| /* |
| * Copyright 2011 Tresys Technology, LLC. All rights reserved. |
| * |
| * Redistribution and use in source and binary forms, with or without |
| * modification, are permitted provided that the following conditions are met: |
| * |
| * 1. Redistributions of source code must retain the above copyright notice, |
| * this list of conditions and the following disclaimer. |
| * |
| * 2. Redistributions in binary form must reproduce the above copyright notice, |
| * this list of conditions and the following disclaimer in the documentation |
| * and/or other materials provided with the distribution. |
| * |
| * THIS SOFTWARE IS PROVIDED BY TRESYS TECHNOLOGY, LLC ``AS IS'' AND ANY EXPRESS |
| * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF |
| * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO |
| * EVENT SHALL TRESYS TECHNOLOGY, LLC OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, |
| * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, |
| * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, |
| * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF |
| * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE |
| * OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF |
| * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
| * |
| * The views and conclusions contained in the software and documentation are those |
| * of the authors and should not be interpreted as representing official policies, |
| * either expressed or implied, of Tresys Technology, LLC. |
| */ |
| |
| #include <stdlib.h> |
| #include <stdio.h> |
| #include <string.h> |
| |
| #include "cil_internal.h" |
| #include "cil_log.h" |
| #include "cil_mem.h" |
| #include "cil_tree.h" |
| #include "cil_list.h" |
| #include "cil_symtab.h" |
| #include "cil_copy_ast.h" |
| #include "cil_build_ast.h" |
| #include "cil_strpool.h" |
| #include "cil_verify.h" |
| |
| struct cil_args_copy { |
| struct cil_tree_node *orig_dest; |
| struct cil_tree_node *dest; |
| struct cil_db *db; |
| }; |
| |
| void cil_copy_list(struct cil_list *data, struct cil_list **copy) |
| { |
| struct cil_list *new; |
| struct cil_list_item *orig_item; |
| |
| cil_list_init(&new, data->flavor); |
| |
| cil_list_for_each(orig_item, data) { |
| switch (orig_item->flavor) { |
| case CIL_STRING: |
| cil_list_append(new, CIL_STRING, orig_item->data); |
| break; |
| case CIL_LIST: { |
| struct cil_list *new_sub = NULL; |
| cil_copy_list((struct cil_list*)orig_item->data, &new_sub); |
| cil_list_append(new, CIL_LIST, new_sub); |
| break; |
| } |
| case CIL_PARAM: { |
| struct cil_param *po = orig_item->data; |
| struct cil_param *pn; |
| cil_param_init(&pn); |
| pn->str = po->str; |
| pn->flavor = po->flavor; |
| cil_list_append(new, CIL_PARAM, pn); |
| } |
| break; |
| |
| default: |
| cil_list_append(new, orig_item->flavor, orig_item->data); |
| break; |
| } |
| } |
| |
| *copy = new; |
| } |
| |
| static int cil_copy_node(__attribute__((unused)) struct cil_db *db, void *data, void **copy, __attribute__((unused)) symtab_t *symtab) |
| { |
| char *new = NULL; |
| |
| if (data != NULL) { |
| new = data; |
| } |
| *copy = new; |
| |
| return SEPOL_OK; |
| } |
| |
| int cil_copy_block(__attribute__((unused)) struct cil_db *db, void *data, void **copy, symtab_t *symtab) |
| { |
| struct cil_block *orig = data; |
| char *key = orig->datum.name; |
| struct cil_symtab_datum *datum = NULL; |
| |
| cil_symtab_get_datum(symtab, key, &datum); |
| if (datum != NULL) { |
| if (FLAVOR(datum) != CIL_BLOCK) { |
| cil_tree_log(NODE(orig), CIL_ERR, "Block %s being copied", key); |
| cil_tree_log(NODE(datum), CIL_ERR, " Conflicts with %s already declared", cil_node_to_string(NODE(datum))); |
| return SEPOL_ERR; |
| } |
| cil_tree_log(NODE(orig), CIL_WARN, "Block %s being copied", key); |
| cil_tree_log(NODE(datum), CIL_WARN, " Previously declared"); |
| *copy = datum; |
| } else { |
| struct cil_block *new; |
| cil_block_init(&new); |
| *copy = new; |
| } |
| |
| return SEPOL_OK; |
| } |
| |
| int cil_copy_blockabstract(__attribute__((unused)) struct cil_db *db, void *data, void **copy, __attribute__((unused)) symtab_t *symtab) |
| { |
| struct cil_blockabstract *orig = data; |
| struct cil_blockabstract *new = NULL; |
| |
| cil_blockabstract_init(&new); |
| |
| new->block_str = orig->block_str; |
| |
| *copy = new; |
| |
| return SEPOL_OK; |
| } |
| |
| int cil_copy_blockinherit(__attribute__((unused)) struct cil_db *db, void *data, void **copy, __attribute__((unused)) symtab_t *symtab) |
| { |
| struct cil_blockinherit *orig = data; |
| struct cil_blockinherit *new = NULL; |
| |
| cil_blockinherit_init(&new); |
| |
| new->block_str = orig->block_str; |
| new->block = orig->block; |
| |
| *copy = new; |
| |
| return SEPOL_OK; |
| } |
| |
| static int cil_copy_policycap(__attribute__((unused)) struct cil_db *db, void *data, void **copy, symtab_t *symtab) |
| { |
| struct cil_policycap *orig = data; |
| char *key = orig->datum.name; |
| struct cil_symtab_datum *datum = NULL; |
| |
| cil_symtab_get_datum(symtab, key, &datum); |
| if (datum == NULL) { |
| struct cil_policycap *new; |
| cil_policycap_init(&new); |
| *copy = new; |
| } else { |
| *copy = datum; |
| } |
| |
| return SEPOL_OK; |
| } |
| |
| int cil_copy_perm(__attribute__((unused)) struct cil_db *db, void *data, void **copy, symtab_t *symtab) |
| { |
| struct cil_perm *orig = data; |
| char *key = orig->datum.name; |
| struct cil_symtab_datum *datum = NULL; |
| |
| cil_symtab_get_datum(symtab, key, &datum); |
| if (datum == NULL) { |
| struct cil_perm *new; |
| cil_perm_init(&new); |
| *copy = new; |
| } else { |
| *copy = datum; |
| } |
| |
| return SEPOL_OK; |
| } |
| |
| void cil_copy_classperms(struct cil_classperms *orig, struct cil_classperms **new) |
| { |
| cil_classperms_init(new); |
| (*new)->class_str = orig->class_str; |
| cil_copy_list(orig->perm_strs, &((*new)->perm_strs)); |
| } |
| |
| void cil_copy_classperms_set(struct cil_classperms_set *orig, struct cil_classperms_set **new) |
| { |
| cil_classperms_set_init(new); |
| (*new)->set_str = orig->set_str; |
| } |
| |
| void cil_copy_classperms_list(struct cil_list *orig, struct cil_list **new) |
| { |
| struct cil_list_item *orig_item; |
| |
| if (orig == NULL) { |
| return; |
| } |
| |
| cil_list_init(new, CIL_LIST_ITEM); |
| cil_list_for_each(orig_item, orig) { |
| if (orig_item->flavor == CIL_CLASSPERMS) { |
| struct cil_classperms *cp; |
| cil_copy_classperms(orig_item->data, &cp); |
| cil_list_append(*new, CIL_CLASSPERMS, cp); |
| } else { |
| struct cil_classperms_set *cp_set; |
| cil_copy_classperms_set(orig_item->data, &cp_set); |
| cil_list_append(*new, CIL_CLASSPERMS_SET, cp_set); |
| } |
| } |
| } |
| |
| int cil_copy_classmapping(__attribute__((unused)) struct cil_db *db, void *data, void **copy, __attribute__((unused)) symtab_t *symtab) |
| { |
| struct cil_classmapping *orig = data; |
| struct cil_classmapping *new = NULL; |
| |
| cil_classmapping_init(&new); |
| |
| new->map_class_str = orig->map_class_str; |
| new->map_perm_str = orig->map_perm_str; |
| |
| cil_copy_classperms_list(orig->classperms, &new->classperms); |
| |
| *copy = new; |
| |
| return SEPOL_OK; |
| } |
| |
