Lines Matching refs:db
62 const struct cil_db *db;
74 const struct cil_db *db;
289 int cil_classorder_to_policydb(policydb_t *pdb, const struct cil_db *db, struct cil_class *class_value_to_cil[], struct cil_perm **perm_value_to_cil[])
294 cil_list_for_each(curr_class, db->classorder) {
424 int cil_roletype_to_policydb(policydb_t *pdb, const struct cil_db *db, struct cil_role *role)
440 rc = __cil_get_sepol_type_datum(pdb, DATUM(db->val_to_type[i]), &sepol_type);
622 int cil_typeattribute_to_bitmap(policydb_t *pdb, const struct cil_db *db, struct cil_typeattribute *cil_attr)
649 rc = __cil_get_sepol_type_datum(pdb, DATUM(db->val_to_type[i]), &sepol_type);
728 int cil_userrole_to_policydb(policydb_t *pdb, const struct cil_db *db, struct cil_user *user)
747 rc = __cil_get_sepol_role_datum(pdb, DATUM(db->val_to_role[i]), &sepol_role);
790 int cil_catorder_to_policydb(policydb_t *pdb, const struct cil_db *db)
799 cil_list_for_each(curr_cat, db->catorder) {
850 int cil_sensitivityorder_to_policydb(policydb_t *pdb, const struct cil_db *db)
860 cil_list_for_each(curr, db->sensitivityorder) {
1055 int __cil_type_rule_to_avtab(policydb_t *pdb, const struct cil_db *db, struct cil_type_rule *cil_rule, cond_node_t *cond_node, enum cil_flavor cond_flavor)
1083 rc = __cil_get_sepol_type_datum(pdb, DATUM(db->val_to_type[i]), &sepol_src);
1089 rc = __cil_get_sepol_type_datum(pdb, DATUM(db->val_to_type[j]), &sepol_tgt);
1111 int cil_type_rule_to_policydb(policydb_t *pdb, const struct cil_db *db, struct cil_type_rule *cil_rule)
1113 return __cil_type_rule_to_avtab(pdb, db, cil_rule, NULL, CIL_FALSE);
1116 int __cil_typetransition_to_avtab(policydb_t *pdb, const struct cil_db *db, struct cil_nametypetransition *typetrans, cond_node_t *cond_node, enum cil_flavor cond_flavor, hashtab_t filename_trans_table)
1139 return __cil_type_rule_to_avtab(pdb, db, &trans, cond_node, cond_flavor);
1156 rc = __cil_get_sepol_type_datum(pdb, DATUM(db->val_to_type[i]), &sepol_src);
1162 rc = __cil_get_sepol_type_datum(pdb, DATUM(db->val_to_type[j]), &sepol_tgt);
1216 int cil_typetransition_to_policydb(policydb_t *pdb, const struct cil_db *db, struct cil_nametypetransition *typetrans, hashtab_t filename_trans_table)
1218 return __cil_typetransition_to_avtab(pdb, db, typetrans, NULL, CIL_FALSE, filename_trans_table);
1398 int __cil_avrule_to_avtab(policydb_t *pdb, const struct cil_db *db, struct cil_avrule *cil_avrule, cond_node_t *cond_node, enum cil_flavor cond_flavor)
1406 if (cil_avrule->rule_kind == CIL_AVRULE_DONTAUDIT && db->disable_dontaudit == CIL_TRUE) {
1426 src = DATUM(db->val_to_type[i]);
1445 int cil_avrule_to_policydb(policydb_t *pdb, const struct cil_db *db, struct cil_avrule *cil_avrule)
1447 return __cil_avrule_to_avtab(pdb, db, cil_avrule, NULL, CIL_FALSE);
1705 int cil_avrulex_to_hashtable(policydb_t *pdb, const struct cil_db *db, struct cil_avrule *cil_avrulex, struct cil_args_binary *args)
1717 if (cil_avrulex->rule_kind == CIL_AVRULE_DONTAUDIT && db->disable_dontaudit == CIL_TRUE) {
