From patchwork Thu Jul 21 15:24:40 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 12925348 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id B8B10CCA488 for ; Thu, 21 Jul 2022 15:24:54 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229450AbiGUPYx (ORCPT ); Thu, 21 Jul 2022 11:24:53 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:37840 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230325AbiGUPYw (ORCPT ); Thu, 21 Jul 2022 11:24:52 -0400 Received: from mail-ej1-x62f.google.com (mail-ej1-x62f.google.com [IPv6:2a00:1450:4864:20::62f]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 278E47B7BA for ; Thu, 21 Jul 2022 08:24:51 -0700 (PDT) Received: by mail-ej1-x62f.google.com with SMTP id oy13so3791148ejb.1 for ; Thu, 21 Jul 2022 08:24:51 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20210112; h=from:to:subject:date:message-id:mime-version :content-transfer-encoding; bh=D23e2evORQwQTl87LF+PFyms/PEiOJ7GNcQ7WjcFOI8=; b=bqMO8lUlgD1I3AoVdAHhHQZODsI7CNe/mNA/AcNBDFpMN1TL5PhVn3d0hV1Un18RVJ rGyFfb3gIUUEVCoIaAwRWTy7I79vKtkjDgQtpAWDQhVVo1dd6+3YKqkd56Ju/Cf7IPP/ cF8374sP7kowN+LZgshq50AyW9A5pQhJ2ptH+URuJKHz0Ks8d279TjmwTuxuG+LaVk/w 5G3TaYliE9ipgZNuy4D9iqDpAR79vWL8w8v2Hv54can/uIE5btHIfffs/vfo3PtrW0VK QvoQbVlBcczF52w2R5UQBLILLq1NRUM02PAeavx+JVBFHdXGeuhx/aDvtFyRo+AUAq0r cI9g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:subject:date:message-id:mime-version :content-transfer-encoding; bh=D23e2evORQwQTl87LF+PFyms/PEiOJ7GNcQ7WjcFOI8=; b=X6rdPz28uWR2tRjdIzTAGbebDmbkmBg53kj/h2BK6SMMFOdrqY+qGV5v6PTW0IK6zx DPWobYKoQmpJaBbUfh2RbaNk/uKW+xRX/DiLFT961FkpoA/HYtXnWz6FNYbG9BE2XsEB t6KjlpvwvL2GTaueG7v6V1PM9culJAyG3vSOnFoQwQAIrXBmBvg3voN8tJuiJhSYjulD RXIY8QhWqK+Dzw1mHhxrSCJMYfy7xshKBSC2j+8LeOevq7B3Scci5BOl+2AHYy34QDwA AV9wwaBvBP3EmWiIAsTXK3HWSWb+ks8ATMnPyzwzqzFrBuUQNNWGgsZdW5VWYL3HuhkN nGHg== X-Gm-Message-State: AJIora87Hm+koT+OMRxdvtlmrSPoP5vmiTQeqvHCWIFZpaZNouqPYD66 U/CL7O2msbN+jtNpGeqsQngW0HsmQTQ7DQ== X-Google-Smtp-Source: AGRyM1uUWpwRXs6JRZvoNERR5y4PEYV5M7Sr09l+EsNNiV7qwwETeu7YdtXGDE5oQYQ/i7W9B5GSnw== X-Received: by 2002:a17:906:98ca:b0:72b:7bb4:4ebc with SMTP id zd10-20020a17090698ca00b0072b7bb44ebcmr40120414ejb.585.1658417089469; Thu, 21 Jul 2022 08:24:49 -0700 (PDT) Received: from debianHome.localdomain (dynamic-077-000-209-027.77.0.pool.telefonica.de. [77.0.209.27]) by smtp.gmail.com with ESMTPSA id d18-20020a056402079200b0043a253973aasm1163486edy.10.2022.07.21.08.24.48 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 21 Jul 2022 08:24:48 -0700 (PDT) From: =?utf-8?q?Christian_G=C3=B6ttsche?= To: selinux@vger.kernel.org Subject: [PATCH v2 1/5] libsepol: rename validate_policydb to policydb_validate Date: Thu, 21 Jul 2022 17:24:40 +0200 Message-Id: <20220721152444.31690-1-cgzones@googlemail.com> X-Mailer: git-send-email 2.36.1 MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: selinux@vger.kernel.org Most global functions operating on a policy database use policydb as prefix. Since this function is not exported there should not be any external use. Signed-off-by: Christian Göttsche Acked-by: James Carter --- libsepol/src/policydb.c | 2 +- libsepol/src/policydb_validate.c | 2 +- libsepol/src/policydb_validate.h | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/libsepol/src/policydb.c b/libsepol/src/policydb.c index fc260eb6..8a65df05 100644 --- a/libsepol/src/policydb.c +++ b/libsepol/src/policydb.c @@ -4570,7 +4570,7 @@ int policydb_read(policydb_t * p, struct policy_file *fp, unsigned verbose) } } - if (validate_policydb(fp->handle, p)) + if (policydb_validate(fp->handle, p)) goto bad; return POLICYDB_SUCCESS; diff --git a/libsepol/src/policydb_validate.c b/libsepol/src/policydb_validate.c index 99d4eb7f..e1dad236 100644 --- a/libsepol/src/policydb_validate.c +++ b/libsepol/src/policydb_validate.c @@ -1330,7 +1330,7 @@ static void validate_array_destroy(validate_t flavors[]) /* * Validate policydb */ -int validate_policydb(sepol_handle_t *handle, policydb_t *p) +int policydb_validate(sepol_handle_t *handle, policydb_t *p) { validate_t flavors[SYM_NUM] = {}; diff --git a/libsepol/src/policydb_validate.h b/libsepol/src/policydb_validate.h index d9f7229b..b7f9f191 100644 --- a/libsepol/src/policydb_validate.h +++ b/libsepol/src/policydb_validate.h @@ -4,4 +4,4 @@ #include int value_isvalid(uint32_t value, uint32_t nprim); -int validate_policydb(sepol_handle_t *handle, policydb_t *p); +int policydb_validate(sepol_handle_t *handle, policydb_t *p); From patchwork Thu Jul 21 15:24:41 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 12925349 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 24D40CCA489 for ; Thu, 21 Jul 2022 15:24:55 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229458AbiGUPYy (ORCPT ); Thu, 21 Jul 2022 11:24:54 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:37844 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231157AbiGUPYw (ORCPT ); Thu, 21 Jul 2022 11:24:52 -0400 Received: from mail-ed1-x52d.google.com (mail-ed1-x52d.google.com [IPv6:2a00:1450:4864:20::52d]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 8C3A27D7BC for ; Thu, 21 Jul 2022 08:24:51 -0700 (PDT) Received: by mail-ed1-x52d.google.com with SMTP id t3so2649193edd.0 for ; Thu, 21 Jul 2022 08:24:51 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20210112; h=from:to:subject:date:message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=3aVSf916MDtcF5XRj5uEjp8oDwGTilyw0x4YsS+vi2Y=; b=IJujrP4rHkJu8eQHnhgNjszkYxvHU3xJWw8N/ZLnLsWdL94rjFhx3w6dXpdaV3GYae 5htMHZhT1Ty1R8ByvCSiSWsC6yUcxgzXLUExb3v47MeWBCGHTt70wIFvHMIPNVfUUOT6 ffFNBdLDYWLAjx/g1PJ10//OQZ7y3D6dQFHcymPTK1p3VIwgdSEvBPqgUREz8mGcV+2A Ag89zlo5ILitWa7bGt/+4EzlzGwkHi1miHUAQViykz6CKYvb792L12CcZqvwM04mXboa 7AEZDk2TQ3ti/5hHvh7k+g9Z1BB3HlIf0xVxlNXLojQGHsC4kLGbvHYjt8lYZPZdbUiE DHhw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=3aVSf916MDtcF5XRj5uEjp8oDwGTilyw0x4YsS+vi2Y=; b=qRwNQYX1DjBul/L0Z1CzEKHNMwyjjjZo9fcwCzmoEOdflo2k0yGJiIPKdQlCtTwXX+ D7gSz29EF8aseTNzBlY5/d6i71ZvTVnL4fyP+3QJNpN0WEuh5rzkevsLt01VSQob6yYU Oz0k8ZktiuYXvTbvdH4We99txFtLTFRalWfhT5HXNdeBJMOyosUKRWMYUfgSjl+mzRD9 MZG02acCngdbanGX95R7AUsbySHs/d6zehpj8UetV/97il5ICa7PistTArb8KLC6+Cva 0M8/aobZxpx4AkpotJJN8mjbnGYDzjxTBsLlZoa9nnw3sTe7AFAWQQMfgoxBO2fforJO 8D0g== X-Gm-Message-State: AJIora/cmDbb6lgRsOBwcdHoDoNpLrsHXztNsonYCHY9Ttaul5jWEv+Z A6azEwEnDhkNyswKfA9nQ7deYzBt2T1LYg== X-Google-Smtp-Source: AGRyM1vOj/qA2quTWTSf3luXgblDLGKIuBcdzYino62t6sWaY2hy18ggkDfGiLQpo6ItFg1Lhps8sQ== X-Received: by 2002:a05:6402:2696:b0:43a:de29:96ca with SMTP id w22-20020a056402269600b0043ade2996camr58720809edd.250.1658417090046; Thu, 21 Jul 2022 08:24:50 -0700 (PDT) Received: from debianHome.localdomain (dynamic-077-000-209-027.77.0.pool.telefonica.de. [77.0.209.27]) by smtp.gmail.com with ESMTPSA id d18-20020a056402079200b0043a253973aasm1163486edy.10.2022.07.21.08.24.49 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 21 Jul 2022 08:24:49 -0700 (PDT) From: =?utf-8?q?Christian_G=C3=B6ttsche?