Lines Matching full:pdb
31 static char *cond_expr_to_str(struct policydb *pdb, struct cond_expr *expr) in cond_expr_to_str() argument
46 char *val1 = pdb->p_bool_val_to_name[curr->bool - 1]; in cond_expr_to_str()
121 static char *constraint_expr_to_str(struct policydb *pdb, struct constraint_expr *expr, int *use_ml… in constraint_expr_to_str() argument
185 names = ebitmap_to_str(&ts->types, pdb->p_type_val_to_name, 1); in constraint_expr_to_str()
187 names = ebitmap_to_str(&curr->names, pdb->p_user_val_to_name, 1); in constraint_expr_to_str()
189 names = ebitmap_to_str(&curr->names, pdb->p_role_val_to_name, 1); in constraint_expr_to_str()
266 static int class_constraint_rules_to_strs(struct policydb *pdb, char *classkey, in class_constraint_rules_to_strs() argument
281 expr = constraint_expr_to_str(pdb, curr->expr, &is_mls); in class_constraint_rules_to_strs()
287 perms = sepol_av_to_string(pdb, class->s.value, curr->permissions); in class_constraint_rules_to_strs()
310 static int class_validatetrans_rules_to_strs(struct policydb *pdb, char *classkey, in class_validatetrans_rules_to_strs() argument
323 expr = constraint_expr_to_str(pdb, curr->expr, &is_mls); in class_validatetrans_rules_to_strs()
348 static int constraint_rules_to_strs(struct policydb *pdb, struct strs *mls_strs, struct strs *non_m… in constraint_rules_to_strs() argument
355 for (i=0; i < pdb->p_classes.nprim; i++) { in constraint_rules_to_strs()
356 class = pdb->class_val_to_struct[i]; in constraint_rules_to_strs()
358 name = pdb->p_class_val_to_name[i]; in constraint_rules_to_strs()
359 … rc = class_constraint_rules_to_strs(pdb, name, class, class->constraints, mls_strs, non_mls_strs); in constraint_rules_to_strs()
373 static int validatetrans_rules_to_strs(struct policydb *pdb, struct strs *mls_strs, struct strs *no… in validatetrans_rules_to_strs() argument
380 for (i=0; i < pdb->p_classes.nprim; i++) { in validatetrans_rules_to_strs()
381 class = pdb->class_val_to_struct[i]; in validatetrans_rules_to_strs()
383 name = pdb->p_class_val_to_name[i]; in validatetrans_rules_to_strs()
384 rc = class_validatetrans_rules_to_strs(pdb, name, class->validatetrans, mls_strs, non_mls_strs); in validatetrans_rules_to_strs()
398 static int write_handle_unknown_to_cil(FILE *out, struct policydb *pdb) in write_handle_unknown_to_cil() argument
402 switch (pdb->handle_unknown) { in write_handle_unknown_to_cil()
413 sepol_log_err("Unknown value for handle-unknown: %i", pdb->handle_unknown); in write_handle_unknown_to_cil()
448 static int write_class_decl_rules_to_cil(FILE *out, struct policydb *pdb) in write_class_decl_rules_to_cil() argument
458 for (i=0; i < pdb->p_classes.nprim; i++) { in write_class_decl_rules_to_cil()
459 class = pdb->class_val_to_struct[i]; in write_class_decl_rules_to_cil()
460 name = pdb->p_class_val_to_name[i]; in write_class_decl_rules_to_cil()
473 for (i=0; i < pdb->p_classes.nprim; i++) { in write_class_decl_rules_to_cil()
477 name = pdb->p_class_val_to_name[i]; in write_class_decl_rules_to_cil()
485 for (i=0; i < pdb->p_classes.nprim; i++) { in write_class_decl_rules_to_cil()
486 class = pdb->class_val_to_struct[i]; in write_class_decl_rules_to_cil()
487 name = pdb->p_class_val_to_name[i]; in write_class_decl_rules_to_cil()
494 used = calloc(pdb->p_commons.nprim, sizeof(*used)); in write_class_decl_rules_to_cil()
500 for (i=0; i < pdb->p_classes.nprim; i++) { in write_class_decl_rules_to_cil()
501 class = pdb->class_val_to_struct[i]; in write_class_decl_rules_to_cil()
504 common = hashtab_search(pdb->p_commons.table, name); in write_class_decl_rules_to_cil()
604 static int write_sid_decl_rules_to_cil(FILE *out, struct policydb *pdb) in write_sid_decl_rules_to_cil() argument
