extractedLnx/linux-2.6.33/security/selinux/ss/policydb.c_policydb_read.c
int policydb_read(struct policydb *p, void *fp)
{
struct role_allow *ra, *lra;
struct role_trans *tr, *ltr;
struct ocontext *l, *c, *newc;
struct genfs *genfs_p, *genfs, *newgenfs;
int i, j, rc;
__le32 buf[4];
u32 nodebuf[8];
u32 len, len2, config, nprim, nel, nel2;
char *policydb_str;
struct policydb_compat_info *info;
struct range_trans *rt, *lrt;
config = 0;
rc = policydb_init(p);
if (rc)
goto out;
/* Read the magic number and string length. */
rc = next_entry(buf, fp, sizeof(u32) * 2);
if (rc < 0)
goto bad;
if (le32_to_cpu(buf[0]) != POLICYDB_MAGIC) {
printk(KERN_ERR "SELinux: policydb magic number 0x%x does "
"not match expected magic number 0x%x\n",
le32_to_cpu(buf[0]), POLICYDB_MAGIC);
goto bad;
}
len = le32_to_cpu(buf[1]);
if (len != strlen(POLICYDB_STRING)) {
printk(KERN_ERR "SELinux: policydb string length %d does not "
"match expected length %Zu\n",
len, strlen(POLICYDB_STRING));
goto bad;
}
policydb_str = kmalloc(len + 1, GFP_KERNEL);
if (!policydb_str) {
printk(KERN_ERR "SELinux: unable to allocate memory for policydb "
"string of length %d\n", len);
rc = -ENOMEM;
goto bad;
}
rc = next_entry(policydb_str, fp, len);
if (rc < 0) {
printk(KERN_ERR "SELinux: truncated policydb string identifier\n");
kfree(policydb_str);
goto bad;
}
policydb_str[len] = '\0';
if (strcmp(policydb_str, POLICYDB_STRING)) {
printk(KERN_ERR "SELinux: policydb string %s does not match "
"my string %s\n", policydb_str, POLICYDB_STRING);
kfree(policydb_str);
goto bad;
}
/* Done with policydb_str. */
kfree(policydb_str);
policydb_str = NULL;
/* Read the version, config, and table sizes. */
rc = next_entry(buf, fp, sizeof(u32)*4);
if (rc < 0)
goto bad;
p->policyvers = le32_to_cpu(buf[0]);
if (p->policyvers < POLICYDB_VERSION_MIN ||
p->policyvers > POLICYDB_VERSION_MAX) {
printk(KERN_ERR "SELinux: policydb version %d does not match "
"my version range %d-%d\n",
le32_to_cpu(buf[0]), POLICYDB_VERSION_MIN, POLICYDB_VERSION_MAX);
goto bad;
}
if ((le32_to_cpu(buf[1]) & POLICYDB_CONFIG_MLS)) {
if (ss_initialized && !selinux_mls_enabled) {
printk(KERN_ERR "SELinux: Cannot switch between non-MLS"
" and MLS policies\n");
goto bad;
}
selinux_mls_enabled = 1;
config |= POLICYDB_CONFIG_MLS;
if (p->policyvers < POLICYDB_VERSION_MLS) {
printk(KERN_ERR "SELinux: security policydb version %d "
"(MLS) not backwards compatible\n",
p->policyvers);
goto bad;
}
} else {
if (ss_initialized && selinux_mls_enabled) {
printk(KERN_ERR "SELinux: Cannot switch between MLS and"
" non-MLS policies\n");
goto bad;
}
}
p->reject_unknown = !!(le32_to_cpu(buf[1]) & REJECT_UNKNOWN);
p->allow_unknown = !!(le32_to_cpu(buf[1]) & ALLOW_UNKNOWN);
if (p->policyvers >= POLICYDB_VERSION_POLCAP &&
ebitmap_read(&p->policycaps, fp) != 0)
goto bad;
