Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 1 | #include <sys/types.h> |
| 2 | #include <unistd.h> |
| 3 | #include <string.h> |
| 4 | #include <stdio.h> |
| 5 | #include <stdlib.h> |
Stephen Smalley | 826cc29 | 2014-01-28 15:04:22 -0500 | [diff] [blame] | 6 | #include <stdbool.h> |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 7 | #include <ctype.h> |
| 8 | #include <errno.h> |
| 9 | #include <pwd.h> |
| 10 | #include <grp.h> |
rpcraig | f1724a3 | 2012-08-01 15:35:37 -0400 | [diff] [blame] | 11 | #include <sys/mman.h> |
| 12 | #include <sys/mount.h> |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 13 | #include <sys/types.h> |
| 14 | #include <sys/stat.h> |
Stephen Smalley | 826cc29 | 2014-01-28 15:04:22 -0500 | [diff] [blame] | 15 | #include <sys/xattr.h> |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 16 | #include <fcntl.h> |
Stephen Smalley | 08587cf | 2014-01-30 10:13:12 -0500 | [diff] [blame] | 17 | #include <fts.h> |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 18 | #include <selinux/selinux.h> |
| 19 | #include <selinux/context.h> |
| 20 | #include <selinux/android.h> |
Stephen Smalley | 0ca91b3 | 2012-03-19 10:25:53 -0400 | [diff] [blame] | 21 | #include <selinux/label.h> |
Stephen Smalley | e8b0fd8 | 2012-07-31 09:12:53 -0400 | [diff] [blame] | 22 | #include <selinux/avc.h> |
Stephen Smalley | 826cc29 | 2014-01-28 15:04:22 -0500 | [diff] [blame] | 23 | #include <mincrypt/sha.h> |
Stephen Smalley | 895b446 | 2012-09-19 16:27:36 -0400 | [diff] [blame] | 24 | #include <private/android_filesystem_config.h> |
Stephen Smalley | d10c343 | 2012-11-05 11:49:35 -0500 | [diff] [blame] | 25 | #include "policy.h" |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 26 | #include "callbacks.h" |
| 27 | #include "selinux_internal.h" |
Stephen Smalley | 0e7340f | 2014-04-30 15:13:30 -0700 | [diff] [blame^] | 28 | #include "label_internal.h" |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 29 | |
| 30 | /* |
| 31 | * XXX Where should this configuration file be located? |
| 32 | * Needs to be accessible by zygote and installd when |
| 33 | * setting credentials for app processes and setting permissions |
| 34 | * on app data directories. |
| 35 | */ |
Stephen Smalley | 7446c91 | 2012-03-19 10:37:05 -0400 | [diff] [blame] | 36 | static char const * const seapp_contexts_file[] = { |
Stephen Smalley | 7446c91 | 2012-03-19 10:37:05 -0400 | [diff] [blame] | 37 | "/seapp_contexts", |
William Roberts | 8ed4242 | 2013-04-15 16:13:30 -0700 | [diff] [blame] | 38 | NULL }; |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 39 | |
Stephen Smalley | 32ebfe8 | 2012-03-20 13:05:37 -0400 | [diff] [blame] | 40 | static const struct selinux_opt seopts[] = { |
Stephen Smalley | 32ebfe8 | 2012-03-20 13:05:37 -0400 | [diff] [blame] | 41 | { SELABEL_OPT_PATH, "/file_contexts" }, |
| 42 | { 0, NULL } }; |
Stephen Smalley | 7446c91 | 2012-03-19 10:37:05 -0400 | [diff] [blame] | 43 | |
Stephen Smalley | 4a655ec | 2012-09-18 15:08:32 -0400 | [diff] [blame] | 44 | static const char *const sepolicy_file[] = { |
rpcraig | f1724a3 | 2012-08-01 15:35:37 -0400 | [diff] [blame] | 45 | "/sepolicy", |
William Roberts | 8ed4242 | 2013-04-15 16:13:30 -0700 | [diff] [blame] | 46 | NULL }; |
rpcraig | f1724a3 | 2012-08-01 15:35:37 -0400 | [diff] [blame] | 47 | |
Stephen Smalley | a879598 | 2012-11-28 10:42:46 -0500 | [diff] [blame] | 48 | enum levelFrom { |
| 49 | LEVELFROM_NONE, |
| 50 | LEVELFROM_APP, |
| 51 | LEVELFROM_USER, |
| 52 | LEVELFROM_ALL |
| 53 | }; |
| 54 | |
| 55 | #if DEBUG |
| 56 | static char const * const levelFromName[] = { |
| 57 | "none", |
| 58 | "app", |
| 59 | "user", |
| 60 | "all" |
| 61 | }; |
| 62 | #endif |
| 63 | |
William Roberts | e3615f9 | 2013-09-11 20:35:53 -0700 | [diff] [blame] | 64 | struct prefix_str { |
| 65 | size_t len; |
| 66 | char *str; |
| 67 | char is_prefix; |
| 68 | }; |
| 69 | |
Stephen Smalley | 13319cf | 2014-04-04 15:44:23 -0400 | [diff] [blame] | 70 | static void free_prefix_str(struct prefix_str *p) |
| 71 | { |
| 72 | if (!p) |
| 73 | return; |
| 74 | free(p->str); |
| 75 | } |
| 76 | |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 77 | struct seapp_context { |
| 78 | /* input selectors */ |
| 79 | char isSystemServer; |
William Roberts | e3615f9 | 2013-09-11 20:35:53 -0700 | [diff] [blame] | 80 | struct prefix_str user; |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 81 | char *seinfo; |
William Roberts | e3615f9 | 2013-09-11 20:35:53 -0700 | [diff] [blame] | 82 | struct prefix_str name; |
Stephen Smalley | 274e0f6 | 2014-02-19 10:53:09 -0500 | [diff] [blame] | 83 | struct prefix_str path; |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 84 | /* outputs */ |
| 85 | char *domain; |
| 86 | char *type; |
| 87 | char *level; |
William Roberts | 1b36ad0 | 2012-07-27 13:52:33 -0700 | [diff] [blame] | 88 | char *sebool; |
Stephen Smalley | a879598 | 2012-11-28 10:42:46 -0500 | [diff] [blame] | 89 | enum levelFrom levelFrom; |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 90 | }; |
| 91 | |
Stephen Smalley | 13319cf | 2014-04-04 15:44:23 -0400 | [diff] [blame] | 92 | static void free_seapp_context(struct seapp_context *s) |
| 93 | { |
| 94 | if (!s) |
| 95 | return; |
| 96 | |
| 97 | free_prefix_str(&s->user); |
| 98 | free(s->seinfo); |
| 99 | free_prefix_str(&s->name); |
| 100 | free_prefix_str(&s->path); |
| 101 | free(s->domain); |
| 102 | free(s->type); |
| 103 | free(s->level); |
| 104 | free(s->sebool); |
| 105 | } |
| 106 | |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 107 | static int seapp_context_cmp(const void *A, const void *B) |
| 108 | { |
Nick Kralevich | 833cba6 | 2013-11-19 11:24:33 -0800 | [diff] [blame] | 109 | const struct seapp_context *const *sp1 = (const struct seapp_context *const *) A; |
| 110 | const struct seapp_context *const *sp2 = (const struct seapp_context *const *) B; |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 111 | const struct seapp_context *s1 = *sp1, *s2 = *sp2; |
| 112 | |
| 113 | /* Give precedence to isSystemServer=true. */ |
| 114 | if (s1->isSystemServer != s2->isSystemServer) |
| 115 | return (s1->isSystemServer ? -1 : 1); |
| 116 | |
| 117 | /* Give precedence to a specified user= over an unspecified user=. */ |
William Roberts | e3615f9 | 2013-09-11 20:35:53 -0700 | [diff] [blame] | 118 | if (s1->user.str && !s2->user.str) |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 119 | return -1; |
William Roberts | e3615f9 | 2013-09-11 20:35:53 -0700 | [diff] [blame] | 120 | if (!s1->user.str && s2->user.str) |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 121 | return 1; |
| 122 | |
William Roberts | e3615f9 | 2013-09-11 20:35:53 -0700 | [diff] [blame] | 123 | if (s1->user.str) { |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 124 | /* Give precedence to a fixed user= string over a prefix. */ |
William Roberts | e3615f9 | 2013-09-11 20:35:53 -0700 | [diff] [blame] | 125 | if (s1->user.is_prefix != s2->user.is_prefix) |
| 126 | return (s2->user.is_prefix ? -1 : 1); |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 127 | |
| 128 | /* Give precedence to a longer prefix over a shorter prefix. */ |
William Roberts | e3615f9 | 2013-09-11 20:35:53 -0700 | [diff] [blame] | 129 | if (s1->user.is_prefix && s1->user.len != s2->user.len) |
| 130 | return (s1->user.len > s2->user.len) ? -1 : 1; |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 131 | } |
| 132 | |
| 133 | /* Give precedence to a specified seinfo= over an unspecified seinfo=. */ |
| 134 | if (s1->seinfo && !s2->seinfo) |
| 135 | return -1; |
| 136 | if (!s1->seinfo && s2->seinfo) |
| 137 | return 1; |
| 138 | |
| 139 | /* Give precedence to a specified name= over an unspecified name=. */ |
William Roberts | e3615f9 | 2013-09-11 20:35:53 -0700 | [diff] [blame] | 140 | if (s1->name.str && !s2->name.str) |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 141 | return -1; |
