1/* Author : Stephen Smalley, <sds@epoch.ncsc.mil> */ 2 3/* 4 * Updated: Joshua Brindle <jbrindle@tresys.com> 5 * Karl MacMillan <kmacmillan@tresys.com> 6 * Jason Tang <jtang@tresys.com> 7 * 8 * Module support 9 * 10 * Updated: Trusted Computer Solutions, Inc. <dgoeddel@trustedcs.com> 11 * 12 * Support for enhanced MLS infrastructure. 13 * 14 * Updated: Frank Mayer <mayerf@tresys.com> and Karl MacMillan <kmacmillan@tresys.com> 15 * 16 * Added conditional policy language extensions 17 * 18 * Updated: Red Hat, Inc. James Morris <jmorris@redhat.com> 19 * 20 * Fine-grained netlink support 21 * IPv6 support 22 * Code cleanup 23 * 24 * Copyright (C) 2004-2005 Trusted Computer Solutions, Inc. 25 * Copyright (C) 2003 - 2004 Tresys Technology, LLC 26 * Copyright (C) 2003 - 2004 Red Hat, Inc. 27 * 28 * This library is free software; you can redistribute it and/or 29 * modify it under the terms of the GNU Lesser General Public 30 * License as published by the Free Software Foundation; either 31 * version 2.1 of the License, or (at your option) any later version. 32 * 33 * This library is distributed in the hope that it will be useful, 34 * but WITHOUT ANY WARRANTY; without even the implied warranty of 35 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 36 * Lesser General Public License for more details. 37 * 38 * You should have received a copy of the GNU Lesser General Public 39 * License along with this library; if not, write to the Free Software 40 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA 41 */ 42 43/* FLASK */ 44 45/* 46 * A policy database (policydb) specifies the 47 * configuration data for the security policy. 48 */ 49 50#ifndef _SEPOL_POLICYDB_POLICYDB_H_ 51#define _SEPOL_POLICYDB_POLICYDB_H_ 52 53#include <stdio.h> 54#include <stddef.h> 55 56#include <sepol/policydb.h> 57 58#include <sepol/policydb/flask_types.h> 59#include <sepol/policydb/symtab.h> 60#include <sepol/policydb/avtab.h> 61#include <sepol/policydb/context.h> 62#include <sepol/policydb/constraint.h> 63#include <sepol/policydb/sidtab.h> 64 65#define ERRMSG_LEN 1024 66 67#define POLICYDB_SUCCESS 0 68#define POLICYDB_ERROR -1 69#define POLICYDB_UNSUPPORTED -2 70 71#ifdef __cplusplus 72extern "C" { 73#endif 74 75/* 76 * A datum type is defined for each kind of symbol 77 * in the configuration data: individual permissions, 78 * common prefixes for access vectors, classes, 79 * users, roles, types, sensitivities, categories, etc. 80 */ 81 82/* type set preserves data needed by modules such as *, ~ and attributes */ 83typedef struct type_set { 84 ebitmap_t types; 85 ebitmap_t negset; 86#define TYPE_STAR 1 87#define TYPE_COMP 2 88 uint32_t flags; 89} type_set_t; 90 91typedef struct role_set { 92 ebitmap_t roles; 93#define ROLE_STAR 1 94#define ROLE_COMP 2 95 uint32_t flags; 96} role_set_t; 97 98/* Permission attributes */ 99typedef struct perm_datum { 100 symtab_datum_t s; 101} perm_datum_t; 102 103/* Attributes of a common prefix for access vectors */ 104typedef struct common_datum { 105 symtab_datum_t s; 106 symtab_t permissions; /* common permissions */ 107} common_datum_t; 108 109/* Class attributes */ 110typedef struct class_datum { 111 symtab_datum_t s; 112 char *comkey; /* common name */ 113 common_datum_t *comdatum; /* common datum */ 114 symtab_t permissions; /* class-specific permission symbol table */ 115 constraint_node_t *constraints; /* constraints on class permissions */ 116 constraint_node_t *validatetrans; /* special transition rules */ 117/* Options how a new object user and role should be decided */ 118#define DEFAULT_SOURCE 1 119#define DEFAULT_TARGET 2 120 char default_user; 121 char default_role; 122 char default_type; 123/* Options how a new object range should be decided */ 124#define DEFAULT_SOURCE_LOW 1 125#define DEFAULT_SOURCE_HIGH 2 126#define DEFAULT_SOURCE_LOW_HIGH 3 127#define DEFAULT_TARGET_LOW 4 128#define DEFAULT_TARGET_HIGH 5 129#define DEFAULT_TARGET_LOW_HIGH 6 130 char default_range; 131} class_datum_t; 132 133/* Role attributes */ 134typedef struct role_datum { 135 symtab_datum_t s; 136 ebitmap_t dominates; /* set of roles dominated by this role */ 137 type_set_t types; /* set of authorized types for role */ 138 ebitmap_t cache; /* This is an expanded set used for context validation during parsing */ 139 uint32_t bounds; /* bounds role, if exist */ 140#define ROLE_ROLE 0 /* regular role in kernel policies */ 141#define ROLE_ATTRIB 1 /* attribute */ 142 uint32_t flavor; 143 ebitmap_t roles; /* roles with this attribute */ 144} role_datum_t; 145 146typedef struct role_trans { 147 uint32_t role; /* current role */ 148 uint32_t type; /* program executable type, or new object type */ 149 uint32_t tclass; /* process class, or new object class */ 150 uint32_t new_role; /* new role */ 151 struct role_trans *next; 152} role_trans_t; 153 154typedef struct role_allow { 155 uint32_t role; /* current role */ 156 uint32_t new_role; /* new role */ 157 struct role_allow *next; 158} role_allow_t; 159 160/* filename_trans rules */ 161typedef struct filename_trans { 162 uint32_t stype; 163 uint32_t ttype; 164 uint32_t tclass; 165 char *name; 166} filename_trans_t; 167 168typedef struct filename_trans_datum { 169 uint32_t otype; /* expected of new object */ 170} filename_trans_datum_t; 171 172/* Type attributes */ 173typedef struct type_datum { 174 symtab_datum_t s; 175 uint32_t primary; /* primary name? can be set to primary value if below is TYPE_ */ 176#define TYPE_TYPE 0 /* regular type or alias in kernel policies */ 177#define TYPE_ATTRIB 1 /* attribute */ 178#define TYPE_ALIAS 2 /* alias in modular policy */ 179 uint32_t flavor; 180 ebitmap_t types; /* types with this attribute */ 181#define TYPE_FLAGS_PERMISSIVE (1 << 0) 182#define TYPE_FLAGS_EXPAND_ATTR_TRUE (1 << 1) 183#define TYPE_FLAGS_EXPAND_ATTR_FALSE (1 << 2) 184#define TYPE_FLAGS_EXPAND_ATTR (TYPE_FLAGS_EXPAND_ATTR_TRUE | \ 185 TYPE_FLAGS_EXPAND_ATTR_FALSE) 186 uint32_t flags; 187 uint32_t bounds; /* bounds type, if exist */ 188} type_datum_t; 189 190/* 191 * Properties of type_datum 192 * available on the policy version >= (MOD_)POLICYDB_VERSION_BOUNDARY 193 */ 194#define TYPEDATUM_PROPERTY_PRIMARY 0x0001 195#define TYPEDATUM_PROPERTY_ATTRIBUTE 0x0002 196#define TYPEDATUM_PROPERTY_ALIAS 0x0004 /* userspace only */ 197#define TYPEDATUM_PROPERTY_PERMISSIVE 0x0008 /* userspace only */ 198 199/* User attributes */ 200typedef struct user_datum { 201 symtab_datum_t s; 202 role_set_t roles; /* set of authorized roles for user */ 203 mls_semantic_range_t range; /* MLS range (min. - max.) for user */ 204 mls_semantic_level_t dfltlevel; /* default login MLS level for user */ 205 ebitmap_t cache; /* This is an expanded set used for context validation during parsing */ 206 mls_range_t exp_range; /* expanded range used for validation */ 207 mls_level_t exp_dfltlevel; /* expanded range used for