1*2d543d20SAndroid Build Coastguard Worker /* Copyright (C) 2005 Red Hat, Inc. */
2*2d543d20SAndroid Build Coastguard Worker
3*2d543d20SAndroid Build Coastguard Worker struct semanage_iface;
4*2d543d20SAndroid Build Coastguard Worker struct semanage_iface_key;
5*2d543d20SAndroid Build Coastguard Worker typedef struct semanage_iface record_t;
6*2d543d20SAndroid Build Coastguard Worker typedef struct semanage_iface_key record_key_t;
7*2d543d20SAndroid Build Coastguard Worker #define DBASE_RECORD_DEFINED
8*2d543d20SAndroid Build Coastguard Worker
9*2d543d20SAndroid Build Coastguard Worker struct dbase_file;
10*2d543d20SAndroid Build Coastguard Worker typedef struct dbase_file dbase_t;
11*2d543d20SAndroid Build Coastguard Worker #define DBASE_DEFINED
12*2d543d20SAndroid Build Coastguard Worker
13*2d543d20SAndroid Build Coastguard Worker #include <stdlib.h>
14*2d543d20SAndroid Build Coastguard Worker #include <stdio.h>
15*2d543d20SAndroid Build Coastguard Worker #include <semanage/handle.h>
16*2d543d20SAndroid Build Coastguard Worker #include "iface_internal.h"
17*2d543d20SAndroid Build Coastguard Worker #include "database_file.h"
18*2d543d20SAndroid Build Coastguard Worker #include "parse_utils.h"
19*2d543d20SAndroid Build Coastguard Worker #include "debug.h"
20*2d543d20SAndroid Build Coastguard Worker
iface_print(semanage_handle_t * handle,semanage_iface_t * iface,FILE * str)21*2d543d20SAndroid Build Coastguard Worker static int iface_print(semanage_handle_t * handle,
22*2d543d20SAndroid Build Coastguard Worker semanage_iface_t * iface, FILE * str)
23*2d543d20SAndroid Build Coastguard Worker {
24*2d543d20SAndroid Build Coastguard Worker
25*2d543d20SAndroid Build Coastguard Worker char *con_str = NULL;
26*2d543d20SAndroid Build Coastguard Worker
27*2d543d20SAndroid Build Coastguard Worker const char *name = semanage_iface_get_name(iface);
28*2d543d20SAndroid Build Coastguard Worker semanage_context_t *ifcon = semanage_iface_get_ifcon(iface);
29*2d543d20SAndroid Build Coastguard Worker semanage_context_t *msgcon = semanage_iface_get_msgcon(iface);
30*2d543d20SAndroid Build Coastguard Worker
31*2d543d20SAndroid Build Coastguard Worker if (fprintf(str, "netifcon %s ", name) < 0)
32*2d543d20SAndroid Build Coastguard Worker goto err;
33*2d543d20SAndroid Build Coastguard Worker
34*2d543d20SAndroid Build Coastguard Worker if (semanage_context_to_string(handle, ifcon, &con_str) < 0)
35*2d543d20SAndroid Build Coastguard Worker goto err;
36*2d543d20SAndroid Build Coastguard Worker if (fprintf(str, "%s ", con_str) < 0)
37*2d543d20SAndroid Build Coastguard Worker goto err;
38*2d543d20SAndroid Build Coastguard Worker free(con_str);
39*2d543d20SAndroid Build Coastguard Worker con_str = NULL;
40*2d543d20SAndroid Build Coastguard Worker
41*2d543d20SAndroid Build Coastguard Worker if (semanage_context_to_string(handle, msgcon, &con_str) < 0)
42*2d543d20SAndroid Build Coastguard Worker goto err;
43*2d543d20SAndroid Build Coastguard Worker if (fprintf(str, "%s\n", con_str) < 0)
44*2d543d20SAndroid Build Coastguard Worker goto err;
45*2d543d20SAndroid Build Coastguard Worker free(con_str);
46*2d543d20SAndroid Build Coastguard Worker con_str = NULL;
47*2d543d20SAndroid Build Coastguard Worker
48*2d543d20SAndroid Build Coastguard Worker return STATUS_SUCCESS;
49*2d543d20SAndroid Build Coastguard Worker
50*2d543d20SAndroid Build Coastguard Worker err:
51*2d543d20SAndroid Build Coastguard Worker ERR(handle, "could not print interface %s to stream", name);
52*2d543d20SAndroid Build Coastguard Worker free(con_str);
53*2d543d20SAndroid Build Coastguard Worker return STATUS_ERR;
54*2d543d20SAndroid Build Coastguard Worker }
55*2d543d20SAndroid Build Coastguard Worker
iface_parse(semanage_handle_t * handle,parse_info_t * info,semanage_iface_t * iface)56*2d543d20SAndroid Build Coastguard Worker static int iface_parse(semanage_handle_t * handle,
57*2d543d20SAndroid Build Coastguard Worker parse_info_t * info, semanage_iface_t * iface)
