c59879b8aa
Rebase on upstream commit 32611aea6543
See
$ cd SELinuxProject/selinux
$ git log --pretty=oneline libsepol-3.2..32611aea6543 -- libsepol
159 lines
4.3 KiB
Diff
159 lines
4.3 KiB
Diff
From 86ec04cfded8b2a76953ca2682d2a32bf6b24721 Mon Sep 17 00:00:00 2001
|
|
From: James Carter <jwcart2@gmail.com>
|
|
Date: Wed, 21 Apr 2021 13:21:11 -0400
|
|
Subject: [PATCH] libsepol/cil: Add functions to make use of cil_write_ast()
|
|
|
|
Add the functions cil_write_parse_ast(), cil_write_build_ast(),
|
|
and cil_write_resolve_ast() that can be used outside of libsepol.
|
|
|
|
These functions take a FILE pointer and CIL db, do the CIL build
|
|
through the desired phase, and then call cil_write_ast() to write
|
|
the CIL AST at that point.
|
|
|
|
Signed-off-by: James Carter <jwcart2@gmail.com>
|
|
---
|
|
libsepol/cil/include/cil/cil.h | 3 ++
|
|
libsepol/cil/src/cil.c | 92 ++++++++++++++++++++++++++++++++++
|
|
libsepol/src/libsepol.map.in | 3 ++
|
|
3 files changed, 98 insertions(+)
|
|
|
|
diff --git a/libsepol/cil/include/cil/cil.h b/libsepol/cil/include/cil/cil.h
|
|
index e6f4503eb33a..92fac6e1619a 100644
|
|
--- a/libsepol/cil/include/cil/cil.h
|
|
+++ b/libsepol/cil/include/cil/cil.h
|
|
@@ -60,6 +60,9 @@ extern void cil_set_attrs_expand_size(struct cil_db *db, unsigned attrs_expand_s
|
|
extern void cil_set_target_platform(cil_db_t *db, int target_platform);
|
|
extern void cil_set_policy_version(cil_db_t *db, int policy_version);
|
|
extern void cil_write_policy_conf(FILE *out, struct cil_db *db);
|
|
+extern int cil_write_parse_ast(FILE *out, cil_db_t *db);
|
|
+extern int cil_write_build_ast(FILE *out, cil_db_t *db);
|
|
+extern int cil_write_resolve_ast(FILE *out, cil_db_t *db);
|
|
|
|
enum cil_log_level {
|
|
CIL_ERR = 1,
|
|
diff --git a/libsepol/cil/src/cil.c b/libsepol/cil/src/cil.c
|
|
index b971922c70b5..0d351b491c2c 100644
|
|
--- a/libsepol/cil/src/cil.c
|
|
+++ b/libsepol/cil/src/cil.c
|
|
@@ -50,6 +50,7 @@
|
|
#include "cil_binary.h"
|
|
#include "cil_policy.h"
|
|
#include "cil_strpool.h"
|
|
+#include "cil_write_ast.h"
|
|
|
|
int cil_sym_sizes[CIL_SYM_ARRAY_NUM][CIL_SYM_NUM] = {
|
|
{64, 64, 64, 1 << 13, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64},
|
|
@@ -572,6 +573,97 @@ exit:
|
|
return rc;
|
|
}
|
|
|
|
+int cil_write_parse_ast(FILE *out, cil_db_t *db)
|
|
+{
|
|
+ int rc = SEPOL_ERR;
|
|
+
|
|
+ if (db == NULL) {
|
|
+ goto exit;
|
|
+ }
|
|
+
|
|
+ cil_log(CIL_INFO, "Writing Parse AST\n");
|
|
+ rc = cil_write_ast(out, CIL_WRITE_AST_PHASE_PARSE, db->parse->root);
|
|
