1 /* Author: Karl MacMillan <kmacmillan@tresys.com>
2 * Jason Tang <jtang@tresys.com>
3 * Chris PeBenito <cpebenito@tresys.com>
4 *
5 * Copyright (C) 2004-2005 Tresys Technology, LLC
6 *
7 * This library is free software; you can redistribute it and/or
8 * modify it under the terms of the GNU Lesser General Public
9 * License as published by the Free Software Foundation; either
10 * version 2.1 of the License, or (at your option) any later version.
11 *
12 * This library is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 * Lesser General Public License for more details.
16 *
17 * You should have received a copy of the GNU Lesser General Public
18 * License along with this library; if not, write to the Free Software
19 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
20 */
21
22 #include "policydb_internal.h"
23 #include "module_internal.h"
24 #include <sepol/policydb/link.h>
25 #include <sepol/policydb/expand.h>
26 #include <sepol/policydb/module.h>
27 #include "debug.h"
28 #include "private.h"
29
30 #include <stdio.h>
31 #include <stdlib.h>
32 #include <limits.h>
33 #include <inttypes.h>
34
35 #define SEPOL_PACKAGE_SECTION_FC 0xf97cff90
36 #define SEPOL_PACKAGE_SECTION_SEUSER 0x97cff91
37 #define SEPOL_PACKAGE_SECTION_USER_EXTRA 0x97cff92
38 #define SEPOL_PACKAGE_SECTION_NETFILTER 0x97cff93
39
policy_file_seek(struct policy_file * fp,size_t offset)40 static int policy_file_seek(struct policy_file *fp, size_t offset)
41 {
42 switch (fp->type) {
43 case PF_USE_STDIO:
44 if (offset > LONG_MAX) {
45 errno = EFAULT;
46 return -1;
47 }
48 return fseek(fp->fp, (long)offset, SEEK_SET);
49 case PF_USE_MEMORY:
50 if (offset > fp->size) {
51 errno = EFAULT;
52 return -1;
53 }
54 fp->data -= fp->size - fp->len;
55 fp->data += offset;
56 fp->len = fp->size - offset;
57 return 0;
58 default:
59 return 0;
60 }
61 }
62
policy_file_length(struct policy_file * fp,size_t * out)63 static int policy_file_length(struct policy_file *fp, size_t *out)
64 {
65 long prev_offset, end_offset;
66 int rc;
67 switch (fp->type) {
68 case PF_USE_STDIO:
69 prev_offset = ftell(fp->fp);
70 if (prev_offset < 0)
71 return prev_offset;
72 rc = fseek(fp->fp, 0L, SEEK_END);
73 if (rc < 0)
74 return rc;
75 end_offset = ftell(fp->fp);
76 if (end_offset < 0)
77 return end_offset;
78 rc = fseek(fp->fp, prev_offset, SEEK_SET);
79 if (rc < 0)
80 return rc;
81 *out = end_offset;
82 break;
83 case PF_USE_MEMORY:
84 *out = fp->size;
85 break;
86 default:
87 *out = 0;
88 break;
89 }
90 return 0;
91 }
92
module_package_init(sepol_module_package_t * p)93 static int module_package_init(sepol_module_package_t * p)
94 {
95 memset(p, 0, sizeof(sepol_module_package_t));
96 if (sepol_policydb_create(&p->policy))
97 return -1;
98
99 p->version = 1;
100 return 0;
101 }
102
set_char(char ** field,char * data,size_t len)103 static int set_char(char **field, char *data, size_t len)
104 {
105 if (*field) {
106 free(*field);
107 *field = NULL;
108 }
109 if (len) {
110 *field = malloc(len);
111 if (!*field)
112 return -1;
113 memcpy(*field, data, len);
114 }
115 return 0;
116 }
117
sepol_module_package_create(sepol_module_package_t ** p)118 int sepol_module_package_create(sepol_module_package_t ** p)
119 {
120 int rc;
121
122 *p = calloc(1, sizeof(sepol_module_package_t));
123 if (!(*p))
124 return -1;
125
126 rc = module_package_init(*p);
127 if (rc < 0) {
128 free(*p);
129 *p = NULL;
130 }
131
132 return rc;
133 }
134
135
136 /* Deallocates all memory associated with a module package, including
137 * the pointer itself. Does nothing if p is NULL.
