Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 1 | #include <sys/types.h> |
| 2 | #include <unistd.h> |
| 3 | #include <string.h> |
| 4 | #include <stdio.h> |
| 5 | #include <stdlib.h> |
Stephen Smalley | 826cc29 | 2014-01-28 15:04:22 -0500 | [diff] [blame] | 6 | #include <stdbool.h> |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 7 | #include <ctype.h> |
| 8 | #include <errno.h> |
| 9 | #include <pwd.h> |
| 10 | #include <grp.h> |
rpcraig | f1724a3 | 2012-08-01 15:35:37 -0400 | [diff] [blame] | 11 | #include <sys/mman.h> |
| 12 | #include <sys/mount.h> |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 13 | #include <sys/types.h> |
| 14 | #include <sys/stat.h> |
Stephen Smalley | 826cc29 | 2014-01-28 15:04:22 -0500 | [diff] [blame] | 15 | #include <sys/xattr.h> |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 16 | #include <fcntl.h> |
Stephen Smalley | 08587cf | 2014-01-30 10:13:12 -0500 | [diff] [blame] | 17 | #include <fts.h> |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 18 | #include <selinux/selinux.h> |
| 19 | #include <selinux/context.h> |
| 20 | #include <selinux/android.h> |
Stephen Smalley | 0ca91b3 | 2012-03-19 10:25:53 -0400 | [diff] [blame] | 21 | #include <selinux/label.h> |
Stephen Smalley | e8b0fd8 | 2012-07-31 09:12:53 -0400 | [diff] [blame] | 22 | #include <selinux/avc.h> |
Stephen Smalley | 826cc29 | 2014-01-28 15:04:22 -0500 | [diff] [blame] | 23 | #include <mincrypt/sha.h> |
Stephen Smalley | 895b446 | 2012-09-19 16:27:36 -0400 | [diff] [blame] | 24 | #include <private/android_filesystem_config.h> |
Riley Spahn | bad0ebb | 2014-06-11 16:07:53 -0700 | [diff] [blame] | 25 | #include <log/log.h> |
Stephen Smalley | d10c343 | 2012-11-05 11:49:35 -0500 | [diff] [blame] | 26 | #include "policy.h" |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 27 | #include "callbacks.h" |
| 28 | #include "selinux_internal.h" |
Stephen Smalley | 0e7340f | 2014-04-30 15:13:30 -0700 | [diff] [blame] | 29 | #include "label_internal.h" |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 30 | |
| 31 | /* |
| 32 | * XXX Where should this configuration file be located? |
| 33 | * Needs to be accessible by zygote and installd when |
| 34 | * setting credentials for app processes and setting permissions |
| 35 | * on app data directories. |
| 36 | */ |
Stephen Smalley | 7446c91 | 2012-03-19 10:37:05 -0400 | [diff] [blame] | 37 | static char const * const seapp_contexts_file[] = { |
Stephen Smalley | 7446c91 | 2012-03-19 10:37:05 -0400 | [diff] [blame] | 38 | "/seapp_contexts", |
Robert Craig | 5b5183f | 2014-03-17 20:53:06 -0400 | [diff] [blame] | 39 | "/data/security/current/seapp_contexts", |
William Roberts | 8ed4242 | 2013-04-15 16:13:30 -0700 | [diff] [blame] | 40 | NULL }; |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 41 | |
Stephen Smalley | 32ebfe8 | 2012-03-20 13:05:37 -0400 | [diff] [blame] | 42 | static const struct selinux_opt seopts[] = { |
Stephen Smalley | 32ebfe8 | 2012-03-20 13:05:37 -0400 | [diff] [blame] | 43 | { SELABEL_OPT_PATH, "/file_contexts" }, |
Robert Craig | 5b5183f | 2014-03-17 20:53:06 -0400 | [diff] [blame] | 44 | { SELABEL_OPT_PATH, "/data/security/current/file_contexts" }, |
Stephen Smalley | 32ebfe8 | 2012-03-20 13:05:37 -0400 | [diff] [blame] | 45 | { 0, NULL } }; |
Stephen Smalley | 7446c91 | 2012-03-19 10:37:05 -0400 | [diff] [blame] | 46 | |
Stephen Smalley | 4a655ec | 2012-09-18 15:08:32 -0400 | [diff] [blame] | 47 | static const char *const sepolicy_file[] = { |
Robert Craig | 5b5183f | 2014-03-17 20:53:06 -0400 | [diff] [blame] | 48 | "/sepolicy", |
| 49 | "/data/security/current/sepolicy", |
| 50 | NULL }; |
rpcraig | f1724a3 | 2012-08-01 15:35:37 -0400 | [diff] [blame] | 51 | |
dcashman | 965141a | 2014-12-03 12:51:50 -0800 | [diff] [blame] | 52 | static const struct selinux_opt seopts_prop[] = { |
| 53 | { SELABEL_OPT_PATH, "/property_contexts" }, |
| 54 | { SELABEL_OPT_PATH, "/data/security/current/property_contexts" }, |
| 55 | { 0, NULL } |
| 56 | }; |
| 57 | |
Riley Spahn | bad0ebb | 2014-06-11 16:07:53 -0700 | [diff] [blame] | 58 | static const struct selinux_opt seopts_service[] = { |
| 59 | { SELABEL_OPT_PATH, "/service_contexts" }, |
| 60 | { SELABEL_OPT_PATH, "/data/security/current/service_contexts" }, |
| 61 | { 0, NULL } |
| 62 | }; |
| 63 | |
Stephen Smalley | a879598 | 2012-11-28 10:42:46 -0500 | [diff] [blame] | 64 | enum levelFrom { |
| 65 | LEVELFROM_NONE, |
| 66 | LEVELFROM_APP, |
| 67 | LEVELFROM_USER, |
| 68 | LEVELFROM_ALL |
| 69 | }; |
| 70 | |
Robert Craig | 5b5183f | 2014-03-17 20:53:06 -0400 | [diff] [blame] | 71 | #define POLICY_OVERRIDE_VERSION "/data/security/current/selinux_version" |
| 72 | #define POLICY_BASE_VERSION "/selinux_version" |
| 73 | static int policy_index = 0; |
| 74 | |
| 75 | static void set_policy_index(void) |
| 76 | { |
| 77 | int fd_base = -1, fd_override = -1; |
| 78 | struct stat sb_base; |
| 79 | struct stat sb_override; |
| 80 | void *map_base, *map_override; |
| 81 | |
| 82 | policy_index = 0; |
| 83 | |
| 84 | fd_base = open(POLICY_BASE_VERSION, O_RDONLY | O_NOFOLLOW); |
| 85 | if (fd_base < 0) |
| 86 | return; |
| 87 | |
Stephen Smalley | 1e9d276 | 2015-02-19 09:42:58 -0500 | [diff] [blame] | 88 | if (fstat(fd_base, &sb_base) < 0) |
| 89 | goto close_base; |
Robert Craig | 5b5183f | 2014-03-17 20:53:06 -0400 | [diff] [blame] | 90 | |
| 91 | fd_override = open(POLICY_OVERRIDE_VERSION, O_RDONLY | O_NOFOLLOW); |
Stephen Smalley | 1e9d276 | 2015-02-19 09:42:58 -0500 | [diff] [blame] | 92 | if (fd_override < 0) |
| 93 | goto close_base; |
Robert Craig | 5b5183f | 2014-03-17 20:53:06 -0400 | [diff] [blame] | 94 | |
Stephen Smalley | 1e9d276 | 2015-02-19 09:42:58 -0500 | [diff] [blame] | 95 | if (fstat(fd_override, &sb_override) < 0) |
| 96 | goto close_override; |
Robert Craig | 5b5183f | 2014-03-17 20:53:06 -0400 | [diff] [blame] | 97 | |
Stephen Smalley | 1e9d276 | 2015-02-19 09:42:58 -0500 | [diff] [blame] | 98 | if (sb_base.st_size != sb_override.st_size) |
| 99 | goto close_override; |
Robert Craig | 5b5183f | 2014-03-17 20:53:06 -0400 | [diff] [blame] | 100 | |
| 101 | map_base = mmap(NULL, sb_base.st_size, PROT_READ, MAP_PRIVATE, fd_base, 0); |
Stephen Smalley | 1e9d276 | 2015-02-19 09:42:58 -0500 | [diff] [blame] | 102 | if (map_base == MAP_FAILED) |
| 103 | goto close_override; |
Robert Craig | 5b5183f | 2014-03-17 20:53:06 -0400 | [diff] [blame] | 104 | |
| 105 | map_override = mmap(NULL, sb_override.st_size, PROT_READ, MAP_PRIVATE, fd_override, 0); |
Stephen Smalley | 1e9d276 | 2015-02-19 09:42:58 -0500 | [diff] [blame] | 106 | if (map_override == MAP_FAILED) |
| 107 | goto unmap_base; |
Robert Craig | 5b5183f | 2014-03-17 20:53:06 -0400 | [diff] [blame] | 108 | |
Stephen Smalley | 1e9d276 | 2015-02-19 09:42:58 -0500 | [diff] [blame] | 109 | if (memcmp(map_base, map_override, sb_base.st_size) != 0) |
| 110 | goto unmap_override; |
Robert Craig | 5b5183f | 2014-03-17 20:53:06 -0400 | [diff] [blame] | 111 | |
Stephen Smalley | 1e9d276 | 2015-02-19 09:42:58 -0500 | [diff] [blame] | 112 | if (access(sepolicy_file[1], R_OK) != 0) |
| 113 | goto unmap_override; |
Robert Craig | 5b5183f | 2014-03-17 20:53:06 -0400 | [diff] [blame] | 114 | |
Stephen Smalley | 1e9d276 | 2015-02-19 09:42:58 -0500 | [diff] [blame] | 115 | if (access(seopts[1].value, R_OK) != 0) |
| 116 | goto unmap_override; |
| 117 | |
| 118 | if (access(seopts_prop[1].value, R_OK) != 0) |
| 119 | goto unmap_override; |
| 120 | |
| 121 | if (access(seopts_service[1].value, R_OK) != 0) |
| 122 | goto unmap_override; |
| 123 | |
| 124 | if (access(seapp_contexts_file[1], R_OK) != 0) |
| 125 | goto unmap_override; |
| 126 | |
| 127 | policy_index = 1; |
| 128 | |
| 129 | unmap_override: |
Robert Craig | 5b5183f | 2014-03-17 20:53:06 -0400 | [diff] [blame] | 130 | munmap(map_override, sb_override.st_size); |
Stephen Smalley | 1e9d276 | 2015-02-19 09:42:58 -0500 | [diff] [blame] | 131 | unmap_base: |
| 132 | munmap(map_base, sb_base.st_size); |
| 133 | close_override: |
| 134 | close(fd_override); |
| 135 | close_base: |
| 136 | close(fd_base); |
| 137 | return; |
Robert Craig | 5b5183f | 2014-03-17 20:53:06 -0400 | [diff] [blame] | 138 | } |
| 139 | |
Stephen Smalley | a879598 | 2012-11-28 10:42:46 -0500 | [diff] [blame] | 140 | #if DEBUG |
| 141 | static char const * const levelFromName[] = { |
| 142 | "none", |
| 143 | "app", |
| 144 | "user", |
| 145 | "all" |
| 146 | }; |
| 147 | #endif |
| 148 | |
William Roberts | e3615f9 | 2013-09-11 20:35:53 -0700 | [diff] [blame] | 149 | struct prefix_str { |
| 150 | size_t len; |
| 151 | char *str; |
| 152 | char is_prefix; |
| 153 | }; |
| 154 | |
Stephen Smalley | 13319cf | 2014-04-04 15:44:23 -0400 | [diff] [blame] | 155 | static void free_prefix_str(struct prefix_str *p) |
| 156 | { |
| 157 | if (!p) |
| 158 | return; |
| 159 | free(p->str); |
| 160 | } |
| 161 | |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 162 | struct seapp_context { |
| 163 | /* input selectors */ |
| 164 | char isSystemServer; |
Stephen Smalley | f76c30b | 2014-09-15 15:06:46 -0400 | [diff] [blame] | 165 | bool isOwnerSet; |
| 166 | bool isOwner; |
William Roberts | e3615f9 | 2013-09-11 20:35:53 -0700 | [diff] [blame] | 167 | struct prefix_str user; |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 168 | char *seinfo; |
William Roberts | e3615f9 | 2013-09-11 20:35:53 -0700 | [diff] [blame] | 169 | struct prefix_str name; |
Stephen Smalley | 274e0f6 | 2014-02-19 10:53:09 -0500 | [diff] [blame] | 170 | struct prefix_str path; |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 171 | /* outputs */ |
| 172 | char *domain; |
| 173 | char *type; |
| 174 | char *level; |
Stephen Smalley | a879598 | 2012-11-28 10:42:46 -0500 | [diff] [blame] | 175 | enum levelFrom levelFrom; |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 176 | }; |
| 177 | |
Stephen Smalley | 13319cf | 2014-04-04 15:44:23 -0400 | [diff] [blame] | 178 | static void free_seapp_context(struct seapp_context *s) |