+ if (rc != SEPOL_OK) {
|
|
+ cil_log(CIL_ERR, "Failed to write parse ast\n");
|
|
+ goto exit;
|
|
+ }
|
|
+
|
|
+exit:
|
|
+ return rc;
|
|
+}
|
|
+
|
|
+int cil_write_build_ast(FILE *out, cil_db_t *db)
|
|
+{
|
|
+ int rc = SEPOL_ERR;
|
|
+
|
|
+ if (db == NULL) {
|
|
+ goto exit;
|
|
+ }
|
|
+
|
|
+ cil_log(CIL_INFO, "Building AST from Parse Tree\n");
|
|
+ rc = cil_build_ast(db, db->parse->root, db->ast->root);
|
|
+ if (rc != SEPOL_OK) {
|
|
+ cil_log(CIL_ERR, "Failed to build ast\n");
|
|
+ goto exit;
|
|
+ }
|
|
+
|
|
+ cil_log(CIL_INFO, "Destroying Parse Tree\n");
|
|
+ cil_tree_destroy(&db->parse);
|
|
+
|
|
+ cil_log(CIL_INFO, "Writing Build AST\n");
|
|
+ rc = cil_write_ast(out, CIL_WRITE_AST_PHASE_BUILD, db->ast->root);
|
|
+ if (rc != SEPOL_OK) {
|
|
+ cil_log(CIL_ERR, "Failed to write build ast\n");
|
|
+ goto exit;
|
|
+ }
|
|
+
|
|
+exit:
|
|
+ return rc;
|
|
+}
|
|
+
|
|
+int cil_write_resolve_ast(FILE *out, cil_db_t *db)
|
|
+{
|
|
+ int rc = SEPOL_ERR;
|
|
+
|
|
+ if (db == NULL) {
|
|
+ goto exit;
|
|
+ }
|
|
+
|
|
+ cil_log(CIL_INFO, "Building AST from Parse Tree\n");
|
|
+ rc = cil_build_ast(db, db->parse->root, db->ast->root);
|
|
+ if (rc != SEPOL_OK) {
|
|
+ cil_log(CIL_ERR, "Failed to build ast\n");
|
|
+ goto exit;
|
|
+ }
|
|
+
|
|
+ cil_log(CIL_INFO, "Destroying Parse Tree\n");
|
|
+ cil_tree_destroy(&db->parse);
|
|
+
|
|
+ cil_log(CIL_INFO, "Resolving AST\n");
|
|
+ rc = cil_resolve_ast(db, db->ast->root);
|
|
+ if (rc != SEPOL_OK) {
|
|
+ cil_log(CIL_ERR, "Failed to resolve ast\n");
|
|
+ goto exit;
|
|
+ }
|
|
+
|
|
+ cil_log(CIL_INFO, "Qualifying Names\n");
|
|
+ rc = cil_fqn_qualify(db->ast->root);
|
|
+ if (rc != SEPOL_OK) {
|
|
+ cil_log(CIL_ERR, "Failed to qualify names\n");
|
|
+ goto exit;
|
|
+ }
|
|
+
|
|
+ cil_log(CIL_INFO, "Writing Resolve AST\n");
|
|
+ rc = cil_write_ast(out, CIL_WRITE_AST_PHASE_RESOLVE, db->ast->root);
|
|
+ if (rc != SEPOL_OK) {
|
|
+ cil_log(CIL_ERR, "Failed to write resolve ast\n");
|
|
+ goto exit;
|
|
+ }
|
|
+
|
|
+exit:
|
|
+ return rc;
|
|
+}
|
|
+
|
|
int cil_build_policydb(cil_db_t *db, sepol_policydb_t **sepol_db)
|
|
{
|
|
int rc;
|
|
diff --git a/libsepol/src/libsepol.map.in b/libsepol/src/libsepol.map.in
|
|
index eb5721257638..2e503bd1b453 100644
|
|
--- a/libsepol/src/libsepol.map.in
|
|
+++ b/libsepol/src/libsepol.map.in
|
|
@@ -269,4 +269,7 @@ LIBSEPOL_1.1 {
|
|
LIBSEPOL_3.0 {
|
|
global:
|
|
sepol_policydb_optimize;
|
|
+ cil_write_parse_ast;
|
|
+ cil_write_build_ast;
|
|
+ cil_write_resolve_ast;
|
|
} LIBSEPOL_1.1;
|
|
--
|
|
2.32.0
|
|
|