Merge remote-tracking branch 'aosp/upstream-master' into mymerge

In particular, pulls in
3f99b14939
which is needed for b/118685852

Followed the following steps:
  # In repo client
  cd external/selinux
  repo sync .
  repo start mymerge .
  git merge aosp/upstream-master --no-ff # resolve any conflicts
  repo upload .

Bug: 118685852
Test: Android compiles and no obvious problems.
Change-Id: Ic8f1bb2b573a1491b733732653afd7dbe494c85f
This commit is contained in:
Nick Kralevich 2018-11-05 06:41:36 -08:00
commit 1ad3304eae
7 changed files with 37 additions and 29 deletions

View File

@ -232,7 +232,7 @@ end_arch_check:
/* allocate the stems_data array */
rc = next_entry(&stem_map_len, mmap_area, sizeof(uint32_t));
if (rc < 0 || !stem_map_len)
if (rc < 0)
return -1;
/*

View File

@ -348,7 +348,7 @@ int regex_load_mmap(struct mmap_area *mmap_area, struct regex_data **regex,
goto err;
rc = next_entry(&entry_len, mmap_area, sizeof(uint32_t));
if (rc < 0 || !entry_len)
if (rc < 0)
goto err;
if (entry_len) {

View File

@ -536,7 +536,7 @@ static int write_sids_to_cil(FILE *out, const char *const *sid_to_str,
struct strs *strs;
char *sid;
char *prev;
char unknown[17];
char unknown[18];
unsigned i;
int rc;
@ -550,7 +550,7 @@ static int write_sids_to_cil(FILE *out, const char *const *sid_to_str,
if (i < num_sids) {
sid = (char *)sid_to_str[i];
} else {
snprintf(unknown, 17, "%s%u", "UNKNOWN", i);
snprintf(unknown, 18, "%s%u", "UNKNOWN", i);
sid = strdup(unknown);
}
rc = strs_add_at_index(strs, sid, i);
@ -2498,7 +2498,7 @@ static int write_sid_context_rules_to_cil(FILE *out, struct policydb *pdb, const
struct ocontext *isid;
struct strs *strs;
char *sid;
char unknown[17];
char unknown[18];
char *ctx, *rule;
unsigned i;
int rc = -1;
@ -2513,7 +2513,7 @@ static int write_sid_context_rules_to_cil(FILE *out, struct policydb *pdb, const
if (i < num_sids) {
sid = (char *)sid_to_str[i];
} else {
snprintf(unknown, 17, "%s%u", "UNKNOWN", i);
snprintf(unknown, 18, "%s%u", "UNKNOWN", i);
sid = unknown;
}

View File

@ -434,7 +434,7 @@ static int write_sids_to_conf(FILE *out, const char *const *sid_to_str,
struct ocontext *isid;
struct strs *strs;
char *sid;
char unknown[17];
char unknown[18];
unsigned i;
int rc;
@ -448,7 +448,7 @@ static int write_sids_to_conf(FILE *out, const char *const *sid_to_str,
if (i < num_sids) {
sid = (char *)sid_to_str[i];
} else {
snprintf(unknown, 17, "%s%u", "UNKNOWN", i);
snprintf(unknown, 18, "%s%u", "UNKNOWN", i);
sid = strdup(unknown);
}
rc = strs_add_at_index(strs, sid, i);
@ -2358,7 +2358,7 @@ static int write_sid_context_rules_to_conf(FILE *out, struct policydb *pdb, cons
struct ocontext *isid;
struct strs *strs;
char *sid;
char unknown[17];
char unknown[18];
char *ctx, *rule;
unsigned i;
int rc;
@ -2373,7 +2373,7 @@ static int write_sid_context_rules_to_conf(FILE *out, struct policydb *pdb, cons
if (i < num_sids) {
sid = (char *)sid_to_str[i];
} else {
snprintf(unknown, 17, "%s%u", "UNKNOWN", i);
snprintf(unknown, 18, "%s%u", "UNKNOWN", i);
sid = unknown;
}

