1*2d543d20SAndroid Build Coastguard Worker /*
2*2d543d20SAndroid Build Coastguard Worker * Copyright 2011 Tresys Technology, LLC. All rights reserved.
3*2d543d20SAndroid Build Coastguard Worker *
4*2d543d20SAndroid Build Coastguard Worker * Redistribution and use in source and binary forms, with or without
5*2d543d20SAndroid Build Coastguard Worker * modification, are permitted provided that the following conditions are met:
6*2d543d20SAndroid Build Coastguard Worker *
7*2d543d20SAndroid Build Coastguard Worker * 1. Redistributions of source code must retain the above copyright notice,
8*2d543d20SAndroid Build Coastguard Worker * this list of conditions and the following disclaimer.
9*2d543d20SAndroid Build Coastguard Worker *
10*2d543d20SAndroid Build Coastguard Worker * 2. Redistributions in binary form must reproduce the above copyright notice,
11*2d543d20SAndroid Build Coastguard Worker * this list of conditions and the following disclaimer in the documentation
12*2d543d20SAndroid Build Coastguard Worker * and/or other materials provided with the distribution.
13*2d543d20SAndroid Build Coastguard Worker *
14*2d543d20SAndroid Build Coastguard Worker * THIS SOFTWARE IS PROVIDED BY TRESYS TECHNOLOGY, LLC ``AS IS'' AND ANY EXPRESS
15*2d543d20SAndroid Build Coastguard Worker * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
16*2d543d20SAndroid Build Coastguard Worker * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO
17*2d543d20SAndroid Build Coastguard Worker * EVENT SHALL TRESYS TECHNOLOGY, LLC OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
18*2d543d20SAndroid Build Coastguard Worker * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
19*2d543d20SAndroid Build Coastguard Worker * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
20*2d543d20SAndroid Build Coastguard Worker * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
21*2d543d20SAndroid Build Coastguard Worker * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
22*2d543d20SAndroid Build Coastguard Worker * OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
23*2d543d20SAndroid Build Coastguard Worker * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
24*2d543d20SAndroid Build Coastguard Worker *
25*2d543d20SAndroid Build Coastguard Worker * The views and conclusions contained in the software and documentation are those
26*2d543d20SAndroid Build Coastguard Worker * of the authors and should not be interpreted as representing official policies,
27*2d543d20SAndroid Build Coastguard Worker * either expressed or implied, of Tresys Technology, LLC.
28*2d543d20SAndroid Build Coastguard Worker */
29*2d543d20SAndroid Build Coastguard Worker
30*2d543d20SAndroid Build Coastguard Worker #include <stdlib.h>
31*2d543d20SAndroid Build Coastguard Worker #include <stdio.h>
32*2d543d20SAndroid Build Coastguard Worker #include <stdint.h>
33*2d543d20SAndroid Build Coastguard Worker #include <string.h>
34*2d543d20SAndroid Build Coastguard Worker #include <getopt.h>
35*2d543d20SAndroid Build Coastguard Worker #include <sys/stat.h>
36*2d543d20SAndroid Build Coastguard Worker
37*2d543d20SAndroid Build Coastguard Worker #ifdef ANDROID
38*2d543d20SAndroid Build Coastguard Worker #include <cil/cil.h>
39*2d543d20SAndroid Build Coastguard Worker #else
40*2d543d20SAndroid Build Coastguard Worker #include <sepol/cil/cil.h>
41*2d543d20SAndroid Build Coastguard Worker #endif
42*2d543d20SAndroid Build Coastguard Worker #include <sepol/policydb.h>
43*2d543d20SAndroid Build Coastguard Worker
44*2d543d20SAndroid Build Coastguard Worker enum write_ast_phase {
45*2d543d20SAndroid Build Coastguard Worker WRITE_AST_PHASE_PARSE = 0,
46*2d543d20SAndroid Build Coastguard Worker WRITE_AST_PHASE_BUILD,
47*2d543d20SAndroid Build Coastguard Worker WRITE_AST_PHASE_RESOLVE,
48*2d543d20SAndroid Build Coastguard Worker WRITE_AST_PHASE_POST,
49*2d543d20SAndroid Build Coastguard Worker };
50*2d543d20SAndroid Build Coastguard Worker
