Gitiles
Code Review Sign In
LeafOS / LeafOS-Project / android_system_sepolicy / da70a5a223aa4bb96edec1d7a720b7b2c77b4ba7 / . / tools / check_seapp.c
blob: 02882af31ef8c12031b0b0b5660fb3db5cefde0e [file] [log] [blame]
#include <stdio.h>
#include <stdarg.h>
#include <ctype.h>
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <string.h>
#include <errno.h>
#include <stdint.h>
#include <search.h>
#include <stdbool.h>
#include <sepol/sepol.h>
#include <sepol/policydb/policydb.h>
#include <pcre2.h>
#define TABLE_SIZE 1024
#define KVP_NUM_OF_RULES (sizeof(rules) / sizeof(key_map))
#define log_set_verbose() do { logging_verbose = 1; log_info("Enabling verbose\n"); } while(0)
#define log_error(fmt, ...) log_msg(stderr, "Error: ", fmt, ##__VA_ARGS__)
#define log_warn(fmt, ...) log_msg(stderr, "Warning: ", fmt, ##__VA_ARGS__)
#define log_info(fmt, ...) if (logging_verbose ) { log_msg(stdout, "Info: ", fmt, ##__VA_ARGS__); }
#define APP_DATA_REQUIRED_ATTRIB "app_data_file_type"
#define COREDOMAIN "coredomain"
/**
* Initializes an empty, static list.
*/
#define list_init(free_fn) { .head = NULL, .tail = NULL, .freefn = (free_fn) }
/**
* given an item in the list, finds the offset for the container
* it was stored in.
*
* @element The element from the list
* @type The container type ie what you allocated that has the list_element structure in it.
* @name The name of the field that is the list_element
*
*/
#define list_entry(element, type, name) \
(type *)(((uint8_t *)(element)) - (uint8_t *)&(((type *)NULL)->name))
/**
* Iterates over the list, do not free elements from the list when using this.
* @list The list head to walk
* @var The variable name for the cursor
*/
#define list_for_each(list, var) \
for(var = (list)->head; var != NULL; var = var->next) /*NOLINT*/
typedef struct hash_entry hash_entry;
typedef enum key_dir key_dir;
typedef enum data_type data_type;
typedef enum rule_map_switch rule_map_switch;
typedef enum map_match map_match;
typedef struct key_map key_map;
typedef struct kvp kvp;
typedef struct rule_map rule_map;
typedef struct policy_info policy_info;
typedef struct list_element list_element;
typedef struct list list;
typedef struct key_map_regex key_map_regex;
typedef struct file_info file_info;
typedef struct coredomain_violation_entry coredomain_violation_entry;
enum map_match {
map_no_matches,
map_input_matched,
map_matched
};
const char *map_match_str[] = {
"do not match",
"match on all inputs",
"match on everything"
};
/**
* Whether or not the "key" from a key vaue pair is considered an
* input or an output.
*/
enum key_dir {
dir_in, dir_out
};
struct list_element {
list_element *next;
};
struct list {
list_element *head;
list_element *tail;
void (*freefn)(list_element *e);
};
struct key_map_regex {
pcre2_code *compiled;
pcre2_match_data *match_data;
};
/**
* The workhorse of the logic. This struct maps key value pairs to
* an associated set of meta data maintained in rule_map_new()
*/
struct key_map {
char *name;
key_dir dir;
char *data;
key_map_regex regex;
bool (*fn_validate)(char *value, const char *filename, int lineno, char **errmsg);
};
/**
* Key value pair struct, this represents the raw kvp values coming
* from the rules files.
*/
struct kvp {
char *key;
char *value;
};
/**
* Rules are made up of meta data and an associated set of kvp stored in a
* key_map array.
