[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-devel] [PATCH] libsepol: Fix building Xen policy with devicetreecon



Problems fixed:
1) Fix core dump when building CIL policy (corrupted double-linked list)
   by Steve Lawrence <slawrence@xxxxxxxxxx>
2) Binary policy failed to read with devicetreecon statement.
3) Free path name - With a Xen policy running secilc/valgrind
   there are no memory errors.

Also added devicetreecon statement to CIL policy.cil and updated the CIL
Reference Guide.

Signed-off-by: Richard Haines <richard_c_haines@xxxxxxxxxxxxxx>
---
 libsepol/cil/docs/cil_xen_statements.xml | 44 ++++++++++++++++++++++++++++++++
 libsepol/cil/src/cil_build_ast.c         |  2 --
 libsepol/cil/test/policy.cil             |  1 +
 libsepol/src/policydb.c                  |  6 +++--
 4 files changed, 49 insertions(+), 4 deletions(-)

diff --git a/libsepol/cil/docs/cil_xen_statements.xml 
b/libsepol/cil/docs/cil_xen_statements.xml
index 1035b68..c72ef6c 100644
--- a/libsepol/cil/docs/cil_xen_statements.xml
+++ b/libsepol/cil/docs/cil_xen_statements.xml
@@ -3,6 +3,7 @@
 
    <sect1>
       <title>Xen Statements</title>
+      <para>Policy version 30 introduced the <literal><link 
linkend="devicetreecon">devicetreecon</link></literal> statement and also 
expanded the existing I/O memory range to 64 bits in order to support hardware 
with more than 44 bits of physical address space (32-bit count of 4K 
pages).</para>
       <para>See the <ulink 
url="http://xenbits.xen.org/docs/4.2-testing/misc/xsm-flask.txt";>"XSM/FLASK 
Configuration"</ulink> document for further information (<ulink 
url="http://xenbits.xen.org/docs/4.2-testing/misc/xsm-flask.txt";></ulink>)</para>
       <sect2 id="iomemcon">
          <title>iomemcon</title>
@@ -180,4 +181,47 @@
          <programlisting><![CDATA[(pirqcon 33 (unconfined.user object_r 
unconfined.object low_low))]]></programlisting>
       </sect2>
 
+      <sect2 id="devicetreecon">
+         <title>devicetreecon</title>
+         <para>Label device tree nodes.</para>
+         <para><emphasis role="bold">Statement definition:</emphasis></para>
+         <programlisting><![CDATA[(devicetreecon path 
context_id)]]></programlisting>
+         <para><emphasis role="bold">Where:</emphasis></para>
+         <informaltable frame="all">
+            <tgroup cols="2">
+            <colspec colwidth="2 *"/>
+            <colspec colwidth="6 *"/>
+               <tbody>
+               <row>
+                  <entry>
+                     <para><literal>devicetreecon</literal></para>
+                  </entry>
+                  <entry>
+                     <para>The <literal>devicetreecon</literal> keyword.</para>
+                  </entry>
+               </row>
+               <row>
+                  <entry>
+                     <para><literal>path</literal></para>
+                  </entry>
+                  <entry>
+                     <para>The device tree path. If this contains spaces 
enclose within <literal>""</literal>.</para>
+                  </entry>
+               </row>
+               <row>
+                  <entry>
+                     <para><literal>context_id</literal></para>
+                  </entry>
+                  <entry>
+                     <para>A previously declared <literal><link 
linkend="context">context</link></literal> identifier or an anonymous security 
context (<literal><link linkend="user">user</link> <link 
linkend="role">role</link> <link linkend="type">type</link> <link 
linkend="levelrange">levelrange</link></literal>), the range MUST be defined 
whether the policy is MLS/MCS enabled or not.</para>
+                  </entry>
+               </row>
+            </tbody></tgroup>
+         </informaltable>
+
+         <para><emphasis role="bold">Example:</emphasis></para>
+         <para>An anonymous context for the specified path:</para>
+         <programlisting><![CDATA[(devicetreecon "/this is/a/path" 
(unconfined.user object_r unconfined.object low_low))]]></programlisting>
+      </sect2>
+
    </sect1>
diff --git a/libsepol/cil/src/cil_build_ast.c b/libsepol/cil/src/cil_build_ast.c
index 973b2d7..92c3e09 100644
--- a/libsepol/cil/src/cil_build_ast.c
+++ b/libsepol/cil/src/cil_build_ast.c
@@ -4583,8 +4583,6 @@ void cil_destroy_devicetreecon(struct cil_devicetreecon 
*devicetreecon)
                return;
        }
 
-       free(devicetreecon->path);
-
        if (devicetreecon->context_str == NULL && devicetreecon->context != 
NULL) {
                cil_destroy_context(devicetreecon->context);
        }
diff --git a/libsepol/cil/test/policy.cil b/libsepol/cil/test/policy.cil
index 9c76cad..25c8545 100644
--- a/libsepol/cil/test/policy.cil
+++ b/libsepol/cil/test/policy.cil
@@ -250,6 +250,7 @@
        (iomemcon (0 255) system_u_bin_t_l2h)
        (ioportcon (22 22) system_u_bin_t_l2h)
        (pcidevicecon 345 system_u_bin_t_l2h)
+       (devicetreecon "/this is/a/path" system_u_bin_t_l2h)
 
        (constrain (files (read)) (not (or (and (eq t1 exec_t) (eq t2 bin_t)) 
(eq r1 r2))))
        (constrain char_w (not (or (and (eq t1 exec_t) (eq t2 bin_t)) (eq r1 
r2))))
diff --git a/libsepol/src/policydb.c b/libsepol/src/policydb.c
index b45b662..d1c0018 100644
--- a/libsepol/src/policydb.c
+++ b/libsepol/src/policydb.c
@@ -1274,7 +1274,7 @@ void ocontext_xen_free(ocontext_t **ocontexts)
                        c = c->next;
                        context_destroy(&ctmp->context[0]);
                        context_destroy(&ctmp->context[1]);
-                       if (i == OCON_ISID)
+                       if (i == OCON_ISID || i == OCON_XEN_DEVICETREE)
                                free(ctmp->u.name);
                        free(ctmp);
                }
@@ -2559,11 +2559,13 @@ static int ocontext_read_xen(struct 
policydb_compat_info *info,
                                rc = next_entry(buf, fp, sizeof(uint32_t));
                                if (rc < 0)
                                        return -1;
-                               len = le32_to_cpu(buf[1]);
+                               len = le32_to_cpu(buf[0]);
                                c->u.name = malloc(len + 1);
                                if (!c->u.name)
                                        return -1;
                                rc = next_entry(c->u.name, fp, len);
+                               if (rc < 0)
+                                       return -1;
                                c->u.name[len] = 0;
                                if (context_read_and_validate
                                    (&c->context[0], p, fp))
-- 
2.1.0


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel


 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.