History log of /external/selinux/libsepol/cil/src/cil_verify.c
Revision Date Author Comments (<<< Hide modified files) (Show modified files >>>)
f610cac79a14f11bd01e181d488d9ed975931ddc 07-Dec-2015 Steve Lawrence <slawrence@tresys.com> libsepol/cil: Validate extended avrules and permissionxs

Classes used in extended avrules and permissionxs must have an "ioctl"
permission. Add validation to ensure that is the case, or print an error
message otherwise.

Signed-off-by: Steve Lawrence <slawrence@tresys.com>
/external/selinux/libsepol/cil/src/cil_verify.c
de4c95f9c8837f9c494e08155f81856cce0ba456 10-Sep-2015 Yuli Khodorkovskiy <ykhodorkovskiy@tresys.com> libsepol/cil: Provide error if classperms are empty

Fixes https://github.com/SELinuxProject/cil/issues/7.

This fixes a bug where cil_verify_classperms was executed on NULL
classperms lists. A check is now performed when verifying
classpermissions and classmap to ensure the classperms lists are not
empty.

Signed-off-by: Yuli Khodorkovskiy <ykhodorkovskiy@tresys.com>
Signed-off-by: James Carter <jwcart2@tycho.nsa.gov>
/external/selinux/libsepol/cil/src/cil_verify.c
77779d2ca5a0c6efd113ff34cee432d5bb951f09 10-Sep-2015 Yuli Khodorkovskiy <ykhodorkovskiy@tresys.com> libsepol/cil: Add userattribute{set} functionality

This adds a userattribute statement that may be used in userroles and
constraints. The syntax is the same as typeattributset.

Also, disallow roleattributes where roles are accepted in contexts.

Specify a userattribute

(userattribute foo)

Add users to the set foo

(userattributeset foo (u1 u2))

Signed-off-by: Yuli Khodorkovskiy <ykhodorkovskiy@tresys.com>
Signed-off-by: James Carter <jwcart2@tycho.nsa.gov>
/external/selinux/libsepol/cil/src/cil_verify.c
ef93dfe0393c4a60483c3f7729dd98a2f886606a 28-Aug-2015 Steve Lawrence <slawrence@tresys.com> libsepol/cil: add ioctl whitelist support

Add three new extended avrule statements with the following syntax:

(allowx source_type target_type permissionx)
(auditallowx source_type target_type permissionx)
(dontauditx source_type target_type permissionx)

source_type - type, typeattribute, or typealias
target_type - type, typeattribute, typealias, or "self" keyword
permissionx - named or anonymous permissionx statement, which has the syntax:

(permissionx name (kind object expression))

name - unique identifier of the permissionx statement
kind - must be "ioctl"; could be extended in the future
object - class or classmap
expression - standard CIL expression containing hexadecimal values,
prefixed with '0x', and the expression keywords 'or', 'xor', 'and',
'not', 'range', or 'all'. Values must be between 0x0000 and 0xFFFF.
Values may also be provided in decimal, or in octal if starting with '0'.

For example:

(allowx src_t tgt_t (ioctl cls (0x1111 0x1222 0x1333)))
(allowx src_t tgt_t (ioctl cls (range 0x1400 0x14FF)))
(allowx src_t tgt_t (ioctl cls (and (range 0x1600 0x19FF) (not (range 0x1750 0x175F)))))

(permissionx ioctl_nodebug (ioctl cls (not (range 0x2010 0x2013))))
(allowx src_t tgt_t ioctl_nodebug)

Signed-off-by: Steve Lawrence <slawrence@tresys.com>
Acked-by: James Carter <jwcart2@tycho.nsa.gov>
/external/selinux/libsepol/cil/src/cil_verify.c
c3345c58a4efc4a951b2dfbc5ddb9797938d52d9 05-May-2015 Yuli Khodorkovskiy <ykhodorkovskiy@tresys.com> libsepol/cil: Verify users prior to evaluating users

If a userlevel or userrange statement is missing from a policy,
evaluate_level_expression() and evaluate_levelrange_expression, respectively
will have a NULL pointer dereference caused by a missing level in a user.

Add cil_pre_verify() which verifies users have a valid level. Also, move loop
checking in classpermissions into cil_pre_verify().

This fixes https://github.com/SELinuxProject/cil/issues/1.

Signed-off-by: Yuli Khodorkovskiy <ykhodorkovskiy@tresys.com>
/external/selinux/libsepol/cil/src/cil_verify.c
f0290677091e7eee4a3724a2a86ede9e11f93802 17-Mar-2015 Daniel De Graaf <dgdegra@tycho.nsa.gov> libsepol, checkpolicy: add device tree ocontext nodes to Xen policy

In Xen on ARM, device tree nodes identified by a path (string) need to
be labeled by the security policy.

Signed-off-by: Daniel De Graaf <dgdegra@tycho.nsa.gov>
/external/selinux/libsepol/cil/src/cil_verify.c
28ae74e112a031e1aeb22a2083568a881491b6db 18-Feb-2015 Steve Lawrence <slawrence@tresys.com> Merge commit '76ba6eaa7333483a8cc0c73a7880f7acf99c2656'
bbbd58e1252a06550810ae6f7b40b867841da918 02-Oct-2014 Steve Lawrence <slawrence@tresys.com> Merge commit 'a3abb2c05301b24ad2f8307d07734d89ddf808d8' into merge
bb0f8beff890195cfd459c67230c6130c86b3214 26-Aug-2014 Steve Lawrence <slawrence@tresys.com> Merge commit 'b19eafb97feb6389d78e1693f276fc5b10e25bd6' as 'libsepol/cil'