policydb.h source code [linux/security/selinux/ss/policydb.h]

1	/ SPDX-License-Identifier: GPL-2.0-only /
2	/*
3	* A policy database (policydb) specifies the
4	* configuration data for the security policy.
5	*
6	* Author : Stephen Smalley, <stephen.smalley.work@gmail.com>
7	*/
8
9	/*
10	* Updated: Trusted Computer Solutions, Inc. <dgoeddel@trustedcs.com>
11	*
12	* Support for enhanced MLS infrastructure.
13	*
14	* Updated: Frank Mayer <mayerf@tresys.com> and Karl MacMillan <kmacmillan@tresys.com>
15	*
16	* Added conditional policy language extensions
17	*
18	* Copyright (C) 2004-2005 Trusted Computer Solutions, Inc.
19	* Copyright (C) 2003 - 2004 Tresys Technology, LLC
20	*/
21
22	#ifndef _SS_POLICYDB_H_
23	#define _SS_POLICYDB_H_
24
25	#include "symtab.h"
26	#include "avtab.h"
27	#include "sidtab.h"
28	#include "ebitmap.h"
29	#include "mls_types.h"
30	#include "context.h"
31	#include "constraint.h"
32
33	/*
34	* A datum type is defined for each kind of symbol
35	* in the configuration data: individual permissions,
36	* common prefixes for access vectors, classes,
37	* users, roles, types, sensitivities, categories, etc.
38	*/
39
40	/ Permission attributes /
41	struct perm_datum {
42	u32 value; / permission bit + 1 /
43	};
44
45	/ Attributes of a common prefix for access vectors /
46	struct common_datum {
47	u32 value; / internal common value /
48	struct symtab permissions; / common permissions /
49	};
50
51	/ Class attributes /
52	struct class_datum {
53	u32 value; / class value /
54	char comkey; /* common name /
55	struct common_datum comdatum; /* common datum /
56	struct symtab permissions; / class-specific permission symbol table /
57	struct constraint_node constraints; /* constraints on class permissions /
58	struct constraint_node validatetrans; /* special transition rules /
59	/ Options how a new object user, role, and type should be decided /
60	#define DEFAULT_SOURCE 1
61	#define DEFAULT_TARGET 2
62	char default_user;
63	char default_role;
64	char default_type;
65	/ Options how a new object range should be decided /
66	#define DEFAULT_SOURCE_LOW 1
67	#define DEFAULT_SOURCE_HIGH 2
68	#define DEFAULT_SOURCE_LOW_HIGH 3
69	#define DEFAULT_TARGET_LOW 4
70	#define DEFAULT_TARGET_HIGH 5
71	#define DEFAULT_TARGET_LOW_HIGH 6
72	#define DEFAULT_GLBLUB 7
73	char default_range;
74	};
75
76	/ Role attributes /
77	struct role_datum {
78	u32 value; / internal role value /
79	u32 bounds; / boundary of role /
80	struct ebitmap dominates; / set of roles dominated by this role /
81	struct ebitmap types; / set of authorized types for role /
82	};
83
84	struct role_trans_key {
85	u32 role; / current role /
86	u32 type; / program executable type, or new object type /
87	u32 tclass; / process class, or new object class /
88	};
89
90	struct role_trans_datum {
91	u32 new_role; / new role /
92	};
93
94	struct filename_trans_key {
95	u32 ttype; / parent dir context /
96	u16 tclass; / class of new object /
97	const char name; /* last path component /
98	};
99
100	struct filename_trans_datum {
101	struct ebitmap stypes; / bitmap of source types for this otype /
102	u32 otype; / resulting type of new object /
103	struct filename_trans_datum next; /* record for next otype/
104	};
105
106	struct role_allow {
107	u32 role; / current role /
108	u32 new_role; / new role /
109	struct role_allow *next;
110	};
111
112	/ Type attributes /
113	struct type_datum {
114	u32 value; / internal type value /
115	u32 bounds; / boundary of type /
116	unsigned char primary; / primary name? /
117	unsigned char attribute;/ attribute ?/
118	};
119
120	/ User attributes /
121	struct user_datum {
122	u32 value; / internal user value /
123	u32 bounds; / bounds of user /
124	struct ebitmap roles; / set of authorized roles for user /
125	struct mls_range range; / MLS range (min - max) for user /
126	struct mls_level dfltlevel; / default login MLS level for user /
127	};
128
129
130	/ Sensitivity attributes /
131	struct level_datum {
132	struct mls_level level; /* sensitivity and associated categories /
133	unsigned char isalias; / is this sensitivity an alias for another? /
134	};
135
136	/ Category attributes /
137	struct cat_datum {
138	u32 value; / internal category bit + 1 /
139	unsigned char isalias; / is this category an alias for another? /
140	};
141
142	struct range_trans {
143	u32 source_type;
144	u32 target_type;
145	u32 target_class;
146	};
147
148	/ Boolean data type /
149	struct cond_bool_datum {
150	__u32 value; / internal type value /
151	int state;
152	};
153
154	struct cond_node;
155
156	/*
157	* type set preserves data needed to determine constraint info from
158	* policy source. This is not used by the kernel policy but allows
159	* utilities such as audit2allow to determine constraint denials.
