Re: [PATCH] libselinux: re-introduce DISABLE_BOOL=y

[Stephen Smalley]

On 09/29/2016 03:27 PM, William Roberts wrote:
> On Thu, Sep 29, 2016 at 3:15 PM, William Roberts
>  wrote:
>> On Thu, Sep 29, 2016 at 2:54 PM, Stephen Smalley  wrote:
>>> On 09/29/2016 02:46 PM, William Roberts wrote:
 On Thu, Sep 29, 2016 at 2:44 PM, Stephen Smalley  
 wrote:
> On 09/29/2016 02:15 PM, William Roberts wrote:
>> On Thu, Sep 29, 2016 at 2:08 PM, Stephen Smalley  
>> wrote:
>>> On 09/29/2016 02:02 PM, william.c.robe...@intel.com wrote:
 From: William Roberts 

 Provide stubs to the public boolean API that always returns -1.

 On Android, boolean symbols are needed for:
 external/ltrace/sysdeps/linux-gnu/trace.c
>>>
>>> Is this really worth doing?
>>
>> It's this or disabling that selinux via #define, which that source has
>> HAVE_LIBSELINUX.
>>
>> But it would seem confusing IMHO to have a libselinux.so, so one would
>> set HAVE_LIBSELINUX=1,
>> and you're getting link errors.
>
> Maybe I don't understand.  Obviously it builds today with
> external/libselinux without requiring this change.  Why do we need this 
> now?
>

 Richard Haines was doing further testing, and was building a different
 lunch target for the
 arm emulator and hit this issue. I have only tested x86_64 emulator.
>>>
>>> No, I mean that this is not required in external/libselinux (the Android
>>> fork) today.  So why is it needed here?  The Android fork builds
>>> src/booleans.c for the target.  It doesn't hurt anything to leave the
>>> code there.  The underlying kernel interface via selinuxfs still exists.
>>>  There just won't be any booleans in the policy.
>>>
>>
>> The target builds a modified booleans, if use booleans as is, we start
>> down the config c file
>> rabbit hole...
>>
>> external/selinux/libselinux/src/booleans.c:100: error: undefined
>> reference to 'selinux_booleans_subs_path'
>> external/selinux/libselinux/src/booleans.c:388: error: undefined
>> reference to 'selinux_booleans_path'
>> external/selinux/libselinux/src/booleans.c:529: error: undefined
>> reference to 'selinux_booleans_path'
>> external/selinux/libselinux/src/booleans.c:545: error: undefined
>> reference to 'selinux_booleans_path'
>> clang++.real: error: linker command failed with exit code 1 (use -v to
>> see invocation)
>>
>> I can take a look at that and see how much of a PITA it would be to
>> pull that in.
> 
> external/selinux/libselinux/src/selinux_config.c:100: error: undefined
> reference to 'fgets_unlocked'
> external/selinux/libselinux/src/selinux_config.c:100: error: undefined
> reference to 'fgets_unlocked'
> external/selinux/libselinux/src/selinux_config.c:231: error: undefined
> reference to 'require_seusers'
> external/selinux/libselinux/src/selinux_config.c:231: error: undefined
> reference to 'load_setlocaldefs'
> 
> fgets should be easy enough
> load_setlocaldefs is an exported integer value used in init_selinux_config()
> require_seusers is another exported int form seusers.c
> 
> I was figuring since we don't use any bools, to keep the size down,
> just stubbing dummies is the
> easiest route.
> 
> We could do something like STATIC_CONFIG and just stub in what things
> need and return the explicit paths.

Never mind, I'll take your original patch.


___
Seandroid-list mailing list
Seandroid-list@tycho.nsa.gov
To unsubscribe, send email to seandroid-list-le...@tycho.nsa.gov.
To get help, send an email containing "help" to 
seandroid-list-requ...@tycho.nsa.gov.

Re: [PATCH 2/2] libselinux: set DISABLE_RPM default to y.

[Stephen Smalley]

On 09/28/2016 12:00 PM, william.c.robe...@intel.com wrote:
> From: William Roberts 
> 
> Change the default build behavior to always use DISABLE_RPM.
> To get the old behavior call make with DISABLE_RPM=n.
> 
> eg.)
> make DISABLE_RPM=n

I reverted this change.  It would break rpm on RHEL 7 and earlier, so it
is still too soon to make this the default ;(

> 
> Signed-off-by: William Roberts 
> ---
>  libselinux/Makefile | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/libselinux/Makefile b/libselinux/Makefile
> index 41d836c..cec2943 100644
> --- a/libselinux/Makefile
> +++ b/libselinux/Makefile
> @@ -1,7 +1,7 @@
>  SUBDIRS = src include utils man
>  
>  DISABLE_SETRANS ?= n
> -DISABLE_RPM ?= n
> +DISABLE_RPM ?= y
>  ifeq ($(DISABLE_RPM),y)
>   DISABLE_FLAGS+= -DDISABLE_RPM
>  endif
> 

___
Seandroid-list mailing list
Seandroid-list@tycho.nsa.gov
To unsubscribe, send email to seandroid-list-le...@tycho.nsa.gov.
To get help, send an email containing "help" to 
seandroid-list-requ...@tycho.nsa.gov.

Re: [PATCH] libselinux: re-introduce DISABLE_BOOL=y

[Stephen Smalley]

On 09/29/2016 02:02 PM, william.c.robe...@intel.com wrote:
> From: William Roberts 
> 
> Provide stubs to the public boolean API that always returns -1.
> 
> On Android, boolean symbols are needed for:
> external/ltrace/sysdeps/linux-gnu/trace.c

Thanks, applied.