| int cil_copy_class(__attribute__((unused)) struct cil_db *db, void *data, void **copy, symtab_t *symtab) |
| { |
| struct cil_class *orig = data; |
| struct cil_class *new = NULL; |
| char *key = orig->datum.name; |
| struct cil_symtab_datum *datum = NULL; |
| |
| cil_symtab_get_datum(symtab, key, &datum); |
| if (datum != NULL) { |
| cil_log(CIL_INFO, "cil_copy_class: class cannot be redefined\n"); |
| return SEPOL_ERR; |
| } |
| |
| cil_class_init(&new); |
| |
| new->common = NULL; |
| |
| *copy = new; |
| |
| return SEPOL_OK; |
| } |
| |
| int cil_copy_classorder(__attribute__((unused)) struct cil_db *db, void *data, void **copy, __attribute__((unused)) symtab_t *symtab) |
| { |
| struct cil_classorder *orig = data; |
| struct cil_classorder *new = NULL; |
| |
| cil_classorder_init(&new); |
| if (orig->class_list_str != NULL) { |
| cil_copy_list(orig->class_list_str, &new->class_list_str); |
| } |
| |
| *copy = new; |
| |
| return SEPOL_OK; |
| } |
| |
| int cil_copy_classpermission(__attribute__((unused)) struct cil_db *db, void *data, void **copy, symtab_t *symtab) |
| { |
| struct cil_classpermission *orig = data; |
| struct cil_classpermission *new = NULL; |
| char *key = orig->datum.name; |
| struct cil_symtab_datum *datum = NULL; |
| |
| if (key != NULL) { |
| cil_symtab_get_datum(symtab, key, &datum); |
| if (datum != NULL) { |
| cil_log(CIL_INFO, "classpermission cannot be redefined\n"); |
| return SEPOL_ERR; |
| } |
| } |
| |
| cil_classpermission_init(&new); |
| |
| cil_copy_classperms_list(orig->classperms, &new->classperms); |
| |
| *copy = new; |
| |
| return SEPOL_OK; |
| } |
| |
| int cil_copy_classpermissionset(__attribute__((unused)) struct cil_db *db, void *data, void **copy, __attribute__((unused)) symtab_t *symtab) |
| { |
| struct cil_classpermissionset *orig = data; |
| struct cil_classpermissionset *new = NULL; |
| |
| cil_classpermissionset_init(&new); |
| |
| new->set_str = orig->set_str; |
| |
| cil_copy_classperms_list(orig->classperms, &new->classperms); |
| |
| *copy = new; |
| |
| return SEPOL_OK; |
| } |
| |
| int cil_copy_classcommon(__attribute__((unused)) struct cil_db *db, void *data, void **copy, __attribute__((unused)) symtab_t *symtab) |
| { |
| struct cil_classcommon *orig = data; |
| struct cil_classcommon *new = NULL; |
| |
| cil_classcommon_init(&new); |
| |
| new->class_str = orig->class_str; |
| new->common_str = orig->common_str; |
| |
| *copy = new; |
| |
| return SEPOL_OK; |
| } |
| |
| int cil_copy_sid(__attribute__((unused)) struct cil_db *db, void *data, void **copy, symtab_t *symtab) |
| { |
| struct cil_sid *orig = data; |
| char *key = orig->datum.name; |
| struct cil_symtab_datum *datum = NULL; |
| |
| cil_symtab_get_datum(symtab, key, &datum); |
| if (datum == NULL) { |
| struct cil_sid *new; |
| cil_sid_init(&new); |
| *copy = new; |
| } else { |
| *copy = datum; |
| } |
| |
| return SEPOL_OK; |
| } |
| |
| int cil_copy_sidcontext(struct cil_db *db, void *data, void **copy, __attribute__((unused)) symtab_t *symtab) |
| { |
| struct cil_sidcontext *orig = data; |
| struct cil_sidcontext *new = NULL; |
| |
| cil_sidcontext_init(&new); |
| |
| if (orig->context_str != NULL) { |
| new->context_str = orig->context_str; |
| } else { |
| cil_context_init(&new->context); |
| cil_copy_fill_context(db, orig->context, new->context); |
| } |
| |
| *copy = new; |
| |
| return SEPOL_OK; |
| } |
| |
| int cil_copy_sidorder(__attribute__((unused)) struct cil_db *db, void *data, void **copy, __attribute__((unused)) symtab_t *symtab) |
| { |
| struct cil_sidorder *orig = data; |
| struct cil_sidorder *new = NULL; |
| |
| cil_sidorder_init(&new); |
| if (orig->sid_list_str != NULL) { |
| cil_copy_list(orig->sid_list_str, &new->sid_list_str); |
| } |
| |
| *copy = new; |
| |
| return SEPOL_OK; |
| } |
| |
| int cil_copy_user(__attribute__((unused)) struct cil_db *db, void *data, void **copy, symtab_t *symtab) |
| { |
| struct cil_user *orig = data; |
| char *key = orig->datum.name; |
| struct cil_symtab_datum *datum = NULL; |
| |
| cil_symtab_get_datum(symtab, key, &datum); |
| if (datum == NULL) { |
| struct cil_user *new; |
| cil_user_init(&new); |
| *copy = new; |
| } else { |
| *copy = datum; |
| } |
| |
| return SEPOL_OK; |
| } |
| |
| int cil_copy_userattribute(__attribute__((unused)) struct cil_db *db, void *data, void **copy, symtab_t *symtab) |
| { |
| struct cil_userattribute *orig = data; |
| struct cil_userattribute *new = NULL; |
| char *key = orig->datum.name; |
| struct cil_symtab_datum *datum = NULL; |
| |
| cil_symtab_get_datum(symtab, key, &datum); |
| if (datum == NULL) { |
| cil_userattribute_init(&new); |
| *copy = new; |
| } else { |
| *copy = datum; |
| } |
| |
| return SEPOL_OK; |
| } |
| |
| int cil_copy_userattributeset(struct cil_db *db, void *data, void **copy, __attribute__((unused)) symtab_t *symtab) |
| { |
| struct cil_userattributeset *orig = data; |
| struct cil_userattributeset *new = NULL; |
| |
| cil_userattributeset_init(&new); |
| |
| new->attr_str = orig->attr_str; |
| |
| cil_copy_expr(db, orig->str_expr, &new->str_expr); |
| cil_copy_expr(db, orig->datum_expr, &new->datum_expr); |
| |
| *copy = new; |
| |
| return SEPOL_OK; |
| } |
| |
| int cil_copy_userrole(__attribute__((unused)) struct cil_db *db, void *data, void **copy, __attribute__((unused)) symtab_t *symtab) |
| { |
| struct cil_userrole *orig = data; |
| struct cil_userrole *new = NULL; |
| |
| cil_userrole_init(&new); |
| |
| new->user_str = orig->user_str; |
| new->role_str = orig->role_str; |
| |
| *copy = new; |
| |
| return SEPOL_OK; |
| } |
| |
| int cil_copy_userlevel(struct cil_db *db, void *data, void **copy, __attribute__((unused)) symtab_t *symtab) |
| { |
| struct cil_userlevel *orig = data; |
| struct cil_userlevel *new = NULL; |
| |
| cil_userlevel_init(&new); |
| |
| new->user_str = orig->user_str; |
| |
| if (orig->level_str != NULL) { |
| new->level_str = orig->level_str; |
| } else { |
| cil_copy_fill_level(db, orig->level, &new->level); |
| } |
| |
| *copy = new; |
| |
| return SEPOL_OK; |
| } |
| |
| int cil_copy_userrange(struct cil_db *db, void *data, void **copy, __attribute__((unused)) symtab_t *symtab) |
| { |
| struct cil_userrange *orig = data; |
| struct cil_userrange *new = NULL; |
| |
| cil_userrange_init(&new); |
| |
| new->user_str = orig->user_str; |
| |
| if (orig->range_str != NULL) { |
| new->range_str = orig->range_str; |
| } else { |
| cil_levelrange_init(&new->range); |
| cil_copy_fill_levelrange(db, orig->range, new->range); |
| } |
| |
| *copy = new; |
| |
| return SEPOL_OK; |
| } |
| |
| int cil_copy_userprefix(__attribute__((unused)) struct cil_db *db, void *data, void **copy, __attribute__((unused)) symtab_t *symtab) |
| { |
| struct cil_userprefix *orig = data; |
| struct cil_userprefix *new = NULL; |
| |
| cil_userprefix_init(&new); |
| |
| new->user_str = orig->user_str; |
| new->prefix_str = orig->prefix_str; |
| |
| *copy = new; |
| |
| return SEPOL_OK; |
| } |
| |
| int cil_copy_role(__attribute__((unused)) struct cil_db *db, void *data, void **copy, symtab_t *symtab) |
| { |
| struct cil_role *orig = data; |
| char *key = orig->datum.name; |
| struct cil_symtab_datum *datum = NULL; |
