diff options
author | William Roberts <wroberts@tresys.com> | 2013-10-15 09:38:24 -0700 |
---|---|---|
committer | William Roberts <wroberts@tresys.com> | 2013-10-16 08:27:40 -0700 |
commit | 61846291746a3a3559f615ef3665312ccd2228c2 (patch) | |
tree | ed8666c30a0b208a3e6d974928abe9a26128dfdb | |
parent | d1f1070acb4f5d29ddc6536126d6834ec418b8f1 (diff) | |
download | android_external_sepolicy-61846291746a3a3559f615ef3665312ccd2228c2.tar.gz android_external_sepolicy-61846291746a3a3559f615ef3665312ccd2228c2.tar.bz2 android_external_sepolicy-61846291746a3a3559f615ef3665312ccd2228c2.zip |
tools: require that seinfo and packagename be used
Modify check_seapp.c to verify that a packagname (name)
must be specified with a signing key (seinfo). This will
help thwart spoof attacks on the packagename.
Change-Id: I8f1aa8a479cb5beb5c3522d85e3181604931ea72
-rw-r--r-- | tools/check_seapp.c | 48 |
1 files changed, 48 insertions, 0 deletions
diff --git a/tools/check_seapp.c b/tools/check_seapp.c index 6b52ce0..b3e4980 100644 --- a/tools/check_seapp.c +++ b/tools/check_seapp.c @@ -8,6 +8,7 @@ #include <errno.h> #include <stdint.h> #include <search.h> +#include <stdbool.h> #include <sepol/sepol.h> #include <sepol/policydb/policydb.h> @@ -459,6 +460,46 @@ static void free_kvp(kvp *k) { } /** + * Checks a rule_map for any variation of KVP's that shouldn't be allowed. + * Note that this function logs all errors. + * + * Current Checks: + * 1. That a specified name entry should have a specified seinfo entry as well. + * @param rm + * The rule map to check for validity. + * @return + * true if the rule is valid, false otherwise. + */ +static bool rule_map_validate(const rule_map *rm) { + + int i; + bool found_name = false; + bool found_seinfo = false; + char *name = NULL; + key_map *tmp; + + for(i=0; i < rm->length; i++) { + tmp = &(rm->m[i]); + + if(!strcmp(tmp->name, "name") && tmp->data) { + name = tmp->data; + found_name = true; + } + if(!strcmp(tmp->name, "seinfo") && tmp->data) { + found_seinfo = true; + } + } + + if(found_name && !found_seinfo) { + log_error("No seinfo specified with name=\"%s\", on line: %d\n", + name, rm->lineno); + return false; + } + + return true; +} + +/** * Given a set of key value pairs, this will construct a new rule map. * On error this function calls exit. * @param keys @@ -473,6 +514,7 @@ static void free_kvp(kvp *k) { static rule_map *rule_map_new(kvp keys[], unsigned int num_of_keys, int lineno) { unsigned int i = 0, j = 0; + bool valid_rule; rule_map *new_map = NULL; kvp *k = NULL; key_map *r = NULL, *x = NULL; @@ -546,6 +588,12 @@ static rule_map *rule_map_new(kvp keys[], unsigned int num_of_keys, int lineno) goto err; } + valid_rule = rule_map_validate(new_map); + if(!valid_rule) { + /* Error message logged from rule_map_validate() */ + goto err; + } + return new_map; oom: |