/** * Gets a textual representation of a MLS category and * all of that category's sensitivies. * * @param type_datum Reference to sepol type_datum * @param policydb Reference to a policy */ static PyObject* get_cat_sens(const qpol_cat_t * cat_datum, const apol_policy_t * policydb) { const char *cat_name, *lvl_name; apol_level_query_t *query = NULL; apol_vector_t *v = NULL; const qpol_level_t *lvl_datum = NULL; qpol_policy_t *q = apol_policy_get_qpol(policydb); size_t i, n_sens = 0; int error = 0; PyObject *list = NULL; PyObject *dict = PyDict_New(); if (!dict) goto err; if (!cat_datum || !policydb) goto err; /* get category name for apol query */ if (qpol_cat_get_name(q, cat_datum, &cat_name)) goto cleanup; query = apol_level_query_create(); if (!query) goto err; if (apol_level_query_set_cat(policydb, query, cat_name)) goto err; if (apol_level_get_by_query(policydb, query, &v)) goto err; apol_vector_sort(v, &qpol_level_datum_compare, (void *)policydb); dict = PyDict_New(); if (!dict) goto err; if (py_insert_string(dict, "name", cat_name)) goto err; n_sens = apol_vector_get_size(v); list = PyList_New(0); if (!list) goto err; for (i = 0; i < n_sens; i++) { lvl_datum = (qpol_level_t *) apol_vector_get_element(v, i); if (!lvl_datum) goto err; if (qpol_level_get_name(q, lvl_datum, &lvl_name)) goto err; if (py_append_string(list, lvl_name)) goto err; } if (py_insert_obj(dict, "level", list)) goto err; Py_DECREF(list); goto cleanup; err: error = errno; PyErr_SetString(PyExc_RuntimeError,strerror(errno)); py_decref(list); list = NULL; py_decref(dict); dict = NULL; cleanup: apol_level_query_destroy(&query); apol_vector_destroy(&v); errno = error; return dict; }
static int mls_level_name_to_cat_comp(const void *a, const void *b, void *data) { const qpol_cat_t *cat = a; const char *name = (const char *)b; qpol_policy_t *q = (qpol_policy_t *) data; const char *cat_name = ""; qpol_cat_get_name(q, cat, &cat_name); return strcmp(name, cat_name); }
/** * Given a level, return a vector of its allowed categories (in the * form of strings). These will be sorted in policy order. * * @param diff Policy diff error handler. * @param p Policy from which the level came. * @param level Level whose categories to get. * * @return Vector of category strings for the level. The caller is * responsible for calling apol_vector_destroy(). On error, return * NULL. */ static apol_vector_t *level_get_cats(const poldiff_t * diff, const apol_policy_t * p, const qpol_level_t * level) { qpol_iterator_t *iter = NULL; const qpol_cat_t *cat; const char *cat_name; apol_vector_t *v = NULL; qpol_policy_t *q = apol_policy_get_qpol(p); int retval = -1, error = 0; if ((v = apol_vector_create(NULL)) == NULL) { ERR(diff, "%s", strerror(errno)); goto cleanup; } if (qpol_level_get_cat_iter(q, level, &iter) < 0) { goto cleanup; } for (; !qpol_iterator_end(iter); qpol_iterator_next(iter)) { if (qpol_iterator_get_item(iter, (void **)&cat) < 0 || qpol_cat_get_name(q, cat, &cat_name)) { error = errno; goto cleanup; } if (apol_vector_append(v, (void *)cat_name) < 0) { error = errno; ERR(diff, "%s", strerror(error)); goto cleanup; } } retval = 0; cleanup: qpol_iterator_destroy(&iter); if (retval < 0) { apol_vector_destroy(&v); errno = error; return NULL; } return v; }