Linux Kernel  3.7.1
 All Data Structures Namespaces Files Functions Variables Typedefs Enumerations Enumerator Macros Groups Pages
conditional.h
Go to the documentation of this file.
1 /* Authors: Karl MacMillan <[email protected]>
2  * Frank Mayer <[email protected]>
3  *
4  * Copyright (C) 2003 - 2004 Tresys Technology, LLC
5  * This program is free software; you can redistribute it and/or modify
6  * it under the terms of the GNU General Public License as published by
7  * the Free Software Foundation, version 2.
8  */
9 
10 #ifndef _CONDITIONAL_H_
11 #define _CONDITIONAL_H_
12 
13 #include "avtab.h"
14 #include "symtab.h"
15 #include "policydb.h"
16 #include "../include/conditional.h"
17 
18 #define COND_EXPR_MAXDEPTH 10
19 
20 /*
21  * A conditional expression is a list of operators and operands
22  * in reverse polish notation.
23  */
24 struct cond_expr {
25 #define COND_BOOL 1 /* plain bool */
26 #define COND_NOT 2 /* !bool */
27 #define COND_OR 3 /* bool || bool */
28 #define COND_AND 4 /* bool && bool */
29 #define COND_XOR 5 /* bool ^ bool */
30 #define COND_EQ 6 /* bool == bool */
31 #define COND_NEQ 7 /* bool != bool */
32 #define COND_LAST COND_NEQ
33  __u32 expr_type;
34  __u32 bool;
35  struct cond_expr *next;
36 };
37 
38 /*
39  * Each cond_node contains a list of rules to be enabled/disabled
40  * depending on the current value of the conditional expression. This
41  * struct is for that list.
42  */
43 struct cond_av_list {
44  struct avtab_node *node;
45  struct cond_av_list *next;
46 };
47 
48 /*
49  * A cond node represents a conditional block in a policy. It
50  * contains a conditional expression, the current state of the expression,
51  * two lists of rules to enable/disable depending on the value of the
52  * expression (the true list corresponds to if and the false list corresponds
53  * to else)..
54  */
55 struct cond_node {
56  int cur_state;
57  struct cond_expr *expr;
58  struct cond_av_list *true_list;
59  struct cond_av_list *false_list;
60  struct cond_node *next;
61 };
62 
63 int cond_policydb_init(struct policydb *p);
64 void cond_policydb_destroy(struct policydb *p);
65 
66 int cond_init_bool_indexes(struct policydb *p);
67 int cond_destroy_bool(void *key, void *datum, void *p);
68 
69 int cond_index_bool(void *key, void *datum, void *datap);
70 
71 int cond_read_bool(struct policydb *p, struct hashtab *h, void *fp);
72 int cond_read_list(struct policydb *p, void *fp);
73 int cond_write_bool(void *key, void *datum, void *ptr);
74 int cond_write_list(struct policydb *p, struct cond_node *list, void *fp);
75 
76 void cond_compute_av(struct avtab *ctab, struct avtab_key *key, struct av_decision *avd);
77 
78 int evaluate_cond_node(struct policydb *p, struct cond_node *node);
79 
80 #endif /* _CONDITIONAL_H_ */
Generated on Thu Jan 10 2013 15:03:18 for Linux Kernel by   doxygen 1.8.2