All of lore.kernel.org
 help / color / mirror / Atom feed
* [meta-oe][PATCH] dbus-broker: backport patches to fix policy with SELinux nodes
@ 2020-02-06 14:08 luca.boccassi
  0 siblings, 0 replies; only message in thread
From: luca.boccassi @ 2020-02-06 14:08 UTC (permalink / raw)
  To: openembedded-devel

From: Luca Boccassi <luca.boccassi@microsoft.com>

Backport from master: https://github.com/bus1/dbus-broker/pull/213
---
 ...icy-fix-crash-when-importing-selinux.patch | 50 ++++++++++++++++
 ...icy-fix-crash-when-exporting-selinux.patch | 59 +++++++++++++++++++
 meta-oe/recipes-core/dbus/dbus-broker_21.bb   |  2 +
 3 files changed, 111 insertions(+)
 create mode 100644 meta-oe/recipes-core/dbus/dbus-broker/0005-launch-policy-fix-crash-when-importing-selinux.patch
 create mode 100644 meta-oe/recipes-core/dbus/dbus-broker/0006-launch-policy-fix-crash-when-exporting-selinux.patch

diff --git a/meta-oe/recipes-core/dbus/dbus-broker/0005-launch-policy-fix-crash-when-importing-selinux.patch b/meta-oe/recipes-core/dbus/dbus-broker/0005-launch-policy-fix-crash-when-importing-selinux.patch
new file mode 100644
index 000000000..c5f3092ee
--- /dev/null
+++ b/meta-oe/recipes-core/dbus/dbus-broker/0005-launch-policy-fix-crash-when-importing-selinux.patch
@@ -0,0 +1,50 @@
+From d28e59c451375e8b08fa431b1d64cb3ce9f078ee Mon Sep 17 00:00:00 2001
+From: Luca Boccassi <luca.boccassi@microsoft.com>
+Date: Fri, 25 Oct 2019 21:04:36 +0100
+Subject: [PATCH 1/2] launch/policy: fix crash when importing <selinux>
+
+If a policy contains a <selinux> element, dbus-broker-launch crashes:
+
+Oct 22 12:02:51 localhost dbus-broker-launch[885]: dbus-broker-launch: ../dbus-broker-19/src/launch/policy.c:232: policy_import_verdict: Assertion `cnode->parent->type == CONFIG_NODE_POLICY' failed.
+
+Minimal config to reproduce:
+
+<!DOCTYPE busconfig PUBLIC "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN"
+ "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
+<busconfig>
+  <selinux>
+    <associate own="com.example1" context="system_u:object_r:example1_t" />
+    <associate own="com.example2" context="system_u:object_r:example2_t" />
+  </selinux>
+</busconfig>
+
+policy_import_verdict is being called on an associate element,
+but not only it cannot work as that function checks that the
+parent is a policy node (but it's a selinux node in this case),
+it is also not necessary as the selinux node only defines ownership,
+it does not have allow/deny.
+
+Fixes #212
+
+Signed-off-by: Luca Boccassi <luca.boccassi@microsoft.com>
+Upstream-Status: merged https://github.com/bus1/dbus-broker/pull/213
+---
+ src/launch/policy.c | 2 --
+ 1 file changed, 2 deletions(-)
+
+diff --git a/src/launch/policy.c b/src/launch/policy.c
+index a8ba8e7..466e4bd 100644
+--- a/src/launch/policy.c
++++ b/src/launch/policy.c
+@@ -613,8 +613,6 @@ static int policy_import_selinux(Policy *policy, ConfigNode *cnode) {
+         if (r)
+                 return error_trace(r);
+ 
+-        policy_import_verdict(policy, record, cnode);
+-
+         record->selinux.name = cnode->associate.own;
+         record->selinux.context = cnode->associate.context;
+ 
+-- 
+2.20.1
+
diff --git a/meta-oe/recipes-core/dbus/dbus-broker/0006-launch-policy-fix-crash-when-exporting-selinux.patch b/meta-oe/recipes-core/dbus/dbus-broker/0006-launch-policy-fix-crash-when-exporting-selinux.patch
new file mode 100644
index 000000000..51f45361b
--- /dev/null
+++ b/meta-oe/recipes-core/dbus/dbus-broker/0006-launch-policy-fix-crash-when-exporting-selinux.patch
@@ -0,0 +1,59 @@
+From f1cdef4d98ddbfeeb4a688712d54b3adc89bfe26 Mon Sep 17 00:00:00 2001
