When converting a non-MLS kernel binary policy to CIL, write the CIL default MLS rules (since CIL requires at least one sensitivity, and sensitivityorder statements) on separate lines. This improves the readability of the resulting CIL policy. Signed-off-by: James Carter <jwcart2@gmail.com> --- v2: No changes libsepol/src/kernel_to_cil.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/libsepol/src/kernel_to_cil.c b/libsepol/src/kernel_to_cil.c index ede78a20..cca77251 100644 --- a/libsepol/src/kernel_to_cil.c +++ b/libsepol/src/kernel_to_cil.c @@ -777,9 +777,9 @@ exit: static void write_default_mls_level(FILE *out) { - sepol_printf(out, "(sensitivity s0)"); - sepol_printf(out, "(sensitivityorder (s0))"); - sepol_printf(out, "(level %s (s0))", DEFAULT_LEVEL); + sepol_printf(out, "(sensitivity s0)\n"); + sepol_printf(out, "(sensitivityorder (s0))\n"); + sepol_printf(out, "(level %s (s0))\n", DEFAULT_LEVEL); } static int map_sensitivity_aliases_to_strs(char *key, void *data, void *args) -- 2.25.4
Improves writing of CIL sensitivity rules when converting MLS kernel policy to CIL. No changes to functionality, but eliminate useless checks for sensitivity aliases when using the p_sens_val_to_name array, find the actual number of aliases before allocating memory, and skip the sensitivity alias rules if there are no aliases. Signed-off-by: James Carter <jwcart2@gmail.com> --- v2: Add "__attribute__((unused))" to unused parameters as suggested by Nicolas Iooss libsepol/src/kernel_to_cil.c | 59 ++++++++++++++++++------------------ 1 file changed, 29 insertions(+), 30 deletions(-) diff --git a/libsepol/src/kernel_to_cil.c b/libsepol/src/kernel_to_cil.c index cca77251..b84da3e5 100644 --- a/libsepol/src/kernel_to_cil.c +++ b/libsepol/src/kernel_to_cil.c @@ -782,6 +782,17 @@ static void write_default_mls_level(FILE *out) sepol_printf(out, "(level %s (s0))\n", DEFAULT_LEVEL); } +static int map_count_sensitivity_aliases(__attribute__((unused)) char *key, void *data, void *args) +{ + level_datum_t *sens = data; + unsigned *count = args; + + if (sens->isalias) + (*count)++; + + return SEPOL_OK; +} + static int map_sensitivity_aliases_to_strs(char *key, void *data, void *args) { level_datum_t *sens = data; @@ -799,26 +810,13 @@ static int write_sensitivity_rules_to_cil(FILE *out, struct policydb *pdb) { level_datum_t *level; char *prev, *name, *actual; - struct strs *strs; - unsigned i, num; + struct strs *strs = NULL; + unsigned i, num = 0; int rc = 0; - rc = strs_init(&strs, pdb->p_levels.nprim); - if (rc != 0) { - goto exit; - } - /* sensitivities */ for (i=0; i < pdb->p_levels.nprim; i++) { name = pdb->p_sens_val_to_name[i]; - if (!name) continue; - level = hashtab_search(pdb->p_levels.table, name); - if (!level) { - rc = -1; - goto exit; - } - if (level->isalias) continue; - sepol_printf(out, "(sensitivity %s)\n", name); } @@ -827,14 +825,6 @@ static int write_sensitivity_rules_to_cil(FILE *out, struct policydb *pdb) prev = NULL; for (i=0; i < pdb->p_levels.nprim; i++) { name = pdb->p_sens_val_to_name[i]; - if (!name) continue; - level = hashtab_search(pdb->p_levels.table, name); - if (!level) { - rc = -1; - goto exit; - } - if (level->isalias) continue; - if (prev) { sepol_printf(out, "%s ", prev); } @@ -845,6 +835,22 @@ static int write_sensitivity_rules_to_cil(FILE *out, struct policydb *pdb) } sepol_printf(out, "))\n"); + rc = hashtab_map(pdb->p_levels.table, map_count_sensitivity_aliases, &num); + if (rc != 0) { + goto exit; + } + + if (num == 0) { + /* No aliases, so skip sensitivity alias rules */ + rc = 0; + goto exit; + } + + rc = strs_init(&strs, num); + if (rc != 0) { + goto exit; + } + rc = hashtab_map(pdb->p_levels.table, map_sensitivity_aliases_to_strs, strs); if (rc != 0) { goto exit; @@ -852,16 +858,9 @@ static int write_sensitivity_rules_to_cil(FILE *out, struct policydb *pdb) strs_sort(strs); - num = strs_num_items(strs); - /* sensitivity aliases */ for (i=0; i < num; i++) { name = strs_read_at_index(strs, i); - level = hashtab_search(pdb->p_levels.table, name); - if (!level) { - rc = -1; - goto exit; - } sepol_printf(out, "(sensitivityalias %s)\n", name); } -- 2.25.4
