1b19eafb97feb6389d78e1693f276fc5b10e25bdSteve Lawrence/*
2b19eafb97feb6389d78e1693f276fc5b10e25bdSteve Lawrence * Copyright 2011 Tresys Technology, LLC. All rights reserved.
3b19eafb97feb6389d78e1693f276fc5b10e25bdSteve Lawrence *
4b19eafb97feb6389d78e1693f276fc5b10e25bdSteve Lawrence * Redistribution and use in source and binary forms, with or without
5b19eafb97feb6389d78e1693f276fc5b10e25bdSteve Lawrence * modification, are permitted provided that the following conditions are met:
6b19eafb97feb6389d78e1693f276fc5b10e25bdSteve Lawrence *
7b19eafb97feb6389d78e1693f276fc5b10e25bdSteve Lawrence *    1. Redistributions of source code must retain the above copyright notice,
8b19eafb97feb6389d78e1693f276fc5b10e25bdSteve Lawrence *       this list of conditions and the following disclaimer.
9b19eafb97feb6389d78e1693f276fc5b10e25bdSteve Lawrence *
10b19eafb97feb6389d78e1693f276fc5b10e25bdSteve Lawrence *    2. Redistributions in binary form must reproduce the above copyright notice,
11b19eafb97feb6389d78e1693f276fc5b10e25bdSteve Lawrence *       this list of conditions and the following disclaimer in the documentation
12b19eafb97feb6389d78e1693f276fc5b10e25bdSteve Lawrence *       and/or other materials provided with the distribution.
13b19eafb97feb6389d78e1693f276fc5b10e25bdSteve Lawrence *
14b19eafb97feb6389d78e1693f276fc5b10e25bdSteve Lawrence * THIS SOFTWARE IS PROVIDED BY TRESYS TECHNOLOGY, LLC ``AS IS'' AND ANY EXPRESS
15b19eafb97feb6389d78e1693f276fc5b10e25bdSteve Lawrence * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
16b19eafb97feb6389d78e1693f276fc5b10e25bdSteve Lawrence * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO
17b19eafb97feb6389d78e1693f276fc5b10e25bdSteve Lawrence * EVENT SHALL TRESYS TECHNOLOGY, LLC OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
18b19eafb97feb6389d78e1693f276fc5b10e25bdSteve Lawrence * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
19b19eafb97feb6389d78e1693f276fc5b10e25bdSteve Lawrence * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
20b19eafb97feb6389d78e1693f276fc5b10e25bdSteve Lawrence * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
21b19eafb97feb6389d78e1693f276fc5b10e25bdSteve Lawrence * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
22b19eafb97feb6389d78e1693f276fc5b10e25bdSteve Lawrence * OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
23b19eafb97feb6389d78e1693f276fc5b10e25bdSteve Lawrence * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
24b19eafb97feb6389d78e1693f276fc5b10e25bdSteve Lawrence *
25b19eafb97feb6389d78e1693f276fc5b10e25bdSteve Lawrence * The views and conclusions contained in the software and documentation are those
26b19eafb97feb6389d78e1693f276fc5b10e25bdSteve Lawrence * of the authors and should not be interpreted as representing official policies,
27b19eafb97feb6389d78e1693f276fc5b10e25bdSteve Lawrence * either expressed or implied, of Tresys Technology, LLC.