*/
struct rule_map {
bool is_never_allow;
list violations;
list_element listify;
char *key; /** key value before hashing */
size_t length; /** length of the key map */
int lineno; /** Line number rule was encounter on */
char *filename; /** File it was found in */
key_map m[]; /** key value mapping */
};
struct hash_entry {
list_element listify;
rule_map *r; /** The rule map to store at that location */
};
/**
* Data associated for a policy file
*/
struct policy_info {
char *policy_file_name; /** policy file path name */
FILE *policy_file; /** file handle to the policy file */
sepol_policydb_t *db;
sepol_policy_file_t *pf;
sepol_handle_t *handle;
sepol_context_t *con;
bool vendor;
};
struct file_info {
FILE *file; /** file itself */
const char *name; /** name of file. do not free, these are not alloc'd */
list_element listify;
};
struct coredomain_violation_entry {
list_element listify;
char *domain;
char *filename;
int lineno;
};
static void coredomain_violation_list_freefn(list_element *e);
static void input_file_list_freefn(list_element *e);
static void line_order_list_freefn(list_element *e);
static void rule_map_free(rule_map *rm, bool is_in_htable);
/** Set to !0 to enable verbose logging */
static int logging_verbose = 0;
/** file handle to the output file */
static file_info out_file;
static list input_file_list = list_init(input_file_list_freefn);
static list coredomain_violation_list = list_init(coredomain_violation_list_freefn);
static policy_info pol = {
.policy_file_name = NULL,
.policy_file = NULL,
.db = NULL,
.pf = NULL,
.handle = NULL,
.con = NULL,
.vendor = false
};
/**
* Head pointer to a linked list of
* rule map table entries (hash_entry), used for
* preserving the order of entries
* based on "first encounter"
*/
static list line_order_list = list_init(line_order_list_freefn);
/*
* List of hash_entrys for never allow rules.
*/
static list nallow_list = list_init(line_order_list_freefn);
/* validation call backs */
static bool validate_bool(char *value, const char *filename, int lineno, char **errmsg);
static bool validate_levelFrom(char *value, const char *filename, int lineno, char **errmsg);
static bool validate_domain(char *value, const char *filename, int lineno, char **errmsg);
static bool validate_type(char *value, const char *filename, int lineno, char **errmsg);
static bool validate_selinux_level(char *value, const char *filename, int lineno, char **errmsg);
static bool validate_uint(char *value, const char *filename, int lineno, char **errmsg);
/**
* The heart of the mapping process, this must be updated if a new key value pair is added
* to a rule.
*/
key_map rules[] = {
/*Inputs*/
{ .name = "isSystemServer", .dir = dir_in, .fn_validate = validate_bool },
{ .name = "isEphemeralApp", .dir = dir_in, .fn_validate = validate_bool },
{ .name = "user", .dir = dir_in, },
{ .name = "seinfo", .dir = dir_in, },
{ .name = "name", .dir = dir_in, },
{ .name = "isPrivApp", .dir = dir_in, .fn_validate = validate_bool },
{ .name = "minTargetSdkVersion", .dir = dir_in, .fn_validate = validate_uint },
{ .name = "fromRunAs", .dir = dir_in, .fn_validate = validate_bool },
{ .name = "isIsolatedComputeApp", .dir = dir_in, .fn_validate = validate_bool },
{ .name = "isSdkSandboxAudit", .dir = dir_in, .fn_validate = validate_bool },
{ .name = "isSdkSandboxNext", .dir = dir_in, .fn_validate = validate_bool },
/*Outputs*/
{ .name = "domain", .dir = dir_out, .fn_validate = validate_domain },
{ .name = "type", .dir = dir_out, .fn_validate = validate_type },
{ .name = "levelFromUid", .dir = dir_out, .fn_validate = validate_bool },
{ .name = "levelFrom", .dir = dir_out, .fn_validate = validate_levelFrom },
{ .name = "level", .dir = dir_out, .fn_validate = validate_selinux_level },
};
/**
* Appends to the end of the list.
* @list The list to append to
* @e the element to append
*/
void list_append(list *list, list_element *e) {
memset(e, 0, sizeof(*e));
if (list->head == NULL ) {
list->head = list->tail = e;
return;
}
list->tail->next = e;
list->tail = e;
return;
}
/**
* Free's all the elements in the specified list.
* @list The list to free
*/
static void list_free(list *list) {
list_element *tmp;
list_element *cursor = list->head;
while (cursor) {
tmp = cursor;
cursor = cursor->next;
if (list->freefn) {
list->freefn(tmp);
}
}
}
/*
* called when the lists are freed
*/
static void line_order_list_freefn(list_element *e) {
hash_entry *h = list_entry(e, typeof(*h), listify);
rule_map_free(h->r, true);
free(h);
}
static void input_file_list_freefn(list_element *e) {
file_info *f = list_entry(e, typeof(*f), listify);
if (f->file) {
fclose(f->file);
}
free(f);
}
static void coredomain_violation_list_freefn(list_element *e) {
coredomain_violation_entry *c = list_entry(e, typeof(*c), listify);
free(c->domain);
free(c->filename);
free(c);
}
/**
* Send a logging message to a file
* @param out
* Output file to send message too
* @param prefix
* A special prefix to write to the file, such as "Error:"
* @param fmt
* The printf style formatter to use, such as "%d"
*/
static void __attribute__ ((format(printf, 3, 4)))
log_msg(FILE *out, const char *prefix, const char *fmt, ...) {
fprintf(out, "%s", prefix);
va_list args;
va_start(args, fmt);
vfprintf(out, fmt, args);
va_end(args);
}
/**
* Look up a type in the policy.
