linux/security/selinux/ss/conditional.h

/* Authors: Karl MacMillan <kmacmillan@tresys.com>
 *          Frank Mayer <mayerf@tresys.com>
 *
 * Copyright (C) 2003 - 2004 Tresys Technology, LLC
 *	This program is free software; you can redistribute it and/or modify
 *  	it under the terms of the GNU General Public License as published by
 *	the Free Software Foundation, version 2.
 */

#ifndef _CONDITIONAL_H_
#define _CONDITIONAL_H_

#include "avtab.h"
#include "symtab.h"
#include "policydb.h"
#include "../include/conditional.h"

#define COND_EXPR_MAXDEPTH 10

/*
 * A conditional expression is a list of operators and operands
 * in reverse polish notation.
 */
struct cond_expr {
#define COND_BOOL	1 /* plain bool */
#define COND_NOT	2 /* !bool */
#define COND_OR		3 /* bool || bool */
#define COND_AND	4 /* bool && bool */
#define COND_XOR	5 /* bool ^ bool */
#define COND_EQ		6 /* bool == bool */
#define COND_NEQ	7 /* bool != bool */
#define COND_LAST	COND_NEQ
	__u32 expr_type;
	__u32 bool;
	struct cond_expr *next;
};

/*
 * Each cond_node contains a list of rules to be enabled/disabled
 * depending on the current value of the conditional expression. This
 * struct is for that list.
 */
struct cond_av_list {
	struct avtab_node *node;
	struct cond_av_list *next;
};

/*
 * A cond node represents a conditional block in a policy. It
 * contains a conditional expression, the current state of the expression,
 * two lists of rules to enable/disable depending on the value of the
 * expression (the true list corresponds to if and the false list corresponds
 * to else)..
 */
struct cond_node {
	int cur_state;
	struct cond_expr *expr;
	struct cond_av_list *true_list;
	struct cond_av_list *false_list;
	struct cond_node *next;
};

int cond_policydb_init(struct policydb *p);
void cond_policydb_destroy(struct policydb *p);

int cond_init_bool_indexes(struct policydb *p);
int cond_destroy_bool(void *key, void *datum, void *p);

int cond_index_bool(void *key, void *datum, void *datap);

int cond_read_bool(struct policydb *p, struct hashtab *h, void *fp);
int cond_read_list(struct policydb *p, void *fp);
int cond_write_bool(void *key, void *datum, void *ptr);
int cond_write_list(struct policydb *p, struct cond_node *list, void *fp);

void cond_compute_av(struct avtab *ctab, struct avtab_key *key,
		struct av_decision *avd, struct extended_perms *xperms);
void cond_compute_xperms(struct avtab *ctab, struct avtab_key *key,
		struct extended_perms_decision *xpermd);
int evaluate_cond_node(struct policydb *p, struct cond_node *node);

#endif /* _CONDITIONAL_H_ */
Linux-2.6.12-rc2 Initial git repository build. I'm not bothering with the full history, even though we have it. We can create a separate "historical" git archive of that later if we want to, and in the meantime it's about 3.2GB when imported into git - space that would just make the early git days unnecessarily complicated, when we don't have a lot of good infrastructure for it. Let it rip! 2005-04-17 02:20:36 +04:00			`/* Authors: Karl MacMillan <kmacmillan@tresys.com>`
			`* Frank Mayer <mayerf@tresys.com>`
			`*`
			`* Copyright (C) 2003 - 2004 Tresys Technology, LLC`
			`* This program is free software; you can redistribute it and/or modify`
			`* it under the terms of the GNU General Public License as published by`
			`* the Free Software Foundation, version 2.`
			`*/`