28b19eafb97feb6389d78e1693f276fc5b10e25bdSteve Lawrence */
29b19eafb97feb6389d78e1693f276fc5b10e25bdSteve Lawrence
30b19eafb97feb6389d78e1693f276fc5b10e25bdSteve Lawrence#include <stdlib.h>
31b19eafb97feb6389d78e1693f276fc5b10e25bdSteve Lawrence#include <stdio.h>
32b19eafb97feb6389d78e1693f276fc5b10e25bdSteve Lawrence#include <string.h>
33b19eafb97feb6389d78e1693f276fc5b10e25bdSteve Lawrence
34b19eafb97feb6389d78e1693f276fc5b10e25bdSteve Lawrence#include "cil_internal.h"
35b19eafb97feb6389d78e1693f276fc5b10e25bdSteve Lawrence#include "cil_log.h"
36b19eafb97feb6389d78e1693f276fc5b10e25bdSteve Lawrence#include "cil_strpool.h"
3776ba6eaa7333483a8cc0c73a7880f7acf99c2656Steve Lawrence#include "cil_symtab.h"
38b19eafb97feb6389d78e1693f276fc5b10e25bdSteve Lawrence
3976ba6eaa7333483a8cc0c73a7880f7acf99c2656Steve Lawrencestruct cil_fqn_args {
4076ba6eaa7333483a8cc0c73a7880f7acf99c2656Steve Lawrence	char prefix[CIL_MAX_NAME_LENGTH];
41b19eafb97feb6389d78e1693f276fc5b10e25bdSteve Lawrence	int len;
4276ba6eaa7333483a8cc0c73a7880f7acf99c2656Steve Lawrence	struct cil_tree_node *node;
43b19eafb97feb6389d78e1693f276fc5b10e25bdSteve Lawrence};
44b19eafb97feb6389d78e1693f276fc5b10e25bdSteve Lawrence
4576ba6eaa7333483a8cc0c73a7880f7acf99c2656Steve Lawrencestatic int __cil_fqn_qualify_decls(__attribute__((unused)) hashtab_key_t k, hashtab_datum_t d, void *args)
46b19eafb97feb6389d78e1693f276fc5b10e25bdSteve Lawrence{
4776ba6eaa7333483a8cc0c73a7880f7acf99c2656Steve Lawrence	struct cil_fqn_args *fqn_args = args;
4876ba6eaa7333483a8cc0c73a7880f7acf99c2656Steve Lawrence	struct cil_symtab_datum *datum = (struct cil_symtab_datum *)d;
4976ba6eaa7333483a8cc0c73a7880f7acf99c2656Steve Lawrence	int newlen;
5076ba6eaa7333483a8cc0c73a7880f7acf99c2656Steve Lawrence	char prefix[CIL_MAX_NAME_LENGTH];
5176ba6eaa7333483a8cc0c73a7880f7acf99c2656Steve Lawrence	int rc = SEPOL_OK;
52b19eafb97feb6389d78e1693f276fc5b10e25bdSteve Lawrence
5376ba6eaa7333483a8cc0c73a7880f7acf99c2656Steve Lawrence	if (fqn_args->len == 0) {
54b19eafb97feb6389d78e1693f276fc5b10e25bdSteve Lawrence		goto exit;
55b19eafb97feb6389d78e1693f276fc5b10e25bdSteve Lawrence	}
56b19eafb97feb6389d78e1693f276fc5b10e25bdSteve Lawrence
5776ba6eaa7333483a8cc0c73a7880f7acf99c2656Steve Lawrence	newlen = fqn_args->len + strlen(datum->name);
5876ba6eaa7333483a8cc0c73a7880f7acf99c2656Steve Lawrence	if (newlen >= CIL_MAX_NAME_LENGTH) {
5976ba6eaa7333483a8cc0c73a7880f7acf99c2656Steve Lawrence		cil_log(CIL_INFO, "Fully qualified name for %s is too long\n", datum->name);
60b19eafb97feb6389d78e1693f276fc5b10e25bdSteve Lawrence		rc = SEPOL_ERR;
61b19eafb97feb6389d78e1693f276fc5b10e25bdSteve Lawrence		goto exit;
62b19eafb97feb6389d78e1693f276fc5b10e25bdSteve Lawrence	}
6376ba6eaa7333483a8cc0c73a7880f7acf99c2656Steve Lawrence	strcpy(prefix, fqn_args->prefix);
6476ba6eaa7333483a8cc0c73a7880f7acf99c2656Steve Lawrence	strcat(prefix, datum->name);
6576ba6eaa7333483a8cc0c73a7880f7acf99c2656Steve Lawrence	datum->fqn = cil_strpool_add(prefix);
66b19eafb97feb6389d78e1693f276fc5b10e25bdSteve Lawrence