| |
| cil_symtab_get_datum(symtab, key, &datum); |
| if (datum == NULL) { |
| struct cil_role *new; |
| cil_role_init(&new); |
| *copy = new; |
| } else { |
| *copy = datum; |
| } |
| |
| return SEPOL_OK; |
| } |
| |
| int cil_copy_roletype(__attribute__((unused)) struct cil_db *db, void *data, void **copy, __attribute__((unused)) symtab_t *symtab) |
| { |
| struct cil_roletype *orig = data; |
| struct cil_roletype *new = NULL; |
| |
| cil_roletype_init(&new); |
| |
| new->role_str = orig->role_str; |
| new->type_str = orig->type_str; |
| |
| *copy = new; |
| |
| return SEPOL_OK; |
| } |
| |
| int cil_copy_roleattribute(__attribute__((unused)) struct cil_db *db, void *data, void **copy, symtab_t *symtab) |
| { |
| struct cil_roleattribute *orig = data; |
| char *key = orig->datum.name; |
| struct cil_symtab_datum *datum = NULL; |
| |
| cil_symtab_get_datum(symtab, key, &datum); |
| if (datum == NULL) { |
| struct cil_roleattribute *new; |
| cil_roleattribute_init(&new); |
| *copy = new; |
| } else { |
| *copy = datum; |
| } |
| |
| return SEPOL_OK; |
| } |
| |
| int cil_copy_roleattributeset(struct cil_db *db, void *data, void **copy, __attribute__((unused)) symtab_t *symtab) |
| { |
| struct cil_roleattributeset *orig = data; |
| struct cil_roleattributeset *new = NULL; |
| |
| cil_roleattributeset_init(&new); |
| |
| new->attr_str = orig->attr_str; |
| |
| cil_copy_expr(db, orig->str_expr, &new->str_expr); |
| cil_copy_expr(db, orig->datum_expr, &new->datum_expr); |
| |
| *copy = new; |
| |
| return SEPOL_OK; |
| } |
| |
| int cil_copy_roleallow(__attribute__((unused)) struct cil_db *db, void *data, void **copy, __attribute__((unused)) symtab_t *symtab) |
| { |
| struct cil_roleallow *orig = data; |
| struct cil_roleallow *new = NULL; |
| |
| cil_roleallow_init(&new); |
| |
| new->src_str = orig->src_str; |
| new->tgt_str = orig->tgt_str; |
| |
| *copy = new; |
| |
| return SEPOL_OK; |
| } |
| |
| int cil_copy_type(__attribute__((unused)) struct cil_db *db, __attribute__((unused)) void *data, void **copy, __attribute__((unused)) symtab_t *symtab) |
| { |
| struct cil_type *new; |
| |
| cil_type_init(&new); |
| *copy = new; |
| |
| return SEPOL_OK; |
| } |
| |
| int cil_copy_typepermissive(__attribute__((unused)) struct cil_db *db, void *data, void **copy, __attribute__((unused)) symtab_t *symtab) |
| { |
| struct cil_typepermissive *orig = data; |
| struct cil_typepermissive *new = NULL; |
| |
| cil_typepermissive_init(&new); |
| |
| new->type_str = orig->type_str; |
| |
| *copy = new; |
| |
| return SEPOL_OK; |
| } |
| |
| int cil_copy_typeattribute(__attribute__((unused)) struct cil_db *db, __attribute__((unused)) void *data, void **copy, __attribute__((unused)) symtab_t *symtab) |
| { |
| struct cil_typeattribute *new; |
| |
| cil_typeattribute_init(&new); |
| *copy = new; |
| |
| return SEPOL_OK; |
| } |
| |
| int cil_copy_typeattributeset(struct cil_db *db, void *data, void **copy, __attribute__((unused)) symtab_t *symtab) |
| { |
| struct cil_typeattributeset *orig = data; |
| struct cil_typeattributeset *new = NULL; |
| |
| cil_typeattributeset_init(&new); |
| |
| new->attr_str = orig->attr_str; |
| |
| cil_copy_expr(db, orig->str_expr, &new->str_expr); |
| cil_copy_expr(db, orig->datum_expr, &new->datum_expr); |
| |
| *copy = new; |
| |
| return SEPOL_OK; |
| } |
| |
| static int cil_copy_expandtypeattribute(__attribute__((unused)) struct cil_db *db, void *data, void **copy, __attribute__((unused)) symtab_t *symtab) |
| { |
| struct cil_expandtypeattribute *orig = data; |
| struct cil_expandtypeattribute *new = NULL; |
| |
| cil_expandtypeattribute_init(&new); |
| |
| if (orig->attr_strs != NULL) { |
| cil_copy_list(orig->attr_strs, &new->attr_strs); |
| } |
| |
| if (orig->attr_datums != NULL) { |
| cil_copy_list(orig->attr_datums, &new->attr_datums); |
| } |
| |
| new->expand = orig->expand; |
| |
| *copy = new; |
| |
| return SEPOL_OK; |
| } |
| |
| static int cil_copy_alias(__attribute__((unused)) struct cil_db *db, void *data, void **copy, symtab_t *symtab) |
| { |
| struct cil_alias *orig = data; |
| struct cil_alias *new = NULL; |
| char *key = orig->datum.name; |
| struct cil_symtab_datum *datum = NULL; |
| |
| cil_symtab_get_datum(symtab, key, &datum); |
| if (datum != NULL) { |
| cil_log(CIL_INFO, "cil_copy_alias: alias cannot be redefined\n"); |
| return SEPOL_ERR; |
| } |
| |
| cil_alias_init(&new); |
| |
| *copy = new; |
| |
| return SEPOL_OK; |
| } |
| |
| static int cil_copy_aliasactual(__attribute__((unused)) struct cil_db *db, void *data, void **copy, __attribute__((unused))symtab_t *symtab) |
| { |
| struct cil_aliasactual *orig = data; |
| struct cil_aliasactual *new = NULL; |
| |
| cil_aliasactual_init(&new); |
| |
| new->alias_str = orig->alias_str; |
| new->actual_str = orig->actual_str; |
| |
| *copy = new; |
| |
| return SEPOL_OK; |
| } |
| |
| static int cil_copy_roletransition(__attribute__((unused)) struct cil_db *db, void *data, void **copy, __attribute__((unused)) symtab_t *symtab) |
| { |
| struct cil_roletransition *orig = data; |
| struct cil_roletransition *new = NULL; |
| |
| cil_roletransition_init(&new); |
| |
| new->src_str = orig->src_str; |
| new->tgt_str = orig->tgt_str; |
| new->obj_str = orig->obj_str; |
| new->result_str = orig->result_str; |
| |
| *copy = new; |
| |
| return SEPOL_OK; |
| } |
| |
| int cil_copy_nametypetransition(__attribute__((unused)) struct cil_db *db, void *data, void **copy, __attribute__((unused)) symtab_t *symtab) |
| { |
| struct cil_nametypetransition *orig = data; |
| struct cil_nametypetransition *new = NULL; |
| |
| cil_nametypetransition_init(&new); |
| |
| new->src_str = orig->src_str; |
| new->tgt_str = orig->tgt_str; |
| new->obj_str = orig->obj_str; |
| new->name_str = orig->name_str; |
| new->result_str = orig->result_str; |
| |
| |
| *copy = new; |
| |
| return SEPOL_OK; |
| } |
| |
| int cil_copy_rangetransition(struct cil_db *db, void *data, void **copy, __attribute__((unused)) symtab_t *symtab) |
| { |
| struct cil_rangetransition *orig = data; |
| struct cil_rangetransition *new = NULL; |
| |
| cil_rangetransition_init(&new); |
| |
| new->src_str = orig->src_str; |
| new->exec_str = orig->exec_str; |
| new->obj_str = orig->obj_str; |
| |
| if (orig->range_str != NULL) { |
| new->range_str = orig->range_str; |
| } else { |
| cil_levelrange_init(&new->range); |
| cil_copy_fill_levelrange(db, orig->range, new->range); |
| } |
| |
| *copy = new; |
| |
| return SEPOL_OK; |
| } |
| |
| int cil_copy_bool(__attribute__((unused)) struct cil_db *db, void *data, void **copy, symtab_t *symtab) |
| { |
| struct cil_bool *orig = data; |
| struct cil_bool *new = NULL; |
| char *key = orig->datum.name; |
| struct cil_symtab_datum *datum = NULL; |
| |
| cil_symtab_get_datum(symtab, key, &datum); |
| if (datum != NULL) { |
| cil_log(CIL_INFO, "cil_copy_bool: boolean cannot be redefined\n"); |
| return SEPOL_ERR; |
| } |
| |
| cil_bool_init(&new); |
| new->value = orig->value; |
| *copy = new; |
| |
| return SEPOL_OK; |
| } |
| |
| static int cil_copy_tunable(__attribute__((unused)) struct cil_db *db, void *data, void **copy, symtab_t *symtab) |
| { |
