On Tue, 31 Aug 2021 at 13:51, Dominick Grift <dominick.grift@xxxxxxxxxxx> wrote:
>
> Dominick Grift <dominick.grift@xxxxxxxxxxx> writes:
>
> > We can get into a state where selinux is enabled without a policy.
>
While testing a potential fix several questions came up:
I. What are the expected/desired outcomes after the following
configuration setups:
* invalid SELINUX=, valid SELINUXTYPE= (currently permissive,
except cmdline contains `enforcing=1` then system halt)
* valid SELINUX=, invalid SELINUXTYPE= (currently disabled if
SELINUX=disabled, system halt if SELINUX=enforcing or `enforcing=1`,
else zombie state)
II. When does the kernel considers SELinux to be *enabled*? After the
mount of a selinuxfs or after the first policy load?
With SELinux being unable to disable at runtime in the near future
and SELinux being initialized after a selinuxfs mounting, that
probably needs selinux_init_load_policy(3) to check for a valid
SELINUXTYPE= before mounting a selinuxfs.
Also selinux_init_load_policy(3) libselinux should probably reset its
state via `umount(selinux_mnt); fini_selinuxmnt();` after a
selinux_mkload_policy(3) failure.
