Jeremy A. Mowery jmowery@tresys.com
Jason Tang jtang@tresys.com
This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any later version.
This library is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
You should have received a copy of the GNU Lesser General Public License along with this library; if not, write to the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
Definition in file role_query.c.
#include <stddef.h>
#include <stdint.h>
#include <stdlib.h>
#include <qpol/iterator.h>
#include <qpol/policy.h>
#include <sepol/policydb/policydb.h>
#include <sepol/policydb/expand.h>
#include "iterator_internal.h"
#include <qpol/role_query.h>
#include <qpol/type_query.h>
#include "qpol_internal.h"
Go to the source code of this file.
Functions | |
| int | qpol_policy_get_role_by_name (const qpol_policy_t *policy, const char *name, const qpol_role_t **datum) |
| Get the datum for a role by name. | |
| int | qpol_policy_get_role_iter (const qpol_policy_t *policy, qpol_iterator_t **iter) |
| Get an iterator for roles declared in the policy. | |
| int | qpol_role_get_value (const qpol_policy_t *policy, const qpol_role_t *datum, uint32_t *value) |
| Get the integer value associated with a role; values range from 1 to the number of declared roles. | |
| int | qpol_role_get_dominate_iter (const qpol_policy_t *policy, const qpol_role_t *datum, qpol_iterator_t **dominates) |
| Get an iterator for the set of roles dominated by a role. | |
| int | qpol_role_get_type_iter (const qpol_policy_t *policy, const qpol_role_t *datum, qpol_iterator_t **types) |
| Get an iterator for the set of types assigned to a role. | |
| int | qpol_role_get_name (const qpol_policy_t *policy, const qpol_role_t *datum, const char **name) |
| Get the name by which a role is identified from its datum. | |
|
||||||||||||||||
|
Get the datum for a role by name.
Definition at line 38 of file role_query.c. References ERR, qpol_policy::p, qpol_policy_t, and qpol_role_t. Referenced by apol_context_compare(), apol_query_create_candidate_role_list(), and print_roles(). 00039 {
00040 hashtab_datum_t internal_datum;
00041 policydb_t *db;
00042
00043 if (policy == NULL || name == NULL || datum == NULL) {
00044 if (datum != NULL)
00045 *datum = NULL;
00046 ERR(policy, "%s", strerror(EINVAL));
00047 errno = EINVAL;
00048 return STATUS_ERR;
00049 }
00050
00051 db = &policy->p->p;
00052 internal_datum = hashtab_search(db->p_roles.table, (const hashtab_key_t)name);
00053 if (internal_datum == NULL) {
00054 *datum = NULL;
00055 ERR(policy, "could not find datum for role %s", name);
00056 errno = ENOENT;
00057 return STATUS_ERR;
00058 }
00059 *datum = (qpol_role_t *) internal_datum;
00060
00061 return STATUS_SUCCESS;
00062 }
|
|
||||||||||||
|
Get an iterator for roles declared in the policy.
Definition at line 64 of file role_query.c. References ERR, hash_state_end(), hash_state_get_cur(), hash_state_next(), hash_state_size(), hash_state_t, hash_state::node, qpol_policy::p, qpol_iterator_create(), qpol_iterator_t, qpol_policy_t, and hash_state::table. Referenced by apol_query_create_candidate_role_list(), apol_role_get_by_query(), print_roles(), print_stats(), and role_get_items(). 00065 {
00066 policydb_t *db;
00067 int error = 0;
00068 hash_state_t *hs = NULL;
00069
00070 if (policy == NULL || iter == NULL) {
00071 if (iter != NULL)
00072 *iter = NULL;
00073 ERR(policy, "%s", strerror(EINVAL));
00074 errno = EINVAL;
00075 return STATUS_ERR;
00076 }
00077
00078 db = &policy->p->p;
00079
00080 hs = calloc(1, sizeof(hash_state_t));
00081 if (hs == NULL) {
00082 error = errno;
00083 ERR(policy, "%s", strerror(ENOMEM));
00084 errno = error;
00085 return STATUS_ERR;
00086 }
00087 hs->table = &db->p_roles.table;
00088 hs->node = (*(hs->table))->htable[0];
00089
00090 if (qpol_iterator_create(policy, (void *)hs, hash_state_get_cur,
00091 hash_state_next, hash_state_end, hash_state_size, free, iter)) {
00092 free(hs);
00093 return STATUS_ERR;
00094 }
00095
00096 if (hs->node == NULL)
00097 hash_state_next(*iter);
00098
00099 return STATUS_SUCCESS;
00100 }
|
|
||||||||||||||||
|
Get the integer value associated with a role; values range from 1 to the number of declared roles.
