Commit Graph

208 Commits

Author SHA1 Message Date
bowgotsai
9bd073afc6 Remove Android.mk files and only keep them in Android tree
The corresponding repository in Android tree:
  https://android.googlesource.com/platform/external/selinux/
2016-09-30 08:32:55 -04:00
Stephen Smalley
542b528703 Updated checkpolicy and libsepol ChangeLogs
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2016-09-06 11:14:09 -04:00
Nicolas Iooss
112f86d489 checkpolicy: add types associated to a role in the current scope when parsing
This fixes most of the errors reported in "make -C libsepol test":

    ./libsepol-tests
         CUnit - A unit testing framework for C - Version 2.1-3
         http://cunit.sourceforge.net/
    Suite: cond
      Test: cond_expr_equal ...passed
    Suite: linker
      Test: linker_indexes ...passed
      Test: linker_types ...passed
      Test: linker_roles ...
    role o1_b_role_1 has 0 types, 1 expected
    role o1_b_role_1 has 0 types, 1 expected
    role o1_m1_role_1 has 0 types, 1 expected
    sym g_b_role_2 has 1 decls, 2 expected
    Role o1_b_role_2 had type o1_b_type_1 not in types array
    role o1_b_role_2 has 0 types, 1 expected
    Role g_b_role_4 had type g_m1_type_2 not in types array
    role g_b_role_4 has 0 types, 1 expected
    role o3_b_role_1 has 0 types, 1 expected
    role o3_b_role_1 has 0 types, 1 expected
    role o4_b_role_1 has 0 types, 1 expected
    Role o4_b_role_1 had type g_m1_type_1 not in types array

    FAILED
        1. test-common.c:216  - found == len
        2. test-common.c:216  - found == len
        3. test-common.c:216  - found == len
        4. test-common.c:43  - scope->decl_ids_len == len
        5. test-common.c:52  - found == 1
        6. test-common.c:213  - new == 1
        7. test-common.c:216  - found == len
        8. test-common.c:213  - new == 1
        9. test-common.c:216  - found == len
        10. test-common.c:216  - found == len
        11. test-common.c:216  - found == len
        12. test-common.c:216  - found == len
        13. test-common.c:213  - new == 1
      Test: linker_cond ...passed
    Suite: expander
      Test: expander_indexes ...passed
      Test: expander_attr_mapping ...passed
      Test: expander_role_mapping ...passed
      Test: expander_user_mapping ...passed
      Test: expander_alias ...passed
    Suite: deps
      Test: deps_modreq_global ...passed
      Test: deps_modreq_opt ...passed
    Suite: downgrade
      Test: downgrade ...passed

    Run Summary:    Type  Total    Ran Passed Failed Inactive
                  suites      5      5    n/a      0        0
                   tests     13     13     12      1        0
                 asserts   1269   1269   1256     13      n/a

Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
2016-09-06 10:49:56 -04:00
Stephen Smalley
4a3fbdae6e Updated checkpolicy ChangeLog.
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2016-07-25 13:54:10 -04:00
Stephen Smalley
2c1979f0a6 Extend checkpolicy pathname matching.
checkpolicy currently imposes arbitrary limits on pathnames used
in genfscon and other statements.  This prevents specifying certain
paths in /proc such as those containing comma (,) characters.

Generalize the PATH, QPATH, and FILENAME patterns to support most
legal pathnames.

For simplicity, we do not support pathnames containing newlines or
quotes.

Reported-by: Inamdar Sharif <isharif@nvidia.com>
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2016-07-14 11:41:28 -04:00
Stephen Smalley
ff65937851 Updated checkpolicy ChangeLog.
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2016-06-23 12:52:58 -04:00
Petr Lautrbach
286df12fd9 checkpolicy: Fix typos in test/dispol
Reported-By: Milos Malik <mmalik@redhat.com>
Signed-off-by: Petr Lautrbach <plautrba@redhat.com>
2016-06-23 12:52:36 -04:00
Stephen Smalley
3749315847 Updated ChangeLogs.
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2016-05-19 14:22:55 -04:00
Julien Pivotto
e9603092fb checkpolicy: set flex as default lexer
This makes the checkpolicy Makefile consistent with the Makefile present
in libsemanage and libsepol.
2016-05-19 14:16:04 -04:00
Stephen Smalley
44e92a6959 Updated ChangeLogs.
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2016-05-16 16:44:05 -04:00
Petr Lautrbach
b5f9debdb2 checkpolicy: Fix checkmodule output message
Originally checkmodule stated that it wrote to the input file instead of
to the output file.

