99fc177b5af4e1e8855d42d2d01cb93ac7f9d14b |
|
18-Sep-2015 |
Jeff Vander Stoep <jeffv@google.com> |
Add neverallow support for ioctl extended permissions Neverallow rules for ioctl extended permissions will pass in two cases: 1. If extended permissions exist for the source-target-class set the test will pass if the neverallow values are excluded. 2. If extended permissions do not exist for the source-target-class set the test will pass if the ioctl permission is not granted. Signed-off-by: Jeff Vander Stoep <jeffv@google.com> Acked-by: Nick Kralevich <nnk@google.com> Acked-by: Stephen Smalley <sds@tycho.nsa.gov>
/external/selinux/checkpolicy/policy_scan.l
|
915fa8f08f4f9a4c437ee8280a4e641872ea59dd |
|
12-Jun-2015 |
Jeff Vander Stoep <jeffv@google.com> |
checkpolicy: switch operations to extended perms The ioctl operations code is being renamed to the more generic "extended permissions." This commit brings the policy compiler up to date with the kernel patch. Signed-off-by: Jeff Vander Stoep <jeffv@google.com>
/external/selinux/checkpolicy/policy_scan.l
|
f0290677091e7eee4a3724a2a86ede9e11f93802 |
|
17-Mar-2015 |
Daniel De Graaf <dgdegra@tycho.nsa.gov> |
libsepol, checkpolicy: add device tree ocontext nodes to Xen policy In Xen on ARM, device tree nodes identified by a path (string) need to be labeled by the security policy. Signed-off-by: Daniel De Graaf <dgdegra@tycho.nsa.gov>
/external/selinux/checkpolicy/policy_scan.l
|
aab2d9f904bf34fdeb6037a76083ce79392c9a82 |
|
17-Mar-2015 |
Daniel De Graaf <dgdegra@tycho.nsa.gov> |
checkpolicy: Expand allowed character set in paths In order to support paths containing spaces or other characters, allow a quoted string with these characters to be parsed as a path in addition to the existing unquoted string. Signed-off-by: Daniel De Graaf <dgdegra@tycho.nsa.gov>
/external/selinux/checkpolicy/policy_scan.l
|
560af476b89b30410b64e53f78d6d16ce462561d |
|
10-Mar-2015 |
Stephen Smalley <sds@tycho.nsa.gov> |
checkpolicy: Fix precedence between number and filesystem tokens. When the FILESYSTEM token was added to support filesystem names that start with a digit (e.g. 9p), it was given higher precedence than NUMBER and therefore all values specified in hex (with 0x prefix) in policy will incorrectly match FILESYSTEM and yield a syntax error. This breaks use of iomem ranges in Xen policy and will break ioctl command ranges in a future SELinux policy version. Switch the precedence. This does mean that you cannot currently have a filesystem with a name that happens to be 0x followed by a hexval but hopefully that isn't an issue. Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
/external/selinux/checkpolicy/policy_scan.l
|
c4a4a1a7ed42c167a7d4bae06a1fffa8c6c9cb8d |
|
14-Sep-2014 |
Nicolas Iooss <nicolas.iooss@m4x.org> |
Fix gcc -Wstrict-prototypes warnings In C, defining a function with () means "any number of parameters", not "no parameter". Use (void) instead where applicable and add unused parameters when needed. Acked-by: Steve Lawrence <slawrence@tresys.com>
/external/selinux/checkpolicy/policy_scan.l
|
832e7017f881f0a66e24170b7a2ff1cd9b113239 |
|
14-Sep-2014 |
Nicolas Iooss <nicolas.iooss@m4x.org> |
checkpolicy: constify the message written by yyerror and yywarn Acked-by: Steve Lawrence <slawrence@tresys.com>
/external/selinux/checkpolicy/policy_scan.l
|
0e00684f695ea503ef06ff52861d7772acf9ef40 |
|
05-Mar-2014 |
Stephen Smalley <sds@tycho.nsa.gov> |
Report source file and line information for neverallow failures. Change-Id: I0def97a5f2f6097e2dad7bcd5395b8fa740d7073 Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
/external/selinux/checkpolicy/policy_scan.l
|
4d2dd334114d12623c1249fc07463714b6151873 |
|
09-Oct-2013 |
Dan Walsh <dwalsh@redhat.com> |
Allow " " and ":" in file name transtions We have added a couple of file name transtitions that required a space and a colon.