William Roberts | e3615f9 | 2013-09-11 20:35:53 -0700 | [diff] [blame] | 142 | if (!s1->name.str && s2->name.str) |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 143 | return 1; |
| 144 | |
William Roberts | e3615f9 | 2013-09-11 20:35:53 -0700 | [diff] [blame] | 145 | if (s1->name.str) { |
| 146 | /* Give precedence to a fixed name= string over a prefix. */ |
| 147 | if (s1->name.is_prefix != s2->name.is_prefix) |
| 148 | return (s2->name.is_prefix ? -1 : 1); |
| 149 | |
| 150 | /* Give precedence to a longer prefix over a shorter prefix. */ |
| 151 | if (s1->name.is_prefix && s1->name.len != s2->name.len) |
| 152 | return (s1->name.len > s2->name.len) ? -1 : 1; |
| 153 | } |
| 154 | |
Stephen Smalley | 274e0f6 | 2014-02-19 10:53:09 -0500 | [diff] [blame] | 155 | /* Give precedence to a specified path= over an unspecified path=. */ |
| 156 | if (s1->path.str && !s2->path.str) |
| 157 | return -1; |
| 158 | if (!s1->path.str && s2->path.str) |
| 159 | return 1; |
| 160 | |
| 161 | if (s1->path.str) { |
| 162 | /* Give precedence to a fixed path= string over a prefix. */ |
| 163 | if (s1->path.is_prefix != s2->path.is_prefix) |
| 164 | return (s2->path.is_prefix ? -1 : 1); |
| 165 | |
| 166 | /* Give precedence to a longer prefix over a shorter prefix. */ |
| 167 | if (s1->path.is_prefix && s1->path.len != s2->path.len) |
| 168 | return (s1->path.len > s2->path.len) ? -1 : 1; |
| 169 | } |
| 170 | |
William Roberts | 1b36ad0 | 2012-07-27 13:52:33 -0700 | [diff] [blame] | 171 | /* Give precedence to a specified sebool= over an unspecified sebool=. */ |
| 172 | if (s1->sebool && !s2->sebool) |
| 173 | return -1; |
| 174 | if (!s1->sebool && s2->sebool) |
| 175 | return 1; |
| 176 | |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 177 | /* Anything else has equal precedence. */ |
| 178 | return 0; |
| 179 | } |
| 180 | |
| 181 | static struct seapp_context **seapp_contexts = NULL; |
| 182 | static int nspec = 0; |
| 183 | |
Stephen Smalley | 13319cf | 2014-04-04 15:44:23 -0400 | [diff] [blame] | 184 | static void free_seapp_contexts(void) |
| 185 | { |
| 186 | int n; |
| 187 | |
| 188 | if (!seapp_contexts) |
| 189 | return; |
| 190 | |
| 191 | for (n = 0; n < nspec; n++) |
| 192 | free_seapp_context(seapp_contexts[n]); |
| 193 | |
| 194 | free(seapp_contexts); |
| 195 | seapp_contexts = NULL; |
| 196 | nspec = 0; |
| 197 | } |
| 198 | |
Stephen Smalley | 7446c91 | 2012-03-19 10:37:05 -0400 | [diff] [blame] | 199 | int selinux_android_seapp_context_reload(void) |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 200 | { |
Stephen Smalley | 7446c91 | 2012-03-19 10:37:05 -0400 | [diff] [blame] | 201 | FILE *fp = NULL; |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 202 | char line_buf[BUFSIZ]; |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 203 | char *token; |
| 204 | unsigned lineno; |
| 205 | struct seapp_context *cur; |
| 206 | char *p, *name = NULL, *value = NULL, *saveptr; |
| 207 | size_t len; |
Stephen Smalley | 300bebb | 2013-04-16 15:33:16 -0400 | [diff] [blame] | 208 | int i = 0, n, ret; |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 209 | |
Stephen Smalley | 7446c91 | 2012-03-19 10:37:05 -0400 | [diff] [blame] | 210 | while ((fp==NULL) && seapp_contexts_file[i]) |
| 211 | fp = fopen(seapp_contexts_file[i++], "r"); |
| 212 | |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 213 | if (!fp) { |
Stephen Smalley | 7446c91 | 2012-03-19 10:37:05 -0400 | [diff] [blame] | 214 | selinux_log(SELINUX_ERROR, "%s: could not open any seapp_contexts file", __FUNCTION__); |
| 215 | return -1; |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 216 | } |
| 217 | |
Stephen Smalley | 13319cf | 2014-04-04 15:44:23 -0400 | [diff] [blame] | 218 | free_seapp_contexts(); |
Stephen Smalley | 300bebb | 2013-04-16 15:33:16 -0400 | [diff] [blame] | 219 | |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 220 | nspec = 0; |
| 221 | while (fgets(line_buf, sizeof line_buf - 1, fp)) { |
| 222 | p = line_buf; |
| 223 | while (isspace(*p)) |
| 224 | p++; |
| 225 | if (*p == '#' || *p == 0) |
| 226 | continue; |
| 227 | nspec++; |
| 228 | } |
| 229 | |
Nick Kralevich | 833cba6 | 2013-11-19 11:24:33 -0800 | [diff] [blame] | 230 | seapp_contexts = (struct seapp_context **) calloc(nspec, sizeof(struct seapp_context *)); |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 231 | if (!seapp_contexts) |
| 232 | goto oom; |
| 233 | |
| 234 | rewind(fp); |
| 235 | nspec = 0; |
| 236 | lineno = 1; |
| 237 | while (fgets(line_buf, sizeof line_buf - 1, fp)) { |
| 238 | len = strlen(line_buf); |
| 239 | if (line_buf[len - 1] == '\n') |
| 240 | line_buf[len - 1] = 0; |
| 241 | p = line_buf; |
| 242 | while (isspace(*p)) |
| 243 | p++; |
| 244 | if (*p == '#' || *p == 0) |
| 245 | continue; |
| 246 | |
Nick Kralevich | 833cba6 | 2013-11-19 11:24:33 -0800 | [diff] [blame] | 247 | cur = (struct seapp_context *) calloc(1, sizeof(struct seapp_context)); |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 248 | if (!cur) |
| 249 | goto oom; |
| 250 | |
| 251 | token = strtok_r(p, " \t", &saveptr); |
Stephen Smalley | 13319cf | 2014-04-04 15:44:23 -0400 | [diff] [blame] | 252 | if (!token) { |
| 253 | free_seapp_context(cur); |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 254 | goto err; |
Stephen Smalley | 13319cf | 2014-04-04 15:44:23 -0400 | [diff] [blame] | 255 | } |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 256 | |
| 257 | while (1) { |
| 258 | name = token; |
| 259 | value = strchr(name, '='); |
Stephen Smalley | 13319cf | 2014-04-04 15:44:23 -0400 | [diff] [blame] | 260 | if (!value) { |
| 261 | free_seapp_context(cur); |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 262 | goto err; |
Stephen Smalley | 13319cf | 2014-04-04 15:44:23 -0400 | [diff] [blame] | 263 | } |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 264 | *value++ = 0; |
| 265 | |
| 266 | if (!strcasecmp(name, "isSystemServer")) { |
| 267 | if (!strcasecmp(value, "true")) |
| 268 | cur->isSystemServer = 1; |
| 269 | else if (!strcasecmp(value, "false")) |
| 270 | cur->isSystemServer = 0; |
| 271 | else { |
Stephen Smalley | 13319cf | 2014-04-04 15:44:23 -0400 | [diff] [blame] | 272 | free_seapp_context(cur); |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 273 | goto err; |
| 274 | } |
| 275 | } else if (!strcasecmp(name, "user")) { |
William Roberts | e3615f9 | 2013-09-11 20:35:53 -0700 | [diff] [blame] | 276 | cur->user.str = strdup(value); |
Stephen Smalley | 13319cf | 2014-04-04 15:44:23 -0400 | [diff] [blame] | 277 | if (!cur->user.str) { |
| 278 | free_seapp_context(cur); |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 279 | goto oom; |
Stephen Smalley | 13319cf | 2014-04-04 15:44:23 -0400 | [diff] [blame] | 280 | } |
William Roberts | e3615f9 | 2013-09-11 20:35:53 -0700 | [diff] [blame] | 281 | cur->user.len = strlen(cur->user.str); |
| 282 | if (cur->user.str[cur->user.len-1] == '*') |
| 283 | cur->user.is_prefix = 1; |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 284 | } else if (!strcasecmp(name, "seinfo")) { |
| 285 | cur->seinfo = strdup(value); |
Stephen Smalley | 13319cf | 2014-04-04 15:44:23 -0400 | [diff] [blame] | 286 | if (!cur->seinfo) { |
| 287 | free_seapp_context(cur); |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 288 | goto oom; |
Stephen Smalley | 13319cf | 2014-04-04 15:44:23 -0400 | [diff] [blame] | 289 | } |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 290 | } else if (!strcasecmp(name, "name")) { |
William Roberts | e3615f9 | 2013-09-11 20:35:53 -0700 | [diff] [blame] | 291 | cur->name.str = strdup(value); |
Stephen Smalley | 13319cf | 2014-04-04 15:44:23 -0400 | [diff] [blame] | 292 | if (!cur->name.str) { |
| 293 | free_seapp_context(cur); |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 294 | goto oom; |
Stephen Smalley | 13319cf | 2014-04-04 15:44:23 -0400 | [diff] [blame] | 295 | } |
William Roberts | e3615f9 | 2013-09-11 20:35:53 -0700 | [diff] [blame] | 296 | cur->name.len = strlen(cur->name.str); |
| 297 | if (cur->name.str[cur->name.len-1] == '*') |
