mirror of
https://github.com/SELinuxProject/selinux
synced 2024-12-24 15:02:44 +00:00
secilc: Add a CIL policy file to test bounds checking.
Signed-off-by: James Carter <jwcart2@tycho.nsa.gov>
This commit is contained in:
parent
0e05890e3d
commit
ce5472845b
241
secilc/test/bounds.cil
Normal file
241
secilc/test/bounds.cil
Normal file
@ -0,0 +1,241 @@
|
||||
(class CLASS (PERM))
|
||||
(classorder (CLASS))
|
||||
(sid SID)
|
||||
(sidorder (SID))
|
||||
(user USER)
|
||||
(role ROLE)
|
||||
(type TYPE)
|
||||
(category CAT)
|
||||
(categoryorder (CAT))
|
||||
(sensitivity SENS)
|
||||
(sensitivityorder (SENS))
|
||||
(sensitivitycategory SENS (CAT))
|
||||
(allow TYPE self (CLASS (PERM)))
|
||||
(roletype ROLE TYPE)
|
||||
(userrole USER ROLE)
|
||||
(userlevel USER (SENS))
|
||||
(userrange USER ((SENS)(SENS (CAT))))
|
||||
(sidcontext SID (USER ROLE TYPE ((SENS)(SENS))))
|
||||
|
||||
(class c1 (p1a p1b p1c))
|
||||
(class c2 (p2a p2b p2c))
|
||||
(class c3 (p3a p3b p3c))
|
||||
|
||||
(classorder (CLASS c1 c2 c3))
|
||||
|
||||
(classpermission cp1)
|
||||
(classpermissionset cp1 (c1 (p1a p1b)))
|
||||
(classpermissionset cp1 (c2 (p2a)))
|
||||
|
||||
(classmap cm1 (mp1))
|
||||
(classmapping cm1 mp1
|
||||
(c1 (p1a)))
|
||||
|
||||
(boolean b_b1 false)
|
||||
(boolean b_b2 false)
|
||||
(boolean b_b3 false)
|
||||
|
||||
|
||||
(type b_ta)
|
||||
(type b_tb)
|
||||
(type b_tc)
|
||||
(type b_td)
|
||||
|
||||
|
||||
;; All of these rules should pass the bounds check
|
||||
(type b_t1)
|
||||
(type b_t1_c)
|
||||
(typebounds b_t1 b_t1_c)
|
||||
|
||||
(allow b_t1 self (CLASS (PERM)))
|
||||
(allow b_t1_c self (CLASS (PERM)))
|
||||
(allow b_t1 b_ta (CLASS (PERM)))
|
||||
(allow b_t1_c b_ta (CLASS (PERM)))
|
||||
(allow b_ta b_t1 (CLASS (PERM)))
|
||||
(allow b_ta b_t1_c (CLASS (PERM)))
|
||||
|
||||
(booleanif b_b1
|
||||
(false
|
||||
(allow b_t1 b_tb (CLASS (PERM)))
|
||||
(allow b_t1_c b_tb (CLASS (PERM)))
|
||||
(allow b_tb b_t1 (CLASS (PERM)))
|
||||
(allow b_tb b_t1_c (CLASS (PERM)))))
|
||||
|
||||
(allow b_t1 b_tc (CLASS (PERM)))
|
||||
(allow b_tc b_t1 (CLASS (PERM)))
|
||||
(booleanif b_b2
|
||||
(false
|
||||
(allow b_t1_c b_tc (CLASS (PERM)))
|
||||
(allow b_tc b_t1_c (CLASS (PERM)))))
|
||||
|
||||
(allow b_t1_c b_td (CLASS (PERM)))
|
||||
(allow b_td b_t1_c (CLASS (PERM)))
|
||||
(booleanif b_b3
|
||||
(true
|
||||
(allow b_t1 b_td (CLASS (PERM)))
|
||||
(allow b_td b_t1 (CLASS (PERM))))
|
||||
(false
|
||||