/external/selinux/checkpolicy/policy_scan.l
|
693f5241fdd5ae7e89d4312b85443c0fc1b1a57d |
|
18-Dec-2012 |
Eric Paris <eparis@redhat.com> |
checkpolicy: libsepol: implement default type policy syntax We currently have a mechanism in which the default user, role, and range can be picked up from the source or the target object. This implements the same thing for types. The kernel will override this with type transition rules and similar. This is just the default if nothing specific is given. Signed-off-by: Eric Paris <eparis@redhat.com> Acked-by: Dan Walsh <dwalsh@redhat.com>
/external/selinux/checkpolicy/policy_scan.l
|
da752cabb5b25974ef6b45274a59344d594a2130 |
|
23-Feb-2012 |
Stephen Smalley <sds@tycho.nsa.gov> |
checkpolicy: Android/MacOS X build support Android/MacOS X build support for checkpolicy. Create a Android.mk file for Android build integration. Introduce DARWIN ifdefs for building on MacOS X. Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov> Signed-off-by: Eric Paris <eparis@redhat.com> Acked-by: Dan Walsh <dwalsh@redhat.com>
/external/selinux/checkpolicy/policy_scan.l
|
0eed03e7561a979dfd29201180a201a911ac51a6 |
|
04-Apr-2012 |
Dan Walsh <dwalsh@redhat.com> |
checkpolicy: sepolgen: We need to support files that have a + in them Filenames can have a +, so we should be able to parse and handle those files. Signed-off-by: Eric Paris <eparis@redhat.com> Acked-by: Dan Walsh <dwalsh@redhat.com>
/external/selinux/checkpolicy/policy_scan.l
|
09c783c9a36cd47216df827c5d2c21ec8cd613e2 |
|
05-Dec-2011 |
Eric Paris <eparis@redhat.com> |
libsepol: checkpolicy: implement new default labeling behaviors We would like to be able to say that the user, role, or range of a newly created object should be based on the user, role, or range of either the source or the target of the creation operation. aka, for a new file this could be the user of the creating process or the user or the parent directory. This patch implements the new language and the policydb support to give this information to the kernel. Signed-off-by: Eric Paris <eparis@redhat.com> Acked-by: Dan Walsh <dwalsh@redhat.com>
/external/selinux/checkpolicy/policy_scan.l
|
b6ccfd7c9135109f3876c067c314f03bd67cbc39 |
|
14-Nov-2011 |
Eric Paris <eparis@redhat.com> |
checkpolicy: allow ~ in filename transition rules We found that we wanted a filename transition rule for ld.so.cache~ however ~ was not a valid character in a filename. Fix-from: Miroslav Grepl <mgrepl@redhat.com> Signed-off-by: Eric Paris <eparis@redhat.com> Acked-by: Dan Walsh <dwalsh@redhat.com>
/external/selinux/checkpolicy/policy_scan.l
|
fdeeccaa0ec11a5a549c60fc2da1f4dcd8eb5c65 |
|
02-Nov-2011 |
Eric Paris <eparis@redhat.com> |
Revert "checkpolicy: Redo filename/filesystem syntax to support filename trans rules" This reverts commit d72a9ec825ef2a8723510f62292cf2adfd4a2a6c. It should never have been added. It breaks the correct wrapping of filenames in "
/external/selinux/checkpolicy/policy_scan.l
|
80f26c5ee865993264ef638480c6a05ab574f7c0 |
|
01-Sep-2011 |
Harry Ciao <qingtao.cao@windriver.com> |
checkpolicy: Separate tunable from boolean during compile. Both boolean and tunable keywords are processed by define_bool_tunable(), argument 0 and 1 would be passed for boolean and tunable respectively. For tunable, a TUNABLE flag would be set in cond_bool_datum_t.flags. Note, when creating an if-else conditional we can not know if the tunable identifier is indeed a tunable(for example, a boolean may be misused in tunable_policy() or vice versa), thus the TUNABLE flag for cond_node_t would be calculated and used in expansion when all booleans/tunables copied during link. Signed-off-by: Harry Ciao <qingtao.cao@windriver.com> Signed-off-by: Eric Paris <eparis@redhat.com> Acked-by: Dan Walsh <dwalsh@redhat.com>
