch.ncsc.mil> */
2 
3 /*
4  * Updated: Joshua Brindle <jbrindle@tresys.com>
5  *	    Karl MacMillan <kmacmillan@tresys.com>
6  *	    Jason Tang <jtang@tresys.com>
7  *
8  *	Module support
9  *
10  * Updated: Trusted Computer Solutions, Inc. <dgoeddel@trustedcs.com>
11  *
12  *	Support for enhanced MLS infrastructure.
13  *
14  * Updated: Frank Mayer <mayerf@tresys.com> and Karl MacMillan <kmacmillan@tresys.com>
15  *
16  * 	Added conditional policy language extensions
17  *
18  * Updated: Red Hat, Inc.  James Morris <jmorris@redhat.com>
19  *
20  *      Fine-grained netlink support
21  *      IPv6 support
22  *      Code cleanup
23  *
24  * Copyright (C) 2004-2005 Trusted Computer Solutions, Inc.
25  * Copyright (C) 2003 - 2004 Tresys Technology, LLC
26  * Copyright (C) 2003 - 2004 Red Hat, Inc.
27  *
28  *  This library is free software; you can redistribute it and/or
29  *  modify it under the terms of the GNU Lesser General Public
30  *  License as published by the Free Software Foundation; either
31  *  version 2.1 of the License, or (at your option) any later version.
32  *
33  *  This library is distributed in the hope that it will be useful,
34  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
35  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
36  *  Lesser General Public License for more details.
37  *
38  *  You should have received a copy of the GNU Lesser General Public
39  *  License along with this library; if not, write to the Free Software
40  *  Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
41  */
42 
43 /* FLASK */
44 
45 /*
46  * A policy database (policydb) specifies the
47  * configuration data for the security policy.
48  */
49 
50 #ifndef _SEPOL_POLICYDB_POLICYDB_H_
51 #define _SEPOL_POLICYDB_POLICYDB_H_
52 
53 #include <stdio.h>
54 #include <stddef.h>
55 
56 #include <sepol/policydb.h>
57 
58 #include <sepol/policydb/flask_types.h>
59 #include <sepol/policydb/symtab.h>
60 #include <sepol/policydb/avtab.h>
61 #include <sepol/policydb/context.h>
62 #include <sepol/policydb/constraint.h>
63 #include <sepol/policydb/sidtab.h>
64 
65 #define ERRMSG_LEN 1024
66 
67 #define POLICYDB_SUCCESS      0
68 #define POLICYDB_ERROR       -1
69 #define POLICYDB_UNSUPPORTED -2
70 
71 #ifdef __cplusplus
72 extern "C" {
73 #endif
74 
75 /*
76  * A datum type is defined for each kind of symbol
77  * in the configuration data:  individual permissions,
78  * common prefixes for access vectors, classes,
79  * users, roles, types, sensitivities, categories, etc.
80  */
81 
82 /* type set preserves data needed by modules such as *, ~ and attributes */
83 typedef struct type_set {
84 	ebitmap_t types;
85 	ebitmap_t negset;
86 #define TYPE_STAR 1
87 #define TYPE_COMP 2
88 	uint32_t flags;
89 } type_set_t;
90 
91 typedef struct role_set {
92 	ebitmap_t roles;
93 #define ROLE_STAR 1
94 #define ROLE_COMP 2
95 	uint32_t flags;
96 } role_set_t;
97 
98 /* Permission attributes */
99 typedef struct perm_datum {
100 	symtab_datum_t s;
101 } perm_datum_t;
102 
103 /* Attributes of a common prefix for access vectors */
104 typedef struct common_datum {
105 	symtab_datum_t s;
106 	symtab_t permissions;	/* common permissions */
107 } common_datum_t;
108 
109 /* Class attributes */
110 typedef struct class_datum {
111 	symtab_datum_t s;
112 	char *comkey;		/* common name */
113 	common_datum_t *comdatum;	/* common datum */
114 	symtab_t permissions;	/* class-specific permission symbol table */
115 	constraint_node_t *constraints;	/* constraints on class permissions */
116 	constraint_node_t *validatetrans;	/* special transition rules */
117 /* Options how a new object user and role should be decided */
118 #define DEFAULT_SOURCE		1
119 #define DEFAULT_TARGET		2
120 	char default_user;
121 	char default_role;
122 	char default_type;
123 /* Options how a new object range should be decided */
