xref: /aosp_15_r20/external/selinux/libsepol/src/policydb_convert.c (revision 2d543d20722ada2425b5bdab9d0d1d29470e7bba) 
1*2d543d20SAndroid Build Coastguard Worker #include <stdlib.h>
2*2d543d20SAndroid Build Coastguard Worker 
3*2d543d20SAndroid Build Coastguard Worker #include "private.h"
4*2d543d20SAndroid Build Coastguard Worker #include "debug.h"
5*2d543d20SAndroid Build Coastguard Worker 
6*2d543d20SAndroid Build Coastguard Worker #include <sepol/policydb/policydb.h>
7*2d543d20SAndroid Build Coastguard Worker 
8*2d543d20SAndroid Build Coastguard Worker /* Construct a policydb from the supplied (data, len) pair */
9*2d543d20SAndroid Build Coastguard Worker 
policydb_from_image(sepol_handle_t * handle,void * data,size_t len,policydb_t * policydb)10*2d543d20SAndroid Build Coastguard Worker int policydb_from_image(sepol_handle_t * handle,
11*2d543d20SAndroid Build Coastguard Worker 			void *data, size_t len, policydb_t * policydb)
12*2d543d20SAndroid Build Coastguard Worker {
13*2d543d20SAndroid Build Coastguard Worker 
14*2d543d20SAndroid Build Coastguard Worker 	policy_file_t pf;
15*2d543d20SAndroid Build Coastguard Worker 
16*2d543d20SAndroid Build Coastguard Worker 	policy_file_init(&pf);
17*2d543d20SAndroid Build Coastguard Worker 	pf.type = PF_USE_MEMORY;
18*2d543d20SAndroid Build Coastguard Worker 	pf.data = data;
19*2d543d20SAndroid Build Coastguard Worker 	pf.len = len;
20*2d543d20SAndroid Build Coastguard Worker 	pf.handle = handle;
21*2d543d20SAndroid Build Coastguard Worker 
22*2d543d20SAndroid Build Coastguard Worker 	if (policydb_read(policydb, &pf, 0)) {
23*2d543d20SAndroid Build Coastguard Worker 		policydb_destroy(policydb);
24*2d543d20SAndroid Build Coastguard Worker 		ERR(handle, "policy image is invalid");
25*2d543d20SAndroid Build Coastguard Worker 		errno = EINVAL;
26*2d543d20SAndroid Build Coastguard Worker 		return STATUS_ERR;
27*2d543d20SAndroid Build Coastguard Worker 	}
28*2d543d20SAndroid Build Coastguard Worker 
29*2d543d20SAndroid Build Coastguard Worker 	return STATUS_SUCCESS;
30*2d543d20SAndroid Build Coastguard Worker }
31*2d543d20SAndroid Build Coastguard Worker 
32*2d543d20SAndroid Build Coastguard Worker /* Write a policydb to a memory region, and return the (data, len) pair. */
33*2d543d20SAndroid Build Coastguard Worker 
policydb_to_image(sepol_handle_t * handle,policydb_t * policydb,void ** newdata,size_t * newlen)34*2d543d20SAndroid Build Coastguard Worker int policydb_to_image(sepol_handle_t * handle,
35*2d543d20SAndroid Build Coastguard Worker 		      policydb_t * policydb, void **newdata, size_t * newlen)
36*2d543d20SAndroid Build Coastguard Worker {
37*2d543d20SAndroid Build Coastguard Worker 
38*2d543d20SAndroid Build Coastguard Worker 	void *tmp_data = NULL;
39*2d543d20SAndroid Build Coastguard Worker 	size_t tmp_len;
40*2d543d20SAndroid Build Coastguard Worker 	policy_file_t pf;
41*2d543d20SAndroid Build Coastguard Worker 	struct policydb tmp_policydb;
42*2d543d20SAndroid Build Coastguard Worker 
43*2d543d20SAndroid Build Coastguard Worker 	/* Compute the length for the new policy image. */
44*2d543d20SAndroid Build Coastguard Worker 	policy_file_init(&pf);
45*2d543d20SAndroid Build Coastguard Worker 	pf.type = PF_LEN;
46*2d543d20SAndroid Build Coastguard Worker 	pf.handle = handle;
47*2d543d20SAndroid Build Coastguard Worker 	if (policydb_write(policydb, &pf)) {
48*2d543d20SAndroid Build Coastguard Worker 		ERR(handle, "could not compute policy length");
