xref: /aosp_15_r20/external/selinux/libsepol/cil/src/cil_fqn.c (revision 2d543d20722ada2425b5bdab9d0d1d29470e7bba) 
1*2d543d20SAndroid Build Coastguard Worker /*
2*2d543d20SAndroid Build Coastguard Worker  * Copyright 2011 Tresys Technology, LLC. All rights reserved.
3*2d543d20SAndroid Build Coastguard Worker  *
4*2d543d20SAndroid Build Coastguard Worker  * Redistribution and use in source and binary forms, with or without
5*2d543d20SAndroid Build Coastguard Worker  * modification, are permitted provided that the following conditions are met:
6*2d543d20SAndroid Build Coastguard Worker  *
7*2d543d20SAndroid Build Coastguard Worker  *    1. Redistributions of source code must retain the above copyright notice,
8*2d543d20SAndroid Build Coastguard Worker  *       this list of conditions and the following disclaimer.
9*2d543d20SAndroid Build Coastguard Worker  *
10*2d543d20SAndroid Build Coastguard Worker  *    2. Redistributions in binary form must reproduce the above copyright notice,
11*2d543d20SAndroid Build Coastguard Worker  *       this list of conditions and the following disclaimer in the documentation
12*2d543d20SAndroid Build Coastguard Worker  *       and/or other materials provided with the distribution.
13*2d543d20SAndroid Build Coastguard Worker  *
14*2d543d20SAndroid Build Coastguard Worker  * THIS SOFTWARE IS PROVIDED BY TRESYS TECHNOLOGY, LLC ``AS IS'' AND ANY EXPRESS
15*2d543d20SAndroid Build Coastguard Worker  * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
16*2d543d20SAndroid Build Coastguard Worker  * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO
17*2d543d20SAndroid Build Coastguard Worker  * EVENT SHALL TRESYS TECHNOLOGY, LLC OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
18*2d543d20SAndroid Build Coastguard Worker  * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
19*2d543d20SAndroid Build Coastguard Worker  * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
20*2d543d20SAndroid Build Coastguard Worker  * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
21*2d543d20SAndroid Build Coastguard Worker  * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
22*2d543d20SAndroid Build Coastguard Worker  * OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
23*2d543d20SAndroid Build Coastguard Worker  * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
24*2d543d20SAndroid Build Coastguard Worker  *
25*2d543d20SAndroid Build Coastguard Worker  * The views and conclusions contained in the software and documentation are those
26*2d543d20SAndroid Build Coastguard Worker  * of the authors and should not be interpreted as representing official policies,
27*2d543d20SAndroid Build Coastguard Worker  * either expressed or implied, of Tresys Technology, LLC.
28*2d543d20SAndroid Build Coastguard Worker  */
29*2d543d20SAndroid Build Coastguard Worker 
30*2d543d20SAndroid Build Coastguard Worker #include <stdlib.h>
31*2d543d20SAndroid Build Coastguard Worker #include <stdio.h>
32*2d543d20SAndroid Build Coastguard Worker #include <string.h>
33*2d543d20SAndroid Build Coastguard Worker 
34*2d543d20SAndroid Build Coastguard Worker #include "cil_fqn.h"
35*2d543d20SAndroid Build Coastguard Worker #include "cil_internal.h"
36*2d543d20SAndroid Build Coastguard Worker #include "cil_log.h"
37*2d543d20SAndroid Build Coastguard Worker #include "cil_strpool.h"
38*2d543d20SAndroid Build Coastguard Worker #include "cil_symtab.h"
39*2d543d20SAndroid Build Coastguard Worker 
40*2d543d20SAndroid Build Coastguard Worker struct cil_fqn_args {
41*2d543d20SAndroid Build Coastguard Worker 	char prefix[CIL_MAX_NAME_LENGTH];
