1 files changed, 182 insertions, 0 deletions

diff --git a/lib/libc/posix1e/mac_text.c b/lib/libc/posix1e/mac_text.c
new file mode 100644
index 0000000..3ab6484d
--- /dev/null
+++ b/lib/libc/posix1e/mac_text.c
@@ -0,0 +1,182 @@
+/*
+ * Copyright (c) 1999, 2000, 2001, 2002 Robert N. M. Watson
+ * Copyright (c) 2002 Networks Associates Technology, Inc.
+ * All rights reserved.
+ *
+ * This software was developed by Robert Watson for the TrustedBSD Project.
+ *
+ * This software was developed for the FreeBSD Project in part by NAI Labs,
+ * the Security Research Division of Network Associates, Inc. under
+ * DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the DARPA
+ * CHATS research program.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The names of the authors may not be used to endorse or promote
+ *    products derived from this software without specific prior written
+ *    permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * $FreeBSD$
+ */
+
+#include <sys/types.h>
+#include <sys/mac.h>
+
+#include <errno.h>
+#include <stdio.h>
+#include <string.h>
+
+#include "mac_internal.h"
+
+/*
+ * POSIX.1e does not define a text format for MAC label string conversions.
+ * We use the following format:
+ *
+ * label: policyname/policyvalue{,...}
+ *
+ * Each policy is responsible for parsing policyvalue on its own, although
+ * policies must not use '/' or ',' in their text representation.  Currently
+ * supported policies are "biba, "mls", "te".
+ */
+
+#define	STRING_LISTSEP		","
+#define	STRING_ELEMENTSEP	"/"
+
+#define	STRING_BIBA		"biba"
+#define	STRING_MLS		"mls"
+#define	STRING_TE		"te"
+
+char *
+mac_to_text(struct mac *mac_p, size_t *len_p)
+{
+	char *biba = NULL, *mls = NULL, *string = NULL, *te = NULL;
+	int len = -1;
+
+	biba = mac_biba_string_from_label(mac_p);
+	if (biba == NULL)
+		goto out;
+
+	mls = mac_mls_string_from_label(mac_p);
+	if (mls == NULL)
+		goto out;
+
+	te = mac_te_string_from_label(mac_p);
+	if (te == NULL)
+		goto out;
+
+	len = asprintf(&string, "%s%s%s%s%s%s%s%s%s%s%s",
+	    STRING_BIBA, STRING_ELEMENTSEP, biba, STRING_LISTSEP,
+	    STRING_MLS, STRING_ELEMENTSEP, mls, STRING_LISTSEP,
+	    STRING_TE, STRING_ELEMENTSEP, te);
+
+out:
+	if (biba != NULL)
+		free(biba);
+	if (mls != NULL)
+		free(mls);
+	if (te != NULL)
+		free(te);
+
+	if (len != -1 && len_p != NULL)
+		*len_p = len;
+
+	return (string);
+}
+
+struct mac *
+mac_from_text(const char *text_p)
+{
+	struct mac *label;
+	char *local_string, *next_token, *token, *tmp;
+	char *policy_name, *policy_value;
+	int biba_seen = 0, mls_seen = 0, te_seen = 0;
+	int error;
+
+	/*
+	 * Parse into three assignments, determine which assignments
+	 * they are and recurse appropriately, and reject if there are
+	 * not the right assignments (or duplicates).
+	 */
+
+	label = (struct mac *) malloc(sizeof(*label));
+	if (label == NULL) {
+		errno = ENOMEM;
+		goto exit1;
+	}
+	label->m_macflags = 0;
+	label->m_macflags |= MAC_FLAG_INITIALIZED;
+
+	local_string = strdup(text_p);
+	if (local_string == NULL) {
+		errno = ENOMEM;
+		goto exit2;
+	}
+
+	next_token = local_string;
+	while ((token = strsep(&next_token, STRING_LISTSEP)) != NULL) {
+
+		policy_value = token;
+		policy_name = strsep(&policy_value, STRING_ELEMENTSEP);
+
+		if (strcmp(policy_name, STRING_BIBA) == 0) {
+			error = mac_biba_label_from_string(policy_value,
+			    label);
+			if (error) {
+				errno = error;
+				goto exit2;
+			}
+			biba_seen++;
+		} else if (strcmp(policy_name, STRING_MLS) == 0) {
+			error = mac_mls_label_from_string(policy_value,
+			    label);
+			if (error) {
+				errno = error;
+				goto exit2;
+			}
+			mls_seen++;
+		} else if (strcmp(policy_name, STRING_TE) == 0) {
+			error = mac_te_label_from_string(policy_value, label);
+			if (error) {
+				errno = error;
+				goto exit2;
+			}
+			te_seen++;
+		} else {
+			errno = EINVAL;
+			goto exit2;
+		}
+	}
+
+	if (biba_seen != 1 || mls_seen != 1 || te_seen != 1) {
+		errno = EINVAL;
+		goto exit2;
+	}
+
+	/* Success. */
+	goto exit1;
+
+exit2:
+	free(label);
+	label = NULL;
+exit1:
+	free(local_string);
+	return (label);
+}