Re: [PATCH 5/5] libselinux: remove unused variable usercon

On 04/16/2018 11:30 AM, William Roberts wrote: On Mon, Apr 16, 2018 at 5:34 AM, Stephen Smalley wrote: On 04/13/2018 08:40 PM, William Roberts wrote: In general this series looks fine. However, checkpatch.pl is complaining about DOS line endings in your patches: For

Re: CIL namespaces and blockinheritfilter keyword.

On 04/09/2018 08:07 AM, Dominick Grift wrote: On Mon, Apr 09, 2018 at 01:41:12PM +0200, Lukas Vrabec wrote: On 04/09/2018 10:41 AM, Dominick Grift wrote: On Mon, Apr 09, 2018 at 09:55:23AM +0200, Dominick Grift wrote: On Sun, Apr 08, 2018 at 11:00:53PM +0200, Lukas Vrabec wrote: Hi All, I'm

ANN: SELinux Policy Tools - selpoltools

The selpoltools are a collection of policy tools for SELinux. It works on Refpolicy-based policies or a collection of policy files. Right now the only useful tool is spt_lint.lua. You can find selpoltools at: https://github.com/jwcart2/selpoltools See README.md for the very simple build

Re: Re: [PATCH 1/1] libsepol/cil: Improve processing of context rules

On 03/30/2018 01:33 PM, Jeffrey Vander Stoep wrote: On Thu, Mar 29, 2018 at 1:06 PM, James Carter wrote: Improve the processing of netifcon, genfscon, ibpkeycon, ibendportcon, portcon, nodecon, fsuse, filecon, iomemcon, ioportcon, pcidevicecon, and devicetreecon rules.

Re: [PATCH 1/1] libsepol/cil: Improve processing of context rules

Pierre-Hugues Husson, I've tested and everything seems to work as I expect it, but does this meet your needs? Jim On 03/29/2018 04:06 PM, James Carter wrote: Improve the processing of netifcon, genfscon, ibpkeycon, ibendportcon, portcon, nodecon, fsuse, filecon, iomemcon, ioportcon,

Re: [PATCH v2 1/1] Detect identical genfscon

On 03/22/2018 07:04 PM, Pierre-Hugues Husson wrote: From: Pierre-Hugues Husson Currently secilc doesn't deal with duplicate genfscon rules This commit fixes this, and implements multiple_decls behaviour. To reduce the code changes, the compare function returns in its LSB

Re: [PATCH 0/1] Support multiple identical genfscon

On 03/19/2018 02:47 PM, Pierre-Hugues Husson wrote: secilc has a multiple_decls option to allow for multiple type declarations. The next step is to allow multiple samples of the same rules. This commit does this on genfscon One usecase is Android/Project Treble: With Project Treble, vendor

Re: Re: [PATCH] libsepol: Prevent freeing unitialized value in ibendport handling

On 03/08/2018 04:34 PM, Nicolas Iooss wrote: On Wed, Mar 7, 2018 at 4:05 PM, James Carter wrote: Nicolas Iooss reports: In sepol_ibendport_key_create(), if sepol_ibendport_alloc_ibdev_name() fails to allocate tmp_key->ibdev_name, sepol_ibendport_key_free() is called to

Re: [PATCH] selinux: Add support for the SCTP portcon keyword

On 03/15/2018 01:09 PM, jwcart2 wrote: On 03/11/2018 12:22 PM, Richard Haines via Selinux wrote: Update libsepol, checkpolicy and the CIL compiler to support the SCTP portcon keyword. Signed-off-by: Richard Haines <richard_c_hai...@btinternet.com> Acked-by: James Carter

Re: [PATCH v2] Resolve conflicts in expandattribute.

