mirror of
https://github.com/SELinuxProject/setools
synced 2025-04-07 01:51:20 +00:00
Reduce diff size between files copied from checkpolicy and libqpol.
Try to make future updates easier.
This commit is contained in:
Chris PeBenito
parent
e70e670664
commit
e7f12a17d8
@ -307,7 +307,7 @@ role_datum_t *declare_role(unsigned char isattr)
|
|||||||
return dest_role; /* role already declared for this block */
|
return dest_role; /* role already declared for this block */
|
||||||
}
|
}
|
||||||
default:{
|
default:{
|
||||||
abort(); /* SETools - should never get here */
|
abort(); /* should never get here */
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -370,7 +370,7 @@ type_datum_t *declare_type(unsigned char primary, unsigned char isattr)
|
|||||||
return typdatum;
|
return typdatum;
|
||||||
}
|
}
|
||||||
default:{
|
default:{
|
||||||
abort(); /* SETools - should never get here */
|
abort(); /* should never get here */
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -506,7 +506,7 @@ user_datum_t *declare_user(void)
|
|||||||
return dest_user; /* user already declared for this block */
|
return dest_user; /* user already declared for this block */
|
||||||
}
|
}
|
||||||
default:{
|
default:{
|
||||||
abort(); /* SETools - should never get here */
|
abort(); /* should never get here */
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -811,7 +811,7 @@ int require_class(int pass)
|
|||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
default:{
|
default:{
|
||||||
abort(); /* SETools - should never get here */
|
abort(); /* should never get here */
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -924,7 +924,7 @@ static int require_role_or_attribute(int pass, unsigned char isattr)
|
|||||||
return 0; /* role already required */
|
return 0; /* role already required */
|
||||||
}
|
}
|
||||||
default:{
|
default:{
|
||||||
abort(); /* SETools - should never get here */
|
abort(); /* should never get here */
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -987,7 +987,7 @@ static int require_type_or_attribute(int pass, unsigned char isattr)
|
|||||||
return 0; /* type already required */
|
return 0; /* type already required */
|
||||||
}
|
}
|
||||||
default:{
|
default:{
|
||||||
abort(); /* SETools - should never get here */
|
abort(); /* should never get here */
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -1048,7 +1048,7 @@ int require_user(int pass)
|
|||||||
return 0; /* user already required */
|
return 0; /* user already required */
|
||||||
}
|
}
|
||||||
default:{
|
default:{
|
||||||
abort(); /* SETools - should never get here */
|
abort(); /* should never get here */
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -1099,7 +1099,7 @@ static int require_bool_tunable(int pass, int is_tunable)
|
|||||||
return 0; /* boolean already required */
|
return 0; /* boolean already required */
|
||||||
}
|
}
|
||||||
default:{
|
default:{
|
||||||
abort(); /* SETools - should never get here */
|
abort(); /* should never get here */
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -1172,7 +1172,7 @@ int require_sens(int pass)
|
|||||||
return 0; /* sensitivity already required */
|
return 0; /* sensitivity already required */
|
||||||
}
|
}
|
||||||
default:{
|
default:{
|
||||||
abort(); /* SETools - should never get here */
|
abort(); /* should never get here */
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -1225,7 +1225,7 @@ int require_cat(int pass)
|
|||||||
return 0; /* category already required */
|
return 0; /* category already required */
|
||||||
}
|
}
|
||||||
default:{
|
default:{
|
||||||
abort(); /* SETools - should never get here */
|
abort(); /* should never get here */
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@ -214,7 +214,7 @@ int define_class(void)
|
|||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
default:{
|
default:{
|
||||||
abort(); /* SETools - should never get here */
|
abort(); /* should never get here */
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
datum->s.value = value;
|
datum->s.value = value;
|
||||||
@ -788,7 +788,7 @@ int define_sens(void)
|
|||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
default:{
|
default:{
|
||||||
abort(); /* SETools - should never get here */
|
abort(); /* should never get here */
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -827,7 +827,7 @@ int define_sens(void)
|
|||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
default:{
|
default:{
|
||||||
abort(); /* SETools - should never get here */
|
abort(); /* should never get here */