| 179 | { |
| 180 | if (!s) |
| 181 | return; |
| 182 | |
| 183 | free_prefix_str(&s->user); |
| 184 | free(s->seinfo); |
| 185 | free_prefix_str(&s->name); |
| 186 | free_prefix_str(&s->path); |
| 187 | free(s->domain); |
| 188 | free(s->type); |
| 189 | free(s->level); |
Stephen Smalley | 13319cf | 2014-04-04 15:44:23 -0400 | [diff] [blame] | 190 | } |
| 191 | |
Stephen Smalley | 76d5184 | 2015-02-13 15:29:46 -0500 | [diff] [blame^] | 192 | static bool seapp_contexts_dup = false; |
| 193 | |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 194 | static int seapp_context_cmp(const void *A, const void *B) |
| 195 | { |
Nick Kralevich | 833cba6 | 2013-11-19 11:24:33 -0800 | [diff] [blame] | 196 | const struct seapp_context *const *sp1 = (const struct seapp_context *const *) A; |
| 197 | const struct seapp_context *const *sp2 = (const struct seapp_context *const *) B; |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 198 | const struct seapp_context *s1 = *sp1, *s2 = *sp2; |
Stephen Smalley | 76d5184 | 2015-02-13 15:29:46 -0500 | [diff] [blame^] | 199 | bool dup; |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 200 | |
| 201 | /* Give precedence to isSystemServer=true. */ |
| 202 | if (s1->isSystemServer != s2->isSystemServer) |
| 203 | return (s1->isSystemServer ? -1 : 1); |
| 204 | |
Stephen Smalley | f76c30b | 2014-09-15 15:06:46 -0400 | [diff] [blame] | 205 | /* Give precedence to a specified isOwner= over an unspecified isOwner=. */ |
| 206 | if (s1->isOwnerSet != s2->isOwnerSet) |
| 207 | return (s1->isOwnerSet ? -1 : 1); |
| 208 | |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 209 | /* Give precedence to a specified user= over an unspecified user=. */ |
William Roberts | e3615f9 | 2013-09-11 20:35:53 -0700 | [diff] [blame] | 210 | if (s1->user.str && !s2->user.str) |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 211 | return -1; |
William Roberts | e3615f9 | 2013-09-11 20:35:53 -0700 | [diff] [blame] | 212 | if (!s1->user.str && s2->user.str) |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 213 | return 1; |
| 214 | |
William Roberts | e3615f9 | 2013-09-11 20:35:53 -0700 | [diff] [blame] | 215 | if (s1->user.str) { |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 216 | /* Give precedence to a fixed user= string over a prefix. */ |
William Roberts | e3615f9 | 2013-09-11 20:35:53 -0700 | [diff] [blame] | 217 | if (s1->user.is_prefix != s2->user.is_prefix) |
| 218 | return (s2->user.is_prefix ? -1 : 1); |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 219 | |
| 220 | /* Give precedence to a longer prefix over a shorter prefix. */ |
William Roberts | e3615f9 | 2013-09-11 20:35:53 -0700 | [diff] [blame] | 221 | if (s1->user.is_prefix && s1->user.len != s2->user.len) |
| 222 | return (s1->user.len > s2->user.len) ? -1 : 1; |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 223 | } |
| 224 | |
| 225 | /* Give precedence to a specified seinfo= over an unspecified seinfo=. */ |
| 226 | if (s1->seinfo && !s2->seinfo) |
| 227 | return -1; |
| 228 | if (!s1->seinfo && s2->seinfo) |
| 229 | return 1; |
| 230 | |
| 231 | /* Give precedence to a specified name= over an unspecified name=. */ |
William Roberts | e3615f9 | 2013-09-11 20:35:53 -0700 | [diff] [blame] | 232 | if (s1->name.str && !s2->name.str) |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 233 | return -1; |
William Roberts | e3615f9 | 2013-09-11 20:35:53 -0700 | [diff] [blame] | 234 | if (!s1->name.str && s2->name.str) |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 235 | return 1; |
| 236 | |
William Roberts | e3615f9 | 2013-09-11 20:35:53 -0700 | [diff] [blame] | 237 | if (s1->name.str) { |
| 238 | /* Give precedence to a fixed name= string over a prefix. */ |
| 239 | if (s1->name.is_prefix != s2->name.is_prefix) |
| 240 | return (s2->name.is_prefix ? -1 : 1); |
| 241 | |
| 242 | /* Give precedence to a longer prefix over a shorter prefix. */ |
| 243 | if (s1->name.is_prefix && s1->name.len != s2->name.len) |
| 244 | return (s1->name.len > s2->name.len) ? -1 : 1; |
| 245 | } |
| 246 | |
Stephen Smalley | 274e0f6 | 2014-02-19 10:53:09 -0500 | [diff] [blame] | 247 | /* Give precedence to a specified path= over an unspecified path=. */ |
| 248 | if (s1->path.str && !s2->path.str) |
| 249 | return -1; |
| 250 | if (!s1->path.str && s2->path.str) |
| 251 | return 1; |
| 252 | |
| 253 | if (s1->path.str) { |
| 254 | /* Give precedence to a fixed path= string over a prefix. */ |
| 255 | if (s1->path.is_prefix != s2->path.is_prefix) |
| 256 | return (s2->path.is_prefix ? -1 : 1); |
| 257 | |
| 258 | /* Give precedence to a longer prefix over a shorter prefix. */ |
| 259 | if (s1->path.is_prefix && s1->path.len != s2->path.len) |
| 260 | return (s1->path.len > s2->path.len) ? -1 : 1; |
| 261 | } |
| 262 | |
Stephen Smalley | 76d5184 | 2015-02-13 15:29:46 -0500 | [diff] [blame^] | 263 | /* |
| 264 | * Check for a duplicated entry on the input selectors. |
| 265 | * We already compared isSystemServer, isOwnerSet, and isOwner above. |
| 266 | * We also have already checked that both entries specify the same |
| 267 | * string fields, so if s1 has a non-NULL string, then so does s2. |
| 268 | */ |
| 269 | dup = (!s1->user.str || !strcmp(s1->user.str, s2->user.str)) && |
| 270 | (!s1->seinfo || !strcmp(s1->seinfo, s2->seinfo)) && |
| 271 | (!s1->name.str || !strcmp(s1->name.str, s2->name.str)) && |
| 272 | (!s1->path.str || !strcmp(s1->path.str, s2->path.str)); |
| 273 | if (dup) { |
| 274 | seapp_contexts_dup = true; |
| 275 | selinux_log(SELINUX_ERROR, "seapp_contexts: Duplicated entry\n"); |
| 276 | if (s1->user.str) |
| 277 | selinux_log(SELINUX_ERROR, " user=%s\n", s1->user.str); |
| 278 | if (s1->seinfo) |
| 279 | selinux_log(SELINUX_ERROR, " seinfo=%s\n", s1->seinfo); |
| 280 | if (s1->name.str) |
| 281 | selinux_log(SELINUX_ERROR, " name=%s\n", s1->name.str); |
| 282 | if (s1->path.str) |
| 283 | selinux_log(SELINUX_ERROR, " path=%s\n", s1->path.str); |
| 284 | } |
| 285 | |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 286 | /* Anything else has equal precedence. */ |
| 287 | return 0; |
| 288 | } |
| 289 | |
| 290 | static struct seapp_context **seapp_contexts = NULL; |
| 291 | static int nspec = 0; |
| 292 | |
Stephen Smalley | 13319cf | 2014-04-04 15:44:23 -0400 | [diff] [blame] | 293 | static void free_seapp_contexts(void) |
| 294 | { |
| 295 | int n; |
| 296 | |
| 297 | if (!seapp_contexts) |
| 298 | return; |
| 299 | |
| 300 | for (n = 0; n < nspec; n++) |
| 301 | free_seapp_context(seapp_contexts[n]); |
| 302 | |
| 303 | free(seapp_contexts); |
| 304 | seapp_contexts = NULL; |
| 305 | nspec = 0; |
| 306 | } |
| 307 | |
Stephen Smalley | 7446c91 | 2012-03-19 10:37:05 -0400 | [diff] [blame] | 308 | int selinux_android_seapp_context_reload(void) |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 309 | { |
Stephen Smalley | 7446c91 | 2012-03-19 10:37:05 -0400 | [diff] [blame] | 310 | FILE *fp = NULL; |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 311 | char line_buf[BUFSIZ]; |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 312 | char *token; |
| 313 | unsigned lineno; |
| 314 | struct seapp_context *cur; |
| 315 | char *p, *name = NULL, *value = NULL, *saveptr; |
| 316 | size_t len; |
Robert Craig | 5b5183f | 2014-03-17 20:53:06 -0400 | [diff] [blame] | 317 | int n, ret; |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 318 | |
Robert Craig | 5b5183f | 2014-03-17 20:53:06 -0400 | [diff] [blame] | 319 | set_policy_index(); |
Stephen Smalley | 7446c91 | 2012-03-19 10:37:05 -0400 | [diff] [blame] | 320 | |
Robert Craig | 5b5183f | 2014-03-17 20:53:06 -0400 | [diff] [blame] | 321 | fp = fopen(seapp_contexts_file[policy_index], "r"); |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 322 | if (!fp) { |
Stephen Smalley | 7446c91 | 2012-03-19 10:37:05 -0400 | [diff] [blame] | 323 | selinux_log(SELINUX_ERROR, "%s: could not open any seapp_contexts file", __FUNCTION__); |
| 324 | return -1; |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 325 | } |
| 326 | |
Stephen Smalley | 13319cf | 2014-04-04 15:44:23 -0400 | [diff] [blame] | 327 | free_seapp_contexts(); |
Stephen Smalley | 300bebb | 2013-04-16 15:33:16 -0400 | [diff] [blame] | 328 | |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 329 | nspec = 0; |
| 330 | while (fgets(line_buf, sizeof line_buf - 1, fp)) { |
| 331 | p = line_buf; |
| 332 | while (isspace(*p)) |
| 333 | p++; |
| 334 | if (*p == '#' || *p == 0) |
| 335 | continue; |
| 336 | nspec++; |
| 337 | } |
| 338 | |
Nick Kralevich | 833cba6 | 2013-11-19 11:24:33 -0800 | [diff] [blame] | 339 | seapp_contexts = (struct seapp_context **) calloc(nspec, sizeof(struct seapp_context *)); |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 340 | if (!seapp_contexts) |
| 341 | goto oom; |
| 342 | |
| 343 | rewind(fp); |
| 344 | nspec = 0; |
| 345 | lineno = 1; |
| 346 | while (fgets(line_buf, sizeof line_buf - 1, fp)) { |
| 347 | len = strlen(line_buf); |
| 348 | if (line_buf[len - 1] == '\n') |
| 349 | line_buf[len - 1] = 0; |
| 350 | p = line_buf; |
| 351 | while (isspace(*p)) |
| 352 | p++; |
| 353 | if (*p == '#' || *p == 0) |
| 354 | continue; |
| 355 | |
Nick Kralevich | 833cba6 | 2013-11-19 11:24:33 -0800 | [diff] [blame] | 356 | cur = (struct seapp_context *) calloc(1, sizeof(struct seapp_context)); |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 357 | if (!cur) |
| 358 | goto oom; |
| 359 | |
| 360 | token = strtok_r(p, " \t", &saveptr); |
Stephen Smalley | 13319cf | 2014-04-04 15:44:23 -0400 | [diff] [blame] | 361 | if (!token) { |
| 362 | free_seapp_context(cur); |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 363 | goto err; |
Stephen Smalley | 13319cf | 2014-04-04 15:44:23 -0400 | [diff] [blame] | 364 | } |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 365 | |
| 366 | while (1) { |
| 367 | name = token; |
| 368 | value = strchr(name, '='); |
