Re: CIL: should this work?

2018-01-31 Thread Dominick Grift 
On Wed, Jan 31, 2018 at 09:56:56PM +0100, Dominick Grift wrote:
> I have a template (blockabstract): foo.bar.template
> 
> in another module i want to inherit that like this:
> 
> (in foo
> (block baz
> (blockinherit bar.template)))
> 
> This does not seem to work fully.

nvm i think my template is faulty

> 
> -- 
> Key fingerprint = 5F4D 3CDB D3F8 3652 FBD8  02D5 3B6C 5F1D 2C7B 6B02
> https://sks-keyservers.net/pks/lookup?op=get=0x3B6C5F1D2C7B6B02
> Dominick Grift



-- 
Key fingerprint = 5F4D 3CDB D3F8 3652 FBD8  02D5 3B6C 5F1D 2C7B 6B02
https://sks-keyservers.net/pks/lookup?op=get=0x3B6C5F1D2C7B6B02
Dominick Grift


signature.asc
Description: PGP signature

CIL: should this work?

2018-01-31 Thread Dominick Grift 
I have a template (blockabstract): foo.bar.template

in another module i want to inherit that like this:

(in foo
(block baz
(blockinherit bar.template)))

This does not seem to work fully.

-- 
Key fingerprint = 5F4D 3CDB D3F8 3652 FBD8  02D5 3B6C 5F1D 2C7B 6B02
https://sks-keyservers.net/pks/lookup?op=get=0x3B6C5F1D2C7B6B02
Dominick Grift


signature.asc
Description: PGP signature

Re: [PATCH] general protection fault in sock_has_perm

2018-01-31 Thread Paul Moore 
On Tue, Jan 30, 2018 at 5:46 PM, Greg KH  wrote:
> On Tue, Jan 30, 2018 at 11:00:04AM -0800, Mark Salyzyn wrote:
>> On 01/19/2018 09:41 AM, Stephen Smalley wrote:
>> > If we can't safely dereference the sock in these hooks, then that seems
>> > to point back to the approach used in my original code, where in
>> > ancient history I had sock_has_perm() take the socket and use its inode
>> > i_security field instead of the sock.  commit
>> > 253bfae6e0ad97554799affa0266052968a45808 switched them to use the sock
>> > instead.
>>
>> Because of the nature of this problem (hard to duplicate, no clear path), I
>> am understandably not comfortable reverting and submitting for testing in
>> order to prove this point. It is disruptive because it changes several
>> subroutine call signatures.
>>
>> AFAIK this looks like a user request racing in without reference counting or
>> RCU grace period in the callers (could be viewed as not an issue with
>> security code). Effectively fixed in 4.9-stable, but broken in 4.4-stable.
>>
>> hygiene, KISS and small, is all I do feel comfortable to submit to
>> 4.4-stable without pulling in all the infrastructure improvements.
>>
>> -- Mark
>>
>> ---
>>  security/selinux/hooks.c | 2 ++
>>  1 file changed, 2 insertions(+)
>>
>> diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
>> index 34427384605d..be68992a28cb 100644
>> --- a/security/selinux/hooks.c
>> +++ b/security/selinux/hooks.c
>> @@ -4066,6 +4066,8 @@ static int sock_has_perm(struct task_struct *task,
>> struct sock *sk, u32 perms)
>>  struct lsm_network_audit net = {0,};
>>  u32 tsid = task_sid(task);
>>
>> +if (!sksec)
>> +return -EFAULT;
>>  if (sksec->sid == SECINITSID_KERNEL)
>>  return 0;
>>
>
> This looks sane to me as a simple 4.4-only fix.  If the SELinux
> maintainer acks it, I can easily queue this up.

This revision addresses my concerns with Mark's previous patch.

Acked-by: Paul Moore 

-- 
paul moore
www.paul-moore.com

Re: [PATCH v4 01/15] libsepol: build: follow standard semantics for DESTDIR and PREFIX

