PERFORCE change 38085 for review
Andrew Reisse
areisse at FreeBSD.org
Mon Sep 15 14:03:43 GMT 2003
http://perforce.freebsd.org/chv.cgi?CH=38085
Change 38085 by areisse at areisse_tislabs on 2003/09/15 07:03:02
ss/avc from new selinux (2003-08-13 2.4)
Affected files ...
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/checkpolicy/checkpolicy.c#3 edit
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/checkpolicy/checkpolicy.h#2 edit
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/checkpolicy/policy_parse.y#3 edit
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/checkpolicy/policy_scan.l#2 edit
.. //depot/projects/trustedbsd/sebsd/contrib/sebsd/checkpolicy/write.c#1 add
.. //depot/projects/trustedbsd/sebsd/sbin/sebsd_checkpolicy/Makefile#2 edit
.. //depot/projects/trustedbsd/sebsd/sys/security/sebsd/avc/avc.c#4 edit
.. //depot/projects/trustedbsd/sebsd/sys/security/sebsd/avc/avc.h#4 edit
.. //depot/projects/trustedbsd/sebsd/sys/security/sebsd/avc/avc_ss.h#3 edit
.. //depot/projects/trustedbsd/sebsd/sys/security/sebsd/flask_types.h#4 edit
.. //depot/projects/trustedbsd/sebsd/sys/security/sebsd/linux-compat.h#3 edit
.. //depot/projects/trustedbsd/sebsd/sys/security/sebsd/sebsd.c#19 edit
.. //depot/projects/trustedbsd/sebsd/sys/security/sebsd/sebsd.h#3 edit
.. //depot/projects/trustedbsd/sebsd/sys/security/sebsd/sebsd_labels.h#5 edit
.. //depot/projects/trustedbsd/sebsd/sys/security/sebsd/sebsd_syscall.c#3 edit
.. //depot/projects/trustedbsd/sebsd/sys/security/sebsd/sebsd_syscalls.h#4 edit
.. //depot/projects/trustedbsd/sebsd/sys/security/sebsd/sebsd_sysctl.c#4 edit
.. //depot/projects/trustedbsd/sebsd/sys/security/sebsd/ss/avtab.c#4 edit
.. //depot/projects/trustedbsd/sebsd/sys/security/sebsd/ss/avtab.h#4 edit
.. //depot/projects/trustedbsd/sebsd/sys/security/sebsd/ss/constraint.h#3 edit
.. //depot/projects/trustedbsd/sebsd/sys/security/sebsd/ss/context.h#3 edit
.. //depot/projects/trustedbsd/sebsd/sys/security/sebsd/ss/ebitmap.c#3 edit
.. //depot/projects/trustedbsd/sebsd/sys/security/sebsd/ss/ebitmap.h#3 edit
.. //depot/projects/trustedbsd/sebsd/sys/security/sebsd/ss/global.h#6 edit
.. //depot/projects/trustedbsd/sebsd/sys/security/sebsd/ss/hashtab.c#3 edit
.. //depot/projects/trustedbsd/sebsd/sys/security/sebsd/ss/hashtab.h#3 edit
.. //depot/projects/trustedbsd/sebsd/sys/security/sebsd/ss/init.c#3 edit
.. //depot/projects/trustedbsd/sebsd/sys/security/sebsd/ss/mls.c#3 edit
.. //depot/projects/trustedbsd/sebsd/sys/security/sebsd/ss/mls_types.h#3 edit
.. //depot/projects/trustedbsd/sebsd/sys/security/sebsd/ss/policydb.c#3 edit
.. //depot/projects/trustedbsd/sebsd/sys/security/sebsd/ss/policydb.h#4 edit
.. //depot/projects/trustedbsd/sebsd/sys/security/sebsd/ss/queue.c#3 edit
.. //depot/projects/trustedbsd/sebsd/sys/security/sebsd/ss/security.h#3 edit
.. //depot/projects/trustedbsd/sebsd/sys/security/sebsd/ss/services.c#5 edit
.. //depot/projects/trustedbsd/sebsd/sys/security/sebsd/ss/services.h#3 edit
.. //depot/projects/trustedbsd/sebsd/sys/security/sebsd/ss/sidtab.c#6 edit
.. //depot/projects/trustedbsd/sebsd/sys/security/sebsd/ss/sidtab.h#3 edit
.. //depot/projects/trustedbsd/sebsd/sys/security/sebsd/ss/symtab.c#3 edit
.. //depot/projects/trustedbsd/sebsd/sys/security/sebsd/ss/symtab.h#3 edit
Differences ...