138 */
sepol_module_package_free(sepol_module_package_t * p)139 void sepol_module_package_free(sepol_module_package_t * p)
140 {
141 if (p == NULL)
142 return;
143
144 sepol_policydb_free(p->policy);
145 free(p->file_contexts);
146 free(p->seusers);
147 free(p->user_extra);
148 free(p->netfilter_contexts);
149 free(p);
150 }
151
152
sepol_module_package_get_file_contexts(sepol_module_package_t * p)153 char *sepol_module_package_get_file_contexts(sepol_module_package_t * p)
154 {
155 return p->file_contexts;
156 }
157
sepol_module_package_get_file_contexts_len(sepol_module_package_t * p)158 size_t sepol_module_package_get_file_contexts_len(sepol_module_package_t * p)
159 {
160 return p->file_contexts_len;
161 }
162
sepol_module_package_get_seusers(sepol_module_package_t * p)163 char *sepol_module_package_get_seusers(sepol_module_package_t * p)
164 {
165 return p->seusers;
166 }
167
sepol_module_package_get_seusers_len(sepol_module_package_t * p)168 size_t sepol_module_package_get_seusers_len(sepol_module_package_t * p)
169 {
170 return p->seusers_len;
171 }
172
sepol_module_package_get_user_extra(sepol_module_package_t * p)173 char *sepol_module_package_get_user_extra(sepol_module_package_t * p)
174 {
175 return p->user_extra;
176 }
177
sepol_module_package_get_user_extra_len(sepol_module_package_t * p)178 size_t sepol_module_package_get_user_extra_len(sepol_module_package_t * p)
179 {
180 return p->user_extra_len;
181 }
182
sepol_module_package_get_netfilter_contexts(sepol_module_package_t * p)183 char *sepol_module_package_get_netfilter_contexts(sepol_module_package_t * p)
184 {
185 return p->netfilter_contexts;
186 }
187
sepol_module_package_get_netfilter_contexts_len(sepol_module_package_t * p)188 size_t sepol_module_package_get_netfilter_contexts_len(sepol_module_package_t *
189 p)
190 {
191 return p->netfilter_contexts_len;
192 }
193
sepol_module_package_set_file_contexts(sepol_module_package_t * p,char * data,size_t len)194 int sepol_module_package_set_file_contexts(sepol_module_package_t * p,
195 char *data, size_t len)
196 {
197 if (set_char(&p->file_contexts, data, len))
198 return -1;
199
200 p->file_contexts_len = len;
201 return 0;
202 }
203
sepol_module_package_set_seusers(sepol_module_package_t * p,char * data,size_t len)204 int sepol_module_package_set_seusers(sepol_module_package_t * p,
205 char *data, size_t len)
206 {
207 if (set_char(&p->seusers, data, len))
208 return -1;
209
210 p->seusers_len = len;
211 return 0;
212 }
213
sepol_module_package_set_user_extra(sepol_module_package_t * p,char * data,size_t len)214 int sepol_module_package_set_user_extra(sepol_module_package_t * p,
215 char *data, size_t len)
216 {
217 if (set_char(&p->user_extra, data, len))
218 return -1;
219
220 p->user_extra_len = len;
221 return 0;
222 }
223
sepol_module_package_set_netfilter_contexts(sepol_module_package_t * p,char * data,size_t len)224 int sepol_module_package_set_netfilter_contexts(sepol_module_package_t * p,
225 char *data, size_t len)
226 {
227 if (set_char(&p->netfilter_contexts, data, len))
228 return -1;
229
230 p->netfilter_contexts_len = len;
231 return 0;
232 }
233
sepol_module_package_get_policy(sepol_module_package_t * p)234 sepol_policydb_t *sepol_module_package_get_policy(sepol_module_package_t * p)
235 {
236 return p->policy;
237 }
238
239 /* Append each of the file contexts from each module to the base
240 * policy's file context. 'base_context' will be reallocated to a
