Lines Matching defs:flavors
19 validate_t *flavors;
49 static int validate_array_init(const policydb_t *p, validate_t flavors[])
51 if (validate_init(&flavors[SYM_COMMONS], p->p_common_val_to_name, p->p_commons.nprim))
53 if (validate_init(&flavors[SYM_CLASSES], p->p_class_val_to_name, p->p_classes.nprim))
55 if (validate_init(&flavors[SYM_ROLES], p->p_role_val_to_name, p->p_roles.nprim))
58 if (validate_init(&flavors[SYM_TYPES], p->p_type_val_to_name, p->p_types.nprim))
66 flavors[SYM_TYPES].nprim = p->p_types.nprim;
67 ebitmap_init(&flavors[SYM_TYPES].gaps);
69 if (validate_init(&flavors[SYM_USERS], p->p_user_val_to_name, p->p_users.nprim))
71 if (validate_init(&flavors[SYM_BOOLS], p->p_bool_val_to_name, p->p_bools.nprim))
73 if (validate_init(&flavors[SYM_LEVELS], p->p_sens_val_to_name, p->p_levels.nprim))
75 if (validate_init(&flavors[SYM_CATS], p->p_cat_val_to_name, p->p_cats.nprim))
228 static int validate_constraint_nodes(sepol_handle_t *handle, unsigned int nperms, const constraint_node_t *cons, validate_t flavors[])
264 if (validate_ebitmap(&cexp->names, &flavors[SYM_USERS]))
270 if (validate_ebitmap(&cexp->names, &flavors[SYM_ROLES]))
276 if (validate_ebitmap(&cexp->names, &flavors[SYM_TYPES]))
278 if (validate_type_set(cexp->type_names, &flavors[SYM_TYPES]))
347 static int validate_common_datum(sepol_handle_t *handle, const common_datum_t *common, validate_t flavors[])
349 if (validate_value(common->s.value, &flavors[SYM_COMMONS]))
365 return validate_common_datum(margs->handle, d, margs->flavors);
368 static int validate_class_datum(sepol_handle_t *handle, const class_datum_t *class, validate_t flavors[])
370 if (validate_value(class->s.value, &flavors[SYM_CLASSES]))
372 if (class->comdatum && validate_common_datum(handle, class->comdatum, flavors))
376 if (validate_constraint_nodes(handle, class->permissions.nprim, class->constraints, flavors))
378 if (validate_constraint_nodes(handle, 0, class->validatetrans, flavors))
433 return validate_class_datum(margs->handle, d, margs->flavors);
436 static int validate_role_datum(sepol_handle_t *handle, const role_datum_t *role, validate_t flavors[])
438 if (validate_value(role->s.value, &flavors[SYM_ROLES]))
440 if (validate_ebitmap(&role->dominates, &flavors[SYM_ROLES]))
442 if (validate_type_set(&role->types, &flavors[SYM_TYPES]))
444 if (role->bounds && validate_value(role->bounds, &flavors[SYM_ROLES]))
446 if (validate_ebitmap(&role->roles, &flavors[SYM_ROLES]))
468 return validate_role_datum(margs->handle, d, margs->flavors);
471 static int validate_simpletype(uint32_t value, const policydb_t *p, validate_t flavors[])
475 if (validate_value(value, &flavors[SYM_TYPES]))
491 static int validate_type_datum(sepol_handle_t *handle, const type_datum_t *type, const policydb_t *p, validate_t flavors[])
493 if (validate_value(type->s.value, &flavors[SYM_TYPES]))
495 if (type->primary && validate_value(type->primary, &flavors[SYM_TYPES]))
503 if (type->bounds && validate_simpletype(type->bounds, p, flavors))
507 if (validate_ebitmap(&type->types, &flavors[SYM_TYPES]))
538 return validate_type_datum(margs->handle, d, margs->policy, margs->flavors);
600 validate_t *flavors = args;
602 return validate_mls_level(level->level, &flavors[SYM_LEVELS], &flavors[SYM_CATS]);
618 static int validate_user_datum(sepol_handle_t *handle, const user_datum_t *user, validate_t flavors[], const policydb_t *p)
620 if (validate_value(user->s.value, &flavors[SYM_USERS]))
622 if (validate_role_set(&user->roles, &flavors[SYM_ROLES]))