Reported-By: Milos Malik <mmalik@redhat.com>
Signed-off-by: Petr Lautrbach <plautrba@redhat.com>
2016-05-16 16:33:29 -04:00
Stephen Smalley
bedef7d124 libsepol,checkpolicy,secilc: Replace #ifdef DARWIN with __APPLE__.
As per discussion in https://android-review.googlesource.com/#/c/221980,
we should be using #ifdef __APPLE__ rather than our own custom-defined
DARWIN for building on MacOS X.

Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2016-05-03 11:54:20 -04:00
Stephen Smalley
c9ada3e470 Updated checkpolicy and libsepol ChangeLogs.
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2016-04-25 15:34:06 -04:00
Richard Haines
aac9360581 selinux: Build policy on systems not supporting DCCP protocol
Commit 3895fbbe0c ("selinux: Add support
for portcon dccp protocol") added support for the (portcon dccp ..)
statement. This fix will allow policy to be built on platforms
(see [1]) that do not have DCCP support by defining the IANA
assigned IP Protocol Number 33 to IPPROTO_DCCP.

[1] https://android-review.googlesource.com/#/c/219568/

Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
2016-04-25 15:31:45 -04:00
James Carter
8b3d0ed43c Updated checkpolicy and policycoreutils ChangeLogs.
Signed-off-by: James Carter <jwcart2@tycho.nsa.gov>
2016-04-12 10:44:29 -04:00
James Carter
c6acfae4bc checkpolicy: Fail if module name different than output base filename
Since CIL treats files as modules and does not have a separate
module statement it can cause confusion when a Refpolicy module
has a name that is different than its base filename because older
SELinux userspaces will refer to the module by its module name while
a CIL-based userspace will refer to it by its filename.

Because of this, have checkmodule fail when compiling a module and
the output base filename is different than the module name.

Signed-off-by: James Carter <jwcart2@tycho.nsa.gov>
2016-04-12 10:41:11 -04:00
James Carter
a421da29eb Updated checkpolicy, libselinux, and secilc ChangeLogs.
Signed-off-by: James Carter <jwcart2@tycho.nsa.gov>
2016-04-06 11:24:56 -04:00
Richard Haines
3895fbbe0c selinux: Add support for portcon dccp protocol
This adds CIL and checkpolicy support for the (portcon dccp ...)
statement. The kernel already handles name_bind and name_connect
permissions for the dccp_socket class.

Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
Signed-off-by: James Carter <jwcart2@tycho.nsa.gov>
2016-04-06 10:14:27 -04:00
Steve Lawrence
2b69984b0c Update ChangeLog and VERSION for final release
Signed-off-by: Steve Lawrence <slawrence@tresys.com>
2016-02-23 11:31:41 -05:00
Steve Lawrence
b3b5ede9ca Update ChangeLog and VERSION for release candidate
Signed-off-by: Steve Lawrence <slawrence@tresys.com>
2016-01-07 10:01:31 -05:00
Stephen Smalley
59550c077c Updated libsepol and checkpolicy ChangeLogs.
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2015-09-22 10:54:10 -04:00
Jeff Vander Stoep
99fc177b5a Add neverallow support for ioctl extended permissions
Neverallow rules for ioctl extended permissions will pass in two
cases:
1. If extended permissions exist for the source-target-class set
   the test will pass if the neverallow values are excluded.
2. If extended permissions do not exist for the source-target-class
   set the test will pass if the ioctl permission is not granted.

