Problems fixed:
1) Fix core dump when building CIL policy (corrupted double-linked list)
by Steve Lawrence <slawrence@xxxxxxxxxx>
2) Binary policy failed to read with devicetreecon statement.
3) Free path name - With a Xen policy running secilc/valgrind
there are no memory errors.
Also added devicetreecon statement to CIL policy.cil and updated the CIL
Reference Guide.
Signed-off-by: Richard Haines <richard_c_haines@xxxxxxxxxxxxxx>
---
libsepol/cil/docs/cil_xen_statements.xml | 44 ++++++++++++++++++++++++++++++++
libsepol/cil/src/cil_build_ast.c | 2 --
libsepol/cil/test/policy.cil | 1 +
libsepol/src/policydb.c | 6 +++--
4 files changed, 49 insertions(+), 4 deletions(-)
diff --git a/libsepol/cil/docs/cil_xen_statements.xml b/libsepol/cil/docs/cil_xen_statements.xml
index 1035b68..c72ef6c 100644
--- a/libsepol/cil/docs/cil_xen_statements.xml
+++ b/libsepol/cil/docs/cil_xen_statements.xml
@@ -3,6 +3,7 @@
<sect1>
<title>Xen Statements</title>
+ <para>Policy version 30 introduced the <literal><link linkend="devicetreecon">devicetreecon</link></literal> statement and also expanded the existing I/O memory range to 64 bits in order to support hardware with more than 44 bits of physical address space (32-bit count of 4K pages).</para>
<para>See the <ulink url="http://xenbits.xen.org/docs/4.2-testing/misc/xsm-flask.txt";>"XSM/FLASK Configuration"</ulink> document for further information (<ulink url="http://xenbits.xen.org/docs/4.2-testing/misc/xsm-flask.txt";></ulink>)</para>
<sect2 id="iomemcon">
<title>iomemcon</title>
@@ -180,4 +181,47 @@
<programlisting><![CDATA[(pirqcon 33 (unconfined.user object_r unconfined.object low_low))]]></programlisting>
</sect2>
+ <sect2 id="devicetreecon">
+ <title>devicetreecon</title>
+ <para>Label device tree nodes.</para>
+ <para><emphasis role="bold">Statement definition:</emphasis></para>
+ <programlisting><![CDATA[(devicetreecon path context_id)]]></programlisting>
+ <para><emphasis role="bold">Where:</emphasis></para>
+ <informaltable frame="all">
+ <tgroup cols="2">
+ <colspec colwidth="2 *"/>
+ <colspec colwidth="6 *"/>
+ <tbody>
+ <row>
+ <entry>
+ <para><literal>devicetreecon</literal></para>
+ </entry>
+ <entry>
+ <para>The <literal>devicetreecon</literal> keyword.</para>
+ </entry>
+ </row>
+ <row>
+ <entry>
+ <para><literal>path</literal></para>
+ </entry>
+ <entry>
+ <para>The device tree path. If this contains spaces enclose within <literal>""</literal>.</para>
+ </entry>
+ </row>
+ <row>
+ <entry>
+ <para><literal>context_id</literal></para>
+ </entry>
+ <entry>
+ <para>A previously declared <literal><link linkend="context">context</link></literal> identifier or an anonymous security context (<literal><link linkend="user">user</link> <link linkend="role">role</link> <link linkend="type">type</link> <link linkend="levelrange">levelrange</link></literal>), the range MUST be defined whether the policy is MLS/MCS enabled or not.</para>
+ </entry>
+ </row>
+ </tbody></tgroup>
+ </informaltable>
+
+ <para><emphasis role="bold">Example:</emphasis></para>
+ <para>An anonymous context for the specified path:</para>
+ <programlisting><![CDATA[(devicetreecon "/this is/a/path" (unconfined.user object_r unconfined.object low_low))]]></programlisting>
+ </sect2>
+
</sect1>
diff --git a/libsepol/cil/src/cil_build_ast.c b/libsepol/cil/src/cil_build_ast.c
index 973b2d7..92c3e09 100644
--- a/libsepol/cil/src/cil_build_ast.c
+++ b/libsepol/cil/src/cil_build_ast.c
@@ -4583,8 +4583,6 @@ void cil_destroy_devicetreecon(struct cil_devicetreecon *devicetreecon)
return;
}
- free(devicetreecon->path);
-
if (devicetreecon->context_str == NULL && devicetreecon->context != NULL) {
cil_destroy_context(devicetreecon->context);
}
diff --git a/libsepol/cil/test/policy.cil b/libsepol/cil/test/policy.cil
index 9c76cad..25c8545 100644
--- a/libsepol/cil/test/policy.cil
+++ b/libsepol/cil/test/policy.cil
@@ -250,6 +250,7 @@
(iomemcon (0 255) system_u_bin_t_l2h)
(ioportcon (22 22) system_u_bin_t_l2h)
(pcidevicecon 345 system_u_bin_t_l2h)
+ (devicetreecon "/this is/a/path" system_u_bin_t_l2h)
(constrain (files (read)) (not (or (and (eq t1 exec_t) (eq t2 bin_t)) (eq r1 r2))))
(constrain char_w (not (or (and (eq t1 exec_t) (eq t2 bin_t)) (eq r1 r2))))
diff --git a/libsepol/src/policydb.c b/libsepol/src/policydb.c
index b45b662..d1c0018 100644
--- a/libsepol/src/policydb.c
+++ b/libsepol/src/policydb.c
@@ -1274,7 +1274,7 @@ void ocontext_xen_free(ocontext_t **ocontexts)
c = c->next;
context_destroy(&ctmp->context[0]);
context_destroy(&ctmp->context[1]);
- if (i == OCON_ISID)
+ if (i == OCON_ISID || i == OCON_XEN_DEVICETREE)
free(ctmp->u.name);
free(ctmp);
}
@@ -2559,11 +2559,13 @@ static int ocontext_read_xen(struct policydb_compat_info *info,
rc = next_entry(buf, fp, sizeof(uint32_t));
if (rc < 0)
return -1;
- len = le32_to_cpu(buf[1]);
+ len = le32_to_cpu(buf[0]);
c->u.name = malloc(len + 1);
if (!c->u.name)
return -1;
rc = next_entry(c->u.name, fp, len);
+ if (rc < 0)
+ return -1;
c->u.name[len] = 0;
if (context_read_and_validate
(&c->context[0], p, fp))
--
2.1.0
_______________________________________________
Selinux mailing list
Selinux@xxxxxxxxxxxxx
To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx.
To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx.