Improves writing of CIL category rules when converting MLS kernel policy to CIL. No changes to functionality, but eliminate useless checks for category aliases when using the p_cat_val_to_name array, find the actual number of aliases before allocating memory, and skip the category alias rules if there are no aliases. Signed-off-by: James Carter <jwcart2@gmail.com> --- v2: Add "__attribute__((unused))" to unused parameters as suggested by Nicolas Iooss libsepol/src/kernel_to_cil.c | 59 ++++++++++++++++++------------------ 1 file changed, 29 insertions(+), 30 deletions(-) diff --git a/libsepol/src/kernel_to_cil.c b/libsepol/src/kernel_to_cil.c index b84da3e5..36c6c682 100644 --- a/libsepol/src/kernel_to_cil.c +++ b/libsepol/src/kernel_to_cil.c @@ -886,6 +886,17 @@ exit: return rc; } +static int map_count_category_aliases(__attribute__((unused)) char *key, void *data, void *args) +{ + cat_datum_t *cat = data; + unsigned *count = args; + + if (cat->isalias) + (*count)++; + + return SEPOL_OK; +} + static int map_category_aliases_to_strs(char *key, void *data, void *args) { cat_datum_t *cat = data; @@ -903,26 +914,13 @@ static int write_category_rules_to_cil(FILE *out, struct policydb *pdb) { cat_datum_t *cat; char *prev, *name, *actual; - struct strs *strs; - unsigned i, num; + struct strs *strs = NULL; + unsigned i, num = 0; int rc = 0; - rc = strs_init(&strs, pdb->p_levels.nprim); - if (rc != 0) { - goto exit; - } - /* categories */ for (i=0; i < pdb->p_cats.nprim; i++) { name = pdb->p_cat_val_to_name[i]; - if (!name) continue; - cat = hashtab_search(pdb->p_cats.table, name); - if (!cat) { - rc = -1; - goto exit; - } - if (cat->isalias) continue; - sepol_printf(out, "(category %s)\n", name); } @@ -931,14 +929,6 @@ static int write_category_rules_to_cil(FILE *out, struct policydb *pdb) prev = NULL; for (i=0; i < pdb->p_cats.nprim; i++) { name = pdb->p_cat_val_to_name[i]; - if (!name) continue; - cat = hashtab_search(pdb->p_cats.table, name); - if (!cat) { - rc = -1; - goto exit; - } - if (cat->isalias) continue; - if (prev) { sepol_printf(out, "%s ", prev); } @@ -949,6 +939,22 @@ static int write_category_rules_to_cil(FILE *out, struct policydb *pdb) } sepol_printf(out, "))\n"); + rc = hashtab_map(pdb->p_cats.table, map_count_category_aliases, &num); + if (rc != 0) { + goto exit; + } + + if (num == 0) { + /* No aliases, so skip category alias rules */ + rc = 0; + goto exit; + } + + rc = strs_init(&strs, num); + if (rc != 0) { + goto exit; + } + rc = hashtab_map(pdb->p_cats.table, map_category_aliases_to_strs, strs); if (rc != 0) { goto exit; @@ -956,16 +962,9 @@ static int write_category_rules_to_cil(FILE *out, struct policydb *pdb) strs_sort(strs); - num = strs_num_items(strs); - /* category aliases */ for (i=0; i < num; i++) { name = strs_read_at_index(strs, i); - cat = hashtab_search(pdb->p_cats.table, name); - if (!cat) { - rc = -1; - goto exit; - } sepol_printf(out, "(categoryalias %s)\n", name); } -- 2.25.4
On Fri, May 22, 2020 at 10:58 AM James Carter <jwcart2@gmail.com> wrote:
>
> Improves writing of CIL category rules when converting MLS kernel
> policy to CIL. No changes to functionality, but eliminate useless
> checks for category aliases when using the p_cat_val_to_name array,
> find the actual number of aliases before allocating memory, and
> skip the category alias rules if there are no aliases.