validation */ 208 uint32_t bounds; /* bounds user, if exist */ 209} user_datum_t; 210 211/* Sensitivity attributes */ 212typedef struct level_datum { 213 mls_level_t *level; /* sensitivity and associated categories */ 214 unsigned char isalias; /* is this sensitivity an alias for another? */ 215 unsigned char defined; 216} level_datum_t; 217 218/* Category attributes */ 219typedef struct cat_datum { 220 symtab_datum_t s; 221 unsigned char isalias; /* is this category an alias for another? */ 222} cat_datum_t; 223 224typedef struct range_trans { 225 uint32_t source_type; 226 uint32_t target_type; 227 uint32_t target_class; 228} range_trans_t; 229 230/* Boolean data type */ 231typedef struct cond_bool_datum { 232 symtab_datum_t s; 233 int state; 234#define COND_BOOL_FLAGS_TUNABLE 0x01 /* is this a tunable? */ 235 uint32_t flags; 236} cond_bool_datum_t; 237 238struct cond_node; 239 240typedef struct cond_node cond_list_t; 241struct cond_av_list; 242 243typedef struct class_perm_node { 244 uint32_t tclass; 245 uint32_t data; /* permissions or new type */ 246 struct class_perm_node *next; 247} class_perm_node_t; 248 249#define xperm_test(x, p) (1 & (p[x >> 5] >> (x & 0x1f))) 250#define xperm_set(x, p) (p[x >> 5] |= (1 << (x & 0x1f))) 251#define xperm_clear(x, p) (p[x >> 5] &= ~(1 << (x & 0x1f))) 252#define EXTENDED_PERMS_LEN 8 253 254typedef struct av_extended_perms { 255#define AVRULE_XPERMS_IOCTLFUNCTION 0x01 256#define AVRULE_XPERMS_IOCTLDRIVER 0x02 257 uint8_t specified; 258 uint8_t driver; 259 /* 256 bits of permissions */ 260 uint32_t perms[EXTENDED_PERMS_LEN]; 261} av_extended_perms_t; 262 263typedef struct avrule { 264/* these typedefs are almost exactly the same as those in avtab.h - they are 265 * here because of the need to include neverallow and dontaudit messages */ 266#define AVRULE_ALLOWED AVTAB_ALLOWED 267#define AVRULE_AUDITALLOW AVTAB_AUDITALLOW 268#define AVRULE_AUDITDENY AVTAB_AUDITDENY 269#define AVRULE_DONTAUDIT 0x0008 270#define AVRULE_NEVERALLOW AVTAB_NEVERALLOW 271#define AVRULE_AV (AVRULE_ALLOWED | AVRULE_AUDITALLOW | AVRULE_AUDITDENY | AVRULE_DONTAUDIT | AVRULE_NEVERALLOW) 272#define AVRULE_TRANSITION AVTAB_TRANSITION 273#define AVRULE_MEMBER AVTAB_MEMBER 274#define AVRULE_CHANGE AVTAB_CHANGE 275#define AVRULE_TYPE (AVRULE_TRANSITION | AVRULE_MEMBER | AVRULE_CHANGE) 276#define AVRULE_XPERMS_ALLOWED AVTAB_XPERMS_ALLOWED 277#define AVRULE_XPERMS_AUDITALLOW AVTAB_XPERMS_AUDITALLOW 278#define AVRULE_XPERMS_DONTAUDIT AVTAB_XPERMS_DONTAUDIT 279#define AVRULE_XPERMS_NEVERALLOW AVTAB_XPERMS_NEVERALLOW 280#define AVRULE_XPERMS (AVRULE_XPERMS_ALLOWED | AVRULE_XPERMS_AUDITALLOW | \ 281 AVRULE_XPERMS_DONTAUDIT | AVRULE_XPERMS_NEVERALLOW) 282 uint32_t specified; 283#define RULE_SELF 1 284 uint32_t flags; 285 type_set_t stypes; 286 type_set_t ttypes; 287 class_perm_node_t *perms; 288 av_extended_perms_t *xperms; 289 unsigned long line; /* line number from policy.conf where 290 * this rule originated */ 291 /* source file name and line number (e.g. .te file) */ 292 char *source_filename; 293 unsigned long source_line; 294 struct avrule *next; 295} avrule_t; 296 297typedef struct role_trans_rule { 298 role_set_t roles; /* current role */ 299 type_set_t types; /* program executable type, or new object type */ 300 ebitmap_t classes; /* process class, or new object class */ 301 uint32_t new_role; /* new role */ 302 struct role_trans_rule *next; 303} role_trans_rule_t; 304 