/*
 * showperm.c
 * $  make LDLIBS+="/usr/lib64/libsepol.a" showperm
 * $ ./showperm /path/to/policy classname
 */

#include <sepol/policydb/policydb.h>
#include <stdio.h>

static int show_perm(hashtab_key_t key, hashtab_datum_t datum, void *data)
{
	perm_datum_t *perdatum = datum;

	printf("0x%08x %s\n", 1 << (perdatum->s.value - 1), key);
	return 0;
}

int main(int argc, char **argv)
{
	const char *path;
	const char *cls;
	FILE *fp;
	struct sepol_policy_file *pf = NULL;
	struct sepol_policydb *policydb = NULL;
	class_datum_t *cladatum;
	perm_datum_t *perdatum;

	if (argc != 3) {
		fprintf(stderr, "usage: %s policy class\n", argv[0]);
		exit(1);
	}

	path = argv[1];
	cls = argv[2];

	fp = fopen(path, "r");
	if (!fp) {
		perror(path);
		exit(1);
	}

	if (sepol_policy_file_create(&pf)) {
		perror("sepolicy_policy_file_create");
		exit(1);
	}

	if (sepol_policydb_create(&policydb)) {
		perror("sepolicy_policydb_create");
		exit(1);
	}

	sepol_policy_file_set_fp(pf, fp);
	if (sepol_policydb_read(policydb, pf)) {
		perror("sepolicy_policydb_read");
		exit(1);
	}

	cladatum = hashtab_search(policydb->p.p_classes.table, cls);
	if (!cladatum) {
		fprintf(stderr, "no file class?\n");
		exit(1);
	}

	if (cladatum->comdatum)
		hashtab_map(cladatum->comdatum->permissions.table, show_perm, NULL);

	hashtab_map(cladatum->permissions.table,
		    show_perm, NULL);
}