RepoMirrors
/
selinux
mirror of https://github.com/SELinuxProject/selinux
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

libsepol: quote paths in CIL conversion 

When generating CIL policy from kernel or module policy quote paths,
which are allowed to contain spaces, in the statements `genfscon` and
`devicetreecon`.

Reported by LuK1337 while building policy for Android via IRC.

Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
This commit is contained in:
Christian Göttsche 2021-06-08 21:39:02 +02:00 committed by James Carter
parent ea02e0acfa
commit 644c5bbbc4
2 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
libsepol/src/kernel_to_cil.c
View File

@ -2654,7 +2654,7 @@ static int write_genfscon_rules_to_cil(FILE *out, struct policydb *pdb)
goto exit;
}
rc = strs_create_and_add(strs, "(genfscon %s %s %s)", 3,
rc = strs_create_and_add(strs, "(genfscon %s \"%s\" %s)", 3,
fstype, name, ctx);
free(ctx);
if (rc != 0) {
@ -3115,7 +3115,7 @@ static int write_xen_devicetree_rules_to_cil(FILE *out, struct policydb *pdb)
goto exit;
}
sepol_printf(out, "(devicetreecon %s %s)\n", name, ctx);
sepol_printf(out, "(devicetreecon \"%s\" %s)\n", name, ctx);
free(ctx);
}

2
libsepol/src/module_to_cil.c
View File

@ -2963,7 +2963,7 @@ static int genfscon_to_cil(struct policydb *pdb)
for (genfs = pdb->genfs; genfs != NULL; genfs = genfs->next) {
for (ocon = genfs->head; ocon != NULL; ocon = ocon->next) {
cil_printf("(genfscon %s %s ", genfs->fstype, ocon->u.name);
cil_printf("(genfscon %s \"%s\" ", genfs->fstype, ocon->u.name);
context_to_cil(pdb, &ocon->context[0]);
cil_printf(")\n");
}