241 * larger size (and thus it is an in/out reference
242 * variable). 'base_fc_len' is the length of base's file context; it
243 * too is a reference variable. Return 0 on success, -1 if out of
244 * memory. */
link_file_contexts(sepol_module_package_t * base,sepol_module_package_t ** modules,int num_modules)245 static int link_file_contexts(sepol_module_package_t * base,
246 sepol_module_package_t ** modules,
247 int num_modules)
248 {
249 size_t fc_len;
250 int i;
251 char *s;
252
253 fc_len = base->file_contexts_len;
254 for (i = 0; i < num_modules; i++) {
255 fc_len += modules[i]->file_contexts_len;
256 }
257
258 if ((s = (char *)realloc(base->file_contexts, fc_len)) == NULL) {
259 return -1;
260 }
261 base->file_contexts = s;
262 for (i = 0; i < num_modules; i++) {
263 memcpy(base->file_contexts + base->file_contexts_len,
264 modules[i]->file_contexts,
265 modules[i]->file_contexts_len);
266 base->file_contexts_len += modules[i]->file_contexts_len;
267 }
268 return 0;
269 }
270
271 /* Append each of the netfilter contexts from each module to the base
272 * policy's netfilter context. 'base_context' will be reallocated to a
273 * larger size (and thus it is an in/out reference
274 * variable). 'base_nc_len' is the length of base's netfilter contexts; it
275 * too is a reference variable. Return 0 on success, -1 if out of
276 * memory. */
link_netfilter_contexts(sepol_module_package_t * base,sepol_module_package_t ** modules,int num_modules)277 static int link_netfilter_contexts(sepol_module_package_t * base,
278 sepol_module_package_t ** modules,
279 int num_modules)
280 {
281 size_t base_nc_len;
282 int i;
283 char *base_context;
284
285 base_nc_len = base->netfilter_contexts_len;
286 for (i = 0; i < num_modules; i++) {
287 base_nc_len += modules[i]->netfilter_contexts_len;
288 }
289
290 if ((base_context =
291 (char *)realloc(base->netfilter_contexts, base_nc_len)) == NULL) {
292 return -1;
293 }
294 base->netfilter_contexts = base_context;
295 for (i = 0; i < num_modules; i++) {
296 memcpy(base->netfilter_contexts + base->netfilter_contexts_len,
297 modules[i]->netfilter_contexts,
298 modules[i]->netfilter_contexts_len);
299 base->netfilter_contexts_len +=
300 modules[i]->netfilter_contexts_len;
301 }
302 return 0;
303 }
304
305 /* Links the module packages into the base. Returns 0 on success, -1
306 * if a requirement was not met, or -2 for all other errors. */
sepol_link_packages(sepol_handle_t * handle,sepol_module_package_t * base,sepol_module_package_t ** modules,int num_modules,int verbose)307 int sepol_link_packages(sepol_handle_t * handle,
308 sepol_module_package_t * base,
309 sepol_module_package_t ** modules, int num_modules,
310 int verbose)
311 {
312 policydb_t **mod_pols = NULL;
313 int i, retval;
314
315 if ((mod_pols = calloc(num_modules, sizeof(*mod_pols))) == NULL) {
316 ERR(handle, "Out of memory!");
317 return -2;
318 }
319 for (i = 0; i < num_modules; i++) {
320 mod_pols[i] = &modules[i]->policy->p;
321 }
322
323 retval = link_modules(handle, &base->policy->p, mod_pols, num_modules,
324 verbose);
325 free(mod_pols);
326 if (retval == -3) {
327 return -1;
328 } else if (retval < 0) {
329 return -2;
330 }
331
332 if (link_file_contexts(base, modules, num_modules) == -1) {
333 ERR(handle, "Out of memory!");
334 return -2;
335 }
336
337 if (link_netfilter_contexts(base, modules, num_modules) == -1) {
338 ERR(handle, "Out of memory!");
339 return -2;
340 }
