Blame - checkpolicy/policy_scan.l - fp2-dev/platform/external/selinux

blob: 108edbc353284f4efccb2cff3a91b2b71117cc46 [file] [log] [blame]

Joshua Brindle	13cd4c8	2008-08-19 15:30:36 -0400	[diff] [blame]	1
				2	/*
				3	* Author : Stephen Smalley, <sds@epoch.ncsc.mil>
				4	*/
				5
				6	/* Updated: David Caplan, <dac@tresys.com>
				7	*
				8	* Added conditional policy language extensions
				9	*
				10	* Jason Tang <jtang@tresys.com>
				11	*
				12	* Added support for binary policy modules
				13	*
				14	* Copyright (C) 2003-5 Tresys Technology, LLC
				15	* This program is free software; you can redistribute it and/or modify
				16	* it under the terms of the GNU General Public License as published by
				17	* the Free Software Foundation, version 2.
				18	*/
				19
				20	/* FLASK */
				21
				22	%{
				23	#include <sys/types.h>
				24	#include <limits.h>
				25	#include <stdint.h>
				26	#include <string.h>
				27
Nicolas Iooss	c4a4a1a	2014-09-14 23:41:49 +0200	[diff] [blame]	28	typedef int (* require_func_t)(void);
Joshua Brindle	13cd4c8	2008-08-19 15:30:36 -0400	[diff] [blame]	29
Stephen Smalley	da752ca	2012-02-23 10:14:13 -0500	[diff] [blame]	30	#ifdef ANDROID
				31	#include "policy_parse.h"
				32	#else
Joshua Brindle	13cd4c8	2008-08-19 15:30:36 -0400	[diff] [blame]	33	#include "y.tab.h"
Stephen Smalley	da752ca	2012-02-23 10:14:13 -0500	[diff] [blame]	34	#endif
Joshua Brindle	13cd4c8	2008-08-19 15:30:36 -0400	[diff] [blame]	35
				36	static char linebuf[2][255];
				37	static unsigned int lno = 0;
Nicolas Iooss	832e701	2014-09-14 23:41:39 +0200	[diff] [blame]	38	int yywarn(const char *msg);
Joshua Brindle	13cd4c8	2008-08-19 15:30:36 -0400	[diff] [blame]	39
				40	void set_source_file(const char *name);
				41
				42	char source_file[PATH_MAX];
				43	unsigned long source_lineno = 1;
				44
				45	unsigned long policydb_lineno = 1;
				46
				47	unsigned int policydb_errors = 0;
				48	%}
				49
Stephen Smalley	da752ca	2012-02-23 10:14:13 -0500	[diff] [blame]	50	%option noinput nounput noyywrap
Joshua Brindle	13cd4c8	2008-08-19 15:30:36 -0400	[diff] [blame]	51
				52	%array
				53	letter [A-Za-z]
				54	digit [0-9]
				55	alnum [a-zA-Z0-9]
				56	hexval [0-9A-Fa-f]
				57
				58	%%
				59	\n.* { strncpy(linebuf[lno], yytext+1, 255);
				60	linebuf[lno][254] = 0;
				61	lno = 1 - lno;
				62	policydb_lineno++;
				63	source_lineno++;
				64	yyless(1); }
				65	CLONE \|
				66	clone { return(CLONE); }
				67	COMMON \|
				68	common { return(COMMON); }
				69	CLASS \|
				70	class { return(CLASS); }
				71	CONSTRAIN \|
				72	constrain { return(CONSTRAIN); }
				73	VALIDATETRANS \|
				74	validatetrans { return(VALIDATETRANS); }
				75	INHERITS \|
				76	inherits { return(INHERITS); }
				77	SID \|
				78	sid { return(SID); }
				79	ROLE \|
				80	role { return(ROLE); }
				81	ROLES \|