= To: selinux@vger.kernel.org Subject: [PATCH v2 2/5] libsepol: support const avtab_t pointer in avtab_map() Date: Thu, 21 Jul 2022 17:24:41 +0200 Message-Id: <20220721152444.31690-2-cgzones@googlemail.com> X-Mailer: git-send-email 2.36.1 In-Reply-To: <20220721152444.31690-1-cgzones@googlemail.com> References: <20220721152444.31690-1-cgzones@googlemail.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: selinux@vger.kernel.org The access vector table itself is not modified in avtab_map() thus support passing a const pointer. Logically the content might be changed by the passed callback, but C does not support transitive const-ness well, and C also does not support function overloading, e.g. like for strchr(3). Signed-off-by: Christian Göttsche --- libsepol/include/sepol/policydb/avtab.h | 2 +- libsepol/src/avtab.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/libsepol/include/sepol/policydb/avtab.h b/libsepol/include/sepol/policydb/avtab.h index 10ecde9a..e4c48576 100644 --- a/libsepol/include/sepol/policydb/avtab.h +++ b/libsepol/include/sepol/policydb/avtab.h @@ -112,7 +112,7 @@ extern avtab_datum_t *avtab_search(avtab_t * h, avtab_key_t * k); extern void avtab_destroy(avtab_t * h); -extern int avtab_map(avtab_t * h, +extern int avtab_map(const avtab_t * h, int (*apply) (avtab_key_t * k, avtab_datum_t * d, void *args), void *args); diff --git a/libsepol/src/avtab.c b/libsepol/src/avtab.c index 7920b60a..82fec783 100644 --- a/libsepol/src/avtab.c +++ b/libsepol/src/avtab.c @@ -330,7 +330,7 @@ void avtab_destroy(avtab_t * h) h->mask = 0; } -int avtab_map(avtab_t * h, +int avtab_map(const avtab_t * h, int (*apply) (avtab_key_t * k, avtab_datum_t * d, void *args), void *args) { From patchwork Thu Jul 21 15:24:42 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 12925351 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 75D3CCCA487 for ; Thu, 21 Jul 2022 15:24:57 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229793AbiGUPY4 (ORCPT ); Thu, 21 Jul 2022 11:24:56 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:37932 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229620AbiGUPYz (ORCPT ); Thu, 21 Jul 2022 11:24:55 -0400 Received: from mail-ej1-x631.google.com (mail-ej1-x631.google.com [IPv6:2a00:1450:4864:20::631]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 772937969B for ; Thu, 21 Jul 2022 08:24:52 -0700 (PDT) Received: by mail-ej1-x631.google.com with SMTP id j22so3787969ejs.2 for ; Thu, 21 Jul 2022 08:24:52 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20210112; h=from:to:subject:date:message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=nphZ6wEXpB2aLpU8LjkNiRokmPuLForKnLbl4KDBZiY=; b=OLKWAxt+yovborlzuDvN3r5wpZmhl7KW1jeLYHy+d5ZzgGknNhWpcqlCyJxsN3NZtg JIjQ1AmyGDtxAvtRx8pdvRzjY4cO5/491oXtcAtsTyK2qyCR7YbEcWztxVhkBJbl6itt bFhK1YK50nZ8fQI1P+SX7ZOjZs6NPnVGCGye1XAqa90D98Y8mXsEKU4jENsq24EIMafs mfPlc3kx5i469m9bODe5mAEYhwhtmutl8Hxur0/s/zDUwMj/qjieOxNhZ8wG7sY2TT+u 4XqMSx/VJqCpd1m/+XQMATVkLrYEStiWdpsPbC70zR7eW290H9FIVO5xpcxWMoDTCB1w vAfQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=nphZ6wEXpB2aLpU8LjkNiRokmPuLForKnLbl4KDBZiY=; b=a8gIp2LzSIzwff2aIAkEDp1lOsI4Ev4IXk/NMufaRT8BbtBXA662cgK/WX+W0BYc48 QHhsxUe1vw+e4aNa93z2qceWbcc1A6aPhmwloku0bLZoacEU2af8lU5OPSv49UlEx1cW yvPDA5I3Arlhgr7abY9TmbssglkWyLJcTCBGr/WGJNERXnlyUbCaLrZ+HN1x18qHd304 QbtjLEhoBgUuNcFTMhljANTBdEwcT2vnst12vmmh7BRNUNvaX3kQn/CWziBk8+eFgYgE MM1pJzIHLYGUqjJw3tchamSVHxiDtAJ2yi+rx9lKccNdf5W8c80wvswGoHf/aW+xVmsn GStQ== X-Gm-Message-State: AJIora/Gtoi1aX1fwhfTejG9oxswenDVAljOdKgmsk+m0OGpE1esRdiy zDhddG0tqO1szdo8JYdhDWJqX2rHKqvc8g== X-Google-Smtp-Source: AGRyM1t/t/ELcJiXxD54yys5s3TTzsxb3J7oUe931+BbpM8SdBhna8Mdb9IoSsbQd528ldh2LL7d6A== X-Received: by 2002:a17:907:1b09:b0:6d8:faa8:4a06 with SMTP id mp9-20020a1709071b0900b006d8faa84a06mr40960510ejc.701.1658417090661; Thu, 21 Jul 2022 08:24:50 -0700 (PDT) Received: from debianHome.localdomain (dynamic-077-000-209-027.77.0.pool.telefonica.de. [77.0.209.27]) by smtp.gmail.com with ESMTPSA id d18-20020a056402079200b0043a253973aasm1163486edy.10.2022.07.21.08.24.50 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 21 Jul 2022 08:24:50 -0700 (PDT) From: =?utf-8?q?Christian_G=C3=B6ttsche?= To: selinux@vger.kernel.org Subject: [PATCH v2 3/5] libsepol: operate on const pointers during validation Date: Thu, 21 Jul 2022 17:24:42 +0200 Message-Id: <20220721152444.31690-3-cgzones@googlemail.com> X-Mailer: git-send-email 2.36.1 In-Reply-To: <20220721152444.31690-1-cgzones@googlemail.com> References: <20220721152444.31690-1-cgzones@googlemail.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: selinux@vger.kernel.org The actual policy should not be modified during validation, thus use const pointers. Signed-off-by: Christian Göttsche --- v2: fixed typo in commit message --- libsepol/src/policydb_validate.c | 114 +++++++++++++++---------------- libsepol/src/policydb_validate.h | 2 +- 2 files changed, 58 insertions(+), 58 deletions(-) diff --git a/libsepol/src/policydb_validate.c b/libsepol/src/policydb_validate.c index e1dad236..a567c411 100644 --- a/libsepol/src/policydb_validate.c +++ b/libsepol/src/policydb_validate.c @@ -8,7 +8,7 @@ #include "policydb_validate.h" #define bool_xor(a, b) (!(a) != !