Signed-off-by: Jeff Vander Stoep <jeffv@google.com>
Acked-by:  Nick Kralevich <nnk@google.com>
Acked-by:  Stephen Smalley <sds@tycho.nsa.gov>
2015-09-22 10:52:47 -04:00
Stephen Smalley
5b73ba0f84 Updated checkpolicy ChangeLog.
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2015-07-31 09:04:52 -04:00
Stephen Smalley
a3691b87be checkpolicy: fix double free on name-based type transitions
checkpolicy was directly assigning type sets rather than using
type_set_cpy() and therefore creating pointer aliases to the
same type set from multiple filename-based type transition rules
if they specified multiple classes.  This would then yield a double
free when destroying the rules afterward and a segmentation fault.
Fix it to use type_set_cpy().

Reported-by: William C Roberts <william.c.roberts@intel.com>
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2015-07-31 08:57:32 -04:00
Stephen Smalley
8282ec48d2 Update checkpolicy and libsepol ChangeLogs.
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2015-06-15 09:23:20 -04:00
Jeff Vander Stoep
915fa8f08f checkpolicy: switch operations to extended perms
The ioctl operations code is being renamed to the more generic
"extended permissions." This commit brings the policy compiler
up to date with the kernel patch.

Signed-off-by: Jeff Vander Stoep <jeffv@google.com>
2015-06-15 09:21:20 -04:00
Stephen Smalley
1af0ed6f13 Update checkpolicy and secilc ChangeLogs.
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2015-06-15 09:17:16 -04:00
Nick Kralevich
de0a3bd18d policy_define.c: fix compiler warnings
Fixes compiler warnings all similar to the following:

host C: checkpolicy <= external/selinux/checkpolicy/policy_define.c
external/selinux/checkpolicy/policy_define.c:1572:2: warning: comparison of integers of different signs: 'int' and 'uint32_t' (aka 'unsigned int') [-Wsign-compare]
        ebitmap_for_each_bit(&tclasses, node, i) {
        ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
external/selinux/checkpolicy/../libsepol/include/sepol/policydb/ebitmap.h:76:39: note: expanded from macro 'ebitmap_for_each_bit'
        for (bit = ebitmap_start(e, &n); bit < ebitmap_length(e); bit = ebitmap_next(&n, bit)) \
                                             ^ ~~~~~~~~~~~~~~~~~

Signed-off-by: Nick Kralevich <nnk@google.com>
2015-06-15 09:14:34 -04:00
Dan Albert
1f75792ea0 Remove uses of -Wno-return-type.
These warnings were fixed in 93b2e5f.
2015-06-15 09:14:10 -04:00
Stephen Smalley
2b35dd5e10 Update checkpolicy ChangeLog.
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2015-06-12 08:36:13 -04:00
Dan Albert
93b2e5fa07 Fix -Wreturn-type issues.
--089e013a1a2abb8ecf0518469d04
Content-Type: text/plain; charset=UTF-8

assert() only prevents -Wreturn-type from firing if asserts are
enabled. Use abort() so we don't do unexpected things even if we use
-UNDEBUG.

<div dir="ltr"><div>assert() only prevents -Wreturn-type from firing if asserts are</div><div>enabled. Use abort() so we don&#39;t do unexpected things even if we use</div><div>-UNDEBUG.</div></div>

From b53ad041da Mon Sep 17 00:00:00 2001
From: Dan Albert <danalbert@google.com>
Date: Wed, 10 Jun 2015 17:01:23 -0700
Subject: [PATCH] Fix -Wreturn-type issues.
To: selinux@tycho.nsa.gov
Cc: nnk@google.com,
    sds@tycho.nsa.gov

assert() only prevents -Wreturn-type from firing if asserts are
enabled. Use abort() so we don't do unexpected things even if we use
-UNDEBUG.
2015-06-12 08:35:22 -04:00
Stephen Smalley
34e196c3c2 Update checkpolicy ChangeLog.
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2015-04-28 08:29:44 -04:00
Jeff Vander Stoep
7f1ec68362 dispol: display operations as ranges
Displays operations ranges more concisely. E.g.

{ 0x8901-0x8930 }

instead of

{ 0x8901 0x8902 0x8903 0x8904 80x8905 0x0806 ... 0x8930 }

Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2015-04-28 08:29:24 -04:00
Stephen Smalley
11f2e159f6 Update checkpolicy ChangeLog.
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2015-04-23 08:45:20 -04:00
Stephen Smalley
6dafd3ded9 dispol: Extend to display operations.
Also drop expanding of rules; just display the rules in their
original form.  I think expansion was a relic of an older policy
version where we did not preserve attributes in the kernel policy.
In any event, it seems more useful to display the rules unmodified.

