int
init_zonedata_hashtable( const int debuglvl,
unsigned int n_rows,
d_list *zones_list,
unsigned int (*hash_func)(const void *data),
int (*compare_func)(const void *table_data, const void *search_data),
Hash *hash_table)
{
struct ZoneData_ *zone_ptr = NULL;
d_list_node *d_node = NULL;
/* safety */
if(!zones_list)
{
(void)vrprint.error(-1, "Internal Error", "parameter problem (in: %s:%d).", __FUNC__, __LINE__);
return(-1);
}
/* setup the hash table */
if(hash_setup(debuglvl, hash_table, n_rows, hash_func, compare_func) != 0)
{
(void)vrprint.error(-1, "Internal Error", "hash table initializing failed (in: %s:%d).", __FUNC__, __LINE__);
return(-1);
}
/* go through the list and insert into the hash-table */
for(d_node = zones_list->top; d_node ; d_node = d_node->next)
{
if(!(zone_ptr = d_node->data))
{
(void)vrprint.error(-1, "Internal Error", "NULL pointer (in: %s:%d).", __FUNC__, __LINE__);
return(-1);
}
/* we only insert hosts and firewalls, which are actually interfaces */
if(zone_ptr->type == TYPE_HOST || zone_ptr->type == TYPE_FIREWALL)
{
if(strcmp(zone_ptr->ipv4.ipaddress, "") != 0)
{
if(hash_insert(debuglvl, hash_table, zone_ptr) != 0)
{
(void)vrprint.error(-1, "Internal Error", "inserting hashtable failed for %s (in: init_zonedata_hashtable).", zone_ptr->name);
return(-1);
}
else
{
if(debuglvl >= HIGH)
(void)vrprint.debug(__FUNC__, "hash_insert succes (%s)", zone_ptr->name);
}
}
else
{
if(debuglvl >= HIGH)
(void)vrprint.debug(__FUNC__, "no ipaddress in zone %s (%s)", zone_ptr->name, zone_ptr->ipv4.ipaddress);
}
}
}
return(0);
}
static int __init init_ima(void)
{
int error;
hash_setup(CONFIG_IMA_DEFAULT_HASH);
error = ima_init();
if (!error)
ima_initialized = 1;
return error;
}
static int __init init_ima(void)
{
int error;
hash_setup(CONFIG_IMA_DEFAULT_HASH);
error = ima_init();
if (!error) {
ima_initialized = 1;
ima_update_policy_flag();
}
return error;
}
static int __init init_ima(void)
{
int error;
ima_init_template_list();
hash_setup(CONFIG_IMA_DEFAULT_HASH);
error = ima_init();
if (error && strcmp(hash_algo_name[ima_hash_algo],
CONFIG_IMA_DEFAULT_HASH) != 0) {
pr_info("Allocating %s failed, going to use default hash algorithm %s\n",
hash_algo_name[ima_hash_algo], CONFIG_IMA_DEFAULT_HASH);
hash_setup_done = 0;
hash_setup(CONFIG_IMA_DEFAULT_HASH);
error = ima_init();
}
if (!error)
ima_update_policy_flag();
return error;
}
static int __init init_ima(void)
{
int error;
hash_setup(CONFIG_IMA_DEFAULT_HASH);
error = ima_init();
if (error)
goto out;
error = ima_init_keyring(INTEGRITY_KEYRING_IMA);
if (error)
goto out;
ima_initialized = 1;
out:
return error;
}
int
init_services_hashtable( const int debuglvl,
unsigned int n_rows,
d_list *services_list,
unsigned int (*hash_func)(const void *data),
int (*compare_func)(const void *table_data, const void *search_data),
Hash *hash_table)
{
d_list_node *d_node = NULL;
int port = 0;
struct ServicesData_ *ser_ptr = NULL;
struct portdata *portrange_ptr = NULL;
d_list_node *d_node_serlist = NULL;
if(debuglvl >= LOW)
(void)vrprint.debug(__FUNC__, "services hashtable size will be %d rows.", n_rows);
