1 /* Author: Joshua Brindle <jbrindle@tresys.com>
2  *         Jason Tang     <jtang@tresys.com>
3  *         Ivan Gyurdiev  <ivg2@cornell.edu>
4  *
5  * Copyright (C) 2005 Tresys Technology, LLC
6  * Copyright (C) 2005 Red Hat Inc.
7  *
8  *  This library is free software; you can redistribute it and/or
9  *  modify it under the terms of the GNU Lesser General Public
10  *  License as published by the Free Software Foundation; either
11  *  version 2.1 of the License, or (at your option) any later version.
12  *
13  *  This library is distributed in the hope that it will be useful,
14  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
15  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
16  *  Lesser General Public License for more details.
17  *
18  *  You should have received a copy of the GNU Lesser General Public
19  *  License along with this library; if not, write to the Free Software
20  *  Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
21  */
22 
23 #ifndef _SEMANAGE_INTERNAL_HANDLE_H_
24 #define _SEMANAGE_INTERNAL_HANDLE_H_
25 
26 #include <stdint.h>
27 #include <stddef.h>
28 #include "handle_internal.h"
29 #include <sepol/handle.h>
30 #include "modules.h"
31 #include "semanage_conf.h"
32 #include "database.h"
33 #include "direct_api.h"
34 #include "policy.h"
35 
36 struct semanage_handle {
37 	int con_id;		/* Connection ID */
38 
39 	/* Error handling */
40 	int msg_level;
41 	const char *msg_channel;
42 	const char *msg_fname;
43 #ifdef __GNUC__
44 	__attribute__ ((format(printf, 3, 4)))
45 #endif
46 	void (*msg_callback) (void *varg,
47 			      semanage_handle_t * handle, const char *fmt, ...);
48 	void *msg_callback_arg;
49 
50 	/* Direct vs Server specific handle */
51 	union {
52 		struct semanage_direct_handle direct;
53 	} u;
54 
55 	/* Libsepol handle */
56 	sepol_handle_t *sepolh;
57 
58 	semanage_conf_t *conf;
59 
60 	uint16_t priority;
61 	int is_connected;
62 	int is_in_transaction;
63 	int do_reload;		/* whether to reload policy after commit */
64 	int do_rebuild;		/* whether to rebuild policy if there were no changes */
65 	int modules_modified;
66 	int create_store;	/* whether to create the store if it does not exist
67 				 * this will only have an effect on direct connections */
68 	int do_check_contexts;	/* whether to run setfiles check the file contexts file */
69 
70 	/* This timeout is used for transactions and waiting for lock
71 	   -1 means wait indefinetely
72 	   0 means return immediately
73 	   >0 means wait that many seconds */
74 	int timeout;
75 
76 	/* these function pointers will point to the appropriate
77 	 * routine given the connection type.  think of these as
78 	 * simulating polymorphism for non-OO languages. */
79 	struct semanage_policy_table *funcs;
80 
81 	/* Object databases */
82 #define DBASE_COUNT      24
83 
84 /* Local modifications */
85 #define DBASE_LOCAL_USERS_BASE  0
86 #define DBASE_LOCAL_USERS_EXTRA 1
87 #define DBASE_LOCAL_USERS       2
88 #define DBASE_LOCAL_PORTS       3
89 #define DBASE_LOCAL_INTERFACES  4
90 #define DBASE_LOCAL_BOOLEANS    5
91 #define DBASE_LOCAL_FCONTEXTS	6
92 #define DBASE_LOCAL_SEUSERS     7
93 #define DBASE_LOCAL_NODES       8
94 #define DBASE_LOCAL_IBPKEYS     9
95 #define DBASE_LOCAL_IBENDPORTS  10
96 
97 /* Policy + Local modifications */
98 #define DBASE_POLICY_USERS_BASE  11
99 #define DBASE_POLICY_USERS_EXTRA 12
100 #define DBASE_POLICY_USERS       13
101 #define DBASE_POLICY_PORTS       14
102 #define DBASE_POLICY_INTERFACES  15
103 #define DBASE_POLICY_BOOLEANS    16
104 #define DBASE_POLICY_FCONTEXTS   17
105 #define DBASE_POLICY_FCONTEXTS_H 18
106 #define DBASE_POLICY_SEUSERS     19
107 #define DBASE_POLICY_NODES       20
108 #define DBASE_POLICY_IBPKEYS     21
109 #define DBASE_POLICY_IBENDPORTS  22
110 
111 /* Active kernel policy */
112 #define DBASE_ACTIVE_BOOLEANS    23
113 	dbase_config_t dbase[DBASE_COUNT];
114 };
115 
116 /* === Local modifications === */
117 static inline
semanage_user_base_dbase_local(semanage_handle_t * handle)118     dbase_config_t * semanage_user_base_dbase_local(semanage_handle_t * handle)
119 {
120 	return &handle->dbase[DBASE_LOCAL_USERS_BASE];
121 }
122 
123 static inline
semanage_user_extra_dbase_local(semanage_handle_t * handle)124     dbase_config_t * semanage_user_extra_dbase_local(semanage_handle_t * handle)
125 {
126 	return &handle->dbase[DBASE_LOCAL_USERS_EXTRA];
127 }
128 
129 static inline
semanage_user_dbase_local(semanage_handle_t * handle)130     dbase_config_t * semanage_user_dbase_local(semanage_handle_t * handle)
131 {
132 	return &handle->dbase[DBASE_LOCAL_USERS];
133 }
134 
135 static inline
semanage_port_dbase_local(semanage_handle_t * handle)136     dbase_config_t * semanage_port_dbase_local(semanage_handle_t * handle)