				82	roles { return(ROLES); }
Harry Ciao	16675b7	2011-07-25 09:23:54 +0800	[diff] [blame]	83	ROLEATTRIBUTE \|
				84	roleattribute { return(ROLEATTRIBUTE);}
				85	ATTRIBUTE_ROLE \|
				86	attribute_role { return(ATTRIBUTE_ROLE);}
Joshua Brindle	13cd4c8	2008-08-19 15:30:36 -0400	[diff] [blame]	87	TYPES \|
				88	types { return(TYPES); }
				89	TYPEALIAS \|
				90	typealias { return(TYPEALIAS); }
				91	TYPEATTRIBUTE \|
				92	typeattribute { return(TYPEATTRIBUTE); }
Joshua Brindle	4572840	2008-10-08 06:56:51 -0400	[diff] [blame]	93	TYPEBOUNDS \|
				94	typebounds { return(TYPEBOUNDS); }
Joshua Brindle	13cd4c8	2008-08-19 15:30:36 -0400	[diff] [blame]	95	TYPE \|
				96	type { return(TYPE); }
				97	BOOL \|
				98	bool { return(BOOL); }
Harry Ciao	80f26c5	2011-09-01 11:29:41 +0800	[diff] [blame]	99	TUNABLE \|
				100	tunable { return(TUNABLE); }
Joshua Brindle	13cd4c8	2008-08-19 15:30:36 -0400	[diff] [blame]	101	IF \|
				102	if { return(IF); }
				103	ELSE \|
				104	else { return(ELSE); }
				105	ALIAS \|
				106	alias { return(ALIAS); }
				107	ATTRIBUTE \|
				108	attribute { return(ATTRIBUTE); }
				109	TYPE_TRANSITION \|
				110	type_transition { return(TYPE_TRANSITION); }
				111	TYPE_MEMBER \|
				112	type_member { return(TYPE_MEMBER); }
				113	TYPE_CHANGE \|
				114	type_change { return(TYPE_CHANGE); }
				115	ROLE_TRANSITION \|
				116	role_transition { return(ROLE_TRANSITION); }
				117	RANGE_TRANSITION \|
				118	range_transition { return(RANGE_TRANSITION); }
				119	SENSITIVITY \|
				120	sensitivity { return(SENSITIVITY); }
				121	DOMINANCE \|
				122	dominance { return(DOMINANCE); }
				123	CATEGORY \|
				124	category { return(CATEGORY); }
				125	LEVEL \|
				126	level { return(LEVEL); }
				127	RANGE \|
				128	range { return(RANGE); }
				129	MLSCONSTRAIN \|
				130	mlsconstrain { return(MLSCONSTRAIN); }
				131	MLSVALIDATETRANS \|
				132	mlsvalidatetrans { return(MLSVALIDATETRANS); }
				133	USER \|
				134	user { return(USER); }
				135	NEVERALLOW \|
				136	neverallow { return(NEVERALLOW); }
				137	ALLOW \|
				138	allow { return(ALLOW); }
				139	AUDITALLOW \|
				140	auditallow { return(AUDITALLOW); }
				141	AUDITDENY \|
				142	auditdeny { return(AUDITDENY); }
				143	DONTAUDIT \|
				144	dontaudit { return(DONTAUDIT); }
				145	SOURCE \|
				146	source { return(SOURCE); }
				147	TARGET \|
				148	target { return(TARGET); }
				149	SAMEUSER \|
				150	sameuser { return(SAMEUSER);}
				151	module\|MODULE { return(MODULE); }
				152	require\|REQUIRE { return(REQUIRE); }
				153	optional\|OPTIONAL { return(OPTIONAL); }
				154	OR \|
				155	or { return(OR);}
				156	AND \|
				157	and { return(AND);}
				158	NOT \|
				159	not { return(NOT);}
				160	xor \|
				161	XOR { return(XOR); }
				162	eq \|
				163	EQ { return(EQUALS);}
				164	true \|
