1*2d543d20SAndroid Build Coastguard Worker /* Copyright (C) 2005 Red Hat, Inc. */
2*2d543d20SAndroid Build Coastguard Worker
3*2d543d20SAndroid Build Coastguard Worker struct semanage_bool;
4*2d543d20SAndroid Build Coastguard Worker struct semanage_bool_key;
5*2d543d20SAndroid Build Coastguard Worker typedef struct semanage_bool record_t;
6*2d543d20SAndroid Build Coastguard Worker typedef struct semanage_bool_key record_key_t;
7*2d543d20SAndroid Build Coastguard Worker #define DBASE_RECORD_DEFINED
8*2d543d20SAndroid Build Coastguard Worker
9*2d543d20SAndroid Build Coastguard Worker struct dbase_activedb;
10*2d543d20SAndroid Build Coastguard Worker typedef struct dbase_activedb dbase_t;
11*2d543d20SAndroid Build Coastguard Worker #define DBASE_DEFINED
12*2d543d20SAndroid Build Coastguard Worker
13*2d543d20SAndroid Build Coastguard Worker #include <stdlib.h>
14*2d543d20SAndroid Build Coastguard Worker #include <string.h>
15*2d543d20SAndroid Build Coastguard Worker #include <selinux/selinux.h>
16*2d543d20SAndroid Build Coastguard Worker #include <semanage/handle.h>
17*2d543d20SAndroid Build Coastguard Worker #include "boolean_internal.h"
18*2d543d20SAndroid Build Coastguard Worker #include "database_activedb.h"
19*2d543d20SAndroid Build Coastguard Worker #include "parse_utils.h"
20*2d543d20SAndroid Build Coastguard Worker #include "debug.h"
21*2d543d20SAndroid Build Coastguard Worker
bool_read_list(semanage_handle_t * handle,semanage_bool_t *** booleans,unsigned int * count)22*2d543d20SAndroid Build Coastguard Worker static int bool_read_list(semanage_handle_t * handle,
23*2d543d20SAndroid Build Coastguard Worker semanage_bool_t *** booleans, unsigned int *count)
24*2d543d20SAndroid Build Coastguard Worker {
25*2d543d20SAndroid Build Coastguard Worker
26*2d543d20SAndroid Build Coastguard Worker semanage_bool_t **tmp_booleans = NULL;
27*2d543d20SAndroid Build Coastguard Worker unsigned int tmp_count = 0;
28*2d543d20SAndroid Build Coastguard Worker int i;
29*2d543d20SAndroid Build Coastguard Worker
30*2d543d20SAndroid Build Coastguard Worker char **names = NULL;
31*2d543d20SAndroid Build Coastguard Worker int len = 0;
32*2d543d20SAndroid Build Coastguard Worker
33*2d543d20SAndroid Build Coastguard Worker /* Fetch boolean names */
34*2d543d20SAndroid Build Coastguard Worker if (security_get_boolean_names(&names, &len) < 0) {
35*2d543d20SAndroid Build Coastguard Worker ERR(handle, "could not get list of boolean names");
36*2d543d20SAndroid Build Coastguard Worker goto err;
37*2d543d20SAndroid Build Coastguard Worker }
38*2d543d20SAndroid Build Coastguard Worker
39*2d543d20SAndroid Build Coastguard Worker /* Allocate a sufficiently large array */
40*2d543d20SAndroid Build Coastguard Worker tmp_booleans = malloc(sizeof(semanage_bool_t *) * len);
41*2d543d20SAndroid Build Coastguard Worker if (tmp_booleans == NULL)
42*2d543d20SAndroid Build Coastguard Worker goto omem;
43*2d543d20SAndroid Build Coastguard Worker
44*2d543d20SAndroid Build Coastguard Worker /* Create records one by one */
45*2d543d20SAndroid Build Coastguard Worker for (i = 0; i < len; i++) {
46*2d543d20SAndroid Build Coastguard Worker
47*2d543d20SAndroid Build Coastguard Worker int value;
48*2d543d20SAndroid Build Coastguard Worker
49*2d543d20SAndroid Build Coastguard Worker if (semanage_bool_create(handle, &tmp_booleans[i]) < 0)
50*2d543d20SAndroid Build Coastguard Worker goto err;
51*2d543d20SAndroid Build Coastguard Worker tmp_count++;
52*2d543d20SAndroid Build Coastguard Worker
53*2d543d20SAndroid Build Coastguard Worker if (semanage_bool_set_name(handle,
54*2d543d20SAndroid Build Coastguard Worker tmp_booleans[i], names[i]) < 0)
55*2d543d20SAndroid Build Coastguard Worker goto err;
