1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33#include <linux/kernel.h>
34#include <linux/sched.h>
35#include <linux/slab.h>
36#include <linux/string.h>
37#include <linux/errno.h>
38#include <linux/audit.h>
39#include <linux/flex_array.h>
40#include "security.h"
41
42#include "policydb.h"
43#include "conditional.h"
44#include "mls.h"
45#include "services.h"
46
47#define _DEBUG_HASHES
48
49#ifdef DEBUG_HASHES
50static const char *symtab_name[SYM_NUM] = {
51 "common prefixes",
52 "classes",
53 "roles",
54 "types",
55 "users",
56 "bools",
57 "levels",
58 "categories",
59};
60#endif
61
62static unsigned int symtab_sizes[SYM_NUM] = {
63 2,
64 32,
65 16,
66 512,
67 128,
68 16,
69 16,
70 16,
71};
72
73struct policydb_compat_info {
74 int version;
75 int sym_num;
76 int ocon_num;
77};
78
79
80static struct policydb_compat_info policydb_compat[] = {
81 {
82 .version = POLICYDB_VERSION_BASE,
83 .sym_num = SYM_NUM - 3,
84 .ocon_num = OCON_NUM - 3,
85 },
86 {
87 .version = POLICYDB_VERSION_BOOL,
88 .sym_num = SYM_NUM - 2,
89 .ocon_num = OCON_NUM - 3,
90 },
91 {
92 .version = POLICYDB_VERSION_IPV6,
93 .sym_num = SYM_NUM - 2,
94 .ocon_num = OCON_NUM - 2,
95 },
96 {
97 .version = POLICYDB_VERSION_NLCLASS,
98 .sym_num = SYM_NUM - 2,
99 .ocon_num = OCON_NUM - 2,
100 },
101 {
102 .version = POLICYDB_VERSION_MLS,
103 .sym_num = SYM_NUM,
104 .ocon_num = OCON_NUM - 2,
105 },
106 {
107 .version = POLICYDB_VERSION_AVTAB,
108 .sym_num = SYM_NUM,
109 .ocon_num = OCON_NUM - 2,
110 },
111 {
112 .version = POLICYDB_VERSION_RANGETRANS,
113 .sym_num = SYM_NUM,
114 .ocon_num = OCON_NUM - 2,
115 },
116 {
117 .version = POLICYDB_VERSION_POLCAP,
118 .sym_num = SYM_NUM,
119 .ocon_num = OCON_NUM - 2,
120 },
121 {
122 .version = POLICYDB_VERSION_PERMISSIVE,
123 .sym_num = SYM_NUM,
124 .ocon_num = OCON_NUM - 2,
125 },
126 {
127 .version = POLICYDB_VERSION_BOUNDARY,
128 .sym_num = SYM_NUM,
129 .ocon_num = OCON_NUM - 2,
130 },
131 {
132 .version = POLICYDB_VERSION_FILENAME_TRANS,
133 .sym_num = SYM_NUM,
134 .ocon_num = OCON_NUM - 2,
135 },
136 {
137 .version = POLICYDB_VERSION_ROLETRANS,
138 .sym_num = SYM_NUM,
139 .ocon_num = OCON_NUM - 2,
140 },
141 {
142 .version = POLICYDB_VERSION_NEW_OBJECT_DEFAULTS,
143 .sym_num = SYM_NUM,
144 .ocon_num = OCON_NUM - 2,
145 },
146 {
147 .version = POLICYDB_VERSION_DEFAULT_TYPE,
148 .sym_num = SYM_NUM,
149 .ocon_num = OCON_NUM - 2,
150 },
151 {
152 .version = POLICYDB_VERSION_CONSTRAINT_NAMES,
153 .sym_num = SYM_NUM,
154 .ocon_num = OCON_NUM - 2,
155 },
156 {
157 .version = POLICYDB_VERSION_XPERMS_IOCTL,
158 .sym_num = SYM_NUM,
159 .ocon_num = OCON_NUM - 2,
160 },
161 {
162 .version = POLICYDB_VERSION_INFINIBAND,
163 .sym_num = SYM_NUM,
164 .ocon_num = OCON_NUM,
165 },
166 {
167 .version = POLICYDB_VERSION_CONSTRAINT_NAMES,
168 .sym_num = SYM_NUM,
169 .ocon_num = OCON_NUM,
170 },
171 {
172 .version = POLICYDB_VERSION_XPERMS_IOCTL,
173 .sym_num = SYM_NUM,
174 .ocon_num = OCON_NUM,
175 },
176};
177
178static struct policydb_compat_info *policydb_lookup_compat(int version)
179{
180 int i;
181 struct policydb_compat_info *info = NULL;
182
183 for (i = 0; i < ARRAY_SIZE(policydb_compat); i++) {
184 if (policydb_compat[i].version == version) {
185 info = &policydb_compat[i];
186 break;
187 }
188 }
189 return info;
190}
191
192
193
194
195static int roles_init(struct policydb *p)
196{
197 char *key = NULL;
198 int rc;
199 struct role_datum *role;
200
201 rc = -ENOMEM;
202 role = kzalloc(sizeof(*role), GFP_KERNEL);
203 if (!role)
204 goto out;
205
206 rc = -EINVAL;
207 role->value = ++p->p_roles.nprim;
208 if (role->value != OBJECT_R_VAL)
209 goto out;
210
211 rc = -ENOMEM;
212 key = kstrdup(OBJECT_R, GFP_KERNEL);
213 if (!key)
214 goto out;
215
216 rc = hashtab_insert(p->p_roles.table, key, role);
217 if (rc)
218 goto out;
219
220 return 0;
221out:
222 kfree(key);
223 kfree(role);
224 return rc;
225}
226
227static u32 filenametr_hash(struct hashtab *h, const void *k)
228{
229 const struct filename_trans *ft = k;
230 unsigned long hash;
231 unsigned int byte_num;
232 unsigned char focus;
233
234 hash = ft->stype ^ ft->ttype ^ ft->tclass;
235
236 byte_num = 0;
237 while ((focus = ft->name[byte_num++]))
238 hash = partial_name_hash(focus, hash);
239 return hash & (h->size - 1);
240}
241
242static int filenametr_cmp(struct hashtab *h, const void *k1, const void *k2)
243{
244 const struct filename_trans *ft1 = k1;
245 const struct filename_trans *ft2 = k2;
246 int v;
247
248 v = ft1->stype - ft2->stype;
249 if (v)
250 return v;
251
252 v = ft1->ttype - ft2->ttype;
253 if (v)
254 return v;
255
256 v = ft1->tclass - ft2->tclass;
257 if (v)
258 return v;
259
260 return strcmp(ft1->name, ft2->name);
261
262}
263
264static u32 rangetr_hash(struct hashtab *h, const void *k)
265{
266 const struct range_trans *key = k;
267 return (key->source_type + (key->target_type << 3) +
268 (key->target_class << 5)) & (h->size - 1);
269}
270
271static int rangetr_cmp(struct hashtab *h, const void *k1, const void *k2)
272{
273 const struct range_trans *key1 = k1, *key2 = k2;
274 int v;
275
276 v = key1->source_type - key2->source_type;
277 if (v)
278 return v;
279
280 v = key1->target_type - key2->target_type;
281 if (v)
282 return v;
283
284 v = key1->target_class - key2->target_class;
285
286 return v;
287}
288
289
290
291
292static int policydb_init(struct policydb *p)
293{
294 int i, rc;
295
296 memset(p, 0, sizeof(*p));
297
298 for (i = 0; i < SYM_NUM; i++) {
299 rc = symtab_init(&p->symtab[i], symtab_sizes[i]);
300 if (rc)
301 goto out;
302 }
303
304 rc = avtab_init(&p->te_avtab);
305 if (rc)
306 goto out;
307
308 rc = roles_init(p);
309 if (rc)
310 goto out;
311
312 rc = cond_policydb_init(p);
313 if (rc)
314 goto out;
315
316 p->filename_trans = hashtab_create(filenametr_hash, filenametr_cmp, (1 << 10));
317 if (!p->filename_trans)
318 goto out;
319
320 p->range_tr = hashtab_create(rangetr_hash, rangetr_cmp, 256);
321 if (!p->range_tr)
322 goto out;
323
324 ebitmap_init(&p->filename_trans_ttypes);
325 ebitmap_init(&p->policycaps);
326 ebitmap_init(&p->permissive_map);
327
328 return 0;
329out:
330 hashtab_destroy(p->filename_trans);
331 hashtab_destroy(p->range_tr);
332 for (i = 0; i < SYM_NUM; i++)
333 hashtab_destroy(p->symtab[i].table);
334 return rc;
335}
336
337
338
339
340
341
342
343
344
345
346
347static int common_index(void *key, void *datum, void *datap)
348{
349 struct policydb *p;
350 struct common_datum *comdatum;
351 struct flex_array *fa;
352
353 comdatum = datum;
354 p = datap;
355 if (!comdatum->value || comdatum->value > p->p_commons.nprim)
356 return -EINVAL;
357
358 fa = p->sym_val_to_name[SYM_COMMONS];
359 if (flex_array_put_ptr(fa, comdatum->value - 1, key,
360 GFP_KERNEL | __GFP_ZERO))
361 BUG();
362 return 0;
363}
364
365static int class_index(void *key, void *datum, void *datap)
366{
367 struct policydb *p;
368 struct class_datum *cladatum;
369 struct flex_array *fa;
370
371 cladatum = datum;
372 p = datap;
373 if (!cladatum->value || cladatum->value > p->p_classes.nprim)
374 return -EINVAL;
375 fa = p->sym_val_to_name[SYM_CLASSES];
376 if (flex_array_put_ptr(fa, cladatum->value - 1, key,
377 GFP_KERNEL | __GFP_ZERO))
378 BUG();
379 p->class_val_to_struct[cladatum->value - 1] = cladatum;
380 return 0;
381}
382
383static int role_index(void *key, void *datum, void *datap)
384{
385 struct policydb *p;
386 struct role_datum *role;
387 struct flex_array *fa;
388
389 role = datum;
390 p = datap;
391 if (!role->value
392 || role->value > p->p_roles.nprim
393 || role->bounds > p->p_roles.nprim)
394 return -EINVAL;
395
396 fa = p->sym_val_to_name[SYM_ROLES];
397 if (flex_array_put_ptr(fa, role->value - 1, key,
398 GFP_KERNEL | __GFP_ZERO))
399 BUG();
400 p->role_val_to_struct[role->value - 1] = role;
401 return 0;
402}
403
404static int type_index(void *key, void *datum, void *datap)
405{
406 struct policydb *p;
407 struct type_datum *typdatum;
408 struct flex_array *fa;
409
410 typdatum = datum;
411 p = datap;
412
413 if (typdatum->primary) {
414 if (!typdatum->value
415 || typdatum->value > p->p_types.nprim
416 || typdatum->bounds > p->p_types.nprim)
417 return -EINVAL;
418 fa = p->sym_val_to_name[SYM_TYPES];
419 if (flex_array_put_ptr(fa, typdatum->value - 1, key,
420 GFP_KERNEL | __GFP_ZERO))
421 BUG();
422
423 fa = p->type_val_to_struct_array;
424 if (flex_array_put_ptr(fa, typdatum->value - 1, typdatum,
425 GFP_KERNEL | __GFP_ZERO))
426 BUG();
427 }
428
429 return 0;
430}
431
432static int user_index(void *key, void *datum, void *datap)
433{
434 struct policydb *p;
435 struct user_datum *usrdatum;
436 struct flex_array *fa;
437
438 usrdatum = datum;
439 p = datap;
440 if (!usrdatum->value
441 || usrdatum->value > p->p_users.nprim
442 || usrdatum->bounds > p->p_users.nprim)
443 return -EINVAL;
444
445 fa = p->sym_val_to_name[SYM_USERS];
446 if (flex_array_put_ptr(fa, usrdatum->value - 1, key,
447 GFP_KERNEL | __GFP_ZERO))
448 BUG();
449 p->user_val_to_struct[usrdatum->value - 1] = usrdatum;
450 return 0;
451}
452
453static int sens_index(void *key, void *datum, void *datap)
454{
455 struct policydb *p;
456 struct level_datum *levdatum;
457 struct flex_array *fa;
458
459 levdatum = datum;
460 p = datap;
461
462 if (!levdatum->isalias) {
463 if (!levdatum->level->sens ||
464 levdatum->level->sens > p->p_levels.nprim)
465 return -EINVAL;
466 fa = p->sym_val_to_name[SYM_LEVELS];
467 if (flex_array_put_ptr(fa, levdatum->level->sens - 1, key,
468 GFP_KERNEL | __GFP_ZERO))
469 BUG();
470 }
471
472 return 0;
473}
474
475static int cat_index(void *key, void *datum, void *datap)
476{
477 struct policydb *p;
478 struct cat_datum *catdatum;
479 struct flex_array *fa;
480
481 catdatum = datum;
482 p = datap;
483
484 if (!catdatum->isalias) {
485 if (!catdatum->value || catdatum->value > p->p_cats.nprim)
486 return -EINVAL;
487 fa = p->sym_val_to_name[SYM_CATS];
488 if (flex_array_put_ptr(fa, catdatum->value - 1, key,
489 GFP_KERNEL | __GFP_ZERO))
490 BUG();
491 }
492
493 return 0;
494}
495
496static int (*index_f[SYM_NUM]) (void *key, void *datum, void *datap) =
497{
498 common_index,
499 class_index,
500 role_index,
501 type_index,
502 user_index,
503 cond_index_bool,
504 sens_index,