42*2d543d20SAndroid Build Coastguard Worker 	int len;
43*2d543d20SAndroid Build Coastguard Worker 	struct cil_tree_node *node;
44*2d543d20SAndroid Build Coastguard Worker };
45*2d543d20SAndroid Build Coastguard Worker 
__cil_fqn_qualify_decls(hashtab_key_t k,hashtab_datum_t d,void * args)46*2d543d20SAndroid Build Coastguard Worker static int __cil_fqn_qualify_decls(__attribute__((unused)) hashtab_key_t k, hashtab_datum_t d, void *args)
47*2d543d20SAndroid Build Coastguard Worker {
48*2d543d20SAndroid Build Coastguard Worker 	struct cil_fqn_args *fqn_args = args;
49*2d543d20SAndroid Build Coastguard Worker 	struct cil_symtab_datum *datum = (struct cil_symtab_datum *)d;
50*2d543d20SAndroid Build Coastguard Worker 	int newlen;
51*2d543d20SAndroid Build Coastguard Worker 	char prefix[CIL_MAX_NAME_LENGTH];
52*2d543d20SAndroid Build Coastguard Worker 	int rc = SEPOL_OK;
53*2d543d20SAndroid Build Coastguard Worker 
54*2d543d20SAndroid Build Coastguard Worker 	if (fqn_args->len == 0) {
55*2d543d20SAndroid Build Coastguard Worker 		goto exit;
56*2d543d20SAndroid Build Coastguard Worker 	}
57*2d543d20SAndroid Build Coastguard Worker 
58*2d543d20SAndroid Build Coastguard Worker 	newlen = fqn_args->len + strlen(datum->name);
59*2d543d20SAndroid Build Coastguard Worker 	if (newlen >= CIL_MAX_NAME_LENGTH) {
60*2d543d20SAndroid Build Coastguard Worker 		cil_log(CIL_INFO, "Fully qualified name for %s is too long\n", datum->name);
61*2d543d20SAndroid Build Coastguard Worker 		rc = SEPOL_ERR;
62*2d543d20SAndroid Build Coastguard Worker 		goto exit;
63*2d543d20SAndroid Build Coastguard Worker 	}
64*2d543d20SAndroid Build Coastguard Worker 	strcpy(prefix, fqn_args->prefix);
65*2d543d20SAndroid Build Coastguard Worker 	strcat(prefix, datum->name);
66*2d543d20SAndroid Build Coastguard Worker 	datum->fqn = cil_strpool_add(prefix);
67*2d543d20SAndroid Build Coastguard Worker 
68*2d543d20SAndroid Build Coastguard Worker exit:
69*2d543d20SAndroid Build Coastguard Worker 	return rc;
70*2d543d20SAndroid Build Coastguard Worker }
71*2d543d20SAndroid Build Coastguard Worker 
__cil_fqn_qualify_blocks(hashtab_key_t k,hashtab_datum_t d,void * args)72*2d543d20SAndroid Build Coastguard Worker static int __cil_fqn_qualify_blocks(__attribute__((unused)) hashtab_key_t k, hashtab_datum_t d, void *args)
73*2d543d20SAndroid Build Coastguard Worker {
74*2d543d20SAndroid Build Coastguard Worker 	struct cil_fqn_args *fqn_args = args;
75*2d543d20SAndroid Build Coastguard Worker 	struct cil_fqn_args child_args;
76*2d543d20SAndroid Build Coastguard Worker 	struct cil_block *block = (struct cil_block *)d;
77*2d543d20SAndroid Build Coastguard Worker 	struct cil_symtab_datum *datum = (struct cil_symtab_datum *)block;
78*2d543d20SAndroid Build Coastguard Worker 	struct cil_tree_node *node = NODE(datum);
79*2d543d20SAndroid Build Coastguard Worker 	int i;
80*2d543d20SAndroid Build Coastguard Worker 	int rc = SEPOL_OK;
81*2d543d20SAndroid Build Coastguard Worker 	int newlen;
82*2d543d20SAndroid Build Coastguard Worker 
83*2d543d20SAndroid Build Coastguard Worker 	if (node->flavor != CIL_BLOCK) {
84*2d543d20SAndroid Build Coastguard Worker 		goto exit;
85*2d543d20SAndroid Build Coastguard Worker 	}
86*2d543d20SAndroid Build Coastguard Worker 
87*2d543d20SAndroid Build Coastguard Worker 	newlen = fqn_args->len + strlen(datum->name) + 1;
88*2d543d20SAndroid Build Coastguard Worker 	if (newlen >= CIL_MAX_NAME_LENGTH) {
89*2d543d20SAndroid Build Coastguard Worker 		cil_log(CIL_INFO, "Fully qualified name for block %s is too long\n", datum->name);
90*2d543d20SAndroid Build Coastguard Worker 		rc = SEPOL_ERR;