* @param db
* The policy db to search
* @param type
* The type to search for
* @param flavor
* The expected flavor of type
* @return
* Pointer to the type's datum if it exists in the policy with the expected
* flavor, NULL otherwise.
* @warning
* This function should not be called if libsepol is not linked statically
* to this executable and LINK_SEPOL_STATIC is not defined.
*/
static type_datum_t *find_type(sepol_policydb_t *db, char *type, uint32_t flavor) {
policydb_t *d = &db->p;
hashtab_datum_t dat = hashtab_search(d->p_types.table, type);
if (!dat) {
return NULL;
}
type_datum_t *type_dat = (type_datum_t *) dat;
if (type_dat->flavor != flavor) {
return NULL;
}
return type_dat;
}
static bool type_has_attribute(sepol_policydb_t *db, type_datum_t *type_dat,
type_datum_t *attrib_dat) {
policydb_t *d = &db->p;
ebitmap_t *attr_bits = &d->type_attr_map[type_dat->s.value - 1];
return ebitmap_get_bit(attr_bits, attrib_dat->s.value - 1) != 0;
}
static bool match_regex(key_map *assert, const key_map *check) {
char *tomatch = check->data;
int ret = pcre2_match(assert->regex.compiled, (PCRE2_SPTR) tomatch,
PCRE2_ZERO_TERMINATED, 0, 0,
assert->regex.match_data, NULL);
/* ret > 0 from pcre2_match means matched */
return ret > 0;
}
static bool compile_regex(key_map *km, int *errcode, PCRE2_SIZE *erroff) {
size_t size;
char *anchored;
/*
* Explicitly anchor all regex's
* The size is the length of the string to anchor (km->data), the anchor
* characters ^ and $ and the null byte. Hence strlen(km->data) + 3
*/
size = strlen(km->data) + 3;
anchored = alloca(size);
sprintf(anchored, "^%s$", km->data);
km->regex.compiled = pcre2_compile((PCRE2_SPTR) anchored,
PCRE2_ZERO_TERMINATED,
PCRE2_DOTALL,
errcode, erroff,
NULL);
if (!km->regex.compiled) {
return false;
}
km->regex.match_data = pcre2_match_data_create_from_pattern(
km->regex.compiled, NULL);
if (!km->regex.match_data) {
pcre2_code_free(km->regex.compiled);
return false;
}
return true;
}
static bool validate_bool(
char *value,
__attribute__ ((unused)) const char *filename,
__attribute__ ((unused)) int lineno,
char **errmsg) {
if (!strcmp("true", value) || !strcmp("false", value)) {
return true;
}
*errmsg = "Expecting \"true\" or \"false\"";
return false;
}
static bool validate_levelFrom(
char *value,
__attribute__ ((unused)) const char *filename,
__attribute__ ((unused)) int lineno,
char **errmsg) {
if (strcasecmp(value, "none") && strcasecmp(value, "all") &&
strcasecmp(value, "app") && strcasecmp(value, "user")) {
*errmsg = "Expecting one of: \"none\", \"all\", \"app\" or \"user\"";
return false;
}
return true;
}
static bool validate_domain(char *value, const char *filename, int lineno, char **errmsg) {
#if defined(LINK_SEPOL_STATIC)
/*
* No policy file present means we cannot check
* SE Linux types
*/
if (!pol.policy_file) {
return true;
}
type_datum_t *type_dat = find_type(pol.db, value, TYPE_TYPE);
if (!type_dat) {
*errmsg = "Expecting a valid SELinux type";
return false;
}
if (pol.vendor) {
type_datum_t *attrib_dat = find_type(pol.db, COREDOMAIN, TYPE_ATTRIB);
if (!attrib_dat) {
*errmsg = "The attribute " COREDOMAIN " is not defined in the policy";
return false;
}
if (type_has_attribute(pol.db, type_dat, attrib_dat)) {
coredomain_violation_entry *entry = (coredomain_violation_entry *)malloc(sizeof(*entry));
entry->domain = strdup(value);
entry->filename = strdup(filename);
entry->lineno = lineno;
list_append(&coredomain_violation_list, &entry->listify);
}
}
#endif
return true;
}
static bool validate_type(
char *value,
__attribute__ ((unused)) const char *filename,
__attribute__ ((unused)) int lineno,
char **errmsg) {
#if defined(LINK_SEPOL_STATIC)
/*
* No policy file present means we cannot check
* SE Linux types
*/
if (!pol.policy_file) {
return true;
}
type_datum_t *type_dat = find_type(pol.db, value, TYPE_TYPE);
if (!type_dat) {
*errmsg = "Expecting a valid SELinux type";
return false;
}
type_datum_t *attrib_dat = find_type(pol.db, APP_DATA_REQUIRED_ATTRIB,
TYPE_ATTRIB);
if (!attrib_dat) {
/* If the policy doesn't contain the attribute, we can't check it */