124 #define DEFAULT_SOURCE_LOW	1
125 #define DEFAULT_SOURCE_HIGH	2
126 #define DEFAULT_SOURCE_LOW_HIGH	3
127 #define DEFAULT_TARGET_LOW	4
128 #define DEFAULT_TARGET_HIGH	5
129 #define DEFAULT_TARGET_LOW_HIGH	6
130 	char default_range;
131 } class_datum_t;
132 
133 /* Role attributes */
134 typedef struct role_datum {
135 	symtab_datum_t s;
136 	ebitmap_t dominates;	/* set of roles dominated by this role */
137 	type_set_t types;	/* set of authorized types for role */
138 	ebitmap_t cache;	/* This is an expanded set used for context validation during parsing */
139 	uint32_t bounds;	/* bounds role, if exist */
140 #define ROLE_ROLE 0		/* regular role in kernel policies */
141 #define ROLE_ATTRIB 1		/* attribute */
142 	uint32_t flavor;
143 	ebitmap_t roles;	/* roles with this attribute */
144 } role_datum_t;
145 
146 typedef struct role_trans {
147 	uint32_t role;		/* current role */
148 	uint32_t type;		/* program executable type, or new object type */
149 	uint32_t tclass;	/* process class, or new object class */
150 	uint32_t new_role;	/* new role */
151 	struct role_trans *next;
152 } role_trans_t;
153 
154 typedef struct role_allow {
155 	uint32_t role;		/* current role */
156 	uint32_t new_role;	/* new role */
157 	struct role_allow *next;
158 } role_allow_t;
159 
160 /* filename_trans rules */
161 typedef struct filename_trans {
162 	uint32_t stype;
163 	uint32_t ttype;
164 	uint32_t tclass;
165 	char *name;
166 } filename_trans_t;
167 
168 typedef struct filename_trans_datum {
169 	uint32_t otype;		/* expected of new object */
170 } filename_trans_datum_t;
171 
172 /* Type attributes */
173 typedef struct type_datum {
174 	symtab_datum_t s;
175 	uint32_t primary;	/* primary name? can be set to primary value if below is TYPE_ */
176 #define TYPE_TYPE 0		/* regular type or alias in kernel policies */
177 #define TYPE_ATTRIB 1		/* attribute */
178 #define TYPE_ALIAS 2		/* alias in modular policy */
179 	uint32_t flavor;
180 	ebitmap_t types;	/* types with this attribute */
181 #define TYPE_FLAGS_PERMISSIVE		(1 << 0)
182 #define TYPE_FLAGS_EXPAND_ATTR_TRUE	(1 << 1)
183 #define TYPE_FLAGS_EXPAND_ATTR_FALSE	(1 << 2)
184 #define TYPE_FLAGS_EXPAND_ATTR (TYPE_FLAGS_EXPAND_ATTR_TRUE | \
185 				TYPE_FLAGS_EXPAND_ATTR_FALSE)
186 	uint32_t flags;
187 	uint32_t bounds;	/* bounds type, if exist */
188 } type_datum_t;
189 
190 /*
191  * Properties of type_datum
192  * available on the policy version >= (MOD_)POLICYDB_VERSION_BOUNDARY
193  */
194 #define TYPEDATUM_PROPERTY_PRIMARY	0x0001
195 #define TYPEDATUM_PROPERTY_ATTRIBUTE	0x0002
196 #define TYPEDATUM_PROPERTY_ALIAS	0x0004	/* userspace only */
197 #define TYPEDATUM_PROPERTY_PERMISSIVE	0x0008	/* userspace only */
198 
199 /* User attributes */
200 typedef struct user_datum {
201 	symtab_datum_t s;
202 	role_set_t roles;	/* set of authorized roles for user */
203 	mls_semantic_range_t range;	/* MLS range (min. - max.) for user */
204 	mls_semantic_level_t dfltlevel;	/* default login MLS level for user */
205 	ebitmap_t cache;	/* This is an expanded set used for context validation during parsing */
206 	mls_range_t exp_range;     /* expanded range used for validation */
207 	mls_level_t exp_dfltlevel; /* expanded range used for validation */
208 	uint32_t bounds;	/* bounds user, if exist */
209 } user_datum_t;
210 
211 /* Sensitivity attributes */
212 typedef struct level_datum {
213 	mls_level_t *level;	/* sensitivity and associated categories */
214 	unsigned char isalias;	/* is this sensitivity an alias for another? */
215 	unsigned char defined;
216 } level_datum_t;
217 
218 /* Category attributes */
219 typedef struct cat_datum {
220 	symtab_datum_t s;
221 	unsigned char isalias;	/* is this category an alias for another? */
222 } cat_datum_t;
223 
224 typedef struct range_trans {
225 	uint32_t source_type;
226 	uint32_t target_type;
227 	uint32_t target_class;
228 } range_trans_t;