| 298 | cur->name.is_prefix = 1; |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 299 | } else if (!strcasecmp(name, "domain")) { |
| 300 | cur->domain = strdup(value); |
Stephen Smalley | 13319cf | 2014-04-04 15:44:23 -0400 | [diff] [blame] | 301 | if (!cur->domain) { |
| 302 | free_seapp_context(cur); |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 303 | goto oom; |
Stephen Smalley | 13319cf | 2014-04-04 15:44:23 -0400 | [diff] [blame] | 304 | } |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 305 | } else if (!strcasecmp(name, "type")) { |
| 306 | cur->type = strdup(value); |
Stephen Smalley | 13319cf | 2014-04-04 15:44:23 -0400 | [diff] [blame] | 307 | if (!cur->type) { |
| 308 | free_seapp_context(cur); |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 309 | goto oom; |
Stephen Smalley | 13319cf | 2014-04-04 15:44:23 -0400 | [diff] [blame] | 310 | } |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 311 | } else if (!strcasecmp(name, "levelFromUid")) { |
| 312 | if (!strcasecmp(value, "true")) |
Stephen Smalley | a879598 | 2012-11-28 10:42:46 -0500 | [diff] [blame] | 313 | cur->levelFrom = LEVELFROM_APP; |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 314 | else if (!strcasecmp(value, "false")) |
Stephen Smalley | a879598 | 2012-11-28 10:42:46 -0500 | [diff] [blame] | 315 | cur->levelFrom = LEVELFROM_NONE; |
| 316 | else { |
Stephen Smalley | 13319cf | 2014-04-04 15:44:23 -0400 | [diff] [blame] | 317 | free_seapp_context(cur); |
Stephen Smalley | a879598 | 2012-11-28 10:42:46 -0500 | [diff] [blame] | 318 | goto err; |
| 319 | } |
| 320 | } else if (!strcasecmp(name, "levelFrom")) { |
| 321 | if (!strcasecmp(value, "none")) |
| 322 | cur->levelFrom = LEVELFROM_NONE; |
| 323 | else if (!strcasecmp(value, "app")) |
| 324 | cur->levelFrom = LEVELFROM_APP; |
| 325 | else if (!strcasecmp(value, "user")) |
| 326 | cur->levelFrom = LEVELFROM_USER; |
| 327 | else if (!strcasecmp(value, "all")) |
| 328 | cur->levelFrom = LEVELFROM_ALL; |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 329 | else { |
Stephen Smalley | 13319cf | 2014-04-04 15:44:23 -0400 | [diff] [blame] | 330 | free_seapp_context(cur); |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 331 | goto err; |
| 332 | } |
| 333 | } else if (!strcasecmp(name, "level")) { |
| 334 | cur->level = strdup(value); |
Stephen Smalley | 13319cf | 2014-04-04 15:44:23 -0400 | [diff] [blame] | 335 | if (!cur->level) { |
| 336 | free_seapp_context(cur); |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 337 | goto oom; |
Stephen Smalley | 13319cf | 2014-04-04 15:44:23 -0400 | [diff] [blame] | 338 | } |
Stephen Smalley | 274e0f6 | 2014-02-19 10:53:09 -0500 | [diff] [blame] | 339 | } else if (!strcasecmp(name, "path")) { |
| 340 | cur->path.str = strdup(value); |
Stephen Smalley | 13319cf | 2014-04-04 15:44:23 -0400 | [diff] [blame] | 341 | if (!cur->path.str) { |
| 342 | free_seapp_context(cur); |
Stephen Smalley | 274e0f6 | 2014-02-19 10:53:09 -0500 | [diff] [blame] | 343 | goto oom; |
Stephen Smalley | 13319cf | 2014-04-04 15:44:23 -0400 | [diff] [blame] | 344 | } |
Stephen Smalley | 274e0f6 | 2014-02-19 10:53:09 -0500 | [diff] [blame] | 345 | cur->path.len = strlen(cur->path.str); |
| 346 | if (cur->path.str[cur->path.len-1] == '*') |
| 347 | cur->path.is_prefix = 1; |
William Roberts | 1b36ad0 | 2012-07-27 13:52:33 -0700 | [diff] [blame] | 348 | } else if (!strcasecmp(name, "sebool")) { |
| 349 | cur->sebool = strdup(value); |
Stephen Smalley | 13319cf | 2014-04-04 15:44:23 -0400 | [diff] [blame] | 350 | if (!cur->sebool) { |
| 351 | free_seapp_context(cur); |
William Roberts | 1b36ad0 | 2012-07-27 13:52:33 -0700 | [diff] [blame] | 352 | goto oom; |
Stephen Smalley | 13319cf | 2014-04-04 15:44:23 -0400 | [diff] [blame] | 353 | } |
| 354 | } else { |
| 355 | free_seapp_context(cur); |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 356 | goto err; |
Stephen Smalley | 13319cf | 2014-04-04 15:44:23 -0400 | [diff] [blame] | 357 | } |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 358 | |
| 359 | token = strtok_r(NULL, " \t", &saveptr); |
| 360 | if (!token) |
| 361 | break; |
| 362 | } |
| 363 | |
Stephen Smalley | 13319cf | 2014-04-04 15:44:23 -0400 | [diff] [blame] | 364 | if (cur->name.str && |
| 365 | (!cur->seinfo || !strcmp(cur->seinfo, "default"))) { |
| 366 | selinux_log(SELINUX_ERROR, "%s: No specific seinfo value specified with name=\"%s\", on line %u: insecure configuration!\n", |
| 367 | seapp_contexts_file[i - 1], cur->name.str, lineno); |
| 368 | free_seapp_context(cur); |
| 369 | goto err; |
| 370 | } |
| 371 | |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 372 | seapp_contexts[nspec] = cur; |
| 373 | nspec++; |
| 374 | lineno++; |
| 375 | } |
| 376 | |
| 377 | qsort(seapp_contexts, nspec, sizeof(struct seapp_context *), |
| 378 | seapp_context_cmp); |
| 379 | |
| 380 | #if DEBUG |
| 381 | { |
| 382 | int i; |
| 383 | for (i = 0; i < nspec; i++) { |
| 384 | cur = seapp_contexts[i]; |
Stephen Smalley | 274e0f6 | 2014-02-19 10:53:09 -0500 | [diff] [blame] | 385 | selinux_log(SELINUX_INFO, "%s: isSystemServer=%s user=%s seinfo=%s name=%s path=%s sebool=%s -> domain=%s type=%s level=%s levelFrom=%s", |
William Roberts | 1b36ad0 | 2012-07-27 13:52:33 -0700 | [diff] [blame] | 386 | __FUNCTION__, |
William Roberts | e3615f9 | 2013-09-11 20:35:53 -0700 | [diff] [blame] | 387 | cur->isSystemServer ? "true" : "false", cur->user.str, |
Stephen Smalley | 274e0f6 | 2014-02-19 10:53:09 -0500 | [diff] [blame] | 388 | cur->seinfo, cur->name.str, cur->path.str, cur->sebool, cur->domain, |
William Roberts | 1b36ad0 | 2012-07-27 13:52:33 -0700 | [diff] [blame] | 389 | cur->type, cur->level, |
Stephen Smalley | a879598 | 2012-11-28 10:42:46 -0500 | [diff] [blame] | 390 | levelFromName[cur->levelFrom]); |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 391 | } |
| 392 | } |
| 393 | #endif |
| 394 | |
Stephen Smalley | 7446c91 | 2012-03-19 10:37:05 -0400 | [diff] [blame] | 395 | ret = 0; |
| 396 | |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 397 | out: |
| 398 | fclose(fp); |
Stephen Smalley | 7446c91 | 2012-03-19 10:37:05 -0400 | [diff] [blame] | 399 | return ret; |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 400 | |
| 401 | err: |
Stephen Smalley | 13319cf | 2014-04-04 15:44:23 -0400 | [diff] [blame] | 402 | selinux_log(SELINUX_ERROR, "%s: Invalid entry on line %u\n", |
| 403 | seapp_contexts_file[i - 1], lineno); |
| 404 | free_seapp_contexts(); |
Stephen Smalley | 7446c91 | 2012-03-19 10:37:05 -0400 | [diff] [blame] | 405 | ret = -1; |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 406 | goto out; |
| 407 | oom: |
| 408 | selinux_log(SELINUX_ERROR, |
| 409 | "%s: Out of memory\n", __FUNCTION__); |
Stephen Smalley | 13319cf | 2014-04-04 15:44:23 -0400 | [diff] [blame] | 410 | free_seapp_contexts(); |
Stephen Smalley | 7446c91 | 2012-03-19 10:37:05 -0400 | [diff] [blame] | 411 | ret = -1; |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 412 | goto out; |
| 413 | } |
| 414 | |
Stephen Smalley | 7446c91 | 2012-03-19 10:37:05 -0400 | [diff] [blame] | 415 | |
| 416 | static void seapp_context_init(void) |
| 417 | { |
| 418 | selinux_android_seapp_context_reload(); |
| 419 | } |
| 420 | |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 421 | static pthread_once_t once = PTHREAD_ONCE_INIT; |
| 422 | |
Stephen Smalley | d23b9e0 | 2012-09-21 10:45:39 -0400 | [diff] [blame] | 423 | /* |
Stephen Smalley | a879598 | 2012-11-28 10:42:46 -0500 | [diff] [blame] | 424 | * Max id that can be mapped to category set uniquely |
Stephen Smalley | d23b9e0 | 2012-09-21 10:45:39 -0400 | [diff] [blame] | 425 | * using the current scheme. |
| 426 | */ |
Stephen Smalley | a879598 | 2012-11-28 10:42:46 -0500 | [diff] [blame] | 427 | #define CAT_MAPPING_MAX_ID (0x1<<16) |
Stephen Smalley | d23b9e0 | 2012-09-21 10:45:39 -0400 | [diff] [blame] | 428 | |
| 429 | enum seapp_kind { |
| 430 | SEAPP_TYPE, |
| 431 | SEAPP_DOMAIN |
| 432 | }; |
| 433 | |
| 434 | static int seapp_context_lookup(enum seapp_kind kind, |
