1 /*
2  * Copyright 2013 Tresys Technology, LLC. All rights reserved.
3  *
4  * Redistribution and use in source and binary forms, with or without
5  * modification, are permitted provided that the following conditions are met:
6  *
7  *    1. Redistributions of source code must retain the above copyright notice,
8  *       this list of conditions and the following disclaimer.
9  *
10  *    2. Redistributions in binary form must reproduce the above copyright notice,
11  *       this list of conditions and the following disclaimer in the documentation
12  *       and/or other materials provided with the distribution.
13  *
14  * THIS SOFTWARE IS PROVIDED BY TRESYS TECHNOLOGY, LLC ``AS IS'' AND ANY EXPRESS
15  * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
16  * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO
17  * EVENT SHALL TRESYS TECHNOLOGY, LLC OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
18  * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
19  * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
20  * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
21  * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
22  * OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
23  * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
24  *
25  * The views and conclusions contained in the software and documentation are those
26  * of the authors and should not be interpreted as representing official policies,
27  * either expressed or implied, of Tresys Technology, LLC.
28  */
29 
30 #ifndef CIL_FLAVOR_H_
31 #define CIL_FLAVOR_H_
32 
33 /*
34 	Tree/list node types
35 */
36 #define CIL_MIN_OP_OPERANDS 1000
37 #define CIL_MIN_DECLARATIVE 2000
38 
39 enum cil_flavor {
40 	CIL_NONE = 0,
41 	CIL_ROOT,
42 	CIL_NODE,
43 	CIL_STRING,
44 	CIL_DATUM,
45 	CIL_LIST,
46 	CIL_LIST_ITEM,
47 	CIL_PARAM,
48 	CIL_ARGS,
49 	CIL_BLOCKINHERIT,
50 	CIL_BLOCKABSTRACT,
51 	CIL_IN,
52 	CIL_CALL,
53 	CIL_BOOLEANIF,
54 	CIL_TUNABLEIF,
55 	CIL_CONDBLOCK,
56 	CIL_CONDTRUE,
57 	CIL_CONDFALSE,
58 	CIL_CLASSORDER,
59 	CIL_CLASSCOMMON,
60 	CIL_CLASSMAPPING,
61 	CIL_CLASSPERMS,
62 	CIL_CLASSPERMS_SET,
63 	CIL_CLASSPERMISSIONSET,
64 	CIL_USERPREFIX,
65 	CIL_USERROLE,
66 	CIL_USERATTRIBUTESET,
67 	CIL_USERLEVEL,
68 	CIL_USERRANGE,
69 	CIL_USERBOUNDS,
70 	CIL_SELINUXUSER,
71 	CIL_SELINUXUSERDEFAULT,
72 	CIL_ROLEATTRIBUTESET,
73 	CIL_ROLETYPE,
74 	CIL_ROLEBOUNDS,
75 	CIL_TYPEATTRIBUTESET,
76 	CIL_TYPEALIASACTUAL,
77 	CIL_TYPEBOUNDS,
78 	CIL_TYPEPERMISSIVE,
79 	CIL_SENSALIASACTUAL,
80 	CIL_SENSITIVITYORDER,
81 	CIL_SENSCAT,
82 	CIL_CATALIASACTUAL,
83 	CIL_CATORDER,
84 	CIL_SIDORDER,
85 	CIL_ROLEALLOW,
86 	CIL_AVRULE,
87 	CIL_AVRULEX,
88 	CIL_ROLETRANSITION,
89 	CIL_TYPE_RULE,
90 	CIL_NAMETYPETRANSITION,
91 	CIL_RANGETRANSITION,
92 	CIL_CONSTRAIN,
93 	CIL_MLSCONSTRAIN,
94 	CIL_VALIDATETRANS,
95 	CIL_MLSVALIDATETRANS,
96 	CIL_SIDCONTEXT,
97 	CIL_FSUSE,
98 	CIL_FILECON,
99 	CIL_PORTCON,
100 	CIL_NODECON,
101 	CIL_GENFSCON,
102 	CIL_NETIFCON,
103 	CIL_PIRQCON,
104 	CIL_IOMEMCON,
105 	CIL_IOPORTCON,
106 	CIL_PCIDEVICECON,
107 	CIL_DEVICETREECON,
108 	CIL_DEFAULTUSER,
109 	CIL_DEFAULTROLE,
110 	CIL_DEFAULTTYPE,
111 	CIL_DEFAULTRANGE,
112 	CIL_HANDLEUNKNOWN,
113 	CIL_MLS,
114 	CIL_SRC_INFO,
115 
116 /*
117  *          boolean  constraint  set  catset
118  *  dom                  X
119  *  domby                X
120  *  incomp               X
121  *  eq         X         X
122  *  ne         X         X
123  *  and        X         X        X    X
124  *  not        X         X        X    X
125  *  or         X         X        X    X
126  *  xor        X                  X    X
127  *  all                           X    X
128  *  range                              X
129 */
130 	CIL_OP = CIL_MIN_OP_OPERANDS,
131 	CIL_ALL,
132 	CIL_AND,
133 	CIL_OR,
134 	CIL_XOR,
135 	CIL_NOT,
136 	CIL_EQ,
137 	CIL_NEQ,
138 	CIL_RANGE,
139 	CIL_CONS_DOM,
140 	CIL_CONS_DOMBY,
141 	CIL_CONS_INCOMP,
142 	CIL_CONS_OPERAND,
143 	CIL_CONS_U1,
144 	CIL_CONS_U2,
145 	CIL_CONS_U3,
146 	CIL_CONS_T1,
147 	CIL_CONS_T2,
148 	CIL_CONS_T3,
149 	CIL_CONS_R1,
150 	CIL_CONS_R2,
151 	CIL_CONS_R3,
152 	CIL_CONS_L1,
153 	CIL_CONS_L2,
154 	CIL_CONS_H1,
155 	CIL_CONS_H2,
156 
157 	CIL_BLOCK = CIL_MIN_DECLARATIVE,
158 	CIL_MACRO,
159 	CIL_OPTIONAL,
160 	CIL_BOOL,
161 	CIL_TUNABLE,
162 	CIL_PERM,
163 	CIL_MAP_PERM,
164 	CIL_COMMON,
165 	CIL_CLASS,
166 	CIL_MAP_CLASS,
167 	CIL_CLASSPERMISSION,
168 	CIL_USER,
169 	CIL_USERATTRIBUTE,
170 	CIL_ROLE,
171 	CIL_ROLEATTRIBUTE,
172 	CIL_TYPE,
173 	CIL_TYPEATTRIBUTE,
174 	CIL_TYPEALIAS,
175 	CIL_SENS,
176 	CIL_SENSALIAS,
177 	CIL_CAT,
178 	CIL_CATSET,
179 	CIL_CATALIAS,
180 	CIL_LEVEL,
181 	CIL_LEVELRANGE,
182 	CIL_SID,
183 	CIL_NAME,
184 	CIL_CONTEXT,
185 	CIL_IPADDR,
186 	CIL_POLICYCAP,
187 	CIL_PERMISSIONX
188 };
189 
190 
191 #endif /* CIL_FLAVOR_H_ */
192