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -957,7 +957,7 @@ int define_category(void)
|
|||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
default:{
|
default:{
|
||||||
abort(); /* SETools - should never get here */
|
abort(); /* should never get here */
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
datum->s.value = value;
|
datum->s.value = value;
|
||||||
@ -999,7 +999,7 @@ int define_category(void)
|
|||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
default:{
|
default:{
|
||||||
abort(); /* SETools - should never get here */
|
abort(); /* should never get here */
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -1216,7 +1216,7 @@ static int add_aliases_to_type(type_datum_t * type)
|
|||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
default:{
|
default:{
|
||||||
abort(); /* SETools - should never get here */
|
abort(); /* should never get here */
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -1727,7 +1727,7 @@ int define_bool_tunable(int is_tunable)
|
|||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
default:{
|
default:{
|
||||||
abort(); /* SETools - should never get here */
|
abort(); /* should never get here */
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
datum->s.value = value;
|
datum->s.value = value;
|
||||||
@ -1763,7 +1763,6 @@ avrule_t *define_cond_pol_list(avrule_t * avlist, avrule_t * sl)
|
|||||||
return sl;
|
return sl;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* START XPERM */
|
|
||||||
typedef struct av_ioctl_range {
|
typedef struct av_ioctl_range {
|
||||||
uint16_t low;
|
uint16_t low;
|
||||||
uint16_t high;
|
uint16_t high;
|
||||||
@ -1826,7 +1825,6 @@ error:
|
|||||||
int avrule_merge_ioctls(struct av_ioctl_range_list **rangehead)
|
int avrule_merge_ioctls(struct av_ioctl_range_list **rangehead)
|
||||||
{
|
{
|
||||||
struct av_ioctl_range_list *r, *tmp;
|
struct av_ioctl_range_list *r, *tmp;
|
||||||
|
|
||||||
r = *rangehead;
|
r = *rangehead;
|
||||||
while (r != NULL && r->next != NULL) {
|
while (r != NULL && r->next != NULL) {
|
||||||
/* merge */
|
/* merge */
|
||||||
@ -2061,8 +2059,7 @@ int define_te_avtab_xperms_helper(int which, avrule_t **rule)
|
|||||||
" for class %s", id,
|
" for class %s", id,
|
||||||
policydbp->p_class_val_to_name[i]);
|
policydbp->p_class_val_to_name[i]);
|
||||||
continue;
|
continue;
|
||||||
} else if (!is_perm_in_scope(id,
|
} else if (!is_perm_in_scope (id, policydbp->p_class_val_to_name[i])) {
|
||||||
policydbp->p_class_val_to_name[i])) {
|
|
||||||
yyerror2("permission %s of class %s is"
|
yyerror2("permission %s of class %s is"
|
||||||
" not within scope", id,
|
" not within scope", id,
|
||||||
policydbp->p_class_val_to_name[i]);
|
policydbp->p_class_val_to_name[i]);
|
||||||
@ -2094,8 +2091,7 @@ void avrule_xperm_setrangebits(uint16_t low, uint16_t high,
|
|||||||
{
|
{
|
||||||
unsigned int i;
|
unsigned int i;
|
||||||
uint16_t h = high + 1;
|
uint16_t h = high + 1;
|
||||||
/* for each u32 that this low-high range touches,
|
/* for each u32 that this low-high range touches, set driver permissions */
|
||||||
* set driver permissions */
|
|
||||||
for (i = XPERM_IDX(low); i <= XPERM_IDX(high); i++) {
|
for (i = XPERM_IDX(low); i <= XPERM_IDX(high); i++) {
|
||||||
/* set all bits in u32 */
|
/* set all bits in u32 */
|
||||||
if ((low <= XPERM_LOW(i)) && (high >= XPERM_HIGH(i)))
|
if ((low <= XPERM_LOW(i)) && (high >= XPERM_HIGH(i)))
|
||||||
@ -2177,7 +2173,6 @@ int avrule_ioctl_completedriver(struct av_ioctl_range_list *rangelist,
|
|||||||
struct av_ioctl_range_list *r;
|
struct av_ioctl_range_list *r;
|
||||||
av_extended_perms_t *xperms;
|
av_extended_perms_t *xperms;
|
||||||
uint16_t low, high;
|
uint16_t low, high;
|
||||||
|
|
||||||
xperms = calloc(1, sizeof(av_extended_perms_t));
|
xperms = calloc(1, sizeof(av_extended_perms_t));
|
||||||
if (!xperms) {
|
if (!xperms) {
|
||||||
yyerror("out of memory");
|
yyerror("out of memory");
|
||||||
@ -2187,8 +2182,7 @@ int avrule_ioctl_completedriver(struct av_ioctl_range_list *rangelist,
|
|||||||
r = rangelist;
|
r = rangelist;
|
||||||
while(r) {
|
while(r) {
|
||||||
/*
|
/*
|
||||||
* Any driver code that has sequence 0x00 - 0xff is a
|
* Any driver code that has sequence 0x00 - 0xff is a complete code,
|
||||||
* complete code,
|
|
||||||
*
|
*
|
||||||
* if command number = 0xff, then round high up to next code,
|
* if command number = 0xff, then round high up to next code,
|
||||||
* else 0x00 - 0xfe keep current code
|
* else 0x00 - 0xfe keep current code
|
||||||
@ -2196,8 +2190,7 @@ int avrule_ioctl_completedriver(struct av_ioctl_range_list *rangelist,
|
|||||||
* to account for possible rollover before right shift
|
* to account for possible rollover before right shift
|
||||||
*/
|
*/
|
||||||
high = IOC_DRIV((uint32_t) (r->range.high + 1));
|
high = IOC_DRIV((uint32_t) (r->range.high + 1));
|
||||||
/* if 0x00 keep current driver code else 0x01 - 0xff round up
|
/* if 0x00 keep current driver code else 0x01 - 0xff round up to next code*/
|
||||||
* to next code*/
|
|
||||||
low = IOC_DRIV(r->range.low);
|
low = IOC_DRIV(r->range.low);
|
||||||
if (IOC_FUNC(r->range.low))
|
if (IOC_FUNC(r->range.low))
|
||||||
low++;
|
low++;
|
||||||
@ -2269,7 +2262,6 @@ int avrule_ioctl_func(struct av_ioctl_range_list *rangelist,
|
|||||||
void avrule_ioctl_freeranges(struct av_ioctl_range_list *rangelist)
|
void avrule_ioctl_freeranges(struct av_ioctl_range_list *rangelist)
|
||||||
{
|
{
|
||||||
struct av_ioctl_range_list *r, *tmp;
|
struct av_ioctl_range_list *r, *tmp;
|
||||||
|
|
||||||
r = rangelist;
|
r = rangelist;
|
||||||
while (r) {
|
while (r) {
|
||||||
tmp = r;
|
tmp = r;
|
||||||
@ -2278,10 +2270,9 @@ void avrule_ioctl_freeranges(struct av_ioctl_range_list *rangelist)
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
unsigned int xperms_for_each_bit(unsigned int *bit,
|
unsigned int xperms_for_each_bit(unsigned int *bit, av_extended_perms_t *xperms)
|
||||||
av_extended_perms_t *xperms) {
|
{
|
||||||
unsigned int i;
|
unsigned int i;
|
||||||
|
|
||||||
for (i = *bit; i < sizeof(xperms->perms)*8; i++) {
|
for (i = *bit; i < sizeof(xperms->perms)*8; i++) {
|
||||||
if (xperm_test(i,xperms->perms)) {
|
if (xperm_test(i,xperms->perms)) {
|
||||||
xperm_clear(i, xperms->perms);
|
xperm_clear(i, xperms->perms);
|
||||||
@ -2296,7 +2287,6 @@ int avrule_cpy(avrule_t *dest, avrule_t *src)
|
|||||||
{
|
{
|
||||||
class_perm_node_t *src_perms;
|
class_perm_node_t *src_perms;
|
||||||
class_perm_node_t *dest_perms, *dest_tail;
|
class_perm_node_t *dest_perms, *dest_tail;
|
||||||
|
|
||||||
dest_tail = NULL;
|
dest_tail = NULL;
|
||||||
|
|
||||||
avrule_init(dest);
|
avrule_init(dest);
|
||||||
@ -2321,8 +2311,7 @@ int avrule_cpy(avrule_t *dest, avrule_t *src)
|
|||||||
/* increment through the class perms and copy over */
|
/* increment through the class perms and copy over */
|
||||||
src_perms = src->perms;
|
src_perms = src->perms;
|
||||||
while (src_perms) {
|
while (src_perms) {
|
||||||
dest_perms = (class_perm_node_t *) calloc
|
dest_perms = (class_perm_node_t *) calloc(1, sizeof(class_perm_node_t));
|
||||||
(1, sizeof(class_perm_node_t));
|
|
||||||
class_perm_node_init(dest_perms);
|
class_perm_node_init(dest_perms);
|
||||||
if (!dest_perms) {
|
if (!dest_perms) {
|
||||||
yyerror("out of memory");
|
yyerror("out of memory");
|
||||||
@ -2370,8 +2359,7 @@ int define_te_avtab_ioctl(avrule_t *avrule_template)
|
|||||||
}
|
}
|
||||||
|
|
||||||
/* flag ioctl driver codes that are partially enabled */
|
/* flag ioctl driver codes that are partially enabled */
|
||||||
if (avrule_ioctl_partialdriver(rangelist, complete_driver,
|
if (avrule_ioctl_partialdriver(rangelist, complete_driver, &partial_driver))
|
||||||
&partial_driver))
|
|
||||||
return -1;
|
return -1;
|
||||||
|
|
||||||
if (!partial_driver || !avrule_xperms_used(partial_driver))
|
if (!partial_driver || !avrule_xperms_used(partial_driver))
|
||||||
@ -2436,7 +2424,6 @@ int define_te_avtab_extended_perms(int which)
|
|||||||
}
|
}
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
/* END XPERMS */
|
|
||||||
|
|
||||||
int define_te_avtab_helper(int which, avrule_t ** rule)
|
int define_te_avtab_helper(int which, avrule_t ** rule)
|
||||||
{
|
{
|
||||||
@ -2934,7 +2921,7 @@ role_datum_t *define_role_dom(role_datum_t * r)
|
|||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
default:{
|
default:{
|
||||||
abort(); /* SETools - should never get here */
|
abort(); /* should never get here */
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if (ebitmap_set_bit(&role->dominates, role->s.value - 1, TRUE)) {
|
if (ebitmap_set_bit(&role->dominates, role->s.value - 1, TRUE)) {
|
||||||
@ -4897,6 +4884,7 @@ bad:
|
|||||||
return -1;
|
return -1;
|
||||||
#endif
|
#endif
|
||||||
}
|
}
|
||||||
|
|
||||||
int define_port_context(unsigned int low, unsigned int high)
|
int define_port_context(unsigned int low, unsigned int high)
|
||||||
{
|
{
|
||||||
ocontext_t *newc, *c, *l, *head;
|
ocontext_t *newc, *c, *l, *head;
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user