305typedef struct role_allow_rule { 306 role_set_t roles; /* current role */ 307 role_set_t new_roles; /* new roles */ 308 struct role_allow_rule *next; 309} role_allow_rule_t; 310 311typedef struct filename_trans_rule { 312 type_set_t stypes; 313 type_set_t ttypes; 314 uint32_t tclass; 315 char *name; 316 uint32_t otype; /* new type */ 317 struct filename_trans_rule *next; 318} filename_trans_rule_t; 319 320typedef struct range_trans_rule { 321 type_set_t stypes; 322 type_set_t ttypes; 323 ebitmap_t tclasses; 324 mls_semantic_range_t trange; 325 struct range_trans_rule *next; 326} range_trans_rule_t; 327 328/* 329 * The configuration data includes security contexts for 330 * initial SIDs, unlabeled file systems, TCP and UDP port numbers, 331 * network interfaces, and nodes. This structure stores the 332 * relevant data for one such entry. Entries of the same kind 333 * (e.g. all initial SIDs) are linked together into a list. 334 */ 335typedef struct ocontext { 336 union { 337 char *name; /* name of initial SID, fs, netif, fstype, path */ 338 struct { 339 uint8_t protocol; 340 uint16_t low_port; 341 uint16_t high_port; 342 } port; /* TCP or UDP port information */ 343 struct { 344 uint32_t addr; /* network order */ 345 uint32_t mask; /* network order */ 346 } node; /* node information */ 347 struct { 348 uint32_t addr[4]; /* network order */ 349 uint32_t mask[4]; /* network order */ 350 } node6; /* IPv6 node information */ 351 uint32_t device; 352 uint16_t pirq; 353 struct { 354 uint64_t low_iomem; 355 uint64_t high_iomem; 356 } iomem; 357 struct { 358 uint32_t low_ioport; 359 uint32_t high_ioport; 360 } ioport; 361 } u; 362 union { 363 uint32_t sclass; /* security class for genfs */ 364 uint32_t behavior; /* labeling behavior for fs_use */ 365 } v; 366 context_struct_t context[2]; /* security context(s) */ 367 sepol_security_id_t sid[2]; /* SID(s) */ 368 struct ocontext *next; 369} ocontext_t; 370 371typedef struct genfs { 372 char *fstype; 373 struct ocontext *head; 374 struct genfs *next; 375} genfs_t; 376 377/* symbol table array indices */ 378#define SYM_COMMONS 0 379#define SYM_CLASSES 1 380#define SYM_ROLES 2 381#define SYM_TYPES 3 382#define SYM_USERS 4 383#define SYM_BOOLS 5 384#define SYM_LEVELS 6 385#define SYM_CATS 7 386#define SYM_NUM 8 387 388/* object context array indices */ 389#define OCON_ISID 0 /* initial SIDs */ 390#define OCON_FS 1 /* unlabeled file systems */ 391#define OCON_PORT 2 /* TCP and UDP port numbers */ 392#define OCON_NETIF 3 /* network interfaces */ 393#define OCON_NODE 4 /* nodes */ 394#define OCON_FSUSE 5 /* fs_use */ 395#define OCON_NODE6 6 /* IPv6 nodes */ 396#define OCON_GENFS 7 /* needed for ocontext_supported */ 397 398/* object context array indices for Xen */ 399#define OCON_XEN_ISID 0 /* initial SIDs */ 400#define OCON_XEN_PIRQ 1 /* physical irqs */ 401#define OCON_XEN_IOPORT 2 /* io ports */ 402#define OCON_XEN_IOMEM 3 /* io memory */ 403#define OCON_XEN_PCIDEVICE 4 /* pci devices */ 404#define OCON_XEN_DEVICETREE 5 /* device tree node */ 405 406/* OCON_NUM needs to be the largest index in any platform's ocontext array */ 407#define OCON_NUM 7 408 409/* section: module information */ 410 411/* scope_index_t holds all of the symbols that are in scope in a 412 * particular situation. The bitmaps are indices (and thus must 413 * subtract one) into the global policydb->scope array. */ 414typedef struct scope_index { 415 ebitmap_t