]>
Commit | Line | Data |
---|---|---|
8753f6be SS |
1 | #include <stdio.h> |
2 | #include <stdlib.h> | |
3 | #include <unistd.h> | |
4 | #include <string.h> | |
5 | #include <errno.h> | |
6 | #include <ctype.h> | |
7 | ||
8 | struct security_class_mapping { | |
9 | const char *name; | |
10 | const char *perms[sizeof(unsigned) * 8 + 1]; | |
11 | }; | |
12 | ||
13 | #include "classmap.h" | |
14 | #include "initial_sid_to_string.h" | |
15 | ||
85c3b529 | 16 | #define max(x, y) (((int)(x) > (int)(y)) ? x : y) |
8753f6be SS |
17 | |
18 | const char *progname; | |
19 | ||
821d35a5 | 20 | static void usage(void) |
8753f6be SS |
21 | { |
22 | printf("usage: %s flask.h av_permissions.h\n", progname); | |
23 | exit(1); | |
24 | } | |
25 | ||
821d35a5 | 26 | static char *stoupperx(const char *s) |
8753f6be SS |
27 | { |
28 | char *s2 = strdup(s); | |
29 | char *p; | |
30 | ||
31 | if (!s2) { | |
32 | fprintf(stderr, "%s: out of memory\n", progname); | |
33 | exit(3); | |
34 | } | |
35 | ||
36 | for (p = s2; *p; p++) | |
37 | *p = toupper(*p); | |
38 | return s2; | |
39 | } | |
40 | ||
41 | int main(int argc, char *argv[]) | |
42 | { | |
43 | int i, j, k; | |
44 | int isids_len; | |
45 | FILE *fout; | |
4bc6c2d5 HC |
46 | const char *needle = "SOCKET"; |
47 | char *substr; | |
8753f6be SS |
48 | |
49 | progname = argv[0]; | |
50 | ||
51 | if (argc < 3) | |
52 | usage(); | |
53 | ||
54 | fout = fopen(argv[1], "w"); | |
55 | if (!fout) { | |
56 | fprintf(stderr, "Could not open %s for writing: %s\n", | |
57 | argv[1], strerror(errno)); | |
58 | exit(2); | |
59 | } | |
60 | ||
61 | for (i = 0; secclass_map[i].name; i++) { | |
62 | struct security_class_mapping *map = &secclass_map[i]; | |
63 | map->name = stoupperx(map->name); | |
64 | for (j = 0; map->perms[j]; j++) | |
65 | map->perms[j] = stoupperx(map->perms[j]); | |
66 | } | |
67 | ||
68 | isids_len = sizeof(initial_sid_to_string) / sizeof (char *); | |
69 | for (i = 1; i < isids_len; i++) | |
70 | initial_sid_to_string[i] = stoupperx(initial_sid_to_string[i]); | |
71 | ||
72 | fprintf(fout, "/* This file is automatically generated. Do not edit. */\n"); | |
73 | fprintf(fout, "#ifndef _SELINUX_FLASK_H_\n#define _SELINUX_FLASK_H_\n\n"); | |
74 | ||
75 | for (i = 0; secclass_map[i].name; i++) { | |
76 | struct security_class_mapping *map = &secclass_map[i]; | |
77 | fprintf(fout, "#define SECCLASS_%s", map->name); | |
78 | for (j = 0; j < max(1, 40 - strlen(map->name)); j++) | |
79 | fprintf(fout, " "); | |
80 | fprintf(fout, "%2d\n", i+1); | |
81 | } | |
82 | ||
83 | fprintf(fout, "\n"); | |
84 | ||
85 | for (i = 1; i < isids_len; i++) { | |
310de047 | 86 | const char *s = initial_sid_to_string[i]; |
8753f6be SS |
87 | fprintf(fout, "#define SECINITSID_%s", s); |
88 | for (j = 0; j < max(1, 40 - strlen(s)); j++) | |
89 | fprintf(fout, " "); | |
90 | fprintf(fout, "%2d\n", i); | |
91 | } | |
92 | fprintf(fout, "\n#define SECINITSID_NUM %d\n", i-1); | |
4bc6c2d5 HC |
93 | fprintf(fout, "\nstatic inline bool security_is_socket_class(u16 kern_tclass)\n"); |
94 | fprintf(fout, "{\n"); | |
95 | fprintf(fout, "\tbool sock = false;\n\n"); | |
96 | fprintf(fout, "\tswitch (kern_tclass) {\n"); | |
97 | for (i = 0; secclass_map[i].name; i++) { | |
98 | struct security_class_mapping *map = &secclass_map[i]; | |
99 | substr = strstr(map->name, needle); | |
100 | if (substr && strcmp(substr, needle) == 0) | |
101 | fprintf(fout, "\tcase SECCLASS_%s:\n", map->name); | |
102 | } | |
103 | fprintf(fout, "\t\tsock = true;\n"); | |
104 | fprintf(fout, "\t\tbreak;\n"); | |
105 | fprintf(fout, "\tdefault:\n"); | |
106 | fprintf(fout, "\t\tbreak;\n"); | |
107 | fprintf(fout, "\t}\n\n"); | |
108 | fprintf(fout, "\treturn sock;\n"); | |
109 | fprintf(fout, "}\n"); | |
110 | ||
8753f6be SS |
111 | fprintf(fout, "\n#endif\n"); |
112 | fclose(fout); | |
113 | ||
114 | fout = fopen(argv[2], "w"); | |
115 | if (!fout) { | |
116 | fprintf(stderr, "Could not open %s for writing: %s\n", | |
117 | argv[2], strerror(errno)); | |
118 | exit(4); | |
119 | } | |
120 | ||
121 | fprintf(fout, "/* This file is automatically generated. Do not edit. */\n"); | |
122 | fprintf(fout, "#ifndef _SELINUX_AV_PERMISSIONS_H_\n#define _SELINUX_AV_PERMISSIONS_H_\n\n"); | |
123 | ||
124 | for (i = 0; secclass_map[i].name; i++) { | |
125 | struct security_class_mapping *map = &secclass_map[i]; | |
126 | for (j = 0; map->perms[j]; j++) { | |
127 | fprintf(fout, "#define %s__%s", map->name, | |
128 | map->perms[j]); | |
129 | for (k = 0; k < max(1, 40 - strlen(map->name) - strlen(map->perms[j])); k++) | |
130 | fprintf(fout, " "); | |
131 | fprintf(fout, "0x%08xUL\n", (1<<j)); | |
132 | } | |
133 | } | |
134 | ||
135 | fprintf(fout, "\n#endif\n"); | |
136 | fclose(fout); | |
137 | exit(0); | |
138 | } |