Stephen Smalley | 13319cf | 2014-04-04 15:44:23 -0400 | [diff] [blame] | 369 | if (!value) { |
| 370 | free_seapp_context(cur); |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 371 | goto err; |
Stephen Smalley | 13319cf | 2014-04-04 15:44:23 -0400 | [diff] [blame] | 372 | } |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 373 | *value++ = 0; |
| 374 | |
| 375 | if (!strcasecmp(name, "isSystemServer")) { |
| 376 | if (!strcasecmp(value, "true")) |
| 377 | cur->isSystemServer = 1; |
| 378 | else if (!strcasecmp(value, "false")) |
| 379 | cur->isSystemServer = 0; |
| 380 | else { |
Stephen Smalley | 13319cf | 2014-04-04 15:44:23 -0400 | [diff] [blame] | 381 | free_seapp_context(cur); |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 382 | goto err; |
| 383 | } |
Stephen Smalley | f76c30b | 2014-09-15 15:06:46 -0400 | [diff] [blame] | 384 | } else if (!strcasecmp(name, "isOwner")) { |
| 385 | cur->isOwnerSet = true; |
| 386 | if (!strcasecmp(value, "true")) |
| 387 | cur->isOwner = true; |
| 388 | else if (!strcasecmp(value, "false")) |
| 389 | cur->isOwner = false; |
| 390 | else { |
| 391 | free_seapp_context(cur); |
| 392 | goto err; |
| 393 | } |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 394 | } else if (!strcasecmp(name, "user")) { |
Stephen Smalley | 0f912a1 | 2015-02-13 14:08:57 -0500 | [diff] [blame] | 395 | if (cur->user.str) { |
| 396 | free_seapp_context(cur); |
| 397 | goto err; |
| 398 | } |
William Roberts | e3615f9 | 2013-09-11 20:35:53 -0700 | [diff] [blame] | 399 | cur->user.str = strdup(value); |
Stephen Smalley | 13319cf | 2014-04-04 15:44:23 -0400 | [diff] [blame] | 400 | if (!cur->user.str) { |
| 401 | free_seapp_context(cur); |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 402 | goto oom; |
Stephen Smalley | 13319cf | 2014-04-04 15:44:23 -0400 | [diff] [blame] | 403 | } |
William Roberts | e3615f9 | 2013-09-11 20:35:53 -0700 | [diff] [blame] | 404 | cur->user.len = strlen(cur->user.str); |
| 405 | if (cur->user.str[cur->user.len-1] == '*') |
| 406 | cur->user.is_prefix = 1; |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 407 | } else if (!strcasecmp(name, "seinfo")) { |
Stephen Smalley | 0f912a1 | 2015-02-13 14:08:57 -0500 | [diff] [blame] | 408 | if (cur->seinfo) { |
| 409 | free_seapp_context(cur); |
| 410 | goto err; |
| 411 | } |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 412 | cur->seinfo = strdup(value); |
Stephen Smalley | 13319cf | 2014-04-04 15:44:23 -0400 | [diff] [blame] | 413 | if (!cur->seinfo) { |
| 414 | free_seapp_context(cur); |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 415 | goto oom; |
Stephen Smalley | 13319cf | 2014-04-04 15:44:23 -0400 | [diff] [blame] | 416 | } |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 417 | } else if (!strcasecmp(name, "name")) { |
Stephen Smalley | 0f912a1 | 2015-02-13 14:08:57 -0500 | [diff] [blame] | 418 | if (cur->name.str) { |
| 419 | free_seapp_context(cur); |
| 420 | goto err; |
| 421 | } |
William Roberts | e3615f9 | 2013-09-11 20:35:53 -0700 | [diff] [blame] | 422 | cur->name.str = strdup(value); |
Stephen Smalley | 13319cf | 2014-04-04 15:44:23 -0400 | [diff] [blame] | 423 | if (!cur->name.str) { |
| 424 | free_seapp_context(cur); |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 425 | goto oom; |
Stephen Smalley | 13319cf | 2014-04-04 15:44:23 -0400 | [diff] [blame] | 426 | } |
William Roberts | e3615f9 | 2013-09-11 20:35:53 -0700 | [diff] [blame] | 427 | cur->name.len = strlen(cur->name.str); |
| 428 | if (cur->name.str[cur->name.len-1] == '*') |
| 429 | cur->name.is_prefix = 1; |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 430 | } else if (!strcasecmp(name, "domain")) { |
Stephen Smalley | 0f912a1 | 2015-02-13 14:08:57 -0500 | [diff] [blame] | 431 | if (cur->domain) { |
| 432 | free_seapp_context(cur); |
| 433 | goto err; |
| 434 | } |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 435 | cur->domain = strdup(value); |
Stephen Smalley | 13319cf | 2014-04-04 15:44:23 -0400 | [diff] [blame] | 436 | if (!cur->domain) { |
| 437 | free_seapp_context(cur); |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 438 | goto oom; |
Stephen Smalley | 13319cf | 2014-04-04 15:44:23 -0400 | [diff] [blame] | 439 | } |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 440 | } else if (!strcasecmp(name, "type")) { |
Stephen Smalley | 0f912a1 | 2015-02-13 14:08:57 -0500 | [diff] [blame] | 441 | if (cur->type) { |
| 442 | free_seapp_context(cur); |
| 443 | goto err; |
| 444 | } |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 445 | cur->type = strdup(value); |
Stephen Smalley | 13319cf | 2014-04-04 15:44:23 -0400 | [diff] [blame] | 446 | if (!cur->type) { |
| 447 | free_seapp_context(cur); |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 448 | goto oom; |
Stephen Smalley | 13319cf | 2014-04-04 15:44:23 -0400 | [diff] [blame] | 449 | } |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 450 | } else if (!strcasecmp(name, "levelFromUid")) { |
Stephen Smalley | 0f912a1 | 2015-02-13 14:08:57 -0500 | [diff] [blame] | 451 | if (cur->levelFrom) { |
| 452 | free_seapp_context(cur); |
| 453 | goto err; |
| 454 | } |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 455 | if (!strcasecmp(value, "true")) |
Stephen Smalley | a879598 | 2012-11-28 10:42:46 -0500 | [diff] [blame] | 456 | cur->levelFrom = LEVELFROM_APP; |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 457 | else if (!strcasecmp(value, "false")) |
Stephen Smalley | a879598 | 2012-11-28 10:42:46 -0500 | [diff] [blame] | 458 | cur->levelFrom = LEVELFROM_NONE; |
| 459 | else { |
Stephen Smalley | 13319cf | 2014-04-04 15:44:23 -0400 | [diff] [blame] | 460 | free_seapp_context(cur); |
Stephen Smalley | a879598 | 2012-11-28 10:42:46 -0500 | [diff] [blame] | 461 | goto err; |
| 462 | } |
| 463 | } else if (!strcasecmp(name, "levelFrom")) { |
Stephen Smalley | 0f912a1 | 2015-02-13 14:08:57 -0500 | [diff] [blame] | 464 | if (cur->levelFrom) { |
| 465 | free_seapp_context(cur); |
| 466 | goto err; |
| 467 | } |
Stephen Smalley | a879598 | 2012-11-28 10:42:46 -0500 | [diff] [blame] | 468 | if (!strcasecmp(value, "none")) |
| 469 | cur->levelFrom = LEVELFROM_NONE; |
| 470 | else if (!strcasecmp(value, "app")) |
| 471 | cur->levelFrom = LEVELFROM_APP; |
| 472 | else if (!strcasecmp(value, "user")) |
| 473 | cur->levelFrom = LEVELFROM_USER; |
| 474 | else if (!strcasecmp(value, "all")) |
| 475 | cur->levelFrom = LEVELFROM_ALL; |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 476 | else { |
Stephen Smalley | 13319cf | 2014-04-04 15:44:23 -0400 | [diff] [blame] | 477 | free_seapp_context(cur); |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 478 | goto err; |
| 479 | } |
| 480 | } else if (!strcasecmp(name, "level")) { |
Stephen Smalley | 0f912a1 | 2015-02-13 14:08:57 -0500 | [diff] [blame] | 481 | if (cur->level) { |
| 482 | free_seapp_context(cur); |
| 483 | goto err; |
| 484 | } |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 485 | cur->level = strdup(value); |
Stephen Smalley | 13319cf | 2014-04-04 15:44:23 -0400 | [diff] [blame] | 486 | if (!cur->level) { |
| 487 | free_seapp_context(cur); |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 488 | goto oom; |
Stephen Smalley | 13319cf | 2014-04-04 15:44:23 -0400 | [diff] [blame] | 489 | } |
Stephen Smalley | 274e0f6 | 2014-02-19 10:53:09 -0500 | [diff] [blame] | 490 | } else if (!strcasecmp(name, "path")) { |
Stephen Smalley | 0f912a1 | 2015-02-13 14:08:57 -0500 | [diff] [blame] | 491 | if (cur->path.str) { |
| 492 | free_seapp_context(cur); |
| 493 | goto err; |
| 494 | } |
Stephen Smalley | 274e0f6 | 2014-02-19 10:53:09 -0500 | [diff] [blame] | 495 | cur->path.str = strdup(value); |
Stephen Smalley | 13319cf | 2014-04-04 15:44:23 -0400 | [diff] [blame] | 496 | if (!cur->path.str) { |
| 497 | free_seapp_context(cur); |
Stephen Smalley | 274e0f6 | 2014-02-19 10:53:09 -0500 | [diff] [blame] | 498 | goto oom; |
Stephen Smalley | 13319cf | 2014-04-04 15:44:23 -0400 | [diff] [blame] | 499 | } |
Stephen Smalley | 274e0f6 | 2014-02-19 10:53:09 -0500 | [diff] [blame] | 500 | cur->path.len = strlen(cur->path.str); |
| 501 | if (cur->path.str[cur->path.len-1] == '*') |
| 502 | cur->path.is_prefix = 1; |
Stephen Smalley | 13319cf | 2014-04-04 15:44:23 -0400 | [diff] [blame] | 503 | } else { |
| 504 | free_seapp_context(cur); |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 505 | goto err; |
Stephen Smalley | 13319cf | 2014-04-04 15:44:23 -0400 | [diff] [blame] | 506 | } |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 507 | |
| 508 | token = strtok_r(NULL, " \t", &saveptr); |
| 509 | if (!token) |
| 510 | break; |
| 511 | } |
| 512 | |
Stephen Smalley | 13319cf | 2014-04-04 15:44:23 -0400 | [diff] [blame] | 513 | if (cur->name.str && |
| 514 | (!cur->seinfo || !strcmp(cur->seinfo, "default"))) { |
| 515 | selinux_log(SELINUX_ERROR, "%s: No specific seinfo value specified with name=\"%s\", on line %u: insecure configuration!\n", |
Robert Craig | 5b5183f | 2014-03-17 20:53:06 -0400 | [diff] [blame] | 516 | seapp_contexts_file[policy_index], cur->name.str, lineno); |
Stephen Smalley | 13319cf | 2014-04-04 15:44:23 -0400 | [diff] [blame] | 517 | free_seapp_context(cur); |
| 518 | goto err; |
| 519 | } |
| 520 | |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 521 | seapp_contexts[nspec] = cur; |
| 522 | nspec++; |
| 523 | lineno++; |
| 524 | } |
| 525 | |
| 526 | qsort(seapp_contexts, nspec, sizeof(struct seapp_context *), |
| 527 | seapp_context_cmp); |
| 528 | |
Stephen Smalley | 76d5184 | 2015-02-13 15:29:46 -0500 | [diff] [blame^] | 529 | if (seapp_contexts_dup) |
| 530 | goto err; |
| 531 | |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 532 | #if DEBUG |
| 533 | { |
| 534 | int i; |
| 535 | for (i = 0; i < nspec; i++) { |
| 536 | cur = seapp_contexts[i]; |
Stephen Smalley | 3fb0096 | 2015-02-13 15:59:32 -0500 | [diff] [blame] | 537 | selinux_log(SELINUX_INFO, "%s: isSystemServer=%s isOwner=%s user=%s seinfo=%s name=%s path=%s -> domain=%s type=%s level=%s levelFrom=%s", |
