93
89
int render_key(avtab_key_t *key, policydb_t *p, FILE *fp)
95
fprintf(fp, "%s %s : %s ", p->p_type_val_to_name[key->source_type - 1],
96
p->p_type_val_to_name[key->target_type - 1],
97
p->p_class_val_to_name[key->target_class - 1]);
91
char *stype, *ttype, *tclass;
92
stype = p->p_type_val_to_name[key->source_type - 1];
93
ttype = p->p_type_val_to_name[key->target_type - 1];
94
tclass = p->p_class_val_to_name[key->target_class - 1];
96
fprintf(fp, "%s %s : %s ", stype, ttype, tclass);
98
fprintf(fp, "%s %u : %s ", stype, key->target_type, tclass);
100
fprintf(fp, "%u %s : %s ", key->source_type, ttype, tclass);
102
fprintf(fp, "%u %u : %s ", key->source_type, key->target_type, tclass);
109
114
if(!(what & RENDER_UNCONDITIONAL)) {
110
115
if(what != RENDER_CONDITIONAL &&
111
(((what & RENDER_ENABLED) && !(datum->specified & AVTAB_ENABLED)) ||
112
((what & RENDER_DISABLED) && (datum->specified & AVTAB_ENABLED)))) {
116
(((what & RENDER_ENABLED) && !(key->specified & AVTAB_ENABLED)) ||
117
((what & RENDER_DISABLED) && (key->specified & AVTAB_ENABLED)))) {
113
118
return 0; /* doesn't match selection criteria */
117
122
if(!(what & RENDER_UNCONDITIONAL)) {
118
if(datum->specified & AVTAB_ENABLED)
123
if(key->specified & AVTAB_ENABLED)
119
124
fprintf(fp, "[enabled] ");
120
else if(!(datum->specified & AVTAB_ENABLED))
125
else if(!(key->specified & AVTAB_ENABLED))
121
126
fprintf(fp, "[disabled] ");
124
if( datum->specified & AVTAB_AV) {
125
if(datum->specified & AVTAB_ALLOWED) {
129
if( key->specified & AVTAB_AV) {
130
if(key->specified & AVTAB_ALLOWED) {
126
131
fprintf(fp, "allow ");
127
132
render_key(key, p, fp);
128
render_access_mask(avtab_allowed(datum),key, p, fp);
133
render_access_mask(datum->data,key, p, fp);
129
134
fprintf(fp, ";\n");
131
if(datum->specified & AVTAB_AUDITALLOW) {
136
if(key->specified & AVTAB_AUDITALLOW) {
132
137
fprintf(fp, "auditallow ");
133
138
render_key(key, p, fp);
134
render_access_mask(avtab_auditallow(datum),key, p, fp);
139
render_access_mask(datum->data,key, p, fp);
135
140
fprintf(fp, ";\n");
137
if(datum->specified & AVTAB_AUDITDENY) {
142
if(key->specified & AVTAB_AUDITDENY) {
138
143
fprintf(fp, "dontaudit ");
139
144
render_key(key, p, fp);
140
145
/* We inverse the mask for dontaudit since the mask is internally stored
141
146
* as a auditdeny mask */
142
render_access_mask(~avtab_auditdeny(datum),key, p, fp);
147
render_access_mask(~datum->data,key, p, fp);
143
148
fprintf(fp, ";\n");
146
else if( datum->specified & AVTAB_TYPE){
147
if(datum->specified & AVTAB_TRANSITION) {
151
else if( key->specified & AVTAB_TYPE){
152
if(key->specified & AVTAB_TRANSITION) {
148
153
fprintf(fp, "type_transition ");
149
154
render_key(key, p, fp);
150
render_type(avtab_transition(datum), p, fp);
155
render_type(datum->data, p, fp);
151
156
fprintf(fp, ";\n");
153
if(datum->specified & AVTAB_MEMBER) {
158
if(key->specified & AVTAB_MEMBER) {
154
159
fprintf(fp, "type_member ");
155
160
render_key(key, p, fp);
156
render_type(avtab_member(datum), p, fp);
161
render_type(datum->data, p, fp);
157
162
fprintf(fp, ";\n");
159
if(datum->specified & AVTAB_CHANGE) {
164
if(key->specified & AVTAB_CHANGE) {
160
165
fprintf(fp, "type_change ");
161
166
render_key(key, p, fp);
162
render_type(avtab_change(datum), p, fp);
167
render_type(datum->data, p, fp);
163
168
fprintf(fp, ";\n");
173
178
int display_avtab(avtab_t *a, uint32_t what, policydb_t *p, FILE *fp)
184
if (avtab_init(&expa))
186
if (expand_avtab(p, a, &expa)) {
187
avtab_destroy(&expa);
191
/* hmm...should have used avtab_map. */
178
192
for (i = 0; i < AVTAB_SIZE; i++) {
179
for (cur = a->htable[i]; cur; cur = cur->next) {
193
for (cur = expa.htable[i]; cur; cur = cur->next) {
180
194
render_av_rule(&cur->key, &cur->datum, what, p, fp);
197
avtab_destroy(&expa);
183
198
fprintf(fp, "\n");
201
fprintf(stderr, "out of memory\n");
187
205
int display_bools(policydb_t *p, FILE *fp)
232
250
int display_cond_expressions(policydb_t *p, FILE *fp)
234
252
cond_node_t *cur;
235
cond_av_list_t *av_cur;
253
cond_av_list_t *av_cur, *expl = NULL;
236
257
for (cur = p->cond_list; cur != NULL; cur = cur->next) {
237
258
fprintf(fp, "expression: ");
238
259
display_expr(p, cur->expr, fp);
239
260
fprintf(fp, "current state: %d\n", cur->cur_state);
240
261
fprintf(fp, "True list:\n");
241
for (av_cur = cur->true_list; av_cur != NULL; av_cur = av_cur->next) {
262
if (avtab_init(&expa))
264
if (expand_cond_av_list(p, cur->true_list, &expl, &expa)) {
265
avtab_destroy(&expa);
268
for (av_cur = expl; av_cur != NULL; av_cur = av_cur->next) {
242
269
fprintf(fp, "\t");
243
270
render_av_rule(&av_cur->node->key, &av_cur->node->datum,
244
271
RENDER_CONDITIONAL, p, fp);
273
cond_av_list_destroy(expl);
274
avtab_destroy(&expa);
246
275
fprintf(fp, "False list:\n");
247
for (av_cur = cur->false_list; av_cur != NULL; av_cur = av_cur->next) {
276
if (avtab_init(&expa))
278
if (expand_cond_av_list(p, cur->false_list, &expl, &expa)) {
279
avtab_destroy(&expa);
282
for (av_cur = expl; av_cur != NULL; av_cur = av_cur->next) {
248
283
fprintf(fp, "\t");
249
284
render_av_rule(&av_cur->node->key, &av_cur->node->datum,
250
285
RENDER_CONDITIONAL, p, fp);
287
cond_av_list_destroy(expl);
288
avtab_destroy(&expa);
293
fprintf(stderr, "out of memory\n");
256
297
int change_bool(char *name, int state, policydb_t *p, FILE *fp)