229 
230 /* Boolean data type */
231 typedef struct cond_bool_datum {
232 	symtab_datum_t s;
233 	int state;
234 #define COND_BOOL_FLAGS_TUNABLE	0x01	/* is this a tunable? */
235 	uint32_t flags;
236 } cond_bool_datum_t;
237 
238 struct cond_node;
239 
240 typedef struct cond_node cond_list_t;
241 struct cond_av_list;
242 
243 typedef struct class_perm_node {
244 	uint32_t tclass;
245 	uint32_t data;		/* permissions or new type */
246 	struct class_perm_node *next;
247 } class_perm_node_t;
248 
249 #define xperm_test(x, p) (1 & (p[x >> 5] >> (x & 0x1f)))
250 #define xperm_set(x, p) (p[x >> 5] |= (1 << (x & 0x1f)))
251 #define xperm_clear(x, p) (p[x >> 5] &= ~(1 << (x & 0x1f)))
252 #define EXTENDED_PERMS_LEN 8
253 
254 typedef struct av_extended_perms {
255 #define AVRULE_XPERMS_IOCTLFUNCTION	0x01
256 #define AVRULE_XPERMS_IOCTLDRIVER	0x02
257 	uint8_t specified;
258 	uint8_t driver;
259 	/* 256 bits of permissions */
260 	uint32_t perms[EXTENDED_PERMS_LEN];
261 } av_extended_perms_t;
262 
263 typedef struct avrule {
264 /* these typedefs are almost exactly the same as those in avtab.h - they are
265  * here because of the need to include neverallow and dontaudit messages */
266 #define AVRULE_ALLOWED			AVTAB_ALLOWED
267 #define AVRULE_AUDITALLOW		AVTAB_AUDITALLOW
268 #define AVRULE_AUDITDENY		AVTAB_AUDITDENY
269 #define AVRULE_DONTAUDIT		0x0008
270 #define AVRULE_NEVERALLOW		AVTAB_NEVERALLOW
271 #define AVRULE_AV         (AVRULE_ALLOWED | AVRULE_AUDITALLOW | AVRULE_AUDITDENY | AVRULE_DONTAUDIT | AVRULE_NEVERALLOW)
272 #define AVRULE_TRANSITION		AVTAB_TRANSITION
273 #define AVRULE_MEMBER			AVTAB_MEMBER
274 #define AVRULE_CHANGE			AVTAB_CHANGE
275 #define AVRULE_TYPE       (AVRULE_TRANSITION | AVRULE_MEMBER | AVRULE_CHANGE)
276 #define AVRULE_XPERMS_ALLOWED 		AVTAB_XPERMS_ALLOWED
277 #define AVRULE_XPERMS_AUDITALLOW	AVTAB_XPERMS_AUDITALLOW
278 #define AVRULE_XPERMS_DONTAUDIT		AVTAB_XPERMS_DONTAUDIT
279 #define AVRULE_XPERMS_NEVERALLOW	AVTAB_XPERMS_NEVERALLOW
280 #define AVRULE_XPERMS	(AVRULE_XPERMS_ALLOWED | AVRULE_XPERMS_AUDITALLOW | \
281 				AVRULE_XPERMS_DONTAUDIT | AVRULE_XPERMS_NEVERALLOW)
282 	uint32_t specified;
283 #define RULE_SELF 1
284 	uint32_t flags;
285 	type_set_t stypes;
286 	type_set_t ttypes;
287 	class_perm_node_t *perms;
288 	av_extended_perms_t *xperms;
289 	unsigned long line;	/* line number from policy.conf where
290 				 * this rule originated  */
291 	/* source file name and line number (e.g. .te file) */
292 	char *source_filename;
293 	unsigned long source_line;
294 	struct avrule *next;
295 } avrule_t;
296 
297 typedef struct role_trans_rule {
298 	role_set_t roles;	/* current role */
299 	type_set_t types;	/* program executable type, or new object type */
300 	ebitmap_t classes;	/* process class, or new object class */
301 	uint32_t new_role;	/* new role */
302 	struct role_trans_rule *next;
303 } role_trans_rule_t;
304 
305 typedef struct role_allow_rule {
306 	role_set_t roles;	/* current role */
307 	role_set_t new_roles;	/* new roles */
308 	struct role_allow_rule *next;
309 } role_allow_rule_t;
310 
311 typedef struct filename_trans_rule {
312 	type_set_t stypes;
313 	type_set_t ttypes;
314 	uint32_t tclass;
315 	char *name;
316 	uint32_t otype;	/* new type */
317 	struct filename_trans_rule *next;
318 } filename_trans_rule_t;
319 
320 typedef struct range_trans_rule {
321 	type_set_t stypes;
322 	type_set_t ttypes;
323 	ebitmap_t tclasses;
324 	mls_semantic_range_t trange;
325 	struct range_trans_rule *next;
326 } range_trans_rule_t;
327 
328 /*
329  * The configuration data includes security contexts for
330  * initial SIDs, unlabeled file systems, TCP and UDP port numbers,
331  * network interfaces, and nodes.  This structure stores the
332  * relevant data for one such entry.  Entries of the same kind
333  * (e.g. all initial SIDs) are linked together into a list.
