1 /* Author : Stephen Smalley, <sds (at) epoch.ncsc.mil> */ 2 3 /* 4 * Updated: Joshua Brindle <jbrindle (at) tresys.com> 5 * Karl MacMillan <kmacmillan (at) tresys.com> 6 * Jason Tang <jtang (at) tresys.com> 7 * 8 * Module support 9 * 10 * Updated: Trusted Computer Solutions, Inc. <dgoeddel (at) trustedcs.com> 11 * 12 * Support for enhanced MLS infrastructure. 13 * 14 * Updated: Frank Mayer <mayerf (at) tresys.com> and Karl MacMillan <kmacmillan (at) tresys.com> 15 * 16 * Added conditional policy language extensions 17 * 18 * Updated: Red Hat, Inc. James Morris <jmorris (at) redhat.com> 19 * 20 * Fine-grained netlink support 21 * IPv6 support 22 * Code cleanup 23 * 24 * Copyright (C) 2004-2005 Trusted Computer Solutions, Inc. 25 * Copyright (C) 2003 - 2004 Tresys Technology, LLC 26 * Copyright (C) 2003 - 2004 Red Hat, Inc. 27 * 28 * This library is free software; you can redistribute it and/or 29 * modify it under the terms of the GNU Lesser General Public 30 * License as published by the Free Software Foundation; either 31 * version 2.1 of the License, or (at your option) any later version. 32 * 33 * This library is distributed in the hope that it will be useful, 34 * but WITHOUT ANY WARRANTY; without even the implied warranty of 35 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 36 * Lesser General Public License for more details. 37 * 38 * You should have received a copy of the GNU Lesser General Public 39 * License along with this library; if not, write to the Free Software 40 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA 41 */ 42 43 /* FLASK */ 44 45 /* 46 * A policy database (policydb) specifies the 47 * configuration data for the security policy. 48 */ 49 50 #ifndef _SEPOL_POLICYDB_POLICYDB_H_ 51 #define _SEPOL_POLICYDB_POLICYDB_H_ 52 53 #include <stdio.h> 54 #include <stddef.h> 55 56 #include <sepol/policydb.h> 57 58 #include <sepol/policydb/flask_types.h> 59 #include <sepol/policydb/symtab.h> 60 #include <sepol/policydb/avtab.h> 61 #include <sepol/policydb/context.h> 62 #include <sepol/policydb/constraint.h> 63 #include <sepol/policydb/sidtab.h> 64 65 #define ERRMSG_LEN 1024 66 67 #define POLICYDB_SUCCESS 0 68 #define POLICYDB_ERROR -1 69 #define POLICYDB_UNSUPPORTED -2 70 71 #ifdef __cplusplus 72 extern "C" { 73 #endif 74 75 /* 76 * A datum type is defined for each kind of symbol 77 * in the configuration data: individual permissions, 78 * common prefixes for access vectors, classes, 79 * users, roles, types, sensitivities, categories, etc. 80 */ 81 82 /* type set preserves data needed by modules such as *, ~ and attributes */ 83 typedef struct type_set { 84 ebitmap_t types; 85 ebitmap_t negset; 86 #define TYPE_STAR 1 87 #define TYPE_COMP 2 88 uint32_t flags; 89 } type_set_t; 90 91 typedef struct role_set { 92 ebitmap_t roles; 93 #define ROLE_STAR 1 94 #define ROLE_COMP 2 95 uint32_t flags; 96 } role_set_t; 97 98 /* Permission attributes */ 99 typedef struct perm_datum { 100 symtab_datum_t s; 101 } perm_datum_t; 102 103 /* Attributes of a common prefix for access vectors */ 104 typedef struct common_datum { 105 symtab_datum_t s; 106 symtab_t permissions; /* common permissions */ 107 } common_datum_t; 108 109 /* Class attributes */ 110 typedef struct class_datum { 111 symtab_datum_t s; 112 char *comkey; /* common name */ 113 common_datum_t *comdatum; /* common datum */ 114 symtab_t permissions; /* class-specific permission symbol table */ 115 constraint_node_t *constraints; /* constraints on class permissions */ 116 constraint_node_t *validatetrans; /* special transition rules */ 117 /* Options how a new object user and role should be decided */ 118 #define DEFAULT_SOURCE 1 119 #define DEFAULT_TARGET 2 120 char default_user; 121 char default_role; 122 char default_type; 123 /* Options how a new object range should be decided */ 124 #define DEFAULT_SOURCE_LOW 1 125 #define DEFAULT_SOURCE_HIGH 2 126 #define DEFAULT_SOURCE_LOW_HIGH 3 127 #define DEFAULT_TARGET_LOW 4 128 #define DEFAULT_TARGET_HIGH 5 129 #define DEFAULT_TARGET_LOW_HIGH 6 130 char default_range; 131 } class_datum_t; 132 133 /* Role attributes */ 134 typedef struct role_datum { 135 symtab_datum_t s; 136 ebitmap_t dominates; /* set of roles dominated by this role */ 137 type_set_t types; /* set of authorized types for role */ 138 ebitmap_t cache; /* This is an expanded set used for context validation during parsing */ 139 uint32_t bounds; /* bounds role, if exist */ 140 #define ROLE_ROLE 0 /* regular role in kernel policies */ 141 #define ROLE_ATTRIB 1 /* attribute */ 142 uint32_t flavor; 143 ebitmap_t roles; /* roles with this attribute */ 144 } role_datum_t; 145 146 typedef struct role_trans { 147 uint32_t role; /* current role */ 148 uint32_t type; /* program executable type, or new object type */ 149 uint32_t tclass; /* process class, or new object class */ 150 uint32_t new_role; /* new role */ 151 struct role_trans *next; 152 } role_trans_t; 153 154 typedef struct role_allow { 155 uint32_t role; /* current role */ 156 uint32_t new_role; /* new role */ 157 struct role_allow *next; 158 } role_allow_t; 159 160 /* filename_trans rules */ 161 typedef struct filename_trans { 162 uint32_t stype; 163 uint32_t ttype; 164 uint32_t tclass; 165 char *name; 166 } filename_trans_t; 167 168 typedef struct filename_trans_datum { 169 uint32_t otype; /* expected of new object */ 170 } filename_trans_datum_t; 171 172 /* Type attributes */ 173 typedef struct type_datum { 174 symtab_datum_t s; 175 uint32_t primary; /* primary name? can be set to primary value if below is TYPE_ */ 176 #define TYPE_TYPE 0 /* regular type or alias in kernel policies */ 177 #define TYPE_ATTRIB 1 /* attribute */ 178 #define TYPE_ALIAS 2 /* alias in modular policy */ 179 uint32_t flavor; 180 ebitmap_t types; /* types with this attribute */ 181 #define TYPE_FLAGS_PERMISSIVE 0x01 182 uint32_t flags; 183 uint32_t bounds; /* bounds type, if exist */ 184 } type_datum_t; 185 186 /* 187 * Properties of type_datum 188 * available on the policy version >= (MOD_)POLICYDB_VERSION_BOUNDARY 189 */ 190 #define TYPEDATUM_PROPERTY_PRIMARY 0x0001 191 #define TYPEDATUM_PROPERTY_ATTRIBUTE 0x0002 192 #define TYPEDATUM_PROPERTY_ALIAS 0x0004 /* userspace only */ 193 #define TYPEDATUM_PROPERTY_PERMISSIVE 0x0008 /* userspace only */ 194 195 /* User attributes */ 196 typedef struct user_datum { 197 symtab_datum_t s; 198 role_set_t roles; /* set of authorized roles for user */ 199 mls_semantic_range_t range; /* MLS range (min. - max.) for user */ 200 mls_semantic_level_t dfltlevel; /* default login MLS level for user */ 201 ebitmap_t cache; /* This is an expanded set used for context validation during parsing */ 202 mls_range_t exp_range; /* expanded range used for validation */ 203 mls_level_t exp_dfltlevel; /* expanded range used for validation */ 204 uint32_t bounds; /* bounds user, if exist */ 205 } user_datum_t; 206 207 /* Sensitivity attributes */ 208 typedef