usage(const char * prog)51*2d543d20SAndroid Build Coastguard Worker static __attribute__((__noreturn__)) void usage(const char *prog)
52*2d543d20SAndroid Build Coastguard Worker {
53*2d543d20SAndroid Build Coastguard Worker printf("Usage: %s [OPTION]... FILE...\n", prog);
54*2d543d20SAndroid Build Coastguard Worker printf("\n");
55*2d543d20SAndroid Build Coastguard Worker printf("Options:\n");
56*2d543d20SAndroid Build Coastguard Worker printf(" -o, --output=<file> write AST to <file>. (default: stdout)\n");
57*2d543d20SAndroid Build Coastguard Worker printf(" -P, --preserve-tunables treat tunables as booleans\n");
58*2d543d20SAndroid Build Coastguard Worker printf(" -Q, --qualified-names Allow names containing dots (qualified names).\n");
59*2d543d20SAndroid Build Coastguard Worker printf(" Blocks, blockinherits, blockabstracts, and\n");
60*2d543d20SAndroid Build Coastguard Worker printf(" in-statements will not be allowed.\n");
61*2d543d20SAndroid Build Coastguard Worker printf(" -A, --ast-phase=<phase> write AST of phase <phase>. Phase must be parse, \n");
62*2d543d20SAndroid Build Coastguard Worker printf(" build, resolve, or post. (default: resolve)\n");
63*2d543d20SAndroid Build Coastguard Worker printf(" -v, --verbose increment verbosity level\n");
64*2d543d20SAndroid Build Coastguard Worker printf(" -h, --help display usage information\n");
65*2d543d20SAndroid Build Coastguard Worker exit(1);
66*2d543d20SAndroid Build Coastguard Worker }
67*2d543d20SAndroid Build Coastguard Worker
main(int argc,char * argv[])68*2d543d20SAndroid Build Coastguard Worker int main(int argc, char *argv[])
69*2d543d20SAndroid Build Coastguard Worker {
70*2d543d20SAndroid Build Coastguard Worker int rc = SEPOL_ERR;
71*2d543d20SAndroid Build Coastguard Worker FILE *file = NULL;
72*2d543d20SAndroid Build Coastguard Worker char *buffer = NULL;
73*2d543d20SAndroid Build Coastguard Worker struct stat filedata;
74*2d543d20SAndroid Build Coastguard Worker uint32_t file_size;
75*2d543d20SAndroid Build Coastguard Worker char *output = NULL;
76*2d543d20SAndroid Build Coastguard Worker struct cil_db *db = NULL;
77*2d543d20SAndroid Build Coastguard Worker int preserve_tunables = 0;
78*2d543d20SAndroid Build Coastguard Worker int qualified_names = 0;
79*2d543d20SAndroid Build Coastguard Worker enum write_ast_phase write_ast = WRITE_AST_PHASE_RESOLVE;
80*2d543d20SAndroid Build Coastguard Worker int opt_char;
81*2d543d20SAndroid Build Coastguard Worker int opt_index = 0;
82*2d543d20SAndroid Build Coastguard Worker enum cil_log_level log_level = CIL_ERR;
83*2d543d20SAndroid Build Coastguard Worker static struct option long_opts[] = {
84*2d543d20SAndroid Build Coastguard Worker {"help", no_argument, 0, 'h'},
85*2d543d20SAndroid Build Coastguard Worker {"verbose", no_argument, 0, 'v'},
86*2d543d20SAndroid Build Coastguard Worker {"preserve-tunables", no_argument, 0, 'P'},
87*2d543d20SAndroid Build Coastguard Worker {"qualified-names", no_argument, 0, 'Q'},
88*2d543d20SAndroid Build Coastguard Worker {"output", required_argument, 0, 'o'},
89*2d543d20SAndroid Build Coastguard Worker {"ast-phase", required_argument, 0, 'A'},
90*2d543d20SAndroid Build Coastguard Worker {0, 0, 0, 0}
91*2d543d20SAndroid Build Coastguard Worker };
92*2d543d20SAndroid Build Coastguard Worker int i;
93*2d543d20SAndroid Build Coastguard Worker
94*2d543d20SAndroid Build Coastguard Worker while (1) {
95*2d543d20SAndroid Build Coastguard Worker opt_char = getopt_long(argc, argv, "o:hvPQA:", long_opts, &opt_index);
96*2d543d20SAndroid Build Coastguard Worker if (opt_char == -1) {
97*2d543d20SAndroid Build Coastguard Worker break;
98*2d543d20SAndroid Build Coastguard Worker }
99*2d543d20SAndroid Build Coastguard Worker switch (opt_char) {
100*2d543d20SAndroid Build Coastguard Worker case 'v':
101*2d543d20SAndroid Build Coastguard Worker log_level++;
102*2d543d20SAndroid Build Coastguard Worker break;
103*2d543d20SAndroid Build Coastguard Worker case 'P':