On 03/16/2018 11:23 AM, William Roberts wrote: On Thu, Mar 15, 2018 at 8:16 PM, Tri Vo wrote: This commit resolves conflicts in values of expandattribute statements in policy language and expandtypeattribute in CIL. For example, these statements resolve to false in policy

Re: [PATCH] selinux: Add support for the SCTP portcon keyword

On 03/11/2018 12:22 PM, Richard Haines via Selinux wrote: Update libsepol, checkpolicy and the CIL compiler to support the SCTP portcon keyword. Signed-off-by: Richard Haines Acked-by: James Carter --- checkpolicy/checkpolicy.c

Re: [PATCH 1/3] libsepol: initialize tmp_key->ibdev_name if its allocation failed

On 03/05/2018 05:58 PM, Nicolas Iooss wrote: In sepol_ibendport_key_create(), if sepol_ibendport_alloc_ibdev_name() fails to allocate tmp_key->ibdev_name, sepol_ibendport_key_free() is called to free the memory associated with tmp_key, which results in free() being called on uninitialized

Re: [PATCH 2/3] libsepol: cil: show an error when cil_expr_to_string() fails

On 03/05/2018 05:58 PM, Nicolas Iooss wrote: cil_tree_print_expr() calls cil_expr_to_string() in order to compute a string expression into expr_str. If this function fails, expr_str is left unitialized but its value is dereferenced with: cil_log(CIL_INFO, "%s)", expr_str); Prevent such an

Re: I am being asked does SELinux provide any protection on Meltdown/Spectre.

On 01/09/2018 12:32 PM, Daniel Walsh wrote: Or SECCOMP for that matter.  From my limited reading, I have not seen what an application needs to access to trigger this vulnerabiltiy.  Is this just using standard SYSCALLS, that we could not block without breaking the applications? Anyone have

Re: [PATCH] libsepol: cil: only overwrite cil_typeattribute used when false.

On 11/14/2017 07:44 PM, Daniel Cashman wrote: From: Dan Cashman When using cil_db multiple_decls, the different cil_attribute nodes all point to the same underlying cil_attribute struct. This leads to problems, though, when modifying the used value in the struct.

Re: [PATCH 1/6] libsepol: use IN6ADDR_ANY_INIT to initialize IPv6 addresses

On 09/03/2017 08:19 AM, Nicolas Iooss wrote: When compiling libsepol with clang and some warning flags, the compiler complains about the way IPv6 addresses are initialized: kernel_to_cil.c:2795:35: error: suggest braces around initialization of subobject [-Werror,-Wmissing-braces]

Re: [PATCH] libsepol/cil: Keep attributes used by generated attributes in neverallow rules

On 08/30/2017 03:38 PM, James Carter wrote: In order to reduce policy size, CIL removes attributes that are not used by a policy rule in the generated binary policy. However, CIL keeps attributes used by neverallow rules (which are checked at compile time and not in the binary policy) even if

Re: [PATCH v2] libsepol: cil: Add ability to redeclare types[attributes]

On 08/29/2017 12:32 PM, Daniel Cashman wrote: From: Dan Cashman Modify cil_gen_node() to check to see if the cil_db supports multiple declarations, and if so, to check whether or not the repeated symbol is eligible to share the existing, already-stored datum. The only

Re: [PATCH] libsepol: reset pointer after free

On 08/25/2017 05:46 AM, Jan Zarsky wrote: In cil_strpool_destroy(), cil_strpool_tab is freed but it is not reset to NULL. When cil_strpool_init() is called again it assumes that cil_strpool_tab was already initialized. Other functions then work with invalid data. Signed-off-by: Jan Zarsky

Re: [PATCH 0/1] RFC: Allow for multiple cil declarations.

On 08/17/2017 02:04 PM, Daniel Cashman wrote: From: Dan Cashman In Android O, the SELinux policy was split from a monolithic policy created at build-time for each device into two main components, one on /system and one on /vendor, which get combined at boot. This

Re: [PATCH 1/1] libsepol: cil: Add ability to redeclare types[attributes]

On 08/17/2017 02:04 PM, Daniel Cashman wrote: From: Dan Cashman Signed-off-by: Dan Cashman Change-Id: I5a72f2e6c339baee8ebc07e3e9176296320e2c80 --- libsepol/cil/include/cil/cil.h | 1 + libsepol/cil/src/cil.c | 5 +

Re: [PATCH] libsepol: cil: enable cpp compilation of cil.h.

