2 * Implementation of the policy database.
4 * Author : Stephen Smalley, <sds@epoch.ncsc.mil>
8 * Updated: Trusted Computer Solutions, Inc. <dgoeddel@trustedcs.com>
10 * Support for enhanced MLS infrastructure.
12 * Updated: Frank Mayer <mayerf@tresys.com> and Karl MacMillan <kmacmillan@tresys.com>
14 * Added conditional policy language extensions
16 * Updated: Hewlett-Packard <paul.moore@hp.com>
18 * Added support for the policy capability bitmap
20 * Copyright (C) 2007 Hewlett-Packard Development Company, L.P.
21 * Copyright (C) 2004-2005 Trusted Computer Solutions, Inc.
22 * Copyright (C) 2003 - 2004 Tresys Technology, LLC
23 * This program is free software; you can redistribute it and/or modify
24 * it under the terms of the GNU General Public License as published by
25 * the Free Software Foundation, version 2.
28 #include <linux/kernel.h>
29 #include <linux/sched.h>
30 #include <linux/slab.h>
31 #include <linux/string.h>
32 #include <linux/errno.h>
33 #include <linux/audit.h>
34 #include <linux/flex_array.h>
38 #include "conditional.h"
44 static const char *symtab_name
[SYM_NUM
] = {
56 static unsigned int symtab_sizes
[SYM_NUM
] = {
67 struct policydb_compat_info
{
73 /* These need to be updated if SYM_NUM or OCON_NUM changes */
74 static struct policydb_compat_info policydb_compat
[] = {
76 .version
= POLICYDB_VERSION_BASE
,
77 .sym_num
= SYM_NUM
- 3,
78 .ocon_num
= OCON_NUM
- 1,
81 .version
= POLICYDB_VERSION_BOOL
,
82 .sym_num
= SYM_NUM
- 2,
83 .ocon_num
= OCON_NUM
- 1,
86 .version
= POLICYDB_VERSION_IPV6
,
87 .sym_num
= SYM_NUM
- 2,
91 .version
= POLICYDB_VERSION_NLCLASS
,
92 .sym_num
= SYM_NUM
- 2,
96 .version
= POLICYDB_VERSION_MLS
,
101 .version
= POLICYDB_VERSION_AVTAB
,
103 .ocon_num
= OCON_NUM
,
106 .version
= POLICYDB_VERSION_RANGETRANS
,
108 .ocon_num
= OCON_NUM
,
111 .version
= POLICYDB_VERSION_POLCAP
,
113 .ocon_num
= OCON_NUM
,
116 .version
= POLICYDB_VERSION_PERMISSIVE
,
118 .ocon_num
= OCON_NUM
,
121 .version
= POLICYDB_VERSION_BOUNDARY
,
123 .ocon_num
= OCON_NUM
,
127 static struct policydb_compat_info
*policydb_lookup_compat(int version
)
130 struct policydb_compat_info
*info
= NULL
;
132 for (i
= 0; i
< ARRAY_SIZE(policydb_compat
); i
++) {
133 if (policydb_compat
[i
].version
== version
) {
134 info
= &policydb_compat
[i
];
142 * Initialize the role table.
144 static int roles_init(struct policydb
*p
)
148 struct role_datum
*role
;
150 role
= kzalloc(sizeof(*role
), GFP_KERNEL
);
155 role
->value
= ++p
->p_roles
.nprim
;
156 if (role
->value
!= OBJECT_R_VAL
) {
160 key
= kstrdup(OBJECT_R
, GFP_KERNEL
);
165 rc
= hashtab_insert(p
->p_roles
.table
, key
, role
);
178 static u32
rangetr_hash(struct hashtab
*h
, const void *k
)
180 const struct range_trans
*key
= k
;
181 return (key
->source_type
+ (key
->target_type
<< 3) +
182 (key
->target_class
<< 5)) & (h
->size
- 1);
185 static int rangetr_cmp(struct hashtab
*h
, const void *k1
, const void *k2
)
187 const struct range_trans
*key1
= k1
, *key2
= k2
;
188 return (key1
->source_type
!= key2
->source_type
||
189 key1
->target_type
!= key2
->target_type
||
190 key1
->target_class
!= key2
->target_class
);
194 * Initialize a policy database structure.
196 static int policydb_init(struct policydb
*p
)
200 memset(p
, 0, sizeof(*p
));
202 for (i
= 0; i
< SYM_NUM
; i
++) {
203 rc
= symtab_init(&p
->symtab
[i
], symtab_sizes
[i
]);
205 goto out_free_symtab
;
208 rc
= avtab_init(&p
->te_avtab
);
210 goto out_free_symtab
;
214 goto out_free_symtab
;
216 rc
= cond_policydb_init(p
);
218 goto out_free_symtab
;
220 p
->range_tr
= hashtab_create(rangetr_hash
, rangetr_cmp
, 256);
222 goto out_free_symtab
;
224 ebitmap_init(&p
->policycaps
);
225 ebitmap_init(&p
->permissive_map
);
231 for (i
= 0; i
< SYM_NUM
; i
++)
232 hashtab_destroy(p
->symtab
[i
].table
);
237 * The following *_index functions are used to
238 * define the val_to_name and val_to_struct arrays
239 * in a policy database structure. The val_to_name
240 * arrays are used when converting security context
241 * structures into string representations. The
242 * val_to_struct arrays are used when the attributes
243 * of a class, role, or user are needed.