> 
> Signed-off-by: William Roberts 
> ---
>  libselinux/Makefile   |  4 +++
>  libselinux/src/booleans.c | 64 
> +++
>  2 files changed, 58 insertions(+), 10 deletions(-)
> 
> diff --git a/libselinux/Makefile b/libselinux/Makefile
> index f607115..b5f32bb 100644
> --- a/libselinux/Makefile
> +++ b/libselinux/Makefile
> @@ -5,6 +5,7 @@ DISABLE_RPM ?= y
>  ANDROID_HOST ?= n
>  ifeq ($(ANDROID_HOST),y)
>   override DISABLE_SETRANS=y
> + override DISABLE_BOOL=y
>  endif
>  ifeq ($(DISABLE_RPM),y)
>   DISABLE_FLAGS+= -DDISABLE_RPM
> @@ -12,6 +13,9 @@ endif
>  ifeq ($(DISABLE_SETRANS),y)
>   DISABLE_FLAGS+= -DDISABLE_SETRANS
>  endif
> +ifeq ($(DISABLE_BOOL),y)
> + DISABLE_FLAGS+= -DDISABLE_BOOL
> +endif
>  export DISABLE_SETRANS DISABLE_RPM DISABLE_FLAGS ANDROID_HOST
>  
>  USE_PCRE2 ?= n
> diff --git a/libselinux/src/booleans.c b/libselinux/src/booleans.c
> index c438af1..cbb0610 100644
> --- a/libselinux/src/booleans.c
> +++ b/libselinux/src/booleans.c
> @@ -25,6 +25,8 @@
>  
>  #define SELINUX_BOOL_DIR "/booleans/"
>  
> +#ifndef DISABLE_BOOL
> +
>  static int filename_select(const struct dirent *d)
>  {
>   if (d->d_name[0] == '.'
> @@ -85,8 +87,6 @@ int security_get_boolean_names(char ***names, int *len)
>   goto out;
>  }
>  
> -hidden_def(security_get_boolean_names)
> -
>  char *selinux_boolean_sub(const char *name)
>  {
>   char *sub = NULL;
> @@ -141,8 +141,6 @@ out:
>   return sub;
>  }
>  
> -hidden_def(selinux_boolean_sub)
> -
>  static int bool_open(const char *name, int flag) {
>   char *fname = NULL;
>   char *alt_name = NULL;
> @@ -262,8 +260,6 @@ int security_get_boolean_active(const char *name)
>   return val;
>  }
>  
> -hidden_def(security_get_boolean_active)
> -
>  int security_set_boolean(const char *name, int value)
>  {
>   int fd, ret;
> @@ -297,8 +293,6 @@ int security_set_boolean(const char *name, int value)
>   return -1;
>  }
>  
> -hidden_def(security_set_boolean)
> -
>  int security_commit_booleans(void)
>  {
>   int fd, ret;
> @@ -327,8 +321,6 @@ int security_commit_booleans(void)
>   return -1;
>  }
>  
> -hidden_def(security_commit_booleans)
> -
>  static char *strtrim(char *dest, char *source, int size)
>  {
>   int i = 0;
> @@ -567,3 +559,55 @@ int security_load_booleans(char *path)
>   errno = EINVAL;
>   return errors ? -1 : 0;
>  }
> +
> +#else
> +int security_set_boolean_list(size_t boolcnt __attribute__((unused)),
> + SELboolean * boollist __attribute__((unused)),
> + int permanent __attribute__((unused)))
> +{
> + return -1;
> +}
> +
> +int security_load_booleans(char *path __attribute__((unused)))
> +{
> + return -1;
> +}
> +
> +int security_get_boolean_names(char ***names __attribute__((unused)),
> + int *len __attribute__((unused)))
> +{
> + return -1;
> +}
> +
> +int security_get_boolean_pending(const char *name __attribute__((unused)))
> +{
> + return -1;
> +}
> +
> +int security_get_boolean_active(const char *name __attribute__((unused)))
> +{
> + return -1;
> +}
> +
> +int security_set_boolean(const char *name __attribute__((unused)),
> + int value __attribute__((unused)))
> +{
> + return -1;
> +}
> +
> +int security_commit_booleans(void)
> +{
> + return -1;
> +}
> +
> +char *selinux_boolean_sub(const char *name __attribute__((unused)))
> +{
> + return NULL;
> +}
> +#endif
> +
> +hidden_def(security_get_boolean_names)
> +hidden_def(selinux_boolean_sub)
> +hidden_def(security_get_boolean_active)
> +hidden_def(security_set_boolean)
> +hidden_def(security_commit_booleans)
> 

___
Seandroid-list mailing list
Seandroid-list@tycho.nsa.gov
To unsubscribe, send email to seandroid-list-le...@tycho.nsa.gov.
To get help, send an email containing "help" to 
seandroid-list-requ...@tycho.nsa.gov.

Re: [PATCH] libselinux: re-introduce DISABLE_BOOL=y

[William Roberts]

On Thu, Sep 29, 2016 at 3:15 PM, William Roberts
 wrote:
> On Thu, Sep 29, 2016 at 2:54 PM, Stephen Smalley  wrote:
>> On 09/29/2016 02:46 PM, William Roberts wrote:
>>> On Thu, Sep 29, 2016 at 2:44 PM, Stephen Smalley  wrote:
 On 09/29/2016 02:15 PM, William Roberts wrote:
> On Thu, Sep 29, 2016 at 2:08 PM, Stephen Smalley  
> wrote:
>> On 09/29/2016 02:02 PM, william.c.robe...@intel.com wrote:
>>> From: William Roberts 
>>>
>>> Provide stubs to the public boolean API that always returns -1.
>>>
>>> On Android, boolean symbols are needed for:
>>> external/ltrace/sysdeps/linux-gnu/trace.c
>>
>> Is this really worth doing?
>
> It's this or disabling that selinux via #define, which that source has
> HAVE_LIBSELINUX.
>
> But it would seem confusing IMHO to have a libselinux.so, so one would
> set HAVE_LIBSELINUX=1,
> and you're getting link errors.

 Maybe I don't understand.  Obviously it builds today with
 external/libselinux without requiring this change.  Why do we need this 
 now?

>>>
>>> Richard Haines was doing further testing, and was building a different
>>> lunch target for the
>>> arm emulator and hit this issue. I have only tested x86_64 emulator.
>>
>> No, I mean that this is not required in external/libselinux (the Android
>> fork) today.  So why is it needed here?  The Android fork builds
>> src/booleans.c for the target.  It doesn't hurt anything to leave the
>> code there.  The underlying kernel interface via selinuxfs still exists.
>>  There just won't be any booleans in the policy.
>>
>
> The target builds a modified booleans, if use booleans as is, we start
> down the config c file
> rabbit hole...
>
> external/selinux/libselinux/src/booleans.c:100: error: undefined
> reference to 'selinux_booleans_subs_path'
> external/selinux/libselinux/src/booleans.c:388: error: undefined
> reference to 'selinux_booleans_path'
> external/selinux/libselinux/src/booleans.c:529: error: undefined
> reference to 'selinux_booleans_path'
> external/selinux/libselinux/src/booleans.c:545: error: undefined
> reference to 'selinux_booleans_path'
> clang++.real: error: linker command failed with exit code 1 (use -v to
> see invocation)
>
> I can take a look at that and see how much of a PITA it would be to
> pull that in.

external/selinux/libselinux/src/selinux_config.c:100: error: undefined
reference to 'fgets_unlocked'
external/selinux/libselinux/src/selinux_config.c:100: error: undefined
reference to 'fgets_unlocked'
external/selinux/libselinux/src/selinux_config.c:231: error: undefined
reference to 'require_seusers'
external/selinux/libselinux/src/selinux_config.c:231: error: undefined
reference to 'load_setlocaldefs'

fgets should be easy enough
load_setlocaldefs is an exported integer value used in init_selinux_config()
require_seusers is another exported int form seusers.c

I was figuring since we don't use any bools, to keep the size down,
just stubbing dummies is the
easiest route.

We could do something like STATIC_CONFIG and just stub in what things
need and return the explicit paths.

-- 
Respectfully,

William C Roberts
___
Seandroid-list mailing list
Seandroid-list@tycho.nsa.gov
To unsubscribe, send email to seandroid-list-le...@tycho.nsa.gov.
To get help, send an email containing "help" to 
seandroid-list-requ...@tycho.nsa.gov.