| struct cil_tunable *orig = data; |
| struct cil_tunable *new = NULL; |
| char *key = orig->datum.name; |
| struct cil_symtab_datum *datum = NULL; |
| |
| cil_symtab_get_datum(symtab, key, &datum); |
| if (datum != NULL) { |
| cil_log(CIL_INFO, "cil_copy_tunable: tunable cannot be redefined\n"); |
| return SEPOL_ERR; |
| } |
| |
| cil_tunable_init(&new); |
| new->value = orig->value; |
| *copy = new; |
| |
| return SEPOL_OK; |
| } |
| |
| static void cil_copy_fill_permissionx(struct cil_db *db, struct cil_permissionx *orig, struct cil_permissionx *new) |
| { |
| new->kind = orig->kind; |
| new->obj_str = orig->obj_str; |
| cil_copy_expr(db, orig->expr_str, &new->expr_str); |
| } |
| |
| int cil_copy_avrule(struct cil_db *db, void *data, void **copy, __attribute__((unused)) symtab_t *symtab) |
| { |
| struct cil_avrule *orig = data; |
| struct cil_avrule *new = NULL; |
| |
| cil_avrule_init(&new); |
| |
| new->is_extended = orig->is_extended; |
| new->rule_kind = orig->rule_kind; |
| new->src_str = orig->src_str; |
| new->tgt_str = orig->tgt_str; |
| |
| if (!new->is_extended) { |
| cil_copy_classperms_list(orig->perms.classperms, &new->perms.classperms); |
| } else { |
| if (orig->perms.x.permx_str != NULL) { |
| new->perms.x.permx_str = orig->perms.x.permx_str; |
| } else { |
| cil_permissionx_init(&new->perms.x.permx); |
| cil_copy_fill_permissionx(db, orig->perms.x.permx, new->perms.x.permx); |
| } |
| } |
| |
| *copy = new; |
| |
| return SEPOL_OK; |
| } |
| |
| static int cil_copy_permissionx(struct cil_db *db, void *data, void **copy, symtab_t *symtab) |
| { |
| struct cil_permissionx *orig = data; |
| struct cil_permissionx *new = NULL; |
| char *key = orig->datum.name; |
| struct cil_symtab_datum *datum = NULL; |
| |
| |
| cil_symtab_get_datum(symtab, key, &datum); |
| if (datum != NULL) { |
| cil_log(CIL_INFO, "cil_copy_permissionx: permissionx cannot be redefined\n"); |
| return SEPOL_ERR; |
| } |
| |
| cil_permissionx_init(&new); |
| cil_copy_fill_permissionx(db, orig, new); |
| |
| *copy = new; |
| |
| return SEPOL_OK; |
| } |
| |
| int cil_copy_type_rule(__attribute__((unused)) struct cil_db *db, void *data, void **copy, __attribute__((unused)) symtab_t *symtab) |
| { |
| struct cil_type_rule *orig = data; |
| struct cil_type_rule *new = NULL; |
| |
| cil_type_rule_init(&new); |
| |
| new->rule_kind = orig->rule_kind; |
| new->src_str = orig->src_str; |
| new->tgt_str = orig->tgt_str; |
| new->obj_str = orig->obj_str; |
| new->result_str = orig->result_str; |
| |
| *copy = new; |
| |
| return SEPOL_OK; |
| } |
| |
| int cil_copy_sens(__attribute__((unused)) struct cil_db *db, void *data, void **copy, symtab_t *symtab) |
| { |
| struct cil_sens *orig = data; |
| char *key = orig->datum.name; |
| struct cil_symtab_datum *datum = NULL; |
| |
| cil_symtab_get_datum(symtab, key, &datum); |
| if (datum == NULL) { |
| struct cil_sens *new; |
| cil_sens_init(&new); |
| *copy = new; |
| } else { |
| *copy = datum; |
| } |
| |
| return SEPOL_OK; |
| } |
| |
| int cil_copy_cat(__attribute__((unused)) struct cil_db *db, void *data, void **copy, symtab_t *symtab) |
| { |
| struct cil_cat *orig = data; |
| char *key = orig->datum.name; |
| struct cil_symtab_datum *datum = NULL; |
| |
| cil_symtab_get_datum(symtab, key, &datum); |
| if (datum == NULL) { |
| struct cil_cat *new; |
| cil_cat_init(&new); |
| *copy = new; |
| } else { |
| *copy = datum; |
| } |
| |
| return SEPOL_OK; |
| } |
| |
| static void cil_copy_cats(struct cil_db *db, struct cil_cats *orig, struct cil_cats **new) |
| { |
| cil_cats_init(new); |
| cil_copy_expr(db, orig->str_expr, &(*new)->str_expr); |
| cil_copy_expr(db, orig->datum_expr, &(*new)->datum_expr); |
| } |
| |
| int cil_copy_catset(struct cil_db *db, void *data, void **copy, symtab_t *symtab) |
| { |
| struct cil_catset *orig = data; |
| struct cil_catset *new = NULL; |
| char *key = orig->datum.name; |
| struct cil_symtab_datum *datum = NULL; |
| |
| cil_symtab_get_datum(symtab, key, &datum); |
| if (datum != NULL) { |
| cil_log(CIL_INFO, "cil_copy_catset: categoryset cannot be redefined\n"); |
| return SEPOL_ERR; |
| } |
| |
| cil_catset_init(&new); |
| |
| cil_copy_cats(db, orig->cats, &new->cats); |
| |
| *copy = new; |
| |
| return SEPOL_OK; |
| } |
| |
| int cil_copy_senscat(struct cil_db *db, void *data, void **copy, __attribute__((unused)) symtab_t *symtab) |
| { |
| struct cil_senscat *orig = data; |
| struct cil_senscat *new = NULL; |
| |
| cil_senscat_init(&new); |
| |
| new->sens_str = orig->sens_str; |
| |
| cil_copy_cats(db, orig->cats, &new->cats); |
| |
| *copy = new; |
| |
| return SEPOL_OK; |
| } |
| |
| int cil_copy_catorder(__attribute__((unused)) struct cil_db *db, void *data, void **copy, __attribute__((unused)) symtab_t *symtab) |
| { |
| struct cil_catorder *orig = data; |
| struct cil_catorder *new = NULL; |
| |
| cil_catorder_init(&new); |
| if (orig->cat_list_str != NULL) { |
| cil_copy_list(orig->cat_list_str, &new->cat_list_str); |
| } |
| |
| *copy = new; |
| |
| return SEPOL_OK; |
| } |
| |
| int cil_copy_sensitivityorder(__attribute__((unused)) struct cil_db *db, void *data, void **copy, __attribute__((unused)) symtab_t *symtab) |
| { |
| struct cil_sensorder *orig = data; |
| struct cil_sensorder *new = NULL; |
| |
| cil_sensorder_init(&new); |
| if (orig->sens_list_str != NULL) { |
| cil_copy_list(orig->sens_list_str, &new->sens_list_str); |
| } |
| |
| *copy = new; |
| |
| return SEPOL_OK; |
| } |
| |
| void cil_copy_fill_level(struct cil_db *db, struct cil_level *orig, struct cil_level **new) |
| { |
| cil_level_init(new); |
| |
| (*new)->sens_str = orig->sens_str; |
| |
| if (orig->cats != NULL) { |
| cil_copy_cats(db, orig->cats, &(*new)->cats); |
| } |
| } |
| |
| int cil_copy_level(struct cil_db *db, void *data, void **copy, symtab_t *symtab) |
| { |
| struct cil_level *orig = data; |
| struct cil_level *new = NULL; |
| char *key = orig->datum.name; |
| struct cil_symtab_datum *datum = NULL; |
| |
| if (key != NULL) { |
| cil_symtab_get_datum(symtab, key, &datum); |
| if (datum != NULL) { |
| cil_log(CIL_INFO, "cil_copy_level: level cannot be redefined\n"); |
| return SEPOL_ERR; |
| } |
| } |
| |
| cil_copy_fill_level(db, orig, &new); |
| |
| *copy = new; |
| |
| return SEPOL_OK; |
| } |
| |
| void cil_copy_fill_levelrange(struct cil_db *db, struct cil_levelrange *data, struct cil_levelrange *new) |
| { |
| if (data->low_str != NULL) { |
| new->low_str = data->low_str; |
| } else { |
| cil_copy_fill_level(db, data->low, &new->low); |
| } |
| |
| if (data->high_str != NULL) { |
| new->high_str = data->high_str; |
| } else { |
| cil_copy_fill_level(db, data->high, &new->high); |
| } |
| } |
| |
| int cil_copy_levelrange(struct cil_db *db, void *data, void **copy, symtab_t *symtab) |
| { |
| struct cil_levelrange *orig = data; |
| struct cil_levelrange *new = NULL; |
| char *key = orig->datum.name; |
| struct cil_symtab_datum *datum = NULL; |
| |
| if (key != NULL) { |
| cil_symtab_get_datum(symtab, key, &datum); |
| if (datum != NULL) { |
| cil_log(CIL_INFO, "cil_copy_levelrange: levelrange cannot be redefined\n"); |
| return SEPOL_ERR; |
| } |
| } |
| |
| cil_levelrange_init(&new); |
