1 2/* Author : Stephen Smalley, <sds@epoch.ncsc.mil> */ 3 4/* 5 * Updated: Joshua Brindle <jbrindle@tresys.com> 6 * Karl MacMillan <kmacmillan@tresys.com> 7 * Jason Tang <jtang@tresys.com> 8 * 9 * Module support 10 * 11 * Updated: Trusted Computer Solutions, Inc. <dgoeddel@trustedcs.com> 12 * 13 * Support for enhanced MLS infrastructure. 14 * 15 * Updated: Frank Mayer <mayerf@tresys.com> and Karl MacMillan <kmacmillan@tresys.com> 16 * 17 * Added conditional policy language extensions 18 * 19 * Updated: Red Hat, Inc. James Morris <jmorris@redhat.com> 20 * 21 * Fine-grained netlink support 22 * IPv6 support 23 * Code cleanup 24 * 25 * Copyright (C) 2004-2005 Trusted Computer Solutions, Inc. 26 * Copyright (C) 2003 - 2004 Tresys Technology, LLC 27 * Copyright (C) 2003 - 2004 Red Hat, Inc. 28 * 29 * This library is free software; you can redistribute it and/or 30 * modify it under the terms of the GNU Lesser General Public 31 * License as published by the Free Software Foundation; either 32 * version 2.1 of the License, or (at your option) any later version. 33 * 34 * This library is distributed in the hope that it will be useful, 35 * but WITHOUT ANY WARRANTY; without even the implied warranty of 36 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 37 * Lesser General Public License for more details. 38 * 39 * You should have received a copy of the GNU Lesser General Public 40 * License along with this library; if not, write to the Free Software 41 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA 42 */ 43 44/* FLASK */ 45 46/* 47 * A policy database (policydb) specifies the 48 * configuration data for the security policy. 49 */ 50 51#ifndef _SEPOL_POLICYDB_POLICYDB_H_ 52#define _SEPOL_POLICYDB_POLICYDB_H_ 53 54#include <stdio.h> 55#include <stddef.h> 56 57#include <sepol/policydb.h> 58 59#include <sepol/policydb/flask_types.h> 60#include <sepol/policydb/symtab.h> 61#include <sepol/policydb/avtab.h> 62#include <sepol/policydb/context.h> 63#include <sepol/policydb/constraint.h> 64#include <sepol/policydb/sidtab.h> 65 66#define ERRMSG_LEN 1024 67 68#define POLICYDB_SUCCESS 0 69#define POLICYDB_ERROR -1 70#define POLICYDB_UNSUPPORTED -2 71 72/* 73 * A datum type is defined for each kind of symbol 74 * in the configuration data: individual permissions, 75 * common prefixes for access vectors, classes, 76 * users, roles, types, sensitivities, categories, etc. 77 */ 78 79/* type set preserves data needed by modules such as *, ~ and attributes */ 80typedef struct type_set { 81 ebitmap_t types; 82 ebitmap_t negset; 83#define TYPE_STAR 1 84#define TYPE_COMP 2 85 uint32_t flags; 86} type_set_t; 87 88typedef struct role_set { 89 ebitmap_t roles; 90#define ROLE_STAR 1 91#define ROLE_COMP 2 92 uint32_t flags; 93} role_set_t; 94 95/* Permission attributes */ 96typedef struct perm_datum { 97 symtab_datum_t s; 98} perm_datum_t; 99 100/* Attributes of a common prefix for access vectors */ 101typedef struct common_datum { 102 symtab_datum_t s; 103 symtab_t permissions; /* common permissions */ 104} common_datum_t; 105 106/* Class attributes */ 107typedef struct class_datum { 108 symtab_datum_t s; 109 char *comkey; /* common name */ 110 common_datum_t *comdatum; /* common datum */ 111 symtab_t permissions; /* class-specific permission symbol table */ 112 constraint_node_t *constraints; /* constraints on class permissions */ 113 constraint_node_t *validatetrans; /* special transition rules */ 114/* Options how a new object user and role should be decided */ 115#define DEFAULT_SOURCE 1 116#define DEFAULT_TARGET 2 117 char default_user; 118 char default_role; 119/* Options how a new object