49*2d543d20SAndroid Build Coastguard Worker 		errno = EINVAL;
50*2d543d20SAndroid Build Coastguard Worker 		goto err;
51*2d543d20SAndroid Build Coastguard Worker 	}
52*2d543d20SAndroid Build Coastguard Worker 
53*2d543d20SAndroid Build Coastguard Worker 	/* Allocate the new policy image. */
54*2d543d20SAndroid Build Coastguard Worker 	pf.type = PF_USE_MEMORY;
55*2d543d20SAndroid Build Coastguard Worker 	pf.data = malloc(pf.len);
56*2d543d20SAndroid Build Coastguard Worker 	if (!pf.data) {
57*2d543d20SAndroid Build Coastguard Worker 		ERR(handle, "out of memory");
58*2d543d20SAndroid Build Coastguard Worker 		goto err;
59*2d543d20SAndroid Build Coastguard Worker 	}
60*2d543d20SAndroid Build Coastguard Worker 
61*2d543d20SAndroid Build Coastguard Worker 	/* Need to save len and data prior to modification by policydb_write. */
62*2d543d20SAndroid Build Coastguard Worker 	tmp_len = pf.len;
63*2d543d20SAndroid Build Coastguard Worker 	tmp_data = pf.data;
64*2d543d20SAndroid Build Coastguard Worker 
65*2d543d20SAndroid Build Coastguard Worker 	/* Write out the new policy image. */
66*2d543d20SAndroid Build Coastguard Worker 	if (policydb_write(policydb, &pf)) {
67*2d543d20SAndroid Build Coastguard Worker 		ERR(handle, "could not write policy");
68*2d543d20SAndroid Build Coastguard Worker 		errno = EINVAL;
69*2d543d20SAndroid Build Coastguard Worker 		goto err;
70*2d543d20SAndroid Build Coastguard Worker 	}
71*2d543d20SAndroid Build Coastguard Worker 
72*2d543d20SAndroid Build Coastguard Worker 	/* Verify the new policy image. */
73*2d543d20SAndroid Build Coastguard Worker 	pf.type = PF_USE_MEMORY;
74*2d543d20SAndroid Build Coastguard Worker 	pf.data = tmp_data;
75*2d543d20SAndroid Build Coastguard Worker 	pf.len = tmp_len;
76*2d543d20SAndroid Build Coastguard Worker 	if (policydb_init(&tmp_policydb)) {
77*2d543d20SAndroid Build Coastguard Worker 		ERR(handle, "Out of memory");
78*2d543d20SAndroid Build Coastguard Worker 		errno = ENOMEM;
79*2d543d20SAndroid Build Coastguard Worker 		goto err;
80*2d543d20SAndroid Build Coastguard Worker 	}
81*2d543d20SAndroid Build Coastguard Worker 	if (policydb_read(&tmp_policydb, &pf, 0)) {
82*2d543d20SAndroid Build Coastguard Worker 		ERR(handle, "new policy image is invalid");
83*2d543d20SAndroid Build Coastguard Worker 		errno = EINVAL;
84*2d543d20SAndroid Build Coastguard Worker 		goto err;
85*2d543d20SAndroid Build Coastguard Worker 	}
86*2d543d20SAndroid Build Coastguard Worker 	policydb_destroy(&tmp_policydb);
87*2d543d20SAndroid Build Coastguard Worker 
88*2d543d20SAndroid Build Coastguard Worker 	/* Update (newdata, newlen) */
89*2d543d20SAndroid Build Coastguard Worker 	*newdata = tmp_data;
90*2d543d20SAndroid Build Coastguard Worker 	*newlen = tmp_len;
91*2d543d20SAndroid Build Coastguard Worker 
92*2d543d20SAndroid Build Coastguard Worker 	/* Recover */
93*2d543d20SAndroid Build Coastguard Worker 	return STATUS_SUCCESS;
94*2d543d20SAndroid Build Coastguard Worker 
95*2d543d20SAndroid Build Coastguard Worker       err:
96*2d543d20SAndroid Build Coastguard Worker 	ERR(handle, "could not create policy image");
97*2d543d20SAndroid Build Coastguard Worker 
98*2d543d20SAndroid Build Coastguard Worker 	/* Recover */
99*2d543d20SAndroid Build Coastguard Worker 	free(tmp_data);
100*2d543d20SAndroid Build Coastguard Worker 	return STATUS_ERR;
101*2d543d20SAndroid Build Coastguard Worker }
102