608 if (pdb->target_platform == SEPOL_TARGET_SELINUX) { in write_sid_decl_rules_to_cil()
610 pdb->ocontexts[0]); in write_sid_decl_rules_to_cil()
611 } else if (pdb->target_platform == SEPOL_TARGET_XEN) { in write_sid_decl_rules_to_cil()
613 pdb->ocontexts[0]); in write_sid_decl_rules_to_cil()
615 sepol_log_err("Unknown target platform: %i", pdb->target_platform); in write_sid_decl_rules_to_cil()
717 static int write_default_rules_to_cil(FILE *out, struct policydb *pdb) in write_default_rules_to_cil() argument
724 for (i=0; i < pdb->p_classes.nprim; i++) { in write_default_rules_to_cil()
725 class = pdb->class_val_to_struct[i]; in write_default_rules_to_cil()
727 rc = write_default_user_to_cil(out, pdb->p_class_val_to_name[i], class); in write_default_rules_to_cil()
735 for (i=0; i < pdb->p_classes.nprim; i++) { in write_default_rules_to_cil()
736 class = pdb->class_val_to_struct[i]; in write_default_rules_to_cil()
738 rc = write_default_role_to_cil(out, pdb->p_class_val_to_name[i], class); in write_default_rules_to_cil()
746 for (i=0; i < pdb->p_classes.nprim; i++) { in write_default_rules_to_cil()
747 class = pdb->class_val_to_struct[i]; in write_default_rules_to_cil()
749 rc = write_default_type_to_cil(out, pdb->p_class_val_to_name[i], class); in write_default_rules_to_cil()
756 if (!pdb->mls) { in write_default_rules_to_cil()
761 for (i=0; i < pdb->p_classes.nprim; i++) { in write_default_rules_to_cil()
762 class = pdb->class_val_to_struct[i]; in write_default_rules_to_cil()
764 rc = write_default_range_to_cil(out, pdb->p_class_val_to_name[i], class); in write_default_rules_to_cil()
799 static int write_sensitivity_rules_to_cil(FILE *out, struct policydb *pdb) in write_sensitivity_rules_to_cil() argument
807 rc = strs_init(&strs, pdb->p_levels.nprim); in write_sensitivity_rules_to_cil()
813 for (i=0; i < pdb->p_levels.nprim; i++) { in write_sensitivity_rules_to_cil()
814 name = pdb->p_sens_val_to_name[i]; in write_sensitivity_rules_to_cil()
816 level = hashtab_search(pdb->p_levels.table, name); in write_sensitivity_rules_to_cil()
829 for (i=0; i < pdb->p_levels.nprim; i++) { in write_sensitivity_rules_to_cil()
830 name = pdb->p_sens_val_to_name[i]; in write_sensitivity_rules_to_cil()
832 level = hashtab_search(pdb->p_levels.table, name); in write_sensitivity_rules_to_cil()
849 rc = hashtab_map(pdb->p_levels.table, map_sensitivity_aliases_to_strs, strs); in write_sensitivity_rules_to_cil()
861 level = hashtab_search(pdb->p_levels.table, name); in write_sensitivity_rules_to_cil()
872 level = hashtab_search(pdb->p_levels.table, name); in write_sensitivity_rules_to_cil()
877 actual = pdb->p_sens_val_to_name[level->level->sens - 1]; in write_sensitivity_rules_to_cil()
904 static int write_category_rules_to_cil(FILE *out, struct policydb *pdb) in write_category_rules_to_cil() argument
912 rc = strs_init(&strs, pdb->p_levels.nprim); in write_category_rules_to_cil()
918 for (i=0; i < pdb->p_cats.nprim; i++) { in write_category_rules_to_cil()
919 name = pdb->p_cat_val_to_name[i]; in write_category_rules_to_cil()
921 cat = hashtab_search(pdb->p_cats.table, name); in write_category_rules_to_cil()
934 for (i=0; i < pdb->p_cats.nprim; i++) { in write_category_rules_to_cil()
935 name = pdb->p_cat_val_to_name[i]; in write_category_rules_to_cil()
937 cat = hashtab_search(pdb->p_cats.table, name); in write_category_rules_to_cil()
954 rc = hashtab_map(pdb->p_cats.table, map_category_aliases_to_strs, strs); in write_category_rules_to_cil()
966 cat = hashtab_search(pdb->p_cats.table, name); in write_category_rules_to_cil()
977 cat = hashtab_search(pdb->p_cats.table, name); in write_category_rules_to_cil()
