From patchwork Thu Oct 11 12:35:45 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: James Carter X-Patchwork-Id: 10636607 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 07B475CAF for ; Thu, 11 Oct 2018 12:37:27 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id F28EF2B2F8 for ; Thu, 11 Oct 2018 12:37:26 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id E6FE42B45A; Thu, 11 Oct 2018 12:37:26 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-5.2 required=2.0 tests=BAYES_00,MAILING_LIST_MULTI, RCVD_IN_DNSWL_MED autolearn=ham version=3.3.1 Received: from USFB19PA12.eemsg.mail.mil (uphb19pa09.eemsg.mail.mil [214.24.26.83]) (using TLSv1.2 with cipher DHE-RSA-AES256-SHA256 (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 4DC2B2B44F for ; Thu, 11 Oct 2018 12:37:26 +0000 (UTC) X-EEMSG-check-008: 222198950|USFB19PA12_EEMSG_MP8.csd.disa.mil Received: from emsm-gh1-uea10.ncsc.mil ([214.29.60.2]) by USFB19PA12.eemsg.mail.mil with ESMTP; 11 Oct 2018 12:37:25 +0000 X-IronPort-AV: E=Sophos;i="5.54,368,1534809600"; d="scan'208";a="16722926" IronPort-PHdr: 9a23:8CQ6DROEHGc7VRJxbPcl6mtUPXoX/o7sNwtQ0KIMzox0L/z5ocbcNUDSrc9gkEXOFd2Cra4c1KyO6+jJYi8p2d65qncMcZhBBVcuqP49uEgeOvODElDxN/XwbiY3T4xoXV5h+GynYwAOQJ6tL1LdrWev4jEMBx7xKRR6JvjvGo7Vks+7y/2+94fcbglUhjexe69+IAmrpgjNq8cahpdvJLwswRXTuHtIfOpWxWJsJV2Nmhv3+9m98p1+/SlOovwt78FPX7n0cKQ+VrxYES8pM3sp683xtBnMVhWA630BWWgLiBVIAgzF7BbnXpfttybxq+Rw1DWGMcDwULs7Vy6i76N2QxH2jikJOSMy/GXOhsBukK5XpRSsrAF9zYHJeoGYLPpwcL3Tc90ZQmRPQ95RWi5cDo6yYIQAE+UPMvhDr4Tmu1sDrwGzCRW2Ce/z1DNFgGL9060g0+QmFAHLxAguEMgLsHvKt9X+KbkfXvqvzKnU0zrDde5d1DD/6InGbh8uu+uMXa5ufcfK1UkuFx/KjlWXqYD/OTOVzf4Cv3KU7+pnS+KikmgqoBxyrDi33sogl4bEi40Pxl3E6Cl12pg5KNKmREJhfNKpFoZbuTuAOItsWMwiRnlluCM9yrIbp5G2ZDMKyJE7xx7HbPyHbpSI7grjVOmPJTd4g2poeK6liBao8Eig1/b8WtOo0FdKsiVFkt7MumoL1xPP8ciIVuFx/kKg2TaLzwzT6+dELl4olafDNpIszbE9moATvEjeBCP6hkr7gLGMekk54uSo7v7oYrTipp+SLY90jQT+P7w1msOhBeQ4Mw4OX3WU+Oilz7Lj+lD5QLNWgfIoianUq4zaJMQHqa65BA9ZyIAj6w2lADu839QYmmcHIEpfeB2bl4jpJ03OIPfgAPe9hFSsli1kx+zGPrL7BJXANXrDkLDnfbZ48UFc0xYzws