View File

@ -2562,7 +2562,7 @@ static int ocontext_isid_to_cil(struct policydb *pdb, const char *const *sid_to_
struct sid_item *head = NULL;
struct sid_item *item = NULL;
char *sid;
char unknown[17];
char unknown[18];
unsigned i;
for (isid = isids; isid != NULL; isid = isid->next) {
@ -2570,7 +2570,7 @@ static int ocontext_isid_to_cil(struct policydb *pdb, const char *const *sid_to_
if (i < num_sids) {
sid = (char*)sid_to_string[i];
} else {
snprintf(unknown, 17, "%s%u", "UNKNOWN", i);
snprintf(unknown, 18, "%s%u", "UNKNOWN", i);
sid = unknown;
}
cil_println(0, "(sid %s)", sid);

View File

@ -2828,22 +2828,35 @@ static int ocontext_read_selinux(struct policydb_compat_info *info,
(&c->context[1], p, fp))
return -1;
break;
case OCON_IBPKEY:
case OCON_IBPKEY: {
uint32_t pkey_lo, pkey_hi;
rc = next_entry(buf, fp, sizeof(uint32_t) * 4);
if (rc < 0 || buf[2] > 0xffff || buf[3] > 0xffff)
if (rc < 0)
return -1;
pkey_lo = le32_to_cpu(buf[2]);
pkey_hi = le32_to_cpu(buf[3]);
if (pkey_lo > UINT16_MAX || pkey_hi > UINT16_MAX)
return -1;
c->u.ibpkey.low_pkey = pkey_lo;
c->u.ibpkey.high_pkey = pkey_hi;
/* we want c->u.ibpkey.subnet_prefix in network
* (big-endian) order, just memcpy it */
memcpy(&c->u.ibpkey.subnet_prefix, buf,
sizeof(c->u.ibpkey.subnet_prefix));
c->u.ibpkey.low_pkey = le32_to_cpu(buf[2]);
c->u.ibpkey.high_pkey = le32_to_cpu(buf[3]);
if (context_read_and_validate
(&c->context[0], p, fp))
return -1;
break;
case OCON_IBENDPORT:
}
case OCON_IBENDPORT: {
uint32_t port;
rc = next_entry(buf, fp, sizeof(uint32_t) * 2);
if (rc < 0)
return -1;
@ -2851,6 +2864,10 @@ static int ocontext_read_selinux(struct policydb_compat_info *info,
if (len == 0 || len > IB_DEVICE_NAME_MAX - 1)
return -1;
port = le32_to_cpu(buf[1]);
if (port > UINT8_MAX || port == 0)
return -1;
c->u.ibendport.dev_name = malloc(len + 1);
if (!c->u.ibendport.dev_name)
return -1;
@ -2858,11 +2875,12 @@ static int ocontext_read_selinux(struct policydb_compat_info *info,
if (rc < 0)
return -1;
c->u.ibendport.dev_name[len] = 0;
c->u.ibendport.port = le32_to_cpu(buf[1]);
c->u.ibendport.port = port;
if (context_read_and_validate
(&c->context[0], p, fp))
return -1;
break;
}
case OCON_PORT:
rc = next_entry(buf, fp, sizeof(uint32_t) * 3);
if (rc < 0)

View File

@ -142,17 +142,8 @@ process_request(int fd, uint32_t function, char *data1, char *UNUSED(data2))
{
int32_t result;
char *out = NULL;
char *peercon = NULL;
int ret;
ret = getpeercon_raw(fd, &peercon);
if (ret < 0)
return ret;
/* TODO: Check if MLS clearance (in peercon) dominates the MLS label
* (in the request input).
*/
switch (function) {
case SETRANS_INIT:
result = 0;
@ -184,7 +175,6 @@ process_request(int fd, uint32_t function, char *data1, char *UNUSED(data2))
}
free(out);
freecon(peercon);
return ret;
}