4299eb3c0907100fe95d2986984b48d40cc52841 |
|
08-Jul-2015 |
Daniel Erat <derat@google.com> |
Incorporate upstream changes to v1.6.8. Squash upstream commits up to and including the v1.6.8 release (upstream commit 1cad15cc). This repository's changes from upstream are now limited to: - addition of Android.mk, CleanSpec.mk, config.h, and NOTICE files - addition of dbus/dbus-arch-deps.h and removal from dbus/.gitignore (ebae2d21, f022f55d) - WANT_PIDFILE #ifdefs added to bus/bus.c to disable writing dbus-daemon's PID to a file (3100d06a) - TRACE_LOCKS set to 0 in dbus/dbus-connection.c (88a0ffe5) - DBUS_ANDROID_LOG added to dbus/dbus-internals.c to use logcat (7de15def) - ANDROID_MANAGED_SOCKET added to dbus/dbus-sysdeps-unix.c to use an SELinux-managed socket rather than a dbus-daemon-created Unix domain socket (3100d06a) Bug: 22328216 Change-Id: I793ebdf963d9b0740f0da28f1de593d088f08406
/external/dbus/bus/selinux.c
|
dbecdeabb20e0ce11121819c63373f0afba57c58 |
|
19-Mar-2010 |
Marcus Brinkmann <marcus.brinkmann@ruhr-uni-bochum.de> |
Consistently include <config.h> in all C source files and never in header files.
/external/dbus/bus/selinux.c
|
ebfa7c02fd67777684d39389e25346819836dcca |
|
16-Mar-2010 |
Colin Walters <walters@verbum.org> |
Merge branch 'dbus-1.2' Conflicts: bus/bus.c configure.in
|
008cd59ef713a1efc3c9588cf1079c6a80ddf0c7 |
|
03-Mar-2010 |
Frederic Crozat <fcrozat@mandriva.com> |
Fix build when selinux is disabled but libaudit enabled https://bugs.freedesktop.org/show_bug.cgi?id=26859
/external/dbus/bus/selinux.c
|
15109202a98b0a117f54308d58de4f2034334f92 |
|
03-Feb-2010 |
Colin Walters <walters@verbum.org> |
Fix compilation in --disable-selinux case _dbus_change_to_daemon_user moved into selinux.c for the --with-selinux (and audit) case because that's where all of the relevant libcap headers were being used. However in the --disable-selinux case this didn't compile and wasn't very clean. If we don't have libaudit, use the legacy direct setgid/setuid bits we had before in dbus-sysdeps-util-unix.c.
/external/dbus/bus/selinux.c
|
3dac125d61ebc4f614a1723580043e2f1c811f59 |
|
02-Feb-2010 |
Colin Walters <walters@verbum.org> |
Fix compilation in --disable-selinux case _dbus_change_to_daemon_user moved into selinux.c for the --with-selinux (and audit) case because that's where all of the relevant libcap headers were being used. However in the --disable-selinux case this didn't compile and wasn't very clean. If we don't have libaudit, use the legacy direct setgid/setuid bits we had before in dbus-sysdeps-util-unix.c.
