|
Packit Service |
102278 |
/* Copyright (C) 2017 Mellanox Technologies Inc. */
|
|
Packit Service |
102278 |
|
|
Packit Service |
102278 |
struct semanage_ibpkey;
|
|
Packit Service |
102278 |
struct semanage_ibpkey_key;
|
|
Packit Service |
102278 |
typedef struct semanage_ibpkey record_t;
|
|
Packit Service |
102278 |
typedef struct semanage_ibpkey_key record_key_t;
|
|
Packit Service |
102278 |
#define DBASE_RECORD_DEFINED
|
|
Packit Service |
102278 |
|
|
Packit Service |
102278 |
struct dbase_file;
|
|
Packit Service |
102278 |
typedef struct dbase_file dbase_t;
|
|
Packit Service |
102278 |
#define DBASE_DEFINED
|
|
Packit Service |
102278 |
|
|
Packit Service |
102278 |
#include <stdlib.h>
|
|
Packit Service |
102278 |
#include <stdio.h>
|
|
Packit Service |
102278 |
#include <strings.h>
|
|
Packit Service |
102278 |
#include <semanage/handle.h>
|
|
Packit Service |
102278 |
#include "ibpkey_internal.h"
|
|
Packit Service |
102278 |
#include "context_internal.h"
|
|
Packit Service |
102278 |
#include "database_file.h"
|
|
Packit Service |
102278 |
#include "parse_utils.h"
|
|
Packit Service |
102278 |
#include "debug.h"
|
|
Packit Service |
102278 |
|
|
Packit Service |
102278 |
static int ibpkey_print(semanage_handle_t *handle,
|
|
Packit Service |
102278 |
semanage_ibpkey_t *ibpkey, FILE *str)
|
|
Packit Service |
102278 |
{
|
|
Packit Service |
102278 |
char *con_str = NULL;
|
|
Packit Service |
102278 |
char *subnet_prefix_str = NULL;
|
|
Packit Service |
102278 |
|
|
Packit Service |
102278 |
int low = semanage_ibpkey_get_low(ibpkey);
|
|
Packit Service |
102278 |
int high = semanage_ibpkey_get_high(ibpkey);
|
|
Packit Service |
102278 |
|
|
Packit Service |
102278 |
if (semanage_ibpkey_get_subnet_prefix(handle, ibpkey, &subnet_prefix_str) != 0)
|
|
Packit Service |
102278 |
goto err;
|
|
Packit Service |
102278 |
|
|
Packit Service |
102278 |
semanage_context_t *con = semanage_ibpkey_get_con(ibpkey);
|
|
Packit Service |
102278 |
|
|
Packit Service |
102278 |
if (fprintf(str, "ibpkeycon %s ", subnet_prefix_str) < 0)
|
|
Packit Service |
102278 |
goto err;
|
|
Packit Service |
102278 |
|
|
Packit Service |
102278 |
if (low == high) {
|
|
Packit Service |
102278 |
if (fprintf(str, "%d ", low) < 0)
|
|
Packit Service |
102278 |
goto err;
|
|
Packit Service |
102278 |
} else {
|
|
Packit Service |
102278 |
if (fprintf(str, "%d - %d ", low, high) < 0)
|
|
Packit Service |
102278 |
goto err;
|
|
Packit Service |
102278 |
}
|
|
Packit Service |
102278 |
|
|
Packit Service |
102278 |
if (semanage_context_to_string(handle, con, &con_str) < 0)
|
|
Packit Service |
102278 |
goto err;
|
|
Packit Service |
102278 |
if (fprintf(str, "%s\n", con_str) < 0)
|
|
Packit Service |
102278 |
goto err;
|
|
Packit Service |
102278 |
|
|
Packit Service |
102278 |
free(subnet_prefix_str);
|
|
Packit Service |
102278 |
free(con_str);
|
|
Packit Service |
102278 |
return STATUS_SUCCESS;
|
|
Packit Service |
102278 |
|
|
Packit Service |
102278 |
err:
|
|
Packit Service |
102278 |
ERR(handle, "could not print ibpkey range (%s) %u - %u to stream",
|
|
Packit Service |
102278 |
subnet_prefix_str, low, high);
|
|
Packit Service |
