全部博文(64)
分类: LINUX
2009-05-15 20:58:22
/*
* Author : Stephen Smalley, <>
*/
/* Updated: David Caplan, <>
*
* Added conditional policy language extensions
*
* Jason Tang <>
*
* Added support for binary policy modules
*
* Copyright (C) 2003-5 Tresys Technology, LLC
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, version 2.
*/
/* FLASK */
%{
#include
#include
#include
#include
typedef int (* require_func_t)();
#include "y.tab.h" //bison生成,定义所有的TOKEN枚举类型
static char linebuf[2][255];
static unsigned int lno = 0;
int yywarn(char *msg);
void set_source_file(const char *name);
char source_file[PATH_MAX];
unsigned long source_lineno = 1;
unsigned long policydb_lineno = 1;
unsigned int policydb_errors = 0;
%}
%option noinput nounput //不生成input和unput函数
/*flex输出
#define YY_NO_INPUT 1
#define YY_NO_UNPUT 1
*/
%array //yytext以数组方式定义而不是默认的指针
letter [A-Za-z]
digit [0-9]
alnum [a-zA-Z0-9]
hexval [0-9A-Fa-f]
%%
\n.* { strncpy(linebuf[lno], yytext+1, 255);//将\n后的字符串复制到linebuf中
linebuf[lno][254] = 0;
lno = 1 - lno; //交替使用
policydb_lineno++;
source_lineno++;
yyless(1); }//将\n后的字符串回退输入缓冲区
CLONE |
clone { return(CLONE); }
COMMON |
common { return(COMMON); }
CLASS |
class { return(CLASS); }
CONSTRAIN |
constrain { return(CONSTRAIN); }
VALIDATETRANS |
validatetrans { return(VALIDATETRANS); }
INHERITS |
inherits { return(INHERITS); }
SID |
sid { return(SID); }
ROLE |
role { return(ROLE); }
ROLES |
roles { return(ROLES); }
TYPES |
types { return(TYPES); }
TYPEALIAS |
typealias { return(TYPEALIAS); }
TYPEATTRIBUTE |
typeattribute { return(TYPEATTRIBUTE); }
TYPEBOUNDS |
typebounds { return(TYPEBOUNDS); }
TYPE |
type { return(TYPE); }
BOOL |
bool { return(BOOL); }
IF |
if { return(IF); }
ELSE |
else { return(ELSE); }
ALIAS |
alias { return(ALIAS); }
ATTRIBUTE |
attribute { return(ATTRIBUTE); }
TYPE_TRANSITION |
type_transition { return(TYPE_TRANSITION); }
TYPE_MEMBER |
type_member { return(TYPE_MEMBER); }
TYPE_CHANGE |
type_change { return(TYPE_CHANGE); }
ROLE_TRANSITION |
role_transition { return(ROLE_TRANSITION); }
RANGE_TRANSITION |
range_transition { return(RANGE_TRANSITION); }
SENSITIVITY |
sensitivity { return(SENSITIVITY); }
DOMINANCE |
dominance { return(DOMINANCE); }
CATEGORY |
category { return(CATEGORY); }
LEVEL |
level { return(LEVEL); }
RANGE |
range { return(RANGE); }
MLSCONSTRAIN |
mlsconstrain { return(MLSCONSTRAIN); }
MLSVALIDATETRANS |
mlsvalidatetrans { return(MLSVALIDATETRANS); }
USER |
user { return(USER); }
NEVERALLOW |
neverallow { return(NEVERALLOW); }
ALLOW |
allow { return(ALLOW); }
AUDITALLOW |
auditallow { return(AUDITALLOW); }
AUDITDENY |
auditdeny { return(AUDITDENY); }
DONTAUDIT |
dontaudit { return(DONTAUDIT); }
SOURCE |
source { return(SOURCE); }
TARGET |
target { return(TARGET); }
SAMEUSER |
sameuser { return(SAMEUSER);}
module|MODULE { return(MODULE); }