(b)) -#define bool_xnor(a, b) !bool_xor(a, b) +#define bool_xnor(a, b) (!bool_xor(a, b)) typedef struct validate { uint32_t nprim; @@ -18,7 +18,7 @@ typedef struct validate { typedef struct map_arg { validate_t *flavors; sepol_handle_t *handle; - policydb_t *policy; + const policydb_t *policy; } map_arg_t; static int create_gap_ebitmap(char **val_to_name, uint32_t nprim, ebitmap_t *gaps) @@ -46,7 +46,7 @@ static int validate_init(validate_t *flavor, char **val_to_name, uint32_t nprim) return 0; } -static int validate_array_init(policydb_t *p, validate_t flavors[]) +static int validate_array_init(const policydb_t *p, validate_t flavors[]) { if (validate_init(&flavors[SYM_CLASSES], p->p_class_val_to_name, p->p_classes.nprim)) goto bad; @@ -91,7 +91,7 @@ int value_isvalid(uint32_t value, uint32_t nprim) return 1; } -static int validate_value(uint32_t value, validate_t *flavor) +static int validate_value(uint32_t value, const validate_t *flavor) { if (!value || value > flavor->nprim) goto bad; @@ -104,7 +104,7 @@ bad: return -1; } -static int validate_ebitmap(ebitmap_t *map, validate_t *flavor) +static int validate_ebitmap(const ebitmap_t *map, const validate_t *flavor) { if (ebitmap_length(map) > 0 && ebitmap_highest_set_bit(map) >= flavor->nprim) goto bad; @@ -117,7 +117,7 @@ bad: return -1; } -static int validate_type_set(type_set_t *type_set, validate_t *type) +static int validate_type_set(const type_set_t *type_set, const validate_t *type) { if (validate_ebitmap(&type_set->types, type)) goto bad; @@ -139,7 +139,7 @@ bad: return -1; } -static int validate_empty_type_set(type_set_t *type_set) +static int validate_empty_type_set(const type_set_t *type_set) { if (!ebitmap_is_empty(&type_set->types)) goto bad; @@ -154,7 +154,7 @@ bad: return -1; } -static int validate_role_set(role_set_t *role_set, validate_t *role) +static int validate_role_set(const role_set_t *role_set, const validate_t *role) { if (validate_ebitmap(&role_set->roles, role)) goto bad; @@ -176,8 +176,8 @@ bad: static int validate_scope(__attribute__ ((unused)) hashtab_key_t k, hashtab_datum_t d, void *args) { - scope_datum_t *scope_datum = (scope_datum_t *)d; - uint32_t *nprim = (uint32_t *)args; + const scope_datum_t *scope_datum = (scope_datum_t *)d; + const uint32_t *nprim = (uint32_t *)args; unsigned int i; switch (scope_datum->scope) { @@ -199,9 +199,9 @@ bad: return -1; } -static int validate_scopes(sepol_handle_t *handle, symtab_t scopes[], avrule_block_t *block) +static int validate_scopes(sepol_handle_t *handle, const symtab_t scopes[], const avrule_block_t *block) { - avrule_decl_t *decl; + const avrule_decl_t *decl; unsigned int i; unsigned int num_decls = 0; @@ -223,9 +223,9 @@ bad: return -1; } -static int validate_constraint_nodes(sepol_handle_t *handle, unsigned int nperms, constraint_node_t *cons, validate_t flavors[]) +static int validate_constraint_nodes(sepol_handle_t *handle, unsigned int nperms, const constraint_node_t *cons, validate_t flavors[]) { - constraint_expr_t *cexp; + const constraint_expr_t *cexp; for (; cons; cons = cons->next) { if (nperms == 0 && cons->permissions != 0) @@ -339,7 +339,7 @@ bad: return -1; } -static int validate_class_datum(sepol_handle_t *handle, class_datum_t *class, validate_t flavors[]) +static int validate_class_datum(sepol_handle_t *handle, const class_datum_t *class, validate_t flavors[]) { if (validate_value(class->s.value, &flavors[SYM_CLASSES])) goto bad; @@ -405,7 +405,7 @@ static int validate_class_datum_wrapper(__attribute__((unused)) hashtab_key_t k, return validate_class_datum(margs->handle, d, margs->flavors); } -static int validate_common_datum(sepol_handle_t *handle, common_datum_t *common) +static int validate_common_datum(sepol_handle_t *handle, const common_datum_t *common) { if (common->permissions.nprim > PERM_SYMTAB_SIZE) goto bad; @@ -424,7 +424,7 @@ static int validate_common_datum_wrapper(__attribute__((unused)) hashtab_key_t k return validate_common_datum(margs->handle, d); } -static int validate_role_datum(sepol_handle_t *handle, role_datum_t *role, validate_t flavors[]) +static int validate_role_datum(sepol_handle_t *handle, const role_datum_t *role, validate_t flavors[]) { if (validate_value(role->s.value, &flavors[SYM_ROLES])) goto bad; @@ -451,7 +451,7 @@ static int validate_role_datum_wrapper(__attribute__((unused)) hashtab_key_t k, return validate_role_datum(margs->handle, d, margs->flavors); } -static int validate_type_datum(sepol_handle_t *handle, type_datum_t *type, validate_t flavors[]) +static int validate_type_datum(sepol_handle_t *handle, const type_datum_t *type, validate_t flavors[]) { if (validate_value(type->s.value, &flavors[SYM_TYPES])) goto bad; @@ -494,7 +494,7 @@ static int validate_type_datum_wrapper(__attribute__((unused)) hashtab_key_t k, return validate_type_datum(margs->handle, d, margs->flavors); } -static int validate_mls_semantic_cat(mls_semantic_cat_t *cat, validate_t *cats) +static int validate_mls_semantic_cat(const mls_semantic_cat_t *cat, const validate_t *cats) { for (; cat; cat = cat->next) { if (validate_value(cat->low, cats)) @@ -509,7 +509,7 @@ bad: return -1; } -static int validate_mls_semantic_level(mls_semantic_level_t *level, validate_t *sens, validate_t *cats) +static int validate_mls_semantic_level(const mls_semantic_level_t *level, const validate_t *sens, const validate_t *cats) { if (level->sens == 0) return 0; @@ -524,7 +524,7 @@ bad: return -1; } -static int validate_mls_semantic_range(mls_semantic_range_t *range, validate_t *sens, validate_t *cats) +static int validate_mls_semantic_range(const mls_semantic_range_t *range, const validate_t *sens, const validate_t *cats) { if (validate_mls_semantic_level(&range->level[0], sens, cats)) goto bad; @@ -537,7 +537,7 @@ bad: return -1; } -static int validate_mls_level(mls_level_t *level, validate_t *sens, validate_t *cats) +static int validate_mls_level(const mls_level_t *level, const validate_t *sens, const validate_t *cats) { if (validate_value(level->sens, sens)) goto bad; @@ -558,7 +558,7 @@ static int validate_level_datum(__attribute__ ((unused)) hashtab_key_t k, hashta return validate_mls_level(level->level, &flavors[SYM_LEVELS], &flavors[SYM_CATS]); } -static int validate_mls_range(mls_range_t *range, validate_t *sens, validate_t *cats) +static int validate_mls_range(const mls_range_t *range, const validate_t *sens, const validate_t *cats) { if (validate_mls_level(&range->level[0], sens, cats)) goto bad; @@ -571,7 +571,7 @@ static int validate_mls_range(mls_range_t *range, validate_t *sens, validate_t * return -1; } -static int validate_user_datum(sepol_handle_t *handle, user_datum_t *user, validate_t flavors[], policydb_t *p) +static int validate_user_datum(sepol_handle_t *handle, const user_datum_t *user, validate_t flavors[], const policydb_t *p) { if (validate_value(user->s.value, &flavors[SYM_USERS])) goto bad; @@ -602,7 +602,7 @@ static int validate_user_datum_wrapper(__attribute__((unused)) hashtab_key_t k, return validate_user_datum(margs->handle, d, margs->flavors, margs->policy); } -static int validate_bool_datum(sepol_handle_t *handle, cond_bool_datum_t *boolean, validate_t flavors[]) +static int validate_bool_datum(sepol_handle_t *handle, const cond_bool_datum_t *boolean, validate_t flavors[]) { if (validate_value(boolean->s.value, &flavors[SYM_BOOLS])) goto bad; @@ -637,7 +637,7 @@ static int validate_bool_datum_wrapper(__attribute__((unused)) hashtab_key_t