struct level_datum { 209 mls_level_t *level; /* sensitivity and associated categories */ 210 unsigned char isalias; /* is this sensitivity an alias for another? */ 211 unsigned char defined; 212 } level_datum_t; 213 214 /* Category attributes */ 215 typedef struct cat_datum { 216 symtab_datum_t s; 217 unsigned char isalias; /* is this category an alias for another? */ 218 } cat_datum_t; 219 220 typedef struct range_trans { 221 uint32_t source_type; 222 uint32_t target_type; 223 uint32_t target_class; 224 } range_trans_t; 225 226 /* Boolean data type */ 227 typedef struct cond_bool_datum { 228 symtab_datum_t s; 229 int state; 230 #define COND_BOOL_FLAGS_TUNABLE 0x01 /* is this a tunable? */ 231 uint32_t flags; 232 } cond_bool_datum_t; 233 234 struct cond_node; 235 236 typedef struct cond_node cond_list_t; 237 struct cond_av_list; 238 239 typedef struct class_perm_node { 240 uint32_t tclass; 241 uint32_t data; /* permissions or new type */ 242 struct class_perm_node *next; 243 } class_perm_node_t; 244 245 #define xperm_test(x, p) (1 & (p[x >> 5] >> (x & 0x1f))) 246 #define xperm_set(x, p) (p[x >> 5] |= (1 << (x & 0x1f))) 247 #define xperm_clear(x, p) (p[x >> 5] &= ~(1 << (x & 0x1f))) 248 #define EXTENDED_PERMS_LEN 8 249 250 typedef struct av_extended_perms { 251 #define AVRULE_XPERMS_IOCTLFUNCTION 0x01 252 #define AVRULE_XPERMS_IOCTLDRIVER 0x02 253 uint8_t specified; 254 uint8_t driver; 255 /* 256 bits of permissions */ 256 uint32_t perms[EXTENDED_PERMS_LEN]; 257 } av_extended_perms_t; 258 259 typedef struct avrule { 260 /* these typedefs are almost exactly the same as those in avtab.h - they are 261 * here because of the need to include neverallow and dontaudit messages */ 262 #define AVRULE_ALLOWED AVTAB_ALLOWED 263 #define AVRULE_AUDITALLOW AVTAB_AUDITALLOW 264 #define AVRULE_AUDITDENY AVTAB_AUDITDENY 265 #define AVRULE_DONTAUDIT 0x0008 266 #define AVRULE_NEVERALLOW AVTAB_NEVERALLOW 267 #define AVRULE_AV (AVRULE_ALLOWED | AVRULE_AUDITALLOW | AVRULE_AUDITDENY | AVRULE_DONTAUDIT | AVRULE_NEVERALLOW) 268 #define AVRULE_TRANSITION AVTAB_TRANSITION 269 #define AVRULE_MEMBER AVTAB_MEMBER 270 #define AVRULE_CHANGE AVTAB_CHANGE 271 #define AVRULE_TYPE (AVRULE_TRANSITION | AVRULE_MEMBER | AVRULE_CHANGE) 272 #define AVRULE_XPERMS_ALLOWED AVTAB_XPERMS_ALLOWED 273 #define AVRULE_XPERMS_AUDITALLOW AVTAB_XPERMS_AUDITALLOW 274 #define AVRULE_XPERMS_DONTAUDIT AVTAB_XPERMS_DONTAUDIT 275 #define AVRULE_XPERMS_NEVERALLOW AVTAB_XPERMS_NEVERALLOW 276 #define AVRULE_XPERMS (AVRULE_XPERMS_ALLOWED | AVRULE_XPERMS_AUDITALLOW | \ 277 AVRULE_XPERMS_DONTAUDIT | AVRULE_XPERMS_NEVERALLOW) 278 uint32_t specified; 279 #define RULE_SELF 1 280 uint32_t flags; 281 type_set_t stypes; 282 type_set_t ttypes; 283 class_perm_node_t *perms; 284 av_extended_perms_t *xperms; 285 unsigned long line; /* line number from policy.conf where 286 * this rule originated */ 287 /* source file name and line number (e.g. .te file) */ 288 char *source_filename; 289 unsigned long source_line; 290 struct avrule *next; 291 } avrule_t; 292 293 typedef struct role_trans_rule { 294 role_set_t roles; /* current role */ 295 type_set_t types; /* program executable type, or new object type */ 296 ebitmap_t classes; /* process class, or new object class */ 297 uint32_t new_role; /* new role */ 298 struct role_trans_rule *next; 299 } role_trans_rule_t; 300 301 typedef struct role_allow_rule { 302 role_set_t roles; /* current role */ 303 role_set_t new_roles; /* new