From c7cf926d25523d5d0d8e5c83671c901660070d71 Mon Sep 17 00:00:00 2001 From: Eric Paris Date: Tue, 3 Mar 2009 13:15:39 -0500 Subject: [PATCH] This patch changes all places in the X code to use _raw functions. The X server should never see, translate, or deal with a munged context. Display managers which show contexts to the user should take care of translating these to human readable form. --- Xext/xselinux.c | 64 ++++++++++++++++++++++++------------------------- 1 file changed, 32 insertions(+), 32 deletions(-) diff --git a/Xext/xselinux.c b/Xext/xselinux.c index 6d51fa19d..1c88972d5 100644 --- a/Xext/xselinux.c +++ b/Xext/xselinux.c @@ -183,19 +183,19 @@ SELinuxAtomToSIDLookup(Atom atom, SELinuxObjectRec *obj, int map, int polymap) obj->poly = 1; /* Look in the mappings of names to contexts */ - if (selabel_lookup(label_hnd, &ctx, name, map) == 0) { + if (selabel_lookup_raw(label_hnd, &ctx, name, map) == 0) { obj->poly = 0; } else if (errno != ENOENT) { ErrorF("SELinux: a property label lookup failed!\n"); return BadValue; - } else if (selabel_lookup(label_hnd, &ctx, name, polymap) < 0) { + } else if (selabel_lookup_raw(label_hnd, &ctx, name, polymap) < 0) { ErrorF("SELinux: a property label lookup failed!\n"); return BadValue; } /* Get a SID for context */ - if (avc_context_to_sid(ctx, &obj->sid) < 0) { - ErrorF("SELinux: a context_to_SID call failed!\n"); + if (avc_context_to_sid_raw(ctx, &obj->sid) < 0) { + ErrorF("SELinux: a context_to_SID_raw call failed!\n"); rc = BadAlloc; } @@ -340,7 +340,7 @@ SELinuxEventToSID(unsigned type, security_id_t sid_of_window, SELinuxObjectRec *sid_return) { const char *name = LookupEventName(type); - security_context_t con; + security_context_t ctx; type &= 127; if (type >= numKnownEvents) { @@ -356,16 +356,16 @@ SELinuxEventToSID(unsigned type, security_id_t sid_of_window, if (!knownEvents[type]) { /* Look in the mappings of event names to contexts */ - if (selabel_lookup(label_hnd, &con, name, SELABEL_X_EVENT) < 0) { + if (selabel_lookup_raw(label_hnd, &ctx, name, SELABEL_X_EVENT) < 0) { ErrorF("SELinux: an event label lookup failed!\n"); return BadValue; } /* Get a SID for context */ - if (avc_context_to_sid(con, knownEvents + type) < 0) { - ErrorF("SELinux: a context_to_SID call failed!\n"); + if (avc_context_to_sid_raw(ctx, knownEvents + type) < 0) { + ErrorF("SELinux: a context_to_SID_raw call failed!\n"); return BadAlloc; } - freecon(con); + freecon(ctx); } /* Perform a transition to obtain the final SID */ @@ -470,7 +470,7 @@ SELinuxLabelClient(ClientPtr client) /* Try to get a context from the socket */ if (fd < 0 || getpeercon_raw(fd, &ctx) < 0) { /* Otherwise, fall back to a default context */ - if (selabel_lookup(label_hnd, &ctx, "remote", SELABEL_X_CLIENT) < 0) + if (selabel_lookup_raw(label_hnd, &ctx, "remote", SELABEL_X_CLIENT) < 0) FatalError("SELinux: failed to look up remote-client context\n"); } @@ -505,8 +505,8 @@ SELinuxLabelClient(ClientPtr client) finish: /* Get a SID from the context */ - if (avc_context_to_sid(ctx, &subj->sid) < 0) - FatalError("SELinux: client %d: context_to_sid(%s) failed\n", + if (avc_context_to_sid_raw(ctx, &subj->sid) < 0) + FatalError("SELinux: client %d: context_to_sid_raw(%s) failed\n", client->index, ctx); sidget(obj->sid = subj->sid); @@ -537,7 +537,7 @@ SELinuxLabelInitial(void) FatalError("SELinux: couldn't get context of X server process\n"); /* Get a SID from the context */ - if (avc_context_to_sid(ctx, &subj->sid) < 0) + if (avc_context_to_sid_raw(ctx, &subj->sid) < 0) FatalError("SELinux: serverClient: context_to_sid(%s) failed\n", ctx); sidget(obj->sid = subj->sid); @@ -823,20 +823,20 @@ SELinuxExtension(CallbackListPtr *pcbl, pointer unused, pointer calldata) /* XXX there should be a separate callback for this */ if (obj->sid == unlabeled_sid) { const char *name = rec->ext->name; - security_context_t con; + security_context_t ctx; security_id_t sid; serv = dixLookupPrivate(&serverClient->devPrivates, subjectKey); /* Look in the mappings of extension names to contexts */ - if (selabel_lookup(label_hnd, &con, name, SELABEL_X_EXT) < 0) { + if (selabel_lookup_raw(label_hnd, &ctx, name, SELABEL_X_EXT) < 0) { ErrorF("SELinux: a property label lookup failed!