RepoMirrors/selinux
1
0
Fork 0
mirror of https://github.com/SELinuxProject/selinux synced 2025-02-17 10:06:51 +00:00
Code Issues Packages Projects Releases Wiki Activity

checkpolicy/fuzz: scan Xen policies

Browse Source 
In addition to standard SELinux platform policies also check Xen ones.

Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
Acked-by: James Carter <jwcart2@gmail.com>
This commit is contained in:
Christian Göttsche 2024-03-11 15:57:06 +01:00 committed by James Carter
parent 6f7ddf2742
commit f3b67a84fa
1 changed files with 29 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

43
checkpolicy/fuzz/checkpolicy-fuzzer.c
View File

@ -147,15 +147,28 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
policydb_t *finalpolicydb;
sidtab_t sidtab = {};
FILE *devnull = NULL;
int mls, policyvers;
int mls, platform, policyvers;
sepol_debug(VERBOSE);
/* Take the first byte whether to parse as MLS policy
* and the second byte as policy version. */
if (size < 2)
/*
* Take the first byte whether to generate a SELinux or Xen policy,
* the second byte whether to parse as MLS policy,
* and the second byte as policy version.
*/
if (size < 3)
return 0;
switch (data[0]) {
case 'S':
platform = SEPOL_TARGET_SELINUX;
break;
case 'X':
platform = SEPOL_TARGET_XEN;
break;
default:
return 0;
}
switch (data[1]) {
case '0':
mls = 0;
break;
@ -166,11 +179,11 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
return 0;
}
static_assert(0x7F - 'A' >= POLICYDB_VERSION_MAX, "Max policy version should be representable");
policyvers = data[1] - 'A';
policyvers = data[2] - 'A';
if (policyvers < POLICYDB_VERSION_MIN || policyvers > POLICYDB_VERSION_MAX)
return 0;
data += 2;
size -= 2;
data += 3;
size -= 3;
if (policydb_init(&parsepolicydb))
goto exit;
@ -178,7 +191,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
parsepolicydb.policy_type = POLICY_BASE;
parsepolicydb.mls = mls;
parsepolicydb.handle_unknown = DENY_UNKNOWN;
policydb_set_target_platform(&parsepolicydb, SEPOL_TARGET_SELINUX);
policydb_set_target_platform(&parsepolicydb, platform);
if (read_source_policy(&parsepolicydb, data, size))
goto exit;
@ -198,15 +211,17 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
kernpolicydb.policyvers = policyvers;
assert(kernpolicydb.policy_type == POLICY_KERN);
assert(kernpolicydb.handle_unknown == SEPOL_DENY_UNKNOWN);
assert(kernpolicydb.mls == mls);
assert(kernpolicydb.policy_type == POLICY_KERN);
assert(kernpolicydb.handle_unknown == SEPOL_DENY_UNKNOWN);
assert(kernpolicydb.mls == mls);
assert(kernpolicydb.target_platform == platform);
finalpolicydb = &kernpolicydb;
} else {
assert(parsepolicydb.policy_type == POLICY_MOD);
assert(parsepolicydb.handle_unknown == SEPOL_DENY_UNKNOWN);
assert(parsepolicydb.mls == mls);
assert(parsepolicydb.policy_type == POLICY_MOD);
assert(parsepolicydb.handle_unknown == SEPOL_DENY_UNKNOWN);
assert(parsepolicydb.mls == mls);
assert(parsepolicydb.target_platform == platform);
finalpolicydb = &parsepolicydb;
}