range should be decided */ 120#define DEFAULT_SOURCE_LOW 1 121#define DEFAULT_SOURCE_HIGH 2 122#define DEFAULT_SOURCE_LOW_HIGH 3 123#define DEFAULT_TARGET_LOW 4 124#define DEFAULT_TARGET_HIGH 5 125#define DEFAULT_TARGET_LOW_HIGH 6 126 char default_range; 127} class_datum_t; 128 129/* Role attributes */ 130typedef struct role_datum { 131 symtab_datum_t s; 132 ebitmap_t dominates; /* set of roles dominated by this role */ 133 type_set_t types; /* set of authorized types for role */ 134 ebitmap_t cache; /* This is an expanded set used for context validation during parsing */ 135 uint32_t bounds; /* bounds role, if exist */ 136#define ROLE_ROLE 0 /* regular role in kernel policies */ 137#define ROLE_ATTRIB 1 /* attribute */ 138 uint32_t flavor; 139 ebitmap_t roles; /* roles with this attribute */ 140} role_datum_t; 141 142typedef struct role_trans { 143 uint32_t role; /* current role */ 144 uint32_t type; /* program executable type, or new object type */ 145 uint32_t tclass; /* process class, or new object class */ 146 uint32_t new_role; /* new role */ 147 struct role_trans *next; 148} role_trans_t; 149 150typedef struct role_allow { 151 uint32_t role; /* current role */ 152 uint32_t new_role; /* new role */ 153 struct role_allow *next; 154} role_allow_t; 155 156/* filename_trans rules */ 157typedef struct filename_trans { 158 uint32_t stype; 159 uint32_t ttype; 160 uint32_t tclass; 161 char *name; 162 uint32_t otype; 163 struct filename_trans *next; 164} filename_trans_t; 165 166/* Type attributes */ 167typedef struct type_datum { 168 symtab_datum_t s; 169 uint32_t primary; /* primary name? can be set to primary value if below is TYPE_ */ 170#define TYPE_TYPE 0 /* regular type or alias in kernel policies */ 171#define TYPE_ATTRIB 1 /* attribute */ 172#define TYPE_ALIAS 2 /* alias in modular policy */ 173 uint32_t flavor; 174 ebitmap_t types; /* types with this attribute */ 175#define TYPE_FLAGS_PERMISSIVE 0x01 176 uint32_t flags; 177 uint32_t bounds; /* bounds type, if exist */ 178} type_datum_t; 179 180/* 181 * Properties of type_datum 182 * available on the policy version >= (MOD_)POLICYDB_VERSION_BOUNDARY 183 */ 184#define TYPEDATUM_PROPERTY_PRIMARY 0x0001 185#define TYPEDATUM_PROPERTY_ATTRIBUTE 0x0002 186#define TYPEDATUM_PROPERTY_ALIAS 0x0004 /* userspace only */ 187#define TYPEDATUM_PROPERTY_PERMISSIVE 0x0008 /* userspace only */ 188 189/* User attributes */ 190typedef struct user_datum { 191 symtab_datum_t s; 192 role_set_t roles; /* set of authorized roles for user */ 193 mls_semantic_range_t range; /* MLS range (min. - max.) for user */ 194 mls_semantic_level_t dfltlevel; /* default login MLS level for user */ 195 ebitmap_t cache; /* This is an expanded set used for context validation during parsing */ 196 mls_range_t exp_range; /* expanded range used for validation */ 197 mls_level_t exp_dfltlevel; /* expanded range used for validation */ 198 uint32_t bounds; /* bounds user, if exist */ 199} user_datum_t; 200 201/* Sensitivity attributes */ 202typedef struct level_datum { 203 mls_level_t *level; /* sensitivity and associated categories */ 204 unsigned char isalias; /* is this sensitivity an alias for another? */ 205 unsigned char defined; 206} level_datum_t; 207 208/* Category attributes */ 209typedef struct cat_datum { 210 symtab_datum_t s; 211 unsigned char isalias; /* is this category an alias for another? */ 212} cat_datum_t; 213 214typedef struct range_trans { 215 uint32_t source_type; 216 uint32_t target_type; 217 uint32_t target_class; 218 mls_range_t target_range; 219 struct range_trans *next; 220} range_trans_t; 221 222/* Boolean data type */ 223typedef