/external/dbus/bus/selinux.c
|
2016b83dece7f220269033e7957fb02140334294 |
|
29-Jan-2010 |
Ralf Habacker <ralf.habacker@freenet.de> |
_dbus_change_to_daemon_user() is platform related and commit 0a3905d7f3b2ff43b09479863775939f9c8acad4 broke windows builds
/external/dbus/bus/selinux.c
|
0a3905d7f3b2ff43b09479863775939f9c8acad4 |
|
28-Jan-2010 |
Colin Walters <walters@verbum.org> |
Switch to libcap-ng, avoid linking libdbus against libcap[-ng] (Commit message written by Colin Walters <walters@verbum.org>) A current Fedora goal is to convert projects to libcap-ng which more easily allows dropping Linux capabilities. For software which also links to libdbus, it's problematic to link against libcap as well. Though really, libdbus should have never linked against libcap in the first place, which is another thing this patch changes by moving the libcap-using bits out of dbus/ and into bus/. https://bugzilla.redhat.com/show_bug.cgi?id=518541
/external/dbus/bus/selinux.c
|
dc33f4f7749ed303374ebdf00e48ea8a471afd25 |
|
11-Jul-2009 |
Tobias Mueller <fdo-bugs@cryptobitch.de> |
Bug 21161 - Update the FSF address No comment. Signed-off-by: Colin Walters <walters@verbum.org> (cherry picked from commit 5baf2f856a9c6625993234855b07680da1c8916f)
/external/dbus/bus/selinux.c
|
b38c433bf713324b5d17eae626e8c7404bcb6554 |
|
22-Apr-2009 |
Eamon Walsh <ewalsh@tycho.nsa.gov> |
libselinux behavior in permissive mode wrt invalid domains Stephen Smalley wrote: > On Tue, 2009-04-21 at 16:32 -0400, Joshua Brindle wrote: > >> Stephen Smalley wrote: >> >>> On Thu, 2009-04-16 at 20:47 -0400, Eamon Walsh wrote: >>> >>>> Stephen Smalley wrote: >>>> >> <snip> >> >> >>> No, I don't want to change the behavior upon context_to_sid calls in >>> general, as we otherwise lose all context validity checking in >>> permissive mode. >>> >>> I think I'd rather change compute_sid behavior to preclude the situation >>> from arising in the first place, possibly altering the behavior in >>> permissive mode upon an invalid context to fall back on the ssid >>> (process) or the tsid (object). But I'm not entirely convinced any >>> change is required here. >>> >>> >> I just want to follow up to make sure we are all on the same page here. Was the >> suggestion to change avc_has_perm in libselinux or context_to_sid in the kernel >> or leave the code as is and fix the callers of avc_has_perm to correctly handle >> error codes? >> >> I prefer the last approach because of Eamon's explanation, EINVAL is already >> passed in errno to specify the context was invalid (and if object managers >> aren't handling that correctly now there is a good chance they aren't handling >> the ENOMEM case either). >> > > I'd be inclined to change compute_sid (not context_to_sid) in the kernel > to prevent invalid contexts from being formed even in permissive mode > (scenario is a type transition where role is not authorized for the new > type). That was originally to allow the system to boot in permissive > mode. But an alternative would be to just stay in the caller's context > (ssid) in that situation. > > Changing the callers of avc_has_perm() to handle EINVAL and/or ENOMEM > may make sense, but that logic should not depend on enforcing vs. > permissive mode. > > FWIW, the following patch to D-Bus should help: bfo21072 - Log SELinux denials better by checking errno for the cause Note that this does not fully address the bug report since EINVAL can still be returned in permissive mode. However the log messages will now reflect the proper cause of the denial. Signed-off-by: Eamon Walsh <ewalsh@tycho.nsa.gov> Signed-off-by: Colin Walters <walters@verbum.org>
/external/dbus/bus/selinux.c
|
be8750940bac3e2c876ea45988c916c3ac182de7 |
|
21-Feb-2008 |
John (J5) Palmieri <johnp@redhat.com> |
fix build against the latest gcc/glibc * dbus/dbus-sysdeps-unix.c: define _GNU_SOURCE * bus/selinux.c: include limits.h * Patch by Matthias Clasen <mclasen at redhat.com>
/external/dbus/bus/selinux.c
|
bef4260ad58bc9eb75e2e1a52ad9b49bc3c70fa5 |
|
31-Oct-2007 |
Havoc Pennington <hp@localhost.localdomain> |
Fix a problem where a nul byte was wrongly introduced into UUIDs, due to _dbus_string_copy_to_buffer weird behavior. 2007-10-31 Havoc Pennington <hp@redhat.com> * bus/selinux.c (log_audit_callback): rewrite to use _dbus_string_copy_to_buffer_with_nul() * dbus/dbus-string.c (_dbus_string_copy_to_buffer): change to NOT nul-terminate the buffer; fail an assertion if there is not enough space in the target buffer. This fixes two bugs where copy_to_buffer was used to copy the binary bytes in a UUID, where nul termination did not make sense. Bug reported by David Castelow. (_dbus_string_copy_to_buffer_with_nul): new function that always nul-terminates the buffer, and fails an assertion if there is not enough space in the buffer.