624 if (validate_mls_semantic_range(&user->range, &flavors[SYM_LEVELS], &flavors[SYM_CATS]))
626 if (validate_mls_semantic_level(&user->dfltlevel, &flavors[SYM_LEVELS], &flavors[SYM_CATS]))
628 if (p->mls && p->policy_type != POLICY_MOD && validate_mls_range(&user->exp_range, &flavors[SYM_LEVELS], &flavors[SYM_CATS]))
630 if (p->mls && p->policy_type != POLICY_MOD && validate_mls_level(&user->exp_dfltlevel, &flavors[SYM_LEVELS], &flavors[SYM_CATS]))
632 if (user->bounds && validate_value(user->bounds, &flavors[SYM_USERS]))
646 return validate_user_datum(margs->handle, d, margs->flavors, margs->policy);
649 static int validate_bool_datum(sepol_handle_t *handle, const cond_bool_datum_t *boolean, validate_t flavors[])
651 if (validate_value(boolean->s.value, &flavors[SYM_BOOLS]))
681 return validate_bool_datum(margs->handle, d, margs->flavors);
684 static int validate_datum_array_gaps(sepol_handle_t *handle, const policydb_t *p, validate_t flavors[])
689 if (bool_xnor(p->class_val_to_struct[i], ebitmap_get_bit(&flavors[SYM_CLASSES].gaps, i)))
694 if (bool_xnor(p->role_val_to_struct[i], ebitmap_get_bit(&flavors[SYM_ROLES].gaps, i)))
704 if (bool_xnor(p->type_val_to_struct[i], ebitmap_get_bit(&flavors[SYM_TYPES].gaps, i)))
710 if (bool_xnor(p->user_val_to_struct[i], ebitmap_get_bit(&flavors[SYM_USERS].gaps, i)))
715 if (bool_xnor(p->bool_val_to_struct[i], ebitmap_get_bit(&flavors[SYM_BOOLS].gaps, i)))
734 static int validate_datum_array_entries(sepol_handle_t *handle, const policydb_t *p, validate_t flavors[])
736 map_arg_t margs = { flavors, handle, p };
753 if (p->mls && hashtab_map(p->p_levels.table, validate_level_datum, flavors))
756 if (hashtab_map(p->p_cats.table, validate_datum, &flavors[SYM_CATS]))
773 static int validate_avtab_key(const avtab_key_t *key, int conditional, const policydb_t *p, validate_t flavors[])
776 if (validate_simpletype(key->source_type, p, flavors))
778 if (validate_simpletype(key->target_type, p, flavors))
781 if (validate_value(key->source_type, &flavors[SYM_TYPES]))
783 if (validate_value(key->target_type, &flavors[SYM_TYPES]))
787 if (validate_value(key->target_class, &flavors[SYM_CLASSES]))
832 if (validate_avtab_key(k, 0, margs->policy, margs->flavors))
835 if ((k->specified & AVTAB_TYPE) && validate_simpletype(d->data, margs->policy, margs->flavors))
844 static int validate_avtab(sepol_handle_t *handle, const avtab_t *avtab, const policydb_t *p, validate_t flavors[])
846 map_arg_t margs = { flavors, handle, p };
856 static int validate_cond_av_list(sepol_handle_t *handle, const cond_av_list_t *cond_av, const policydb_t *p, validate_t flavors[])
862 if (validate_avtab_key(&avtab_ptr->key, 1, p, flavors)) {
872 static int validate_avrules(sepol_handle_t *handle, const avrule_t *avrule, int conditional, const policydb_t *p, validate_t flavors[])
877 if (validate_type_set(&avrule->stypes, &flavors[SYM_TYPES]))
879 if (validate_type_set(&avrule->ttypes, &flavors[SYM_TYPES]))
904 if (validate_value(classperm->tclass, &flavors[SYM_CLASSES]))
906 if ((avrule->specified & AVRULE_TYPE) && validate_simpletype(classperm->data, p, flavors))
1002 static int validate_cond_list(sepol_handle_t *handle, const cond_list_t *cond, const policydb_t *p, validate_t flavors[])
1005 if (validate_cond_expr(handle, cond->expr, &flavors[SYM_BOOLS]))
1007 if (validate_cond_av_list(handle, cond->true_list, p, flavors))
1009 if (validate_cond_av_list(handle, cond->false_list, p, flavors))
1011 if (validate_avrules(handle, cond->avtrue_list, 1, p, flavors))
1013 if (validate_avrules(handle, cond->avfalse_list, 1, p, flavors))