k, return validate_bool_datum(margs->handle, d, margs->flavors); } -static int validate_datum_array_gaps(sepol_handle_t *handle, policydb_t *p, validate_t flavors[]) +static int validate_datum_array_gaps(sepol_handle_t *handle, const policydb_t *p, validate_t flavors[]) { unsigned int i; @@ -687,7 +687,7 @@ static int validate_datum(__attribute__ ((unused))hashtab_key_t k, hashtab_datum return !value_isvalid(s->value, *nprim); } -static int validate_datum_array_entries(sepol_handle_t *handle, policydb_t *p, validate_t flavors[]) +static int validate_datum_array_entries(sepol_handle_t *handle, const policydb_t *p, validate_t flavors[]) { map_arg_t margs = { flavors, handle, p }; @@ -726,7 +726,7 @@ bad: * Functions to validate a kernel policydb */ -static int validate_avtab_key(avtab_key_t *key, int conditional, validate_t flavors[]) +static int validate_avtab_key(const avtab_key_t *key, int conditional, validate_t flavors[]) { if (validate_value(key->source_type, &flavors[SYM_TYPES])) goto bad; @@ -771,7 +771,7 @@ static int validate_avtab_key_and_datum(avtab_key_t *k, avtab_datum_t *d, void * return 0; } -static int validate_avtab(sepol_handle_t *handle, avtab_t *avtab, validate_t flavors[]) +static int validate_avtab(sepol_handle_t *handle, const avtab_t *avtab, validate_t flavors[]) { if (avtab_map(avtab, validate_avtab_key_and_datum, flavors)) { ERR(handle, "Invalid avtab"); @@ -781,9 +781,9 @@ static int validate_avtab(sepol_handle_t *handle, avtab_t *avtab, validate_t fla return 0; } -static int validate_cond_av_list(sepol_handle_t *handle, cond_av_list_t *cond_av, validate_t flavors[]) +static int validate_cond_av_list(sepol_handle_t *handle, const cond_av_list_t *cond_av, validate_t flavors[]) { - avtab_ptr_t avtab_ptr; + const struct avtab_node *avtab_ptr; for (; cond_av; cond_av = cond_av->next) { for (avtab_ptr = cond_av->node; avtab_ptr; avtab_ptr = avtab_ptr->next) { @@ -797,9 +797,9 @@ static int validate_cond_av_list(sepol_handle_t *handle, cond_av_list_t *cond_av return 0; } -static int validate_avrules(sepol_handle_t *handle, avrule_t *avrule, int conditional, validate_t flavors[]) +static int validate_avrules(sepol_handle_t *handle, const avrule_t *avrule, int conditional, validate_t flavors[]) { - class_perm_node_t *class; + const class_perm_node_t *class; for (; avrule; avrule = avrule->next) { if (validate_type_set(&avrule->stypes, &flavors[SYM_TYPES])) @@ -862,7 +862,7 @@ bad: return -1; } -static int validate_bool_id_array(sepol_handle_t *handle, uint32_t bool_ids[], unsigned int nbools, validate_t *bool) +static int validate_bool_id_array(sepol_handle_t *handle, const uint32_t bool_ids[], unsigned int nbools, const validate_t *bool) { unsigned int i; @@ -881,7 +881,7 @@ bad: return -1; } -static int validate_cond_expr(sepol_handle_t *handle, struct cond_expr *expr, validate_t *bool) +static int validate_cond_expr(sepol_handle_t *handle, const struct cond_expr *expr, const validate_t *bool) { int depth = -1; @@ -922,7 +922,7 @@ bad: return -1; } -static int validate_cond_list(sepol_handle_t *handle, cond_list_t *cond, validate_t flavors[]) +static int validate_cond_list(sepol_handle_t *handle, const cond_list_t *cond, validate_t flavors[]) { for (; cond; cond = cond->next) { if (validate_cond_expr(handle, cond->expr, &flavors[SYM_BOOLS])) @@ -946,7 +946,7 @@ bad: return -1; } -static int validate_role_transes(sepol_handle_t *handle, role_trans_t *role_trans, validate_t flavors[]) +static int validate_role_transes(sepol_handle_t *handle, const role_trans_t *role_trans, validate_t flavors[]) { for (; role_trans; role_trans = role_trans->next) { if (validate_value(role_trans->role, &flavors[SYM_ROLES])) @@ -966,7 +966,7 @@ bad: return -1; } -static int validate_role_allows(sepol_handle_t *handle, role_allow_t *role_allow, validate_t flavors[]) +static int validate_role_allows(sepol_handle_t *handle, const role_allow_t *role_allow, validate_t flavors[]) { for (; role_allow; role_allow = role_allow->next) { if (validate_value(role_allow->role, &flavors[SYM_ROLES])) @@ -984,8 +984,8 @@ bad: static int validate_filename_trans(hashtab_key_t k, hashtab_datum_t d, void *args) { - filename_trans_key_t *ftk = (filename_trans_key_t *)k; - filename_trans_datum_t *ftd = d; + const filename_trans_key_t *ftk = (filename_trans_key_t *)k; + const filename_trans_datum_t *ftd = d; validate_t *flavors = (validate_t *)args; if (validate_value(ftk->ttype, &flavors[SYM_TYPES])) @@ -1015,7 +1015,7 @@ static int validate_filename_trans_hashtab(sepol_handle_t *handle, hashtab_t fil return 0; } -static int validate_context(context_struct_t *con, validate_t flavors[], int mls) +static int validate_context(const context_struct_t *con, validate_t flavors[], int mls) { if (validate_value(con->user, &flavors[SYM_USERS])) return -1; @@ -1029,9 +1029,9 @@ static int validate_context(context_struct_t *con, validate_t flavors[], int mls return 0; } -static int validate_ocontexts(sepol_handle_t *handle, policydb_t *p, validate_t flavors[]) +static int validate_ocontexts(sepol_handle_t *handle, const policydb_t *p, validate_t flavors[]) { - ocontext_t *octx; + const ocontext_t *octx; unsigned int i; for (i = 0; i < OCON_NUM; i++) { @@ -1067,10 +1067,10 @@ bad: return -1; } -static int validate_genfs(sepol_handle_t *handle, policydb_t *p, validate_t flavors[]) +static int validate_genfs(sepol_handle_t *handle, const policydb_t *p, validate_t flavors[]) { - genfs_t *genfs; - ocontext_t *octx; + const genfs_t *genfs; + const ocontext_t *octx; for (genfs = p->genfs; genfs; genfs = genfs->next) { for (octx = genfs->head; octx; octx = octx->next) { @@ -1090,7 +1090,7 @@ bad: * Functions to validate a module policydb */ -static int validate_role_trans_rules(sepol_handle_t *handle, role_trans_rule_t *role_trans, validate_t flavors[]) +static int validate_role_trans_rules(sepol_handle_t *handle, const role_trans_rule_t *role_trans, validate_t flavors[]) { for (; role_trans; role_trans = role_trans->next) { if (validate_role_set(&role_trans->roles, &flavors[SYM_ROLES])) @@ -1110,7 +1110,7 @@ bad: return -1; } -static int validate_role_allow_rules(sepol_handle_t *handle, role_allow_rule_t *role_allow, validate_t flavors[]) +static int validate_role_allow_rules(sepol_handle_t *handle, const role_allow_rule_t *role_allow, validate_t flavors[]) { for (; role_allow; role_allow = role_allow->next) { if (validate_role_set(&role_allow->roles, &flavors[SYM_ROLES])) @@ -1126,7 +1126,7 @@ bad: return -1; } -static int validate_range_trans_rules(sepol_handle_t *handle, range_trans_rule_t *range_trans, validate_t flavors[]) +static int validate_range_trans_rules(sepol_handle_t *handle, const range_trans_rule_t *range_trans, validate_t flavors[]) { for (; range_trans; range_trans = range_trans->next) { if (validate_type_set(&range_trans->stypes, &flavors[SYM_TYPES])) @@ -1146,7 +1146,7 @@ bad: return -1; } -static int validate_scope_index(sepol_handle_t *handle, scope_index_t *scope_index, validate_t flavors[]) +static int validate_scope_index(sepol_handle_t *handle, const scope_index_t *scope_index, validate_t flavors[]) { if (validate_ebitmap(&scope_index->p_classes_scope, &flavors[SYM_CLASSES])) goto bad; @@ -1173,7 +1173,7 @@ bad: } -static int validate_filename_trans_rules(sepol_handle_t *handle, filename_trans_rule_t *filename_trans, validate_t flavors[]) +static int validate_filename_trans_rules(sepol_handle_t *handle, const filename_trans_rule_t *filename_trans, validate_t flavors[]) { for (; filename_trans; filename_trans = filename_trans->next) { if (validate_type_set(&filename_trans->stypes, &flavors[SYM_TYPES])) @@ -1197,7 +1197,7 @@ bad: return -1; } -static int validate_symtabs(sepol_handle_t *handle, symtab_t symtabs[], validate_t flavors[]) +static int validate_symtabs(sepol_handle_t *handle, const symtab_t symtabs[], validate_t flavors[]) { unsigned int i; @@ -1211,9 +1211,9 @@ static int validate_symtabs(sepol_handle_t *handle, symtab_t symtabs[], validate return 0; } -static int validate_avrule_blocks(sepol_handle_t *handle, avrule_block_t *avrule_block, validate_t flavors[]) +static int validate_avrule_blocks(sepol_handle_t *handle, const avrule_block_t *avrule_block, validate_t flavors[]) { - avrule_decl_t *decl; + const avrule_decl_t *decl; for (; avrule_block; avrule_block = avrule_block->next) { for (decl = avrule_block->branch_list; decl != NULL; decl = decl->next) { @@ -1253,7 +1253,7 @@ bad: return -1; } -static int validate_permissives(sepol_handle_t *handle, policydb_t *p, validate_t flavors[]) +static int validate_permissives(sepol_handle_t *handle, const policydb_t *p, validate_t flavors[]) { ebitmap_node_t *node; unsigned i; @@ -1270,7 +1270,7 @@ bad: return -1; } -static int validate_properties(sepol_handle_t *handle, policydb_t *p) +static int validate_properties(sepol_handle_t *handle, const policydb_t *p) { switch (p->policy_type) { case POLICY_KERN: @@ -1330,7 +1330,7 @@ static void validate_array_destroy(validate_t flavors[]) /* * Validate policydb */ -int policydb_validate(sepol_handle_t *handle, policydb_t *p) +int policydb_validate(sepol_handle_t *handle, const policydb_t *p) { validate_t flavors[SYM_NUM] = {}; diff --git a/libsepol/src/policydb_validate.h b/libsepol/src/policydb_validate.h index b7f9f191..86a53168 100644 --- a/libsepol/src/policydb_validate.h +++ b/libsepol/src/policydb_validate.h @@ -4,4 +4,4 @@ #include int value_isvalid(uint32_t value, uint32_t nprim); -int policydb_validate(sepol_handle_t *handle, policydb_t *p); +int policydb_validate(sepol_handle_t *handle, const policydb_t *p); From patchwork Thu Jul 21 15:24:43 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 12925350 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id B325AC43334 for ; Thu, 21 Jul 2022 15:24:56 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231157AbiGUPY4 (ORCPT ); Thu, 21 Jul 2022 11:24:56 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:37902 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231182AbiGUPYy (ORCPT ); Thu, 21 Jul 2022 11:24:54 -0400 Received: from mail-ed1-x52a.google.com (mail-ed1-x52a.google.com [IPv6:2a00:1450:4864:20::52a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id EADA47A513 for ; Thu, 21 Jul 2022 08:24:52 -0700 (PDT) Received: by mail-ed1-x52a.google.com with SMTP id m13so2595550edc.5 for ; Thu, 21 Jul 2022 08:24:52 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20210112; h=from:to:subject:date:message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=jtpsEukWOarPt296N7+qifAxvTIycvYQfJwreC7OguE=; b=CfT7nTDBCkF/Iat4aAxthPHf+3t3g+REqiy5KrpJgxgCRjxzrTi+vUDIwfg9A7qCSK nU9qTxQy8leUvXHHOIGeOMGblLXsAn5bNJ61GUffxd+sGIjS/0PMt+i2zuOin6Mpweat N0raWMOLZ9S4vqq7v9Dkgu2ij2jzyPr+kawMpYm3BLF9UDrn81vAynklx1JL6UYPE7qV cnAtps5KugRgxl+zHPD4g7zP0lYoEqgc3nPtSSRyxh+vjOn8E3tYNZhFrWnnSoM9cgb9 Tgh1MXaKqxPe0o9tZon0CgMMHv67F8M91cbn2SU0pkERqL2LytMfa8885/5M2V3WVSqm 6Pzw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=jtpsEukWOarPt296N7+qifAxvTIycvYQfJwreC7OguE=; b=exuy9Sr11pUh6D/MnqcYAUBAQVfM1ZZ6P8oh+qI/FeC5URbaaH+8UHwiTY5Nh4EQei KPE5zR2G3W3P/JAsFrMI2q/ocZodnWwXYMAtDhCVpFnkEnQu/vKKzANewGhZzz9pXVb+ u6gsaQgzx8DerazQGfE8ZXnSwaceT92NTrtRvGaI1KpU33twC4gQVUwidGt0YNkhJrGL RXExknkxjdfDHW7a0ZNoEHMEwdO/AaqyzNairHvikxR9IsPY6bpoiBRDd3nT2YwNrDaD SBj4Xr4jDWoliKqdM4n0gpj0lXBSyN9BhS3npcv+AS6WLpfzRmnIjqvQQP3d6IMfXFJu 9KzQ== X-Gm-Message-State: AJIora/4tE7FFW361HUUGjECSuvUfEEaCA1/99q2Ff9zRgh8IgoVKQgR xK2LytB9BKU0lo8tTlmniuiya4oy7pwz2Q== X-Google-Smtp-Source: AGRyM1ut52OtudPHC9AyHFptYlrFl/hkcmHRJWZW38d1+9+EZMpoQIkIsPH2EMHwqWwq/l5IgkSXoQ== X-Received: by 2002:a05:6402:51cb:b0:43a:e94c:a841 with SMTP id r11-20020a05640251cb00b0043ae94ca841mr57939086edd.212.1658417091387; Thu, 21 Jul 2022 08:24:51 -0700 (PDT) Received: from debianHome.localdomain (dynamic-077-000-209-027.77.0.pool.telefonica.de. [77.0.209.27]) by smtp.gmail.com with ESMTPSA id d18-20020a056402079200b0043a253973aasm1163486edy.10.2022.07.21.08.24.50 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 21 Jul 2022 08:24:50 -0700 (PDT) From: =?utf-8?q?Christian_G=C3=B6ttsche?= To: selinux@vger.kernel.org Subject: [PATCH v2 4/5] libsepol: rename parameter name Date: Thu, 21 Jul 2022 17:24:43 +0200 Message-Id: <20220721152444.31690-4-cgzones@googlemail.com> X-Mailer: git-send-email 2.36.1 In-Reply-To: <20220721152444.31690-1-cgzones@googlemail.com> References: <20220721152444.31690-1-cgzones@googlemail.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: selinux@vger.kernel.org Do not use `bool` as a parameter name, for future C version support. Signed-off-by: Christian Göttsche --- libsepol/src/policydb_validate.