struct cond_bool_datum { 224 symtab_datum_t s; 225 int state; 226#define COND_BOOL_FLAGS_TUNABLE 0x01 /* is this a tunable? */ 227 uint32_t flags; 228} cond_bool_datum_t; 229 230struct cond_node; 231 232typedef struct cond_node cond_list_t; 233struct cond_av_list; 234 235typedef struct class_perm_node { 236 uint32_t class; 237 uint32_t data; /* permissions or new type */ 238 struct class_perm_node *next; 239} class_perm_node_t; 240 241typedef struct avrule { 242/* these typedefs are almost exactly the same as those in avtab.h - they are 243 * here because of the need to include neverallow and dontaudit messages */ 244#define AVRULE_ALLOWED 1 245#define AVRULE_AUDITALLOW 2 246#define AVRULE_AUDITDENY 4 247#define AVRULE_DONTAUDIT 8 248#define AVRULE_NEVERALLOW 128 249#define AVRULE_AV (AVRULE_ALLOWED | AVRULE_AUDITALLOW | AVRULE_AUDITDENY | AVRULE_DONTAUDIT | AVRULE_NEVERALLOW) 250#define AVRULE_TRANSITION 16 251#define AVRULE_MEMBER 32 252#define AVRULE_CHANGE 64 253#define AVRULE_TYPE (AVRULE_TRANSITION | AVRULE_MEMBER | AVRULE_CHANGE) 254 uint32_t specified; 255#define RULE_SELF 1 256 uint32_t flags; 257 type_set_t stypes; 258 type_set_t ttypes; 259 class_perm_node_t *perms; 260 unsigned long line; /* line number from policy.conf where 261 * this rule originated */ 262 struct avrule *next; 263} avrule_t; 264 265typedef struct role_trans_rule { 266 role_set_t roles; /* current role */ 267 type_set_t types; /* program executable type, or new object type */ 268 ebitmap_t classes; /* process class, or new object class */ 269 uint32_t new_role; /* new role */ 270 struct role_trans_rule *next; 271} role_trans_rule_t; 272 273typedef struct role_allow_rule { 274 role_set_t roles; /* current role */ 275 role_set_t new_roles; /* new roles */ 276 struct role_allow_rule *next; 277} role_allow_rule_t; 278 279typedef struct filename_trans_rule { 280 type_set_t stypes; 281 type_set_t ttypes; 282 uint32_t tclass; 283 char *name; 284 uint32_t otype; /* new type */ 285 struct filename_trans_rule *next; 286} filename_trans_rule_t; 287 288typedef struct range_trans_rule { 289 type_set_t stypes; 290 type_set_t ttypes; 291 ebitmap_t tclasses; 292 mls_semantic_range_t trange; 293 struct range_trans_rule *next; 294} range_trans_rule_t; 295 296/* 297 * The configuration data includes security contexts for 298 * initial SIDs, unlabeled file systems, TCP and UDP port numbers, 299 * network interfaces, and nodes. This structure stores the 300 * relevant data for one such entry. Entries of the same kind 301 * (e.g. all initial SIDs) are linked together into a list. 302 */ 303typedef struct ocontext { 304 union { 305 char *name; /* name of initial SID, fs, netif, fstype, path */ 306 struct { 307 uint8_t protocol; 308 uint16_t low_port; 309 uint16_t high_port; 310 } port; /* TCP or UDP port information */ 311 struct { 312 uint32_t addr; /* network order */ 313 uint32_t mask; /* network order */ 314 } node; /* node information */ 315 struct { 316 uint32_t addr[4]; /* network order */ 317 uint32_t mask[4]; /* network order */ 318 } node6; /* IPv6 node information */ 319 uint32_t device; 320 uint16_t pirq; 321 struct { 322 uint32_t low_iomem; 323 uint32_t high_iomem; 324 } iomem; 325 struct { 326 uint32_t low_ioport; 327 uint32_t high_ioport; 328 } ioport; 329 } u; 330 union { 331 uint32_t sclass; /* security class for genfs */ 332 uint32_t behavior; /* labeling behavior for fs_use */ 333 } v; 334 context_struct_t context[2]; /* security context(s) */ 335 sepol_security_id_t sid[2]; /* SID(s) */ 336 struct ocontext *next; 337} ocontext_t; 338 339typedef struct genfs { 340 char *fstype; 341 struct ocontext *head; 342 struct genfs *next; 343} genfs_t; 344 345/* symbol table array indices */ 346#define SYM_COMMONS 0 347#define SYM_CLASSES 1 348#define SYM_ROLES 2 349#define SYM_TYPES 3 350#define SYM_USERS 4 351#define SYM_BOOLS 5 352#define SYM_LEVELS 6 353#define SYM_CATS 7 354#define SYM_NUM 8 355 356/* object context array indices */ 357#define OCON_ISID 0 /* initial SIDs */ 358#define OCON_FS 1 /* unlabeled file systems */ 359#define OCON_PORT 2 /* TCP and UDP port numbers */ 360#define OCON_NETIF 3 /* network interfaces */ 361#define OCON_NODE 4 /* nodes */ 362#define OCON_FSUSE 5 /* fs_use */ 363#define OCON_NODE6 6 /* IPv6 nodes */ 364#define OCON_GENFS 7 /* needed for ocontext_supported */ 365 366/* object context array indices for Xen */ 367#define OCON_XEN_ISID 0 /* initial SIDs */ 368#define OCON_XEN_PIRQ 1 /* physical irqs */ 369#define OCON_XEN_IOPORT 2 /* io ports */ 370#define OCON_XEN_IOMEM 3 /* io memory */ 371#define OCON_XEN_PCIDEVICE 4 /* pci devices */ 372 373/* OCON_NUM needs to be the largest index in any platform's ocontext array */ 374#define OCON_NUM 7 375 376/* section: module information */ 377 378/* scope_index_t holds all of the symbols that are in scope in a 379 * particular situation. The bitmaps are indices (and thus must 380 * subtract one) into the global policydb->scope array. */ 381typedef struct scope_index { 382 ebitmap_t scope[SYM_NUM]; 383#define p_classes_scope scope[SYM_CLASSES] 384#define p_roles_scope scope[SYM_ROLES] 385#define p_types_scope scope[SYM_TYPES] 386#define p_users_scope scope[SYM_USERS] 387#define p_bools_scope scope[SYM_BOOLS] 388#define p_sens_scope scope[SYM_LEVELS] 389#define p_cat_scope scope[SYM_CATS] 390 391 /* this array maps from class->value to the permissions within 392 * scope. if bit (perm->value - 1) is set in map 393 * class_perms_map[class->value - 1] then that permission is 394 * enabled for this class within this decl. */ 395 ebitmap_t *class_perms_map; 396 /* total number of classes in class_perms_map array */ 397 uint32_t class_perms_len; 398} scope_index_t; 399 400/* a list of declarations for a particular avrule_decl */ 401 402/* These two structs declare a block of policy that has TE and RBAC 403 * statements and declarations. The root block (the global policy) 404 * can never have an ELSE branch. */ 405typedef struct avrule_decl { 406 uint32_t decl_id; 407 uint32_t enabled; /* whether this block is enabled */ 408 409 cond_list_t *cond_list; 410 avrule_t *avrules; 411 role_trans_rule_t *role_tr_rules; 412 role_allow_rule_t *role_allow_rules; 413 range_trans_rule_t *range_tr_rules; 414 scope_index_t required; /* symbols needed to activate this block */ 415 scope_index_t declared; /* symbols declared within this block */ 416 417 /* type transition rules with a 'name' component */ 418 filename_trans_rule_t *filename_trans_rules; 419 420 /* for additive statements (type attribute, roles, and users) */ 421 symtab_t symtab[SYM_NUM]; 422 423 /* In a linked module this will contain the name of the module 424 * from which this avrule_decl originated. */ 425 char *module_name; 426 427 struct avrule_decl *next; 428} avrule_decl_t; 429 430typedef struct avrule_block { 431 avrule_decl_t *branch_list; 432 avrule_decl_t *enabled; /* pointer to which branch is enabled. this is 433 used in linking and never written to disk */ 434#define AVRULE_OPTIONAL 1 435 uint32_t flags; /* any flags for this block, currently just optional */ 436 struct avrule_block *next; 437} avrule_block_t; 438 439/* Every identifier has its own scope datum. The datum describes if 440 * the item is to be included into the final policy during 