56*2d543d20SAndroid Build Coastguard Worker
57*2d543d20SAndroid Build Coastguard Worker value = security_get_boolean_active(names[i]);
58*2d543d20SAndroid Build Coastguard Worker if (value < 0) {
59*2d543d20SAndroid Build Coastguard Worker ERR(handle, "could not get the value "
60*2d543d20SAndroid Build Coastguard Worker "for boolean %s", names[i]);
61*2d543d20SAndroid Build Coastguard Worker goto err;
62*2d543d20SAndroid Build Coastguard Worker }
63*2d543d20SAndroid Build Coastguard Worker
64*2d543d20SAndroid Build Coastguard Worker semanage_bool_set_value(tmp_booleans[i], value);
65*2d543d20SAndroid Build Coastguard Worker }
66*2d543d20SAndroid Build Coastguard Worker
67*2d543d20SAndroid Build Coastguard Worker /* Success */
68*2d543d20SAndroid Build Coastguard Worker for (i = 0; i < len; i++)
69*2d543d20SAndroid Build Coastguard Worker free(names[i]);
70*2d543d20SAndroid Build Coastguard Worker free(names);
71*2d543d20SAndroid Build Coastguard Worker *booleans = tmp_booleans;
72*2d543d20SAndroid Build Coastguard Worker *count = tmp_count;
73*2d543d20SAndroid Build Coastguard Worker return STATUS_SUCCESS;
74*2d543d20SAndroid Build Coastguard Worker
75*2d543d20SAndroid Build Coastguard Worker /* Failure */
76*2d543d20SAndroid Build Coastguard Worker omem:
77*2d543d20SAndroid Build Coastguard Worker ERR(handle, "out of memory");
78*2d543d20SAndroid Build Coastguard Worker
79*2d543d20SAndroid Build Coastguard Worker err:
80*2d543d20SAndroid Build Coastguard Worker ERR(handle, "could not read boolean list");
81*2d543d20SAndroid Build Coastguard Worker for (i = 0; i < len; i++)
82*2d543d20SAndroid Build Coastguard Worker free(names[i]);
83*2d543d20SAndroid Build Coastguard Worker free(names);
84*2d543d20SAndroid Build Coastguard Worker for (i = 0; (unsigned int)i < tmp_count; i++)
85*2d543d20SAndroid Build Coastguard Worker semanage_bool_free(tmp_booleans[i]);
86*2d543d20SAndroid Build Coastguard Worker free(tmp_booleans);
87*2d543d20SAndroid Build Coastguard Worker return STATUS_ERR;
88*2d543d20SAndroid Build Coastguard Worker }
89*2d543d20SAndroid Build Coastguard Worker
bool_commit_list(semanage_handle_t * handle,semanage_bool_t ** booleans,unsigned int count)90*2d543d20SAndroid Build Coastguard Worker static int bool_commit_list(semanage_handle_t * handle,
91*2d543d20SAndroid Build Coastguard Worker semanage_bool_t ** booleans, unsigned int count)
92*2d543d20SAndroid Build Coastguard Worker {
93*2d543d20SAndroid Build Coastguard Worker
94*2d543d20SAndroid Build Coastguard Worker SELboolean *blist = NULL;
95*2d543d20SAndroid Build Coastguard Worker const char *name;
96*2d543d20SAndroid Build Coastguard Worker unsigned int bcount = 0;
97*2d543d20SAndroid Build Coastguard Worker unsigned int i;
98*2d543d20SAndroid Build Coastguard Worker int curvalue, newvalue;
99*2d543d20SAndroid Build Coastguard Worker
100*2d543d20SAndroid Build Coastguard Worker /* Allocate a sufficiently large array */
101*2d543d20SAndroid Build Coastguard Worker blist = malloc(sizeof(SELboolean) * count);
102*2d543d20SAndroid Build Coastguard Worker if (blist == NULL)
103*2d543d20SAndroid Build Coastguard Worker goto omem;
104*2d543d20SAndroid Build Coastguard Worker
105*2d543d20SAndroid Build Coastguard Worker /* Populate array */
106*2d543d20SAndroid Build Coastguard Worker for (i = 0; i < count; i++) {
107*2d543d20SAndroid Build Coastguard Worker name = semanage_bool_get_name(booleans[i]);
108*2d543d20SAndroid Build Coastguard Worker if (!name)
109*2d543d20SAndroid Build Coastguard Worker goto omem;
110*2d543d20SAndroid Build Coastguard Worker newvalue = semanage_bool_get_value(booleans[i]);
111*2d543d20SAndroid Build Coastguard Worker curvalue = security_get_boolean_active(name);