1015 if (validate_bool_id_array(handle, cond->bool_ids, cond->nbools, &flavors[SYM_BOOLS]))
1042 static int validate_role_transes(sepol_handle_t *handle, const role_trans_t *role_trans, validate_t flavors[])
1045 if (validate_value(role_trans->role, &flavors[SYM_ROLES]))
1047 if (validate_value(role_trans->type, &flavors[SYM_TYPES]))
1049 if (validate_value(role_trans->tclass, &flavors[SYM_CLASSES]))
1051 if (validate_value(role_trans->new_role, &flavors[SYM_ROLES]))
1062 static int validate_role_allows(sepol_handle_t *handle, const role_allow_t *role_allow, validate_t flavors[])
1065 if (validate_value(role_allow->role, &flavors[SYM_ROLES]))
1067 if (validate_value(role_allow->new_role, &flavors[SYM_ROLES]))
1082 validate_t *flavors = (validate_t *)args;
1084 if (validate_value(ftk->ttype, &flavors[SYM_TYPES]))
1086 if (validate_value(ftk->tclass, &flavors[SYM_CLASSES]))
1091 if (validate_ebitmap(&ftd->stypes, &flavors[SYM_TYPES]))
1093 if (validate_value(ftd->otype, &flavors[SYM_TYPES]))
1103 static int validate_filename_trans_hashtab(sepol_handle_t *handle, hashtab_t filename_trans, validate_t flavors[])
1105 if (hashtab_map(filename_trans, validate_filename_trans, flavors)) {
1113 static int validate_context(const context_struct_t *con, validate_t flavors[], int mls)
1115 if (validate_value(con->user, &flavors[SYM_USERS]))
1117 if (validate_value(con->role, &flavors[SYM_ROLES]))
1119 if (validate_value(con->type, &flavors[SYM_TYPES]))
1121 if (mls && validate_mls_range(&con->range, &flavors[SYM_LEVELS], &flavors[SYM_CATS]))
1127 static int validate_ocontexts(sepol_handle_t *handle, const policydb_t *p, validate_t flavors[])
1134 if (validate_context(&octx->context[0], flavors, p->mls))
1141 if (validate_context(&octx->context[1], flavors, p->mls))
1169 static int validate_genfs(sepol_handle_t *handle, const policydb_t *p, validate_t flavors[])
1176 if (validate_context(&octx->context[0], flavors, p->mls))
1178 if (octx->v.sclass && validate_value(octx->v.sclass, &flavors[SYM_CLASSES]))
1197 static int validate_role_trans_rules(sepol_handle_t *handle, const role_trans_rule_t *role_trans, validate_t flavors[])
1200 if (validate_role_set(&role_trans->roles, &flavors[SYM_ROLES]))
1202 if (validate_type_set(&role_trans->types, &flavors[SYM_TYPES]))
1204 if (validate_ebitmap(&role_trans->classes, &flavors[SYM_CLASSES]))
1206 if (validate_value(role_trans->new_role, &flavors[SYM_ROLES]))
1217 static int validate_role_allow_rules(sepol_handle_t *handle, const role_allow_rule_t *role_allow, validate_t flavors[])
1220 if (validate_role_set(&role_allow->roles, &flavors[SYM_ROLES]))
1222 if (validate_role_set(&role_allow->new_roles, &flavors[SYM_ROLES]))
1233 static int validate_range_trans_rules(sepol_handle_t *handle, const range_trans_rule_t *range_trans, validate_t flavors[])
1236 if (validate_type_set(&range_trans->stypes, &flavors[SYM_TYPES]))
1238 if (validate_type_set(&range_trans->ttypes, &flavors[SYM_TYPES]))
1240 if (validate_ebitmap(&range_trans->tclasses, &flavors[SYM_CLASSES]))
1242 if (validate_mls_semantic_range(&range_trans->trange, &flavors[SYM_LEVELS], &flavors[SYM_CATS]))
1253 static int validate_scope_index(sepol_handle_t *handle, const scope_index_t *scope_index, validate_t flavors[])
1255 if (validate_ebitmap(&scope_index->p_classes_scope, &flavors[SYM_CLASSES]))
1257 if (validate_ebitmap(&scope_index->p_roles_scope, &flavors[SYM_ROLES]))
1259 if (validate_ebitmap(&scope_index->p_types_scope, &flavors[SYM_TYPES]))
