Orange Pi5 kernel

Deprecated Linux kernel 5.10.110 for OrangePi 5/5B/5+ boards

3 Commits   0 Branches   0 Tags
Index
Trunk
Branches
Tags
Trunk
Branches
Tags
Home page
Home page
orangepi/linux-orangepi-5.10.y.git/trunk/security/selinux/ss/conditional.h 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  1) /* SPDX-License-Identifier: GPL-2.0-only */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  2) /* Authors: Karl MacMillan <kmacmillan@tresys.com>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  3)  *          Frank Mayer <mayerf@tresys.com>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  4)  *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  5)  * Copyright (C) 2003 - 2004 Tresys Technology, LLC
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  6)  */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  7) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  8) #ifndef _CONDITIONAL_H_
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  9) #define _CONDITIONAL_H_
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 10) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 11) #include "avtab.h"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 12) #include "symtab.h"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 13) #include "policydb.h"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 14) #include "../include/conditional.h"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 15) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 16) #define COND_EXPR_MAXDEPTH 10
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 17) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 18) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 19)  * A conditional expression is a list of operators and operands
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 20)  * in reverse polish notation.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 21)  */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 22) struct cond_expr_node {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 23) #define COND_BOOL	1 /* plain bool */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 24) #define COND_NOT	2 /* !bool */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 25) #define COND_OR		3 /* bool || bool */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 26) #define COND_AND	4 /* bool && bool */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 27) #define COND_XOR	5 /* bool ^ bool */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 28) #define COND_EQ		6 /* bool == bool */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 29) #define COND_NEQ	7 /* bool != bool */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 30) #define COND_LAST	COND_NEQ
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 31) 	u32 expr_type;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 32) 	u32 bool;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 33) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 34) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 35) struct cond_expr {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 36) 	struct cond_expr_node *nodes;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 37) 	u32 len;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 38) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 39) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 40) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 41)  * Each cond_node contains a list of rules to be enabled/disabled
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 42)  * depending on the current value of the conditional expression. This
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 43)  * struct is for that list.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 44)  */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 45) struct cond_av_list {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 46) 	struct avtab_node **nodes;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 47) 	u32 len;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 48) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 49) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 50) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 51)  * A cond node represents a conditional block in a policy. It
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 52)  * contains a conditional expression, the current state of the expression,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 53)  * two lists of rules to enable/disable depending on the value of the
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 54)  * expression (the true list corresponds to if and the false list corresponds
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 55)  * to else)..
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 56)  */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 57) struct cond_node {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 58) 	int cur_state;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 59) 	struct cond_expr expr;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 60) 	struct cond_av_list true_list;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 61) 	struct cond_av_list false_list;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 62) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 63) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 64) void cond_policydb_init(struct policydb *p);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 65) void cond_policydb_destroy(struct policydb *p);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 66) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 67) int cond_init_bool_indexes(struct policydb *p);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 68) int cond_destroy_bool(void *key, void *datum, void *p);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 69) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 70) int cond_index_bool(void *key, void *datum, void *datap);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 71) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 72) int cond_read_bool(struct policydb *p, struct symtab *s, void *fp);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 73) int cond_read_list(struct policydb *p, void *fp);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 74) int cond_write_bool(void *key, void *datum, void *ptr);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 75) int cond_write_list(struct policydb *p, void *fp);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 76) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 77) void cond_compute_av(struct avtab *ctab, struct avtab_key *key,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 78) 		struct av_decision *avd, struct extended_perms *xperms);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 79) void cond_compute_xperms(struct avtab *ctab, struct avtab_key *key,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 80) 		struct extended_perms_decision *xpermd);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 81) void evaluate_cond_nodes(struct policydb *p);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 82) void cond_policydb_destroy_dup(struct policydb *p);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 83) int cond_policydb_dup(struct policydb *new, struct policydb *orig);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 84) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 85) #endif /* _CONDITIONAL_H_ */
cGit-ui 0.1.7
Git 2.40.0
Nginx 1.22.1

Where any material of this site is being reproduced, published or issued to others the reference to the source is obligatory.

© Andrey V. Kosteltsev, 2019 – 2025.