246 static int common_index(void *key
, void *datum
, void *datap
)
249 struct common_datum
*comdatum
;
253 if (!comdatum
->value
|| comdatum
->value
> p
->p_commons
.nprim
)
255 p
->p_common_val_to_name
[comdatum
->value
- 1] = key
;
259 static int class_index(void *key
, void *datum
, void *datap
)
262 struct class_datum
*cladatum
;
266 if (!cladatum
->value
|| cladatum
->value
> p
->p_classes
.nprim
)
268 p
->p_class_val_to_name
[cladatum
->value
- 1] = key
;
269 p
->class_val_to_struct
[cladatum
->value
- 1] = cladatum
;
273 static int role_index(void *key
, void *datum
, void *datap
)
276 struct role_datum
*role
;
281 || role
->value
> p
->p_roles
.nprim
282 || role
->bounds
> p
->p_roles
.nprim
)
284 p
->p_role_val_to_name
[role
->value
- 1] = key
;
285 p
->role_val_to_struct
[role
->value
- 1] = role
;
289 static int type_index(void *key
, void *datum
, void *datap
)
292 struct type_datum
*typdatum
;
297 if (typdatum
->primary
) {
299 || typdatum
->value
> p
->p_types
.nprim
300 || typdatum
->bounds
> p
->p_types
.nprim
)
302 p
->p_type_val_to_name
[typdatum
->value
- 1] = key
;
303 p
->type_val_to_struct
[typdatum
->value
- 1] = typdatum
;
309 static int user_index(void *key
, void *datum
, void *datap
)
312 struct user_datum
*usrdatum
;
317 || usrdatum
->value
> p
->p_users
.nprim
318 || usrdatum
->bounds
> p
->p_users
.nprim
)
320 p
->p_user_val_to_name
[usrdatum
->value
- 1] = key
;
321 p
->user_val_to_struct
[usrdatum
->value
- 1] = usrdatum
;
325 static int sens_index(void *key
, void *datum
, void *datap
)
328 struct level_datum
*levdatum
;
333 if (!levdatum
->isalias
) {
334 if (!levdatum
->level
->sens
||
335 levdatum
->level
->sens
> p
->p_levels
.nprim
)
337 p
->p_sens_val_to_name
[levdatum
->level
->sens
- 1] = key
;
343 static int cat_index(void *key
, void *datum
, void *datap
)
346 struct cat_datum
*catdatum
;
351 if (!catdatum
->isalias
) {
352 if (!catdatum
->value
|| catdatum
->value
> p
->p_cats
.nprim
)
354 p
->p_cat_val_to_name
[catdatum
->value
- 1] = key
;
360 static int (*index_f
[SYM_NUM
]) (void *key
, void *datum
, void *datap
) =
373 * Define the common val_to_name array and the class
374 * val_to_name and val_to_struct arrays in a policy
375 * database structure.
377 * Caller must clean up upon failure.
379 static int policydb_index_classes(struct policydb
*p
)
383 p
->p_common_val_to_name
=
384 kmalloc(p
->p_commons
.nprim
* sizeof(char *), GFP_KERNEL
);
385 if (!p
->p_common_val_to_name
) {
390 rc
= hashtab_map(p
->p_commons
.table
, common_index
, p
);
394 p
->class_val_to_struct
=
395 kmalloc(p
->p_classes
.nprim
* sizeof(*(p
->class_val_to_struct
)), GFP_KERNEL
);
396 if (!p
->class_val_to_struct
) {
401 p
->p_class_val_to_name
=
402 kmalloc(p
->p_classes
.nprim
* sizeof(char *), GFP_KERNEL
);
403 if (!p
->p_class_val_to_name
) {
408 rc
= hashtab_map(p
->p_classes
.table
, class_index
, p
);
414 static void symtab_hash_eval(struct symtab
*s
)
418 for (i
= 0; i
< SYM_NUM
; i
++) {
419 struct hashtab
*h
= s
[i
].table
;
420 struct hashtab_info info
;
422 hashtab_stat(h
, &info
);
423 printk(KERN_DEBUG
"SELinux: %s: %d entries and %d/%d buckets used, "
424 "longest chain length %d\n", symtab_name
[i
], h
->nel
,
425 info
.slots_used
, h
->size
, info
.max_chain_len
);
429 static void rangetr_hash_eval(struct hashtab
*h
)
431 struct hashtab_info info
;
433 hashtab_stat(h
, &info
);
434 printk(KERN_DEBUG
"SELinux: rangetr: %d entries and %d/%d buckets used, "
435 "longest chain length %d\n", h
->nel
,
436 info
.slots_used
, h
->size
, info
.max_chain_len
);
439 static inline void rangetr_hash_eval(struct hashtab
*h
)
445 * Define the other val_to_name and val_to_struct arrays
446 * in a policy database structure.
448 * Caller must clean up on failure.
450 static int policydb_index_others(struct policydb
*p
)
454 printk(KERN_DEBUG
"SELinux: %d users, %d roles, %d types, %d bools",
455 p
->p_users
.nprim
, p
->p_roles
.nprim
, p
->p_types
.nprim
, p
->p_bools
.nprim
);
457 printk(", %d sens, %d cats", p
->p_levels
.nprim
,
461 printk(KERN_DEBUG
"SELinux: %d classes, %d rules\n",
462 p
->p_classes
.nprim
, p
->te_avtab
.nel
);
465 avtab_hash_eval(&p
->te_avtab
, "rules");
466 symtab_hash_eval(p
->symtab
);
469 p
->role_val_to_struct
=
470 kmalloc(p
->p_roles
.nprim
* sizeof(*(p
->role_val_to_struct
)),
472 if (!p
->role_val_to_struct
) {
477 p
->user_val_to_struct
=
478 kmalloc(p
->p_users
.nprim
* sizeof(*(p
->user_val_to_struct
)),
480 if (!p
->user_val_to_struct
) {
485 p
->type_val_to_struct
=
486 kmalloc(p
->p_types
.nprim
* sizeof(*(p
->type_val_to_struct
)),
488 if (!p
->type_val_to_struct
) {
493 if (cond_init_bool_indexes(p
)) {
498 for (i
= SYM_ROLES
; i
< SYM_NUM
; i
++) {
499 p
->sym_val_to_name
[i
] =
500 kmalloc(p
->symtab
[i
].nprim
* sizeof(char *), GFP_KERNEL
);
501 if (!p
->sym_val_to_name
[i
]) {
505 rc
= hashtab_map(p
->symtab
[i
].table
, index_f
[i
], p
);
515 * The following *_destroy functions are used to
516 * free any memory allocated for each kind of
517 * symbol data in the policy database.