1261 if (validate_ebitmap(&scope_index->p_users_scope, &flavors[SYM_USERS]))
1263 if (validate_ebitmap(&scope_index->p_bools_scope, &flavors[SYM_BOOLS]))
1265 if (validate_ebitmap(&scope_index->p_sens_scope, &flavors[SYM_LEVELS]))
1267 if (validate_ebitmap(&scope_index->p_cat_scope, &flavors[SYM_CATS]))
1269 if (scope_index->class_perms_len > flavors[SYM_CLASSES].nprim)
1280 static int validate_filename_trans_rules(sepol_handle_t *handle, const filename_trans_rule_t *filename_trans, const policydb_t *p, validate_t flavors[])
1283 if (validate_type_set(&filename_trans->stypes, &flavors[SYM_TYPES]))
1285 if (validate_type_set(&filename_trans->ttypes, &flavors[SYM_TYPES]))
1287 if (validate_value(filename_trans->tclass,&flavors[SYM_CLASSES] ))
1289 if (validate_simpletype(filename_trans->otype, p, flavors))
1304 static int validate_symtabs(sepol_handle_t *handle, const symtab_t symtabs[], validate_t flavors[])
1309 if (hashtab_map(symtabs[i].table, validate_datum, &flavors[i].nprim)) {
1318 static int validate_avrule_blocks(sepol_handle_t *handle, const avrule_block_t *avrule_block, const policydb_t *p, validate_t flavors[])
1324 if (validate_cond_list(handle, decl->cond_list, p, flavors))
1326 if (validate_avrules(handle, decl->avrules, 0, p, flavors))
1328 if (validate_role_trans_rules(handle, decl->role_tr_rules, flavors))
1330 if (validate_role_allow_rules(handle, decl->role_allow_rules, flavors))
1332 if (validate_range_trans_rules(handle, decl->range_tr_rules, flavors))
1334 if (validate_scope_index(handle, &decl->required, flavors))
1336 if (validate_scope_index(handle, &decl->declared, flavors))
1338 if (validate_filename_trans_rules(handle, decl->filename_trans_rules, p, flavors))
1340 if (validate_symtabs(handle, decl->symtab, flavors))
1360 static int validate_permissives(sepol_handle_t *handle, const policydb_t *p, validate_t flavors[])
1366 if (validate_simpletype(i, p, flavors))
1382 const validate_t *flavors = margs->flavors;
1384 if (validate_value(rt->source_type, &flavors[SYM_TYPES]))
1386 if (validate_value(rt->target_type, &flavors[SYM_TYPES]))
1388 if (validate_value(rt->target_class, &flavors[SYM_CLASSES]))
1391 if (validate_mls_range(r, &flavors[SYM_LEVELS], &flavors[SYM_CATS]))
1400 static int validate_range_transitions(sepol_handle_t *handle, const policydb_t *p, validate_t flavors[])
1402 map_arg_t margs = { flavors, handle, p };
1412 static int validate_typeattr_map(sepol_handle_t *handle, const policydb_t *p, validate_t flavors[])
1419 if (validate_ebitmap(&maps[i], &flavors[SYM_TYPES]))
1480 static void validate_array_destroy(validate_t flavors[])
1485 ebitmap_destroy(&flavors[i].gaps);
1494 validate_t flavors[SYM_NUM] = {};
1496 if (validate_array_init(p, flavors))
1503 if (validate_avtab(handle, &p->te_avtab, p, flavors))
1506 if (validate_cond_list(handle, p->cond_list, p, flavors))
1508 if (validate_role_transes(handle, p->role_tr, flavors))
1510 if (validate_role_allows(handle, p->role_allow, flavors))
1513 if (validate_filename_trans_hashtab(handle, p->filename_trans, flavors))
1516 if (validate_avrule_blocks(handle, p->global, p, flavors))
1520 if (validate_ocontexts(handle, p, flavors))
1523 if (validate_genfs(handle, p, flavors))
1529 if (validate_datum_array_gaps(handle, p, flavors))
1532 if (validate_datum_array_entries(handle, p, flavors))
1535 if (validate_permissives(handle, p, flavors))
1538 if (validate_range_transitions(handle, p, flavors))
1542 if (validate_typeattr_map(handle, p, flavors))
1546 validate_array_destroy(flavors);
1552 validate_array_destroy(flavors);