Changeset 4927
- Timestamp:
- 04/22/10 13:57:08 (3 years ago)
- Files:
-
- branches/module-loading/apol/apol_tcl.i (modified) (2 diffs)
- branches/module-loading/apol/open_policy_dialog.tcl (modified) (1 diff)
- branches/module-loading/configure.ac (modified) (1 diff)
- branches/module-loading/libapol/src/policy.c (modified) (1 diff)
- branches/module-loading/libapol/swig/apol.i (modified) (1 diff)
- branches/module-loading/libqpol/include/qpol/util.h (modified) (1 diff)
- branches/module-loading/libqpol/src/Makefile.am (modified) (1 diff)
- branches/module-loading/libqpol/src/module.c (modified) (5 diffs)
- branches/module-loading/libqpol/src/policy.c (modified) (4 diffs)
- branches/module-loading/libqpol/src/policy_parse.y (modified) (1 diff)
- branches/module-loading/libqpol/src/util.c (modified) (1 diff)
- branches/module-loading/libqpol/swig/qpol.i (modified) (2 diffs)
Legend:
- Unmodified
- Added
- Removed
- Modified
- Copied
- Moved
branches/module-loading/apol/apol_tcl.i
r4890 r4927 111 111 apol_policy_t *p = apol_policy_create_from_policy_path(ppath, QPOL_POLICY_OPTION_NO_NEVERALLOWS, 112 112 apol_tcl_route_apol_to_string, interp); 113 if (p == NULL ) {114 if (errno != 0) { 115 116 117 118 113 if (p == NULL && message == NULL) { // Assume lower level has generated error message 114 if (errno != 0) { // otherwise take a guess at it 115 SWIG_exception(SWIG_RuntimeError, strerror(errno)); 116 } else { 117 SWIG_exception(SWIG_RuntimeError, "The selected file does not appear to be a valid SELinux Policy."); 118 } 119 119 } 120 120 fail: … … 448 448 extern char *apol_tcl_get_info_string(void); 449 449 extern void apol_tcl_set_info_string(apol_policy_t *p, const char *s); 450 451 // vim:ft=c noexpandtab branches/module-loading/apol/open_policy_dialog.tcl
r4924 r4927 378 378 379 379 # Retrieve information about a policy module file, either source or 380 # binary, from disk. This will be a 2-ple of module name and version.380 # binary, from disk. This will be a 3-ple of module name, version and type. 381 381 # The policy module will be closed afterwards. 382 382 proc Apol_Open_Policy_Dialog::getModuleInfo {f} { branches/module-loading/configure.ac
r4924 r4927 718 718 AC_SUBST([CUNIT_LIB_FLAG]) 719 719 720 AC_CHECK_LIB(bz2, 721 BZ2_bzReadOpen, , 722 AC_MSG_ERROR([could not find libbz2 - make sure bzip2-libs is installed]), 723 -lbz2 724 ) 725 720 726 #AC_MSG_CHECKING([for FUSE]) 721 727 #pkg-config --exists fuse branches/module-loading/libapol/src/policy.c
r4585 r4927 106 106 if (apol_policy_path_get_type(path) == APOL_POLICY_PATH_TYPE_MODULAR) { 107 107 if (!qpol_policy_has_capability(policy->p, QPOL_CAP_MODULES)) { 108 ERR(policy, "%s is not a base policy.", primary_path); 109 apol_policy_destroy(&policy); 110 return NULL; 108 INFO(policy, "%s is not a base policy.", primary_path); 109 return policy; 111 110 } 112 111 const apol_vector_t *modules = apol_policy_path_get_modules(path); branches/module-loading/libapol/swig/apol.i
r4908 r4927 3218 3218 }; 3219 3219 %} 3220 // vim:ft=c branches/module-loading/libqpol/include/qpol/util.h