520 static int perm_destroy(void *key
, void *datum
, void *p
)
527 static int common_destroy(void *key
, void *datum
, void *p
)
529 struct common_datum
*comdatum
;
533 hashtab_map(comdatum
->permissions
.table
, perm_destroy
, NULL
);
534 hashtab_destroy(comdatum
->permissions
.table
);
539 static int cls_destroy(void *key
, void *datum
, void *p
)
541 struct class_datum
*cladatum
;
542 struct constraint_node
*constraint
, *ctemp
;
543 struct constraint_expr
*e
, *etmp
;
547 hashtab_map(cladatum
->permissions
.table
, perm_destroy
, NULL
);
548 hashtab_destroy(cladatum
->permissions
.table
);
549 constraint
= cladatum
->constraints
;
551 e
= constraint
->expr
;
553 ebitmap_destroy(&e
->names
);
559 constraint
= constraint
->next
;
563 constraint
= cladatum
->validatetrans
;
565 e
= constraint
->expr
;
567 ebitmap_destroy(&e
->names
);
573 constraint
= constraint
->next
;
577 kfree(cladatum
->comkey
);
582 static int role_destroy(void *key
, void *datum
, void *p
)
584 struct role_datum
*role
;
588 ebitmap_destroy(&role
->dominates
);
589 ebitmap_destroy(&role
->types
);
594 static int type_destroy(void *key
, void *datum
, void *p
)
601 static int user_destroy(void *key
, void *datum
, void *p
)
603 struct user_datum
*usrdatum
;
607 ebitmap_destroy(&usrdatum
->roles
);
608 ebitmap_destroy(&usrdatum
->range
.level
[0].cat
);
609 ebitmap_destroy(&usrdatum
->range
.level
[1].cat
);
610 ebitmap_destroy(&usrdatum
->dfltlevel
.cat
);
615 static int sens_destroy(void *key
, void *datum
, void *p
)
617 struct level_datum
*levdatum
;
621 ebitmap_destroy(&levdatum
->level
->cat
);
622 kfree(levdatum
->level
);
627 static int cat_destroy(void *key
, void *datum
, void *p
)
634 static int (*destroy_f
[SYM_NUM
]) (void *key
, void *datum
, void *datap
) =
646 static int range_tr_destroy(void *key
, void *datum
, void *p
)
648 struct mls_range
*rt
= datum
;
650 ebitmap_destroy(&rt
->level
[0].cat
);
651 ebitmap_destroy(&rt
->level
[1].cat
);
657 static void ocontext_destroy(struct ocontext
*c
, int i
)
662 context_destroy(&c
->context
[0]);
663 context_destroy(&c
->context
[1]);
664 if (i
== OCON_ISID
|| i
== OCON_FS
||
665 i
== OCON_NETIF
|| i
== OCON_FSUSE
)
671 * Free any memory allocated by a policy database structure.
673 void policydb_destroy(struct policydb
*p
)
675 struct ocontext
*c
, *ctmp
;
676 struct genfs
*g
, *gtmp
;
678 struct role_allow
*ra
, *lra
= NULL
;
679 struct role_trans
*tr
, *ltr
= NULL
;
681 for (i
= 0; i
< SYM_NUM
; i
++) {
683 hashtab_map(p
->symtab
[i
].table
, destroy_f
[i
], NULL
);
684 hashtab_destroy(p
->symtab
[i
].table
);
687 for (i
= 0; i
< SYM_NUM
; i
++)
688 kfree(p
->sym_val_to_name
[i
]);
690 kfree(p
->class_val_to_struct
);
691 kfree(p
->role_val_to_struct
);
692 kfree(p
->user_val_to_struct
);
693 kfree(p
->type_val_to_struct
);
695 avtab_destroy(&p
->te_avtab
);
697 for (i
= 0; i
< OCON_NUM
; i
++) {
703 ocontext_destroy(ctmp
, i
);
705 p
->ocontexts
[i
] = NULL
;
716 ocontext_destroy(ctmp
, OCON_FSUSE
);
724 cond_policydb_destroy(p
);
726 for (tr
= p
->role_tr
; tr
; tr
= tr
->next
) {
733 for (ra
= p
->role_allow
; ra
; ra
= ra
->next
) {
740 hashtab_map(p
->range_tr
, range_tr_destroy
, NULL
);
741 hashtab_destroy(p
->range_tr
);
743 if (p
->type_attr_map_array
) {
744 for (i
= 0; i
< p
->p_types
.nprim
; i
++) {
747 e
= flex_array_get(p
->type_attr_map_array
, i
);
752 flex_array_free(p
->type_attr_map_array
);
754 ebitmap_destroy(&p
->policycaps
);
755 ebitmap_destroy(&p
->permissive_map
);
761 * Load the initial SIDs specified in a policy database
762 * structure into a SID table.
764 int policydb_load_isids(struct policydb
*p
, struct sidtab
*s
)
766 struct ocontext
*head
, *c
;
771 printk(KERN_ERR
"SELinux: out of memory on SID table init\n");
775 head
= p
->ocontexts
[OCON_ISID
];
776 for (c
= head
; c
; c
= c
->next
) {
777 if (!c
->context
[0].user
) {
778 printk(KERN_ERR
"SELinux: SID %s was never "
779 "defined.\n", c
->u
.name
);
783 if (sidtab_insert(s
, c
->sid
[0], &c
->context
[0])) {
784 printk(KERN_ERR
"SELinux: unable to load initial "
785 "SID %s.\n", c
->u
.name
);
794 int policydb_class_isvalid(struct policydb
*p
, unsigned int class)
796 if (!class || class > p
->p_classes
.nprim
)
801 int policydb_role_isvalid(struct policydb
*p
, unsigned int role
)
803 if (!role
|| role
> p
->p_roles
.nprim
)
808 int policydb_type_isvalid(struct policydb
*p
, unsigned int type
)
810 if (!type
|| type
> p
->p_types
.nprim
)
816 * Return 1 if the fields in the security context
817 * structure `c' are valid. Return 0 otherwise.
819 int policydb_context_isvalid(struct policydb
*p
, struct context
*c
)
821 struct role_datum
*role
;
822 struct user_datum
*usrdatum
;
824 if (!c
->role
|| c
->role
> p
->p_roles
.nprim
)
827 if (!c
->user
|| c
->user
> p
->p_users
.nprim
)
830 if (!c
->type
|| c
->type
> p
->p_types
.nprim
)
833 if (c
->role
!= OBJECT_R_VAL
) {
835 * Role must be authorized for the type.
837 role
= p
->role_val_to_struct
[c
->role
- 1];
838 if (!ebitmap_get_bit(&role
->types
,
840 /* role may not be associated with type */
844 * User must be authorized for the role.
846 usrdatum
= p
->user_val_to_struct
[c
->user
- 1];
850 if (!ebitmap_get_bit(&usrdatum
->roles
,
852 /* user may not be associated with role */
856 if (!mls_context_isvalid(p
, c
))
863 * Read a MLS range structure from a policydb binary
864 * representation file.
866 static int mls_read_range_helper(struct mls_range
*r
, void *fp
)
872 rc
= next_entry(buf
, fp
, sizeof(u32
));
876 items
= le32_to_cpu(buf
[0]);
877 if (items
> ARRAY_SIZE(buf
)) {
878 printk(KERN_ERR
"SELinux: mls: range overflow\n");
882 rc
= next_entry(buf
, fp
, sizeof(u32
) * items
);
884 printk(KERN_ERR
"SELinux: mls: truncated range\n");
887 r
->level
[0].sens
= le32_to_cpu(buf
[0]);
889 r
->level
[1].sens
= le32_to_cpu(buf
[1]);
891 r
->level
[1].sens
= r
->level
[0].sens
;
893 rc
= ebitmap_read(&r
->level
[0].cat
, fp
);
895 printk(KERN_ERR
"SELinux: mls: error reading low "
900 rc
= ebitmap_read(&r
->level
[1].cat
, fp
);
902 printk(KERN_ERR
"SELinux: mls: error reading high "
907 rc
= ebitmap_cpy(&r
->level
[1].cat
, &r
->level
[0].cat
);
909 printk(KERN_ERR
"SELinux: mls: out of memory\n");
918 ebitmap_destroy(&r
->level
[0].cat
);
923 * Read and validate a security context structure
924 * from a policydb binary representation file.