441 * expansion. */ 442typedef struct scope_datum { 443/* Required for this decl */ 444#define SCOPE_REQ 1 445/* Declared in this decl */ 446#define SCOPE_DECL 2 447 uint32_t scope; 448 uint32_t *decl_ids; 449 uint32_t decl_ids_len; 450 /* decl_ids is a list of avrule_decl's that declare/require 451 * this symbol. If scope==SCOPE_DECL then this is a list of 452 * declarations. If the symbol may only be declared once 453 * (types, bools) then decl_ids_len will be exactly 1. For 454 * implicitly declared things (roles, users) then decl_ids_len 455 * will be at least 1. */ 456} scope_datum_t; 457 458/* The policy database */ 459typedef struct policydb { 460#define POLICY_KERN SEPOL_POLICY_KERN 461#define POLICY_BASE SEPOL_POLICY_BASE 462#define POLICY_MOD SEPOL_POLICY_MOD 463 uint32_t policy_type; 464 char *name; 465 char *version; 466 int target_platform; 467 468 /* Set when the policydb is modified such that writing is unsupported */ 469 int unsupported_format; 470 471 /* Whether this policydb is mls, should always be set */ 472 int mls; 473 474 /* symbol tables */ 475 symtab_t symtab[SYM_NUM]; 476#define p_commons symtab[SYM_COMMONS] 477#define p_classes symtab[SYM_CLASSES] 478#define p_roles symtab[SYM_ROLES] 479#define p_types symtab[SYM_TYPES] 480#define p_users symtab[SYM_USERS] 481#define p_bools symtab[SYM_BOOLS] 482#define p_levels symtab[SYM_LEVELS] 483#define p_cats symtab[SYM_CATS] 484 485 /* symbol names indexed by (value - 1) */ 486 char **sym_val_to_name[SYM_NUM]; 487#define p_common_val_to_name sym_val_to_name[SYM_COMMONS] 488#define p_class_val_to_name sym_val_to_name[SYM_CLASSES] 489#define p_role_val_to_name sym_val_to_name[SYM_ROLES] 490#define p_type_val_to_name sym_val_to_name[SYM_TYPES] 491#define p_user_val_to_name sym_val_to_name[SYM_USERS] 492#define p_bool_val_to_name sym_val_to_name[SYM_BOOLS] 493#define p_sens_val_to_name sym_val_to_name[SYM_LEVELS] 494#define p_cat_val_to_name sym_val_to_name[SYM_CATS] 495 496 /* class, role, and user attributes indexed by (value - 1) */ 497 class_datum_t **class_val_to_struct; 498 role_datum_t **role_val_to_struct; 499 user_datum_t **user_val_to_struct; 500 type_datum_t **type_val_to_struct; 501 502 /* module stuff section -- used in parsing and for modules */ 503 504 /* keep track of the scope for every identifier. these are 505 * hash tables, where the key is the identifier name and value 506 * a scope_datum_t. as a convenience, one may use the 507 * p_*_macros (cf. struct scope_index_t declaration). */ 508 symtab_t scope[SYM_NUM]; 509 510 /* module rule storage */ 511 avrule_block_t *global; 512 /* avrule_decl index used for link/expand */ 513 avrule_decl_t **decl_val_to_struct; 514 515 /* compiled storage of rules - use for the kernel policy */ 516 517 /* type enforcement access vectors and transitions */ 518 avtab_t te_avtab; 519 520 /* bools indexed by (value - 1) */ 521 cond_bool_datum_t **bool_val_to_struct; 522 /* type enforcement conditional access vectors and transitions */ 523 avtab_t te_cond_avtab; 524 /* linked list indexing te_cond_avtab by conditional */ 525 cond_list_t *cond_list; 526 527 /* role transitions */ 528 role_trans_t *role_tr; 529 530 /* type transition rules with a 'name' component */ 531 filename_trans_t *filename_trans; 532 533 /* role allows */ 534 role_allow_t *role_allow; 535 536 /* security contexts of initial SIDs, unlabeled file systems, 537 TCP or UDP port numbers, network interfaces and nodes */ 538 ocontext_t *ocontexts[OCON_NUM]; 539 540 /* security contexts for files in filesystems that cannot support 541 a persistent label mapping or use another 542 fixed labeling