scripts/selinux/genheaders/genheaders.c

   1 #include <stdio.h>
   2 #include <stdlib.h>
   3 #include <unistd.h>
   4 #include <string.h>
   5 #include <errno.h>
   6 #include <ctype.h>
   7
   8 struct security_class_mapping {
   9         const char *name;
  10         const char *perms[sizeof(unsigned) * 8 + 1];
  11 };
  12
  13 #include "classmap.h"
  14 #include "initial_sid_to_string.h"
  15
  16 #define max(x, y) (((int)(x) > (int)(y)) ? x : y)
  17
  18 const char *progname;
  19
  20 static void usage(void)
  21 {
  22         printf("usage: %s flask.h av_permissions.h\n", progname);
  23         exit(1);
  24 }
  25
  26 static char *stoupperx(const char *s)
  27 {
  28         char *s2 = strdup(s);
  29         char *p;
  30
  31         if (!s2) {
  32                 fprintf(stderr, "%s:  out of memory\n", progname);
  33                 exit(3);
  34         }
  35
  36         for (p = s2; *p; p++)
  37                 *p = toupper(*p);
  38         return s2;
  39 }
  40
  41 int main(int argc, char *argv[])
  42 {
  43         int i, j, k;
  44         int isids_len;
  45         FILE *fout;
  46         const char *needle = "SOCKET";
  47         char *substr;
  48
  49         progname = argv[0];
  50
  51         if (argc < 3)
  52                 usage();
  53
  54         fout = fopen(argv[1], "w");
  55         if (!fout) {
  56                 fprintf(stderr, "Could not open %s for writing:  %s\n",
  57                         argv[1], strerror(errno));
  58                 exit(2);
  59         }
  60
  61         for (i = 0; secclass_map[i].name; i++) {
  62                 struct security_class_mapping *map = &secclass_map[i];
  63                 map->name = stoupperx(map->name);
  64                 for (j = 0; map->perms[j]; j++)
  65                         map->perms[j] = stoupperx(map->perms[j]);
  66         }
  67
  68         isids_len = sizeof(initial_sid_to_string) / sizeof (char *);
  69         for (i = 1; i < isids_len; i++)
  70                 initial_sid_to_string[i] = stoupperx(initial_sid_to_string[i]);
  71
  72         fprintf(fout, "/* This file is automatically generated.  Do not edit. */\n");
  73         fprintf(fout, "#ifndef _SELINUX_FLASK_H_\n#define _SELINUX_FLASK_H_\n\n");
  74
  75         for (i = 0; secclass_map[i].name; i++) {
  76                 struct security_class_mapping *map = &secclass_map[i];
  77                 fprintf(fout, "#define SECCLASS_%s", map->name);
  78                 for (j = 0; j < max(1, 40 - strlen(map->name)); j++)
  79                         fprintf(fout, " ");
  80                 fprintf(fout, "%2d\n", i+1);
  81         }
  82
  83         fprintf(fout, "\n");
  84
  85         for (i = 1; i < isids_len; i++) {
  86                 const char *s = initial_sid_to_string[i];
  87                 fprintf(fout, "#define SECINITSID_%s", s);
  88                 for (j = 0; j < max(1, 40 - strlen(s)); j++)
  89                         fprintf(fout, " ");
  90                 fprintf(fout, "%2d\n", i);
  91         }
  92         fprintf(fout, "\n#define SECINITSID_NUM %d\n", i-1);
  93         fprintf(fout, "\nstatic inline bool security_is_socket_class(u16 kern_tclass)\n");
  94         fprintf(fout, "{\n");
  95         fprintf(fout, "\tbool sock = false;\n\n");
  96         fprintf(fout, "\tswitch (kern_tclass) {\n");
  97         for (i = 0; secclass_map[i].name; i++) {
  98                 struct security_class_mapping *map = &secclass_map[i];
  99                 substr = strstr(map->name, needle);
 100                 if (substr && strcmp(substr, needle) == 0)
 101                         fprintf(fout, "\tcase SECCLASS_%s:\n", map->name);
 102         }
 103         fprintf(fout, "\t\tsock = true;\n");
 104         fprintf(fout, "\t\tbreak;\n");
 105         fprintf(fout, "\tdefault:\n");
 106         fprintf(fout, "\t\tbreak;\n");
 107         fprintf(fout, "\t}\n\n");
 108         fprintf(fout, "\treturn sock;\n");
 109         fprintf(fout, "}\n");
 110
 111         fprintf(fout, "\n#endif\n");
 112         fclose(fout);
 113
 114         fout = fopen(argv[2], "w");
 115         if (!fout) {
 116                 fprintf(stderr, "Could not open %s for writing:  %s\n",
 117                         argv[2], strerror(errno));
 118                 exit(4);
 119         }
 120
 121         fprintf(fout, "/* This file is automatically generated.  Do not edit. */\n");
 122         fprintf(fout, "#ifndef _SELINUX_AV_PERMISSIONS_H_\n#define _SELINUX_AV_PERMISSIONS_H_\n\n");
 123
 124         for (i = 0; secclass_map[i].name; i++) {
 125                 struct security_class_mapping *map = &secclass_map[i];
 126                 for (j = 0; map->perms[j]; j++) {
 127                         fprintf(fout, "#define %s__%s", map->name,
 128                                 map->perms[j]);
 129                         for (k = 0; k < max(1, 40 - strlen(map->name) - strlen(map->perms[j])); k++)
 130                                 fprintf(fout, " ");
 131                         fprintf(fout, "0x%08xUL\n", (1<<j));
 132                 }
 133         }
 134
 135         fprintf(fout, "\n#endif\n");
 136         fclose(fout);
 137         exit(0);
 138 }