Change-Id: I85095a35cfb48138cd9cf01cde6dd0330e342c61
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2015-04-23 08:42:07 -04:00
Stephen Smalley
a2ceeba03c Update libsepol and checkpolicy ChangeLogs.
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2015-04-23 08:33:18 -04:00
Jeff Vander Stoep
80bc7ee8fa Add support for ioctl command whitelisting
Adds support for new policy statements whitelisting individual ioctl
commands. Ioctls provide many of the operations necessary for driver control.
The typical driver supports a device specific set of operations accessible
by the ioctl system call and specified by the command argument. SELinux
provides per operation access control to many system operations e.g. chown,
kill, setuid, ipc_lock, etc. Ioclts on the other hand are granted on a per
file descriptor basis using the ioctl permission, meaning that the set of
operations provided by the driver are granted on an all-or-nothing basis.
In some cases this may be acceptable, but often the same driver provides a
large and diverse set of operations such as benign and necessary functionality
as well as dangerous capabilities or access to system information that should
be restricted.

Example policy:
allow <source> <target>:<class> { 0x8900-0x8905 0x8910 }
auditallow <source> <target>:<class> 0x8901

The ioctl permission is still required in order to make an ioctl call. If no
individual ioctl commands are specified, only the ioctl permission is
checked by the kernel - i.e. status quo. This allows ioctl whitelisting to
done in a targeted manner, protecting desired drivers without requiring every
ioctl command to be known and specified before use and otherwise allowing
existing policy to be used as-is.

This only implements ioctl whitelisting support for monolithic kernel policies
built via checkpolicy. Support for modules and CIL remains to be done.

Bug: 19419509
Change-Id: I198e8c9279b94d8ce4ae5625018daa99577ee970
Signed-off-by: Jeff Vander Stoep <jeffv@google.com>
Acked-by:  Stephen Smalley <sds@tycho.nsa.gov>
2015-04-23 08:30:33 -04:00
James Carter
c0064fb732 Update ChangeLogs.
Signed-off-by: James Carter <jwcart2@tycho.nsa.gov>
2015-04-02 10:52:25 -04:00
James Carter
b1d9456295 checkpolicy: Add support for generating CIL
Add support to checkpolicy and checkmodule for generating CIL as their
output.

Add new options "-C" and "--cil" to specify CIL as the output format.

Signed-off-by: James Carter <jwcart2@tycho.nsa.gov>
2015-04-01 13:09:26 -04:00
Stephen Smalley
3057bcf6a0 Update ChangeLogs.
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2015-03-18 08:37:10 -04:00
Daniel De Graaf
f029067709 libsepol, checkpolicy: add device tree ocontext nodes to Xen policy
In Xen on ARM, device tree nodes identified by a path (string) need to
be labeled by the security policy.

Signed-off-by: Daniel De Graaf <dgdegra@tycho.nsa.gov>
2015-03-18 08:16:44 -04:00
Daniel De Graaf
82030de5dc libsepol, checkpolicy: widen Xen IOMEM ocontext entries
This expands IOMEMCON device context entries to 64 bits.  This change is
required to support static I/O memory range labeling for systems with
over 16TB of physical address space.  The policy version number change
is shared with the next patch.

While this makes no changes to SELinux policy, a new SELinux policy
compatibility entry was added in order to avoid breaking compilation of
an SELinux policy without explicitly specifying the policy version.

Signed-off-by: Daniel De Graaf <dgdegra@tycho.nsa.gov>
2015-03-18 08:16:18 -04:00
Daniel De Graaf
aab2d9f904 checkpolicy: Expand allowed character set in paths
In order to support paths containing spaces or other characters, allow a
quoted string with these characters to be parsed as a path in addition
to the existing unquoted string.