==== //depot/projects/trustedbsd/sebsd/contrib/sebsd/checkpolicy/checkpolicy.c#3 (text+ko) ====
@@ -65,7 +65,7 @@
char *txtfile = "policy.conf";
char *binfile = "policy";
-int avc_debug_always_allow = 0;
+int selinux_enforcing = 1;
int avc_ss_reset(__u32 seqno)
{
@@ -311,6 +311,7 @@
security_id_t ssid, tsid, *sids;
security_context_t scontext;
access_vector_t allowed, decided, auditallow, auditdeny;
+ struct av_decision avd;
class_datum_t *cladatum;
char ans[80 + 1], *perm, *file = txtfile, *outfile = NULL, *path, *fstype;
unsigned int scontext_len, pathlen, seqno, i;
@@ -483,10 +484,8 @@
printf("\nNo access vector definition for that class\n");
break;
}
- ret = security_compute_av(ssid, tsid, tclass, 0,
- &allowed, &decided,
- &auditallow, &auditdeny,
- &seqno);
+ ret = security_compute_av(ssid, tsid, tclass, 0, &avd);
+ allowed = avd.allowed;
switch (ret) {
case 0:
printf("\nallowed {");
@@ -506,22 +505,6 @@
}
printf(" }\n");
- printf("audit-allowed {");
- for (i = 1; i <= sizeof(allowed) * 8; i++) {
- if (auditallow & (((access_vector_t)1) << (i - 1))) {
- perm = (char *) hashtab_map(cladatum->permissions.table,
- find_perm, &i);
-
- if (!perm && cladatum->comdatum) {
- perm = (char *) hashtab_map(cladatum->comdatum->permissions.table,
- find_perm, &i);
- }
- if (perm)
- printf(" %s", perm);
- }
- }
- printf(" }\n");
-
break;
case -EINVAL:
printf("\ninvalid sid\n");
@@ -701,8 +684,8 @@
ans[strlen(ans) - 1] = 0;
security_fs_use(ans, &ret, &ssid);
switch (ret) {
- case SECURITY_FS_USE_PSID:
- printf("use persistent label mapping\n");
+ case SECURITY_FS_USE_XATTR:
+ printf("use extended attributes\n");
break;
case SECURITY_FS_USE_TRANS:
printf("use transition SIDs\n");
@@ -717,7 +700,7 @@
printf("no labeling support\n");
break;
}
- if (ret != SECURITY_FS_USE_PSID)
+ if (ret != SECURITY_FS_USE_XATTR)
printf("sid %d\n", ssid);
break;
case 'd':
==== //depot/projects/trustedbsd/sebsd/contrib/sebsd/checkpolicy/checkpolicy.h#2 (text+ko) ====
@@ -4,9 +4,9 @@
#include "ebitmap.h"
typedef struct te_assert {
- ebitmap_t stypes;
- ebitmap_t ttypes;
- ebitmap_t tclasses;
+ struct ebitmap stypes;
+ struct ebitmap ttypes;
+ struct ebitmap tclasses;
int self;
access_vector_t *avp;
unsigned long line;
@@ -15,4 +15,39 @@
te_assert_t *te_assertions;
+typedef u_int64_t __u64;
+typedef u_int32_t __u32;
+typedef u_int16_t __u16;
+typedef u_int8_t __u8;
+
+typedef struct ebitmap ebitmap_t;
+typedef struct ebitmap_node ebitmap_node_t;
+typedef struct avtab avtab_t;
+typedef struct avtab_node *avtab_ptr_t;
+typedef struct avtab_key avtab_key_t;
+typedef struct avtab_datum avtab_datum_t;
+typedef struct policydb policydb_t;
+typedef struct role_datum role_datum_t;
+typedef struct class_datum class_datum_t;
+typedef struct common_datum common_datum_t;
+typedef struct perm_datum perm_datum_t;
+typedef struct type_datum type_datum_t;
+typedef struct user_datum user_datum_t;
+typedef struct constraint_expr constraint_expr_t;
+typedef struct constraint_node constraint_node_t;
+typedef struct context context_struct_t;
+typedef struct context context_t;
+typedef struct ocontext ocontext_t;
+typedef struct genfs genfs_t;
+typedef void *hashtab_key_t;
+typedef void *hashtab_datum_t;
+
+#define HASHTAB_SUCCESS 0
+#define HASHTAB_OVERFLOW ENOMEM
+#define HASHTAB_PRESENT EEXIST
+#define HASHTAB_MISSING ENOENT
+
+#define TRUE 1
+#define FALSE 0
+
#endif
==== //depot/projects/trustedbsd/sebsd/contrib/sebsd/checkpolicy/policy_parse.y#3 (text+ko) ====
@@ -1,10 +1,6 @@
/*
- * Author : Stephen Smalley (NAI Labs), <ssmalley at nai.com>
- *
- * The policy compiler was originally written while I was employed by NSA,
- * but I have implemented a number of extensions and revisions since
- * joining NAI Labs.