982 actual = pdb->p_cat_val_to_name[cat->s.value - 1]; in write_category_rules_to_cil()
1086 static int write_sensitivitycategory_rules_to_cil(FILE *out, struct policydb *pdb) in write_sensitivitycategory_rules_to_cil() argument
1094 for (i=0; i < pdb->p_levels.nprim; i++) { in write_sensitivitycategory_rules_to_cil()
1095 name = pdb->p_sens_val_to_name[i]; in write_sensitivitycategory_rules_to_cil()
1097 level = hashtab_search(pdb->p_levels.table, name); in write_sensitivitycategory_rules_to_cil()
1105 cats = cats_ebitmap_to_str(&level->level->cat, pdb->p_cat_val_to_name); in write_sensitivitycategory_rules_to_cil()
1119 static int write_mls_rules_to_cil(FILE *out, struct policydb *pdb) in write_mls_rules_to_cil() argument
1123 if (!pdb->mls) { in write_mls_rules_to_cil()
1132 rc = write_sensitivity_rules_to_cil(out, pdb); in write_mls_rules_to_cil()
1137 rc = write_category_rules_to_cil(out, pdb); in write_mls_rules_to_cil()
1142 rc = write_sensitivitycategory_rules_to_cil(out, pdb); in write_mls_rules_to_cil()
1155 static int write_polcap_rules_to_cil(FILE *out, struct policydb *pdb) in write_polcap_rules_to_cil() argument
1168 ebitmap_for_each_positive_bit(&pdb->policycaps, node, i) { in write_polcap_rules_to_cil()
1196 static int write_type_attributes_to_cil(FILE *out, struct policydb *pdb) in write_type_attributes_to_cil() argument
1204 rc = strs_init(&strs, pdb->p_types.nprim); in write_type_attributes_to_cil()
1209 for (i=0; i < pdb->p_types.nprim; i++) { in write_type_attributes_to_cil()
1210 type = pdb->type_val_to_struct[i]; in write_type_attributes_to_cil()
1212 rc = strs_add(strs, pdb->p_type_val_to_name[i]); in write_type_attributes_to_cil()
1241 static int write_role_attributes_to_cil(FILE *out, struct policydb *pdb) in write_role_attributes_to_cil() argument
1249 rc = strs_init(&strs, pdb->p_roles.nprim); in write_role_attributes_to_cil()
1254 for (i=0; i < pdb->p_roles.nprim; i++) { in write_role_attributes_to_cil()
1255 role = pdb->role_val_to_struct[i]; in write_role_attributes_to_cil()
1257 rc = strs_add(strs, pdb->p_role_val_to_name[i]); in write_role_attributes_to_cil()
1297 static int write_boolean_decl_rules_to_cil(FILE *out, struct policydb *pdb) in write_boolean_decl_rules_to_cil() argument
1307 rc = hashtab_map(pdb->p_bools.table, map_boolean_to_strs, strs); in write_boolean_decl_rules_to_cil()
1326 static int write_type_decl_rules_to_cil(FILE *out, struct policydb *pdb) in write_type_decl_rules_to_cil() argument
1334 rc = strs_init(&strs, pdb->p_types.nprim); in write_type_decl_rules_to_cil()
1339 for (i=0; i < pdb->p_types.nprim; i++) { in write_type_decl_rules_to_cil()
1340 type = pdb->type_val_to_struct[i]; in write_type_decl_rules_to_cil()
1342 rc = strs_add(strs, pdb->p_type_val_to_name[i]); in write_type_decl_rules_to_cil()
1371 static int write_type_alias_rules_to_cil(FILE *out, struct policydb *pdb) in write_type_alias_rules_to_cil() argument
1380 rc = strs_init(&strs, pdb->p_types.nprim); in write_type_alias_rules_to_cil()
1385 for (i=0; i < pdb->p_types.nprim; i++) { in write_type_alias_rules_to_cil()
1386 alias = pdb->type_val_to_struct[i]; in write_type_alias_rules_to_cil()
1388 rc = strs_add(strs, pdb->p_type_val_to_name[i]); in write_type_alias_rules_to_cil()
1413 alias = hashtab_search(pdb->p_types.table, name); in write_type_alias_rules_to_cil()
1418 type = pdb->p_type_val_to_name[alias->s.value - 1]; in write_type_alias_rules_to_cil()
1432 static int write_type_bounds_rules_to_cil(FILE *out, struct policydb *pdb) in write_type_bounds_rules_to_cil() argument
1441 rc = strs_init(&strs, pdb->p_types.nprim); in write_type_bounds_rules_to_cil()