scope[SYM_NUM]; 416#define p_classes_scope scope[SYM_CLASSES] 417#define p_roles_scope scope[SYM_ROLES] 418#define p_types_scope scope[SYM_TYPES] 419#define p_users_scope scope[SYM_USERS] 420#define p_bools_scope scope[SYM_BOOLS] 421#define p_sens_scope scope[SYM_LEVELS] 422#define p_cat_scope scope[SYM_CATS] 423 424 /* this array maps from class->value to the permissions within 425 * scope. if bit (perm->value - 1) is set in map 426 * class_perms_map[class->value - 1] then that permission is 427 * enabled for this class within this decl. */ 428 ebitmap_t *class_perms_map; 429 /* total number of classes in class_perms_map array */ 430 uint32_t class_perms_len; 431} scope_index_t; 432 433/* a list of declarations for a particular avrule_decl */ 434 435/* These two structs declare a block of policy that has TE and RBAC 436 * statements and declarations. The root block (the global policy) 437 * can never have an ELSE branch. */ 438typedef struct avrule_decl { 439 uint32_t decl_id; 440 uint32_t enabled; /* whether this block is enabled */ 441 442 cond_list_t *cond_list; 443 avrule_t *avrules; 444 role_trans_rule_t *role_tr_rules; 445 role_allow_rule_t *role_allow_rules; 446 range_trans_rule_t *range_tr_rules; 447 scope_index_t required; /* symbols needed to activate this block */ 448 scope_index_t declared; /* symbols declared within this block */ 449 450 /* type transition rules with a 'name' component */ 451 filename_trans_rule_t *filename_trans_rules; 452 453 /* for additive statements (type attribute, roles, and users) */ 454 symtab_t symtab[SYM_NUM]; 455 456 /* In a linked module this will contain the name of the module 457 * from which this avrule_decl originated. */ 458 char *module_name; 459 460 struct avrule_decl *next; 461} avrule_decl_t; 462 463typedef struct avrule_block { 464 avrule_decl_t *branch_list; 465 avrule_decl_t *enabled; /* pointer to which branch is enabled. this is 466 used in linking and never written to disk */ 467#define AVRULE_OPTIONAL 1 468 uint32_t flags; /* any flags for this block, currently just optional */ 469 struct avrule_block *next; 470} avrule_block_t; 471 472/* Every identifier has its own scope datum. The datum describes if 473 * the item is to be included into the final policy during 474 * expansion. */ 475typedef struct scope_datum { 476/* Required for this decl */ 477#define SCOPE_REQ 1 478/* Declared in this decl */ 479#define SCOPE_DECL 2 480 uint32_t scope; 481 uint32_t *decl_ids; 482 uint32_t decl_ids_len; 483 /* decl_ids is a list of avrule_decl's that declare/require 484 * this symbol. If scope==SCOPE_DECL then this is a list of 485 * declarations. If the symbol may only be declared once 486 * (types, bools) then decl_ids_len will be exactly 1. For 487 * implicitly declared things (roles, users) then decl_ids_len 488 * will be at least 1. */ 489} scope_datum_t; 490 491/* The policy database */ 492typedef struct policydb { 493#define POLICY_KERN SEPOL_POLICY_KERN 494#define POLICY_BASE SEPOL_POLICY_BASE 495#define POLICY_MOD SEPOL_POLICY_MOD 496 uint32_t policy_type; 497 char *name; 498 char *version; 499 int target_platform; 500 501 /* Set when the policydb is modified such that writing is unsupported */ 502 int unsupported_format; 503 504 /* Whether this policydb is mls, should always be set */ 505 int mls; 506 507 /* symbol tables */ 508 symtab_t symtab[SYM_NUM]; 509#define p_commons symtab[SYM_COMMONS] 510#define p_classes