Stephen Smalley | 895b446 | 2012-09-19 16:27:36 -0400 | [diff] [blame] | 435 | uid_t uid, |
| 436 | int isSystemServer, |
Stephen Smalley | edfaad8 | 2012-07-12 11:30:24 -0400 | [diff] [blame] | 437 | const char *seinfo, |
Stephen Smalley | 895b446 | 2012-09-19 16:27:36 -0400 | [diff] [blame] | 438 | const char *pkgname, |
Stephen Smalley | 274e0f6 | 2014-02-19 10:53:09 -0500 | [diff] [blame] | 439 | const char *path, |
Stephen Smalley | 895b446 | 2012-09-19 16:27:36 -0400 | [diff] [blame] | 440 | context_t ctx) |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 441 | { |
Stephen Smalley | 895b446 | 2012-09-19 16:27:36 -0400 | [diff] [blame] | 442 | const char *username = NULL; |
Nick Kralevich | b1ae15a | 2013-07-11 17:35:53 -0700 | [diff] [blame] | 443 | struct seapp_context *cur = NULL; |
Stephen Smalley | 895b446 | 2012-09-19 16:27:36 -0400 | [diff] [blame] | 444 | int i; |
| 445 | size_t n; |
Stephen Smalley | a879598 | 2012-11-28 10:42:46 -0500 | [diff] [blame] | 446 | uid_t userid; |
| 447 | uid_t appid; |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 448 | |
Stephen Smalley | e183cec | 2014-02-05 16:41:47 -0500 | [diff] [blame] | 449 | __selinux_once(once, seapp_context_init); |
| 450 | |
Stephen Smalley | a879598 | 2012-11-28 10:42:46 -0500 | [diff] [blame] | 451 | userid = uid / AID_USER; |
Stephen Smalley | 895b446 | 2012-09-19 16:27:36 -0400 | [diff] [blame] | 452 | appid = uid % AID_USER; |
| 453 | if (appid < AID_APP) { |
| 454 | for (n = 0; n < android_id_count; n++) { |
| 455 | if (android_ids[n].aid == appid) { |
| 456 | username = android_ids[n].name; |
| 457 | break; |
| 458 | } |
Stephen Smalley | ce4e2e6 | 2012-08-23 12:20:42 -0400 | [diff] [blame] | 459 | } |
Stephen Smalley | 895b446 | 2012-09-19 16:27:36 -0400 | [diff] [blame] | 460 | if (!username) |
| 461 | goto err; |
| 462 | } else if (appid < AID_ISOLATED_START) { |
Stephen Smalley | 525a224 | 2012-09-24 10:22:45 -0400 | [diff] [blame] | 463 | username = "_app"; |
Stephen Smalley | 895b446 | 2012-09-19 16:27:36 -0400 | [diff] [blame] | 464 | appid -= AID_APP; |
| 465 | } else { |
Stephen Smalley | 525a224 | 2012-09-24 10:22:45 -0400 | [diff] [blame] | 466 | username = "_isolated"; |
Stephen Smalley | 895b446 | 2012-09-19 16:27:36 -0400 | [diff] [blame] | 467 | appid -= AID_ISOLATED_START; |
Stephen Smalley | ba70ee4 | 2012-07-10 15:49:04 -0400 | [diff] [blame] | 468 | } |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 469 | |
Stephen Smalley | a879598 | 2012-11-28 10:42:46 -0500 | [diff] [blame] | 470 | if (appid >= CAT_MAPPING_MAX_ID || userid >= CAT_MAPPING_MAX_ID) |
Stephen Smalley | 895b446 | 2012-09-19 16:27:36 -0400 | [diff] [blame] | 471 | goto err; |
| 472 | |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 473 | for (i = 0; i < nspec; i++) { |
| 474 | cur = seapp_contexts[i]; |
| 475 | |
Stephen Smalley | 895b446 | 2012-09-19 16:27:36 -0400 | [diff] [blame] | 476 | if (cur->isSystemServer != isSystemServer) |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 477 | continue; |
| 478 | |
William Roberts | e3615f9 | 2013-09-11 20:35:53 -0700 | [diff] [blame] | 479 | if (cur->user.str) { |
| 480 | if (cur->user.is_prefix) { |
| 481 | if (strncasecmp(username, cur->user.str, cur->user.len-1)) |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 482 | continue; |
| 483 | } else { |
William Roberts | e3615f9 | 2013-09-11 20:35:53 -0700 | [diff] [blame] | 484 | if (strcasecmp(username, cur->user.str)) |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 485 | continue; |
| 486 | } |
| 487 | } |
| 488 | |
Stephen Smalley | edfaad8 | 2012-07-12 11:30:24 -0400 | [diff] [blame] | 489 | if (cur->seinfo) { |
| 490 | if (!seinfo || strcasecmp(seinfo, cur->seinfo)) |
| 491 | continue; |
| 492 | } |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 493 | |
William Roberts | e3615f9 | 2013-09-11 20:35:53 -0700 | [diff] [blame] | 494 | if (cur->name.str) { |
| 495 | if(!pkgname) |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 496 | continue; |
William Roberts | e3615f9 | 2013-09-11 20:35:53 -0700 | [diff] [blame] | 497 | |
| 498 | if (cur->name.is_prefix) { |
| 499 | if (strncasecmp(pkgname, cur->name.str, cur->name.len-1)) |
| 500 | continue; |
| 501 | } else { |
| 502 | if (strcasecmp(pkgname, cur->name.str)) |
| 503 | continue; |
| 504 | } |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 505 | } |
| 506 | |
Stephen Smalley | 274e0f6 | 2014-02-19 10:53:09 -0500 | [diff] [blame] | 507 | if (cur->path.str) { |
| 508 | if (!path) |
| 509 | continue; |
| 510 | |
| 511 | if (cur->path.is_prefix) { |
| 512 | if (strncmp(path, cur->path.str, cur->path.len-1)) |
| 513 | continue; |
| 514 | } else { |
| 515 | if (strcmp(path, cur->path.str)) |
| 516 | continue; |
| 517 | } |
| 518 | } |
| 519 | |
Stephen Smalley | 895b446 | 2012-09-19 16:27:36 -0400 | [diff] [blame] | 520 | if (kind == SEAPP_TYPE && !cur->type) |
| 521 | continue; |
| 522 | else if (kind == SEAPP_DOMAIN && !cur->domain) |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 523 | continue; |
| 524 | |
William Roberts | 1b36ad0 | 2012-07-27 13:52:33 -0700 | [diff] [blame] | 525 | if (cur->sebool) { |
| 526 | int value = security_get_boolean_active(cur->sebool); |
| 527 | if (value == 0) |
| 528 | continue; |
| 529 | else if (value == -1) { |
| 530 | selinux_log(SELINUX_ERROR, \ |
| 531 | "Could not find boolean: %s ", cur->sebool); |
| 532 | goto err; |
| 533 | } |
| 534 | } |
| 535 | |
Stephen Smalley | 895b446 | 2012-09-19 16:27:36 -0400 | [diff] [blame] | 536 | if (kind == SEAPP_TYPE) { |
| 537 | if (context_type_set(ctx, cur->type)) |
| 538 | goto oom; |
| 539 | } else if (kind == SEAPP_DOMAIN) { |
| 540 | if (context_type_set(ctx, cur->domain)) |
| 541 | goto oom; |
| 542 | } |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 543 | |
Stephen Smalley | a879598 | 2012-11-28 10:42:46 -0500 | [diff] [blame] | 544 | if (cur->levelFrom != LEVELFROM_NONE) { |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 545 | char level[255]; |
Stephen Smalley | a879598 | 2012-11-28 10:42:46 -0500 | [diff] [blame] | 546 | switch (cur->levelFrom) { |
| 547 | case LEVELFROM_APP: |
Stephen Smalley | df1ece2 | 2013-12-02 10:07:48 -0500 | [diff] [blame] | 548 | snprintf(level, sizeof level, "s0:c%u,c%u", |
| 549 | appid & 0xff, |
Stephen Smalley | a879598 | 2012-11-28 10:42:46 -0500 | [diff] [blame] | 550 | 256 + (appid>>8 & 0xff)); |
| 551 | break; |
| 552 | case LEVELFROM_USER: |
Stephen Smalley | df1ece2 | 2013-12-02 10:07:48 -0500 | [diff] [blame] | 553 | snprintf(level, sizeof level, "s0:c%u,c%u", |
Stephen Smalley | a879598 | 2012-11-28 10:42:46 -0500 | [diff] [blame] | 554 | 512 + (userid & 0xff), |
| 555 | 768 + (userid>>8 & 0xff)); |
| 556 | break; |
| 557 | case LEVELFROM_ALL: |
Stephen Smalley | df1ece2 | 2013-12-02 10:07:48 -0500 | [diff] [blame] | 558 | snprintf(level, sizeof level, "s0:c%u,c%u,c%u,c%u", |
| 559 | appid & 0xff, |
Stephen Smalley | a879598 | 2012-11-28 10:42:46 -0500 | [diff] [blame] | 560 | 256 + (appid>>8 & 0xff), |
| 561 | 512 + (userid & 0xff), |
| 562 | 768 + (userid>>8 & 0xff)); |
| 563 | break; |
| 564 | default: |
| 565 | goto err; |
| 566 | } |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 567 | if (context_range_set(ctx, level)) |
| 568 | goto oom; |
| 569 | } else if (cur->level) { |
| 570 | if (context_range_set(ctx, cur->level)) |
| 571 | goto oom; |
| 572 | } |
William Roberts | 1b36ad0 | 2012-07-27 13:52:33 -0700 | [diff] [blame] | 573 | |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 574 | break; |
| 575 | } |
| 576 | |
Stephen Smalley | 895b446 | 2012-09-19 16:27:36 -0400 | [diff] [blame] | 577 | if (kind == SEAPP_DOMAIN && i == nspec) { |
| 578 | /* |
| 579 | * No match. |
| 580 | * Fail to prevent staying in the zygote's context. |
| 581 | */ |
| 582 | selinux_log(SELINUX_ERROR, |
| 583 | "%s: No match for app with uid %d, seinfo %s, name %s\n", |
| 584 | __FUNCTION__, uid, seinfo, pkgname); |
| 585 | |
| 586 | if (security_getenforce() == 1) |