104*2d543d20SAndroid Build Coastguard Worker preserve_tunables = 1;
105*2d543d20SAndroid Build Coastguard Worker break;
106*2d543d20SAndroid Build Coastguard Worker case 'Q':
107*2d543d20SAndroid Build Coastguard Worker qualified_names = 1;
108*2d543d20SAndroid Build Coastguard Worker break;
109*2d543d20SAndroid Build Coastguard Worker case 'o':
110*2d543d20SAndroid Build Coastguard Worker output = strdup(optarg);
111*2d543d20SAndroid Build Coastguard Worker break;
112*2d543d20SAndroid Build Coastguard Worker case 'A':
113*2d543d20SAndroid Build Coastguard Worker if (!strcasecmp(optarg, "parse")) {
114*2d543d20SAndroid Build Coastguard Worker write_ast = WRITE_AST_PHASE_PARSE;
115*2d543d20SAndroid Build Coastguard Worker } else if (!strcasecmp(optarg, "build")) {
116*2d543d20SAndroid Build Coastguard Worker write_ast = WRITE_AST_PHASE_BUILD;
117*2d543d20SAndroid Build Coastguard Worker } else if (!strcasecmp(optarg, "resolve")) {
118*2d543d20SAndroid Build Coastguard Worker write_ast = WRITE_AST_PHASE_RESOLVE;
119*2d543d20SAndroid Build Coastguard Worker } else if (!strcasecmp(optarg, "post")) {
120*2d543d20SAndroid Build Coastguard Worker write_ast = WRITE_AST_PHASE_POST;
121*2d543d20SAndroid Build Coastguard Worker } else {
122*2d543d20SAndroid Build Coastguard Worker fprintf(stderr, "Invalid AST phase: %s\n", optarg);
123*2d543d20SAndroid Build Coastguard Worker usage(argv[0]);
124*2d543d20SAndroid Build Coastguard Worker }
125*2d543d20SAndroid Build Coastguard Worker break;
126*2d543d20SAndroid Build Coastguard Worker case 'h':
127*2d543d20SAndroid Build Coastguard Worker usage(argv[0]);
128*2d543d20SAndroid Build Coastguard Worker case '?':
129*2d543d20SAndroid Build Coastguard Worker break;
130*2d543d20SAndroid Build Coastguard Worker default:
131*2d543d20SAndroid Build Coastguard Worker fprintf(stderr, "Unsupported option: %s\n", optarg);
132*2d543d20SAndroid Build Coastguard Worker usage(argv[0]);
133*2d543d20SAndroid Build Coastguard Worker }
134*2d543d20SAndroid Build Coastguard Worker }
135*2d543d20SAndroid Build Coastguard Worker
136*2d543d20SAndroid Build Coastguard Worker if (optind >= argc) {
137*2d543d20SAndroid Build Coastguard Worker fprintf(stderr, "No cil files specified\n");
138*2d543d20SAndroid Build Coastguard Worker usage(argv[0]);
139*2d543d20SAndroid Build Coastguard Worker }
140*2d543d20SAndroid Build Coastguard Worker
141*2d543d20SAndroid Build Coastguard Worker cil_set_log_level(log_level);
142*2d543d20SAndroid Build Coastguard Worker
143*2d543d20SAndroid Build Coastguard Worker cil_db_init(&db);
144*2d543d20SAndroid Build Coastguard Worker cil_set_preserve_tunables(db, preserve_tunables);
145*2d543d20SAndroid Build Coastguard Worker cil_set_qualified_names(db, qualified_names);
146*2d543d20SAndroid Build Coastguard Worker cil_set_attrs_expand_generated(db, 0);
147*2d543d20SAndroid Build Coastguard Worker cil_set_attrs_expand_size(db, 0);
148*2d543d20SAndroid Build Coastguard Worker
149*2d543d20SAndroid Build Coastguard Worker for (i = optind; i < argc; i++) {
150*2d543d20SAndroid Build Coastguard Worker file = fopen(argv[i], "r");
151*2d543d20SAndroid Build Coastguard Worker if (!file) {
152*2d543d20SAndroid Build Coastguard Worker fprintf(stderr, "Could not open file: %s\n", argv[i]);
153*2d543d20SAndroid Build Coastguard Worker rc = SEPOL_ERR;
154*2d543d20SAndroid Build Coastguard Worker goto exit;
155*2d543d20SAndroid Build Coastguard Worker }
156*2d543d20SAndroid Build Coastguard Worker rc = stat(argv[i], &filedata);
157*2d543d20SAndroid Build Coastguard Worker if (rc == -1) {
158*2d543d20SAndroid Build Coastguard Worker fprintf(stderr, "Could not stat file: %s\n", argv[i]);
159*2d543d20SAndroid Build Coastguard Worker goto exit;
160*2d543d20SAndroid Build Coastguard Worker }
161*2d543d20SAndroid Build Coastguard Worker file_size = filedata.st_size;
162*2d543d20SAndroid Build Coastguard Worker
163*2d543d20SAndroid Build Coastguard Worker buffer = malloc(file_size);