+ * Author : Stephen Smalley, <sds at epoch.ncsc.mil>
*/
/* FLASK */
@@ -17,13 +13,16 @@
#include <netinet/in.h>
#include "linux-compat.h"
#endif /* __FreeBSD__ */
-#include "flask.h"
#include "policydb.h"
#include "services.h"
#include "queue.h"
#include "checkpolicy.h"
+#include "flask.h"
#include "security.h"
+#define TRUE 1
+#define FALSE 0
+
policydb_t *policydbp;
queue_t id_queue = 0;
unsigned int pass;
@@ -58,7 +57,7 @@
static int define_role_trans(void);
static int define_role_allow(void);
static int define_constraint(constraint_expr_t *expr);
-static constraint_expr_t *define_cexpr(__u32 expr_type, __u32 arg1, __u32 arg2);
+static constraint_expr_t *define_cexpr(__u32 expr_type, void *arg1, void* arg2);
static int define_user(void);
static int parse_security_context(context_struct_t *c);
static int define_initial_sid_context(void);
@@ -70,6 +69,14 @@
static int define_node_context(int addr, int mask);
%}
+%union {
+ int val;
+ void *ptr;
+}
+
+%type <ptr> role_def roles cexpr cexpr_prim op roleop
+%type <val> ipv4_addr_def number
+
%token PATH
%token CLONE
%token COMMON
@@ -103,11 +110,12 @@
%token TARGET
%token SAMEUSER
%token FSCON PORTCON NETIFCON NODECON
-%token FSUSEPSID FSUSETASK FSUSETRANS
+%token FSUSEXATTR FSUSETASK FSUSETRANS
%token GENFSCON
%token U1 U2 R1 R2 T1 T2
%token NOT AND OR
%token IDENTIFIER
+%token USER_IDENTIFIER
%token NUMBER
%token EQUALS
%token NOTEQUAL
@@ -292,12 +300,12 @@
roles : role_def
{ $$ = $1; }
| roles role_def
- { $$ = (int) merge_roles_dom((role_datum_t*)$1, (role_datum_t*)$2); if ($$ == 0) return -1;}
+ { $$ = merge_roles_dom((role_datum_t*)$1, (role_datum_t*)$2); if ($$ == 0) return -1;}
;
role_def : ROLE identifier_push ';'
- {$$ = (int) define_role_dom(NULL); if ($$ == 0) return -1;}
+ {$$ = define_role_dom(NULL); if ($$ == 0) return -1;}
| ROLE identifier_push '{' roles '}'
- {$$ = (int) define_role_dom((role_datum_t*)$4); if ($$ == 0) return -1;}
+ {$$ = define_role_dom((role_datum_t*)$4); if ($$ == 0) return -1;}
;
opt_constraints : constraints
|
@@ -311,82 +319,84 @@
cexpr : '(' cexpr ')'
{ $$ = $2; }
| NOT cexpr
- { $$ = (int) define_cexpr(CEXPR_NOT, $2, 0);
+ { $$ = define_cexpr(CEXPR_NOT, $2, 0);
if ($$ == 0) return -1; }
| cexpr AND cexpr
- { $$ = (int) define_cexpr(CEXPR_AND, $1, $3);
+ { $$ = define_cexpr(CEXPR_AND, $1, $3);
if ($$ == 0) return -1; }
| cexpr OR cexpr
- { $$ = (int) define_cexpr(CEXPR_OR, $1, $3);
+ { $$ = define_cexpr(CEXPR_OR, $1, $3);
if ($$ == 0) return -1; }
| cexpr_prim
{ $$ = $1; }
;
cexpr_prim : U1 op U2
- { $$ = (int) define_cexpr(CEXPR_ATTR, CEXPR_USER, $2);
+ { $$ = define_cexpr(CEXPR_ATTR, (void*)CEXPR_USER, $2);
if ($$ == 0) return -1; }
| R1 roleop R2
- { $$ = (int) define_cexpr(CEXPR_ATTR, CEXPR_ROLE, $2);
+ { $$ = define_cexpr(CEXPR_ATTR, (void*)CEXPR_ROLE, $2);
if ($$ == 0) return -1; }
| T1 op T2
- { $$ = (int) define_cexpr(CEXPR_ATTR, CEXPR_TYPE, $2);
+ { $$ = define_cexpr(CEXPR_ATTR, (void*)CEXPR_TYPE, $2);
if ($$ == 0) return -1; }
- | U1 op { if (insert_separator(1)) return -1; } names_push
- { $$ = (int) define_cexpr(CEXPR_NAMES, CEXPR_USER, $2);
+ | U1 op { if (insert_separator(1)) return -1; } user_names_push
+ { $$ = define_cexpr(CEXPR_NAMES, (void*)CEXPR_USER, $2);
if ($$ == 0) return -1; }
- | U2 op { if (insert_separator(1)) return -1; } names_push
- { $$ = (int) define_cexpr(CEXPR_NAMES, CEXPR_USER | CEXPR_TARGET, $2);
+ | U2 op { if (insert_separator(1)) return -1; } user_names_push
+ { $$ = define_cexpr(CEXPR_NAMES, (void*)(CEXPR_USER | CEXPR_TARGET), $2);
if ($$ == 0) return -1; }
