aboutsummaryrefslogtreecommitdiffstats
path: root/security/selinux/ss/policydb.c
diff options
context:
space:
mode:
Diffstat (limited to 'security/selinux/ss/policydb.c')
-rw-r--r--security/selinux/ss/policydb.c1817
1 files changed, 1445 insertions, 372 deletions
diff --git a/security/selinux/ss/policydb.c b/security/selinux/ss/policydb.c
index 3a29704be8ce..d246aca3f4fb 100644
--- a/security/selinux/ss/policydb.c
+++ b/security/selinux/ss/policydb.c
@@ -37,6 +37,7 @@
37#include "policydb.h" 37#include "policydb.h"
38#include "conditional.h" 38#include "conditional.h"
39#include "mls.h" 39#include "mls.h"
40#include "services.h"
40 41
41#define _DEBUG_HASHES 42#define _DEBUG_HASHES
42 43
@@ -122,6 +123,16 @@ static struct policydb_compat_info policydb_compat[] = {
122 .sym_num = SYM_NUM, 123 .sym_num = SYM_NUM,
123 .ocon_num = OCON_NUM, 124 .ocon_num = OCON_NUM,
124 }, 125 },
126 {
127 .version = POLICYDB_VERSION_FILENAME_TRANS,
128 .sym_num = SYM_NUM,
129 .ocon_num = OCON_NUM,
130 },
131 {
132 .version = POLICYDB_VERSION_ROLETRANS,
133 .sym_num = SYM_NUM,
134 .ocon_num = OCON_NUM,
135 },
125}; 136};
126 137
127static struct policydb_compat_info *policydb_lookup_compat(int version) 138static struct policydb_compat_info *policydb_lookup_compat(int version)
@@ -147,32 +158,67 @@ static int roles_init(struct policydb *p)
147 int rc; 158 int rc;
148 struct role_datum *role; 159 struct role_datum *role;
149 160
161 rc = -ENOMEM;
150 role = kzalloc(sizeof(*role), GFP_KERNEL); 162 role = kzalloc(sizeof(*role), GFP_KERNEL);
151 if (!role) { 163 if (!role)
152 rc = -ENOMEM;
153 goto out; 164 goto out;
154 } 165
166 rc = -EINVAL;
155 role->value = ++p->p_roles.nprim; 167 role->value = ++p->p_roles.nprim;
156 if (role->value != OBJECT_R_VAL) { 168 if (role->value != OBJECT_R_VAL)
157 rc = -EINVAL; 169 goto out;
158 goto out_free_role; 170
159 } 171 rc = -ENOMEM;
160 key = kstrdup(OBJECT_R, GFP_KERNEL); 172 key = kstrdup(OBJECT_R, GFP_KERNEL);
161 if (!key) { 173 if (!key)
162 rc = -ENOMEM; 174 goto out;
163 goto out_free_role; 175
164 }
165 rc = hashtab_insert(p->p_roles.table, key, role); 176 rc = hashtab_insert(p->p_roles.table, key, role);
166 if (rc) 177 if (rc)
167 goto out_free_key; 178 goto out;
168out:
169 return rc;
170 179
171out_free_key: 180 return 0;
181out:
172 kfree(key); 182 kfree(key);
173out_free_role:
174 kfree(role); 183 kfree(role);
175 goto out; 184 return rc;
185}
186
187static u32 filenametr_hash(struct hashtab *h, const void *k)
188{
189 const struct filename_trans *ft = k;
190 unsigned long hash;
191 unsigned int byte_num;
192 unsigned char focus;
193
194 hash = ft->stype ^ ft->ttype ^ ft->tclass;
195
196 byte_num = 0;
197 while ((focus = ft->name[byte_num++]))
198 hash = partial_name_hash(focus, hash);
199 return hash & (h->size - 1);
200}
201
202static int filenametr_cmp(struct hashtab *h, const void *k1, const void *k2)
203{
204 const struct filename_trans *ft1 = k1;
205 const struct filename_trans *ft2 = k2;
206 int v;
207
208 v = ft1->stype - ft2->stype;
209 if (v)
210 return v;
211
212 v = ft1->ttype - ft2->ttype;
213 if (v)
214 return v;
215
216 v = ft1->tclass - ft2->tclass;
217 if (v)
218 return v;
219
220 return strcmp(ft1->name, ft2->name);
221
176} 222}
177 223
178static u32 rangetr_hash(struct hashtab *h, const void *k) 224static u32 rangetr_hash(struct hashtab *h, const void *k)
@@ -185,9 +231,19 @@ static u32 rangetr_hash(struct hashtab *h, const void *k)
185static int rangetr_cmp(struct hashtab *h, const void *k1, const void *k2) 231static int rangetr_cmp(struct hashtab *h, const void *k1, const void *k2)
186{ 232{
187 const struct range_trans *key1 = k1, *key2 = k2; 233 const struct range_trans *key1 = k1, *key2 = k2;
188 return (key1->source_type != key2->source_type || 234 int v;
189 key1->target_type != key2->target_type || 235
190 key1->target_class != key2->target_class); 236 v = key1->source_type - key2->source_type;
237 if (v)
238 return v;
239
240 v = key1->target_type - key2->target_type;
241 if (v)
242 return v;
243
244 v = key1->target_class - key2->target_class;
245
246 return v;
191} 247}
192 248
193/* 249/*
@@ -202,35 +258,40 @@ static int policydb_init(struct policydb *p)
202 for (i = 0; i < SYM_NUM; i++) { 258 for (i = 0; i < SYM_NUM; i++) {
203 rc = symtab_init(&p->symtab[i], symtab_sizes[i]); 259 rc = symtab_init(&p->symtab[i], symtab_sizes[i]);
204 if (rc) 260 if (rc)
205 goto out_free_symtab; 261 goto out;
206 } 262 }
207 263
208 rc = avtab_init(&p->te_avtab); 264 rc = avtab_init(&p->te_avtab);
209 if (rc) 265 if (rc)
210 goto out_free_symtab; 266 goto out;
211 267
212 rc = roles_init(p); 268 rc = roles_init(p);
213 if (rc) 269 if (rc)
214 goto out_free_symtab; 270 goto out;
215 271
216 rc = cond_policydb_init(p); 272 rc = cond_policydb_init(p);
217 if (rc) 273 if (rc)
218 goto out_free_symtab; 274 goto out;
275
276 p->filename_trans = hashtab_create(filenametr_hash, filenametr_cmp, (1 << 10));
277 if (!p->filename_trans)
278 goto out;
219 279
220 p->range_tr = hashtab_create(rangetr_hash, rangetr_cmp, 256); 280 p->range_tr = hashtab_create(rangetr_hash, rangetr_cmp, 256);
221 if (!p->range_tr) 281 if (!p->range_tr)
222 goto out_free_symtab; 282 goto out;
223 283
284 ebitmap_init(&p->filename_trans_ttypes);
224 ebitmap_init(&p->policycaps); 285 ebitmap_init(&p->policycaps);
225 ebitmap_init(&p->permissive_map); 286 ebitmap_init(&p->permissive_map);
226 287
288 return 0;
227out: 289out:
228 return rc; 290 hashtab_destroy(p->filename_trans);
229 291 hashtab_destroy(p->range_tr);
230out_free_symtab:
231 for (i = 0; i < SYM_NUM; i++) 292 for (i = 0; i < SYM_NUM; i++)
232 hashtab_destroy(p->symtab[i].table); 293 hashtab_destroy(p->symtab[i].table);
233 goto out; 294 return rc;
234} 295}
235 296
236/* 297/*
@@ -247,12 +308,17 @@ static int common_index(void *key, void *datum, void *datap)
247{ 308{
248 struct policydb *p; 309 struct policydb *p;
249 struct common_datum *comdatum; 310 struct common_datum *comdatum;
311 struct flex_array *fa;
250 312
251 comdatum = datum; 313 comdatum = datum;
252 p = datap; 314 p = datap;
253 if (!comdatum->value || comdatum->value > p->p_commons.nprim) 315 if (!comdatum->value || comdatum->value > p->p_commons.nprim)
254 return -EINVAL; 316 return -EINVAL;
255 p->p_common_val_to_name[comdatum->value - 1] = key; 317
318 fa = p->sym_val_to_name[SYM_COMMONS];
319 if (flex_array_put_ptr(fa, comdatum->value - 1, key,
320 GFP_KERNEL | __GFP_ZERO))
321 BUG();
256 return 0; 322 return 0;
257} 323}
258 324
@@ -260,12 +326,16 @@ static int class_index(void *key, void *datum, void *datap)
260{ 326{
261 struct policydb *p; 327 struct policydb *p;
262 struct class_datum *cladatum; 328 struct class_datum *cladatum;
329 struct flex_array *fa;
263 330
264 cladatum = datum; 331 cladatum = datum;
265 p = datap; 332 p = datap;
266 if (!cladatum->value || cladatum->value > p->p_classes.nprim) 333 if (!cladatum->value || cladatum->value > p->p_classes.nprim)
267 return -EINVAL; 334 return -EINVAL;
268 p->p_class_val_to_name[cladatum->value - 1] = key; 335 fa = p->sym_val_to_name[SYM_CLASSES];
336 if (flex_array_put_ptr(fa, cladatum->value - 1, key,
337 GFP_KERNEL | __GFP_ZERO))
338 BUG();
269 p->class_val_to_struct[cladatum->value - 1] = cladatum; 339 p->class_val_to_struct[cladatum->value - 1] = cladatum;
270 return 0; 340 return 0;
271} 341}
@@ -274,6 +344,7 @@ static int role_index(void *key, void *datum, void *datap)
274{ 344{
275 struct policydb *p; 345 struct policydb *p;
276 struct role_datum *role; 346 struct role_datum *role;
347 struct flex_array *fa;
277 348
278 role = datum; 349 role = datum;
279 p = datap; 350 p = datap;
@@ -281,7 +352,11 @@ static int role_index(void *key, void *datum, void *datap)
281 || role->value > p->p_roles.nprim 352 || role->value > p->p_roles.nprim
282 || role->bounds > p->p_roles.nprim) 353 || role->bounds > p->p_roles.nprim)
283 return -EINVAL; 354 return -EINVAL;
284 p->p_role_val_to_name[role->value - 1] = key; 355
356 fa = p->sym_val_to_name[SYM_ROLES];
357 if (flex_array_put_ptr(fa, role->value - 1, key,
358 GFP_KERNEL | __GFP_ZERO))
359 BUG();
285 p->role_val_to_struct[role->value - 1] = role; 360 p->role_val_to_struct[role->value - 1] = role;
286 return 0; 361 return 0;
287} 362}
@@ -290,6 +365,7 @@ static int type_index(void *key, void *datum, void *datap)
290{ 365{
291 struct policydb *p; 366 struct policydb *p;
292 struct type_datum *typdatum; 367 struct type_datum *typdatum;
368 struct flex_array *fa;
293 369
294 typdatum = datum; 370 typdatum = datum;
295 p = datap; 371 p = datap;
@@ -299,8 +375,15 @@ static int type_index(void *key, void *datum, void *datap)
299 || typdatum->value > p->p_types.nprim 375 || typdatum->value > p->p_types.nprim
300 || typdatum->bounds > p->p_types.nprim) 376 || typdatum->bounds > p->p_types.nprim)
301 return -EINVAL; 377 return -EINVAL;
302 p->p_type_val_to_name[typdatum->value - 1] = key; 378 fa = p->sym_val_to_name[SYM_TYPES];
303 p->type_val_to_struct[typdatum->value - 1] = typdatum; 379 if (flex_array_put_ptr(fa, typdatum->value - 1, key,
380 GFP_KERNEL | __GFP_ZERO))
381 BUG();
382
383 fa = p->type_val_to_struct_array;
384 if (flex_array_put_ptr(fa, typdatum->value - 1, typdatum,
385 GFP_KERNEL | __GFP_ZERO))
386 BUG();
304 } 387 }
305 388
306 return 0; 389 return 0;
@@ -310,6 +393,7 @@ static int user_index(void *key, void *datum, void *datap)
310{ 393{
311 struct policydb *p; 394 struct policydb *p;
312 struct user_datum *usrdatum; 395 struct user_datum *usrdatum;
396 struct flex_array *fa;
313 397
314 usrdatum = datum; 398 usrdatum = datum;
315 p = datap; 399 p = datap;
@@ -317,7 +401,11 @@ static int user_index(void *key, void *datum, void *datap)
317 || usrdatum->value > p->p_users.nprim 401 || usrdatum->value > p->p_users.nprim
318 || usrdatum->bounds > p->p_users.nprim) 402 || usrdatum->bounds > p->p_users.nprim)
319 return -EINVAL; 403 return -EINVAL;
320 p->p_user_val_to_name[usrdatum->value - 1] = key; 404
405 fa = p->sym_val_to_name[SYM_USERS];
406 if (flex_array_put_ptr(fa, usrdatum->value - 1, key,
407 GFP_KERNEL | __GFP_ZERO))
408 BUG();
321 p->user_val_to_struct[usrdatum->value - 1] = usrdatum; 409 p->user_val_to_struct[usrdatum->value - 1] = usrdatum;
322 return 0; 410 return 0;
323} 411}
@@ -326,6 +414,7 @@ static int sens_index(void *key, void *datum, void *datap)
326{ 414{
327 struct policydb *p; 415 struct policydb *p;
328 struct level_datum *levdatum; 416 struct level_datum *levdatum;
417 struct flex_array *fa;
329 418
330 levdatum = datum; 419 levdatum = datum;
331 p = datap; 420 p = datap;
@@ -334,7 +423,10 @@ static int sens_index(void *key, void *datum, void *datap)
334 if (!levdatum->level->sens || 423 if (!levdatum->level->sens ||
335 levdatum->level->sens > p->p_levels.nprim) 424 levdatum->level->sens > p->p_levels.nprim)
336 return -EINVAL; 425 return -EINVAL;
337 p->p_sens_val_to_name[levdatum->level->sens - 1] = key; 426 fa = p->sym_val_to_name[SYM_LEVELS];
427 if (flex_array_put_ptr(fa, levdatum->level->sens - 1, key,
428 GFP_KERNEL | __GFP_ZERO))
429 BUG();
338 } 430 }
339 431
340 return 0; 432 return 0;
@@ -344,6 +436,7 @@ static int cat_index(void *key, void *datum, void *datap)
344{ 436{
345 struct policydb *p; 437 struct policydb *p;
346 struct cat_datum *catdatum; 438 struct cat_datum *catdatum;
439 struct flex_array *fa;
347 440
348 catdatum = datum; 441 catdatum = datum;
349 p = datap; 442 p = datap;
@@ -351,7 +444,10 @@ static int cat_index(void *key, void *datum, void *datap)
351 if (!catdatum->isalias) { 444 if (!catdatum->isalias) {
352 if (!catdatum->value || catdatum->value > p->p_cats.nprim) 445 if (!catdatum->value || catdatum->value > p->p_cats.nprim)
353 return -EINVAL; 446 return -EINVAL;
354 p->p_cat_val_to_name[catdatum->value - 1] = key; 447 fa = p->sym_val_to_name[SYM_CATS];
448 if (flex_array_put_ptr(fa, catdatum->value - 1, key,
449 GFP_KERNEL | __GFP_ZERO))
450 BUG();
355 } 451 }
356 452
357 return 0; 453 return 0;
@@ -369,74 +465,27 @@ static int (*index_f[SYM_NUM]) (void *key, void *datum, void *datap) =
369 cat_index, 465 cat_index,
370}; 466};
371 467
372/* 468#ifdef DEBUG_HASHES
373 * Define the common val_to_name array and the class 469static void hash_eval(struct hashtab *h, const char *hash_name)
374 * val_to_name and val_to_struct arrays in a policy
375 * database structure.