return true;
}
if (!type_has_attribute(pol.db, type_dat, attrib_dat)) {
*errmsg = "Missing required attribute " APP_DATA_REQUIRED_ATTRIB;
return false;
}
#endif
return true;
}
static bool validate_selinux_level(
char *value,
__attribute__ ((unused)) const char *filename,
__attribute__ ((unused)) int lineno,
char **errmsg) {
/*
* No policy file present means we cannot check
* SE Linux MLS
*/
if (!pol.policy_file) {
return true;
}
int ret = sepol_mls_check(pol.handle, pol.db, value);
if (ret < 0) {
*errmsg = "Expecting a valid SELinux MLS value";
return false;
}
return true;
}
static bool validate_uint(
char *value,
__attribute__ ((unused)) const char *filename,
__attribute__ ((unused)) int lineno,
char **errmsg) {
char *endptr;
long longvalue;
longvalue = strtol(value, &endptr, 10);
if (('\0' != *endptr) || (longvalue < 0) || (longvalue > INT32_MAX)) {
*errmsg = "Expecting a valid unsigned integer";
return false;
}
return true;
}
/**
* Validates a key_map against a set of enforcement rules, this
* function exits the application on a type that cannot be properly
* checked
*
* @param m
* The key map to check
* @param lineno
* The line number in the source file for the corresponding key map
* @return
* true if valid, false if invalid
*/
static bool key_map_validate(key_map *m, const char *filename, int lineno,
bool is_neverallow) {
PCRE2_SIZE erroff;
int errcode;
bool rc = true;
char *key = m->name;
char *value = m->data;
char *errmsg = NULL;
char errstr[256];
log_info("Validating %s=%s\n", key, value);
/*
* Neverallows are completely skipped from validity checking so you can match
* un-unspecified inputs.
*/
if (is_neverallow) {
if (!m->regex.compiled) {
rc = compile_regex(m, &errcode, &erroff);
if (!rc) {
pcre2_get_error_message(errcode,
(PCRE2_UCHAR*) errstr,
sizeof(errstr));
log_error("Invalid regex on line %d : %s PCRE error: %s at offset %lu",
lineno, value, errstr, erroff);
}
}
goto out;
}
/* If the key has a validation routine, call it */
if (m->fn_validate) {
rc = m->fn_validate(value, filename, lineno, &errmsg);
if (!rc) {
log_error("Could not validate key \"%s\" for value \"%s\" on line: %d in file: \"%s\": %s\n", key, value,
lineno, filename, errmsg);
}
}
out:
log_info("Key map validate returning: %d\n", rc);
return rc;
}
/**
* Prints a rule map back to a file
* @param fp
* The file handle to print too
* @param r
* The rule map to print
*/
static void rule_map_print(FILE *fp, rule_map *r) {
size_t i;
key_map *m;
for (i = 0; i < r->length; i++) {
m = &(r->m[i]);
if (i < r->length - 1)
fprintf(fp, "%s=%s ", m->name, m->data);
else
fprintf(fp, "%s=%s", m->name, m->data);
}
}
/**
* Compare two rule maps for equality
* @param rmA
* a rule map to check
* @param rmB
* a rule map to check
* @return
* a map_match enum indicating the result
*/
static map_match rule_map_cmp(rule_map *rmA, rule_map *rmB) {
size_t i;
size_t j;
int inputs_found = 0;
int num_of_matched_inputs = 0;
int input_mode = 0;
size_t matches = 0;
key_map *mA;
key_map *mB;
for (i = 0; i < rmA->length; i++) {
mA = &(rmA->m[i]);
for (j = 0; j < rmB->length; j++) {
mB = &(rmB->m[j]);
input_mode = 0;
if (strcmp(mA->name, mB->name))
continue;
if (strcmp(mA->data, mB->data))
continue;
if (mB->dir != mA->dir)
continue;
else if (mB->dir == dir_in) {
input_mode = 1;
inputs_found++;
}
if (input_mode) {
log_info("Matched input lines: name=%s data=%s\n", mA->name, mA->data);
num_of_matched_inputs++;
}
/* Match found, move on */
log_info("Matched lines: name=%s data=%s", mA->name, mA->data);
matches++;
break;
}
}
/* If they all matched*/
if (matches == rmA->length) {
log_info("Rule map cmp MATCH\n");
return map_matched;
}
/* They didn't all match but the input's did */
else if (num_of_matched_inputs == inputs_found) {
log_info("Rule map cmp INPUT MATCH\n");
return map_input_matched;
}
/* They didn't all match, and the inputs didn't match, ie it didn't
* match */
else {
log_info("Rule map cmp NO MATCH\n");
return map_no_matches;
}
}
/**
* Frees a rule map
* @param rm
* rule map to be freed.