| R1 op { if (insert_separator(1)) return -1; } names_push
- { $$ = (int) define_cexpr(CEXPR_NAMES, CEXPR_ROLE, $2);
+ { $$ = define_cexpr(CEXPR_NAMES, (void*)CEXPR_ROLE, $2);
if ($$ == 0) return -1; }
| R2 op { if (insert_separator(1)) return -1; } names_push
- { $$ = (int) define_cexpr(CEXPR_NAMES, CEXPR_ROLE | CEXPR_TARGET, $2);
+ { $$ = define_cexpr(CEXPR_NAMES, (void*)(CEXPR_ROLE | CEXPR_TARGET), $2);
if ($$ == 0) return -1; }
| T1 op { if (insert_separator(1)) return -1; } names_push
- { $$ = (int) define_cexpr(CEXPR_NAMES, CEXPR_TYPE, $2);
+ { $$ = define_cexpr(CEXPR_NAMES, (void*)CEXPR_TYPE, $2);
if ($$ == 0) return -1; }
| T2 op { if (insert_separator(1)) return -1; } names_push
- { $$ = (int) define_cexpr(CEXPR_NAMES, CEXPR_TYPE | CEXPR_TARGET, $2);
+ { $$ = define_cexpr(CEXPR_NAMES, (void*)(CEXPR_TYPE | CEXPR_TARGET), $2);
if ($$ == 0) return -1; }
- ;
| SAMEUSER
- { $$ = (int) define_cexpr(CEXPR_ATTR, CEXPR_USER, CEXPR_EQ);
+ { $$ = define_cexpr(CEXPR_ATTR, (void*)CEXPR_USER, (void*)CEXPR_EQ);
if ($$ == 0) return -1; }
| SOURCE ROLE { if (insert_separator(1)) return -1; } names_push
- { $$ = (int) define_cexpr(CEXPR_NAMES, CEXPR_ROLE, CEXPR_EQ);
+ { $$ = define_cexpr(CEXPR_NAMES, (void*)CEXPR_ROLE, (void*)CEXPR_EQ);
if ($$ == 0) return -1; }
| TARGET ROLE { if (insert_separator(1)) return -1; } names_push
- { $$ = (int) define_cexpr(CEXPR_NAMES, CEXPR_ROLE | CEXPR_TARGET, CEXPR_EQ);
+ { $$ = define_cexpr(CEXPR_NAMES, (void*)(CEXPR_ROLE | CEXPR_TARGET), (void*)CEXPR_EQ);
if ($$ == 0) return -1; }
| ROLE roleop
- { $$ = (int) define_cexpr(CEXPR_ATTR, CEXPR_ROLE, $2);
+ { $$ = define_cexpr(CEXPR_ATTR, (void*)CEXPR_ROLE, (void*)$2);
if ($$ == 0) return -1; }
| SOURCE TYPE { if (insert_separator(1)) return -1; } names_push
- { $$ = (int) define_cexpr(CEXPR_NAMES, CEXPR_TYPE, CEXPR_EQ);
+ { $$ = define_cexpr(CEXPR_NAMES, (void*)CEXPR_TYPE, (void*)CEXPR_EQ);
if ($$ == 0) return -1; }
| TARGET TYPE { if (insert_separator(1)) return -1; } names_push
- { $$ = (int) define_cexpr(CEXPR_NAMES, CEXPR_TYPE | CEXPR_TARGET, CEXPR_EQ);
+ { $$ = define_cexpr(CEXPR_NAMES, (void*)(CEXPR_TYPE | CEXPR_TARGET), (void*)CEXPR_EQ);
if ($$ == 0) return -1; }
;
op : EQUALS
- { $$ = CEXPR_EQ; }
+ { $$ = (void*)CEXPR_EQ; }
| NOTEQUAL
- { $$ = CEXPR_NEQ; }
+ { $$ = (void*)CEXPR_NEQ; }
;
roleop : op
{ $$ = $1; }
| DOM
- { $$ = CEXPR_DOM; }
+ { $$ = (void*)CEXPR_DOM; }
| DOMBY
- { $$ = CEXPR_DOMBY; }
+ { $$ = (void*)CEXPR_DOMBY; }
| INCOMP
- { $$ = CEXPR_INCOMP; }
+ { $$ = (void*)CEXPR_INCOMP; }
;
users : user_def
| users user_def
;
-user_def : USER identifier ROLES names opt_user_ranges ';'
+user_id : identifier
+ | user_identifier
+ ;
+user_def : USER user_id ROLES names opt_user_ranges ';'
{if (define_user()) return -1;}
;
opt_user_ranges : RANGES user_ranges
@@ -447,8 +457,8 @@
fs_uses : fs_use_def
| fs_uses fs_use_def
;
-fs_use_def : FSUSEPSID identifier ';'
- {if (define_fs_use(SECURITY_FS_USE_PSID)) return -1;}
+fs_use_def : FSUSEXATTR identifier security_context_def ';'
+ {if (define_fs_use(SECURITY_FS_USE_XATTR)) return -1;}
| FSUSETASK identifier security_context_def ';'
{if (define_fs_use(SECURITY_FS_USE_TASK)) return -1;}
| FSUSETRANS identifier security_context_def ';'
@@ -479,7 +489,7 @@
$$ = addr;
}
;
-security_context_def : identifier ':' identifier ':' identifier opt_mls_range_def
+security_context_def : user_id ':' identifier ':' identifier opt_mls_range_def
;
opt_mls_range_def : ':' mls_range_def
|
@@ -545,6 +555,23 @@
identifier : IDENTIFIER
{ if (insert_id(yytext,0)) return -1; }
;
+user_identifier : USER_IDENTIFIER