58*2d543d20SAndroid Build Coastguard Worker {
59*2d543d20SAndroid Build Coastguard Worker
60*2d543d20SAndroid Build Coastguard Worker char *str = NULL;
61*2d543d20SAndroid Build Coastguard Worker semanage_context_t *con = NULL;
62*2d543d20SAndroid Build Coastguard Worker
63*2d543d20SAndroid Build Coastguard Worker if (parse_skip_space(handle, info) < 0)
64*2d543d20SAndroid Build Coastguard Worker goto err;
65*2d543d20SAndroid Build Coastguard Worker if (!info->ptr)
66*2d543d20SAndroid Build Coastguard Worker goto last;
67*2d543d20SAndroid Build Coastguard Worker
68*2d543d20SAndroid Build Coastguard Worker /* Header */
69*2d543d20SAndroid Build Coastguard Worker if (parse_assert_str(handle, info, "netifcon") < 0)
70*2d543d20SAndroid Build Coastguard Worker goto err;
71*2d543d20SAndroid Build Coastguard Worker if (parse_assert_space(handle, info) < 0)
72*2d543d20SAndroid Build Coastguard Worker goto err;
73*2d543d20SAndroid Build Coastguard Worker
74*2d543d20SAndroid Build Coastguard Worker /* Name */
75*2d543d20SAndroid Build Coastguard Worker if (parse_fetch_string(handle, info, &str, ' ', 0) < 0)
76*2d543d20SAndroid Build Coastguard Worker goto err;
77*2d543d20SAndroid Build Coastguard Worker if (semanage_iface_set_name(handle, iface, str) < 0)
78*2d543d20SAndroid Build Coastguard Worker goto err;
79*2d543d20SAndroid Build Coastguard Worker free(str);
80*2d543d20SAndroid Build Coastguard Worker str = NULL;
81*2d543d20SAndroid Build Coastguard Worker
82*2d543d20SAndroid Build Coastguard Worker /* Interface context */
83*2d543d20SAndroid Build Coastguard Worker if (parse_assert_space(handle, info) < 0)
84*2d543d20SAndroid Build Coastguard Worker goto err;
85*2d543d20SAndroid Build Coastguard Worker if (parse_fetch_string(handle, info, &str, ' ', 0) < 0)
86*2d543d20SAndroid Build Coastguard Worker goto err;
87*2d543d20SAndroid Build Coastguard Worker if (semanage_context_from_string(handle, str, &con) < 0) {
88*2d543d20SAndroid Build Coastguard Worker ERR(handle, "invalid security context \"%s\" (%s: %u)\n%s",
89*2d543d20SAndroid Build Coastguard Worker str, info->filename, info->lineno, info->orig_line);
90*2d543d20SAndroid Build Coastguard Worker goto err;
91*2d543d20SAndroid Build Coastguard Worker }
92*2d543d20SAndroid Build Coastguard Worker if (con == NULL) {
93*2d543d20SAndroid Build Coastguard Worker ERR(handle, "<<none>> context is not valid for "
94*2d543d20SAndroid Build Coastguard Worker "interfaces (%s: %u)\n%s", info->filename,
95*2d543d20SAndroid Build Coastguard Worker info->lineno, info->orig_line);
96*2d543d20SAndroid Build Coastguard Worker goto err;
97*2d543d20SAndroid Build Coastguard Worker }
98*2d543d20SAndroid Build Coastguard Worker free(str);
99*2d543d20SAndroid Build Coastguard Worker str = NULL;
100*2d543d20SAndroid Build Coastguard Worker
101*2d543d20SAndroid Build Coastguard Worker if (semanage_iface_set_ifcon(handle, iface, con) < 0)
102*2d543d20SAndroid Build Coastguard Worker goto err;
103*2d543d20SAndroid Build Coastguard Worker semanage_context_free(con);
104*2d543d20SAndroid Build Coastguard Worker con = NULL;
105*2d543d20SAndroid Build Coastguard Worker
106*2d543d20SAndroid Build Coastguard Worker /* Message context */
107*2d543d20SAndroid Build Coastguard Worker if (parse_assert_space(handle, info) < 0)
108*2d543d20SAndroid Build Coastguard Worker goto err;
109*2d543d20SAndroid Build Coastguard Worker if (parse_fetch_string(handle, info, &str, ' ', 0) < 0)
110*2d543d20SAndroid Build Coastguard Worker goto err;
111*2d543d20SAndroid Build Coastguard Worker if (semanage_context_from_string(handle, str, &con) < 0) {
112*2d543d20SAndroid Build Coastguard Worker ERR(handle, "invalid security context \"%s\" (%s: %u)\n%s",
113*2d543d20SAndroid Build Coastguard Worker str, info->filename, info->lineno, info->orig_line);
114*2d543d20SAndroid Build Coastguard Worker goto err;
115*2d543d20SAndroid Build Coastguard Worker }