behavior. */ 543 genfs_t *genfs; 544 545 /* range transitions */ 546 range_trans_t *range_tr; 547 548 ebitmap_t *type_attr_map; 549 550 ebitmap_t *attr_type_map; /* not saved in the binary policy */ 551 552 ebitmap_t policycaps; 553 554 /* this bitmap is referenced by type NOT the typical type-1 used in other 555 bitmaps. Someday the 0 bit may be used for global permissive */ 556 ebitmap_t permissive_map; 557 558 unsigned policyvers; 559 560 unsigned handle_unknown; 561} policydb_t; 562 563struct sepol_policydb { 564 struct policydb p; 565}; 566 567extern int policydb_init(policydb_t * p); 568 569extern int policydb_from_image(sepol_handle_t * handle, 570 void *data, size_t len, policydb_t * policydb); 571 572extern int policydb_to_image(sepol_handle_t * handle, 573 policydb_t * policydb, void **newdata, 574 size_t * newlen); 575 576extern int policydb_index_classes(policydb_t * p); 577 578extern int policydb_index_bools(policydb_t * p); 579 580extern int policydb_index_others(sepol_handle_t * handle, policydb_t * p, 581 unsigned int verbose); 582 583extern int policydb_reindex_users(policydb_t * p); 584 585extern void policydb_destroy(policydb_t * p); 586 587extern int policydb_load_isids(policydb_t * p, sidtab_t * s); 588 589/* Deprecated */ 590extern int policydb_context_isvalid(const policydb_t * p, 591 const context_struct_t * c); 592 593extern void symtabs_destroy(symtab_t * symtab); 594extern int scope_destroy(hashtab_key_t key, hashtab_datum_t datum, void *p); 595typedef void (*hashtab_destroy_func_t) (hashtab_key_t k, hashtab_datum_t d, 596 void *args); 597extern hashtab_destroy_func_t get_symtab_destroy_func(int sym_num); 598 599extern void class_perm_node_init(class_perm_node_t * x); 600extern void type_set_init(type_set_t * x); 601extern void type_set_destroy(type_set_t * x); 602extern int type_set_cpy(type_set_t * dst, type_set_t * src); 603extern int type_set_or_eq(type_set_t * dst, type_set_t * other); 604extern void role_set_init(role_set_t * x); 605extern void role_set_destroy(role_set_t * x); 606extern void avrule_init(avrule_t * x); 607extern void avrule_destroy(avrule_t * x); 608extern void avrule_list_destroy(avrule_t * x); 609extern void role_trans_rule_init(role_trans_rule_t * x); 610extern void role_trans_rule_list_destroy(role_trans_rule_t * x); 611extern void filename_trans_rule_init(filename_trans_rule_t * x); 612extern void filename_trans_rule_list_destroy(filename_trans_rule_t * x); 613 614extern void role_datum_init(role_datum_t * x); 615extern void role_datum_destroy(role_datum_t * x); 616extern void role_allow_rule_init(role_allow_rule_t * x); 617extern void role_allow_rule_destroy(role_allow_rule_t * x); 618extern void role_allow_rule_list_destroy(role_allow_rule_t * x); 619extern void range_trans_rule_init(range_trans_rule_t *x); 620extern void range_trans_rule_destroy(range_trans_rule_t *x); 621extern void range_trans_rule_list_destroy(range_trans_rule_t *x); 622extern void type_datum_init(type_datum_t * x); 623extern void type_datum_destroy(type_datum_t * x); 624extern void user_datum_init(user_datum_t * x); 625extern void user_datum_destroy(user_datum_t * x); 626extern void level_datum_init(level_datum_t * x); 627extern void level_datum_destroy(level_datum_t * x); 628extern void cat_datum_init(cat_datum_t * x); 629extern void cat_datum_destroy(cat_datum_t * x); 630 631extern int check_assertions(sepol_handle_t * handle, 632 policydb_t * p, avrule_t * avrules); 633 634extern int symtab_insert(policydb_t * x, uint32_t sym, 635 hashtab_key_t key, hashtab_datum_t datum, 636 uint32_t scope, uint32_t avrule_decl_id, 637 uint32_t * value); 638 