376 *
377 * Caller must clean up upon failure.
378 */
379static int policydb_index_classes(struct policydb *p)
380{ 470{
381 int rc; 471 struct hashtab_info info;
382
383 p->p_common_val_to_name =
384 kmalloc(p->p_commons.nprim * sizeof(char *), GFP_KERNEL);
385 if (!p->p_common_val_to_name) {
386 rc = -ENOMEM;
387 goto out;
388 }
389
390 rc = hashtab_map(p->p_commons.table, common_index, p);
391 if (rc)
392 goto out;
393
394 p->class_val_to_struct =
395 kmalloc(p->p_classes.nprim * sizeof(*(p->class_val_to_struct)), GFP_KERNEL);
396 if (!p->class_val_to_struct) {
397 rc = -ENOMEM;
398 goto out;
399 }
400
401 p->p_class_val_to_name =
402 kmalloc(p->p_classes.nprim * sizeof(char *), GFP_KERNEL);
403 if (!p->p_class_val_to_name) {
404 rc = -ENOMEM;
405 goto out;
406 }
407 472
408 rc = hashtab_map(p->p_classes.table, class_index, p); 473 hashtab_stat(h, &info);
409out: 474 printk(KERN_DEBUG "SELinux: %s: %d entries and %d/%d buckets used, "
410 return rc; 475 "longest chain length %d\n", hash_name, h->nel,
476 info.slots_used, h->size, info.max_chain_len);
411} 477}
412 478
413#ifdef DEBUG_HASHES
414static void symtab_hash_eval(struct symtab *s) 479static void symtab_hash_eval(struct symtab *s)
415{ 480{
416 int i; 481 int i;
417 482
418 for (i = 0; i < SYM_NUM; i++) { 483 for (i = 0; i < SYM_NUM; i++)
419 struct hashtab *h = s[i].table; 484 hash_eval(s[i].table, symtab_name[i]);
420 struct hashtab_info info;
421
422 hashtab_stat(h, &info);
423 printk(KERN_DEBUG "SELinux: %s: %d entries and %d/%d buckets used, "
424 "longest chain length %d\n", symtab_name[i], h->nel,
425 info.slots_used, h->size, info.max_chain_len);
426 }
427} 485}
428 486
429static void rangetr_hash_eval(struct hashtab *h)
430{
431 struct hashtab_info info;
432
433 hashtab_stat(h, &info);
434 printk(KERN_DEBUG "SELinux: rangetr: %d entries and %d/%d buckets used, "
435 "longest chain length %d\n", h->nel,
436 info.slots_used, h->size, info.max_chain_len);
437}
438#else 487#else
439static inline void rangetr_hash_eval(struct hashtab *h) 488static inline void hash_eval(struct hashtab *h, char *hash_name)
440{ 489{
441} 490}
442#endif 491#endif
@@ -447,9 +496,9 @@ static inline void rangetr_hash_eval(struct hashtab *h)
447 * 496 *
448 * Caller must clean up on failure. 497 * Caller must clean up on failure.
449 */ 498 */
450static int policydb_index_others(struct policydb *p) 499static int policydb_index(struct policydb *p)
451{ 500{
452 int i, rc = 0; 501 int i, rc;
453 502
454 printk(KERN_DEBUG "SELinux: %d users, %d roles, %d types, %d bools", 503 printk(KERN_DEBUG "SELinux: %d users, %d roles, %d types, %d bools",
455 p->p_users.nprim, p->p_roles.nprim, p->p_types.nprim, p->p_bools.nprim); 504 p->p_users.nprim, p->p_roles.nprim, p->p_types.nprim, p->p_bools.nprim);
@@ -466,47 +515,63 @@ static int policydb_index_others(struct policydb *p)
466 symtab_hash_eval(p->symtab); 515 symtab_hash_eval(p->symtab);
467#endif 516#endif
468 517
518 rc = -ENOMEM;
519 p->class_val_to_struct =
520 kmalloc(p->p_classes.nprim * sizeof(*(p->class_val_to_struct)),
521 GFP_KERNEL);
522 if (!p->class_val_to_struct)
523 goto out;
524
525 rc = -ENOMEM;
469 p->role_val_to_struct = 526 p->role_val_to_struct =
470 kmalloc(p->p_roles.nprim * sizeof(*(p->role_val_to_struct)), 527 kmalloc(p->p_roles.nprim * sizeof(*(p->role_val_to_struct)),
471 GFP_KERNEL); 528 GFP_KERNEL);
472 if (!p->role_val_to_struct) { 529 if (!p->role_val_to_struct)
473 rc = -ENOMEM;
474 goto out; 530 goto out;
475 }
476 531
532 rc = -ENOMEM;
477 p->user_val_to_struct = 533 p->user_val_to_struct =
478 kmalloc(p->p_users.nprim * sizeof(*(p->user_val_to_struct)), 534 kmalloc(p->p_users.nprim * sizeof(*(p->user_val_to_struct)),
479 GFP_KERNEL); 535 GFP_KERNEL);
480 if (!p->user_val_to_struct) { 536 if (!p->user_val_to_struct)
481 rc = -ENOMEM;
482 goto out; 537 goto out;
483 }
484 538
485 p->type_val_to_struct = 539 /* Yes, I want the sizeof the pointer, not the structure */
486 kmalloc(p->p_types.nprim * sizeof(*(p->type_val_to_struct)), 540 rc = -ENOMEM;
487 GFP_KERNEL); 541 p->type_val_to_struct_array = flex_array_alloc(sizeof(struct type_datum *),
488 if (!p->type_val_to_struct) { 542 p->p_types.nprim,
489 rc = -ENOMEM; 543 GFP_KERNEL | __GFP_ZERO);
544 if (!p->type_val_to_struct_array)
490 goto out; 545 goto out;
491 }
492 546
493 if (cond_init_bool_indexes(p)) { 547 rc = flex_array_prealloc(p->type_val_to_struct_array, 0,
494 rc = -ENOMEM; 548 p->p_types.nprim, GFP_KERNEL | __GFP_ZERO);
549 if (rc)
495 goto out; 550 goto out;
496 }
497 551
498 for (i = SYM_ROLES; i < SYM_NUM; i++) { 552 rc = cond_init_bool_indexes(p);
499 p->sym_val_to_name[i] = 553 if (rc)
500 kmalloc(p->symtab[i].nprim * sizeof(char *), GFP_KERNEL); 554 goto out;
501 if (!p->sym_val_to_name[i]) { 555
502 rc = -ENOMEM; 556 for (i = 0; i < SYM_NUM; i++) {
557 rc = -ENOMEM;
558 p->sym_val_to_name[i] = flex_array_alloc(sizeof(char *),
559 p->symtab[i].nprim,
560 GFP_KERNEL | __GFP_ZERO);
561 if (!p->sym_val_to_name[i])
503 goto out; 562 goto out;
504 } 563
564 rc = flex_array_prealloc(p->sym_val_to_name[i],
565 0, p->symtab[i].nprim,
566 GFP_KERNEL | __GFP_ZERO);
567 if (rc)
568 goto out;
569
505 rc = hashtab_map(p->symtab[i].table, index_f[i], p); 570 rc = hashtab_map(p->symtab[i].table, index_f[i], p);
506 if (rc) 571 if (rc)
507 goto out; 572 goto out;
508 } 573 }
509 574 rc = 0;
510out: 575out:
511 return rc; 576 return rc;
512} 577}
@@ -529,9 +594,11 @@ static int common_destroy(void *key, void *datum, void *p)
529 struct common_datum *comdatum; 594 struct common_datum *comdatum;
530 595
531 kfree(key); 596 kfree(key);
532 comdatum = datum; 597 if (datum) {
533 hashtab_map(comdatum->permissions.table, perm_destroy, NULL); 598 comdatum = datum;
534 hashtab_destroy(comdatum->permissions.table); 599 hashtab_map(comdatum->permissions.table, perm_destroy, NULL);
600 hashtab_destroy(comdatum->permissions.table);
601 }
535 kfree(datum); 602 kfree(datum);
536 return 0; 603 return 0;
537} 604}
@@ -543,38 +610,40 @@ static int cls_destroy(void *key, void *datum, void *p)
543 struct constraint_expr *e, *etmp; 610 struct constraint_expr *e, *etmp;
544 611
545 kfree(key); 612 kfree(key);
546 cladatum = datum; 613 if (datum) {
547 hashtab_map(cladatum->permissions.table, perm_destroy, NULL); 614 cladatum = datum;
548 hashtab_destroy(cladatum->permissions.table); 615 hashtab_map(cladatum->permissions.table, perm_destroy, NULL);
549 constraint = cladatum->constraints; 616 hashtab_destroy(cladatum->permissions.table);
550 while (constraint) { 617 constraint = cladatum->constraints;
551 e = constraint->expr; 618 while (constraint) {
552 while (e) { 619 e = constraint->expr;
553 ebitmap_destroy(&e->names); 620 while (e) {
554 etmp = e; 621 ebitmap_destroy(&e->names);
555 e = e->next; 622 etmp = e;
556 kfree(etmp); 623 e = e->next;
624 kfree(etmp);
625 }
626 ctemp = constraint;
627 constraint = constraint->next;
628 kfree(ctemp);
557 } 629 }
558 ctemp = constraint; 630
559 constraint = constraint->next; 631 constraint = cladatum->validatetrans;
560 kfree(ctemp); 632 while (constraint) {
561 } 633 e = constraint->expr;
562 634 while (e) {
563 constraint = cladatum->validatetrans; 635 ebitmap_destroy(&e->names);
564 while (constraint) { 636 etmp = e;
565 e = constraint->expr; 637 e = e->next;
566 while (e) { 638 kfree(etmp);
567 ebitmap_destroy(&e->names); 639 }
568 etmp = e; 640 ctemp = constraint;
569 e = e->next; 641 constraint = constraint->next;
570 kfree(etmp); 642 kfree(ctemp);
571 } 643 }
572 ctemp = constraint;
573 constraint = constraint->next;
574 kfree(ctemp);
575 }
576 644
577 kfree(cladatum->comkey); 645 kfree(cladatum->comkey);
646 }
578 kfree(datum); 647 kfree(datum);
579 return 0; 648 return 0;
580} 649}
@@ -584,9 +653,11 @@ static int role_destroy(void *key, void *datum, void *p)
584 struct role_datum *role; 653 struct role_datum *role;
585 654
586 kfree(key); 655 kfree(key);
587 role = datum; 656 if (datum) {
588 ebitmap_destroy(&role->dominates); 657 role = datum;
589 ebitmap_destroy(&role->types); 658 ebitmap_destroy(&role->dominates);
659 ebitmap_destroy(&role->types);
660 }
590 kfree(datum); 661 kfree(datum);
591 return 0; 662 return 0;
592} 663}
@@ -603,11 +674,13 @@ static int user_destroy(void *key, void *datum, void *p)
603 struct user_datum *usrdatum; 674 struct user_datum *usrdatum;
604 675
605 kfree(key); 676 kfree(key);
606 usrdatum = datum; 677 if (datum) {
607 ebitmap_destroy(&usrdatum->roles); 678 usrdatum = datum;
608 ebitmap_destroy(&usrdatum->range.level[0].cat); 679 ebitmap_destroy(&usrdatum->roles);
609 ebitmap_destroy(&usrdatum->range.level[1].cat); 680 ebitmap_destroy(&usrdatum->range.level[0].cat);
610 ebitmap_destroy(&usrdatum->dfltlevel.cat); 681 ebitmap_destroy(&usrdatum->range.level[1].cat);
682 ebitmap_destroy(&usrdatum->dfltlevel.cat);
683 }
611 kfree(datum); 684 kfree(datum);
612 return 0; 685 return 0;
613} 686}
@@ -617,9 +690,11 @@ static int sens_destroy(void *key, void *datum, void *p)
617 struct level_datum *levdatum; 690 struct level_datum *levdatum;
618 691
619 kfree(key); 692 kfree(key);
620 levdatum = datum; 693 if (datum) {
621 ebitmap_destroy(&levdatum->level->cat); 694 levdatum = datum;
622 kfree(levdatum->level); 695 ebitmap_destroy(&levdatum->level->cat);
696 kfree(levdatum->level);
697 }
623 kfree(datum); 698 kfree(datum);
624 return 0; 699 return 0;
625} 700}
@@ -643,6 +718,16 @@ static int (*destroy_f[SYM_NUM]) (void *key, void *datum, void *datap) =
643 cat_destroy, 718 cat_destroy,
644}; 719};
645 720
721static int filenametr_destroy(void *key, void *datum, void *p)
722{
723 struct filename_trans *ft = key;
724 kfree(ft->name);
725 kfree(key);
726 kfree(datum);
727 cond_resched();
728 return 0;
729}
730
646static int range_tr_destroy(void *key, void *datum, void *p) 731static int range_tr_destroy(void *key, void *datum, void *p)
647{ 732{
648 struct mls_range *rt = datum; 733 struct mls_range *rt = datum;
@@ -684,13 +769,16 @@ void policydb_destroy(struct policydb *p)
684 hashtab_destroy(p->symtab[i].table); 769 hashtab_destroy(p->symtab[i].table);
685 } 770 }
686 771
687 for (i = 0; i < SYM_NUM; i++) 772 for (i = 0; i < SYM_NUM; i++) {
688 kfree(p->sym_val_to_name[i]); 773 if (p->sym_val_to_name[i])
774 flex_array_free(p->sym_val_to_name[i]);
775 }
689 776
690 kfree(p->class_val_to_struct); 777 kfree(p->class_val_to_struct);
691 kfree(p->role_val_to_struct); 778 kfree(p->role_val_to_struct);
692 kfree(p->user_val_to_struct); 779 kfree(p->user_val_to_struct);
693 kfree(p->type_val_to_struct); 780 if (p->type_val_to_struct_array)
781 flex_array_free(p->type_val_to_struct_array);
694 782
695 avtab_destroy(&p->te_avtab); 783 avtab_destroy(&p->te_avtab);
696 784
@@ -737,6 +825,9 @@ void policydb_destroy(struct policydb *p)
737 } 825 }
738 kfree(lra); 826 kfree(lra);
739 827
828 hashtab_map(p->filename_trans, filenametr_destroy, NULL);
829 hashtab_destroy(p->filename_trans);
830
740 hashtab_map(p->range_tr, range_tr_destroy, NULL); 831 hashtab_map(p->range_tr, range_tr_destroy, NULL);
741 hashtab_destroy(p->range_tr); 832 hashtab_destroy(p->range_tr);
742 833
@@ -751,6 +842,8 @@ void policydb_destroy(struct policydb *p)
751 } 842 }
752 flex_array_free(p->type_attr_map_array); 843 flex_array_free(p->type_attr_map_array);
753 } 844 }
845
846 ebitmap_destroy(&p->filename_trans_ttypes);
754 ebitmap_destroy(&p->policycaps); 847 ebitmap_destroy(&p->policycaps);
755 ebitmap_destroy(&p->permissive_map); 848 ebitmap_destroy(&p->permissive_map);
756 849
@@ -774,19 +867,21 @@ int policydb_load_isids(struct policydb *p, struct sidtab *s)
774 867
775 head = p->ocontexts[OCON_ISID]; 868 head = p->ocontexts[OCON_ISID];
776 for (c = head; c; c = c->next) { 869 for (c = head; c; c = c->next) {
870 rc = -EINVAL;
777 if (!c->context[0].user) { 871 if (!c->context[0].user) {
778 printk(KERN_ERR "SELinux: SID %s was never " 872 printk(KERN_ERR "SELinux: SID %s was never defined.\n",
779 "defined.\n", c->u.name); 873 c->u.name);
780 rc = -EINVAL;
781 goto out; 874 goto out;
782 } 875 }
783 if (sidtab_insert(s, c->sid[0], &c->context[0])) { 876
784 printk(KERN_ERR "SELinux: unable to load initial " 877 rc = sidtab_insert(s, c->sid[0], &c->context[0]);
785 "SID %s.\n", c->u.name); 878 if (rc) {
786 rc = -EINVAL; 879 printk(KERN_ERR "SELinux: unable to load initial SID %s.\n",
880 c->u.name);
787 goto out; 881 goto out;
788 } 882 }
789 } 883 }
884 rc = 0;
790out: 885out:
791 return rc; 886 return rc;
792} 887}
@@ -835,8 +930,7 @@ int policydb_context_isvalid(struct policydb *p, struct context *c)
835 * Role must be authorized for the type. 930 * Role must be authorized for the type.