5F55JPEL0BJ+jzWkDpvtzCEhA5KxC0w/rgCNhl1IMeW3iADbOaMKPJtl+I4OMvI/eXaY8bvDb9Nvck6OXzjX8/hV8dYLOl3ZwNaHC3Bv5mOVmWYWLwgtcdFmcHphI+Q/Lxh1KcVz5TZmqyX6Un6zE6Fo2pE5nMSpqqgLyb0yexBodWaXxeClCQDXfocJ2JVOoLaCKUJM9ujyILVbygS4I6zx6hqhX6y719IurT4C0Yuorp1MJp6O3LiREy6Tt0AtyD3GGVVW50hGIIRyQt0aBnu0N90FaD0bNgg/xcD9Nc++1GXh09NZ7GwOxwE8ryVR7ZfteVVFamRc2rAD8wTtI1xt8BfVx9Fs6sjh/dwiWqBKUVmKaTBJwu9aLc3Wb+KNphy3rc06khlVYmSNNVNWK6nq5/6xTTB4nRnkWajamqdqMc3DPW+WeA12WOv0ZYUBNqXaXCR3AfaVPcrc7l6UPaU7+uFbMnPxNbxsGfMKtKa8PmjU9dSfj5JNveZni9m2CqBRaH3rmMdpble30B3CXBD0gJixwc8myCNQcgHSehv2LfDDt1GFL0f0zs8PdxqHWnTk811Q6GdUth2KSp+hQNn/yTV+sT3q4YuCcmszh0Bkuy0M/NBtqPogpgc79QYdUj71dbzWjZrRByPoS8L6B+gV4Tax93v0301xVwEYVAjdMnrGgszAp1J6OY1UlOdzWC0ZD2JLLXNnH4/AqzZK7OxlHezNGW978B6fsir1XjoB+mFlA583h8zdlazWGc6Y7XDAoXS57xVVw39xdirbHAfiY9/5/U1WFrMaSstD/C2tYpBO87xRa7ZNpQKr2LFBX1E8EAAMiuMuMqkUCzbh0YJOBS6LI0P8S+evSbxK6kJvxgkSm6gmRA5YByzliD9zFgSuLS2ZYK3e2Y1BOdVzjglFehrtz3mYdcaDEMH2qw1TTkBIlLZqFoYYkLCWCuI8u4xthlg57tWnhY+0S5B1MBwsOpfgCSb1Pl1w1KyUsXuWCnmTe/zzFslzEpr7Gf3DDXz+T5ahUHPm9LRG9/jVbjOoW0lMgaXEmubwgoiBSl/lz2x65Fq6RjN2PTW1tHfzDqL2F+Vau9rqCCY8lL6JMsrypXSvizYVeUS7PmuBsazj/sH3BEyDA8bTGqtY3znwZmh2KFMHZzsH3ZdNlzxRjB4tzcXuVc3jkYSyl+kjnXAEazP8Wz8dWTjZfDvfi0V3i9WZ1LbSnr0YSAuTOj5WJwHB2/m+68msX9Hgg8zS/0ycNqWD7VrBbnfIbrzb+6Pfh8fklvGV/88dZ1FZ9wkos3npEQ1mYVio+T/XUZjWf5Kc9b1r7mbHoRWT4LxMbY4Bbj2EJ+NX+J2YT5WWidwsd7Ydm1fH8W0Don789WEKeU8KBEnSxtr1qgtw3RfPx9kywBxvsv9H4bg/gFuAQ3wSWbGLwSGlNYPSP0nRSS89++tLlXZHqocbWo10p/ndShA6+ZrwFZX3b5dJkiEjFs7sVjMFLM13jz5Z/+dNnWc90TqgWekw3cgOhNNJIxiv0KiDJpOW3nu30l1+k7jRl10JG0ooeINmJt/LijDR5ALD31YMET9S/xgqZChMqW2JqvHpp5EDURQJToVe6oEC4Vtfn/MgaBCjk8qnOFFrrDAQ+Q8l1pomnJE5+1K3GXP2UWws96RBaDPkBfhh4bXCkilJ4jCg+q3NDhcFt+5j0J6F74sAVDxf9zNxblVGffuACoaiwvRZeFMBVW6xtO50DPMcyR9uhzBT1X/oW9rAyRLWyWfx9HAnoOVkyABlDjJaWu5cLa/+iDGOWxM+HCYa6QpuxaVveIw4+v04R98jmQNsSPJGRiD+Yh1ktNR395B9/ZmzIJSyANkCLNdcGbrg+m+iJrtsC/7OjrWAX36ISUCrtSPtJv+xatjKieKeGfnyd5Jixe1p8Wwn/I0rcf1kYIiy5ybzmtDagAtSnVQaLSmq9WDwYbayR3NMtJ86IzwBJAOcvaitPpzL53kOQ5C1BfVVzugsupf9AFI3mhNFPbA0aGLLKGKiPRzMHzeq68