>
> Signed-off-by: James Carter <jwcart2@gmail.com>
This series looks fine to me but do you have a test case that exercises it?
[-- Attachment #1: Type: text/plain, Size: 660 bytes --] On Wed, May 27, 2020 at 12:44 PM Stephen Smalley <stephen.smalley.work@gmail.com> wrote: > > On Fri, May 22, 2020 at 10:58 AM James Carter <jwcart2@gmail.com> wrote: > > > > Improves writing of CIL category rules when converting MLS kernel > > policy to CIL. No changes to functionality, but eliminate useless > > checks for category aliases when using the p_cat_val_to_name array, > > find the actual number of aliases before allocating memory, and > > skip the category alias rules if there are no aliases. > > > > Signed-off-by: James Carter <jwcart2@gmail.com> > > This series looks fine to me but do you have a test case that exercises it? See attached. [-- Attachment #2: alias.cil --] [-- Type: application/vnd.ms-artgalry, Size: 978 bytes --] [-- Attachment #3: test_cil_alias.sh --] [-- Type: application/x-shellscript, Size: 414 bytes --]
On Wed, May 27, 2020 at 1:20 PM James Carter <jwcart2@gmail.com> wrote:
>
> On Wed, May 27, 2020 at 12:44 PM Stephen Smalley
> <stephen.smalley.work@gmail.com> wrote:
> >
> > On Fri, May 22, 2020 at 10:58 AM James Carter <jwcart2@gmail.com> wrote:
> > >
> > > Improves writing of CIL category rules when converting MLS kernel
> > > policy to CIL. No changes to functionality, but eliminate useless
> > > checks for category aliases when using the p_cat_val_to_name array,
> > > find the actual number of aliases before allocating memory, and
> > > skip the category alias rules if there are no aliases.
> > >
> > > Signed-off-by: James Carter <jwcart2@gmail.com>
> >
> > This series looks fine to me but do you have a test case that exercises it?
>
> See attached.
Ok we should likely try to move some of these out of tree tests into
the set of tests exercised by
make test in libsepol or checkpolicy or secilc and thereby get them
regression tested by travis-ci.
Regardless, for this series,
Acked-by: Stephen Smalley <stephen.smalley.work@gmail.com>
On Wed, May 27, 2020 at 3:23 PM Stephen Smalley
<stephen.smalley.work@gmail.com> wrote:
>
> On Wed, May 27, 2020 at 1:20 PM James Carter <jwcart2@gmail.com> wrote:
> >
> > On Wed, May 27, 2020 at 12:44 PM Stephen Smalley
> > <stephen.smalley.work@gmail.com> wrote:
> > >
> > > On Fri, May 22, 2020 at 10:58 AM James Carter <jwcart2@gmail.com> wrote:
> > > >
> > > > Improves writing of CIL category rules when converting MLS kernel
> > > > policy to CIL. No changes to functionality, but eliminate useless
> > > > checks for category aliases when using the p_cat_val_to_name array,
> > > > find the actual number of aliases before allocating memory, and
> > > > skip the category alias rules if there are no aliases.
> > > >
> > > > Signed-off-by: James Carter <jwcart2@gmail.com>
> > >
> > > This series looks fine to me but do you have a test case that exercises it?
> >
> > See attached.
>
> Ok we should likely try to move some of these out of tree tests into
> the set of tests exercised by
> make test in libsepol or checkpolicy or secilc and thereby get them
> regression tested by travis-ci.
>
> Regardless, for this series,
> Acked-by: Stephen Smalley <stephen.smalley.work@gmail.com>
Applied.