/* NOTE: we really do want to use the kernel headers here */ #define __EXPORTED_HEADERS__ #include #include #include #include #include #include struct security_class_mapping { const char *name; const char *perms[sizeof(unsigned) * 8 + 1]; }; #include "classmap.h" #include "initial_sid_to_string.h" #define max(x, y) (((int)(x) > (int)(y)) ? x : y) const char *progname; static void usage(void) { printf("usage: %s flask.h av_permissions.h\n", progname); exit(1); } static char *stoupperx(const char *s) { char *s2 = strdup(s); char *p; if (!s2) { fprintf(stderr, "%s: out of memory\n", progname); exit(3); } for (p = s2; *p; p++) *p = toupper(*p); return s2; } int main(int argc, char *argv[]) { int i, j, k; int isids_len; FILE *fout; const char *needle = "SOCKET"; char *substr; progname = argv[0]; if (argc < 3) usage(); fout = fopen(argv[1], "w"); if (!fout) { fprintf(stderr, "Could not open %s for writing: %s\n", argv[1], strerror(errno)); exit(2); } for (i = 0; secclass_map[i].name; i++) { struct security_class_mapping *map = &secclass_map[i]; map->name = stoupperx(map->name); for (j = 0; map->perms[j]; j++) map->perms[j] = stoupperx(map->perms[j]); } isids_len = sizeof(initial_sid_to_string) / sizeof (char *); for (i = 1; i < isids_len; i++) initial_sid_to_string[i] = stoupperx(initial_sid_to_string[i]); fprintf(fout, "/* This file is automatically generated. Do not edit. */\n"); fprintf(fout, "#ifndef _SELINUX_FLASK_H_\n#define _SELINUX_FLASK_H_\n\n"); for (i = 0; secclass_map[i].name; i++) { struct security_class_mapping *map = &secclass_map[i]; fprintf(fout, "#define SECCLASS_%s", map->name); for (j = 0; j < max(1, 40 - strlen(map->name)); j++) fprintf(fout, " "); fprintf(fout, "%2d\n", i+1); } fprintf(fout, "\n"); for (i = 1; i < isids_len; i++) { const char *s = initial_sid_to_string[i]; fprintf(fout, "#define SECINITSID_%s", s); for (j = 0; j < max(1, 40 - strlen(s)); j++) fprintf(fout, " "); fprintf(fout, "%2d\n", i); } fprintf(fout, "\n#define SECINITSID_NUM %d\n", i-1); fprintf(fout, "\nstatic inline bool security_is_socket_class(u16 kern_tclass)\n"); fprintf(fout, "{\n"); fprintf(fout, "\tbool sock = false;\n\n"); fprintf(fout, "\tswitch (kern_tclass) {\n"); for (i = 0; secclass_map[i].name; i++) { struct security_class_mapping *map = &secclass_map[i]; substr = strstr(map->name, needle); if (substr && strcmp(substr, needle) == 0) fprintf(fout, "\tcase SECCLASS_%s:\n", map->name); } fprintf(fout, "\t\tsock = true;\n"); fprintf(fout, "\t\tbreak;\n"); fprintf(fout, "\tdefault:\n"); fprintf(fout, "\t\tbreak;\n"); fprintf(fout, "\t}\n\n"); fprintf(fout, "\treturn sock;\n"); fprintf(fout, "}\n"); fprintf(fout, "\n#endif\n"); fclose(fout); fout = fopen(argv[2], "w"); if (!fout) { fprintf(stderr, "Could not open %s for writing: %s\n", argv[2], strerror(errno)); exit(4); } fprintf(fout, "/* This file is automatically generated. Do not edit. */\n"); fprintf(fout, "#ifndef _SELINUX_AV_PERMISSIONS_H_\n#define _SELINUX_AV_PERMISSIONS_H_\n\n"); for (i = 0; secclass_map[i].name; i++) { struct security_class_mapping *map = &secclass_map[i]; for (j = 0; map->perms[j]; j++) { fprintf(fout, "#define %s__%s", map->name, map->perms[j]); for (k = 0; k < max(1, 40 - strlen(map->name) - strlen(map->perms[j])); k++) fprintf(fout, " "); fprintf(fout, "0x%08xUL\n", (1<FilesLines pan='2'/>context:space:mode:
authorLinus Torvalds <torvalds@linux-foundation.org>2017-01-16 09:34:37 -0800
committerLinus Torvalds <torvalds@linux-foundation.org>2017-01-16 09:34:37 -0800
commit2eabb8b8d68bc9c7779ba8b04bec8d4f8baed0bc (patch)
tree4d8ea8e6ca52f1938269937834641205d8d888f0 /include/xen/xenbus.h
parent49def1853334396f948dcb4cedb9347abb318df5 (diff)
parentce1ca7d2d140a1f4aaffd297ac487f246963dd2f (diff)
Merge tag 'nfsd-4.10-1' of git://linux-nfs.org/~bfields/linux
Pull nfsd fixes from Bruce Fields: "Miscellaneous nfsd bugfixes, one for a 4.10 regression, three for older bugs" * tag 'nfsd-4.10-1' of git://linux-nfs.org/~bfields/linux: svcrdma: avoid duplicate dma unmapping during error recovery sunrpc: don't call sleeping functions from the notifier block callbacks svcrpc: don't leak contexts on PROC_DESTROY nfsd: fix supported attributes for acl & labels
Diffstat (limited to 'include/xen/xenbus.h')