1734 src = DATUM(db->val_to_type[i]);
1758 const struct cil_db *db = args->db;
1777 rc = __cil_typetransition_to_avtab(pdb, db, cil_typetrans, cond_node, cond_flavor, filename_trans_table);
1785 rc = __cil_type_rule_to_avtab(pdb, db, cil_type_rule, cond_node, cond_flavor);
1793 rc = __cil_avrule_to_avtab(pdb, db, cil_avrule, cond_node, cond_flavor);
2045 int cil_booleanif_to_policydb(policydb_t *pdb, const struct cil_db *db, struct cil_tree_node *node, hashtab_t filename_trans_table)
2117 bool_args.db = db;
2146 int cil_roletrans_to_policydb(policydb_t *pdb, const struct cil_db *db, struct cil_roletransition *roletrans, hashtab_t role_trans_table)
2175 rc = __cil_get_sepol_role_datum(pdb, DATUM(db->val_to_role[i]), &sepol_src);
2181 rc = __cil_get_sepol_type_datum(pdb, DATUM(db->val_to_type[j]), &sepol_tgt);
2234 int cil_roleallow_to_policydb(policydb_t *pdb, const struct cil_db *db, struct cil_roleallow *roleallow)
2253 rc = __cil_get_sepol_role_datum(pdb, DATUM(db->val_to_role[i]), &sepol_src);
2259 rc = __cil_get_sepol_role_datum(pdb, DATUM(db->val_to_role[j]), &sepol_tgt);
2280 int __cil_constrain_expr_datum_to_sepol_expr(policydb_t *pdb, const struct cil_db *db, struct cil_list_item *item, enum cil_flavor expr_flavor, constraint_expr_t *expr)
2298 rc = __cil_get_sepol_user_datum(pdb, DATUM(db->val_to_user[i]), &sepol_user);
2322 rc = __cil_get_sepol_role_datum(pdb, DATUM(db->val_to_role[i]), &sepol_role);
2359 rc = __cil_get_sepol_type_datum(pdb, DATUM(db->val_to_type[i]), &sepol_type);
2381 int __cil_constrain_expr_leaf_to_sepol_expr(policydb_t *pdb, const struct cil_db *db, struct cil_list_item *op_item, enum cil_flavor expr_flavor, constraint_expr_t *expr)
2451 rc = __cil_constrain_expr_datum_to_sepol_expr(pdb, db, r_item, expr_flavor, expr);
2459 rc = __cil_constrain_expr_datum_to_sepol_expr(pdb, db, curr, expr_flavor, expr);
2476 int __cil_constrain_expr_to_sepol_expr_helper(policydb_t *pdb, const struct cil_db *db, const struct cil_list *cil_expr, constraint_expr_t **head, constraint_expr_t **tail)
2533 rc = __cil_constrain_expr_leaf_to_sepol_expr(pdb, db, item, flavor, op);
2541 rc = __cil_constrain_expr_to_sepol_expr_helper(pdb, db, l_expr, &h1, &t1);
2551 rc = __cil_constrain_expr_to_sepol_expr_helper(pdb, db, l_expr, &h1, &t1);
2555 rc = __cil_constrain_expr_to_sepol_expr_helper(pdb, db, r_expr, &h2, &t2);
2573 int __cil_constrain_expr_to_sepol_expr(policydb_t *pdb, const struct cil_db *db, const struct cil_list *cil_expr, constraint_expr_t **sepol_expr)
2578 rc = __cil_constrain_expr_to_sepol_expr_helper(pdb, db, cil_expr, &head, &tail);
2588 int cil_constrain_to_policydb_helper(policydb_t *pdb, const struct cil_db *db, struct cil_symtab_datum *class, struct cil_list *perms, struct cil_list *expr)
2606 rc = __cil_constrain_expr_to_sepol_expr(pdb, db, expr, &sepol_expr);
2622 int cil_constrain_expand(policydb_t *pdb, const struct cil_db *db, struct cil_list *classperms, struct cil_list *expr)
2631 rc = cil_constrain_to_policydb_helper(pdb, db, DATUM(cp->class), cp->perms, expr);