| cil_copy_fill_levelrange(db, orig, new); |
| |
| *copy = new; |
| |
| return SEPOL_OK; |
| } |
| |
| void cil_copy_fill_context(struct cil_db *db, struct cil_context *data, struct cil_context *new) |
| { |
| new->user_str = data->user_str; |
| new->role_str = data->role_str; |
| new->type_str = data->type_str; |
| |
| if (data->range_str != NULL) { |
| new->range_str = data->range_str; |
| } else { |
| cil_levelrange_init(&new->range); |
| cil_copy_fill_levelrange(db, data->range, new->range); |
| } |
| } |
| |
| int cil_copy_context(struct cil_db *db, void *data, void **copy, symtab_t *symtab) |
| { |
| struct cil_context *orig = data; |
| struct cil_context *new = NULL; |
| char *key = orig->datum.name; |
| struct cil_symtab_datum *datum = NULL; |
| |
| if (key != NULL) { |
| cil_symtab_get_datum(symtab, key, &datum); |
| if (datum != NULL) { |
| cil_log(CIL_INFO, "cil_copy_context: context cannot be redefined\n"); |
| return SEPOL_ERR; |
| } |
| } |
| |
| cil_context_init(&new); |
| cil_copy_fill_context(db, orig, new); |
| |
| *copy = new; |
| |
| return SEPOL_OK; |
| } |
| |
| int cil_copy_netifcon(struct cil_db *db, void *data, void **copy, __attribute__((unused)) symtab_t *symtab) |
| { |
| struct cil_netifcon *orig = data; |
| struct cil_netifcon *new = NULL; |
| |
| cil_netifcon_init(&new); |
| |
| new->interface_str = orig->interface_str; |
| |
| if (orig->if_context_str != NULL) { |
| new->if_context_str = orig->if_context_str; |
| } else { |
| cil_context_init(&new->if_context); |
| cil_copy_fill_context(db, orig->if_context, new->if_context); |
| } |
| |
| if (orig->packet_context_str != NULL) { |
| new->packet_context_str = orig->packet_context_str; |
| } else { |
| cil_context_init(&new->packet_context); |
| cil_copy_fill_context(db, orig->packet_context, new->packet_context); |
| } |
| |
| *copy = new; |
| |
| return SEPOL_OK; |
| } |
| |
| int cil_copy_genfscon(struct cil_db *db, void *data, void **copy, __attribute__((unused)) symtab_t *symtab) |
| { |
| struct cil_genfscon *orig = data; |
| struct cil_genfscon *new = NULL; |
| |
| cil_genfscon_init(&new); |
| |
| new->fs_str = orig->fs_str; |
| new->path_str = orig->path_str; |
| |
| if (orig->context_str != NULL) { |
| new->context_str = orig->context_str; |
| } else { |
| cil_context_init(&new->context); |
| cil_copy_fill_context(db, orig->context, new->context); |
| } |
| |
| *copy = new; |
| |
| return SEPOL_OK; |
| } |
| |
| int cil_copy_filecon(struct cil_db *db, void *data, void **copy, __attribute__((unused)) symtab_t *symtab) |
| { |
| struct cil_filecon *orig = data; |
| struct cil_filecon *new = NULL; |
| |
| cil_filecon_init(&new); |
| |
| new->path_str = orig->path_str; |
| new->type = orig->type; |
| |
| if (orig->context_str != NULL) { |
| new->context_str = orig->context_str; |
| } else if (orig->context != NULL) { |
| cil_context_init(&new->context); |
| cil_copy_fill_context(db, orig->context, new->context); |
| } |
| |
| *copy = new; |
| |
| return SEPOL_OK; |
| } |
| |
| int cil_copy_nodecon(struct cil_db *db, void *data, void **copy, __attribute__((unused)) symtab_t *symtab) |
| { |
| struct cil_nodecon *orig = data; |
| struct cil_nodecon *new = NULL; |
| |
| cil_nodecon_init(&new); |
| |
| if (orig->addr_str != NULL) { |
| new->addr_str = orig->addr_str; |
| } else { |
| cil_ipaddr_init(&new->addr); |
| cil_copy_fill_ipaddr(orig->addr, new->addr); |
| } |
| |
| if (orig->mask_str != NULL) { |
| new->mask_str = orig->mask_str; |
| } else { |
| cil_ipaddr_init(&new->mask); |
| cil_copy_fill_ipaddr(orig->mask, new->mask); |
| } |
| |
| if (orig->context_str != NULL) { |
| new->context_str = orig->context_str; |
| } else { |
| cil_context_init(&new->context); |
| cil_copy_fill_context(db, orig->context, new->context); |
| } |
| |
| *copy = new; |
| |
| return SEPOL_OK; |
| } |
| |
| int cil_copy_ibpkeycon(struct cil_db *db, void *data, void **copy, __attribute__((unused)) symtab_t *symtab) |
| { |
| struct cil_ibpkeycon *orig = data; |
| struct cil_ibpkeycon *new = NULL; |
| |
| cil_ibpkeycon_init(&new); |
| |
| new->subnet_prefix_str = orig->subnet_prefix_str; |
| new->pkey_low = orig->pkey_low; |
| new->pkey_high = orig->pkey_high; |
| |
| if (orig->context_str) { |
| new->context_str = orig->context_str; |
| } else { |
| cil_context_init(&new->context); |
| cil_copy_fill_context(db, orig->context, new->context); |
| } |
| |
| *copy = new; |
| |
| return SEPOL_OK; |
| } |
| |
| static int cil_copy_ibendportcon(struct cil_db *db, void *data, void **copy, __attribute__((unused)) symtab_t *symtab) |
| { |
| struct cil_ibendportcon *orig = data; |
| struct cil_ibendportcon *new = NULL; |
| |
| cil_ibendportcon_init(&new); |
| |
| new->dev_name_str = orig->dev_name_str; |
| new->port = orig->port; |
| |
| if (orig->context_str) { |
| new->context_str = orig->context_str; |
| } else { |
| cil_context_init(&new->context); |
| cil_copy_fill_context(db, orig->context, new->context); |
| } |
| |
| *copy = new; |
| |
| return SEPOL_OK; |
| } |
| |
| int cil_copy_portcon(struct cil_db *db, void *data, void **copy, __attribute__((unused)) symtab_t *symtab) |
| { |
| struct cil_portcon *orig = data; |
| struct cil_portcon *new = NULL; |
| |
| cil_portcon_init(&new); |
| |
| new->proto = orig->proto; |
| new->port_low = orig->port_low; |
| new->port_high = orig->port_high; |
| |
| if (orig->context_str != NULL) { |
| new->context_str = orig->context_str; |
| } else { |
| cil_context_init(&new->context); |
| cil_copy_fill_context(db, orig->context, new->context); |
| } |
| |
| *copy = new; |
| |
| return SEPOL_OK; |
| } |
| |
| int cil_copy_pirqcon(struct cil_db *db, void *data, void **copy, __attribute__((unused)) symtab_t *symtab) |
| { |
| struct cil_pirqcon *orig = data; |
| struct cil_pirqcon *new = NULL; |
| |
| cil_pirqcon_init(&new); |
| |
| new->pirq = orig->pirq; |
| |
| if (orig->context_str != NULL) { |
| new->context_str = orig->context_str; |
| } else { |
| cil_context_init(&new->context); |
| cil_copy_fill_context(db, orig->context, new->context); |
| } |
| |
| *copy = new; |
| |
| return SEPOL_OK; |
| } |
| |
| int cil_copy_iomemcon(struct cil_db *db, void *data, void **copy, __attribute__((unused)) symtab_t *symtab) |
| { |
| struct cil_iomemcon *orig = data; |
| struct cil_iomemcon *new = NULL; |
| |
| cil_iomemcon_init(&new); |
| |
| new->iomem_low = orig->iomem_low; |
| new->iomem_high = orig->iomem_high; |
| |
| if (orig->context_str != NULL) { |
| new->context_str = orig->context_str; |
| } else { |
| cil_context_init(&new->context); |
| cil_copy_fill_context(db, orig->context, new->context); |
| } |
| |
| *copy = new; |
| |
| return SEPOL_OK; |
| } |
| |
| int cil_copy_ioportcon(struct cil_db *db, void *data, void **copy, __attribute__((unused)) symtab_t *symtab) |
| { |
| struct cil_ioportcon *orig = data; |
| struct cil_ioportcon *new = NULL; |
| |
| cil_ioportcon_init(&new); |
| |
| new->ioport_low = orig->ioport_low; |
| new->ioport_high = orig->ioport_high; |
| |
| if (orig->context_str != NULL) { |
| new->context_str = orig->context_str; |
| } else { |
| cil_context_init(&new->context); |
| cil_copy_fill_context(db, orig->context, new->context); |
| } |
| |
| *copy = new; |
