xref: /aosp_15_r20/system/sepolicy/tools/sepolicy-analyze/utils.c (revision e4a36f4174b17bbab9dc043f4a65dc8d87377290) 
1*e4a36f41SAndroid Build Coastguard Worker #include <fcntl.h>
2*e4a36f41SAndroid Build Coastguard Worker #include <sepol/policydb/policydb.h>
3*e4a36f41SAndroid Build Coastguard Worker #include <sepol/policydb/util.h>
4*e4a36f41SAndroid Build Coastguard Worker #include <sys/mman.h>
5*e4a36f41SAndroid Build Coastguard Worker #include <sys/stat.h>
6*e4a36f41SAndroid Build Coastguard Worker #include <unistd.h>
7*e4a36f41SAndroid Build Coastguard Worker 
8*e4a36f41SAndroid Build Coastguard Worker #include "utils.h"
9*e4a36f41SAndroid Build Coastguard Worker 
10*e4a36f41SAndroid Build Coastguard Worker bool USAGE_ERROR = false;
11*e4a36f41SAndroid Build Coastguard Worker 
display_allow(policydb_t * policydb,avtab_key_t * key,int idx,uint32_t perms)12*e4a36f41SAndroid Build Coastguard Worker void display_allow(policydb_t *policydb, avtab_key_t *key, int idx, uint32_t perms)
13*e4a36f41SAndroid Build Coastguard Worker {
14*e4a36f41SAndroid Build Coastguard Worker     printf("    allow %s %s:%s { %s };\n",
15*e4a36f41SAndroid Build Coastguard Worker            policydb->p_type_val_to_name[key->source_type
16*e4a36f41SAndroid Build Coastguard Worker                                         ? key->source_type - 1 : idx],
17*e4a36f41SAndroid Build Coastguard Worker            key->target_type == key->source_type ? "self" :
18*e4a36f41SAndroid Build Coastguard Worker            policydb->p_type_val_to_name[key->target_type
19*e4a36f41SAndroid Build Coastguard Worker                                         ? key->target_type - 1 : idx],
20*e4a36f41SAndroid Build Coastguard Worker            policydb->p_class_val_to_name[key->target_class - 1],
21*e4a36f41SAndroid Build Coastguard Worker            sepol_av_to_string
22*e4a36f41SAndroid Build Coastguard Worker            (policydb, key->target_class, perms));
23*e4a36f41SAndroid Build Coastguard Worker }
24*e4a36f41SAndroid Build Coastguard Worker 
load_policy(char * filename,policydb_t * policydb,struct policy_file * pf)25*e4a36f41SAndroid Build Coastguard Worker bool load_policy(char *filename, policydb_t * policydb, struct policy_file *pf)
26*e4a36f41SAndroid Build Coastguard Worker {
27*e4a36f41SAndroid Build Coastguard Worker     int fd = -1;
28*e4a36f41SAndroid Build Coastguard Worker     struct stat sb;
29*e4a36f41SAndroid Build Coastguard Worker     void *map = MAP_FAILED;
30*e4a36f41SAndroid Build Coastguard Worker     bool ret = false;
31*e4a36f41SAndroid Build Coastguard Worker 
32*e4a36f41SAndroid Build Coastguard Worker     fd = open(filename, O_RDONLY);
33*e4a36f41SAndroid Build Coastguard Worker     if (fd < 0) {
34*e4a36f41SAndroid Build Coastguard Worker         fprintf(stderr, "Can't open '%s':  %s\n", filename, strerror(errno));
35*e4a36f41SAndroid Build Coastguard Worker         goto cleanup;
36*e4a36f41SAndroid Build Coastguard Worker     }
37*e4a36f41SAndroid Build Coastguard Worker     if (fstat(fd, &sb) < 0) {
38*e4a36f41SAndroid Build Coastguard Worker         fprintf(stderr, "Can't stat '%s':  %s\n", filename, strerror(errno));
39*e4a36f41SAndroid Build Coastguard Worker         goto cleanup;
40*e4a36f41SAndroid Build Coastguard Worker     }
41*e4a36f41SAndroid Build Coastguard Worker     map = mmap(NULL, sb.st_size, PROT_READ | PROT_WRITE, MAP_PRIVATE, fd, 0);
42*e4a36f41SAndroid Build Coastguard Worker     if (map == MAP_FAILED) {
43*e4a36f41SAndroid Build Coastguard Worker         fprintf(stderr, "Can't mmap '%s':  %s\n", filename, strerror(errno));
44*e4a36f41SAndroid Build Coastguard Worker         goto cleanup;
45*e4a36f41SAndroid Build Coastguard Worker     }
46*e4a36f41SAndroid Build Coastguard Worker 
47*e4a36f41SAndroid Build Coastguard Worker     policy_file_init(pf);
48*e4a36f41SAndroid Build Coastguard Worker     pf->type = PF_USE_MEMORY;
49*e4a36f41SAndroid Build Coastguard Worker     pf->data = map;
50*e4a36f41SAndroid Build Coastguard Worker     pf->len = sb.st_size;
51*e4a36f41SAndroid Build Coastguard Worker     if (policydb_init(policydb)) {
52*e4a36f41SAndroid Build Coastguard Worker         fprintf(stderr, "Could not initialize policydb!\n");
53*e4a36f41SAndroid Build Coastguard Worker         goto cleanup;
54*e4a36f41SAndroid Build Coastguard Worker     }
55*e4a36f41SAndroid Build Coastguard Worker     if (policydb_read(policydb, pf, 0)) {
56*e4a36f41SAndroid Build Coastguard Worker         fprintf(stderr, "error(s) encountered while parsing configuration\n");
57*e4a36f41SAndroid Build Coastguard Worker         goto cleanup;
58*e4a36f41SAndroid Build Coastguard Worker     }
59*e4a36f41SAndroid Build Coastguard Worker 
60*e4a36f41SAndroid Build Coastguard Worker     ret = true;
61*e4a36f41SAndroid Build Coastguard Worker 
62*e4a36f41SAndroid Build Coastguard Worker cleanup:
63*e4a36f41SAndroid Build Coastguard Worker     if (map != MAP_FAILED) {
64*e4a36f41SAndroid Build Coastguard Worker         munmap(map, sb.st_size);
65*e4a36f41SAndroid Build Coastguard Worker     }
66*e4a36f41SAndroid Build Coastguard Worker     if (fd >= 0) {
67*e4a36f41SAndroid Build Coastguard Worker         close(fd);
68*e4a36f41SAndroid Build Coastguard Worker     }
69*e4a36f41SAndroid Build Coastguard Worker     return ret;
70*e4a36f41SAndroid Build Coastguard Worker }
71