160	*/
161	struct type_set {
162	struct ebitmap types;
163	struct ebitmap negset;
164	u32 flags;
165	};
166
167	/*
168	* The configuration data includes security contexts for
169	* initial SIDs, unlabeled file systems, TCP and UDP port numbers,
170	* network interfaces, and nodes. This structure stores the
171	* relevant data for one such entry. Entries of the same kind
172	* (e.g. all initial SIDs) are linked together into a list.
173	*/
174	struct ocontext {
175	union {
176	char name; /* name of initial SID, fs, netif, fstype, path /
177	struct {
178	u8 protocol;
179	u16 low_port;
180	u16 high_port;
181	} port; / TCP or UDP port information /
182	struct {
183	u32 addr;
184	u32 mask;
185	} node; / node information /
186	struct {
187	u32 addr[`4`];
188	u32 mask[`4`];
189	} node6; / IPv6 node information /
190	struct {
191	u64 subnet_prefix;
192	u16 low_pkey;
193	u16 high_pkey;
194	} ibpkey;
195	struct {
196	char *dev_name;
197	u8 port;
198	} ibendport;
199	} u;
200	union {
201	u32 sclass; / security class for genfs /
202	u32 behavior; / labeling behavior for fs_use /
203	} v;
204	struct context context[`2`]; / security context(s) /
205	u32 sid[`2`]; / SID(s) /
206	struct ocontext *next;
207	};
208
209	struct genfs {
210	char *fstype;
211	struct ocontext *head;
212	struct genfs *next;
213	};
214
215	/ symbol table array indices /
216	#define SYM_COMMONS 0
217	#define SYM_CLASSES 1
218	#define SYM_ROLES 2
219	#define SYM_TYPES 3
220	#define SYM_USERS 4
221	#define SYM_BOOLS 5
222	#define SYM_LEVELS 6
223	#define SYM_CATS 7
224	#define SYM_NUM 8
225
226	/ object context array indices /
227	#define OCON_ISID 0 /* initial SIDs */
228	#define OCON_FS 1 /* unlabeled file systems (deprecated) */
229	#define OCON_PORT 2 /* TCP and UDP port numbers */
230	#define OCON_NETIF 3 /* network interfaces */
231	#define OCON_NODE 4 /* nodes */
232	#define OCON_FSUSE 5 /* fs_use */
233	#define OCON_NODE6 6 /* IPv6 nodes */
234	#define OCON_IBPKEY 7 /* Infiniband PKeys */
235	#define OCON_IBENDPORT 8 /* Infiniband end ports */
236	#define OCON_NUM 9
237
238	/ The policy database /
239	struct policydb {
240	int mls_enabled;
241
242	/ symbol tables /
243	struct symtab symtab[SYM_NUM];
244	#define p_commons symtab[SYM_COMMONS]
245	#define p_classes symtab[SYM_CLASSES]
246	#define p_roles symtab[SYM_ROLES]
247	#define p_types symtab[SYM_TYPES]
248	#define p_users symtab[SYM_USERS]
249	#define p_bools symtab[SYM_BOOLS]
250	#define p_levels symtab[SYM_LEVELS]
251	#define p_cats symtab[SYM_CATS]
252
253	/ symbol names indexed by (value - 1) /
254	char **sym_val_to_name[SYM_NUM];
255
256	/ class, role, and user attributes indexed by (value - 1) /
257	struct class_datum **class_val_to_struct;
258	struct role_datum **role_val_to_struct;
259	struct user_datum **user_val_to_struct;
260	struct type_datum **type_val_to_struct;
261
262	/ type enforcement access vectors and transitions /
263	struct avtab te_avtab;
264
265	/ role transitions /
266	struct hashtab role_tr;
267
268	/ file transitions with the last path component /
269	/ quickly exclude lookups when parent ttype has no rules /
270	struct ebitmap filename_trans_ttypes;
271	/ actual set of filename_trans rules /
272	struct hashtab filename_trans;
273	/ only used if policyvers < POLICYDB_VERSION_COMP_FTRANS /
274	u32 compat_filename_trans_count;
275
276	/ bools indexed by (value - 1) /
277	struct cond_bool_datum **bool_val_to_struct;
278	/ type enforcement conditional access vectors and transitions /