926 static int context_read_and_validate(struct context
*c
,
933 rc
= next_entry(buf
, fp
, sizeof buf
);
935 printk(KERN_ERR
"SELinux: context truncated\n");
938 c
->user
= le32_to_cpu(buf
[0]);
939 c
->role
= le32_to_cpu(buf
[1]);
940 c
->type
= le32_to_cpu(buf
[2]);
941 if (p
->policyvers
>= POLICYDB_VERSION_MLS
) {
942 if (mls_read_range_helper(&c
->range
, fp
)) {
943 printk(KERN_ERR
"SELinux: error reading MLS range of "
950 if (!policydb_context_isvalid(p
, c
)) {
951 printk(KERN_ERR
"SELinux: invalid security context\n");
960 * The following *_read functions are used to
961 * read the symbol data from a policy database
962 * binary representation file.
965 static int perm_read(struct policydb
*p
, struct hashtab
*h
, void *fp
)
968 struct perm_datum
*perdatum
;
973 perdatum
= kzalloc(sizeof(*perdatum
), GFP_KERNEL
);
979 rc
= next_entry(buf
, fp
, sizeof buf
);
983 len
= le32_to_cpu(buf
[0]);
984 perdatum
->value
= le32_to_cpu(buf
[1]);
986 key
= kmalloc(len
+ 1, GFP_KERNEL
);
991 rc
= next_entry(key
, fp
, len
);
996 rc
= hashtab_insert(h
, key
, perdatum
);
1002 perm_destroy(key
, perdatum
, NULL
);
1006 static int common_read(struct policydb
*p
, struct hashtab
*h
, void *fp
)
1009 struct common_datum
*comdatum
;
1014 comdatum
= kzalloc(sizeof(*comdatum
), GFP_KERNEL
);
1020 rc
= next_entry(buf
, fp
, sizeof buf
);
1024 len
= le32_to_cpu(buf
[0]);
1025 comdatum
->value
= le32_to_cpu(buf
[1]);
1027 rc
= symtab_init(&comdatum
->permissions
, PERM_SYMTAB_SIZE
);
1030 comdatum
->permissions
.nprim
= le32_to_cpu(buf
[2]);
1031 nel
= le32_to_cpu(buf
[3]);
1033 key
= kmalloc(len
+ 1, GFP_KERNEL
);
1038 rc
= next_entry(key
, fp
, len
);
1043 for (i
= 0; i
< nel
; i
++) {
1044 rc
= perm_read(p
, comdatum
->permissions
.table
, fp
);
1049 rc
= hashtab_insert(h
, key
, comdatum
);
1055 common_destroy(key
, comdatum
, NULL
);
1059 static int read_cons_helper(struct constraint_node
**nodep
, int ncons
,
1060 int allowxtarget
, void *fp
)
1062 struct constraint_node
*c
, *lc
;
1063 struct constraint_expr
*e
, *le
;
1066 int rc
, i
, j
, depth
;
1069 for (i
= 0; i
< ncons
; i
++) {
1070 c
= kzalloc(sizeof(*c
), GFP_KERNEL
);
1079 rc
= next_entry(buf
, fp
, (sizeof(u32
) * 2));
1082 c
->permissions
= le32_to_cpu(buf
[0]);
1083 nexpr
= le32_to_cpu(buf
[1]);
1086 for (j
= 0; j
< nexpr
; j
++) {
1087 e
= kzalloc(sizeof(*e
), GFP_KERNEL
);
1096 rc
= next_entry(buf
, fp
, (sizeof(u32
) * 3));
1099 e
->expr_type
= le32_to_cpu(buf
[0]);
1100 e
->attr
= le32_to_cpu(buf
[1]);
1101 e
->op
= le32_to_cpu(buf
[2]);
1103 switch (e
->expr_type
) {
1115 if (depth
== (CEXPR_MAXDEPTH
- 1))
1120 if (!allowxtarget
&& (e
->attr
& CEXPR_XTARGET
))
1122 if (depth
== (CEXPR_MAXDEPTH
- 1))
1125 if (ebitmap_read(&e
->names
, fp
))
1141 static int class_read(struct policydb
*p
, struct hashtab
*h
, void *fp
)
1144 struct class_datum
*cladatum
;
1146 u32 len
, len2
, ncons
, nel
;
1149 cladatum
= kzalloc(sizeof(*cladatum
), GFP_KERNEL
);
1155 rc
= next_entry(buf
, fp
, sizeof(u32
)*6);
1159 len
= le32_to_cpu(buf
[0]);
1160 len2
= le32_to_cpu(buf
[1]);
1161 cladatum
->value
= le32_to_cpu(buf
[2]);
1163 rc
= symtab_init(&cladatum
->permissions
, PERM_SYMTAB_SIZE
);
1166 cladatum
->permissions
.nprim
= le32_to_cpu(buf
[3]);
1167 nel
= le32_to_cpu(buf
[4]);
1169 ncons
= le32_to_cpu(buf
[5]);
1171 key
= kmalloc(len
+ 1, GFP_KERNEL
);
1176 rc
= next_entry(key
, fp
, len
);
1182 cladatum
->comkey
= kmalloc(len2
+ 1, GFP_KERNEL
);
1183 if (!cladatum
->comkey
) {
1187 rc
= next_entry(cladatum
->comkey
, fp
, len2
);
1190 cladatum
->comkey
[len2
] = '\0';
1192 cladatum
->comdatum
= hashtab_search(p
->p_commons
.table
,
1194 if (!cladatum
->comdatum
) {
1195 printk(KERN_ERR
"SELinux: unknown common %s\n",
1201 for (i
= 0; i
< nel
; i
++) {
1202 rc
= perm_read(p
, cladatum
->permissions
.table
, fp
);
1207 rc
= read_cons_helper(&cladatum
->constraints
, ncons
, 0, fp
);
1211 if (p
->policyvers
>= POLICYDB_VERSION_VALIDATETRANS
) {
1212 /* grab the validatetrans rules */
1213 rc
= next_entry(buf
, fp
, sizeof(u32
));
1216 ncons
= le32_to_cpu(buf
[0]);
1217 rc
= read_cons_helper(&cladatum
->validatetrans
, ncons
, 1, fp
);
1222 rc
= hashtab_insert(h
, key
, cladatum
);
1230 cls_destroy(key
, cladatum
, NULL
);
