diff options
Diffstat (limited to 'tools/sepolicy-analyze/sepolicy-analyze.c')
-rw-r--r-- | tools/sepolicy-analyze/sepolicy-analyze.c | 56 |
1 files changed, 56 insertions, 0 deletions
diff --git a/tools/sepolicy-analyze/sepolicy-analyze.c b/tools/sepolicy-analyze/sepolicy-analyze.c new file mode 100644 index 0000000..64533d8 --- /dev/null +++ b/tools/sepolicy-analyze/sepolicy-analyze.c @@ -0,0 +1,56 @@ +#include <stddef.h> +#include <stdio.h> +#include <string.h> + +#include "dups.h" +#include "neverallow.h" +#include "perm.h" +#include "typecmp.h" +#include "utils.h" + +#define NUM_COMPONENTS (int) (sizeof(analyze_components)/sizeof(analyze_components[0])) + +#define COMP(x) { #x, sizeof(#x) - 1, x ##_usage, x ##_func } +static struct { + const char *key; + size_t keylen; + void (*usage) (void); + int (*func) (int argc, char **argv, policydb_t *policydb); +} analyze_components[] = { + COMP(dups), + COMP(neverallow), + COMP(permissive), + COMP(typecmp) +}; + +void usage(char *arg0) +{ + fprintf(stderr, "%s must be called on a policy file with a component and the appropriate arguments specified\n", arg0); + fprintf(stderr, "%s <policy-file>:\n", arg0); + for(int i = 0; i < NUM_COMPONENTS; i++) { + analyze_components[i].usage(); + } + exit(1); +} + +int main(int argc, char **argv) +{ + char *policy; + struct policy_file pf; + policydb_t policydb; + int rc; + if (argc < 3) + usage(argv[0]); + policy = argv[1]; + if(load_policy(policy, &policydb, &pf)) + exit(1); + for(int i = 0; i < NUM_COMPONENTS; i++) { + if (!strcmp(analyze_components[i].key, argv[2])) { + rc = analyze_components[i].func(argc - 2, argv + 2, &policydb); + if (rc && USAGE_ERROR) { + usage(argv[0]); } + return rc; + } + } + usage(argv[0]); +} |