Date: Wed, 17 May 2006 19:11:08 GMT From: Todd Miller <millert@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 97368 for review Message-ID: <200605171911.k4HJB8k8045053@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=97368 Change 97368 by millert@millert_ibook on 2006/05/17 19:10:19 Update to checkpolicy 1.30.3 Obtained from: selinux.sourceforge.net Affected files ... .. //depot/projects/trustedbsd/sedarwin7/src/sedarwin/programs/checkpolicy/ChangeLog#2 edit .. //depot/projects/trustedbsd/sedarwin7/src/sedarwin/programs/checkpolicy/Makefile#4 edit .. //depot/projects/trustedbsd/sedarwin7/src/sedarwin/programs/checkpolicy/VERSION#2 edit .. //depot/projects/trustedbsd/sedarwin7/src/sedarwin/programs/checkpolicy/checkmodule.c#2 edit .. //depot/projects/trustedbsd/sedarwin7/src/sedarwin/programs/checkpolicy/checkpolicy.8#4 edit .. //depot/projects/trustedbsd/sedarwin7/src/sedarwin/programs/checkpolicy/checkpolicy.c#6 edit .. //depot/projects/trustedbsd/sedarwin7/src/sedarwin/programs/checkpolicy/checkpolicy.h#6 edit .. //depot/projects/trustedbsd/sedarwin7/src/sedarwin/programs/checkpolicy/module_compiler.c#2 edit .. //depot/projects/trustedbsd/sedarwin7/src/sedarwin/programs/checkpolicy/policy_parse.y#7 edit .. //depot/projects/trustedbsd/sedarwin7/src/sedarwin/programs/checkpolicy/policy_scan.l#6 edit Differences ... ==== //depot/projects/trustedbsd/sedarwin7/src/sedarwin/programs/checkpolicy/ChangeLog#2 (text+ko) ==== @@ -1,3 +1,206 @@ +1.30.3 2006-03-28 + * Fixed checkmodule to call link_modules prior to expand_module + to handle optionals. + +1.30.2 2006-03-28 + * Fixed require_class to avoid shadowing permissions already defined + in an inherited common definition. + +1.30.1 2006-03-22 + * Moved processing of role and user require statements to 2nd pass. + +1.30 2006-03-14 + * Updated version for release. + +1.29.5 2006-03-09 + * Fixed bug in role dominance (define_role_dom). + +1.29.4 2006-02-14 + * Added a check for failure to declare each sensitivity in + a level definition. + +1.29.3 2006-02-13 + * Changed to clone level data for aliased sensitivities to + avoid double free upon sens_destroy. Bug reported by Kevin + Carr of Tresys Technology. + +1.29.2 2006-02-13 + * Merged optionals in base patch from Joshua Brindle. + +1.29.1 2006-02-01 + * Merged sepol_av_to_string patch from Joshua Brindle. + +1.28 2005-12-07 + * Updated version for release. + +1.27.20 2005-12-02 + * Merged checkmodule man page from Dan Walsh, and edited it. + +1.27.19 2005-12-01 + * Added error checking of all ebitmap_set_bit calls for out of + memory conditions. + +1.27.18 2005-12-01 + * Merged removal of compatibility handling of netlink classes + (requirement that policies with newer versions include the + netlink class definitions, remapping of fine-grained netlink + classes in newer source policies to single netlink class when + generating older policies) from George Coker. + +1.27.17 2005-10-25 + * Merged dismod fix from Joshua Brindle. + +1.27.16 2005-10-20 + * Removed obsolete cond_check_type_rules() function and call and + cond_optimize_lists() call from checkpolicy.c; these are handled + during parsing and expansion now. + +1.27.15 2005-10-19 + * Updated calls to expand_module for interface change. + +1.27.14 2005-10-19 + * Changed checkmodule to verify that expand_module succeeds + when building base modules. + +1.27.13 2005-10-19 + * Merged module compiler fixes