+ { if (insert_id(yytext,0)) return -1; }
+ ;
+user_identifier_push : USER_IDENTIFIER
+ { if (insert_id(yytext, 1)) return -1; }
+ ;
+user_identifier_list_push : user_identifier_push
+ | identifier_list_push user_identifier_push
+ | user_identifier_list_push identifier_push
+ | user_identifier_list_push user_identifier_push
+ ;
+user_names_push : names_push
+ | user_identifier_push
+ | '{' user_identifier_list_push '}'
+ | tilde_push user_identifier_push
+ | tilde_push '{' user_identifier_list_push '}'
+ ;
path : PATH
{ if (insert_id(yytext,0)) return -1; }
;
@@ -1196,7 +1223,7 @@
free(id);
continue;
}
- if (!ebitmap_set_bit(&levdatum->level->cat, catdatum->value - 1, TRUE)) {
+ if (ebitmap_set_bit(&levdatum->level->cat, catdatum->value - 1, TRUE)) {
yyerror("out of memory");
free(id);
free(levid);
@@ -1538,19 +1565,19 @@
while ((id = queue_remove(id_queue))) {
#ifdef CONFIG_SECURITY_SELINUX_MLS
if (!strcmp(id, "mlstrustedreader")) {
- if (!ebitmap_set_bit(&policydbp->trustedreaders, datum->value - 1, TRUE)) {
+ if (ebitmap_set_bit(&policydbp->trustedreaders, datum->value - 1, TRUE)) {
yyerror("out of memory");
free(id);
return -1;
}
} else if (!strcmp(id, "mlstrustedwriter")) {
- if (!ebitmap_set_bit(&policydbp->trustedwriters, datum->value - 1, TRUE)) {
+ if (ebitmap_set_bit(&policydbp->trustedwriters, datum->value - 1, TRUE)) {
yyerror("out of memory");
free(id);
return -1;
}
} else if (!strcmp(id, "mlstrustedobject")) {
- if (!ebitmap_set_bit(&policydbp->trustedobjects, datum->value - 1, TRUE)) {
+ if (ebitmap_set_bit(&policydbp->trustedobjects, datum->value - 1, TRUE)) {
yyerror("out of memory");
free(id);
return -1;
@@ -1603,26 +1630,37 @@
return 0;
}
+struct val_to_name {
+ unsigned int val;
+ char *name;
+};
static int type_val_to_name_helper(hashtab_key_t key, hashtab_datum_t datum, void *p)
{
- unsigned int value;
type_datum_t *typdatum;
+ struct val_to_name *v = p;
- value = (unsigned int) p;
typdatum = (type_datum_t *) datum;
- if (value == typdatum->value)
- return (int) key;
+ if (v->val == typdatum->value) {
+ v->name = key;
+ return 1;
+ }
return 0;
}
-
static char *type_val_to_name(unsigned int val)
{
- return (char*) hashtab_map(policydbp->p_types.table,
- type_val_to_name_helper, (void *)val);
+ struct val_to_name v;
+ int rc;
+
+ v.val = val;
+ rc = hashtab_map(policydbp->p_types.table,
+ type_val_to_name_helper, &v);
+ if (rc)
+ return v.name;
+ return NULL;
}
@@ -1815,14 +1853,15 @@
static int perm_name(hashtab_key_t key, hashtab_datum_t datum, void *data)
{
- unsigned int val;
+ struct val_to_name *v = data;
perm_datum_t *perdatum;
- val = (unsigned int) data;
perdatum = (perm_datum_t *) datum;
- if (val == perdatum->value)
- return (int) key;
+ if (v->val == perdatum->value) {
+ v->name = key;
+ return 1;
+ }
return 0;
}
@@ -1830,23 +1869,26 @@
char *av_to_string(__u32 tclass, access_vector_t av)
{
+ struct val_to_name v;
static char avbuf[1024];
class_datum_t *cladatum;
- char *perm, *p;
- int i;
+ char *perm = NULL, *p;
+ int i, rc;
cladatum = policydbp->class_val_to_struct[tclass-1];
p = avbuf;
for (i = 0; i < cladatum->permissions.nprim; i++) {
if (av & (1 << i)) {
- perm = (char *) hashtab_map(
- cladatum->permissions.table,
- perm_name, (void*)(i+1));
- if (!perm && cladatum->comdatum) {
- perm = (char *) hashtab_map(
+ v.val = i+1;
+ rc = hashtab_map(cladatum->permissions.table,
+ perm_name, &v);
+ if (!rc && cladatum->comdatum) {
+ rc = hashtab_map(
cladatum->comdatum->permissions.table,
- perm_name, (void*)(i+1));
+ perm_name, &v);
}
+ if (rc)