roles */ 304 struct role_allow_rule *next; 305 } role_allow_rule_t; 306 307 typedef struct filename_trans_rule { 308 type_set_t stypes; 309 type_set_t ttypes; 310 uint32_t tclass; 311 char *name; 312 uint32_t otype; /* new type */ 313 struct filename_trans_rule *next; 314 } filename_trans_rule_t; 315 316 typedef struct range_trans_rule { 317 type_set_t stypes; 318 type_set_t ttypes; 319 ebitmap_t tclasses; 320 mls_semantic_range_t trange; 321 struct range_trans_rule *next; 322 } range_trans_rule_t; 323 324 /* 325 * The configuration data includes security contexts for 326 * initial SIDs, unlabeled file systems, TCP and UDP port numbers, 327 * network interfaces, and nodes. This structure stores the 328 * relevant data for one such entry. Entries of the same kind 329 * (e.g. all initial SIDs) are linked together into a list. 330 */ 331 typedef struct ocontext { 332 union { 333 char *name; /* name of initial SID, fs, netif, fstype, path */ 334 struct { 335 uint8_t protocol; 336 uint16_t low_port; 337 uint16_t high_port; 338 } port; /* TCP or UDP port information */ 339 struct { 340 uint32_t addr; /* network order */ 341 uint32_t mask; /* network order */ 342 } node; /* node information */ 343 struct { 344 uint32_t addr[4]; /* network order */ 345 uint32_t mask[4]; /* network order */ 346 } node6; /* IPv6 node information */ 347 uint32_t device; 348 uint16_t pirq; 349 struct { 350 uint64_t low_iomem; 351 uint64_t high_iomem; 352 } iomem; 353 struct { 354 uint32_t low_ioport; 355 uint32_t high_ioport; 356 } ioport; 357 } u; 358 union { 359 uint32_t sclass; /* security class for genfs */ 360 uint32_t behavior; /* labeling behavior for fs_use */ 361 } v; 362 context_struct_t context[2]; /* security context(s) */ 363 sepol_security_id_t sid[2]; /* SID(s) */ 364 struct ocontext *next; 365 } ocontext_t; 366 367 typedef struct genfs { 368 char *fstype; 369 struct ocontext *head; 370 struct genfs *next; 371 } genfs_t; 372 373 /* symbol table array indices */ 374 #define SYM_COMMONS 0 375 #define SYM_CLASSES 1 376 #define SYM_ROLES 2 377 #define SYM_TYPES 3 378 #define SYM_USERS 4 379 #define SYM_BOOLS 5 380 #define SYM_LEVELS 6 381 #define SYM_CATS 7 382 #define SYM_NUM 8 383 384 /* object context array indices */ 385 #define OCON_ISID 0 /* initial SIDs */ 386 #define OCON_FS 1 /* unlabeled file systems */ 387 #define OCON_PORT 2 /* TCP and UDP port numbers */ 388 #define OCON_NETIF 3 /* network interfaces */ 389 #define OCON_NODE 4 /* nodes */ 390 #define OCON_FSUSE 5 /* fs_use */ 391 #define OCON_NODE6 6 /* IPv6 nodes */ 392 #define OCON_GENFS 7 /* needed for ocontext_supported */ 393 394 /* object context array indices for Xen */ 395 #define OCON_XEN_ISID 0 /* initial SIDs */ 396 #define OCON_XEN_PIRQ 1 /* physical irqs */ 397 #define OCON_XEN_IOPORT 2 /* io ports */ 398 #define OCON_XEN_IOMEM 3 /* io memory */ 399 #define OCON_XEN_PCIDEVICE 4 /* pci devices */ 400 #define OCON_XEN_DEVICETREE 5 /* device tree node */ 401 402 /* OCON_NUM needs to be the largest index in any platform's ocontext array */ 403 #define OCON_NUM 7 404 405 /* section: module information */ 406 407 /* scope_index_t holds all of the symbols that are in scope in a 408 * particular situation. The bitmaps are indices (and thus must 409 * subtract one) into the global policydb->scope array. */ 410 typedef struct scope_index { 411 ebitmap_t scope[SYM_NUM]; 412 #define p_classes_scope scope[SYM_CLASSES] 413 #define p_roles_scope