symtab[SYM_CLASSES] 511#define p_roles symtab[SYM_ROLES] 512#define p_types symtab[SYM_TYPES] 513#define p_users symtab[SYM_USERS] 514#define p_bools symtab[SYM_BOOLS] 515#define p_levels symtab[SYM_LEVELS] 516#define p_cats symtab[SYM_CATS] 517 518 /* symbol names indexed by (value - 1) */ 519 char **sym_val_to_name[SYM_NUM]; 520#define p_common_val_to_name sym_val_to_name[SYM_COMMONS] 521#define p_class_val_to_name sym_val_to_name[SYM_CLASSES] 522#define p_role_val_to_name sym_val_to_name[SYM_ROLES] 523#define p_type_val_to_name sym_val_to_name[SYM_TYPES] 524#define p_user_val_to_name sym_val_to_name[SYM_USERS] 525#define p_bool_val_to_name sym_val_to_name[SYM_BOOLS] 526#define p_sens_val_to_name sym_val_to_name[SYM_LEVELS] 527#define p_cat_val_to_name sym_val_to_name[SYM_CATS] 528 529 /* class, role, and user attributes indexed by (value - 1) */ 530 class_datum_t **class_val_to_struct; 531 role_datum_t **role_val_to_struct; 532 user_datum_t **user_val_to_struct; 533 type_datum_t **type_val_to_struct; 534 535 /* module stuff section -- used in parsing and for modules */ 536 537 /* keep track of the scope for every identifier. these are 538 * hash tables, where the key is the identifier name and value 539 * a scope_datum_t. as a convenience, one may use the 540 * p_*_macros (cf. struct scope_index_t declaration). */ 541 symtab_t scope[SYM_NUM]; 542 543 /* module rule storage */ 544 avrule_block_t *global; 545 /* avrule_decl index used for link/expand */ 546 avrule_decl_t **decl_val_to_struct; 547 548 /* compiled storage of rules - use for the kernel policy */ 549 550 /* type enforcement access vectors and transitions */ 551 avtab_t te_avtab; 552 553 /* bools indexed by (value - 1) */ 554 cond_bool_datum_t **bool_val_to_struct; 555 /* type enforcement conditional access vectors and transitions */ 556 avtab_t te_cond_avtab; 557 /* linked list indexing te_cond_avtab by conditional */ 558 cond_list_t *cond_list; 559 560 /* role transitions */ 561 role_trans_t *role_tr; 562 563 /* role allows */ 564 role_allow_t *role_allow; 565 566 /* security contexts of initial SIDs, unlabeled file systems, 567 TCP or UDP port numbers, network interfaces and nodes */ 568 ocontext_t *ocontexts[OCON_NUM]; 569 570 /* security contexts for files in filesystems that cannot support 571 a persistent label mapping or use another 572 fixed labeling behavior. */ 573 genfs_t *genfs; 574 575 /* range transitions table (range_trans_key -> mls_range) */ 576 hashtab_t range_tr; 577 578 /* file transitions with the last path component */ 579 hashtab_t filename_trans; 580 581 ebitmap_t *type_attr_map; 582 583 ebitmap_t *attr_type_map; /* not saved in the binary policy */ 584 585 ebitmap_t policycaps; 586 587 /* this bitmap is referenced by type NOT the typical type-1 used in other 588 bitmaps. Someday the 0 bit may be used for global permissive */ 589 ebitmap_t permissive_map; 590 591 unsigned policyvers; 592 593 unsigned handle_unknown; 594} policydb_t; 595 596struct sepol_policydb { 597 struct policydb p; 598}; 599 600extern int policydb_init(policydb_t * p); 601 602extern int policydb_from_image(sepol_handle_t * handle, 603 void *data, size_t len, policydb_t * policydb); 604 605extern int policydb_to_image(sepol_handle_t * handle, 606 policydb_t * policydb, void **newdata, 607 size_t * newlen); 608 609extern int policydb_index_classes(policydb_t * p); 610 611extern int policydb_index_bools(policydb_t * p); 612 