			`#ifndef _CONDITIONAL_H_`
			`#define _CONDITIONAL_H_`

			`#include "avtab.h"`
			`#include "symtab.h"`
			`#include "policydb.h"`
selinux: sparse fix: fix several warnings in the security server code Fix several sparse warnings in the SELinux security server code. Signed-off-by: James Morris <jmorris@namei.org> 2011-08-30 06:52:32 +04:00			`#include "../include/conditional.h"`
Linux-2.6.12-rc2 Initial git repository build. I'm not bothering with the full history, even though we have it. We can create a separate "historical" git archive of that later if we want to, and in the meantime it's about 3.2GB when imported into git - space that would just make the early git days unnecessarily complicated, when we don't have a lot of good infrastructure for it. Let it rip! 2005-04-17 02:20:36 +04:00
			`#define COND_EXPR_MAXDEPTH 10`

			`/*`
			`* A conditional expression is a list of operators and operands`
			`* in reverse polish notation.`
			`*/`
			`struct cond_expr {`
			`#define COND_BOOL 1 /* plain bool */`
			`#define COND_NOT 2 /* !bool */`
			`#define COND_OR 3 /* bool \|\| bool */`
			`#define COND_AND 4 /* bool && bool */`
			`#define COND_XOR 5 /* bool ^ bool */`
			`#define COND_EQ 6 /* bool == bool */`
			`#define COND_NEQ 7 /* bool != bool */`
selinux: conditional expression type validation was off-by-one expr_isvalid() in conditional.c was off-by-one and allowed invalid expression type COND_LAST. However, it is this header file that needs to be fixed. That way the if-statement's disjunction's second component reads more naturally, "if expr type is greater than the last allowed value" ( rather than using ">=" in conditional.c): if (expr->expr_type <= 0 \|\| expr->expr_type > COND_LAST) Signed-off-by: Vesa-Matti Kari <vmkari@cc.helsinki.fi> Signed-off-by: James Morris <jmorris@namei.org> 2008-08-06 19:24:51 +04:00			`#define COND_LAST COND_NEQ`
Linux-2.6.12-rc2 Initial git repository build. I'm not bothering with the full history, even though we have it. We can create a separate "historical" git archive of that later if we want to, and in the meantime it's about 3.2GB when imported into git - space that would just make the early git days unnecessarily complicated, when we don't have a lot of good infrastructure for it. Let it rip! 2005-04-17 02:20:36 +04:00			`__u32 expr_type;`
			`__u32 bool;`
			`struct cond_expr *next;`
			`};`

			`/*`
			`* Each cond_node contains a list of rules to be enabled/disabled`
			`* depending on the current value of the conditional expression. This`
			`* struct is for that list.`
			`*/`
			`struct cond_av_list {`
			`struct avtab_node *node;`
			`struct cond_av_list *next;`
			`};`

			`/*`
			`* A cond node represents a conditional block in a policy. It`
			`* contains a conditional expression, the current state of the expression,`
			`* two lists of rules to enable/disable depending on the value of the`
			`* expression (the true list corresponds to if and the false list corresponds`
			`* to else)..`
			`*/`
			`struct cond_node {`
			`int cur_state;`
			`struct cond_expr *expr;`
			`struct cond_av_list *true_list;`
			`struct cond_av_list *false_list;`
			`struct cond_node *next;`
			`};`

SELinux: ss/conditional.h whitespace, syntax, and other cleanups This patch changes ss/conditional.h to fix whitespace and syntax issues. Things that are fixed may include (does not not have to include) location of * in pointer declarations Signed-off-by: Eric Paris <eparis@redhat.com> Signed-off-by: James Morris <jmorris@namei.org> 2008-04-23 01:46:12 +04:00			`int cond_policydb_init(struct policydb *p);`
			`void cond_policydb_destroy(struct policydb *p);`
Linux-2.6.12-rc2 Initial git repository build. I'm not bothering with the full history, even though we have it. We can create a separate "historical" git archive of that later if we want to, and in the meantime it's about 3.2GB when imported into git - space that would just make the early git days unnecessarily complicated, when we don't have a lot of good infrastructure for it. Let it rip! 2005-04-17 02:20:36 +04:00
SELinux: ss/conditional.h whitespace, syntax, and other cleanups This patch changes ss/conditional.h to fix whitespace and syntax issues. Things that are fixed may include (does not not have to include) location of * in pointer declarations Signed-off-by: Eric Paris <eparis@redhat.com> Signed-off-by: James Morris <jmorris@namei.org> 2008-04-23 01:46:12 +04:00			`int cond_init_bool_indexes(struct policydb *p);`
Linux-2.6.12-rc2 Initial git repository build. I'm not bothering with the full history, even though we have it. We can create a separate "historical" git archive of that later if we want to, and in the meantime it's about 3.2GB when imported into git - space that would just make the early git days unnecessarily complicated, when we don't have a lot of good infrastructure for it. Let it rip! 2005-04-17 02:20:36 +04:00			`int cond_destroy_bool(void key, void datum, void *p);`