+ perm = v.name;
if (perm) {
sprintf(p, " %s", perm);
p += strlen(p);
@@ -1860,11 +1902,12 @@
static int te_avtab_helper(int which, int stype, int ttype,
ebitmap_t *tclasses, access_vector_t *avp)
+
{
avtab_key_t avkey;
avtab_datum_t avdatum, *avdatump;
int ret, k;
-
+
if (which == -AVTAB_ALLOWED) {
yyerror("neverallow should not reach this function.");
return -1;
@@ -2062,16 +2105,18 @@
return -1;
}
+
static int role_val_to_name_helper(hashtab_key_t key, hashtab_datum_t datum, void *p)
{
- unsigned int value;
+ struct val_to_name *v = p;
role_datum_t *roldatum;
- value = (unsigned int) p;
roldatum = (role_datum_t *) datum;
- if (value == roldatum->value)
- return (int) key;
+ if (v->val == roldatum->value) {
+ v->name = key;
+ return 1;
+ }
return 0;
}
@@ -2079,8 +2124,15 @@
static char *role_val_to_name(unsigned int val)
{
- return (char*) hashtab_map(policydbp->p_roles.table,
- role_val_to_name_helper, (void *)val);
+ struct val_to_name v;
+ int rc;
+
+ v.val = val;
+ rc = hashtab_map(policydbp->p_roles.table,
+ role_val_to_name_helper, &v);
+ if (rc)
+ return v.name;
+ return NULL;
}
static int define_role_types(void)
@@ -2146,11 +2198,11 @@
}
memset(new, 0, sizeof(role_datum_t));
new->value = 0; /* temporary role */
- if (!ebitmap_or(&new->dominates, &r1->dominates, &r2->dominates)) {
+ if (ebitmap_or(&new->dominates, &r1->dominates, &r2->dominates)) {
yyerror("out of memory");
return NULL;
}
- if (!ebitmap_or(&new->types, &r1->types, &r2->types)) {
+ if (ebitmap_or(&new->types, &r1->types, &r2->types)) {
yyerror("out of memory");
return NULL;
}
@@ -2418,7 +2470,8 @@
class_datum_t *cladatum;
perm_datum_t *perdatum;
ebitmap_t classmap;
- int i;
+ constraint_expr_t *e;
+ int i, depth;
if (pass == 1) {
while ((id = queue_remove(id_queue)))
@@ -2428,6 +2481,41 @@
return 0;
}
+ depth = -1;
+ for (e = expr; e; e = e->next) {
+ switch (e->expr_type) {
+ case CEXPR_NOT:
+ if (depth < 0) {
+ yyerror("illegal constraint expression");
+ return -1;
+ }
+ break;
+ case CEXPR_AND:
+ case CEXPR_OR:
+ if (depth < 1) {
+ yyerror("illegal constraint expression");
+ return -1;
+ }
+ depth--;
+ break;
+ case CEXPR_ATTR:
+ case CEXPR_NAMES:
+ if (depth == (CEXPR_MAXDEPTH-1)) {
+ yyerror("constraint expression is too deep");
+ return -1;
+ }
+ depth++;
+ break;
+ default:
+ yyerror("illegal constraint expression");
+ return -1;
+ }
+ }
+ if (depth != 0) {
+ yyerror("illegal constraint expression");
+ return -1;
+ }
+
ebitmap_init(&classmap);
while ((id = queue_remove(id_queue))) {
cladatum = (class_datum_t *) hashtab_search(policydbp->p_classes.table,
@@ -2437,25 +2525,21 @@
ebitmap_destroy(&classmap);
yyerror(errormsg);
free(id);
- constraint_expr_destroy(expr);
return -1;
}
- if (!ebitmap_set_bit(&classmap, cladatum->value - 1, TRUE)) {
+ if (ebitmap_set_bit(&classmap, cladatum->value - 1, TRUE)) {
yyerror("out of memory");
ebitmap_destroy(&classmap);
free(id);
- constraint_expr_destroy(expr);
return -1;
}
node = malloc(sizeof(struct constraint_node));
if (!node) {
yyerror("out of memory");
- constraint_expr_destroy(expr);
return -1;
}
memset(node, 0, sizeof(constraint_node_t));
node->expr = expr;
- expr->count++;
node->permissions = 0;
node->next = cladatum->constraints;
@@ -2464,8 +2548,6 @@
free(id);
}
- expr->count--;
-
while ((id = queue_remove(id_queue))) {
for (i = ebitmap_startbit(&classmap); i < ebitmap_length(&classmap); i++) {
if (ebitmap_get_bit(&classmap, i)) {
@@ -2500,9 +2582,9 @@
static constraint_expr_t *
- define_cexpr(__u32 expr_type, __u32 arg1, __u32 arg2)
+ define_cexpr(__u32 expr_type, void* arg1, void* arg2)