Signed-off-by: Daniel De Graaf <dgdegra@tycho.nsa.gov>
2015-03-18 08:16:14 -04:00
Stephen Smalley
93e557cab6 Update checkpolicy ChangeLog.
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2015-03-10 12:46:47 -04:00
Stephen Smalley
560af476b8 checkpolicy: Fix precedence between number and filesystem tokens.
When the FILESYSTEM token was added to support filesystem names that
start with a digit (e.g. 9p), it was given higher precedence than
NUMBER and therefore all values specified in hex (with 0x prefix)
in policy will incorrectly match FILESYSTEM and yield a syntax error.
This breaks use of iomem ranges in Xen policy and will break ioctl
command ranges in a future SELinux policy version.  Switch the
precedence.  This does mean that you cannot currently have a filesystem
with a name that happens to be 0x followed by a hexval but hopefully
that isn't an issue.

Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2015-03-10 12:39:17 -04:00
Stephen Smalley
68ed273fde Update checkpolicy ChangeLog.
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2015-02-26 15:02:21 -05:00
Emre Can Kucukoglu
0551fb1080 checkpolicy: fgets function warnings fix for dismod and dispol
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2015-02-26 15:00:27 -05:00
Steve Lawrence
f0c9966f88 Bump to final release 2015-02-02 09:38:10 -05:00
Stephen Smalley
37b7248edc Update checkpolicy ChangeLog.
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2015-01-21 14:01:15 -05:00
Dan Albert
c540479a36 Global C++11 compatibility.
Our build system compiles flex/bison as C++ rather than C, but a few
projects add `-x c` to their flags, forcing the compiler to compile
them as C. This causes the compiler to reject the global C++ standard
flag, so we need to explicitly provide a C standard flag to override
it.

Bug: 18466763
Change-Id: I49a6aeecf4abc563bd77127778b6d214e3851037
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2015-01-21 14:00:01 -05:00
Stephen Smalley
3f121151ca Update libsepol and checkpolicy ChangeLogs.
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2015-01-20 16:24:10 -05:00
dcashman
ed7a6ba24a Allow libsepol C++ static library on device.
Change-Id: I7da601767c3a4ebed7274e33304d8b589a9115fe
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2015-01-20 10:31:15 -05:00
Dan Albert
b1bbd3030b Clear errno before call to strtol(3).
Since strtol(3) doesn't clear errno on success, anything that sets
errno prior to this call will make it look like the call failed. This
happens when built with ASAN.

Signed-off-by: Dan Albert <danalbert@google.com>
Acked-by: Steve Lawrence <slawrence@tresys.com>
2014-12-11 08:29:34 -05:00
Steve Lawrence
823ebc8c6b Bump to release candidate 7 2014-12-03 10:06:26 -05:00
Steve Lawrence
07e75a9cc7 Bump to release candidate 6 2014-11-12 08:30:15 -05:00
Steve Lawrence
d1db56c52b Bump to release candidate 5 2014-10-29 11:01:03 -04:00
Steve Lawrence
6280387034 Bump to release candidate 4 2014-10-06 15:03:24 -04:00
Steve Lawrence
ff5bbe6dcf Bump VERSION/ChangeLog for release candidate 3
Signed-off-by: Steve Lawrence <slawrence@tresys.com>
2014-10-02 10:16:34 -04:00
Scapelli
387dc6342e Add missing semicolon to parser rule "cond_else"
Acked-by: Steve Lawrence <slawrence@tresys.com>
2014-10-02 09:56:54 -04:00
Nicolas Iooss
5af8c5adb2 checkpolicy: fix gcc -Wunused-variable warnings
Add __attribute__ ((unused)) to unused function parameters.

Acked-by: Steve Lawrence <slawrence@tresys.com>
2014-10-02 09:56:41 -04:00
Nicolas Iooss
c4a4a1a7ed Fix gcc -Wstrict-prototypes warnings
In C, defining a function with () means "any number of parameters", not
"no parameter".  Use (void) instead where applicable and add unused
parameters when needed.