2639 rc = cil_constrain_expand(pdb, db, cmp->classperms, expr);
2648 rc = cil_constrain_expand(pdb, db, cp->classperms, expr);
2661 int cil_constrain_to_policydb(policydb_t *pdb, const struct cil_db *db, struct cil_constrain *cil_constrain)
2664 rc = cil_constrain_expand(pdb, db, cil_constrain->classperms, cil_constrain->datum_expr);
2676 int cil_validatetrans_to_policydb(policydb_t *pdb, const struct cil_db *db, struct cil_validatetrans *cil_validatetrans)
2695 rc = __cil_constrain_expr_to_sepol_expr(pdb, db, expr, &sepol_expr);
2897 int cil_sidorder_to_policydb(policydb_t *pdb, const struct cil_db *db)
2904 if (db->sidorder == NULL || db->sidorder->head == NULL) {
2909 cil_list_for_each(curr, db->sidorder) {
2932 int cil_rangetransition_to_policydb(policydb_t *pdb, const struct cil_db *db, struct cil_rangetransition *rangetrans, hashtab_t range_trans_table)
2957 rc = __cil_get_sepol_type_datum(pdb, DATUM(db->val_to_type[i]), &sepol_src);
2963 rc = __cil_get_sepol_type_datum(pdb, DATUM(db->val_to_type[j]), &sepol_tgt);
3410 const struct cil_db *db;
3417 db = args->db;
3478 rc = cil_typeattribute_to_bitmap(pdb, db, node->data);
3488 rc = cil_roletype_to_policydb(pdb, db, node->data);
3499 rc = cil_userrole_to_policydb(pdb, db, node->data);
3502 rc = cil_type_rule_to_policydb(pdb, db, node->data);
3507 if (db->disable_neverallow != CIL_TRUE && rule->rule_kind == CIL_AVRULE_NEVERALLOW) {
3514 rc = cil_roletrans_to_policydb(pdb, db, node->data, role_trans_table);
3520 rc = cil_typetransition_to_policydb(pdb, db, node->data, filename_trans_table);
3523 rc = cil_constrain_to_policydb(pdb, db, node->data);
3527 rc = cil_constrain_to_policydb(pdb, db, node->data);
3531 rc = cil_validatetrans_to_policydb(pdb, db, node->data);
3535 rc = cil_validatetrans_to_policydb(pdb, db, node->data);
3540 rc = cil_rangetransition_to_policydb(pdb, db, node->data, range_trans_table);
3558 rc = cil_booleanif_to_policydb(pdb, db, node, filename_trans_table);
3563 rc = cil_avrule_to_policydb(pdb, db, node->data);
3570 rc = cil_avrulex_to_hashtable(pdb, db, node->data, args);
3575 rc = cil_roleallow_to_policydb(pdb, db, node->data);
3619 int __cil_contexts_to_policydb(policydb_t *pdb, const struct cil_db *db)
3623 rc = cil_portcon_to_policydb(pdb, db->portcon);
3628 rc = cil_netifcon_to_policydb(pdb, db->netifcon);
3633 rc = cil_nodecon_to_policydb(pdb, db->nodecon);
3638 rc = cil_fsuse_to_policydb(pdb, db->fsuse);
3643 rc = cil_genfscon_to_policydb(pdb, db->genfscon);
3648 if (db->target_platform == SEPOL_TARGET_XEN) {
3649 rc = cil_pirqcon_to_policydb(pdb, db->pirqcon);
3654 rc = cil_iomemcon_to_policydb(pdb, db->iomemcon);
3659 rc = cil_ioportcon_to_policydb(pdb, db->ioportcon);
3664 rc = cil_pcidevicecon_to_policydb(pdb, db->pcidevicecon);
3669 rc = cil_devicetreecon_to_policydb(pdb, db->devicetreecon);
3883 int __cil_policydb_create(const struct cil_db *db, struct sepol_policydb **spdb)
3890 cil_log(CIL_ERR, "Failed to create policy db\n");