1446 for (i=0; i < pdb->p_types.nprim; i++) { in write_type_bounds_rules_to_cil()
1447 type = pdb->type_val_to_struct[i]; in write_type_bounds_rules_to_cil()
1450 rc = strs_add(strs, pdb->p_type_val_to_name[i]); in write_type_bounds_rules_to_cil()
1467 type = hashtab_search(pdb->p_types.table, child); in write_type_bounds_rules_to_cil()
1472 parent = pdb->p_type_val_to_name[type->bounds - 1]; in write_type_bounds_rules_to_cil()
1486 static int write_type_attribute_sets_to_cil(FILE *out, struct policydb *pdb) in write_type_attribute_sets_to_cil() argument
1495 rc = strs_init(&strs, pdb->p_types.nprim); in write_type_attribute_sets_to_cil()
1500 for (i=0; i < pdb->p_types.nprim; i++) { in write_type_attribute_sets_to_cil()
1501 attr = pdb->type_val_to_struct[i]; in write_type_attribute_sets_to_cil()
1503 name = pdb->p_type_val_to_name[i]; in write_type_attribute_sets_to_cil()
1504 typemap = &pdb->attr_type_map[i]; in write_type_attribute_sets_to_cil()
1506 types = ebitmap_to_str(typemap, pdb->p_type_val_to_name, 1); in write_type_attribute_sets_to_cil()
1534 static int write_type_permissive_rules_to_cil(FILE *out, struct policydb *pdb) in write_type_permissive_rules_to_cil() argument
1542 rc = strs_init(&strs, pdb->p_types.nprim); in write_type_permissive_rules_to_cil()
1547 ebitmap_for_each_positive_bit(&pdb->permissive_map, node, i) { in write_type_permissive_rules_to_cil()
1548 rc = strs_add(strs, pdb->p_type_val_to_name[i-1]); in write_type_permissive_rules_to_cil()
1651 static char *avtab_node_to_str(struct policydb *pdb, avtab_key_t *key, avtab_datum_t *datum) in avtab_node_to_str() argument
1693 src = pdb->p_type_val_to_name[key->source_type - 1]; in avtab_node_to_str()
1694 tgt = pdb->p_type_val_to_name[key->target_type - 1]; in avtab_node_to_str()
1696 type = pdb->type_val_to_struct[key->source_type - 1]; in avtab_node_to_str()
1701 class = pdb->p_class_val_to_name[key->target_class - 1]; in avtab_node_to_str()
1704 perms = sepol_av_to_string(pdb, key->target_class, data); in avtab_node_to_str()
1721 new = pdb->p_type_val_to_name[data - 1]; in avtab_node_to_str()
1737 struct policydb *pdb; member
1746 struct policydb *pdb = map_args->pdb; in map_avtab_write_helper() local
1752 rule = avtab_node_to_str(pdb, key, datum); in map_avtab_write_helper()
1768 static int write_avtab_flavor_to_cil(FILE *out, struct policydb *pdb, uint32_t flavor, int indent) in write_avtab_flavor_to_cil() argument
1779 args.pdb = pdb; in write_avtab_flavor_to_cil()
1783 rc = avtab_map(&pdb->te_avtab, map_avtab_write_helper, &args); in write_avtab_flavor_to_cil()
1798 static int write_avtab_to_cil(FILE *out, struct policydb *pdb, int indent) in write_avtab_to_cil() argument
1804 rc = write_avtab_flavor_to_cil(out, pdb, avtab_flavors[i], indent); in write_avtab_to_cil()
1819 struct policydb *pdb; member
1828 struct policydb *pdb = map_args->pdb; in map_filename_trans_to_str() local
1832 src = pdb->p_type_val_to_name[ft->stype - 1]; in map_filename_trans_to_str()
1833 tgt = pdb->p_type_val_to_name[ft->ttype - 1]; in map_filename_trans_to_str()
1834 class = pdb->p_class_val_to_name[ft->tclass - 1]; in map_filename_trans_to_str()
1836 new = pdb->p_type_val_to_name[datum->otype - 1]; in map_filename_trans_to_str()
1842 static int write_filename_trans_rules_to_cil(FILE *out, struct policydb *pdb) in write_filename_trans_rules_to_cil() argument
1853 args.pdb = pdb; in write_filename_trans_rules_to_cil()
1856 rc = hashtab_map(pdb->filename_trans, map_filename_trans_to_str, &args); in write_filename_trans_rules_to_cil()
1875 static char *level_to_str(struct policydb *pdb, struct mls_level *level) in level_to_str() argument