505 cat_index,
506};
507
508#ifdef DEBUG_HASHES
509static void hash_eval(struct hashtab *h, const char *hash_name)
510{
511 struct hashtab_info info;
512
513 hashtab_stat(h, &info);
514 printk(KERN_DEBUG "SELinux: %s: %d entries and %d/%d buckets used, "
515 "longest chain length %d\n", hash_name, h->nel,
516 info.slots_used, h->size, info.max_chain_len);
517}
518
519static void symtab_hash_eval(struct symtab *s)
520{
521 int i;
522
523 for (i = 0; i < SYM_NUM; i++)
524 hash_eval(s[i].table, symtab_name[i]);
525}
526
527#else
528static inline void hash_eval(struct hashtab *h, char *hash_name)
529{
530}
531#endif
532
533
534
535
536
537
538
539static int policydb_index(struct policydb *p)
540{
541 int i, rc;
542
543 printk(KERN_DEBUG "SELinux: %d users, %d roles, %d types, %d bools",
544 p->p_users.nprim, p->p_roles.nprim, p->p_types.nprim, p->p_bools.nprim);
545 if (p->mls_enabled)
546 printk(", %d sens, %d cats", p->p_levels.nprim,
547 p->p_cats.nprim);
548 printk("\n");
549
550 printk(KERN_DEBUG "SELinux: %d classes, %d rules\n",
551 p->p_classes.nprim, p->te_avtab.nel);
552
553#ifdef DEBUG_HASHES
554 avtab_hash_eval(&p->te_avtab, "rules");
555 symtab_hash_eval(p->symtab);
556#endif
557
558 rc = -ENOMEM;
559 p->class_val_to_struct =
560 kmalloc(p->p_classes.nprim * sizeof(*(p->class_val_to_struct)),
561 GFP_KERNEL);
562 if (!p->class_val_to_struct)
563 goto out;
564
565 rc = -ENOMEM;
566 p->role_val_to_struct =
567 kmalloc(p->p_roles.nprim * sizeof(*(p->role_val_to_struct)),
568 GFP_KERNEL);
569 if (!p->role_val_to_struct)
570 goto out;
571
572 rc = -ENOMEM;
573 p->user_val_to_struct =
574 kmalloc(p->p_users.nprim * sizeof(*(p->user_val_to_struct)),
575 GFP_KERNEL);
576 if (!p->user_val_to_struct)
577 goto out;
578
579
580 rc = -ENOMEM;
581 p->type_val_to_struct_array = flex_array_alloc(sizeof(struct type_datum *),
582 p->p_types.nprim,
583 GFP_KERNEL | __GFP_ZERO);
584 if (!p->type_val_to_struct_array)
585 goto out;
586
587 rc = flex_array_prealloc(p->type_val_to_struct_array, 0,
588 p->p_types.nprim, GFP_KERNEL | __GFP_ZERO);
589 if (rc)
590 goto out;
591
592 rc = cond_init_bool_indexes(p);
593 if (rc)
594 goto out;
595
596 for (i = 0; i < SYM_NUM; i++) {
597 rc = -ENOMEM;
598 p->sym_val_to_name[i] = flex_array_alloc(sizeof(char *),
599 p->symtab[i].nprim,
600 GFP_KERNEL | __GFP_ZERO);
601 if (!p->sym_val_to_name[i])
602 goto out;
603
604 rc = flex_array_prealloc(p->sym_val_to_name[i],
605 0, p->symtab[i].nprim,
606 GFP_KERNEL | __GFP_ZERO);
607 if (rc)
608 goto out;
609
610 rc = hashtab_map(p->symtab[i].table, index_f[i], p);
611 if (rc)
612 goto out;
613 }
614 rc = 0;
615out:
616 return rc;
617}
618
619
620
621
622
623
624
625static int perm_destroy(void *key, void *datum, void *p)
626{
627 kfree(key);
628 kfree(datum);
629 return 0;
630}
631
632static int common_destroy(void *key, void *datum, void *p)
633{
634 struct common_datum *comdatum;
635
636 kfree(key);
637 if (datum) {
638 comdatum = datum;
639 hashtab_map(comdatum->permissions.table, perm_destroy, NULL);
640 hashtab_destroy(comdatum->permissions.table);
641 }
642 kfree(datum);
643 return 0;
644}
645
646static void constraint_expr_destroy(struct constraint_expr *expr)
647{
648 if (expr) {
649 ebitmap_destroy(&expr->names);
650 if (expr->type_names) {
651 ebitmap_destroy(&expr->type_names->types);
652 ebitmap_destroy(&expr->type_names->negset);
653 kfree(expr->type_names);
654 }
655 kfree(expr);
656 }
657}
658
659static int cls_destroy(void *key, void *datum, void *p)
660{
661 struct class_datum *cladatum;
662 struct constraint_node *constraint, *ctemp;
663 struct constraint_expr *e, *etmp;
664
665 kfree(key);
666 if (datum) {
667 cladatum = datum;
668 hashtab_map(cladatum->permissions.table, perm_destroy, NULL);
669 hashtab_destroy(cladatum->permissions.table);
670 constraint = cladatum->constraints;
671 while (constraint) {
672 e = constraint->expr;
673 while (e) {
674 etmp = e;
675 e = e->next;
676 constraint_expr_destroy(etmp);
677 }
678 ctemp = constraint;
679 constraint = constraint->next;
680 kfree(ctemp);
681 }
682
683 constraint = cladatum->validatetrans;
684 while (constraint) {
685 e = constraint->expr;
686 while (e) {
687 etmp = e;
688 e = e->next;
689 constraint_expr_destroy(etmp);
690 }
691 ctemp = constraint;
692 constraint = constraint->next;
693 kfree(ctemp);
694 }
695 kfree(cladatum->comkey);
696 }
697 kfree(datum);
698 return 0;
699}
700
701static int role_destroy(void *key, void *datum, void *p)
702{
703 struct role_datum *role;
704
705 kfree(key);
706 if (datum) {
707 role = datum;
708 ebitmap_destroy(&role->dominates);
709 ebitmap_destroy(&role->types);
710 }
711 kfree(datum);
712 return 0;
713}
714
715static int type_destroy(void *key, void *datum, void *p)
716{
717 kfree(key);
718 kfree(datum);
719 return 0;
720}
721
722static int user_destroy(void *key, void *datum, void *p)
723{
724 struct user_datum *usrdatum;
725
726 kfree(key);
727 if (datum) {
728 usrdatum = datum;
729 ebitmap_destroy(&usrdatum->roles);
730 ebitmap_destroy(&usrdatum->range.level[0].cat);
731 ebitmap_destroy(&usrdatum->range.level[1].cat);
732 ebitmap_destroy(&usrdatum->dfltlevel.cat);
733 }
734 kfree(datum);
735 return 0;
736}
737
738static int sens_destroy(void *key, void *datum, void *p)
739{
740 struct level_datum *levdatum;
741
742 kfree(key);
743 if (datum) {
744 levdatum = datum;
745 ebitmap_destroy(&levdatum->level->cat);
746 kfree(levdatum->level);
747 }
748 kfree(datum);
749 return 0;
750}
751
752static int cat_destroy(void *key, void *datum, void *p)
753{
754 kfree(key);
755 kfree(datum);
756 return 0;
757}
758
759static int (*destroy_f[SYM_NUM]) (void *key, void *datum, void *datap) =
760{
761 common_destroy,
762 cls_destroy,
763 role_destroy,
764 type_destroy,
765 user_destroy,
766 cond_destroy_bool,
767 sens_destroy,
768 cat_destroy,
769};
770
771static int filenametr_destroy(void *key, void *datum, void *p)
772{
773 struct filename_trans *ft = key;
774 kfree(ft->name);
775 kfree(key);
776 kfree(datum);
777 cond_resched();
778 return 0;
779}
780
781static int range_tr_destroy(void *key, void *datum, void *p)
782{
783 struct mls_range *rt = datum;
784 kfree(key);
785 ebitmap_destroy(&rt->level[0].cat);
786 ebitmap_destroy(&rt->level[1].cat);
787 kfree(datum);
788 cond_resched();
789 return 0;
790}
791
792static void ocontext_destroy(struct ocontext *c, int i)
793{
794 if (!c)
795 return;
796
797 context_destroy(&c->context[0]);
798 context_destroy(&c->context[1]);
799 if (i == OCON_ISID || i == OCON_FS ||
800 i == OCON_NETIF || i == OCON_FSUSE)
801 kfree(c->u.name);
802 kfree(c);
803}
804
805
806
807
808void policydb_destroy(struct policydb *p)
809{
810 struct ocontext *c, *ctmp;
811 struct genfs *g, *gtmp;
812 int i;
813 struct role_allow *ra, *lra = NULL;
814 struct role_trans *tr, *ltr = NULL;
815
816 for (i = 0; i < SYM_NUM; i++) {
817 cond_resched();
818 hashtab_map(p->symtab[i].table, destroy_f[i], NULL);
819 hashtab_destroy(p->symtab[i].table);
820 }
821
822 for (i = 0; i < SYM_NUM; i++) {
823 if (p->sym_val_to_name[i])
824 flex_array_free(p->sym_val_to_name[i]);
825 }
826
827 kfree(p->class_val_to_struct);
828 kfree(p->role_val_to_struct);
829 kfree(p->user_val_to_struct);
830 if (p->type_val_to_struct_array)
831 flex_array_free(p->type_val_to_struct_array);
832
833 avtab_destroy(&p->te_avtab);
834
835 for (i = 0; i < OCON_NUM; i++) {
836 cond_resched();
837 c = p->ocontexts[i];
838 while (c) {
839 ctmp = c;
840 c = c->next;
841 ocontext_destroy(ctmp, i);
842 }
843 p->ocontexts[i] = NULL;
844 }
845
846 g = p->genfs;
847 while (g) {
848 cond_resched();
849 kfree(g->fstype);
850 c = g->head;
851 while (c) {
852 ctmp = c;
853 c = c->next;
854 ocontext_destroy(ctmp, OCON_FSUSE);
855 }
856 gtmp = g;
857 g = g->next;
858 kfree(gtmp);
859 }
860 p->genfs = NULL;
861
862 cond_policydb_destroy(p);
863
864 for (tr = p->role_tr; tr; tr = tr->next) {
865 cond_resched();
866 kfree(ltr);
867 ltr = tr;
868 }
869 kfree(ltr);
870
871 for (ra = p->role_allow; ra; ra = ra->next) {
872 cond_resched();
873 kfree(lra);
874 lra = ra;
875 }
876 kfree(lra);
877
878 hashtab_map(p->filename_trans, filenametr_destroy, NULL);
879 hashtab_destroy(p->filename_trans);
880
881 hashtab_map(p->range_tr, range_tr_destroy, NULL);
882 hashtab_destroy(p->range_tr);
883
884 if (p->type_attr_map_array) {
885 for (i = 0; i < p->p_types.nprim; i++) {
886 struct ebitmap *e;
887
888 e = flex_array_get(p->type_attr_map_array, i);
889 if (!e)
890 continue;
891 ebitmap_destroy(e);
892 }
893 flex_array_free(p->type_attr_map_array);
894 }
895
896 ebitmap_destroy(&p->filename_trans_ttypes);
897 ebitmap_destroy(&p->policycaps);
898 ebitmap_destroy(&p->permissive_map);
899
900 return;
901}
902
903
904
905
906
907int policydb_load_isids(struct policydb *p, struct sidtab *s)
908{
909 struct ocontext *head, *c;
910 int rc;
911
912 rc = sidtab_init(s);
913 if (rc) {
914 printk(KERN_ERR "SELinux: out of memory on SID table init\n");
915 goto out;
916 }
917
918 head = p->ocontexts[OCON_ISID];
919 for (c = head; c; c = c->next) {
920 rc = -EINVAL;
921 if (!c->context[0].user) {
922 printk(KERN_ERR "SELinux: SID %s was never defined.\n",
923 c->u.name);
924 sidtab_destroy(s);
925 goto out;
926 }
927 if (c->sid[0] == SECSID_NULL || c->sid[0] > SECINITSID_NUM) {
928 pr_err("SELinux: Initial SID %s out of range.\n",
929 c->u.name);
930 sidtab_destroy(s);
931 goto out;
932 }
933
934 rc = sidtab_set_initial(s, c->sid[0], &c->context[0]);
935 if (rc) {
936 printk(KERN_ERR "SELinux: unable to load initial SID %s.\n",
937 c->u.name);
938 sidtab_destroy(s);
939 goto out;
940 }
941 }
942 rc = 0;
943out:
944 return rc;
945}
946
947int policydb_class_isvalid(struct policydb *p, unsigned int class)
948{
949 if (!class || class > p->p_classes.nprim)
950 return 0;
951 return 1;
952}
953
954int policydb_role_isvalid(struct policydb *p, unsigned int role)
955{
956 if (!role || role > p->p_roles.nprim)
957 return 0;
958 return 1;
959}
960
961int policydb_type_isvalid(struct policydb *p, unsigned int type)
962{
963 if (!type || type > p->p_types.nprim)
964 return 0;
965 return 1;
966}
967
968
969
970
971
972int policydb_context_isvalid(struct policydb *p, struct context *c)
973{