{
- struct constraint_expr *expr;
+ struct constraint_expr *expr, *e1 = NULL, *e2;
user_datum_t *user;
role_datum_t *role;
char *id;
@@ -2523,50 +2605,90 @@
}
memset(expr, 0, sizeof(constraint_expr_t));
expr->expr_type = expr_type;
- expr->count = 1;
switch (expr_type) {
case CEXPR_NOT:
+ e1 = NULL;
+ e2 = (struct constraint_expr *) arg1;
+ while (e2) {
+ e1 = e2;
+ e2 = e2->next;
+ }
+ if (!e1 || e1->next) {
+ yyerror("illegal constraint expression");
+ free(expr);
+ return NULL;
+ }
+ e1->next = expr;
+ return (struct constraint_expr *) arg1;
case CEXPR_AND:
case CEXPR_OR:
- expr->left = (struct constraint_expr *) arg1;
- expr->right = (struct constraint_expr *) arg2;
- break;
+ e1 = NULL;
+ e2 = (struct constraint_expr *) arg1;
+ while (e2) {
+ e1 = e2;
+ e2 = e2->next;
+ }
+ if (!e1 || e1->next) {
+ yyerror("illegal constraint expression");
+ free(expr);
+ return NULL;
+ }
+ e1->next = (struct constraint_expr *) arg2;
+
+ e1 = NULL;
+ e2 = (struct constraint_expr *) arg2;
+ while (e2) {
+ e1 = e2;
+ e2 = e2->next;
+ }
+ if (!e1 || e1->next) {
+ yyerror("illegal constraint expression");
+ free(expr);
+ return NULL;
+ }
+ e1->next = expr;
+ return (struct constraint_expr *) arg1;
case CEXPR_ATTR:
- expr->attr = arg1;
- expr->op = arg2;
- break;
+ expr->attr = (__u32)arg1;
+ expr->op = (__u32)arg2;
+ return expr;
case CEXPR_NAMES:
- expr->attr = arg1;
- expr->op = arg2;
+ expr->attr = (__u32)arg1;
+ expr->op = (__u32)arg2;
while ((id = (char *) queue_remove(id_queue))) {
- if (arg1 & CEXPR_USER) {
+ if (expr->attr & CEXPR_USER) {
user = (user_datum_t *) hashtab_search(policydbp->p_users.table,
(hashtab_key_t) id);
if (!user) {
sprintf(errormsg, "unknown user %s", id);
yyerror(errormsg);
+ free(expr);
return NULL;
}
val = user->value;
- } else if (arg1 & CEXPR_ROLE) {
+ } else if (expr->attr & CEXPR_ROLE) {
role = (role_datum_t *) hashtab_search(policydbp->p_roles.table,
(hashtab_key_t) id);
if (!role) {
sprintf(errormsg, "unknown role %s", id);
yyerror(errormsg);
+ free(expr);
return NULL;
}
val = role->value;
- } else if (arg1 & CEXPR_TYPE) {
- if (set_types(&expr->names, id))
+ } else if (expr->attr & CEXPR_TYPE) {
+ if (set_types(&expr->names, id)) {
+ free(expr);
return NULL;
+ }
continue;
} else {
yyerror("invalid constraint expression");
+ free(expr);
return NULL;
}
- if (!ebitmap_set_bit(&expr->names, val - 1, TRUE)) {
+ if (ebitmap_set_bit(&expr->names, val - 1, TRUE)) {
yyerror("out of memory");
ebitmap_destroy(&expr->names);
free(expr);
@@ -2574,13 +2696,16 @@
}
free(id);
}
- break;
+ return expr;
default:
yyerror("invalid constraint expression");
+ free(expr);
return NULL;
}
- return expr;
+ yyerror("invalid constraint expression");
+ free(expr);
+ return NULL;
}
@@ -2751,7 +2876,7 @@
free(id);
continue;
}
- if (!ebitmap_set_bit(&rnode->range.level[l].cat, catdatum->value - 1, TRUE)) {
+ if (ebitmap_set_bit(&rnode->range.level[l].cat, catdatum->value - 1, TRUE)) {
yyerror("out of memory");
free(id);
free(levid);
@@ -2778,7 +2903,7 @@
if (l == 0) {
rnode->range.level[1].sens = rnode->range.level[0].sens;
- if (!ebitmap_cpy(&rnode->range.level[1].cat, &rnode->range.level[0].cat)) {
+ if (ebitmap_cpy(&rnode->range.level[1].cat, &rnode->range.level[0].cat)) {
yyerror("out of memory");
free(id);
ebitmap_destroy(&rnode->range.level[0].cat);
@@ -2934,7 +3059,7 @@
free(id);
goto bad;
}
- if (!ebitmap_set_bit(&c->range.level[l].cat,
+ if (ebitmap_set_bit(&c->range.level[l].cat,
catdatum->value - 1, TRUE)) {
yyerror("out of memory");
free(levid);
@@ -2956,7 +3081,7 @@
