xref: /aosp_15_r20/external/selinux/secilc/secil2tree.c (revision 2d543d20722ada2425b5bdab9d0d1d29470e7bba) 
1 /*
2  * Copyright 2011 Tresys Technology, LLC. All rights reserved.
3  *
4  * Redistribution and use in source and binary forms, with or without
5  * modification, are permitted provided that the following conditions are met:
6  *
7  *    1. Redistributions of source code must retain the above copyright notice,
8  *       this list of conditions and the following disclaimer.
9  *
10  *    2. Redistributions in binary form must reproduce the above copyright notice,
11  *       this list of conditions and the following disclaimer in the documentation
12  *       and/or other materials provided with the distribution.
13  *
14  * THIS SOFTWARE IS PROVIDED BY TRESYS TECHNOLOGY, LLC ``AS IS'' AND ANY EXPRESS
15  * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
16  * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO
17  * EVENT SHALL TRESYS TECHNOLOGY, LLC OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
18  * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
19  * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
20  * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
21  * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
22  * OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
23  * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
24  *
25  * The views and conclusions contained in the software and documentation are those
26  * of the authors and should not be interpreted as representing official policies,
27  * either expressed or implied, of Tresys Technology, LLC.
28  */
29 
30 #include <stdlib.h>
31 #include <stdio.h>
32 #include <stdint.h>
33 #include <string.h>
34 #include <getopt.h>
35 #include <sys/stat.h>
36 
37 #ifdef ANDROID
38 #include <cil/cil.h>
39 #else
40 #include <sepol/cil/cil.h>
41 #endif
42 #include <sepol/policydb.h>
43 
44 enum write_ast_phase {
45 	WRITE_AST_PHASE_PARSE = 0,
46 	WRITE_AST_PHASE_BUILD,
47 	WRITE_AST_PHASE_RESOLVE,
48 	WRITE_AST_PHASE_POST,
49 };
50 
usage(const char * prog)51 static __attribute__((__noreturn__)) void usage(const char *prog)
52 {
53 	printf("Usage: %s [OPTION]... FILE...\n", prog);
54 	printf("\n");
55 	printf("Options:\n");
56 	printf("  -o, --output=<file>      write AST to <file>. (default: stdout)\n");
57 	printf("  -P, --preserve-tunables  treat tunables as booleans\n");
58 	printf("  -Q, --qualified-names    Allow names containing dots (qualified names).\n");
59 	printf("                           Blocks, blockinherits, blockabstracts, and\n");
60 	printf("                           in-statements will not be allowed.\n");
61 	printf("  -A, --ast-phase=<phase>  write AST of phase <phase>. Phase must be parse, \n");
62 	printf("                           build, resolve, or post. (default: resolve)\n");
63 	printf("  -v, --verbose            increment verbosity level\n");
64 	printf("  -h, --help               display usage information\n");
65 	exit(1);
66 }
67 
main(int argc,char * argv[])68 int main(int argc, char *argv[])
69 {
70 	int rc = SEPOL_ERR;
71 	FILE *file = NULL;
72 	char *buffer = NULL;
73 	struct stat filedata;
74 	uint32_t file_size;
75 	char *output = NULL;
76 	struct cil_db *db = NULL;
77 	int preserve_tunables = 0;
78 	int qualified_names = 0;
79 	enum write_ast_phase write_ast = WRITE_AST_PHASE_RESOLVE;
80 	int opt_char;
81 	int opt_index = 0;
82 	enum cil_log_level log_level = CIL_ERR;
83 	static struct option long_opts[] = {
84 		{"help", no_argument, 0, 'h'},
85 		{"verbose", no_argument, 0, 'v'},