Stephen Smalley | f76c30b | 2014-09-15 15:06:46 -0400 | [diff] [blame] | 538 | __FUNCTION__, |
| 539 | cur->isSystemServer ? "true" : "false", |
| 540 | cur->isOwnerSet ? (cur->isOwner ? "true" : "false") : "null", |
| 541 | cur->user.str, |
Stephen Smalley | 3fb0096 | 2015-02-13 15:59:32 -0500 | [diff] [blame] | 542 | cur->seinfo, cur->name.str, cur->path.str, cur->domain, |
Stephen Smalley | f76c30b | 2014-09-15 15:06:46 -0400 | [diff] [blame] | 543 | cur->type, cur->level, |
| 544 | levelFromName[cur->levelFrom]); |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 545 | } |
| 546 | } |
| 547 | #endif |
| 548 | |
Stephen Smalley | 7446c91 | 2012-03-19 10:37:05 -0400 | [diff] [blame] | 549 | ret = 0; |
| 550 | |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 551 | out: |
| 552 | fclose(fp); |
Stephen Smalley | 7446c91 | 2012-03-19 10:37:05 -0400 | [diff] [blame] | 553 | return ret; |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 554 | |
| 555 | err: |
Stephen Smalley | 13319cf | 2014-04-04 15:44:23 -0400 | [diff] [blame] | 556 | selinux_log(SELINUX_ERROR, "%s: Invalid entry on line %u\n", |
Robert Craig | 5b5183f | 2014-03-17 20:53:06 -0400 | [diff] [blame] | 557 | seapp_contexts_file[policy_index], lineno); |
Stephen Smalley | 13319cf | 2014-04-04 15:44:23 -0400 | [diff] [blame] | 558 | free_seapp_contexts(); |
Stephen Smalley | 7446c91 | 2012-03-19 10:37:05 -0400 | [diff] [blame] | 559 | ret = -1; |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 560 | goto out; |
| 561 | oom: |
| 562 | selinux_log(SELINUX_ERROR, |
| 563 | "%s: Out of memory\n", __FUNCTION__); |
Stephen Smalley | 13319cf | 2014-04-04 15:44:23 -0400 | [diff] [blame] | 564 | free_seapp_contexts(); |
Stephen Smalley | 7446c91 | 2012-03-19 10:37:05 -0400 | [diff] [blame] | 565 | ret = -1; |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 566 | goto out; |
| 567 | } |
| 568 | |
Stephen Smalley | 7446c91 | 2012-03-19 10:37:05 -0400 | [diff] [blame] | 569 | |
| 570 | static void seapp_context_init(void) |
| 571 | { |
| 572 | selinux_android_seapp_context_reload(); |
| 573 | } |
| 574 | |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 575 | static pthread_once_t once = PTHREAD_ONCE_INIT; |
| 576 | |
Stephen Smalley | d23b9e0 | 2012-09-21 10:45:39 -0400 | [diff] [blame] | 577 | /* |
Stephen Smalley | a879598 | 2012-11-28 10:42:46 -0500 | [diff] [blame] | 578 | * Max id that can be mapped to category set uniquely |
Stephen Smalley | d23b9e0 | 2012-09-21 10:45:39 -0400 | [diff] [blame] | 579 | * using the current scheme. |
| 580 | */ |
Stephen Smalley | a879598 | 2012-11-28 10:42:46 -0500 | [diff] [blame] | 581 | #define CAT_MAPPING_MAX_ID (0x1<<16) |
Stephen Smalley | d23b9e0 | 2012-09-21 10:45:39 -0400 | [diff] [blame] | 582 | |
| 583 | enum seapp_kind { |
| 584 | SEAPP_TYPE, |
| 585 | SEAPP_DOMAIN |
| 586 | }; |
| 587 | |
| 588 | static int seapp_context_lookup(enum seapp_kind kind, |
Stephen Smalley | 895b446 | 2012-09-19 16:27:36 -0400 | [diff] [blame] | 589 | uid_t uid, |
| 590 | int isSystemServer, |
Stephen Smalley | edfaad8 | 2012-07-12 11:30:24 -0400 | [diff] [blame] | 591 | const char *seinfo, |
Stephen Smalley | 895b446 | 2012-09-19 16:27:36 -0400 | [diff] [blame] | 592 | const char *pkgname, |
Stephen Smalley | 274e0f6 | 2014-02-19 10:53:09 -0500 | [diff] [blame] | 593 | const char *path, |
Stephen Smalley | 895b446 | 2012-09-19 16:27:36 -0400 | [diff] [blame] | 594 | context_t ctx) |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 595 | { |
Stephen Smalley | f76c30b | 2014-09-15 15:06:46 -0400 | [diff] [blame] | 596 | bool isOwner; |
Stephen Smalley | 895b446 | 2012-09-19 16:27:36 -0400 | [diff] [blame] | 597 | const char *username = NULL; |
Nick Kralevich | b1ae15a | 2013-07-11 17:35:53 -0700 | [diff] [blame] | 598 | struct seapp_context *cur = NULL; |
Stephen Smalley | 895b446 | 2012-09-19 16:27:36 -0400 | [diff] [blame] | 599 | int i; |
| 600 | size_t n; |
Stephen Smalley | a879598 | 2012-11-28 10:42:46 -0500 | [diff] [blame] | 601 | uid_t userid; |
| 602 | uid_t appid; |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 603 | |
Stephen Smalley | e183cec | 2014-02-05 16:41:47 -0500 | [diff] [blame] | 604 | __selinux_once(once, seapp_context_init); |
| 605 | |
Stephen Smalley | a879598 | 2012-11-28 10:42:46 -0500 | [diff] [blame] | 606 | userid = uid / AID_USER; |
Stephen Smalley | f76c30b | 2014-09-15 15:06:46 -0400 | [diff] [blame] | 607 | isOwner = (userid == 0); |
Stephen Smalley | 895b446 | 2012-09-19 16:27:36 -0400 | [diff] [blame] | 608 | appid = uid % AID_USER; |
| 609 | if (appid < AID_APP) { |
| 610 | for (n = 0; n < android_id_count; n++) { |
| 611 | if (android_ids[n].aid == appid) { |
| 612 | username = android_ids[n].name; |
| 613 | break; |
| 614 | } |
Stephen Smalley | ce4e2e6 | 2012-08-23 12:20:42 -0400 | [diff] [blame] | 615 | } |
Stephen Smalley | 895b446 | 2012-09-19 16:27:36 -0400 | [diff] [blame] | 616 | if (!username) |
| 617 | goto err; |
| 618 | } else if (appid < AID_ISOLATED_START) { |
Stephen Smalley | 525a224 | 2012-09-24 10:22:45 -0400 | [diff] [blame] | 619 | username = "_app"; |
Stephen Smalley | 895b446 | 2012-09-19 16:27:36 -0400 | [diff] [blame] | 620 | appid -= AID_APP; |
| 621 | } else { |
Stephen Smalley | 525a224 | 2012-09-24 10:22:45 -0400 | [diff] [blame] | 622 | username = "_isolated"; |
Stephen Smalley | 895b446 | 2012-09-19 16:27:36 -0400 | [diff] [blame] | 623 | appid -= AID_ISOLATED_START; |
Stephen Smalley | ba70ee4 | 2012-07-10 15:49:04 -0400 | [diff] [blame] | 624 | } |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 625 | |
Stephen Smalley | a879598 | 2012-11-28 10:42:46 -0500 | [diff] [blame] | 626 | if (appid >= CAT_MAPPING_MAX_ID || userid >= CAT_MAPPING_MAX_ID) |
Stephen Smalley | 895b446 | 2012-09-19 16:27:36 -0400 | [diff] [blame] | 627 | goto err; |
| 628 | |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 629 | for (i = 0; i < nspec; i++) { |
| 630 | cur = seapp_contexts[i]; |
| 631 | |
Stephen Smalley | 895b446 | 2012-09-19 16:27:36 -0400 | [diff] [blame] | 632 | if (cur->isSystemServer != isSystemServer) |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 633 | continue; |
| 634 | |
Stephen Smalley | f76c30b | 2014-09-15 15:06:46 -0400 | [diff] [blame] | 635 | if (cur->isOwnerSet && cur->isOwner != isOwner) |
| 636 | continue; |
| 637 | |
William Roberts | e3615f9 | 2013-09-11 20:35:53 -0700 | [diff] [blame] | 638 | if (cur->user.str) { |
| 639 | if (cur->user.is_prefix) { |
| 640 | if (strncasecmp(username, cur->user.str, cur->user.len-1)) |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 641 | continue; |
| 642 | } else { |
William Roberts | e3615f9 | 2013-09-11 20:35:53 -0700 | [diff] [blame] | 643 | if (strcasecmp(username, cur->user.str)) |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 644 | continue; |
| 645 | } |
| 646 | } |
| 647 | |
Stephen Smalley | edfaad8 | 2012-07-12 11:30:24 -0400 | [diff] [blame] | 648 | if (cur->seinfo) { |
| 649 | if (!seinfo || strcasecmp(seinfo, cur->seinfo)) |
| 650 | continue; |
| 651 | } |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 652 | |
William Roberts | e3615f9 | 2013-09-11 20:35:53 -0700 | [diff] [blame] | 653 | if (cur->name.str) { |
| 654 | if(!pkgname) |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 655 | continue; |
William Roberts | e3615f9 | 2013-09-11 20:35:53 -0700 | [diff] [blame] | 656 | |
| 657 | if (cur->name.is_prefix) { |
| 658 | if (strncasecmp(pkgname, cur->name.str, cur->name.len-1)) |
| 659 | continue; |
| 660 | } else { |
| 661 | if (strcasecmp(pkgname, cur->name.str)) |
| 662 | continue; |
| 663 | } |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 664 | } |
| 665 | |
Stephen Smalley | 274e0f6 | 2014-02-19 10:53:09 -0500 | [diff] [blame] | 666 | if (cur->path.str) { |
| 667 | if (!path) |
| 668 | continue; |
| 669 | |
| 670 | if (cur->path.is_prefix) { |
| 671 | if (strncmp(path, cur->path.str, cur->path.len-1)) |
| 672 | continue; |
| 673 | } else { |
| 674 | if (strcmp(path, cur->path.str)) |
| 675 | continue; |
| 676 | } |
| 677 | } |
| 678 | |
Stephen Smalley | 895b446 | 2012-09-19 16:27:36 -0400 | [diff] [blame] | 679 | if (kind == SEAPP_TYPE && !cur->type) |
| 680 | continue; |
| 681 | else if (kind == SEAPP_DOMAIN && !cur->domain) |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 682 | continue; |
| 683 | |
Stephen Smalley | 895b446 | 2012-09-19 16:27:36 -0400 | [diff] [blame] | 684 | if (kind == SEAPP_TYPE) { |
| 685 | if (context_type_set(ctx, cur->type)) |
| 686 | goto oom; |
| 687 | } else if (kind == SEAPP_DOMAIN) { |
| 688 | if (context_type_set(ctx, cur->domain)) |
| 689 | goto oom; |
| 690 | } |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 691 | |
Stephen Smalley | a879598 | 2012-11-28 10:42:46 -0500 | [diff] [blame] | 692 | if (cur->levelFrom != LEVELFROM_NONE) { |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 693 | char level[255]; |
Stephen Smalley | a879598 | 2012-11-28 10:42:46 -0500 | [diff] [blame] | 694 | switch (cur->levelFrom) { |
| 695 | case LEVELFROM_APP: |
Stephen Smalley | df1ece2 | 2013-12-02 10:07:48 -0500 | [diff] [blame] | 696 | snprintf(level, sizeof level, "s0:c%u,c%u", |
| 697 | appid & 0xff, |
Stephen Smalley | a879598 | 2012-11-28 10:42:46 -0500 | [diff] [blame] | 698 | 256 + (appid>>8 & 0xff)); |
| 699 | break; |
| 700 | case LEVELFROM_USER: |
Stephen Smalley | df1ece2 | 2013-12-02 10:07:48 -0500 | [diff] [blame] | 701 | snprintf(level, sizeof level, "s0:c%u,c%u", |
Stephen Smalley | a879598 | 2012-11-28 10:42:46 -0500 | [diff] [blame] | 702 | 512 + (userid & 0xff), |
| 703 | 768 + (userid>>8 & 0xff)); |
| 704 | break; |
| 705 | case LEVELFROM_ALL: |
Stephen Smalley | df1ece2 | 2013-12-02 10:07:48 -0500 | [diff] [blame] | 706 | snprintf(level, sizeof level, "s0:c%u,c%u,c%u,c%u", |
| 707 | appid & 0xff, |
