}
key.specified = spec_order[i] | enabled;
datum.u.data = le32_to_cpu(buf32[items++]);
+
+ if ((key.specified & AVTAB_TYPE) &&
+ !policydb_simpletype_isvalid(pol, datum.u.data)) {
+ pr_err("SELinux: avtab: invalid type\n");
+ return -EINVAL;
+ }
+
rc = insertf(a, &key, &datum, p);
if (rc)
return rc;
datum.u.data = le32_to_cpu(*buf32);
}
if ((key.specified & AVTAB_TYPE) &&
- !policydb_type_isvalid(pol, datum.u.data)) {
+ !policydb_simpletype_isvalid(pol, datum.u.data)) {
pr_err("SELinux: avtab: invalid type\n");
return -EINVAL;
}
return true;
}
+bool policydb_simpletype_isvalid(const struct policydb *p, u32 type)
+{
+ const struct type_datum *datum;
+
+ if (!type || type > p->p_types.nprim)
+ return false;
+
+ datum = p->type_val_to_struct[type - 1];
+ if (!datum)
+ return false;
+
+ if (datum->attribute)
+ return false;
+
+ return true;
+}
+
/*
* Return true if the fields in the security context
* structure `c' are valid. Return 0 otherwise.
key.name = name;
otype = le32_to_cpu(buf[3]);
+ if (!policydb_simpletype_isvalid(p, otype))
+ goto out;
last = NULL;
datum = policydb_filenametr_search(p, &key);
datum->otype = le32_to_cpu(buf[0]);
rc = -EINVAL;
- if (!policydb_type_isvalid(p, datum->otype))
+ if (!policydb_simpletype_isvalid(p, datum->otype))
goto out;
dst = &datum->next;
const struct context *c);
extern bool policydb_class_isvalid(const struct policydb *p, u16 class);
extern bool policydb_type_isvalid(const struct policydb *p, u32 type);
+extern bool policydb_simpletype_isvalid(const struct policydb *p, u32 type);
extern bool policydb_role_isvalid(const struct policydb *p, u32 role);
extern bool policydb_user_isvalid(const struct policydb *p, u32 user);
extern int policydb_read(struct policydb *p, struct policy_file *fp);
projects / thirdparty / kernel / linux.git / commitdiff