1879 char *sens_str = pdb->p_sens_val_to_name[level->sens - 1]; in level_to_str()
1883 cats_str = cats_ebitmap_to_str(cats, pdb->p_cat_val_to_name); in level_to_str()
1893 static char *range_to_str(struct policydb *pdb, mls_range_t *range) in range_to_str() argument
1899 low = level_to_str(pdb, &range->level[0]); in range_to_str()
1904 high = level_to_str(pdb, &range->level[1]); in range_to_str()
1919 struct policydb *pdb; member
1928 struct policydb *pdb = map_args->pdb; in map_range_trans_to_str() local
1933 src = pdb->p_type_val_to_name[rt->source_type - 1]; in map_range_trans_to_str()
1934 tgt = pdb->p_type_val_to_name[rt->target_type - 1]; in map_range_trans_to_str()
1935 class = pdb->p_class_val_to_name[rt->target_class - 1]; in map_range_trans_to_str()
1936 range = range_to_str(pdb, mls_range); in map_range_trans_to_str()
1953 static int write_range_trans_rules_to_cil(FILE *out, struct policydb *pdb) in write_range_trans_rules_to_cil() argument
1964 args.pdb = pdb; in write_range_trans_rules_to_cil()
1967 rc = hashtab_map(pdb->range_tr, map_range_trans_to_str, &args); in write_range_trans_rules_to_cil()
1986 static int write_cond_av_list_to_cil(FILE *out, struct policydb *pdb, cond_av_list_t *cond_list, in… in write_cond_av_list_to_cil() argument
2010 rule = avtab_node_to_str(pdb, key, datum); in write_cond_av_list_to_cil()
2049 static int write_cond_nodes_to_cil(FILE *out, struct policydb *pdb) in write_cond_nodes_to_cil() argument
2057 for (cond = pdb->cond_list; cond != NULL; cond = cond->next) { in write_cond_nodes_to_cil()
2068 for (cond = pdb->cond_list; cond != NULL; cond = cond->next) { in write_cond_nodes_to_cil()
2070 expr = cond_expr_to_str(pdb, cond->expr); in write_cond_nodes_to_cil()
2090 rc = write_cond_av_list_to_cil(out, pdb, cond->true_list, 2); in write_cond_nodes_to_cil()
2101 rc = write_cond_av_list_to_cil(out, pdb, cond->false_list, 2); in write_cond_nodes_to_cil()
2126 static int write_role_decl_rules_to_cil(FILE *out, struct policydb *pdb) in write_role_decl_rules_to_cil() argument
2136 rc = strs_init(&strs, pdb->p_roles.nprim); in write_role_decl_rules_to_cil()
2141 for (i=0; i < pdb->p_roles.nprim; i++) { in write_role_decl_rules_to_cil()
2142 role = pdb->role_val_to_struct[i]; in write_role_decl_rules_to_cil()
2144 rc = strs_add(strs, pdb->p_role_val_to_name[i]); in write_role_decl_rules_to_cil()
2168 role = hashtab_search(pdb->p_roles.table, child); in write_role_decl_rules_to_cil()
2175 parent = pdb->p_role_val_to_name[role->bounds - 1]; in write_role_decl_rules_to_cil()
2185 role = hashtab_search(pdb->p_roles.table, name); in write_role_decl_rules_to_cil()
2192 rc = strs_init(&type_strs, pdb->p_types.nprim); in write_role_decl_rules_to_cil()
2196 rc = ebitmap_to_strs(types, type_strs, pdb->p_type_val_to_name); in write_role_decl_rules_to_cil()
2214 rc = strs_init(&strs, pdb->p_types.nprim); in write_role_decl_rules_to_cil()
2219 for (i=0; i < pdb->p_types.nprim; i++) { in write_role_decl_rules_to_cil()
2220 type_datum = pdb->type_val_to_struct[i]; in write_role_decl_rules_to_cil()
2222 rc = strs_add(strs, pdb->p_type_val_to_name[i]); in write_role_decl_rules_to_cil()
2251 static int write_role_transition_rules_to_cil(FILE *out, struct policydb *pdb) in write_role_transition_rules_to_cil() argument
2253 role_trans_t *curr = pdb->role_tr; in write_role_transition_rules_to_cil()
2264 role = pdb->p_role_val_to_name[curr->role - 1]; in write_role_transition_rules_to_cil()
2265 type = pdb->p_type_val_to_name[curr->type - 1]; in write_role_transition_rules_to_cil()
2266 class = pdb->p_class_val_to_name[curr->tclass - 1]; in write_role_transition_rules_to_cil()
2267 new = pdb->p_role_val_to_name[curr->new_role - 1]; in write_role_transition_rules_to_cil()