164*2d543d20SAndroid Build Coastguard Worker if (!buffer) {
165*2d543d20SAndroid Build Coastguard Worker fprintf(stderr, "Out of memory\n");
166*2d543d20SAndroid Build Coastguard Worker rc = SEPOL_ERR;
167*2d543d20SAndroid Build Coastguard Worker goto exit;
168*2d543d20SAndroid Build Coastguard Worker }
169*2d543d20SAndroid Build Coastguard Worker
170*2d543d20SAndroid Build Coastguard Worker rc = fread(buffer, file_size, 1, file);
171*2d543d20SAndroid Build Coastguard Worker if (rc != 1) {
172*2d543d20SAndroid Build Coastguard Worker fprintf(stderr, "Failure reading file: %s\n", argv[i]);
173*2d543d20SAndroid Build Coastguard Worker goto exit;
174*2d543d20SAndroid Build Coastguard Worker }
175*2d543d20SAndroid Build Coastguard Worker fclose(file);
176*2d543d20SAndroid Build Coastguard Worker file = NULL;
177*2d543d20SAndroid Build Coastguard Worker
178*2d543d20SAndroid Build Coastguard Worker rc = cil_add_file(db, argv[i], buffer, file_size);
179*2d543d20SAndroid Build Coastguard Worker if (rc != SEPOL_OK) {
180*2d543d20SAndroid Build Coastguard Worker fprintf(stderr, "Failure adding %s\n", argv[i]);
181*2d543d20SAndroid Build Coastguard Worker goto exit;
182*2d543d20SAndroid Build Coastguard Worker }
183*2d543d20SAndroid Build Coastguard Worker
184*2d543d20SAndroid Build Coastguard Worker free(buffer);
185*2d543d20SAndroid Build Coastguard Worker buffer = NULL;
186*2d543d20SAndroid Build Coastguard Worker }
187*2d543d20SAndroid Build Coastguard Worker
188*2d543d20SAndroid Build Coastguard Worker if (output == NULL) {
189*2d543d20SAndroid Build Coastguard Worker file = stdout;
190*2d543d20SAndroid Build Coastguard Worker } else {
191*2d543d20SAndroid Build Coastguard Worker file = fopen(output, "w");
192*2d543d20SAndroid Build Coastguard Worker if (file == NULL) {
193*2d543d20SAndroid Build Coastguard Worker fprintf(stderr, "Failure opening file %s for writing\n", output);
194*2d543d20SAndroid Build Coastguard Worker rc = SEPOL_ERR;
195*2d543d20SAndroid Build Coastguard Worker goto exit;
196*2d543d20SAndroid Build Coastguard Worker }
197*2d543d20SAndroid Build Coastguard Worker }
198*2d543d20SAndroid Build Coastguard Worker
199*2d543d20SAndroid Build Coastguard Worker switch (write_ast) {
200*2d543d20SAndroid Build Coastguard Worker case WRITE_AST_PHASE_PARSE:
201*2d543d20SAndroid Build Coastguard Worker rc = cil_write_parse_ast(file, db);
202*2d543d20SAndroid Build Coastguard Worker break;
203*2d543d20SAndroid Build Coastguard Worker case WRITE_AST_PHASE_BUILD:
204*2d543d20SAndroid Build Coastguard Worker rc = cil_write_build_ast(file, db);
205*2d543d20SAndroid Build Coastguard Worker break;
206*2d543d20SAndroid Build Coastguard Worker case WRITE_AST_PHASE_RESOLVE:
207*2d543d20SAndroid Build Coastguard Worker rc = cil_write_resolve_ast(file, db);
208*2d543d20SAndroid Build Coastguard Worker break;
209*2d543d20SAndroid Build Coastguard Worker case WRITE_AST_PHASE_POST:
210*2d543d20SAndroid Build Coastguard Worker rc = cil_write_post_ast(file, db);
211*2d543d20SAndroid Build Coastguard Worker break;
212*2d543d20SAndroid Build Coastguard Worker }
213*2d543d20SAndroid Build Coastguard Worker
214*2d543d20SAndroid Build Coastguard Worker if (rc != SEPOL_OK) {
215*2d543d20SAndroid Build Coastguard Worker fprintf(stderr, "Failed to write AST\n");
216*2d543d20SAndroid Build Coastguard Worker goto exit;
217*2d543d20SAndroid Build Coastguard Worker }
218*2d543d20SAndroid Build Coastguard Worker
219*2d543d20SAndroid Build Coastguard Worker exit:
220*2d543d20SAndroid Build Coastguard Worker if (file != NULL && file != stdin) {
221*2d543d20SAndroid Build Coastguard Worker fclose(file);
222*2d543d20SAndroid Build Coastguard Worker }
223*2d543d20SAndroid Build Coastguard Worker free(buffer);
224*2d543d20SAndroid Build Coastguard Worker free(output);
225*2d543d20SAndroid Build Coastguard Worker cil_db_destroy(&db);
226*2d543d20SAndroid Build Coastguard Worker return rc;
227*2d543d20SAndroid Build Coastguard Worker }
228