if (p->policyvers >= POLICYDB_VERSION_PERMISSIVE &&
ebitmap_read(&p->permissive_map, fp) != 0)
goto bad;
info = policydb_lookup_compat(p->policyvers);
if (!info) {
printk(KERN_ERR "SELinux: unable to find policy compat info "
"for version %d\n", p->policyvers);
goto bad;
}
if (le32_to_cpu(buf[2]) != info->sym_num ||
le32_to_cpu(buf[3]) != info->ocon_num) {
printk(KERN_ERR "SELinux: policydb table sizes (%d,%d) do "
"not match mine (%d,%d)\n", le32_to_cpu(buf[2]),
le32_to_cpu(buf[3]),
info->sym_num, info->ocon_num);
goto bad;
}
for (i = 0; i < info->sym_num; i++) {
rc = next_entry(buf, fp, sizeof(u32)*2);
if (rc < 0)
goto bad;
nprim = le32_to_cpu(buf[0]);
nel = le32_to_cpu(buf[1]);
for (j = 0; j < nel; j++) {
rc = read_f[i](p, p->symtab[i].table, fp);
if (rc)
goto bad;
}
p->symtab[i].nprim = nprim;
}
rc = avtab_read(&p->te_avtab, fp, p);
if (rc)
goto bad;
if (p->policyvers >= POLICYDB_VERSION_BOOL) {
rc = cond_read_list(p, fp);
if (rc)
goto bad;
}
rc = next_entry(buf, fp, sizeof(u32));
if (rc < 0)
goto bad;
nel = le32_to_cpu(buf[0]);
ltr = NULL;
for (i = 0; i < nel; i++) {
tr = kzalloc(sizeof(*tr), GFP_KERNEL);
if (!tr) {
rc = -ENOMEM;
goto bad;
}
if (ltr)
ltr->next = tr;
else
p->role_tr = tr;
rc = next_entry(buf, fp, sizeof(u32)*3);
if (rc < 0)
goto bad;
tr->role = le32_to_cpu(buf[0]);
tr->type = le32_to_cpu(buf[1]);
tr->new_role = le32_to_cpu(buf[2]);
if (!policydb_role_isvalid(p, tr->role) ||
!policydb_type_isvalid(p, tr->type) ||
!policydb_role_isvalid(p, tr->new_role)) {
rc = -EINVAL;
goto bad;
}
ltr = tr;
}
rc = next_entry(buf, fp, sizeof(u32));
if (rc < 0)
goto bad;
nel = le32_to_cpu(buf[0]);
lra = NULL;
for (i = 0; i < nel; i++) {
ra = kzalloc(sizeof(*ra), GFP_KERNEL);
if (!ra) {
rc = -ENOMEM;
goto bad;
}
if (lra)
lra->next = ra;
else
p->role_allow = ra;
rc = next_entry(buf, fp, sizeof(u32)*2);
if (rc < 0)
goto bad;
ra->role = le32_to_cpu(buf[0]);
ra->new_role = le32_to_cpu(buf[1]);
if (!policydb_role_isvalid(p, ra->role) ||
!policydb_role_isvalid(p, ra->new_role)) {
rc = -EINVAL;
goto bad;
}
lra = ra;
}
rc = policydb_index_classes(p);
if (rc)
goto bad;
rc = policydb_index_others(p);
if (rc)
goto bad;
p->process_class = string_to_security_class(p, "process");
if (!p->process_class)
goto bad;
p->process_trans_perms = string_to_av_perm(p, p->process_class,
"transition");
p->process_trans_perms |= string_to_av_perm(p, p->process_class,
"dyntransition");
if (!p->process_trans_perms)
goto bad;
for (i = 0; i < info->ocon_num; i++) {
rc = next_entry(buf, fp, sizeof(u32));
if (rc < 0)
goto bad;
nel = le32_to_cpu(buf[0]);
l = NULL;
for (j = 0; j < nel; j++) {
c = kzalloc(sizeof(*c), GFP_KERNEL);
if (!c) {
rc = -ENOMEM;
goto bad;
}
if (l)
l->next = c;
else
p->ocontexts[i] = c;
l = c;
rc = -EINVAL;
switch (i) {
case OCON_ISID:
rc = next_entry(buf, fp, sizeof(u32));