Stephen Smalley | a879598 | 2012-11-28 10:42:46 -0500 | [diff] [blame] | 708 | 256 + (appid>>8 & 0xff), |
| 709 | 512 + (userid & 0xff), |
| 710 | 768 + (userid>>8 & 0xff)); |
| 711 | break; |
| 712 | default: |
| 713 | goto err; |
| 714 | } |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 715 | if (context_range_set(ctx, level)) |
| 716 | goto oom; |
| 717 | } else if (cur->level) { |
| 718 | if (context_range_set(ctx, cur->level)) |
| 719 | goto oom; |
| 720 | } |
William Roberts | 1b36ad0 | 2012-07-27 13:52:33 -0700 | [diff] [blame] | 721 | |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 722 | break; |
| 723 | } |
| 724 | |
Stephen Smalley | 895b446 | 2012-09-19 16:27:36 -0400 | [diff] [blame] | 725 | if (kind == SEAPP_DOMAIN && i == nspec) { |
| 726 | /* |
| 727 | * No match. |
| 728 | * Fail to prevent staying in the zygote's context. |
| 729 | */ |
| 730 | selinux_log(SELINUX_ERROR, |
| 731 | "%s: No match for app with uid %d, seinfo %s, name %s\n", |
| 732 | __FUNCTION__, uid, seinfo, pkgname); |
| 733 | |
| 734 | if (security_getenforce() == 1) |
| 735 | goto err; |
| 736 | } |
| 737 | |
| 738 | return 0; |
| 739 | err: |
| 740 | return -1; |
| 741 | oom: |
| 742 | return -2; |
| 743 | } |
| 744 | |
Stephen Smalley | 1b478ea | 2014-02-07 09:32:41 -0500 | [diff] [blame] | 745 | int selinux_android_setfilecon(const char *pkgdir, |
Stephen Smalley | 895b446 | 2012-09-19 16:27:36 -0400 | [diff] [blame] | 746 | const char *pkgname, |
| 747 | const char *seinfo, |
| 748 | uid_t uid) |
| 749 | { |
Nick Kralevich | 9ca4088 | 2013-07-11 16:58:44 -0700 | [diff] [blame] | 750 | char *orig_ctx_str = NULL; |
| 751 | char *ctx_str = NULL; |
Stephen Smalley | 895b446 | 2012-09-19 16:27:36 -0400 | [diff] [blame] | 752 | context_t ctx = NULL; |
Nick Kralevich | 9ca4088 | 2013-07-11 16:58:44 -0700 | [diff] [blame] | 753 | int rc = -1; |
Stephen Smalley | 895b446 | 2012-09-19 16:27:36 -0400 | [diff] [blame] | 754 | |
| 755 | if (is_selinux_enabled() <= 0) |
| 756 | return 0; |
| 757 | |
Stephen Smalley | 895b446 | 2012-09-19 16:27:36 -0400 | [diff] [blame] | 758 | rc = getfilecon(pkgdir, &ctx_str); |
| 759 | if (rc < 0) |
| 760 | goto err; |
| 761 | |
| 762 | ctx = context_new(ctx_str); |
| 763 | orig_ctx_str = ctx_str; |
| 764 | if (!ctx) |
| 765 | goto oom; |
| 766 | |
Stephen Smalley | 274e0f6 | 2014-02-19 10:53:09 -0500 | [diff] [blame] | 767 | rc = seapp_context_lookup(SEAPP_TYPE, uid, 0, seinfo, pkgname, NULL, ctx); |
Stephen Smalley | 895b446 | 2012-09-19 16:27:36 -0400 | [diff] [blame] | 768 | if (rc == -1) |
| 769 | goto err; |
| 770 | else if (rc == -2) |
| 771 | goto oom; |
| 772 | |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 773 | ctx_str = context_str(ctx); |
| 774 | if (!ctx_str) |
| 775 | goto oom; |
| 776 | |
| 777 | rc = security_check_context(ctx_str); |
| 778 | if (rc < 0) |
| 779 | goto err; |
| 780 | |
| 781 | if (strcmp(ctx_str, orig_ctx_str)) { |
| 782 | rc = setfilecon(pkgdir, ctx_str); |
| 783 | if (rc < 0) |
| 784 | goto err; |
| 785 | } |
| 786 | |
| 787 | rc = 0; |
| 788 | out: |
| 789 | freecon(orig_ctx_str); |
| 790 | context_free(ctx); |
| 791 | return rc; |
| 792 | err: |
| 793 | selinux_log(SELINUX_ERROR, "%s: Error setting context for pkgdir %s, uid %d: %s\n", |
| 794 | __FUNCTION__, pkgdir, uid, strerror(errno)); |
| 795 | rc = -1; |
| 796 | goto out; |
| 797 | oom: |
| 798 | selinux_log(SELINUX_ERROR, "%s: Out of memory\n", __FUNCTION__); |
| 799 | rc = -1; |
| 800 | goto out; |
| 801 | } |
| 802 | |
| 803 | int selinux_android_setcontext(uid_t uid, |
| 804 | int isSystemServer, |
| 805 | const char *seinfo, |
Stephen Smalley | ba70ee4 | 2012-07-10 15:49:04 -0400 | [diff] [blame] | 806 | const char *pkgname) |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 807 | { |
Stephen Smalley | 895b446 | 2012-09-19 16:27:36 -0400 | [diff] [blame] | 808 | char *orig_ctx_str = NULL, *ctx_str; |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 809 | context_t ctx = NULL; |
Nick Kralevich | 9ca4088 | 2013-07-11 16:58:44 -0700 | [diff] [blame] | 810 | int rc = -1; |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 811 | |
| 812 | if (is_selinux_enabled() <= 0) |
| 813 | return 0; |
| 814 | |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 815 | rc = getcon(&ctx_str); |
| 816 | if (rc) |
| 817 | goto err; |
| 818 | |
| 819 | ctx = context_new(ctx_str); |
| 820 | orig_ctx_str = ctx_str; |
| 821 | if (!ctx) |
| 822 | goto oom; |
| 823 | |
Stephen Smalley | 274e0f6 | 2014-02-19 10:53:09 -0500 | [diff] [blame] | 824 | rc = seapp_context_lookup(SEAPP_DOMAIN, uid, isSystemServer, seinfo, pkgname, NULL, ctx); |
Stephen Smalley | 895b446 | 2012-09-19 16:27:36 -0400 | [diff] [blame] | 825 | if (rc == -1) |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 826 | goto err; |
Stephen Smalley | 895b446 | 2012-09-19 16:27:36 -0400 | [diff] [blame] | 827 | else if (rc == -2) |
| 828 | goto oom; |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 829 | |
| 830 | ctx_str = context_str(ctx); |
| 831 | if (!ctx_str) |
| 832 | goto oom; |
| 833 | |
| 834 | rc = security_check_context(ctx_str); |
| 835 | if (rc < 0) |
| 836 | goto err; |
| 837 | |
| 838 | if (strcmp(ctx_str, orig_ctx_str)) { |
| 839 | rc = setcon(ctx_str); |
| 840 | if (rc < 0) |
| 841 | goto err; |
| 842 | } |
| 843 | |
| 844 | rc = 0; |
| 845 | out: |
| 846 | freecon(orig_ctx_str); |
| 847 | context_free(ctx); |
Stephen Smalley | e8b0fd8 | 2012-07-31 09:12:53 -0400 | [diff] [blame] | 848 | avc_netlink_close(); |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 849 | return rc; |
| 850 | err: |
| 851 | if (isSystemServer) |
| 852 | selinux_log(SELINUX_ERROR, |
Geremy Condra | 6064643 | 2013-04-10 17:58:48 -0700 | [diff] [blame] | 853 | "%s: Error setting context for system server: %s\n", |
| 854 | __FUNCTION__, strerror(errno)); |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 855 | else |
| 856 | selinux_log(SELINUX_ERROR, |
Geremy Condra | 6064643 | 2013-04-10 17:58:48 -0700 | [diff] [blame] | 857 | "%s: Error setting context for app with uid %d, seinfo %s: %s\n", |
| 858 | __FUNCTION__, uid, seinfo, strerror(errno)); |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 859 | |
Stephen Smalley | f77e60d | 2012-07-27 15:41:10 -0400 | [diff] [blame] | 860 | rc = -1; |
Stephen Smalley | f074036 | 2012-01-04 12:30:47 -0500 | [diff] [blame] | 861 | goto out; |
| 862 | oom: |
| 863 | selinux_log(SELINUX_ERROR, "%s: Out of memory\n", __FUNCTION__); |
| 864 | rc = -1; |
| 865 | goto out; |
| 866 | } |
| 867 | |
dcashman | 965141a | 2014-12-03 12:51:50 -0800 | [diff] [blame] | 868 | static struct selabel_handle *fc_sehandle = NULL; |
Stephen Smalley | 826cc29 | 2014-01-28 15:04:22 -0500 | [diff] [blame] | 869 | #define FC_DIGEST_SIZE SHA_DIGEST_SIZE |
| 870 | static uint8_t fc_digest[FC_DIGEST_SIZE]; |
Stephen Smalley | 0ca91b3 | 2012-03-19 10:25:53 -0400 | [diff] [blame] | 871 | |
dcashman | 965141a | 2014-12-03 12:51:50 -0800 | [diff] [blame] | 872 | static bool compute_contexts_hash(const struct selinux_opt opts[], uint8_t c_digest[]) |
Stephen Smalley | 826cc29 | 2014-01-28 15:04:22 -0500 | [diff] [blame] | 873 | { |
Stephen Smalley | 826cc29 | 2014-01-28 15:04:22 -0500 | [diff] [blame] | 874 | int fd; |
| 875 | struct stat sb; |
| 876 | void *map; |
Stephen Smalley | 0ca91b3 | 2012-03-19 10:25:53 -0400 | [diff] [blame] | 877 | |
dcashman | 965141a | 2014-12-03 12:51:50 -0800 | [diff] [blame] | 878 | fd = open(opts[policy_index].value, O_CLOEXEC | O_RDONLY | O_NOFOLLOW); |
Stephen Smalley | 826cc29 | 2014-01-28 15:04:22 -0500 | [diff] [blame] | 879 | if (fd < 0) { |
| 880 | selinux_log(SELINUX_ERROR, "SELinux: Could not open %s: %s\n", |
Robert Craig | 5b5183f | 2014-03-17 20:53:06 -0400 | [diff] [blame] | 881 | opts[policy_index].value, strerror(errno)); |
dcashman | 965141a | 2014-12-03 12:51:50 -0800 | [diff] [blame] | 882 | return false; |
Stephen Smalley | 826cc29 | 2014-01-28 15:04:22 -0500 | [diff] [blame] | 883 | } |
| 884 | if (fstat(fd, &sb) < 0) { |
| 885 | selinux_log(SELINUX_ERROR, "SELinux: Could not stat %s: %s\n", |
Robert Craig | 5b5183f | 2014-03-17 20:53:06 -0400 | [diff] [blame] | 886 | opts[policy_index].value, strerror(errno)); |
Stephen Smalley | 826cc29 | 2014-01-28 15:04:22 -0500 | [diff] [blame] | 887 | close(fd); |
dcashman | 965141a | 2014-12-03 12:51:50 -0800 | [diff] [blame] | 888 | return false; |
Stephen Smalley | 826cc29 | 2014-01-28 15:04:22 -0500 | [diff] [blame] | 889 | } |
| 890 | map = mmap(NULL, sb.st_size, PROT_READ, MAP_PRIVATE, fd, 0); |
| 891 | if (map == MAP_FAILED) { |
| 892 | selinux_log(SELINUX_ERROR, "SELinux: Could not map %s: %s\n", |
Robert Craig | 5b5183f | 2014-03-17 20:53:06 -0400 | [diff] [blame] | 893 | opts[policy_index].value, strerror(errno)); |
Stephen Smalley | 826cc29 | 2014-01-28 15:04:22 -0500 | [diff] [blame] | 894 | close(fd); |
dcashman | 965141a | 2014-12-03 12:51:50 -0800 | [diff] [blame] | 895 | return false; |
Stephen Smalley | 826cc29 | 2014-01-28 15:04:22 -0500 | [diff] [blame] | 896 | } |
dcashman | 965141a | 2014-12-03 12:51:50 -0800 | [diff] [blame] | 897 | SHA_hash(map, sb.st_size, c_digest); |
Stephen Smalley | 826cc29 | 2014-01-28 15:04:22 -0500 | [diff] [blame] | 898 | munmap(map, sb.st_size); |
| 899 | close(fd); |
| 900 | |
dcashman | 965141a | 2014-12-03 12:51:50 -0800 | [diff] [blame] | 901 | return true; |
Geremy Condra | 6064643 | 2013-04-10 17:58:48 -0700 | [diff] [blame] | 902 | } |
| 903 | |
Stephen Smalley | 906742d | 2012-08-23 16:04:59 -0400 | [diff] [blame] | 904 | static void file_context_init(void) |
| 905 | { |
dcashman | 965141a | 2014-12-03 12:51:50 -0800 | [diff] [blame] | 906 | if (!fc_sehandle) |
| 907 | fc_sehandle = selinux_android_file_context_handle(); |
Stephen Smalley | 7fc97fb | 2014-01-28 10:37:58 -0500 | [diff] [blame] | 908 | } |
| 909 | |
Riley Spahn | bad0ebb | 2014-06-11 16:07:53 -0700 | [diff] [blame] | 910 | |
Riley Spahn | bad0ebb | 2014-06-11 16:07:53 -0700 | [diff] [blame] | 911 | |