836 */ 931 */
837 role = p->role_val_to_struct[c->role - 1]; 932 role = p->role_val_to_struct[c->role - 1];
838 if (!ebitmap_get_bit(&role->types, 933 if (!ebitmap_get_bit(&role->types, c->type - 1))
839 c->type - 1))
840 /* role may not be associated with type */ 934 /* role may not be associated with type */
841 return 0; 935 return 0;
842 936
@@ -847,8 +941,7 @@ int policydb_context_isvalid(struct policydb *p, struct context *c)
847 if (!usrdatum) 941 if (!usrdatum)
848 return 0; 942 return 0;
849 943
850 if (!ebitmap_get_bit(&usrdatum->roles, 944 if (!ebitmap_get_bit(&usrdatum->roles, c->role - 1))
851 c->role - 1))
852 /* user may not be associated with role */ 945 /* user may not be associated with role */
853 return 0; 946 return 0;
854 } 947 }
@@ -870,20 +963,22 @@ static int mls_read_range_helper(struct mls_range *r, void *fp)
870 int rc; 963 int rc;
871 964
872 rc = next_entry(buf, fp, sizeof(u32)); 965 rc = next_entry(buf, fp, sizeof(u32));
873 if (rc < 0) 966 if (rc)
874 goto out; 967 goto out;
875 968
969 rc = -EINVAL;
876 items = le32_to_cpu(buf[0]); 970 items = le32_to_cpu(buf[0]);
877 if (items > ARRAY_SIZE(buf)) { 971 if (items > ARRAY_SIZE(buf)) {
878 printk(KERN_ERR "SELinux: mls: range overflow\n"); 972 printk(KERN_ERR "SELinux: mls: range overflow\n");
879 rc = -EINVAL;
880 goto out; 973 goto out;
881 } 974 }
975
882 rc = next_entry(buf, fp, sizeof(u32) * items); 976 rc = next_entry(buf, fp, sizeof(u32) * items);
883 if (rc < 0) { 977 if (rc) {
884 printk(KERN_ERR "SELinux: mls: truncated range\n"); 978 printk(KERN_ERR "SELinux: mls: truncated range\n");
885 goto out; 979 goto out;
886 } 980 }
981
887 r->level[0].sens = le32_to_cpu(buf[0]); 982 r->level[0].sens = le32_to_cpu(buf[0]);
888 if (items > 1) 983 if (items > 1)
889 r->level[1].sens = le32_to_cpu(buf[1]); 984 r->level[1].sens = le32_to_cpu(buf[1]);
@@ -892,15 +987,13 @@ static int mls_read_range_helper(struct mls_range *r, void *fp)
892 987
893 rc = ebitmap_read(&r->level[0].cat, fp); 988 rc = ebitmap_read(&r->level[0].cat, fp);
894 if (rc) { 989 if (rc) {
895 printk(KERN_ERR "SELinux: mls: error reading low " 990 printk(KERN_ERR "SELinux: mls: error reading low categories\n");
896 "categories\n");
897 goto out; 991 goto out;
898 } 992 }
899 if (items > 1) { 993 if (items > 1) {
900 rc = ebitmap_read(&r->level[1].cat, fp); 994 rc = ebitmap_read(&r->level[1].cat, fp);
901 if (rc) { 995 if (rc) {
902 printk(KERN_ERR "SELinux: mls: error reading high " 996 printk(KERN_ERR "SELinux: mls: error reading high categories\n");
903 "categories\n");
904 goto bad_high; 997 goto bad_high;
905 } 998 }
906 } else { 999 } else {
@@ -911,12 +1004,11 @@ static int mls_read_range_helper(struct mls_range *r, void *fp)
911 } 1004 }
912 } 1005 }
913 1006
914 rc = 0; 1007 return 0;
915out:
916 return rc;
917bad_high: 1008bad_high:
918 ebitmap_destroy(&r->level[0].cat); 1009 ebitmap_destroy(&r->level[0].cat);
919 goto out; 1010out:
1011 return rc;
920} 1012}
921 1013
922/* 1014/*
@@ -931,7 +1023,7 @@ static int context_read_and_validate(struct context *c,
931 int rc; 1023 int rc;
932 1024
933 rc = next_entry(buf, fp, sizeof buf); 1025 rc = next_entry(buf, fp, sizeof buf);
934 if (rc < 0) { 1026 if (rc) {
935 printk(KERN_ERR "SELinux: context truncated\n"); 1027 printk(KERN_ERR "SELinux: context truncated\n");
936 goto out; 1028 goto out;
937 } 1029 }
@@ -939,19 +1031,20 @@ static int context_read_and_validate(struct context *c,
939 c->role = le32_to_cpu(buf[1]); 1031 c->role = le32_to_cpu(buf[1]);
940 c->type = le32_to_cpu(buf[2]); 1032 c->type = le32_to_cpu(buf[2]);
941 if (p->policyvers >= POLICYDB_VERSION_MLS) { 1033 if (p->policyvers >= POLICYDB_VERSION_MLS) {
942 if (mls_read_range_helper(&c->range, fp)) { 1034 rc = mls_read_range_helper(&c->range, fp);
943 printk(KERN_ERR "SELinux: error reading MLS range of " 1035 if (rc) {
944 "context\n"); 1036 printk(KERN_ERR "SELinux: error reading MLS range of context\n");
945 rc = -EINVAL;
946 goto out; 1037 goto out;
947 } 1038 }
948 } 1039 }
949 1040
1041 rc = -EINVAL;
950 if (!policydb_context_isvalid(p, c)) { 1042 if (!policydb_context_isvalid(p, c)) {
951 printk(KERN_ERR "SELinux: invalid security context\n"); 1043 printk(KERN_ERR "SELinux: invalid security context\n");
952 context_destroy(c); 1044 context_destroy(c);
953 rc = -EINVAL; 1045 goto out;
954 } 1046 }
1047 rc = 0;
955out: 1048out:
956 return rc; 1049 return rc;
957} 1050}
@@ -970,37 +1063,36 @@ static int perm_read(struct policydb *p, struct hashtab *h, void *fp)
970 __le32 buf[2]; 1063 __le32 buf[2];
971 u32 len; 1064 u32 len;
972 1065
1066 rc = -ENOMEM;
973 perdatum = kzalloc(sizeof(*perdatum), GFP_KERNEL); 1067 perdatum = kzalloc(sizeof(*perdatum), GFP_KERNEL);
974 if (!perdatum) { 1068 if (!perdatum)
975 rc = -ENOMEM; 1069 goto bad;
976 goto out;
977 }
978 1070
979 rc = next_entry(buf, fp, sizeof buf); 1071 rc = next_entry(buf, fp, sizeof buf);
980 if (rc < 0) 1072 if (rc)
981 goto bad; 1073 goto bad;
982 1074
983 len = le32_to_cpu(buf[0]); 1075 len = le32_to_cpu(buf[0]);
984 perdatum->value = le32_to_cpu(buf[1]); 1076 perdatum->value = le32_to_cpu(buf[1]);
985 1077
1078 rc = -ENOMEM;
986 key = kmalloc(len + 1, GFP_KERNEL); 1079 key = kmalloc(len + 1, GFP_KERNEL);
987 if (!key) { 1080 if (!key)
988 rc = -ENOMEM;
989 goto bad; 1081 goto bad;
990 } 1082
991 rc = next_entry(key, fp, len); 1083 rc = next_entry(key, fp, len);
992 if (rc < 0) 1084 if (rc)
993 goto bad; 1085 goto bad;
994 key[len] = '\0'; 1086 key[len] = '\0';
995 1087
996 rc = hashtab_insert(h, key, perdatum); 1088 rc = hashtab_insert(h, key, perdatum);
997 if (rc) 1089 if (rc)
998 goto bad; 1090 goto bad;
999out: 1091
1000 return rc; 1092 return 0;
1001bad: 1093bad:
1002 perm_destroy(key, perdatum, NULL); 1094 perm_destroy(key, perdatum, NULL);
1003 goto out; 1095 return rc;
1004} 1096}
1005 1097
1006static int common_read(struct policydb *p, struct hashtab *h, void *fp) 1098static int common_read(struct policydb *p, struct hashtab *h, void *fp)
@@ -1011,14 +1103,13 @@ static int common_read(struct policydb *p, struct hashtab *h, void *fp)
1011 u32 len, nel; 1103 u32 len, nel;
1012 int i, rc; 1104 int i, rc;
1013 1105
1106 rc = -ENOMEM;
1014 comdatum = kzalloc(sizeof(*comdatum), GFP_KERNEL); 1107 comdatum = kzalloc(sizeof(*comdatum), GFP_KERNEL);
1015 if (!comdatum) { 1108 if (!comdatum)
1016 rc = -ENOMEM; 1109 goto bad;
1017 goto out;
1018 }
1019 1110
1020 rc = next_entry(buf, fp, sizeof buf); 1111 rc = next_entry(buf, fp, sizeof buf);
1021 if (rc < 0) 1112 if (rc)
1022 goto bad; 1113 goto bad;
1023 1114
1024 len = le32_to_cpu(buf[0]); 1115 len = le32_to_cpu(buf[0]);
@@ -1030,13 +1121,13 @@ static int common_read(struct policydb *p, struct hashtab *h, void *fp)
1030 comdatum->permissions.nprim = le32_to_cpu(buf[2]); 1121 comdatum->permissions.nprim = le32_to_cpu(buf[2]);
1031 nel = le32_to_cpu(buf[3]); 1122 nel = le32_to_cpu(buf[3]);
1032 1123
1124 rc = -ENOMEM;
1033 key = kmalloc(len + 1, GFP_KERNEL); 1125 key = kmalloc(len + 1, GFP_KERNEL);
1034 if (!key) { 1126 if (!key)
1035 rc = -ENOMEM;
1036 goto bad; 1127 goto bad;
1037 } 1128
1038 rc = next_entry(key, fp, len); 1129 rc = next_entry(key, fp, len);
1039 if (rc < 0) 1130 if (rc)
1040 goto bad; 1131 goto bad;
1041 key[len] = '\0'; 1132 key[len] = '\0';
1042 1133
@@ -1049,11 +1140,10 @@ static int common_read(struct policydb *p, struct hashtab *h, void *fp)
1049 rc = hashtab_insert(h, key, comdatum); 1140 rc = hashtab_insert(h, key, comdatum);
1050 if (rc) 1141 if (rc)
1051 goto bad; 1142 goto bad;
1052out: 1143 return 0;
1053 return rc;
1054bad: 1144bad:
1055 common_destroy(key, comdatum, NULL); 1145 common_destroy(key, comdatum, NULL);
1056 goto out; 1146 return rc;
1057} 1147}
1058 1148
1059static int read_cons_helper(struct constraint_node **nodep, int ncons, 1149static int read_cons_helper(struct constraint_node **nodep, int ncons,
@@ -1077,7 +1167,7 @@ static int read_cons_helper(struct constraint_node **nodep, int ncons,
1077 *nodep = c; 1167 *nodep = c;
1078 1168
1079 rc = next_entry(buf, fp, (sizeof(u32) * 2)); 1169 rc = next_entry(buf, fp, (sizeof(u32) * 2));
1080 if (rc < 0) 1170 if (rc)
1081 return rc; 1171 return rc;
1082 c->permissions = le32_to_cpu(buf[0]); 1172 c->permissions = le32_to_cpu(buf[0]);
1083 nexpr = le32_to_cpu(buf[1]); 1173 nexpr = le32_to_cpu(buf[1]);
@@ -1094,7 +1184,7 @@ static int read_cons_helper(struct constraint_node **nodep, int ncons,
1094 c->expr = e; 1184 c->expr = e;
1095 1185
1096 rc = next_entry(buf, fp, (sizeof(u32) * 3)); 1186 rc = next_entry(buf, fp, (sizeof(u32) * 3));
1097 if (rc < 0) 1187 if (rc)
1098 return rc; 1188 return rc;
1099 e->expr_type = le32_to_cpu(buf[0]); 1189 e->expr_type = le32_to_cpu(buf[0]);
1100 e->attr = le32_to_cpu(buf[1]); 1190 e->attr = le32_to_cpu(buf[1]);
@@ -1122,8 +1212,9 @@ static int read_cons_helper(struct constraint_node **nodep, int ncons,
1122 if (depth == (CEXPR_MAXDEPTH - 1)) 1212 if (depth == (CEXPR_MAXDEPTH - 1))
1123 return -EINVAL; 1213 return -EINVAL;
1124 depth++; 1214 depth++;
1125 if (ebitmap_read(&e->names, fp)) 1215 rc = ebitmap_read(&e->names, fp);
1126 return -EINVAL; 1216 if (rc)
1217 return rc;
1127 break; 1218 break;
1128 default: 1219 default:
1129 return -EINVAL; 1220 return -EINVAL;
@@ -1146,14 +1237,13 @@ static int class_read(struct policydb *p, struct hashtab *h, void *fp)
1146 u32 len, len2, ncons, nel; 1237 u32 len, len2, ncons, nel;
1147 int i, rc; 1238 int i, rc;
1148 1239
1240 rc = -ENOMEM;
1149 cladatum = kzalloc(sizeof(*cladatum), GFP_KERNEL); 1241 cladatum = kzalloc(sizeof(*cladatum), GFP_KERNEL);
1150 if (!cladatum) { 1242 if (!cladatum)
1151 rc = -ENOMEM; 1243 goto bad;
1152 goto out;
1153 }
1154 1244
1155 rc = next_entry(buf, fp, sizeof(u32)*6); 1245 rc = next_entry(buf, fp, sizeof(u32)*6);
1156 if (rc < 0) 1246 if (rc)
1157 goto bad; 1247 goto bad;
1158 1248
1159 len = le32_to_cpu(buf[0]); 1249 len = le32_to_cpu(buf[0]);
@@ -1168,33 +1258,30 @@ static int class_read(struct policydb *p, struct hashtab *h, void *fp)