341
342 return 0;
343 }
344
345 /* buf must be large enough - no checks are performed */
346 #define _read_helper_bufsize BUFSIZ
read_helper(char * buf,struct policy_file * file,uint32_t bytes)347 static int read_helper(char *buf, struct policy_file *file, uint32_t bytes)
348 {
349 uint32_t offset, nel, read_len;
350 int rc;
351
352 offset = 0;
353 nel = bytes;
354
355 while (nel) {
356 if (nel < _read_helper_bufsize)
357 read_len = nel;
358 else
359 read_len = _read_helper_bufsize;
360 rc = next_entry(&buf[offset], file, read_len);
361 if (rc < 0)
362 return -1;
363 offset += read_len;
364 nel -= read_len;
365 }
366 return 0;
367 }
368
369 #define MAXSECTIONS 100
370
371 /* Get the section offsets from a package file, offsets will be malloc'd to
372 * the appropriate size and the caller must free() them */
module_package_read_offsets(sepol_module_package_t * mod,struct policy_file * file,size_t ** offsets,uint32_t * sections)373 static int module_package_read_offsets(sepol_module_package_t * mod,
374 struct policy_file *file,
375 size_t ** offsets, uint32_t * sections)
376 {
377 uint32_t *buf = NULL, nsec;
378 unsigned i;
379 size_t *off = NULL;
380 int rc;
381
382 buf = malloc(sizeof(uint32_t)*3);
383 if (!buf) {
384 ERR(file->handle, "out of memory");
385 goto err;
386 }
387
388 rc = next_entry(buf, file, sizeof(uint32_t) * 3);
389 if (rc < 0) {
390 ERR(file->handle, "module package header truncated");
391 goto err;
392 }
393 if (le32_to_cpu(buf[0]) != SEPOL_MODULE_PACKAGE_MAGIC) {
394 ERR(file->handle,
395 "wrong magic number for module package: expected %#08x, got %#08x",
396 SEPOL_MODULE_PACKAGE_MAGIC, le32_to_cpu(buf[0]));
397 goto err;
398 }
399
400 mod->version = le32_to_cpu(buf[1]);
401 nsec = *sections = le32_to_cpu(buf[2]);
402
403 if (nsec > MAXSECTIONS) {
404 ERR(file->handle, "too many sections (%u) in module package",
405 nsec);
406 goto err;
407 }
408
409 off = (size_t *) malloc((nsec + 1) * sizeof(size_t));
410 if (!off) {
411 ERR(file->handle, "out of memory");
412 goto err;
413 }
414
415 free(buf);
416 buf = malloc(sizeof(uint32_t) * nsec);
417 if (!buf) {
418 ERR(file->handle, "out of memory");
419 goto err;
420 }
421 rc = next_entry(buf, file, sizeof(uint32_t) * nsec);
422 if (rc < 0) {
423 ERR(file->handle, "module package offset array truncated");
424 goto err;
425 }
426
427 for (i = 0; i < nsec; i++) {
428 off[i] = le32_to_cpu(buf[i]);
429 if (i && off[i] < off[i - 1]) {
430 ERR(file->handle, "offsets are not increasing (at %u, "
431 "offset %zu -> %zu", i, off[i - 1],
432 off[i]);
433 goto err;
434 }
435 }
436
437 rc = policy_file_length(file, &off[nsec]);
438 if (rc < 0)
439 goto err;
440
441 if (nsec && off[nsec] < off[nsec-1]) {
442 ERR(file->handle, "offset greater than file size (at %u, "
443 "offset %zu -> %zu", nsec, off[nsec - 1],
444 off[nsec]);
445 goto err;
446 }
447 *offsets = off;
448 free(buf);
449 return 0;
450
451 err:
452 free(buf);
453 free(off);
454 return -1;
455 }
456
457 /* Flags for which sections have been seen during parsing of module package. */
458 #define SEEN_MOD 1
459 #define SEEN_FC 2
460 #define SEEN_SEUSER 4
461 #define SEEN_USER_EXTRA 8
462 #define SEEN_NETFILTER 16
463
sepol_module_package_read(sepol_module_package_t * mod,struct sepol_policy_file * spf,int verbose)464 int sepol_module_package_read(sepol_module_package_t * mod,
465 struct sepol_policy_file *spf, int verbose)
466 {
467 struct policy_file *file = &spf->pf;