| |
| return SEPOL_OK; |
| } |
| |
| int cil_copy_pcidevicecon(struct cil_db *db, void *data, void **copy, __attribute__((unused)) symtab_t *symtab) |
| { |
| struct cil_pcidevicecon *orig = data; |
| struct cil_pcidevicecon *new = NULL; |
| |
| cil_pcidevicecon_init(&new); |
| |
| new->dev = orig->dev; |
| |
| if (orig->context_str != NULL) { |
| new->context_str = orig->context_str; |
| } else { |
| cil_context_init(&new->context); |
| cil_copy_fill_context(db, orig->context, new->context); |
| } |
| |
| *copy = new; |
| |
| return SEPOL_OK; |
| } |
| |
| static int cil_copy_devicetreecon(struct cil_db *db, void *data, void **copy, __attribute__((unused)) symtab_t *symtab) |
| { |
| struct cil_devicetreecon *orig = data; |
| struct cil_devicetreecon *new = NULL; |
| |
| cil_devicetreecon_init(&new); |
| |
| new->path = orig->path; |
| |
| if (orig->context_str != NULL) { |
| new->context_str = orig->context_str; |
| } else { |
| cil_context_init(&new->context); |
| cil_copy_fill_context(db, orig->context, new->context); |
| } |
| |
| *copy = new; |
| |
| return SEPOL_OK; |
| } |
| |
| int cil_copy_fsuse(struct cil_db *db, void *data, void **copy, __attribute__((unused)) symtab_t *symtab) |
| { |
| struct cil_fsuse *orig = data; |
| struct cil_fsuse *new = NULL; |
| |
| cil_fsuse_init(&new); |
| |
| new->type = orig->type; |
| new->fs_str = orig->fs_str; |
| |
| if (orig->context_str != NULL) { |
| new->context_str = orig->context_str; |
| } else { |
| cil_context_init(&new->context); |
| cil_copy_fill_context(db, orig->context, new->context); |
| } |
| |
| *copy = new; |
| |
| return SEPOL_OK; |
| } |
| |
| int cil_copy_expr(struct cil_db *db, struct cil_list *orig, struct cil_list **new) |
| { |
| struct cil_list_item *curr; |
| |
| if (orig == NULL) { |
| *new = NULL; |
| return SEPOL_OK; |
| } |
| |
| cil_list_init(new, orig->flavor); |
| |
| cil_list_for_each(curr, orig) { |
| switch (curr->flavor) { |
| case CIL_LIST: { |
| struct cil_list *sub_list; |
| cil_copy_expr(db, curr->data, &sub_list); |
| cil_list_append(*new, CIL_LIST, sub_list); |
| break; |
| } |
| case CIL_STRING: |
| cil_list_append(*new, CIL_STRING, curr->data); |
| break; |
| case CIL_DATUM: |
| cil_list_append(*new, curr->flavor, curr->data); |
| break; |
| case CIL_OP: |
| cil_list_append(*new, curr->flavor, curr->data); |
| break; |
| case CIL_CONS_OPERAND: |
| cil_list_append(*new, curr->flavor, curr->data); |
| break; |
| default: |
| cil_log(CIL_INFO, "Unknown flavor %d in expression being copied\n",curr->flavor); |
| cil_list_append(*new, curr->flavor, curr->data); |
| break; |
| } |
| } |
| |
| return SEPOL_OK; |
| } |
| |
| int cil_copy_constrain(struct cil_db *db, void *data, void **copy, __attribute__((unused)) symtab_t *symtab) |
| { |
| struct cil_constrain *orig = data; |
| struct cil_constrain *new = NULL; |
| |
| cil_constrain_init(&new); |
| cil_copy_classperms_list(orig->classperms, &new->classperms); |
| |
| cil_copy_expr(db, orig->str_expr, &new->str_expr); |
| cil_copy_expr(db, orig->datum_expr, &new->datum_expr); |
| |
| *copy = new; |
| |
| return SEPOL_OK; |
| } |
| |
| int cil_copy_validatetrans(struct cil_db *db, void *data, void **copy, __attribute__((unused)) symtab_t *symtab) |
| { |
| struct cil_validatetrans *orig = data; |
| struct cil_validatetrans *new = NULL; |
| |
| cil_validatetrans_init(&new); |
| |
| new->class_str = orig->class_str; |
| |
| cil_copy_expr(db, orig->str_expr, &new->str_expr); |
| cil_copy_expr(db, orig->datum_expr, &new->datum_expr); |
| |
| *copy = new; |
| |
| return SEPOL_OK; |
| } |
| |
| int cil_copy_call(struct cil_db *db, void *data, void **copy, __attribute__((unused)) symtab_t *symtab) |
| { |
| struct cil_call *orig = data; |
| struct cil_call *new = NULL; |
| int rc = SEPOL_ERR; |
| |
| cil_call_init(&new); |
| |
| new->macro_str = orig->macro_str; |
| new->macro = orig->macro; |
| |
| if (orig->args_tree != NULL) { |
| cil_tree_init(&new->args_tree); |
| rc = cil_copy_ast(db, orig->args_tree->root, new->args_tree->root); |
| if (rc != SEPOL_OK) { |
| goto exit; |
| } |
| } |
| |
| new->copied = orig->copied; |
| |
| *copy = new; |
| |
| return SEPOL_OK; |
| |
| exit: |
| cil_destroy_call(new); |
| return rc; |
| } |
| |
| static int cil_copy_macro(__attribute__((unused)) struct cil_db *db, void *data, void **copy, symtab_t *symtab) |
| { |
| struct cil_macro *orig = data; |
| char *key = orig->datum.name; |
| struct cil_symtab_datum *datum = NULL; |
| |
| cil_symtab_get_datum(symtab, key, &datum); |
| if (datum != NULL) { |
| if (FLAVOR(datum) != CIL_MACRO) { |
| cil_tree_log(NODE(orig), CIL_ERR, "Macro %s being copied", key); |
| cil_tree_log(NODE(datum), CIL_ERR, " Conflicts with %s already declared", cil_node_to_string(NODE(datum))); |
| return SEPOL_ERR; |
| } |
| cil_tree_log(NODE(orig), CIL_WARN, "Skipping macro %s", key); |
| cil_tree_log(NODE(datum), CIL_WARN, " Previously declared"); |
| *copy = NULL; |
| } else { |
| struct cil_macro *new; |
| cil_macro_init(&new); |
| if (orig->params != NULL) { |
| cil_copy_list(orig->params, &new->params); |
| } |
| *copy = new; |
| } |
| |
| return SEPOL_OK; |
| } |
| |
| int cil_copy_optional(__attribute__((unused)) struct cil_db *db, __attribute__((unused)) void *data, void **copy, __attribute__((unused)) symtab_t *symtab) |
| { |
| struct cil_optional *new; |
| |
| cil_optional_init(&new); |
| *copy = new; |
| |
| return SEPOL_OK; |
| } |
| |
| void cil_copy_fill_ipaddr(struct cil_ipaddr *data, struct cil_ipaddr *new) |
| { |
| new->family = data->family; |
| memcpy(&new->ip, &data->ip, sizeof(data->ip)); |
| } |
| |
| int cil_copy_ipaddr(__attribute__((unused)) struct cil_db *db, void *data, void **copy, symtab_t *symtab) |
| { |
| struct cil_ipaddr *orig = data; |
| struct cil_ipaddr *new = NULL; |
| char * key = orig->datum.name; |
| struct cil_symtab_datum *datum = NULL; |
| |
| cil_symtab_get_datum(symtab, key, &datum); |
| if (datum != NULL) { |
| cil_log(CIL_INFO, "cil_copy_ipaddr: ipaddress cannot be redefined\n"); |
| return SEPOL_ERR; |
| } |
| |
| cil_ipaddr_init(&new); |
| cil_copy_fill_ipaddr(orig, new); |
| |
| *copy = new; |
| |
| return SEPOL_OK; |
| } |
| |
| static int cil_copy_condblock(__attribute__((unused)) struct cil_db *db, void *data, void **copy, __attribute__((unused)) symtab_t *symtab) |
| { |
| struct cil_condblock *orig = data; |
| struct cil_condblock *new = *copy; |
| cil_condblock_init(&new); |
| new->flavor = orig->flavor; |
| *copy = new; |
| |
| return SEPOL_OK; |
| } |
| |
| int cil_copy_boolif(struct cil_db *db, void *data, void **copy, __attribute__((unused)) symtab_t *symtab) |
| { |
| struct cil_booleanif *orig = data; |
| struct cil_booleanif *new = NULL; |
| |
| cil_boolif_init(&new); |
| |
| cil_copy_expr(db, orig->str_expr, &new->str_expr); |
| cil_copy_expr(db, orig->datum_expr, &new->datum_expr); |
| new->preserved_tunable = orig->preserved_tunable; |
| |
| *copy = new; |
| |
| return SEPOL_OK; |
| } |
| |
| static int cil_copy_tunif(struct cil_db *db, void *data, void **copy, __attribute__((unused)) symtab_t *symtab) |
| { |
| struct cil_tunableif *orig = data; |
| struct cil_tunableif *new = NULL; |
| |