67b19eafb97feb6389d78e1693f276fc5b10e25bdSteve Lawrenceexit:
68b19eafb97feb6389d78e1693f276fc5b10e25bdSteve Lawrence	return rc;
69b19eafb97feb6389d78e1693f276fc5b10e25bdSteve Lawrence}
70b19eafb97feb6389d78e1693f276fc5b10e25bdSteve Lawrence
7176ba6eaa7333483a8cc0c73a7880f7acf99c2656Steve Lawrencestatic int __cil_fqn_qualify_blocks(__attribute__((unused)) hashtab_key_t k, hashtab_datum_t d, void *args)
72b19eafb97feb6389d78e1693f276fc5b10e25bdSteve Lawrence{
7376ba6eaa7333483a8cc0c73a7880f7acf99c2656Steve Lawrence	struct cil_fqn_args *fqn_args = args;
7476ba6eaa7333483a8cc0c73a7880f7acf99c2656Steve Lawrence	struct cil_fqn_args child_args;
7576ba6eaa7333483a8cc0c73a7880f7acf99c2656Steve Lawrence	struct cil_block *block = (struct cil_block *)d;
7676ba6eaa7333483a8cc0c73a7880f7acf99c2656Steve Lawrence	struct cil_symtab_datum *datum = (struct cil_symtab_datum *)block;
7776ba6eaa7333483a8cc0c73a7880f7acf99c2656Steve Lawrence	struct cil_tree_node *node = NODE(datum);
7876ba6eaa7333483a8cc0c73a7880f7acf99c2656Steve Lawrence	int i;
7976ba6eaa7333483a8cc0c73a7880f7acf99c2656Steve Lawrence	int rc = SEPOL_OK;
8076ba6eaa7333483a8cc0c73a7880f7acf99c2656Steve Lawrence
8176ba6eaa7333483a8cc0c73a7880f7acf99c2656Steve Lawrence	if (node->flavor != CIL_BLOCK) {
82b19eafb97feb6389d78e1693f276fc5b10e25bdSteve Lawrence		goto exit;
83b19eafb97feb6389d78e1693f276fc5b10e25bdSteve Lawrence	}
84b19eafb97feb6389d78e1693f276fc5b10e25bdSteve Lawrence
8576ba6eaa7333483a8cc0c73a7880f7acf99c2656Steve Lawrence	int newlen = fqn_args->len + strlen(datum->name) + 1;
8676ba6eaa7333483a8cc0c73a7880f7acf99c2656Steve Lawrence	if (newlen >= CIL_MAX_NAME_LENGTH) {
8776ba6eaa7333483a8cc0c73a7880f7acf99c2656Steve Lawrence		cil_log(CIL_INFO, "Fully qualified name for block %s is too long\n", datum->name);
8876ba6eaa7333483a8cc0c73a7880f7acf99c2656Steve Lawrence		rc = SEPOL_ERR;
89b19eafb97feb6389d78e1693f276fc5b10e25bdSteve Lawrence		goto exit;
90b19eafb97feb6389d78e1693f276fc5b10e25bdSteve Lawrence	}
91b19eafb97feb6389d78e1693f276fc5b10e25bdSteve Lawrence
9276ba6eaa7333483a8cc0c73a7880f7acf99c2656Steve Lawrence	child_args.node = node;
9376ba6eaa7333483a8cc0c73a7880f7acf99c2656Steve Lawrence	child_args.len = newlen;
9476ba6eaa7333483a8cc0c73a7880f7acf99c2656Steve Lawrence	strcpy(child_args.prefix, fqn_args->prefix);
9576ba6eaa7333483a8cc0c73a7880f7acf99c2656Steve Lawrence	strcat(child_args.prefix, datum->name);
9676ba6eaa7333483a8cc0c73a7880f7acf99c2656Steve Lawrence	strcat(child_args.prefix, ".");
9776ba6eaa7333483a8cc0c73a7880f7acf99c2656Steve Lawrence
9876ba6eaa7333483a8cc0c73a7880f7acf99c2656Steve Lawrence	for (i=1; i<CIL_SYM_NUM; i++) {
9976ba6eaa7333483a8cc0c73a7880f7acf99c2656Steve Lawrence		switch (i) {
10076ba6eaa7333483a8cc0c73a7880f7acf99c2656Steve Lawrence		case CIL_SYM_CLASSPERMSETS:
10176ba6eaa7333483a8cc0c73a7880f7acf99c2656Steve Lawrence		case CIL_SYM_CONTEXTS:
10276ba6eaa7333483a8cc0c73a7880f7acf99c2656Steve Lawrence		case CIL_SYM_LEVELRANGES:
10376ba6eaa7333483a8cc0c73a7880f7acf99c2656Steve Lawrence		case CIL_SYM_IPADDRS:
