~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~

TOMOYO Linux Cross Reference
Linux/security/selinux/ss/conditional.h

Version: ~ [ linux-6.11.5 ] ~ [ linux-6.10.14 ] ~ [ linux-6.9.12 ] ~ [ linux-6.8.12 ] ~ [ linux-6.7.12 ] ~ [ linux-6.6.58 ] ~ [ linux-6.5.13 ] ~ [ linux-6.4.16 ] ~ [ linux-6.3.13 ] ~ [ linux-6.2.16 ] ~ [ linux-6.1.114 ] ~ [ linux-6.0.19 ] ~ [ linux-5.19.17 ] ~ [ linux-5.18.19 ] ~ [ linux-5.17.15 ] ~ [ linux-5.16.20 ] ~ [ linux-5.15.169 ] ~ [ linux-5.14.21 ] ~ [ linux-5.13.19 ] ~ [ linux-5.12.19 ] ~ [ linux-5.11.22 ] ~ [ linux-5.10.228 ] ~ [ linux-5.9.16 ] ~ [ linux-5.8.18 ] ~ [ linux-5.7.19 ] ~ [ linux-5.6.19 ] ~ [ linux-5.5.19 ] ~ [ linux-5.4.284 ] ~ [ linux-5.3.18 ] ~ [ linux-5.2.21 ] ~ [ linux-5.1.21 ] ~ [ linux-5.0.21 ] ~ [ linux-4.20.17 ] ~ [ linux-4.19.322 ] ~ [ linux-4.18.20 ] ~ [ linux-4.17.19 ] ~ [ linux-4.16.18 ] ~ [ linux-4.15.18 ] ~ [ linux-4.14.336 ] ~ [ linux-4.13.16 ] ~ [ linux-4.12.14 ] ~ [ linux-4.11.12 ] ~ [ linux-4.10.17 ] ~ [ linux-4.9.337 ] ~ [ linux-4.4.302 ] ~ [ linux-3.10.108 ] ~ [ linux-2.6.32.71 ] ~ [ linux-2.6.0 ] ~ [ linux-2.4.37.11 ] ~ [ unix-v6-master ] ~ [ ccs-tools-1.8.9 ] ~ [ policy-sample ] ~
Architecture: ~ [ i386 ] ~ [ alpha ] ~ [ m68k ] ~ [ mips ] ~ [ ppc ] ~ [ sparc ] ~ [ sparc64 ] ~

Diff markup

Differences between /security/selinux/ss/conditional.h (Version linux-6.11.5) and /security/selinux/ss/conditional.h (Version linux-5.13.19)

