From c19395d72295f5e69275d98df5db22dfdf214b6c Mon Sep 17 00:00:00 2001 From: Stephen Smalley Date: Mon, 25 Feb 2019 10:49:02 -0500 Subject: libselinux: selinux_set_mapping: fix handling of unknown classes/perms The libselinux selinux_set_mapping() implementation was never updated to handle unknown classes/permissions based on the policy handle_unknown flag. Update it and the internal mapping functions to gracefully handle unknown classes/permissions. Add a security_reject_unknown() interface to expose the corresponding selinuxfs node and use it when creating a mapping to decide whether to fail immediately or proceed. This enables dbus-daemon and XSELinux, which use selinux_set_mapping(), to continue working with the dummy policy or other policies that lack their userspace class/permission definitions as long as the policy was built with -U allow. Signed-off-by: Stephen Smalley --- libselinux/src/reject_unknown.c | 40 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 40 insertions(+) create mode 100644 libselinux/src/reject_unknown.c (limited to 'libselinux/src/reject_unknown.c') diff --git a/libselinux/src/reject_unknown.c b/libselinux/src/reject_unknown.c new file mode 100644 index 00000000..5c1d3605 --- /dev/null +++ b/libselinux/src/reject_unknown.c @@ -0,0 +1,40 @@ +#include +#include +#include +#include +#include +#include +#include "selinux_internal.h" +#include "policy.h" +#include +#include + +int security_reject_unknown(void) +{ + int fd, ret, reject_unknown = 0; + char path[PATH_MAX]; + char buf[20]; + + if (!selinux_mnt) { + errno = ENOENT; + return -1; + } + + snprintf(path, sizeof(path), "%s/reject_unknown", selinux_mnt); + fd = open(path, O_RDONLY | O_CLOEXEC); + if (fd < 0) + return -1; + + memset(buf, 0, sizeof(buf)); + ret = read(fd, buf, sizeof(buf) - 1); + close(fd); + if (ret < 0) + return -1; + + if (sscanf(buf, "%d", &reject_unknown) != 1) + return -1; + + return reject_unknown; +} + +hidden_def(security_reject_unknown); -- cgit v1.2.3