/external/dbus/bus/selinux.c
|
5340b8de0b537380e0c445495300739d75abeb2f |
|
23-Oct-2007 |
Havoc Pennington <hp@localhost.localdomain> |
audit_init() was not declared in header, causing warnings; fix this and namespace it 2007-10-23 Havoc Pennington <hp@redhat.com> * bus/bus.c (bus_context_new): use the new name here * bus/selinux.c (bus_selinux_audit_init): rename from audit_init() to avoid possible libc conflict, and declare it in .h file to avoid a warning
/external/dbus/bus/selinux.c
|
09aa69e0153e66326c6746ec7e4841567d44ccdb |
|
03-Oct-2007 |
John (J5) Palmieri <johnp@redhat.com> |
fd.o bug #12429 Reverse check to setpcap and only init audit if we were root * patch by Dan Walsh <dwalsh@redhat.com> * https://bugs.freedesktop.org/show_bug.cgi?id=12429 * Reverse we_were_root check to setpcap if we were root. Also only init audit if we were root. So error dbus message will not show up when policy reload happens. dbus -session will no longer try to send audit message, only system will.
/external/dbus/bus/selinux.c
|
d012387afef0ba02185ebe27bc6bb15551912e92 |
|
14-Jul-2007 |
Havoc Pennington <hp@redhat.com> |
2007-07-13 Havoc Pennington <hp@redhat.com> * Add indent-tabs-mode: nil to all file headers.
/external/dbus/bus/selinux.c
|
43b944a0a6ea48e8a8b06ae3e638299f591cde8d |
|
15-Jun-2007 |
Havoc Pennington <hp@redhat.com> |
2007-06-15 Havoc Pennington <hp@redhat.com> * dbus/dbus-sysdeps.c (_dbus_set_errno_to_zero) (_dbus_get_is_errno_nonzero, _dbus_get_is_errno_eintr) (_dbus_strerror_from_errno): family of functions to abstract errno, though these are somewhat bogus (really we should make our socket wrappers not use errno probably - the issue is that any usage of errno that isn't socket-related probably is not cross-platform, so should either be in a unix-only file that can use errno directly, or is a bug - these general errno wrappers hide issues of this nature in non-socket code, while socket-specific API changes would not since sockets are allowed cross-platform)
/external/dbus/bus/selinux.c
|
72697649524238bd8389670e71c9faa55b7b4a1a |
|
13-Jun-2007 |
Havoc Pennington <hp@redhat.com> |
2007-06-13 Havoc Pennington <hp@redhat.com> * dbus/dbus-server-socket.c (_dbus_server_listen_socket): support all_interfaces=true|false for tcp servers * dbus/dbus-sysdeps-unix.c (_dbus_listen_tcp_socket): support inaddr_any flag * bus/selinux.c: fix some missing includes * dbus/dbus-server-socket.c (_dbus_server_listen_socket): allow port to simply be omitted in addition to specifying 0
/external/dbus/bus/selinux.c
|
e3d30a03225dd1d26012ecd39b09e4ccf91befb5 |
|
13-Jun-2007 |
Havoc Pennington <hp@redhat.com> |
2007-06-13 Havoc Pennington <hp@redhat.com> * configure.ac, bus/selinux.c, dbus/dbus-sysdeps-unix-util.c: add libaudit support, no clue what this means really but now we have it. Patches from Fedora package. * bus/bus.c (bus_context_new): move selinux initialization after changing to daemon user, patch from Fedora package * dbus/dbus-transport.c (auth_via_unix_user_function): fix a typo
/external/dbus/bus/selinux.c
|
9a3145b9f3cb0d7d570230aaa6193f87e3bea604 |
|
09-Aug-2006 |
John (J5) Palmieri <johnp@redhat.com> |
