>>What do you mean by "partition number is not fixed"?
It is specified in general partition table which can change from time to
time. For example, partition in question may be /dev/block/mmcblk0p2 in one
table (or build) while it could be /dev/block/mmcblk0p30 in another.
>> When and how does it get assigned?
I dont know how it gets decided whether it is going to be /dev/block/mmcblk0p2
or /dev/block/mmcblk0p30 or something else. XML file mentions all the
partitions names and sized required and a tool would generate the partition
table.
As you explained how a final label is assigned to a file, is it possible
that a file can have multiple labels, may not be in security.selinux but in
memory. If a file has associated links (not sure if it is other way
around), check the rule against rules stored in memory as well.
Example:
/dev/block/mmcblk0pN has a label partitionN_label
/path/mylink1 has label link1_label
/path/mylink2 has label link2_label
Assume both link points to /dev/block/mmcblk0pN
mylink1 -> /dev/block/mmcblk0pN
mylink1 -> /dev/block/mmcblk0pN
Now daemon1.te has following rule
allow daemon1 link1_label:chr_file {read write ...}
In current scenario security.selinux of file would have partitionN_label.
Hence, whenever daemon1 tries to access the file, it does not have
permission and denial would come. But if for links, we can store rule in
memory and check as follows:
daemon1 tries to open mylink1:
if (resource is link type && !match(rule for file_attr)
check_rules_from_memory(mylink1, current_process)
I am just throwing ideas, not sure about if this is possible.
Thanks,
Dinesh
On Tue, Jun 10, 2014 at 12:48 PM, Stephen Smalley <s...@tycho.nsa.gov> wrote:
> On 06/10/2014 03:35 PM, Dinesh Garg wrote:
> > Since partition number is not fixed, following hammerhead example would
> > lead to providing access to all partitions eventually. This would be no
> > better than rule created using denial logs.
> >
> > Similarly, specifying real path in policy is not possible.
> >
> > I am not sure if xattr supports storing multiple labels for the same
> > file. In that case, labels for symlinks can be stored in the same node.
>
> What do you mean by "partition number is not fixed"? When and how does
> it get assigned?
>
> You can only set a single security.selinux attribute on a given file.
>
> The labels to assign when the files are created by ueventd are
> determined from the file_contexts configuration. So, one could modify
> ueventd to take the link names, look them up, and use the context
> specified for them instead of the context specified for the device node
> path. But how do you know which one to use if there are multiple links
> to the device node, or how do you know which one to use if there is an
> entry for the link name and for the device path in file_contexts? Which
> one wins? (And since everything will at least match /dev/(/.*)?, we'd
> have to explicitly check for that in ueventd and treat it as a no-match
> to distinguish when an entry is specified).
>
>
>
_______________________________________________
Seandroid-list mailing list
Seandroid-list@tycho.nsa.gov
To unsubscribe, send email to seandroid-list-le...@tycho.nsa.gov.
To get help, send an email containing "help" to
seandroid-list-requ...@tycho.nsa.gov.