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/libsepol/src/policydb_validate.c b/libsepol/src/policydb_validate.c index a567c411..0f399771 100644 --- a/libsepol/src/policydb_validate.c +++ b/libsepol/src/policydb_validate.c @@ -862,7 +862,7 @@ bad: return -1; } -static int validate_bool_id_array(sepol_handle_t *handle, const uint32_t bool_ids[], unsigned int nbools, const validate_t *bool) +static int validate_bool_id_array(sepol_handle_t *handle, const uint32_t bool_ids[], unsigned int nbools, const validate_t *boolean) { unsigned int i; @@ -870,7 +870,7 @@ static int validate_bool_id_array(sepol_handle_t *handle, const uint32_t bool_id goto bad; for (i=0; i < nbools; i++) { - if (validate_value(bool_ids[i], bool)) + if (validate_value(bool_ids[i], boolean)) goto bad; } @@ -881,14 +881,14 @@ bad: return -1; } -static int validate_cond_expr(sepol_handle_t *handle, const struct cond_expr *expr, const validate_t *bool) +static int validate_cond_expr(sepol_handle_t *handle, const struct cond_expr *expr, const validate_t *boolean) { int depth = -1; for (; expr; expr = expr->next) { switch(expr->expr_type) { case COND_BOOL: - if (validate_value(expr->bool, bool)) + if (validate_value(expr->bool, boolean)) goto bad; if (depth == (COND_EXPR_MAXDEPTH - 1)) goto bad; From patchwork Thu Jul 21 15:24:44 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 12925352 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 694E5CCA488 for ; Thu, 21 Jul 2022 15:24:58 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229555AbiGUPY5 (ORCPT ); Thu, 21 Jul 2022 11:24:57 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:37948 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230325AbiGUPYz (ORCPT ); Thu, 21 Jul 2022 11:24:55 -0400 Received: from mail-ej1-x631.google.com (mail-ej1-x631.google.com [IPv6:2a00:1450:4864:20::631]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 8486783F26 for ; Thu, 21 Jul 2022 08:24:53 -0700 (PDT) Received: by mail-ej1-x631.google.com with SMTP id va17so3822583ejb.0 for ; Thu, 21 Jul 2022 08:24:53 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20210112; h=from:to:subject:date:message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=DCKBvZTV4/Io5d1NpR9vQKnImkai2AbrW2529ehq13c=; b=HYz7HrUTUUFyUg5LYwifffi6gqcceudOLJBPanQVheVX3EBycXMXrRoAWWbw/XwBFX pdW2cD0x9RGCGeDXL8ylbmgN5VVmSr2Mw3EETK0u62PtirYDduUFUdIk7MVB4JwkUqrs 8UsD/5SBpoZjCdANdkz98fPS1EEoNURA5ad/DlauV8LznJtyy8RVgJy2ZruBL1E1xs6q HH714i8h2U49prCngyF4sCCO+bQO035arKvvUue1eCyhKc687Vv41T1nowq+jgXEfmO6 YR583F+uQNPsxCPRen36cwb/mweyiot3j8efWO9+WtpDeM9Ly3Dk34bp5+WQ7ZuT/1GM j3zw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=DCKBvZTV4/Io5d1NpR9vQKnImkai2AbrW2529ehq13c=; b=QYJ79gN5ElNbvwTwjet78IrV2Cqv0PmNe26gdvgJu1tnp43xUB/uetfU9x2FWkNEca gZoH+85kYxhb2tD3exrCNmMf5wITF3rDTU5oNMEJOigyeI1Has9lW+PXrJvsGRkDuMhd sxKmaTMtQblPz2i9TNKB7R1IY5FTQYxD3Hv0a/IDJluShfmZInDfiW1REfaKn7tn0EVS fidlIUYJD3ZQMpcRIGSNBRuu7KHj8xpPVMIOLs9u5P5rG3fGA7lkiJZLeJNZwjvVtmhK WKSADjCG2fKdGd0HIG+ZnAeFFxR0ggqGlRZuu2ChJXVE73c/Boa3TIUsYa2dvsqYCKxy 7QFg== X-Gm-Message-State: AJIora/Ff2F6D2EPznpJctMZZR1/zAt9R3wTnf9o49z643GM6MfSdYl8 PKyZJYu/iz6nw7LvOtZ6ng4lJCAVxZKUgQ== X-Google-Smtp-Source: AGRyM1vUVD8WcKjrWj1P4MIr+6GmwCbKtMX/c7hpEMLZyO+fBsBKW/davub7W1AnbyYqQLumeyAeAw== X-Received: by 2002:a17:907:d28:b0:72b:5cc9:99c with SMTP id gn40-20020a1709070d2800b0072b5cc9099cmr41116435ejc.228.1658417091985; Thu, 21 Jul 2022 08:24:51 -0700 (PDT) Received: from debianHome.localdomain (dynamic-077-000-209-027.77.0.pool.telefonica.de. [77.0.209.27]) by smtp.gmail.com with ESMTPSA id d18-20020a056402079200b0043a253973aasm1163486edy.10.2022.07.21.08.24.51 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 21 Jul 2022 08:24:51 -0700 (PDT) From: =?utf-8?q?Christian_G=C3=B6ttsche?= To: selinux@vger.kernel.org Subject: [PATCH v2 5/5] libsepol: more strict validation Date: Thu, 21 Jul 2022 17:24:44 +0200 Message-Id: <20220721152444.31690-5-cgzones@googlemail.com> X-Mailer: git-send-email 2.36.1 In-Reply-To: <20220721152444.31690-1-cgzones@googlemail.com> References: <20220721152444.31690-1-cgzones@googlemail.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: selinux@vger.kernel.org Validate that - each constraint has at least one expression - classes reference a valid common class identifier - the role flavor is either ROLE or ATTRIB - types reference a valid primary identifier - types refer to a raw type, not an attribute, as bounds - extended permissions in avtabs have a valid specifier - type av rules refer to a raw type (e.g. type_transition) - conditionals have at least one expression - the state and flags of conditionals are valid - filename transitions have at least one datum - low ports are not bigger than high ones in port ocontexts - genfs declarations refer to a valid class identifier - genfs declarations contains a filesystem name - filename transitions refer to a raw type - permissive types are raw ones - the range transition hashmap is valid - the type-attribute-maps are valid Signed-off-by: Christian Göttsche --- v2: only validate type_attr maps for policies since version 20 --- libsepol/src/policydb_validate.c | 259 +++++++++++++++++++++++++------ 1 file changed, 209 insertions(+), 50 deletions(-) diff --git a/libsepol/src/policydb_validate.c b/libsepol/src/policydb_validate.c index 0f399771..521ea4ff 100644 --- a/libsepol/src/policydb_validate.c +++ b/libsepol/src/policydb_validate.c @@ -48,6 +48,8 @@ static int validate_init(validate_t *flavor, char **val_to_name, uint32_t nprim) static int validate_array_init(const policydb_t *p, validate_t flavors[]) { + if (validate_init(&flavors[SYM_COMMONS], p->p_common_val_to_name, p->p_commons.nprim)) + goto bad; if (validate_init(&flavors[SYM_CLASSES], p->p_class_val_to_name, p->p_classes.nprim)) goto bad; if (validate_init(&flavors[SYM_ROLES], p->p_role_val_to_name, p->p_roles.nprim)) @@ -235,6 +237,9 @@ static int validate_constraint_nodes(sepol_handle_t *handle, unsigned int nperms if (nperms > 0 && nperms != PERM_SYMTAB_SIZE && cons->permissions >= (UINT32_C(1) << nperms)) goto bad; + if (!cons->expr) + goto bad; + for (cexp = cons->expr; cexp; cexp = cexp->next) { if (cexp->expr_type == CEXPR_NAMES) { if (cexp->attr & CEXPR_XTARGET && nperms != 0) @@ -339,10 +344,33 @@ bad: return -1; } +static int validate_common_datum(sepol_handle_t *handle, const common_datum_t *common, validate_t flavors[]) +{ + if (validate_value(common->s.value, &flavors[SYM_COMMONS])) + goto bad; + if (common->permissions.nprim > PERM_SYMTAB_SIZE) + goto bad; + + return 0; + +bad: + ERR(handle, "Invalid common class datum"); + return -1; +} + +static int validate_common_datum_wrapper(__attribute__((unused)) hashtab_key_t k, hashtab_datum_t d, void *args) +{ + map_arg_t *margs = args; + + return validate_common_datum(margs->handle, d, margs->flavors); +} + static int validate_class_datum(sepol_handle_t *handle, const class_datum_t *class, validate_t flavors[]) { if (validate_value(class->s.value, &flavors[SYM_CLASSES])) goto