These are all patches from Kjartan Maraas <kmaraas at gnome dot org> with cleanups of bugs found from Coverity reports: * dbus/dbus-sysdeps-util.c (_dbus_write_pid_file): close the file on error to avoid a leak * bus/expirelist.c (bus_expire_list_test): Check for NULL on dbus_new0 * bus/activation.c (update_directory): remove dead code * bus/config-parser.c (merge_service_context_hash, start_selinux_child): Fix some leaks * bus/bus.c (process_config_every_time): Fixed a leak * bus/desktop-file.c (parse_key_value): Fixed leak * bus/selinux.c (bus_selinux_id_table_insert): Fixed leak
/external/dbus/bus/selinux.c
|
7652304bff969afb3969603149bb385efe861fe8 |
|
03-Aug-2006 |
John (J5) Palmieri <johnp@redhat.com> |
* s/D-BUS/D-Bus/g
/external/dbus/bus/selinux.c
|
9a94a1350bb93ea395812dd3c983e13e17c1bcb1 |
|
16-Jul-2005 |
Colin Walters <walters@verbum.org> |
2005-07-16 Colin Walters <walters@verbum.org> * bus/driver.c (bus_driver_handle_get_connection_selinux_security_context): Renamed from bus_driver_handle_get_connection_unix_security_context. Update for error usage. (message_handlers): Update for renames. * bus/selinux.c (bus_selinux_allows_send): Handle OOM on _dbus_string_init failure correctly. (bus_selinux_append_context): Convert SID to context. Append it as a byte array. (bus_selinux_shutdown): Handle the case where bus_selinux_full_init hasn't been called. * bus/selinux.h: Update prototype. * dbus/dbus-protocol.h (DBUS_ERROR_SELINUX_SECURITY_CONTEXT_UNKNOWN): Renamed from DBUS_ERROR_UNIX_SECURITY_CONTEXT_UNKNOWN.
/external/dbus/bus/selinux.c
|
6be5b25a71ec6b4e7efb35f20fc1f5357be5cffb |
|
15-Jul-2005 |
Colin Walters <walters@verbum.org> |
2005-07-15 Colin Walters <walters@verbum.org> * bus/selinux.c (bus_selinux_append_context): Wrap in HAVE_SELINUX.
/external/dbus/bus/selinux.c
|
6c191520c8b33cd7e550a6e3d9d853c25f552f54 |
|
14-Jul-2005 |
Colin Walters <walters@verbum.org> |
2005-07-14 Colin Walters <walters@verbum.org> * bus/driver.c (bus_driver_handle_get_connection_unix_security_context): New function. (message_handlers): Add. * bus/selinux.c (bus_selinux_append_context): New function; appends security context to message. * bus/selinux.h: Prototype. * dbus/dbus-protocol.h (DBUS_ERROR_UNIX_SECURITY_CONTEXT_UNKNOWN): New.
/external/dbus/bus/selinux.c
|
44656f538f69e8f8709ddb6ab285db29f65f62dd |
|
13-Apr-2005 |
David Zeuthen <davidz@redhat.com> |
2005-04-13 David Zeuthen <davidz@redhat.com> * bus/selinux.c: Add c-file-style to top of file (log_audit_callback): Don't free the data here anymore (bus_selinux_check): Don't take spid and tpid since appending that to auxdata may OOM. (bus_selinux_allows_acquire_service): Handle OOM and signal back to the caller if we are OOM by taking an error object. (bus_selinux_allows_send): -do- * bus/selinux.h: Fix prototypes for bus_selinux_allows_acquire_service and bus_selinux_allows_send * bus/bus.c (bus_context_check_security_policy): Pass error and pass on OOM thrown by bus_selinux_allows_send() * bus/services.c (bus_registry_acquire_service): Pass error and pass on OOM thrown by bus_selinux_allows_acquire_service()
/external/dbus/bus/selinux.c
|
b4fbcb98f17db36d40257969e5d5b35e231a088a |
|
07-Feb-2005 |
Colin Walters <walters@verbum.org> |
2005-02-07 Colin Walters <walters@verbum.org> * bus/selinux.c (bus_selinux_allows_send): Handle NULL for sender or proposed_recipient.