* @is_in_htable
* True if the rule map has been added to the hash table, false
* otherwise.
*/
static void rule_map_free(rule_map *rm, bool is_in_htable) {
size_t i;
size_t len = rm->length;
for (i = 0; i < len; i++) {
key_map *m = &(rm->m[i]);
free(m->data);
if (m->regex.compiled) {
pcre2_code_free(m->regex.compiled);
}
if (m->regex.match_data) {
pcre2_match_data_free(m->regex.match_data);
}
}
/*
* hdestroy() frees comparsion keys for non glibc
* on GLIBC we always free on NON-GLIBC we free if
* it is not in the htable.
*/
if (rm->key) {
#ifdef __GLIBC__
/* silence unused warning */
(void)is_in_htable;
free(rm->key);
#else
if (!is_in_htable) {
free(rm->key);
}
#endif
}
free(rm->filename);
free(rm);
}
static void free_kvp(kvp *k) {
free(k->key);
free(k->value);
}
/**
* Checks a rule_map for any variation of KVP's that shouldn't be allowed.
* It builds an assertion failure list for each rule map.
* Note that this function logs all errors.
*
* Current Checks:
* 1. That a specified name entry should have a specified seinfo entry as well.
* 2. That no rule violates a neverallow
* @param rm
* The rule map to check for validity.
*/
static void rule_map_validate(rule_map *rm) {
size_t i, j;
const key_map *rule;
key_map *nrule;
hash_entry *e;
rule_map *assert;
list_element *cursor;
list_for_each(&nallow_list, cursor) {
e = list_entry(cursor, typeof(*e), listify);
assert = e->r;
size_t cnt = 0;
for (j = 0; j < assert->length; j++) {
nrule = &(assert->m[j]);
// mark that nrule->name is for a null check
bool is_null_check = !strcmp(nrule->data, "\"\"");
for (i = 0; i < rm->length; i++) {
rule = &(rm->m[i]);
if (!strcmp(rule->name, nrule->name)) {
/* the name was found, (data cannot be false) then it was specified */
is_null_check = false;
if (match_regex(nrule, rule)) {
cnt++;
}
}
}
/*
* the nrule was marked in a null check and we never found a match on nrule, thus
* it matched and we update the cnt
*/
if (is_null_check) {
cnt++;
}
}
if (cnt == assert->length) {
list_append(&rm->violations, &assert->listify);
}
}
}
/**
* Given a set of key value pairs, this will construct a new rule map.
* On error this function calls exit.
* @param keys
* Keys from a rule line to map
* @param num_of_keys
* The length of the keys array
* @param lineno
* The line number the keys were extracted from
* @return
* A rule map pointer.
*/
static rule_map *rule_map_new(kvp keys[], size_t num_of_keys, int lineno,
const char *filename, bool is_never_allow) {
size_t i = 0, j = 0;
rule_map *new_map = NULL;
kvp *k = NULL;
key_map *r = NULL, *x = NULL;
bool seen[KVP_NUM_OF_RULES];
for (i = 0; i < KVP_NUM_OF_RULES; i++)
seen[i] = false;
new_map = calloc(1, (num_of_keys * sizeof(key_map)) + sizeof(rule_map));
if (!new_map)
goto oom;
new_map->is_never_allow = is_never_allow;
new_map->length = num_of_keys;
new_map->lineno = lineno;
new_map->filename = strdup(filename);
if (!new_map->filename) {
goto oom;
}
/* For all the keys in a rule line*/
for (i = 0; i < num_of_keys; i++) {
k = &(keys[i]);
r = &(new_map->m[i]);
for (j = 0; j < KVP_NUM_OF_RULES; j++) {
x = &(rules[j]);
/* Only assign key name to map name */
if (strcasecmp(k->key, x->name)) {
if (j == KVP_NUM_OF_RULES - 1) {
log_error("No match for key: %s\n", k->key);
goto err;
}
continue;
}
if (seen[j]) {
log_error("Duplicated key: %s\n", k->key);
goto err;
}
seen[j] = true;
memcpy(r, x, sizeof(key_map));
/* Assign rule map value to one from file */
r->data = strdup(k->value);
if (!r->data)
goto oom;
/* Enforce type check*/
log_info("Validating keys!\n");
if (!key_map_validate(r, filename, lineno, new_map->is_never_allow)) {
log_error("Could not validate\n");
goto err;
}
/*
* Only build key off of inputs with the exception of neverallows.
