[PATCH v3 2/2] libsepol: Fix type alias handling in kernel_to_conf

From: James Carter <jwcart2@gmail.com>
To: selinux@vger.kernel.org
Cc: James Carter <jwcart2@gmail.com>
Subject: [PATCH v3 2/2] libsepol: Fix type alias handling in kernel_to_conf
Date: Fri, 22 May 2020 10:50:38 -0400	[thread overview]
Message-ID: <20200522145038.194209-2-jwcart2@gmail.com> (raw)
In-Reply-To: <20200522145038.194209-1-jwcart2@gmail.com>

Type alias rules are not written out when converting a binary kernel
policy to a policy.conf. The problem is that type aliases are not in
the type_val_to_struct array and that is what is being used to find
the aliases.

Since type aliases are only in the types hashtable, walk that to
find the type aliases.

Fixed the syntax of the typalias rule which requires "alias" to come
between the type and the aliases (ex/ typealias TYPE alias ALIAS;).

Fixes: 0a08fd1e69797d6a ("libsepol: Add ability to convert binary
       policy to policy.conf file")

Signed-off-by: James Carter <jwcart2@gmail.com>
---
v2: Fix typealias syntax
v3: Add "__attribute__((unused))" to unused parameters as suggested by
    Nicolas Iooss

 libsepol/src/kernel_to_conf.c | 47 +++++++++++++++++++++++++----------
 1 file changed, 34 insertions(+), 13 deletions(-)

diff --git a/libsepol/src/kernel_to_conf.c b/libsepol/src/kernel_to_conf.c
index 9de64832..046d76a4 100644
--- a/libsepol/src/kernel_to_conf.c
+++ b/libsepol/src/kernel_to_conf.c
@@ -1353,34 +1353,55 @@ exit:
 	return rc;
 }
 
+static int map_count_type_aliases(__attribute__((unused)) char *key, void *data, void *args)
+{
+	type_datum_t *datum = data;
+	unsigned *count = args;
+
+	if (datum->primary == 0 && datum->flavor == TYPE_TYPE)
+		(*count)++;
+
+	return SEPOL_OK;
+}
+
+static int map_type_aliases_to_strs(char *key, void *data, void *args)
+{
+	type_datum_t *datum = data;
+	struct strs *strs = args;
+	int rc = 0;
+
+	if (datum->primary == 0 && datum->flavor == TYPE_TYPE)
+		rc = strs_add(strs, key);
+
+	return rc;
+}
+
 static int write_type_alias_rules_to_conf(FILE *out, struct policydb *pdb)
 {
 	type_datum_t *alias;
 	struct strs *strs;
 	char *name;
 	char *type;
-	unsigned i, num;
+	unsigned i, num = 0;
 	int rc = 0;
 
-	rc = strs_init(&strs, pdb->p_types.nprim);
+	rc = hashtab_map(pdb->p_types.table, map_count_type_aliases, &num);
 	if (rc != 0) {
 		goto exit;
 	}
 
-	for (i=0; i < pdb->p_types.nprim; i++) {
-		alias = pdb->type_val_to_struct[i];
-		if (!alias->primary) {
-			rc = strs_add(strs, pdb->p_type_val_to_name[i]);
-			if (rc != 0) {
-				goto exit;
-			}
-		}
+	rc = strs_init(&strs, num);
+	if (rc != 0) {
+		goto exit;
 	}
 
+	rc = hashtab_map(pdb->p_types.table, map_type_aliases_to_strs, strs);
+	if (rc != 0) {
+		goto exit;
+	}
+	
 	strs_sort(strs);
 
-	num = strs_num_items(strs);
-
 	for (i=0; i<num; i++) {
 		name = strs_read_at_index(strs, i);
 		if (!name) {
@@ -1393,7 +1414,7 @@ static int write_type_alias_rules_to_conf(FILE *out, struct policydb *pdb)
 			goto exit;
 		}
 		type = pdb->p_type_val_to_name[alias->s.value - 1];
-		sepol_printf(out, "typealias %s %s;\n", type, name);
+		sepol_printf(out, "typealias %s alias %s;\n", type, name);
 	}
 
 exit:
-- 
2.25.4