/external/dbus/bus/selinux.c
|
935a41a04c3f638134fa905503fc41ddbd18902f |
|
09-Nov-2004 |
Colin Walters <walters@verbum.org> |
2004-11-09 Colin Walters <walters@verbum.org> * dbus/dbus-string.c (_dbus_string_get_length): New function, writes DBusString to C buffer. * dbus/dbus-string.h: Prototype it. * dbus/dbus-message.c (dbus_message_type_to_string): New function, converts message type into C string. * dbus/dbus-message.h: Prototype it. * bus/selinux.c (bus_selinux_check): Take source pid, target pid, and audit data. Pass audit data to avc_has_perm. (log_audit_callback): New function, appends extra audit information. (bus_selinux_allows_acquire_service): Also take service name, add it to audit data. (bus_selinux_allows_send): Also take message type, interface, method member, error name, and destination, and add them to audit data. (log_cb): Initialize func_audit. * bus/selinux.h (bus_selinux_allows_acquire_service) (bus_selinux_allows_send): Update prototypes * bus/services.c (bus_registry_acquire_service): Pass service name to bus_selinux_allows_acquire_service. * bus/bus.c (bus_context_check_security_policy): Pass additional audit data. Move assignment of dest to its own line.
/external/dbus/bus/selinux.c
|
cdac3e058b922431f387351fd8ebf60a764485d1 |
|
07-Nov-2004 |
Colin Walters <walters@verbum.org> |
2004-11-07 Colin Walters <walters@verbum.org> * bus/bus.c (load_config): Break into three separate functions: process_config_first_time_only, process_config_every_time, and process_config_postinit. (process_config_every_time): Move call of bus_registry_set_service_context_table into process_config_postinit. (process_config_postinit): New function, does any processing that needs to happen late in initialization (and also on reload). (bus_context_new): Instead of calling load_config, open config parser here and call process_config_first_time_only and process_config_every_time directly. Later, after we have forked but before changing UID, invoke bus_selinux_full_init, and then call process_config_postinit. (bus_context_reload_config): As in bus_context_new, load parse file inside here, and call process_config_every_time and process_config_postinit. * bus/services.h, bus/services.c (bus_registry_set_service_context_table): Rename from bus_registry_set_sid_table. Take string hash from config parser, and convert them here into SIDs. * bus/config-parser.c (struct BusConfigParser): Have config parser only store a mapping of service->context string. (merge_service_context_hash): New function. (merge_included): Merge context string hashes instead of using bus_selinux_id_table_union. (bus_config_parser_new): Don't use bus_selinux_id_table_new; simply create a new string hash. (bus_config_parser_unref): Unref it. (start_selinux_child): Simply insert strings into hash, don't call bus_selinux_id_table_copy_over. * bus/selinux.h, bus/selinux.c (bus_selinux_id_table_union) (bus_selinux_id_table_copy_over): Delete.
/external/dbus/bus/selinux.c
|
a14c43cf3ab7a2636146410e52be5e421fc0aaf9 |
|
04-Nov-2004 |
Colin Walters <walters@verbum.org> |
*** empty log message ***
/external/dbus/bus/selinux.c
|
1a02f93b50c2cd2290d9f2eca3073bdd45b88cba |
|
04-Nov-2004 |
Colin Walters <walters@verbum.org> |
2004-11-03 Colin Walters <walters@verbum.org> * bus/selinux.c (bus_selinux_pre_init): Kill some unused variables.
/external/dbus/bus/selinux.c
|
73ffe59d87864d61b9d22f199fc6375840bf39bb |
|
02-Nov-2004 |
Colin Walters <walters@verbum.org> |
2004-11-02 Colin Walters <walters@verbum.org> * bus/selinux.c (bus_selinux_init): Split into two functions, bus_selinux_pre_init and bus_selinux_post_init. (bus_selinux_pre_init): Just determine whether SELinux is enabled. (bus_selinux_post_init): Do everything else. * bus/main.c (main): Call bus_selinux_pre_init before parsing config file, and bus_selinux_post_init after. This ensures that we don't lose the policyreload notification thread that bus_selinux_init created before forking previously. * bus/test-main.c (test_pre_hook): Update for split.
/external/dbus/bus/selinux.c
|
f79e96fc08734e92804f649b8cfb4bcead1f81a7 |
|
18-Oct-2004 |
Colin Walters <walters@verbum.org> |
2004-10-18 Colin Walters <walters@verbum.org> * bus/selinux.c (bus_selinux_enabled): Handle --disable-selinux case.