86 		{"preserve-tunables", no_argument, 0, 'P'},
87 		{"qualified-names", no_argument, 0, 'Q'},
88 		{"output", required_argument, 0, 'o'},
89 		{"ast-phase", required_argument, 0, 'A'},
90 		{0, 0, 0, 0}
91 	};
92 	int i;
93 
94 	while (1) {
95 		opt_char = getopt_long(argc, argv, "o:hvPQA:", long_opts, &opt_index);
96 		if (opt_char == -1) {
97 			break;
98 		}
99 		switch (opt_char) {
100 			case 'v':
101 				log_level++;
102 				break;
103 			case 'P':
104 				preserve_tunables = 1;
105 				break;
106 			case 'Q':
107 				qualified_names = 1;
108 				break;
109 			case 'o':
110 				output = strdup(optarg);
111 				break;
112 			case 'A':
113 				if (!strcasecmp(optarg, "parse")) {
114 					write_ast = WRITE_AST_PHASE_PARSE;
115 				} else if (!strcasecmp(optarg, "build")) {
116 					write_ast = WRITE_AST_PHASE_BUILD;
117 				} else if (!strcasecmp(optarg, "resolve")) {
118 					write_ast = WRITE_AST_PHASE_RESOLVE;
119 				} else if (!strcasecmp(optarg, "post")) {
120 					write_ast = WRITE_AST_PHASE_POST;
121 				} else {
122 					fprintf(stderr, "Invalid AST phase: %s\n", optarg);
123 					usage(argv[0]);
124 				}
125 				break;
126 			case 'h':
127 				usage(argv[0]);
128 			case '?':
129 				break;
130 			default:
131 				fprintf(stderr, "Unsupported option: %s\n", optarg);
132 				usage(argv[0]);
133 		}
134 	}
135 
136 	if (optind >= argc) {
137 		fprintf(stderr, "No cil files specified\n");
138 		usage(argv[0]);
139 	}
140 
141 	cil_set_log_level(log_level);
142 
143 	cil_db_init(&db);
144 	cil_set_preserve_tunables(db, preserve_tunables);
145 	cil_set_qualified_names(db, qualified_names);
146 	cil_set_attrs_expand_generated(db, 0);
147 	cil_set_attrs_expand_size(db, 0);
148 
149 	for (i = optind; i < argc; i++) {
150 		file = fopen(argv[i], "r");
151 		if (!file) {
152 			fprintf(stderr, "Could not open file: %s\n", argv[i]);
153 			rc = SEPOL_ERR;
154 			goto exit;
155 		}
156 		rc = stat(argv[i], &filedata);
157 		if (rc == -1) {
158 			fprintf(stderr, "Could not stat file: %s\n", argv[i]);
159 			goto exit;
160 		}
161 		file_size = filedata.st_size;
162 
163 		buffer = malloc(file_size);
164 		if (!buffer) {
165 			fprintf(stderr, "Out of memory\n");
166 			rc = SEPOL_ERR;
167 			goto exit;
168 		}
169 
170 		rc = fread(buffer, file_size, 1, file);
171 		if (rc != 1) {
172 			fprintf(stderr, "Failure reading file: %s\n", argv[i]);
173 			goto exit;
174 		}
175 		fclose(file);
176 		file = NULL;
177 
178 		rc = cil_add_file(db, argv[i], buffer, file_size);
179 		if (rc != SEPOL_OK) {
180 			fprintf(stderr, "Failure adding %s\n", argv[i]);
181 			goto exit;
182 		}
183 
184 		free(buffer);
185 		buffer = NULL;
186 	}
187 
188 	if (output == NULL) {
189 		file = stdout;
190 	} else {
191 		file = fopen(output, "w");
192 		if (file == NULL) {
193 			fprintf(stderr, "Failure opening file %s for writing\n", output);
194 			rc = SEPOL_ERR;
195 			goto exit;
196 		}
197 	}
198 
199 	switch (write_ast) {
200 	case WRITE_AST_PHASE_PARSE:
201 		rc = cil_write_parse_ast(file, db);
202 		break;
203 	case WRITE_AST_PHASE_BUILD:
204 		rc = cil_write_build_ast(file, db);
205 		break;
206 	case WRITE_AST_PHASE_RESOLVE:
207 		rc = cil_write_resolve_ast(file, db);
208 		break;
209 	case WRITE_AST_PHASE_POST:
210 		rc = cil_write_post_ast(file, db);
211 		break;
212 	}
213 
214 	if (rc != SEPOL_OK) {
215 		fprintf(stderr, "Failed to write AST\n");
216 		goto exit;
217 	}
218 
219 exit:
220 	if (file != NULL && file != stdin) {
221 		fclose(file);
222 	}
223 	free(buffer);
224 	free(output);
225 	cil_db_destroy(&db);
226 	return rc;
227 }
228