468 uint32_t buf[1], nsec;
469 size_t *offsets, len;
470 int rc;
471 unsigned i, seen = 0;
472
473 if (module_package_read_offsets(mod, file, &offsets, &nsec))
474 return -1;
475
476 /* we know the section offsets, seek to them and read in the data */
477
478 for (i = 0; i < nsec; i++) {
479
480 if (policy_file_seek(file, offsets[i])) {
481 ERR(file->handle, "error seeking to offset %zu for "
482 "module package section %u", offsets[i], i);
483 goto cleanup;
484 }
485
486 len = offsets[i + 1] - offsets[i];
487
488 if (len < sizeof(uint32_t)) {
489 ERR(file->handle, "module package section %u "
490 "has too small length %zu", i, len);
491 goto cleanup;
492 }
493
494 /* read the magic number, so that we know which function to call */
495 rc = next_entry(buf, file, sizeof(uint32_t));
496 if (rc < 0) {
497 ERR(file->handle,
498 "module package section %u truncated, lacks magic number",
499 i);
500 goto cleanup;
501 }
502
503 switch (le32_to_cpu(buf[0])) {
504 case SEPOL_PACKAGE_SECTION_FC:
505 if (seen & SEEN_FC) {
506 ERR(file->handle,
507 "found multiple file contexts sections in module package (at section %u)",
508 i);
509 goto cleanup;
510 }
511
512 mod->file_contexts_len = len - sizeof(uint32_t);
513 mod->file_contexts =
514 (char *)malloc(mod->file_contexts_len);
515 if (!mod->file_contexts) {
516 ERR(file->handle, "out of memory");
517 goto cleanup;
518 }
519 if (read_helper
520 (mod->file_contexts, file,
521 mod->file_contexts_len)) {
522 ERR(file->handle,
523 "invalid file contexts section at section %u",
524 i);
525 free(mod->file_contexts);
526 mod->file_contexts = NULL;
527 goto cleanup;
528 }
529 seen |= SEEN_FC;
530 break;
531 case SEPOL_PACKAGE_SECTION_SEUSER:
532 if (seen & SEEN_SEUSER) {
533 ERR(file->handle,
534 "found multiple seuser sections in module package (at section %u)",
535 i);
536 goto cleanup;
537 }
538
539 mod->seusers_len = len - sizeof(uint32_t);
540 mod->seusers = (char *)malloc(mod->seusers_len);
541 if (!mod->seusers) {
542 ERR(file->handle, "out of memory");
543 goto cleanup;
544 }
545 if (read_helper(mod->seusers, file, mod->seusers_len)) {
546 ERR(file->handle,
547 "invalid seuser section at section %u", i);
548 free(mod->seusers);
549 mod->seusers = NULL;
550 goto cleanup;
551 }
552 seen |= SEEN_SEUSER;
553 break;
554 case SEPOL_PACKAGE_SECTION_USER_EXTRA:
555 if (seen & SEEN_USER_EXTRA) {
556 ERR(file->handle,
557 "found multiple user_extra sections in module package (at section %u)",
558 i);
559 goto cleanup;
560 }
561
562 mod->user_extra_len = len - sizeof(uint32_t);
563 mod->user_extra = (char *)malloc(mod->user_extra_len);
564 if (!mod->user_extra) {
565 ERR(file->handle, "out of memory");
566 goto cleanup;
567 }
568 if (read_helper
569 (mod->user_extra, file, mod->user_extra_len)) {
570 ERR(file->handle,
571 "invalid user_extra section at section %u",
572 i);
573 free(mod->user_extra);
574 mod->user_extra = NULL;
575 goto cleanup;
576 }
577 seen |= SEEN_USER_EXTRA;
578 break;
579 case SEPOL_PACKAGE_SECTION_NETFILTER:
580 if (seen & SEEN_NETFILTER) {
581 ERR(file->handle,
582 "found multiple netfilter contexts sections in module package (at section %u)",
583 i);
584 goto cleanup;
585 }
586
587 mod->netfilter_contexts_len = len - sizeof(uint32_t);
588 mod->netfilter_contexts =
589 (char *)malloc(mod->netfilter_contexts_len);
590 if (!mod->netfilter_contexts) {
591 ERR(file->handle, "out of memory");
592 goto cleanup;
593 }
594 if (read_helper