scope[SYM_ROLES] 414 #define p_types_scope scope[SYM_TYPES] 415 #define p_users_scope scope[SYM_USERS] 416 #define p_bools_scope scope[SYM_BOOLS] 417 #define p_sens_scope scope[SYM_LEVELS] 418 #define p_cat_scope scope[SYM_CATS] 419 420 /* this array maps from class->value to the permissions within 421 * scope. if bit (perm->value - 1) is set in map 422 * class_perms_map[class->value - 1] then that permission is 423 * enabled for this class within this decl. */ 424 ebitmap_t *class_perms_map; 425 /* total number of classes in class_perms_map array */ 426 uint32_t class_perms_len; 427 } scope_index_t; 428 429 /* a list of declarations for a particular avrule_decl */ 430 431 /* These two structs declare a block of policy that has TE and RBAC 432 * statements and declarations. The root block (the global policy) 433 * can never have an ELSE branch. */ 434 typedef struct avrule_decl { 435 uint32_t decl_id; 436 uint32_t enabled; /* whether this block is enabled */ 437 438 cond_list_t *cond_list; 439 avrule_t *avrules; 440 role_trans_rule_t *role_tr_rules; 441 role_allow_rule_t *role_allow_rules; 442 range_trans_rule_t *range_tr_rules; 443 scope_index_t required; /* symbols needed to activate this block */ 444 scope_index_t declared; /* symbols declared within this block */ 445 446 /* type transition rules with a 'name' component */ 447 filename_trans_rule_t *filename_trans_rules; 448 449 /* for additive statements (type attribute, roles, and users) */ 450 symtab_t symtab[SYM_NUM]; 451 452 /* In a linked module this will contain the name of the module 453 * from which this avrule_decl originated. */ 454 char *module_name; 455 456 struct avrule_decl *next; 457 } avrule_decl_t; 458 459 typedef struct avrule_block { 460 avrule_decl_t *branch_list; 461 avrule_decl_t *enabled; /* pointer to which branch is enabled. this is 462 used in linking and never written to disk */ 463 #define AVRULE_OPTIONAL 1 464 uint32_t flags; /* any flags for this block, currently just optional */ 465 struct avrule_block *next; 466 } avrule_block_t; 467 468 /* Every identifier has its own scope datum. The datum describes if 469 * the item is to be included into the final policy during 470 * expansion. */ 471 typedef struct scope_datum { 472 /* Required for this decl */ 473 #define SCOPE_REQ 1 474 /* Declared in this decl */ 475 #define SCOPE_DECL 2 476 uint32_t scope; 477 uint32_t *decl_ids; 478 uint32_t decl_ids_len; 479 /* decl_ids is a list of avrule_decl's that declare/require 480 * this symbol. If scope==SCOPE_DECL then this is a list of 481 * declarations. If the symbol may only be declared once 482 * (types, bools) then decl_ids_len will be exactly 1. For 483 * implicitly declared things (roles, users) then decl_ids_len 484 * will be at least 1. */ 485 } scope_datum_t; 486 487 /* The policy database */ 488 typedef struct policydb { 489 #define POLICY_KERN SEPOL_POLICY_KERN 490 #define POLICY_BASE SEPOL_POLICY_BASE 491 #define POLICY_MOD SEPOL_POLICY_MOD 492 uint32_t policy_type; 493 char *name; 494 char *version; 495 int target_platform; 496 497 /* Set when the policydb is modified such that writing is unsupported */ 498 int unsupported_format; 499 500 /* Whether this policydb is mls, should always be set */ 501 int mls; 502 503 /* symbol tables */ 504 symtab_t symtab[SYM_NUM]; 505 #define p_commons symtab[SYM_COMMONS] 506 #define p_classes symtab[SYM_CLASSES] 507 #define p_roles symtab[SYM_ROLES] 508 #define p_types