3900 pdb->target_platform = db->target_platform;
3901 pdb->policyvers = db->policy_version;
3902 pdb->handle_unknown = db->handle_unknown;
3903 pdb->mls = db->mls;
3912 int __cil_policydb_init(policydb_t *pdb, const struct cil_db *db, struct cil_class *class_value_to_cil[], struct cil_perm **perm_value_to_cil[])
3919 pdb->handle_unknown = db->handle_unknown;
3920 pdb->mls = db->mls;
3922 rc = cil_classorder_to_policydb(pdb, db, class_value_to_cil, perm_value_to_cil);
3928 rc = cil_catorder_to_policydb(pdb, db);
3933 rc = cil_sensitivityorder_to_policydb(pdb, db);
4059 int cil_binary_create(const struct cil_db *db, sepol_policydb_t **policydb)
4064 rc = __cil_policydb_create(db, &pdb);
4069 rc = cil_binary_create_allocated_pdb(db, pdb);
4198 static int __cil_add_sepol_type(policydb_t *pdb, const struct cil_db *db, struct cil_symtab_datum *datum, ebitmap_t *map)
4210 datum = DATUM(db->val_to_type[i]);
4332 static int __cil_print_neverallow_failure(const struct cil_db *db, struct cil_tree_node *node)
4363 rc = cil_find_matching_avrule_in_ast(db->ast->root, avrule_flavor, &target, matching, CIL_FALSE);
4383 static int cil_check_neverallow(const struct cil_db *db, policydb_t *pdb, struct cil_tree_node *node)
4403 rc = __cil_add_sepol_type(pdb, db, cil_rule->src, &rule->stypes.types);
4411 rc = __cil_add_sepol_type(pdb, db, cil_rule->tgt, &rule->ttypes.types);
4425 rc = __cil_print_neverallow_failure(db, node);
4447 rc = __cil_print_neverallow_failure(db, node);
4476 static int cil_check_neverallows(const struct cil_db *db, policydb_t *pdb, struct cil_list *neverallows)
4483 rc = cil_check_neverallow(db, pdb, item->data);
4551 static int cil_check_type_bounds(const struct cil_db *db, policydb_t *pdb, void *type_value_to_cil, struct cil_class *class_value_to_cil[], struct cil_perm **perm_value_to_cil[])
4556 for (i = 0; i < db->num_types; i++) {
4561 struct cil_type *t = db->val_to_type[i];
4597 rc = cil_find_matching_avrule_in_ast(db->ast->root, CIL_AVRULE, &target, matching, CIL_FALSE);
4626 int cil_binary_create_allocated_pdb(const struct cil_db *db, sepol_policydb_t *policydb)
4641 if (db == NULL || policydb == NULL) {
4642 if (db == NULL) {
4643 cil_log(CIL_ERR,"db == NULL\n");
4653 type_value_to_cil = calloc(db->num_types_and_attrs+1, sizeof(*type_value_to_cil));
4656 class_value_to_cil = calloc(db->num_classes+1, sizeof(*class_value_to_cil));
4659 perm_value_to_cil = calloc(db->num_classes+1, sizeof(*perm_value_to_cil));
4661 for (i=1; i < db->num_classes+1; i++) {
4666 rc = __cil_policydb_init(pdb, db, class_value_to_cil, perm_value_to_cil);
4698 extra_args.db = db;
4710 rc = cil_tree_walk(db->ast->root, __cil_binary_create_helper, NULL, NULL, &extra_args);
4733 rc = cil_sidorder_to_policydb(pdb, db);
4738 rc = __cil_contexts_to_policydb(pdb, db);
4755 if (db->disable_neverallow != CIL_TRUE) {
4757 rc = cil_check_neverallows(db, pdb, neverallows);
4767 rc = cil_check_type_bounds(db, pdb, type_value_to_cil, class_value_to_cil, perm_value_to_cil);
4782 for (i=1; i < db->num_classes+1; i++) {