Stephen Smalley | 08587cf | 2014-01-30 10:13:12 -0500 | [diff] [blame] | 912 | static pthread_once_t fc_once = PTHREAD_ONCE_INIT; |
| 913 | |
Stephen Smalley | e183cec | 2014-02-05 16:41:47 -0500 | [diff] [blame] | 914 | struct pkgInfo { |
| 915 | char *name; |
| 916 | uid_t uid; |
| 917 | bool debuggable; |
| 918 | char *dataDir; |
| 919 | char *seinfo; |
| 920 | struct pkgInfo *next; |
| 921 | }; |
| 922 | |
| 923 | #define PKGTAB_SIZE 256 |
| 924 | static struct pkgInfo *pkgTab[PKGTAB_SIZE]; |
| 925 | |
| 926 | static unsigned int pkghash(const char *pkgname) |
| 927 | { |
| 928 | unsigned int h = 7; |
| 929 | for (; *pkgname; pkgname++) { |
| 930 | h = h * 31 + *pkgname; |
| 931 | } |
| 932 | return h & (PKGTAB_SIZE - 1); |
| 933 | } |
| 934 | |
| 935 | /* The file containing the list of installed packages on the system */ |
| 936 | #define PACKAGES_LIST_FILE "/data/system/packages.list" |
| 937 | |
| 938 | static void package_info_init(void) |
| 939 | { |
| 940 | char *buf = NULL; |
| 941 | size_t buflen = 0; |
| 942 | ssize_t bytesread; |
| 943 | FILE *fp; |
| 944 | char *cur, *next; |
| 945 | struct pkgInfo *pkgInfo = NULL; |
| 946 | unsigned int hash; |
| 947 | unsigned long lineno = 1; |
| 948 | |
| 949 | fp = fopen(PACKAGES_LIST_FILE, "r"); |
| 950 | if (!fp) { |
| 951 | selinux_log(SELINUX_ERROR, "SELinux: Could not open %s: %s.\n", |
| 952 | PACKAGES_LIST_FILE, strerror(errno)); |
| 953 | return; |
| 954 | } |
| 955 | while ((bytesread = getline(&buf, &buflen, fp)) > 0) { |
| 956 | pkgInfo = calloc(1, sizeof(*pkgInfo)); |
| 957 | if (!pkgInfo) |
| 958 | goto err; |
| 959 | next = buf; |
| 960 | cur = strsep(&next, " \t\n"); |
| 961 | if (!cur) |
| 962 | goto err; |
| 963 | pkgInfo->name = strdup(cur); |
| 964 | if (!pkgInfo->name) |
| 965 | goto err; |
| 966 | cur = strsep(&next, " \t\n"); |
| 967 | if (!cur) |
| 968 | goto err; |
| 969 | pkgInfo->uid = atoi(cur); |
| 970 | if (!pkgInfo->uid) |
| 971 | goto err; |
| 972 | cur = strsep(&next, " \t\n"); |
| 973 | if (!cur) |
| 974 | goto err; |
| 975 | pkgInfo->debuggable = atoi(cur); |
| 976 | cur = strsep(&next, " \t\n"); |
| 977 | if (!cur) |
| 978 | goto err; |
| 979 | pkgInfo->dataDir = strdup(cur); |
| 980 | if (!pkgInfo->dataDir) |
| 981 | goto err; |
| 982 | cur = strsep(&next, " \t\n"); |
| 983 | if (!cur) |
| 984 | goto err; |
| 985 | pkgInfo->seinfo = strdup(cur); |
| 986 | if (!pkgInfo->seinfo) |
| 987 | goto err; |
| 988 | |
| 989 | hash = pkghash(pkgInfo->name); |
| 990 | if (pkgTab[hash]) |
| 991 | pkgInfo->next = pkgTab[hash]; |
| 992 | pkgTab[hash] = pkgInfo; |
| 993 | |
| 994 | lineno++; |
| 995 | } |
| 996 | |
| 997 | #if DEBUG |
| 998 | { |
| 999 | unsigned int buckets, entries, chainlen, longestchain; |
| 1000 | |
| 1001 | buckets = entries = longestchain = 0; |
| 1002 | for (hash = 0; hash < PKGTAB_SIZE; hash++) { |
| 1003 | if (pkgTab[hash]) { |
| 1004 | buckets++; |
| 1005 | chainlen = 0; |
| 1006 | for (pkgInfo = pkgTab[hash]; pkgInfo; pkgInfo = pkgInfo->next) { |
| 1007 | chainlen++; |
| 1008 | selinux_log(SELINUX_INFO, "%s: name=%s uid=%u debuggable=%s dataDir=%s seinfo=%s\n", |
| 1009 | __FUNCTION__, |
| 1010 | pkgInfo->name, pkgInfo->uid, pkgInfo->debuggable ? "true" : "false", pkgInfo->dataDir, pkgInfo->seinfo); |
| 1011 | } |
| 1012 | entries += chainlen; |
| 1013 | if (longestchain < chainlen) |
| 1014 | longestchain = chainlen; |
| 1015 | } |
| 1016 | } |
| 1017 | selinux_log(SELINUX_INFO, "SELinux: %d pkg entries and %d/%d buckets used, longest chain %d\n", entries, buckets, PKGTAB_SIZE, longestchain); |
| 1018 | } |
| 1019 | #endif |
| 1020 | |
| 1021 | out: |
| 1022 | free(buf); |
| 1023 | fclose(fp); |
| 1024 | return; |
| 1025 | |
| 1026 | err: |
| 1027 | selinux_log(SELINUX_ERROR, "SELinux: Error reading %s on line %lu.\n", |
| 1028 | PACKAGES_LIST_FILE, lineno); |
| 1029 | if (pkgInfo) { |
| 1030 | free(pkgInfo->name); |
| 1031 | free(pkgInfo->dataDir); |
| 1032 | free(pkgInfo->seinfo); |
| 1033 | free(pkgInfo); |
| 1034 | } |
| 1035 | goto out; |
| 1036 | } |
| 1037 | |
| 1038 | static pthread_once_t pkg_once = PTHREAD_ONCE_INIT; |
| 1039 | |
| 1040 | struct pkgInfo *package_info_lookup(const char *name) |
| 1041 | { |
| 1042 | struct pkgInfo *pkgInfo; |
| 1043 | unsigned int hash; |
| 1044 | |
| 1045 | __selinux_once(pkg_once, package_info_init); |
| 1046 | |
| 1047 | hash = pkghash(name); |
| 1048 | for (pkgInfo = pkgTab[hash]; pkgInfo; pkgInfo = pkgInfo->next) { |
| 1049 | if (!strcmp(name, pkgInfo->name)) |
| 1050 | return pkgInfo; |
| 1051 | } |
| 1052 | return NULL; |
| 1053 | } |
| 1054 | |
| 1055 | /* The path prefixes of package data directories. */ |
Stephen Smalley | 027670d | 2014-02-18 11:04:37 -0500 | [diff] [blame] | 1056 | #define DATA_DATA_PATH "/data/data" |
| 1057 | #define DATA_USER_PATH "/data/user" |
| 1058 | #define DATA_DATA_PREFIX DATA_DATA_PATH "/" |
| 1059 | #define DATA_USER_PREFIX DATA_USER_PATH "/" |
Stephen Smalley | e183cec | 2014-02-05 16:41:47 -0500 | [diff] [blame] | 1060 | |
Stephen Smalley | 1d66afb | 2014-03-27 08:47:15 -0400 | [diff] [blame] | 1061 | static int pkgdir_selabel_lookup(const char *pathname, |
| 1062 | const char *seinfo, |
| 1063 | uid_t uid, |
| 1064 | char **secontextp) |
Stephen Smalley | e183cec | 2014-02-05 16:41:47 -0500 | [diff] [blame] | 1065 | { |
| 1066 | char *pkgname = NULL, *end = NULL; |
| 1067 | struct pkgInfo *pkgInfo = NULL; |
| 1068 | char *secontext = *secontextp; |
| 1069 | context_t ctx = NULL; |
| 1070 | int rc = 0; |
| 1071 | |
| 1072 | /* Skip directory prefix before package name. */ |
| 1073 | if (!strncmp(pathname, DATA_DATA_PREFIX, sizeof(DATA_DATA_PREFIX)-1)) { |
| 1074 | pathname += sizeof(DATA_DATA_PREFIX) - 1; |
| 1075 | } else if (!strncmp(pathname, DATA_USER_PREFIX, sizeof(DATA_USER_PREFIX)-1)) { |
| 1076 | pathname += sizeof(DATA_USER_PREFIX) - 1; |
| 1077 | while (isdigit(*pathname)) |
| 1078 | pathname++; |
| 1079 | if (*pathname == '/') |
| 1080 | pathname++; |
| 1081 | else |
| 1082 | return 0; |
| 1083 | } else |
| 1084 | return 0; |
| 1085 | |
| 1086 | if (!(*pathname)) |
| 1087 | return 0; |
| 1088 | |
| 1089 | pkgname = strdup(pathname); |
| 1090 | if (!pkgname) |
| 1091 | return -1; |
| 1092 | |
| 1093 | for (end = pkgname; *end && *end != '/'; end++) |
| 1094 | ; |
Stephen Smalley | 274e0f6 | 2014-02-19 10:53:09 -0500 | [diff] [blame] | 1095 | pathname = end; |
| 1096 | if (*end) |
| 1097 | pathname++; |
Stephen Smalley | e183cec | 2014-02-05 16:41:47 -0500 | [diff] [blame] | 1098 | *end = '\0'; |
| 1099 | |
Stephen Smalley | 1d66afb | 2014-03-27 08:47:15 -0400 | [diff] [blame] | 1100 | if (!seinfo) { |
| 1101 | pkgInfo = package_info_lookup(pkgname); |
| 1102 | if (!pkgInfo) { |
| 1103 | selinux_log(SELINUX_WARNING, "SELinux: Could not look up information for package %s, cannot restorecon %s.\n", |
| 1104 | pkgname, pathname); |
| 1105 | free(pkgname); |
| 1106 | return -1; |
| 1107 | } |
Stephen Smalley | e183cec | 2014-02-05 16:41:47 -0500 | [diff] [blame] | 1108 | } |
| 1109 | |
| 1110 | ctx = context_new(secontext); |
| 1111 | if (!ctx) |
| 1112 | goto err; |
| 1113 | |
Stephen Smalley | 1d66afb | 2014-03-27 08:47:15 -0400 | [diff] [blame] | 1114 | rc = seapp_context_lookup(SEAPP_TYPE, pkgInfo ? pkgInfo->uid : uid, 0, |
| 1115 | pkgInfo ? pkgInfo->seinfo : seinfo, pkgInfo ? pkgInfo->name : pkgname, pathname, ctx); |
Stephen Smalley | e183cec | 2014-02-05 16:41:47 -0500 | [diff] [blame] | 1116 | if (rc < 0) |
| 1117 | goto err; |
| 1118 | |
| 1119 | secontext = context_str(ctx); |
| 1120 | if (!secontext) |
| 1121 | goto err; |
| 1122 | |
| 1123 | if (!strcmp(secontext, *secontextp)) |
| 1124 | goto out; |
| 1125 | |
| 1126 | rc = security_check_context(secontext); |
| 1127 | if (rc < 0) |
| 1128 | goto err; |
| 1129 | |
| 1130 | freecon(*secontextp); |
| 1131 | *secontextp = strdup(secontext); |
| 1132 | if (!(*secontextp)) |
| 1133 | goto err; |
| 1134 | |
| 1135 | rc = 0; |
| 1136 | |
| 1137 | out: |
| 1138 | free(pkgname); |
| 1139 | context_free(ctx); |
| 1140 | return rc; |
| 1141 | err: |
| 1142 | selinux_log(SELINUX_ERROR, "%s: Error looking up context for path %s, pkgname %s, seinfo %s, uid %u: %s\n", |
| 1143 | __FUNCTION__, pathname, pkgname, pkgInfo->seinfo, pkgInfo->uid, strerror(errno)); |
| 1144 | rc = -1; |
| 1145 | goto out; |
| 1146 | } |
| 1147 | |
Stephen Smalley | 826cc29 | 2014-01-28 15:04:22 -0500 | [diff] [blame] | 1148 | #define RESTORECON_LAST "security.restorecon_last" |
| 1149 | |
Stephen Smalley | 1d66afb | 2014-03-27 08:47:15 -0400 | [diff] [blame] | 1150 | static int restorecon_sb(const char *pathname, const struct stat *sb, |
Nick Kralevich | a8e4ad3 | 2014-05-19 13:45:59 -0700 | [diff] [blame] | 1151 | bool nochange, bool verbose, |
Stephen Smalley | 1d66afb | 2014-03-27 08:47:15 -0400 | [diff] [blame] | 1152 | const char *seinfo, uid_t uid) |
Stephen Smalley | 7fc97fb | 2014-01-28 10:37:58 -0500 | [diff] [blame] | 1153 | { |
| 1154 | char *secontext = NULL; |
| 1155 | char *oldsecontext = NULL; |
Stephen Smalley | e183cec | 2014-02-05 16:41:47 -0500 | [diff] [blame] | 1156 | int rc = 0; |
Stephen Smalley | 7fc97fb | 2014-01-28 10:37:58 -0500 | [diff] [blame] | 1157 | |
dcashman | 965141a | 2014-12-03 12:51:50 -0800 | [diff] [blame] | 1158 | if (selabel_lookup(fc_sehandle, &secontext, pathname, sb->st_mode) < 0) |
Nick Kralevich | a8e4ad3 | 2014-05-19 13:45:59 -0700 | [diff] [blame] | 1159 | return 0; /* no match, but not an error */ |
Stephen Smalley | 7fc97fb | 2014-01-28 10:37:58 -0500 | [diff] [blame] | 1160 | |
Stephen Smalley | e183cec | 2014-02-05 16:41:47 -0500 | [diff] [blame] | 1161 | if (lgetfilecon(pathname, &oldsecontext) < 0) |
| 1162 | goto err; |
| 1163 | |
Stephen Smalley | 833cbd6 | 2014-02-27 13:08:40 -0500 | [diff] [blame] | 1164 | /* |
Nick Kralevich | a8e4ad3 | 2014-05-19 13:45:59 -0700 | [diff] [blame] | 1165 | * For subdirectories of /data/data or /data/user, we ignore selabel_lookup() |
| 1166 | * and use pkgdir_selabel_lookup() instead. Files within those directories |
