1 /*
2  * Copyright 2013 Tresys Technology, LLC. All rights reserved.
3  *
4  * Redistribution and use in source and binary forms, with or without
5  * modification, are permitted provided that the following conditions are met:
6  *
7  *    1. Redistributions of source code must retain the above copyright notice,
8  *       this list of conditions and the following disclaimer.
9  *
10  *    2. Redistributions in binary form must reproduce the above copyright notice,
11  *       this list of conditions and the following disclaimer in the documentation
12  *       and/or other materials provided with the distribution.
13  *
14  * THIS SOFTWARE IS PROVIDED BY TRESYS TECHNOLOGY, LLC ``AS IS'' AND ANY EXPRESS
15  * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
16  * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO
17  * EVENT SHALL TRESYS TECHNOLOGY, LLC OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
18  * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
19  * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
20  * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
21  * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
22  * OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
23  * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
24  *
25  * The views and conclusions contained in the software and documentation are those
26  * of the authors and should not be interpreted as representing official policies,
27  * either expressed or implied, of Tresys Technology, LLC.
28  */
29 
30 #ifndef CIL_FLAVOR_H_
31 #define CIL_FLAVOR_H_
32 
33 /*
34 	Tree/list node types
35 */
36 #define CIL_MIN_OP_OPERANDS 1000
37 #define CIL_MIN_DECLARATIVE 2000
38 
39 enum cil_flavor {
40 	CIL_NONE = 0,
41 	CIL_ROOT,
42 	CIL_NODE,
43 	CIL_STRING,
44 	CIL_DATUM,
45 	CIL_LIST,
46 	CIL_LIST_ITEM,
47 	CIL_PARAM,
48 	CIL_ARGS,
49 	CIL_BLOCKINHERIT,
50 	CIL_BLOCKABSTRACT,
51 	CIL_IN,
52 	CIL_CALL,
53 	CIL_BOOLEANIF,
54 	CIL_TUNABLEIF,
55 	CIL_CONDBLOCK,
56 	CIL_CONDTRUE,
57 	CIL_CONDFALSE,
58 	CIL_CLASSORDER,
59 	CIL_CLASSCOMMON,
60 	CIL_CLASSMAPPING,
61 	CIL_CLASSPERMS,
62 	CIL_CLASSPERMS_SET,
63 	CIL_CLASSPERMISSIONSET,
64 	CIL_USERPREFIX,
65 	CIL_USERROLE,
66 	CIL_USERATTRIBUTESET,
67 	CIL_USERLEVEL,
68 	CIL_USERRANGE,
69 	CIL_USERBOUNDS,
70 	CIL_SELINUXUSER,
71 	CIL_SELINUXUSERDEFAULT,
72 	CIL_ROLEATTRIBUTESET,
73 	CIL_ROLETYPE,
74 	CIL_ROLEBOUNDS,
75 	CIL_TYPEATTRIBUTESET,
76 	CIL_EXPANDTYPEATTRIBUTE,
77 	CIL_TYPEALIASACTUAL,
78 	CIL_TYPEBOUNDS,
79 	CIL_TYPEPERMISSIVE,
80 	CIL_SENSALIASACTUAL,
81 	CIL_SENSITIVITYORDER,
82 	CIL_SENSCAT,
83 	CIL_CATALIASACTUAL,
84 	CIL_CATORDER,
85 	CIL_SIDORDER,
86 	CIL_ROLEALLOW,
87 	CIL_AVRULE,
88 	CIL_AVRULEX,
89 	CIL_ROLETRANSITION,
90 	CIL_TYPE_RULE,
91 	CIL_NAMETYPETRANSITION,
92 	CIL_RANGETRANSITION,
93 	CIL_CONSTRAIN,
94 	CIL_MLSCONSTRAIN,
95 	CIL_VALIDATETRANS,
96 	CIL_MLSVALIDATETRANS,
97 	CIL_SIDCONTEXT,
98 	CIL_FSUSE,
99 	CIL_FILECON,
100 	CIL_PORTCON,
101 	CIL_NODECON,
102 	CIL_GENFSCON,
103 	CIL_NETIFCON,
104 	CIL_PIRQCON,
105 	CIL_IOMEMCON,
106 	CIL_IOPORTCON,
107 	CIL_PCIDEVICECON,
108 	CIL_DEVICETREECON,
109 	CIL_DEFAULTUSER,
110 	CIL_DEFAULTROLE,
111 	CIL_DEFAULTTYPE,
112 	CIL_DEFAULTRANGE,
113 	CIL_HANDLEUNKNOWN,
114 	CIL_MLS,
115 	CIL_SRC_INFO,
116 	CIL_IBPKEYCON,
117 	CIL_IBENDPORTCON,
118 
119 /*
120  *          boolean  constraint  set  catset
121  *  dom                  X
122  *  domby                X
123  *  incomp               X
124  *  eq         X         X
125  *  ne         X         X
126  *  and        X         X        X    X
127  *  not        X         X        X    X
128  *  or         X         X        X    X
129  *  xor        X                  X    X
130  *  all                           X    X
131  *  range                              X
132 */
133 	CIL_OP = CIL_MIN_OP_OPERANDS,
134 	CIL_ALL,
135 	CIL_AND,
136 	CIL_OR,
137 	CIL_XOR,
138 	CIL_NOT,
139 	CIL_EQ,
140 	CIL_NEQ,
141 	CIL_RANGE,
142 	CIL_CONS_DOM,
143 	CIL_CONS_DOMBY,
144 	CIL_CONS_INCOMP,
145 	CIL_CONS_OPERAND,
146 	CIL_CONS_U1,
147 	CIL_CONS_U2,
148 	CIL_CONS_U3,
149 	CIL_CONS_T1,
150 	CIL_CONS_T2,
151 	CIL_CONS_T3,
152 	CIL_CONS_R1,
153 	CIL_CONS_R2,
154 	CIL_CONS_R3,
155 	CIL_CONS_L1,
156 	CIL_CONS_L2,
157 	CIL_CONS_H1,
158 	CIL_CONS_H2,
159 
160 	CIL_BLOCK = CIL_MIN_DECLARATIVE,
161 	CIL_MACRO,
162 	CIL_OPTIONAL,
163 	CIL_BOOL,
164 	CIL_TUNABLE,
165 	CIL_PERM,
166 	CIL_MAP_PERM,
167 	CIL_COMMON,
168 	CIL_CLASS,
169 	CIL_MAP_CLASS,
170 	CIL_CLASSPERMISSION,
171 	CIL_USER,
172 	CIL_USERATTRIBUTE,
173 	CIL_ROLE,
174 	CIL_ROLEATTRIBUTE,
175 	CIL_TYPE,
176 	CIL_TYPEATTRIBUTE,
177 	CIL_TYPEALIAS,
178 	CIL_SENS,
179 	CIL_SENSALIAS,
180 	CIL_CAT,
181 	CIL_CATSET,
182 	CIL_CATALIAS,
183 	CIL_LEVEL,
184 	CIL_LEVELRANGE,
185 	CIL_SID,
186 	CIL_NAME,
187 	CIL_CONTEXT,
188 	CIL_IPADDR,
189 	CIL_POLICYCAP,
190 	CIL_PERMISSIONX
191 };
192 
193 
194 #endif /* CIL_FLAVOR_H_ */
195