from Joshua Brindle. + +1.27.12 2005-10-19 + * Removed direct calls to hierarchy_check_constraints() and + check_assertions() from checkpolicy since they are now called + internally by expand_module(). + +1.27.11 2005-10-18 + * Updated for changes to sepol policydb_index_others interface. + +1.27.10 2005-10-17 + * Updated for changes to sepol expand_module and link_modules interfaces. + +1.27.9 2005-10-13 + * Merged support for require blocks inside conditionals from + Joshua Brindle (Tresys). + +1.27.8 2005-10-06 + * Updated for changes to libsepol. + +1.27.7 2005-10-05 + * Merged several bug fixes from Joshua Brindle (Tresys). + +1.27.6 2005-10-03 + * Merged MLS in modules patch from Joshua Brindle (Tresys). + +1.27.5 2005-09-28 + * Merged error handling improvement in checkmodule from Karl MacMillan (Tresys). + +1.27.4 2005-09-26 + * Merged bugfix for dup role transition error messages from + Karl MacMillan (Tresys). + +1.27.3 2005-09-23 + * Merged policyver/modulever patches from Joshua Brindle (Tresys). + +1.27.2 2005-09-20 + * Fixed parse_categories handling of undefined category. + +1.27.1 2005-09-16 + * Merged bug fix for role dominance handling from Darrel Goeddel (TCS). + +1.26 2005-09-06 + * Updated version for release. + +1.25.12 2005-08-22 + * Fixed handling of validatetrans constraint expressions. + Bug reported by Dan Walsh for checkpolicy -M. + +1.25.11 2005-08-18 + * Merged use-after-free fix from Serge Hallyn (IBM). + Bug found by Coverity. + +1.25.10 2005-08-15 + * Fixed further memory leaks found by valgrind. + +1.25.9 2005-08-15 + * Changed checkpolicy to destroy the policydbs prior to exit + to allow leak detection. + * Fixed several memory leaks found by valgrind. + +1.25.8 2005-08-11 + * Updated checkpolicy and dispol for the new avtab format. + Converted users of ebitmaps to new inline operators. + Note: The binary policy format version has been incremented to + version 20 as a result of these changes. To build a policy + for a kernel that does not yet include these changes, use + the -c 19 option to checkpolicy. + +1.25.7 2005-08-11 + * Merged patch to prohibit use of "self" as a type name from Jason Tang (Tresys). + +1.25.6 2005-08-10 + * Merged patch to fix dismod compilation from Joshua Brindle (Tresys). + +1.25.5 2005-08-09 + * Fixed call to hierarchy checking code to pass the right policydb. + +1.25.4 2005-08-02 + * Merged patch to update dismod for the relocation of the + module read/write code from libsemanage to libsepol, and + to enable build of test subdirectory from Jason Tang (Tresys). + +1.25.3 2005-07-18 + * Merged hierarchy check fix from Joshua Brindle (Tresys). + +1.25.2 2005-07-06 + * Merged loadable module support from Tresys Technology. + +1.25.1 2005-06-24 + * Merged patch to prohibit the use of * and ~ in type sets + (other than in neverallow statements) and in role sets + from Joshua Brindle (Tresys). + +1.24 2005-06-20 + * Updated version for release. + +1.23.4 2005-05-19 + * Merged cleanup patch from Dan Walsh. + +1.23.3 2005-05-13 + * Added sepol_ prefix to Flask types to avoid namespace + collision with libselinux. + +1.23.2 2005-04-29 + * Merged identifier fix from Joshua Brindle (Tresys). + +1.23.1 2005-04-13 + * Merged hierarchical type/role patch from Tresys Technology. + * Merged MLS fixes from Darrel Goeddel of TCS. + +1.22 2005-03-09 + * Updated version for release. + +1.21.4 2005-02-17 + * Moved genpolusers