| 1167 | * have different labeling rules, based off of /seapp_contexts, and |
| 1168 | * installd is responsible for managing these labels instead of init. |
Stephen Smalley | 833cbd6 | 2014-02-27 13:08:40 -0500 | [diff] [blame] | 1169 | */ |
Stephen Smalley | e183cec | 2014-02-05 16:41:47 -0500 | [diff] [blame] | 1170 | if (!strncmp(pathname, DATA_DATA_PREFIX, sizeof(DATA_DATA_PREFIX)-1) || |
| 1171 | !strncmp(pathname, DATA_USER_PREFIX, sizeof(DATA_USER_PREFIX)-1)) { |
Stephen Smalley | 1d66afb | 2014-03-27 08:47:15 -0400 | [diff] [blame] | 1172 | if (pkgdir_selabel_lookup(pathname, seinfo, uid, &secontext) < 0) |
Stephen Smalley | e183cec | 2014-02-05 16:41:47 -0500 | [diff] [blame] | 1173 | goto err; |
Stephen Smalley | 7fc97fb | 2014-01-28 10:37:58 -0500 | [diff] [blame] | 1174 | } |
| 1175 | |
| 1176 | if (strcmp(oldsecontext, secontext) != 0) { |
Stephen Smalley | 08587cf | 2014-01-30 10:13:12 -0500 | [diff] [blame] | 1177 | if (verbose) |
| 1178 | selinux_log(SELINUX_INFO, |
| 1179 | "SELinux: Relabeling %s from %s to %s.\n", pathname, oldsecontext, secontext); |
| 1180 | if (!nochange) { |
Stephen Smalley | e183cec | 2014-02-05 16:41:47 -0500 | [diff] [blame] | 1181 | if (lsetfilecon(pathname, secontext) < 0) |
| 1182 | goto err; |
Stephen Smalley | 7fc97fb | 2014-01-28 10:37:58 -0500 | [diff] [blame] | 1183 | } |
| 1184 | } |
Stephen Smalley | 826cc29 | 2014-01-28 15:04:22 -0500 | [diff] [blame] | 1185 | |
Stephen Smalley | e183cec | 2014-02-05 16:41:47 -0500 | [diff] [blame] | 1186 | rc = 0; |
| 1187 | |
| 1188 | out: |
| 1189 | freecon(oldsecontext); |
| 1190 | freecon(secontext); |
| 1191 | return rc; |
| 1192 | |
| 1193 | err: |
| 1194 | selinux_log(SELINUX_ERROR, |
| 1195 | "SELinux: Could not set context for %s: %s\n", |
| 1196 | pathname, strerror(errno)); |
| 1197 | rc = -1; |
| 1198 | goto out; |
Stephen Smalley | 0ca91b3 | 2012-03-19 10:25:53 -0400 | [diff] [blame] | 1199 | } |
| 1200 | |
Stephen Smalley | da4208c | 2014-07-07 14:59:06 -0400 | [diff] [blame] | 1201 | #define SYS_PATH "/sys" |
| 1202 | #define SYS_PREFIX SYS_PATH "/" |
| 1203 | |
Stephen Smalley | 1d66afb | 2014-03-27 08:47:15 -0400 | [diff] [blame] | 1204 | static int selinux_android_restorecon_common(const char* pathname, |
| 1205 | const char *seinfo, |
| 1206 | uid_t uid, |
| 1207 | unsigned int flags) |
Stephen Smalley | 0ca91b3 | 2012-03-19 10:25:53 -0400 | [diff] [blame] | 1208 | { |
Stephen Smalley | 08587cf | 2014-01-30 10:13:12 -0500 | [diff] [blame] | 1209 | bool nochange = (flags & SELINUX_ANDROID_RESTORECON_NOCHANGE) ? true : false; |
| 1210 | bool verbose = (flags & SELINUX_ANDROID_RESTORECON_VERBOSE) ? true : false; |
| 1211 | bool recurse = (flags & SELINUX_ANDROID_RESTORECON_RECURSE) ? true : false; |
| 1212 | bool force = (flags & SELINUX_ANDROID_RESTORECON_FORCE) ? true : false; |
Stephen Smalley | 027670d | 2014-02-18 11:04:37 -0500 | [diff] [blame] | 1213 | bool datadata = (flags & SELINUX_ANDROID_RESTORECON_DATADATA) ? true : false; |
Stephen Smalley | da4208c | 2014-07-07 14:59:06 -0400 | [diff] [blame] | 1214 | bool issys = (!strcmp(pathname, SYS_PATH) || !strncmp(pathname, SYS_PREFIX, sizeof(SYS_PREFIX)-1)) ? true : false; |
Nick Kralevich | a8e4ad3 | 2014-05-19 13:45:59 -0700 | [diff] [blame] | 1215 | bool setrestoreconlast = true; |
Stephen Smalley | 7fc97fb | 2014-01-28 10:37:58 -0500 | [diff] [blame] | 1216 | struct stat sb; |
Stephen Smalley | 08587cf | 2014-01-30 10:13:12 -0500 | [diff] [blame] | 1217 | FTS *fts; |
| 1218 | FTSENT *ftsent; |
| 1219 | char *const paths[2] = { __UNCONST(pathname), NULL }; |
Stephen Smalley | dfb9fe2 | 2014-09-02 12:52:57 -0400 | [diff] [blame] | 1220 | int ftsflags = FTS_NOCHDIR | FTS_XDEV | FTS_PHYSICAL; |
Stephen Smalley | 08587cf | 2014-01-30 10:13:12 -0500 | [diff] [blame] | 1221 | int error, sverrno; |
Stephen Smalley | 826cc29 | 2014-01-28 15:04:22 -0500 | [diff] [blame] | 1222 | char xattr_value[FC_DIGEST_SIZE]; |
| 1223 | ssize_t size; |
Stephen Smalley | 0ca91b3 | 2012-03-19 10:25:53 -0400 | [diff] [blame] | 1224 | |
Stephen Smalley | 7fc97fb | 2014-01-28 10:37:58 -0500 | [diff] [blame] | 1225 | if (is_selinux_enabled() <= 0) |
| 1226 | return 0; |
Stephen Smalley | 0ca91b3 | 2012-03-19 10:25:53 -0400 | [diff] [blame] | 1227 | |
Stephen Smalley | 7fc97fb | 2014-01-28 10:37:58 -0500 | [diff] [blame] | 1228 | __selinux_once(fc_once, file_context_init); |
Stephen Smalley | 0ca91b3 | 2012-03-19 10:25:53 -0400 | [diff] [blame] | 1229 | |
dcashman | 965141a | 2014-12-03 12:51:50 -0800 | [diff] [blame] | 1230 | if (!fc_sehandle) |
Stephen Smalley | 7fc97fb | 2014-01-28 10:37:58 -0500 | [diff] [blame] | 1231 | return 0; |
Stephen Smalley | 0ca91b3 | 2012-03-19 10:25:53 -0400 | [diff] [blame] | 1232 | |
Stephen Smalley | 08587cf | 2014-01-30 10:13:12 -0500 | [diff] [blame] | 1233 | if (!recurse) { |
| 1234 | if (lstat(pathname, &sb) < 0) |
| 1235 | return -1; |
| 1236 | |
Nick Kralevich | a8e4ad3 | 2014-05-19 13:45:59 -0700 | [diff] [blame] | 1237 | return restorecon_sb(pathname, &sb, nochange, verbose, seinfo, uid); |
Stephen Smalley | 08587cf | 2014-01-30 10:13:12 -0500 | [diff] [blame] | 1238 | } |
| 1239 | |
Stephen Smalley | 833cbd6 | 2014-02-27 13:08:40 -0500 | [diff] [blame] | 1240 | /* |
| 1241 | * Ignore restorecon_last on /data/data or /data/user |
| 1242 | * since their labeling is based on seapp_contexts and seinfo |
| 1243 | * assignments rather than file_contexts and is managed by |
| 1244 | * installd rather than init. |
| 1245 | */ |
Nick Kralevich | a8e4ad3 | 2014-05-19 13:45:59 -0700 | [diff] [blame] | 1246 | if (!strncmp(pathname, DATA_DATA_PREFIX, sizeof(DATA_DATA_PREFIX)-1) || |
| 1247 | !strncmp(pathname, DATA_USER_PREFIX, sizeof(DATA_USER_PREFIX)-1)) |
| 1248 | setrestoreconlast = false; |
Stephen Smalley | 833cbd6 | 2014-02-27 13:08:40 -0500 | [diff] [blame] | 1249 | |
Stephen Smalley | da4208c | 2014-07-07 14:59:06 -0400 | [diff] [blame] | 1250 | /* Also ignore on /sys since it is regenerated on each boot regardless. */ |
| 1251 | if (issys) |
| 1252 | setrestoreconlast = false; |
| 1253 | |
Nick Kralevich | a8e4ad3 | 2014-05-19 13:45:59 -0700 | [diff] [blame] | 1254 | if (setrestoreconlast) { |
| 1255 | size = getxattr(pathname, RESTORECON_LAST, xattr_value, sizeof fc_digest); |
| 1256 | if (!force && size == sizeof fc_digest && memcmp(fc_digest, xattr_value, sizeof fc_digest) == 0) { |
| 1257 | selinux_log(SELINUX_INFO, |
| 1258 | "SELinux: Skipping restorecon_recursive(%s)\n", |
| 1259 | pathname); |
| 1260 | return 0; |
| 1261 | } |
Stephen Smalley | 826cc29 | 2014-01-28 15:04:22 -0500 | [diff] [blame] | 1262 | } |
| 1263 | |
Stephen Smalley | 08587cf | 2014-01-30 10:13:12 -0500 | [diff] [blame] | 1264 | fts = fts_open(paths, ftsflags, NULL); |
| 1265 | if (!fts) |
| 1266 | return -1; |
| 1267 | |
| 1268 | error = 0; |
| 1269 | while ((ftsent = fts_read(fts)) != NULL) { |
| 1270 | switch (ftsent->fts_info) { |
| 1271 | case FTS_DC: |
| 1272 | selinux_log(SELINUX_ERROR, |
| 1273 | "SELinux: Directory cycle on %s.\n", ftsent->fts_path); |
| 1274 | errno = ELOOP; |
| 1275 | error = -1; |
| 1276 | goto out; |
| 1277 | case FTS_DP: |
| 1278 | continue; |
| 1279 | case FTS_DNR: |
| 1280 | selinux_log(SELINUX_ERROR, |
| 1281 | "SELinux: Could not read %s: %s.\n", ftsent->fts_path, strerror(errno)); |
| 1282 | fts_set(fts, ftsent, FTS_SKIP); |
| 1283 | continue; |
| 1284 | case FTS_NS: |
| 1285 | selinux_log(SELINUX_ERROR, |
| 1286 | "SELinux: Could not stat %s: %s.\n", ftsent->fts_path, strerror(errno)); |
| 1287 | fts_set(fts, ftsent, FTS_SKIP); |
| 1288 | continue; |
| 1289 | case FTS_ERR: |
| 1290 | selinux_log(SELINUX_ERROR, |
| 1291 | "SELinux: Error on %s: %s.\n", ftsent->fts_path, strerror(errno)); |
| 1292 | fts_set(fts, ftsent, FTS_SKIP); |
| 1293 | continue; |
Stephen Smalley | 027670d | 2014-02-18 11:04:37 -0500 | [diff] [blame] | 1294 | case FTS_D: |
dcashman | 965141a | 2014-12-03 12:51:50 -0800 | [diff] [blame] | 1295 | if (issys && !selabel_partial_match(fc_sehandle, ftsent->fts_path)) { |
Stephen Smalley | 0e7340f | 2014-04-30 15:13:30 -0700 | [diff] [blame] | 1296 | fts_set(fts, ftsent, FTS_SKIP); |
| 1297 | continue; |
| 1298 | } |
Nick Kralevich | 4b130cc | 2014-05-16 17:31:31 -0700 | [diff] [blame] | 1299 | if (!datadata && |
| 1300 | (!strcmp(ftsent->fts_path, DATA_DATA_PATH) || |
Stephen Smalley | b4c9808 | 2014-05-28 08:48:59 -0400 | [diff] [blame] | 1301 | !strncmp(ftsent->fts_path, DATA_USER_PREFIX, sizeof(DATA_USER_PREFIX)-1))) { |
Nick Kralevich | 4b130cc | 2014-05-16 17:31:31 -0700 | [diff] [blame] | 1302 | // Don't label anything below this directory. |
| 1303 | fts_set(fts, ftsent, FTS_SKIP); |
| 1304 | // but fall through and make sure we label the directory itself |
| 1305 | } |
Stephen Smalley | 027670d | 2014-02-18 11:04:37 -0500 | [diff] [blame] | 1306 | /* fall through */ |
Stephen Smalley | 08587cf | 2014-01-30 10:13:12 -0500 | [diff] [blame] | 1307 | default: |
Nick Kralevich | a8e4ad3 | 2014-05-19 13:45:59 -0700 | [diff] [blame] | 1308 | error |= restorecon_sb(ftsent->fts_path, ftsent->fts_statp, nochange, verbose, seinfo, uid); |
Stephen Smalley | 08587cf | 2014-01-30 10:13:12 -0500 | [diff] [blame] | 1309 | break; |
| 1310 | } |
| 1311 | } |
| 1312 | |
Nick Kralevich | a8e4ad3 | 2014-05-19 13:45:59 -0700 | [diff] [blame] | 1313 | // Labeling successful. Mark the top level directory as completed. |
| 1314 | if (setrestoreconlast && !nochange && !error) |
| 1315 | setxattr(pathname, RESTORECON_LAST, fc_digest, sizeof fc_digest, 0); |
| 1316 | |
Stephen Smalley | 08587cf | 2014-01-30 10:13:12 -0500 | [diff] [blame] | 1317 | out: |
| 1318 | sverrno = errno; |
| 1319 | (void) fts_close(fts); |
Nick Kralevich | a8e4ad3 | 2014-05-19 13:45:59 -0700 | [diff] [blame] | 1320 | errno = sverrno; |
Stephen Smalley | 08587cf | 2014-01-30 10:13:12 -0500 | [diff] [blame] | 1321 | return error; |
| 1322 | } |
| 1323 | |