10476ba6eaa7333483a8cc0c73a7880f7acf99c2656Steve Lawrence		case CIL_SYM_NAMES:
105ef93dfe0393c4a60483c3f7729dd98a2f886606aSteve Lawrence		case CIL_SYM_PERMX:
10676ba6eaa7333483a8cc0c73a7880f7acf99c2656Steve Lawrence			/* These do not show up in the kernal policy */
10776ba6eaa7333483a8cc0c73a7880f7acf99c2656Steve Lawrence			break;
10876ba6eaa7333483a8cc0c73a7880f7acf99c2656Steve Lawrence		case CIL_SYM_POLICYCAPS:
10976ba6eaa7333483a8cc0c73a7880f7acf99c2656Steve Lawrence			/* Valid policy capability names are defined in libsepol */
11076ba6eaa7333483a8cc0c73a7880f7acf99c2656Steve Lawrence			break;
11176ba6eaa7333483a8cc0c73a7880f7acf99c2656Steve Lawrence		default:
11276ba6eaa7333483a8cc0c73a7880f7acf99c2656Steve Lawrence			rc = cil_symtab_map(&(block->symtab[i]), __cil_fqn_qualify_decls, &child_args);
11376ba6eaa7333483a8cc0c73a7880f7acf99c2656Steve Lawrence			if (rc != SEPOL_OK) {
11476ba6eaa7333483a8cc0c73a7880f7acf99c2656Steve Lawrence				goto exit;
11576ba6eaa7333483a8cc0c73a7880f7acf99c2656Steve Lawrence			}
116b19eafb97feb6389d78e1693f276fc5b10e25bdSteve Lawrence			break;
117b19eafb97feb6389d78e1693f276fc5b10e25bdSteve Lawrence		}
118b19eafb97feb6389d78e1693f276fc5b10e25bdSteve Lawrence	}
119b19eafb97feb6389d78e1693f276fc5b10e25bdSteve Lawrence
12076ba6eaa7333483a8cc0c73a7880f7acf99c2656Steve Lawrence	rc = cil_symtab_map(&(block->symtab[CIL_SYM_BLOCKS]), __cil_fqn_qualify_blocks, &child_args);
121b19eafb97feb6389d78e1693f276fc5b10e25bdSteve Lawrence
122b19eafb97feb6389d78e1693f276fc5b10e25bdSteve Lawrenceexit:
12376ba6eaa7333483a8cc0c73a7880f7acf99c2656Steve Lawrence	if (rc != SEPOL_OK) {
1244a0fab43cbe595b108e35026295130c7dbc2274bNicolas Iooss		cil_tree_log(node, CIL_ERR,"Problem qualifying names in block");
12576ba6eaa7333483a8cc0c73a7880f7acf99c2656Steve Lawrence	}
12676ba6eaa7333483a8cc0c73a7880f7acf99c2656Steve Lawrence
127b19eafb97feb6389d78e1693f276fc5b10e25bdSteve Lawrence	return rc;
128b19eafb97feb6389d78e1693f276fc5b10e25bdSteve Lawrence}
129b19eafb97feb6389d78e1693f276fc5b10e25bdSteve Lawrence
13076ba6eaa7333483a8cc0c73a7880f7acf99c2656Steve Lawrenceint cil_fqn_qualify(struct cil_tree_node *root_node)
131b19eafb97feb6389d78e1693f276fc5b10e25bdSteve Lawrence{
13276ba6eaa7333483a8cc0c73a7880f7acf99c2656Steve Lawrence	struct cil_root *root = root_node->data;
13376ba6eaa7333483a8cc0c73a7880f7acf99c2656Steve Lawrence	struct cil_fqn_args fqn_args;
134b19eafb97feb6389d78e1693f276fc5b10e25bdSteve Lawrence
13576ba6eaa7333483a8cc0c73a7880f7acf99c2656Steve Lawrence	fqn_args.prefix[0] = '\0';
13676ba6eaa7333483a8cc0c73a7880f7acf99c2656Steve Lawrence	fqn_args.len = 0;
13776ba6eaa7333483a8cc0c73a7880f7acf99c2656Steve Lawrence	fqn_args.node = root_node;
138b19eafb97feb6389d78e1693f276fc5b10e25bdSteve Lawrence
13976ba6eaa7333483a8cc0c73a7880f7acf99c2656Steve Lawrence	return cil_symtab_map(&(root->symtab[CIL_SYM_BLOCKS]), __cil_fqn_qualify_blocks, &fqn_args);
140b19eafb97feb6389d78e1693f276fc5b10e25bdSteve Lawrence}
141b19eafb97feb6389d78e1693f276fc5b10e25bdSteve Lawrence
142