Directory:~$ /proc/self/root/usr/lib64/python2.7/site-packages/sepolgen/

Upload File

[Home] [System Details] [Kill Me]

�
��^c@s�dZd
dl
Z
d
dlZddlmZ
ddlmZ
ddlmZ
ddlmZ
ddlm	Z	
d	dd
��YZ
d�Zd�Zd
�Z
d�Zd�Zddd��YZddd��YZddd��YZddd��YZdS(s7
Classes for representing and manipulating interfaces.
i����Ni
(
taccess(
t	refpolicy(
tobjectmodel(
tmatching(
t
_tParamcBsSeZ
dZd
�Zd�Zd�Zeee�Zedd��
Zd�Z	RS(s;
    Object representing a paramater for an interface.
   
c

Cs1d
|_t
j|_t
j�|_t|_dS(Nt(t_Param__nameR
tSRC_TYPEttypetIdSettobj_classestTruetrequired(
tself((s9/usr/lib64/python2.7/site-packages/sepolgen/interfaces.pyt__init__&s
	


cCs/tj
|
�
s"td
|
�
�
n|
|_dS(NsName
[%s] is not a param(Rt
is_idparamt
ValueErrorR(Rtname((s9/usr/lib64/python2.7/site-packages/sepolgen/interfaces.pytset_name,s


c


Cs|jS(
N(
R(
R((s9/usr/lib64/python2.7/site-packages/sepolgen/interfaces.pytget_name1s
tfgetc

Cst|j
d
�
S(Ni
(tintR(
R((s9/usr/lib64/python2.7/site-packages/sepolgen/interfaces.pyt<lambda>6sc

Cs*d
|jt
j|jdj|j�
fS(Ns0<sepolgen.policygen.Param
instance [%s, %s, %s]>t

(RR
tfield_to_strR	tjoinR(
R((s9/usr/lib64/python2.7/site-packages/sepolgen/interfaces.pyt__repr__8s

(
t__name__t
__module__t__doc__RRRtpropertyRtnumR(((s9/usr/lib64/python2.7/site-packages/sepolgen/interfaces.pyR"s
			cCs+
d
}||kr�||}|
|jkr/dS|
t
jksM|
t
jkr�|jt
jksq|jt
jkr�d}|r�|jg
}ng}x6tj|j|�D]}|tj	kr�d
}Pq�q�Wt
j|_q
d}n(t
�}||_|
|_|||j<|r'
|jj|j�

n|S(Nii
(
R	R
RtTGT_TYPEt	obj_classt	itertoolstchainRRtimplicitly_typed_objectsRRtadd(RR	tavtparamstrett
ptavobjstobj((s9/usr/lib64/python2.7/site-packages/sepolgen/interfaces.pyt__param_insert>s0





$





		
	
	



cCs
d
}t}t
j|j�
rKt|jtj||
�dkrKd}qKnt
j|j�
r�t|jtj||
�dkr�d}q�nt
j|j	�
r�t|j	tj
||
�dkr�d}q�nxA|jD]6}t
j|�
r�t|t�dkr	
d}q	
q�q�W|S(sjExtract
the paramaters from an access vector.

    Extract the paramaters (in the form $N) from an access
    vector, storing them as Param objects in a dictionary.
    Some attempt is made at resolving conflicts with other
    entries in the dict, but if an unresolvable conflict is
    found it is reported to the caller.

    The goal here is to figure out how interface paramaters are
    actually used in the interface - e.g., that $1 is a domain used as
    a SRC_TYPE. In general an interface will look like this:

    interface(`foo', `
       allow $1 foo : file read;
    ')

    This is simple to figure out - $1 is a SRC_TYPE. A few interfaces
    are more complex, for example:

    interface(`foo_trans',`
       domain_auto_trans($1,fingerd_exec_t,fingerd_t)

       allow $1 fingerd_t:fd use;
       allow fingerd_t $1:fd use;
       allow fingerd_t $1:fifo_file rw_file_perms;
       allow fingerd_t $1:process sigchld;
    ')

    Here the usage seems ambigious, but it is not. $1 is still domain
    and therefore should be returned as a SRC_TYPE.