137 {
138 	return &handle->dbase[DBASE_LOCAL_PORTS];
139 }
140 
141 static inline
semanage_ibpkey_dbase_local(semanage_handle_t * handle)142     dbase_config_t * semanage_ibpkey_dbase_local(semanage_handle_t * handle)
143 {
144 	return &handle->dbase[DBASE_LOCAL_IBPKEYS];
145 }
146 
147 static inline
semanage_ibendport_dbase_local(semanage_handle_t * handle)148     dbase_config_t * semanage_ibendport_dbase_local(semanage_handle_t * handle)
149 {
150 	return &handle->dbase[DBASE_LOCAL_IBENDPORTS];
151 }
152 
153 static inline
semanage_iface_dbase_local(semanage_handle_t * handle)154     dbase_config_t * semanage_iface_dbase_local(semanage_handle_t * handle)
155 {
156 	return &handle->dbase[DBASE_LOCAL_INTERFACES];
157 }
158 
159 static inline
semanage_bool_dbase_local(semanage_handle_t * handle)160     dbase_config_t * semanage_bool_dbase_local(semanage_handle_t * handle)
161 {
162 	return &handle->dbase[DBASE_LOCAL_BOOLEANS];
163 }
164 
165 static inline
semanage_fcontext_dbase_local(semanage_handle_t * handle)166     dbase_config_t * semanage_fcontext_dbase_local(semanage_handle_t * handle)
167 {
168 	return &handle->dbase[DBASE_LOCAL_FCONTEXTS];
169 }
170 
171 static inline
semanage_seuser_dbase_local(semanage_handle_t * handle)172     dbase_config_t * semanage_seuser_dbase_local(semanage_handle_t * handle)
173 {
174 	return &handle->dbase[DBASE_LOCAL_SEUSERS];
175 }
176 
177 static inline
semanage_node_dbase_local(semanage_handle_t * handle)178     dbase_config_t * semanage_node_dbase_local(semanage_handle_t * handle)
179 {
180 	return &handle->dbase[DBASE_LOCAL_NODES];
181 }
182 
183 /* === Policy + Local modifications === */
184 static inline
semanage_user_base_dbase_policy(semanage_handle_t * handle)185     dbase_config_t * semanage_user_base_dbase_policy(semanage_handle_t * handle)
186 {
187 	return &handle->dbase[DBASE_POLICY_USERS_BASE];
188 }
189 
190 static inline
semanage_user_extra_dbase_policy(semanage_handle_t * handle)191     dbase_config_t * semanage_user_extra_dbase_policy(semanage_handle_t *
192 						      handle)
193 {
194 	return &handle->dbase[DBASE_POLICY_USERS_EXTRA];
195 }
196 
197 static inline
semanage_user_dbase_policy(semanage_handle_t * handle)198     dbase_config_t * semanage_user_dbase_policy(semanage_handle_t * handle)
199 {
200 	return &handle->dbase[DBASE_POLICY_USERS];
201 }
202 
203 static inline
semanage_port_dbase_policy(semanage_handle_t * handle)204     dbase_config_t * semanage_port_dbase_policy(semanage_handle_t * handle)
205 {
206 	return &handle->dbase[DBASE_POLICY_PORTS];
207 }
208 
209 static inline
semanage_ibpkey_dbase_policy(semanage_handle_t * handle)210     dbase_config_t * semanage_ibpkey_dbase_policy(semanage_handle_t * handle)
211 {
212 	return &handle->dbase[DBASE_POLICY_IBPKEYS];
213 }
214 
215 static inline
semanage_ibendport_dbase_policy(semanage_handle_t * handle)216     dbase_config_t * semanage_ibendport_dbase_policy(semanage_handle_t * handle)
217 {
218 	return &handle->dbase[DBASE_POLICY_IBENDPORTS];
219 }
220 
221 static inline
semanage_iface_dbase_policy(semanage_handle_t * handle)222     dbase_config_t * semanage_iface_dbase_policy(semanage_handle_t * handle)
223 {
224 	return &handle->dbase[DBASE_POLICY_INTERFACES];
225 }
226 
227 static inline
semanage_bool_dbase_policy(semanage_handle_t * handle)228     dbase_config_t * semanage_bool_dbase_policy(semanage_handle_t * handle)
229 {
230 	return &handle->dbase[DBASE_POLICY_BOOLEANS];
231 }
232 
233 static inline
semanage_fcontext_dbase_policy(semanage_handle_t * handle)234     dbase_config_t * semanage_fcontext_dbase_policy(semanage_handle_t * handle)
235 {
236 	return &handle->dbase[DBASE_POLICY_FCONTEXTS];
237 }
238 
239 static inline
semanage_fcontext_dbase_homedirs(semanage_handle_t * handle)240     dbase_config_t * semanage_fcontext_dbase_homedirs(semanage_handle_t * handle)
241 {
242 	return &handle->dbase[DBASE_POLICY_FCONTEXTS_H];
243 }
244 
245 static inline
semanage_seuser_dbase_policy(semanage_handle_t * handle)246     dbase_config_t * semanage_seuser_dbase_policy(semanage_handle_t * handle)
247 {
248 	return &handle->dbase[DBASE_POLICY_SEUSERS];
249 }
250 
251 static inline
semanage_node_dbase_policy(semanage_handle_t * handle)252     dbase_config_t * semanage_node_dbase_policy(semanage_handle_t * handle)
253 {
254 	return &handle->dbase[DBASE_POLICY_NODES];
255 }
256 
257 /* === Active kernel policy === */
258 static inline
semanage_bool_dbase_active(semanage_handle_t * handle)259     dbase_config_t * semanage_bool_dbase_active(semanage_handle_t * handle)
260 {
261 	return &handle->dbase[DBASE_ACTIVE_BOOLEANS];
262 }
263 
264 #endif
265