summaryrefslogtreecommitdiff
path: root/src/anoninode.cil
diff options
context:
space:
mode:
Diffstat (limited to 'src/anoninode.cil')
-rw-r--r--src/anoninode.cil222
1 files changed, 111 insertions, 111 deletions
diff --git a/src/anoninode.cil b/src/anoninode.cil
index 1ff9206..0cf33a5 100644
--- a/src/anoninode.cil
+++ b/src/anoninode.cil
@@ -1,4 +1,4 @@
-;; SPDX-FileCopyrightText: © 2025 Dominick Grift <dominick.grift@defensec.nl>
+;; SPDX-FileCopyrightText: M-BM-) 2025 Dominick Grift <dominick.grift@defensec.nl>
;; SPDX-License-Identifier: Unlicense
(class anon_inode ())
@@ -29,221 +29,221 @@
(classpermission write_anon_inode)
(classpermissionset append_anon_inode
- (anon_inode (append getattr ioctl lock open)))
+ (anon_inode (append getattr ioctl lock open)))
(classpermissionset create_anon_inode (anon_inode (create getattr)))
(classpermissionset delete_anon_inode (anon_inode (getattr unlink)))
(classpermissionset manage_anon_inode
- (anon_inode (append create getattr ioctl link lock open read
- rename setattr unlink write)))
+ (anon_inode (append create getattr ioctl link lock open read
+ rename setattr unlink write)))
(classpermissionset mapexecute_anon_inode (anon_inode (execute map)))
(classpermissionset mounton_anon_inode (anon_inode (getattr mounton)))
(classpermissionset read_anon_inode (anon_inode (getattr ioctl lock open read)))
(classpermissionset readwrite_anon_inode
- (anon_inode (append getattr ioctl lock open read write)))
+ (anon_inode (append getattr ioctl lock open read write)))
(classpermissionset relabel_anon_inode
- (anon_inode (getattr relabelfrom relabelto)))
+ (anon_inode (getattr relabelfrom relabelto)))
(classpermissionset relabelfrom_anon_inode (anon_inode (getattr relabelfrom)))
(classpermissionset relabelto_anon_inode (anon_inode (getattr relabelto)))
(classpermissionset rename_anon_inode (anon_inode (getattr rename)))
(classpermissionset write_anon_inode
- (anon_inode (append getattr ioctl lock open write)))
+ (anon_inode (append getattr ioctl lock open write)))
(defaultrole anon_inode source)
(macro append_invalid_anon_inodes ((type ARG1))
- (allow ARG1 .invalid append_anon_inode))
+ (allow ARG1 .invalid append_anon_inode))
(macro create_invalid_anon_inodes ((type ARG1))
- (allow ARG1 .invalid create_anon_inode))
+ (allow ARG1 .invalid create_anon_inode))
(macro delete_invalid_anon_inodes ((type ARG1))
- (allow ARG1 .invalid delete_anon_inode))
+ (allow ARG1 .invalid delete_anon_inode))
(macro manage_invalid_anon_inodes ((type ARG1))
- (allow ARG1 .invalid manage_anon_inode))
+ (allow ARG1 .invalid manage_anon_inode))
(macro mapexecute_invalid_anon_inodes ((type ARG1))
- (allow ARG1 .invalid mapexecute_anon_inode))
+ (allow ARG1 .invalid mapexecute_anon_inode))
(macro mounton_invalid_anon_inodes ((type ARG1))
- (allow ARG1 .invalid mounton_anon_inode))
+ (allow ARG1 .invalid mounton_anon_inode))
(macro read_invalid_anon_inodes ((type ARG1))
- (allow ARG1 .invalid read_anon_inode))
+ (allow ARG1 .invalid read_anon_inode))
(macro readwrite_invalid_anon_inodes ((type ARG1))
- (allow ARG1 .invalid readwrite_anon_inode))
+ (allow ARG1 .invalid readwrite_anon_inode))
(macro relabel_invalid_anon_inodes ((type ARG1))
- (allow ARG1 .invalid relabel_anon_inode))
+ (allow ARG1 .invalid relabel_anon_inode))
(macro relabelfrom_invalid_anon_inodes ((type ARG1))
- (allow ARG1 .invalid relabelfrom_anon_inode))
+ (allow ARG1 .invalid relabelfrom_anon_inode))
(macro relabelto_invalid_anon_inodes ((type ARG1))
- (allow ARG1 .invalid relabelto_anon_inode))
+ (allow ARG1 .invalid relabelto_anon_inode))
(macro rename_invalid_anon_inodes ((type ARG1))
- (allow ARG1 .invalid rename_anon_inode))
+ (allow ARG1 .invalid rename_anon_inode))
(macro write_invalid_anon_inodes ((type ARG1))
- (allow ARG1 .invalid write_anon_inode))
+ (allow ARG1 .invalid write_anon_inode))
(block anon_inode
- (macro type ((type ARG1))
- (typeattributeset typeattr ARG1))
+ (macro type ((type ARG1))
+ (typeattributeset typeattr ARG1))