utility to libsepol. + * Merged range_transition support from Darrel Goeddel (TCS). + +1.21.3 2005-02-16 + * Merged define_user() cleanup patch from Darrel Goeddel (TCS). + +1.21.2 2005-02-09 + * Changed relabel Makefile target to use restorecon. + +1.21.1 2005-01-26 + * Merged enhanced MLS support from Darrel Goeddel (TCS). + +1.20 2005-01-04 + * Merged typeattribute statement patch from Darrel Goeddel of TCS. + * Changed genpolusers to handle multiple user config files. + * Merged nodecon ordering patch from Chad Hanson of TCS. + +1.18 2004-10-07 + * MLS build fix. + * Fixed Makefile dependencies (Chris PeBenito). + * Merged fix for role dominance ordering issue from Chad Hanson of TCS. + * Preserve portcon ordering and apply more checking. + 1.16 2004-08-13 * Allow empty conditional clauses. * Moved genpolbools utility to libsepol. ==== //depot/projects/trustedbsd/sedarwin7/src/sedarwin/programs/checkpolicy/Makefile#4 (text+ko) ==== @@ -2,12 +2,12 @@ PROG= checkpolicy -OBJS = checkpolicy.o y.tab.o policy_scan.o queue.o +OBJS = checkpolicy.o y.tab.o policy_scan.o queue.o module_compiler.o CFLAGS+= -I$(SOURCE_ROOT)/sedarwin/libsepol/include CFLAGS+= -I$(SOURCE_ROOT)/sedarwin/libselinux/include -LDADD+= -L$(SOURCE_ROOT)/sedarwin/libselinux/src -L$(SOURCE_ROOT)/sedarwin/libsepol/src -LDADD+= -lselinux -lsepol -lfl +LDADD+= -L$(SOURCE_ROOT)/sedarwin/libselinux/src -L$(SOURCE_ROOT)/sedarwin/libsepol/src -L$(SOURCE_ROOT)/sedarwin/libsecompat +LDADD+= -lselinux -lsepol -lsecompat -lfl all: $(PROG) ==== //depot/projects/trustedbsd/sedarwin7/src/sedarwin/programs/checkpolicy/VERSION#2 (text+ko) ==== @@ -1,1 +1,1 @@ -1.16 +1.30.3 ==== //depot/projects/trustedbsd/sedarwin7/src/sedarwin/programs/checkpolicy/checkmodule.c#2 (text+ko) ==== @@ -26,6 +26,7 @@ #include <sepol/policydb/flask.h> #include <sepol/policydb/hierarchy.h> #include <sepol/policydb/expand.h> +#include <sepol/policydb/link.h> #include "queue.h" #include "checkpolicy.h" @@ -271,6 +272,10 @@ fprintf(stderr, "%s: policydb_init failed\n", argv[0]); exit(1); } + if (link_modules(NULL, policydbp, NULL, 0, 0)) { + fprintf(stderr, "%s: link modules failed\n", argv[0]); + exit(1); + } if (expand_module(NULL, policydbp, &kernpolicydb, 0, 1)) { fprintf(stderr, "%s: expand module failed\n", argv[0]); exit(1); ==== //depot/projects/trustedbsd/sedarwin7/src/sedarwin/programs/checkpolicy/checkpolicy.8#4 (text+ko) ==== @@ -3,7 +3,7 @@ checkpolicy \- SELinux policy compiler .SH SYNOPSIS .B checkpolicy -.I "[-b] [-d] [-c policyvers] [-o output_file] [input_file]" +.I "[-b] [-d] [-M] [-c policyvers] [-o output_file] [input_file]" .br .SH "DESCRIPTION" This manual page describes the @@ -24,6 +24,9 @@ .B \-d Enter debug mode after loading the policy. .TP +.B \-M +Enable the MLS policy when checking and compiling the policy. +.TP .B \-o filename Write a binary policy file to the specified filename. .TP ==== //depot/projects/trustedbsd/sedarwin7/src/sedarwin/programs/checkpolicy/checkpolicy.c#6 (text+ko) ==== @@ -3,7 +3,12 @@ * Author : Stephen Smalley, <sds@epoch.ncsc.mil> */ -/* Updated: Karl MacMillan <kmacmillan@tresys.com> +/* + * Updated: Trusted Computer Solutions, Inc. <dgoeddel@trustedcs.com> + * + * Support for enhanced MLS infrastructure. + * + * Updated: Karl MacMillan <kmacmillan@tresys.com> * * Added conditional policy language extensions * @@ -11,7 +16,14 @@ * * Added IPv6 support. * - * Copyright (C) 2003 - 2004 