1168 1258
1169 ncons = le32_to_cpu(buf[5]); 1259 ncons = le32_to_cpu(buf[5]);
1170 1260
1261 rc = -ENOMEM;
1171 key = kmalloc(len + 1, GFP_KERNEL); 1262 key = kmalloc(len + 1, GFP_KERNEL);
1172 if (!key) { 1263 if (!key)
1173 rc = -ENOMEM;
1174 goto bad; 1264 goto bad;
1175 } 1265
1176 rc = next_entry(key, fp, len); 1266 rc = next_entry(key, fp, len);
1177 if (rc < 0) 1267 if (rc)
1178 goto bad; 1268 goto bad;
1179 key[len] = '\0'; 1269 key[len] = '\0';
1180 1270
1181 if (len2) { 1271 if (len2) {
1272 rc = -ENOMEM;
1182 cladatum->comkey = kmalloc(len2 + 1, GFP_KERNEL); 1273 cladatum->comkey = kmalloc(len2 + 1, GFP_KERNEL);
1183 if (!cladatum->comkey) { 1274 if (!cladatum->comkey)
1184 rc = -ENOMEM;
1185 goto bad; 1275 goto bad;
1186 }
1187 rc = next_entry(cladatum->comkey, fp, len2); 1276 rc = next_entry(cladatum->comkey, fp, len2);
1188 if (rc < 0) 1277 if (rc)
1189 goto bad; 1278 goto bad;
1190 cladatum->comkey[len2] = '\0'; 1279 cladatum->comkey[len2] = '\0';
1191 1280
1192 cladatum->comdatum = hashtab_search(p->p_commons.table, 1281 rc = -EINVAL;
1193 cladatum->comkey); 1282 cladatum->comdatum = hashtab_search(p->p_commons.table, cladatum->comkey);
1194 if (!cladatum->comdatum) { 1283 if (!cladatum->comdatum) {
1195 printk(KERN_ERR "SELinux: unknown common %s\n", 1284 printk(KERN_ERR "SELinux: unknown common %s\n", cladatum->comkey);
1196 cladatum->comkey);
1197 rc = -EINVAL;
1198 goto bad; 1285 goto bad;
1199 } 1286 }
1200 } 1287 }
@@ -1211,7 +1298,7 @@ static int class_read(struct policydb *p, struct hashtab *h, void *fp)
1211 if (p->policyvers >= POLICYDB_VERSION_VALIDATETRANS) { 1298 if (p->policyvers >= POLICYDB_VERSION_VALIDATETRANS) {
1212 /* grab the validatetrans rules */ 1299 /* grab the validatetrans rules */
1213 rc = next_entry(buf, fp, sizeof(u32)); 1300 rc = next_entry(buf, fp, sizeof(u32));
1214 if (rc < 0) 1301 if (rc)
1215 goto bad; 1302 goto bad;
1216 ncons = le32_to_cpu(buf[0]); 1303 ncons = le32_to_cpu(buf[0]);
1217 rc = read_cons_helper(&cladatum->validatetrans, ncons, 1, fp); 1304 rc = read_cons_helper(&cladatum->validatetrans, ncons, 1, fp);
@@ -1223,12 +1310,10 @@ static int class_read(struct policydb *p, struct hashtab *h, void *fp)
1223 if (rc) 1310 if (rc)
1224 goto bad; 1311 goto bad;
1225 1312
1226 rc = 0; 1313 return 0;
1227out:
1228 return rc;
1229bad: 1314bad:
1230 cls_destroy(key, cladatum, NULL); 1315 cls_destroy(key, cladatum, NULL);
1231 goto out; 1316 return rc;
1232} 1317}
1233 1318
1234static int role_read(struct policydb *p, struct hashtab *h, void *fp) 1319static int role_read(struct policydb *p, struct hashtab *h, void *fp)
@@ -1239,17 +1324,16 @@ static int role_read(struct policydb *p, struct hashtab *h, void *fp)
1239 __le32 buf[3]; 1324 __le32 buf[3];
1240 u32 len; 1325 u32 len;
1241 1326
1327 rc = -ENOMEM;
1242 role = kzalloc(sizeof(*role), GFP_KERNEL); 1328 role = kzalloc(sizeof(*role), GFP_KERNEL);
1243 if (!role) { 1329 if (!role)
1244 rc = -ENOMEM; 1330 goto bad;
1245 goto out;
1246 }
1247 1331
1248 if (p->policyvers >= POLICYDB_VERSION_BOUNDARY) 1332 if (p->policyvers >= POLICYDB_VERSION_BOUNDARY)
1249 to_read = 3; 1333 to_read = 3;
1250 1334
1251 rc = next_entry(buf, fp, sizeof(buf[0]) * to_read); 1335 rc = next_entry(buf, fp, sizeof(buf[0]) * to_read);
1252 if (rc < 0) 1336 if (rc)
1253 goto bad; 1337 goto bad;
1254 1338
1255 len = le32_to_cpu(buf[0]); 1339 len = le32_to_cpu(buf[0]);
@@ -1257,13 +1341,13 @@ static int role_read(struct policydb *p, struct hashtab *h, void *fp)
1257 if (p->policyvers >= POLICYDB_VERSION_BOUNDARY) 1341 if (p->policyvers >= POLICYDB_VERSION_BOUNDARY)
1258 role->bounds = le32_to_cpu(buf[2]); 1342 role->bounds = le32_to_cpu(buf[2]);
1259 1343
1344 rc = -ENOMEM;
1260 key = kmalloc(len + 1, GFP_KERNEL); 1345 key = kmalloc(len + 1, GFP_KERNEL);
1261 if (!key) { 1346 if (!key)
1262 rc = -ENOMEM;
1263 goto bad; 1347 goto bad;
1264 } 1348
1265 rc = next_entry(key, fp, len); 1349 rc = next_entry(key, fp, len);
1266 if (rc < 0) 1350 if (rc)
1267 goto bad; 1351 goto bad;
1268 key[len] = '\0'; 1352 key[len] = '\0';
1269 1353
@@ -1276,10 +1360,10 @@ static int role_read(struct policydb *p, struct hashtab *h, void *fp)
1276 goto bad; 1360 goto bad;
1277 1361
1278 if (strcmp(key, OBJECT_R) == 0) { 1362 if (strcmp(key, OBJECT_R) == 0) {
1363 rc = -EINVAL;
1279 if (role->value != OBJECT_R_VAL) { 1364 if (role->value != OBJECT_R_VAL) {
1280 printk(KERN_ERR "SELinux: Role %s has wrong value %d\n", 1365 printk(KERN_ERR "SELinux: Role %s has wrong value %d\n",
1281 OBJECT_R, role->value); 1366 OBJECT_R, role->value);
1282 rc = -EINVAL;
1283 goto bad; 1367 goto bad;
1284 } 1368 }
1285 rc = 0; 1369 rc = 0;
@@ -1289,11 +1373,10 @@ static int role_read(struct policydb *p, struct hashtab *h, void *fp)
1289 rc = hashtab_insert(h, key, role); 1373 rc = hashtab_insert(h, key, role);
1290 if (rc) 1374 if (rc)
1291 goto bad; 1375 goto bad;
1292out: 1376 return 0;
1293 return rc;
1294bad: 1377bad:
1295 role_destroy(key, role, NULL); 1378 role_destroy(key, role, NULL);
1296 goto out; 1379 return rc;
1297} 1380}
1298 1381
1299static int type_read(struct policydb *p, struct hashtab *h, void *fp) 1382static int type_read(struct policydb *p, struct hashtab *h, void *fp)
@@ -1304,17 +1387,16 @@ static int type_read(struct policydb *p, struct hashtab *h, void *fp)
1304 __le32 buf[4]; 1387 __le32 buf[4];
1305 u32 len; 1388 u32 len;
1306 1389
1390 rc = -ENOMEM;
1307 typdatum = kzalloc(sizeof(*typdatum), GFP_KERNEL); 1391 typdatum = kzalloc(sizeof(*typdatum), GFP_KERNEL);
1308 if (!typdatum) { 1392 if (!typdatum)
1309 rc = -ENOMEM; 1393 goto bad;
1310 return rc;
1311 }
1312 1394
1313 if (p->policyvers >= POLICYDB_VERSION_BOUNDARY) 1395 if (p->policyvers >= POLICYDB_VERSION_BOUNDARY)
1314 to_read = 4; 1396 to_read = 4;
1315 1397
1316 rc = next_entry(buf, fp, sizeof(buf[0]) * to_read); 1398 rc = next_entry(buf, fp, sizeof(buf[0]) * to_read);
1317 if (rc < 0) 1399 if (rc)
1318 goto bad; 1400 goto bad;
1319 1401
1320 len = le32_to_cpu(buf[0]); 1402 len = le32_to_cpu(buf[0]);
@@ -1332,24 +1414,22 @@ static int type_read(struct policydb *p, struct hashtab *h, void *fp)
1332 typdatum->primary = le32_to_cpu(buf[2]); 1414 typdatum->primary = le32_to_cpu(buf[2]);
1333 } 1415 }
1334 1416
1417 rc = -ENOMEM;
1335 key = kmalloc(len + 1, GFP_KERNEL); 1418 key = kmalloc(len + 1, GFP_KERNEL);
1336 if (!key) { 1419 if (!key)
1337 rc = -ENOMEM;
1338 goto bad; 1420 goto bad;
1339 }
1340 rc = next_entry(key, fp, len); 1421 rc = next_entry(key, fp, len);
1341 if (rc < 0) 1422 if (rc)
1342 goto bad; 1423 goto bad;
1343 key[len] = '\0'; 1424 key[len] = '\0';
1344 1425
1345 rc = hashtab_insert(h, key, typdatum); 1426 rc = hashtab_insert(h, key, typdatum);
1346 if (rc) 1427 if (rc)
1347 goto bad; 1428 goto bad;
1348out: 1429 return 0;
1349 return rc;
1350bad: 1430bad:
1351 type_destroy(key, typdatum, NULL); 1431 type_destroy(key, typdatum, NULL);
1352 goto out; 1432 return rc;
1353} 1433}
1354 1434
1355 1435
@@ -1365,22 +1445,18 @@ static int mls_read_level(struct mls_level *lp, void *fp)
1365 memset(lp, 0, sizeof(*lp)); 1445 memset(lp, 0, sizeof(*lp));
1366 1446
1367 rc = next_entry(buf, fp, sizeof buf); 1447 rc = next_entry(buf, fp, sizeof buf);
1368 if (rc < 0) { 1448 if (rc) {
1369 printk(KERN_ERR "SELinux: mls: truncated level\n"); 1449 printk(KERN_ERR "SELinux: mls: truncated level\n");
1370 goto bad; 1450 return rc;
1371 } 1451 }
1372 lp->sens = le32_to_cpu(buf[0]); 1452 lp->sens = le32_to_cpu(buf[0]);
1373 1453
1374 if (ebitmap_read(&lp->cat, fp)) { 1454 rc = ebitmap_read(&lp->cat, fp);
1375 printk(KERN_ERR "SELinux: mls: error reading level " 1455 if (rc) {
1376 "categories\n"); 1456 printk(KERN_ERR "SELinux: mls: error reading level categories\n");
1377 goto bad; 1457 return rc;
1378 } 1458 }
1379
1380 return 0; 1459 return 0;
1381
1382bad:
1383 return -EINVAL;
1384} 1460}
1385 1461
1386static int user_read(struct policydb *p, struct hashtab *h, void *fp) 1462static int user_read(struct policydb *p, struct hashtab *h, void *fp)
@@ -1391,17 +1467,16 @@ static int user_read(struct policydb *p, struct hashtab *h, void *fp)
1391 __le32 buf[3]; 1467 __le32 buf[3];
1392 u32 len; 1468 u32 len;
1393 1469
1470 rc = -ENOMEM;
1394 usrdatum = kzalloc(sizeof(*usrdatum), GFP_KERNEL); 1471 usrdatum = kzalloc(sizeof(*usrdatum), GFP_KERNEL);
1395 if (!usrdatum) { 1472 if (!usrdatum)
1396 rc = -ENOMEM; 1473 goto bad;
1397 goto out;
1398 }
1399 1474
1400 if (p->policyvers >= POLICYDB_VERSION_BOUNDARY) 1475 if (p->policyvers >= POLICYDB_VERSION_BOUNDARY)
1401 to_read = 3; 1476 to_read = 3;
1402 1477
1403 rc = next_entry(buf, fp, sizeof(buf[0]) * to_read); 1478 rc = next_entry(buf, fp, sizeof(buf[0]) * to_read);
1404 if (rc < 0) 1479 if (rc)
1405 goto bad; 1480 goto bad;
1406 1481
1407 len = le32_to_cpu(buf[0]); 1482 len = le32_to_cpu(buf[0]);
@@ -1409,13 +1484,12 @@ static int user_read(struct policydb *p, struct hashtab *h, void *fp)
1409 if (p->policyvers >= POLICYDB_VERSION_BOUNDARY) 1484 if (p->policyvers >= POLICYDB_VERSION_BOUNDARY)
1410 usrdatum->bounds = le32_to_cpu(buf[2]); 1485 usrdatum->bounds = le32_to_cpu(buf[2]);
1411 1486
1487 rc = -ENOMEM;
1412 key = kmalloc(len + 1, GFP_KERNEL); 1488 key = kmalloc(len + 1, GFP_KERNEL);
1413 if (!key) { 1489 if (!key)
1414 rc = -ENOMEM;
1415 goto bad; 1490 goto bad;
1416 }
1417 rc = next_entry(key, fp, len); 1491 rc = next_entry(key, fp, len);
1418 if (rc < 0) 1492 if (rc)
1419 goto bad; 1493 goto bad;
1420 key[len] = '\0'; 1494 key[len] = '\0';
1421 1495
@@ -1435,11 +1509,10 @@ static int user_read(struct policydb *p, struct hashtab *h, void *fp)
1435 rc = hashtab_insert(h, key, usrdatum); 1509 rc = hashtab_insert(h, key, usrdatum);
1436 if (rc) 1510 if (rc)
1437 goto bad; 1511 goto bad;
1438out: 1512 return 0;
1439 return rc;
1440bad: 1513bad:
1441 user_destroy(key, usrdatum, NULL); 1514 user_destroy(key, usrdatum, NULL);
1442 goto out; 1515 return rc;
1443} 1516}
1444 1517