/* safety */
if(!services_list)
{
(void)vrprint.error(-1, "Internal Error", "parameter problem (in: %s:%d).", __FUNC__, __LINE__);
return(-1);
}
/* init the hashtable for services */
if(hash_setup(debuglvl, hash_table, n_rows, hash_func, compare_func) != 0)
{
(void)vrprint.error(-1, "Internal Error", "hash table initializing failed (in: init_services_hashtable).");
return(-1);
}
for(d_node_serlist = services_list->top; d_node_serlist; d_node_serlist = d_node_serlist->next)
{
if(!(ser_ptr = d_node_serlist->data))
{
(void)vrprint.error(-1, "Internal Error", "NULL pointer (in: %s:%d).", __FUNC__, __LINE__);
return(-1);
}
if(debuglvl >= HIGH)
(void)vrprint.debug(__FUNC__, "service: '%s', '%p', len: '%d'.", ser_ptr->name, ser_ptr, ser_ptr->PortrangeList.len);
if(ser_ptr->PortrangeList.len > 0)
{
for(d_node = ser_ptr->PortrangeList.top; d_node; d_node = d_node->next)
{
if(debuglvl >= HIGH)
(void)vrprint.debug(__FUNC__, "service: '%s', '%p', len: '%d', d_node: '%p', 'd_node->data: '%p'.", ser_ptr->name, ser_ptr, ser_ptr->PortrangeList.len, d_node, d_node->data);
portrange_ptr = d_node->data;
if(portrange_ptr == NULL)
{
(void)vrprint.error(-1, "Internal Error", "NULL pointer (in: %s:%d).", __FUNC__, __LINE__);
return(-1);
}
if (portrange_ptr->dst_high == 0)
{
/* once a service is inserted into the hash, we dont need to insert it again under the same hash
we don't do this check for GRE, because dst_low and hash_port are both 0
*/
if ((portrange_ptr->protocol == 1 || portrange_ptr->protocol == 6 || portrange_ptr->protocol == 17) &&
portrange_ptr->dst_low == ser_ptr->hash_port)
{
if(debuglvl >= HIGH)
(void)vrprint.debug(__FUNC__, "dupe! service '%s': hashport: %d, prot: %d, src_low: %d, src_high: %d, dst_low: %d, dst_high: %d", ser_ptr->name, ser_ptr->hash_port, portrange_ptr->protocol, portrange_ptr->src_low, portrange_ptr->src_high, portrange_ptr->dst_low, portrange_ptr->dst_high);
}
else
{
if (!(portrange_ptr->protocol == 1 || portrange_ptr->protocol == 6 || portrange_ptr->protocol == 17))
ser_ptr->hash_port = portrange_ptr->protocol;
else
ser_ptr->hash_port = portrange_ptr->dst_low;
if(debuglvl >= HIGH)
(void)vrprint.debug(__FUNC__, "(dst_high == 0): service '%s': hashport: %d, prot: %d, src_low: %d, src_high: %d, dst_low: %d, dst_high: %d", ser_ptr->name, ser_ptr->hash_port, portrange_ptr->protocol, portrange_ptr->src_low, portrange_ptr->src_high, portrange_ptr->dst_low, portrange_ptr->dst_high);
if(hash_insert(debuglvl, hash_table, ser_ptr) != 0)
{
(void)vrprint.error(-1, "Internal Error", "inserting into hashtable failed (in: init_services_hash).");
return(1);
}
}
}
else
{
for(port = portrange_ptr->dst_low; port <= portrange_ptr->dst_high; port++)
{
ser_ptr->hash_port = port;
if(hash_insert(debuglvl, hash_table, ser_ptr) != 0)
{
(void)vrprint.error(-1, "Internal Error", "inserting into hashtable failed (in: init_services_hash).");
return(1);
}
}
}
}
}
/* now we reset the hash-port variable, otherwise it disturb creating the hash again
(this function depends on hash_port to be 0 on start) */
ser_ptr->hash_port = 0;
}
return(0);
}