| cil_tunif_init(&new); |
| |
| cil_copy_expr(db, orig->str_expr, &new->str_expr); |
| cil_copy_expr(db, orig->datum_expr, &new->datum_expr); |
| |
| *copy = new; |
| |
| return SEPOL_OK; |
| } |
| |
| static int cil_copy_default(__attribute__((unused)) struct cil_db *db, void *data, void **copy, __attribute__((unused)) symtab_t *symtab) |
| { |
| struct cil_default *orig = data; |
| struct cil_default *new = NULL; |
| |
| cil_default_init(&new); |
| |
| new->flavor = orig->flavor; |
| |
| if (orig->class_strs != NULL) { |
| cil_copy_list(orig->class_strs, &new->class_strs); |
| } |
| |
| new->object = orig->object; |
| |
| *copy = new; |
| |
| return SEPOL_OK; |
| } |
| |
| static int cil_copy_defaultrange(__attribute__((unused)) struct cil_db *db, void *data, void **copy, __attribute__((unused)) symtab_t *symtab) |
| { |
| struct cil_defaultrange *orig = data; |
| struct cil_defaultrange *new = NULL; |
| |
| cil_defaultrange_init(&new); |
| |
| if (orig->class_strs != NULL) { |
| cil_copy_list(orig->class_strs, &new->class_strs); |
| } |
| |
| new->object_range = orig->object_range; |
| |
| *copy = new; |
| |
| return SEPOL_OK; |
| } |
| |
| static int cil_copy_handleunknown(__attribute__((unused)) struct cil_db *db, void *data, void **copy, __attribute__((unused)) symtab_t *symtab) |
| { |
| struct cil_handleunknown *orig = data; |
| struct cil_handleunknown *new = NULL; |
| |
| cil_handleunknown_init(&new); |
| new->handle_unknown = orig->handle_unknown; |
| *copy = new; |
| |
| return SEPOL_OK; |
| } |
| |
| static int cil_copy_mls(__attribute__((unused)) struct cil_db *db, void *data, void **copy, __attribute__((unused)) symtab_t *symtab) |
| { |
| struct cil_mls *orig = data; |
| struct cil_mls *new = NULL; |
| |
| cil_mls_init(&new); |
| new->value = orig->value; |
| *copy = new; |
| |
| return SEPOL_OK; |
| } |
| |
| static int cil_copy_bounds(__attribute__((unused)) struct cil_db *db, void *data, void **copy, __attribute__((unused)) symtab_t *symtab) |
| { |
| struct cil_bounds *orig = data; |
| struct cil_bounds *new = NULL; |
| |
| cil_bounds_init(&new); |
| |
| new->parent_str = orig->parent_str; |
| new->child_str = orig->child_str; |
| |
| *copy = new; |
| |
| return SEPOL_OK; |
| } |
| |
| static int cil_copy_src_info(__attribute__((unused)) struct cil_db *db, void *data, void **copy, __attribute__((unused)) symtab_t *symtab) |
| { |
| struct cil_src_info *orig = data; |
| struct cil_src_info *new = NULL; |
| |
| cil_src_info_init(&new); |
| |
| new->kind = orig->kind; |
| new->hll_line = orig->hll_line; |
| new->path = orig->path; |
| |
| *copy = new; |
| |
| return SEPOL_OK; |
| } |
| |
| static int __cil_copy_node_helper(struct cil_tree_node *orig, uint32_t *finished, void *extra_args) |
| { |
| int rc = SEPOL_ERR; |
| struct cil_tree_node *parent = NULL; |
| struct cil_tree_node *new = NULL; |
| struct cil_db *db = NULL; |
| struct cil_args_copy *args = NULL; |
| struct cil_tree_node *namespace = NULL; |
| enum cil_sym_index sym_index = CIL_SYM_UNKNOWN; |
| symtab_t *symtab = NULL; |
| void *data = NULL; |
| int (*copy_func)(struct cil_db *db, void *data, void **copy, symtab_t *symtab) = NULL; |
| struct cil_blockinherit *blockinherit = NULL; |
| |
| if (orig == NULL || extra_args == NULL) { |
| goto exit; |
| } |
| |
| args = extra_args; |
| parent = args->dest; |
| db = args->db; |
| |
| |
| switch (orig->flavor) { |
| case CIL_BLOCK: |
| copy_func = &cil_copy_block; |
| break; |
| case CIL_BLOCKABSTRACT: |
| if (args->orig_dest->flavor == CIL_BLOCKINHERIT) { |
| /* When inheriting a block, don't copy any blockabstract |
| * statements. Inheriting a block from a block that was |
| * just inherited never worked. */ |
| return SEPOL_OK; |
| } |
| copy_func = &cil_copy_blockabstract; |
| break; |
| case CIL_BLOCKINHERIT: |
| copy_func = &cil_copy_blockinherit; |
| break; |
| case CIL_POLICYCAP: |
| copy_func = &cil_copy_policycap; |
| break; |
| case CIL_PERM: |
| case CIL_MAP_PERM: |
| copy_func = &cil_copy_perm; |
| break; |
| case CIL_CLASSMAPPING: |
| copy_func = &cil_copy_classmapping; |
| break; |
| case CIL_CLASS: |
| case CIL_COMMON: |
| case CIL_MAP_CLASS: |
| copy_func = &cil_copy_class; |
| break; |
| case CIL_CLASSORDER: |
| copy_func = &cil_copy_classorder; |
| break; |
| case CIL_CLASSPERMISSION: |
| copy_func = &cil_copy_classpermission; |
| break; |
| case CIL_CLASSPERMISSIONSET: |
| copy_func = &cil_copy_classpermissionset; |
| break; |
| case CIL_CLASSCOMMON: |
| copy_func = &cil_copy_classcommon; |
| break; |
| case CIL_SID: |
| copy_func = &cil_copy_sid; |
| break; |
| case CIL_SIDCONTEXT: |
| copy_func = &cil_copy_sidcontext; |
| break; |
| case CIL_SIDORDER: |
| copy_func = &cil_copy_sidorder; |
| break; |
| case CIL_USER: |
| copy_func = &cil_copy_user; |
| break; |
| case CIL_USERATTRIBUTE: |
| copy_func = &cil_copy_userattribute; |
| break; |
| case CIL_USERATTRIBUTESET: |
| copy_func = &cil_copy_userattributeset; |
| break; |
| case CIL_USERROLE: |
| copy_func = &cil_copy_userrole; |
| break; |
| case CIL_USERLEVEL: |
| copy_func = &cil_copy_userlevel; |
| break; |
| case CIL_USERRANGE: |
| copy_func = &cil_copy_userrange; |
| break; |
| case CIL_USERBOUNDS: |
| copy_func = &cil_copy_bounds; |
| break; |
| case CIL_USERPREFIX: |
| copy_func = &cil_copy_userprefix; |
| break; |
| case CIL_ROLE: |
| copy_func = &cil_copy_role; |
| break; |
| case CIL_ROLETYPE: |
| copy_func = &cil_copy_roletype; |
| break; |
| case CIL_ROLEBOUNDS: |
| copy_func = &cil_copy_bounds; |
| break; |
| case CIL_ROLEATTRIBUTE: |
| copy_func = &cil_copy_roleattribute; |
| break; |
| case CIL_ROLEATTRIBUTESET: |
| copy_func = &cil_copy_roleattributeset; |
| break; |
| case CIL_ROLEALLOW: |
| copy_func = &cil_copy_roleallow; |
| break; |
| case CIL_TYPE: |
| copy_func = &cil_copy_type; |
| break; |
| case CIL_TYPEBOUNDS: |
| copy_func = &cil_copy_bounds; |
| break; |
| case CIL_TYPEPERMISSIVE: |
| copy_func = cil_copy_typepermissive; |
| break; |
| case CIL_TYPEATTRIBUTE: |
| copy_func = &cil_copy_typeattribute; |
| break; |
| case CIL_TYPEATTRIBUTESET: |
| copy_func = &cil_copy_typeattributeset; |
| break; |
| case CIL_EXPANDTYPEATTRIBUTE: |
| copy_func = &cil_copy_expandtypeattribute; |
| break; |
| case CIL_TYPEALIAS: |
| copy_func = &cil_copy_alias; |
| break; |
| case CIL_TYPEALIASACTUAL: |
| copy_func = &cil_copy_aliasactual; |
| break; |
| case CIL_ROLETRANSITION: |
| copy_func = &cil_copy_roletransition; |
| break; |
| case CIL_NAMETYPETRANSITION: |
| copy_func = &cil_copy_nametypetransition; |
| break; |
| case CIL_RANGETRANSITION: |
| copy_func = &cil_copy_rangetransition; |
| break; |
| case CIL_TUNABLE: |
| copy_func = &cil_copy_tunable; |
| break; |
| case CIL_BOOL: |
| copy_func = &cil_copy_bool; |
| break; |
| case CIL_AVRULE: |
| case CIL_AVRULEX: |
| copy_func = &cil_copy_avrule; |
| break; |
| case CIL_PERMISSIONX: |
| copy_func = &cil_copy_permissionx; |
| break; |
| case CIL_TYPE_RULE: |
| copy_func = &cil_copy_type_rule; |
| break; |
| case CIL_SENS: |
| copy_func = &cil_copy_sens; |
| break; |
| case CIL_SENSALIAS: |
| copy_func = &cil_copy_alias; |
| break; |
| case CIL_SENSALIASACTUAL: |
| copy_func = &cil_copy_aliasactual; |