r4157 r4927 51 51 extern int qpol_default_policy_find(char **path); 52 52 53 /* bunzip() a file to '*data', returning the total number of uncompressed bytes 54 * in the file. Returns -1 if file could not be decompressed. */ 55 extern ssize_t qpol_bunzip(FILE *f, char **data); 56 53 57 #ifdef __cplusplus 54 58 } branches/module-loading/libqpol/src/Makefile.am
r4867 r4927 68 68 69 69 $(qpolso_DATA): $(tmp_sepol) $(libqpol_so_OBJS) libqpol.map 70 $(CC) -shared -o $@ $(libqpol_so_OBJS) $(AM_LDFLAGS) $(LDFLAGS) -Wl,-soname,$(LIBQPOL_SONAME),--version-script=$(srcdir)/libqpol.map,-z,defs -Wl,--whole-archive $(sepol_srcdir)/libsepol.a -Wl,--no-whole-archive @SELINUX_LIB_FLAG@ -lselinux -lsepol 70 $(CC) -shared -o $@ $(libqpol_so_OBJS) $(AM_LDFLAGS) $(LDFLAGS) -Wl,-soname,$(LIBQPOL_SONAME),--version-script=$(srcdir)/libqpol.map,-z,defs -Wl,--whole-archive $(sepol_srcdir)/libsepol.a -Wl,--no-whole-archive @SELINUX_LIB_FLAG@ -lselinux -lsepol -lbz2 71 71 $(LN_S) -f $@ @libqpol_soname@ 72 72 $(LN_S) -f $@ libqpol.so branches/module-loading/libqpol/src/module.c
r4585 r4927 44 44 int error = 0; 45 45 char *tmp = NULL; 46 char *data = NULL; 47 ssize_t size; 46 48 47 49 if (module) … … 72 74 goto err; 73 75 } 74 if (!qpol_is_file_mod_pkg(infile)) { 75 error = ENOTSUP; 76 goto err; 77 } 78 sepol_policy_file_set_fp(spf, infile); 76 size = qpol_bunzip(infile, &data); 77 78 if (size > 0) { 79 if (!qpol_is_data_mod_pkg(data)) { 80 error = ENOTSUP; 81 goto err; 82 } 83 sepol_policy_file_set_mem(spf, data, size); 84 } else { 85 if (!qpol_is_file_mod_pkg(infile)) { 86 error = ENOTSUP; 87 goto err; 88 } 89 rewind(infile); 90 sepol_policy_file_set_fp(spf, infile); 91 } 79 92 80 93 if (sepol_module_package_create(&smp)) { … … 89 102 free(tmp); 90 103 tmp = NULL; 91 rewind(infile); 104 if (size > 0) { 105 // Re setting the memory location has the effect of rewind 106 // API is not accessible from here to explicitly "rewind" the 107 // in-memory file. 108 sepol_policy_file_set_mem(spf, data, size); 109 } else { 110 rewind(infile); 111 } 112 92 113 if (sepol_module_package_read(smp, spf, 0)) { 93 114 error = EIO; … … 107 128 sepol_module_package_free(smp); 108 129 fclose(infile); 130 if (data != NULL) 131 free (data); 109 132 sepol_policy_file_free(spf); 110 133 … … 117 140 if (infile) 118 141 fclose(infile); 119 free(tmp); 142 if (data != NULL) 143 free (data); 144 if (tmp != NULL) 145 free(tmp); 120 146 errno = error; 121 147 return STATUS_ERR; branches/module-loading/libqpol/src/policy.c
r4890 r4927 338 338 } 339 339 340 int qpol_is_data_mod_pkg(char * data) 341 { 342 size_t sz; 343 __u32 ubuf; 344 345 memcpy(&ubuf, data, sizeof(__u32)); 346 347 ubuf = le32_to_cpu(ubuf); 348 if (ubuf == SEPOL_MODULE_PACKAGE_MAGIC) 349 return 1; 350 351 return 0; 352 } 353 340 354 int qpol_is_file_mod_pkg(FILE * fp) 341 355 { … … 921 935 } 922 936 937 errno = 0; 923 938 if (!