| 587 | goto err; |
| 588 | } |
| 589 | |
| 590 | return 0; |
| 591 | err: |
| 592 | return -1; |
| 593 | oom: |
| 594 | return -2; |
| 595 | } |
| 596 | |
Stephen Smalley | 1b478ea | 2014-02-07 09:32:41 -0500 | [diff] [blame] | 597 | int selinux_android_setfilecon(const char *pkgdir, |
Stephen Smalley | 895b446 | 2012-09-19 16:27:36 -0400 | [diff] [blame] | 598 | const char *pkgname, |
| 599 | const char *seinfo, |
| 600 | uid_t uid) |
| 601 | { |
Nick Kralevich | 9ca4088 | 2013-07-11 16:58:44 -0700 | [diff] [blame] | 602 | char *orig_ctx_str = NULL; |
| 603 | char *ctx_str = NULL; |
Stephen Smalley | 895b446 | 2012-09-19 16:27:36 -0400 | [diff] [blame] | 604 | context_t ctx = NULL; |
Nick Kralevich | 9ca4088 | 2013-07-11 16:58:44 -0700 | [diff] [blame] | 605 | int rc = -1; |
Stephen Smalley | 895b446 | 2012-09-19 16:27:36 -0400 | [diff] [blame] | 606 | |
| 607 | if (is_selinux_enabled() <= 0) |
| 608 | return 0; |
| 609 | |
Stephen Smalley | 895b446 | 2012-09-19 16:27:36 -0400 | [diff] [blame] | 610 | rc = getfilecon(pkgdir, &ctx_str); |
| 611 | if (rc < 0) |
| 612 | goto err; |
| 613 | |
| 614 | ctx = context_new(ctx_str); |
| 615 | orig_ctx_str = ctx_str; |
| 616 | if (!ctx) |
| 617 | goto oom; |
| 618 | |
Stephen Smalley | 274e0f6 | 2014-02-19 10:53:09 -0500 | [diff] [blame] | 619 | rc = seapp_context_lookup(SEAPP_TYPE, uid, 0, seinfo, pkgname, NULL, ctx); |
Stephen Smalley | 895b446 | 2012-09-19 16:27:36 -0400 | [diff] [blame] | 620 | if (rc == -1) |
| 621 | goto err; |
| 622 | else if (rc == -2) |
| 623 | goto oom; |
| 624 | |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 625 | ctx_str = context_str(ctx); |
| 626 | if (!ctx_str) |
| 627 | goto oom; |
| 628 | |
| 629 | rc = security_check_context(ctx_str); |
| 630 | if (rc < 0) |
| 631 | goto err; |
| 632 | |
| 633 | if (strcmp(ctx_str, orig_ctx_str)) { |
| 634 | rc = setfilecon(pkgdir, ctx_str); |
| 635 | if (rc < 0) |
| 636 | goto err; |
| 637 | } |
| 638 | |
| 639 | rc = 0; |
| 640 | out: |
| 641 | freecon(orig_ctx_str); |
| 642 | context_free(ctx); |
| 643 | return rc; |
| 644 | err: |
| 645 | selinux_log(SELINUX_ERROR, "%s: Error setting context for pkgdir %s, uid %d: %s\n", |
| 646 | __FUNCTION__, pkgdir, uid, strerror(errno)); |
| 647 | rc = -1; |
| 648 | goto out; |
| 649 | oom: |
| 650 | selinux_log(SELINUX_ERROR, "%s: Out of memory\n", __FUNCTION__); |
| 651 | rc = -1; |
| 652 | goto out; |
| 653 | } |
| 654 | |
| 655 | int selinux_android_setcontext(uid_t uid, |
| 656 | int isSystemServer, |
| 657 | const char *seinfo, |
Stephen Smalley | ba70ee4 | 2012-07-10 15:49:04 -0400 | [diff] [blame] | 658 | const char *pkgname) |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 659 | { |
Stephen Smalley | 895b446 | 2012-09-19 16:27:36 -0400 | [diff] [blame] | 660 | char *orig_ctx_str = NULL, *ctx_str; |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 661 | context_t ctx = NULL; |
Nick Kralevich | 9ca4088 | 2013-07-11 16:58:44 -0700 | [diff] [blame] | 662 | int rc = -1; |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 663 | |
| 664 | if (is_selinux_enabled() <= 0) |
| 665 | return 0; |
| 666 | |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 667 | rc = getcon(&ctx_str); |
| 668 | if (rc) |
| 669 | goto err; |
| 670 | |
| 671 | ctx = context_new(ctx_str); |
| 672 | orig_ctx_str = ctx_str; |
| 673 | if (!ctx) |
| 674 | goto oom; |
| 675 | |
Stephen Smalley | 274e0f6 | 2014-02-19 10:53:09 -0500 | [diff] [blame] | 676 | rc = seapp_context_lookup(SEAPP_DOMAIN, uid, isSystemServer, seinfo, pkgname, NULL, ctx); |
Stephen Smalley | 895b446 | 2012-09-19 16:27:36 -0400 | [diff] [blame] | 677 | if (rc == -1) |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 678 | goto err; |
Stephen Smalley | 895b446 | 2012-09-19 16:27:36 -0400 | [diff] [blame] | 679 | else if (rc == -2) |
| 680 | goto oom; |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 681 | |
| 682 | ctx_str = context_str(ctx); |
| 683 | if (!ctx_str) |
| 684 | goto oom; |
| 685 | |
| 686 | rc = security_check_context(ctx_str); |
| 687 | if (rc < 0) |
| 688 | goto err; |
| 689 | |
| 690 | if (strcmp(ctx_str, orig_ctx_str)) { |
| 691 | rc = setcon(ctx_str); |
| 692 | if (rc < 0) |
| 693 | goto err; |
| 694 | } |
| 695 | |
| 696 | rc = 0; |
| 697 | out: |
| 698 | freecon(orig_ctx_str); |
| 699 | context_free(ctx); |
Stephen Smalley | e8b0fd8 | 2012-07-31 09:12:53 -0400 | [diff] [blame] | 700 | avc_netlink_close(); |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 701 | return rc; |
| 702 | err: |
| 703 | if (isSystemServer) |
| 704 | selinux_log(SELINUX_ERROR, |
Geremy Condra | 6064643 | 2013-04-10 17:58:48 -0700 | [diff] [blame] | 705 | "%s: Error setting context for system server: %s\n", |
| 706 | __FUNCTION__, strerror(errno)); |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 707 | else |
| 708 | selinux_log(SELINUX_ERROR, |
Geremy Condra | 6064643 | 2013-04-10 17:58:48 -0700 | [diff] [blame] | 709 | "%s: Error setting context for app with uid %d, seinfo %s: %s\n", |
| 710 | __FUNCTION__, uid, seinfo, strerror(errno)); |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 711 | |
Stephen Smalley | f77e60d | 2012-07-27 15:41:10 -0400 | [diff] [blame] | 712 | rc = -1; |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 713 | goto out; |
| 714 | oom: |
| 715 | selinux_log(SELINUX_ERROR, "%s: Out of memory\n", __FUNCTION__); |
| 716 | rc = -1; |
| 717 | goto out; |
| 718 | } |
| 719 | |
Stephen Smalley | 0ca91b3 | 2012-03-19 10:25:53 -0400 | [diff] [blame] | 720 | static struct selabel_handle *sehandle = NULL; |
Stephen Smalley | 826cc29 | 2014-01-28 15:04:22 -0500 | [diff] [blame] | 721 | #define FC_DIGEST_SIZE SHA_DIGEST_SIZE |
| 722 | static uint8_t fc_digest[FC_DIGEST_SIZE]; |
Stephen Smalley | 0ca91b3 | 2012-03-19 10:25:53 -0400 | [diff] [blame] | 723 | |
Stephen Smalley | 826cc29 | 2014-01-28 15:04:22 -0500 | [diff] [blame] | 724 | static struct selabel_handle *get_selabel_handle(const struct selinux_opt opts[]) |
| 725 | { |
| 726 | struct selabel_handle *h; |
| 727 | unsigned int i = 0; |
| 728 | int fd; |
| 729 | struct stat sb; |
| 730 | void *map; |
Stephen Smalley | 0ca91b3 | 2012-03-19 10:25:53 -0400 | [diff] [blame] | 731 | |
Stephen Smalley | 826cc29 | 2014-01-28 15:04:22 -0500 | [diff] [blame] | 732 | h = NULL; |
| 733 | while ((h == NULL) && opts[i].value) { |
| 734 | h = selabel_open(SELABEL_CTX_FILE, &opts[i], 1); |
| 735 | if (h) |
| 736 | break; |
| 737 | i++; |
| 738 | } |
Stephen Smalley | 0ca91b3 | 2012-03-19 10:25:53 -0400 | [diff] [blame] | 739 | |
Stephen Smalley | 826cc29 | 2014-01-28 15:04:22 -0500 | [diff] [blame] | 740 | if (!h) |
| 741 | return NULL; |
| 742 | |
| 743 | fd = open(opts[i].value, O_RDONLY | O_NOFOLLOW); |
| 744 | if (fd < 0) { |
| 745 | selinux_log(SELINUX_ERROR, "SELinux: Could not open %s: %s\n", |
| 746 | opts[i].value, strerror(errno)); |
| 747 | goto err; |
| 748 | } |
| 749 | if (fstat(fd, &sb) < 0) { |
| 750 | selinux_log(SELINUX_ERROR, "SELinux: Could not stat %s: %s\n", |
| 751 | opts[i].value, strerror(errno)); |
| 752 | close(fd); |
| 753 | goto err; |
| 754 | } |
| 755 | map = mmap(NULL, sb.st_size, PROT_READ, MAP_PRIVATE, fd, 0); |
| 756 | if (map == MAP_FAILED) { |
| 757 | selinux_log(SELINUX_ERROR, "SELinux: Could not map %s: %s\n", |
| 758 | opts[i].value, strerror(errno)); |
| 759 | close(fd); |
| 760 | goto err; |
| 761 | } |
| 762 | SHA_hash(map, sb.st_size, fc_digest); |
| 763 | munmap(map, sb.st_size); |
| 764 | close(fd); |
| 765 | |
Stephen Smalley | 0a10104 | 2014-01-29 12:54:01 -0500 | [diff] [blame] | 766 | selinux_log(SELINUX_INFO, "SELinux: Loaded file_contexts from %s\n", |
Stephen Smalley | 826cc29 | 2014-01-28 15:04:22 -0500 | [diff] [blame] | 767 | opts[i].value); |
Stephen Smalley | 826cc29 | 2014-01-28 15:04:22 -0500 | [diff] [blame] | 768 | |
| 769 | return h; |
| 770 | |
| 771 | err: |
| 772 | selabel_close(h); |
| 773 | return NULL; |
Geremy Condra | 6064643 | 2013-04-10 17:58:48 -0700 | [diff] [blame] | 774 | } |
| 775 | |