Re: [PATCH] libselinux: re-introduce DISABLE_BOOL=y

[William Roberts]

On Thu, Sep 29, 2016 at 2:54 PM, Stephen Smalley  wrote:
> On 09/29/2016 02:46 PM, William Roberts wrote:
>> On Thu, Sep 29, 2016 at 2:44 PM, Stephen Smalley  wrote:
>>> On 09/29/2016 02:15 PM, William Roberts wrote:
 On Thu, Sep 29, 2016 at 2:08 PM, Stephen Smalley  
 wrote:
> On 09/29/2016 02:02 PM, william.c.robe...@intel.com wrote:
>> From: William Roberts 
>>
>> Provide stubs to the public boolean API that always returns -1.
>>
>> On Android, boolean symbols are needed for:
>> external/ltrace/sysdeps/linux-gnu/trace.c
>
> Is this really worth doing?

 It's this or disabling that selinux via #define, which that source has
 HAVE_LIBSELINUX.

 But it would seem confusing IMHO to have a libselinux.so, so one would
 set HAVE_LIBSELINUX=1,
 and you're getting link errors.
>>>
>>> Maybe I don't understand.  Obviously it builds today with
>>> external/libselinux without requiring this change.  Why do we need this now?
>>>
>>
>> Richard Haines was doing further testing, and was building a different
>> lunch target for the
>> arm emulator and hit this issue. I have only tested x86_64 emulator.
>
> No, I mean that this is not required in external/libselinux (the Android
> fork) today.  So why is it needed here?  The Android fork builds
> src/booleans.c for the target.  It doesn't hurt anything to leave the
> code there.  The underlying kernel interface via selinuxfs still exists.
>  There just won't be any booleans in the policy.
>

The target builds a modified booleans, if use booleans as is, we start
down the config c file
rabbit hole...

external/selinux/libselinux/src/booleans.c:100: error: undefined
reference to 'selinux_booleans_subs_path'
external/selinux/libselinux/src/booleans.c:388: error: undefined
reference to 'selinux_booleans_path'
external/selinux/libselinux/src/booleans.c:529: error: undefined
reference to 'selinux_booleans_path'
external/selinux/libselinux/src/booleans.c:545: error: undefined
reference to 'selinux_booleans_path'
clang++.real: error: linker command failed with exit code 1 (use -v to
see invocation)

I can take a look at that and see how much of a PITA it would be to
pull that in.
___
Seandroid-list mailing list
Seandroid-list@tycho.nsa.gov
To unsubscribe, send email to seandroid-list-le...@tycho.nsa.gov.
To get help, send an email containing "help" to 
seandroid-list-requ...@tycho.nsa.gov.

Re: [PATCH] libselinux: re-introduce DISABLE_BOOL=y

[William Roberts]

On Thu, Sep 29, 2016 at 2:44 PM, Stephen Smalley  wrote:
> On 09/29/2016 02:15 PM, William Roberts wrote:
>> On Thu, Sep 29, 2016 at 2:08 PM, Stephen Smalley  wrote:
>>> On 09/29/2016 02:02 PM, william.c.robe...@intel.com wrote:
 From: William Roberts 

 Provide stubs to the public boolean API that always returns -1.

 On Android, boolean symbols are needed for:
 external/ltrace/sysdeps/linux-gnu/trace.c
>>>
>>> Is this really worth doing?
>>
>> It's this or disabling that selinux via #define, which that source has
>> HAVE_LIBSELINUX.
>>
>> But it would seem confusing IMHO to have a libselinux.so, so one would
>> set HAVE_LIBSELINUX=1,
>> and you're getting link errors.
>
> Maybe I don't understand.  Obviously it builds today with
> external/libselinux without requiring this change.  Why do we need this now?
>

Richard Haines was doing further testing, and was building a different
lunch target for the
arm emulator and hit this issue. I have only tested x86_64 emulator.
___
Seandroid-list mailing list
Seandroid-list@tycho.nsa.gov
To unsubscribe, send email to seandroid-list-le...@tycho.nsa.gov.
To get help, send an email containing "help" to 
seandroid-list-requ...@tycho.nsa.gov.

Re: [PATCH] libselinux: re-introduce DISABLE_BOOL=y

[Stephen Smalley]

On 09/29/2016 02:46 PM, William Roberts wrote:
> On Thu, Sep 29, 2016 at 2:44 PM, Stephen Smalley  wrote:
>> On 09/29/2016 02:15 PM, William Roberts wrote:
>>> On Thu, Sep 29, 2016 at 2:08 PM, Stephen Smalley  wrote:
 On 09/29/2016 02:02 PM, william.c.robe...@intel.com wrote:
> From: William Roberts 
>
> Provide stubs to the public boolean API that always returns -1.
>
> On Android, boolean symbols are needed for:
> external/ltrace/sysdeps/linux-gnu/trace.c

 Is this really worth doing?
>>>
>>> It's this or disabling that selinux via #define, which that source has
>>> HAVE_LIBSELINUX.
>>>
>>> But it would seem confusing IMHO to have a libselinux.so, so one would
>>> set HAVE_LIBSELINUX=1,
>>> and you're getting link errors.
>>
>> Maybe I don't understand.  Obviously it builds today with
>> external/libselinux without requiring this change.  Why do we need this now?
>>
> 
> Richard Haines was doing further testing, and was building a different
> lunch target for the
> arm emulator and hit this issue. I have only tested x86_64 emulator.

No, I mean that this is not required in external/libselinux (the Android
fork) today.  So why is it needed here?  The Android fork builds
src/booleans.c for the target.  It doesn't hurt anything to leave the
code there.  The underlying kernel interface via selinuxfs still exists.
 There just won't be any booleans in the policy.


___
Seandroid-list mailing list
Seandroid-list@tycho.nsa.gov
To unsubscribe, send email to seandroid-list-le...@tycho.nsa.gov.
To get help, send an email containing "help" to 
seandroid-list-requ...@tycho.nsa.gov.

Re: [PATCH] libselinux: re-introduce DISABLE_BOOL=y

[Stephen Smalley]

On 09/29/2016 02:15 PM, William Roberts wrote:
> On Thu, Sep 29, 2016 at 2:08 PM, Stephen Smalley  wrote:
>> On 09/29/2016 02:02 PM, william.c.robe...@intel.com wrote:
>>> From: William Roberts 
>>>
>>> Provide stubs to the public boolean API that always returns -1.
>>>
>>> On Android, boolean symbols are needed for:
>>> external/ltrace/sysdeps/linux-gnu/trace.c
>>
>> Is this really worth doing?
> 
> It's this or disabling that selinux via #define, which that source has
> HAVE_LIBSELINUX.
> 
> But it would seem confusing IMHO to have a libselinux.so, so one would
> set HAVE_LIBSELINUX=1,
> and you're getting link errors.

Maybe I don't understand.  Obviously it builds today with
external/libselinux without requiring this change.  Why do we need this now?


___
Seandroid-list mailing list
Seandroid-list@tycho.nsa.gov
To unsubscribe, send email to seandroid-list-le...@tycho.nsa.gov.
To get help, send an email containing "help" to 
seandroid-list-requ...@tycho.nsa.gov.