1234 static int role_read(struct policydb
*p
, struct hashtab
*h
, void *fp
)
1237 struct role_datum
*role
;
1238 int rc
, to_read
= 2;
1242 role
= kzalloc(sizeof(*role
), GFP_KERNEL
);
1248 if (p
->policyvers
>= POLICYDB_VERSION_BOUNDARY
)
1251 rc
= next_entry(buf
, fp
, sizeof(buf
[0]) * to_read
);
1255 len
= le32_to_cpu(buf
[0]);
1256 role
->value
= le32_to_cpu(buf
[1]);
1257 if (p
->policyvers
>= POLICYDB_VERSION_BOUNDARY
)
1258 role
->bounds
= le32_to_cpu(buf
[2]);
1260 key
= kmalloc(len
+ 1, GFP_KERNEL
);
1265 rc
= next_entry(key
, fp
, len
);
1270 rc
= ebitmap_read(&role
->dominates
, fp
);
1274 rc
= ebitmap_read(&role
->types
, fp
);
1278 if (strcmp(key
, OBJECT_R
) == 0) {
1279 if (role
->value
!= OBJECT_R_VAL
) {
1280 printk(KERN_ERR
"SELinux: Role %s has wrong value %d\n",
1281 OBJECT_R
, role
->value
);
1289 rc
= hashtab_insert(h
, key
, role
);
1295 role_destroy(key
, role
, NULL
);
1299 static int type_read(struct policydb
*p
, struct hashtab
*h
, void *fp
)
1302 struct type_datum
*typdatum
;
1303 int rc
, to_read
= 3;
1307 typdatum
= kzalloc(sizeof(*typdatum
), GFP_KERNEL
);
1313 if (p
->policyvers
>= POLICYDB_VERSION_BOUNDARY
)
1316 rc
= next_entry(buf
, fp
, sizeof(buf
[0]) * to_read
);
1320 len
= le32_to_cpu(buf
[0]);
1321 typdatum
->value
= le32_to_cpu(buf
[1]);
1322 if (p
->policyvers
>= POLICYDB_VERSION_BOUNDARY
) {
1323 u32 prop
= le32_to_cpu(buf
[2]);
1325 if (prop
& TYPEDATUM_PROPERTY_PRIMARY
)
1326 typdatum
->primary
= 1;
1327 if (prop
& TYPEDATUM_PROPERTY_ATTRIBUTE
)
1328 typdatum
->attribute
= 1;
1330 typdatum
->bounds
= le32_to_cpu(buf
[3]);
1332 typdatum
->primary
= le32_to_cpu(buf
[2]);
1335 key
= kmalloc(len
+ 1, GFP_KERNEL
);
1340 rc
= next_entry(key
, fp
, len
);
1345 rc
= hashtab_insert(h
, key
, typdatum
);
1351 type_destroy(key
, typdatum
, NULL
);
1357 * Read a MLS level structure from a policydb binary
1358 * representation file.
1360 static int mls_read_level(struct mls_level
*lp
, void *fp
)
1365 memset(lp
, 0, sizeof(*lp
));
1367 rc
= next_entry(buf
, fp
, sizeof buf
);
1369 printk(KERN_ERR
"SELinux: mls: truncated level\n");
1372 lp
->sens
= le32_to_cpu(buf
[0]);
1374 if (ebitmap_read(&lp
->cat
, fp
)) {
1375 printk(KERN_ERR
"SELinux: mls: error reading level "
1386 static int user_read(struct policydb
*p
, struct hashtab
*h
, void *fp
)
1389 struct user_datum
*usrdatum
;
1390 int rc
, to_read
= 2;
1394 usrdatum
= kzalloc(sizeof(*usrdatum
), GFP_KERNEL
);
1400 if (p
->policyvers
>= POLICYDB_VERSION_BOUNDARY
)
1403 rc
= next_entry(buf
, fp
, sizeof(buf
[0]) * to_read
);
1407 len
= le32_to_cpu(buf
[0]);
1408 usrdatum
->value
= le32_to_cpu(buf
[1]);
1409 if (p
->policyvers
>= POLICYDB_VERSION_BOUNDARY
)
1410 usrdatum
->bounds
= le32_to_cpu(buf
[2]);
1412 key
= kmalloc(len
+ 1, GFP_KERNEL
);
1417 rc
= next_entry(key
, fp
, len
);
1422 rc
= ebitmap_read(&usrdatum
->roles
, fp
);
1426 if (p
->policyvers
>= POLICYDB_VERSION_MLS
) {
1427 rc
= mls_read_range_helper(&usrdatum
->range
, fp
);
1430 rc
= mls_read_level(&usrdatum
->dfltlevel
, fp
);
1435 rc
= hashtab_insert(h
, key
, usrdatum
);
1441 user_destroy(key
, usrdatum
, NULL
);
1445 static int sens_read(struct policydb
*p
, struct hashtab
*h
, void *fp
)
1448 struct level_datum
*levdatum
;
1453 levdatum
= kzalloc(sizeof(*levdatum
), GFP_ATOMIC
);
1459 rc
= next_entry(buf
, fp
, sizeof buf
);
1463 len
= le32_to_cpu(buf
[0]);
1464 levdatum
->isalias
= le32_to_cpu(buf
[1]);
1466 key
= kmalloc(len
+ 1, GFP_ATOMIC
);
1471 rc
= next_entry(key
, fp
, len
);
1476 levdatum
->level
= kmalloc(sizeof(struct mls_level
), GFP_ATOMIC
);
1477 if (!levdatum
->level
) {
1481 if (mls_read_level(levdatum
->level
, fp
)) {
1486 rc
= hashtab_insert(h
, key
, levdatum
);
1492 sens_destroy(key
, levdatum
, NULL
);
1496 static int cat_read(struct policydb
*p
, struct hashtab
*h
, void *fp
)
1499 struct cat_datum
*catdatum
;
1504 catdatum
= kzalloc(sizeof(*catdatum
), GFP_ATOMIC
);
1510 rc
= next_entry(buf
, fp
, sizeof buf
);
1514 len
= le32_to_cpu(buf
[0]);
1515 catdatum
->value
= le32_to_cpu(buf
[1]);
1516 catdatum
->isalias
= le32_to_cpu(buf
[2]);
1518 key
= kmalloc(len
+ 1, GFP_ATOMIC
);
1523 rc
= next_entry(key
, fp
, len
);
1528 rc
= hashtab_insert(h
, key
, catdatum
);
1535 cat_destroy(key
, catdatum
