On Wed, 8 Jun 2022 at 21:16, Nicolas Iooss <nicolas.iooss@xxxxxxx> wrote:
>
> On Tue, Jun 7, 2022 at 5:02 PM Christian Göttsche
> <cgzones@xxxxxxxxxxxxxx> wrote:
> >
> > Users are allowed to be declared in modules. Modules do not get expanded
> > leaving the `struct user_datum` members `exp_range` and `exp_dfltlevel`
> > empty.
> > Do no validate the expanded range and level for modular polices.
> >
> > Reported-by: bauen1 <j2468h@xxxxxxxxx>
> > Signed-off-by: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
> > ---
> > libsepol/src/policydb_validate.c | 12 ++++++------
> > 1 file changed, 6 insertions(+), 6 deletions(-)
> >
> > diff --git a/libsepol/src/policydb_validate.c b/libsepol/src/policydb_validate.c
> > index da18282b..99d4eb7f 100644
> > --- a/libsepol/src/policydb_validate.c
> > +++ b/libsepol/src/policydb_validate.c
> > @@ -18,7 +18,7 @@ typedef struct validate {
> > typedef struct map_arg {
> > validate_t *flavors;
> > sepol_handle_t *handle;
> > - int mls;
> > + policydb_t *policy;
> > } map_arg_t;
>
> Hello,
> As the policy is not modified, could this pointer be "const policydb_t
> *policy;"? (And the last parameter of validate_user_datum be "const
> policydb_t *p"). On the other hand, as policydb_validate.c does not
> use any const pointer, feel free to disregard my comment.
>
Since policydb_validate.c does not use const pointer at all yet I
followed that style.
I might prepare a patch to constify all pointers and refactor the
logging mechanism,
since I like to add validation into the kernel to avoid crashes like
[1], especially
if SELinux gets namespace support [2].
[1]: https://github.com/SELinuxProject/selinux-testsuite/issues/76
[2]: https://patchwork.kernel.org/project/selinux/list/?series=632975
> This patch nevertheless looks good to me too.
> Thanks!
> Nicolas
>
