All of lore.kernel.org
 help / color / mirror / Atom feed
* [PATCH] libsepol: Quote paths when generating policy.conf from binary policy
@ 2021-06-16 14:48 James Carter
  2021-06-18 14:53 ` Petr Lautrbach
  0 siblings, 1 reply; 3+ messages in thread
From: James Carter @ 2021-06-16 14:48 UTC (permalink / raw)
  To: selinux; +Cc: James Carter

Christian Göttsche <cgzones@googlemail.com> submitted a similar patch
to quote paths when generating CIL policy from a binary policy.

Since genfscon and devicetreecon rules have paths which are allowed
to contain spaces, always quote the path when writing out these rules.

Signed-off-by: James Carter <jwcart2@gmail.com>
---
 libsepol/src/kernel_to_conf.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/libsepol/src/kernel_to_conf.c b/libsepol/src/kernel_to_conf.c
index 5db47fe4..ffdf179a 100644
--- a/libsepol/src/kernel_to_conf.c
+++ b/libsepol/src/kernel_to_conf.c
@@ -2527,7 +2527,7 @@ static int write_genfscon_rules_to_conf(FILE *out, struct policydb *pdb)
 				goto exit;
 			}
 
-			rc = strs_create_and_add(strs, "genfscon %s %s %s", 3,
+			rc = strs_create_and_add(strs, "genfscon %s \"%s\" %s", 3,
 						 fstype, name, ctx);
 			free(ctx);
 			if (rc != 0) {
@@ -2992,7 +2992,7 @@ static int write_xen_devicetree_rules_to_conf(FILE *out, struct policydb *pdb)
 			goto exit;
 		}
 
-		sepol_printf(out, "devicetreecon %s %s\n", name, ctx);
+		sepol_printf(out, "devicetreecon \"%s\" %s\n", name, ctx);
 
 		free(ctx);
 	}
-- 
2.26.3


^ permalink raw reply related	[flat|nested] 3+ messages in thread
* Re: [PATCH] libsepol: Quote paths when generating policy.conf from binary policy
  2021-06-16 14:48 [PATCH] libsepol: Quote paths when generating policy.conf from binary policy James Carter
@ 2021-06-18 14:53 ` Petr Lautrbach
  2021-06-22 13:38   ` James Carter
  0 siblings, 1 reply; 3+ messages in thread
From: Petr Lautrbach @ 2021-06-18 14:53 UTC (permalink / raw)
  To: James Carter, selinux; +Cc: James Carter

James Carter <jwcart2@gmail.com> writes:

> Christian Göttsche <cgzones@googlemail.com> submitted a similar patch
> to quote paths when generating CIL policy from a binary policy.
>
> Since genfscon and devicetreecon rules have paths which are allowed
> to contain spaces, always quote the path when writing out these rules.
>
> Signed-off-by: James Carter <jwcart2@gmail.com>

Acked-by: Petr Lautrbach <plautrba@redhat.com>



> ---
>  libsepol/src/kernel_to_conf.c | 4 ++--
>  1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/libsepol/src/kernel_to_conf.c b/libsepol/src/kernel_to_conf.c
> index 5db47fe4..ffdf179a 100644
> --- a/libsepol/src/kernel_to_conf.c
> +++ b/libsepol/src/kernel_to_conf.c
> @@ -2527,7 +2527,7 @@ static int write_genfscon_rules_to_conf(FILE *out, struct policydb *pdb)
>  				goto exit;
>  			}
>  
> -			rc = strs_create_and_add(strs, "genfscon %s %s %s", 3,
> +			rc = strs_create_and_add(strs, "genfscon %s \"%s\" %s", 3,
>  						 fstype, name, ctx);
>  			free(ctx);
>  			if (rc != 0) {
> @@ -2992,7 +2992,7 @@ static int write_xen_devicetree_rules_to_conf(FILE *out, struct policydb *pdb)
>  			goto exit;
>  		}
>  
> -		sepol_printf(out, "devicetreecon %s %s\n", name, ctx);
> +		sepol_printf(out, "devicetreecon \"%s\" %s\n", name, ctx);
>  
>  		free(ctx);
>  	}
> -- 
> 2.26.3


^ permalink raw reply	[flat|nested] 3+ messages in thread
* Re: [PATCH] libsepol: Quote paths when generating policy.conf from binary policy
  2021-06-18 14:53 ` Petr Lautrbach
@ 2021-06-22 13:38   ` James Carter
  0 siblings, 0 replies; 3+ messages in thread
From: James Carter @ 2021-06-22 13:38 UTC (permalink / raw)
  To: Petr Lautrbach; +Cc: SElinux list

On Fri, Jun 18, 2021 at 10:53 AM Petr Lautrbach <plautrba@redhat.com> wrote:
>
> James Carter <jwcart2@gmail.com> writes:
>
> > Christian Göttsche <cgzones@googlemail.com> submitted a similar patch
> > to quote paths when generating CIL policy from a binary policy.
> >
> > Since genfscon and devicetreecon rules have paths which are allowed
> > to contain spaces, always quote the path when writing out these rules.
> >
> > Signed-off-by: James Carter <jwcart2@gmail.com>
>
> Acked-by: Petr Lautrbach <plautrba@redhat.com>
>

This has been merged.
Jim

>
>
> > ---
> >  libsepol/src/kernel_to_conf.c | 4 ++--
> >  1 file changed, 2 insertions(+), 2 deletions(-)
> >
> > diff --git a/libsepol/src/kernel_to_conf.c b/libsepol/src/kernel_to_conf.c
> > index 5db47fe4..ffdf179a 100644
> > --- a/libsepol/src/kernel_to_conf.c
> > +++ b/libsepol/src/kernel_to_conf.c
> > @@ -2527,7 +2527,7 @@ static int write_genfscon_rules_to_conf(FILE *out, struct policydb *pdb)
> >                               goto exit;
> >                       }
> >
> > -                     rc = strs_create_and_add(strs, "genfscon %s %s %s", 3,
> > +                     rc = strs_create_and_add(strs, "genfscon %s \"%s\" %s", 3,
> >                                                fstype, name, ctx);
> >                       free(ctx);
> >                       if (rc != 0) {
> > @@ -2992,7 +2992,7 @@ static int write_xen_devicetree_rules_to_conf(FILE *out, struct policydb *pdb)
> >                       goto exit;
> >               }
> >
> > -             sepol_printf(out, "devicetreecon %s %s\n", name, ctx);
> > +             sepol_printf(out, "devicetreecon \"%s\" %s\n", name, ctx);
> >
> >               free(ctx);
> >       }
> > --
> > 2.26.3
>

^ permalink raw reply	[flat|nested] 3+ messages in thread
end of thread, other threads:[~2021-06-22 13:39 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-06-16 14:48 [PATCH] libsepol: Quote paths when generating policy.conf from binary policy James Carter
2021-06-18 14:53 ` Petr Lautrbach
2021-06-22 13:38   ` James Carter

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.