, NULL
);
1539 static int (*read_f
[SYM_NUM
]) (struct policydb
*p
, struct hashtab
*h
, void *fp
) =
1551 static int user_bounds_sanity_check(void *key
, void *datum
, void *datap
)
1553 struct user_datum
*upper
, *user
;
1554 struct policydb
*p
= datap
;
1557 upper
= user
= datum
;
1558 while (upper
->bounds
) {
1559 struct ebitmap_node
*node
;
1562 if (++depth
== POLICYDB_BOUNDS_MAXDEPTH
) {
1563 printk(KERN_ERR
"SELinux: user %s: "
1564 "too deep or looped boundary",
1569 upper
= p
->user_val_to_struct
[upper
->bounds
- 1];
1570 ebitmap_for_each_positive_bit(&user
->roles
, node
, bit
) {
1571 if (ebitmap_get_bit(&upper
->roles
, bit
))
1575 "SELinux: boundary violated policy: "
1576 "user=%s role=%s bounds=%s\n",
1577 p
->p_user_val_to_name
[user
->value
- 1],
1578 p
->p_role_val_to_name
[bit
],
1579 p
->p_user_val_to_name
[upper
->value
- 1]);
1588 static int role_bounds_sanity_check(void *key
, void *datum
, void *datap
)
1590 struct role_datum
*upper
, *role
;
1591 struct policydb
*p
= datap
;
1594 upper
= role
= datum
;
1595 while (upper
->bounds
) {
1596 struct ebitmap_node
*node
;
1599 if (++depth
== POLICYDB_BOUNDS_MAXDEPTH
) {
1600 printk(KERN_ERR
"SELinux: role %s: "
1601 "too deep or looped bounds\n",
1606 upper
= p
->role_val_to_struct
[upper
->bounds
- 1];
1607 ebitmap_for_each_positive_bit(&role
->types
, node
, bit
) {
1608 if (ebitmap_get_bit(&upper
->types
, bit
))
1612 "SELinux: boundary violated policy: "
1613 "role=%s type=%s bounds=%s\n",
1614 p
->p_role_val_to_name
[role
->value
- 1],
1615 p
->p_type_val_to_name
[bit
],
1616 p
->p_role_val_to_name
[upper
->value
- 1]);
1625 static int type_bounds_sanity_check(void *key
, void *datum
, void *datap
)
1627 struct type_datum
*upper
, *type
;
1628 struct policydb
*p
= datap
;
1631 upper
= type
= datum
;
1632 while (upper
->bounds
) {
1633 if (++depth
== POLICYDB_BOUNDS_MAXDEPTH
) {
1634 printk(KERN_ERR
"SELinux: type %s: "
1635 "too deep or looped boundary\n",
1640 upper
= p
->type_val_to_struct
[upper
->bounds
- 1];
1641 if (upper
->attribute
) {
1642 printk(KERN_ERR
"SELinux: type %s: "
1643 "bounded by attribute %s",
1645 p
->p_type_val_to_name
[upper
->value
- 1]);
1653 static int policydb_bounds_sanity_check(struct policydb
*p
)
1657 if (p
->policyvers
< POLICYDB_VERSION_BOUNDARY
)
1660 rc
= hashtab_map(p
->p_users
.table
,
1661 user_bounds_sanity_check
, p
);
1665 rc
= hashtab_map(p
->p_roles
.table
,
1666 role_bounds_sanity_check
, p
);
1670 rc
= hashtab_map(p
->p_types
.table
,
1671 type_bounds_sanity_check
, p
);
1678 extern int ss_initialized
;
1680 u16
string_to_security_class(struct policydb
*p
, const char *name
)
1682 struct class_datum
*cladatum
;
1684 cladatum
= hashtab_search(p
->p_classes
.table
, name
);
1688 return cladatum
->value
;
1691 u32
string_to_av_perm(struct policydb
*p
, u16 tclass
, const char *name
)
1693 struct class_datum
*cladatum
;
1694 struct perm_datum
*perdatum
= NULL
;
1695 struct common_datum
*comdatum
;
1697 if (!tclass
|| tclass
> p
->p_classes
.nprim
)
1700 cladatum
= p
->class_val_to_struct
[tclass
-1];
1701 comdatum
= cladatum
->comdatum
;
1703 perdatum
= hashtab_search(comdatum
->permissions
.table
,
1706 perdatum
= hashtab_search(cladatum
->permissions
.table
,
1711 return 1U << (perdatum
->value
-1);
1714 static int range_read(struct policydb
*p
, void *fp
)
1716 struct range_trans
*rt
= NULL
;
1717 struct mls_range
*r
= NULL
;
1722 if (p
->policyvers
< POLICYDB_VERSION_MLS
)
1725 rc
= next_entry(buf
, fp
, sizeof(u32
));
1729 nel
= le32_to_cpu(buf
[0]);
1730 for (i
= 0; i
< nel
; i
++) {
1732 rt
= kzalloc(sizeof(*rt
), GFP_KERNEL
);
1736 rc
= next_entry(buf
, fp
, (sizeof(u32
) * 2));
1740 rt
->source_type
= le32_to_cpu(buf
[0]);
1741 rt
->target_type
= le32_to_cpu(buf
[1]);
1742 if (p
->policyvers
>= POLICYDB_VERSION_RANGETRANS
) {
1743 rc
= next_entry(buf
, fp
, sizeof(u32
));
1746 rt
->target_class
= le32_to_cpu(buf
[0]);
1748 rt
->target_class
= p
->process_class
;
1751 if (!policydb_type_isvalid(p
, rt
->source_type
) ||
1752 !policydb_type_isvalid(p
, rt
->target_type
) ||
1753 !policydb_class_isvalid(p
, rt
->target_class
))
1757 r
= kzalloc(sizeof(*r
), GFP_KERNEL
);
1761 rc
= mls_read_range_helper(r
, fp
);
1766 if (!mls_range_isvalid(p
