Home | History | Annotate | Download | only in src 
      1 #include <stdlib.h>
      2 
      3 #include "private.h"
      4 #include "debug.h"
      5 
      6 #include <sepol/policydb/policydb.h>
      7 
      8 /* Construct a policydb from the supplied (data, len) pair */
      9 
     10 int policydb_from_image(sepol_handle_t * handle,
     11 			void *data, size_t len, policydb_t * policydb)
     12 {
     13 
     14 	policy_file_t pf;
     15 
     16 	policy_file_init(&pf);
     17 	pf.type = PF_USE_MEMORY;
     18 	pf.data = data;
     19 	pf.len = len;
     20 	pf.handle = handle;
     21 
     22 	if (policydb_read(policydb, &pf, 0)) {
     23 		ERR(handle, "policy image is invalid");
     24 		errno = EINVAL;
     25 		return STATUS_ERR;
     26 	}
     27 
     28 	return STATUS_SUCCESS;
     29 }
     30 
     31 /* Write a policydb to a memory region, and return the (data, len) pair. */
     32 
     33 int policydb_to_image(sepol_handle_t * handle,
     34 		      policydb_t * policydb, void **newdata, size_t * newlen)
     35 {
     36 
     37 	void *tmp_data = NULL;
     38 	size_t tmp_len;
     39 	policy_file_t pf;
     40 	struct policydb tmp_policydb;
     41 
     42 	/* Compute the length for the new policy image. */
     43 	policy_file_init(&pf);
     44 	pf.type = PF_LEN;
     45 	pf.handle = handle;
     46 	if (policydb_write(policydb, &pf)) {
     47 		ERR(handle, "could not compute policy length");
     48 		errno = EINVAL;
     49 		goto err;
     50 	}
     51 
     52 	/* Allocate the new policy image. */
     53 	pf.type = PF_USE_MEMORY;
     54 	pf.data = malloc(pf.len);
     55 	if (!pf.data) {
     56 		ERR(handle, "out of memory");
     57 		goto err;
     58 	}
     59 
     60 	/* Need to save len and data prior to modification by policydb_write. */
     61 	tmp_len = pf.len;
     62 	tmp_data = pf.data;
     63 
     64 	/* Write out the new policy image. */
     65 	if (policydb_write(policydb, &pf)) {
     66 		ERR(handle, "could not write policy");
     67 		errno = EINVAL;
     68 		goto err;
     69 	}
     70 
     71 	/* Verify the new policy image. */
     72 	pf.type = PF_USE_MEMORY;
     73 	pf.data = tmp_data;
     74 	pf.len = tmp_len;
     75 	if (policydb_init(&tmp_policydb)) {
     76 		ERR(handle, "Out of memory");
     77 		errno = ENOMEM;
     78 		goto err;
     79 	}
     80 	if (policydb_read(&tmp_policydb, &pf, 0)) {
     81 		ERR(handle, "new policy image is invalid");
     82 		errno = EINVAL;
     83 		goto err;
     84 	}
     85 	policydb_destroy(&tmp_policydb);
     86 
     87 	/* Update (newdata, newlen) */
     88 	*newdata = tmp_data;
     89 	*newlen = tmp_len;
     90 
     91 	/* Recover */
     92 	return STATUS_SUCCESS;
     93 
     94       err:
     95 	ERR(handle, "could not create policy image");
     96 
     97 	/* Recover */
     98 	free(tmp_data);
     99 	return STATUS_ERR;
    100 }
    101