Definition at line 102 of file role_query.c. References ERR, and qpol_policy_t. Referenced by apol_context_compare(). 00103 {
00104 role_datum_t *internal_datum = NULL;
00105
00106 if (policy == NULL || datum == NULL || value == NULL) {
00107 if (value != NULL)
00108 *value = 0;
00109 ERR(policy, "%s", strerror(EINVAL));
00110 errno = EINVAL;
00111 return STATUS_ERR;
00112 }
00113
00114 internal_datum = (role_datum_t *) datum;
00115 *value = internal_datum->s.value;
00116
00117 return STATUS_SUCCESS;
00118 }
|
|
||||||||||||||||
|
Get an iterator for the set of roles dominated by a role.
Definition at line 120 of file role_query.c. References ebitmap_state::bmap, ebitmap_state_end(), ebitmap_state_get_cur_role(), ebitmap_state_next(), ebitmap_state_size(), ebitmap_state_t, ERR, qpol_policy::p, qpol_iterator_create(), qpol_iterator_t, and qpol_policy_t. Referenced by print_role_types(). 00121 {
00122 role_datum_t *internal_datum = NULL;
00123 policydb_t *db = NULL;
00124 int error;
00125 ebitmap_state_t *es = NULL;
00126
00127 if (policy == NULL || datum == NULL || dominates == NULL) {
00128 if (dominates != NULL)
00129 *dominates = NULL;
00130 ERR(policy, "%s", strerror(EINVAL));
00131 errno = EINVAL;
00132 return STATUS_ERR;
00133 }
00134
00135 internal_datum = (role_datum_t *) datum;
00136 db = &policy->p->p;
00137
00138 if (!(es = calloc(1, sizeof(ebitmap_state_t)))) {
00139 error = errno;
00140 ERR(policy, "%s", "unable to create iterator state object");
00141 errno = error;
00142 return STATUS_ERR;
00143 }
00144 es->bmap = &internal_datum->dominates;
00145
00146 if (qpol_iterator_create(policy, (void *)es, ebitmap_state_get_cur_role,
00147 ebitmap_state_next, ebitmap_state_end, ebitmap_state_size, free, dominates)) {
00148 error = errno;
00149 free(es);
00150 errno = error;
00151 return STATUS_ERR;
00152 }
00153
00154 if (es->bmap->node && !ebitmap_get_bit(es->bmap, es->cur))
00155 ebitmap_state_next(*dominates);
00156
00157 return STATUS_SUCCESS;
00158 }
|
|
||||||||||||||||
|
Get an iterator for the set of types assigned to a role.