1445static int sens_read(struct policydb *p, struct hashtab *h, void *fp) 1518static int sens_read(struct policydb *p, struct hashtab *h, void *fp)
@@ -1450,47 +1523,43 @@ static int sens_read(struct policydb *p, struct hashtab *h, void *fp)
1450 __le32 buf[2]; 1523 __le32 buf[2];
1451 u32 len; 1524 u32 len;
1452 1525
1526 rc = -ENOMEM;
1453 levdatum = kzalloc(sizeof(*levdatum), GFP_ATOMIC); 1527 levdatum = kzalloc(sizeof(*levdatum), GFP_ATOMIC);
1454 if (!levdatum) { 1528 if (!levdatum)
1455 rc = -ENOMEM; 1529 goto bad;
1456 goto out;
1457 }
1458 1530
1459 rc = next_entry(buf, fp, sizeof buf); 1531 rc = next_entry(buf, fp, sizeof buf);
1460 if (rc < 0) 1532 if (rc)
1461 goto bad; 1533 goto bad;
1462 1534
1463 len = le32_to_cpu(buf[0]); 1535 len = le32_to_cpu(buf[0]);
1464 levdatum->isalias = le32_to_cpu(buf[1]); 1536 levdatum->isalias = le32_to_cpu(buf[1]);
1465 1537
1538 rc = -ENOMEM;
1466 key = kmalloc(len + 1, GFP_ATOMIC); 1539 key = kmalloc(len + 1, GFP_ATOMIC);
1467 if (!key) { 1540 if (!key)
1468 rc = -ENOMEM;
1469 goto bad; 1541 goto bad;
1470 }
1471 rc = next_entry(key, fp, len); 1542 rc = next_entry(key, fp, len);
1472 if (rc < 0) 1543 if (rc)
1473 goto bad; 1544 goto bad;
1474 key[len] = '\0'; 1545 key[len] = '\0';
1475 1546
1547 rc = -ENOMEM;
1476 levdatum->level = kmalloc(sizeof(struct mls_level), GFP_ATOMIC); 1548 levdatum->level = kmalloc(sizeof(struct mls_level), GFP_ATOMIC);
1477 if (!levdatum->level) { 1549 if (!levdatum->level)
1478 rc = -ENOMEM;
1479 goto bad; 1550 goto bad;
1480 } 1551
1481 if (mls_read_level(levdatum->level, fp)) { 1552 rc = mls_read_level(levdatum->level, fp);
1482 rc = -EINVAL; 1553 if (rc)
1483 goto bad; 1554 goto bad;
1484 }
1485 1555
1486 rc = hashtab_insert(h, key, levdatum); 1556 rc = hashtab_insert(h, key, levdatum);
1487 if (rc) 1557 if (rc)
1488 goto bad; 1558 goto bad;
1489out: 1559 return 0;
1490 return rc;
1491bad: 1560bad:
1492 sens_destroy(key, levdatum, NULL); 1561 sens_destroy(key, levdatum, NULL);
1493 goto out; 1562 return rc;
1494} 1563}
1495 1564
1496static int cat_read(struct policydb *p, struct hashtab *h, void *fp) 1565static int cat_read(struct policydb *p, struct hashtab *h, void *fp)
@@ -1501,39 +1570,35 @@ static int cat_read(struct policydb *p, struct hashtab *h, void *fp)
1501 __le32 buf[3]; 1570 __le32 buf[3];
1502 u32 len; 1571 u32 len;
1503 1572
1573 rc = -ENOMEM;
1504 catdatum = kzalloc(sizeof(*catdatum), GFP_ATOMIC); 1574 catdatum = kzalloc(sizeof(*catdatum), GFP_ATOMIC);
1505 if (!catdatum) { 1575 if (!catdatum)
1506 rc = -ENOMEM; 1576 goto bad;
1507 goto out;
1508 }
1509 1577
1510 rc = next_entry(buf, fp, sizeof buf); 1578 rc = next_entry(buf, fp, sizeof buf);
1511 if (rc < 0) 1579 if (rc)
1512 goto bad; 1580 goto bad;
1513 1581
1514 len = le32_to_cpu(buf[0]); 1582 len = le32_to_cpu(buf[0]);
1515 catdatum->value = le32_to_cpu(buf[1]); 1583 catdatum->value = le32_to_cpu(buf[1]);
1516 catdatum->isalias = le32_to_cpu(buf[2]); 1584 catdatum->isalias = le32_to_cpu(buf[2]);
1517 1585
1586 rc = -ENOMEM;
1518 key = kmalloc(len + 1, GFP_ATOMIC); 1587 key = kmalloc(len + 1, GFP_ATOMIC);
1519 if (!key) { 1588 if (!key)
1520 rc = -ENOMEM;
1521 goto bad; 1589 goto bad;
1522 }
1523 rc = next_entry(key, fp, len); 1590 rc = next_entry(key, fp, len);
1524 if (rc < 0) 1591 if (rc)
1525 goto bad; 1592 goto bad;
1526 key[len] = '\0'; 1593 key[len] = '\0';
1527 1594
1528 rc = hashtab_insert(h, key, catdatum); 1595 rc = hashtab_insert(h, key, catdatum);
1529 if (rc) 1596 if (rc)
1530 goto bad; 1597 goto bad;
1531out: 1598 return 0;
1532 return rc;
1533
1534bad: 1599bad:
1535 cat_destroy(key, catdatum, NULL); 1600 cat_destroy(key, catdatum, NULL);
1536 goto out; 1601 return rc;
1537} 1602}
1538 1603
1539static int (*read_f[SYM_NUM]) (struct policydb *p, struct hashtab *h, void *fp) = 1604static int (*read_f[SYM_NUM]) (struct policydb *p, struct hashtab *h, void *fp) =
@@ -1574,9 +1639,9 @@ static int user_bounds_sanity_check(void *key, void *datum, void *datap)
1574 printk(KERN_ERR 1639 printk(KERN_ERR
1575 "SELinux: boundary violated policy: " 1640 "SELinux: boundary violated policy: "
1576 "user=%s role=%s bounds=%s\n", 1641 "user=%s role=%s bounds=%s\n",
1577 p->p_user_val_to_name[user->value - 1], 1642 sym_name(p, SYM_USERS, user->value - 1),
1578 p->p_role_val_to_name[bit], 1643 sym_name(p, SYM_ROLES, bit),
1579 p->p_user_val_to_name[upper->value - 1]); 1644 sym_name(p, SYM_USERS, upper->value - 1));
1580 1645
1581 return -EINVAL; 1646 return -EINVAL;
1582 } 1647 }
@@ -1611,9 +1676,9 @@ static int role_bounds_sanity_check(void *key, void *datum, void *datap)
1611 printk(KERN_ERR 1676 printk(KERN_ERR
1612 "SELinux: boundary violated policy: " 1677 "SELinux: boundary violated policy: "
1613 "role=%s type=%s bounds=%s\n", 1678 "role=%s type=%s bounds=%s\n",
1614 p->p_role_val_to_name[role->value - 1], 1679 sym_name(p, SYM_ROLES, role->value - 1),
1615 p->p_type_val_to_name[bit], 1680 sym_name(p, SYM_TYPES, bit),
1616 p->p_role_val_to_name[upper->value - 1]); 1681 sym_name(p, SYM_ROLES, upper->value - 1));
1617 1682
1618 return -EINVAL; 1683 return -EINVAL;
1619 } 1684 }
@@ -1624,11 +1689,11 @@ static int role_bounds_sanity_check(void *key, void *datum, void *datap)
1624 1689
1625static int type_bounds_sanity_check(void *key, void *datum, void *datap) 1690static int type_bounds_sanity_check(void *key, void *datum, void *datap)
1626{ 1691{
1627 struct type_datum *upper, *type; 1692 struct type_datum *upper;
1628 struct policydb *p = datap; 1693 struct policydb *p = datap;
1629 int depth = 0; 1694 int depth = 0;
1630 1695
1631 upper = type = datum; 1696 upper = datum;
1632 while (upper->bounds) { 1697 while (upper->bounds) {
1633 if (++depth == POLICYDB_BOUNDS_MAXDEPTH) { 1698 if (++depth == POLICYDB_BOUNDS_MAXDEPTH) {
1634 printk(KERN_ERR "SELinux: type %s: " 1699 printk(KERN_ERR "SELinux: type %s: "
@@ -1637,12 +1702,15 @@ static int type_bounds_sanity_check(void *key, void *datum, void *datap)
1637 return -EINVAL; 1702 return -EINVAL;
1638 } 1703 }
1639 1704
1640 upper = p->type_val_to_struct[upper->bounds - 1]; 1705 upper = flex_array_get_ptr(p->type_val_to_struct_array,
1706 upper->bounds - 1);
1707 BUG_ON(!upper);
1708
1641 if (upper->attribute) { 1709 if (upper->attribute) {
1642 printk(KERN_ERR "SELinux: type %s: " 1710 printk(KERN_ERR "SELinux: type %s: "
1643 "bounded by attribute %s", 1711 "bounded by attribute %s",
1644 (char *) key, 1712 (char *) key,
1645 p->p_type_val_to_name[upper->value - 1]); 1713 sym_name(p, SYM_TYPES, upper->value - 1));
1646 return -EINVAL; 1714 return -EINVAL;
1647 } 1715 }
1648 } 1716 }
@@ -1775,7 +1843,7 @@ static int range_read(struct policydb *p, void *fp)
1775 rt = NULL; 1843 rt = NULL;
1776 r = NULL; 1844 r = NULL;
1777 } 1845 }
1778 rangetr_hash_eval(p->range_tr); 1846 hash_eval(p->range_tr, "rangetr");
1779 rc = 0; 1847 rc = 0;
1780out: 1848out:
1781 kfree(rt); 1849 kfree(rt);
@@ -1783,6 +1851,83 @@ out:
1783 return rc; 1851 return rc;
1784} 1852}
1785 1853
1854static int filename_trans_read(struct policydb *p, void *fp)
1855{
1856 struct filename_trans *ft;
1857 struct filename_trans_datum *otype;
1858 char *name;
1859 u32 nel, len;
1860 __le32 buf[4];
1861 int rc, i;
1862
1863 if (p->policyvers < POLICYDB_VERSION_FILENAME_TRANS)
1864 return 0;
1865
1866 rc = next_entry(buf, fp, sizeof(u32));
1867 if (rc)
1868 return rc;
1869 nel = le32_to_cpu(buf[0]);
1870
1871 for (i = 0; i < nel; i++) {
1872 ft = NULL;
1873 otype = NULL;
1874 name = NULL;
1875
1876 rc = -ENOMEM;
1877 ft = kzalloc(sizeof(*ft), GFP_KERNEL);
1878 if (!ft)
1879 goto out;
1880
1881 rc = -ENOMEM;
1882 otype = kmalloc(sizeof(*otype), GFP_KERNEL);
1883 if (!otype)
1884 goto out;
1885
1886 /* length of the path component string */
1887 rc = next_entry(buf, fp, sizeof(u32));
1888 if (rc)
1889 goto out;
1890 len = le32_to_cpu(buf[0]);
1891
1892 rc = -ENOMEM;
1893 name = kmalloc(len + 1, GFP_KERNEL);
1894 if (!name)
1895 goto out;
1896
1897 ft->name = name;
1898
1899 /* path component string */
1900 rc = next_entry(name, fp, len);
1901 if (rc)
1902 goto out;
1903 name[len] = 0;
1904
1905 rc = next_entry(buf, fp, sizeof(u32) * 4);
1906 if (rc)
1907 goto out;
1908
1909 ft->stype = le32_to_cpu(buf[0]);
1910 ft->ttype = le32_to_cpu(buf[1]);
1911 ft->tclass = le32_to_cpu(buf[2]);
1912
1913 otype->otype = le32_to_cpu(buf[3]);
1914
1915 rc = ebitmap_set_bit(&p->filename_trans_ttypes, ft->ttype, 1);
1916 if (rc)
1917 goto out;
1918
1919 hashtab_insert(p->filename_trans, ft, otype);
1920 }
1921 hash_eval(p->filename_trans, "filenametr");
1922 return 0;
1923out:
1924 kfree(ft);
1925 kfree(name);
1926 kfree(otype);
1927
1928 return rc;
1929}
1930
1786static int genfs_read(struct policydb *p, void *fp) 1931static int genfs_read(struct policydb *p, void *fp)
1787{ 1932{
1788 int i, j, rc; 1933 int i, j, rc;
@@ -2055,13 +2200,14 @@ int policydb_read(struct policydb *p, void *fp)
2055 2200
2056 rc = policydb_init(p); 2201 rc = policydb_init(p);
2057 if (rc) 2202 if (rc)
2058 goto out; 2203 return rc;
2059 2204
2060 /* Read the magic number and string length. */ 2205 /* Read the magic number and string length. */
2061 rc = next_entry(buf, fp, sizeof(u32) * 2); 2206 rc = next_entry(buf, fp, sizeof(u32) * 2);
2062 if (rc < 0) 2207 if (rc)
2063 goto bad; 2208 goto bad;
2064 2209
2210 rc = -EINVAL;
2065 if (le32_to_cpu(buf[0]) != POLICYDB_MAGIC) { 2211 if (le32_to_cpu(buf[0]) != POLICYDB_MAGIC) {
2066 printk(KERN_ERR "SELinux: policydb magic number 0x%x does " 2212 printk(KERN_ERR "SELinux: policydb magic number 0x%x does "
2067 "not match expected magic number 0x%x\n", 2213 "not match expected magic number 0x%x\n",
@@ -2069,6 +2215,7 @@ int policydb_read(struct policydb *p, void *fp)
2069 goto bad; 2215 goto bad;
2070 } 2216 }
2071 2217
2218 rc = -EINVAL;
2072 len = le32_to_cpu(buf[1]); 2219 len = le32_to_cpu(buf[1]);
2073 if (len != strlen(POLICYDB_STRING)) { 2220 if (len != strlen(POLICYDB_STRING)) {