* Neverallows are keyed off of all key value pairs,
*/
if (r->dir == dir_in || new_map->is_never_allow) {
char *tmp;
int key_len = strlen(k->key);
int val_len = strlen(k->value);
int l = (new_map->key) ? strlen(new_map->key) : 0;
l = l + key_len + val_len;
l += 1;
tmp = realloc(new_map->key, l);
if (!tmp)
goto oom;
if (!new_map->key)
memset(tmp, 0, l);
new_map->key = tmp;
strncat(new_map->key, k->key, key_len);
strncat(new_map->key, k->value, val_len);
}
break;
}
free_kvp(k);
}
if (new_map->key == NULL) {
log_error("Strange, no keys found, input file corrupt perhaps?\n");
goto err;
}
return new_map;
oom:
log_error("Out of memory!\n");
err:
if (new_map) {
rule_map_free(new_map, false);
for (; i < num_of_keys; i++) {
k = &(keys[i]);
free_kvp(k);
}
}
return NULL;
}
/**
* Print the usage of the program
*/
static void usage() {
printf(
"checkseapp [options] <input file>\n"
"Processes an seapp_contexts file specified by argument <input file> (default stdin) "
"and allows later declarations to override previous ones on a match.\n"
"Options:\n"
"-h - print this help message\n"
"-v - enable verbose debugging informations\n"
"-p policy file - specify policy file for strict checking of output selectors against the policy\n"
"-o output file - specify output file or - for stdout. No argument runs in silent mode and outputs nothing\n");
}
static void init() {
bool has_out_file;
list_element *cursor;
file_info *tmp;
/* input files if the list is empty, use stdin */
if (!input_file_list.head) {
log_info("Using stdin for input\n");
tmp = malloc(sizeof(*tmp));
if (!tmp) {
log_error("oom");
exit(EXIT_FAILURE);
}
tmp->name = "stdin";
tmp->file = stdin;
list_append(&input_file_list, &(tmp->listify));
}
else {
list_for_each(&input_file_list, cursor) {
tmp = list_entry(cursor, typeof(*tmp), listify);
log_info("Opening input file: \"%s\"\n", tmp->name);
tmp->file = fopen(tmp->name, "r");
if (!tmp->file) {
log_error("Could not open file: %s error: %s\n", tmp->name,
strerror(errno));
exit(EXIT_FAILURE);
}
}
}
has_out_file = out_file.name != NULL;
/* If output file is -, then use stdout, else open the path */
if (has_out_file && !strcmp(out_file.name, "-")) {
out_file.file = stdout;
out_file.name = "stdout";
}
else if (has_out_file) {
out_file.file = fopen(out_file.name, "w+");
}
if (has_out_file && !out_file.file) {
log_error("Could not open file: \"%s\" error: \"%s\"\n", out_file.name,
strerror(errno));
exit(EXIT_FAILURE);
}
if (pol.policy_file_name) {
log_info("Opening policy file: %s\n", pol.policy_file_name);
pol.policy_file = fopen(pol.policy_file_name, "rb");
if (!pol.policy_file) {
log_error("Could not open file: %s error: %s\n",
pol.policy_file_name, strerror(errno));
exit(EXIT_FAILURE);
}
pol.handle = sepol_handle_create();
if (!pol.handle) {
log_error("Could not create sepolicy handle: %s\n",
strerror(errno));
exit(EXIT_FAILURE);
}
if (sepol_policy_file_create(&pol.pf) < 0) {
log_error("Could not create sepolicy file: %s!\n",
strerror(errno));
exit(EXIT_FAILURE);
}
sepol_policy_file_set_fp(pol.pf, pol.policy_file);
sepol_policy_file_set_handle(pol.pf, pol.handle);
if (sepol_policydb_create(&pol.db) < 0) {
log_error("Could not create sepolicy db: %s!\n",
strerror(errno));
exit(EXIT_FAILURE);
}
if (sepol_policydb_read(pol.db, pol.pf) < 0) {
log_error("Could not load policy file to db: invalid input file!\n");
exit(EXIT_FAILURE);
}
}
list_for_each(&input_file_list, cursor) {
tmp = list_entry(cursor, typeof(*tmp), listify);
log_info("Input file set to: \"%s\"\n", tmp->name);
}
log_info("Policy file set to: \"%s\"\n",
(pol.policy_file_name == NULL) ? "None" : pol.policy_file_name);
log_info("Output file set to: \"%s\"\n", out_file.name);
#if !defined(LINK_SEPOL_STATIC)
log_warn("LINK_SEPOL_STATIC is not defined\n""Not checking types!");
#endif
}
/**
* Handle parsing and setting the global flags for the command line
* options. This function calls exit on failure.