Re: [PATCH] libselinux: re-introduce DISABLE_BOOL=y

[William Roberts]

On Thu, Sep 29, 2016 at 2:08 PM, Stephen Smalley  wrote:
> On 09/29/2016 02:02 PM, william.c.robe...@intel.com wrote:
>> From: William Roberts 
>>
>> Provide stubs to the public boolean API that always returns -1.
>>
>> On Android, boolean symbols are needed for:
>> external/ltrace/sysdeps/linux-gnu/trace.c
>
> Is this really worth doing?

It's this or disabling that selinux via #define, which that source has
HAVE_LIBSELINUX.

But it would seem confusing IMHO to have a libselinux.so, so one would
set HAVE_LIBSELINUX=1,
and you're getting link errors.

Seems to be yet-another red-hat contribution from a long time ago:

commit cec06ec8282c538a40bde968ae36fe8356daffaa
Author: Petr Machata 
Date:   Tue Apr 10 13:31:55 2012 +0200

Warn when we fail to trace and SELinux boolean deny_ptrace is in effect

diff --git a/ChangeLog b/ChangeLog
index c095263..6107a12 100644

>
>>
>> Signed-off-by: William Roberts 
>> ---
>>  libselinux/Makefile   |  4 +++
>>  libselinux/src/booleans.c | 64 
>> +++
>>  2 files changed, 58 insertions(+), 10 deletions(-)
>>
>> diff --git a/libselinux/Makefile b/libselinux/Makefile
>> index f607115..b5f32bb 100644
>> --- a/libselinux/Makefile
>> +++ b/libselinux/Makefile
>> @@ -5,6 +5,7 @@ DISABLE_RPM ?= y
>>  ANDROID_HOST ?= n
>>  ifeq ($(ANDROID_HOST),y)
>>   override DISABLE_SETRANS=y
>> + override DISABLE_BOOL=y
>>  endif
>>  ifeq ($(DISABLE_RPM),y)
>>   DISABLE_FLAGS+= -DDISABLE_RPM
>> @@ -12,6 +13,9 @@ endif
>>  ifeq ($(DISABLE_SETRANS),y)
>>   DISABLE_FLAGS+= -DDISABLE_SETRANS
>>  endif
>> +ifeq ($(DISABLE_BOOL),y)
>> + DISABLE_FLAGS+= -DDISABLE_BOOL
>> +endif
>>  export DISABLE_SETRANS DISABLE_RPM DISABLE_FLAGS ANDROID_HOST
>>
>>  USE_PCRE2 ?= n
>> diff --git a/libselinux/src/booleans.c b/libselinux/src/booleans.c
>> index c438af1..cbb0610 100644
>> --- a/libselinux/src/booleans.c
>> +++ b/libselinux/src/booleans.c
>> @@ -25,6 +25,8 @@
>>
>>  #define SELINUX_BOOL_DIR "/booleans/"
>>
>> +#ifndef DISABLE_BOOL
>> +
>>  static int filename_select(const struct dirent *d)
>>  {
>>   if (d->d_name[0] == '.'
>> @@ -85,8 +87,6 @@ int security_get_boolean_names(char ***names, int *len)
>>   goto out;
>>  }
>>
>> -hidden_def(security_get_boolean_names)
>> -
>>  char *selinux_boolean_sub(const char *name)
>>  {
>>   char *sub = NULL;
>> @@ -141,8 +141,6 @@ out:
>>   return sub;
>>  }
>>
>> -hidden_def(selinux_boolean_sub)
>> -
>>  static int bool_open(const char *name, int flag) {
>>   char *fname = NULL;
>>   char *alt_name = NULL;
>> @@ -262,8 +260,6 @@ int security_get_boolean_active(const char *name)
>>   return val;
>>  }
>>
>> -hidden_def(security_get_boolean_active)
>> -
>>  int security_set_boolean(const char *name, int value)
>>  {
>>   int fd, ret;
>> @@ -297,8 +293,6 @@ int security_set_boolean(const char *name, int value)
>>   return -1;
>>  }
>>
>> -hidden_def(security_set_boolean)
>> -
>>  int security_commit_booleans(void)
>>  {
>>   int fd, ret;
>> @@ -327,8 +321,6 @@ int security_commit_booleans(void)
>>   return -1;
>>  }
>>
>> -hidden_def(security_commit_booleans)
>> -
>>  static char *strtrim(char *dest, char *source, int size)
>>  {
>>   int i = 0;
>> @@ -567,3 +559,55 @@ int security_load_booleans(char *path)
>>   errno = EINVAL;
>>   return errors ? -1 : 0;
>>  }
>> +
>> +#else
>> +int security_set_boolean_list(size_t boolcnt __attribute__((unused)),
>> + SELboolean * boollist __attribute__((unused)),
>> + int permanent __attribute__((unused)))
>> +{
>> + return -1;
>> +}
>> +
>> +int security_load_booleans(char *path __attribute__((unused)))
>> +{
>> + return -1;
>> +}
>> +
>> +int security_get_boolean_names(char ***names __attribute__((unused)),
>> + int *len __attribute__((unused)))
>> +{
>> + return -1;
>> +}
>> +
>> +int security_get_boolean_pending(const char *name __attribute__((unused)))
>> +{
>> + return -1;
>> +}
>> +
>> +int security_get_boolean_active(const char *name __attribute__((unused)))
>> +{
>> + return -1;
>> +}
>> +
>> +int security_set_boolean(const char *name __attribute__((unused)),
>> + int value __attribute__((unused)))
>> +{
>> + return -1;
>> +}
>> +
>> +int security_commit_booleans(void)
>> +{
>> + return -1;
>> +}
>> +
>> +char *selinux_boolean_sub(const char *name __attribute__((unused)))
>> +{
>> + return NULL;
>> +}
>> +#endif
>> +
>> +hidden_def(security_get_boolean_names)
>> +hidden_def(selinux_boolean_sub)
>> +hidden_def(security_get_boolean_active)
>> +hidden_def(security_set_boolean)
>> +hidden_def(security_commit_booleans)
>>
>
> ___
> Selinux mailing list
> seli...@tycho.nsa.gov
> To unsubscribe, send email to selinux-le...@tycho.nsa.gov.
> To get help, send an email containing "help" to 

Re: [PATCH] libselinux: re-introduce DISABLE_BOOL=y

[Stephen Smalley]

On 09/29/2016 02:02 PM, william.c.robe...@intel.com wrote:
> From: William Roberts 
> 
> Provide stubs to the public boolean API that always returns -1.
> 
> On Android, boolean symbols are needed for:
> external/ltrace/sysdeps/linux-gnu/trace.c

Is this really worth doing?