279	struct avtab te_cond_avtab;
280	/ array indexing te_cond_avtab by conditional /
281	struct cond_node *cond_list;
282	u32 cond_list_len;
283
284	/ role allows /
285	struct role_allow *role_allow;
286
287	/ security contexts of initial SIDs, unlabeled file systems,*
288	TCP or UDP port numbers, network interfaces and nodes /*
289	struct ocontext *ocontexts[OCON_NUM];
290
291	/ security contexts for files in filesystems that cannot support*
292	a persistent label mapping or use another
293	fixed labeling behavior. /*
294	struct genfs *genfs;
295
296	/ range transitions table (range_trans_key -> mls_range) /
297	struct hashtab range_tr;
298
299	/ type -> attribute reverse mapping /
300	struct ebitmap *type_attr_map_array;
301
302	struct ebitmap policycaps;
303
304	struct ebitmap permissive_map;
305
306	/ length of this policy when it was loaded /
307	size_t len;
308
309	unsigned int policyvers;
310
311	unsigned int reject_unknown : `1`;
312	unsigned int allow_unknown : `1`;
313
314	u16 process_class;
315	u32 process_trans_perms;
316	} __randomize_layout;
317
318	extern void policydb_destroy(struct policydb *p);
319	extern int policydb_load_isids(struct policydb p, struct* sidtab *s);
320	extern int policydb_context_isvalid(struct policydb p, struct* context *c);
321	extern int policydb_class_isvalid(struct policydb p, unsigned* int class);
322	extern int policydb_type_isvalid(struct policydb p, unsigned* int type);
323	extern int policydb_role_isvalid(struct policydb p, unsigned* int role);
324	extern int policydb_read(struct policydb p, void* *fp);
325	extern int policydb_write(struct policydb p, void* *fp);
326
327	extern struct filename_trans_datum *policydb_filenametr_search(
328	struct policydb p, struct* filename_trans_key *key);
329
330	extern struct mls_range *policydb_rangetr_search(
331	struct policydb p, struct* range_trans *key);
332
333	extern struct role_trans_datum *policydb_roletr_search(
334	struct policydb p, struct* role_trans_key *key);
335
336	#define POLICYDB_CONFIG_MLS 1
337
338	/ the config flags related to unknown classes/perms are bits 2 and 3 /
339	#define REJECT_UNKNOWN 0x00000002
340	#define ALLOW_UNKNOWN 0x00000004
341
342	#define OBJECT_R "object_r"
343	#define OBJECT_R_VAL 1
344
345	#define POLICYDB_MAGIC SELINUX_MAGIC
346	#define POLICYDB_STRING "SE Linux"
347
348	struct policy_file {
349	char *data;
350	size_t len;
351	};
352
353	struct policy_data {
354	struct policydb *p;
355	void *fp;
356	};
357
358	static inline int next_entry(void buf, struct* policy_file *fp, size_t bytes)
359	{
360	if (bytes > fp->len)
361	return -EINVAL;
362
363	memcpy(buf, fp->data, bytes);
364	fp->data += bytes;
365	fp->len -= bytes;
366	return `0`;
367	}
368
369	static inline int put_entry(const void buf, size_t bytes, size_t num, struct* policy_file *fp)
370	{
371	size_t len;
372
373	if (unlikely(check_mul_overflow(bytes, num, &len)))
374	return -EINVAL;
375
376	if (len > fp->len)
377	return -EINVAL;
378	memcpy(fp->data, buf, len);
379	fp->data += len;
380	fp->len -= len;
381
382	return `0`;
383	}
384
385	static inline char sym_name(struct* policydb p, unsigned* int sym_num, unsigned int element_nr)
386	{
387	return p->sym_val_to_name[sym_num][element_nr];
388	}
389
390	extern u16 string_to_security_class(struct policydb p, const* char *name);
391	extern u32 string_to_av_perm(struct policydb p, u16 tclass, const* char *name);
392
393	#endif /* _SS_POLICYDB_H_ */
394
395

source code of linux/security/selinux/ss/policydb.h