* @param argc
* argument count
* @param argv
* argument list
*/
static void handle_options(int argc, char *argv[]) {
int c;
file_info *input_file;
while ((c = getopt(argc, argv, "ho:p:vc")) != -1) {
switch (c) {
case 'h':
usage();
exit(EXIT_SUCCESS);
case 'o':
out_file.name = optarg;
break;
case 'p':
pol.policy_file_name = optarg;
break;
case 'v':
log_set_verbose();
break;
case 'c':
pol.vendor = true;
break;
case '?':
if (optopt == 'o' || optopt == 'p')
log_error("Option -%c requires an argument.\n", optopt);
else if (isprint (optopt))
log_error("Unknown option `-%c'.\n", optopt);
else {
log_error(
"Unknown option character `\\x%x'.\n",
optopt);
}
default:
exit(EXIT_FAILURE);
}
}
for (c = optind; c < argc; c++) {
input_file = calloc(1, sizeof(*input_file));
if (!input_file) {
log_error("oom");
exit(EXIT_FAILURE);
}
input_file->name = argv[c];
list_append(&input_file_list, &input_file->listify);
}
}
/**
* Adds a rule to the hash table and to the ordered list if needed.
* @param rm
* The rule map to add.
*/
static void rule_add(rule_map *rm) {
map_match cmp;
ENTRY e;
ENTRY *f;
hash_entry *entry;
hash_entry *tmp;
list *list_to_addto;
e.key = rm->key;
e.data = NULL;
log_info("Searching for key: %s\n", e.key);
/* Check to see if it has already been added*/
f = hsearch(e, FIND);
/*
* Since your only hashing on a partial key, the inputs we need to handle
* when you want to override the outputs for a given input set, as well as
* checking for duplicate entries.
*/
if (f) {
log_info("Existing entry found!\n");
tmp = (hash_entry *)f->data;
cmp = rule_map_cmp(rm, tmp->r);
log_error("Duplicate line detected in file: %s\n"
"Lines %d and %d %s!\n",
rm->filename, tmp->r->lineno, rm->lineno,
map_match_str[cmp]);
rule_map_free(rm, false);
goto err;
}
/* It wasn't found, just add the rule map to the table */
else {
entry = malloc(sizeof(hash_entry));
if (!entry)
goto oom;
entry->r = rm;
e.data = entry;
f = hsearch(e, ENTER);
if (f == NULL) {
goto oom;
}
/* new entries must be added to the ordered list */
entry->r = rm;
list_to_addto = rm->is_never_allow ? &nallow_list : &line_order_list;
list_append(list_to_addto, &entry->listify);
}
return;
oom:
if (e.key)
free(e.key);
if (entry)
free(entry);
if (rm)
free(rm);
log_error("Out of memory in function: %s\n", __FUNCTION__);
err:
exit(EXIT_FAILURE);
}
static void parse_file(file_info *in_file) {
char *p;
size_t len;
char *token;
char *saveptr;
bool is_never_allow;
bool found_whitespace;
size_t lineno = 0;
char *name = NULL;
char *value = NULL;
size_t token_cnt = 0;
char line_buf[BUFSIZ];
kvp keys[KVP_NUM_OF_RULES];
while (fgets(line_buf, sizeof(line_buf) - 1, in_file->file)) {
lineno++;
is_never_allow = false;
found_whitespace = false;
log_info("Got line %zu\n", lineno);
len = strlen(line_buf);
if (line_buf[len - 1] == '\n')
line_buf[len - 1] = '\0';
p = line_buf;
/* neverallow lines must start with neverallow (ie ^neverallow) */
if (!strncasecmp(p, "neverallow", strlen("neverallow"))) {
p += strlen("neverallow");
is_never_allow = true;
}
/* strip trailing whitespace skip comments */
while (isspace(*p)) {
p++;
found_whitespace = true;
}
if (*p == '#' || *p == '\0')
continue;
token = strtok_r(p, " \t", &saveptr);
if (!token)
goto err;
token_cnt = 0;
memset(keys, 0, sizeof(kvp) * KVP_NUM_OF_RULES);
while (1) {
name = token;
value = strchr(name, '=');
if (!value)
goto err;
*value++ = 0;
keys[token_cnt].key = strdup(name);
if (!keys[token_cnt].key)
goto oom;
keys[token_cnt].value = strdup(value);
if (!keys[token_cnt].value)
goto oom;
token_cnt++;
token = strtok_r(NULL, " \t", &saveptr);
if (!token)
break;