2074 printk(KERN_ERR "SELinux: policydb string length %d does not " 2221 printk(KERN_ERR "SELinux: policydb string length %d does not "
@@ -2076,19 +2223,23 @@ int policydb_read(struct policydb *p, void *fp)
2076 len, strlen(POLICYDB_STRING)); 2223 len, strlen(POLICYDB_STRING));
2077 goto bad; 2224 goto bad;
2078 } 2225 }
2226
2227 rc = -ENOMEM;
2079 policydb_str = kmalloc(len + 1, GFP_KERNEL); 2228 policydb_str = kmalloc(len + 1, GFP_KERNEL);
2080 if (!policydb_str) { 2229 if (!policydb_str) {
2081 printk(KERN_ERR "SELinux: unable to allocate memory for policydb " 2230 printk(KERN_ERR "SELinux: unable to allocate memory for policydb "
2082 "string of length %d\n", len); 2231 "string of length %d\n", len);
2083 rc = -ENOMEM;
2084 goto bad; 2232 goto bad;
2085 } 2233 }
2234
2086 rc = next_entry(policydb_str, fp, len); 2235 rc = next_entry(policydb_str, fp, len);
2087 if (rc < 0) { 2236 if (rc) {
2088 printk(KERN_ERR "SELinux: truncated policydb string identifier\n"); 2237 printk(KERN_ERR "SELinux: truncated policydb string identifier\n");
2089 kfree(policydb_str); 2238 kfree(policydb_str);
2090 goto bad; 2239 goto bad;
2091 } 2240 }
2241
2242 rc = -EINVAL;
2092 policydb_str[len] = '\0'; 2243 policydb_str[len] = '\0';
2093 if (strcmp(policydb_str, POLICYDB_STRING)) { 2244 if (strcmp(policydb_str, POLICYDB_STRING)) {
2094 printk(KERN_ERR "SELinux: policydb string %s does not match " 2245 printk(KERN_ERR "SELinux: policydb string %s does not match "
@@ -2102,9 +2253,10 @@ int policydb_read(struct policydb *p, void *fp)
2102 2253
2103 /* Read the version and table sizes. */ 2254 /* Read the version and table sizes. */
2104 rc = next_entry(buf, fp, sizeof(u32)*4); 2255 rc = next_entry(buf, fp, sizeof(u32)*4);
2105 if (rc < 0) 2256 if (rc)
2106 goto bad; 2257 goto bad;
2107 2258
2259 rc = -EINVAL;
2108 p->policyvers = le32_to_cpu(buf[0]); 2260 p->policyvers = le32_to_cpu(buf[0]);
2109 if (p->policyvers < POLICYDB_VERSION_MIN || 2261 if (p->policyvers < POLICYDB_VERSION_MIN ||
2110 p->policyvers > POLICYDB_VERSION_MAX) { 2262 p->policyvers > POLICYDB_VERSION_MAX) {
@@ -2117,6 +2269,7 @@ int policydb_read(struct policydb *p, void *fp)
2117 if ((le32_to_cpu(buf[1]) & POLICYDB_CONFIG_MLS)) { 2269 if ((le32_to_cpu(buf[1]) & POLICYDB_CONFIG_MLS)) {
2118 p->mls_enabled = 1; 2270 p->mls_enabled = 1;
2119 2271
2272 rc = -EINVAL;
2120 if (p->policyvers < POLICYDB_VERSION_MLS) { 2273 if (p->policyvers < POLICYDB_VERSION_MLS) {
2121 printk(KERN_ERR "SELinux: security policydb version %d " 2274 printk(KERN_ERR "SELinux: security policydb version %d "
2122 "(MLS) not backwards compatible\n", 2275 "(MLS) not backwards compatible\n",
@@ -2127,14 +2280,19 @@ int policydb_read(struct policydb *p, void *fp)
2127 p->reject_unknown = !!(le32_to_cpu(buf[1]) & REJECT_UNKNOWN); 2280 p->reject_unknown = !!(le32_to_cpu(buf[1]) & REJECT_UNKNOWN);
2128 p->allow_unknown = !!(le32_to_cpu(buf[1]) & ALLOW_UNKNOWN); 2281 p->allow_unknown = !!(le32_to_cpu(buf[1]) & ALLOW_UNKNOWN);
2129 2282
2130 if (p->policyvers >= POLICYDB_VERSION_POLCAP && 2283 if (p->policyvers >= POLICYDB_VERSION_POLCAP) {
2131 ebitmap_read(&p->policycaps, fp) != 0) 2284 rc = ebitmap_read(&p->policycaps, fp);
2132 goto bad; 2285 if (rc)
2286 goto bad;
2287 }
2133 2288
2134 if (p->policyvers >= POLICYDB_VERSION_PERMISSIVE && 2289 if (p->policyvers >= POLICYDB_VERSION_PERMISSIVE) {
2135 ebitmap_read(&p->permissive_map, fp) != 0) 2290 rc = ebitmap_read(&p->permissive_map, fp);
2136 goto bad; 2291 if (rc)
2292 goto bad;
2293 }
2137 2294
2295 rc = -EINVAL;
2138 info = policydb_lookup_compat(p->policyvers); 2296 info = policydb_lookup_compat(p->policyvers);
2139 if (!info) { 2297 if (!info) {
2140 printk(KERN_ERR "SELinux: unable to find policy compat info " 2298 printk(KERN_ERR "SELinux: unable to find policy compat info "
@@ -2142,6 +2300,7 @@ int policydb_read(struct policydb *p, void *fp)
2142 goto bad; 2300 goto bad;
2143 } 2301 }
2144 2302
2303 rc = -EINVAL;
2145 if (le32_to_cpu(buf[2]) != info->sym_num || 2304 if (le32_to_cpu(buf[2]) != info->sym_num ||
2146 le32_to_cpu(buf[3]) != info->ocon_num) { 2305 le32_to_cpu(buf[3]) != info->ocon_num) {
2147 printk(KERN_ERR "SELinux: policydb table sizes (%d,%d) do " 2306 printk(KERN_ERR "SELinux: policydb table sizes (%d,%d) do "
@@ -2153,7 +2312,7 @@ int policydb_read(struct policydb *p, void *fp)
2153 2312
2154 for (i = 0; i < info->sym_num; i++) { 2313 for (i = 0; i < info->sym_num; i++) {
2155 rc = next_entry(buf, fp, sizeof(u32)*2); 2314 rc = next_entry(buf, fp, sizeof(u32)*2);
2156 if (rc < 0) 2315 if (rc)
2157 goto bad; 2316 goto bad;
2158 nprim = le32_to_cpu(buf[0]); 2317 nprim = le32_to_cpu(buf[0]);
2159 nel = le32_to_cpu(buf[1]); 2318 nel = le32_to_cpu(buf[1]);
@@ -2166,6 +2325,11 @@ int policydb_read(struct policydb *p, void *fp)
2166 p->symtab[i].nprim = nprim; 2325 p->symtab[i].nprim = nprim;
2167 } 2326 }
2168 2327
2328 rc = -EINVAL;
2329 p->process_class = string_to_security_class(p, "process");
2330 if (!p->process_class)
2331 goto bad;
2332
2169 rc = avtab_read(&p->te_avtab, fp, p); 2333 rc = avtab_read(&p->te_avtab, fp, p);
2170 if (rc) 2334 if (rc)
2171 goto bad; 2335 goto bad;
@@ -2177,78 +2341,81 @@ int policydb_read(struct policydb *p, void *fp)
2177 } 2341 }
2178 2342
2179 rc = next_entry(buf, fp, sizeof(u32)); 2343 rc = next_entry(buf, fp, sizeof(u32));
2180 if (rc < 0) 2344 if (rc)
2181 goto bad; 2345 goto bad;
2182 nel = le32_to_cpu(buf[0]); 2346 nel = le32_to_cpu(buf[0]);
2183 ltr = NULL; 2347 ltr = NULL;
2184 for (i = 0; i < nel; i++) { 2348 for (i = 0; i < nel; i++) {
2349 rc = -ENOMEM;
2185 tr = kzalloc(sizeof(*tr), GFP_KERNEL); 2350 tr = kzalloc(sizeof(*tr), GFP_KERNEL);
2186 if (!tr) { 2351 if (!tr)
2187 rc = -ENOMEM;
2188 goto bad; 2352 goto bad;
2189 }
2190 if (ltr) 2353 if (ltr)
2191 ltr->next = tr; 2354 ltr->next = tr;
2192 else 2355 else
2193 p->role_tr = tr; 2356 p->role_tr = tr;
2194 rc = next_entry(buf, fp, sizeof(u32)*3); 2357 rc = next_entry(buf, fp, sizeof(u32)*3);
2195 if (rc < 0) 2358 if (rc)
2196 goto bad; 2359 goto bad;
2360
2361 rc = -EINVAL;
2197 tr->role = le32_to_cpu(buf[0]); 2362 tr->role = le32_to_cpu(buf[0]);
2198 tr->type = le32_to_cpu(buf[1]); 2363 tr->type = le32_to_cpu(buf[1]);
2199 tr->new_role = le32_to_cpu(buf[2]); 2364 tr->new_role = le32_to_cpu(buf[2]);
2365 if (p->policyvers >= POLICYDB_VERSION_ROLETRANS) {
2366 rc = next_entry(buf, fp, sizeof(u32));
2367 if (rc)
2368 goto bad;
2369 tr->tclass = le32_to_cpu(buf[0]);
2370 } else
2371 tr->tclass = p->process_class;
2372
2200 if (!policydb_role_isvalid(p, tr->role) || 2373 if (!policydb_role_isvalid(p, tr->role) ||
2201 !policydb_type_isvalid(p, tr->type) || 2374 !policydb_type_isvalid(p, tr->type) ||
2202 !policydb_role_isvalid(p, tr->new_role)) { 2375 !policydb_class_isvalid(p, tr->tclass) ||
2203 rc = -EINVAL; 2376 !policydb_role_isvalid(p, tr->new_role))
2204 goto bad; 2377 goto bad;
2205 }
2206 ltr = tr; 2378 ltr = tr;
2207 } 2379 }
2208 2380
2209 rc = next_entry(buf, fp, sizeof(u32)); 2381 rc = next_entry(buf, fp, sizeof(u32));
2210 if (rc < 0) 2382 if (rc)
2211 goto bad; 2383 goto bad;
2212 nel = le32_to_cpu(buf[0]); 2384 nel = le32_to_cpu(buf[0]);
2213 lra = NULL; 2385 lra = NULL;
2214 for (i = 0; i < nel; i++) { 2386 for (i = 0; i < nel; i++) {
2387 rc = -ENOMEM;
2215 ra = kzalloc(sizeof(*ra), GFP_KERNEL); 2388 ra = kzalloc(sizeof(*ra), GFP_KERNEL);
2216 if (!ra) { 2389 if (!ra)
2217 rc = -ENOMEM;
2218 goto bad; 2390 goto bad;
2219 }
2220 if (lra) 2391 if (lra)
2221 lra->next = ra; 2392 lra->next = ra;
2222 else 2393 else
2223 p->role_allow = ra; 2394 p->role_allow = ra;
2224 rc = next_entry(buf, fp, sizeof(u32)*2); 2395 rc = next_entry(buf, fp, sizeof(u32)*2);
2225 if (rc < 0) 2396 if (rc)
2226 goto bad; 2397 goto bad;
2398
2399 rc = -EINVAL;
2227 ra->role = le32_to_cpu(buf[0]); 2400 ra->role = le32_to_cpu(buf[0]);
2228 ra->new_role = le32_to_cpu(buf[1]); 2401 ra->new_role = le32_to_cpu(buf[1]);
2229 if (!policydb_role_isvalid(p, ra->role) || 2402 if (!policydb_role_isvalid(p, ra->role) ||
2230 !policydb_role_isvalid(p, ra->new_role)) { 2403 !policydb_role_isvalid(p, ra->new_role))
2231 rc = -EINVAL;
2232 goto bad; 2404 goto bad;
2233 }
2234 lra = ra; 2405 lra = ra;
2235 } 2406 }
2236 2407
2237 rc = policydb_index_classes(p); 2408 rc = filename_trans_read(p, fp);
2238 if (rc) 2409 if (rc)
2239 goto bad; 2410 goto bad;
2240 2411
2241 rc = policydb_index_others(p); 2412 rc = policydb_index(p);
2242 if (rc) 2413 if (rc)
2243 goto bad; 2414 goto bad;
2244 2415
2245 p->process_class = string_to_security_class(p, "process"); 2416 rc = -EINVAL;
2246 if (!p->process_class) 2417 p->process_trans_perms = string_to_av_perm(p, p->process_class, "transition");
2247 goto bad; 2418 p->process_trans_perms |= string_to_av_perm(p, p->process_class, "dyntransition");
2248 p->process_trans_perms = string_to_av_perm(p, p->process_class,
2249 "transition");
2250 p->process_trans_perms |= string_to_av_perm(p, p->process_class,
2251 "dyntransition");
2252 if (!p->process_trans_perms) 2419 if (!p->process_trans_perms)
2253 goto bad; 2420 goto bad;
2254 2421
@@ -2272,7 +2439,7 @@ int policydb_read(struct policydb *p, void *fp)
2272 goto bad; 2439 goto bad;
2273 2440
2274 /* preallocate so we don't have to worry about the put ever failing */ 2441 /* preallocate so we don't have to worry about the put ever failing */
2275 rc = flex_array_prealloc(p->type_attr_map_array, 0, p->p_types.nprim - 1, 2442 rc = flex_array_prealloc(p->type_attr_map_array, 0, p->p_types.nprim,
2276 GFP_KERNEL | __GFP_ZERO); 2443 GFP_KERNEL | __GFP_ZERO);
2277 if (rc) 2444 if (rc)
2278 goto bad; 2445 goto bad;
@@ -2301,8 +2468,914 @@ int policydb_read(struct policydb *p, void *fp)
2301out: 2468out:
2302 return rc; 2469 return rc;
2303bad: 2470bad:
2304 if (!rc)
2305 rc = -EINVAL;
2306 policydb_destroy(p); 2471 policydb_destroy(p);
2307 goto out; 2472 goto out;
2308} 2473}
2474
2475/*
2476 * Write a MLS level structure to a policydb binary
2477 * representation file.