Tresys Technology, LLC + * Updated: Joshua Brindle <jbrindle@tresys.com> + * Karl MacMillan <kmacmillan@tresys.com> + * Jason Tang <jtang@tresys.com> + * + * Policy Module support. + * + * Copyright (C) 2004-2005 Trusted Computer Solutions, Inc. + * Copyright (C) 2003 - 2005 Tresys Technology, LLC * Copyright (C) 2003 Red Hat, Inc., James Morris <jmorris@redhat.com> * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -58,10 +70,13 @@ #include <errno.h> #include <sys/mman.h> -#include <sepol/policydb.h> -#include <sepol/services.h> -#include <sepol/conditional.h> -#include <sepol/flask.h> +#include <sepol/policydb/policydb.h> +#include <sepol/policydb/services.h> +#include <sepol/policydb/conditional.h> +#include <sepol/policydb/hierarchy.h> +#include <sepol/policydb/flask.h> +#include <sepol/policydb/expand.h> +#include <sepol/policydb/link.h> #include "queue.h" #include "checkpolicy.h" @@ -76,30 +91,36 @@ extern queue_t id_queue; extern unsigned int policydb_errors; extern unsigned long policydb_lineno; -extern unsigned long source_lineno; extern char source_file[]; -extern unsigned int pass; +extern int mlspol; extern FILE *yyin; +extern void init_parser(int); extern int yyparse(void); extern void yyrestart(FILE *); -char *txtfile = "policy.conf"; -char *binfile = "policy"; +static char *txtfile = "policy.conf"; +static char *binfile = "policy"; unsigned int policyvers = POLICYDB_VERSION_MAX; void usage(char *progname) { - printf("usage: %s [-b] [-d] [-c policyvers (%d-%d)] [-o output_file] [input_file]\n", + printf("usage: %s [-b] [-d] [-M] [-c policyvers (%d-%d)] [-o output_file] [input_file]\n", progname, POLICYDB_VERSION_MIN, POLICYDB_VERSION_MAX); exit(1); } -static int print_sid(security_id_t sid, +#define FGETS(out, size, in) \ +if (fgets(out,size,in)==NULL) { \ + fprintf(stderr, "fgets failed at line %d: %s\n", __LINE__,\ + strerror(errno)); \ + exit(1);\ +} +static int print_sid(sepol_security_id_t sid, context_struct_t * context __attribute__ ((unused)), void *data __attribute__ ((unused))) { - security_context_t scontext; + sepol_security_context_t scontext; size_t scontext_len; int rc; @@ -133,16 +154,6 @@ return 0; } -static int type_attr_remove(hashtab_key_t key __attribute__ ((unused)), hashtab_datum_t datum, void *p __attribute__ ((unused))) -{ - type_datum_t *typdatum; - - typdatum = (type_datum_t *) datum; - if (typdatum->isattr) - return 1; - return 0; -} - #ifdef EQUIVTYPES static int insert_type_rule(avtab_key_t *k, avtab_datum_t *d, struct avtab_node *type_rules) @@ -270,100 +281,9 @@ } #endif -static void cond_check_type_rules_list(cond_av_list_t *list) -{ - cond_av_list_t *cur = list; - - while (cur) { - if (cur->node->datum.specified & AVTAB_TYPE) { - if (avtab_search(&policydbp->te_avtab, &cur->node->key, AVTAB_TYPE)) { - fprintf(stderr, "conditional type rule for (%s, %s : %s) conflicts with entry in base policy; " - "conditional rule discarded.