Acked-by: Steve Lawrence <slawrence@tresys.com>
2014-10-02 09:56:38 -04:00
Nicolas Iooss
7dcb7a5946 checkpolicy: fix most gcc -Wwrite-strings warnings
Acked-by: Steve Lawrence <slawrence@tresys.com>
2014-10-02 09:56:28 -04:00
Nicolas Iooss
581d3eb128 checkpolicy: fix gcc -Wsign-compare warnings
Acked-by: Steve Lawrence <slawrence@tresys.com>
2014-10-02 09:56:13 -04:00
Nicolas Iooss
832e7017f8 checkpolicy: constify the message written by yyerror and yywarn
Acked-by: Steve Lawrence <slawrence@tresys.com>
2014-10-02 09:56:06 -04:00
Nicolas Iooss
8db96d0cb4 checkpolicy: add printf format attribute to relevant functions
Once __attribute__ ((format(printf, 1, 2))) is added to yyerror2,
"gcc -Wformat -Wformat-security" shows some issues.  Fix them.

Acked-by: Steve Lawrence <slawrence@tresys.com>
2014-10-02 09:56:03 -04:00
Steve Lawrence
8f9d3a7c95 Fix typos in ChangeLog and Versions 2014-08-26 14:20:48 -04:00
Steve Lawrence
79fd2d06ab Bump versions and update ChangeLog
Signed-off-by: Steve Lawrence <slawrence@tresys.com>
2014-08-26 09:48:54 -04:00
Stephen Smalley
1e6482134b Bump version and update ChangeLog for release.
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2014-05-06 13:30:27 -04:00
Stephen Smalley
53e1304103 Add support for building dispol program.
This is a program for displaying the contents of a binary policy file.

Change-Id: Iba94d6b13ac1abbc084da5631dc2bf4107e548d1
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2014-04-09 08:34:32 -04:00
Stephen Smalley
35b3c259a7 2.3-rc1 (release candidate 1).
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2014-03-25 13:24:44 -04:00
Stephen Smalley
84c9c828a0 Update ChangeLogs.
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2014-03-24 15:05:09 -04:00
Nick Kralevich
e91b5d2ad0 Maybe fix darwin compile error.
external/checkpolicy/policy_define.c:63: error: 'PATH_MAX' undeclared here (not in a function)
  [deleted]
  make: *** [out/host/darwin-x86/obj/EXECUTABLES/checkpolicy_intermediates/policy_define.o] Error 1
  make: *** Waiting for unfinished jobs....

Change-Id: If3795c7e62ed0d685ad07047f46014f77b87b4a8
2014-03-24 15:03:31 -04:00
Stephen Smalley
0e00684f69 Report source file and line information for neverallow failures.
Change-Id: I0def97a5f2f6097e2dad7bcd5395b8fa740d7073
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2014-03-24 15:02:57 -04:00
Stephen Smalley
8c5171d76e Update checkpolicy/ChangeLog. 2014-02-20 14:24:43 -05:00
Stephen Smalley
bfb806120a Prevent incompatible option combinations.
checkmodule -m and -b are fundamentally incompatible with each other,
so reject attempts to use them together.

Resolves
https://bugzilla.redhat.com/show_bug.cgi?id=1064603

Also fix the error message for -m with -U to use stderr.

Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2014-02-20 14:20:20 -05:00
Stephen Smalley
2001fa0e9d dismod and dispol do not use libselinux.
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2014-02-20 14:19:50 -05:00
Stephen Smalley
534f5a74bb Update libsepol and checkpolicy ChangeLog.
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2013-11-06 09:35:58 -05:00
Richard Haines
ab9cbb1f8e checkpolicy: Add debug feature to display constraints / validatetrans
Allow mls/constraint mls/validatetrans constraints to be displayed
in debug mode. If POLICY_KERN version is >=
POLICYDB_VERSION_CONSTRAINT_NAMES then the policy defined
types/attributes will be returned.

Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
2013-11-06 09:31:34 -05:00
Stephen Smalley
7c4bb77999 Version bump for release.
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2013-10-30 12:45:19 -04:00
Stephen Smalley
a08010023b Update ChangeLogs and bump VERSIONs to an intermediate value.
2.1.99 is just a placeholder to distinguish it from the prior release.
2.2 will be the released version.  Switching to 2-component versions.

Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2013-10-25 15:14:23 -04:00
Stephen Smalley
f458b76076 Merge branch 'fedora' into master-merge
Conflicts:
	libselinux/src/Makefile
	libselinux/src/selinux_config.c
	policycoreutils/audit2allow/audit2allow.1
	policycoreutils/scripts/fixfiles.8
	policycoreutils/semanage/semanage.8
	policycoreutils/sepolicy/Makefile
	policycoreutils/sepolicy/sepolicy/transition.py
	policycoreutils/setsebool/setsebool.8
2013-10-24 15:24:17 -04:00
Dan Walsh
2540b20096 Laurent Bigonville patch to fix various minor manpage issues and correct section numbering. 2013-10-24 13:58:37 -04:00
Dan Walsh
4d2dd33411 Allow " " and ":" in file name transtions
We have added a couple of file name transtitions that required a space and a colon.
2013-10-24 13:58:37 -04:00
Dan Walsh
f44a218e5c handle-unknown should be an optional argument 2013-10-24 13:58:37 -04:00
Dan Walsh
a8b3340288 Laurent Bigonville patch to allow overriding PATH Definitions in Makefiles 2013-10-24 13:58:37 -04:00
Laurent Bigonville
f6a03f1a3c --handle-unknown option takes a required argument
Fix a segmentation fault if the --handle-unknown option was set without
arguments.

Thanks to Alexandre Rebert and his team at Carnegie Mellon University
for detecting this crash.
2013-10-22 14:32:46 -04:00
Laurent Bigonville
f074bb337c checkpolicy: Fix cases where hyphen were used as minus sign in manpages 2013-10-16 15:10:53 -04:00
Laurent Bigonville
c78d729fc9 checkpolicy: Allow overriding LIBDIR in test/Makefile 2013-10-16 15:03:32 -04:00
Eric Paris
e9410c9b06 VERSION BUMP FOR UPSTREAM PUSH 2013-02-05 20:22:02 -05:00
Alice Chu
ab995a59b2 checkpolicy: Free allocated memory when clean up / exit.
Number of error paths and failures do not clean up memory.  Try to make
it better.

Signed-off-by: Eric Paris <eparis@redhat.com>
2013-02-05 20:14:50 -05:00
Eric Paris
693f5241fd checkpolicy: libsepol: implement default type policy syntax
We currently have a mechanism in which the default user, role, and range
can be picked up from the source or the target object.  This implements
the same thing for types.  The kernel will override this with type
transition rules and similar.  This is just the default if nothing
specific is given.

Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
2013-02-05 20:14:46 -05:00
Dan Walsh
c27a54775d checkpolicy: Fix errors found by coverity
Couple of memory leaks and a couple of dead code spots.

Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
2013-02-05 20:14:45 -05:00
Eric Paris
8638197342 Version bumps for upstream push 2012-09-13 10:33:58 -04:00
Eric Paris
873c176651 checkpolicy: check return code on ebitmap_set_bit
This can fail due to ENOMEM.  Check and return code and return error if
necessary.

Signed-off-by: Eric Paris <eparis@redhat.com>
2012-09-12 14:30:20 -04:00
Eric Paris
87e8d46f29 policycoreutils: checkmodule: fd leak reading policy
We never closed the fd to the policy file.  Close this fd as soon as we
are finished with it.

Signed-off-by: Eric Paris <eparis@redhat.com>
2012-09-12 14:30:20 -04:00
Eric Paris
f05a71b92d Version bumps for upstream push 2012-06-28 14:02:29 -04:00
Stephen Smalley
da752cabb5 checkpolicy: Android/MacOS X build support
Android/MacOS X build support for checkpolicy.
Create a Android.mk file for Android build integration.
Introduce DARWIN ifdefs for building on MacOS X.

Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
2012-06-28 13:29:24 -04:00
Dan Walsh
0eed03e756 checkpolicy: sepolgen: We need to support files that have a + in them
Filenames can have a +, so we should be able to parse and handle those
files.

Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
2012-06-28 13:29:24 -04:00
Eric Paris
7a86fe1a3d bump version and changelog for upstream push 2012-03-28 15:44:05 -04:00
Dan Walsh
18e3a8d396 checkpolicy: libselinux: Fix dead links to www.nsa.gov/selinux
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
2012-03-28 08:39:07 -04:00