- (typeattribute typeattr)
+ (typeattribute typeattr)
- (blockinherit all_macro_template_anon_inodes)
+ (blockinherit all_macro_template_anon_inodes)
- (call .obj.type (typeattr))
+ (call .obj.type (typeattr))
- (block all_macro_template_anon_inodes
+ (block all_macro_template_anon_inodes
- (blockabstract all_macro_template_anon_inodes)
+ (blockabstract all_macro_template_anon_inodes)
- (macro append_all_anon_inodes ((type ARG1))
- (allow ARG1 typeattr append_anon_inode))
+ (macro append_all_anon_inodes ((type ARG1))
+ (allow ARG1 typeattr append_anon_inode))
- (macro create_all_anon_inodes ((type ARG1))
- (allow ARG1 typeattr create_anon_inode))
+ (macro create_all_anon_inodes ((type ARG1))
+ (allow ARG1 typeattr create_anon_inode))
- (macro delete_all_anon_inodes ((type ARG1))
- (allow ARG1 typeattr delete_anon_inode))
+ (macro delete_all_anon_inodes ((type ARG1))
+ (allow ARG1 typeattr delete_anon_inode))
- (macro manage_all_anon_inodes ((type ARG1))
- (allow ARG1 typeattr manage_anon_inode))
+ (macro manage_all_anon_inodes ((type ARG1))
+ (allow ARG1 typeattr manage_anon_inode))
- (macro mapexecute_all_anon_inodes ((type ARG1))
- (allow ARG1 typeattr mapexecute_anon_inode))
+ (macro mapexecute_all_anon_inodes ((type ARG1))
+ (allow ARG1 typeattr mapexecute_anon_inode))
- (macro mounton_all_anon_inodes ((type ARG1))
- (allow ARG1 typeattr mounton_anon_inode))
+ (macro mounton_all_anon_inodes ((type ARG1))
+ (allow ARG1 typeattr mounton_anon_inode))
- (macro read_all_anon_inodes ((type ARG1))
- (allow ARG1 typeattr read_anon_inode))
+ (macro read_all_anon_inodes ((type ARG1))
+ (allow ARG1 typeattr read_anon_inode))
- (macro readwrite_all_anon_inodes ((type ARG1))
- (allow ARG1 typeattr readwrite_anon_inode))
+ (macro readwrite_all_anon_inodes ((type ARG1))
+ (allow ARG1 typeattr readwrite_anon_inode))
- (macro relabel_all_anon_inodes ((type ARG1))
- (allow ARG1 typeattr relabel_anon_inode))
+ (macro relabel_all_anon_inodes ((type ARG1))
+ (allow ARG1 typeattr relabel_anon_inode))
- (macro relabelfrom_all_anon_inodes ((type ARG1))
- (allow ARG1 typeattr relabelfrom_anon_inode))
+ (macro relabelfrom_all_anon_inodes ((type ARG1))
+ (allow ARG1 typeattr relabelfrom_anon_inode))
- (macro relabelto_all_anon_inodes ((type ARG1))
- (allow ARG1 typeattr relabelto_anon_inode))
+ (macro relabelto_all_anon_inodes ((type ARG1))
+ (allow ARG1 typeattr relabelto_anon_inode))
- (macro rename_all_anon_inodes ((type ARG1))
- (allow ARG1 typeattr rename_anon_inode))
+ (macro rename_all_anon_inodes ((type ARG1))
+ (allow ARG1 typeattr rename_anon_inode))
- (macro write_all_anon_inodes ((type ARG1))
- (allow ARG1 typeattr write_anon_inode)))
+ (macro write_all_anon_inodes ((type ARG1))
+ (allow ARG1 typeattr write_anon_inode)))
- (block base_template
+ (block base_template
- (blockabstract base_template)
+ (blockabstract base_template)
- (type anon_inode)
- (call .anon_inode.type (anon_inode)))
+ (type anon_inode)
+ (call .anon_inode.type (anon_inode)))
- (block except
+ (block except
- (macro type ((type ARG1))
- (typeattributeset typeattr ARG1))
+ (macro type ((type ARG1))
+ (typeattributeset typeattr ARG1))
- (blockinherit anon_inode.all_macro_template_anon_inodes)
+ (blockinherit anon_inode.all_macro_template_anon_inodes)
- (typeattribute typeattr)
+ (typeattribute typeattr)
- (typeattributeset typeattr
- (and anon_inode.typeattr (not (exception.typeattr)))))
+ (typeattributeset typeattr
+ (and anon_inode.typeattr (not (exception.typeattr)))))
- (block exception
+ (block exception
- (macro type ((type ARG1))
- (typeattributeset typeattr ARG1))
+ (macro type ((type ARG1))
+ (typeattributeset typeattr ARG1))
- (typeattribute typeattr)
+ (typeattribute typeattr)
- (call anon_inode.type (typeattr)))
+ (call anon_inode.type (typeattr)))
- (block macro_template_anon_inodes
+ (block macro_template_anon_inodes
- (blockabstract macro_template_anon_inodes)
+ (blockabstract macro_template_anon_inodes)