102278 |
free(subnet_prefix_str);
|
|
Packit Service |
102278 |
free(con_str);
|
|
Packit Service |
102278 |
return STATUS_ERR;
|
|
Packit Service |
102278 |
}
|
|
Packit Service |
102278 |
|
|
Packit Service |
102278 |
static int ibpkey_parse(semanage_handle_t *handle,
|
|
Packit Service |
102278 |
parse_info_t *info, semanage_ibpkey_t *ibpkey)
|
|
Packit Service |
102278 |
{
|
|
Packit Service |
102278 |
int low, high;
|
|
Packit Service |
102278 |
char *str = NULL;
|
|
Packit Service |
102278 |
semanage_context_t *con = NULL;
|
|
Packit Service |
102278 |
|
|
Packit Service |
102278 |
if (parse_skip_space(handle, info) < 0)
|
|
Packit Service |
102278 |
goto err;
|
|
Packit Service |
102278 |
if (!info->ptr)
|
|
Packit Service |
102278 |
goto last;
|
|
Packit Service |
102278 |
|
|
Packit Service |
102278 |
/* Header */
|
|
Packit Service |
102278 |
if (parse_assert_str(handle, info, "ibpkeycon") < 0)
|
|
Packit Service |
102278 |
goto err;
|
|
Packit Service |
102278 |
if (parse_assert_space(handle, info) < 0)
|
|
Packit Service |
102278 |
goto err;
|
|
Packit Service |
102278 |
|
|
Packit Service |
102278 |
/* Subnet Prefix */
|
|
Packit Service |
102278 |
if (parse_fetch_string(handle, info, &str, ' ') < 0)
|
|
Packit Service |
102278 |
goto err;
|
|
Packit Service |
102278 |
if (semanage_ibpkey_set_subnet_prefix(handle, ibpkey, str) < 0)
|
|
Packit Service |
102278 |
goto err;
|
|
Packit Service |
102278 |
free(str);
|
|
Packit Service |
102278 |
str = NULL;
|
|
Packit Service |
102278 |
|
|
Packit Service |
102278 |
/* Range/Pkey */
|
|
Packit Service |
102278 |
if (parse_assert_space(handle, info) < 0)
|
|
Packit Service |
102278 |
goto err;
|
|
Packit Service |
102278 |
if (parse_fetch_int(handle, info, &low, '-') < 0)
|
|
Packit Service |
102278 |
goto err;
|
|
Packit Service |
102278 |
|
|
Packit Service |
102278 |
/* If range (-) does not follow immediately, require a space
|
|
Packit Service |
102278 |
* In other words, the space here is optional, but only
|
|
Packit Service |
102278 |
* in the ranged case, not in the single ibpkey case,
|
|
Packit Service |
102278 |
* so do a custom test
|
|
Packit Service |
102278 |
*/
|
|
Packit Service |
102278 |
if (*info->ptr && *info->ptr != '-') {
|
|
Packit Service |
102278 |
if (parse_assert_space(handle, info) < 0)
|
|
Packit Service |
102278 |
goto err;
|
|
Packit Service |
102278 |
}
|
|
Packit Service |
102278 |
|
|
Packit Service |
102278 |
if (parse_optional_ch(info, '-') != STATUS_NODATA) {
|
|
Packit Service |
102278 |
if (parse_skip_space(handle, info) < 0)
|
|
Packit Service |
102278 |
goto err;
|
|
Packit Service |
102278 |
if (parse_fetch_int(handle, info, &high, ' ') < 0)
|
|
Packit Service |
102278 |
goto err;
|
|
Packit Service |
102278 |
if (parse_assert_space(handle, info) < 0)
|
|
Packit Service |
102278 |
goto err;
|
|
Packit Service |
102278 |
semanage_ibpkey_set_range(ibpkey, low, high);
|
|
Packit Service |
102278 |
} else {
|
|
Packit Service |
102278 |
semanage_ibpkey_set_pkey(ibpkey, low);
|
|
Packit Service |
102278 |
}
|
|
Packit Service |
102278 |
/* Pkey context */
|
|
Packit Service |
102278 |
if (parse_fetch_string(handle, info, &str, ' ') < 0)