974 struct role_datum *role;
975 struct user_datum *usrdatum;
976
977 if (!c->role || c->role > p->p_roles.nprim)
978 return 0;
979
980 if (!c->user || c->user > p->p_users.nprim)
981 return 0;
982
983 if (!c->type || c->type > p->p_types.nprim)
984 return 0;
985
986 if (c->role != OBJECT_R_VAL) {
987
988
989
990 role = p->role_val_to_struct[c->role - 1];
991 if (!ebitmap_get_bit(&role->types, c->type - 1))
992
993 return 0;
994
995
996
997
998 usrdatum = p->user_val_to_struct[c->user - 1];
999 if (!usrdatum)
1000 return 0;
1001
1002 if (!ebitmap_get_bit(&usrdatum->roles, c->role - 1))
1003
1004 return 0;
1005 }
1006
1007 if (!mls_context_isvalid(p, c))
1008 return 0;
1009
1010 return 1;
1011}
1012
1013
1014
1015
1016
1017static int mls_read_range_helper(struct mls_range *r, void *fp)
1018{
1019 __le32 buf[2];
1020 u32 items;
1021 int rc;
1022
1023 rc = next_entry(buf, fp, sizeof(u32));
1024 if (rc)
1025 goto out;
1026
1027 rc = -EINVAL;
1028 items = le32_to_cpu(buf[0]);
1029 if (items > ARRAY_SIZE(buf)) {
1030 printk(KERN_ERR "SELinux: mls: range overflow\n");
1031 goto out;
1032 }
1033
1034 rc = next_entry(buf, fp, sizeof(u32) * items);
1035 if (rc) {
1036 printk(KERN_ERR "SELinux: mls: truncated range\n");
1037 goto out;
1038 }
1039
1040 r->level[0].sens = le32_to_cpu(buf[0]);
1041 if (items > 1)
1042 r->level[1].sens = le32_to_cpu(buf[1]);
1043 else
1044 r->level[1].sens = r->level[0].sens;
1045
1046 rc = ebitmap_read(&r->level[0].cat, fp);
1047 if (rc) {
1048 printk(KERN_ERR "SELinux: mls: error reading low categories\n");
1049 goto out;
1050 }
1051 if (items > 1) {
1052 rc = ebitmap_read(&r->level[1].cat, fp);
1053 if (rc) {
1054 printk(KERN_ERR "SELinux: mls: error reading high categories\n");
1055 goto bad_high;
1056 }
1057 } else {
1058 rc = ebitmap_cpy(&r->level[1].cat, &r->level[0].cat);
1059 if (rc) {
1060 printk(KERN_ERR "SELinux: mls: out of memory\n");
1061 goto bad_high;
1062 }
1063 }
1064
1065 return 0;
1066bad_high:
1067 ebitmap_destroy(&r->level[0].cat);
1068out:
1069 return rc;
1070}
1071
1072
1073
1074
1075
1076static int context_read_and_validate(struct context *c,
1077 struct policydb *p,
1078 void *fp)
1079{
1080 __le32 buf[3];
1081 int rc;
1082
1083 rc = next_entry(buf, fp, sizeof buf);
1084 if (rc) {
1085 printk(KERN_ERR "SELinux: context truncated\n");
1086 goto out;
1087 }
1088 c->user = le32_to_cpu(buf[0]);
1089 c->role = le32_to_cpu(buf[1]);
1090 c->type = le32_to_cpu(buf[2]);
1091 if (p->policyvers >= POLICYDB_VERSION_MLS) {
1092 rc = mls_read_range_helper(&c->range, fp);
1093 if (rc) {
1094 printk(KERN_ERR "SELinux: error reading MLS range of context\n");
1095 goto out;
1096 }
1097 }
1098
1099 rc = -EINVAL;
1100 if (!policydb_context_isvalid(p, c)) {
1101 printk(KERN_ERR "SELinux: invalid security context\n");
1102 context_destroy(c);
1103 goto out;
1104 }
1105 rc = 0;
1106out:
1107 return rc;
1108}
1109
1110
1111
1112
1113
1114
1115
1116static int perm_read(struct policydb *p, struct hashtab *h, void *fp)
1117{
1118 char *key = NULL;
1119 struct perm_datum *perdatum;
1120 int rc;
1121 __le32 buf[2];
1122 u32 len;
1123
1124 rc = -ENOMEM;
1125 perdatum = kzalloc(sizeof(*perdatum), GFP_KERNEL);
1126 if (!perdatum)
1127 goto bad;
1128
1129 rc = next_entry(buf, fp, sizeof buf);
1130 if (rc)
1131 goto bad;
1132
1133 len = le32_to_cpu(buf[0]);
1134 perdatum->value = le32_to_cpu(buf[1]);
1135
1136 rc = -ENOMEM;
1137 key = kmalloc(len + 1, GFP_KERNEL);
1138 if (!key)
1139 goto bad;
1140
1141 rc = next_entry(key, fp, len);
1142 if (rc)
1143 goto bad;
1144 key[len] = '\0';
1145
1146 rc = hashtab_insert(h, key, perdatum);
1147 if (rc)
1148 goto bad;
1149
1150 return 0;
1151bad:
1152 perm_destroy(key, perdatum, NULL);
1153 return rc;
1154}
1155
1156static int common_read(struct policydb *p, struct hashtab *h, void *fp)
1157{
1158 char *key = NULL;
1159 struct common_datum *comdatum;
1160 __le32 buf[4];
1161 u32 len, nel;
1162 int i, rc;
1163
1164 rc = -ENOMEM;
1165 comdatum = kzalloc(sizeof(*comdatum), GFP_KERNEL);
1166 if (!comdatum)
1167 goto bad;
1168
1169 rc = next_entry(buf, fp, sizeof buf);
1170 if (rc)
1171 goto bad;
1172
1173 len = le32_to_cpu(buf[0]);
1174 comdatum->value = le32_to_cpu(buf[1]);
1175
1176 rc = symtab_init(&comdatum->permissions, PERM_SYMTAB_SIZE);
1177 if (rc)
1178 goto bad;
1179 comdatum->permissions.nprim = le32_to_cpu(buf[2]);
1180 nel = le32_to_cpu(buf[3]);
1181
1182 rc = -ENOMEM;
1183 key = kmalloc(len + 1, GFP_KERNEL);
1184 if (!key)
1185 goto bad;
1186
1187 rc = next_entry(key, fp, len);
1188 if (rc)
1189 goto bad;
1190 key[len] = '\0';
1191
1192 for (i = 0; i < nel; i++) {
1193 rc = perm_read(p, comdatum->permissions.table, fp);
1194 if (rc)
1195 goto bad;
1196 }
1197
1198 rc = hashtab_insert(h, key, comdatum);
1199 if (rc)
1200 goto bad;
1201 return 0;
1202bad:
1203 common_destroy(key, comdatum, NULL);
1204 return rc;
1205}
1206
1207static void type_set_init(struct type_set *t)
1208{
1209 ebitmap_init(&t->types);
1210 ebitmap_init(&t->negset);
1211}
1212
1213static int type_set_read(struct type_set *t, void *fp)
1214{
1215 __le32 buf[1];
1216 int rc;
1217
1218 if (ebitmap_read(&t->types, fp))
1219 return -EINVAL;
1220 if (ebitmap_read(&t->negset, fp))
1221 return -EINVAL;
1222
1223 rc = next_entry(buf, fp, sizeof(u32));
1224 if (rc < 0)
1225 return -EINVAL;
1226 t->flags = le32_to_cpu(buf[0]);
1227
1228 return 0;
1229}
1230
1231
1232static int read_cons_helper(struct policydb *p,
1233 struct constraint_node **nodep,
1234 int ncons, int allowxtarget, void *fp)
1235{
1236 struct constraint_node *c, *lc;
1237 struct constraint_expr *e, *le;
1238 __le32 buf[3];
1239 u32 nexpr;
1240 int rc, i, j, depth;
1241
1242 lc = NULL;
1243 for (i = 0; i < ncons; i++) {
1244 c = kzalloc(sizeof(*c), GFP_KERNEL);
1245 if (!c)
1246 return -ENOMEM;
1247
1248 if (lc)
1249 lc->next = c;
1250 else
1251 *nodep = c;
1252
1253 rc = next_entry(buf, fp, (sizeof(u32) * 2));
1254 if (rc)
1255 return rc;
1256 c->permissions = le32_to_cpu(buf[0]);
1257 nexpr = le32_to_cpu(buf[1]);
1258 le = NULL;
1259 depth = -1;
1260 for (j = 0; j < nexpr; j++) {
1261 e = kzalloc(sizeof(*e), GFP_KERNEL);
1262 if (!e)
1263 return -ENOMEM;
1264
1265 if (le)
1266 le->next = e;
1267 else
1268 c->expr = e;
1269
1270 rc = next_entry(buf, fp, (sizeof(u32) * 3));
1271 if (rc)
1272 return rc;
1273 e->expr_type = le32_to_cpu(buf[0]);
1274 e->attr = le32_to_cpu(buf[1]);
1275 e->op = le32_to_cpu(buf[2]);
1276
1277 switch (e->expr_type) {
1278 case CEXPR_NOT:
1279 if (depth < 0)
1280 return -EINVAL;
1281 break;
1282 case CEXPR_AND:
1283 case CEXPR_OR:
1284 if (depth < 1)
1285 return -EINVAL;
1286 depth--;
1287 break;
1288 case CEXPR_ATTR:
1289 if (depth == (CEXPR_MAXDEPTH - 1))
1290 return -EINVAL;
1291 depth++;
1292 break;
1293 case CEXPR_NAMES:
1294 if (!allowxtarget && (e->attr & CEXPR_XTARGET))
1295 return -EINVAL;
1296 if (depth == (CEXPR_MAXDEPTH - 1))
1297 return -EINVAL;
1298 depth++;
1299 rc = ebitmap_read(&e->names, fp);
1300 if (rc)
1301 return rc;
1302 if (p->policyvers >=
1303 POLICYDB_VERSION_CONSTRAINT_NAMES) {
1304 e->type_names = kzalloc(sizeof
1305 (*e->type_names),
1306 GFP_KERNEL);
1307 if (!e->type_names)
1308 return -ENOMEM;
1309 type_set_init(e->type_names);
1310 rc = type_set_read(e->type_names, fp);
1311 if (rc)
1312 return rc;
1313 }
1314 break;
1315 default:
1316 return -EINVAL;
1317 }
1318 le = e;
1319 }
1320 if (depth != 0)
1321 return -EINVAL;
1322 lc = c;
1323 }
1324
1325 return 0;
1326}
1327
1328static int class_read(struct policydb *p, struct hashtab *h, void *fp)
1329{
1330 char *key = NULL;
1331 struct class_datum *cladatum;
1332 __le32 buf[6];
1333 u32 len, len2, ncons, nel;
1334 int i, rc;
1335
1336 rc = -ENOMEM;
1337 cladatum = kzalloc(sizeof(*cladatum), GFP_KERNEL);
1338 if (!cladatum)
1339 goto bad;
1340
1341 rc = next_entry(buf, fp, sizeof(u32)*6);
1342 if (rc)
1343 goto bad;
1344
1345 len = le32_to_cpu(buf[0]);
1346 len2 = le32_to_cpu(buf[1]);
1347 cladatum->value = le32_to_cpu(buf[2]);
1348
1349 rc = symtab_init(&cladatum->permissions, PERM_SYMTAB_SIZE);
1350 if (rc)
1351 goto bad;
1352 cladatum->permissions.nprim = le32_to_cpu(buf[3]);
1353 nel = le32_to_cpu(buf[4]);
1354
1355 ncons = le32_to_cpu(buf[5]);
1356
1357 rc = -ENOMEM;
1358 key = kmalloc(len + 1, GFP_KERNEL);
1359 if (!key)
1360 goto bad;
1361
1362 rc = next_entry(key, fp, len);
1363 if (rc)
1364 goto bad;
1365 key[len] = '\0';
1366
1367 if (len2) {
1368 rc = -ENOMEM;
1369 cladatum->comkey = kmalloc(len2 + 1, GFP_KERNEL);
1370 if (!cladatum->comkey)
1371 goto bad;
1372 rc = next_entry(cladatum->comkey, fp, len2);
1373 if (rc)
1374 goto bad;
1375 cladatum->comkey[len2] = '\0';
1376
1377 rc = -EINVAL;
1378 cladatum->comdatum = hashtab_search(p->p_commons.table, cladatum->comkey);
1379 if (!cladatum->comdatum) {
1380 printk(KERN_ERR "SELinux: unknown common %s\n", cladatum->comkey);
1381 goto bad;
1382 }
1383 }
1384 for (i = 0; i < nel; i++) {
1385 rc = perm_read(p, cladatum->permissions.table, fp);
1386 if (rc)
1387 goto bad;
1388 }
1389
1390 rc = read_cons_helper(p, &cladatum->constraints, ncons, 0, fp);
1391 if (rc)
1392 goto bad;
1393
1394 if (p->policyvers >= POLICYDB_VERSION_VALIDATETRANS) {
1395
1396 rc = next_entry(buf, fp, sizeof(u32));
1397 if (rc)
1398 goto bad;
1399 ncons = le32_to_cpu(buf[0]);
1400 rc = read_cons_helper(p, &cladatum->validatetrans,
1401 ncons, 1, fp);
1402 if (rc)
1403 goto bad;
1404 }
1405
1406 if (p->policyvers >= POLICYDB_VERSION_NEW_OBJECT_DEFAULTS) {
1407 rc = next_entry(buf, fp, sizeof(u32) * 3);
1408 if (rc)
1409 goto bad;
1410
1411 cladatum->default_user = le32_to_cpu(buf[0]);
1412 cladatum->default_role = le32_to_cpu(buf[1]);
1413 cladatum->default_range = le32_to_cpu(buf[2]);
1414 }
1415
1416 if (p->policyvers >= POLICYDB_VERSION_DEFAULT_TYPE) {
1417 rc = next_entry(buf, fp, sizeof(u32) * 1);
1418 if (rc)
1419 goto bad;
1420 cladatum->default_type = le32_to_cpu(buf[0]);
1421 }
1422
1423 rc = hashtab_insert(h, key, cladatum);
1424 if (rc)
1425 goto bad;
1426
1427 return 0;
1428bad:
1429 cls_destroy(key, cladatum, NULL);
1430 return rc;
1431}
1432
1433static int role_read(struct policydb *p, struct hashtab *h, void *fp)
1434{
1435 char *key = NULL;