\n", policydbp->p_type_val_to_name[cur->node->key.source_type-1], - policydbp->p_type_val_to_name[cur->node->key.target_type-1], - policydbp->p_class_val_to_name[cur->node->key.target_class-1]); - cur->node->parse_context = (void*)0; - } else { - cur->node->parse_context = (void*)1; - } - } else { - cur->node->parse_context = (void*)1; - } - cur = cur->next; - } -} - -/* check for duplicate type rules - this has to be done after all of - * the parsing is finished because the conditional and base type rules - * are collected in the same pass */ -static void cond_check_type_rules(void) -{ - cond_list_t *node; - - for (node = policydbp->cond_list; node != NULL; node = node->next) { - cond_check_type_rules_list(node->true_list); - cond_check_type_rules_list(node->false_list); - } -} +extern char *av_to_string(uint32_t tclass, sepol_access_vector_t av); -extern char *av_to_string(uint32_t tclass, access_vector_t av); -void check_assertion_helper(unsigned int stype, unsigned int ttype, ebitmap_t *tclasses, - access_vector_t *avp, unsigned long line) -{ - avtab_key_t avkey; - avtab_datum_t *avdatump; - unsigned int k; - - - for (k = ebitmap_startbit(tclasses); k < ebitmap_length(tclasses); k++) { - if (!ebitmap_get_bit(tclasses, k)) - continue; - avkey.source_type = stype + 1; - avkey.target_type = ttype + 1; - avkey.target_class = k + 1; - avdatump = avtab_search(&policydb.te_avtab, &avkey, AVTAB_AV); - if (!avdatump) - continue; - - if ((avdatump->specified & AVTAB_ALLOWED) && - (avtab_allowed(avdatump) & avp[k])) { - fprintf(stderr, "assertion on line %ld violated by allow %s %s:%s {%s };\n", line, policydb.p_type_val_to_name[stype], policydb.p_type_val_to_name[ttype], policydb.p_class_val_to_name[k], - av_to_string(k+1, - avtab_allowed(avdatump) & avp[k])); - policydb_errors++; - } - } -} - -void check_assertions(void) -{ - te_assert_t *a, *tmp; - unsigned int i, j; - - a = te_assertions; - while (a) { - for (i = ebitmap_startbit(&a->stypes); i < ebitmap_length(&a->stypes); i++) { - if (!ebitmap_get_bit(&a->stypes, i)) - continue; - if (a->self) { - check_assertion_helper(i, i, &a->tclasses, a->avp, a->line); - } - for (j = ebitmap_startbit(&a->ttypes); j < ebitmap_length(&a->ttypes); j++) { - if (!ebitmap_get_bit(&a->ttypes, j)) - continue; - check_assertion_helper(i, j, &a->tclasses, a->avp, a->line); - } - } - tmp = a; - a = a->next; - ebitmap_destroy(&tmp->stypes); - ebitmap_destroy(&tmp->ttypes); - ebitmap_destroy(&tmp->tclasses); - free(tmp->avp); - free(tmp); - } -} - int display_bools() { int i; @@ -435,12 +355,23 @@ return 0; } +static int check_level(hashtab_key_t key, hashtab_datum_t datum, void *arg) +{ + level_datum_t *levdatum = (level_datum_t *) datum; + + if (!levdatum->isalias && !levdatum->defined) { + fprintf(stderr, "Error: sensitivity %s was not used in a level definition!\n", key); + return -1; + } + return 0; +} + int main(int argc, char **argv) { - security_class_t tclass; - security_id_t ssid, tsid, *sids; - security_context_t scontext; - struct av_decision avd; + sepol_security_class_t tclass; + sepol_security_id_t ssid, tsid, *sids; + sepol_security_context_t scontext; + struct sepol_av_decision avd; class_datum_t *cladatum; char ans[80 + 1], *file = txtfile, *outfile = NULL, *path, *fstype; size_t scontext_len, pathlen; @@ -449,7 +380,7 @@ unsigned int binary = 0, debug = 0; struct val_to_name v; int ret, ch, fd; - unsigned int nel; + unsigned int nel, uret; struct stat sb; void *map; FILE *outfp = NULL; @@ -459,7 +390,7 @@ struct policy_file pf; - while ((ch = getopt(argc, argv, "o:dbVc:")) != EOF) { + while ((ch = getopt(argc, argv, "o:dbMVc:")) != EOF) { switch (ch) { case 'o': outfile = optarg; @@ -474,6 +405,9 @@ case 'V': show_version = 1; break; + case 'M': + mlspol = 1; + break; case 'c': { long int n = strtol(optarg, NULL, 10); if (errno) { @@ -497,11 +431,7 @@ } if (show_version) { -#ifdef CONFIG_SECURITY_SELINUX_MLS - printf("%d-mls (compatibility range %d-%d)\n", policyvers, POLICYDB_VERSION_MAX, POLICYDB_VERSION_MIN); -#else printf("%d (compatibility range %d-%d)\n", policyvers, POLICYDB_VERSION_MAX, POLICYDB_VERSION_MIN); -#endif exit(0); } @@ -540,63 +470,93 @@ pf.type = PF_USE_MEMORY; pf.data = map; pf.len = sb.st_size; + if (policydb_init(&policydb)) { + fprintf(stderr, "%s: policydb_init: Out of memory!