> 
> Signed-off-by: William Roberts 
> ---
>  libselinux/Makefile   |  4 +++
>  libselinux/src/booleans.c | 64 
> +++
>  2 files changed, 58 insertions(+), 10 deletions(-)
> 
> diff --git a/libselinux/Makefile b/libselinux/Makefile
> index f607115..b5f32bb 100644
> --- a/libselinux/Makefile
> +++ b/libselinux/Makefile
> @@ -5,6 +5,7 @@ DISABLE_RPM ?= y
>  ANDROID_HOST ?= n
>  ifeq ($(ANDROID_HOST),y)
>   override DISABLE_SETRANS=y
> + override DISABLE_BOOL=y
>  endif
>  ifeq ($(DISABLE_RPM),y)
>   DISABLE_FLAGS+= -DDISABLE_RPM
> @@ -12,6 +13,9 @@ endif
>  ifeq ($(DISABLE_SETRANS),y)
>   DISABLE_FLAGS+= -DDISABLE_SETRANS
>  endif
> +ifeq ($(DISABLE_BOOL),y)
> + DISABLE_FLAGS+= -DDISABLE_BOOL
> +endif
>  export DISABLE_SETRANS DISABLE_RPM DISABLE_FLAGS ANDROID_HOST
>  
>  USE_PCRE2 ?= n
> diff --git a/libselinux/src/booleans.c b/libselinux/src/booleans.c
> index c438af1..cbb0610 100644
> --- a/libselinux/src/booleans.c
> +++ b/libselinux/src/booleans.c
> @@ -25,6 +25,8 @@
>  
>  #define SELINUX_BOOL_DIR "/booleans/"
>  
> +#ifndef DISABLE_BOOL
> +
>  static int filename_select(const struct dirent *d)
>  {
>   if (d->d_name[0] == '.'
> @@ -85,8 +87,6 @@ int security_get_boolean_names(char ***names, int *len)
>   goto out;
>  }
>  
> -hidden_def(security_get_boolean_names)
> -
>  char *selinux_boolean_sub(const char *name)
>  {
>   char *sub = NULL;
> @@ -141,8 +141,6 @@ out:
>   return sub;
>  }
>  
> -hidden_def(selinux_boolean_sub)
> -
>  static int bool_open(const char *name, int flag) {
>   char *fname = NULL;
>   char *alt_name = NULL;
> @@ -262,8 +260,6 @@ int security_get_boolean_active(const char *name)
>   return val;
>  }
>  
> -hidden_def(security_get_boolean_active)
> -
>  int security_set_boolean(const char *name, int value)
>  {
>   int fd, ret;
> @@ -297,8 +293,6 @@ int security_set_boolean(const char *name, int value)
>   return -1;
>  }
>  
> -hidden_def(security_set_boolean)
> -
>  int security_commit_booleans(void)
>  {
>   int fd, ret;
> @@ -327,8 +321,6 @@ int security_commit_booleans(void)
>   return -1;
>  }
>  
> -hidden_def(security_commit_booleans)
> -
>  static char *strtrim(char *dest, char *source, int size)
>  {
>   int i = 0;
> @@ -567,3 +559,55 @@ int security_load_booleans(char *path)
>   errno = EINVAL;
>   return errors ? -1 : 0;
>  }
> +
> +#else
> +int security_set_boolean_list(size_t boolcnt __attribute__((unused)),
> + SELboolean * boollist __attribute__((unused)),
> + int permanent __attribute__((unused)))
> +{
> + return -1;
> +}
> +
> +int security_load_booleans(char *path __attribute__((unused)))
> +{
> + return -1;
> +}
> +
> +int security_get_boolean_names(char ***names __attribute__((unused)),
> + int *len __attribute__((unused)))
> +{
> + return -1;
> +}
> +
> +int security_get_boolean_pending(const char *name __attribute__((unused)))
> +{
> + return -1;
> +}
> +
> +int security_get_boolean_active(const char *name __attribute__((unused)))
> +{
> + return -1;
> +}
> +
> +int security_set_boolean(const char *name __attribute__((unused)),
> + int value __attribute__((unused)))
> +{
> + return -1;
> +}
> +
> +int security_commit_booleans(void)
> +{
> + return -1;
> +}
> +
> +char *selinux_boolean_sub(const char *name __attribute__((unused)))
> +{
> + return NULL;
> +}
> +#endif
> +
> +hidden_def(security_get_boolean_names)
> +hidden_def(selinux_boolean_sub)
> +hidden_def(security_get_boolean_active)
> +hidden_def(security_set_boolean)
> +hidden_def(security_commit_booleans)
> 

___
Seandroid-list mailing list
Seandroid-list@tycho.nsa.gov
To unsubscribe, send email to seandroid-list-le...@tycho.nsa.gov.
To get help, send an email containing "help" to 
seandroid-list-requ...@tycho.nsa.gov.

[PATCH 1/3] libselinux: renamed andriod label backend source file

[Janis Danisevskis]

Signed-off-by: Janis Danisevskis 
---
 libselinux/src/Makefile |   2 +-
 libselinux/src/label_android_property.c | 304 
 libselinux/src/label_backends_android.c | 304 
 3 files changed, 305 insertions(+), 305 deletions(-)
 delete mode 100644 libselinux/src/label_android_property.c
 create mode 100644 libselinux/src/label_backends_android.c

diff --git a/libselinux/src/Makefile b/libselinux/src/Makefile
index 2c61fad..cba8383 100644
--- a/libselinux/src/Makefile
+++ b/libselinux/src/Makefile
@@ -85,7 +85,7 @@ ifeq ($(ANDROID_HOST),y)
 DISABLE_FLAGS+= -DNO_MEDIA_BACKEND -DNO_DB_BACKEND -DNO_X_BACKEND \
-DBUILD_HOST
 SRCS= callbacks.c freecon.c label.c label_file.c \
-   label_android_property.c regex.c label_support.c \
+   label_backends_android.c regex.c label_support.c \
matchpathcon.c setrans_client.c sha1.c
 endif
 