639/* A policy "file" may be a memory region referenced by a (data, len) pair 640 or a file referenced by a FILE pointer. */ 641typedef struct policy_file { 642#define PF_USE_MEMORY 0 643#define PF_USE_STDIO 1 644#define PF_LEN 2 /* total up length in len field */ 645 unsigned type; 646 char *data; 647 size_t len; 648 size_t size; 649 FILE *fp; 650 struct sepol_handle *handle; 651} policy_file_t; 652 653struct sepol_policy_file { 654 struct policy_file pf; 655}; 656 657extern void policy_file_init(policy_file_t * x); 658 659extern int policydb_read(policydb_t * p, struct policy_file *fp, 660 unsigned int verbose); 661extern int avrule_read_list(policydb_t * p, avrule_t ** avrules, 662 struct policy_file *fp); 663 664extern int policydb_write(struct policydb *p, struct policy_file *pf); 665extern int policydb_set_target_platform(policydb_t *p, int platform); 666 667#define PERM_SYMTAB_SIZE 32 668 669/* Identify specific policy version changes */ 670#define POLICYDB_VERSION_BASE 15 671#define POLICYDB_VERSION_BOOL 16 672#define POLICYDB_VERSION_IPV6 17 673#define POLICYDB_VERSION_NLCLASS 18 674#define POLICYDB_VERSION_VALIDATETRANS 19 675#define POLICYDB_VERSION_MLS 19 676#define POLICYDB_VERSION_AVTAB 20 677#define POLICYDB_VERSION_RANGETRANS 21 678#define POLICYDB_VERSION_POLCAP 22 679#define POLICYDB_VERSION_PERMISSIVE 23 680#define POLICYDB_VERSION_BOUNDARY 24 681#define POLICYDB_VERSION_FILENAME_TRANS 25 682#define POLICYDB_VERSION_ROLETRANS 26 683#define POLICYDB_VERSION_NEW_OBJECT_DEFAULTS 27 684 685/* Range of policy versions we understand*/ 686#define POLICYDB_VERSION_MIN POLICYDB_VERSION_BASE 687#define POLICYDB_VERSION_MAX POLICYDB_VERSION_NEW_OBJECT_DEFAULTS 688 689/* Module versions and specific changes*/ 690#define MOD_POLICYDB_VERSION_BASE 4 691#define MOD_POLICYDB_VERSION_VALIDATETRANS 5 692#define MOD_POLICYDB_VERSION_MLS 5 693#define MOD_POLICYDB_VERSION_RANGETRANS 6 694#define MOD_POLICYDB_VERSION_MLS_USERS 6 695#define MOD_POLICYDB_VERSION_POLCAP 7 696#define MOD_POLICYDB_VERSION_PERMISSIVE 8 697#define MOD_POLICYDB_VERSION_BOUNDARY 9 698#define MOD_POLICYDB_VERSION_BOUNDARY_ALIAS 10 699#define MOD_POLICYDB_VERSION_FILENAME_TRANS 11 700#define MOD_POLICYDB_VERSION_ROLETRANS 12 701#define MOD_POLICYDB_VERSION_ROLEATTRIB 13 702#define MOD_POLICYDB_VERSION_TUNABLE_SEP 14 703#define MOD_POLICYDB_VERSION_NEW_OBJECT_DEFAULTS 15 704 705#define MOD_POLICYDB_VERSION_MIN MOD_POLICYDB_VERSION_BASE 706#define MOD_POLICYDB_VERSION_MAX MOD_POLICYDB_VERSION_NEW_OBJECT_DEFAULTS 707 708#define POLICYDB_CONFIG_MLS 1 709 710/* macros to check policy feature */ 711 712/* TODO: add other features here */ 713 714#define policydb_has_boundary_feature(p) \ 715 (((p)->policy_type == POLICY_KERN \ 716 && p->policyvers >= POLICYDB_VERSION_BOUNDARY) || \ 717 ((p)->policy_type != POLICY_KERN \ 718 && p->policyvers >= MOD_POLICYDB_VERSION_BOUNDARY)) 719 720/* the config flags related to unknown classes/perms are bits 2 and 3 */ 721#define DENY_UNKNOWN SEPOL_DENY_UNKNOWN 722#define REJECT_UNKNOWN SEPOL_REJECT_UNKNOWN 723#define ALLOW_UNKNOWN SEPOL_ALLOW_UNKNOWN 724 725#define POLICYDB_CONFIG_UNKNOWN_MASK (DENY_UNKNOWN | REJECT_UNKNOWN | ALLOW_UNKNOWN) 726 727#define OBJECT_R "object_r" 728#define OBJECT_R_VAL 1 729 730#define POLICYDB_MAGIC SELINUX_MAGIC 731#define POLICYDB_STRING "SE Linux" 732#define POLICYDB_XEN_STRING "XenFlask" 733#define POLICYDB_STRING_MAX_LENGTH 32 734#define POLICYDB_MOD_MAGIC SELINUX_MOD_MAGIC 735#define POLICYDB_MOD_STRING "SE Linux Module" 736#define SEPOL_TARGET_SELINUX 0 737#define SEPOL_TARGET_XEN 1 738 739 740#endif /* _POLICYDB_H_ */ 741 742/* FLASK */ 743