, r
)) {
1767 printk(KERN_WARNING
"SELinux: rangetrans: invalid range\n");
1771 rc
= hashtab_insert(p
->range_tr
, rt
, r
);
1778 rangetr_hash_eval(p
->range_tr
);
1786 static int genfs_read(struct policydb
*p
, void *fp
)
1789 u32 nel
, nel2
, len
, len2
;
1791 struct ocontext
*l
, *c
;
1792 struct ocontext
*newc
= NULL
;
1793 struct genfs
*genfs_p
, *genfs
;
1794 struct genfs
*newgenfs
= NULL
;
1796 rc
= next_entry(buf
, fp
, sizeof(u32
));
1799 nel
= le32_to_cpu(buf
[0]);
1801 for (i
= 0; i
< nel
; i
++) {
1802 rc
= next_entry(buf
, fp
, sizeof(u32
));
1805 len
= le32_to_cpu(buf
[0]);
1808 newgenfs
= kzalloc(sizeof(*newgenfs
), GFP_KERNEL
);
1813 newgenfs
->fstype
= kmalloc(len
+ 1, GFP_KERNEL
);
1814 if (!newgenfs
->fstype
)
1817 rc
= next_entry(newgenfs
->fstype
, fp
, len
);
1821 newgenfs
->fstype
[len
] = 0;
1823 for (genfs_p
= NULL
, genfs
= p
->genfs
; genfs
;
1824 genfs_p
= genfs
, genfs
= genfs
->next
) {
1826 if (strcmp(newgenfs
->fstype
, genfs
->fstype
) == 0) {
1827 printk(KERN_ERR
"SELinux: dup genfs fstype %s\n",
1831 if (strcmp(newgenfs
->fstype
, genfs
->fstype
) < 0)
1834 newgenfs
->next
= genfs
;
1836 genfs_p
->next
= newgenfs
;
1838 p
->genfs
= newgenfs
;
1842 rc
= next_entry(buf
, fp
, sizeof(u32
));
1846 nel2
= le32_to_cpu(buf
[0]);
1847 for (j
= 0; j
< nel2
; j
++) {
1848 rc
= next_entry(buf
, fp
, sizeof(u32
));
1851 len
= le32_to_cpu(buf
[0]);
1854 newc
= kzalloc(sizeof(*newc
), GFP_KERNEL
);
1859 newc
->u
.name
= kmalloc(len
+ 1, GFP_KERNEL
);
1863 rc
= next_entry(newc
->u
.name
, fp
, len
);
1866 newc
->u
.name
[len
] = 0;
1868 rc
= next_entry(buf
, fp
, sizeof(u32
));
1872 newc
->v
.sclass
= le32_to_cpu(buf
[0]);
1873 rc
= context_read_and_validate(&newc
->context
[0], p
, fp
);
1877 for (l
= NULL
, c
= genfs
->head
; c
;
1878 l
= c
, c
= c
->next
) {
1880 if (!strcmp(newc
->u
.name
, c
->u
.name
) &&
1881 (!c
->v
.sclass
|| !newc
->v
.sclass
||
1882 newc
->v
.sclass
== c
->v
.sclass
)) {
1883 printk(KERN_ERR
"SELinux: dup genfs entry (%s,%s)\n",
1884 genfs
->fstype
, c
->u
.name
);
1887 len
= strlen(newc
->u
.name
);
1888 len2
= strlen(c
->u
.name
);
1904 kfree(newgenfs
->fstype
);
1906 ocontext_destroy(newc
, OCON_FSUSE
);
1911 static int ocontext_read(struct policydb
*p
, struct policydb_compat_info
*info
,
1917 struct ocontext
*l
, *c
;
1920 for (i
= 0; i
< info
->ocon_num
; i
++) {
1921 rc
= next_entry(buf
, fp
, sizeof(u32
));
1924 nel
= le32_to_cpu(buf
[0]);
1927 for (j
= 0; j
< nel
; j
++) {
1929 c
= kzalloc(sizeof(*c
), GFP_KERNEL
);
1935 p
->ocontexts
[i
] = c
;
1940 rc
= next_entry(buf
, fp
, sizeof(u32
));
1944 c
->sid
[0] = le32_to_cpu(buf
[0]);
1945 rc
= context_read_and_validate(&c
->context
[0], p
, fp
);
1951 rc
= next_entry(buf
, fp
, sizeof(u32
));
1954 len
= le32_to_cpu(buf
[0]);
1957 c
->u
.name
= kmalloc(len
+ 1, GFP_KERNEL
);
1961 rc
= next_entry(c
->u
.name
, fp
, len
);
1966 rc
= context_read_and_validate(&c
->context
[0], p
, fp
);
1969 rc
= context_read_and_validate(&c
->context
[1], p
, fp
);
1974 rc
= next_entry(buf
, fp
, sizeof(u32
)*3);
1977 c
->u
.port
.protocol
= le32_to_cpu(buf
[0]);
1978 c
->u
.port
.low_port
= le32_to_cpu(buf
[1]);
1979 c
->u
.port
.high_port
= le32_to_cpu(buf
[2]);
1980 rc
= context_read_and_validate(&c
->context
[0], p
, fp
);
1985 rc
= next_entry(nodebuf
, fp
, sizeof(u32
) * 2);
1988 c
->u
.node
.addr
= nodebuf
[0]; /* network order */
1989 c
->u
.node
.mask
= nodebuf
[1]; /* network order */
1990 rc
= context_read_and_validate(&c
->context
[0], p
, fp
);
1995 rc
= next_entry(buf
, fp
, sizeof(u32
)*2);
2000 c
->v
.behavior
= le32_to_cpu(buf
[0]);
2001 if (c
->v
.behavior
> SECURITY_FS_USE_NONE
)
2005 len
= le32_to_cpu(buf
[1]);
2006 c
->u
.name
= kmalloc(len
+ 1, GFP_KERNEL
);
2010 rc
= next_entry(c
->u
.name
, fp
, len
);
2014 rc
= context_read_and_validate(&c
->context
[0], p
, fp
);
2021 rc
= next_entry(nodebuf
, fp
, sizeof(u32
) * 8);
2024 for (k
= 0; k
< 4; k
++)
2025 c
->u
.node6
.addr
[k
] = nodebuf
[k
];
2026 for (k
= 0; k
< 4; k
++)
2027 c
->u
.node6
.mask
[k
] = nodebuf
[k
+4];
2028 rc
= context_read_and_validate(&c
->context
[0], p
, fp
);
2042 * Read the configuration data from a policy database binary
2043 * representation file into a policy database structure.