bad; + if (class->comdatum && validate_common_datum(handle, class->comdatum, flavors)) + goto bad; if (class->permissions.nprim > PERM_SYMTAB_SIZE) goto bad; if (validate_constraint_nodes(handle, class->permissions.nprim, class->constraints, flavors)) @@ -405,25 +433,6 @@ static int validate_class_datum_wrapper(__attribute__((unused)) hashtab_key_t k, return validate_class_datum(margs->handle, d, margs->flavors); } -static int validate_common_datum(sepol_handle_t *handle, const common_datum_t *common) -{ - if (common->permissions.nprim > PERM_SYMTAB_SIZE) - goto bad; - - return 0; - -bad: - ERR(handle, "Invalid common class datum"); - return -1; -} - -static int validate_common_datum_wrapper(__attribute__((unused)) hashtab_key_t k, hashtab_datum_t d, void *args) -{ - map_arg_t *margs = args; - - return validate_common_datum(margs->handle, d); -} - static int validate_role_datum(sepol_handle_t *handle, const role_datum_t *role, validate_t flavors[]) { if (validate_value(role->s.value, &flavors[SYM_ROLES])) @@ -437,6 +446,14 @@ static int validate_role_datum(sepol_handle_t *handle, const role_datum_t *role, if (validate_ebitmap(&role->roles, &flavors[SYM_ROLES])) goto bad; + switch(role->flavor) { + case ROLE_ROLE: + case ROLE_ATTRIB: + break; + default: + goto bad; + } + return 0; bad: @@ -451,19 +468,46 @@ static int validate_role_datum_wrapper(__attribute__((unused)) hashtab_key_t k, return validate_role_datum(margs->handle, d, margs->flavors); } -static int validate_type_datum(sepol_handle_t *handle, const type_datum_t *type, validate_t flavors[]) +static int validate_simpletype(uint32_t value, const policydb_t *p, validate_t flavors[]) { - if (validate_value(type->s.value, &flavors[SYM_TYPES])) + const type_datum_t *type; + + if (validate_value(value, &flavors[SYM_TYPES])) + goto bad; + + type = p->type_val_to_struct[value - 1]; + if (!type) goto bad; - if (validate_ebitmap(&type->types, &flavors[SYM_TYPES])) + + if (type->flavor == TYPE_ATTRIB) + goto bad; + + return 0; + +bad: + return -1; +} + +static int validate_type_datum(sepol_handle_t *handle, const type_datum_t *type, const policydb_t *p, validate_t flavors[]) +{ + if (validate_value(type->s.value, &flavors[SYM_TYPES])) goto bad; - if (type->bounds && validate_value(type->bounds, &flavors[SYM_TYPES])) + if (type->primary && validate_value(type->primary, &flavors[SYM_TYPES])) goto bad; switch (type->flavor) { case TYPE_TYPE: - case TYPE_ATTRIB: case TYPE_ALIAS: + if (!ebitmap_is_empty(&type->types)) + goto bad; + if (type->bounds && validate_simpletype(type->bounds, p, flavors)) + goto bad; + break; + case TYPE_ATTRIB: + if (validate_ebitmap(&type->types, &flavors[SYM_TYPES])) + goto bad; + if (type->bounds) + goto bad; break; default: goto bad; @@ -491,7 +535,7 @@ static int validate_type_datum_wrapper(__attribute__((unused)) hashtab_key_t k, { map_arg_t *margs = args; - return validate_type_datum(margs->handle, d, margs->flavors); + return validate_type_datum(margs->handle, d, margs->policy, margs->flavors); } static int validate_mls_semantic_cat(const mls_semantic_cat_t *cat, const validate_t *cats) @@ -758,22 +802,42 @@ bad: return -1; } +static int validate_xperms(const avtab_extended_perms_t *xperms) +{ + switch (xperms->specified) { + case AVTAB_XPERMS_IOCTLDRIVER: + case AVTAB_XPERMS_IOCTLFUNCTION: + break; + default: + goto bad; + } + + return 0; + +bad: + return -1; +} static int validate_avtab_key_and_datum(avtab_key_t *k, avtab_datum_t *d, void *args) { - validate_t *flavors = (validate_t *)args; + map_arg_t *margs = args; + + if (validate_avtab_key(k, 0, margs->flavors)) + return -1; - if (validate_avtab_key(k, 0, flavors)) + if ((k->specified & AVTAB_TYPE) && validate_simpletype(d->data, margs->policy, margs->flavors)) return -1; - if ((k->specified & AVTAB_TYPE) && validate_value(d->data, &flavors[SYM_TYPES])) + if ((k->specified & AVTAB_XPERMS) && validate_xperms(d->xperms)) return -1; return 0; } -static int validate_avtab(sepol_handle_t *handle, const avtab_t *avtab, validate_t flavors[]) +static int validate_avtab(sepol_handle_t *handle, const avtab_t *avtab, const policydb_t *p, validate_t flavors[]) { - if (avtab_map(avtab, validate_avtab_key_and_datum, flavors)) { + map_arg_t margs = { flavors, handle, p }; + + if (avtab_map(avtab, validate_avtab_key_and_datum, &margs)) { ERR(handle, "Invalid avtab"); return -1; } @@ -797,20 +861,15 @@ static int validate_cond_av_list(sepol_handle_t *handle, const cond_av_list_t *c return 0; } -static int validate_avrules(sepol_handle_t *handle, const avrule_t *avrule, int conditional, validate_t flavors[]) +static int validate_avrules(sepol_handle_t *handle, const avrule_t *avrule, int conditional, const policydb_t *p, validate_t flavors[]) { - const class_perm_node_t *class; + const class_perm_node_t *classperm; for (; avrule; avrule = avrule->next) { if (validate_type_set(&avrule->stypes, &flavors[SYM_TYPES])) goto bad; if (validate_type_set(&avrule->ttypes, &flavors[SYM_TYPES])) goto bad; - class = avrule->perms; - for (; class; class = class->next) { - if (validate_value(class->tclass, &flavors[SYM_CLASSES])) - goto bad; - } switch(avrule->specified) { case AVRULE_ALLOWED: @@ -833,6 +892,13 @@ static int validate_avrules(sepol_handle_t *handle, const avrule_t *avrule, int goto bad; } + for (classperm = avrule->perms; classperm; classperm = classperm->next) { + if (validate_value(classperm->tclass, &flavors[SYM_CLASSES])) + goto bad; + if ((avrule->specified & AVRULE_TYPE) && validate_simpletype(classperm->data, p, flavors)) + goto bad; + } + if (avrule->specified & AVRULE_XPERMS) { if (!avrule->xperms) goto bad; @@ -885,6 +951,9 @@ static int validate_cond_expr(sepol_handle_t *handle, const struct cond_expr *ex { int depth = -1; + if (!expr) + goto bad; + for (; expr; expr = expr->next) { switch(expr->expr_type) { case COND_BOOL: @@ -922,7 +991,7 @@ bad: return -1; } -static int validate_cond_list(sepol_handle_t *handle, const cond_list_t *cond, validate_t flavors[]) +static int validate_cond_list(sepol_handle_t *handle, const cond_list_t *cond, const policydb_t *p, validate_t flavors[]) { for (; cond; cond = cond->next) { if (validate_cond_expr(handle, cond->expr, &flavors[SYM_BOOLS])) @@ -931,12 +1000,28 @@ static int validate_cond_list(sepol_handle_t *handle, const cond_list_t *cond, v goto bad; if (validate_cond_av_list(handle, cond->false_list, flavors)) goto bad; - if (validate_avrules(handle, cond->avtrue_list, 1, flavors)) + if (validate_avrules(handle, cond->avtrue_list, 