Stephen Smalley | 1d66afb | 2014-03-27 08:47:15 -0400 | [diff] [blame] | 1324 | int selinux_android_restorecon(const char *file, unsigned int flags) |
| 1325 | { |
| 1326 | return selinux_android_restorecon_common(file, NULL, -1, flags); |
| 1327 | } |
| 1328 | |
| 1329 | int selinux_android_restorecon_pkgdir(const char *pkgdir, |
| 1330 | const char *seinfo, |
| 1331 | uid_t uid, |
| 1332 | unsigned int flags) |
| 1333 | { |
| 1334 | return selinux_android_restorecon_common(pkgdir, seinfo, uid, flags | SELINUX_ANDROID_RESTORECON_DATADATA); |
| 1335 | } |
| 1336 | |
rpcraig | f1724a3 | 2012-08-01 15:35:37 -0400 | [diff] [blame] | 1337 | struct selabel_handle* selinux_android_file_context_handle(void) |
| 1338 | { |
dcashman | 965141a | 2014-12-03 12:51:50 -0800 | [diff] [blame] | 1339 | struct selabel_handle *sehandle; |
| 1340 | |
| 1341 | set_policy_index(); |
| 1342 | sehandle = selabel_open(SELABEL_CTX_FILE, &seopts[policy_index], 1); |
| 1343 | |
| 1344 | if (!sehandle) { |
| 1345 | selinux_log(SELINUX_ERROR, "%s: Error getting file context handle (%s)\n", |
| 1346 | __FUNCTION__, strerror(errno)); |
| 1347 | return NULL; |
| 1348 | } |
| 1349 | if (!compute_contexts_hash(seopts, fc_digest)) { |
| 1350 | selabel_close(sehandle); |
| 1351 | return NULL; |
| 1352 | } |
| 1353 | selinux_log(SELINUX_INFO, "SELinux: Loaded file_contexts contexts from %s.\n", |
| 1354 | seopts[policy_index].value); |
| 1355 | |
| 1356 | return sehandle; |
| 1357 | } |
| 1358 | |
| 1359 | struct selabel_handle* selinux_android_prop_context_handle(void) |
| 1360 | { |
| 1361 | struct selabel_handle* sehandle; |
| 1362 | |
| 1363 | set_policy_index(); |
| 1364 | sehandle = selabel_open(SELABEL_CTX_ANDROID_PROP, |
| 1365 | &seopts_prop[policy_index], 1); |
| 1366 | if (!sehandle) { |
| 1367 | selinux_log(SELINUX_ERROR, "%s: Error getting property context handle (%s)\n", |
| 1368 | __FUNCTION__, strerror(errno)); |
| 1369 | return NULL; |
| 1370 | } |
| 1371 | selinux_log(SELINUX_INFO, "SELinux: Loaded property_contexts from %s.\n", |
| 1372 | seopts_prop[policy_index].value); |
| 1373 | |
| 1374 | return sehandle; |
Stephen Smalley | 7fc97fb | 2014-01-28 10:37:58 -0500 | [diff] [blame] | 1375 | } |
| 1376 | |
Riley Spahn | bad0ebb | 2014-06-11 16:07:53 -0700 | [diff] [blame] | 1377 | struct selabel_handle* selinux_android_service_context_handle(void) |
| 1378 | { |
dcashman | 965141a | 2014-12-03 12:51:50 -0800 | [diff] [blame] | 1379 | struct selabel_handle* sehandle; |
| 1380 | |
| 1381 | set_policy_index(); |
| 1382 | sehandle = selabel_open(SELABEL_CTX_ANDROID_PROP, |
| 1383 | &seopts_service[policy_index], 1); |
| 1384 | |
| 1385 | if (!sehandle) { |
| 1386 | selinux_log(SELINUX_ERROR, "%s: Error getting service context handle (%s)\n", |
| 1387 | __FUNCTION__, strerror(errno)); |
| 1388 | return NULL; |
| 1389 | } |
| 1390 | selinux_log(SELINUX_INFO, "SELinux: Loaded service_contexts from %s.\n", |
| 1391 | seopts_service[policy_index].value); |
| 1392 | |
| 1393 | return sehandle; |
Riley Spahn | bad0ebb | 2014-06-11 16:07:53 -0700 | [diff] [blame] | 1394 | } |
| 1395 | |
Stephen Smalley | 7fc97fb | 2014-01-28 10:37:58 -0500 | [diff] [blame] | 1396 | void selinux_android_set_sehandle(const struct selabel_handle *hndl) |
| 1397 | { |
dcashman | 965141a | 2014-12-03 12:51:50 -0800 | [diff] [blame] | 1398 | fc_sehandle = (struct selabel_handle *) hndl; |
rpcraig | f1724a3 | 2012-08-01 15:35:37 -0400 | [diff] [blame] | 1399 | } |
rpcraig | 9b10083 | 2012-07-27 06:36:59 -0400 | [diff] [blame] | 1400 | |
Robert Craig | 5b5183f | 2014-03-17 20:53:06 -0400 | [diff] [blame] | 1401 | static int selinux_android_load_policy_helper(bool reload) |
rpcraig | f1724a3 | 2012-08-01 15:35:37 -0400 | [diff] [blame] | 1402 | { |
Stephen Smalley | 4a655ec | 2012-09-18 15:08:32 -0400 | [diff] [blame] | 1403 | int fd = -1, rc; |
rpcraig | f1724a3 | 2012-08-01 15:35:37 -0400 | [diff] [blame] | 1404 | struct stat sb; |
| 1405 | void *map = NULL; |
Stephen Smalley | 818815e | 2015-02-18 17:32:13 -0500 | [diff] [blame] | 1406 | int old_policy_index = policy_index; |
rpcraig | f1724a3 | 2012-08-01 15:35:37 -0400 | [diff] [blame] | 1407 | |
Robert Craig | 5b5183f | 2014-03-17 20:53:06 -0400 | [diff] [blame] | 1408 | /* |
| 1409 | * If reloading policy and there is no /data policy or |
Stephen Smalley | 818815e | 2015-02-18 17:32:13 -0500 | [diff] [blame] | 1410 | * that /data policy has the wrong version and our prior |
| 1411 | * load was from the / policy, then just return. |
Robert Craig | 5b5183f | 2014-03-17 20:53:06 -0400 | [diff] [blame] | 1412 | * There is no point in reloading policy from / a second time. |
| 1413 | */ |
dcashman | 965141a | 2014-12-03 12:51:50 -0800 | [diff] [blame] | 1414 | set_policy_index(); |
Stephen Smalley | 818815e | 2015-02-18 17:32:13 -0500 | [diff] [blame] | 1415 | if (reload && !policy_index && !old_policy_index) |
Robert Craig | 5b5183f | 2014-03-17 20:53:06 -0400 | [diff] [blame] | 1416 | return 0; |
| 1417 | |
| 1418 | fd = open(sepolicy_file[policy_index], O_RDONLY | O_NOFOLLOW); |
rpcraig | f1724a3 | 2012-08-01 15:35:37 -0400 | [diff] [blame] | 1419 | if (fd < 0) { |
| 1420 | selinux_log(SELINUX_ERROR, "SELinux: Could not open sepolicy: %s\n", |
| 1421 | strerror(errno)); |
| 1422 | return -1; |
| 1423 | } |
| 1424 | if (fstat(fd, &sb) < 0) { |
| 1425 | selinux_log(SELINUX_ERROR, "SELinux: Could not stat %s: %s\n", |
Robert Craig | 5b5183f | 2014-03-17 20:53:06 -0400 | [diff] [blame] | 1426 | sepolicy_file[policy_index], strerror(errno)); |
rpcraig | f1724a3 | 2012-08-01 15:35:37 -0400 | [diff] [blame] | 1427 | close(fd); |
| 1428 | return -1; |
| 1429 | } |
| 1430 | map = mmap(NULL, sb.st_size, PROT_READ, MAP_PRIVATE, fd, 0); |
| 1431 | if (map == MAP_FAILED) { |
| 1432 | selinux_log(SELINUX_ERROR, "SELinux: Could not map %s: %s\n", |
dcashman | 965141a | 2014-12-03 12:51:50 -0800 | [diff] [blame] | 1433 | sepolicy_file[policy_index], strerror(errno)); |
rpcraig | f1724a3 | 2012-08-01 15:35:37 -0400 | [diff] [blame] | 1434 | close(fd); |
| 1435 | return -1; |
| 1436 | } |
| 1437 | |
| 1438 | rc = security_load_policy(map, sb.st_size); |
| 1439 | if (rc < 0) { |
| 1440 | selinux_log(SELINUX_ERROR, "SELinux: Could not load policy: %s\n", |
dcashman | 965141a | 2014-12-03 12:51:50 -0800 | [diff] [blame] | 1441 | strerror(errno)); |
rpcraig | f1724a3 | 2012-08-01 15:35:37 -0400 | [diff] [blame] | 1442 | munmap(map, sb.st_size); |
| 1443 | close(fd); |
| 1444 | return -1; |
| 1445 | } |
| 1446 | |
| 1447 | munmap(map, sb.st_size); |
| 1448 | close(fd); |
Robert Craig | 5b5183f | 2014-03-17 20:53:06 -0400 | [diff] [blame] | 1449 | selinux_log(SELINUX_INFO, "SELinux: Loaded policy from %s\n", sepolicy_file[policy_index]); |
rpcraig | f1724a3 | 2012-08-01 15:35:37 -0400 | [diff] [blame] | 1450 | |
| 1451 | return 0; |
| 1452 | } |
| 1453 | |
Robert Craig | 5b5183f | 2014-03-17 20:53:06 -0400 | [diff] [blame] | 1454 | int selinux_android_reload_policy(void) |
| 1455 | { |
| 1456 | return selinux_android_load_policy_helper(true); |
| 1457 | } |
| 1458 | |
rpcraig | f1724a3 | 2012-08-01 15:35:37 -0400 | [diff] [blame] | 1459 | int selinux_android_load_policy(void) |
| 1460 | { |
Nick Kralevich | 833cba6 | 2013-11-19 11:24:33 -0800 | [diff] [blame] | 1461 | const char *mnt = SELINUXMNT; |
Stephen Smalley | d10c343 | 2012-11-05 11:49:35 -0500 | [diff] [blame] | 1462 | int rc; |
| 1463 | rc = mount(SELINUXFS, mnt, SELINUXFS, 0, NULL); |
| 1464 | if (rc < 0) { |
rpcraig | f1724a3 | 2012-08-01 15:35:37 -0400 | [diff] [blame] | 1465 | if (errno == ENODEV) { |
| 1466 | /* SELinux not enabled in kernel */ |
| 1467 | return -1; |
| 1468 | } |
Stephen Smalley | d10c343 | 2012-11-05 11:49:35 -0500 | [diff] [blame] | 1469 | if (errno == ENOENT) { |
| 1470 | /* Fall back to legacy mountpoint. */ |
| 1471 | mnt = OLDSELINUXMNT; |
Alice Chu | d2302ca | 2013-01-04 16:02:46 -0800 | [diff] [blame] | 1472 | rc = mkdir(mnt, 0755); |
| 1473 | if (rc == -1 && errno != EEXIST) { |
| 1474 | selinux_log(SELINUX_ERROR,"SELinux: Could not mkdir: %s\n", |
| 1475 | strerror(errno)); |
| 1476 | return -1; |
| 1477 | } |
Stephen Smalley | d10c343 | 2012-11-05 11:49:35 -0500 | [diff] [blame] | 1478 | rc = mount(SELINUXFS, mnt, SELINUXFS, 0, NULL); |
| 1479 | } |
| 1480 | } |
| 1481 | if (rc < 0) { |
rpcraig | f1724a3 | 2012-08-01 15:35:37 -0400 | [diff] [blame] | 1482 | selinux_log(SELINUX_ERROR,"SELinux: Could not mount selinuxfs: %s\n", |
| 1483 | strerror(errno)); |
| 1484 | return -1; |
| 1485 | } |
Stephen Smalley | d10c343 | 2012-11-05 11:49:35 -0500 | [diff] [blame] | 1486 | set_selinuxmnt(mnt); |
rpcraig | f1724a3 | 2012-08-01 15:35:37 -0400 | [diff] [blame] | 1487 | |
Robert Craig | 5b5183f | 2014-03-17 20:53:06 -0400 | [diff] [blame] | 1488 | return selinux_android_load_policy_helper(false); |
rpcraig | 9b10083 | 2012-07-27 06:36:59 -0400 | [diff] [blame] | 1489 | } |
Riley Spahn | bad0ebb | 2014-06-11 16:07:53 -0700 | [diff] [blame] | 1490 | |
| 1491 | int selinux_log_callback(int type, const char *fmt, ...) |
| 1492 | { |
| 1493 | va_list ap; |
| 1494 | int priority; |
Nick Kralevich | f58dbdd | 2014-07-01 11:01:13 -0700 | [diff] [blame] | 1495 | char *strp; |
Riley Spahn | bad0ebb | 2014-06-11 16:07:53 -0700 | [diff] [blame] | 1496 | |
| 1497 | switch(type) { |
| 1498 | case SELINUX_WARNING: |
| 1499 | priority = ANDROID_LOG_WARN; |
| 1500 | break; |
| 1501 | case SELINUX_INFO: |
| 1502 | priority = ANDROID_LOG_INFO; |
| 1503 | break; |
| 1504 | default: |
| 1505 | priority = ANDROID_LOG_ERROR; |
| 1506 | break; |
| 1507 | } |
| 1508 | |
| 1509 | va_start(ap, fmt); |
Nick Kralevich | f58dbdd | 2014-07-01 11:01:13 -0700 | [diff] [blame] | 1510 | if (vasprintf(&strp, fmt, ap) != -1) { |
| 1511 | LOG_PRI(priority, "SELinux", "%s", strp); |
| 1512 | LOG_EVENT_STRING(AUDITD_LOG_TAG, strp); |
| 1513 | free(strp); |
| 1514 | } |
Riley Spahn | bad0ebb | 2014-06-11 16:07:53 -0700 | [diff] [blame] | 1515 | va_end(ap); |
| 1516 | return 0; |
| 1517 | } |