diff --git a/libselinux/src/label_android_property.c 
b/libselinux/src/label_android_property.c
deleted file mode 100644
index 290b438..000
--- a/libselinux/src/label_android_property.c
+++ /dev/null
@@ -1,304 +0,0 @@
-/*
- * Property Service contexts backend for labeling Android
- * property keys
- */
-
-#include 
-#include 
-#include 
-#include 
-#include 
-#include 
-#include 
-#include "callbacks.h"
-#include "label_internal.h"
-
-/* A property security context specification. */
-typedef struct spec {
-   struct selabel_lookup_rec lr;   /* holds contexts for lookup result */
-   char *property_key; /* property key string */
-} spec_t;
-
-/* Our stored configuration */
-struct saved_data {
-   /*
-* The array of specifications is sorted for longest
-* prefix match
-*/
-   spec_t *spec_arr;
-   unsigned int nspec; /* total number of specifications */
-};
-
-static int cmp(const void *A, const void *B)
-{
-   const struct spec *sp1 = A, *sp2 = B;
-
-   if (strncmp(sp1->property_key, "*", 1) == 0)
-   return 1;
-   if (strncmp(sp2->property_key, "*", 1) == 0)
-   return -1;
-
-   size_t L1 = strlen(sp1->property_key);
-   size_t L2 = strlen(sp2->property_key);
-
-   return (L1 < L2) - (L1 > L2);
-}
-
-/*
- * Warn about duplicate specifications.
- */
-static int nodups_specs(struct saved_data *data, const char *path)
-{
-   int rc = 0;
-   unsigned int ii, jj;
-   struct spec *curr_spec, *spec_arr = data->spec_arr;
-
-   for (ii = 0; ii < data->nspec; ii++) {
-   curr_spec = _arr[ii];
-   for (jj = ii + 1; jj < data->nspec; jj++) {
-   if (!strcmp(spec_arr[jj].property_key,
-   curr_spec->property_key)) {
-   rc = -1;
-   errno = EINVAL;
-   if (strcmp(spec_arr[jj].lr.ctx_raw,
-   curr_spec->lr.ctx_raw)) {
-   selinux_log
-   (SELINUX_ERROR,
-"%s: Multiple different 
specifications for %s  (%s and %s).\n",
-path, curr_spec->property_key,
-spec_arr[jj].lr.ctx_raw,
-curr_spec->lr.ctx_raw);
-   } else {
-   selinux_log
-   (SELINUX_ERROR,
-"%s: Multiple same 
specifications for %s.\n",
-path, curr_spec->property_key);
-   }
-   }
-   }
-   }
-   return rc;
-}
-
-static int process_line(struct selabel_handle *rec,
-   const char *path, char *line_buf,
-   int pass, unsigned lineno)
-{
-   int items;
-   char *prop = NULL, *context = NULL;
-   struct saved_data *data = (struct saved_data *)rec->data;
-   spec_t *spec_arr = data->spec_arr;
-   unsigned int nspec = data->nspec;
-   const char *errbuf = NULL;
-
-   items = read_spec_entries(line_buf, , 2, , );
-   if (items < 0) {
-   items = errno;
-   selinux_log(SELINUX_ERROR,
-   "%s:  line %u error due to: %s\n", path,
-   lineno, errbuf ?: strerror(errno));
-   errno = items;
-   return -1;
-   }
-
-   if (items == 0)
-   return items;
-
-   if (items != 2) {
-   selinux_log(SELINUX_ERROR,
-   "%s:  line %u is missing fields\n", path,
-   lineno);
-   free(prop);
-   errno = EINVAL;
- 

[PATCH 3/3] libselinux: makes android label back ends configurable

[Janis Danisevskis]

Android label back ends are not configurable by NO_ANDROID_BACKEND,
which is set if on ANDROID_HOST != y.

Signed-off-by: Janis Danisevskis 
---
 libselinux/src/Makefile |  3 +++
 libselinux/src/label.c  | 10 --
 2 files changed, 11 insertions(+), 2 deletions(-)

diff --git a/libselinux/src/Makefile b/libselinux/src/Makefile
index cba8383..7169230 100644
--- a/libselinux/src/Makefile
+++ b/libselinux/src/Makefile
@@ -87,6 +87,9 @@ DISABLE_FLAGS+= -DNO_MEDIA_BACKEND -DNO_DB_BACKEND 
-DNO_X_BACKEND \
 SRCS= callbacks.c freecon.c label.c label_file.c \
label_backends_android.c regex.c label_support.c \
matchpathcon.c setrans_client.c sha1.c
+else
+DISABLE_FLAGS+= -DNO_ANDROID_BACKEND
+SRCS:= $(filter-out label_backends_android.c, $(SRCS))
 endif
 
 SWIG = swig -Wall -python -o $(SWIGCOUT) -outdir ./ $(DISABLE_FLAGS)
diff --git a/libselinux/src/label.c b/libselinux/src/label.c
index eb0e766..60639cf 100644
--- a/libselinux/src/label.c
+++ b/libselinux/src/label.c
@@ -35,6 +35,12 @@
 #define CONFIG_DB_BACKEND(fnptr) 
 #endif
 
+#ifdef NO_ANDROID_BACKEND
+#define CONFIG_ANDROID_BACKEND(fnptr) NULL
+#else
+#define CONFIG_ANDROID_BACKEND(fnptr) (&(fnptr))
+#endif
+
 typedef int (*selabel_initfunc)(struct selabel_handle *rec,
const struct selinux_opt *opts,
unsigned nopts);
@@ -44,8 +50,8 @@ static selabel_initfunc initfuncs[] = {
CONFIG_MEDIA_BACKEND(selabel_media_init),
CONFIG_X_BACKEND(selabel_x_init),
CONFIG_DB_BACKEND(selabel_db_init),
-   _property_init,
-   _service_init,
+   CONFIG_ANDROID_BACKEND(selabel_property_init),
+   CONFIG_ANDROID_BACKEND(selabel_service_init),
 };
 
 static void selabel_subs_fini(struct selabel_sub *ptr)
-- 
1.9.1

___
Seandroid-list mailing list
Seandroid-list@tycho.nsa.gov
To unsubscribe, send email to seandroid-list-le...@tycho.nsa.gov.
To get help, send an email containing "help" to 
seandroid-list-requ...@tycho.nsa.gov.

Re: [PATCH 2/3] libselinux: android: fix lax service context lookup

[Janis Danisevskis]

William: Good thing you mention checkfc. I added you as a reviewer.

On Thu, Sep 29, 2016 at 12:57 PM, William Roberts 
wrote:

