SELinux: add default_type statements

Because Fedora shipped userspace based on my development tree we now
have policy version 27 in the wild defining only default user, role, and
range.  Thus to add default_type we need a policy.28.

Signed-off-by: Eric Paris <eparis@redhat.com>

1 files changed, 19 insertions, 0 deletions

diff --git a/security/selinux/ss/policydb.c b/security/selinux/ss/policydb.c
index 2bb9c2fd5f1a..9cd9b7c661ec 100644
--- a/security/selinux/ss/policydb.c
+++ b/security/selinux/ss/policydb.c
@@ -138,6 +138,11 @@ static struct policydb_compat_info policydb_compat[] = {
                 .sym_num        = SYM_NUM,
                 .ocon_num       = OCON_NUM,
         },
+        {
+                .version        = POLICYDB_VERSION_DEFAULT_TYPE,
+                .sym_num        = SYM_NUM,
+                .ocon_num       = OCON_NUM,
+        },
 };
 
 static struct policydb_compat_info *policydb_lookup_compat(int version)
@@ -1321,6 +1326,13 @@ static int class_read(struct policydb *p, struct hashtab *h, void *fp)
                 cladatum->default_range = le32_to_cpu(buf[2]);
         }
 
+        if (p->policyvers >= POLICYDB_VERSION_DEFAULT_TYPE) {
+                rc = next_entry(buf, fp, sizeof(u32) * 1);
+                if (rc)
+                        goto bad;
+                cladatum->default_type = le32_to_cpu(buf[0]);
+        }
+
         rc = hashtab_insert(h, key, cladatum);
         if (rc)
                 goto bad;
@@ -2857,6 +2869,13 @@ static int class_write(void *vkey, void *datum, void *ptr)
                         return rc;
         }
 
+        if (p->policyvers >= POLICYDB_VERSION_DEFAULT_TYPE) {
+                buf[0] = cpu_to_le32(cladatum->default_type);
+                rc = put_entry(buf, sizeof(uint32_t), 1, fp);
+                if (rc)
+                        return rc;
+        }
+
         return 0;
 }