334  */
335 typedef struct ocontext {
336 	union {
337 		char *name;	/* name of initial SID, fs, netif, fstype, path */
338 		struct {
339 			uint8_t protocol;
340 			uint16_t low_port;
341 			uint16_t high_port;
342 		} port;		/* TCP or UDP port information */
343 		struct {
344 			uint32_t addr; /* network order */
345 			uint32_t mask; /* network order */
346 		} node;		/* node information */
347 		struct {
348 			uint32_t addr[4]; /* network order */
349 			uint32_t mask[4]; /* network order */
350 		} node6;	/* IPv6 node information */
351 		uint32_t device;
352 		uint16_t pirq;
353 		struct {
354 			uint64_t low_iomem;
355 			uint64_t high_iomem;
356 		} iomem;
357 		struct {
358 			uint32_t low_ioport;
359 			uint32_t high_ioport;
360 		} ioport;
361 	} u;
362 	union {
363 		uint32_t sclass;	/* security class for genfs */
364 		uint32_t behavior;	/* labeling behavior for fs_use */
365 	} v;
366 	context_struct_t context[2];	/* security context(s) */
367 	sepol_security_id_t sid[2];	/* SID(s) */
368 	struct ocontext *next;
369 } ocontext_t;
370 
371 typedef struct genfs {
372 	char *fstype;
373 	struct ocontext *head;
374 	struct genfs *next;
375 } genfs_t;
376 
377 /* symbol table array indices */
378 #define SYM_COMMONS 0
379 #define SYM_CLASSES 1
380 #define SYM_ROLES   2
381 #define SYM_TYPES   3
382 #define SYM_USERS   4
383 #define SYM_BOOLS   5
384 #define SYM_LEVELS  6
385 #define SYM_CATS    7
386 #define SYM_NUM     8
387 
388 /* object context array indices */
389 #define OCON_ISID  0		/* initial SIDs */
390 #define OCON_FS    1		/* unlabeled file systems */
391 #define OCON_PORT  2		/* TCP and UDP port numbers */
392 #define OCON_NETIF 3		/* network interfaces */
393 #define OCON_NODE  4		/* nodes */
394 #define OCON_FSUSE 5		/* fs_use */
395 #define OCON_NODE6 6		/* IPv6 nodes */
396 #define OCON_GENFS 7            /* needed for ocontext_supported */
397 
398 /* object context array indices for Xen */
399 #define OCON_XEN_ISID  	    0    /* initial SIDs */
400 #define OCON_XEN_PIRQ       1    /* physical irqs */
401 #define OCON_XEN_IOPORT     2    /* io ports */
402 #define OCON_XEN_IOMEM	    3    /* io memory */
403 #define OCON_XEN_PCIDEVICE  4    /* pci devices */
404 #define OCON_XEN_DEVICETREE 5    /* device tree node */
405 
406 /* OCON_NUM needs to be the largest index in any platform's ocontext array */
407 #define OCON_NUM   7
408 
409 /* section: module information */
410 
411 /* scope_index_t holds all of the symbols that are in scope in a
412  * particular situation.  The bitmaps are indices (and thus must
413  * subtract one) into the global policydb->scope array. */
414 typedef struct scope_index {
415 	ebitmap_t scope[SYM_NUM];
416 #define p_classes_scope scope[SYM_CLASSES]
417 #define p_roles_scope scope[SYM_ROLES]
418 #define p_types_scope scope[SYM_TYPES]
419 #define p_users_scope scope[SYM_USERS]
420 #define p_bools_scope scope[SYM_BOOLS]
421 #define p_sens_scope scope[SYM_LEVELS]
422 #define p_cat_scope scope[SYM_CATS]
423 
424 	/* this array maps from class->value to the permissions within
425 	 * scope.  if bit (perm->value - 1) is set in map
426 	 * class_perms_map[class->value - 1] then that permission is
427 	 * enabled for this class within this decl.  */
428 	ebitmap_t *class_perms_map;
429 	/* total number of classes in class_perms_map array */
430 	uint32_t class_perms_len;
431 } scope_index_t;
