/**
* Gets a textual representation of a MLS category and
* all of that category's sensitivies.
*
* @param type_datum Reference to sepol type_datum
* @param policydb Reference to a policy
*/
static PyObject* get_cat_sens(const qpol_cat_t * cat_datum, const apol_policy_t * policydb)
{
const char *cat_name, *lvl_name;
apol_level_query_t *query = NULL;
apol_vector_t *v = NULL;
const qpol_level_t *lvl_datum = NULL;
qpol_policy_t *q = apol_policy_get_qpol(policydb);
size_t i, n_sens = 0;
int error = 0;
PyObject *list = NULL;
PyObject *dict = PyDict_New();
if (!dict) goto err;
if (!cat_datum || !policydb)
goto err;
/* get category name for apol query */
if (qpol_cat_get_name(q, cat_datum, &cat_name))
goto cleanup;
query = apol_level_query_create();
if (!query)
goto err;
if (apol_level_query_set_cat(policydb, query, cat_name))
goto err;
if (apol_level_get_by_query(policydb, query, &v))
goto err;
apol_vector_sort(v, &qpol_level_datum_compare, (void *)policydb);
dict = PyDict_New();
if (!dict) goto err;
if (py_insert_string(dict, "name", cat_name))
goto err;
n_sens = apol_vector_get_size(v);
list = PyList_New(0);
if (!list) goto err;
for (i = 0; i < n_sens; i++) {
lvl_datum = (qpol_level_t *) apol_vector_get_element(v, i);
if (!lvl_datum)
goto err;
if (qpol_level_get_name(q, lvl_datum, &lvl_name))
goto err;
if (py_append_string(list, lvl_name))
goto err;
}
if (py_insert_obj(dict, "level", list))
goto err;
Py_DECREF(list);
goto cleanup;
err:
error = errno;
PyErr_SetString(PyExc_RuntimeError,strerror(errno));
py_decref(list); list = NULL;
py_decref(dict); dict = NULL;
cleanup:
apol_level_query_destroy(&query);
apol_vector_destroy(&v);
errno = error;
return dict;
}
static int mls_level_name_to_cat_comp(const void *a, const void *b, void *data)
{
const qpol_cat_t *cat = a;
const char *name = (const char *)b;
qpol_policy_t *q = (qpol_policy_t *) data;
const char *cat_name = "";
qpol_cat_get_name(q, cat, &cat_name);
return strcmp(name, cat_name);
}
/**
* Given a level, return a vector of its allowed categories (in the
* form of strings). These will be sorted in policy order.
*
* @param diff Policy diff error handler.
* @param p Policy from which the level came.
* @param level Level whose categories to get.
*
* @return Vector of category strings for the level. The caller is
* responsible for calling apol_vector_destroy(). On error, return
* NULL.
*/
static apol_vector_t *level_get_cats(const poldiff_t * diff, const apol_policy_t * p, const qpol_level_t * level)
{
qpol_iterator_t *iter = NULL;
const qpol_cat_t *cat;
const char *cat_name;
apol_vector_t *v = NULL;
qpol_policy_t *q = apol_policy_get_qpol(p);
int retval = -1, error = 0;
if ((v = apol_vector_create(NULL)) == NULL) {
ERR(diff, "%s", strerror(errno));
goto cleanup;
}
if (qpol_level_get_cat_iter(q, level, &iter) < 0) {
goto cleanup;
}
for (; !qpol_iterator_end(iter); qpol_iterator_next(iter)) {
if (qpol_iterator_get_item(iter, (void **)&cat) < 0 || qpol_cat_get_name(q, cat, &cat_name)) {
error = errno;
goto cleanup;
}
if (apol_vector_append(v, (void *)cat_name) < 0) {
error = errno;
ERR(diff, "%s", strerror(error));
goto cleanup;
}
}
retval = 0;
cleanup:
qpol_iterator_destroy(&iter);
if (retval < 0) {
apol_vector_destroy(&v);
errno = error;
return NULL;
}
return v;
}