    Returns:
      0  - success
      1  - conflict found
   
ii
(
tFalseRRtsrc_typeR-R
Rttgt_typeR!R"t	OBJ_CLASStpermstPERM(R'R(R)t	found_srctperm((s9/usr/lib64/python2.7/site-packages/sepolgen/interfaces.pytav_extract_paramsjs
$


!

!

!



cCs/tj
|j�
r+t|jtjd|
�SdS(
N(RRtroleR-R
tROLEtNone(R7R(((s9/usr/lib64/python2.7/site-packages/sepolgen/interfaces.pytrole_extract_params�s

cs��f
d
�}d}||jt
j�r3d}n||jt
j�rQd}n||jt
j�rod}ntj|j	�
r�t
|j	t
jd��r�d}q�n|S(NcsKd
}x>|D]6}tj
|�
r
t||
d��rCd}qCq
q
W|S(Nii
(RRR-R9(tsetR	R)t
x(
R((s9/usr/lib64/python2.7/site-packages/sepolgen/interfaces.pytextract_from_set�s






ii
(
t	src_typesR
Rt	tgt_typesR!RR1RRt	dest_typeR-t	DEST_TYPER9(truleR(R=R)((
R(s9/usr/lib64/python2.7/site-packages/sepolgen/interfaces.pyttype_rule_extract_params�s


	
	
	

cCsQd
}xD|jD]9}t
j|�
rt|tjd|
�rId}qIqqW|S(Nii
(targsRRR-R
RR9(tifcallR(R)targ((s9/usr/lib64/python2.7/site-packages/sepolgen/interfaces.pytifcall_extract_params�s



tAttributeVectorc
BseZ
d�Zd
�ZRS(c

Csd
|_t
j�|_
dS(NR(RRtAccessVectorSet(
R((s9/usr/lib64/python2.7/site-packages/sepolgen/interfaces.pyR�s
	
cCs|jj
|
�

dS(
N(Rtadd_av(RR'((s9/usr/lib64/python2.7/site-packages/sepolgen/interfaces.pyRJ�s
(RRRRJ(((s9/usr/lib64/python2.7/site-packages/sepolgen/interfaces.pyRH�s
	tAttributeSetc
Bs#eZ
d�Zd
�Zd�ZRS(c

Cs
i|_dS(
N(
t
attributes(
R((s9/usr/lib64/python2.7/site-packages/sepolgen/interfaces.pyR�s
cCs|
|j|
j
<dS(
N(RLR(Rtattr((s9/usr/lib64/python2.7/site-packages/sepolgen/interfaces.pytadd_attr�s
cCs�d
�}d}x�|
D]y}|d
}|ddkr[|rL|j
|�

n||�
}q|r|jd�
}tj|�
}|j|�

qqW|r�|j
|�

ndS(Nc
Ssb|d
d!j�}
t
|
�
dks5|
ddkrHtd|�
�
nt�}|
d
|_|S(Ni
i����iit	Attributes#Syntax
error Attribute statement
%s(tsplittlentSyntaxErrorRHR(tlinetfieldst
a((s9/usr/lib64/python2.7/site-packages/sepolgen/interfaces.pyt
parse_attr�s

"

	

i����it
[t
,(R9RNRPRtAccessVectorRJ(RtfdRVRURSt
lR'((s9/usr/lib64/python2.7/site-packages/sepolgen/interfaces.pyt	from_file�s
		













(RRRRNR\(((s9/usr/lib64/python2.7/site-packages/sepolgen/interfaces.pyRK�s
		tInterfaceVectorcBsGeZ
did�Zid
�
Zd�Zd�Zd�Zd�ZRS(cCsPt|_
d
|_tj�|_i|_|
rC|j|
|�
nt|_dS(NR(	RtenabledRRRIR(tfrom_interfaceR.texpanded(Rt	interfaceRL((s9/usr/lib64/python2.7/site-packages/sepolgen/interfaces.pyR�s	
		