if (l == 0) {
c->range.level[1].sens = c->range.level[0].sens;
- if (!ebitmap_cpy(&c->range.level[1].cat, &c->range.level[0].cat)) {
+ if (ebitmap_cpy(&c->range.level[1].cat, &c->range.level[0].cat)) {
yyerror("out of memory");
goto bad;
@@ -3218,8 +3343,7 @@
if (pass == 1) {
free(queue_remove(id_queue));
- if (behavior != SECURITY_FS_USE_PSID)
- parse_security_context(NULL);
+ parse_security_context(NULL);
return 0;
}
@@ -3236,13 +3360,12 @@
return -1;
}
newc->v.behavior = behavior;
- if (behavior != SECURITY_FS_USE_PSID) {
- if (parse_security_context(&newc->context[0])) {
- free(newc->u.name);
- free(newc);
- return -1;
- }
+ if (parse_security_context(&newc->context[0])) {
+ free(newc->u.name);
+ free(newc);
+ return -1;
}
+
head = policydbp->ocontexts[OCON_FSUSE];
for (c = head; c; c = c->next) {
==== //depot/projects/trustedbsd/sebsd/contrib/sebsd/checkpolicy/policy_scan.l#2 (text+ko) ====
@@ -1,10 +1,6 @@
/*
- * Author : Stephen Smalley (NAI Labs), <ssmalley at nai.com>
- *
- * The policy compiler was originally written while I was employed by NSA,
- * but I have implemented a number of extensions and revisions since
- * joining NAI Labs.
+ * Author : Stephen Smalley, <sds at epoch.ncsc.mil>
*/
/* FLASK */
@@ -12,7 +8,6 @@
%{
#include "policy_parse.h"
-
static char linebuf[2][255];
static unsigned int lno = 0;
@@ -111,8 +106,8 @@
NETIFCON { return(NETIFCON);}
nodecon |
NODECON { return(NODECON);}
-fs_use_psid |
-FS_USE_PSID {return(FSUSEPSID);}
+fs_use_xattr |
+FS_USE_XATTR {return(FSUSEXATTR);}
fs_use_task |
FS_USE_TASK {return(FSUSETASK);}
fs_use_trans |
@@ -131,8 +126,9 @@
T1 { return(T1); }
t2 |
T2 { return(T2); }
-"/"({letter}|{digit}|_|"."|"/")* { return(PATH); }
+"/"({letter}|{digit}|_|"."|"-"|"/")* { return(PATH); }
{letter}({letter}|{digit}|_)* { return(IDENTIFIER); }
+{letter}({letter}|{digit}|_|"."|"-")* { return(USER_IDENTIFIER); }
{digit}{digit}* { return(NUMBER); }
#[^\n]* { /* delete comments */ }
[ \t\f]+ { /* delete whitespace */ }
==== //depot/projects/trustedbsd/sebsd/sbin/sebsd_checkpolicy/Makefile#2 (text+ko) ====
@@ -5,15 +5,16 @@
PROG= sebsd_checkpolicy
MAN=
SRCS= policy_scan.l policy_parse.y checkpolicy.c avtab.c ebitmap.c \
- hashtab.c queue.c policydb.c services.c sidtab.c symtab.c
+ hashtab.c queue.c policydb.c services.c sidtab.c symtab.c write.c
CFLAGS+=-I${.CURDIR}/../../contrib/sebsd/checkpolicy
CFLAGS+=-I${.CURDIR}/../../sys/security/sebsd/avc
CFLAGS+=-I${.CURDIR}/../../sys/security/sebsd/ss
CFLAGS+=-I${.CURDIR}/../../sys/security/sebsd
CFLAGS+=-I${.CURDIR}/../../sys
CFLAGS+=-I${.OBJDIR}
+CFLAGS+=-g
-LDADD+= -lfl
+LDADD+= -g -lfl
WARNS= 0
==== //depot/projects/trustedbsd/sebsd/sys/security/sebsd/avc/avc.c#4 (text+ko) ====
@@ -1,16 +1,16 @@
/*
- * Author: Stephen Smalley, NAI Labs, <ssmalley at nai.com>
+ * Implementation of the kernel access vector cache (AVC).
+ *
+ * Authors: Stephen Smalley, <sds at epoch.ncsc.mil>
+ * James Morris <jmorris at redhat.com>
*
- * The access vector cache was originally written while I was employed by NSA,
- * and has undergone some revisions since I joined NAI Labs, but is largely
- * unchanged.
+ * Copyright (C) 2003 Red Hat, Inc., James Morris <jmorris at redhat.com>
*
- * Ported to FreeBSD: Chris Vance, NAI Labs, <cvance at nai.com>
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 2,
+ * as published by the Free Software Foundation.
*/
>>> TRUNCATED FOR MAIL (1000 lines) <<<
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-cvs" in the body of the message
More information about the trustedbsd-cvs
mailing list