595 (mod->netfilter_contexts, file,
596 mod->netfilter_contexts_len)) {
597 ERR(file->handle,
598 "invalid netfilter contexts section at section %u",
599 i);
600 free(mod->netfilter_contexts);
601 mod->netfilter_contexts = NULL;
602 goto cleanup;
603 }
604 seen |= SEEN_NETFILTER;
605 break;
606 case POLICYDB_MOD_MAGIC:
607 if (seen & SEEN_MOD) {
608 ERR(file->handle,
609 "found multiple module sections in module package (at section %u)",
610 i);
611 goto cleanup;
612 }
613
614 /* seek back to where the magic number was */
615 if (policy_file_seek(file, offsets[i]))
616 goto cleanup;
617
618 rc = policydb_read(&mod->policy->p, file, verbose);
619 if (rc < 0) {
620 ERR(file->handle,
621 "invalid module in module package (at section %u)",
622 i);
623 goto cleanup;
624 }
625 seen |= SEEN_MOD;
626 break;
627 default:
628 /* unknown section, ignore */
629 ERR(file->handle,
630 "unknown magic number at section %u, offset: %zx, number: %x ",
631 i, offsets[i], le32_to_cpu(buf[0]));
632 break;
633 }
634 }
635
636 if ((seen & SEEN_MOD) == 0) {
637 ERR(file->handle, "missing module in module package");
638 goto cleanup;
639 }
640
641 free(offsets);
642 return 0;
643
644 cleanup:
645 free(offsets);
646 return -1;
647 }
648
sepol_module_package_info(struct sepol_policy_file * spf,int * type,char ** name,char ** version)649 int sepol_module_package_info(struct sepol_policy_file *spf, int *type,
650 char **name, char **version)
651 {
652 struct policy_file *file = &spf->pf;
653 sepol_module_package_t *mod = NULL;
654 uint32_t buf[5], len, nsec;
655 size_t *offsets = NULL;
656 unsigned i, seen = 0;
657 char *id;
658 int rc;
659
660 if (sepol_module_package_create(&mod))
661 return -1;
662
663 if (module_package_read_offsets(mod, file, &offsets, &nsec)) {
664 goto cleanup;
665 }
666
667 for (i = 0; i < nsec; i++) {
668
669 if (policy_file_seek(file, offsets[i])) {
670 ERR(file->handle, "error seeking to offset "
671 "%zu for module package section %u", offsets[i], i);
672 goto cleanup;
673 }
674
675 len = offsets[i + 1] - offsets[i];
676
677 if (len < sizeof(uint32_t)) {
678 ERR(file->handle,
679 "module package section %u has too small length %u",
680 i, len);
681 goto cleanup;
682 }
683
684 /* read the magic number, so that we know which function to call */
685 rc = next_entry(buf, file, sizeof(uint32_t) * 2);
686 if (rc < 0) {
687 ERR(file->handle,
688 "module package section %u truncated, lacks magic number",
689 i);
690 goto cleanup;
691 }
692
693 switch (le32_to_cpu(buf[0])) {
694 case SEPOL_PACKAGE_SECTION_FC:
695 /* skip file contexts */
696 if (seen & SEEN_FC) {
697 ERR(file->handle,
698 "found multiple file contexts sections in module package (at section %u)",
699 i);
700 goto cleanup;
701 }
702 seen |= SEEN_FC;
703 break;
704 case SEPOL_PACKAGE_SECTION_SEUSER:
705 /* skip seuser */
706 if (seen & SEEN_SEUSER) {
707 ERR(file->handle,
708 "found seuser sections in module package (at section %u)",
709 i);
710 goto cleanup;
711 }
712 seen |= SEEN_SEUSER;
713 break;
714 case SEPOL_PACKAGE_SECTION_USER_EXTRA:
715 /* skip user_extra */
716 if (seen & SEEN_USER_EXTRA) {
717 ERR(file->handle,
718 "found user_extra sections in module package (at section %u)",
719 i);
720 goto cleanup;
721 }
722 seen |= SEEN_USER_EXTRA;
723 break;
724 case SEPOL_PACKAGE_SECTION_NETFILTER:
725 /* skip netfilter contexts */
726 if (seen & SEEN_NETFILTER) {
727 ERR(file->handle,
728 "found multiple netfilter contexts sections in module package (at section %u)",