				165	TRUE { return(CTRUE); }
				166	false \|
				167	FALSE { return(CFALSE); }
				168	dom \|
				169	DOM { return(DOM);}
				170	domby \|
				171	DOMBY { return(DOMBY);}
				172	INCOMP \|
				173	incomp { return(INCOMP);}
				174	fscon \|
				175	FSCON { return(FSCON);}
				176	portcon \|
				177	PORTCON { return(PORTCON);}
				178	netifcon \|
				179	NETIFCON { return(NETIFCON);}
				180	nodecon \|
				181	NODECON { return(NODECON);}
Paul Nuzzi	79d10a8	2009-09-29 10:06:26 -0400	[diff] [blame]	182	pirqcon \|
				183	PIRQCON { return(PIRQCON);}
				184	iomemcon \|
				185	IOMEMCON { return(IOMEMCON);}
				186	ioportcon \|
				187	IOPORTCON { return(IOPORTCON);}
				188	pcidevicecon \|
				189	PCIDEVICECON { return(PCIDEVICECON);}
Daniel De Graaf	f029067	2015-03-17 16:43:24 -0400	[diff] [blame]	190	devicetreecon \|
				191	DEVICETREECON { return(DEVICETREECON);}
Joshua Brindle	13cd4c8	2008-08-19 15:30:36 -0400	[diff] [blame]	192	fs_use_xattr \|
				193	FS_USE_XATTR { return(FSUSEXATTR);}
				194	fs_use_task \|
				195	FS_USE_TASK { return(FSUSETASK);}
				196	fs_use_trans \|
				197	FS_USE_TRANS { return(FSUSETRANS);}
				198	genfscon \|
				199	GENFSCON { return(GENFSCON);}
				200	r1 \|
				201	R1 { return(R1); }
				202	r2 \|
				203	R2 { return(R2); }
				204	r3 \|
				205	R3 { return(R3); }
				206	u1 \|
				207	U1 { return(U1); }
				208	u2 \|
				209	U2 { return(U2); }
				210	u3 \|
				211	U3 { return(U3); }
				212	t1 \|
				213	T1 { return(T1); }
				214	t2 \|
				215	T2 { return(T2); }
				216	t3 \|
				217	T3 { return(T3); }
				218	l1 \|
				219	L1 { return(L1); }
				220	l2 \|
				221	L2 { return(L2); }
				222	h1 \|
				223	H1 { return(H1); }
				224	h2 \|
				225	H2 { return(H2); }
				226	policycap \|
				227	POLICYCAP { return(POLICYCAP); }
				228	permissive \|
				229	PERMISSIVE { return(PERMISSIVE); }
Eric Paris	09c783c	2011-12-05 13:28:51 -0500	[diff] [blame]	230	default_user \|
				231	DEFAULT_USER { return(DEFAULT_USER); }
				232	default_role \|
				233	DEFAULT_ROLE { return(DEFAULT_ROLE); }
Eric Paris	693f524	2012-12-18 11:41:25 -0500	[diff] [blame]	234	default_type \|
				235	DEFAULT_TYPE { return(DEFAULT_TYPE); }
Eric Paris	09c783c	2011-12-05 13:28:51 -0500	[diff] [blame]	236	default_range \|
				237	DEFAULT_RANGE { return(DEFAULT_RANGE); }
				238	low-high \|
				239	LOW-HIGH { return(LOW_HIGH); }
				240	high \|
				241	HIGH { return(HIGH); }
				242	low \|
				243	LOW { return(LOW); }
Stephen Smalley	d5286d7	2008-10-14 10:57:24 -0400	[diff] [blame]	244	"/"({alnum}\|[_\.\-/])* { return(PATH); }
Daniel De Graaf	aab2d9f	2015-03-17 16:43:22 -0400	[diff] [blame]	245	\""/"[ !#-~]*\" { return(QPATH); }
Dan Walsh	4d2dd33	2013-10-09 14:27:20 -0400	[diff] [blame]	246	\"({alnum}\|[_\.\-\+\~\: ])+\" { return(FILENAME); }