SrpQjP5ItxKqvzabCEzjPjWZmznvSR+vLflGjDuHMxxGpIG9bhFtBHD5TN34cR20LsV4jScqzr00nX7FLm8cMSJhfENKoL2Q9TlYjet/GmBb6HpqM/WEkT6D7+bEMpYWredrAiNsmu1H+ns61bpV4zxfRPFugiTStMRuo1aok+mU1DVoTAdOqixKhIKXvURuI6PZ+YdcWXzc5hIC8X2QCwgWp9tiEtDvv6dQysLRm6L1KTZC9MnZ/cQaB8jJMs6HN2AhMRXxEj7OEAQFVSKrNX3Yh0FFi/Gd6HmVrpk8qpjxl5sDUaNUVFswFvwGEEtlB8ACLI1xXjw6jb6RlNQI6mamrBnNWMVauYjKWe+ODvXqLzaZi6VEawYTzLPmM4sTLIz72k1lall8hojKHVTfXcxVqC17cgA0uFlN8GR5TmArx0Llawat4HgPFf60nh87kRZxYeUt9Tj2+Fg7PFzKqzUskEMpg9XqnSiRcCLtLKe3RYxZES70t0ktPZzlWwl1aA2znUpjNDfCXb1clKBvdWFxhw/aoJdPF+NcQbdCYBAO2fGdf+8o3khEqiW72U9H4vPIBoB8mwssapOjtW9P2xx9Y94vPqzfPrBJz1hKiqKJpC+o2fg7wBUCKEYV7GOSZCkItVQSNrkgJiqn4uxs6QuGmztYYGYCTuckrOh2+006IOmP0yXg07tfJU+rLOyfM7mVu27ems6UWlkwzF8Hl1FZ/bhq1scua1abV0I1w7SNDBkGKc3CKQVRb8pT6nfTZzqOvvvRzpJ1JYm9EfroTeCWvqYOnk2kBBopH5gL7skZBJmjylvYLcD8I7Me1RUt/h7kJEubA/RNeRKLljgHo8W+zJ943YldOj8dDn9nMSWy/LrXoBElgOabVtcsfngaRpcENm4xWMCilS9VpWhPDDm20uIcyQiN9Tz8qz/RDDbicdVseu2YZRR2CNG54T8/6bS5iUbL8pXCIGH3LdFitcXV6eMZuZmHF/JUTb9ys0rHlYhXXXqqXHLLEd6yOpj/dpIsYcbyCnmkTly1kyg1QNvpPNaxMqiIhhnlRZ5TsImfxj8jL8G8FjYaGxd+vOwD4aV8ZQoYY5UlfRHorQM+N7ekIAeZ1NWuTHyhKTxMT/lQ1e+6faBYzzIwbu+mz3stVos1z/Oq8U4LXp0KjQrTxfeiZ4lfTSj8AWZRewPRqiolj2JhLPo9wv8jwBPUtlkRKyyLdOtsaGFfo9EwGVaSLm5sBmo+WVCckZLJ4hSw0LAK4ytdg9FU3PVHsHj5oJDSey+jV7KwqZrLqSogccYprLBrPYzlPMSGqIvUnibDQ5nIrg2FTCm6GuJUmthKOi1YRuVHmWA+OcEdvIpB8UsxWt4lJ71BE6kgvLeqaSBrDSQK1y8WS5uA3CAegue7w7baigqff4kjMBMetJVPmccSUylzYiwCvqCjTJnWm3WCSmcVPAcZ9R5M6x4Ylo9sYuDl55LFTIdXyz5Kuf17TzfLG4Jz91v8V2GWm0T3R+unk+y1xwJd1vbs3sMcWB5lBkhX3/xWmVcwKLFrN6kQuZbHvSSGdUzmoG7gyvaqKVdKxMLIcF34CZbKunDnUi0A43EUQ5FAyG3HH5QIjwV5cLorpElLII2+Zkb+/SIryJp0ELSjSMCrw0olrWwcSCe0EtpBDOVmv0zLWDF/ZJCrsprlMY1IQmBM4J2dt0tZkEJ1Pi6705VcMcZN4iUIXDdVvzWQp96ySNBH2c9qDp8DPtZ/tG37GKNfIpSRpGc2urP3wH/D5z88qEu6xCm0G6KgTeJW5WseGgszJ2SZt0YgEfAh8nvI/VDLqVB0+P1XBr6RgkVtuDx9BIxBBi5V1XC5KFR+VHZGs/hbKKTRd8xTXfwyaASyNBMgDvEm3laG/UdukXf+eSxyuRNQ+zrBUAksSSkVnrDtlCUcqsGmPD8XUJdIYishbijbMQKbmCZXvBlFZ0FsRZ8ZHs5P+6sH0otM4srCVUGsJDkDXBxmLQ840PxflUtZvEWZfyDdAxCoeuzUsh1rZ8eRsdKmLOjk/AddlIzrquc4978MR3e+gw2iXcjer5Pgtt2NrkaOcaD4M+ugYX/OUjfBlhWwhbY+AJnM4SfTLARaK55gyXonepjtE2jLMgpaJ6gDPUpUSbh6aclaouBdf8JkfL0J+aptCx+cSBPgBpGgrP5cLlnJXTTeNSKB8u6hro3P8bzRU+/gZtaDx3zfWaJ4Io966SXnG7ftyYJe+0v31e13+UxmUlXGKD6OrMj/KQwX/sWicVHivpIxFzPMHJhwiGbtxl1Hd8cPWCKq8Y8YyZ1D53bySOJ4zlDzv/dP97lg8oQ4/7dpxtqqKqjINPRaq0hnAgKOCQlw8ZUtGmd/TXhLYuANMPfRYbgZjcf2puDvDaMX9AGa++xXaNvAPUHBmdCzCiqCRhxAnQcBryMaLwSH2v6dgaB0Vdqqpej320Iq+Vi+LQQKzLNz6oee/KqHuuvXYwHWzbgeVajgXtnzoag0u0OO+f0kk6YDemp0YwK7F+gdUtQSxnz6waAryiIsFNjDH6n79f5GWH84kSjsm5dnH1UZAvkUB6aE/ZxCnmcknOzULtIWfbxZmmaUDBKqD7AMx3iq6yuRPWlkjQrD0x71QWyp6l/5szV0QSzWz9fsikBVTKW4BV9OXyq1Pk91qDGPPA3otNrxo6g68EE2Mmj5tN2QlWqhObVXH9b8JNydOiQ0ulMXjIMrSdyrxI8bGMCxINEP/3FidvHe8X+kkzddo6dbgIrT+sCV+uvNEnmmlKCar6iNyy1Zyng/plEz8NegNuvB59eSWfSny34RTztjuwvGRxO1qKLUr14aOUyPy0rKlpYFPtdH0nkkzE3m4vYsQM4r/gVEConAf+8CpSz0ODbszlafZ9U3VyeA3DtTGlL4CkJ4GK862GLxoM3Fj3HQ9EM0RoNobUzomQR3D5kkKUIq8FUXxysDEQsOaRCcF7yoB17qLYgDVUgFdxuH2qK2eqEp0k1v2rmv/vPcbfRgB6oRMfZQlhWBk0ZdGpIKqqAeW7Z8e1hB9K7LuAjtFZXoU+LhlXoqOv2/Wtpa/twBt3s+/ga/QAKt6Zld4LYfiZCIbrBLbIPNvcB96kdn4CAAdjZJgBdhlR+5VvocpO/76NjBrJWo8vquVLoqR+gP+Rk0H35+j5rsj189utzX0uZcSpHPiYvh6gxNJGSKuInC2RlmNeUOM56rfKpn93gfICgeI2wBMMGOa/k4+SBtKynT511eDcMQf9MXItTClRpSikL3RLFZ7tDbFUOAC4dva8Ao6HL6yDQ08Zs6T+bh5ya6JZTe71FWI/NDlz5hlNPYq+gTxvreEi8X4WOWaxJt2CON14GNC+rs/eWL0NzUUkkJETI2U4dcIjqC/heqRvS0lJXvTAyU7s7zgJQjdEOfXHCxm74FsqlUG+5alir7xiReFpzyh/+Nsdqj8mhXtlpcH4to8B3FHrlfPpV8ORTlmcmrRlR8CjH5eM7KahokoPCWyfsU4+ViK0v+YpcWIhABy7L983pVVApuSKXts1afR+0RYcVpSPLeonBS84JgJLcFPEKBq5zysjdItFc2DRcyaL8+qzxVakjDkQ5OVqbqprEAkAocUN9+uU9KA26wPnwx5yaUHZhS2bKcDP0T7yW7UKMDSQNrPzl4Thfz349hKJWzmvUSkGpDkzg1i/EwzzF8DE++piblvb5X8S4x87G/8jMasDpKSfvIwHSAMklK0Plf1fRUMH3l81HpJSNbYQ== X-IPAS-Result: A2B9AABbQ79b/wHyM5BiGwEBAQEDAQEBBwMBAQGBVAMBAQELAYFZKoFlKIxqi1dMAQEBAQEBBoo1jhSBXC8TAYkXITcKDQEDAQEBAQEBAgFsKII2JIJnAjcUIAsDAwkCQAgIAwEtFR8LBRgEgkA/gXUNp0+Ed4RihyWEIIEQgQeDdoR5ARIBbIRpIgKBKAGHOIVSQI8dBgOQSQsXkBGXaiJkcSsIAhgpSoEegU6CJhcRjiNTewEBiSaCPgEB Received: from tarius.tycho.ncsc.mil ([144.51.242.1]) by