/external/selinux/checkpolicy/policy_scan.l
|
d72a9ec825ef2a8723510f62292cf2adfd4a2a6c |
|
12-Apr-2011 |
Dan Walsh <dwalsh@redhat.com> |
checkpolicy: Redo filename/filesystem syntax to support filename trans rules In order to support filenames, which might start with "." or filesystems that start with a number we need to rework the matching rules a little bit. Since the new filename rule is so permissive it must be moved to the bottom of the matching list to not cover other definitions. Signed-of-by: Eric Paris <eparis@redhat.com> Acked-by: Dan Walsh <dwalsh@redhat.com>
/external/selinux/checkpolicy/policy_scan.l
|
16675b7f96b7a61ac64180b1824ec04984b72b3b |
|
25-Jul-2011 |
Harry Ciao <qingtao.cao@windriver.com> |
Add role attribute support when compiling modules. 1. Add a uint32_t "flavor" field and an ebitmap "roles" to the role_datum_t structure; 2. Add a new "attribute_role" statement and its handler to declare a role attribute; 3. Modify declare_role() to setup role_datum_t.flavor according to the isattr argument; 4. Add a new "roleattribute" rule and its handler, which will record the regular role's (policy value - 1) into the role attribute's role_datum_t.roles ebitmap; 5. Modify the syntax for the role-types rule only to define the role-type associations; 6. Add a new role-attr rule to support the declaration of a single role, and optionally the role attribute that the role belongs to; 7. Check if the new_role used in role-transition rule is a regular role; 8. Support to require a role attribute; 9. Modify symtab_insert() to allow multiple declarations only for the regular role, while a role attribute can't be declared more than once and can't share a same name with another regular role. Signed-off-by: Harry Ciao <qingtao.cao@windriver.com> Signed-off-by: Steve Lawrence <slawrence@tresys.com>
/external/selinux/checkpolicy/policy_scan.l
|
17ac87ce8374ee635062ee0d9c4176231d3a87bc |
|
12-Jan-2011 |
James Carter <jwcart2@tycho.nsa.gov> |
checkpolicy: Allow filesystem names to start with a digit The patch below allows filesystem names in fs_use_* and genfscon statements to start with a digit, but still requires at least one character to be a letter. A new token type for filesystem names is created since these names having nothing to do with SELinux. This patch is needed because some filesystem names (such as 9p) start with a digit. Signed-off-by: James Carter <jwcart2@tycho.nsa.gov> Signed-off-by: Steve Lawrence <slawrence@tresys.com>
/external/selinux/checkpolicy/policy_scan.l
|
b42e15ffd5163effe3b2cb910685a5956a00defc |
|
16-May-2011 |
Steve Lawrence <slawrence@tresys.com> |
checkpolicy: wrap file names in filename trans with quotes This wraps the filename token in quotes to make parsing easier and more clear. The quotes are stripped off before being passed to checkpolicy. The quote wrapping is only used by filename transitions. This changes the filename transition syntax to the following: type_transition source target : object default_type "filename"; Signed-off-by: Steve Lawrence <slawrence@tresys.com>
/external/selinux/checkpolicy/policy_scan.l
|
cb271f7d4c1957950f4d1197b4973722705fb5b3 |
|
16-May-2011 |
Steve Lawrence <slawrence@tresys.com> |
Revert "checkpolicy: use a better identifier for filenames" This reverts commit d4c230386653db49d8e8116b603efcce4423df70. Signed-off-by: Steve Lawrence <slawrence@tresys.com>