| 776 | static struct selabel_handle *file_context_open(void) |
| 777 | { |
| 778 | struct selabel_handle *h; |
| 779 | |
| 780 | h = get_selabel_handle(seopts); |
| 781 | |
Stephen Smalley | 906742d | 2012-08-23 16:04:59 -0400 | [diff] [blame] | 782 | if (!h) |
Geremy Condra | 6064643 | 2013-04-10 17:58:48 -0700 | [diff] [blame] | 783 | selinux_log(SELINUX_ERROR, "%s: Error getting file context handle (%s)\n", |
| 784 | __FUNCTION__, strerror(errno)); |
| 785 | return h; |
| 786 | } |
| 787 | |
Stephen Smalley | 906742d | 2012-08-23 16:04:59 -0400 | [diff] [blame] | 788 | static void file_context_init(void) |
| 789 | { |
Stephen Smalley | 7fc97fb | 2014-01-28 10:37:58 -0500 | [diff] [blame] | 790 | if (!sehandle) |
| 791 | sehandle = file_context_open(); |
| 792 | } |
| 793 | |
Stephen Smalley | 08587cf | 2014-01-30 10:13:12 -0500 | [diff] [blame] | 794 | static pthread_once_t fc_once = PTHREAD_ONCE_INIT; |
| 795 | |
Stephen Smalley | e183cec | 2014-02-05 16:41:47 -0500 | [diff] [blame] | 796 | struct pkgInfo { |
| 797 | char *name; |
| 798 | uid_t uid; |
| 799 | bool debuggable; |
| 800 | char *dataDir; |
| 801 | char *seinfo; |
| 802 | struct pkgInfo *next; |
| 803 | }; |
| 804 | |
| 805 | #define PKGTAB_SIZE 256 |
| 806 | static struct pkgInfo *pkgTab[PKGTAB_SIZE]; |
| 807 | |
| 808 | static unsigned int pkghash(const char *pkgname) |
| 809 | { |
| 810 | unsigned int h = 7; |
| 811 | for (; *pkgname; pkgname++) { |
| 812 | h = h * 31 + *pkgname; |
| 813 | } |
| 814 | return h & (PKGTAB_SIZE - 1); |
| 815 | } |
| 816 | |
| 817 | /* The file containing the list of installed packages on the system */ |
| 818 | #define PACKAGES_LIST_FILE "/data/system/packages.list" |
| 819 | |
| 820 | static void package_info_init(void) |
| 821 | { |
| 822 | char *buf = NULL; |
| 823 | size_t buflen = 0; |
| 824 | ssize_t bytesread; |
| 825 | FILE *fp; |
| 826 | char *cur, *next; |
| 827 | struct pkgInfo *pkgInfo = NULL; |
| 828 | unsigned int hash; |
| 829 | unsigned long lineno = 1; |
| 830 | |
| 831 | fp = fopen(PACKAGES_LIST_FILE, "r"); |
| 832 | if (!fp) { |
| 833 | selinux_log(SELINUX_ERROR, "SELinux: Could not open %s: %s.\n", |
| 834 | PACKAGES_LIST_FILE, strerror(errno)); |
| 835 | return; |
| 836 | } |
| 837 | while ((bytesread = getline(&buf, &buflen, fp)) > 0) { |
| 838 | pkgInfo = calloc(1, sizeof(*pkgInfo)); |
| 839 | if (!pkgInfo) |
| 840 | goto err; |
| 841 | next = buf; |
| 842 | cur = strsep(&next, " \t\n"); |
| 843 | if (!cur) |
| 844 | goto err; |
| 845 | pkgInfo->name = strdup(cur); |
| 846 | if (!pkgInfo->name) |
| 847 | goto err; |
| 848 | cur = strsep(&next, " \t\n"); |
| 849 | if (!cur) |
| 850 | goto err; |
| 851 | pkgInfo->uid = atoi(cur); |
| 852 | if (!pkgInfo->uid) |
| 853 | goto err; |
| 854 | cur = strsep(&next, " \t\n"); |
| 855 | if (!cur) |
| 856 | goto err; |
| 857 | pkgInfo->debuggable = atoi(cur); |
| 858 | cur = strsep(&next, " \t\n"); |
| 859 | if (!cur) |
| 860 | goto err; |
| 861 | pkgInfo->dataDir = strdup(cur); |
| 862 | if (!pkgInfo->dataDir) |
| 863 | goto err; |
| 864 | cur = strsep(&next, " \t\n"); |
| 865 | if (!cur) |
| 866 | goto err; |
| 867 | pkgInfo->seinfo = strdup(cur); |
| 868 | if (!pkgInfo->seinfo) |
| 869 | goto err; |
| 870 | |
| 871 | hash = pkghash(pkgInfo->name); |
| 872 | if (pkgTab[hash]) |
| 873 | pkgInfo->next = pkgTab[hash]; |
| 874 | pkgTab[hash] = pkgInfo; |
| 875 | |
| 876 | lineno++; |
| 877 | } |
| 878 | |
| 879 | #if DEBUG |
| 880 | { |
| 881 | unsigned int buckets, entries, chainlen, longestchain; |
| 882 | |
| 883 | buckets = entries = longestchain = 0; |
| 884 | for (hash = 0; hash < PKGTAB_SIZE; hash++) { |
| 885 | if (pkgTab[hash]) { |
| 886 | buckets++; |
| 887 | chainlen = 0; |
| 888 | for (pkgInfo = pkgTab[hash]; pkgInfo; pkgInfo = pkgInfo->next) { |
| 889 | chainlen++; |
| 890 | selinux_log(SELINUX_INFO, "%s: name=%s uid=%u debuggable=%s dataDir=%s seinfo=%s\n", |
| 891 | __FUNCTION__, |
| 892 | pkgInfo->name, pkgInfo->uid, pkgInfo->debuggable ? "true" : "false", pkgInfo->dataDir, pkgInfo->seinfo); |
| 893 | } |
| 894 | entries += chainlen; |
| 895 | if (longestchain < chainlen) |
| 896 | longestchain = chainlen; |
| 897 | } |
| 898 | } |
| 899 | selinux_log(SELINUX_INFO, "SELinux: %d pkg entries and %d/%d buckets used, longest chain %d\n", entries, buckets, PKGTAB_SIZE, longestchain); |
| 900 | } |
| 901 | #endif |
| 902 | |
| 903 | out: |
| 904 | free(buf); |
| 905 | fclose(fp); |
| 906 | return; |
| 907 | |
| 908 | err: |
| 909 | selinux_log(SELINUX_ERROR, "SELinux: Error reading %s on line %lu.\n", |
| 910 | PACKAGES_LIST_FILE, lineno); |
| 911 | if (pkgInfo) { |
| 912 | free(pkgInfo->name); |
| 913 | free(pkgInfo->dataDir); |
| 914 | free(pkgInfo->seinfo); |
| 915 | free(pkgInfo); |
| 916 | } |
| 917 | goto out; |
| 918 | } |
| 919 | |
| 920 | static pthread_once_t pkg_once = PTHREAD_ONCE_INIT; |
| 921 | |
| 922 | struct pkgInfo *package_info_lookup(const char *name) |
| 923 | { |
| 924 | struct pkgInfo *pkgInfo; |
| 925 | unsigned int hash; |
| 926 | |
| 927 | __selinux_once(pkg_once, package_info_init); |
| 928 | |
| 929 | hash = pkghash(name); |
| 930 | for (pkgInfo = pkgTab[hash]; pkgInfo; pkgInfo = pkgInfo->next) { |
| 931 | if (!strcmp(name, pkgInfo->name)) |
| 932 | return pkgInfo; |
| 933 | } |
| 934 | return NULL; |
| 935 | } |
| 936 | |
| 937 | /* The path prefixes of package data directories. */ |
Stephen Smalley | 027670d | 2014-02-18 11:04:37 -0500 | [diff] [blame] | 938 | #define DATA_DATA_PATH "/data/data" |
| 939 | #define DATA_USER_PATH "/data/user" |
| 940 | #define DATA_DATA_PREFIX DATA_DATA_PATH "/" |
| 941 | #define DATA_USER_PREFIX DATA_USER_PATH "/" |
Stephen Smalley | e183cec | 2014-02-05 16:41:47 -0500 | [diff] [blame] | 942 | |
Stephen Smalley | 1d66afb | 2014-03-27 08:47:15 -0400 | [diff] [blame] | 943 | static int pkgdir_selabel_lookup(const char *pathname, |
| 944 | const char *seinfo, |
| 945 | uid_t uid, |
| 946 | char **secontextp) |
Stephen Smalley | e183cec | 2014-02-05 16:41:47 -0500 | [diff] [blame] | 947 | { |
| 948 | char *pkgname = NULL, *end = NULL; |
| 949 | struct pkgInfo *pkgInfo = NULL; |
| 950 | char *secontext = *secontextp; |
| 951 | context_t ctx = NULL; |
| 952 | int rc = 0; |
| 953 | |
| 954 | /* Skip directory prefix before package name. */ |
| 955 | if (!strncmp(pathname, DATA_DATA_PREFIX, sizeof(DATA_DATA_PREFIX)-1)) { |
| 956 | pathname += sizeof(DATA_DATA_PREFIX) - 1; |
| 957 | } else if (!strncmp(pathname, DATA_USER_PREFIX, sizeof(DATA_USER_PREFIX)-1)) { |
| 958 | pathname += sizeof(DATA_USER_PREFIX) - 1; |
| 959 | while (isdigit(*pathname)) |
| 960 | pathname++; |
| 961 | if (*pathname == '/') |
| 962 | pathname++; |
| 963 | else |
| 964 | return 0; |
| 965 | } else |
| 966 | return 0; |
| 967 | |
| 968 | if (!(*pathname)) |
| 969 | return 0; |
| 970 | |
| 971 | pkgname = strdup(pathname); |
| 972 | if (!pkgname) |
| 973 | return -1; |
| 974 | |
| 975 | for (end = pkgname; *end && *end != '/'; end++) |
| 976 | ; |
Stephen Smalley | 274e0f6 | 2014-02-19 10:53:09 -0500 | [diff] [blame] | 977 | pathname = end; |
| 978 | if (*end) |
| 979 | pathname++; |
Stephen Smalley | e183cec | 2014-02-05 16:41:47 -0500 | [diff] [blame] | 980 | *end = '\0'; |
| 981 | |
Stephen Smalley | 1d66afb | 2014-03-27 08:47:15 -0400 | [diff] [blame] | 982 | if (!seinfo) { |
| 983 | pkgInfo = package_info_lookup(pkgname); |
| 984 | if (!pkgInfo) { |
| 985 | selinux_log(SELINUX_WARNING, "SELinux: Could not look up information for package %s, cannot restorecon %s.\n", |
| 986 | pkgname, pathname); |
| 987 | free(pkgname); |
| 988 | return -1; |
| 989 | } |
Stephen Smalley | e183cec | 2014-02-05 16:41:47 -0500 | [diff] [blame] | 990 | } |
| 991 | |
| 992 | ctx = context_new(secontext); |
| 993 | if (!ctx) |
| 994 | goto err; |
| 995 | |
Stephen Smalley | 1d66afb | 2014-03-27 08:47:15 -0400 | [diff] [blame] | 996 | rc = seapp_context_lookup(SEAPP_TYPE, pkgInfo ? pkgInfo->uid : uid, 0, |
| 997 | pkgInfo ? pkgInfo->seinfo : seinfo, pkgInfo ? pkgInfo->name : pkgname, pathname, ctx); |