symtab[SYM_TYPES] 509 #define p_users symtab[SYM_USERS] 510 #define p_bools symtab[SYM_BOOLS] 511 #define p_levels symtab[SYM_LEVELS] 512 #define p_cats symtab[SYM_CATS] 513 514 /* symbol names indexed by (value - 1) */ 515 char **sym_val_to_name[SYM_NUM]; 516 #define p_common_val_to_name sym_val_to_name[SYM_COMMONS] 517 #define p_class_val_to_name sym_val_to_name[SYM_CLASSES] 518 #define p_role_val_to_name sym_val_to_name[SYM_ROLES] 519 #define p_type_val_to_name sym_val_to_name[SYM_TYPES] 520 #define p_user_val_to_name sym_val_to_name[SYM_USERS] 521 #define p_bool_val_to_name sym_val_to_name[SYM_BOOLS] 522 #define p_sens_val_to_name sym_val_to_name[SYM_LEVELS] 523 #define p_cat_val_to_name sym_val_to_name[SYM_CATS] 524 525 /* class, role, and user attributes indexed by (value - 1) */ 526 class_datum_t **class_val_to_struct; 527 role_datum_t **role_val_to_struct; 528 user_datum_t **user_val_to_struct; 529 type_datum_t **type_val_to_struct; 530 531 /* module stuff section -- used in parsing and for modules */ 532 533 /* keep track of the scope for every identifier. these are 534 * hash tables, where the key is the identifier name and value 535 * a scope_datum_t. as a convenience, one may use the 536 * p_*_macros (cf. struct scope_index_t declaration). */ 537 symtab_t scope[SYM_NUM]; 538 539 /* module rule storage */ 540 avrule_block_t *global; 541 /* avrule_decl index used for link/expand */ 542 avrule_decl_t **decl_val_to_struct; 543 544 /* compiled storage of rules - use for the kernel policy */ 545 546 /* type enforcement access vectors and transitions */ 547 avtab_t te_avtab; 548 549 /* bools indexed by (value - 1) */ 550 cond_bool_datum_t **bool_val_to_struct; 551 /* type enforcement conditional access vectors and transitions */ 552 avtab_t te_cond_avtab; 553 /* linked list indexing te_cond_avtab by conditional */ 554 cond_list_t *cond_list; 555 556 /* role transitions */ 557 role_trans_t *role_tr; 558 559 /* role allows */ 560 role_allow_t *role_allow; 561 562 /* security contexts of initial SIDs, unlabeled file systems, 563 TCP or UDP port numbers, network interfaces and nodes */ 564 ocontext_t *ocontexts[OCON_NUM]; 565 566 /* security contexts for files in filesystems that cannot support 567 a persistent label mapping or use another 568 fixed labeling behavior. */ 569 genfs_t *genfs; 570 571 /* range transitions table (range_trans_key -> mls_range) */ 572 hashtab_t range_tr; 573 574 /* file transitions with the last path component */ 575 hashtab_t filename_trans; 576 577 ebitmap_t *type_attr_map; 578 579 ebitmap_t *attr_type_map; /* not saved in the binary policy */ 580 581 ebitmap_t policycaps; 582 583 /* this bitmap is referenced by type NOT the typical type-1 used in other 584 bitmaps. Someday the 0 bit may be used for global permissive */ 585 ebitmap_t permissive_map; 586 587 unsigned policyvers; 588 589 unsigned handle_unknown; 590 } policydb_t; 591 592 struct sepol_policydb { 593 struct policydb p; 594 }; 595 596 extern int policydb_init(policydb_t * p); 597 598 extern int policydb_from_image(sepol_handle_t * handle, 599 void *data, size_t len, policydb_t * policydb); 600 601 extern int policydb_to_image(sepol_handle_t * handle, 602 policydb_t * policydb, void **newdata, 603 size_t * newlen); 604 605 extern int policydb_index_classes(policydb_t * p); 606 607 extern int policydb_index_bools(policydb_t * p); 608 609 extern int policydb_index_others(sepol_handle_t * handle, policydb_t * p, 