Stephen Smalley	d5286d7	2008-10-14 10:57:24 -0400	[diff] [blame]	247	{letter}({alnum}\|[_\-])([\.]?({alnum}\|[_\-])) { return(IDENTIFIER); }
Paul Nuzzi	79d10a8	2009-09-29 10:06:26 -0400	[diff] [blame]	248	{digit}+\|0x{hexval}+ { return(NUMBER); }
Stephen Smalley	560af47	2015-03-10 12:39:17 -0400	[diff] [blame]	249	{alnum}{letter}{alnum} { return(FILESYSTEM); }
Joshua Brindle	13cd4c8	2008-08-19 15:30:36 -0400	[diff] [blame]	250	{digit}{1,3}(\.{digit}{1,3}){3} { return(IPV4_ADDR); }
				251	{hexval}{0,4}":"{hexval}{0,4}":"({hexval}\|[:.])* { return(IPV6_ADDR); }
				252	{digit}+(\.({alnum}\|[_.])*)? { return(VERSION_IDENTIFIER); }
Joshua Brindle	13cd4c8	2008-08-19 15:30:36 -0400	[diff] [blame]	253	#line[ ]1[ ]\"[^\n]*\" { set_source_file(yytext+9); }
				254	#line[ ]{digit}+ { source_lineno = atoi(yytext+6)-1; }
				255	#[^\n]* { /* delete comments */ }
				256	[ \t\f]+ { /* delete whitespace */ }
				257	"==" { return(EQUALS); }
				258	"!=" { return (NOTEQUAL); }
				259	"&&" { return (AND); }
				260	"\|\|" { return (OR); }
				261	"!" { return (NOT); }
				262	"^" { return (XOR); }
				263	"," \|
				264	":" \|
				265	";" \|
				266	"(" \|
				267	")" \|
				268	"{" \|
				269	"}" \|
				270	"[" \|
				271	"-" \|
				272	"." \|
				273	"]" \|
				274	"~" \|
				275	"*" { return(yytext[0]); }
				276	. { yywarn("unrecognized character");}
				277	%%
Nicolas Iooss	832e701	2014-09-14 23:41:39 +0200	[diff] [blame]	278	int yyerror(const char *msg)
Joshua Brindle	13cd4c8	2008-08-19 15:30:36 -0400	[diff] [blame]	279	{
				280	if (source_file[0])
				281	fprintf(stderr, "%s:%ld:",
				282	source_file, source_lineno);
				283	else
				284	fprintf(stderr, "(unknown source)::");
				285	fprintf(stderr, "ERROR '%s' at token '%s' on line %ld:\n%s\n%s\n",
				286	msg,
				287	yytext,
				288	policydb_lineno,
				289	linebuf[0], linebuf[1]);
				290	policydb_errors++;
				291	return -1;
				292	}
				293
Nicolas Iooss	832e701	2014-09-14 23:41:39 +0200	[diff] [blame]	294	int yywarn(const char *msg)
Joshua Brindle	13cd4c8	2008-08-19 15:30:36 -0400	[diff] [blame]	295	{
				296	if (source_file[0])
				297	fprintf(stderr, "%s:%ld:",
				298	source_file, source_lineno);
				299	else
				300	fprintf(stderr, "(unknown source)::");
				301	fprintf(stderr, "WARNING '%s' at token '%s' on line %ld:\n%s\n%s\n",
				302	msg,
				303	yytext,
				304	policydb_lineno,
				305	linebuf[0], linebuf[1]);
				306	return 0;
				307	}
				308
				309	void set_source_file(const char *name)
				310	{
				311	source_lineno = 1;
				312	strncpy(source_file, name, sizeof(source_file)-1);
				313	source_file[sizeof(source_file)-1] = '\0';
Stephen Smalley	0e00684	2014-03-05 16:06:42 -0500	[diff] [blame]	314	if (strlen(source_file) && source_file[strlen(source_file)-1] == '"')
				315	source_file[strlen(source_file)-1] = '\0';
Joshua Brindle	13cd4c8	2008-08-19 15:30:36 -0400	[diff] [blame]	316	}