c
Cs�
|
j|_xq|
j
�D]c}|jtjjkr:qnd
|
jkrOqntj|�
}x|D]}|j|�

qeWqW|rH
x�|
j	�D]�}x�|j
D]�}||j
kr�q�n|j
|}xo|jD]d}	tj|	�
}|j|jkr
|j
|_n|j|jkr,
|j
|_n|j|�

q�Wq�Wq�Wnx)|
j�D]}
t|
|j�rU
qU
qU
Wx)|
j�D]}t||j�r�
q�
q�
Wx)|
j�D]}t||j�r�
q�
q�
WdS(Nt	dontaudit(Rtavrulest	rule_typeR
tAVRuletALLOWRtavrule_to_access_vectorsRJttypeattributesRLtcopyR/R	R0trolesR:R(t	typerulesRCtinterface_callsRG(
RRaRLtavruletavsR't
typeattributeRMtattr_vecRUR7RBRE((s9/usr/lib64/python2.7/site-packages/sepolgen/interfaces.pyR_
s>
























cCs/t|
|j
�d
krn|jj|
�

dS(Ni
(R6R(RRJ(RR'((s9/usr/lib64/python2.7/site-packages/sepolgen/interfaces.pyRJ8
s

c
CsNg}
|
jd
|j
�

x$|jD]}|
jt|�
�

q$Wdj|
�
S(Ns[InterfaceVector
%s]s

(tappendRRtstrR(Rt
sR'((s9/usr/lib64/python2.7/site-packages/sepolgen/interfaces.pyt	to_string>
s





c


Cs
|j�S(
N(
R(
R((s9/usr/lib64/python2.7/site-packages/sepolgen/interfaces.pyt__str__E
s
c

Csd
|j|j
fS(Ns<InterfaceVector
%s:%s>(RR^(
R((s9/usr/lib64/python2.7/site-packages/sepolgen/interfaces.pyRH
s
N(	RRR9RR_RJRtRuR(((s9/usr/lib64/python2.7/site-packages/sepolgen/interfaces.pyR]�s
4			tInterfaceSetcBs�eZ
dd�
Zd
�Zd�Zd�Zd�Zd�Zid�
Z	did�Z
d�Zd	�Zd
�Z
d�ZRS(
cCs(i|_i|_
g|_|
|_dS(
N(t
interfacesttgt_type_mapttgt_type_alltoutput(RRz((s9/usr/lib64/python2.7/site-packages/sepolgen/interfaces.pyRM
s
	
	
	
cCs$|jr
|jj
|
d
�

ndS(Ns

(Rztwrite(RRr((s9/usr/lib64/python2.7/site-packages/sepolgen/interfaces.pyt
oS
s
	
cCs�x�t|j
j�d
d��

D]�}|
jd|j�

xJt|jj�d
d��

D]*}|
jd|jtj|jf�

qXW|
jd�

t|j	j
��
}x1|D])}|
jdj|�
�

|
jd�

q�WqWdS(	Ntkeyc


Ss|jS(
N(
R(
R<((s9/usr/lib64/python2.7/site-packages/sepolgen/interfaces.pyRX
ss[InterfaceVector
%s
c


Ss|jS(
N(
R(
R<((s9/usr/lib64/python2.7/site-packages/sepolgen/interfaces.pyRZ
ss%s:%s
s]
RXs

(tsortedRwtvaluesR{RR(R
RR	Rtto_listR(RRZtivtparamtavlR'((s9/usr/lib64/python2.7/site-packages/sepolgen/interfaces.pytto_fileW
s
%

%
(






cCs�d
�}d}x�|
D]y}|d
}|ddkr[|rL|j
|�

n||�
}q|r|jd�
}tj|�
}|j|�

qqW|r�|j
|�

n|j�
dS(Nc
Ss�|d
d!j�}
t
|
�
dks5|
ddkrHtd|�
�
nt�}|
d
|_t
|
�
dkrtdSx�|
dD]t}|jd�
}t
|�
dkr�td|�
�
nt�}|d|_tj|d
|_||j	|j<qW|S(	Ni
i����iiR]s)Syntax
error InterfaceVector statement %st
:s-Invalid param in InterfaceVector
statement %s(
RPRQRRR]RRR
tstr_to_fieldR	R((RSRTtifvtfieldR*R�((s9/usr/lib64/python2.7/site-packages/sepolgen/interfaces.pyt	parse_ifvc
s