432 
433 /* a list of declarations for a particular avrule_decl */
434 
435 /* These two structs declare a block of policy that has TE and RBAC
436  * statements and declarations.  The root block (the global policy)
437  * can never have an ELSE branch. */
438 typedef struct avrule_decl {
439 	uint32_t decl_id;
440 	uint32_t enabled;	/* whether this block is enabled */
441 
442 	cond_list_t *cond_list;
443 	avrule_t *avrules;
444 	role_trans_rule_t *role_tr_rules;
445 	role_allow_rule_t *role_allow_rules;
446 	range_trans_rule_t *range_tr_rules;
447 	scope_index_t required;	/* symbols needed to activate this block */
448 	scope_index_t declared;	/* symbols declared within this block */
449 
450 	/* type transition rules with a 'name' component */
451 	filename_trans_rule_t *filename_trans_rules;
452 
453 	/* for additive statements (type attribute, roles, and users) */
454 	symtab_t symtab[SYM_NUM];
455 
456 	/* In a linked module this will contain the name of the module
457 	 * from which this avrule_decl originated. */
458 	char *module_name;
459 
460 	struct avrule_decl *next;
461 } avrule_decl_t;
462 
463 typedef struct avrule_block {
464 	avrule_decl_t *branch_list;
465 	avrule_decl_t *enabled;	/* pointer to which branch is enabled.  this is
466 				   used in linking and never written to disk */
467 #define AVRULE_OPTIONAL 1
468 	uint32_t flags;		/* any flags for this block, currently just optional */
469 	struct avrule_block *next;
470 } avrule_block_t;
471 
472 /* Every identifier has its own scope datum.  The datum describes if
473  * the item is to be included into the final policy during
474  * expansion. */
475 typedef struct scope_datum {
476 /* Required for this decl */
477 #define SCOPE_REQ  1
478 /* Declared in this decl */
479 #define SCOPE_DECL 2
480 	uint32_t scope;
481 	uint32_t *decl_ids;
482 	uint32_t decl_ids_len;
483 	/* decl_ids is a list of avrule_decl's that declare/require
484 	 * this symbol.  If scope==SCOPE_DECL then this is a list of
485 	 * declarations.  If the symbol may only be declared once
486 	 * (types, bools) then decl_ids_len will be exactly 1.  For
487 	 * implicitly declared things (roles, users) then decl_ids_len
488 	 * will be at least 1. */
489 } scope_datum_t;
490 
491 /* The policy database */
492 typedef struct policydb {
493 #define POLICY_KERN SEPOL_POLICY_KERN
494 #define POLICY_BASE SEPOL_POLICY_BASE
495 #define POLICY_MOD SEPOL_POLICY_MOD
496 	uint32_t policy_type;
497 	char *name;
498 	char *version;
499 	int  target_platform;
500 
501 	/* Set when the policydb is modified such that writing is unsupported */
502 	int unsupported_format;
503 
504 	/* Whether this policydb is mls, should always be set */
505 	int mls;
506 
507 	/* symbol tables */
508 	symtab_t symtab[SYM_NUM];
509 #define p_commons symtab[SYM_COMMONS]
510 #define p_classes symtab[SYM_CLASSES]
511 #define p_roles symtab[SYM_ROLES]
512 #define p_types symtab[SYM_TYPES]
513 #define p_users symtab[SYM_USERS]
514 #define p_bools symtab[SYM_BOOLS]
515 #define p_levels symtab[SYM_LEVELS]
516 #define p_cats symtab[SYM_CATS]
517 
518 	/* symbol names indexed by (value - 1) */
519 	char **sym_val_to_name[SYM_NUM];
520 #define p_common_val_to_name sym_val_to_name[SYM_COMMONS]
521 #define p_class_val_to_name sym_val_to_name[SYM_CLASSES]
522 #define p_role_val_to_name sym_val_to_name[SYM_ROLES]
523 #define p_type_val_to_name sym_val_to_name[SYM_TYPES]
