[RFC,3/3] cil: qualify roles from symtable when resolving userprefix

Commit Message

Dac Override Nov. 23, 2019, 2:42 p.m. UTC

This ensures that the role in the userprefix statement is valid. Idea and implementation by Gary Tierney.

Signed-off-by: Dominick Grift <dac.override@gmail.com>
---
 libsepol/cil/src/cil.c             |  7 +++++--
 libsepol/cil/src/cil_internal.h    |  1 +
 libsepol/cil/src/cil_resolve_ast.c | 10 ++++------
 3 files changed, 10 insertions(+), 8 deletions(-)

Patch

diff --git a/libsepol/cil/src/cil.c b/libsepol/cil/src/cil.c
index de729cf8..aa3057ad 100644
--- a/libsepol/cil/src/cil.c
+++ b/libsepol/cil/src/cil.c
@@ -1218,6 +1218,7 @@  int cil_userprefixes_to_string_nopdb(struct cil_db *db, char **out, size_t *size
 	struct cil_list_item *curr;
 	struct cil_userprefix *userprefix = NULL;
 	struct cil_user *user = NULL;
+	struct cil_role *role = NULL;
 
 	*out = NULL;
 
@@ -1230,7 +1231,8 @@  int cil_userprefixes_to_string_nopdb(struct cil_db *db, char **out, size_t *size
 	cil_list_for_each(curr, db->userprefixes) {
 		userprefix = curr->data;
 		user = userprefix->user;
-		str_len += strlen("user ") + strlen(user->datum.fqn) + strlen(" prefix ") + strlen(userprefix->prefix_str) + 2;
+		role = userprefix->role;
+		str_len += strlen("user ") + strlen(user->datum.fqn) + strlen(" prefix ") + strlen(role->datum.fqn) + 2;
 	}
 
 	*size = str_len * sizeof(char);
@@ -1241,9 +1243,10 @@  int cil_userprefixes_to_string_nopdb(struct cil_db *db, char **out, size_t *size
 	cil_list_for_each(curr, db->userprefixes) {
 		userprefix = curr->data;
 		user = userprefix->user;
+		role = userprefix->role;
 
 		buf_pos = snprintf(str_tmp, str_len, "user %s prefix %s;\n", user->datum.fqn,
-									userprefix->prefix_str);
+				   role->datum.fqn);
 		str_len -= buf_pos;
 		str_tmp += buf_pos;
 	}
diff --git a/libsepol/cil/src/cil_internal.h b/libsepol/cil/src/cil_internal.h
index 30fab649..e52a4285 100644
--- a/libsepol/cil/src/cil_internal.h
+++ b/libsepol/cil/src/cil_internal.h
@@ -481,6 +481,7 @@  struct cil_userprefix {
 	char *user_str;
 	struct cil_user *user;
 	char *prefix_str;
+	struct cil_role *role;
 };
 
 struct cil_selinuxuser {
diff --git a/libsepol/cil/src/cil_resolve_ast.c b/libsepol/cil/src/cil_resolve_ast.c
index 87575860..28f3b418 100644
--- a/libsepol/cil/src/cil_resolve_ast.c
+++ b/libsepol/cil/src/cil_resolve_ast.c
@@ -952,7 +952,7 @@  int cil_resolve_userprefix(struct cil_tree_node *current, void *extra_args)
 {
 	struct cil_userprefix *userprefix = current->data;
 	struct cil_symtab_datum *user_datum = NULL;
-	struct cil_tree_node *user_node = NULL;
+	struct cil_symtab_datum *role_datum = NULL;
 	int rc = SEPOL_ERR;
 
 	rc = cil_resolve_name(current, userprefix->user_str, CIL_SYM_USERS, extra_args, &user_datum);
@@ -960,15 +960,13 @@  int cil_resolve_userprefix(struct cil_tree_node *current, void *extra_args)
 		goto exit;
 	}
 
-	user_node = user_datum->nodes->head->data;
-
-	if (user_node->flavor != CIL_USER) {
-		cil_log(CIL_ERR, "Userprefix must be a user: %s\n", user_datum->fqn);
-		rc = SEPOL_ERR;
+	rc = cil_resolve_name(current, userprefix->prefix_str, CIL_SYM_ROLES, extra_args, &role_datum);
+	if (rc != SEPOL_OK) {
 		goto exit;
 	}
 
 	userprefix->user = (struct cil_user*)user_datum;
+	userprefix->role = (struct cil_role*)role_datum;
 
 exit:
 	return rc;