613extern int policydb_index_others(sepol_handle_t * handle, policydb_t * p, 614 unsigned int verbose); 615 616extern int policydb_role_cache(hashtab_key_t key, 617 hashtab_datum_t datum, 618 void *arg); 619 620extern int policydb_user_cache(hashtab_key_t key, 621 hashtab_datum_t datum, 622 void *arg); 623 624extern int policydb_reindex_users(policydb_t * p); 625 626extern void policydb_destroy(policydb_t * p); 627 628extern int policydb_load_isids(policydb_t * p, sidtab_t * s); 629 630/* Deprecated */ 631extern int policydb_context_isvalid(const policydb_t * p, 632 const context_struct_t * c); 633 634extern void symtabs_destroy(symtab_t * symtab); 635extern int scope_destroy(hashtab_key_t key, hashtab_datum_t datum, void *p); 636typedef void (*hashtab_destroy_func_t) (hashtab_key_t k, hashtab_datum_t d, 637 void *args); 638extern hashtab_destroy_func_t get_symtab_destroy_func(int sym_num); 639 640extern void class_perm_node_init(class_perm_node_t * x); 641extern void type_set_init(type_set_t * x); 642extern void type_set_destroy(type_set_t * x); 643extern int type_set_cpy(type_set_t * dst, type_set_t * src); 644extern int type_set_or_eq(type_set_t * dst, type_set_t * other); 645extern void role_set_init(role_set_t * x); 646extern void role_set_destroy(role_set_t * x); 647extern void avrule_init(avrule_t * x); 648extern void avrule_destroy(avrule_t * x); 649extern void avrule_list_destroy(avrule_t * x); 650extern void role_trans_rule_init(role_trans_rule_t * x); 651extern void role_trans_rule_list_destroy(role_trans_rule_t * x); 652extern void filename_trans_rule_init(filename_trans_rule_t * x); 653extern void filename_trans_rule_list_destroy(filename_trans_rule_t * x); 654 655extern void role_datum_init(role_datum_t * x); 656extern void role_datum_destroy(role_datum_t * x); 657extern void role_allow_rule_init(role_allow_rule_t * x); 658extern void role_allow_rule_destroy(role_allow_rule_t * x); 659extern void role_allow_rule_list_destroy(role_allow_rule_t * x); 660extern void range_trans_rule_init(range_trans_rule_t *x); 661extern void range_trans_rule_destroy(range_trans_rule_t *x); 662extern void range_trans_rule_list_destroy(range_trans_rule_t *x); 663extern void type_datum_init(type_datum_t * x); 664extern void type_datum_destroy(type_datum_t * x); 665extern void user_datum_init(user_datum_t * x); 666extern void user_datum_destroy(user_datum_t * x); 667extern void level_datum_init(level_datum_t * x); 668extern void level_datum_destroy(level_datum_t * x); 669extern void cat_datum_init(cat_datum_t * x); 670extern void cat_datum_destroy(cat_datum_t * x); 671extern int check_assertion(policydb_t *p, avrule_t *avrule); 672extern int check_assertions(sepol_handle_t * handle, 673 policydb_t * p, avrule_t * avrules); 674 675extern int symtab_insert(policydb_t * x, uint32_t sym, 676 hashtab_key_t key, hashtab_datum_t datum, 677 uint32_t scope, uint32_t avrule_decl_id, 678 uint32_t * value); 679 680/* A policy "file" may be a memory region referenced by a (data, len) pair 681 or a file referenced by a FILE pointer. */ 682typedef struct policy_file { 683#define PF_USE_MEMORY 0 684#define PF_USE_STDIO 1 685#define PF_LEN 2 /* total up length in len field */ 686 unsigned type; 687 char *data; 688 size_t len; 689 size_t size; 690 FILE *fp; 691 struct sepol_handle *handle; 692} policy_file_t; 693 694struct sepol_policy_file { 695 struct policy_file pf; 696}; 697 698extern void