|
|
Packit Service |
102278 |
goto err;
|
|
Packit Service |
102278 |
if (semanage_context_from_string(handle, str, &con) < 0) {
|
|
Packit Service |
102278 |
ERR(handle, "invalid security context \"%s\" (%s: %u)\n%s",
|
|
Packit Service |
102278 |
str, info->filename, info->lineno, info->orig_line);
|
|
Packit Service |
102278 |
goto err;
|
|
Packit Service |
102278 |
}
|
|
Packit Service |
102278 |
if (!con) {
|
|
Packit Service |
102278 |
ERR(handle, "<<none>> context is not valid for ibpkeys (%s: %u):\n%s",
|
|
Packit Service |
102278 |
info->filename,
|
|
Packit Service |
102278 |
info->lineno, info->orig_line);
|
|
Packit Service |
102278 |
goto err;
|
|
Packit Service |
102278 |
}
|
|
Packit Service |
102278 |
free(str);
|
|
Packit Service |
102278 |
str = NULL;
|
|
Packit Service |
102278 |
|
|
Packit Service |
102278 |
if (semanage_ibpkey_set_con(handle, ibpkey, con) < 0)
|
|
Packit Service |
102278 |
goto err;
|
|
Packit Service |
102278 |
|
|
Packit Service |
102278 |
if (parse_assert_space(handle, info) < 0)
|
|
Packit Service |
102278 |
goto err;
|
|
Packit Service |
102278 |
|
|
Packit Service |
102278 |
semanage_context_free(con);
|
|
Packit Service |
102278 |
return STATUS_SUCCESS;
|
|
Packit Service |
102278 |
|
|
Packit Service |
102278 |
last:
|
|
Packit Service |
102278 |
parse_dispose_line(info);
|
|
Packit Service |
102278 |
return STATUS_NODATA;
|
|
Packit Service |
102278 |
|
|
Packit Service |
102278 |
err:
|
|
Packit Service |
102278 |
ERR(handle, "could not parse ibpkey record");
|
|
Packit Service |
102278 |
free(str);
|
|
Packit Service |
102278 |
semanage_context_free(con);
|
|
Packit Service |
102278 |
parse_dispose_line(info);
|
|
Packit Service |
102278 |
return STATUS_ERR;
|
|
Packit Service |
102278 |
}
|
|
Packit Service |
102278 |
|
|
Packit Service |
102278 |
/* IBPKEY RECORD: FILE extension: method table */
|
|
Packit Service |
102278 |
record_file_table_t SEMANAGE_IBPKEY_FILE_RTABLE = {
|
|
Packit Service |
102278 |
.parse = ibpkey_parse,
|
|
Packit Service |
102278 |
.print = ibpkey_print,
|
|
Packit Service |
102278 |
};
|
|
Packit Service |
102278 |
|
|
Packit Service |
102278 |
int ibpkey_file_dbase_init(semanage_handle_t *handle,
|
|
Packit Service |
102278 |
const char *path_ro,
|
|
Packit Service |
102278 |
const char *path_rw,
|
|
Packit Service |
102278 |
dbase_config_t *dconfig)
|
|
Packit Service |
102278 |
{
|
|
Packit Service |
102278 |
if (dbase_file_init(handle,
|
|
Packit Service |
102278 |
path_ro,
|
|
Packit Service |
102278 |
path_rw,
|
|
Packit Service |
102278 |
&SEMANAGE_IBPKEY_RTABLE,
|
|
Packit Service |
102278 |
&SEMANAGE_IBPKEY_FILE_RTABLE, &dconfig->dbase) < 0)
|
|
Packit Service |
102278 |
return STATUS_ERR;
|
|
Packit Service |
102278 |
|
|
Packit Service |
102278 |
dconfig->dtable = &SEMANAGE_FILE_DTABLE;
|
|
Packit Service |
102278 |
return STATUS_SUCCESS;
|
|
Packit Service |
102278 |
}
|
|
Packit Service |
102278 |
|
|
Packit Service |
102278 |
void ibpkey_file_dbase_release(dbase_config_t *dconfig)
|
|
Packit Service |
102278 |
{
|
|
Packit Service |
102278 |
dbase_file_release(dconfig->dbase);
|
|
Packit Service |
102278 |
}
|