524 #define p_user_val_to_name sym_val_to_name[SYM_USERS]
525 #define p_bool_val_to_name sym_val_to_name[SYM_BOOLS]
526 #define p_sens_val_to_name sym_val_to_name[SYM_LEVELS]
527 #define p_cat_val_to_name sym_val_to_name[SYM_CATS]
528 
529 	/* class, role, and user attributes indexed by (value - 1) */
530 	class_datum_t **class_val_to_struct;
531 	role_datum_t **role_val_to_struct;
532 	user_datum_t **user_val_to_struct;
533 	type_datum_t **type_val_to_struct;
534 
535 	/* module stuff section -- used in parsing and for modules */
536 
537 	/* keep track of the scope for every identifier.  these are
538 	 * hash tables, where the key is the identifier name and value
539 	 * a scope_datum_t.  as a convenience, one may use the
540 	 * p_*_macros (cf. struct scope_index_t declaration). */
541 	symtab_t scope[SYM_NUM];
542 
543 	/* module rule storage */
544 	avrule_block_t *global;
545 	/* avrule_decl index used for link/expand */
546 	avrule_decl_t **decl_val_to_struct;
547 
548 	/* compiled storage of rules - use for the kernel policy */
549 
550 	/* type enforcement access vectors and transitions */
551 	avtab_t te_avtab;
552 
553 	/* bools indexed by (value - 1) */
554 	cond_bool_datum_t **bool_val_to_struct;
555 	/* type enforcement conditional access vectors and transitions */
556 	avtab_t te_cond_avtab;
557 	/* linked list indexing te_cond_avtab by conditional */
558 	cond_list_t *cond_list;
559 
560 	/* role transitions */
561 	role_trans_t *role_tr;
562 
563 	/* role allows */
564 	role_allow_t *role_allow;
565 
566 	/* security contexts of initial SIDs, unlabeled file systems,
567 	   TCP or UDP port numbers, network interfaces and nodes */
568 	ocontext_t *ocontexts[OCON_NUM];
569 
570 	/* security contexts for files in filesystems that cannot support
571 	   a persistent label mapping or use another
572 	   fixed labeling behavior. */
573 	genfs_t *genfs;
574 
575 	/* range transitions table (range_trans_key -> mls_range) */
576 	hashtab_t range_tr;
577 
578 	/* file transitions with the last path component */
579 	hashtab_t filename_trans;
580 
581 	ebitmap_t *type_attr_map;
582 
583 	ebitmap_t *attr_type_map;	/* not saved in the binary policy */
584 
585 	ebitmap_t policycaps;
586 
587 	/* this bitmap is referenced by type NOT the typical type-1 used in other
588 	   bitmaps.  Someday the 0 bit may be used for global permissive */
589 	ebitmap_t permissive_map;
590 
591 	unsigned policyvers;
592 
593 	unsigned handle_unknown;
594 } policydb_t;
595 
596 struct sepol_policydb {
597 	struct policydb p;
598 };
599 
600 extern int policydb_init(policydb_t * p);
601 
602 extern int policydb_from_image(sepol_handle_t * handle,
603 			       void *data, size_t len, policydb_t * policydb);
604 
605 extern int policydb_to_image(sepol_handle_t * handle,
606 			     policydb_t * policydb, void **newdata,
607 			     size_t * newlen);
608 
609 extern int policydb_index_classes(policydb_t * p);
610 
611 extern int policydb_index_bools(policydb_t * p);
612 
613 extern int policydb_index_others(sepol_handle_t * handle, policydb_t * p,
614 				 unsigned int verbose);
615 
616 extern int policydb_role_cache(hashtab_key_t key,
617 			       hashtab_datum_t datum,
618 			       void *arg);
619 
620 extern int policydb_user_cache(hashtab_key_t key,
621 			       hashtab_datum_t datum,
622 			       void *arg);
623 
