1 #include <stdio.h> 2 #include <stdarg.h> 3 #include <sys/types.h> 4 5 #include <sepol/policydb/avtab.h> 6 #include <sepol/policydb/policydb.h> 7 8 9 #define STACK_SIZE 16 10 #define DEFAULT_LEVEL "systemlow" 11 #define DEFAULT_OBJECT "object_r" 12 13 // initial sid names aren't actually stored in the pp files, need to a have 14 // a mapping, taken from the linux kernel 15 static const char * const selinux_sid_to_str[] = { 16 "null", 17 "kernel", 18 "security", 19 "unlabeled", 20 "fs", 21 "file", 22 "file_labels", 23 "init", 24 "any_socket", 25 "port", 26 "netif", 27 "netmsg", 28 "node", 29 "igmp_packet", 30 "icmp_socket", 31 "tcp_socket", 32 "sysctl_modprobe", 33 "sysctl", 34 "sysctl_fs", 35 "sysctl_kernel", 36 "sysctl_net", 37 "sysctl_net_unix", 38 "sysctl_vm", 39 "sysctl_dev", 40 "kmod", 41 "policy", 42 "scmp_packet", 43 "devnull", 44 }; 45 46 static const char * const xen_sid_to_str[] = { 47 "null", 48 "xen", 49 "dom0", 50 "domio", 51 "domxen", 52 "unlabeled", 53 "security", 54 "ioport", 55 "iomem", 56 "irq", 57 "device", 58 }; 59 60 static const uint32_t avtab_flavors[] = { 61 AVTAB_ALLOWED, 62 AVTAB_AUDITALLOW, 63 AVTAB_AUDITDENY, 64 AVTAB_XPERMS_ALLOWED, 65 AVTAB_XPERMS_AUDITALLOW, 66 AVTAB_XPERMS_DONTAUDIT, 67 AVTAB_TRANSITION, 68 AVTAB_MEMBER, 69 AVTAB_CHANGE, 70 }; 71 72 #define AVTAB_FLAVORS_SZ (sizeof(avtab_flavors)/sizeof(avtab_flavors[0])) 73 74 struct strs { 75 char **list; 76 unsigned num; 77 size_t size; 78 }; 79 80 __attribute__ ((format(printf, 1, 2))) 81 void sepol_log_err(const char *fmt, ...); 82 void sepol_indent(FILE *out, int indent); 83 __attribute__ ((format(printf, 2, 3))) 84 void sepol_printf(FILE *out, const char *fmt, ...); 85 86 __attribute__ ((format(printf, 1, 3))) 87 char *create_str(const char *fmt, int num, ...); 88 89 int strs_init(struct strs **strs, size_t size); 90 void strs_destroy(struct strs **strs); 91 void strs_free_all(struct strs *strs); 92 int strs_add(struct strs *strs, char *s); 93 __attribute__ ((format(printf, 2, 4))) 94 int strs_create_and_add(struct strs *strs, const char *fmt, int num, ...); 95 char *strs_remove_last(struct strs *strs); 96 int strs_add_at_index(struct strs *strs, char *s, unsigned index); 97 char *strs_read_at_index(struct strs *strs, unsigned index); 98 void strs_sort(struct strs *strs); 99 unsigned strs_num_items(struct strs *strs); 100 size_t strs_len_items(struct strs *strs); 101 char *strs_to_str(struct strs *strs); 102 void strs_write_each(struct strs *strs, FILE *out); 103 void strs_write_each_indented(struct strs *strs, FILE *out, int indent); 104 int hashtab_ordered_to_strs(char *key, void *data, void *args); 105 int ebitmap_to_strs(struct ebitmap *map, struct strs *strs, char **val_to_name); 106 char *ebitmap_to_str(struct ebitmap *map, char **val_to_name, int sort); 107 108 int stack_init(struct strs **stack); 109 void stack_destroy(struct strs **stack); 110 int stack_push(struct strs *stack, char *s); 111 char *stack_pop(struct strs *stack); 112 int stack_empty(struct strs *stack); 113 114 int sort_ocontexts(struct policydb *pdb); 115