2045 int policydb_read(struct policydb
*p
, void *fp
)
2047 struct role_allow
*ra
, *lra
;
2048 struct role_trans
*tr
, *ltr
;
2051 u32 len
, nprim
, nel
;
2054 struct policydb_compat_info
*info
;
2056 rc
= policydb_init(p
);
2060 /* Read the magic number and string length. */
2061 rc
= next_entry(buf
, fp
, sizeof(u32
) * 2);
2065 if (le32_to_cpu(buf
[0]) != POLICYDB_MAGIC
) {
2066 printk(KERN_ERR
"SELinux: policydb magic number 0x%x does "
2067 "not match expected magic number 0x%x\n",
2068 le32_to_cpu(buf
[0]), POLICYDB_MAGIC
);
2072 len
= le32_to_cpu(buf
[1]);
2073 if (len
!= strlen(POLICYDB_STRING
)) {
2074 printk(KERN_ERR
"SELinux: policydb string length %d does not "
2075 "match expected length %Zu\n",
2076 len
, strlen(POLICYDB_STRING
));
2079 policydb_str
= kmalloc(len
+ 1, GFP_KERNEL
);
2080 if (!policydb_str
) {
2081 printk(KERN_ERR
"SELinux: unable to allocate memory for policydb "
2082 "string of length %d\n", len
);
2086 rc
= next_entry(policydb_str
, fp
, len
);
2088 printk(KERN_ERR
"SELinux: truncated policydb string identifier\n");
2089 kfree(policydb_str
);
2092 policydb_str
[len
] = '\0';
2093 if (strcmp(policydb_str
, POLICYDB_STRING
)) {
2094 printk(KERN_ERR
"SELinux: policydb string %s does not match "
2095 "my string %s\n", policydb_str
, POLICYDB_STRING
);
2096 kfree(policydb_str
);
2099 /* Done with policydb_str. */
2100 kfree(policydb_str
);
2101 policydb_str
= NULL
;
2103 /* Read the version and table sizes. */
2104 rc
= next_entry(buf
, fp
, sizeof(u32
)*4);
2108 p
->policyvers
= le32_to_cpu(buf
[0]);
2109 if (p
->policyvers
< POLICYDB_VERSION_MIN
||
2110 p
->policyvers
> POLICYDB_VERSION_MAX
) {
2111 printk(KERN_ERR
"SELinux: policydb version %d does not match "
2112 "my version range %d-%d\n",
2113 le32_to_cpu(buf
[0]), POLICYDB_VERSION_MIN
, POLICYDB_VERSION_MAX
);
2117 if ((le32_to_cpu(buf
[1]) & POLICYDB_CONFIG_MLS
)) {
2120 if (p
->policyvers
< POLICYDB_VERSION_MLS
) {
2121 printk(KERN_ERR
"SELinux: security policydb version %d "
2122 "(MLS) not backwards compatible\n",
2127 p
->reject_unknown
= !!(le32_to_cpu(buf
[1]) & REJECT_UNKNOWN
);
2128 p
->allow_unknown
= !!(le32_to_cpu(buf
[1]) & ALLOW_UNKNOWN
);
2130 if (p
->policyvers
>= POLICYDB_VERSION_POLCAP
&&
2131 ebitmap_read(&p
->policycaps
, fp
) != 0)
2134 if (p
->policyvers
>= POLICYDB_VERSION_PERMISSIVE
&&
2135 ebitmap_read(&p
->permissive_map
, fp
) != 0)
2138 info
= policydb_lookup_compat(p
->policyvers
);
2140 printk(KERN_ERR
"SELinux: unable to find policy compat info "
2141 "for version %d\n", p
->policyvers
);
2145 if (le32_to_cpu(buf
[2]) != info
->sym_num
||
2146 le32_to_cpu(buf
[3]) != info
->ocon_num
) {
2147 printk(KERN_ERR
"SELinux: policydb table sizes (%d,%d) do "
2148 "not match mine (%d,%d)\n", le32_to_cpu(buf
[2]),
2149 le32_to_cpu(buf
[3]),
2150 info
->sym_num
, info
->ocon_num
);
2154 for (i
= 0; i
< info
->sym_num
; i
++) {
2155 rc
= next_entry(buf
, fp
, sizeof(u32
)*2);
2158 nprim
= le32_to_cpu(buf
[0]);
2159 nel
= le32_to_cpu(buf
[1]);
2160 for (j
= 0; j
< nel
; j
++) {
2161 rc
= read_f
[i
](p
, p
->symtab
[i
].table
, fp
);
2166 p
->symtab
[i
].nprim
= nprim
;
2169 rc
= avtab_read(&p
->te_avtab
, fp
, p
);
2173 if (p
->policyvers
>= POLICYDB_VERSION_BOOL
) {
2174 rc
= cond_read_list(p
, fp
);
2179 rc
= next_entry(buf
, fp
, sizeof(u32
));
2182 nel
= le32_to_cpu(buf
[0]);
2184 for (i
= 0; i
< nel
; i
++) {
2185 tr
= kzalloc(sizeof(*tr
), GFP_KERNEL
);
2194 rc
= next_entry(buf
, fp
, sizeof(u32
)*3);
2197 tr
->role
= le32_to_cpu(buf
[0]);
2198 tr
->type
= le32_to_cpu(buf
[1]);
2199 tr
->new_role
= le32_to_cpu(buf
[2]);
2200 if (!policydb_role_isvalid(p
, tr
->role
) ||
2201 !policydb_type_isvalid(p
, tr
->type
) ||
2202 !policydb_role_isvalid(p
, tr
->new_role
)) {
2209 rc
= next_entry(buf
, fp
, sizeof(u32
));
2212 nel
= le32_to_cpu(buf
[0]);
2214 for (i
= 0; i
< nel
; i
++) {
2215 ra
= kzalloc(sizeof(*ra
), GFP_KERNEL
);
2224 rc
= next_entry(buf
, fp
, sizeof(u32
)*2);
2227 ra
->role
= le32_to_cpu(buf
[0]);
2228 ra
->new_role
= le32_to_cpu(buf
[1]);
2229 if (!policydb_role_isvalid(p
, ra
->role
) ||
2230 !policydb_role_isvalid(p
, ra
->new_role
)) {
2237 rc
= policydb_index_classes(p
);
2241 rc
= policydb_index_others(p
);
2245 p
->process_class
= string_to_security_class(p
, "process");
2246 if (!p
->process_class
)
2248 p
->process_trans_perms
= string_to_av_perm(p
, p
->process_class
,
2250 p
->process_trans_perms
|= string_to_av_perm(p
, p
->process_class
,
2252 if (!p
->process_trans_perms
)
2255 rc
= ocontext_read(p
, info
, fp
);
2259 rc
= genfs_read(p
, fp
);
2263 rc
= range_read(p
, fp
);
2268 p
->type_attr_map_array
= flex_array_alloc(sizeof(struct ebitmap
),
2270 GFP_KERNEL
| __GFP_ZERO
);
2271 if (!p
->type_attr_map_array
)
2274 /* preallocate so we don't have to worry about the put ever failing */
2275 rc
= flex_array_prealloc(p
->type_attr_map_array
, 0, p
->p_types
.nprim
- 1,
2276 GFP_KERNEL
| __GFP_ZERO
);
2280 for (i
= 0; i
< p
->p_types
.nprim
; i
++) {
2281 struct ebitmap
*e
= flex_array_get(p
->type_attr_map_array
, i
);
2285 if (p
->policyvers
>= POLICYDB_VERSION_AVTAB
) {
2286 rc
= ebitmap_read(e
, fp
);
2290 /* add the type itself as the degenerate case */
2291 rc
= ebitmap_set_bit(e
, i
, 1);
2296 rc
= policydb_bounds_sanity_check(p
);
2306 policydb_destroy(p
);