Definition at line 160 of file role_query.c. References ebitmap_state::bmap, ebitmap_state::cur, ebitmap_state_destroy(), ebitmap_state_end(), ebitmap_state_get_cur_type(), ebitmap_state_next(), ebitmap_state_size(), ebitmap_state_t, ERR, qpol_policy::p, qpol_iterator_create(), qpol_iterator_t, and qpol_policy_t. Referenced by apol_role_get_by_query(), apol_role_has_type(), print_role_types(), role_get_types(), and roles_wo_types_run(). 00161 {
00162 role_datum_t *internal_datum = NULL;
00163 policydb_t *db = NULL;
00164 ebitmap_t *expanded_set = NULL;
00165 int error;
00166 ebitmap_state_t *es = NULL;
00167
00168 if (policy == NULL || datum == NULL || types == NULL) {
00169 if (types != NULL)
00170 *types = NULL;
00171 ERR(policy, "%s", strerror(EINVAL));
00172 errno = EINVAL;
00173 return STATUS_ERR;
00174 }
00175
00176 internal_datum = (role_datum_t *) datum;
00177 db = &policy->p->p;
00178
00179 if (!(expanded_set = calloc(1, sizeof(ebitmap_t)))) {
00180 error = errno;
00181 ERR(policy, "%s", "unable to create bitmap");
00182 errno = error;
00183 return STATUS_ERR;
00184 }
00185
00186 if (type_set_expand(&internal_datum->types, expanded_set, db, 1)) {
00187 ebitmap_destroy(expanded_set);
00188 free(expanded_set);
00189 ERR(policy, "error reading type set for role %s", db->p_role_val_to_name[internal_datum->s.value - 1]);
00190 errno = EIO;
00191 return STATUS_ERR;
00192 }
00193
00194 if (!(es = calloc(1, sizeof(ebitmap_state_t)))) {
00195 error = errno;
00196 ERR(policy, "%s", "unable to create iterator state object");
00197 ebitmap_destroy(expanded_set);
00198 free(expanded_set);
00199 errno = error;
00200 return STATUS_ERR;
00201 }
00202 es->bmap = expanded_set;
00203 es->cur = es->bmap->node ? es->bmap->node->startbit : 0;
00204
00205 if (qpol_iterator_create(policy, (void *)es, ebitmap_state_get_cur_type,
00206 ebitmap_state_next, ebitmap_state_end, ebitmap_state_size, ebitmap_state_destroy, types)) {
00207 error = errno;
00208 ebitmap_state_destroy(es);
00209 errno = error;
00210 return STATUS_ERR;
00211 }
00212
00213 if (es->bmap->node && !ebitmap_get_bit(es->bmap, es->cur))
00214 ebitmap_state_next(*types);
00215
00216 return STATUS_SUCCESS;
00217 }
|
|
||||||||||||||||
|
Get the name by which a role is identified from its datum.
Definition at line 219 of file role_query.c. References ERR, qpol_policy::p, and qpol_policy_t. Referenced by apol_context_create_from_qpol_context(), apol_query_create_candidate_role_list(), apol_role_allow_render(), apol_role_get_by_query(), apol_role_trans_render(), apol_user_get_by_query(), exists_common_user(), filter_view_get_policy_roles(), find_domains_run(), imp_range_trans_run(), inc_dom_trans_run(), print_role_types(), print_user_roles(), role_allow_get_items(), role_basic(), role_comp(), role_deep_diff(), role_name_comp(), role_new_diff(), role_regex(), role_trans_get_items(), roles_wo_allow_print(), roles_wo_allow_run(), roles_wo_types_print(), roles_wo_types_run(), roles_wo_users_print(), roles_wo_users_run(), unreachable_doms_run(), and user_get_roles(). 00220 {
00221 role_datum_t *internal_datum = NULL;
00222 policydb_t *db = NULL;
00223
00224 if (policy == NULL || datum == NULL || name == NULL) {
00225 if (name != NULL)
00226 *name = NULL;
00227 ERR(policy, "%s", strerror(EINVAL));
00228 errno = EINVAL;
00229 return STATUS_ERR;
00230 }
00231
00232 db = &policy->p->p;
00233 internal_datum = (role_datum_t *) datum;
00234
00235 *name = db->p_role_val_to_name[internal_datum->s.value - 1];
00236
00237 return STATUS_SUCCESS;
00238 }
|