1, p, flavors)) goto bad; - if (validate_avrules(handle, cond->avfalse_list, 1, flavors)) + if (validate_avrules(handle, cond->avfalse_list, 1, p, flavors)) goto bad; if (validate_bool_id_array(handle, cond->bool_ids, cond->nbools, &flavors[SYM_BOOLS])) goto bad; + + switch (cond->cur_state) { + case 0: + case 1: + break; + default: + goto bad; + } + + switch (cond->flags) { + case 0: + case COND_NODE_FLAGS_TUNABLE: + break; + default: + goto bad; + } } return 0; @@ -992,6 +1077,8 @@ static int validate_filename_trans(hashtab_key_t k, hashtab_datum_t d, void *arg goto bad; if (validate_value(ftk->tclass, &flavors[SYM_CLASSES])) goto bad; + if (!ftd) + goto bad; for (; ftd; ftd = ftd->next) { if (validate_ebitmap(&ftd->stypes, &flavors[SYM_TYPES])) goto bad; @@ -1046,6 +1133,10 @@ static int validate_ocontexts(sepol_handle_t *handle, const policydb_t *p, valid if (validate_context(&octx->context[1], flavors, p->mls)) goto bad; break; + case OCON_PORT: + if (octx->u.port.low_port > octx->u.port.high_port) + goto bad; + break; case OCON_FSUSE: switch (octx->v.behavior) { case SECURITY_FS_USE_XATTR: @@ -1076,7 +1167,12 @@ static int validate_genfs(sepol_handle_t *handle, const policydb_t *p, validate_ for (octx = genfs->head; octx; octx = octx->next) { if (validate_context(&octx->context[0], flavors, p->mls)) goto bad; + if (octx->v.sclass && validate_value(octx->v.sclass, &flavors[SYM_CLASSES])) + goto bad; } + + if (!genfs->fstype) + goto bad; } return 0; @@ -1173,7 +1269,7 @@ bad: } -static int validate_filename_trans_rules(sepol_handle_t *handle, const filename_trans_rule_t *filename_trans, validate_t flavors[]) +static int validate_filename_trans_rules(sepol_handle_t *handle, const filename_trans_rule_t *filename_trans, const policydb_t *p, validate_t flavors[]) { for (; filename_trans; filename_trans = filename_trans->next) { if (validate_type_set(&filename_trans->stypes, &flavors[SYM_TYPES])) @@ -1182,7 +1278,7 @@ static int validate_filename_trans_rules(sepol_handle_t *handle, const filename_ goto bad; if (validate_value(filename_trans->tclass,&flavors[SYM_CLASSES] )) goto bad; - if (validate_value(filename_trans->otype, &flavors[SYM_TYPES])) + if (validate_simpletype(filename_trans->otype, p, flavors)) goto bad; /* currently only the RULE_SELF flag can be set */ @@ -1211,15 +1307,15 @@ static int validate_symtabs(sepol_handle_t *handle, const symtab_t symtabs[], va return 0; } -static int validate_avrule_blocks(sepol_handle_t *handle, const avrule_block_t *avrule_block, validate_t flavors[]) +static int validate_avrule_blocks(sepol_handle_t *handle, const avrule_block_t *avrule_block, const policydb_t *p, validate_t flavors[]) { const avrule_decl_t *decl; for (; avrule_block; avrule_block = avrule_block->next) { for (decl = avrule_block->branch_list; decl != NULL; decl = decl->next) { - if (validate_cond_list(handle, decl->cond_list, flavors)) + if (validate_cond_list(handle, decl->cond_list, p, flavors)) goto bad; - if (validate_avrules(handle, decl->avrules, 0, flavors)) + if (validate_avrules(handle, decl->avrules, 0, p, flavors)) goto bad; if (validate_role_trans_rules(handle, decl->role_tr_rules, flavors)) goto bad; @@ -1231,7 +1327,7 @@ static int validate_avrule_blocks(sepol_handle_t *handle, const avrule_block_t * goto bad; if (validate_scope_index(handle, &decl->declared, flavors)) goto bad; - if (validate_filename_trans_rules(handle, decl->filename_trans_rules, flavors)) + if (validate_filename_trans_rules(handle, decl->filename_trans_rules, p, flavors)) goto bad; if (validate_symtabs(handle, decl->symtab, flavors)) goto bad; @@ -1259,7 +1355,7 @@ static int validate_permissives(sepol_handle_t *handle, const policydb_t *p, val unsigned i; ebitmap_for_each_positive_bit(&p->permissive_map, node, i) { - if (validate_value(i, &flavors[SYM_TYPES])) + if (validate_simpletype(i, p, flavors)) goto bad; } @@ -1270,6 +1366,61 @@ bad: return -1; } +static int validate_range_transition(hashtab_key_t key, hashtab_datum_t data, void *args) +{ + const range_trans_t *rt = (const range_trans_t *)key; + const mls_range_t *r = data; + const map_arg_t *margs = args; + const validate_t *flavors = margs->flavors; + + if (validate_value(rt->source_type, &flavors[SYM_TYPES])) + goto bad; + if (validate_value(rt->target_type, &flavors[SYM_TYPES])) + goto bad; + if (validate_value(rt->target_class, &flavors[SYM_CLASSES])) + goto bad; + + if (validate_mls_range(r, &flavors[SYM_LEVELS], &flavors[SYM_CATS])) + goto bad; + + return 0; + +bad: + return -1; +} + +static int validate_range_transitions(sepol_handle_t *handle, const policydb_t *p, validate_t flavors[]) +{ + map_arg_t margs = { flavors, handle, p }; + + if (hashtab_map(p->range_tr, validate_range_transition, &margs)) { + ERR(handle, "Invalid range transition"); + return -1; + } + + return 0; +} + +static int validate_typeattr_map(sepol_handle_t *handle, const policydb_t *p, validate_t flavors[]) +{ + const ebitmap_t *maps = p->type_attr_map; + unsigned int i; + + if (p->policy_type == POLICY_KERN) { + for (i = 0; i < p->p_types.nprim; i++) { + if (validate_ebitmap(&maps[i], &flavors[SYM_TYPES])) + goto bad; + } + } else if (maps) + goto bad; + + return 0; + +bad: + ERR(handle, "Invalid type attr map"); + return -1; +} + static int validate_properties(sepol_handle_t *handle, const policydb_t *p) { switch (p->policy_type) { @@ -1341,10 +1492,10 @@ int policydb_validate(sepol_handle_t *handle, const policydb_t *p) goto bad; if (p->policy_type == POLICY_KERN) { - if (validate_avtab(handle, &p->te_avtab, flavors)) + if (validate_avtab(handle, &p->te_avtab, p, flavors)) goto bad; if (p->policyvers >= POLICYDB_VERSION_BOOL) - if (validate_cond_list(handle, p->cond_list, flavors)) + if (validate_cond_list(handle, p->cond_list, p, flavors)) goto bad; if (validate_role_transes(handle, p->role_tr, flavors)) goto bad; @@ -1354,7 +1505,7 @@ int policydb_validate(sepol_handle_t *handle, const policydb_t *p) if (validate_filename_trans_hashtab(handle, p->filename_trans, flavors)) goto bad; } else { - if (validate_avrule_blocks(handle, p->global, flavors)) + if (validate_avrule_blocks(handle, p->global, p, flavors)) goto bad; } @@ -1376,6 +1527,14 @@ int policydb_validate(sepol_handle_t *handle, const policydb_t *p) if (validate_permissives(handle, p, flavors)) goto bad; + if (validate_range_transitions(handle, p, flavors)) + goto bad; + + if (p->policyvers >= POLICYDB_VERSION_AVTAB) { + if (validate_typeattr_map(handle, p, flavors)) + goto bad; + } + validate_array_destroy(flavors); return 0;