(allow b_t1 b_td (CLASS (PERM)))
|
||||
(allow b_td b_t1 (CLASS (PERM)))))
|
||||
|
||||
|
||||
;; All of these rules should pass the bounds check
|
||||
(type b_t2)
|
||||
(type b_t2_c)
|
||||
(typebounds b_t2 b_t2_c)
|
||||
(typeattribute b_a2)
|
||||
(typeattribute b_a2_c)
|
||||
(typeattributeset b_a2 b_t2)
|
||||
(typeattributeset b_a2_c b_t2_c)
|
||||
|
||||
(allow b_a2 self (CLASS (PERM)))
|
||||
(allow b_a2_c self (CLASS (PERM)))
|
||||
(allow b_a2 b_ta (CLASS (PERM)))
|
||||
(allow b_a2_c b_ta (CLASS (PERM)))
|
||||
(allow b_ta b_a2 (CLASS (PERM)))
|
||||
(allow b_ta b_a2_c (CLASS (PERM)))
|
||||
|
||||
(booleanif b_b1
|
||||
(false
|
||||
(allow b_a2 b_tb (CLASS (PERM)))
|
||||
(allow b_a2_c b_tb (CLASS (PERM)))
|
||||
(allow b_tb b_a2 (CLASS (PERM)))
|
||||
(allow b_tb b_a2_c (CLASS (PERM)))))
|
||||
|
||||
(allow b_a2 b_tc (CLASS (PERM)))
|
||||
(allow b_tc b_a2 (CLASS (PERM)))
|
||||
(booleanif b_b2
|
||||
(false
|
||||
(allow b_a2_c b_tc (CLASS (PERM)))
|
||||
(allow b_tc b_a2_c (CLASS (PERM)))))
|
||||
|
||||
(allow b_a2_c b_td (CLASS (PERM)))
|
||||
(allow b_td b_a2_c (CLASS (PERM)))
|
||||
(booleanif b_b3
|
||||
(true
|
||||
(allow b_a2 b_td (CLASS (PERM)))
|
||||
(allow b_td b_a2 (CLASS (PERM))))
|
||||
(false
|
||||
(allow b_a2 b_td (CLASS (PERM)))
|
||||
(allow b_td b_a2 (CLASS (PERM)))))
|
||||
|
||||
|
||||
;; All of these rules should fail the bounds check
|
||||
(type b_t3)
|
||||
(type b_t3_c)
|
||||
(typebounds b_t3 b_t3_c)
|
||||
|
||||
(allow b_t3 self (CLASS (PERM)))
|
||||
(allow b_t3_c self (c1 (p1a)))
|
||||
(allow b_t3 b_ta (CLASS (PERM)))
|
||||
(allow b_t3_c b_ta (c1 (p1a)))
|
||||
(allow b_ta b_t3 (CLASS (PERM)))
|
||||
(allow b_ta b_t3_c (c1 (p1a)))
|
||||
|
||||
(booleanif b_b1
|
||||
(false
|
||||
(allow b_t3_c b_tb (c1 (p1a)))
|
||||
(allow b_tb b_t3_c (c1 (p1a)))))
|
||||
|
||||
(booleanif b_b2
|
||||
(true
|
||||
(allow b_t3_c b_tc (c1 (p1a)))
|
||||
(allow b_tc b_t3_c (c1 (p1a))))
|
||||
(false
|
||||
(allow b_t3 b_tc (c1 (p1a)))
|
||||
(allow b_tc b_t3 (c1 (p1a)))))
|
||||
|
||||
(allow b_t3_c b_td (c1 (p1a)))
|
||||
(allow b_td b_t3_c (c1 (p1a)))
|
||||
(booleanif b_b3
|
||||
(false
|
||||
(allow b_t3 b_td (c1 (p1a)))
|
||||
(allow b_td b_t3 (c1 (p1a)))))
|
||||
|
||||
|
||||
;; All of these rules should fail the bounds check
|
||||
(type b_t4)
|
||||
(type b_t4_c)
|
||||
(typebounds b_t4 b_t4_c)
|
||||
(typeattribute b_a4)
|
||||
(typeattribute b_a4_c)
|
||||
(typeattributeset b_a4 b_t4)
|
||||