/external/selinux/checkpolicy/policy_scan.l
|
d4c230386653db49d8e8116b603efcce4423df70 |
|
29-Apr-2011 |
Daniel J Walsh <dwalsh@redhat.com> |
checkpolicy: use a better identifier for filenames Signed-off-by: Steve Lawrence <slawrence@tresys.com>
/external/selinux/checkpolicy/policy_scan.l
|
79d10a8f9889ce0458ff0592ccaf83b273608eb2 |
|
29-Sep-2009 |
Paul Nuzzi <pjnuzzi@tycho.ncsc.mil> |
checkpolicy: Add support for multiple target OSes Updated patch of checkpolicy based on input. On Tue, 2009-09-15 at 12:37 -0400, pjnuzzi wrote: > Add support for multiple target OSes by adding the -t target option to > checkpolicy. Implemented the new Xen ocontext identifiers pirqcon, > pcidevicecon, iomemcon and ioportcon. > > Signed-off-by: Paul Nuzzi <pjnuzzi@tycho.ncsc.mil> > > --- checkpolicy/checkpolicy.c | 20 ++- checkpolicy/policy_define.c | 272 ++++++++++++++++++++++++++++++++++++++++++++ checkpolicy/policy_define.h | 4 checkpolicy/policy_parse.y | 29 ++++ checkpolicy/policy_scan.l | 10 + 5 files changed, 330 insertions(+), 5 deletions(-) Signed-off-by: Joshua Brindle <method@manicmethod.com>
/external/selinux/checkpolicy/policy_scan.l
|
d5286d7169d13779dae3c745e55969a173634c33 |
|
14-Oct-2008 |
Stephen Smalley <sds@tycho.nsa.gov> |
Genfscon 'dash' issue On Tue, 2008-10-14 at 02:00 +0000, korkishko Tymur wrote: > I have checked policy_parse.y. It has following rule for genfscon: > > genfs_context_def : GENFSCON identifier path '-' identifier security_context_def > {if (define_genfs_context(1)) return -1;} > | GENFSCON identifier path '-' '-' {insert_id("-", 0);} security_context_def > {if (define_genfs_context(1)) return -1;} > | GENFSCON identifier path security_context_def > {if (define_genfs_context(0)) return -1;} > > The rule for path definition (in policy_scan.l) has already included '-' (dash): > > "/"({alnum}|[_.-/])* { return(PATH); } > > In my understanding (maybe wrong), path is parsed first (and path might include '-') and only then separate '-' is parsed. > But it still produces an error if path definition is correct and includes '-'. > > Any ideas/patches how to fix grammar rules are welcomed. This looks like a bug in policy_scan.l - we are not escaping (via backslash) special characters in the pattern and thus the "-" (dash) is being interpreted rather than taken literally. The same would seemingly apply for "." (dot), and would seem relevant not only to PATH but also for IDENTIFIER. The patch below seems to fix this issue for me:
/external/selinux/checkpolicy/policy_scan.l
|
45728407d60a5297deac7aa65fd92adf2412d5f7 |
|
08-Oct-2008 |
Joshua Brindle <method@manicmethod.com> |
Author: KaiGai Kohei Email: kaigai@ak.jp.nec.com Subject: Thread/Child-Domain Assignment (rev.2) Date: Tue, 05 Aug 2008 14:55:52 +0900 [2/3] thread-context-checkpolicy.2.patch It enables to support TYPEBOUNDS statement and to expand existing hierarchies implicitly. Signed-off-by: KaiGai Kohei <kaigai@ak.jp.nec.com> -- module_compiler.c | 86 +++++++++++++++++++++++++++++++++++++++++++++++++ policy_define.c | 93 +++++++++++++++++++++++++++++++++++++++++++++++++++++- policy_define.h | 1 policy_parse.y | 5 ++ policy_scan.l | 2 + 5 files changed, 186 insertions(+), 1 deletion(-) Signed-off-by: Joshua Brindle <method@manicmethod.com>
/external/selinux/checkpolicy/policy_scan.l
|
13cd4c8960688af11ad23b4c946149015c80d549 |
|
19-Aug-2008 |
Joshua Brindle <method@manicmethod.com> |
initial import from svn trunk revision 2950
/external/selinux/checkpolicy/policy_scan.l
|