~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~

TOMOYO Linux Cross Reference
Linux/security/selinux/ss/conditional.h

Version: ~ [ linux-6.11.5 ] ~ [ linux-6.10.14 ] ~ [ linux-6.9.12 ] ~ [ linux-6.8.12 ] ~ [ linux-6.7.12 ] ~ [ linux-6.6.58 ] ~ [ linux-6.5.13 ] ~ [ linux-6.4.16 ] ~ [ linux-6.3.13 ] ~ [ linux-6.2.16 ] ~ [ linux-6.1.114 ] ~ [ linux-6.0.19 ] ~ [ linux-5.19.17 ] ~ [ linux-5.18.19 ] ~ [ linux-5.17.15 ] ~ [ linux-5.16.20 ] ~ [ linux-5.15.169 ] ~ [ linux-5.14.21 ] ~ [ linux-5.13.19 ] ~ [ linux-5.12.19 ] ~ [ linux-5.11.22 ] ~ [ linux-5.10.228 ] ~ [ linux-5.9.16 ] ~ [ linux-5.8.18 ] ~ [ linux-5.7.19 ] ~ [ linux-5.6.19 ] ~ [ linux-5.5.19 ] ~ [ linux-5.4.284 ] ~ [ linux-5.3.18 ] ~ [ linux-5.2.21 ] ~ [ linux-5.1.21 ] ~ [ linux-5.0.21 ] ~ [ linux-4.20.17 ] ~ [ linux-4.19.322 ] ~ [ linux-4.18.20 ] ~ [ linux-4.17.19 ] ~ [ linux-4.16.18 ] ~ [ linux-4.15.18 ] ~ [ linux-4.14.336 ] ~ [ linux-4.13.16 ] ~ [ linux-4.12.14 ] ~ [ linux-4.11.12 ] ~ [ linux-4.10.17 ] ~ [ linux-4.9.337 ] ~ [ linux-4.4.302 ] ~ [ linux-3.10.108 ] ~ [ linux-2.6.32.71 ] ~ [ linux-2.6.0 ] ~ [ linux-2.4.37.11 ] ~ [ unix-v6-master ] ~ [ ccs-tools-1.8.9 ] ~ [ policy-sample ] ~
Architecture: ~ [ i386 ] ~ [ alpha ] ~ [ m68k ] ~ [ mips ] ~ [ ppc ] ~ [ sparc ] ~ [ sparc64 ] ~

Diff markup

Differences between /security/selinux/ss/conditional.h (Version linux-6.11.5) and /security/selinux/ss/conditional.h (Version linux-5.5.19)