if (rc < 0)
goto bad;
c->sid[0] = le32_to_cpu(buf[0]);
rc = context_read_and_validate(&c->context[0], p, fp);
if (rc)
goto bad;
break;
case OCON_FS:
case OCON_NETIF:
rc = next_entry(buf, fp, sizeof(u32));
if (rc < 0)
goto bad;
len = le32_to_cpu(buf[0]);
c->u.name = kmalloc(len + 1, GFP_KERNEL);
if (!c->u.name) {
rc = -ENOMEM;
goto bad;
}
rc = next_entry(c->u.name, fp, len);
if (rc < 0)
goto bad;
c->u.name[len] = 0;
rc = context_read_and_validate(&c->context[0], p, fp);
if (rc)
goto bad;
rc = context_read_and_validate(&c->context[1], p, fp);
if (rc)
goto bad;
break;
case OCON_PORT:
rc = next_entry(buf, fp, sizeof(u32)*3);
if (rc < 0)
goto bad;
c->u.port.protocol = le32_to_cpu(buf[0]);
c->u.port.low_port = le32_to_cpu(buf[1]);
c->u.port.high_port = le32_to_cpu(buf[2]);
rc = context_read_and_validate(&c->context[0], p, fp);
if (rc)
goto bad;
break;
case OCON_NODE:
rc = next_entry(nodebuf, fp, sizeof(u32) * 2);
if (rc < 0)
goto bad;
c->u.node.addr = nodebuf[0]; /* network order */
c->u.node.mask = nodebuf[1]; /* network order */
rc = context_read_and_validate(&c->context[0], p, fp);
if (rc)
goto bad;
break;
case OCON_FSUSE:
rc = next_entry(buf, fp, sizeof(u32)*2);
if (rc < 0)
goto bad;
c->v.behavior = le32_to_cpu(buf[0]);
if (c->v.behavior > SECURITY_FS_USE_NONE)
goto bad;
len = le32_to_cpu(buf[1]);
c->u.name = kmalloc(len + 1, GFP_KERNEL);
if (!c->u.name) {
rc = -ENOMEM;
goto bad;
}
rc = next_entry(c->u.name, fp, len);
if (rc < 0)
goto bad;
c->u.name[len] = 0;
rc = context_read_and_validate(&c->context[0], p, fp);
if (rc)
goto bad;
break;
case OCON_NODE6: {
int k;
rc = next_entry(nodebuf, fp, sizeof(u32) * 8);
if (rc < 0)
goto bad;
for (k = 0; k < 4; k++)
c->u.node6.addr[k] = nodebuf[k];
for (k = 0; k < 4; k++)
c->u.node6.mask[k] = nodebuf[k+4];
if (context_read_and_validate(&c->context[0], p, fp))
goto bad;
break;
}
}
}
}
rc = next_entry(buf, fp, sizeof(u32));
if (rc < 0)
goto bad;
nel = le32_to_cpu(buf[0]);
genfs_p = NULL;
rc = -EINVAL;
for (i = 0; i < nel; i++) {
rc = next_entry(buf, fp, sizeof(u32));
if (rc < 0)
goto bad;
len = le32_to_cpu(buf[0]);
newgenfs = kzalloc(sizeof(*newgenfs), GFP_KERNEL);
if (!newgenfs) {
rc = -ENOMEM;
goto bad;
}
newgenfs->fstype = kmalloc(len + 1, GFP_KERNEL);
if (!newgenfs->fstype) {
rc = -ENOMEM;
kfree(newgenfs);
goto bad;
}
rc = next_entry(newgenfs->fstype, fp, len);
if (rc < 0) {
kfree(newgenfs->fstype);
kfree(newgenfs);
goto bad;
}
newgenfs->fstype[len] = 0;
for (genfs_p = NULL, genfs = p->genfs; genfs;
genfs_p = genfs, genfs = genfs->next) {
if (strcmp(newgenfs->fstype, genfs->fstype) == 0) {
printk(KERN_ERR "SELinux: dup genfs "
"fstype %s\n", newgenfs->fstype);
kfree(newgenfs->fstype);
kfree(newgenfs);
goto bad;
}
if (strcmp(newgenfs->fstype, genfs->fstype) < 0)
break;
}
newgenfs->next = genfs;