\n", argv[0]); + exit(1); + } ret = policydb_read(&policydb, &pf, 1); if (ret) { fprintf(stderr, "%s: error(s) encountered while parsing configuration\n", argv[0]); exit(1); } policydbp = &policydb; + + /* Check Policy Consistency */ + if (policydbp->mls) { + if (!mlspol) { + fprintf(stderr,"%s: MLS policy, but non-MLS" + " is specified\n", argv[0]); + exit(1); + } + } else { + if (mlspol) { + fprintf(stderr,"%s: non-MLS policy, but MLS" + " is specified\n", argv[0]); + exit(1); + } + } } else { - yyin = fopen(file, "r"); + policydb_t parse_policy; + + yyin = fopen(file, "r"); if (!yyin) { fprintf(stderr, "%s: unable to open %s\n", argv[0], file); exit(1); } - if (policydb_init(&policydb)) + if (policydb_init(&parse_policy)) exit(1); + /* We build this as a base policy first since that is all the parser understands */ + parse_policy.policy_type = POLICY_BASE; + /* Let sepol know if we are dealing with MLS support */ + parse_policy.mls = mlspol; + id_queue = queue_create(); if (!id_queue) { fprintf(stderr, "%s: out of memory\n", argv[0]); exit(1); } - policydbp = &policydb; - policydb_errors = 0; - pass = 1; + policydbp = &parse_policy; + init_parser(1); if (yyparse() || policydb_errors) { fprintf(stderr, "%s: error(s) encountered while parsing configuration\n", argv[0]); exit(1); } rewind(yyin); - policydb_lineno = 1; + init_parser(2); source_file[0] = '\0'; - source_lineno = 1; yyrestart(yyin); - pass = 2; if (yyparse() || policydb_errors) { fprintf(stderr, "%s: error(s) encountered while parsing configuration\n", argv[0]); exit(1); } queue_destroy(id_queue); - cond_check_type_rules(); - cond_optimize_lists(policydb.cond_list); + if (policydb_errors) + exit(1); + + if (hashtab_map(policydbp->p_levels.table, check_level, NULL)) + exit(1); - check_assertions(); - if (policydb_errors) + if (policydb_init(&policydb)) { + fprintf(stderr, "%s: policydb_init failed\n", argv[0]); exit(1); + } - if (policyvers >= POLICYDB_VERSION_NLCLASS && - policydb.p_classes.nprim < SECCLASS_NETLINK_DNRT_SOCKET) { - fprintf(stderr, "%s: policy lacks new netlink classes, unable to generate policy version %d\n", argv[0], policyvers); + /* Linking takes care of optional avrule blocks */ + if (link_modules(NULL, &parse_policy, NULL, 0, 0)) { + fprintf(stderr, "Error while resolving optionals\n"); exit(1); } - - /* remove type attributes */ - hashtab_map_remove_on_error(policydb.p_types.table, - type_attr_remove, 0, 0); + + if (expand_module(NULL, &parse_policy, &policydb, 0, 1)) { + fprintf(stderr, "Error while expanding policy\n"); + exit(1); + } + policydb_destroy(&parse_policy); + policydbp = &policydb; fclose(yyin); } @@ -614,7 +574,8 @@ exit(1); } - sepol_set_policyvers(policyvers); + policydb.policy_type = POLICY_KERN; + policydb.policyvers = policyvers; pf.type = PF_USE_STDIO; pf.fp = outfp; @@ -626,8 +587,10 @@ } fclose(outfp); } - if (!debug) + if (!debug) { + policydb_destroy(&policydb); exit(0); + } menu: printf("\nSelect an option:\n"); @@ -656,19 +619,19 @@ printf("q) Exit\n"); while (1) { printf("\nChoose: "); - fgets(ans, sizeof(ans), stdin); + FGETS(ans, sizeof(ans), stdin); switch (ans[0]) { case '0': printf("source sid? "); - fgets(ans, sizeof(ans), stdin); + FGETS(ans, sizeof(ans), stdin); ssid = atoi(ans); printf("target sid? "); - fgets(ans, sizeof(ans), stdin); + FGETS(ans, sizeof(ans), stdin); tsid = atoi(ans); printf("target class? "); - fgets(ans, sizeof(ans), stdin); + FGETS(ans, sizeof(ans), stdin); if (isdigit(ans[0])) { tclass = atoi(ans); if (!tclass || tclass > policydb.p_classes.nprim) { @@ -720,7 +683,7 @@ break; case '1': printf("sid? "); - fgets(ans, sizeof(ans), stdin); + FGETS(ans, sizeof(ans), stdin); ssid = atoi(ans); ret = sepol_sid_to_context(ssid, &scontext, &scontext_len); @@ -741,7 +704,7 @@ break; case '2': printf("scontext? "); - fgets(ans, sizeof(ans), stdin); + FGETS(ans, sizeof(ans), stdin); scontext_len = strlen(ans); ans[scontext_len - 1] = 0; ret = sepol_context_to_sid(ans, scontext_len, @@ -766,14 +729,14 @@ ch = ans[0]; printf("source sid? "); - fgets(ans, sizeof(ans), stdin); + FGETS(ans, sizeof(ans), stdin); ssid = atoi(ans); printf("target sid? "); - fgets(ans, sizeof(ans), stdin); + FGETS(ans, sizeof(ans), stdin); tsid = atoi(ans); printf("object class? "); - fgets(ans, sizeof(ans), stdin); + FGETS(ans, sizeof(ans), stdin); if (isdigit(ans[0])) { tclass = atoi(ans); if (!tclass || tclass > policydb.p_classes.nprim) { @@ -816,7 +779,7 @@ break; case '7': printf("pathname? "); - fgets(ans, sizeof(ans), stdin); + FGETS(ans, sizeof(ans), stdin); pathlen = strlen(ans); ans[pathlen - 1] = 0; printf("%s: loading policy configuration from %s\n", argv[0], ans); @@ -854,7 +817,7 @@ break; case '8': printf("fs kdevname? "); - fgets(ans, sizeof(ans), stdin); + FGETS(ans, sizeof(ans), stdin); ans[strlen(ans) - 1] = 0; sepol_fs_sid(ans, &ssid, &tsid); printf("fs_sid %d default_file_sid %d\n", @@ -862,7 +825,7 @@ break; case '9': printf("protocol? "); - fgets(ans, sizeof(ans), stdin); + FGETS(ans, sizeof(ans), stdin); ans[strlen(ans) - 1] = 0; if (!strcmp(ans, "tcp") || !strcmp(ans, "TCP")) protocol = IPPROTO_TCP; @@ -873,14 +836,14 @@ break; } printf("port? "); - fgets(ans, sizeof(ans), stdin); + FGETS(ans, sizeof(ans), stdin); port = atoi(ans); sepol_port_sid(0, 0, protocol, port, &ssid); printf("sid %d\n", ssid); break; case 'a': printf("netif name? "); - fgets(ans, sizeof(ans), stdin); + FGETS(ans, sizeof(ans), stdin); ans[strlen(ans) - 1] = 0; sepol_netif_sid(ans, &ssid, &tsid); printf("if_sid %d default_msg_sid %d\n", @@ -893,7 +856,7 @@ struct in6_addr addr6; printf("protocol family? "); - fgets(ans, sizeof(ans), stdin); + FGETS(ans, sizeof(ans), stdin); ans[strlen(ans) - 1] = 0; if (!strcasecmp(ans, "ipv4")) family = AF_INET; @@ -905,7 +868,7 @@ } printf("node address? "); - fgets(ans, sizeof(ans), stdin); + FGETS(ans, sizeof(ans), stdin); ans[strlen(ans) - 1] = 0; if (family == AF_INET) { @@ -927,10 +890,10 @@ } case 'c': printf("fstype? "); - fgets(ans, sizeof(ans), stdin); + FGETS(ans, sizeof(ans), stdin); ans[strlen(ans) - 1] = 0; - sepol_fs_use(ans, &ret, &ssid); - switch (ret) { + sepol_fs_use(ans, &uret, &ssid); + switch (uret) { case SECURITY_FS_USE_XATTR: printf("use xattr\n"); break; @@ -951,15 +914,15 @@ break; case 'd': printf("fstype? "); - fgets(ans, sizeof(ans), stdin); + FGETS(ans, sizeof(ans), stdin); ans[strlen(ans) - 1] = 0; fstype = strdup(ans); printf("path? "); - fgets(ans, sizeof(ans), stdin); + FGETS(ans, sizeof(ans), stdin); ans[strlen(ans) - 