"

	








	




i����iRWRX(R9tadd_ifvRPRRYRJtindex(RRZR�R�RSR[R'((s9/usr/lib64/python2.7/site-packages/sepolgen/interfaces.pyR\b
s
	













cCs|
|j|
j
<dS(
N(RwR(RR�((s9/usr/lib64/python2.7/site-packages/sepolgen/interfaces.pyR��
s
c
Cs�x�|jj
�D]�}
t�}xP|
jD]E}tj|j�
r^|jj|
�

t�}Pn|j|j�

q)Wx0|D](}|j	j
|g�}|j|
�

qyWqWdS(
N(RwRR;RRR0RyRqR&Rxt
setdefault(RR�R?R'R	R[((s9/usr/lib64/python2.7/site-packages/sepolgen/interfaces.pyR��
s

	



	




cCs
t|
|�}|j
|�

dS(
N(R]R�(RRaRLR�((s9/usr/lib64/python2.7/site-packages/sepolgen/interfaces.pyR&�
s

cCsTx6tj
|
j�|
j��D]}|j||�
qW|j|
�

|j�
dS(
N(R#R$Rwt	templatesR&texpand_ifcallsR�(RtheadersRzRLt
i((s9/usr/lib64/python2.7/site-packages/sepolgen/interfaces.pytadd_headers�
s
%


cCsqtj
|
�
rft|
d
�
}|t|j�
kr8dS|j|d
}t|t�r\|S|g
Sn|
g
SdS(Ni
(RRRRQRDR9t
isinstancetlist(RtidRER
RF((s9/usr/lib64/python2.7/site-packages/sepolgen/interfaces.pyt	map_param�
s





c
Cs&
|j|j
|�}|dkr%dS|j|j|�}|dkrJdS|j|j|�}|dkrodStj�}xB|jD]7}|j||�}	|	dkr�q�q�|j|	�

q�Wt	|�
d
kr�dSxI|D]A}
x8|D]0}x'|D]}|
j
j|
|||�
q�Wq�Wq�WdS(Ni(R�R/R9R0R"R
R
R2tupdateRQRR&(
RR�R'RER>R?Rt	new_permsR5R*R/R0R"((s9/usr/lib64/python2.7/site-packages/sepolgen/interfaces.pyt
map_add_av�
s*


















cCsD
|
dfg
}|j
|
j}t|_x
t|�
d
kr?
|jd�
\}}|j
|j}||
kr�x$|jD]}|j|||�
qxW|jr�q+q�nx�|j	�D]�}	|	j
|
jkr�|jtd�
�

dSy||	j
}
Wn.t
k
r$



|jtd|	j
�
�

q�n
X|j|
|	f�

q�Wq+WdS(Nii����sFound circular interface
classs#Missing interface definition for
%s(R9RwRRR`RQtpopRR�RltifnameR|RtKeyErrorRq(RRat
if_by_nametstackR�tcurt
cur_ifcalltcur_ifvR'REtnewif((s9/usr/lib64/python2.7/site-packages/sepolgen/interfaces.pytdo_expand_ifcalls�
s*

	


	
	








cCsyi}x3tj
|
j�|
j��D]}|||j<q%Wx6tj
|
j�|
j��D]}|j||�
q[WdS(
N(R#R$RwR�RR�(RR�R�R�Ra((s9/usr/lib64/python2.7/site-packages/sepolgen/interfaces.pyR��
s
%
%
N(RRR9RR|R�R\R�R�R&R�R�R�R�R�(((s9/usr/lib64/python2.7/site-packages/sepolgen/interfaces.pyRvL
s
			#					$((((((RRiR#RRR
RRtsepolgeni18nRRR-R6R:RCRGRHRKR]Rv(((s9/usr/lib64/python2.7/site-packages/sepolgen/interfaces.pyt<module>s"




	,	9			Z