2478 */
2479static int mls_write_level(struct mls_level *l, void *fp)
2480{
2481 __le32 buf[1];
2482 int rc;
2483
2484 buf[0] = cpu_to_le32(l->sens);
2485 rc = put_entry(buf, sizeof(u32), 1, fp);
2486 if (rc)
2487 return rc;
2488
2489 rc = ebitmap_write(&l->cat, fp);
2490 if (rc)
2491 return rc;
2492
2493 return 0;
2494}
2495
2496/*
2497 * Write a MLS range structure to a policydb binary
2498 * representation file.
2499 */
2500static int mls_write_range_helper(struct mls_range *r, void *fp)
2501{
2502 __le32 buf[3];
2503 size_t items;
2504 int rc, eq;
2505
2506 eq = mls_level_eq(&r->level[1], &r->level[0]);
2507
2508 if (eq)
2509 items = 2;
2510 else
2511 items = 3;
2512 buf[0] = cpu_to_le32(items-1);
2513 buf[1] = cpu_to_le32(r->level[0].sens);
2514 if (!eq)
2515 buf[2] = cpu_to_le32(r->level[1].sens);
2516
2517 BUG_ON(items > (sizeof(buf)/sizeof(buf[0])));
2518
2519 rc = put_entry(buf, sizeof(u32), items, fp);
2520 if (rc)
2521 return rc;
2522
2523 rc = ebitmap_write(&r->level[0].cat, fp);
2524 if (rc)
2525 return rc;
2526 if (!eq) {
2527 rc = ebitmap_write(&r->level[1].cat, fp);
2528 if (rc)
2529 return rc;
2530 }
2531
2532 return 0;
2533}
2534
2535static int sens_write(void *vkey, void *datum, void *ptr)
2536{
2537 char *key = vkey;
2538 struct level_datum *levdatum = datum;
2539 struct policy_data *pd = ptr;
2540 void *fp = pd->fp;
2541 __le32 buf[2];
2542 size_t len;
2543 int rc;
2544
2545 len = strlen(key);
2546 buf[0] = cpu_to_le32(len);
2547 buf[1] = cpu_to_le32(levdatum->isalias);
2548 rc = put_entry(buf, sizeof(u32), 2, fp);
2549 if (rc)
2550 return rc;
2551
2552 rc = put_entry(key, 1, len, fp);
2553 if (rc)
2554 return rc;
2555
2556 rc = mls_write_level(levdatum->level, fp);
2557 if (rc)
2558 return rc;
2559
2560 return 0;
2561}
2562
2563static int cat_write(void *vkey, void *datum, void *ptr)
2564{
2565 char *key = vkey;
2566 struct cat_datum *catdatum = datum;
2567 struct policy_data *pd = ptr;
2568 void *fp = pd->fp;
2569 __le32 buf[3];
2570 size_t len;
2571 int rc;
2572
2573 len = strlen(key);
2574 buf[0] = cpu_to_le32(len);
2575 buf[1] = cpu_to_le32(catdatum->value);
2576 buf[2] = cpu_to_le32(catdatum->isalias);
2577 rc = put_entry(buf, sizeof(u32), 3, fp);
2578 if (rc)
2579 return rc;
2580
2581 rc = put_entry(key, 1, len, fp);
2582 if (rc)
2583 return rc;
2584
2585 return 0;
2586}
2587
2588static int role_trans_write(struct policydb *p, void *fp)
2589{
2590 struct role_trans *r = p->role_tr;
2591 struct role_trans *tr;
2592 u32 buf[3];
2593 size_t nel;
2594 int rc;
2595
2596 nel = 0;
2597 for (tr = r; tr; tr = tr->next)
2598 nel++;
2599 buf[0] = cpu_to_le32(nel);
2600 rc = put_entry(buf, sizeof(u32), 1, fp);
2601 if (rc)
2602 return rc;
2603 for (tr = r; tr; tr = tr->next) {
2604 buf[0] = cpu_to_le32(tr->role);
2605 buf[1] = cpu_to_le32(tr->type);
2606 buf[2] = cpu_to_le32(tr->new_role);
2607 rc = put_entry(buf, sizeof(u32), 3, fp);
2608 if (rc)
2609 return rc;
2610 if (p->policyvers >= POLICYDB_VERSION_ROLETRANS) {
2611 buf[0] = cpu_to_le32(tr->tclass);
2612 rc = put_entry(buf, sizeof(u32), 1, fp);
2613 if (rc)
2614 return rc;
2615 }
2616 }
2617
2618 return 0;
2619}
2620
2621static int role_allow_write(struct role_allow *r, void *fp)
2622{
2623 struct role_allow *ra;
2624 u32 buf[2];
2625 size_t nel;
2626 int rc;
2627
2628 nel = 0;
2629 for (ra = r; ra; ra = ra->next)
2630 nel++;
2631 buf[0] = cpu_to_le32(nel);
2632 rc = put_entry(buf, sizeof(u32), 1, fp);
2633 if (rc)
2634 return rc;
2635 for (ra = r; ra; ra = ra->next) {
2636 buf[0] = cpu_to_le32(ra->role);
2637 buf[1] = cpu_to_le32(ra->new_role);
2638 rc = put_entry(buf, sizeof(u32), 2, fp);
2639 if (rc)
2640 return rc;
2641 }
2642 return 0;
2643}
2644
2645/*
2646 * Write a security context structure
2647 * to a policydb binary representation file.
2648 */
2649static int context_write(struct policydb *p, struct context *c,
2650 void *fp)
2651{
2652 int rc;
2653 __le32 buf[3];
2654
2655 buf[0] = cpu_to_le32(c->user);
2656 buf[1] = cpu_to_le32(c->role);
2657 buf[2] = cpu_to_le32(c->type);
2658
2659 rc = put_entry(buf, sizeof(u32), 3, fp);
2660 if (rc)
2661 return rc;
2662
2663 rc = mls_write_range_helper(&c->range, fp);
2664 if (rc)
2665 return rc;
2666
2667 return 0;
2668}
2669
2670/*
2671 * The following *_write functions are used to
2672 * write the symbol data to a policy database
2673 * binary representation file.
2674 */
2675
2676static int perm_write(void *vkey, void *datum, void *fp)
2677{
2678 char *key = vkey;
2679 struct perm_datum *perdatum = datum;
2680 __le32 buf[2];
2681 size_t len;
2682 int rc;
2683
2684 len = strlen(key);
2685 buf[0] = cpu_to_le32(len);
2686 buf[1] = cpu_to_le32(perdatum->value);
2687 rc = put_entry(buf, sizeof(u32), 2, fp);
2688 if (rc)
2689 return rc;
2690
2691 rc = put_entry(key, 1, len, fp);
2692 if (rc)
2693 return rc;
2694
2695 return 0;
2696}
2697
2698static int common_write(void *vkey, void *datum, void *ptr)
2699{
2700 char *key = vkey;
2701 struct common_datum *comdatum = datum;
2702 struct policy_data *pd = ptr;
2703 void *fp = pd->fp;
2704 __le32 buf[4];
2705 size_t len;
2706 int rc;
2707
2708 len = strlen(key);
2709 buf[0] = cpu_to_le32(len);
2710 buf[1] = cpu_to_le32(comdatum->value);
2711 buf[2] = cpu_to_le32(comdatum->permissions.nprim);
2712 buf[3] = cpu_to_le32(comdatum->permissions.table->nel);
2713 rc = put_entry(buf, sizeof(u32), 4, fp);
2714 if (rc)
2715 return rc;
2716
2717 rc = put_entry(key, 1, len, fp);
2718 if (rc)
2719 return rc;
2720
2721 rc = hashtab_map(comdatum->permissions.table, perm_write, fp);
2722 if (rc)
2723 return rc;
2724
2725 return 0;
2726}
2727
2728static int write_cons_helper(struct policydb *p, struct constraint_node *node,
2729 void *fp)
2730{
2731 struct constraint_node *c;
2732 struct constraint_expr *e;
2733 __le32 buf[3];
2734 u32 nel;
2735 int rc;
2736
2737 for (c = node; c; c = c->next) {
2738 nel = 0;
2739 for (e = c->expr; e; e = e->next)
2740 nel++;
2741 buf[0] = cpu_to_le32(c->permissions);
2742 buf[1] = cpu_to_le32(nel);
2743 rc = put_entry(buf, sizeof(u32), 2, fp);
2744 if (rc)
2745 return rc;
2746 for (e = c->expr; e; e = e->next) {
2747 buf[0] = cpu_to_le32(e->expr_type);
2748 buf[1] = cpu_to_le32(e->attr);
2749 buf[2] = cpu_to_le32(e->op);
2750 rc = put_entry(buf, sizeof(u32), 3, fp);
2751 if (rc)
2752 return rc;
2753
2754 switch (e->expr_type) {
2755 case CEXPR_NAMES:
2756 rc = ebitmap_write(&e->names, fp);
2757 if (rc)
2758 return rc;
2759 break;
2760 default:
2761 break;
2762 }
2763 }
2764 }
2765
2766 return 0;
2767}
2768
2769static int class_write(void *vkey, void *datum, void *ptr)
2770{
2771 char *key = vkey;
2772 struct class_datum *cladatum = datum;
2773 struct policy_data *pd = ptr;
2774 void *fp = pd->fp;
2775 struct policydb *p = pd->p;
2776 struct constraint_node *c;
2777 __le32 buf[6];
2778 u32 ncons;
2779 size_t len, len2;
2780 int rc;
2781
2782 len = strlen(key);
2783 if (cladatum->comkey)
2784 len2 = strlen(cladatum->comkey);
2785 else
2786 len2 = 0;
2787
2788 ncons = 0;
2789 for (c = cladatum->constraints; c; c = c->next)
2790 ncons++;
2791
2792 buf[0] = cpu_to_le32(len);
2793 buf[1] = cpu_to_le32(len2);
2794 buf[2] = cpu_to_le32(cladatum->value);
2795 buf[3] = cpu_to_le32(cladatum->permissions.nprim);
2796 if (cladatum->permissions.table)
2797 buf[4] = cpu_to_le32(cladatum->permissions.table->nel);
2798 else
2799 buf[4] = 0;
2800 buf[5] = cpu_to_le32(ncons);
2801 rc = put_entry(buf, sizeof(u32), 6, fp);
2802 if (rc)
2803 return rc;
2804
2805 rc = put_entry(key, 1, len, fp);
2806 if (rc)
2807 return rc;
2808
2809 if (cladatum->comkey) {
2810 rc = put_entry(cladatum->comkey, 1, len2, fp);
2811 if (rc)
2812 return rc;
2813 }
2814
2815 rc = hashtab_map(cladatum->permissions.table, perm_write, fp);
2816 if (rc)
2817 return rc;
2818
2819 rc = write_cons_helper(p, cladatum->constraints, fp);
2820 if (rc)
2821 return rc;
2822
2823 /* write out the validatetrans rule */
2824 ncons = 0;
2825 for (c = cladatum->validatetrans; c; c = c->next)
2826 ncons++;
2827
2828 buf[0] = cpu_to_le32(ncons);
2829 rc = put_entry(buf, sizeof(u32), 1, fp);
2830 if (rc)
2831 return rc;
2832
2833 rc = write_cons_helper(p, cladatum->validatetrans, fp);
2834 if (rc)
2835 return rc;
2836
2837 return 0;
2838}
2839
2840static int role_write(void *vkey, void *datum, void *ptr)
2841{
2842 char *key = vkey;
2843 struct role_datum *role = datum;
2844 struct policy_data *pd = ptr;
2845 void *fp = pd->fp;
2846 struct policydb *p = pd->p;
2847 __le32 buf[3];
2848 size_t items, len;
2849 int rc;
2850
2851 len = strlen(key);
2852 items = 0;
2853 buf[items++] = cpu_to_le32(len);
2854 buf[items++] = cpu_to_le32(role->value);
2855 if (p->policyvers >= POLICYDB_VERSION_BOUNDARY)
2856 buf[items++] = cpu_to_le32(role->bounds);
2857
2858 BUG_ON(items > (sizeof(buf)/sizeof(buf[0])));
2859
2860 rc = put_entry(buf, sizeof(u32), items, fp);
2861 if (rc)
2862 return rc;
2863
2864 rc = put_entry(key, 1, len, fp);
2865 if (rc)
2866 return rc;
2867
2868 rc = ebitmap_write(&role->dominates, fp);
2869 if (rc)
2870 return rc;
2871
2872 rc = ebitmap_write(&role->types, fp);
2873 if (rc)
2874 return rc;
2875
2876 return 0;
2877}
2878
2879static int type_write(void *vkey, void *datum, void *ptr)
2880{
2881 char *key = vkey;
2882 struct type_datum *typdatum = datum;
2883 struct policy_data *pd = ptr;
2884 struct policydb *p = pd->p;
2885 void *fp = pd->fp;
2886 __le32 buf[4];
2887 int rc;
2888 size_t items, len;
2889
2890 len = strlen(key);
2891 items = 0;
2892 buf[items++] = cpu_to_le32(len);
2893 buf[items++] = cpu_to_le32(typdatum->value);
2894 if (p->policyvers >= POLICYDB_VERSION_BOUNDARY) {
2895 u32 properties = 0;
2896
2897 if (typdatum->primary)
2898 properties |= TYPEDATUM_PROPERTY_PRIMARY;
2899
2900 if (typdatum->attribute)
2901 properties |= TYPEDATUM_PROPERTY_ATTRIBUTE;
2902
2903 buf[items++] = cpu_to_le32(properties);
2904 buf[items++] = cpu_to_le32(typdatum->bounds);
2905 } else {
2906 buf[items++] = cpu_to_le32(typdatum->primary);
2907 }
2908 BUG_ON(items > (sizeof(buf) / sizeof(buf[0])));
2909 rc = put_entry(buf, sizeof(u32), items, fp);
2910 if (rc)
2911 return rc;
2912
2913 rc = put_entry(key, 1, len, fp);
2914 if (rc)
2915 return rc;
2916
2917 return 0;
2918}
2919
2920static int user_write(void *vkey, void *datum, void *ptr)
2921{
2922 char *key = vkey;
2923 struct user_datum *usrdatum = datum;
2924 struct policy_data *pd = ptr;
2925 struct policydb *p = pd->p;
2926 void *fp = pd->fp;
2927 __le32 buf[3];
2928 size_t items, len;
2929 int rc;
2930
2931 len = strlen(key);
2932 items = 0;
2933 buf[items++] = cpu_to_le32(len);
2934 buf[items++] = cpu_to_le32(usrdatum->value);
2935 if (p->policyvers >= POLICYDB_VERSION_BOUNDARY)
2936 buf[items++] = cpu_to_le32(usrdatum->bounds);
2937 BUG_ON(items > (sizeof(buf) / sizeof(buf[0])));