1] = 0; path = strdup(ans); printf("object class? "); - fgets(ans, sizeof(ans), stdin); + FGETS(ans, sizeof(ans), stdin); if (isdigit(ans[0])) { tclass = atoi(ans); if (!tclass || tclass > policydb.p_classes.nprim) { @@ -983,12 +946,12 @@ break; case 'e': printf("from SID? "); - fgets(ans, sizeof(ans), stdin); + FGETS(ans, sizeof(ans), stdin); ans[strlen(ans) - 1] = 0; ssid = atoi(ans); printf("username? "); - fgets(ans, sizeof(ans), stdin); + FGETS(ans, sizeof(ans), stdin); ans[strlen(ans) - 1] = 0; ret = sepol_get_user_sids(ssid, ans, &sids, &nel); @@ -1019,7 +982,7 @@ break; case 'h': printf("name? "); - fgets(ans, sizeof(ans), stdin); + FGETS(ans, sizeof(ans), stdin); ans[strlen(ans) - 1] = 0; name = malloc((strlen(ans) + 1) * sizeof(char)); @@ -1031,7 +994,7 @@ printf("state? "); - fgets(ans, sizeof(ans), stdin); + FGETS(ans, sizeof(ans), stdin); ans[strlen(ans) - 1] = 0; if (atoi(ans)) ==== //depot/projects/trustedbsd/sedarwin7/src/sedarwin/programs/checkpolicy/checkpolicy.h#6 (text+ko) ==== @@ -1,14 +1,14 @@ #ifndef _CHECKPOLICY_H_ #define _CHECKPOLICY_H_ -#include <sepol/ebitmap.h> +#include <sepol/policydb/ebitmap.h> typedef struct te_assert { ebitmap_t stypes; ebitmap_t ttypes; ebitmap_t tclasses; int self; - access_vector_t *avp; + sepol_access_vector_t *avp; unsigned long line; struct te_assert *next; } te_assert_t; ==== //depot/projects/trustedbsd/sedarwin7/src/sedarwin/programs/checkpolicy/module_compiler.c#2 (text+ko) ==== @@ -656,40 +656,42 @@ /* now add each of the permissions to this class's requirements */ while ((perm_id = queue_remove(id_queue)) != NULL) { - if ((perm = malloc(sizeof(*perm))) == NULL) { - yyerror("Out of memory!"); - free(perm_id); - goto cleanup; - } - ret2 = hashtab_insert(datum->permissions.table, perm_id, perm); - switch (ret2) { - case HASHTAB_PRESENT: { - perm = hashtab_search(datum->permissions.table, perm_id); - assert(perm != NULL); /* reuse existing permission */ - free(perm_id); - perm_id = NULL; - break; - } - case HASHTAB_SUCCESS: { - perm->value = datum->permissions.nprim + 1; - break; - } - default: { - yyerror("Out of memory!"); - free(perm_id); - free(perm); - goto cleanup; - } - } + int allocated = 0; + + /* Is the permission already in the table? */ + perm = hashtab_search(datum->permissions.table, perm_id); + if (!perm && datum->comdatum) + perm = hashtab_search(datum->comdatum->permissions.table, perm_id); + if (perm) { + /* Yes, drop the name. */ + free(perm_id); + } else { + /* No - allocate and insert an entry for it. */ + allocated = 1; + if ((perm = malloc(sizeof(*perm))) == NULL) { + yyerror("Out of memory!"); + free(perm_id); + goto cleanup; + } + memset(perm, 0, sizeof(*perm)); + ret = hashtab_insert(datum->permissions.table, perm_id, perm); + if (ret) { + yyerror("Out of memory!"); + free(perm_id); + free(perm); + goto cleanup; + } + perm->value = datum->permissions.nprim + 1; + } + if (add_perm_to_class(perm->value, datum->value) == -1) { yyerror("Out of memory!"); - free(perm_id); - free(perm); goto cleanup; } - if (ret2 == HASHTAB_SUCCESS) { + + /* Update number of primitives if we allocated one. */ + if (allocated) datum->permissions.nprim++; - } } return 0; cleanup: @@ -702,7 +704,7 @@ char *id = queue_remove(id_queue); >>> TRUNCATED FOR MAIL (1000 lines) <<<
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200605171911.k4HJB8k8045053>