policy_file_init(policy_file_t * x); 699 700extern int policydb_read(policydb_t * p, struct policy_file *fp, 701 unsigned int verbose); 702extern int avrule_read_list(policydb_t * p, avrule_t ** avrules, 703 struct policy_file *fp); 704 705extern int policydb_write(struct policydb *p, struct policy_file *pf); 706extern int policydb_set_target_platform(policydb_t *p, int platform); 707 708#define PERM_SYMTAB_SIZE 32 709 710/* Identify specific policy version changes */ 711#define POLICYDB_VERSION_BASE 15 712#define POLICYDB_VERSION_BOOL 16 713#define POLICYDB_VERSION_IPV6 17 714#define POLICYDB_VERSION_NLCLASS 18 715#define POLICYDB_VERSION_VALIDATETRANS 19 716#define POLICYDB_VERSION_MLS 19 717#define POLICYDB_VERSION_AVTAB 20 718#define POLICYDB_VERSION_RANGETRANS 21 719#define POLICYDB_VERSION_POLCAP 22 720#define POLICYDB_VERSION_PERMISSIVE 23 721#define POLICYDB_VERSION_BOUNDARY 24 722#define POLICYDB_VERSION_FILENAME_TRANS 25 723#define POLICYDB_VERSION_ROLETRANS 26 724#define POLICYDB_VERSION_NEW_OBJECT_DEFAULTS 27 725#define POLICYDB_VERSION_DEFAULT_TYPE 28 726#define POLICYDB_VERSION_CONSTRAINT_NAMES 29 727#define POLICYDB_VERSION_XEN_DEVICETREE 30 /* Xen-specific */ 728#define POLICYDB_VERSION_XPERMS_IOCTL 30 /* Linux-specific */ 729 730/* Range of policy versions we understand*/ 731#define POLICYDB_VERSION_MIN POLICYDB_VERSION_BASE 732#define POLICYDB_VERSION_MAX POLICYDB_VERSION_XPERMS_IOCTL 733 734/* Module versions and specific changes*/ 735#define MOD_POLICYDB_VERSION_BASE 4 736#define MOD_POLICYDB_VERSION_VALIDATETRANS 5 737#define MOD_POLICYDB_VERSION_MLS 5 738#define MOD_POLICYDB_VERSION_RANGETRANS 6 739#define MOD_POLICYDB_VERSION_MLS_USERS 6 740#define MOD_POLICYDB_VERSION_POLCAP 7 741#define MOD_POLICYDB_VERSION_PERMISSIVE 8 742#define MOD_POLICYDB_VERSION_BOUNDARY 9 743#define MOD_POLICYDB_VERSION_BOUNDARY_ALIAS 10 744#define MOD_POLICYDB_VERSION_FILENAME_TRANS 11 745#define MOD_POLICYDB_VERSION_ROLETRANS 12 746#define MOD_POLICYDB_VERSION_ROLEATTRIB 13 747#define MOD_POLICYDB_VERSION_TUNABLE_SEP 14 748#define MOD_POLICYDB_VERSION_NEW_OBJECT_DEFAULTS 15 749#define MOD_POLICYDB_VERSION_DEFAULT_TYPE 16 750#define MOD_POLICYDB_VERSION_CONSTRAINT_NAMES 17 751 752#define MOD_POLICYDB_VERSION_MIN MOD_POLICYDB_VERSION_BASE 753#define MOD_POLICYDB_VERSION_MAX MOD_POLICYDB_VERSION_CONSTRAINT_NAMES 754 755#define POLICYDB_CONFIG_MLS 1 756 757/* macros to check policy feature */ 758 759/* TODO: add other features here */ 760 761#define policydb_has_boundary_feature(p) \ 762 (((p)->policy_type == POLICY_KERN \ 763 && p->policyvers >= POLICYDB_VERSION_BOUNDARY) || \ 764 ((p)->policy_type != POLICY_KERN \ 765 && p->policyvers >= MOD_POLICYDB_VERSION_BOUNDARY)) 766 767/* the config flags related to unknown classes/perms are bits 2 and 3 */ 768#define DENY_UNKNOWN SEPOL_DENY_UNKNOWN 769#define REJECT_UNKNOWN SEPOL_REJECT_UNKNOWN 770#define ALLOW_UNKNOWN SEPOL_ALLOW_UNKNOWN 771 772#define POLICYDB_CONFIG_UNKNOWN_MASK (DENY_UNKNOWN | REJECT_UNKNOWN | ALLOW_UNKNOWN) 773 774#define OBJECT_R "object_r" 775#define OBJECT_R_VAL 1 776 777#define POLICYDB_MAGIC SELINUX_MAGIC 778#define POLICYDB_STRING "SE Linux" 779#define POLICYDB_XEN_STRING "XenFlask" 780#define POLICYDB_STRING_MAX_LENGTH 32 781#define POLICYDB_MOD_MAGIC SELINUX_MOD_MAGIC 782#define POLICYDB_MOD_STRING "SE Linux Module" 783 784#ifdef __cplusplus 785} 786#endif 787 788#endif /* _POLICYDB_H_ */ 789 790/* FLASK */ 791