| break; |
| case CIL_CAT: |
| copy_func = &cil_copy_cat; |
| break; |
| case CIL_CATALIAS: |
| copy_func = &cil_copy_alias; |
| break; |
| case CIL_CATALIASACTUAL: |
| copy_func = &cil_copy_aliasactual; |
| break; |
| case CIL_CATSET: |
| copy_func = &cil_copy_catset; |
| break; |
| case CIL_SENSCAT: |
| copy_func = &cil_copy_senscat; |
| break; |
| case CIL_CATORDER: |
| copy_func = &cil_copy_catorder; |
| break; |
| case CIL_SENSITIVITYORDER: |
| copy_func = &cil_copy_sensitivityorder; |
| break; |
| case CIL_LEVEL: |
| copy_func = &cil_copy_level; |
| break; |
| case CIL_LEVELRANGE: |
| copy_func = &cil_copy_levelrange; |
| break; |
| case CIL_CONTEXT: |
| copy_func = &cil_copy_context; |
| break; |
| case CIL_NETIFCON: |
| copy_func = &cil_copy_netifcon; |
| break; |
| case CIL_GENFSCON: |
| copy_func = &cil_copy_genfscon; |
| break; |
| case CIL_FILECON: |
| copy_func = &cil_copy_filecon; |
| break; |
| case CIL_NODECON: |
| copy_func = &cil_copy_nodecon; |
| break; |
| case CIL_IBPKEYCON: |
| copy_func = &cil_copy_ibpkeycon; |
| break; |
| case CIL_IBENDPORTCON: |
| copy_func = &cil_copy_ibendportcon; |
| break; |
| case CIL_PORTCON: |
| copy_func = &cil_copy_portcon; |
| break; |
| case CIL_PIRQCON: |
| copy_func = &cil_copy_pirqcon; |
| break; |
| case CIL_IOMEMCON: |
| copy_func = &cil_copy_iomemcon; |
| break; |
| case CIL_IOPORTCON: |
| copy_func = &cil_copy_ioportcon; |
| break; |
| case CIL_PCIDEVICECON: |
| copy_func = &cil_copy_pcidevicecon; |
| break; |
| case CIL_DEVICETREECON: |
| copy_func = &cil_copy_devicetreecon; |
| break; |
| case CIL_FSUSE: |
| copy_func = &cil_copy_fsuse; |
| break; |
| case CIL_CONSTRAIN: |
| case CIL_MLSCONSTRAIN: |
| copy_func = &cil_copy_constrain; |
| break; |
| case CIL_VALIDATETRANS: |
| case CIL_MLSVALIDATETRANS: |
| copy_func = &cil_copy_validatetrans; |
| break; |
| case CIL_CALL: |
| copy_func = &cil_copy_call; |
| break; |
| case CIL_MACRO: |
| copy_func = &cil_copy_macro; |
| break; |
| case CIL_NODE: |
| copy_func = &cil_copy_node; |
| break; |
| case CIL_OPTIONAL: |
| copy_func = &cil_copy_optional; |
| break; |
| case CIL_IPADDR: |
| copy_func = &cil_copy_ipaddr; |
| break; |
| case CIL_CONDBLOCK: |
| copy_func = &cil_copy_condblock; |
| break; |
| case CIL_BOOLEANIF: |
| copy_func = &cil_copy_boolif; |
| break; |
| case CIL_TUNABLEIF: |
| copy_func = &cil_copy_tunif; |
| break; |
| case CIL_DEFAULTUSER: |
| case CIL_DEFAULTROLE: |
| case CIL_DEFAULTTYPE: |
| copy_func = &cil_copy_default; |
| break; |
| case CIL_DEFAULTRANGE: |
| copy_func = &cil_copy_defaultrange; |
| break; |
| case CIL_HANDLEUNKNOWN: |
| copy_func = &cil_copy_handleunknown; |
| break; |
| case CIL_MLS: |
| copy_func = &cil_copy_mls; |
| break; |
| case CIL_SRC_INFO: |
| copy_func = &cil_copy_src_info; |
| break; |
| default: |
| goto exit; |
| } |
| |
| if (orig->flavor >= CIL_MIN_DECLARATIVE) { |
| rc = cil_flavor_to_symtab_index(orig->flavor, &sym_index); |
| if (rc != SEPOL_OK) { |
| goto exit; |
| } |
| |
| rc = cil_get_symtab(parent, &symtab, sym_index); |
| if (rc != SEPOL_OK) { |
| goto exit; |
| } |
| } |
| |
| rc = (*copy_func)(db, orig->data, &data, symtab); |
| if (rc == SEPOL_OK) { |
| if (orig->flavor == CIL_MACRO && data == NULL) { |
| /* Skipping macro re-declaration */ |
| if (args->orig_dest->flavor != CIL_BLOCKINHERIT) { |
| cil_log(CIL_ERR, " Re-declaration of macro is only allowed when inheriting a block\n"); |
| return SEPOL_ERR; |
| } |
| *finished = CIL_TREE_SKIP_HEAD; |
| return SEPOL_OK; |
| } |
| |
| cil_tree_node_init(&new); |
| |
| new->parent = parent; |
| new->line = orig->line; |
| new->hll_offset = orig->hll_offset; |
| new->flavor = orig->flavor; |
| new->data = data; |
| |
| if (orig->flavor == CIL_BLOCK && DATUM(data)->nodes->head != NULL) { |
| /* Duplicate block */ |
| if (args->orig_dest->flavor != CIL_BLOCKINHERIT) { |
| cil_log(CIL_ERR, " Re-declaration of block is only allowed when inheriting a block\n"); |
| rc = SEPOL_ERR; |
| goto exit; |
| } |
| cil_list_append(DATUM(new->data)->nodes, CIL_NODE, new); |
| } else if (orig->flavor >= CIL_MIN_DECLARATIVE) { |
| /* Check the flavor of data if was found in the destination symtab */ |
| if (DATUM(data)->nodes->head && FLAVOR(data) != orig->flavor) { |
| cil_tree_log(orig, CIL_ERR, "Incompatible flavor when trying to copy %s", DATUM(data)->name); |
| cil_tree_log(NODE(data), CIL_ERR, "Note: conflicting declaration"); |
| new->flavor = FLAVOR(data); |
| rc = SEPOL_ERR; |
| goto exit; |
| } |
| |
| rc = cil_add_decl_to_symtab(db, symtab, DATUM(orig->data)->name, DATUM(data), new); |
| if (rc != SEPOL_OK) { |
| if (rc == SEPOL_EEXIST) { |
| cil_symtab_datum_destroy(data); |
| free(data); |
| data = NULL; |
| rc = SEPOL_OK; |
| } else { |
| goto exit; |
| } |
| } |
| |
| namespace = new; |
| while (namespace->flavor != CIL_MACRO && namespace->flavor != CIL_BLOCK && namespace->flavor != CIL_ROOT) { |
| namespace = namespace->parent; |
| } |
| |
| if (namespace->flavor == CIL_MACRO) { |
| rc = cil_verify_decl_does_not_shadow_macro_parameter(namespace->data, orig, DATUM(orig->data)->name); |
| if (rc != SEPOL_OK) { |
| goto exit; |
| } |
| } |
| } |
| |
| if (new->flavor == CIL_BLOCKINHERIT) { |
| blockinherit = new->data; |
| // if a blockinherit statement is copied before blockinherit are |
| // resolved (like in an in-statement), the block will not have been |
| // resolved yet, so there's nothing to append yet. This is fine, |
| // the copied blockinherit statement will be handled later, as if |
| // it wasn't in an in-statement |
| if (blockinherit->block != NULL) { |
| cil_list_append(blockinherit->block->bi_nodes, CIL_NODE, new); |
| } |
| } |
| |
| if (parent->cl_head == NULL) { |
| parent->cl_head = new; |
| parent->cl_tail = new; |
| } else { |
| parent->cl_tail->next = new; |
| parent->cl_tail = new; |
| } |
| |
| if (orig->cl_head != NULL) { |
| args->dest = new; |
| } |
| } else { |
| cil_tree_log(orig, CIL_ERR, "Problem copying %s node", cil_node_to_string(orig)); |
| goto exit; |
| } |
| |
| return SEPOL_OK; |
| |
| exit: |
| cil_tree_node_destroy(&new); |
| return rc; |
| } |
| |
| static int __cil_copy_last_child_helper(__attribute__((unused)) struct cil_tree_node *orig, void *extra_args) |
| { |
| struct cil_tree_node *node = NULL; |
| struct cil_args_copy *args = NULL; |
| |
| args = extra_args; |
| node = args->dest; |
| |
| if (node->flavor != CIL_ROOT) { |
| args->dest = node->parent; |
| } |
| |
| return SEPOL_OK; |
| } |
| |
| // dest is the parent node to copy into |
| // if the copy is for a call to a macro, dest should be a pointer to the call |
| int cil_copy_ast(struct cil_db *db, struct cil_tree_node *orig, struct cil_tree_node *dest) |
| { |
| int rc = SEPOL_ERR; |
| struct cil_args_copy extra_args; |
| |
| extra_args.orig_dest = dest; |
| extra_args.dest = dest; |
| extra_args.db = db; |
| |
| rc = cil_tree_walk(orig, __cil_copy_node_helper, NULL, __cil_copy_last_child_helper, &extra_args); |
| if (rc != SEPOL_OK) { |
| cil_tree_log(dest, CIL_ERR, "Failed to copy %s to %s", cil_node_to_string(orig), cil_node_to_string(dest)); |
| goto exit; |
| } |
| |
| return SEPOL_OK; |
| |
| exit: |
| return rc; |
| } |
| |