topjohnwu/selinux
1
0
Fork 0
mirror of https://github.com/topjohnwu/selinux.git synced 2025-02-19 19:01:28 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

libsepol/cil: Add ability to write policy.conf file from CIL AST

Browse Source 
The ability to create a policy.conf file from the CIL AST has been
a desire from the beginning to assist in debugging and for general
flexibility. Some work towards this end was started early in CIL's
history, but cil_policy.c has not been remotely functional in a long
time. Until now.

The function cil_write_policy_conf() will write a policy.conf file
from a CIL AST after cil_build_ast(), cil_resolve_ast(),
cil_fqn_qualify(), and cil_post_process() have been called.

Signed-off-by: James Carter <jwcart2@tycho.nsa.gov>
This commit is contained in:
James Carter 2016-11-28 13:11:36 -05:00
parent 86e568c27b
commit 3fe4499f7d
5 changed files with 1768 additions and 1244 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
libsepol/cil/include/cil/cil.h
View File

@ -52,6 +52,7 @@ extern int cil_set_handle_unknown(cil_db_t *db, int handle_unknown);
extern void cil_set_mls(cil_db_t *db, int mls);
extern void cil_set_target_platform(cil_db_t *db, int target_platform);
extern void cil_set_policy_version(cil_db_t *db, int policy_version);
extern void cil_write_policy_conf(FILE *out, struct cil_db *db);
enum cil_log_level {
CIL_ERR = 1,

6
libsepol/cil/src/cil.c
View File

@ -461,6 +461,12 @@ exit:
return rc;
}
void cil_write_policy_conf(FILE *out, struct cil_db *db)
{
cil_log(CIL_INFO, "Writing policy.conf file\n");
cil_gen_policy(out, db);
}
void cil_destroy_data(void **data, enum cil_flavor flavor)
{
if (*data == NULL) {

2992
libsepol/cil/src/cil_policy.c
View File

File diff suppressed because it is too large Load Diff

12
libsepol/cil/src/cil_policy.h
View File

@ -30,18 +30,8 @@
#ifndef CIL_POLICY_H_
#define CIL_POLICY_H_
#include "cil_tree.h"
#include "cil_list.h"
#include "cil_internal.h"
struct cil_multimap_item {
struct cil_symtab_datum *key;
struct cil_list *values;
};
int cil_combine_policy(FILE **file_arr, FILE *policy_file);
void cil_context_to_policy(FILE **, uint32_t, struct cil_context *);
int cil_name_to_policy(FILE **, struct cil_tree_node *);
int cil_gen_policy(struct cil_db *);
void cil_gen_policy(FILE *out, struct cil_db *db);
#endif

1
libsepol/src/libsepol.map.in
View File

@ -45,6 +45,7 @@ LIBSEPOL_1.1 {
cil_set_target_platform;
cil_set_policy_version;
cil_set_mls;
cil_write_policy_conf;
sepol_ppfile_to_module_package;
sepol_module_package_to_cil;
sepol_module_policydb_to_cil;