112*2d543d20SAndroid Build Coastguard Worker if (newvalue == curvalue)
113*2d543d20SAndroid Build Coastguard Worker continue;
114*2d543d20SAndroid Build Coastguard Worker blist[bcount].name = strdup(name);
115*2d543d20SAndroid Build Coastguard Worker if (blist[bcount].name == NULL)
116*2d543d20SAndroid Build Coastguard Worker goto omem;
117*2d543d20SAndroid Build Coastguard Worker blist[bcount].value = newvalue;
118*2d543d20SAndroid Build Coastguard Worker bcount++;
119*2d543d20SAndroid Build Coastguard Worker }
120*2d543d20SAndroid Build Coastguard Worker
121*2d543d20SAndroid Build Coastguard Worker /* Commit */
122*2d543d20SAndroid Build Coastguard Worker if (security_set_boolean_list(bcount, blist, 0) < 0) {
123*2d543d20SAndroid Build Coastguard Worker ERR(handle, "libselinux commit failed");
124*2d543d20SAndroid Build Coastguard Worker goto err;
125*2d543d20SAndroid Build Coastguard Worker }
126*2d543d20SAndroid Build Coastguard Worker
127*2d543d20SAndroid Build Coastguard Worker for (i = 0; i < bcount; i++)
128*2d543d20SAndroid Build Coastguard Worker free(blist[i].name);
129*2d543d20SAndroid Build Coastguard Worker free(blist);
130*2d543d20SAndroid Build Coastguard Worker return STATUS_SUCCESS;
131*2d543d20SAndroid Build Coastguard Worker
132*2d543d20SAndroid Build Coastguard Worker omem:
133*2d543d20SAndroid Build Coastguard Worker ERR(handle, "out of memory");
134*2d543d20SAndroid Build Coastguard Worker
135*2d543d20SAndroid Build Coastguard Worker err:
136*2d543d20SAndroid Build Coastguard Worker ERR(handle, "could not commit boolean list");
137*2d543d20SAndroid Build Coastguard Worker for (i = 0; i < bcount; i++)
138*2d543d20SAndroid Build Coastguard Worker free(blist[i].name);
139*2d543d20SAndroid Build Coastguard Worker free(blist);
140*2d543d20SAndroid Build Coastguard Worker return STATUS_ERR;
141*2d543d20SAndroid Build Coastguard Worker }
142*2d543d20SAndroid Build Coastguard Worker
143*2d543d20SAndroid Build Coastguard Worker /* BOOL RECORD: ACTIVEDB extension: method table */
144*2d543d20SAndroid Build Coastguard Worker record_activedb_table_t SEMANAGE_BOOL_ACTIVEDB_RTABLE = {
145*2d543d20SAndroid Build Coastguard Worker .read_list = bool_read_list,
146*2d543d20SAndroid Build Coastguard Worker .commit_list = bool_commit_list,
147*2d543d20SAndroid Build Coastguard Worker };
148*2d543d20SAndroid Build Coastguard Worker
bool_activedb_dbase_init(semanage_handle_t * handle,dbase_config_t * dconfig)149*2d543d20SAndroid Build Coastguard Worker int bool_activedb_dbase_init(semanage_handle_t * handle,
150*2d543d20SAndroid Build Coastguard Worker dbase_config_t * dconfig)
151*2d543d20SAndroid Build Coastguard Worker {
152*2d543d20SAndroid Build Coastguard Worker
153*2d543d20SAndroid Build Coastguard Worker if (dbase_activedb_init(handle,
154*2d543d20SAndroid Build Coastguard Worker &SEMANAGE_BOOL_RTABLE,
155*2d543d20SAndroid Build Coastguard Worker &SEMANAGE_BOOL_ACTIVEDB_RTABLE,
156*2d543d20SAndroid Build Coastguard Worker &dconfig->dbase) < 0)
157*2d543d20SAndroid Build Coastguard Worker return STATUS_ERR;
158*2d543d20SAndroid Build Coastguard Worker
159*2d543d20SAndroid Build Coastguard Worker dconfig->dtable = &SEMANAGE_ACTIVEDB_DTABLE;
160*2d543d20SAndroid Build Coastguard Worker return STATUS_SUCCESS;
161*2d543d20SAndroid Build Coastguard Worker }
162*2d543d20SAndroid Build Coastguard Worker
bool_activedb_dbase_release(dbase_config_t * dconfig)163*2d543d20SAndroid Build Coastguard Worker void bool_activedb_dbase_release(dbase_config_t * dconfig)
164*2d543d20SAndroid Build Coastguard Worker {
165*2d543d20SAndroid Build Coastguard Worker
166*2d543d20SAndroid Build Coastguard Worker dbase_activedb_release(dconfig->dbase);
167*2d543d20SAndroid Build Coastguard Worker }
168