2938 rc = put_entry(buf, sizeof(u32), items, fp);
2939 if (rc)
2940 return rc;
2941
2942 rc = put_entry(key, 1, len, fp);
2943 if (rc)
2944 return rc;
2945
2946 rc = ebitmap_write(&usrdatum->roles, fp);
2947 if (rc)
2948 return rc;
2949
2950 rc = mls_write_range_helper(&usrdatum->range, fp);
2951 if (rc)
2952 return rc;
2953
2954 rc = mls_write_level(&usrdatum->dfltlevel, fp);
2955 if (rc)
2956 return rc;
2957
2958 return 0;
2959}
2960
2961static int (*write_f[SYM_NUM]) (void *key, void *datum,
2962 void *datap) =
2963{
2964 common_write,
2965 class_write,
2966 role_write,
2967 type_write,
2968 user_write,
2969 cond_write_bool,
2970 sens_write,
2971 cat_write,
2972};
2973
2974static int ocontext_write(struct policydb *p, struct policydb_compat_info *info,
2975 void *fp)
2976{
2977 unsigned int i, j, rc;
2978 size_t nel, len;
2979 __le32 buf[3];
2980 u32 nodebuf[8];
2981 struct ocontext *c;
2982 for (i = 0; i < info->ocon_num; i++) {
2983 nel = 0;
2984 for (c = p->ocontexts[i]; c; c = c->next)
2985 nel++;
2986 buf[0] = cpu_to_le32(nel);
2987 rc = put_entry(buf, sizeof(u32), 1, fp);
2988 if (rc)
2989 return rc;
2990 for (c = p->ocontexts[i]; c; c = c->next) {
2991 switch (i) {
2992 case OCON_ISID:
2993 buf[0] = cpu_to_le32(c->sid[0]);
2994 rc = put_entry(buf, sizeof(u32), 1, fp);
2995 if (rc)
2996 return rc;
2997 rc = context_write(p, &c->context[0], fp);
2998 if (rc)
2999 return rc;
3000 break;
3001 case OCON_FS:
3002 case OCON_NETIF:
3003 len = strlen(c->u.name);
3004 buf[0] = cpu_to_le32(len);
3005 rc = put_entry(buf, sizeof(u32), 1, fp);
3006 if (rc)
3007 return rc;
3008 rc = put_entry(c->u.name, 1, len, fp);
3009 if (rc)
3010 return rc;
3011 rc = context_write(p, &c->context[0], fp);
3012 if (rc)
3013 return rc;
3014 rc = context_write(p, &c->context[1], fp);
3015 if (rc)
3016 return rc;
3017 break;
3018 case OCON_PORT:
3019 buf[0] = cpu_to_le32(c->u.port.protocol);
3020 buf[1] = cpu_to_le32(c->u.port.low_port);
3021 buf[2] = cpu_to_le32(c->u.port.high_port);
3022 rc = put_entry(buf, sizeof(u32), 3, fp);
3023 if (rc)
3024 return rc;
3025 rc = context_write(p, &c->context[0], fp);
3026 if (rc)
3027 return rc;
3028 break;
3029 case OCON_NODE:
3030 nodebuf[0] = c->u.node.addr; /* network order */
3031 nodebuf[1] = c->u.node.mask; /* network order */
3032 rc = put_entry(nodebuf, sizeof(u32), 2, fp);
3033 if (rc)
3034 return rc;
3035 rc = context_write(p, &c->context[0], fp);
3036 if (rc)
3037 return rc;
3038 break;
3039 case OCON_FSUSE:
3040 buf[0] = cpu_to_le32(c->v.behavior);
3041 len = strlen(c->u.name);
3042 buf[1] = cpu_to_le32(len);
3043 rc = put_entry(buf, sizeof(u32), 2, fp);
3044 if (rc)
3045 return rc;
3046 rc = put_entry(c->u.name, 1, len, fp);
3047 if (rc)
3048 return rc;
3049 rc = context_write(p, &c->context[0], fp);
3050 if (rc)
3051 return rc;
3052 break;
3053 case OCON_NODE6:
3054 for (j = 0; j < 4; j++)
3055 nodebuf[j] = c->u.node6.addr[j]; /* network order */
3056 for (j = 0; j < 4; j++)
3057 nodebuf[j + 4] = c->u.node6.mask[j]; /* network order */
3058 rc = put_entry(nodebuf, sizeof(u32), 8, fp);
3059 if (rc)
3060 return rc;
3061 rc = context_write(p, &c->context[0], fp);
3062 if (rc)
3063 return rc;
3064 break;
3065 }
3066 }
3067 }
3068 return 0;
3069}
3070
3071static int genfs_write(struct policydb *p, void *fp)
3072{
3073 struct genfs *genfs;
3074 struct ocontext *c;
3075 size_t len;
3076 __le32 buf[1];
3077 int rc;
3078
3079 len = 0;
3080 for (genfs = p->genfs; genfs; genfs = genfs->next)
3081 len++;
3082 buf[0] = cpu_to_le32(len);
3083 rc = put_entry(buf, sizeof(u32), 1, fp);
3084 if (rc)
3085 return rc;
3086 for (genfs = p->genfs; genfs; genfs = genfs->next) {
3087 len = strlen(genfs->fstype);
3088 buf[0] = cpu_to_le32(len);
3089 rc = put_entry(buf, sizeof(u32), 1, fp);
3090 if (rc)
3091 return rc;
3092 rc = put_entry(genfs->fstype, 1, len, fp);
3093 if (rc)
3094 return rc;
3095 len = 0;
3096 for (c = genfs->head; c; c = c->next)
3097 len++;
3098 buf[0] = cpu_to_le32(len);
3099 rc = put_entry(buf, sizeof(u32), 1, fp);
3100 if (rc)
3101 return rc;
3102 for (c = genfs->head; c; c = c->next) {
3103 len = strlen(c->u.name);
3104 buf[0] = cpu_to_le32(len);
3105 rc = put_entry(buf, sizeof(u32), 1, fp);
3106 if (rc)
3107 return rc;
3108 rc = put_entry(c->u.name, 1, len, fp);
3109 if (rc)
3110 return rc;
3111 buf[0] = cpu_to_le32(c->v.sclass);
3112 rc = put_entry(buf, sizeof(u32), 1, fp);
3113 if (rc)
3114 return rc;
3115 rc = context_write(p, &c->context[0], fp);
3116 if (rc)
3117 return rc;
3118 }
3119 }
3120 return 0;
3121}
3122
3123static int hashtab_cnt(void *key, void *data, void *ptr)
3124{
3125 int *cnt = ptr;
3126 *cnt = *cnt + 1;
3127
3128 return 0;
3129}
3130
3131static int range_write_helper(void *key, void *data, void *ptr)
3132{
3133 __le32 buf[2];
3134 struct range_trans *rt = key;
3135 struct mls_range *r = data;
3136 struct policy_data *pd = ptr;
3137 void *fp = pd->fp;
3138 struct policydb *p = pd->p;
3139 int rc;
3140
3141 buf[0] = cpu_to_le32(rt->source_type);
3142 buf[1] = cpu_to_le32(rt->target_type);
3143 rc = put_entry(buf, sizeof(u32), 2, fp);
3144 if (rc)
3145 return rc;
3146 if (p->policyvers >= POLICYDB_VERSION_RANGETRANS) {
3147 buf[0] = cpu_to_le32(rt->target_class);
3148 rc = put_entry(buf, sizeof(u32), 1, fp);
3149 if (rc)
3150 return rc;
3151 }
3152 rc = mls_write_range_helper(r, fp);
3153 if (rc)
3154 return rc;
3155
3156 return 0;
3157}
3158
3159static int range_write(struct policydb *p, void *fp)
3160{
3161 size_t nel;
3162 __le32 buf[1];
3163 int rc;
3164 struct policy_data pd;
3165
3166 pd.p = p;
3167 pd.fp = fp;
3168
3169 /* count the number of entries in the hashtab */
3170 nel = 0;
3171 rc = hashtab_map(p->range_tr, hashtab_cnt, &nel);
3172 if (rc)
3173 return rc;
3174
3175 buf[0] = cpu_to_le32(nel);
3176 rc = put_entry(buf, sizeof(u32), 1, fp);
3177 if (rc)
3178 return rc;
3179
3180 /* actually write all of the entries */
3181 rc = hashtab_map(p->range_tr, range_write_helper, &pd);
3182 if (rc)
3183 return rc;
3184
3185 return 0;
3186}
3187
3188static int filename_write_helper(void *key, void *data, void *ptr)
3189{
3190 __le32 buf[4];
3191 struct filename_trans *ft = key;
3192 struct filename_trans_datum *otype = data;
3193 void *fp = ptr;
3194 int rc;
3195 u32 len;
3196
3197 len = strlen(ft->name);
3198 buf[0] = cpu_to_le32(len);
3199 rc = put_entry(buf, sizeof(u32), 1, fp);
3200 if (rc)
3201 return rc;
3202
3203 rc = put_entry(ft->name, sizeof(char), len, fp);
3204 if (rc)
3205 return rc;
3206
3207 buf[0] = ft->stype;
3208 buf[1] = ft->ttype;
3209 buf[2] = ft->tclass;
3210 buf[3] = otype->otype;
3211
3212 rc = put_entry(buf, sizeof(u32), 4, fp);
3213 if (rc)
3214 return rc;
3215
3216 return 0;
3217}
3218
3219static int filename_trans_write(struct policydb *p, void *fp)
3220{
3221 u32 nel;
3222 __le32 buf[1];
3223 int rc;
3224
3225 if (p->policyvers < POLICYDB_VERSION_FILENAME_TRANS)
3226 return 0;
3227
3228 nel = 0;
3229 rc = hashtab_map(p->filename_trans, hashtab_cnt, &nel);
3230 if (rc)
3231 return rc;
3232
3233 buf[0] = cpu_to_le32(nel);
3234 rc = put_entry(buf, sizeof(u32), 1, fp);
3235 if (rc)
3236 return rc;
3237
3238 rc = hashtab_map(p->filename_trans, filename_write_helper, fp);
3239 if (rc)
3240 return rc;
3241
3242 return 0;
3243}
3244
3245/*
3246 * Write the configuration data in a policy database
3247 * structure to a policy database binary representation
3248 * file.
3249 */
3250int policydb_write(struct policydb *p, void *fp)
3251{
3252 unsigned int i, num_syms;
3253 int rc;
3254 __le32 buf[4];
3255 u32 config;
3256 size_t len;
3257 struct policydb_compat_info *info;
3258
3259 /*
3260 * refuse to write policy older than compressed avtab
3261 * to simplify the writer. There are other tests dropped
3262 * since we assume this throughout the writer code. Be
3263 * careful if you ever try to remove this restriction
3264 */
3265 if (p->policyvers < POLICYDB_VERSION_AVTAB) {
3266 printk(KERN_ERR "SELinux: refusing to write policy version %d."
3267 " Because it is less than version %d\n", p->policyvers,
3268 POLICYDB_VERSION_AVTAB);
3269 return -EINVAL;
3270 }
3271
3272 config = 0;
3273 if (p->mls_enabled)
3274 config |= POLICYDB_CONFIG_MLS;
3275
3276 if (p->reject_unknown)
3277 config |= REJECT_UNKNOWN;
3278 if (p->allow_unknown)
3279 config |= ALLOW_UNKNOWN;
3280
3281 /* Write the magic number and string identifiers. */
3282 buf[0] = cpu_to_le32(POLICYDB_MAGIC);
3283 len = strlen(POLICYDB_STRING);
3284 buf[1] = cpu_to_le32(len);
3285 rc = put_entry(buf, sizeof(u32), 2, fp);
3286 if (rc)
3287 return rc;
3288 rc = put_entry(POLICYDB_STRING, 1, len, fp);
3289 if (rc)
3290 return rc;
3291
3292 /* Write the version, config, and table sizes. */
3293 info = policydb_lookup_compat(p->policyvers);
3294 if (!info) {
3295 printk(KERN_ERR "SELinux: compatibility lookup failed for policy "
3296 "version %d", p->policyvers);
3297 return -EINVAL;
3298 }
3299
3300 buf[0] = cpu_to_le32(p->policyvers);
3301 buf[1] = cpu_to_le32(config);
3302 buf[2] = cpu_to_le32(info->sym_num);
3303 buf[3] = cpu_to_le32(info->ocon_num);
3304
3305 rc = put_entry(buf, sizeof(u32), 4, fp);
3306 if (rc)
3307 return rc;
3308
3309 if (p->policyvers >= POLICYDB_VERSION_POLCAP) {
3310 rc = ebitmap_write(&p->policycaps, fp);
3311 if (rc)
3312 return rc;
3313 }
3314
3315 if (p->policyvers >= POLICYDB_VERSION_PERMISSIVE) {
3316 rc = ebitmap_write(&p->permissive_map, fp);
3317 if (rc)
3318 return rc;
3319 }
3320
3321 num_syms = info->sym_num;
3322 for (i = 0; i < num_syms; i++) {
3323 struct policy_data pd;
3324
3325 pd.fp = fp;
3326 pd.p = p;
3327
3328 buf[0] = cpu_to_le32(p->symtab[i].nprim);
3329 buf[1] = cpu_to_le32(p->symtab[i].table->nel);
3330
3331 rc = put_entry(buf, sizeof(u32), 2, fp);
3332 if (rc)
3333 return rc;
3334 rc = hashtab_map(p->symtab[i].table, write_f[i], &pd);
3335 if (rc)
3336 return rc;
3337 }
3338
3339 rc = avtab_write(p, &p->te_avtab, fp);
3340 if (rc)
3341 return rc;
3342
3343 rc = cond_write_list(p, p->cond_list, fp);
3344 if (rc)
3345 return rc;
3346
3347 rc = role_trans_write(p, fp);
3348 if (rc)
3349 return rc;
3350
3351 rc = role_allow_write(p->role_allow, fp);
3352 if (rc)
3353 return rc;
3354
3355 rc = filename_trans_write(p, fp);
3356 if (rc)
3357 return rc;
3358
3359 rc = ocontext_write(p, info, fp);
3360 if (rc)
3361 return rc;
3362
3363 rc = genfs_write(p, fp);
3364 if (rc)
3365 return rc;
3366
3367 rc = range_write(p, fp);
3368 if (rc)
3369 return rc;
3370
3371 for (i = 0; i < p->p_types.nprim; i++) {
3372 struct ebitmap *e = flex_array_get(p->type_attr_map_array, i);
3373
3374 BUG_ON(!e);
3375 rc = ebitmap_write(e, fp);
3376 if (rc)
3377 return rc;
3378 }
3379
3380 return 0;
3381}
generated by cgit v1.2.2 (git 2.25.0) at 2025-07-03 13:23:27 -0400