> do you have the corresponding changes to checkfc on AOSP?
>
> On Thu, Sep 29, 2016 at 7:39 AM, Janis Danisevskis 
> wrote:
> > We use the same lookup function for service contexts
> > that we use for property contexts. However, property
> > contexts are namespace based and only compare the
> > prefix. This may lead to service associations with
> > a wrong label.
> >
> > This patch introduces a new back end for android
> > services with a stricter lookup function. Now the
> > service name must match the key of the service label
> > exactly.
> >
> > Signed-off-by: Janis Danisevskis 
> > ---
> >  libselinux/include/selinux/label.h  |  2 ++
> >  libselinux/src/label.c  |  1 +
> >  libselinux/src/label_backends_android.c | 54
> +++--
> >  libselinux/src/label_internal.h |  3 ++
> >  libselinux/utils/selabel_digest.c   |  2 ++
> >  libselinux/utils/selabel_lookup.c   |  2 ++
> >  6 files changed, 62 insertions(+), 2 deletions(-)
> >
> > diff --git a/libselinux/include/selinux/label.h
> b/libselinux/include/selinux/label.h
> > index f0b1e10..277287e 100644
> > --- a/libselinux/include/selinux/label.h
> > +++ b/libselinux/include/selinux/label.h
> > @@ -34,6 +34,8 @@ struct selabel_handle;
> >  #define SELABEL_CTX_DB 3
> >  /* Android property service contexts */
> >  #define SELABEL_CTX_ANDROID_PROP 4
> > +/* Android service contexts */
> > +#define SELABEL_CTX_ANDROID_SERVICE 5
> >
> >  /*
> >   * Available options
> > diff --git a/libselinux/src/label.c b/libselinux/src/label.c
> > index 96a4ff1..eb0e766 100644
> > --- a/libselinux/src/label.c
> > +++ b/libselinux/src/label.c
> > @@ -45,6 +45,7 @@ static selabel_initfunc initfuncs[] = {
> > CONFIG_X_BACKEND(selabel_x_init),
> > CONFIG_DB_BACKEND(selabel_db_init),
> > _property_init,
> > +   _service_init,
> >  };
> >
> >  static void selabel_subs_fini(struct selabel_sub *ptr)
> > diff --git a/libselinux/src/label_backends_android.c
> b/libselinux/src/label_backends_android.c
> > index 290b438..4d6ec86 100644
> > --- a/libselinux/src/label_backends_android.c
> > +++ b/libselinux/src/label_backends_android.c
> > @@ -244,7 +244,7 @@ static void closef(struct selabel_handle *rec)
> > free(data);
> >  }
> >
> > -static struct selabel_lookup_rec *lookup(struct selabel_handle *rec,
> > +static struct selabel_lookup_rec *property_lookup(struct selabel_handle
> *rec,
> >  const char *key,
> >  int __attribute__((unused))
> type)
> >  {
> > @@ -279,6 +279,38 @@ finish:
> > return ret;
> >  }
> >
> > +static struct selabel_lookup_rec *service_lookup(struct selabel_handle
> *rec,
> > +   const char *key, int __attribute__((unused)) type)
> > +{
> > +   struct saved_data *data = (struct saved_data *)rec->data;
> > +   spec_t *spec_arr = data->spec_arr;
> > +   unsigned int i;
> > +   struct selabel_lookup_rec *ret = NULL;
> > +
> > +   if (!data->nspec) {
> > +   errno = ENOENT;
> > +   goto finish;
> > +   }
> > +
> > +   for (i = 0; i < data->nspec; i++) {
> > +   if (strcmp(spec_arr[i].property_key, key) == 0)
> > +   break;
> > +   if (strcmp(spec_arr[i].property_key, "*") == 0)
> > +   break;
> > +   }
> > +
> > +   if (i >= data->nspec) {
> > +   /* No matching specification. */
> > +   errno = ENOENT;
> > +   goto finish;
> > +   }
> > +
> > +   ret = _arr[i].lr;
> > +
> > +finish:
> > +   return ret;
> > +}
> > +
> >  static void stats(struct selabel_handle __attribute__((unused)) *rec)
> >  {
> > selinux_log(SELINUX_WARNING, "'stats' functionality not
> implemented.\n");
> > @@ -298,7 +330,25 @@ int selabel_property_init(struct selabel_handle
> *rec,
> > rec->data = data;
> > rec->func_close = 
> > rec->func_stats = 
> > -   rec->func_lookup = 
> > +   rec->func_lookup = _lookup;
> > +
> > +   return init(rec, opts, nopts);
> > +}
> > +
> > +int selabel_service_init(struct selabel_handle *rec,
> > +   const struct selinux_opt *opts, unsigned nopts)
> > +{
> > +   struct saved_data *data;
> > +
> > +   data = (struct saved_data *)malloc(sizeof(*data));
> > +   if (!data)
> > +   return -1;
> > +   memset(data, 0, sizeof(*data));
> > +
> > +   rec->data = data;
> > +   rec->func_close = 
> > +   rec->func_stats = 
> > +   rec->func_lookup = _lookup;
> >
> > return init(rec, opts, nopts);
> >  }
> > diff --git a/libselinux/src/label_internal.h b/libselinux/src/label_
> internal.h
> > index 

[PATCH 2/3] libselinux: android: fix lax service context lookup

[Janis Danisevskis]

We use the same lookup function for service contexts
that we use for property contexts. However, property
contexts are namespace based and only compare the
prefix. This may lead to service associations with
a wrong label.

This patch introduces a new back end for android
services with a stricter lookup function. Now the
service name must match the key of the service label
exactly.

Signed-off-by: Janis Danisevskis 
---
 libselinux/include/selinux/label.h  |  2 ++
 libselinux/src/label.c  |  1 +
 libselinux/src/label_backends_android.c | 54 +++--
 libselinux/src/label_internal.h |  3 ++
 libselinux/utils/selabel_digest.c   |  2 ++
 libselinux/utils/selabel_lookup.c   |  2 ++
 6 files changed, 62 insertions(+), 2 deletions(-)

diff --git a/libselinux/include/selinux/label.h 
b/libselinux/include/selinux/label.h
index f0b1e10..277287e 100644
--- a/libselinux/include/selinux/label.h
+++ b/libselinux/include/selinux/label.h
@@ -34,6 +34,8 @@ struct selabel_handle;
 #define SELABEL_CTX_DB 3
 /* Android property service contexts */
 #define SELABEL_CTX_ANDROID_PROP 4
+/* Android service contexts */
+#define SELABEL_CTX_ANDROID_SERVICE 5
 
 /*
  * Available options
diff --git a/libselinux/src/label.c b/libselinux/src/label.c
index 96a4ff1..eb0e766 100644
--- a/libselinux/src/label.c
+++ b/libselinux/src/label.c
@@ -45,6 +45,7 @@ static selabel_initfunc initfuncs[] = {
CONFIG_X_BACKEND(selabel_x_init),
CONFIG_DB_BACKEND(selabel_db_init),
_property_init,
+   _service_init,
 };
 
 static void selabel_subs_fini(struct selabel_sub *ptr)
diff --git a/libselinux/src/label_backends_android.c 
b/libselinux/src/label_backends_android.c
index 290b438..4d6ec86 100644
--- a/libselinux/src/label_backends_android.c
+++ b/libselinux/src/label_backends_android.c
@@ -244,7 +244,7 @@ static void closef(struct selabel_handle *rec)
free(data);
 }
 
-static struct selabel_lookup_rec *lookup(struct selabel_handle *rec,
+static struct selabel_lookup_rec *property_lookup(struct selabel_handle *rec,
 const char *key,
 int __attribute__((unused)) type)
 {
@@ -279,6 +279,38 @@ finish:
return ret;
 }
 
+static struct selabel_lookup_rec *service_lookup(struct selabel_handle *rec,
+   const char *key, int __attribute__((unused)) type)
+{
+   struct saved_data *data = (struct saved_data *)rec->data;
+   spec_t *spec_arr = data->spec_arr;
+   unsigned int i;
+   struct selabel_lookup_rec *ret = NULL;
+
+   if (!data->nspec) {
+   errno = ENOENT;
+   goto finish;
+   }
+
+   for (i = 0; i < data->nspec; i++) {
+   if (strcmp(spec_arr[i].property_key, key) == 0)
+   break;
+   if (strcmp(spec_arr[i].property_key, "*") == 0)
+   break;
+   }
+
+   if (i >= data->nspec) {
+   /* No matching specification. */
+   errno = ENOENT;
+   goto finish;
+   }
+
+   ret = _arr[i].lr;
+
+finish:
+   return ret;
+}
+
 static void stats(struct selabel_handle __attribute__((unused)) *rec)
 {
selinux_log(SELINUX_WARNING, "'stats' functionality not 
implemented.\n");
@@ -298,7 +330,25 @@ int selabel_property_init(struct selabel_handle *rec,
rec->data = data;
rec->func_close = 
rec->func_stats = 
-   rec->func_lookup = 
+   rec->func_lookup = _lookup;
+
+   return init(rec, opts, nopts);
+}
+
+int selabel_service_init(struct selabel_handle *rec,
+   const struct selinux_opt *opts, unsigned nopts)
+{
+   struct saved_data *data;
+
+   data = (struct saved_data *)malloc(sizeof(*data));
+   if (!data)
+   return -1;
+   memset(data, 0, sizeof(*data));
+
+   rec->data = data;
+   rec->func_close = 
+   rec->func_stats = 
+   rec->func_lookup = _lookup;
 