624 extern int policydb_reindex_users(policydb_t * p);
625 
626 extern void policydb_destroy(policydb_t * p);
627 
628 extern int policydb_load_isids(policydb_t * p, sidtab_t * s);
629 
630 /* Deprecated */
631 extern int policydb_context_isvalid(const policydb_t * p,
632 				    const context_struct_t * c);
633 
634 extern void symtabs_destroy(symtab_t * symtab);
635 extern int scope_destroy(hashtab_key_t key, hashtab_datum_t datum, void *p);
636 typedef void (*hashtab_destroy_func_t) (hashtab_key_t k, hashtab_datum_t d,
637 					void *args);
638 extern hashtab_destroy_func_t get_symtab_destroy_func(int sym_num);
639 
640 extern void class_perm_node_init(class_perm_node_t * x);
641 extern void type_set_init(type_set_t * x);
642 extern void type_set_destroy(type_set_t * x);
643 extern int type_set_cpy(type_set_t * dst, type_set_t * src);
644 extern int type_set_or_eq(type_set_t * dst, type_set_t * other);
645 extern void role_set_init(role_set_t * x);
646 extern void role_set_destroy(role_set_t * x);
647 extern void avrule_init(avrule_t * x);
648 extern void avrule_destroy(avrule_t * x);
649 extern void avrule_list_destroy(avrule_t * x);
650 extern void role_trans_rule_init(role_trans_rule_t * x);
651 extern void role_trans_rule_list_destroy(role_trans_rule_t * x);
652 extern void filename_trans_rule_init(filename_trans_rule_t * x);
653 extern void filename_trans_rule_list_destroy(filename_trans_rule_t * x);
654 
655 extern void role_datum_init(role_datum_t * x);
656 extern void role_datum_destroy(role_datum_t * x);
657 extern void role_allow_rule_init(role_allow_rule_t * x);
658 extern void role_allow_rule_destroy(role_allow_rule_t * x);
659 extern void role_allow_rule_list_destroy(role_allow_rule_t * x);
660 extern void range_trans_rule_init(range_trans_rule_t *x);
661 extern void range_trans_rule_destroy(range_trans_rule_t *x);
662 extern void range_trans_rule_list_destroy(range_trans_rule_t *x);
663 extern void type_datum_init(type_datum_t * x);
664 extern void type_datum_destroy(type_datum_t * x);
665 extern void user_datum_init(user_datum_t * x);
666 extern void user_datum_destroy(user_datum_t * x);
667 extern void level_datum_init(level_datum_t * x);
668 extern void level_datum_destroy(level_datum_t * x);
669 extern void cat_datum_init(cat_datum_t * x);
670 extern void cat_datum_destroy(cat_datum_t * x);
671 extern int check_assertion(policydb_t *p, avrule_t *avrule);
672 extern int check_assertions(sepol_handle_t * handle,
673 			    policydb_t * p, avrule_t * avrules);
674 
675 extern int symtab_insert(policydb_t * x, uint32_t sym,
676 			 hashtab_key_t key, hashtab_datum_t datum,
677 			 uint32_t scope, uint32_t avrule_decl_id,
678 			 uint32_t * value);
679 
680 /* A policy "file" may be a memory region referenced by a (data, len) pair
681    or a file referenced by a FILE pointer. */
682 typedef struct policy_file {
683 #define PF_USE_MEMORY  0
684 #define PF_USE_STDIO   1
685 #define PF_LEN         2	/* total up length in len field */
686 	unsigned type;
687 	char *data;
688 	size_t len;
689 	size_t size;
690 	FILE *fp;
691 	struct sepol_handle *handle;
692 } policy_file_t;
693 
694 struct sepol_policy_file {
695 	struct policy_file pf;
696 };
697 
698 extern void policy_file_init(policy_file_t * x);
699 
700 extern int policydb_read(policydb_t * p, struct policy_file *fp,
701 			 unsigned int verbose);