729 i);
730 goto cleanup;
731 }
732 seen |= SEEN_NETFILTER;
733 break;
734 case POLICYDB_MOD_MAGIC:
735 if (seen & SEEN_MOD) {
736 ERR(file->handle,
737 "found multiple module sections in module package (at section %u)",
738 i);
739 goto cleanup;
740 }
741 len = le32_to_cpu(buf[1]);
742 if (len != strlen(POLICYDB_MOD_STRING)) {
743 ERR(file->handle,
744 "module string length is wrong (at section %u)",
745 i);
746 goto cleanup;
747 }
748
749 /* skip id */
750 id = malloc(len + 1);
751 if (!id) {
752 ERR(file->handle,
753 "out of memory (at section %u)",
754 i);
755 goto cleanup;
756 }
757 rc = next_entry(id, file, len);
758 free(id);
759 if (rc < 0) {
760 ERR(file->handle,
761 "cannot get module string (at section %u)",
762 i);
763 goto cleanup;
764 }
765
766 rc = next_entry(buf, file, sizeof(uint32_t) * 5);
767 if (rc < 0) {
768 ERR(file->handle,
769 "cannot get module header (at section %u)",
770 i);
771 goto cleanup;
772 }
773
774 *type = le32_to_cpu(buf[0]);
775 /* if base - we're done */
776 if (*type == POLICY_BASE) {
777 *name = NULL;
778 *version = NULL;
779 seen |= SEEN_MOD;
780 break;
781 } else if (*type != POLICY_MOD) {
782 ERR(file->handle,
783 "module has invalid type %d (at section %u)",
784 *type, i);
785 goto cleanup;
786 }
787
788 /* read the name and version */
789 rc = next_entry(buf, file, sizeof(uint32_t));
790 if (rc < 0) {
791 ERR(file->handle,
792 "cannot get module name len (at section %u)",
793 i);
794 goto cleanup;
795 }
796
797 len = le32_to_cpu(buf[0]);
798 if (str_read(name, file, len)) {
799 ERR(file->handle,
800 "cannot read module name (at section %u): %m",
801 i);
802 goto cleanup;
803 }
804
805 rc = next_entry(buf, file, sizeof(uint32_t));
806 if (rc < 0) {
807 ERR(file->handle,
808 "cannot get module version len (at section %u)",
809 i);
810 goto cleanup;
811 }
812 len = le32_to_cpu(buf[0]);
813 if (str_read(version, file, len)) {
814 ERR(file->handle,
815 "cannot read module version (at section %u): %m",
816 i);
817 goto cleanup;
818 }
819 seen |= SEEN_MOD;
820 break;
821 default:
822 break;
823 }
824
825 }
826
827 if ((seen & SEEN_MOD) == 0) {
828 ERR(file->handle, "missing module in module package");
829 goto cleanup;
830 }
831
832 sepol_module_package_free(mod);
833 free(offsets);
834 return 0;
835
836 cleanup:
837 sepol_module_package_free(mod);
838 free(offsets);
839 return -1;
840 }
841
write_helper(char * data,size_t len,struct policy_file * file)842 static int write_helper(char *data, size_t len, struct policy_file *file)
843 {
844 int idx = 0;
845 size_t len2;
846
847 while (len) {
848 if (len > BUFSIZ)
849 len2 = BUFSIZ;
850 else
851 len2 = len;
852
853 if (put_entry(&data[idx], 1, len2, file) != len2) {
854 return -1;
855 }
856 len -= len2;
857 idx += len2;
858 }
859 return 0;
860 }
861
sepol_module_package_write(sepol_module_package_t * p,struct sepol_policy_file * spf)862 int sepol_module_package_write(sepol_module_package_t * p,
863 struct sepol_policy_file *spf)
864 {
865 struct policy_file *file = &spf->pf;
866 policy_file_t polfile;
867 uint32_t buf[5], offsets[5], len, nsec = 0;
868 int i;
869
870 if (p->policy) {
871 /* compute policy length */
872 policy_file_init(&polfile);
873 polfile.type = PF_LEN;
874 polfile.handle = file->handle;
875 if (policydb_write(&p->policy->p, &polfile))
876 return -1;
877 len = polfile.len;
878 if (!polfile.len)
879 return -1;
880 nsec++;
881
882 } else {