2292 static int write_role_allow_rules_to_cil(FILE *out, struct policydb *pdb) in write_role_allow_rules_to_cil() argument
2294 role_allow_t *curr = pdb->role_allow; in write_role_allow_rules_to_cil()
2305 role = pdb->p_role_val_to_name[curr->role - 1]; in write_role_allow_rules_to_cil()
2306 new = pdb->p_role_val_to_name[curr->new_role - 1]; in write_role_allow_rules_to_cil()
2330 static int write_user_decl_rules_to_cil(FILE *out, struct policydb *pdb) in write_user_decl_rules_to_cil() argument
2339 rc = strs_init(&strs, pdb->p_users.nprim); in write_user_decl_rules_to_cil()
2344 for (i=0; i < pdb->p_users.nprim; i++) { in write_user_decl_rules_to_cil()
2345 rc = strs_add(strs, pdb->p_user_val_to_name[i]); in write_user_decl_rules_to_cil()
2369 user = hashtab_search(pdb->p_users.table, name); in write_user_decl_rules_to_cil()
2377 rc = strs_init(&role_strs, pdb->p_roles.nprim); in write_user_decl_rules_to_cil()
2381 rc = ebitmap_to_strs(roles, role_strs, pdb->p_role_val_to_name); in write_user_decl_rules_to_cil()
2410 user = hashtab_search(pdb->p_users.table, name); in write_user_decl_rules_to_cil()
2418 if (pdb->mls) { in write_user_decl_rules_to_cil()
2419 level = level_to_str(pdb, &user->exp_dfltlevel); in write_user_decl_rules_to_cil()
2438 user = hashtab_search(pdb->p_users.table, name); in write_user_decl_rules_to_cil()
2445 if (pdb->mls) { in write_user_decl_rules_to_cil()
2446 range = range_to_str(pdb, &user->exp_range); in write_user_decl_rules_to_cil()
2469 static char *context_to_str(struct policydb *pdb, struct context_struct *con) in context_to_str() argument
2474 user = pdb->p_user_val_to_name[con->user - 1]; in context_to_str()
2475 role = pdb->p_role_val_to_name[con->role - 1]; in context_to_str()
2476 type = pdb->p_type_val_to_name[con->type - 1]; in context_to_str()
2478 if (pdb->mls) { in context_to_str()
2479 range = range_to_str(pdb, &con->range); in context_to_str()
2494 static int write_sid_context_rules_to_cil(FILE *out, struct policydb *pdb, const char *const *sid_t… in write_sid_context_rules_to_cil() argument
2509 for (isid = pdb->ocontexts[0]; isid != NULL; isid = isid->next) { in write_sid_context_rules_to_cil()
2518 ctx = context_to_str(pdb, &isid->context[0]); in write_sid_context_rules_to_cil()
2551 static int write_selinux_isid_rules_to_cil(FILE *out, struct policydb *pdb) in write_selinux_isid_rules_to_cil() argument
2553 return write_sid_context_rules_to_cil(out, pdb, selinux_sid_to_str, in write_selinux_isid_rules_to_cil()
2557 static int write_selinux_fsuse_rules_to_cil(FILE *out, struct policydb *pdb) in write_selinux_fsuse_rules_to_cil() argument
2564 for (fsuse = pdb->ocontexts[5]; fsuse != NULL; fsuse = fsuse->next) { in write_selinux_fsuse_rules_to_cil()
2576 ctx = context_to_str(pdb, &fsuse->context[0]); in write_selinux_fsuse_rules_to_cil()
2595 static int write_genfscon_rules_to_cil(FILE *out, struct policydb *pdb) in write_genfscon_rules_to_cil() argument
2608 for (genfs = pdb->genfs; genfs != NULL; genfs = genfs->next) { in write_genfscon_rules_to_cil()
2613 ctx = context_to_str(pdb, &ocon->context[0]); in write_genfscon_rules_to_cil()
2642 static int write_selinux_port_rules_to_cil(FILE *out, struct policydb *pdb) in write_selinux_port_rules_to_cil() argument
2652 for (portcon = pdb->ocontexts[2]; portcon != NULL; portcon = portcon->next) { in write_selinux_port_rules_to_cil()
2676 ctx = context_to_str(pdb, &portcon->context[0]); in write_selinux_port_rules_to_cil()
2697 static int write_selinux_netif_rules_to_cil(FILE *out, struct policydb *pdb) in write_selinux_netif_rules_to_cil() argument
