diff options
| author | Richard Haines <richard_c_haines@btinternet.com> | 2011-03-30 17:10:05 +0100 |
|---|---|---|
| committer | Eric Paris <eparis@redhat.com> | 2011-08-11 23:35:52 -0400 |
| commit | 34d9c258dac686f4baa2e7f0d6f25f7e7ca5aac6 (patch) | |
| tree | cbc41ddc2c38f84b3265f1bb70ae67e78e610218 /libselinux/src/mapping.c | |
| parent | 8faf23de0b534a19555691e8ba111dcde8f02af3 (diff) | |
| download | android_external_selinux-34d9c258dac686f4baa2e7f0d6f25f7e7ca5aac6.tar.gz android_external_selinux-34d9c258dac686f4baa2e7f0d6f25f7e7ca5aac6.tar.bz2 android_external_selinux-34d9c258dac686f4baa2e7f0d6f25f7e7ca5aac6.zip | |
libselinux: mapping fix for invalid class/perms after selinux_set_mapping call
Please find another libselinux patch. I've tested quite extensively with the compute_av and string functions with and without mapping and seems okay.
The patch covers:
When selinux_set_mapping(3) is used to set the class and permissions allowed by an object manager, then an invalid class and/or permissions are selected (e.g. using security_class_to_string), then mapping.c in libselinux forces an assert. This patch removes the asserts and allows the functions to return a class/perm of 0 (unknown) with errno set to EINVAL. A minor patch to set EINVAL in security_av_perm_to_string_compat is also included. All the functions to convert perms & classes to strings and back should now return the correct errno with or without mapping enabled.
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Dan Walsh <dwalsh@redhat.com>
Diffstat (limited to 'libselinux/src/mapping.c')
| -rw-r--r-- | libselinux/src/mapping.c | 41 |
1 files changed, 28 insertions, 13 deletions
diff --git a/libselinux/src/mapping.c b/libselinux/src/mapping.c index f9858ce1..b0264e77 100644 --- a/libselinux/src/mapping.c +++ b/libselinux/src/mapping.c @@ -6,7 +6,6 @@ #include <stdio.h> #include <stdlib.h> #include <stdarg.h> -#include <assert.h> #include <selinux/selinux.h> #include <selinux/avc.h> #include "mapping.h" @@ -103,8 +102,13 @@ unmap_class(security_class_t tclass) if (tclass < current_mapping_size) return current_mapping[tclass].value; - assert(current_mapping_size == 0); - return tclass; + /* If here no mapping set or the class requested is not valid. */ + if (current_mapping_size != 0) { + errno = EINVAL; + return 0; + } + else + return tclass; } access_vector_t @@ -116,16 +120,19 @@ unmap_perm(security_class_t tclass, access_vector_t tperm) for (i=0; i<current_mapping[tclass].num_perms; i++) if (tperm & (1<<i)) { - assert(current_mapping[tclass].perms[i]); kperm |= current_mapping[tclass].perms[i]; tperm &= ~(1<<i); } - assert(tperm == 0); return kperm; } - assert(current_mapping_size == 0); - return tperm; + /* If here no mapping set or the perm requested is not valid. */ + if (current_mapping_size != 0) { + errno = EINVAL; + return 0; + } + else + return tperm; } /* @@ -141,8 +148,13 @@ map_class(security_class_t kclass) if (current_mapping[i].value == kclass) return i; - assert(current_mapping_size == 0); - return kclass; +/* If here no mapping set or the class requested is not valid. */ + if (current_mapping_size != 0) { + errno = EINVAL; + return 0; + } + else + return kclass; } access_vector_t @@ -157,11 +169,14 @@ map_perm(security_class_t tclass, access_vector_t kperm) tperm |= 1<<i; kperm &= ~current_mapping[tclass].perms[i]; } - assert(kperm == 0); - return tperm; - } - assert(current_mapping_size == 0); + if (tperm == 0) { + errno = EINVAL; + return 0; + } + else + return tperm; + } return kperm; } |