610 unsigned int verbose); 611 612 extern int policydb_role_cache(hashtab_key_t key, 613 hashtab_datum_t datum, 614 void *arg); 615 616 extern int policydb_user_cache(hashtab_key_t key, 617 hashtab_datum_t datum, 618 void *arg); 619 620 extern int policydb_reindex_users(policydb_t * p); 621 622 extern void policydb_destroy(policydb_t * p); 623 624 extern int policydb_load_isids(policydb_t * p, sidtab_t * s); 625 626 /* Deprecated */ 627 extern int policydb_context_isvalid(const policydb_t * p, 628 const context_struct_t * c); 629 630 extern void symtabs_destroy(symtab_t * symtab); 631 extern int scope_destroy(hashtab_key_t key, hashtab_datum_t datum, void *p); 632 typedef void (*hashtab_destroy_func_t) (hashtab_key_t k, hashtab_datum_t d, 633 void *args); 634 extern hashtab_destroy_func_t get_symtab_destroy_func(int sym_num); 635 636 extern void class_perm_node_init(class_perm_node_t * x); 637 extern void type_set_init(type_set_t * x); 638 extern void type_set_destroy(type_set_t * x); 639 extern int type_set_cpy(type_set_t * dst, type_set_t * src); 640 extern int type_set_or_eq(type_set_t * dst, type_set_t * other); 641 extern void role_set_init(role_set_t * x); 642 extern void role_set_destroy(role_set_t * x); 643 extern void avrule_init(avrule_t * x); 644 extern void avrule_destroy(avrule_t * x); 645 extern void avrule_list_destroy(avrule_t * x); 646 extern void role_trans_rule_init(role_trans_rule_t * x); 647 extern void role_trans_rule_list_destroy(role_trans_rule_t * x); 648 extern void filename_trans_rule_init(filename_trans_rule_t * x); 649 extern void filename_trans_rule_list_destroy(filename_trans_rule_t * x); 650 651 extern void role_datum_init(role_datum_t * x); 652 extern void role_datum_destroy(role_datum_t * x); 653 extern void role_allow_rule_init(role_allow_rule_t * x); 654 extern void role_allow_rule_destroy(role_allow_rule_t * x); 655 extern void role_allow_rule_list_destroy(role_allow_rule_t * x); 656 extern void range_trans_rule_init(range_trans_rule_t *x); 657 extern void range_trans_rule_destroy(range_trans_rule_t *x); 658 extern void range_trans_rule_list_destroy(range_trans_rule_t *x); 659 extern void type_datum_init(type_datum_t * x); 660 extern void type_datum_destroy(type_datum_t * x); 661 extern void user_datum_init(user_datum_t * x); 662 extern void user_datum_destroy(user_datum_t * x); 663 extern void level_datum_init(level_datum_t * x); 664 extern void level_datum_destroy(level_datum_t * x); 665 extern void cat_datum_init(cat_datum_t * x); 666 extern void cat_datum_destroy(cat_datum_t * x); 667 extern int check_assertion(policydb_t *p, avrule_t *avrule); 668 extern int check_assertions(sepol_handle_t * handle, 669 policydb_t * p, avrule_t * avrules); 670 671 extern int symtab_insert(policydb_t * x, uint32_t sym, 672 hashtab_key_t key, hashtab_datum_t datum, 673 uint32_t scope, uint32_t avrule_decl_id, 674 uint32_t * value); 675 676 /* A policy "file" may be a memory region referenced by a (data, len) pair 677 or a file referenced by a FILE pointer. */ 678 typedef struct policy_file { 679 #define PF_USE_MEMORY 0 680 #define PF_USE_STDIO 1 681 #define PF_LEN 2 /* total up length in len field */ 682 unsigned type; 683 char *data; 684 size_t len; 685 size_t size; 686 FILE *fp; 687 struct sepol_handle *handle; 688 } policy_file_t; 689 690 struct sepol_policy_file { 691 struct policy_file pf; 692 }; 693 694 extern void policy_file_init(policy_file_t * x); 695 696 extern