1436 struct role_datum *role;
1437 int rc, to_read = 2;
1438 __le32 buf[3];
1439 u32 len;
1440
1441 rc = -ENOMEM;
1442 role = kzalloc(sizeof(*role), GFP_KERNEL);
1443 if (!role)
1444 goto bad;
1445
1446 if (p->policyvers >= POLICYDB_VERSION_BOUNDARY)
1447 to_read = 3;
1448
1449 rc = next_entry(buf, fp, sizeof(buf[0]) * to_read);
1450 if (rc)
1451 goto bad;
1452
1453 len = le32_to_cpu(buf[0]);
1454 role->value = le32_to_cpu(buf[1]);
1455 if (p->policyvers >= POLICYDB_VERSION_BOUNDARY)
1456 role->bounds = le32_to_cpu(buf[2]);
1457
1458 rc = -ENOMEM;
1459 key = kmalloc(len + 1, GFP_KERNEL);
1460 if (!key)
1461 goto bad;
1462
1463 rc = next_entry(key, fp, len);
1464 if (rc)
1465 goto bad;
1466 key[len] = '\0';
1467
1468 rc = ebitmap_read(&role->dominates, fp);
1469 if (rc)
1470 goto bad;
1471
1472 rc = ebitmap_read(&role->types, fp);
1473 if (rc)
1474 goto bad;
1475
1476 if (strcmp(key, OBJECT_R) == 0) {
1477 rc = -EINVAL;
1478 if (role->value != OBJECT_R_VAL) {
1479 printk(KERN_ERR "SELinux: Role %s has wrong value %d\n",
1480 OBJECT_R, role->value);
1481 goto bad;
1482 }
1483 rc = 0;
1484 goto bad;
1485 }
1486
1487 rc = hashtab_insert(h, key, role);
1488 if (rc)
1489 goto bad;
1490 return 0;
1491bad:
1492 role_destroy(key, role, NULL);
1493 return rc;
1494}
1495
1496static int type_read(struct policydb *p, struct hashtab *h, void *fp)
1497{
1498 char *key = NULL;
1499 struct type_datum *typdatum;
1500 int rc, to_read = 3;
1501 __le32 buf[4];
1502 u32 len;
1503
1504 rc = -ENOMEM;
1505 typdatum = kzalloc(sizeof(*typdatum), GFP_KERNEL);
1506 if (!typdatum)
1507 goto bad;
1508
1509 if (p->policyvers >= POLICYDB_VERSION_BOUNDARY)
1510 to_read = 4;
1511
1512 rc = next_entry(buf, fp, sizeof(buf[0]) * to_read);
1513 if (rc)
1514 goto bad;
1515
1516 len = le32_to_cpu(buf[0]);
1517 typdatum->value = le32_to_cpu(buf[1]);
1518 if (p->policyvers >= POLICYDB_VERSION_BOUNDARY) {
1519 u32 prop = le32_to_cpu(buf[2]);
1520
1521 if (prop & TYPEDATUM_PROPERTY_PRIMARY)
1522 typdatum->primary = 1;
1523 if (prop & TYPEDATUM_PROPERTY_ATTRIBUTE)
1524 typdatum->attribute = 1;
1525
1526 typdatum->bounds = le32_to_cpu(buf[3]);
1527 } else {
1528 typdatum->primary = le32_to_cpu(buf[2]);
1529 }
1530
1531 rc = -ENOMEM;
1532 key = kmalloc(len + 1, GFP_KERNEL);
1533 if (!key)
1534 goto bad;
1535 rc = next_entry(key, fp, len);
1536 if (rc)
1537 goto bad;
1538 key[len] = '\0';
1539
1540 rc = hashtab_insert(h, key, typdatum);
1541 if (rc)
1542 goto bad;
1543 return 0;
1544bad:
1545 type_destroy(key, typdatum, NULL);
1546 return rc;
1547}
1548
1549
1550
1551
1552
1553
1554static int mls_read_level(struct mls_level *lp, void *fp)
1555{
1556 __le32 buf[1];
1557 int rc;
1558
1559 memset(lp, 0, sizeof(*lp));
1560
1561 rc = next_entry(buf, fp, sizeof buf);
1562 if (rc) {
1563 printk(KERN_ERR "SELinux: mls: truncated level\n");
1564 return rc;
1565 }
1566 lp->sens = le32_to_cpu(buf[0]);
1567
1568 rc = ebitmap_read(&lp->cat, fp);
1569 if (rc) {
1570 printk(KERN_ERR "SELinux: mls: error reading level categories\n");
1571 return rc;
1572 }
1573 return 0;
1574}
1575
1576static int user_read(struct policydb *p, struct hashtab *h, void *fp)
1577{
1578 char *key = NULL;
1579 struct user_datum *usrdatum;
1580 int rc, to_read = 2;
1581 __le32 buf[3];
1582 u32 len;
1583
1584 rc = -ENOMEM;
1585 usrdatum = kzalloc(sizeof(*usrdatum), GFP_KERNEL);
1586 if (!usrdatum)
1587 goto bad;
1588
1589 if (p->policyvers >= POLICYDB_VERSION_BOUNDARY)
1590 to_read = 3;
1591
1592 rc = next_entry(buf, fp, sizeof(buf[0]) * to_read);
1593 if (rc)
1594 goto bad;
1595
1596 len = le32_to_cpu(buf[0]);
1597 usrdatum->value = le32_to_cpu(buf[1]);
1598 if (p->policyvers >= POLICYDB_VERSION_BOUNDARY)
1599 usrdatum->bounds = le32_to_cpu(buf[2]);
1600
1601 rc = -ENOMEM;
1602 key = kmalloc(len + 1, GFP_KERNEL);
1603 if (!key)
1604 goto bad;
1605 rc = next_entry(key, fp, len);
1606 if (rc)
1607 goto bad;
1608 key[len] = '\0';
1609
1610 rc = ebitmap_read(&usrdatum->roles, fp);
1611 if (rc)
1612 goto bad;
1613
1614 if (p->policyvers >= POLICYDB_VERSION_MLS) {
1615 rc = mls_read_range_helper(&usrdatum->range, fp);
1616 if (rc)
1617 goto bad;
1618 rc = mls_read_level(&usrdatum->dfltlevel, fp);
1619 if (rc)
1620 goto bad;
1621 }
1622
1623 rc = hashtab_insert(h, key, usrdatum);
1624 if (rc)
1625 goto bad;
1626 return 0;
1627bad:
1628 user_destroy(key, usrdatum, NULL);
1629 return rc;
1630}
1631
1632static int sens_read(struct policydb *p, struct hashtab *h, void *fp)
1633{
1634 char *key = NULL;
1635 struct level_datum *levdatum;
1636 int rc;
1637 __le32 buf[2];
1638 u32 len;
1639
1640 rc = -ENOMEM;
1641 levdatum = kzalloc(sizeof(*levdatum), GFP_ATOMIC);
1642 if (!levdatum)
1643 goto bad;
1644
1645 rc = next_entry(buf, fp, sizeof buf);
1646 if (rc)
1647 goto bad;
1648
1649 len = le32_to_cpu(buf[0]);
1650 levdatum->isalias = le32_to_cpu(buf[1]);
1651
1652 rc = -ENOMEM;
1653 key = kmalloc(len + 1, GFP_ATOMIC);
1654 if (!key)
1655 goto bad;
1656 rc = next_entry(key, fp, len);
1657 if (rc)
1658 goto bad;
1659 key[len] = '\0';
1660
1661 rc = -ENOMEM;
1662 levdatum->level = kmalloc(sizeof(struct mls_level), GFP_ATOMIC);
1663 if (!levdatum->level)
1664 goto bad;
1665
1666 rc = mls_read_level(levdatum->level, fp);
1667 if (rc)
1668 goto bad;
1669
1670 rc = hashtab_insert(h, key, levdatum);
1671 if (rc)
1672 goto bad;
1673 return 0;
1674bad:
1675 sens_destroy(key, levdatum, NULL);
1676 return rc;
1677}
1678
1679static int cat_read(struct policydb *p, struct hashtab *h, void *fp)
1680{
1681 char *key = NULL;
1682 struct cat_datum *catdatum;
1683 int rc;
1684 __le32 buf[3];
1685 u32 len;
1686
1687 rc = -ENOMEM;
1688 catdatum = kzalloc(sizeof(*catdatum), GFP_ATOMIC);
1689 if (!catdatum)
1690 goto bad;
1691
1692 rc = next_entry(buf, fp, sizeof buf);
1693 if (rc)
1694 goto bad;
1695
1696 len = le32_to_cpu(buf[0]);
1697 catdatum->value = le32_to_cpu(buf[1]);
1698 catdatum->isalias = le32_to_cpu(buf[2]);
1699
1700 rc = -ENOMEM;
1701 key = kmalloc(len + 1, GFP_ATOMIC);
1702 if (!key)
1703 goto bad;
1704 rc = next_entry(key, fp, len);
1705 if (rc)
1706 goto bad;
1707 key[len] = '\0';
1708
1709 rc = hashtab_insert(h, key, catdatum);
1710 if (rc)
1711 goto bad;
1712 return 0;
1713bad:
1714 cat_destroy(key, catdatum, NULL);
1715 return rc;
1716}
1717
1718static int (*read_f[SYM_NUM]) (struct policydb *p, struct hashtab *h, void *fp) =
1719{
1720 common_read,
1721 class_read,
1722 role_read,
1723 type_read,
1724 user_read,
1725 cond_read_bool,
1726 sens_read,
1727 cat_read,
1728};
1729
1730static int user_bounds_sanity_check(void *key, void *datum, void *datap)
1731{
1732 struct user_datum *upper, *user;
1733 struct policydb *p = datap;
1734 int depth = 0;
1735
1736 upper = user = datum;
1737 while (upper->bounds) {
1738 struct ebitmap_node *node;
1739 unsigned long bit;
1740
1741 if (++depth == POLICYDB_BOUNDS_MAXDEPTH) {
1742 printk(KERN_ERR "SELinux: user %s: "
1743 "too deep or looped boundary",
1744 (char *) key);
1745 return -EINVAL;
1746 }
1747
1748 upper = p->user_val_to_struct[upper->bounds - 1];
1749 ebitmap_for_each_positive_bit(&user->roles, node, bit) {
1750 if (ebitmap_get_bit(&upper->roles, bit))
1751 continue;
1752
1753 printk(KERN_ERR
1754 "SELinux: boundary violated policy: "
1755 "user=%s role=%s bounds=%s\n",
1756 sym_name(p, SYM_USERS, user->value - 1),
1757 sym_name(p, SYM_ROLES, bit),
1758 sym_name(p, SYM_USERS, upper->value - 1));
1759
1760 return -EINVAL;
1761 }
1762 }
1763
1764 return 0;
1765}
1766
1767static int role_bounds_sanity_check(void *key, void *datum, void *datap)
1768{
1769 struct role_datum *upper, *role;
1770 struct policydb *p = datap;
1771 int depth = 0;
1772
1773 upper = role = datum;
1774 while (upper->bounds) {
1775 struct ebitmap_node *node;
1776 unsigned long bit;
1777
1778 if (++depth == POLICYDB_BOUNDS_MAXDEPTH) {
1779 printk(KERN_ERR "SELinux: role %s: "
1780 "too deep or looped bounds\n",
1781 (char *) key);
1782 return -EINVAL;
1783 }
1784
1785 upper = p->role_val_to_struct[upper->bounds - 1];
1786 ebitmap_for_each_positive_bit(&role->types, node, bit) {
1787 if (ebitmap_get_bit(&upper->types, bit))
1788 continue;
1789
1790 printk(KERN_ERR
1791 "SELinux: boundary violated policy: "
1792 "role=%s type=%s bounds=%s\n",
1793 sym_name(p, SYM_ROLES, role->value - 1),
1794 sym_name(p, SYM_TYPES, bit),
1795 sym_name(p, SYM_ROLES, upper->value - 1));
1796
1797 return -EINVAL;
1798 }
1799 }
1800
1801 return 0;
1802}
1803
1804static int type_bounds_sanity_check(void *key, void *datum, void *datap)
1805{
1806 struct type_datum *upper;
1807 struct policydb *p = datap;
1808 int depth = 0;
1809
1810 upper = datum;
1811 while (upper->bounds) {
1812 if (++depth == POLICYDB_BOUNDS_MAXDEPTH) {
1813 printk(KERN_ERR "SELinux: type %s: "
1814 "too deep or looped boundary\n",
1815 (char *) key);
1816 return -EINVAL;
1817 }
1818
1819 upper = flex_array_get_ptr(p->type_val_to_struct_array,
1820 upper->bounds - 1);
1821 BUG_ON(!upper);
1822
1823 if (upper->attribute) {
1824 printk(KERN_ERR "SELinux: type %s: "
1825 "bounded by attribute %s",
1826 (char *) key,
1827 sym_name(p, SYM_TYPES, upper->value - 1));
1828 return -EINVAL;
1829 }
1830 }
1831
1832 return 0;
1833}
1834
1835static int policydb_bounds_sanity_check(struct policydb *p)
1836{
1837 int rc;
1838
1839 if (p->policyvers < POLICYDB_VERSION_BOUNDARY)
1840 return 0;
1841
1842 rc = hashtab_map(p->p_users.table,
1843 user_bounds_sanity_check, p);
1844 if (rc)
1845 return rc;
1846
1847 rc = hashtab_map(p->p_roles.table,
1848 role_bounds_sanity_check, p);
1849 if (rc)
1850 return rc;
1851
1852 rc = hashtab_map(p->p_types.table,
1853 type_bounds_sanity_check, p);
1854 if (rc)
1855 return rc;
1856
1857 return 0;
1858}
1859
1860u16 string_to_security_class(struct policydb *p, const char *name)
1861{
1862 struct class_datum *cladatum;
1863
1864 cladatum = hashtab_search(p->p_classes.table, name);
1865 if (!cladatum)
1866 return 0;
1867
1868 return cladatum->value;
1869}
1870
1871u32 string_to_av_perm(struct policydb *p, u16 tclass, const char *name)
1872{
1873 struct class_datum *cladatum;
1874 struct perm_datum *perdatum = NULL;
1875 struct common_datum *comdatum;
1876
1877 if (!tclass || tclass > p->p_classes.nprim)