2018-01-31 Thread Marcus Folkesson 
On Wed, Jan 24, 2018 at 10:29:07PM +0100, Nicolas Iooss wrote:
> On Wed, Jan 24, 2018 at 10:27 AM, Marcus Folkesson
>  wrote:
> > This patch solves the following issues:
> > - The pkg-config files generates odd paths when using DESTDIR without PREFIX
> > - DESTDIR is needed during compile time to compute library and header paths 
> > which it should not.
> > - Installing with both DESTDIR and PREFIX set gives us odd paths
> > - Make usage of DESTDIR and PREFIX more standard
> >
> > Signed-off-by: Marcus Folkesson 
> > ---
> >  README  | 2 +-
> >  libsepol/include/Makefile   | 4 ++--
> >  libsepol/man/Makefile   | 5 +++--
> >  libsepol/src/Makefile   | 7 +++
> >  libsepol/src/libsepol.pc.in | 2 +-
> >  libsepol/utils/Makefile | 4 ++--
> >  6 files changed, 12 insertions(+), 12 deletions(-)
> >
> > diff --git a/README b/README
> > index 7fc7b17b..174551a1 100644
> > --- a/README
> > +++ b/README
> > @@ -19,6 +19,6 @@ lacks library functions or other dependencies relied upon 
> > by your
> >  distribution.  If it breaks, you get to keep both pieces.
> >
> >  To install libsepol on macOS (mainly for policy analysis):
> > -cd libsepol; make DESTDIR=/usr/local PREFIX=/usr/local install
> > +cd libsepol; make PREFIX=/usr/local install
> >
> >  This requires GNU coreutils (brew install coreutils).
> > diff --git a/libsepol/include/Makefile b/libsepol/include/Makefile
> > index 56b7a114..ad5c34a4 100644
> > --- a/libsepol/include/Makefile
> > +++ b/libsepol/include/Makefile
> > @@ -1,6 +1,6 @@
> >  # Installation directories.
> > -PREFIX ?= $(DESTDIR)/usr
> > -INCDIR ?= $(PREFIX)/include/sepol
> > +PREFIX ?= /usr
> > +INCDIR = $(DESTDIR)$(PREFIX)/include/sepol
> >  CILDIR ?= ../cil
> >
> >  all:
> > diff --git a/libsepol/man/Makefile b/libsepol/man/Makefile
> > index 11924334..4f3d9fa2 100644
> > --- a/libsepol/man/Makefile
> > +++ b/libsepol/man/Makefile
> > @@ -1,6 +1,7 @@
> >  # Installation directories.
> > -MAN8DIR ?= $(DESTDIR)/usr/share/man/man8
> > -MAN3DIR ?= $(DESTDIR)/usr/share/man/man3
> > +PREFIX ?= /usr
> > +MAN8DIR ?= $(DESTDIR)$(PREFIX)/share/man/man8
> > +MAN3DIR ?= $(DESTDIR)$(PREFIX)/share/man/man3
> >
> >  all:
> >
> > diff --git a/libsepol/src/Makefile b/libsepol/src/Makefile
> > index 819d261b..d158398f 100644
> > --- a/libsepol/src/Makefile
> > +++ b/libsepol/src/Makefile
> > @@ -1,10 +1,9 @@
> >  # Installation directories.
> > -PREFIX ?= $(DESTDIR)/usr
> > +PREFIX ?= /usr
> >  INCLUDEDIR ?= $(PREFIX)/include
> > -LIBDIR ?= $(PREFIX)/lib
> > +LIBDIR ?= $(DESTDIR)$(PREFIX)/lib
> >  SHLIBDIR ?= $(DESTDIR)/lib
> >  RANLIB ?= ranlib
> > -LIBBASE ?= $(shell basename $(LIBDIR))
> >  CILDIR ?= ../cil
> >
> >  VERSION = $(shell cat ../VERSION)
> > @@ -52,7 +51,7 @@ $(LIBSO): $(LOBJS) $(LIBMAP)
> > ln -sf $@ $(TARGET)
> >
> >  $(LIBPC): $(LIBPC).in ../VERSION
> > -   sed -e 's/@VERSION@/$(VERSION)/; s:@prefix@:$(PREFIX):; 
> > s:@libdir@:$(LIBBASE):; s:@includedir@:$(INCLUDEDIR):' < $< > $@
> > +   sed -e 's/@VERSION@/$(VERSION)/; s:@prefix@:$(PREFIX):; 
> > s:@libdir@:$(LIBDIR):; s:@includedir@:$(INCLUDEDIR):' < $< > $@
> >
> >  $(LIBMAP): $(LIBMAP).in
> >  ifneq ($(DISABLE_CIL),y)
> > diff --git a/libsepol/src/libsepol.pc.in b/libsepol/src/libsepol.pc.in
> > index e52f5892..f807fec6 100644
> > --- a/libsepol/src/libsepol.pc.in
> > +++ b/libsepol/src/libsepol.pc.in
> > @@ -1,6 +1,6 @@
> >  prefix=@prefix@
> >  exec_prefix=${prefix}
> > -libdir=${exec_prefix}/@libdir@
> > +libdir=@libdir@
> >  includedir=@includedir@
> >
> >  Name: libsepol
> 
> So this patch results in producing libsepol.pc with the value of
> $(DESTDIR) in libdir (because "s:@libdir@:$(LIBDIR):" in the sed
> command, and "LIBDIR ?= $(DESTDIR)$(PREFIX)/lib" in the Makefile). Is
> this intended? I supposed the point of these patches was to craft
> pkg-config files without references to $(DESTDIR), like the first
> version of this patch did. What did I miss?
> 

This is a regression between v2 and v3 I think.
Maybe we should remove DESTDIR from all variables and only use it in the
install target.

e.g.
SHLIBDIR ?= /lib
...
install:
install -m 755 $(LIBSO) $(DESTDIR)$(SHLIBDIR)


> Best,
> Nicolas
> 


signature.asc
Description: PGP signature