16cd6a6acSopenharmony_ci#include <stdio.h> 26cd6a6acSopenharmony_ci#include <stdarg.h> 36cd6a6acSopenharmony_ci#include <sys/types.h> 46cd6a6acSopenharmony_ci 56cd6a6acSopenharmony_ci#include <sepol/policydb/avtab.h> 66cd6a6acSopenharmony_ci#include <sepol/policydb/policydb.h> 76cd6a6acSopenharmony_ci 86cd6a6acSopenharmony_ci 96cd6a6acSopenharmony_ci#define STACK_SIZE 16 106cd6a6acSopenharmony_ci#define DEFAULT_LEVEL "systemlow" 116cd6a6acSopenharmony_ci#define DEFAULT_OBJECT "object_r" 126cd6a6acSopenharmony_ci 136cd6a6acSopenharmony_ci// initial sid names aren't actually stored in the pp files, need to a have 146cd6a6acSopenharmony_ci// a mapping, taken from the linux kernel 156cd6a6acSopenharmony_cistatic const char * const selinux_sid_to_str[] = { 166cd6a6acSopenharmony_ci "null", 176cd6a6acSopenharmony_ci "kernel", 186cd6a6acSopenharmony_ci "security", 196cd6a6acSopenharmony_ci "unlabeled", 206cd6a6acSopenharmony_ci "fs", 216cd6a6acSopenharmony_ci "file", 226cd6a6acSopenharmony_ci "file_labels", 236cd6a6acSopenharmony_ci "init", 246cd6a6acSopenharmony_ci "any_socket", 256cd6a6acSopenharmony_ci "port", 266cd6a6acSopenharmony_ci "netif", 276cd6a6acSopenharmony_ci "netmsg", 286cd6a6acSopenharmony_ci "node", 296cd6a6acSopenharmony_ci "igmp_packet", 306cd6a6acSopenharmony_ci "icmp_socket", 316cd6a6acSopenharmony_ci "tcp_socket", 326cd6a6acSopenharmony_ci "sysctl_modprobe", 336cd6a6acSopenharmony_ci "sysctl", 346cd6a6acSopenharmony_ci "sysctl_fs", 356cd6a6acSopenharmony_ci "sysctl_kernel", 366cd6a6acSopenharmony_ci "sysctl_net", 376cd6a6acSopenharmony_ci "sysctl_net_unix", 386cd6a6acSopenharmony_ci "sysctl_vm", 396cd6a6acSopenharmony_ci "sysctl_dev", 406cd6a6acSopenharmony_ci "kmod", 416cd6a6acSopenharmony_ci "policy", 426cd6a6acSopenharmony_ci "scmp_packet", 436cd6a6acSopenharmony_ci "devnull", 446cd6a6acSopenharmony_ci}; 456cd6a6acSopenharmony_ci 466cd6a6acSopenharmony_ci#define SELINUX_SID_SZ (sizeof(selinux_sid_to_str)/sizeof(selinux_sid_to_str[0])) 476cd6a6acSopenharmony_ci 486cd6a6acSopenharmony_cistatic const char * const xen_sid_to_str[] = { 496cd6a6acSopenharmony_ci "null", 506cd6a6acSopenharmony_ci "xen", 516cd6a6acSopenharmony_ci "dom0", 526cd6a6acSopenharmony_ci "domio", 536cd6a6acSopenharmony_ci "domxen", 546cd6a6acSopenharmony_ci "unlabeled", 556cd6a6acSopenharmony_ci "security", 566cd6a6acSopenharmony_ci "ioport", 576cd6a6acSopenharmony_ci "iomem", 586cd6a6acSopenharmony_ci "irq", 596cd6a6acSopenharmony_ci "device", 606cd6a6acSopenharmony_ci "domU", 616cd6a6acSopenharmony_ci "domDM", 626cd6a6acSopenharmony_ci}; 636cd6a6acSopenharmony_ci 646cd6a6acSopenharmony_ci#define XEN_SID_SZ (sizeof(xen_sid_to_str)/sizeof(xen_sid_to_str[0])) 656cd6a6acSopenharmony_ci 666cd6a6acSopenharmony_cistatic const uint32_t avtab_flavors[] = { 676cd6a6acSopenharmony_ci AVTAB_ALLOWED, 686cd6a6acSopenharmony_ci AVTAB_AUDITALLOW, 696cd6a6acSopenharmony_ci AVTAB_AUDITDENY, 706cd6a6acSopenharmony_ci AVTAB_XPERMS_ALLOWED, 716cd6a6acSopenharmony_ci AVTAB_XPERMS_AUDITALLOW, 