1878 return 0;
1879
1880 cladatum = p->class_val_to_struct[tclass-1];
1881 comdatum = cladatum->comdatum;
1882 if (comdatum)
1883 perdatum = hashtab_search(comdatum->permissions.table,
1884 name);
1885 if (!perdatum)
1886 perdatum = hashtab_search(cladatum->permissions.table,
1887 name);
1888 if (!perdatum)
1889 return 0;
1890
1891 return 1U << (perdatum->value-1);
1892}
1893
1894static int range_read(struct policydb *p, void *fp)
1895{
1896 struct range_trans *rt = NULL;
1897 struct mls_range *r = NULL;
1898 int i, rc;
1899 __le32 buf[2];
1900 u32 nel;
1901
1902 if (p->policyvers < POLICYDB_VERSION_MLS)
1903 return 0;
1904
1905 rc = next_entry(buf, fp, sizeof(u32));
1906 if (rc)
1907 goto out;
1908
1909 nel = le32_to_cpu(buf[0]);
1910 for (i = 0; i < nel; i++) {
1911 rc = -ENOMEM;
1912 rt = kzalloc(sizeof(*rt), GFP_KERNEL);
1913 if (!rt)
1914 goto out;
1915
1916 rc = next_entry(buf, fp, (sizeof(u32) * 2));
1917 if (rc)
1918 goto out;
1919
1920 rt->source_type = le32_to_cpu(buf[0]);
1921 rt->target_type = le32_to_cpu(buf[1]);
1922 if (p->policyvers >= POLICYDB_VERSION_RANGETRANS) {
1923 rc = next_entry(buf, fp, sizeof(u32));
1924 if (rc)
1925 goto out;
1926 rt->target_class = le32_to_cpu(buf[0]);
1927 } else
1928 rt->target_class = p->process_class;
1929
1930 rc = -EINVAL;
1931 if (!policydb_type_isvalid(p, rt->source_type) ||
1932 !policydb_type_isvalid(p, rt->target_type) ||
1933 !policydb_class_isvalid(p, rt->target_class))
1934 goto out;
1935
1936 rc = -ENOMEM;
1937 r = kzalloc(sizeof(*r), GFP_KERNEL);
1938 if (!r)
1939 goto out;
1940
1941 rc = mls_read_range_helper(r, fp);
1942 if (rc)
1943 goto out;
1944
1945 rc = -EINVAL;
1946 if (!mls_range_isvalid(p, r)) {
1947 printk(KERN_WARNING "SELinux: rangetrans: invalid range\n");
1948 goto out;
1949 }
1950
1951 rc = hashtab_insert(p->range_tr, rt, r);
1952 if (rc)
1953 goto out;
1954
1955 rt = NULL;
1956 r = NULL;
1957 }
1958 hash_eval(p->range_tr, "rangetr");
1959 rc = 0;
1960out:
1961 kfree(rt);
1962 kfree(r);
1963 return rc;
1964}
1965
1966static int filename_trans_read(struct policydb *p, void *fp)
1967{
1968 struct filename_trans *ft;
1969 struct filename_trans_datum *otype;
1970 char *name;
1971 u32 nel, len;
1972 __le32 buf[4];
1973 int rc, i;
1974
1975 if (p->policyvers < POLICYDB_VERSION_FILENAME_TRANS)
1976 return 0;
1977
1978 rc = next_entry(buf, fp, sizeof(u32));
1979 if (rc)
1980 return rc;
1981 nel = le32_to_cpu(buf[0]);
1982
1983 for (i = 0; i < nel; i++) {
1984 ft = NULL;
1985 otype = NULL;
1986 name = NULL;
1987
1988 rc = -ENOMEM;
1989 ft = kzalloc(sizeof(*ft), GFP_KERNEL);
1990 if (!ft)
1991 goto out;
1992
1993 rc = -ENOMEM;
1994 otype = kmalloc(sizeof(*otype), GFP_KERNEL);
1995 if (!otype)
1996 goto out;
1997
1998
1999 rc = next_entry(buf, fp, sizeof(u32));
2000 if (rc)
2001 goto out;
2002 len = le32_to_cpu(buf[0]);
2003
2004 rc = -ENOMEM;
2005 name = kmalloc(len + 1, GFP_KERNEL);
2006 if (!name)
2007 goto out;
2008
2009 ft->name = name;
2010
2011
2012 rc = next_entry(name, fp, len);
2013 if (rc)
2014 goto out;
2015 name[len] = 0;
2016
2017 rc = next_entry(buf, fp, sizeof(u32) * 4);
2018 if (rc)
2019 goto out;
2020
2021 ft->stype = le32_to_cpu(buf[0]);
2022 ft->ttype = le32_to_cpu(buf[1]);
2023 ft->tclass = le32_to_cpu(buf[2]);
2024
2025 otype->otype = le32_to_cpu(buf[3]);
2026
2027 rc = ebitmap_set_bit(&p->filename_trans_ttypes, ft->ttype, 1);
2028 if (rc)
2029 goto out;
2030
2031 rc = hashtab_insert(p->filename_trans, ft, otype);
2032 if (rc) {
2033
2034
2035
2036
2037 if (rc != -EEXIST)
2038 goto out;
2039
2040 kfree(ft);
2041 kfree(name);
2042 kfree(otype);
2043 }
2044 }
2045 hash_eval(p->filename_trans, "filenametr");
2046 return 0;
2047out:
2048 kfree(ft);
2049 kfree(name);
2050 kfree(otype);
2051
2052 return rc;
2053}
2054
2055static int genfs_read(struct policydb *p, void *fp)
2056{
2057 int i, j, rc;
2058 u32 nel, nel2, len, len2;
2059 __le32 buf[1];
2060 struct ocontext *l, *c;
2061 struct ocontext *newc = NULL;
2062 struct genfs *genfs_p, *genfs;
2063 struct genfs *newgenfs = NULL;
2064
2065 rc = next_entry(buf, fp, sizeof(u32));
2066 if (rc)
2067 goto out;
2068 nel = le32_to_cpu(buf[0]);
2069
2070 for (i = 0; i < nel; i++) {
2071 rc = next_entry(buf, fp, sizeof(u32));
2072 if (rc)
2073 goto out;
2074 len = le32_to_cpu(buf[0]);
2075
2076 rc = -ENOMEM;
2077 newgenfs = kzalloc(sizeof(*newgenfs), GFP_KERNEL);
2078 if (!newgenfs)
2079 goto out;
2080
2081 rc = -ENOMEM;
2082 newgenfs->fstype = kmalloc(len + 1, GFP_KERNEL);
2083 if (!newgenfs->fstype)
2084 goto out;
2085
2086 rc = next_entry(newgenfs->fstype, fp, len);
2087 if (rc)
2088 goto out;
2089
2090 newgenfs->fstype[len] = 0;
2091
2092 for (genfs_p = NULL, genfs = p->genfs; genfs;
2093 genfs_p = genfs, genfs = genfs->next) {
2094 rc = -EINVAL;
2095 if (strcmp(newgenfs->fstype, genfs->fstype) == 0) {
2096 printk(KERN_ERR "SELinux: dup genfs fstype %s\n",
2097 newgenfs->fstype);
2098 goto out;
2099 }
2100 if (strcmp(newgenfs->fstype, genfs->fstype) < 0)
2101 break;
2102 }
2103 newgenfs->next = genfs;
2104 if (genfs_p)
2105 genfs_p->next = newgenfs;
2106 else
2107 p->genfs = newgenfs;
2108 genfs = newgenfs;
2109 newgenfs = NULL;
2110
2111 rc = next_entry(buf, fp, sizeof(u32));
2112 if (rc)
2113 goto out;
2114
2115 nel2 = le32_to_cpu(buf[0]);
2116 for (j = 0; j < nel2; j++) {
2117 rc = next_entry(buf, fp, sizeof(u32));
2118 if (rc)
2119 goto out;
2120 len = le32_to_cpu(buf[0]);
2121
2122 rc = -ENOMEM;
2123 newc = kzalloc(sizeof(*newc), GFP_KERNEL);
2124 if (!newc)
2125 goto out;
2126
2127 rc = -ENOMEM;
2128 newc->u.name = kmalloc(len + 1, GFP_KERNEL);
2129 if (!newc->u.name)
2130 goto out;
2131
2132 rc = next_entry(newc->u.name, fp, len);
2133 if (rc)
2134 goto out;
2135 newc->u.name[len] = 0;
2136
2137 rc = next_entry(buf, fp, sizeof(u32));
2138 if (rc)
2139 goto out;
2140
2141 newc->v.sclass = le32_to_cpu(buf[0]);
2142 rc = context_read_and_validate(&newc->context[0], p, fp);
2143 if (rc)
2144 goto out;
2145
2146 for (l = NULL, c = genfs->head; c;
2147 l = c, c = c->next) {
2148 rc = -EINVAL;
2149 if (!strcmp(newc->u.name, c->u.name) &&
2150 (!c->v.sclass || !newc->v.sclass ||
2151 newc->v.sclass == c->v.sclass)) {
2152 printk(KERN_ERR "SELinux: dup genfs entry (%s,%s)\n",
2153 genfs->fstype, c->u.name);
2154 goto out;
2155 }
2156 len = strlen(newc->u.name);
2157 len2 = strlen(c->u.name);
2158 if (len > len2)
2159 break;
2160 }
2161
2162 newc->next = c;
2163 if (l)
2164 l->next = newc;
2165 else
2166 genfs->head = newc;
2167 newc = NULL;
2168 }
2169 }
2170 rc = 0;
2171out:
2172 if (newgenfs)
2173 kfree(newgenfs->fstype);
2174 kfree(newgenfs);
2175 ocontext_destroy(newc, OCON_FSUSE);
2176
2177 return rc;
2178}
2179
2180static int ocontext_read(struct policydb *p, struct policydb_compat_info *info,
2181 void *fp)
2182{
2183 int i, j, rc;
2184 u32 nel, len;
2185 __be64 prefixbuf[1];
2186 __le32 buf[3];
2187 struct ocontext *l, *c;
2188 u32 nodebuf[8];
2189
2190 for (i = 0; i < info->ocon_num; i++) {
2191 rc = next_entry(buf, fp, sizeof(u32));
2192 if (rc)
2193 goto out;
2194 nel = le32_to_cpu(buf[0]);
2195
2196 l = NULL;
2197 for (j = 0; j < nel; j++) {
2198 rc = -ENOMEM;
2199 c = kzalloc(sizeof(*c), GFP_KERNEL);
2200 if (!c)
2201 goto out;
2202 if (l)
2203 l->next = c;
2204 else
2205 p->ocontexts[i] = c;
2206 l = c;
2207
2208 switch (i) {
2209 case OCON_ISID:
2210 rc = next_entry(buf, fp, sizeof(u32));
2211 if (rc)
2212 goto out;
2213
2214 c->sid[0] = le32_to_cpu(buf[0]);
2215 rc = context_read_and_validate(&c->context[0], p, fp);
2216 if (rc)
2217 goto out;
2218 break;
2219 case OCON_FS:
2220 case OCON_NETIF:
2221 rc = next_entry(buf, fp, sizeof(u32));
2222 if (rc)
2223 goto out;
2224 len = le32_to_cpu(buf[0]);
2225
2226 rc = -ENOMEM;
2227 c->u.name = kmalloc(len + 1, GFP_KERNEL);
2228 if (!c->u.name)
2229 goto out;
2230
2231 rc = next_entry(c->u.name, fp, len);
2232 if (rc)
2233 goto out;
2234
2235 c->u.name[len] = 0;
2236 rc = context_read_and_validate(&c->context[0], p, fp);
2237 if (rc)
2238 goto out;
2239 rc = context_read_and_validate(&c->context[1], p, fp);
2240 if (rc)
2241 goto out;
2242 break;
2243 case OCON_PORT:
2244 rc = next_entry(buf, fp, sizeof(u32)*3);
2245 if (rc)
2246 goto out;
2247 c->u.port.protocol = le32_to_cpu(buf[0]);
2248 c->u.port.low_port = le32_to_cpu(buf[1]);
2249 c->u.port.high_port = le32_to_cpu(buf[2]);
2250 rc = context_read_and_validate(&c->context[0], p, fp);
2251 if (rc)
2252 goto out;
2253 break;
2254 case OCON_NODE:
2255 rc = next_entry(nodebuf, fp, sizeof(u32) * 2);
2256 if (rc)
2257 goto out;
2258 c->u.node.addr = nodebuf[0];
2259 c->u.node.mask = nodebuf[1];
2260 rc = context_read_and_validate(&c->context[0], p, fp);
2261 if (rc)
2262 goto out;
2263 break;
2264 case OCON_FSUSE:
2265 rc = next_entry(buf, fp, sizeof(u32)*2);
2266 if (rc)
2267 goto out;
2268
2269 rc = -EINVAL;
2270 c->v.behavior = le32_to_cpu(buf[0]);
2271
2272 if (c->v.behavior == SECURITY_FS_USE_MNTPOINT)
2273 goto out;
2274 if (c->v.behavior > SECURITY_FS_USE_MAX)
2275 goto out;
2276
2277 rc = -ENOMEM;
2278 len = le32_to_cpu(buf[1]);
2279 c->u.name = kmalloc(len + 1, GFP_KERNEL);
2280 if (!c->u.name)
2281 goto out;
2282
2283 rc = next_entry(c->u.name, fp, len);
2284 if (rc)
2285 goto out;
2286 c->u.name[len] = 0;
2287 rc = context_read_and_validate(&c->context[0], p, fp);
2288 if (rc)
2289 goto out;
2290 break;
2291 case OCON_NODE6: {
2292 int k;
2293
2294 rc = next_entry(nodebuf, fp, sizeof(u32) * 8);
2295 if (rc)
2296 goto out;
2297 for (k = 0; k < 4; k++)
2298 c->u.node6.addr[k] = nodebuf[k];
2299 for (k = 0; k < 4; k++)
2300 c->u.node6.mask[k] = nodebuf[k+4];
2301 rc = context_read_and_validate(&c->context[0], p, fp);
2302 if (rc)
2303 goto out;
2304 break;
2305 }
2306 case OCON_IBPKEY: {
2307 u32 pkey_lo, pkey_hi;
2308
2309 rc = next_entry(prefixbuf, fp, sizeof(u64));
2310 if (rc)
2311 goto out;
2312
2313
2314 c->u.ibpkey.subnet_prefix = be64_to_cpu(prefixbuf[0]);
2315
2316 rc = next_entry(buf, fp, sizeof(u32) * 2);
2317 if (rc)
2318 goto out;
2319
2320 pkey_lo = le32_to_cpu(buf[0]);
2321 pkey_hi = le32_to_cpu(buf[1]);
2322
2323 if (pkey_lo > U16_MAX || pkey_hi > U16_MAX) {
2324 rc = -EINVAL;
2325 goto out;
2326 }
2327
2328 c->u.ibpkey.low_pkey = pkey_lo;