Stephen Smalley | e183cec | 2014-02-05 16:41:47 -0500 | [diff] [blame] | 998 | if (rc < 0) |
| 999 | goto err; |
| 1000 | |
| 1001 | secontext = context_str(ctx); |
| 1002 | if (!secontext) |
| 1003 | goto err; |
| 1004 | |
| 1005 | if (!strcmp(secontext, *secontextp)) |
| 1006 | goto out; |
| 1007 | |
| 1008 | rc = security_check_context(secontext); |
| 1009 | if (rc < 0) |
| 1010 | goto err; |
| 1011 | |
| 1012 | freecon(*secontextp); |
| 1013 | *secontextp = strdup(secontext); |
| 1014 | if (!(*secontextp)) |
| 1015 | goto err; |
| 1016 | |
| 1017 | rc = 0; |
| 1018 | |
| 1019 | out: |
| 1020 | free(pkgname); |
| 1021 | context_free(ctx); |
| 1022 | return rc; |
| 1023 | err: |
| 1024 | selinux_log(SELINUX_ERROR, "%s: Error looking up context for path %s, pkgname %s, seinfo %s, uid %u: %s\n", |
| 1025 | __FUNCTION__, pathname, pkgname, pkgInfo->seinfo, pkgInfo->uid, strerror(errno)); |
| 1026 | rc = -1; |
| 1027 | goto out; |
| 1028 | } |
| 1029 | |
Stephen Smalley | 826cc29 | 2014-01-28 15:04:22 -0500 | [diff] [blame] | 1030 | #define RESTORECON_LAST "security.restorecon_last" |
| 1031 | |
Stephen Smalley | 1d66afb | 2014-03-27 08:47:15 -0400 | [diff] [blame] | 1032 | static int restorecon_sb(const char *pathname, const struct stat *sb, |
| 1033 | bool setrestoreconlast, bool nochange, bool verbose, |
| 1034 | const char *seinfo, uid_t uid) |
Stephen Smalley | 7fc97fb | 2014-01-28 10:37:58 -0500 | [diff] [blame] | 1035 | { |
| 1036 | char *secontext = NULL; |
| 1037 | char *oldsecontext = NULL; |
Stephen Smalley | e183cec | 2014-02-05 16:41:47 -0500 | [diff] [blame] | 1038 | int rc = 0; |
Stephen Smalley | 7fc97fb | 2014-01-28 10:37:58 -0500 | [diff] [blame] | 1039 | |
| 1040 | if (selabel_lookup(sehandle, &secontext, pathname, sb->st_mode) < 0) |
Stephen Smalley | b77c036 | 2014-02-04 13:22:28 -0500 | [diff] [blame] | 1041 | return -1; |
Stephen Smalley | 7fc97fb | 2014-01-28 10:37:58 -0500 | [diff] [blame] | 1042 | |
Stephen Smalley | e183cec | 2014-02-05 16:41:47 -0500 | [diff] [blame] | 1043 | if (lgetfilecon(pathname, &oldsecontext) < 0) |
| 1044 | goto err; |
| 1045 | |
Stephen Smalley | 833cbd6 | 2014-02-27 13:08:40 -0500 | [diff] [blame] | 1046 | /* |
| 1047 | * Disable setting restorecon_last on /data/data or /data/user |
| 1048 | * since their labeling is based on seapp_contexts and seinfo |
| 1049 | * assignments rather than file_contexts and is managed by |
| 1050 | * installd rather than init. |
| 1051 | */ |
| 1052 | if (!strcmp(pathname, DATA_DATA_PATH) || !strcmp(pathname, DATA_USER_PATH)) |
| 1053 | setrestoreconlast = false; |
| 1054 | |
Stephen Smalley | e183cec | 2014-02-05 16:41:47 -0500 | [diff] [blame] | 1055 | if (!strncmp(pathname, DATA_DATA_PREFIX, sizeof(DATA_DATA_PREFIX)-1) || |
| 1056 | !strncmp(pathname, DATA_USER_PREFIX, sizeof(DATA_USER_PREFIX)-1)) { |
Stephen Smalley | 833cbd6 | 2014-02-27 13:08:40 -0500 | [diff] [blame] | 1057 | /* Same as above for all children of /data/data and /data/user. */ |
| 1058 | setrestoreconlast = false; |
| 1059 | |
Stephen Smalley | 1d66afb | 2014-03-27 08:47:15 -0400 | [diff] [blame] | 1060 | if (pkgdir_selabel_lookup(pathname, seinfo, uid, &secontext) < 0) |
Stephen Smalley | e183cec | 2014-02-05 16:41:47 -0500 | [diff] [blame] | 1061 | goto err; |
Stephen Smalley | 7fc97fb | 2014-01-28 10:37:58 -0500 | [diff] [blame] | 1062 | } |
| 1063 | |
| 1064 | if (strcmp(oldsecontext, secontext) != 0) { |
Stephen Smalley | 08587cf | 2014-01-30 10:13:12 -0500 | [diff] [blame] | 1065 | if (verbose) |
| 1066 | selinux_log(SELINUX_INFO, |
| 1067 | "SELinux: Relabeling %s from %s to %s.\n", pathname, oldsecontext, secontext); |
| 1068 | if (!nochange) { |
Stephen Smalley | e183cec | 2014-02-05 16:41:47 -0500 | [diff] [blame] | 1069 | if (lsetfilecon(pathname, secontext) < 0) |
| 1070 | goto err; |
Stephen Smalley | 7fc97fb | 2014-01-28 10:37:58 -0500 | [diff] [blame] | 1071 | } |
| 1072 | } |
Stephen Smalley | 826cc29 | 2014-01-28 15:04:22 -0500 | [diff] [blame] | 1073 | |
Stephen Smalley | 08587cf | 2014-01-30 10:13:12 -0500 | [diff] [blame] | 1074 | if (setrestoreconlast && !nochange && S_ISDIR(sb->st_mode)) |
Stephen Smalley | 826cc29 | 2014-01-28 15:04:22 -0500 | [diff] [blame] | 1075 | setxattr(pathname, RESTORECON_LAST, fc_digest, sizeof fc_digest, 0); |
| 1076 | |
Stephen Smalley | e183cec | 2014-02-05 16:41:47 -0500 | [diff] [blame] | 1077 | rc = 0; |
| 1078 | |
| 1079 | out: |
| 1080 | freecon(oldsecontext); |
| 1081 | freecon(secontext); |
| 1082 | return rc; |
| 1083 | |
| 1084 | err: |
| 1085 | selinux_log(SELINUX_ERROR, |
| 1086 | "SELinux: Could not set context for %s: %s\n", |
| 1087 | pathname, strerror(errno)); |
| 1088 | rc = -1; |
| 1089 | goto out; |
Stephen Smalley | 0ca91b3 | 2012-03-19 10:25:53 -0400 | [diff] [blame] | 1090 | } |
| 1091 | |
Stephen Smalley | 1d66afb | 2014-03-27 08:47:15 -0400 | [diff] [blame] | 1092 | static int selinux_android_restorecon_common(const char* pathname, |
| 1093 | const char *seinfo, |
| 1094 | uid_t uid, |
| 1095 | unsigned int flags) |
Stephen Smalley | 0ca91b3 | 2012-03-19 10:25:53 -0400 | [diff] [blame] | 1096 | { |
Stephen Smalley | 08587cf | 2014-01-30 10:13:12 -0500 | [diff] [blame] | 1097 | bool nochange = (flags & SELINUX_ANDROID_RESTORECON_NOCHANGE) ? true : false; |
| 1098 | bool verbose = (flags & SELINUX_ANDROID_RESTORECON_VERBOSE) ? true : false; |
| 1099 | bool recurse = (flags & SELINUX_ANDROID_RESTORECON_RECURSE) ? true : false; |
| 1100 | bool force = (flags & SELINUX_ANDROID_RESTORECON_FORCE) ? true : false; |
Stephen Smalley | 027670d | 2014-02-18 11:04:37 -0500 | [diff] [blame] | 1101 | bool datadata = (flags & SELINUX_ANDROID_RESTORECON_DATADATA) ? true : false; |
Stephen Smalley | 0e7340f | 2014-04-30 15:13:30 -0700 | [diff] [blame^] | 1102 | bool issys = strcmp(pathname, "/sys") == 0 ? true : false; |
Stephen Smalley | 7fc97fb | 2014-01-28 10:37:58 -0500 | [diff] [blame] | 1103 | struct stat sb; |
Stephen Smalley | 08587cf | 2014-01-30 10:13:12 -0500 | [diff] [blame] | 1104 | FTS *fts; |
| 1105 | FTSENT *ftsent; |
| 1106 | char *const paths[2] = { __UNCONST(pathname), NULL }; |
| 1107 | int ftsflags = FTS_COMFOLLOW | FTS_NOCHDIR | FTS_XDEV | FTS_PHYSICAL; |
| 1108 | int error, sverrno; |
Stephen Smalley | 826cc29 | 2014-01-28 15:04:22 -0500 | [diff] [blame] | 1109 | char xattr_value[FC_DIGEST_SIZE]; |
| 1110 | ssize_t size; |
Stephen Smalley | 0ca91b3 | 2012-03-19 10:25:53 -0400 | [diff] [blame] | 1111 | |
Stephen Smalley | 7fc97fb | 2014-01-28 10:37:58 -0500 | [diff] [blame] | 1112 | if (is_selinux_enabled() <= 0) |
| 1113 | return 0; |
Stephen Smalley | 0ca91b3 | 2012-03-19 10:25:53 -0400 | [diff] [blame] | 1114 | |
Stephen Smalley | 7fc97fb | 2014-01-28 10:37:58 -0500 | [diff] [blame] | 1115 | __selinux_once(fc_once, file_context_init); |
Stephen Smalley | 0ca91b3 | 2012-03-19 10:25:53 -0400 | [diff] [blame] | 1116 | |
Stephen Smalley | 7fc97fb | 2014-01-28 10:37:58 -0500 | [diff] [blame] | 1117 | if (!sehandle) |
| 1118 | return 0; |
Stephen Smalley | 0ca91b3 | 2012-03-19 10:25:53 -0400 | [diff] [blame] | 1119 | |
Stephen Smalley | 08587cf | 2014-01-30 10:13:12 -0500 | [diff] [blame] | 1120 | if (!recurse) { |
| 1121 | if (lstat(pathname, &sb) < 0) |
| 1122 | return -1; |
| 1123 | |
Stephen Smalley | 1d66afb | 2014-03-27 08:47:15 -0400 | [diff] [blame] | 1124 | return restorecon_sb(pathname, &sb, false, nochange, verbose, seinfo, uid); |
Stephen Smalley | 08587cf | 2014-01-30 10:13:12 -0500 | [diff] [blame] | 1125 | } |
| 1126 | |
Stephen Smalley | 833cbd6 | 2014-02-27 13:08:40 -0500 | [diff] [blame] | 1127 | /* |
| 1128 | * Ignore restorecon_last on /data/data or /data/user |
| 1129 | * since their labeling is based on seapp_contexts and seinfo |
| 1130 | * assignments rather than file_contexts and is managed by |
| 1131 | * installd rather than init. |
| 1132 | */ |
| 1133 | if (!strcmp(pathname, DATA_DATA_PATH) || !strcmp(pathname, DATA_USER_PATH)) |
| 1134 | force = true; |
| 1135 | |
