1 /* 2 * Copyright (C) 2014 Tresys Technology, LLC 3 * 4 * This program is free software; you can redistribute it and/or 5 * modify it under the terms of the GNU General Public License 6 * as published by the Free Software Foundation; either version 2 7 * of the License, or (at your option) any later version. 8 * 9 * This program is distributed in the hope that it will be useful, 10 * but WITHOUT ANY WARRANTY; without even the implied warranty of 11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 12 * GNU General Public License for more details. 13 * 14 * You should have received a copy of the GNU General Public License 15 * along with this program; if not, write to the Free Software 16 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 17 * 02110-1301, USA. 18 */ 19 20 #include <errno.h> 21 #include <getopt.h> 22 #include <libgen.h> 23 #include <signal.h> 24 #include <stdarg.h> 25 #include <stdlib.h> 26 #include <string.h> 27 #include <unistd.h> 28 29 #include <sepol/module.h> 30 #include <sepol/module_to_cil.h> 31 32 char *progname; 33 34 __attribute__ ((format(printf, 1, 2))) 35 static void log_err(const char *fmt, ...) 36 { 37 va_list argptr; 38 va_start(argptr, fmt); 39 if (vfprintf(stderr, fmt, argptr) < 0) { 40 _exit(EXIT_FAILURE); 41 } 42 va_end(argptr); 43 if (fprintf(stderr, "\n") < 0) { 44 _exit(EXIT_FAILURE); 45 } 46 } 47 48 static void usage(int err) 49 { 50 fprintf(stderr, "Usage: %s [OPTIONS] [IN_FILE [OUT_FILE]]\n", progname); 51 fprintf(stderr, "\n"); 52 fprintf(stderr, "Read an SELinux policy package (.pp) and output the equivilent CIL.\n"); 53 fprintf(stderr, "If IN_FILE is not provided or is -, read SELinux policy package from\n"); 54 fprintf(stderr, "standard input. If OUT_FILE is not provided or is -, output CIL to\n"); 55 fprintf(stderr, "standard output.\n"); 56 fprintf(stderr, "\n"); 57 fprintf(stderr, "Options:\n"); 58 fprintf(stderr, " -h, --help print this message and exit\n"); 59 exit(err); 60 } 61 62 int main(int argc, char **argv) 63 { 64 int rc = -1; 65 int opt; 66 static struct option long_opts[] = { 67 { "help", 0, NULL, 'h' }, 68 { NULL, 0, NULL, 0 } 69 }; 70 struct sepol_module_package *mod_pkg = NULL; 71 FILE *in = NULL; 72 FILE *out = NULL; 73 int outfd = -1; 74 75 // ignore sigpipe so we can check the return code of write, and potentially 76 // return a more helpful error message 77 signal(SIGPIPE, SIG_IGN); 78 79 progname = basename(argv[0]); 80 81 while ((opt = getopt_long(argc, argv, "h", long_opts, NULL)) != -1) { 82 switch (opt) { 83 case 'h': 84 usage(0); 85 case '?': 86 default: 87 usage(1); 88 } 89 } 90 91 if (argc >= optind + 1 && strcmp(argv[1], "-") != 0) { 92 in = fopen(argv[1], "rb"); 93 if (in == NULL) { 94 log_err("Failed to open %s: %s", argv[1], strerror(errno)); 95 rc = -1; 96 goto exit; 97 } 98 } else { 99 in = stdin; 100 } 101 102 if (argc >= optind + 2 && strcmp(argv[2], "-") != 0) { 103 out = fopen(argv[2], "w"); 104 if (out == NULL) { 105 log_err("Failed to open %s: %s", argv[2], strerror(errno)); 106 rc = -1; 107 goto exit; 108 } 109 } else { 110 out = stdout; 111 } 112 113 if (argc >= optind + 3) { 114 log_err("Too many arguments"); 115 usage(1); 116 } 117 118 rc = sepol_ppfile_to_module_package(in, &mod_pkg); 119 if (rc != 0) { 120 goto exit; 121 } 122 fclose(in); 123 in = NULL; 124 125 rc = sepol_module_package_to_cil(out, mod_pkg); 126 if (rc != 0) { 127 goto exit; 128 } 129 130 exit: 131 if (in != NULL) { 132 fclose(in); 133 } 134 if (out != NULL) { 135 fclose(out); 136 } 137 if (outfd != -1) { 138 close(outfd); 139 if (rc != 0) { 140 unlink(argv[2]); 141 } 142 } 143 sepol_module_package_free(mod_pkg); 144 145 return rc; 146 } 147