2329 c->u.ibpkey.high_pkey = pkey_hi;
2330
2331 rc = context_read_and_validate(&c->context[0],
2332 p,
2333 fp);
2334 if (rc)
2335 goto out;
2336 break;
2337 }
2338 case OCON_IBENDPORT: {
2339 u32 port;
2340
2341 rc = next_entry(buf, fp, sizeof(u32) * 2);
2342 if (rc)
2343 goto out;
2344 len = le32_to_cpu(buf[0]);
2345
2346 rc = -ENOMEM;
2347 c->u.ibendport.dev_name = kmalloc(len + 1,
2348 GFP_KERNEL);
2349 if (!c->u.ibendport.dev_name)
2350 goto out;
2351
2352 rc = next_entry(c->u.ibendport.dev_name,
2353 fp, len);
2354 if (rc)
2355 goto out;
2356 c->u.ibendport.dev_name[len] = 0;
2357
2358 port = le32_to_cpu(buf[1]);
2359 if (port > U8_MAX || port == 0) {
2360 rc = -EINVAL;
2361 goto out;
2362 }
2363
2364 c->u.ibendport.port = port;
2365
2366 rc = context_read_and_validate(&c->context[0],
2367 p,
2368 fp);
2369 if (rc)
2370 goto out;
2371 break;
2372 }
2373 }
2374 }
2375 }
2376 rc = 0;
2377out:
2378 return rc;
2379}
2380
2381
2382
2383
2384
2385int policydb_read(struct policydb *p, void *fp)
2386{
2387 struct role_allow *ra, *lra;
2388 struct role_trans *tr, *ltr;
2389 int i, j, rc;
2390 __le32 buf[4];
2391 u32 len, nprim, nel;
2392
2393 char *policydb_str;
2394 struct policydb_compat_info *info;
2395
2396 rc = policydb_init(p);
2397 if (rc)
2398 return rc;
2399
2400
2401 rc = next_entry(buf, fp, sizeof(u32) * 2);
2402 if (rc)
2403 goto bad;
2404
2405 rc = -EINVAL;
2406 if (le32_to_cpu(buf[0]) != POLICYDB_MAGIC) {
2407 printk(KERN_ERR "SELinux: policydb magic number 0x%x does "
2408 "not match expected magic number 0x%x\n",
2409 le32_to_cpu(buf[0]), POLICYDB_MAGIC);
2410 goto bad;
2411 }
2412
2413 rc = -EINVAL;
2414 len = le32_to_cpu(buf[1]);
2415 if (len != strlen(POLICYDB_STRING)) {
2416 printk(KERN_ERR "SELinux: policydb string length %d does not "
2417 "match expected length %Zu\n",
2418 len, strlen(POLICYDB_STRING));
2419 goto bad;
2420 }
2421
2422 rc = -ENOMEM;
2423 policydb_str = kmalloc(len + 1, GFP_KERNEL);
2424 if (!policydb_str) {
2425 printk(KERN_ERR "SELinux: unable to allocate memory for policydb "
2426 "string of length %d\n", len);
2427 goto bad;
2428 }
2429
2430 rc = next_entry(policydb_str, fp, len);
2431 if (rc) {
2432 printk(KERN_ERR "SELinux: truncated policydb string identifier\n");
2433 kfree(policydb_str);
2434 goto bad;
2435 }
2436
2437 rc = -EINVAL;
2438 policydb_str[len] = '\0';
2439 if (strcmp(policydb_str, POLICYDB_STRING)) {
2440 printk(KERN_ERR "SELinux: policydb string %s does not match "
2441 "my string %s\n", policydb_str, POLICYDB_STRING);
2442 kfree(policydb_str);
2443 goto bad;
2444 }
2445
2446 kfree(policydb_str);
2447 policydb_str = NULL;
2448
2449
2450 rc = next_entry(buf, fp, sizeof(u32)*4);
2451 if (rc)
2452 goto bad;
2453
2454 rc = -EINVAL;
2455 p->policyvers = le32_to_cpu(buf[0]);
2456 if (p->policyvers < POLICYDB_VERSION_MIN ||
2457 p->policyvers > POLICYDB_VERSION_MAX) {
2458 printk(KERN_ERR "SELinux: policydb version %d does not match "
2459 "my version range %d-%d\n",
2460 le32_to_cpu(buf[0]), POLICYDB_VERSION_MIN, POLICYDB_VERSION_MAX);
2461 goto bad;
2462 }
2463
2464 if ((le32_to_cpu(buf[1]) & POLICYDB_CONFIG_MLS)) {
2465 p->mls_enabled = 1;
2466
2467 rc = -EINVAL;
2468 if (p->policyvers < POLICYDB_VERSION_MLS) {
2469 printk(KERN_ERR "SELinux: security policydb version %d "
2470 "(MLS) not backwards compatible\n",
2471 p->policyvers);
2472 goto bad;
2473 }
2474 }
2475 p->reject_unknown = !!(le32_to_cpu(buf[1]) & REJECT_UNKNOWN);
2476 p->allow_unknown = !!(le32_to_cpu(buf[1]) & ALLOW_UNKNOWN);
2477
2478 if (p->policyvers >= POLICYDB_VERSION_POLCAP) {
2479 rc = ebitmap_read(&p->policycaps, fp);
2480 if (rc)
2481 goto bad;
2482 }
2483
2484 if (p->policyvers >= POLICYDB_VERSION_PERMISSIVE) {
2485 rc = ebitmap_read(&p->permissive_map, fp);
2486 if (rc)
2487 goto bad;
2488 }
2489
2490 rc = -EINVAL;
2491 info = policydb_lookup_compat(p->policyvers);
2492 if (!info) {
2493 printk(KERN_ERR "SELinux: unable to find policy compat info "
2494 "for version %d\n", p->policyvers);
2495 goto bad;
2496 }
2497
2498 rc = -EINVAL;
2499 if (le32_to_cpu(buf[2]) != info->sym_num ||
2500 le32_to_cpu(buf[3]) != info->ocon_num) {
2501 printk(KERN_ERR "SELinux: policydb table sizes (%d,%d) do "
2502 "not match mine (%d,%d)\n", le32_to_cpu(buf[2]),
2503 le32_to_cpu(buf[3]),
2504 info->sym_num, info->ocon_num);
2505 goto bad;
2506 }
2507
2508 for (i = 0; i < info->sym_num; i++) {
2509 rc = next_entry(buf, fp, sizeof(u32)*2);
2510 if (rc)
2511 goto bad;
2512 nprim = le32_to_cpu(buf[0]);
2513 nel = le32_to_cpu(buf[1]);
2514 for (j = 0; j < nel; j++) {
2515 rc = read_f[i](p, p->symtab[i].table, fp);
2516 if (rc)
2517 goto bad;
2518 }
2519
2520 p->symtab[i].nprim = nprim;
2521 }
2522
2523 rc = -EINVAL;
2524 p->process_class = string_to_security_class(p, "process");
2525 if (!p->process_class)
2526 goto bad;
2527
2528 rc = avtab_read(&p->te_avtab, fp, p);
2529 if (rc)
2530 goto bad;
2531
2532 if (p->policyvers >= POLICYDB_VERSION_BOOL) {
2533 rc = cond_read_list(p, fp);
2534 if (rc)
2535 goto bad;
2536 }
2537
2538 rc = next_entry(buf, fp, sizeof(u32));
2539 if (rc)
2540 goto bad;
2541 nel = le32_to_cpu(buf[0]);
2542 ltr = NULL;
2543 for (i = 0; i < nel; i++) {
2544 rc = -ENOMEM;
2545 tr = kzalloc(sizeof(*tr), GFP_KERNEL);
2546 if (!tr)
2547 goto bad;
2548 if (ltr)
2549 ltr->next = tr;
2550 else
2551 p->role_tr = tr;
2552 rc = next_entry(buf, fp, sizeof(u32)*3);
2553 if (rc)
2554 goto bad;
2555
2556 rc = -EINVAL;
2557 tr->role = le32_to_cpu(buf[0]);
2558 tr->type = le32_to_cpu(buf[1]);
2559 tr->new_role = le32_to_cpu(buf[2]);
2560 if (p->policyvers >= POLICYDB_VERSION_ROLETRANS) {
2561 rc = next_entry(buf, fp, sizeof(u32));
2562 if (rc)
2563 goto bad;
2564 tr->tclass = le32_to_cpu(buf[0]);
2565 } else
2566 tr->tclass = p->process_class;
2567
2568 if (!policydb_role_isvalid(p, tr->role) ||
2569 !policydb_type_isvalid(p, tr->type) ||
2570 !policydb_class_isvalid(p, tr->tclass) ||
2571 !policydb_role_isvalid(p, tr->new_role))
2572 goto bad;
2573 ltr = tr;
2574 }
2575
2576 rc = next_entry(buf, fp, sizeof(u32));
2577 if (rc)
2578 goto bad;
2579 nel = le32_to_cpu(buf[0]);
2580 lra = NULL;
2581 for (i = 0; i < nel; i++) {
2582 rc = -ENOMEM;
2583 ra = kzalloc(sizeof(*ra), GFP_KERNEL);
2584 if (!ra)
2585 goto bad;
2586 if (lra)
2587 lra->next = ra;
2588 else
2589 p->role_allow = ra;
2590 rc = next_entry(buf, fp, sizeof(u32)*2);
2591 if (rc)
2592 goto bad;
2593
2594 rc = -EINVAL;
2595 ra->role = le32_to_cpu(buf[0]);
2596 ra->new_role = le32_to_cpu(buf[1]);
2597 if (!policydb_role_isvalid(p, ra->role) ||
2598 !policydb_role_isvalid(p, ra->new_role))
2599 goto bad;
2600 lra = ra;
2601 }
2602
2603 rc = filename_trans_read(p, fp);
2604 if (rc)
2605 goto bad;
2606
2607 rc = policydb_index(p);
2608 if (rc)
2609 goto bad;
2610
2611 rc = -EINVAL;
2612 p->process_trans_perms = string_to_av_perm(p, p->process_class, "transition");
2613 p->process_trans_perms |= string_to_av_perm(p, p->process_class, "dyntransition");
2614 if (!p->process_trans_perms)
2615 goto bad;
2616
2617 rc = ocontext_read(p, info, fp);
2618 if (rc)
2619 goto bad;
2620
2621 rc = genfs_read(p, fp);
2622 if (rc)
2623 goto bad;
2624
2625 rc = range_read(p, fp);
2626 if (rc)
2627 goto bad;
2628
2629 rc = -ENOMEM;
2630 p->type_attr_map_array = flex_array_alloc(sizeof(struct ebitmap),
2631 p->p_types.nprim,
2632 GFP_KERNEL | __GFP_ZERO);
2633 if (!p->type_attr_map_array)
2634 goto bad;
2635
2636
2637 rc = flex_array_prealloc(p->type_attr_map_array, 0, p->p_types.nprim,
2638 GFP_KERNEL | __GFP_ZERO);
2639 if (rc)
2640 goto bad;
2641
2642 for (i = 0; i < p->p_types.nprim; i++) {
2643 struct ebitmap *e = flex_array_get(p->type_attr_map_array, i);
2644
2645 BUG_ON(!e);
2646 ebitmap_init(e);
2647 if (p->policyvers >= POLICYDB_VERSION_AVTAB) {
2648 rc = ebitmap_read(e, fp);
2649 if (rc)
2650 goto bad;
2651 }
2652
2653 rc = ebitmap_set_bit(e, i, 1);
2654 if (rc)
2655 goto bad;
2656 }
2657
2658 rc = policydb_bounds_sanity_check(p);
2659 if (rc)
2660 goto bad;
2661
2662 rc = 0;
2663out:
2664 return rc;
2665bad:
2666 policydb_destroy(p);
2667 goto out;
2668}
2669
2670
2671
2672
2673
2674static int mls_write_level(struct mls_level *l, void *fp)
2675{
2676 __le32 buf[1];
2677 int rc;
2678
2679 buf[0] = cpu_to_le32(l->sens);
2680 rc = put_entry(buf, sizeof(u32), 1, fp);
2681 if (rc)
2682 return rc;
2683
2684 rc = ebitmap_write(&l->cat, fp);
2685 if (rc)
2686 return rc;
2687
2688 return 0;
2689}
2690
2691
2692
2693
2694
2695static int mls_write_range_helper(struct mls_range *r, void *fp)
2696{
2697 __le32 buf[3];
2698 size_t items;
2699 int rc, eq;
2700
2701 eq = mls_level_eq(&r->level[1], &r->level[0]);
2702
2703 if (eq)
2704 items = 2;
2705 else
2706 items = 3;
2707 buf[0] = cpu_to_le32(items-1);
2708 buf[1] = cpu_to_le32(r->level[0].sens);
2709 if (!eq)
2710 buf[2] = cpu_to_le32(r->level[1].sens);
2711
2712 BUG_ON(items > (sizeof(buf)/sizeof(buf[0])));
2713
2714 rc = put_entry(buf, sizeof(u32), items, fp);
2715 if (rc)
2716 return rc;
2717
2718 rc = ebitmap_write(&r->level[0].cat, fp);
2719 if (rc)
2720 return rc;
2721 if (!eq) {
2722 rc = ebitmap_write(&r->level[1].cat, fp);
2723 if (rc)
2724 return rc;
2725 }
2726
2727 return 0;
2728}
2729
2730static int sens_write(void *vkey, void *datum, void *ptr)
2731{
2732 char *key = vkey;
2733 struct level_datum *levdatum = datum;
2734 struct policy_data *pd = ptr;
2735 void *fp = pd->fp;
2736 __le32 buf[2];
2737 size_t len;
2738 int rc;
2739
2740 len = strlen(key);
2741 buf[0] = cpu_to_le32(len);
2742 buf[1] = cpu_to_le32(levdatum->isalias);
2743 rc = put_entry(buf, sizeof(u32), 2, fp);
2744 if (rc)
2745 return rc;
2746
2747 rc = put_entry(key, 1, len, fp);
2748 if (rc)
2749 return rc;
2750
2751 rc = mls_write_level(levdatum->level, fp);
2752 if (rc)
2753 return rc;
2754
2755 return 0;
2756}
2757
2758static int cat_write(void *vkey, void *datum, void *ptr)
2759{
2760 char *key = vkey;
2761 struct cat_datum *catdatum = datum;
2762 struct policy_data *pd = ptr;
2763 void *fp = pd->fp;
2764 __le32 buf[3];
2765 size_t len;
2766 int rc;
2767
2768 len = strlen(key);
2769 buf[0] = cpu_to_le32(len);
2770 buf[1] = cpu_to_le32(catdatum->value);
2771 buf[2] = cpu_to_le32(catdatum->isalias);