702 extern int avrule_read_list(policydb_t * p, avrule_t ** avrules,
703 			    struct policy_file *fp);
704 
705 extern int policydb_write(struct policydb *p, struct policy_file *pf);
706 extern int policydb_set_target_platform(policydb_t *p, int platform);
707 
708 #define PERM_SYMTAB_SIZE 32
709 
710 /* Identify specific policy version changes */
711 #define POLICYDB_VERSION_BASE		15
712 #define POLICYDB_VERSION_BOOL		16
713 #define POLICYDB_VERSION_IPV6		17
714 #define POLICYDB_VERSION_NLCLASS	18
715 #define POLICYDB_VERSION_VALIDATETRANS	19
716 #define POLICYDB_VERSION_MLS		19
717 #define POLICYDB_VERSION_AVTAB		20
718 #define POLICYDB_VERSION_RANGETRANS	21
719 #define POLICYDB_VERSION_POLCAP		22
720 #define POLICYDB_VERSION_PERMISSIVE	23
721 #define POLICYDB_VERSION_BOUNDARY	24
722 #define POLICYDB_VERSION_FILENAME_TRANS	25
723 #define POLICYDB_VERSION_ROLETRANS	26
724 #define POLICYDB_VERSION_NEW_OBJECT_DEFAULTS	27
725 #define POLICYDB_VERSION_DEFAULT_TYPE	28
726 #define POLICYDB_VERSION_CONSTRAINT_NAMES	29
727 #define POLICYDB_VERSION_XEN_DEVICETREE		30 /* Xen-specific */
728 #define POLICYDB_VERSION_XPERMS_IOCTL	30 /* Linux-specific */
729 
730 /* Range of policy versions we understand*/
731 #define POLICYDB_VERSION_MIN	POLICYDB_VERSION_BASE
732 #define POLICYDB_VERSION_MAX	POLICYDB_VERSION_XPERMS_IOCTL
733 
734 /* Module versions and specific changes*/
735 #define MOD_POLICYDB_VERSION_BASE		4
736 #define MOD_POLICYDB_VERSION_VALIDATETRANS	5
737 #define MOD_POLICYDB_VERSION_MLS		5
738 #define MOD_POLICYDB_VERSION_RANGETRANS 	6
739 #define MOD_POLICYDB_VERSION_MLS_USERS		6
740 #define MOD_POLICYDB_VERSION_POLCAP		7
741 #define MOD_POLICYDB_VERSION_PERMISSIVE		8
742 #define MOD_POLICYDB_VERSION_BOUNDARY		9
743 #define MOD_POLICYDB_VERSION_BOUNDARY_ALIAS	10
744 #define MOD_POLICYDB_VERSION_FILENAME_TRANS	11
745 #define MOD_POLICYDB_VERSION_ROLETRANS		12
746 #define MOD_POLICYDB_VERSION_ROLEATTRIB		13
747 #define MOD_POLICYDB_VERSION_TUNABLE_SEP	14
748 #define MOD_POLICYDB_VERSION_NEW_OBJECT_DEFAULTS	15
749 #define MOD_POLICYDB_VERSION_DEFAULT_TYPE	16
750 #define MOD_POLICYDB_VERSION_CONSTRAINT_NAMES  17
751 
752 #define MOD_POLICYDB_VERSION_MIN MOD_POLICYDB_VERSION_BASE
753 #define MOD_POLICYDB_VERSION_MAX MOD_POLICYDB_VERSION_CONSTRAINT_NAMES
754 
755 #define POLICYDB_CONFIG_MLS    1
756 
757 /* macros to check policy feature */
758 
759 /* TODO: add other features here */
760 
761 #define policydb_has_boundary_feature(p)			\
762 	(((p)->policy_type == POLICY_KERN			\
763 	  && p->policyvers >= POLICYDB_VERSION_BOUNDARY) ||	\
764 	 ((p)->policy_type != POLICY_KERN			\
765 	  && p->policyvers >= MOD_POLICYDB_VERSION_BOUNDARY))
766 
767 /* the config flags related to unknown classes/perms are bits 2 and 3 */
768 #define DENY_UNKNOWN	SEPOL_DENY_UNKNOWN
769 #define REJECT_UNKNOWN	SEPOL_REJECT_UNKNOWN
770 #define ALLOW_UNKNOWN 	SEPOL_ALLOW_UNKNOWN
771 
772 #define POLICYDB_CONFIG_UNKNOWN_MASK	(DENY_UNKNOWN | REJECT_UNKNOWN | ALLOW_UNKNOWN)
773 
774 #define OBJECT_R "object_r"
775 #define OBJECT_R_VAL 1
776 
777 #define POLICYDB_MAGIC SELINUX_MAGIC
778 #define POLICYDB_STRING "SE Linux"
779 #define POLICYDB_XEN_STRING "XenFlask"
780 #define POLICYDB_STRING_MAX_LENGTH 32
781 #define POLICYDB_MOD_MAGIC SELINUX_MOD_MAGIC
782 #define POLICYDB_MOD_STRING "SE Linux Module"
783 
784 #ifdef __cplusplus
785 }
786 #endif
787 
788 #endif				/* _POLICYDB_H_ */
789 
790 /* FLASK */
791