116*2d543d20SAndroid Build Coastguard Worker if (con == NULL) {
117*2d543d20SAndroid Build Coastguard Worker ERR(handle, "<<none>> context is not valid for "
118*2d543d20SAndroid Build Coastguard Worker "interfaces (%s: %u)\n%s", info->filename,
119*2d543d20SAndroid Build Coastguard Worker info->lineno, info->orig_line);
120*2d543d20SAndroid Build Coastguard Worker goto err;
121*2d543d20SAndroid Build Coastguard Worker }
122*2d543d20SAndroid Build Coastguard Worker free(str);
123*2d543d20SAndroid Build Coastguard Worker str = NULL;
124*2d543d20SAndroid Build Coastguard Worker
125*2d543d20SAndroid Build Coastguard Worker if (semanage_iface_set_msgcon(handle, iface, con) < 0)
126*2d543d20SAndroid Build Coastguard Worker goto err;
127*2d543d20SAndroid Build Coastguard Worker semanage_context_free(con);
128*2d543d20SAndroid Build Coastguard Worker con = NULL;
129*2d543d20SAndroid Build Coastguard Worker
130*2d543d20SAndroid Build Coastguard Worker if (parse_assert_space(handle, info) < 0)
131*2d543d20SAndroid Build Coastguard Worker goto err;
132*2d543d20SAndroid Build Coastguard Worker
133*2d543d20SAndroid Build Coastguard Worker return STATUS_SUCCESS;
134*2d543d20SAndroid Build Coastguard Worker
135*2d543d20SAndroid Build Coastguard Worker last:
136*2d543d20SAndroid Build Coastguard Worker parse_dispose_line(info);
137*2d543d20SAndroid Build Coastguard Worker return STATUS_NODATA;
138*2d543d20SAndroid Build Coastguard Worker
139*2d543d20SAndroid Build Coastguard Worker err:
140*2d543d20SAndroid Build Coastguard Worker ERR(handle, "could not parse interface record");
141*2d543d20SAndroid Build Coastguard Worker free(str);
142*2d543d20SAndroid Build Coastguard Worker semanage_context_free(con);
143*2d543d20SAndroid Build Coastguard Worker parse_dispose_line(info);
144*2d543d20SAndroid Build Coastguard Worker return STATUS_ERR;
145*2d543d20SAndroid Build Coastguard Worker }
146*2d543d20SAndroid Build Coastguard Worker
147*2d543d20SAndroid Build Coastguard Worker /* IFACE RECORD: FILE extension: method table */
148*2d543d20SAndroid Build Coastguard Worker record_file_table_t SEMANAGE_IFACE_FILE_RTABLE = {
149*2d543d20SAndroid Build Coastguard Worker .parse = iface_parse,
150*2d543d20SAndroid Build Coastguard Worker .print = iface_print,
151*2d543d20SAndroid Build Coastguard Worker };
152*2d543d20SAndroid Build Coastguard Worker
iface_file_dbase_init(semanage_handle_t * handle,const char * path_ro,const char * path_rw,dbase_config_t * dconfig)153*2d543d20SAndroid Build Coastguard Worker int iface_file_dbase_init(semanage_handle_t * handle,
154*2d543d20SAndroid Build Coastguard Worker const char *path_ro,
155*2d543d20SAndroid Build Coastguard Worker const char *path_rw,
156*2d543d20SAndroid Build Coastguard Worker dbase_config_t * dconfig)
157*2d543d20SAndroid Build Coastguard Worker {
158*2d543d20SAndroid Build Coastguard Worker
159*2d543d20SAndroid Build Coastguard Worker if (dbase_file_init(handle,
160*2d543d20SAndroid Build Coastguard Worker path_ro,
161*2d543d20SAndroid Build Coastguard Worker path_rw,
162*2d543d20SAndroid Build Coastguard Worker &SEMANAGE_IFACE_RTABLE,
163*2d543d20SAndroid Build Coastguard Worker &SEMANAGE_IFACE_FILE_RTABLE, &dconfig->dbase) < 0)
164*2d543d20SAndroid Build Coastguard Worker return STATUS_ERR;
165*2d543d20SAndroid Build Coastguard Worker
166*2d543d20SAndroid Build Coastguard Worker dconfig->dtable = &SEMANAGE_FILE_DTABLE;
167*2d543d20SAndroid Build Coastguard Worker return STATUS_SUCCESS;
168*2d543d20SAndroid Build Coastguard Worker }
169*2d543d20SAndroid Build Coastguard Worker
iface_file_dbase_release(dbase_config_t * dconfig)170*2d543d20SAndroid Build Coastguard Worker void iface_file_dbase_release(dbase_config_t * dconfig)
171*2d543d20SAndroid Build Coastguard Worker {
172*2d543d20SAndroid Build Coastguard Worker
173*2d543d20SAndroid Build Coastguard Worker dbase_file_release(dconfig->dbase);
174*2d543d20SAndroid Build Coastguard Worker }
175