- (macro append_anon_inode_anon_inodes ((type ARG1))
- (allow ARG1 anon_inode append_anon_inode))
+ (macro append_anon_inode_anon_inodes ((type ARG1))
+ (allow ARG1 anon_inode append_anon_inode))
- (macro create_anon_inode_anon_inodes ((type ARG1))
- (allow ARG1 anon_inode create_anon_inode))
+ (macro create_anon_inode_anon_inodes ((type ARG1))
+ (allow ARG1 anon_inode create_anon_inode))
- (macro delete_anon_inode_anon_inodes ((type ARG1))
- (allow ARG1 anon_inode delete_anon_inode))
+ (macro delete_anon_inode_anon_inodes ((type ARG1))
+ (allow ARG1 anon_inode delete_anon_inode))
- (macro manage_anon_inode_anon_inodes ((type ARG1))
- (allow ARG1 anon_inode manage_anon_inode))
+ (macro manage_anon_inode_anon_inodes ((type ARG1))
+ (allow ARG1 anon_inode manage_anon_inode))
- (macro mapexecute_anon_inode_anon_inodes ((type ARG1))
- (allow ARG1 anon_inode mapexecute_anon_inode))
+ (macro mapexecute_anon_inode_anon_inodes ((type ARG1))
+ (allow ARG1 anon_inode mapexecute_anon_inode))
- (macro mounton_anon_inode_anon_inodes ((type ARG1))
- (allow ARG1 anon_inode mounton_anon_inode))
+ (macro mounton_anon_inode_anon_inodes ((type ARG1))
+ (allow ARG1 anon_inode mounton_anon_inode))
- (macro read_anon_inode_anon_inodes ((type ARG1))
- (allow ARG1 anon_inode read_anon_inode))
+ (macro read_anon_inode_anon_inodes ((type ARG1))
+ (allow ARG1 anon_inode read_anon_inode))
- (macro readwrite_anon_inode_anon_inodes ((type ARG1))
- (allow ARG1 anon_inode readwrite_anon_inode))
+ (macro readwrite_anon_inode_anon_inodes ((type ARG1))
+ (allow ARG1 anon_inode readwrite_anon_inode))
- (macro relabel_anon_inode_anon_inodes ((type ARG1))
- (allow ARG1 anon_inode relabel_anon_inode))
+ (macro relabel_anon_inode_anon_inodes ((type ARG1))
+ (allow ARG1 anon_inode relabel_anon_inode))
- (macro relabelfrom_anon_inode_anon_inodes ((type ARG1))
- (allow ARG1 anon_inode relabelfrom_anon_inode))
+ (macro relabelfrom_anon_inode_anon_inodes ((type ARG1))
+ (allow ARG1 anon_inode relabelfrom_anon_inode))
- (macro relabelto_anon_inode_anon_inodes ((type ARG1))
- (allow ARG1 anon_inode relabelto_anon_inode))
+ (macro relabelto_anon_inode_anon_inodes ((type ARG1))
+ (allow ARG1 anon_inode relabelto_anon_inode))
- (macro rename_anon_inode_anon_inodes ((type ARG1))
- (allow ARG1 anon_inode rename_anon_inode))
+ (macro rename_anon_inode_anon_inodes ((type ARG1))
+ (allow ARG1 anon_inode rename_anon_inode))
- (macro self_type_transition ((type ARG1)(type ARG2)(name ARG3))
- (typetransition ARG1 ARG1 anon_inode ARG3 ARG2))
+ (macro self_type_transition ((type ARG1)(type ARG2)(name ARG3))
+ (typetransition ARG1 ARG1 anon_inode ARG3 ARG2))
- (macro write_anon_inode_anon_inodes ((type ARG1))
- (allow ARG1 anon_inode write_anon_inode)))
+ (macro write_anon_inode_anon_inodes ((type ARG1))
+ (allow ARG1 anon_inode write_anon_inode)))
- (block template
+ (block template
- (blockabstract template)
+ (blockabstract template)
- (blockinherit .anon_inode.base_template)
- (blockinherit .anon_inode.macro_template_anon_inodes))
+ (blockinherit .anon_inode.base_template)
+ (blockinherit .anon_inode.macro_template_anon_inodes))
- (block unconfined
+ (block unconfined
- (macro type ((type ARG1))
- (typeattributeset typeattr ARG1))
+ (macro type ((type ARG1))
+ (typeattributeset typeattr ARG1))
- (typeattribute typeattr)
+ (typeattribute typeattr)
- (allow typeattr anon_inode.typeattr
- (anon_inode (not (audit_access execmod mounton))))))
+ (allow typeattr anon_inode.typeattr
+ (anon_inode (not (audit_access execmod mounton))))))
(in invalid.unconfined
(allow typeattr .invalid
- (anon_inode (not (audit_access create execmod mounton)))))
+ (anon_inode (not (audit_access create execmod mounton)))))
(in subj.unconfined
(allow typeattr self (anon_inode (create)))
(allow typeattr subj.typeattr
- (anon_inode (not (audit_access create execmod mounton)))))
+ (anon_inode (not (audit_access create execmod mounton)))))
(in unconfined
generated by cgit v1.2.3 (git 2.46.0) at 2025-09-20 14:46:27 +0000