883 /* We don't support writing a package without a module at this point */
884 return -1;
885 }
886
887 /* seusers and user_extra only supported in base at the moment */
888 if ((p->seusers || p->user_extra)
889 && (p->policy->p.policy_type != SEPOL_POLICY_BASE)) {
890 ERR(file->handle,
891 "seuser and user_extra sections only supported in base");
892 return -1;
893 }
894
895 if (p->file_contexts)
896 nsec++;
897
898 if (p->seusers)
899 nsec++;
900
901 if (p->user_extra)
902 nsec++;
903
904 if (p->netfilter_contexts)
905 nsec++;
906
907 buf[0] = cpu_to_le32(SEPOL_MODULE_PACKAGE_MAGIC);
908 buf[1] = cpu_to_le32(p->version);
909 buf[2] = cpu_to_le32(nsec);
910 if (put_entry(buf, sizeof(uint32_t), 3, file) != 3)
911 return -1;
912
913 /* calculate offsets */
914 offsets[0] = (nsec + 3) * sizeof(uint32_t);
915 buf[0] = cpu_to_le32(offsets[0]);
916
917 i = 1;
918 if (p->file_contexts) {
919 offsets[i] = offsets[i - 1] + len;
920 buf[i] = cpu_to_le32(offsets[i]);
921 /* add a uint32_t to compensate for the magic number */
922 len = p->file_contexts_len + sizeof(uint32_t);
923 i++;
924 }
925 if (p->seusers) {
926 offsets[i] = offsets[i - 1] + len;
927 buf[i] = cpu_to_le32(offsets[i]);
928 len = p->seusers_len + sizeof(uint32_t);
929 i++;
930 }
931 if (p->user_extra) {
932 offsets[i] = offsets[i - 1] + len;
933 buf[i] = cpu_to_le32(offsets[i]);
934 len = p->user_extra_len + sizeof(uint32_t);
935 i++;
936 }
937 if (p->netfilter_contexts) {
938 offsets[i] = offsets[i - 1] + len;
939 buf[i] = cpu_to_le32(offsets[i]);
940 len = p->netfilter_contexts_len + sizeof(uint32_t);
941 i++;
942 }
943 if (put_entry(buf, sizeof(uint32_t), nsec, file) != nsec)
944 return -1;
945
946 /* write sections */
947
948 if (policydb_write(&p->policy->p, file))
949 return -1;
950
951 if (p->file_contexts) {
952 buf[0] = cpu_to_le32(SEPOL_PACKAGE_SECTION_FC);
953 if (put_entry(buf, sizeof(uint32_t), 1, file) != 1)
954 return -1;
955 if (write_helper(p->file_contexts, p->file_contexts_len, file))
956 return -1;
957 }
958 if (p->seusers) {
959 buf[0] = cpu_to_le32(SEPOL_PACKAGE_SECTION_SEUSER);
960 if (put_entry(buf, sizeof(uint32_t), 1, file) != 1)
961 return -1;
962 if (write_helper(p->seusers, p->seusers_len, file))
963 return -1;
964
965 }
966 if (p->user_extra) {
967 buf[0] = cpu_to_le32(SEPOL_PACKAGE_SECTION_USER_EXTRA);
968 if (put_entry(buf, sizeof(uint32_t), 1, file) != 1)
969 return -1;
970 if (write_helper(p->user_extra, p->user_extra_len, file))
971 return -1;
972 }
973 if (p->netfilter_contexts) {
974 buf[0] = cpu_to_le32(SEPOL_PACKAGE_SECTION_NETFILTER);
975 if (put_entry(buf, sizeof(uint32_t), 1, file) != 1)
976 return -1;
977 if (write_helper
978 (p->netfilter_contexts, p->netfilter_contexts_len, file))
979 return -1;
980 }
981 return 0;
982 }
983
sepol_link_modules(sepol_handle_t * handle,sepol_policydb_t * base,sepol_policydb_t ** modules,size_t len,int verbose)984 int sepol_link_modules(sepol_handle_t * handle,
985 sepol_policydb_t * base,
986 sepol_policydb_t ** modules, size_t len, int verbose)
987 {
988 return link_modules(handle, &base->p, (policydb_t **) modules, len,
989 verbose);
990 }
991
sepol_expand_module(sepol_handle_t * handle,sepol_policydb_t * base,sepol_policydb_t * out,int verbose,int check)992 int sepol_expand_module(sepol_handle_t * handle,
993 sepol_policydb_t * base,
994 sepol_policydb_t * out, int verbose, int check)
995 {
996 return expand_module(handle, &base->p, &out->p, verbose, check);
997 }
998