(*policy = calloc(1, sizeof(qpol_policy_t)))) { 924 939 error = errno; … … 966 981 sepol_policy_file_set_handle(pfile, (*policy)->sh); 967 982 983 errno=0; 968 984 if (qpol_is_file_binpol(infile)) { 969 985 (*policy)->type = retv = QPOL_POLICY_KERNEL_BINARY; … … 980 996 goto err; 981 997 } 982 } else if (qpol_ is_file_mod_pkg(infile)) {998 } else if (qpol_module_create_from_file(path, &mod) == STATUS_SUCCESS) { 983 999 (*policy)->type = retv = QPOL_POLICY_MODULE_BINARY; 984 if (qpol_module_create_from_file(path, &mod)) { 985 error = errno; 986 ERR(*policy, "%s", strerror(error)); 987 goto err; 988 } 1000 989 1001 if (qpol_policy_append_module(*policy, mod)) { 990 1002 error = errno; branches/module-loading/libqpol/src/policy_parse.y
r4908 r4927 216 216 | sensitivities sensitivity_def 217 217 ; 218 /* Need to call define_mls here, as we are working with files */ 219 /* only, not command line options */ 218 220 sensitivity_def : SENSITIVITY identifier alias_def ';' 219 {if (define_ sens()) return -1;}221 {if (define_mls() | define_sens()) return -1;} 220 222 | SENSITIVITY identifier ';' 221 {if (define_ sens()) return -1;}223 {if (define_mls() | define_sens()) return -1;} 222 224 ; 223 225 alias_def : ALIAS names branches/module-loading/libqpol/src/util.c
r4778 r4927 172 172 return search_policy_binary_file(path); 173 173 } 174 175 #include <stdlib.h> 176 #include <bzlib.h> 177 #include <string.h> 178 #include <sys/sendfile.h> 179 180 #define BZ2_MAGICSTR "BZh" 181 #define BZ2_MAGICLEN (sizeof(BZ2_MAGICSTR)-1) 182 183 /* qpol_bunzip() uncompresses a file to '*data', returning the total number of 184 * uncompressed bytes in the file. 185 * Returns -1 if file could not be decompressed. 186 * Originally from libsemanage/src/direct_api.c, with slight mods */ 187 ssize_t qpol_bunzip(FILE *f, char **data) 188 { 189 BZFILE* b; 190 size_t nBuf; 191 char buf[1<<18]; 192 size_t size = sizeof(buf); 193 int bzerror; 194 size_t total=0; 195 int small=0; // Set to 1 to use less memory decompressing (about 2x slower) 196 197 bzerror = fread(buf, 1, BZ2_MAGICLEN, f); 198 rewind(f); 199 if ((bzerror != BZ2_MAGICLEN) || memcmp(buf, BZ2_MAGICSTR, BZ2_MAGICLEN)) 200 return -1; 201 202 b = BZ2_bzReadOpen ( &bzerror, f, 0, small, NULL, 0 ); 203 if ( bzerror != BZ_OK ) { 204 BZ2_bzReadClose ( &bzerror, b ); 205 return -1; 206 } 207 208 char *uncompress = realloc(NULL, size); 209 210 while ( bzerror == BZ_OK) { 211 nBuf = BZ2_bzRead ( &bzerror, b, buf, sizeof(buf)); 212 if (( bzerror == BZ_OK ) || ( bzerror == BZ_STREAM_END )) { 213 if (total + nBuf > size) { 214 size *= 2; 215 uncompress = realloc(uncompress, size); 216 } 217 memcpy(&uncompress[total], buf, nBuf); 218 total += nBuf; 219 } 220 } 221 if ( bzerror != BZ_STREAM_END ) { 222 BZ2_bzReadClose ( &bzerror, b ); 223 free(uncompress); 224 return -1; 225 } 226 BZ2_bzReadClose ( &bzerror, b ); 227 228 *data = uncompress; 229 return total; 230 } 231 branches/module-loading/libqpol/swig/qpol.i
r4806 r4927 232 232 qpol_module_t *m; 233 233 BEGIN_EXCEPTION 234 errno=0; 234 235 if (qpol_module_create_from_file(path, &m)) { 235 236 SWIG_exception(SWIG_IOError, "Error opening module"); … … 2877 2878 }; 2878 2879 %} 2880 // vim:ft=c noexpandtab