if (genfs_p)
genfs_p->next = newgenfs;
else
p->genfs = newgenfs;
rc = next_entry(buf, fp, sizeof(u32));
if (rc < 0)
goto bad;
nel2 = le32_to_cpu(buf[0]);
for (j = 0; j < nel2; j++) {
rc = next_entry(buf, fp, sizeof(u32));
if (rc < 0)
goto bad;
len = le32_to_cpu(buf[0]);
newc = kzalloc(sizeof(*newc), GFP_KERNEL);
if (!newc) {
rc = -ENOMEM;
goto bad;
}
newc->u.name = kmalloc(len + 1, GFP_KERNEL);
if (!newc->u.name) {
rc = -ENOMEM;
goto bad_newc;
}
rc = next_entry(newc->u.name, fp, len);
if (rc < 0)
goto bad_newc;
newc->u.name[len] = 0;
rc = next_entry(buf, fp, sizeof(u32));
if (rc < 0)
goto bad_newc;
newc->v.sclass = le32_to_cpu(buf[0]);
if (context_read_and_validate(&newc->context[0], p, fp))
goto bad_newc;
for (l = NULL, c = newgenfs->head; c;
l = c, c = c->next) {
if (!strcmp(newc->u.name, c->u.name) &&
(!c->v.sclass || !newc->v.sclass ||
newc->v.sclass == c->v.sclass)) {
printk(KERN_ERR "SELinux: dup genfs "
"entry (%s,%s)\n",
newgenfs->fstype, c->u.name);
goto bad_newc;
}
len = strlen(newc->u.name);
len2 = strlen(c->u.name);
if (len > len2)
break;
}
newc->next = c;
if (l)
l->next = newc;
else
newgenfs->head = newc;
}
}
if (p->policyvers >= POLICYDB_VERSION_MLS) {
int new_rangetr = p->policyvers >= POLICYDB_VERSION_RANGETRANS;
rc = next_entry(buf, fp, sizeof(u32));
if (rc < 0)
goto bad;
nel = le32_to_cpu(buf[0]);
lrt = NULL;
for (i = 0; i < nel; i++) {
rt = kzalloc(sizeof(*rt), GFP_KERNEL);
if (!rt) {
rc = -ENOMEM;
goto bad;
}
if (lrt)
lrt->next = rt;
else
p->range_tr = rt;
rc = next_entry(buf, fp, (sizeof(u32) * 2));
if (rc < 0)
goto bad;
rt->source_type = le32_to_cpu(buf[0]);
rt->target_type = le32_to_cpu(buf[1]);
if (new_rangetr) {
rc = next_entry(buf, fp, sizeof(u32));
if (rc < 0)
goto bad;
rt->target_class = le32_to_cpu(buf[0]);
} else
rt->target_class = p->process_class;
if (!policydb_type_isvalid(p, rt->source_type) ||
!policydb_type_isvalid(p, rt->target_type) ||
!policydb_class_isvalid(p, rt->target_class)) {
rc = -EINVAL;
goto bad;
}
rc = mls_read_range_helper(&rt->target_range, fp);
if (rc)
goto bad;
if (!mls_range_isvalid(p, &rt->target_range)) {
printk(KERN_WARNING "SELinux: rangetrans: invalid range\n");
goto bad;
}
lrt = rt;
}
}
p->type_attr_map = kmalloc(p->p_types.nprim*sizeof(struct ebitmap), GFP_KERNEL);
if (!p->type_attr_map)
goto bad;
for (i = 0; i < p->p_types.nprim; i++) {
ebitmap_init(&p->type_attr_map[i]);
if (p->policyvers >= POLICYDB_VERSION_AVTAB) {
if (ebitmap_read(&p->type_attr_map[i], fp))
goto bad;
}
/* add the type itself as the degenerate case */
if (ebitmap_set_bit(&p->type_attr_map[i], i, 1))
goto bad;
}
rc = policydb_bounds_sanity_check(p);
if (rc)
goto bad;
rc = 0;
out:
return rc;
bad_newc:
ocontext_destroy(newc, OCON_FSUSE);
bad:
if (!rc)
rc = -EINVAL;
policydb_destroy(p);
goto out;
}
Generated by GNU enscript 1.6.4.