2017-01-31 16:51:45 +00:00
|
|
|
#ifndef SEPOLICY_INJECT_H
|
|
|
|
#define SEPOLICY_INJECT_H
|
|
|
|
|
|
|
|
#define ALL NULL
|
|
|
|
|
|
|
|
#include <getopt.h>
|
|
|
|
#include <unistd.h>
|
|
|
|
#include <stdlib.h>
|
|
|
|
#include <sys/mman.h>
|
|
|
|
#include <sys/types.h>
|
|
|
|
#include <sys/stat.h>
|
|
|
|
#include <fcntl.h>
|
|
|
|
#include <stdio.h>
|
2017-02-03 17:58:15 +00:00
|
|
|
#include <limits.h>
|
|
|
|
#include <string.h>
|
2017-01-31 16:51:45 +00:00
|
|
|
#include <sepol/debug.h>
|
|
|
|
#include <sepol/policydb/policydb.h>
|
|
|
|
#include <sepol/policydb/expand.h>
|
|
|
|
#include <sepol/policydb/link.h>
|
|
|
|
#include <sepol/policydb/services.h>
|
|
|
|
#include <sepol/policydb/avrule_block.h>
|
|
|
|
#include <sepol/policydb/conditional.h>
|
|
|
|
#include <sepol/policydb/constraint.h>
|
|
|
|
|
2017-02-03 20:24:22 +00:00
|
|
|
// hashtab traversal macro
|
|
|
|
#define hashtab_for_each(table, ptr) \
|
|
|
|
for (int _i = 0; _i < table->size; ++_i) \
|
|
|
|
for (*ptr = table->htable[_i]; *ptr != NULL; *ptr = (*ptr)->next)
|
|
|
|
|
2017-01-31 16:51:45 +00:00
|
|
|
// Global policydb
|
|
|
|
policydb_t *policy;
|
|
|
|
|
|
|
|
// sepolicy manipulation functions
|
|
|
|
int load_policy(char *filename, policydb_t *policydb, struct policy_file *pf);
|
|
|
|
void create_domain(char *d);
|
2017-02-03 20:24:22 +00:00
|
|
|
int set_domain_state(char* s, int state);
|
2017-01-31 16:51:45 +00:00
|
|
|
int add_file_transition(char *srcS, char *origS, char *tgtS, char *c, char* filename);
|
|
|
|
int add_transition(char *srcS, char *origS, char *tgtS, char *c);
|
2017-02-03 17:58:15 +00:00
|
|
|
int add_typeattribute(char *domainS, char *typeS);
|
2017-01-31 16:51:45 +00:00
|
|
|
int add_rule(char *s, char *t, char *c, char *p, int effect, int not);
|
|
|
|
int add_typerule(char *s, char *targetAttribute, char **minusses, char *c, char *p, int effect, int not);
|
|
|
|
|
|
|
|
// Handy functions
|
|
|
|
void allow(char *s, char *t, char *c, char *p);
|
|
|
|
void deny(char *s, char *t, char *c, char *p);
|
|
|
|
void auditallow(char *s, char *t, char *c, char *p);
|
|
|
|
void auditdeny(char *s, char *t, char *c, char *p);
|
|
|
|
void permissive(char *s);
|
|
|
|
void enforce(char *s);
|
|
|
|
void attradd(char *s, char *a);
|
|
|
|
int exists(char *source);
|
|
|
|
|
2017-02-03 17:58:15 +00:00
|
|
|
// Vector of char*
|
2017-02-03 20:24:22 +00:00
|
|
|
typedef struct vector {
|
2017-02-03 17:58:15 +00:00
|
|
|
size_t size;
|
|
|
|
size_t cap;
|
|
|
|
char **data;
|
2017-02-03 20:24:22 +00:00
|
|
|
} vector;
|
|
|
|
void vec_init(vector *v);
|
|
|
|
void vec_push_back(vector *v, char* s);
|
|
|
|
void vec_destroy(vector *v);
|
2017-02-03 17:58:15 +00:00
|
|
|
|
2017-01-31 16:51:45 +00:00
|
|
|
// Built in rules
|
|
|
|
void su_rules();
|
2017-02-01 15:07:37 +00:00
|
|
|
void min_rules();
|
2017-01-31 16:51:45 +00:00
|
|
|
|
|
|
|
#endif
|