def from_interface(self, interface):
self.name = interface.name
# Add allow rules
for avrule in interface.avrules():
if avrule.rule_type != refpolicy.AVRule.ALLOW:
continue
# Handle some policy bugs
if "dontaudit" in interface.name:
#print "allow rule in interface: %s" % interface
continue
avs = access.avrule_to_access_vectors(avrule)
for av in avs:
self.add_av(av)
# Extract paramaters from roles
for role in interface.roles():
if role_extract_params(role, self.params):
pass
#print "found conflicting role param %s for interface %s" % \
# (role.name, interface.name)
# Extract paramaters from type rules
for rule in interface.typerules():
if type_rule_extract_params(rule, self.params):
pass
#print "found conflicting params in rule %s in interface %s" % \
# (str(rule), interface.name)
for ifcall in interface.interface_calls():
if ifcall_extract_params(ifcall, self.params):
pass
def from_interface(self, interface):
self.name = interface.name
# Add allow rules
for avrule in interface.avrules():
if avrule.rule_type != refpolicy.AVRule.ALLOW:
continue
# Handle some policy bugs
if "dontaudit" in interface.name:
#print "allow rule in interface: %s" % interface
continue
avs = access.avrule_to_access_vectors(avrule)
for av in avs:
self.add_av(av)
# Extract paramaters from roles
for role in interface.roles():
if role_extract_params(role, self.params):
pass
#print "found conflicting role param %s for interface %s" % \
# (role.name, interface.name)
# Extract paramaters from type rules
for rule in interface.typerules():
if type_rule_extract_params(rule, self.params):
pass
#print "found conflicting params in rule %s in interface %s" % \
# (str(rule), interface.name)
for ifcall in interface.interface_calls():
if ifcall_extract_params(ifcall, self.params):
pass
def from_interface(self, interface, attributes={}):
self.name = interface.name
# Add allow rules
for avrule in interface.avrules():
if avrule.rule_type != refpolicy.AVRule.ALLOW:
continue
# Handle some policy bugs
if "dontaudit" in interface.name:
#print "allow rule in interface: %s" % interface
continue
avs = access.avrule_to_access_vectors(avrule)
for av in avs:
self.add_av(av)
# Add typeattribute access
if attributes != None:
for typeattribute in interface.typeattributes():
for attr in typeattribute.attributes:
if not attributes.attributes.has_key(attr):
# print "missing attribute " + attr
continue
attr_vec = attributes.attributes[attr]
for a in attr_vec.access:
av = copy.copy(a)
if av.src_type == attr_vec.name:
av.src_type = typeattribute.type
if av.tgt_type == attr_vec.name:
av.tgt_type = typeattribute.type
self.add_av(av)
# Extract paramaters from roles
for role in interface.roles():
if role_extract_params(role, self.params):
pass
#print "found conflicting role param %s for interface %s" % \
# (role.name, interface.name)
# Extract paramaters from type rules
for rule in interface.typerules():
if type_rule_extract_params(rule, self.params):
pass
#print "found conflicting params in rule %s in interface %s" % \
# (str(rule), interface.name)
for ifcall in interface.interface_calls():
if ifcall_extract_params(ifcall, self.params):
pass
def from_interface(self, interface, attributes={}):
self.name = interface.name
# Add allow rules
for avrule in interface.avrules():
if avrule.rule_type != refpolicy.AVRule.ALLOW:
continue
# Handle some policy bugs
if "dontaudit" in interface.name:
#print "allow rule in interface: %s" % interface
continue
avs = access.avrule_to_access_vectors(avrule)
for av in avs:
self.add_av(av)
# Add typeattribute access
if attributes:
for typeattribute in interface.typeattributes():
for attr in typeattribute.attributes:
if not attributes.attributes.has_key(attr):
# print "missing attribute " + attr
continue
attr_vec = attributes.attributes[attr]
for a in attr_vec.access:
av = copy.copy(a)
if av.src_type == attr_vec.name:
av.src_type = typeattribute.type
if av.tgt_type == attr_vec.name:
av.tgt_type = typeattribute.type
self.add_av(av)
# Extract paramaters from roles
for role in interface.roles():
if role_extract_params(role, self.params):
pass
#print "found conflicting role param %s for interface %s" % \
# (role.name, interface.name)
# Extract paramaters from type rules
for rule in interface.typerules():
if type_rule_extract_params(rule, self.params):
pass
#print "found conflicting params in rule %s in interface %s" % \
# (str(rule), interface.name)
for ifcall in interface.interface_calls():
if ifcall_extract_params(ifcall, self.params):
pass