2703 for (netif = pdb->ocontexts[3]; netif != NULL; netif = netif->next) { in write_selinux_netif_rules_to_cil()
2705 ctx1 = context_to_str(pdb, &netif->context[0]); in write_selinux_netif_rules_to_cil()
2710 ctx2 = context_to_str(pdb, &netif->context[1]); in write_selinux_netif_rules_to_cil()
2731 static int write_selinux_node_rules_to_cil(FILE *out, struct policydb *pdb) in write_selinux_node_rules_to_cil() argument
2739 for (node = pdb->ocontexts[4]; node != NULL; node = node->next) { in write_selinux_node_rules_to_cil()
2752 ctx = context_to_str(pdb, &node->context[0]); in write_selinux_node_rules_to_cil()
2771 static int write_selinux_node6_rules_to_cil(FILE *out, struct policydb *pdb) in write_selinux_node6_rules_to_cil() argument
2779 for (node = pdb->ocontexts[6]; node != NULL; node = node->next) { in write_selinux_node6_rules_to_cil()
2792 ctx = context_to_str(pdb, &node->context[0]); in write_selinux_node6_rules_to_cil()
2811 static int write_selinux_ibpkey_rules_to_cil(FILE *out, struct policydb *pdb) in write_selinux_ibpkey_rules_to_cil() argument
2822 for (ibpkeycon = pdb->ocontexts[OCON_IBPKEY]; ibpkeycon != NULL; in write_selinux_ibpkey_rules_to_cil()
2847 ctx = context_to_str(pdb, &ibpkeycon->context[0]); in write_selinux_ibpkey_rules_to_cil()
2868 static int write_selinux_ibendport_rules_to_cil(FILE *out, struct policydb *pdb) in write_selinux_ibendport_rules_to_cil() argument
2875 for (ibendportcon = pdb->ocontexts[OCON_IBENDPORT]; in write_selinux_ibendport_rules_to_cil()
2883 ctx = context_to_str(pdb, &ibendportcon->context[0]); in write_selinux_ibendport_rules_to_cil()
2905 static int write_xen_isid_rules_to_cil(FILE *out, struct policydb *pdb) in write_xen_isid_rules_to_cil() argument
2907 return write_sid_context_rules_to_cil(out, pdb, xen_sid_to_str, XEN_SID_SZ); in write_xen_isid_rules_to_cil()
2910 static int write_xen_pirq_rules_to_cil(FILE *out, struct policydb *pdb) in write_xen_pirq_rules_to_cil() argument
2917 for (pirq = pdb->ocontexts[1]; pirq != NULL; pirq = pirq->next) { in write_xen_pirq_rules_to_cil()
2924 ctx = context_to_str(pdb, &pirq->context[0]); in write_xen_pirq_rules_to_cil()
2945 static int write_xen_ioport_rules_to_cil(FILE *out, struct policydb *pdb) in write_xen_ioport_rules_to_cil() argument
2954 for (ioport = pdb->ocontexts[2]; ioport != NULL; ioport = ioport->next) { in write_xen_ioport_rules_to_cil()
2967 ctx = context_to_str(pdb, &ioport->context[0]); in write_xen_ioport_rules_to_cil()
2988 static int write_xen_iomem_rules_to_cil(FILE *out, struct policydb *pdb) in write_xen_iomem_rules_to_cil() argument
2997 for (iomem = pdb->ocontexts[3]; iomem != NULL; iomem = iomem->next) { in write_xen_iomem_rules_to_cil()
3010 ctx = context_to_str(pdb, &iomem->context[0]); in write_xen_iomem_rules_to_cil()
3031 static int write_xen_pcidevice_rules_to_cil(FILE *out, struct policydb *pdb) in write_xen_pcidevice_rules_to_cil() argument
3038 for (pcid = pdb->ocontexts[4]; pcid != NULL; pcid = pcid->next) { in write_xen_pcidevice_rules_to_cil()
3045 ctx = context_to_str(pdb, &pcid->context[0]); in write_xen_pcidevice_rules_to_cil()
3066 static int write_xen_devicetree_rules_to_cil(FILE *out, struct policydb *pdb) in write_xen_devicetree_rules_to_cil() argument
3072 for (dtree = pdb->ocontexts[5]; dtree != NULL; dtree = dtree->next) { in write_xen_devicetree_rules_to_cil()
3074 ctx = context_to_str(pdb, &dtree->context[0]); in write_xen_devicetree_rules_to_cil()
3093 int sepol_kernel_policydb_to_cil(FILE *out, struct policydb *pdb) in sepol_kernel_policydb_to_cil() argument
3121 if (pdb == NULL) { in sepol_kernel_policydb_to_cil()
3127 if (pdb->policy_type != SEPOL_POLICY_KERN) { in sepol_kernel_policydb_to_cil()