int policydb_read(policydb_t * p, struct policy_file *fp, 697 unsigned int verbose); 698 extern int avrule_read_list(policydb_t * p, avrule_t ** avrules, 699 struct policy_file *fp); 700 701 extern int policydb_write(struct policydb *p, struct policy_file *pf); 702 extern int policydb_set_target_platform(policydb_t *p, int platform); 703 704 #define PERM_SYMTAB_SIZE 32 705 706 /* Identify specific policy version changes */ 707 #define POLICYDB_VERSION_BASE 15 708 #define POLICYDB_VERSION_BOOL 16 709 #define POLICYDB_VERSION_IPV6 17 710 #define POLICYDB_VERSION_NLCLASS 18 711 #define POLICYDB_VERSION_VALIDATETRANS 19 712 #define POLICYDB_VERSION_MLS 19 713 #define POLICYDB_VERSION_AVTAB 20 714 #define POLICYDB_VERSION_RANGETRANS 21 715 #define POLICYDB_VERSION_POLCAP 22 716 #define POLICYDB_VERSION_PERMISSIVE 23 717 #define POLICYDB_VERSION_BOUNDARY 24 718 #define POLICYDB_VERSION_FILENAME_TRANS 25 719 #define POLICYDB_VERSION_ROLETRANS 26 720 #define POLICYDB_VERSION_NEW_OBJECT_DEFAULTS 27 721 #define POLICYDB_VERSION_DEFAULT_TYPE 28 722 #define POLICYDB_VERSION_CONSTRAINT_NAMES 29 723 #define POLICYDB_VERSION_XEN_DEVICETREE 30 /* Xen-specific */ 724 #define POLICYDB_VERSION_XPERMS_IOCTL 30 /* Linux-specific */ 725 726 /* Range of policy versions we understand*/ 727 #define POLICYDB_VERSION_MIN POLICYDB_VERSION_BASE 728 #define POLICYDB_VERSION_MAX POLICYDB_VERSION_XPERMS_IOCTL 729 730 /* Module versions and specific changes*/ 731 #define MOD_POLICYDB_VERSION_BASE 4 732 #define MOD_POLICYDB_VERSION_VALIDATETRANS 5 733 #define MOD_POLICYDB_VERSION_MLS 5 734 #define MOD_POLICYDB_VERSION_RANGETRANS 6 735 #define MOD_POLICYDB_VERSION_MLS_USERS 6 736 #define MOD_POLICYDB_VERSION_POLCAP 7 737 #define MOD_POLICYDB_VERSION_PERMISSIVE 8 738 #define MOD_POLICYDB_VERSION_BOUNDARY 9 739 #define MOD_POLICYDB_VERSION_BOUNDARY_ALIAS 10 740 #define MOD_POLICYDB_VERSION_FILENAME_TRANS 11 741 #define MOD_POLICYDB_VERSION_ROLETRANS 12 742 #define MOD_POLICYDB_VERSION_ROLEATTRIB 13 743 #define MOD_POLICYDB_VERSION_TUNABLE_SEP 14 744 #define MOD_POLICYDB_VERSION_NEW_OBJECT_DEFAULTS 15 745 #define MOD_POLICYDB_VERSION_DEFAULT_TYPE 16 746 #define MOD_POLICYDB_VERSION_CONSTRAINT_NAMES 17 747 748 #define MOD_POLICYDB_VERSION_MIN MOD_POLICYDB_VERSION_BASE 749 #define MOD_POLICYDB_VERSION_MAX MOD_POLICYDB_VERSION_CONSTRAINT_NAMES 750 751 #define POLICYDB_CONFIG_MLS 1 752 753 /* macros to check policy feature */ 754 755 /* TODO: add other features here */ 756 757 #define policydb_has_boundary_feature(p) \ 758 (((p)->policy_type == POLICY_KERN \ 759 && p->policyvers >= POLICYDB_VERSION_BOUNDARY) || \ 760 ((p)->policy_type != POLICY_KERN \ 761 && p->policyvers >= MOD_POLICYDB_VERSION_BOUNDARY)) 762 763 /* the config flags related to unknown classes/perms are bits 2 and 3 */ 764 #define DENY_UNKNOWN SEPOL_DENY_UNKNOWN 765 #define REJECT_UNKNOWN SEPOL_REJECT_UNKNOWN 766 #define ALLOW_UNKNOWN SEPOL_ALLOW_UNKNOWN 767 768 #define POLICYDB_CONFIG_UNKNOWN_MASK (DENY_UNKNOWN | REJECT_UNKNOWN | ALLOW_UNKNOWN) 769 770 #define OBJECT_R "object_r" 771 #define OBJECT_R_VAL 1 772 773 #define POLICYDB_MAGIC SELINUX_MAGIC 774 #define POLICYDB_STRING "SE Linux" 775 #define POLICYDB_XEN_STRING "XenFlask" 776 #define POLICYDB_STRING_MAX_LENGTH 32 777 #define POLICYDB_MOD_MAGIC SELINUX_MOD_MAGIC 778 #define POLICYDB_MOD_STRING "SE Linux Module" 779 780 #ifdef __cplusplus 781 } 782 #endif 783 784 #endif /* _POLICYDB_H_ */ 785 786 /* FLASK */ 787