2772 rc = put_entry(buf, sizeof(u32), 3, fp);
2773 if (rc)
2774 return rc;
2775
2776 rc = put_entry(key, 1, len, fp);
2777 if (rc)
2778 return rc;
2779
2780 return 0;
2781}
2782
2783static int role_trans_write(struct policydb *p, void *fp)
2784{
2785 struct role_trans *r = p->role_tr;
2786 struct role_trans *tr;
2787 u32 buf[3];
2788 size_t nel;
2789 int rc;
2790
2791 nel = 0;
2792 for (tr = r; tr; tr = tr->next)
2793 nel++;
2794 buf[0] = cpu_to_le32(nel);
2795 rc = put_entry(buf, sizeof(u32), 1, fp);
2796 if (rc)
2797 return rc;
2798 for (tr = r; tr; tr = tr->next) {
2799 buf[0] = cpu_to_le32(tr->role);
2800 buf[1] = cpu_to_le32(tr->type);
2801 buf[2] = cpu_to_le32(tr->new_role);
2802 rc = put_entry(buf, sizeof(u32), 3, fp);
2803 if (rc)
2804 return rc;
2805 if (p->policyvers >= POLICYDB_VERSION_ROLETRANS) {
2806 buf[0] = cpu_to_le32(tr->tclass);
2807 rc = put_entry(buf, sizeof(u32), 1, fp);
2808 if (rc)
2809 return rc;
2810 }
2811 }
2812
2813 return 0;
2814}
2815
2816static int role_allow_write(struct role_allow *r, void *fp)
2817{
2818 struct role_allow *ra;
2819 u32 buf[2];
2820 size_t nel;
2821 int rc;
2822
2823 nel = 0;
2824 for (ra = r; ra; ra = ra->next)
2825 nel++;
2826 buf[0] = cpu_to_le32(nel);
2827 rc = put_entry(buf, sizeof(u32), 1, fp);
2828 if (rc)
2829 return rc;
2830 for (ra = r; ra; ra = ra->next) {
2831 buf[0] = cpu_to_le32(ra->role);
2832 buf[1] = cpu_to_le32(ra->new_role);
2833 rc = put_entry(buf, sizeof(u32), 2, fp);
2834 if (rc)
2835 return rc;
2836 }
2837 return 0;
2838}
2839
2840
2841
2842
2843
2844static int context_write(struct policydb *p, struct context *c,
2845 void *fp)
2846{
2847 int rc;
2848 __le32 buf[3];
2849
2850 buf[0] = cpu_to_le32(c->user);
2851 buf[1] = cpu_to_le32(c->role);
2852 buf[2] = cpu_to_le32(c->type);
2853
2854 rc = put_entry(buf, sizeof(u32), 3, fp);
2855 if (rc)
2856 return rc;
2857
2858 rc = mls_write_range_helper(&c->range, fp);
2859 if (rc)
2860 return rc;
2861
2862 return 0;
2863}
2864
2865
2866
2867
2868
2869
2870
2871static int perm_write(void *vkey, void *datum, void *fp)
2872{
2873 char *key = vkey;
2874 struct perm_datum *perdatum = datum;
2875 __le32 buf[2];
2876 size_t len;
2877 int rc;
2878
2879 len = strlen(key);
2880 buf[0] = cpu_to_le32(len);
2881 buf[1] = cpu_to_le32(perdatum->value);
2882 rc = put_entry(buf, sizeof(u32), 2, fp);
2883 if (rc)
2884 return rc;
2885
2886 rc = put_entry(key, 1, len, fp);
2887 if (rc)
2888 return rc;
2889
2890 return 0;
2891}
2892
2893static int common_write(void *vkey, void *datum, void *ptr)
2894{
2895 char *key = vkey;
2896 struct common_datum *comdatum = datum;
2897 struct policy_data *pd = ptr;
2898 void *fp = pd->fp;
2899 __le32 buf[4];
2900 size_t len;
2901 int rc;
2902
2903 len = strlen(key);
2904 buf[0] = cpu_to_le32(len);
2905 buf[1] = cpu_to_le32(comdatum->value);
2906 buf[2] = cpu_to_le32(comdatum->permissions.nprim);
2907 buf[3] = cpu_to_le32(comdatum->permissions.table->nel);
2908 rc = put_entry(buf, sizeof(u32), 4, fp);
2909 if (rc)
2910 return rc;
2911
2912 rc = put_entry(key, 1, len, fp);
2913 if (rc)
2914 return rc;
2915
2916 rc = hashtab_map(comdatum->permissions.table, perm_write, fp);
2917 if (rc)
2918 return rc;
2919
2920 return 0;
2921}
2922
2923static int type_set_write(struct type_set *t, void *fp)
2924{
2925 int rc;
2926 __le32 buf[1];
2927
2928 if (ebitmap_write(&t->types, fp))
2929 return -EINVAL;
2930 if (ebitmap_write(&t->negset, fp))
2931 return -EINVAL;
2932
2933 buf[0] = cpu_to_le32(t->flags);
2934 rc = put_entry(buf, sizeof(u32), 1, fp);
2935 if (rc)
2936 return -EINVAL;
2937
2938 return 0;
2939}
2940
2941static int write_cons_helper(struct policydb *p, struct constraint_node *node,
2942 void *fp)
2943{
2944 struct constraint_node *c;
2945 struct constraint_expr *e;
2946 __le32 buf[3];
2947 u32 nel;
2948 int rc;
2949
2950 for (c = node; c; c = c->next) {
2951 nel = 0;
2952 for (e = c->expr; e; e = e->next)
2953 nel++;
2954 buf[0] = cpu_to_le32(c->permissions);
2955 buf[1] = cpu_to_le32(nel);
2956 rc = put_entry(buf, sizeof(u32), 2, fp);
2957 if (rc)
2958 return rc;
2959 for (e = c->expr; e; e = e->next) {
2960 buf[0] = cpu_to_le32(e->expr_type);
2961 buf[1] = cpu_to_le32(e->attr);
2962 buf[2] = cpu_to_le32(e->op);
2963 rc = put_entry(buf, sizeof(u32), 3, fp);
2964 if (rc)
2965 return rc;
2966
2967 switch (e->expr_type) {
2968 case CEXPR_NAMES:
2969 rc = ebitmap_write(&e->names, fp);
2970 if (rc)
2971 return rc;
2972 if (p->policyvers >=
2973 POLICYDB_VERSION_CONSTRAINT_NAMES) {
2974 rc = type_set_write(e->type_names, fp);
2975 if (rc)
2976 return rc;
2977 }
2978 break;
2979 default:
2980 break;
2981 }
2982 }
2983 }
2984
2985 return 0;
2986}
2987
2988static int class_write(void *vkey, void *datum, void *ptr)
2989{
2990 char *key = vkey;
2991 struct class_datum *cladatum = datum;
2992 struct policy_data *pd = ptr;
2993 void *fp = pd->fp;
2994 struct policydb *p = pd->p;
2995 struct constraint_node *c;
2996 __le32 buf[6];
2997 u32 ncons;
2998 size_t len, len2;
2999 int rc;
3000
3001 len = strlen(key);
3002 if (cladatum->comkey)
3003 len2 = strlen(cladatum->comkey);
3004 else
3005 len2 = 0;
3006
3007 ncons = 0;
3008 for (c = cladatum->constraints; c; c = c->next)
3009 ncons++;
3010
3011 buf[0] = cpu_to_le32(len);
3012 buf[1] = cpu_to_le32(len2);
3013 buf[2] = cpu_to_le32(cladatum->value);
3014 buf[3] = cpu_to_le32(cladatum->permissions.nprim);
3015 if (cladatum->permissions.table)
3016 buf[4] = cpu_to_le32(cladatum->permissions.table->nel);
3017 else
3018 buf[4] = 0;
3019 buf[5] = cpu_to_le32(ncons);
3020 rc = put_entry(buf, sizeof(u32), 6, fp);
3021 if (rc)
3022 return rc;
3023
3024 rc = put_entry(key, 1, len, fp);
3025 if (rc)
3026 return rc;
3027
3028 if (cladatum->comkey) {
3029 rc = put_entry(cladatum->comkey, 1, len2, fp);
3030 if (rc)
3031 return rc;
3032 }
3033
3034 rc = hashtab_map(cladatum->permissions.table, perm_write, fp);
3035 if (rc)
3036 return rc;
3037
3038 rc = write_cons_helper(p, cladatum->constraints, fp);
3039 if (rc)
3040 return rc;
3041
3042
3043 ncons = 0;
3044 for (c = cladatum->validatetrans; c; c = c->next)
3045 ncons++;
3046
3047 buf[0] = cpu_to_le32(ncons);
3048 rc = put_entry(buf, sizeof(u32), 1, fp);
3049 if (rc)
3050 return rc;
3051
3052 rc = write_cons_helper(p, cladatum->validatetrans, fp);
3053 if (rc)
3054 return rc;
3055
3056 if (p->policyvers >= POLICYDB_VERSION_NEW_OBJECT_DEFAULTS) {
3057 buf[0] = cpu_to_le32(cladatum->default_user);
3058 buf[1] = cpu_to_le32(cladatum->default_role);
3059 buf[2] = cpu_to_le32(cladatum->default_range);
3060
3061 rc = put_entry(buf, sizeof(uint32_t), 3, fp);
3062 if (rc)
3063 return rc;
3064 }
3065
3066 if (p->policyvers >= POLICYDB_VERSION_DEFAULT_TYPE) {
3067 buf[0] = cpu_to_le32(cladatum->default_type);
3068 rc = put_entry(buf, sizeof(uint32_t), 1, fp);
3069 if (rc)
3070 return rc;
3071 }
3072
3073 return 0;
3074}
3075
3076static int role_write(void *vkey, void *datum, void *ptr)
3077{
3078 char *key = vkey;
3079 struct role_datum *role = datum;
3080 struct policy_data *pd = ptr;
3081 void *fp = pd->fp;
3082 struct policydb *p = pd->p;
3083 __le32 buf[3];
3084 size_t items, len;
3085 int rc;
3086
3087 len = strlen(key);
3088 items = 0;
3089 buf[items++] = cpu_to_le32(len);
3090 buf[items++] = cpu_to_le32(role->value);
3091 if (p->policyvers >= POLICYDB_VERSION_BOUNDARY)
3092 buf[items++] = cpu_to_le32(role->bounds);
3093
3094 BUG_ON(items > (sizeof(buf)/sizeof(buf[0])));
3095
3096 rc = put_entry(buf, sizeof(u32), items, fp);
3097 if (rc)
3098 return rc;
3099
3100 rc = put_entry(key, 1, len, fp);
3101 if (rc)
3102 return rc;
3103
3104 rc = ebitmap_write(&role->dominates, fp);
3105 if (rc)
3106 return rc;
3107
3108 rc = ebitmap_write(&role->types, fp);
3109 if (rc)
3110 return rc;
3111
3112 return 0;
3113}
3114
3115static int type_write(void *vkey, void *datum, void *ptr)
3116{
3117 char *key = vkey;
3118 struct type_datum *typdatum = datum;
3119 struct policy_data *pd = ptr;
3120 struct policydb *p = pd->p;
3121 void *fp = pd->fp;
3122 __le32 buf[4];
3123 int rc;
3124 size_t items, len;
3125
3126 len = strlen(key);
3127 items = 0;
3128 buf[items++] = cpu_to_le32(len);
3129 buf[items++] = cpu_to_le32(typdatum->value);
3130 if (p->policyvers >= POLICYDB_VERSION_BOUNDARY) {
3131 u32 properties = 0;
3132
3133 if (typdatum->primary)
3134 properties |= TYPEDATUM_PROPERTY_PRIMARY;
3135
3136 if (typdatum->attribute)
3137 properties |= TYPEDATUM_PROPERTY_ATTRIBUTE;
3138
3139 buf[items++] = cpu_to_le32(properties);
3140 buf[items++] = cpu_to_le32(typdatum->bounds);
3141 } else {
3142 buf[items++] = cpu_to_le32(typdatum->primary);
3143 }
3144 BUG_ON(items > (sizeof(buf) / sizeof(buf[0])));
3145 rc = put_entry(buf, sizeof(u32), items, fp);
3146 if (rc)
3147 return rc;
3148
3149 rc = put_entry(key, 1, len, fp);
3150 if (rc)
3151 return rc;
3152
3153 return 0;
3154}
3155
3156static int user_write(void *vkey, void *datum, void *ptr)
3157{
3158 char *key = vkey;
3159 struct user_datum *usrdatum = datum;
3160 struct policy_data *pd = ptr;
3161 struct policydb *p = pd->p;
3162 void *fp = pd->fp;
3163 __le32 buf[3];
3164 size_t items, len;
3165 int rc;
3166
3167 len = strlen(key);
3168 items = 0;
3169 buf[items++] = cpu_to_le32(len);
3170 buf[items++] = cpu_to_le32(usrdatum->value);
3171 if (p->policyvers >= POLICYDB_VERSION_BOUNDARY)
3172 buf[items++] = cpu_to_le32(usrdatum->bounds);
3173 BUG_ON(items > (sizeof(buf) / sizeof(buf[0])));
3174 rc = put_entry(buf, sizeof(u32), items, fp);
3175 if (rc)
3176 return rc;
3177
3178 rc = put_entry(key, 1, len, fp);
3179 if (rc)
3180 return rc;
3181
3182 rc = ebitmap_write(&usrdatum->roles, fp);
3183 if (rc)
3184 return rc;
3185
3186 rc = mls_write_range_helper(&usrdatum->range, fp);
3187 if (rc)
3188 return rc;
3189
3190 rc = mls_write_level(&usrdatum->dfltlevel, fp);
3191 if (rc)
3192 return rc;
3193
3194 return 0;
3195}
3196
3197static int (*write_f[SYM_NUM]) (void *key, void *datum,
3198 void *datap) =
3199{
3200 common_write,
3201 class_write,
3202 role_write,
3203 type_write,
3204 user_write,
3205 cond_write_bool,
3206 sens_write,
3207 cat_write,
3208};
3209
3210static int ocontext_write(struct policydb *p, struct policydb_compat_info *info,
3211 void *fp)