726cd6a6acSopenharmony_ci AVTAB_XPERMS_DONTAUDIT, 736cd6a6acSopenharmony_ci AVTAB_TRANSITION, 746cd6a6acSopenharmony_ci AVTAB_MEMBER, 756cd6a6acSopenharmony_ci AVTAB_CHANGE, 766cd6a6acSopenharmony_ci}; 776cd6a6acSopenharmony_ci 786cd6a6acSopenharmony_ci#define AVTAB_FLAVORS_SZ (sizeof(avtab_flavors)/sizeof(avtab_flavors[0])) 796cd6a6acSopenharmony_ci 806cd6a6acSopenharmony_cistruct strs { 816cd6a6acSopenharmony_ci char **list; 826cd6a6acSopenharmony_ci unsigned num; 836cd6a6acSopenharmony_ci size_t size; 846cd6a6acSopenharmony_ci}; 856cd6a6acSopenharmony_ci 866cd6a6acSopenharmony_ci__attribute__ ((format(printf, 1, 2))) 876cd6a6acSopenharmony_civoid sepol_log_err(const char *fmt, ...); 886cd6a6acSopenharmony_civoid sepol_indent(FILE *out, int indent); 896cd6a6acSopenharmony_ci__attribute__ ((format(printf, 2, 3))) 906cd6a6acSopenharmony_civoid sepol_printf(FILE *out, const char *fmt, ...); 916cd6a6acSopenharmony_ci 926cd6a6acSopenharmony_ci__attribute__ ((format(printf, 1, 3))) 936cd6a6acSopenharmony_cichar *create_str(const char *fmt, int num, ...); 946cd6a6acSopenharmony_ci 956cd6a6acSopenharmony_ciint strs_init(struct strs **strs, size_t size); 966cd6a6acSopenharmony_civoid strs_destroy(struct strs **strs); 976cd6a6acSopenharmony_civoid strs_free_all(struct strs *strs); 986cd6a6acSopenharmony_ciint strs_add(struct strs *strs, char *s); 996cd6a6acSopenharmony_ci__attribute__ ((format(printf, 2, 4))) 1006cd6a6acSopenharmony_ciint strs_create_and_add(struct strs *strs, const char *fmt, int num, ...); 1016cd6a6acSopenharmony_cichar *strs_remove_last(struct strs *strs); 1026cd6a6acSopenharmony_ciint strs_add_at_index(struct strs *strs, char *s, size_t index); 1036cd6a6acSopenharmony_cichar *strs_read_at_index(struct strs *strs, size_t index); 1046cd6a6acSopenharmony_civoid strs_sort(struct strs *strs); 1056cd6a6acSopenharmony_ciunsigned strs_num_items(const struct strs *strs); 1066cd6a6acSopenharmony_cisize_t strs_len_items(const struct strs *strs); 1076cd6a6acSopenharmony_cichar *strs_to_str(const struct strs *strs); 1086cd6a6acSopenharmony_civoid strs_write_each(const struct strs *strs, FILE *out); 1096cd6a6acSopenharmony_civoid strs_write_each_indented(const struct strs *strs, FILE *out, int indent); 1106cd6a6acSopenharmony_ciint hashtab_ordered_to_strs(char *key, void *data, void *args); 1116cd6a6acSopenharmony_ciint ebitmap_to_strs(const struct ebitmap *map, struct strs *strs, char **val_to_name); 1126cd6a6acSopenharmony_cichar *ebitmap_to_str(const struct ebitmap *map, char **val_to_name, int sort); 1136cd6a6acSopenharmony_ci 1146cd6a6acSopenharmony_ciint strs_stack_init(struct strs **stack); 1156cd6a6acSopenharmony_civoid strs_stack_destroy(struct strs **stack); 1166cd6a6acSopenharmony_ciint strs_stack_push(struct strs *stack, char *s); 1176cd6a6acSopenharmony_cichar *strs_stack_pop(struct strs *stack); 1186cd6a6acSopenharmony_ciint strs_stack_empty(const struct strs *stack); 1196cd6a6acSopenharmony_ci 1206cd6a6acSopenharmony_ciint sort_ocontexts(struct policydb *pdb); 121