3133 rc = constraint_rules_to_strs(pdb, mls_constraints, non_mls_constraints); in sepol_kernel_policydb_to_cil()
3138 rc = validatetrans_rules_to_strs(pdb, mls_validatetrans, non_mls_validatetrans); in sepol_kernel_policydb_to_cil()
3143 rc = write_handle_unknown_to_cil(out, pdb); in sepol_kernel_policydb_to_cil()
3148 rc = write_class_decl_rules_to_cil(out, pdb); in sepol_kernel_policydb_to_cil()
3153 rc = write_sid_decl_rules_to_cil(out, pdb); in sepol_kernel_policydb_to_cil()
3158 rc = write_default_rules_to_cil(out, pdb); in sepol_kernel_policydb_to_cil()
3163 rc = write_mls_rules_to_cil(out, pdb); in sepol_kernel_policydb_to_cil()
3171 rc = write_polcap_rules_to_cil(out, pdb); in sepol_kernel_policydb_to_cil()
3176 rc = write_type_attributes_to_cil(out, pdb); in sepol_kernel_policydb_to_cil()
3181 rc = write_role_attributes_to_cil(out, pdb); in sepol_kernel_policydb_to_cil()
3186 rc = write_boolean_decl_rules_to_cil(out, pdb); in sepol_kernel_policydb_to_cil()
3191 rc = write_type_decl_rules_to_cil(out, pdb); in sepol_kernel_policydb_to_cil()
3196 rc = write_type_alias_rules_to_cil(out, pdb); in sepol_kernel_policydb_to_cil()
3201 rc = write_type_bounds_rules_to_cil(out, pdb); in sepol_kernel_policydb_to_cil()
3206 rc = write_type_attribute_sets_to_cil(out, pdb); in sepol_kernel_policydb_to_cil()
3211 rc = write_type_permissive_rules_to_cil(out, pdb); in sepol_kernel_policydb_to_cil()
3216 rc = write_avtab_to_cil(out, pdb, 0); in sepol_kernel_policydb_to_cil()
3221 rc = write_filename_trans_rules_to_cil(out, pdb); in sepol_kernel_policydb_to_cil()
3226 if (pdb->mls) { in sepol_kernel_policydb_to_cil()
3227 rc = write_range_trans_rules_to_cil(out, pdb); in sepol_kernel_policydb_to_cil()
3233 rc = write_cond_nodes_to_cil(out, pdb); in sepol_kernel_policydb_to_cil()
3238 rc = write_role_decl_rules_to_cil(out, pdb); in sepol_kernel_policydb_to_cil()
3243 rc = write_role_transition_rules_to_cil(out, pdb); in sepol_kernel_policydb_to_cil()
3248 rc = write_role_allow_rules_to_cil(out, pdb); in sepol_kernel_policydb_to_cil()
3253 rc = write_user_decl_rules_to_cil(out, pdb); in sepol_kernel_policydb_to_cil()
3261 rc = sort_ocontexts(pdb); in sepol_kernel_policydb_to_cil()
3266 if (pdb->target_platform == SEPOL_TARGET_SELINUX) { in sepol_kernel_policydb_to_cil()
3267 rc = write_selinux_isid_rules_to_cil(out, pdb); in sepol_kernel_policydb_to_cil()
3272 rc = write_selinux_fsuse_rules_to_cil(out, pdb); in sepol_kernel_policydb_to_cil()
3277 rc = write_genfscon_rules_to_cil(out, pdb); in sepol_kernel_policydb_to_cil()
3282 rc = write_selinux_port_rules_to_cil(out, pdb); in sepol_kernel_policydb_to_cil()
3287 rc = write_selinux_netif_rules_to_cil(out, pdb); in sepol_kernel_policydb_to_cil()
3292 rc = write_selinux_node_rules_to_cil(out, pdb); in sepol_kernel_policydb_to_cil()
3297 rc = write_selinux_node6_rules_to_cil(out, pdb); in sepol_kernel_policydb_to_cil()
3302 rc = write_selinux_ibpkey_rules_to_cil(out, pdb); in sepol_kernel_policydb_to_cil()
3307 rc = write_selinux_ibendport_rules_to_cil(out, pdb); in sepol_kernel_policydb_to_cil()
3311 } else if (pdb->target_platform == SEPOL_TARGET_XEN) { in sepol_kernel_policydb_to_cil()
3312 rc = write_xen_isid_rules_to_cil(out, pdb); in sepol_kernel_policydb_to_cil()
3317 rc = write_xen_pirq_rules_to_cil(out, pdb); in sepol_kernel_policydb_to_cil()
3322 rc = write_xen_ioport_rules_to_cil(out, pdb); in sepol_kernel_policydb_to_cil()
3327 rc = write_xen_iomem_rules_to_cil(out, pdb); in sepol_kernel_policydb_to_cil()
3332 rc = write_xen_pcidevice_rules_to_cil(out, pdb); in sepol_kernel_policydb_to_cil()
3337 rc = write_xen_devicetree_rules_to_cil(out, pdb); in sepol_kernel_policydb_to_cil()