On 07/26/2017 11:04 AM, Daniel Cashman wrote: From: Dan Cashman Signed-off-by: Daniel Cashman Applied. Thanks, Jim --- libsepol/cil/include/cil/cil.h | 7 +++ 1 file changed, 7 insertions(+) diff --git a/libsepol/cil/include/cil/cil.h

Re: [PATCH v2] libsepol/cil: Fix bugs when writing policy.conf rules

On 06/14/2017 02:23 PM, James Carter wrote: The typebounds rules should end with a ";". The netifcon and nodecon rules should not end with a ";". The default rules are missing a "_". They should be "default_user", "default_role" and "default_type". Signed-off-by: James Carter

Re: [PATCH] libsepol/cil: Fix bugs when writing policy.conf rules

On 06/14/2017 01:56 PM, Dominick Grift wrote: On Wed, Jun 14, 2017 at 01:39:07PM -0400, James Carter wrote: The typebounds rules should end with a ";". The netifcon and nodecon rules should not end with a ";". The default rules are missing a "_". They should be "default_usr", "default_role"

Re: [PATCH] secilc: Update test policy and documentation for Infiniband

On 06/12/2017 04:31 AM, Richard Haines wrote: CIL updates to support the InfiniBand development. Signed-off-by: Richard Haines I was just thinking about doing this myself. Applied. Thanks, Jim --- secilc/docs/Makefile | 1 +

Re: [PATCH] libsepol/cil: ibendportcon fails to resolve in CIL policy

On 06/12/2017 04:31 AM, Richard Haines wrote: Fix named ibendportcon context not resolving correctly. Signed-off-by: Richard Haines Applied. Thanks, Jim --- libsepol/cil/src/cil_build_ast.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff

Re: [PATCH v2] libsepol: Expand attributes with TYPE_FLAGS_EXPAND_ATTR_TRUE set

On 05/10/2017 04:25 PM, James Carter wrote: Commit 1089665e31a647a5f0ba2eabe8ac6232b384bed9 (Add attribute expansion options) adds an expandattribute rule to the policy.conf language which sets a type_datum flag. Currently the flag is used only when writing out CIL policy from a policy.conf.

Re: [PATCH] libsepol/cil: fix error check in new cil_resolve_name

On 06/02/2017 07:21 AM, Steve Lawrence wrote: This prevented cil_resolve_name() from returning an actual thing when a name resolved to an alias. This appears to have only affected resolution dealing with sensitivity and category aliases. Type aliases were not affected since places that dealt

Re: [PATCH 1/3] libsepol,libsemanage,libselinux: Fix fallthrough warnings from gcc 7

On 05/31/2017 04:14 PM, Stephen Smalley wrote: https://developers.redhat.com/blog/2017/03/10/wimplicit-fallthrough-in-gcc-7/ Fixes the following warnings by annotating with a /* FALLTHRU */ comment. Unfortunately, the __attribute__ ((fallthrough)); approach does not appear to work with older

Re: [PATCH 1/2] libsepol: Clean up scope handling

On 05/30/2017 03:13 PM, James Carter wrote: Currently, when checking if an identifier is enabled, each scope in the decl_ids list is checked. This means that if any block that requires the identifier is enabled, then the identifier will be treated as being declared. Now, declarations will be

Re: [PATCH 1/2] libsepol: do not use handle when it is marked unused

On 05/31/2017 04:06 PM, Nicolas Iooss wrote: Assigning NULL to handle does not perform anything useful and clang complains about this: ibendports.c:122:2: error: 'handle' was marked unused but was used [-Werror,-Wused-but-marked-unused] handle = NULL; ^

Re: [PATCH 2/2] libsepol: do not mark db as unused when it is used

On 05/31/2017 04:06 PM, Nicolas Iooss wrote: --- libsepol/cil/src/cil_build_ast.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/libsepol/cil/src/cil_build_ast.c b/libsepol/cil/src/cil_build_ast.c index 0a9a5e57491a..7fcee61042c5 100644 ---

Re: [PATCH 1/1] libsepol/cil: fix aliasactual resolution errors

On 05/30/2017 12:32 PM, Steve Lawrence wrote: - Set rc to SEPOL_ERR if the alias part of an aliasactual statement does not resolve to the correct alias flavor (e.g. typealias, senalias, catalias) - Add an error check if the actual part of an aliasactual statement does not resolve to the