  1 /* SPDX-License-Identifier: GPL-2.0-only */         1 /* SPDX-License-Identifier: GPL-2.0-only */
  2 /* Authors: Karl MacMillan <kmacmillan@tresys.      2 /* Authors: Karl MacMillan <kmacmillan@tresys.com>
  3  *          Frank Mayer <mayerf@tresys.com>         3  *          Frank Mayer <mayerf@tresys.com>
  4  *          Copyright (C) 2003 - 2004 Tresys T !!   4  *
                                                   >>   5  * Copyright (C) 2003 - 2004 Tresys Technology, LLC
  5  */                                                 6  */
  6                                                     7 
  7 #ifndef _CONDITIONAL_H_                             8 #ifndef _CONDITIONAL_H_
  8 #define _CONDITIONAL_H_                             9 #define _CONDITIONAL_H_
  9                                                    10 
 10 #include "avtab.h"                                 11 #include "avtab.h"
 11 #include "symtab.h"                                12 #include "symtab.h"
 12 #include "policydb.h"                              13 #include "policydb.h"
 13 #include "../include/conditional.h"                14 #include "../include/conditional.h"
 14                                                    15 
 15 #define COND_EXPR_MAXDEPTH 10                      16 #define COND_EXPR_MAXDEPTH 10
 16                                                    17 
 17 /*                                                 18 /*
 18  * A conditional expression is a list of opera     19  * A conditional expression is a list of operators and operands
 19  * in reverse polish notation.                     20  * in reverse polish notation.
 20  */                                                21  */
 21 struct cond_expr_node {                        << 
 22 #define COND_BOOL 1 /* plain bool */           << 
 23 #define COND_NOT  2 /* !bool */                << 
 24 #define COND_OR   3 /* bool || bool */         << 
 25 #define COND_AND  4 /* bool && bool */         << 
 26 #define COND_XOR  5 /* bool ^ bool */          << 
 27 #define COND_EQ   6 /* bool == bool */         << 
 28 #define COND_NEQ  7 /* bool != bool */         << 
 29 #define COND_LAST COND_NEQ                     << 
 30         u32 expr_type;                         << 
 31         u32 boolean;                           << 
 32 };                                             << 
 33                                                << 
 34 struct cond_expr {                                 22 struct cond_expr {
 35         struct cond_expr_node *nodes;          !!  23 #define COND_BOOL       1 /* plain bool */
 36         u32 len;                               !!  24 #define COND_NOT        2 /* !bool */
                                                   >>  25 #define COND_OR         3 /* bool || bool */
                                                   >>  26 #define COND_AND        4 /* bool && bool */
                                                   >>  27 #define COND_XOR        5 /* bool ^ bool */
                                                   >>  28 #define COND_EQ         6 /* bool == bool */
                                                   >>  29 #define COND_NEQ        7 /* bool != bool */
                                                   >>  30 #define COND_LAST       COND_NEQ
                                                   >>  31         __u32 expr_type;
                                                   >>  32         __u32 bool;
                                                   >>  33         struct cond_expr *next;
 37 };                                                 34 };
 38                                                    35 
 39 /*                                                 36 /*
 40  * Each cond_node contains a list of rules to      37  * Each cond_node contains a list of rules to be enabled/disabled
 41  * depending on the current value of the condi     38  * depending on the current value of the conditional expression. This
 42  * struct is for that list.                        39  * struct is for that list.
 43  */                                                40  */
 44 struct cond_av_list {                              41 struct cond_av_list {
 45         struct avtab_node **nodes;             !!  42         struct avtab_node *node;
 46         u32 len;                               !!  43         struct cond_av_list *next;
 47 };                                                 44 };
 48                                                    45 
 49 /*                                                 46 /*
 50  * A cond node represents a conditional block      47  * A cond node represents a conditional block in a policy. It
 51  * contains a conditional expression, the curr     48  * contains a conditional expression, the current state of the expression,
 52  * two lists of rules to enable/disable depend     49  * two lists of rules to enable/disable depending on the value of the
 53  * expression (the true list corresponds to if     50  * expression (the true list corresponds to if and the false list corresponds
 54  * to else)..                                      51  * to else)..
 55  */                                                52  */
 56 struct cond_node {                                 53 struct cond_node {
 57         int cur_state;                             54         int cur_state;
 58         struct cond_expr expr;                 !!  55         struct cond_expr *expr;
 59         struct cond_av_list true_list;         !!  56         struct cond_av_list *true_list;
 60         struct cond_av_list false_list;        !!  57         struct cond_av_list *false_list;
                                                   >>  58         struct cond_node *next;
 61 };                                                 59 };
 62                                                    60 
 63 void cond_policydb_init(struct policydb *p);   !!  61 int cond_policydb_init(struct policydb *p);
 64 void cond_policydb_destroy(struct policydb *p)     62 void cond_policydb_destroy(struct policydb *p);
 65                                                    63 
 66 int cond_init_bool_indexes(struct policydb *p)     64 int cond_init_bool_indexes(struct policydb *p);
 67 int cond_destroy_bool(void *key, void *datum,      65 int cond_destroy_bool(void *key, void *datum, void *p);
 68                                                    66 
 69 int cond_index_bool(void *key, void *datum, vo     67 int cond_index_bool(void *key, void *datum, void *datap);
 70                                                    68 
 71 int cond_read_bool(struct policydb *p, struct  !!  69 int cond_read_bool(struct policydb *p, struct hashtab *h, void *fp);
 72 int cond_read_list(struct policydb *p, void *f     70 int cond_read_list(struct policydb *p, void *fp);
 73 int cond_write_bool(void *key, void *datum, vo     71 int cond_write_bool(void *key, void *datum, void *ptr);
 74 int cond_write_list(struct policydb *p, void * !!  72 int cond_write_list(struct policydb *p, struct cond_node *list, void *fp);
 75                                                    73 
 76 void cond_compute_av(struct avtab *ctab, struc     74 void cond_compute_av(struct avtab *ctab, struct avtab_key *key,
 77                      struct av_decision *avd,  !!  75                 struct av_decision *avd, struct extended_perms *xperms);
 78 void cond_compute_xperms(struct avtab *ctab, s     76 void cond_compute_xperms(struct avtab *ctab, struct avtab_key *key,
 79                          struct extended_perms !!  77                 struct extended_perms_decision *xpermd);
 80 void evaluate_cond_nodes(struct policydb *p);  !!  78 int evaluate_cond_node(struct policydb *p, struct cond_node *node);
 81 void cond_policydb_destroy_dup(struct policydb << 
 82 int cond_policydb_dup(struct policydb *new, co << 
 83                                                    79 
 84 #endif /* _CONDITIONAL_H_ */                       80 #endif /* _CONDITIONAL_H_ */
 85                                                    81 

~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~

kernel.org | git.kernel.org | LWN.net | Project Home | SVN repository | Mail admin

Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.

sflogo.php