require|REQUIRE { return(REQUIRE); }
optional|OPTIONAL { return(OPTIONAL); }
OR |
or { return(OR);}
AND |
and { return(AND);}
NOT |
not { return(NOT);}
xor |
XOR { return(XOR); }
eq |
EQ { return(EQUALS);}
true |
TRUE { return(CTRUE); }
false |
FALSE { return(CFALSE); }
dom |
DOM { return(DOM);}
domby |
DOMBY { return(DOMBY);}
INCOMP |
incomp { return(INCOMP);}
fscon |
FSCON { return(FSCON);}
portcon |
PORTCON { return(PORTCON);}
netifcon |
NETIFCON { return(NETIFCON);}
nodecon |
NODECON { return(NODECON);}
fs_use_xattr |
FS_USE_XATTR { return(FSUSEXATTR);}
fs_use_task |
FS_USE_TASK { return(FSUSETASK);}
fs_use_trans |
FS_USE_TRANS { return(FSUSETRANS);}
genfscon |
GENFSCON { return(GENFSCON);}
r1 |
R1 { return(R1); }
r2 |
R2 { return(R2); }
r3 |
R3 { return(R3); }
u1 |
U1 { return(U1); }
u2 |
U2 { return(U2); }
u3 |
U3 { return(U3); }
t1 |
T1 { return(T1); }
t2 |
T2 { return(T2); }
t3 |
T3 { return(T3); }
l1 |
L1 { return(L1); }
l2 |
L2 { return(L2); }
h1 |
H1 { return(H1); }
h2 |
H2 { return(H2); }
policycap |
POLICYCAP { return(POLICYCAP); }
permissive |
PERMISSIVE { return(PERMISSIVE); }
//匹配路径 / /a /a/b
"/"({alnum}|[_\.\-/])* { return(PATH); }
//匹配标识符 ab a3.12 和{letter}({alnum}|[_\-\.])*不等价,.不会位于末尾
{letter}({alnum}|[_\-])*([\.]?({alnum}|[_\-]))* { return(IDENTIFIER); }
{digit}+ { return(NUMBER); }
//ip地址 192.168.168.16
{digit}{1,3}(\.{digit}{1,3}){3} { return(IPV4_ADDR); }
//ipv6地址 ::
{hexval}{0,4}":"{hexval}{0,4}":"({hexval}|[:.])* { return(IPV6_ADDR); }
//匹配版本 1.2.3a
{digit}+(\.({alnum}|[_.])*)? { return(VERSION_IDENTIFIER); }
//#line 1 "flask/security_classes"
#line[ ]1[ ]\"[^\n]*\" { set_source_file(yytext+9); }
//#line 13
#line[ ]{digit}+ { source_lineno = atoi(yytext+6)-1; }
#[^\n]* { /* delete comments */ }
// \f换页 012
[ \t\f]+ { /* delete whitespace */ }
"==" { return(EQUALS); }
"!=" { return (NOTEQUAL); }
"&&" { return (AND); }
"||" { return (OR); }
"!" { return (NOT); }
"^" { return (XOR); }
"," |
":" |
";" |
"(" |
")" |
"{" |
"}" |
"[" |
"-" |
"." |
"]" |
"~" |
"*" { return(yytext[0]); }
. { yywarn("unrecognized character");}
%%
int yyerror(char *msg) //bison调用????
{
if (source_file[0])
fprintf(stderr, "%s:%ld:",
source_file, source_lineno);
else
fprintf(stderr, "(unknown source)::");
fprintf(stderr, "ERROR '%s' at token '%s' on line %ld:\n%s\n%s\n",
msg,
yytext,
policydb_lineno,
linebuf[0], linebuf[1]);
policydb_errors++;
return -1;
}
int yywarn(char *msg)
{
if (source_file[0])//有文件,输出文件的哪一行
fprintf(stderr, "%s:%ld:",
source_file, source_lineno);
else
fprintf(stderr, "(unknown source)::");
fprintf(stderr, "WARNING '%s' at token '%s' on line %ld:\n%s\n%s\n",
msg,
yytext,
policydb_lineno,
linebuf[0], linebuf[1]);
return 0;
}
void set_source_file(const char *name)
{
source_lineno = 1;
strncpy(source_file, name, sizeof(source_file)-1);
source_file[sizeof(source_file)-1] = '\0';
}