return init(rec, opts, nopts);
 }
diff --git a/libselinux/src/label_internal.h b/libselinux/src/label_internal.h
index 7c55531..6a9481a 100644
--- a/libselinux/src/label_internal.h
+++ b/libselinux/src/label_internal.h
@@ -39,6 +39,9 @@ int selabel_db_init(struct selabel_handle *rec,
 int selabel_property_init(struct selabel_handle *rec,
const struct selinux_opt *opts,
unsigned nopts) hidden;
+int selabel_service_init(struct selabel_handle *rec,
+   const struct selinux_opt *opts,
+   unsigned nopts) hidden;
 
 /*
  * Labeling internal structures
diff --git a/libselinux/utils/selabel_digest.c 
b/libselinux/utils/selabel_digest.c
index 38162a5..e4d84a5 100644
--- a/libselinux/utils/selabel_digest.c
+++ b/libselinux/utils/selabel_digest.c
@@ -92,6 +92,8 @@ int main(int argc, char **argv)

Re: [PATCH 2/3] libselinux: android: fix lax service context lookup

[William Roberts]

do you have the corresponding changes to checkfc on AOSP?

On Thu, Sep 29, 2016 at 7:39 AM, Janis Danisevskis  wrote:
> We use the same lookup function for service contexts
> that we use for property contexts. However, property
> contexts are namespace based and only compare the
> prefix. This may lead to service associations with
> a wrong label.
>
> This patch introduces a new back end for android
> services with a stricter lookup function. Now the
> service name must match the key of the service label
> exactly.
>
> Signed-off-by: Janis Danisevskis 
> ---
>  libselinux/include/selinux/label.h  |  2 ++
>  libselinux/src/label.c  |  1 +
>  libselinux/src/label_backends_android.c | 54 
> +++--
>  libselinux/src/label_internal.h |  3 ++
>  libselinux/utils/selabel_digest.c   |  2 ++
>  libselinux/utils/selabel_lookup.c   |  2 ++
>  6 files changed, 62 insertions(+), 2 deletions(-)
>
> diff --git a/libselinux/include/selinux/label.h 
> b/libselinux/include/selinux/label.h
> index f0b1e10..277287e 100644
> --- a/libselinux/include/selinux/label.h
> +++ b/libselinux/include/selinux/label.h
> @@ -34,6 +34,8 @@ struct selabel_handle;
>  #define SELABEL_CTX_DB 3
>  /* Android property service contexts */
>  #define SELABEL_CTX_ANDROID_PROP 4
> +/* Android service contexts */
> +#define SELABEL_CTX_ANDROID_SERVICE 5
>
>  /*
>   * Available options
> diff --git a/libselinux/src/label.c b/libselinux/src/label.c
> index 96a4ff1..eb0e766 100644
> --- a/libselinux/src/label.c
> +++ b/libselinux/src/label.c
> @@ -45,6 +45,7 @@ static selabel_initfunc initfuncs[] = {
> CONFIG_X_BACKEND(selabel_x_init),
> CONFIG_DB_BACKEND(selabel_db_init),
> _property_init,
> +   _service_init,
>  };
>
>  static void selabel_subs_fini(struct selabel_sub *ptr)
> diff --git a/libselinux/src/label_backends_android.c 
> b/libselinux/src/label_backends_android.c
> index 290b438..4d6ec86 100644
> --- a/libselinux/src/label_backends_android.c
> +++ b/libselinux/src/label_backends_android.c
> @@ -244,7 +244,7 @@ static void closef(struct selabel_handle *rec)
> free(data);
>  }
>
> -static struct selabel_lookup_rec *lookup(struct selabel_handle *rec,
> +static struct selabel_lookup_rec *property_lookup(struct selabel_handle *rec,
>  const char *key,
>  int __attribute__((unused)) type)
>  {
> @@ -279,6 +279,38 @@ finish:
> return ret;
>  }
>
> +static struct selabel_lookup_rec *service_lookup(struct selabel_handle *rec,
> +   const char *key, int __attribute__((unused)) type)
> +{
> +   struct saved_data *data = (struct saved_data *)rec->data;
> +   spec_t *spec_arr = data->spec_arr;
> +   unsigned int i;
> +   struct selabel_lookup_rec *ret = NULL;
> +
> +   if (!data->nspec) {
> +   errno = ENOENT;
> +   goto finish;
> +   }
> +
> +   for (i = 0; i < data->nspec; i++) {
> +   if (strcmp(spec_arr[i].property_key, key) == 0)
> +   break;
> +   if (strcmp(spec_arr[i].property_key, "*") == 0)
> +   break;
> +   }
> +
> +   if (i >= data->nspec) {
> +   /* No matching specification. */
> +   errno = ENOENT;
> +   goto finish;
> +   }
> +
> +   ret = _arr[i].lr;
> +
> +finish:
> +   return ret;
> +}
> +
>  static void stats(struct selabel_handle __attribute__((unused)) *rec)
>  {
> selinux_log(SELINUX_WARNING, "'stats' functionality not 
> implemented.\n");
> @@ -298,7 +330,25 @@ int selabel_property_init(struct selabel_handle *rec,
> rec->data = data;
> rec->func_close = 
> rec->func_stats = 
> -   rec->func_lookup = 
> +   rec->func_lookup = _lookup;
> +
> +   return init(rec, opts, nopts);
> +}
> +
> +int selabel_service_init(struct selabel_handle *rec,
> +   const struct selinux_opt *opts, unsigned nopts)
> +{
> +   struct saved_data *data;
> +
> +   data = (struct saved_data *)malloc(sizeof(*data));
> +   if (!data)
> +   return -1;
> +   memset(data, 0, sizeof(*data));
> +
> +   rec->data = data;
> +   rec->func_close = 
> +   rec->func_stats = 
> +   rec->func_lookup = _lookup;
>
> return init(rec, opts, nopts);
>  }
> diff --git a/libselinux/src/label_internal.h b/libselinux/src/label_internal.h
> index 7c55531..6a9481a 100644
> --- a/libselinux/src/label_internal.h
> +++ b/libselinux/src/label_internal.h
> @@ -39,6 +39,9 @@ int selabel_db_init(struct selabel_handle *rec,
>  int selabel_property_init(struct selabel_handle *rec,
> const struct selinux_opt *opts,
> unsigned nopts) hidden;
> +int selabel_service_init(struct selabel_handle *rec,
> +