			`int cond_index_bool(void key, void datum, void *datap);`

			`int cond_read_bool(struct policydb p, struct hashtab h, void *fp);`
			`int cond_read_list(struct policydb p, void fp);`
SELinux: allow userspace to read policy back out of the kernel There is interest in being able to see what the actual policy is that was loaded into the kernel. The patch creates a new selinuxfs file /selinux/policy which can be read by userspace. The actual policy that is loaded into the kernel will be written back out to userspace. Signed-off-by: Eric Paris <eparis@redhat.com> Signed-off-by: James Morris <jmorris@namei.org> 2010-10-14 01:50:25 +04:00			`int cond_write_bool(void key, void datum, void *ptr);`
			`int cond_write_list(struct policydb p, struct cond_node list, void *fp);`
Linux-2.6.12-rc2 Initial git repository build. I'm not bothering with the full history, even though we have it. We can create a separate "historical" git archive of that later if we want to, and in the meantime it's about 3.2GB when imported into git - space that would just make the early git days unnecessarily complicated, when we don't have a lot of good infrastructure for it. Let it rip! 2005-04-17 02:20:36 +04:00
selinux: extended permissions for ioctls Add extended permissions logic to selinux. Extended permissions provides additional permissions in 256 bit increments. Extend the generic ioctl permission check to use the extended permissions for per-command filtering. Source/target/class sets including the ioctl permission may additionally include a set of commands. Example: allowxperm <source> <target>:<class> ioctl unpriv_app_socket_cmds auditallowxperm <source> <target>:<class> ioctl priv_gpu_cmds Where unpriv_app_socket_cmds and priv_gpu_cmds are macros representing commonly granted sets of ioctl commands. When ioctl commands are omitted only the permissions are checked. This feature is intended to provide finer granularity for the ioctl permission that may be too imprecise. For example, the same driver may use ioctls to provide important and benign functionality such as driver version or socket type as well as dangerous capabilities such as debugging features, read/write/execute to physical memory or access to sensitive data. Per-command filtering provides a mechanism to reduce the attack surface of the kernel, and limit applications to the subset of commands required. The format of the policy binary has been modified to include ioctl commands, and the policy version number has been incremented to POLICYDB_VERSION_XPERMS_IOCTL=30 to account for the format change. The extended permissions logic is deliberately generic to allow components to be reused e.g. netlink filters Signed-off-by: Jeff Vander Stoep <jeffv@google.com> Acked-by: Nick Kralevich <nnk@google.com> Signed-off-by: Paul Moore <pmoore@redhat.com> 2015-07-11 00:19:56 +03:00			`void cond_compute_av(struct avtab ctab, struct avtab_key key,`
			`struct av_decision avd, struct extended_perms xperms);`
			`void cond_compute_xperms(struct avtab ctab, struct avtab_key key,`
			`struct extended_perms_decision *xpermd);`
Linux-2.6.12-rc2 Initial git repository build. I'm not bothering with the full history, even though we have it. We can create a separate "historical" git archive of that later if we want to, and in the meantime it's about 3.2GB when imported into git - space that would just make the early git days unnecessarily complicated, when we don't have a lot of good infrastructure for it. Let it rip! 2005-04-17 02:20:36 +04:00			`int evaluate_cond_node(struct policydb p, struct cond_node node);`

			`#endif /* _CONDITIONAL_H_ */`