3212{
3213 unsigned int i, j, rc;
3214 size_t nel, len;
3215 __be64 prefixbuf[1];
3216 __le32 buf[3];
3217 u32 nodebuf[8];
3218 struct ocontext *c;
3219 for (i = 0; i < info->ocon_num; i++) {
3220 nel = 0;
3221 for (c = p->ocontexts[i]; c; c = c->next)
3222 nel++;
3223 buf[0] = cpu_to_le32(nel);
3224 rc = put_entry(buf, sizeof(u32), 1, fp);
3225 if (rc)
3226 return rc;
3227 for (c = p->ocontexts[i]; c; c = c->next) {
3228 switch (i) {
3229 case OCON_ISID:
3230 buf[0] = cpu_to_le32(c->sid[0]);
3231 rc = put_entry(buf, sizeof(u32), 1, fp);
3232 if (rc)
3233 return rc;
3234 rc = context_write(p, &c->context[0], fp);
3235 if (rc)
3236 return rc;
3237 break;
3238 case OCON_FS:
3239 case OCON_NETIF:
3240 len = strlen(c->u.name);
3241 buf[0] = cpu_to_le32(len);
3242 rc = put_entry(buf, sizeof(u32), 1, fp);
3243 if (rc)
3244 return rc;
3245 rc = put_entry(c->u.name, 1, len, fp);
3246 if (rc)
3247 return rc;
3248 rc = context_write(p, &c->context[0], fp);
3249 if (rc)
3250 return rc;
3251 rc = context_write(p, &c->context[1], fp);
3252 if (rc)
3253 return rc;
3254 break;
3255 case OCON_PORT:
3256 buf[0] = cpu_to_le32(c->u.port.protocol);
3257 buf[1] = cpu_to_le32(c->u.port.low_port);
3258 buf[2] = cpu_to_le32(c->u.port.high_port);
3259 rc = put_entry(buf, sizeof(u32), 3, fp);
3260 if (rc)
3261 return rc;
3262 rc = context_write(p, &c->context[0], fp);
3263 if (rc)
3264 return rc;
3265 break;
3266 case OCON_NODE:
3267 nodebuf[0] = c->u.node.addr;
3268 nodebuf[1] = c->u.node.mask;
3269 rc = put_entry(nodebuf, sizeof(u32), 2, fp);
3270 if (rc)
3271 return rc;
3272 rc = context_write(p, &c->context[0], fp);
3273 if (rc)
3274 return rc;
3275 break;
3276 case OCON_FSUSE:
3277 buf[0] = cpu_to_le32(c->v.behavior);
3278 len = strlen(c->u.name);
3279 buf[1] = cpu_to_le32(len);
3280 rc = put_entry(buf, sizeof(u32), 2, fp);
3281 if (rc)
3282 return rc;
3283 rc = put_entry(c->u.name, 1, len, fp);
3284 if (rc)
3285 return rc;
3286 rc = context_write(p, &c->context[0], fp);
3287 if (rc)
3288 return rc;
3289 break;
3290 case OCON_NODE6:
3291 for (j = 0; j < 4; j++)
3292 nodebuf[j] = c->u.node6.addr[j];
3293 for (j = 0; j < 4; j++)
3294 nodebuf[j + 4] = c->u.node6.mask[j];
3295 rc = put_entry(nodebuf, sizeof(u32), 8, fp);
3296 if (rc)
3297 return rc;
3298 rc = context_write(p, &c->context[0], fp);
3299 if (rc)
3300 return rc;
3301 break;
3302 case OCON_IBPKEY:
3303
3304 prefixbuf[0] = cpu_to_be64(c->u.ibpkey.subnet_prefix);
3305
3306 rc = put_entry(prefixbuf, sizeof(u64), 1, fp);
3307 if (rc)
3308 return rc;
3309
3310 buf[0] = cpu_to_le32(c->u.ibpkey.low_pkey);
3311 buf[1] = cpu_to_le32(c->u.ibpkey.high_pkey);
3312
3313 rc = put_entry(buf, sizeof(u32), 2, fp);
3314 if (rc)
3315 return rc;
3316 rc = context_write(p, &c->context[0], fp);
3317 if (rc)
3318 return rc;
3319 break;
3320 case OCON_IBENDPORT:
3321 len = strlen(c->u.ibendport.dev_name);
3322 buf[0] = cpu_to_le32(len);
3323 buf[1] = cpu_to_le32(c->u.ibendport.port);
3324 rc = put_entry(buf, sizeof(u32), 2, fp);
3325 if (rc)
3326 return rc;
3327 rc = put_entry(c->u.ibendport.dev_name, 1, len, fp);
3328 if (rc)
3329 return rc;
3330 rc = context_write(p, &c->context[0], fp);
3331 if (rc)
3332 return rc;
3333 break;
3334 }
3335 }
3336 }
3337 return 0;
3338}
3339
3340static int genfs_write(struct policydb *p, void *fp)
3341{
3342 struct genfs *genfs;
3343 struct ocontext *c;
3344 size_t len;
3345 __le32 buf[1];
3346 int rc;
3347
3348 len = 0;
3349 for (genfs = p->genfs; genfs; genfs = genfs->next)
3350 len++;
3351 buf[0] = cpu_to_le32(len);
3352 rc = put_entry(buf, sizeof(u32), 1, fp);
3353 if (rc)
3354 return rc;
3355 for (genfs = p->genfs; genfs; genfs = genfs->next) {
3356 len = strlen(genfs->fstype);
3357 buf[0] = cpu_to_le32(len);
3358 rc = put_entry(buf, sizeof(u32), 1, fp);
3359 if (rc)
3360 return rc;
3361 rc = put_entry(genfs->fstype, 1, len, fp);
3362 if (rc)
3363 return rc;
3364 len = 0;
3365 for (c = genfs->head; c; c = c->next)
3366 len++;
3367 buf[0] = cpu_to_le32(len);
3368 rc = put_entry(buf, sizeof(u32), 1, fp);
3369 if (rc)
3370 return rc;
3371 for (c = genfs->head; c; c = c->next) {
3372 len = strlen(c->u.name);
3373 buf[0] = cpu_to_le32(len);
3374 rc = put_entry(buf, sizeof(u32), 1, fp);
3375 if (rc)
3376 return rc;
3377 rc = put_entry(c->u.name, 1, len, fp);
3378 if (rc)
3379 return rc;
3380 buf[0] = cpu_to_le32(c->v.sclass);
3381 rc = put_entry(buf, sizeof(u32), 1, fp);
3382 if (rc)
3383 return rc;
3384 rc = context_write(p, &c->context[0], fp);
3385 if (rc)
3386 return rc;
3387 }
3388 }
3389 return 0;
3390}
3391
3392static int hashtab_cnt(void *key, void *data, void *ptr)
3393{
3394 int *cnt = ptr;
3395 *cnt = *cnt + 1;
3396
3397 return 0;
3398}
3399
3400static int range_write_helper(void *key, void *data, void *ptr)
3401{
3402 __le32 buf[2];
3403 struct range_trans *rt = key;
3404 struct mls_range *r = data;
3405 struct policy_data *pd = ptr;
3406 void *fp = pd->fp;
3407 struct policydb *p = pd->p;
3408 int rc;
3409
3410 buf[0] = cpu_to_le32(rt->source_type);
3411 buf[1] = cpu_to_le32(rt->target_type);
3412 rc = put_entry(buf, sizeof(u32), 2, fp);
3413 if (rc)
3414 return rc;
3415 if (p->policyvers >= POLICYDB_VERSION_RANGETRANS) {
3416 buf[0] = cpu_to_le32(rt->target_class);
3417 rc = put_entry(buf, sizeof(u32), 1, fp);
3418 if (rc)
3419 return rc;
3420 }
3421 rc = mls_write_range_helper(r, fp);
3422 if (rc)
3423 return rc;
3424
3425 return 0;
3426}
3427
3428static int range_write(struct policydb *p, void *fp)
3429{
3430 __le32 buf[1];
3431 int rc, nel;
3432 struct policy_data pd;
3433
3434 pd.p = p;
3435 pd.fp = fp;
3436
3437
3438 nel = 0;
3439 rc = hashtab_map(p->range_tr, hashtab_cnt, &nel);
3440 if (rc)
3441 return rc;
3442
3443 buf[0] = cpu_to_le32(nel);
3444 rc = put_entry(buf, sizeof(u32), 1, fp);
3445 if (rc)
3446 return rc;
3447
3448
3449 rc = hashtab_map(p->range_tr, range_write_helper, &pd);
3450 if (rc)
3451 return rc;
3452
3453 return 0;
3454}
3455
3456static int filename_write_helper(void *key, void *data, void *ptr)
3457{
3458 __le32 buf[4];
3459 struct filename_trans *ft = key;
3460 struct filename_trans_datum *otype = data;
3461 void *fp = ptr;
3462 int rc;
3463 u32 len;
3464
3465 len = strlen(ft->name);
3466 buf[0] = cpu_to_le32(len);
3467 rc = put_entry(buf, sizeof(u32), 1, fp);
3468 if (rc)
3469 return rc;
3470
3471 rc = put_entry(ft->name, sizeof(char), len, fp);
3472 if (rc)
3473 return rc;
3474
3475 buf[0] = cpu_to_le32(ft->stype);
3476 buf[1] = cpu_to_le32(ft->ttype);
3477 buf[2] = cpu_to_le32(ft->tclass);
3478 buf[3] = cpu_to_le32(otype->otype);
3479
3480 rc = put_entry(buf, sizeof(u32), 4, fp);
3481 if (rc)
3482 return rc;
3483
3484 return 0;
3485}
3486
3487static int filename_trans_write(struct policydb *p, void *fp)
3488{
3489 u32 nel;
3490 __le32 buf[1];
3491 int rc;
3492
3493 if (p->policyvers < POLICYDB_VERSION_FILENAME_TRANS)
3494 return 0;
3495
3496 nel = 0;
3497 rc = hashtab_map(p->filename_trans, hashtab_cnt, &nel);
3498 if (rc)
3499 return rc;
3500
3501 buf[0] = cpu_to_le32(nel);
3502 rc = put_entry(buf, sizeof(u32), 1, fp);
3503 if (rc)
3504 return rc;
3505
3506 rc = hashtab_map(p->filename_trans, filename_write_helper, fp);
3507 if (rc)
3508 return rc;
3509
3510 return 0;
3511}
3512
3513
3514
3515
3516
3517
3518int policydb_write(struct policydb *p, void *fp)
3519{
3520 unsigned int i, num_syms;
3521 int rc;
3522 __le32 buf[4];
3523 u32 config;
3524 size_t len;
3525 struct policydb_compat_info *info;
3526
3527
3528
3529
3530
3531
3532
3533 if (p->policyvers < POLICYDB_VERSION_AVTAB) {
3534 printk(KERN_ERR "SELinux: refusing to write policy version %d."
3535 " Because it is less than version %d\n", p->policyvers,
3536 POLICYDB_VERSION_AVTAB);
3537 return -EINVAL;
3538 }
3539
3540 config = 0;
3541 if (p->mls_enabled)
3542 config |= POLICYDB_CONFIG_MLS;
3543
3544 if (p->reject_unknown)
3545 config |= REJECT_UNKNOWN;
3546 if (p->allow_unknown)
3547 config |= ALLOW_UNKNOWN;
3548
3549
3550 buf[0] = cpu_to_le32(POLICYDB_MAGIC);
3551 len = strlen(POLICYDB_STRING);
3552 buf[1] = cpu_to_le32(len);
3553 rc = put_entry(buf, sizeof(u32), 2, fp);
3554 if (rc)
3555 return rc;
3556 rc = put_entry(POLICYDB_STRING, 1, len, fp);
3557 if (rc)
3558 return rc;
3559
3560
3561 info = policydb_lookup_compat(p->policyvers);
3562 if (!info) {
3563 printk(KERN_ERR "SELinux: compatibility lookup failed for policy "
3564 "version %d", p->policyvers);
3565 return -EINVAL;
3566 }
3567
3568 buf[0] = cpu_to_le32(p->policyvers);
3569 buf[1] = cpu_to_le32(config);
3570 buf[2] = cpu_to_le32(info->sym_num);
3571 buf[3] = cpu_to_le32(info->ocon_num);
3572
3573 rc = put_entry(buf, sizeof(u32), 4, fp);
3574 if (rc)
3575 return rc;
3576
3577 if (p->policyvers >= POLICYDB_VERSION_POLCAP) {
3578 rc = ebitmap_write(&p->policycaps, fp);
3579 if (rc)
3580 return rc;
3581 }
3582
3583 if (p->policyvers >= POLICYDB_VERSION_PERMISSIVE) {
3584 rc = ebitmap_write(&p->permissive_map, fp);
3585 if (rc)
3586 return rc;
3587 }
3588
3589 num_syms = info->sym_num;
3590 for (i = 0; i < num_syms; i++) {
3591 struct policy_data pd;
3592
3593 pd.fp = fp;
3594 pd.p = p;
3595
3596 buf[0] = cpu_to_le32(p->symtab[i].nprim);
3597 buf[1] = cpu_to_le32(p->symtab[i].table->nel);
3598
3599 rc = put_entry(buf, sizeof(u32), 2, fp);
3600 if (rc)
3601 return rc;
3602 rc = hashtab_map(p->symtab[i].table, write_f[i], &pd);
3603 if (rc)
3604 return rc;
3605 }
3606
3607 rc = avtab_write(p, &p->te_avtab, fp);
3608 if (rc)
3609 return rc;
3610
3611 rc = cond_write_list(p, p->cond_list, fp);
3612 if (rc)
3613 return rc;
3614
3615 rc = role_trans_write(p, fp);
3616 if (rc)
3617 return rc;
3618
3619 rc = role_allow_write(p->role_allow, fp);
3620 if (rc)
3621 return rc;
3622
3623 rc = filename_trans_write(p, fp);
3624 if (rc)
3625 return rc;
3626
3627 rc = ocontext_write(p, info, fp);
3628 if (rc)
3629 return rc;
3630
3631 rc = genfs_write(p, fp);
3632 if (rc)
3633 return rc;
3634
3635 rc = range_write(p, fp);
3636 if (rc)
3637 return rc;
3638
3639 for (i = 0; i < p->p_types.nprim; i++) {
3640 struct ebitmap *e = flex_array_get(p->type_attr_map_array, i);
3641
3642 BUG_ON(!e);
3643 rc = ebitmap_write(e, fp);
3644 if (rc)
3645 return rc;
3646 }
3647
3648 return 0;
3649}
3650