\n"); rec->status = BadValue; return; } /* Get a SID for context */ - if (avc_context_to_sid(con, &sid) < 0) { - ErrorF("SELinux: a context_to_SID call failed!\n"); + if (avc_context_to_sid_raw(ctx, &sid) < 0) { + ErrorF("SELinux: a context_to_SID_raw call failed!\n"); rec->status = BadAlloc; return; } @@ -847,11 +847,11 @@ SELinuxExtension(CallbackListPtr *pcbl, pointer unused, pointer calldata) if (avc_compute_create(serv->sid, sid, SECCLASS_X_EXTENSION, &obj->sid) < 0) { ErrorF("SELinux: a SID transition call failed!\n"); - freecon(con); + freecon(ctx); rec->status = BadValue; return; } - freecon(con); + freecon(ctx); } /* Perform the security check */ @@ -1154,7 +1154,7 @@ SELinuxResourceState(CallbackListPtr *pcbl, pointer unused, pointer calldata) if (subj->sid) { security_context_t ctx; - int rc = avc_sid_to_context(subj->sid, &ctx); + int rc = avc_sid_to_context_raw(subj->sid, &ctx); if (rc < 0) FatalError("SELinux: Failed to get security context!\n"); rc = dixChangeWindowProperty(serverClient, @@ -1170,7 +1170,7 @@ SELinuxResourceState(CallbackListPtr *pcbl, pointer unused, pointer calldata) if (obj->sid) { security_context_t ctx; - int rc = avc_sid_to_context(obj->sid, &ctx); + int rc = avc_sid_to_context_raw(obj->sid, &ctx); if (rc < 0) FatalError("SELinux: Failed to get security context!\n"); rc = dixChangeWindowProperty(serverClient, @@ -1286,7 +1286,7 @@ SELinuxSendContextReply(ClientPtr client, security_id_t sid) int len = 0; if (sid) { - if (avc_sid_to_context(sid, &ctx) < 0) + if (avc_sid_to_context_raw(sid, &ctx) < 0) return BadValue; len = strlen(ctx) + 1; } @@ -1345,9 +1345,9 @@ ProcSELinuxSetCreateContext(ClientPtr client, unsigned offset) *pSid = NULL; if (stuff->context_len > 0) { - if (security_check_context(ctx) < 0) + if (security_check_context_raw(ctx) < 0) return BadValue; - if (avc_context_to_sid(ctx, pSid) < 0) + if (avc_context_to_sid_raw(ctx, pSid) < 0) return BadValue; } return Success; @@ -1391,9 +1391,9 @@ ProcSELinuxSetDeviceContext(ClientPtr client) if (rc != Success) return rc; - if (security_check_context(ctx) < 0) + if (security_check_context_raw(ctx) < 0) return BadValue; - if (avc_context_to_sid(ctx, &sid) < 0) + if (avc_context_to_sid_raw(ctx, &sid) < 0) return BadValue; subj = dixLookupPrivate(&dev->devPrivates, subjectKey); @@ -1509,9 +1509,9 @@ SELinuxPopulateItem(SELinuxListItemRec *i, PrivateRec **privPtr, CARD32 id, SELinuxObjectRec *obj = dixLookupPrivate(privPtr, objectKey); SELinuxObjectRec *data = dixLookupPrivate(privPtr, dataKey); - if (avc_sid_to_context(obj->sid, &i->octx) < 0) + if (avc_sid_to_context_raw(obj->sid, &i->octx) < 0) return BadValue; - if (avc_sid_to_context(data->sid, &i->dctx) < 0) + if (avc_sid_to_context_raw(data->sid, &i->dctx) < 0) return BadValue; i->id = id; @@ -1939,7 +1939,7 @@ SELinuxExtensionInit(INITARGS) ExtensionEntry *extEntry; struct selinux_opt selabel_option = { SELABEL_OPT_VALIDATE, (char *)1 }; struct selinux_opt avc_option = { AVC_OPT_SETENFORCE, (char *)0 }; - security_context_t con; + security_context_t ctx; int ret = TRUE; /* Check SELinux mode on system */ @@ -1986,11 +1986,11 @@ SELinuxExtensionInit(INITARGS) if (!label_hnd) FatalError("SELinux: Failed to open x_contexts mapping in policy\n"); - if (security_get_initial_context("unlabeled", &con) < 0) + if (security_get_initial_context_raw("unlabeled", &ctx) < 0) FatalError("SELinux: Failed to look up unlabeled context\n"); - if (avc_context_to_sid(con, &unlabeled_sid) < 0) + if (avc_context_to_sid_raw(ctx, &unlabeled_sid) < 0) FatalError("SELinux: a context_to_SID call failed!\n"); - freecon(con); + freecon(ctx); /* Prepare for auditing */ audit_fd = audit_open();