+From: Luca Boccassi <luca.boccassi@microsoft.com>
+Date: Fri, 25 Oct 2019 21:05:43 +0100
+Subject: [PATCH 2/2] launch/policy: fix crash when exporting <selinux>
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+If a policy contains a <selinux> element, dbus-broker-launch crashes:
+
+[   30.048705] dbus-broker-launch[221]: ERROR policy_export @ ../dbus-broker-21/src/launch/policy.c +1142: Return code 1
+[   30.050963] dbus-broker-launch[221]:       launcher_add_listener @ ../dbus-broker-21/src/launch/launcher.c +1130
+[   30.079620] dbus-broker[228]: Dispatched 0 messages @ 0(±0)μs / message.
+[   30.082613] dbus-broker-launch[221]:       launcher_run @ ../dbus-broker-21/src/launch/launcher.c +1389
+[   30.084426] dbus-broker-launch[221]:       run @ ../dbus-broker-21/src/launch/main.c +153
+[   30.085797] dbus-broker-launch[221]:       main @ ../dbus-broker-21/src/launch/main.c +181
+[   30.087208] dbus-broker-launch[221]: Exiting due to fatal error: -131
+
+Minimal config to reproduce:
+
+<!DOCTYPE busconfig PUBLIC "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN"
+ "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
+<busconfig>
+  <selinux>
+    <associate own="com.example1" context="system_u:object_r:example1_t" />
+    <associate own="com.example2" context="system_u:object_r:example2_t" />
+  </selinux>
+</busconfig>
+
+As per the libsystemd API, sd_bus_message_append can return an int
+greater than 0 on success, which for example happens when processing
+vectors.
+The export function is treating every non-zero result as an error,
+which causes dbus-broker-launch to terminate.
+
+Fixes #212
+
+Signed-off-by: Luca Boccassi <luca.boccassi@microsoft.com>
+Upstream-Status: merged https://github.com/bus1/dbus-broker/pull/213
+---
+ src/launch/policy.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/launch/policy.c b/src/launch/policy.c
+index 466e4bd..f91f11b 100644
+--- a/src/launch/policy.c
++++ b/src/launch/policy.c
+@@ -1138,7 +1138,7 @@ int policy_export(Policy *policy, sd_bus_message *m, uint32_t *at_console_uids,
+                 r = sd_bus_message_append(m, "(ss)",
+                                           i_record->selinux.name,
+                                           i_record->selinux.context);
+-                if (r)
++                if (r < 0)
+                         return error_origin(r);
+         }
+ 
+-- 
+2.20.1
+
diff --git a/meta-oe/recipes-core/dbus/dbus-broker_21.bb b/meta-oe/recipes-core/dbus/dbus-broker_21.bb
index 8b4101aaf..bad442776 100644
--- a/meta-oe/recipes-core/dbus/dbus-broker_21.bb
+++ b/meta-oe/recipes-core/dbus/dbus-broker_21.bb
@@ -11,6 +11,8 @@ SRC_URI += " file://0001-launch-improve-error-handling-for-opendir.patch"
 SRC_URI += " file://0002-metrics-change-the-constant-used-for-invalid-timesta.patch"
 SRC_URI += " file://0003-dbus-socket-treat-MSG_CTRUNC-gracefully.patch"
 SRC_URI += " file://0004-launcher-fix-build-with-musl-libc.patch"
+SRC_URI += " file://0005-launch-policy-fix-crash-when-importing-selinux.patch"
+SRC_URI += " file://0006-launch-policy-fix-crash-when-exporting-selinux.patch"
 SRC_URI[md5sum] = "a17886a92ab1e0bc2e4b1a274339e388"
 SRC_URI[sha256sum] = "6fff9a831a514659e2c7d704e76867ce31ebcf43e8d7a62e080c6656f64cd39e"
 
-- 
2.20.1



^ permalink raw reply related	[flat|nested] only message in thread
only message in thread, other threads:[~2020-02-06 14:08 UTC | newest]

Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-02-06 14:08 [meta-oe][PATCH] dbus-broker: backport patches to fix policy with SELinux nodes luca.boccassi

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.