1 /* Copyright (C) 2005 Red Hat, Inc. */ 2 3 struct semanage_fcontext; 4 struct semanage_fcontext_key; 5 typedef struct semanage_fcontext_key record_key_t; 6 typedef struct semanage_fcontext record_t; 7 #define DBASE_RECORD_DEFINED 8 9 #include <stdlib.h> 10 #include <sepol/policydb.h> 11 #include <sepol/context.h> 12 #include "fcontext_internal.h" 13 #include "context_internal.h" 14 #include "debug.h" 15 #include "handle.h" 16 #include "database.h" 17 18 int semanage_fcontext_modify_local(semanage_handle_t * handle, 19 const semanage_fcontext_key_t * key, 20 const semanage_fcontext_t * data) 21 { 22 23 dbase_config_t *dconfig = semanage_fcontext_dbase_local(handle); 24 return dbase_modify(handle, dconfig, key, data); 25 } 26 27 int semanage_fcontext_del_local(semanage_handle_t * handle, 28 const semanage_fcontext_key_t * key) 29 { 30 31 dbase_config_t *dconfig = semanage_fcontext_dbase_local(handle); 32 return dbase_del(handle, dconfig, key); 33 } 34 35 int semanage_fcontext_query_local(semanage_handle_t * handle, 36 const semanage_fcontext_key_t * key, 37 semanage_fcontext_t ** response) 38 { 39 40 dbase_config_t *dconfig = semanage_fcontext_dbase_local(handle); 41 return dbase_query(handle, dconfig, key, response); 42 } 43 44 int semanage_fcontext_exists_local(semanage_handle_t * handle, 45 const semanage_fcontext_key_t * key, 46 int *response) 47 { 48 49 dbase_config_t *dconfig = semanage_fcontext_dbase_local(handle); 50 return dbase_exists(handle, dconfig, key, response); 51 } 52 53 int semanage_fcontext_count_local(semanage_handle_t * handle, 54 unsigned int *response) 55 { 56 57 dbase_config_t *dconfig = semanage_fcontext_dbase_local(handle); 58 return dbase_count(handle, dconfig, response); 59 } 60 61 int semanage_fcontext_iterate_local(semanage_handle_t * handle, 62 int (*handler) (const semanage_fcontext_t * 63 record, void *varg), 64 void *handler_arg) 65 { 66 67 dbase_config_t *dconfig = semanage_fcontext_dbase_local(handle); 68 return dbase_iterate(handle, dconfig, handler, handler_arg); 69 } 70 71 hidden_def(semanage_fcontext_iterate_local) 72 73 int semanage_fcontext_list_local(semanage_handle_t * handle, 74 semanage_fcontext_t *** records, 75 unsigned int *count) 76 { 77 78 dbase_config_t *dconfig = semanage_fcontext_dbase_local(handle); 79 return dbase_list(handle, dconfig, records, count); 80 } 81 82 struct validate_handler_arg { 83 semanage_handle_t *handle; 84 const sepol_policydb_t *policydb; 85 }; 86 87 static int validate_handler(const semanage_fcontext_t * fcon, void *varg) 88 { 89 90 char *str; 91 92 /* Unpack varg */ 93 struct validate_handler_arg *arg = (struct validate_handler_arg *)varg; 94 semanage_handle_t *handle = arg->handle; 95 const sepol_policydb_t *policydb = arg->policydb; 96 97 /* Unpack fcontext */ 98 const char *expr = semanage_fcontext_get_expr(fcon); 99 int type = semanage_fcontext_get_type(fcon); 100 const char *type_str = semanage_fcontext_get_type_str(type); 101 semanage_context_t *con = semanage_fcontext_get_con(fcon); 102 103 if (con 104 && sepol_context_check(handle->sepolh, policydb, 105 (sepol_context_t *) con) < 0) 106 goto invalid; 107 108 return 0; 109 110 invalid: 111 if (semanage_context_to_string(handle, con, &str) >= 0) { 112 ERR(handle, "invalid context %s specified for %s [%s]", 113 str, expr, type_str); 114 free(str); 115 } else 116 ERR(handle, "invalid context specified for %s [%s]", 117 expr, type_str); 118 return -1; 119 } 120 121 int hidden semanage_fcontext_validate_local(semanage_handle_t * handle, 122 const sepol_policydb_t * policydb) 123 { 124 125 struct validate_handler_arg arg; 126 arg.handle = handle; 127 arg.policydb = policydb; 128 return semanage_fcontext_iterate_local(handle, validate_handler, &arg); 129 } 130
