Skip to content

R
raspberrypi-kernel

openeuler / raspberrypi-kernel

通知 13
Star 1
Fork 0
R
raspberrypi-kernel
切换分支/标签
查找文件 普通视图历史永久链接Permalink
conditional.h 2.3 KB
Newer Older
L
Linux-2.6.12-rc2  
Linus Torvalds 已提交
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 
/* Authors: Karl MacMillan <kmacmillan@tresys.com>
 *          Frank Mayer <mayerf@tresys.com>
 *
 * Copyright (C) 2003 - 2004 Tresys Technology, LLC
 *	This program is free software; you can redistribute it and/or modify
 *  	it under the terms of the GNU General Public License as published by
 *	the Free Software Foundation, version 2.
 */

#ifndef _CONDITIONAL_H_
#define _CONDITIONAL_H_

#include "avtab.h"
#include "symtab.h"
#include "policydb.h"
J
selinux: sparse fix: fix several warnings in the security server cod  
James Morris 已提交
16 
#include "../include/conditional.h"
L
Linux-2.6.12-rc2  
Linus Torvalds 已提交
17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 

#define COND_EXPR_MAXDEPTH 10

/*
 * A conditional expression is a list of operators and operands
 * in reverse polish notation.
 */
struct cond_expr {
#define COND_BOOL	1 /* plain bool */
#define COND_NOT	2 /* !bool */
#define COND_OR		3 /* bool || bool */
#define COND_AND	4 /* bool && bool */
#define COND_XOR	5 /* bool ^ bool */
#define COND_EQ		6 /* bool == bool */
#define COND_NEQ	7 /* bool != bool */
V
selinux: conditional expression type validation was off-by-one  
Vesa-Matti Kari 已提交
32 
#define COND_LAST	COND_NEQ
L
Linux-2.6.12-rc2  
Linus Torvalds 已提交
33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 
	__u32 expr_type;
	__u32 bool;
	struct cond_expr *next;
};

/*
 * Each cond_node contains a list of rules to be enabled/disabled
 * depending on the current value of the conditional expression. This
 * struct is for that list.
 */
struct cond_av_list {
	struct avtab_node *node;
	struct cond_av_list *next;
};

/*
 * A cond node represents a conditional block in a policy. It
 * contains a conditional expression, the current state of the expression,
 * two lists of rules to enable/disable depending on the value of the
 * expression (the true list corresponds to if and the false list corresponds
 * to else)..
 */
struct cond_node {
	int cur_state;
	struct cond_expr *expr;
	struct cond_av_list *true_list;
	struct cond_av_list *false_list;
	struct cond_node *next;
};
E
SELinux: ss/conditional.h whitespace, syntax, and other cleanups  
Eric Paris 已提交
63 64 
int cond_policydb_init(struct policydb *p);
void cond_policydb_destroy(struct policydb *p);
L
Linux-2.6.12-rc2  
Linus Torvalds 已提交
65
E
SELinux: ss/conditional.h whitespace, syntax, and other cleanups  
Eric Paris 已提交
66 
int cond_init_bool_indexes(struct policydb *p);
L
Linux-2.6.12-rc2  
Linus Torvalds 已提交
67 68 69 70 71 72 
int cond_destroy_bool(void *key, void *datum, void *p);

int cond_index_bool(void *key, void *datum, void *datap);

int cond_read_bool(struct policydb *p, struct hashtab *h, void *fp);
int cond_read_list(struct policydb *p, void *fp);
E
SELinux: allow userspace to read policy back out of the kernel  
Eric Paris 已提交
73 74 
int cond_write_bool(void *key, void *datum, void *ptr);
int cond_write_list(struct policydb *p, struct cond_node *list, void *fp);
L
Linux-2.6.12-rc2  
Linus Torvalds 已提交
75 76 77 78 79 80 

void cond_compute_av(struct avtab *ctab, struct avtab_key *key, struct av_decision *avd);

int evaluate_cond_node(struct policydb *p, struct cond_node *node);

#endif /* _CONDITIONAL_H_ */