91*2d543d20SAndroid Build Coastguard Worker 		goto exit;
92*2d543d20SAndroid Build Coastguard Worker 	}
93*2d543d20SAndroid Build Coastguard Worker 
94*2d543d20SAndroid Build Coastguard Worker 	child_args.node = node;
95*2d543d20SAndroid Build Coastguard Worker 	child_args.len = newlen;
96*2d543d20SAndroid Build Coastguard Worker 	strcpy(child_args.prefix, fqn_args->prefix);
97*2d543d20SAndroid Build Coastguard Worker 	strcat(child_args.prefix, datum->name);
98*2d543d20SAndroid Build Coastguard Worker 	strcat(child_args.prefix, ".");
99*2d543d20SAndroid Build Coastguard Worker 
100*2d543d20SAndroid Build Coastguard Worker 	for (i=1; i<CIL_SYM_NUM; i++) {
101*2d543d20SAndroid Build Coastguard Worker 		switch (i) {
102*2d543d20SAndroid Build Coastguard Worker 		case CIL_SYM_CLASSPERMSETS:
103*2d543d20SAndroid Build Coastguard Worker 		case CIL_SYM_CONTEXTS:
104*2d543d20SAndroid Build Coastguard Worker 		case CIL_SYM_LEVELRANGES:
105*2d543d20SAndroid Build Coastguard Worker 		case CIL_SYM_IPADDRS:
106*2d543d20SAndroid Build Coastguard Worker 		case CIL_SYM_STRINGS:
107*2d543d20SAndroid Build Coastguard Worker 		case CIL_SYM_PERMX:
108*2d543d20SAndroid Build Coastguard Worker 			/* These do not show up in the kernel policy */
109*2d543d20SAndroid Build Coastguard Worker 			break;
110*2d543d20SAndroid Build Coastguard Worker 		case CIL_SYM_POLICYCAPS:
111*2d543d20SAndroid Build Coastguard Worker 			/* Valid policy capability names are defined in libsepol */
112*2d543d20SAndroid Build Coastguard Worker 			break;
113*2d543d20SAndroid Build Coastguard Worker 		default:
114*2d543d20SAndroid Build Coastguard Worker 			rc = cil_symtab_map(&(block->symtab[i]), __cil_fqn_qualify_decls, &child_args);
115*2d543d20SAndroid Build Coastguard Worker 			if (rc != SEPOL_OK) {
116*2d543d20SAndroid Build Coastguard Worker 				goto exit;
117*2d543d20SAndroid Build Coastguard Worker 			}
118*2d543d20SAndroid Build Coastguard Worker 			break;
119*2d543d20SAndroid Build Coastguard Worker 		}
120*2d543d20SAndroid Build Coastguard Worker 	}
121*2d543d20SAndroid Build Coastguard Worker 
122*2d543d20SAndroid Build Coastguard Worker 	rc = cil_symtab_map(&(block->symtab[CIL_SYM_BLOCKS]), __cil_fqn_qualify_blocks, &child_args);
123*2d543d20SAndroid Build Coastguard Worker 
124*2d543d20SAndroid Build Coastguard Worker exit:
125*2d543d20SAndroid Build Coastguard Worker 	if (rc != SEPOL_OK) {
126*2d543d20SAndroid Build Coastguard Worker 		cil_tree_log(node, CIL_ERR,"Problem qualifying names in block");
127*2d543d20SAndroid Build Coastguard Worker 	}
128*2d543d20SAndroid Build Coastguard Worker 
129*2d543d20SAndroid Build Coastguard Worker 	return rc;
130*2d543d20SAndroid Build Coastguard Worker }
131*2d543d20SAndroid Build Coastguard Worker 
cil_fqn_qualify(struct cil_tree_node * root_node)132*2d543d20SAndroid Build Coastguard Worker int cil_fqn_qualify(struct cil_tree_node *root_node)
133*2d543d20SAndroid Build Coastguard Worker {
134*2d543d20SAndroid Build Coastguard Worker 	struct cil_root *root = root_node->data;
135*2d543d20SAndroid Build Coastguard Worker 	struct cil_fqn_args fqn_args;
136*2d543d20SAndroid Build Coastguard Worker 
137*2d543d20SAndroid Build Coastguard Worker 	fqn_args.prefix[0] = '\0';
138*2d543d20SAndroid Build Coastguard Worker 	fqn_args.len = 0;
139*2d543d20SAndroid Build Coastguard Worker 	fqn_args.node = root_node;
140*2d543d20SAndroid Build Coastguard Worker 
141*2d543d20SAndroid Build Coastguard Worker 	return cil_symtab_map(&(root->symtab[CIL_SYM_BLOCKS]), __cil_fqn_qualify_blocks, &fqn_args);
142*2d543d20SAndroid Build Coastguard Worker }
143*2d543d20SAndroid Build Coastguard Worker 
144