/external/dbus/bus/selinux.c
|
736fa825e15c8d72eac85080e6cdf028c2f8df43 |
|
18-Oct-2004 |
Colin Walters <walters@verbum.org> |
2004-10-18 Colin Walters <walters@verbum.org> * bus/selinux.h: Add bus_selinux_enabled. * bus/selinux.c (bus_selinux_enabled): Implement it. * bus/config-parser.c (struct include): Add if_selinux_enabled member. (start_busconfig_child): Parse if_selinux_enabled attribute for include. (bus_config_parser_content): Handle it. * bus/session.conf.in, bus/system.conf.in: Add inclusion of context mapping to default config files; conditional on SELinux being enabled. * doc/busconfig.dtd: Add to if_selinux_enabled to default DTD. * test/data/invalid-config-files/badselinux-1.conf, test/data/invalid-config-files/badselinux-2.conf: Test files for bad syntax.
/external/dbus/bus/selinux.c
|
ee78f2800f2642b4fff962b736296d87a7f12a17 |
|
23-Aug-2004 |
Colin Walters <walters@verbum.org> |
2004-08-23 Colin Walters <walters@redhat.com> * bus/selinux.h: Prototype bus_selinux_get_policy_root. * bus/selinux.c: Create a thread for policy reload notification. (bus_selinux_get_policy_root): Implement. Updated SELinux support from Matthew Rickard <mjricka@epoch.ncsc.mil> * bus/config-parser.c (start_busconfig_child) (bus_config_parser_content): Support SELinux-root relative inclusion. * configure.in <HAVE_SELINUX>: Add -lpthread. * bus/test-main.c (test_pre_hook, test_post_hook): New. (test_post_hook): Move memory checking into here. (test_pre_hook, test_post_hook): Move SELinux checks in here, but conditional on a DBUS_TEST_SELINUX environment variable. Unfortunately we can't run the SELinux checks as a normal user, since they won't have any permissions for /selinux. So this will have to be tested manually for now, until we have virtualization for most of libselinux.
/external/dbus/bus/selinux.c
|
c7c4d95d0e1284e58a3dfd15c5dc7f0d7c6a5229 |
|
20-Aug-2004 |
Colin Walters <walters@verbum.org> |
2004-08-20 Colin Walters <walters@redhat.com> * bus/config-parser.c (start_busconfig_child): Remove some unused variables. * bus/selinux.c (bus_selinux_id_table_insert): Avoid compiler warning.
/external/dbus/bus/selinux.c
|
43605a6f4e78a8c28afb4b1e924dff0301e0e95c |
|
10-Aug-2004 |
Havoc Pennington <hp@redhat.com> |
2004-08-09 Havoc Pennington <hp@redhat.com> * COPYING: switch to Academic Free License version 2.1 instead of 2.0, to resolve complaints about patent termination clause.
/external/dbus/bus/selinux.c
|
0f2cd8ba8e600a55cab538b195f9e6461172ee75 |
|
31-Jul-2004 |
Colin Walters <walters@verbum.org> |
2004-07-31 Colin Walters <walters@redhat.com> * bus/selinux.c <HAVE_SELINUX>: Include utils.h to get BUS_SET_OOM.
/external/dbus/bus/selinux.c
|
1e9b185b0c274ef0d684b1e43418388225321e72 |
|
30-Jul-2004 |
Havoc Pennington <hp@redhat.com> |
2004-07-24 Havoc Pennington <hp@redhat.com> SELinux support from Matthew Rickard <mjricka@epoch.ncsc.mil> * bus/selinux.c, bus/selinux.h: new file encapsulating selinux functionality * configure.in: add --enable-selinux * bus/policy.c (bus_policy_merge): add FIXME to a comment * bus/main.c (main): initialize and shut down selinux * bus/connection.c: store SELinux ID on each connection, to avoid repeated getting of the string context and converting it into an ID * bus/bus.c (bus_context_get_policy): new accessor, though it isn't used (bus_context_check_security_policy): check whether the security context of sender connection can send to the security context of recipient connection * bus/config-parser.c: add parsing for <selinux> and <associate> * dbus/dbus-transport.c (_dbus_transport_get_unix_fd): to implement dbus_connection_get_unix_fd() * dbus/dbus-connection.c (dbus_connection_get_unix_fd): new function, used by the selinux stuff
/external/dbus/bus/selinux.c
|