(typeattributeset b_a4_c b_t4_c)
|
||||
|
||||
(allow b_a4 self (CLASS (PERM)))
|
||||
(allow b_a4_c self (c1 (p1a)))
|
||||
(allow b_a4 b_ta (CLASS (PERM)))
|
||||
(allow b_a4_c b_ta (c1 (p1a)))
|
||||
(allow b_ta b_a4 (CLASS (PERM)))
|
||||
(allow b_ta b_a4_c (c1 (p1a)))
|
||||
|
||||
(booleanif b_b1
|
||||
(false
|
||||
(allow b_a4_c b_tb (c1 (p1a)))
|
||||
(allow b_tb b_a4_c (c1 (p1a)))))
|
||||
|
||||
(booleanif b_b2
|
||||
(true
|
||||
(allow b_a4_c b_tc (c1 (p1a)))
|
||||
(allow b_tc b_a4_c (c1 (p1a))))
|
||||
(false
|
||||
(allow b_a4 b_tc (c1 (p1a)))
|
||||
(allow b_tc b_a4 (c1 (p1a)))))
|
||||
|
||||
(allow b_a4_c b_td (c1 (p1a)))
|
||||
(allow b_td b_a4_c (c1 (p1a)))
|
||||
(booleanif b_b3
|
||||
(false
|
||||
(allow b_a4 b_td (c1 (p1a)))
|
||||
(allow b_td b_a4 (c1 (p1a)))))
|
||||
|
||||
|
||||
;; Marked rules should fail, all others should pass
|
||||
(type b_t5)
|
||||
(type b_t5_c)
|
||||
(typebounds b_t5 b_t5_c)
|
||||
|
||||
(allow b_t5 b_ta cp1)
|
||||
(allow b_t5_c b_ta (c1 (p1a)))
|
||||
(allow b_t5_c b_ta (c2 (p2a)))
|
||||
(allow b_t5_c b_ta (c2 (p2b))) ;; Fail
|
||||
(allow b_t5_c b_ta (c3 (p3a))) ;; Fail
|
||||
|
||||
(allow b_t5 b_tb (c1 (p1a p1b)))
|
||||
(allow b_t5 b_tb (c2 (p2a)))
|
||||
(allow b_t5_c b_tb cp1)
|
||||
|
||||
(allow b_t5 b_tc (cm1 (mp1)))
|
||||
(allow b_t5_c b_tc (c1 (p1a)))
|
||||
(allow b_t5_c b_tc (c1 (p1b))) ;; Fail
|
||||
(allow b_t5_c b_tc (c2 (p2a))) ;; Fail
|
||||
|
||||
(allow b_t5 b_tc (c1 (p1a)))
|
||||
(allow b_t5_c b_tc (cm1 (mp1)))
|
||||
|
||||
|
||||
;; Marked rules should fail, all others should pass
|
||||
(type b_t6a)
|
||||
(type b_t6a_c)
|
||||
(type b_t6b)
|
||||
(type b_t6b_c)
|
||||
(typebounds b_t6a b_t6a_c)
|
||||
(typebounds b_t6b b_t6b_c)
|
||||
|
||||
(allow b_t6a b_t6b (CLASS (PERM)))
|
||||
(allow b_t6a_c b_t6b_c (CLASS (PERM)))
|
||||
|
||||
;; Needs: (allow b_t6a b_t6b (c1 (p1a)))
|
||||
(allow b_t6a_c b_t6b (c1 (p1a))) ;; Fail
|
||||
(allow b_t6a_c b_t6b_c (c1 (p1a))) ;; Fail
|
||||
|
||||
;; Needs: (allow b_t6a b_t6b (c2 (p2a)))
|
||||
(allow b_t6a b_t6b_c (c2 (p2a))) ;; Fail
|
||||
(allow b_t6a_c b_t6b (c2 (p2a))) ;; Fail
|
||||
(allow b_t6a_c b_t6b_c (c2 (p2a)))
|
||||
|
||||
;; Needs: (allow b_t6a b_t6b (c3 (p3c)))
|
||||
(allow b_t6a b_t6b (c3 (p3a p3b)))
|
||||
(allow b_t6a b_t6b_c (c3 (p3b p3c))) ;; Fail
|
||||
(allow b_t6a_c b_t6b (c3 (p3a p3c))) ;; Fail
|
||||
(allow b_t6a_c b_t6b_c (c3 (p3a p3b p3c))) ;; Fail
|
Loading…
Reference in New Issue
Block a user