EMSM-GH1-UEA10.NCSC.MIL with ESMTP; 11 Oct 2018 12:37:24 +0000 Received: from prometheus.infosec.tycho.ncsc.mil (prometheus [192.168.25.40]) by tarius.tycho.ncsc.mil (8.14.4/8.14.4) with ESMTP id w9BCbOq4028208; Thu, 11 Oct 2018 08:37:24 -0400 Received: from tarius.tycho.ncsc.mil (tarius.infosec.tycho.ncsc.mil [144.51.242.1]) by prometheus.infosec.tycho.ncsc.mil (8.15.2/8.15.2) with ESMTP id w9BCZN80030951 for ; Thu, 11 Oct 2018 08:35:23 -0400 Received: from moss-lions.infosec.tycho.ncsc.mil (moss-lions [192.168.25.4]) by tarius.tycho.ncsc.mil (8.14.4/8.14.4) with ESMTP id w9BCZNWo028160; Thu, 11 Oct 2018 08:35:23 -0400 From: James Carter To: selinux@vger.kernel.org Date: Thu, 11 Oct 2018 08:35:45 -0400 Message-Id: <20181011123549.14875-1-jwcart2@tycho.nsa.gov> X-Mailer: git-send-email 2.17.1 Subject: [PATCH 0/4] libsepol: Cleanup initial sid handling when writing CIL and policy.conf files X-BeenThere: selinux@tycho.nsa.gov X-Mailman-Version: 2.1.21 Precedence: list List-Id: "Security-Enhanced Linux \(SELinux\) mailing list" List-Post: List-Help: Cc: selinux@tycho.nsa.gov MIME-Version: 1.0 Errors-To: selinux-bounces@tycho.nsa.gov Sender: "Selinux" X-Virus-Scanned: ClamAV using ClamSMTP [Resending because I originally only sent these to the new list] - Removes some redundent definitions of initial sid name strings - Adds range checking when looking up an initial sid name string for an index - Adds two new Xen initial sids James Carter (4): libsepol: Rename kernel_to_common.c stack functions libsepol: Eliminate initial sid string definitions in module_to_cil.c libsepol: Check that initial sid indexes are within the valid range libsepol: Add two new Xen initial SIDs libsepol/src/kernel_to_cil.c | 78 +++++++++++++++++++++------------ libsepol/src/kernel_to_common.c | 10 ++--- libsepol/src/kernel_to_common.h | 16 ++++--- libsepol/src/kernel_to_conf.c | 78 +++++++++++++++++++++------------ libsepol/src/module_to_cil.c | 78 +++++++++------------------------ 5 files changed, 136 insertions(+), 124 deletions(-)