Stephen Smalley | 826cc29 | 2014-01-28 15:04:22 -0500 | [diff] [blame] | 1136 | size = getxattr(pathname, RESTORECON_LAST, xattr_value, sizeof fc_digest); |
Stephen Smalley | 08587cf | 2014-01-30 10:13:12 -0500 | [diff] [blame] | 1137 | if (!force && size == sizeof fc_digest && memcmp(fc_digest, xattr_value, sizeof fc_digest) == 0) { |
Stephen Smalley | 826cc29 | 2014-01-28 15:04:22 -0500 | [diff] [blame] | 1138 | selinux_log(SELINUX_INFO, |
| 1139 | "SELinux: Skipping restorecon_recursive(%s)\n", |
| 1140 | pathname); |
| 1141 | return 0; |
| 1142 | } |
| 1143 | |
Stephen Smalley | 08587cf | 2014-01-30 10:13:12 -0500 | [diff] [blame] | 1144 | fts = fts_open(paths, ftsflags, NULL); |
| 1145 | if (!fts) |
| 1146 | return -1; |
| 1147 | |
| 1148 | error = 0; |
| 1149 | while ((ftsent = fts_read(fts)) != NULL) { |
| 1150 | switch (ftsent->fts_info) { |
| 1151 | case FTS_DC: |
| 1152 | selinux_log(SELINUX_ERROR, |
| 1153 | "SELinux: Directory cycle on %s.\n", ftsent->fts_path); |
| 1154 | errno = ELOOP; |
| 1155 | error = -1; |
| 1156 | goto out; |
| 1157 | case FTS_DP: |
| 1158 | continue; |
| 1159 | case FTS_DNR: |
| 1160 | selinux_log(SELINUX_ERROR, |
| 1161 | "SELinux: Could not read %s: %s.\n", ftsent->fts_path, strerror(errno)); |
| 1162 | fts_set(fts, ftsent, FTS_SKIP); |
| 1163 | continue; |
| 1164 | case FTS_NS: |
| 1165 | selinux_log(SELINUX_ERROR, |
| 1166 | "SELinux: Could not stat %s: %s.\n", ftsent->fts_path, strerror(errno)); |
| 1167 | fts_set(fts, ftsent, FTS_SKIP); |
| 1168 | continue; |
| 1169 | case FTS_ERR: |
| 1170 | selinux_log(SELINUX_ERROR, |
| 1171 | "SELinux: Error on %s: %s.\n", ftsent->fts_path, strerror(errno)); |
| 1172 | fts_set(fts, ftsent, FTS_SKIP); |
| 1173 | continue; |
Stephen Smalley | 027670d | 2014-02-18 11:04:37 -0500 | [diff] [blame] | 1174 | case FTS_D: |
| 1175 | if (!datadata && |
| 1176 | (!strcmp(ftsent->fts_path, DATA_DATA_PATH) || |
| 1177 | !strcmp(ftsent->fts_path, DATA_USER_PATH))) { |
| 1178 | fts_set(fts, ftsent, FTS_SKIP); |
| 1179 | continue; |
| 1180 | } |
Stephen Smalley | 0e7340f | 2014-04-30 15:13:30 -0700 | [diff] [blame^] | 1181 | if (issys && !selabel_partial_match(sehandle, ftsent->fts_path)) { |
| 1182 | fts_set(fts, ftsent, FTS_SKIP); |
| 1183 | continue; |
| 1184 | } |
Stephen Smalley | 027670d | 2014-02-18 11:04:37 -0500 | [diff] [blame] | 1185 | /* fall through */ |
Stephen Smalley | 08587cf | 2014-01-30 10:13:12 -0500 | [diff] [blame] | 1186 | default: |
Stephen Smalley | 1d66afb | 2014-03-27 08:47:15 -0400 | [diff] [blame] | 1187 | (void) restorecon_sb(ftsent->fts_path, ftsent->fts_statp, true, nochange, verbose, seinfo, uid); |
Stephen Smalley | 08587cf | 2014-01-30 10:13:12 -0500 | [diff] [blame] | 1188 | break; |
| 1189 | } |
| 1190 | } |
| 1191 | |
| 1192 | out: |
| 1193 | sverrno = errno; |
| 1194 | (void) fts_close(fts); |
| 1195 | error = sverrno; |
| 1196 | return error; |
| 1197 | } |
| 1198 | |
Stephen Smalley | 1d66afb | 2014-03-27 08:47:15 -0400 | [diff] [blame] | 1199 | int selinux_android_restorecon(const char *file, unsigned int flags) |
| 1200 | { |
| 1201 | return selinux_android_restorecon_common(file, NULL, -1, flags); |
| 1202 | } |
| 1203 | |
| 1204 | int selinux_android_restorecon_pkgdir(const char *pkgdir, |
| 1205 | const char *seinfo, |
| 1206 | uid_t uid, |
| 1207 | unsigned int flags) |
| 1208 | { |
| 1209 | return selinux_android_restorecon_common(pkgdir, seinfo, uid, flags | SELINUX_ANDROID_RESTORECON_DATADATA); |
| 1210 | } |
| 1211 | |
rpcraig | f1724a3 | 2012-08-01 15:35:37 -0400 | [diff] [blame] | 1212 | struct selabel_handle* selinux_android_file_context_handle(void) |
| 1213 | { |
Stephen Smalley | 7fc97fb | 2014-01-28 10:37:58 -0500 | [diff] [blame] | 1214 | return file_context_open(); |
| 1215 | } |
| 1216 | |
| 1217 | void selinux_android_set_sehandle(const struct selabel_handle *hndl) |
| 1218 | { |
| 1219 | sehandle = (struct selabel_handle *) hndl; |
rpcraig | f1724a3 | 2012-08-01 15:35:37 -0400 | [diff] [blame] | 1220 | } |
rpcraig | 9b10083 | 2012-07-27 06:36:59 -0400 | [diff] [blame] | 1221 | |
rpcraig | f1724a3 | 2012-08-01 15:35:37 -0400 | [diff] [blame] | 1222 | int selinux_android_reload_policy(void) |
| 1223 | { |
Stephen Smalley | 4a655ec | 2012-09-18 15:08:32 -0400 | [diff] [blame] | 1224 | int fd = -1, rc; |
rpcraig | f1724a3 | 2012-08-01 15:35:37 -0400 | [diff] [blame] | 1225 | struct stat sb; |
| 1226 | void *map = NULL; |
| 1227 | int i = 0; |
| 1228 | |
Stephen Smalley | 4a655ec | 2012-09-18 15:08:32 -0400 | [diff] [blame] | 1229 | while (fd < 0 && sepolicy_file[i]) { |
Nick Kralevich | 9c30ac6 | 2013-05-06 12:03:07 -0700 | [diff] [blame] | 1230 | fd = open(sepolicy_file[i], O_RDONLY | O_NOFOLLOW); |
rpcraig | f1724a3 | 2012-08-01 15:35:37 -0400 | [diff] [blame] | 1231 | i++; |
| 1232 | } |
| 1233 | if (fd < 0) { |
| 1234 | selinux_log(SELINUX_ERROR, "SELinux: Could not open sepolicy: %s\n", |
| 1235 | strerror(errno)); |
| 1236 | return -1; |
| 1237 | } |
| 1238 | if (fstat(fd, &sb) < 0) { |
| 1239 | selinux_log(SELINUX_ERROR, "SELinux: Could not stat %s: %s\n", |
Stephen Smalley | cb92504 | 2013-07-26 10:45:44 -0400 | [diff] [blame] | 1240 | sepolicy_file[i-1], strerror(errno)); |
rpcraig | f1724a3 | 2012-08-01 15:35:37 -0400 | [diff] [blame] | 1241 | close(fd); |
| 1242 | return -1; |
| 1243 | } |
| 1244 | map = mmap(NULL, sb.st_size, PROT_READ, MAP_PRIVATE, fd, 0); |
| 1245 | if (map == MAP_FAILED) { |
| 1246 | selinux_log(SELINUX_ERROR, "SELinux: Could not map %s: %s\n", |
Stephen Smalley | cb92504 | 2013-07-26 10:45:44 -0400 | [diff] [blame] | 1247 | sepolicy_file[i-1], strerror(errno)); |
rpcraig | f1724a3 | 2012-08-01 15:35:37 -0400 | [diff] [blame] | 1248 | close(fd); |
| 1249 | return -1; |
| 1250 | } |
| 1251 | |
| 1252 | rc = security_load_policy(map, sb.st_size); |
| 1253 | if (rc < 0) { |
| 1254 | selinux_log(SELINUX_ERROR, "SELinux: Could not load policy: %s\n", |
| 1255 | strerror(errno)); |
| 1256 | munmap(map, sb.st_size); |
| 1257 | close(fd); |
| 1258 | return -1; |
| 1259 | } |
| 1260 | |
| 1261 | munmap(map, sb.st_size); |
| 1262 | close(fd); |
Stephen Smalley | cb92504 | 2013-07-26 10:45:44 -0400 | [diff] [blame] | 1263 | selinux_log(SELINUX_INFO, "SELinux: Loaded policy from %s\n", sepolicy_file[i-1]); |
rpcraig | f1724a3 | 2012-08-01 15:35:37 -0400 | [diff] [blame] | 1264 | |
| 1265 | return 0; |
| 1266 | } |
| 1267 | |
| 1268 | int selinux_android_load_policy(void) |
| 1269 | { |
Nick Kralevich | 833cba6 | 2013-11-19 11:24:33 -0800 | [diff] [blame] | 1270 | const char *mnt = SELINUXMNT; |
Stephen Smalley | d10c343 | 2012-11-05 11:49:35 -0500 | [diff] [blame] | 1271 | int rc; |
| 1272 | rc = mount(SELINUXFS, mnt, SELINUXFS, 0, NULL); |
| 1273 | if (rc < 0) { |
rpcraig | f1724a3 | 2012-08-01 15:35:37 -0400 | [diff] [blame] | 1274 | if (errno == ENODEV) { |
| 1275 | /* SELinux not enabled in kernel */ |
| 1276 | return -1; |
| 1277 | } |
Stephen Smalley | d10c343 | 2012-11-05 11:49:35 -0500 | [diff] [blame] | 1278 | if (errno == ENOENT) { |
| 1279 | /* Fall back to legacy mountpoint. */ |
| 1280 | mnt = OLDSELINUXMNT; |
Alice Chu | d2302ca | 2013-01-04 16:02:46 -0800 | [diff] [blame] | 1281 | rc = mkdir(mnt, 0755); |
| 1282 | if (rc == -1 && errno != EEXIST) { |
| 1283 | selinux_log(SELINUX_ERROR,"SELinux: Could not mkdir: %s\n", |
| 1284 | strerror(errno)); |
| 1285 | return -1; |
| 1286 | } |
Stephen Smalley | d10c343 | 2012-11-05 11:49:35 -0500 | [diff] [blame] | 1287 | rc = mount(SELINUXFS, mnt, SELINUXFS, 0, NULL); |
| 1288 | } |
| 1289 | } |
| 1290 | if (rc < 0) { |
rpcraig | f1724a3 | 2012-08-01 15:35:37 -0400 | [diff] [blame] | 1291 | selinux_log(SELINUX_ERROR,"SELinux: Could not mount selinuxfs: %s\n", |
| 1292 | strerror(errno)); |
| 1293 | return -1; |
| 1294 | } |
Stephen Smalley | d10c343 | 2012-11-05 11:49:35 -0500 | [diff] [blame] | 1295 | set_selinuxmnt(mnt); |
rpcraig | f1724a3 | 2012-08-01 15:35:37 -0400 | [diff] [blame] | 1296 | |
| 1297 | return selinux_android_reload_policy(); |
rpcraig | 9b10083 | 2012-07-27 06:36:59 -0400 | [diff] [blame] | 1298 | } |