  1 /* SPDX-License-Identifier: GPL-2.0-only */         1 /* SPDX-License-Identifier: GPL-2.0-only */
  2 /* Authors: Karl MacMillan <kmacmillan@tresys.      2 /* Authors: Karl MacMillan <kmacmillan@tresys.com>
  3  *          Frank Mayer <mayerf@tresys.com>         3  *          Frank Mayer <mayerf@tresys.com>
  4  *          Copyright (C) 2003 - 2004 Tresys T !!   4  *
                                                   >>   5  * Copyright (C) 2003 - 2004 Tresys Technology, LLC
  5  */                                                 6  */
  6                                                     7 
  7 #ifndef _CONDITIONAL_H_                             8 #ifndef _CONDITIONAL_H_
  8 #define _CONDITIONAL_H_                             9 #define _CONDITIONAL_H_
  9                                                    10 
 10 #include "avtab.h"                                 11 #include "avtab.h"
 11 #include "symtab.h"                                12 #include "symtab.h"
 12 #include "policydb.h"                              13 #include "policydb.h"
 13 #include "../include/conditional.h"                14 #include "../include/conditional.h"
 14                                                    15 
 15 #define COND_EXPR_MAXDEPTH 10                      16 #define COND_EXPR_MAXDEPTH 10
 16                                                    17 
 17 /*                                                 18 /*
 18  * A conditional expression is a list of opera     19  * A conditional expression is a list of operators and operands
 19  * in reverse polish notation.                     20  * in reverse polish notation.
 20  */                                                21  */
 21 struct cond_expr_node {                            22 struct cond_expr_node {
 22 #define COND_BOOL 1 /* plain bool */           !!  23 #define COND_BOOL       1 /* plain bool */
 23 #define COND_NOT  2 /* !bool */                !!  24 #define COND_NOT        2 /* !bool */
 24 #define COND_OR   3 /* bool || bool */         !!  25 #define COND_OR         3 /* bool || bool */
 25 #define COND_AND  4 /* bool && bool */         !!  26 #define COND_AND        4 /* bool && bool */
 26 #define COND_XOR  5 /* bool ^ bool */          !!  27 #define COND_XOR        5 /* bool ^ bool */
 27 #define COND_EQ   6 /* bool == bool */         !!  28 #define COND_EQ         6 /* bool == bool */
 28 #define COND_NEQ  7 /* bool != bool */         !!  29 #define COND_NEQ        7 /* bool != bool */
 29 #define COND_LAST COND_NEQ                     !!  30 #define COND_LAST       COND_NEQ
 30         u32 expr_type;                             31         u32 expr_type;
 31         u32 boolean;                           !!  32         u32 bool;
 32 };                                                 33 };
 33                                                    34 
 34 struct cond_expr {                                 35 struct cond_expr {
 35         struct cond_expr_node *nodes;              36         struct cond_expr_node *nodes;
 36         u32 len;                                   37         u32 len;
 37 };                                                 38 };
 38                                                    39 
 39 /*                                                 40 /*
 40  * Each cond_node contains a list of rules to      41  * Each cond_node contains a list of rules to be enabled/disabled
 41  * depending on the current value of the condi     42  * depending on the current value of the conditional expression. This
 42  * struct is for that list.                        43  * struct is for that list.
 43  */                                                44  */
 44 struct cond_av_list {                              45 struct cond_av_list {
 45         struct avtab_node **nodes;                 46         struct avtab_node **nodes;
 46         u32 len;                                   47         u32 len;
 47 };                                                 48 };
 48                                                    49 
 49 /*                                                 50 /*
 50  * A cond node represents a conditional block      51  * A cond node represents a conditional block in a policy. It
 51  * contains a conditional expression, the curr     52  * contains a conditional expression, the current state of the expression,
 52  * two lists of rules to enable/disable depend     53  * two lists of rules to enable/disable depending on the value of the
 53  * expression (the true list corresponds to if     54  * expression (the true list corresponds to if and the false list corresponds
 54  * to else)..                                      55  * to else)..
 55  */                                                56  */
 56 struct cond_node {                                 57 struct cond_node {
 57         int cur_state;                             58         int cur_state;
 58         struct cond_expr expr;                     59         struct cond_expr expr;
 59         struct cond_av_list true_list;             60         struct cond_av_list true_list;
 60         struct cond_av_list false_list;            61         struct cond_av_list false_list;
 61 };                                                 62 };
 62                                                    63 
 63 void cond_policydb_init(struct policydb *p);       64 void cond_policydb_init(struct policydb *p);
 64 void cond_policydb_destroy(struct policydb *p)     65 void cond_policydb_destroy(struct policydb *p);
 65                                                    66 
 66 int cond_init_bool_indexes(struct policydb *p)     67 int cond_init_bool_indexes(struct policydb *p);
 67 int cond_destroy_bool(void *key, void *datum,      68 int cond_destroy_bool(void *key, void *datum, void *p);
 68                                                    69 
 69 int cond_index_bool(void *key, void *datum, vo     70 int cond_index_bool(void *key, void *datum, void *datap);
 70                                                    71 
 71 int cond_read_bool(struct policydb *p, struct      72 int cond_read_bool(struct policydb *p, struct symtab *s, void *fp);
 72 int cond_read_list(struct policydb *p, void *f     73 int cond_read_list(struct policydb *p, void *fp);
 73 int cond_write_bool(void *key, void *datum, vo     74 int cond_write_bool(void *key, void *datum, void *ptr);
 74 int cond_write_list(struct policydb *p, void *     75 int cond_write_list(struct policydb *p, void *fp);
 75                                                    76 
 76 void cond_compute_av(struct avtab *ctab, struc     77 void cond_compute_av(struct avtab *ctab, struct avtab_key *key,
 77                      struct av_decision *avd,  !!  78                 struct av_decision *avd, struct extended_perms *xperms);
 78 void cond_compute_xperms(struct avtab *ctab, s     79 void cond_compute_xperms(struct avtab *ctab, struct avtab_key *key,
 79                          struct extended_perms !!  80                 struct extended_perms_decision *xpermd);
 80 void evaluate_cond_nodes(struct policydb *p);      81 void evaluate_cond_nodes(struct policydb *p);
 81 void cond_policydb_destroy_dup(struct policydb     82 void cond_policydb_destroy_dup(struct policydb *p);
 82 int cond_policydb_dup(struct policydb *new, co !!  83 int cond_policydb_dup(struct policydb *new, struct policydb *orig);
 83                                                    84 
 84 #endif /* _CONDITIONAL_H_ */                       85 #endif /* _CONDITIONAL_H_ */
 85                                                    86
~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~
kernel.org | git.kernel.org | LWN.net | Project Home | SVN repository | Mail admin

Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.

sflogo.php