if (token_cnt == KVP_NUM_OF_RULES)
goto oob;
} /*End token parsing */
rule_map *r = rule_map_new(keys, token_cnt, lineno, in_file->name, is_never_allow);
if (!r)
goto err;
rule_add(r);
} /* End file parsing */
return;
err:
log_error("Reading file: \"%s\" line: %zu name: \"%s\" value: \"%s\"\n",
in_file->name, lineno, name, value);
if (found_whitespace && name && !strcasecmp(name, "neverallow")) {
log_error("perhaps whitespace before neverallow\n");
}
exit(EXIT_FAILURE);
oom:
log_error("In function %s: Out of memory\n", __FUNCTION__);
exit(EXIT_FAILURE);
oob:
log_error("Reading file: \"%s\" line: %zu reason: the size of key pairs exceeds the MAX(%zu)\n",
in_file->name, lineno, KVP_NUM_OF_RULES);
exit(EXIT_FAILURE);
}
/**
* Parses the seapp_contexts file and neverallow file
* and adds them to the hash table and ordered list entries
* when it encounters them.
* Calls exit on failure.
*/
static void parse() {
file_info *current;
list_element *cursor;
list_for_each(&input_file_list, cursor) {
current = list_entry(cursor, typeof(*current), listify);
parse_file(current);
}
}
static void validate() {
list_element *cursor, *v;
bool found_issues = false;
hash_entry *e;
rule_map *r;
coredomain_violation_entry *c;
list_for_each(&line_order_list, cursor) {
e = list_entry(cursor, typeof(*e), listify);
rule_map_validate(e->r);
}
list_for_each(&line_order_list, cursor) {
e = list_entry(cursor, typeof(*e), listify);
r = e->r;
list_for_each(&r->violations, v) {
found_issues = true;
log_error("Rule in File \"%s\" on line %d: \"", e->r->filename, e->r->lineno);
rule_map_print(stderr, e->r);
r = list_entry(v, rule_map, listify);
fprintf(stderr, "\" violates neverallow in File \"%s\" on line %d: \"", r->filename, r->lineno);
rule_map_print(stderr, r);
fprintf(stderr, "\"\n");
}
}
bool coredomain_violation = false;
list_for_each(&coredomain_violation_list, cursor) {
c = list_entry(cursor, typeof(*c), listify);
fprintf(stderr, "Forbidden attribute " COREDOMAIN " assigned to domain \"%s\" in "
"File \"%s\" on line %d\n", c->domain, c->filename, c->lineno);
coredomain_violation = true;
}
if (coredomain_violation) {
fprintf(stderr, "********************************************************************************\n");
fprintf(stderr, "You tried to assign coredomain with vendor seapp_contexts, which is not allowed.\n"
"Either move offending entries to system, system_ext, or product seapp_contexts,\n"
"or remove 'coredomain' attribute from the domains.\n"
"See an example of how to fix this:\n"
"https://android-review.googlesource.com/2671075\n");
fprintf(stderr, "********************************************************************************\n");
found_issues = true;
}
if (found_issues) {
exit(EXIT_FAILURE);
}
}
/**
* Should be called after parsing to cause the printing of the rule_maps
* stored in the ordered list, head first, which preserves the "first encountered"
* ordering.
*/
static void output() {
hash_entry *e;
list_element *cursor;
if (!out_file.file) {
log_info("No output file, not outputting.\n");
return;
}
list_for_each(&line_order_list, cursor) {
e = list_entry(cursor, hash_entry, listify);
rule_map_print(out_file.file, e->r);
fprintf(out_file.file, "\n");
}
}
/**
* This function is registered to the at exit handler and should clean up
* the programs dynamic resources, such as memory and fd's.
*/
static void cleanup() {
/* Only close this when it was opened by me and not the crt */
if (out_file.name && strcmp(out_file.name, "stdout") && out_file.file) {
log_info("Closing file: %s\n", out_file.name);
fclose(out_file.file);
}
if (pol.policy_file) {
log_info("Closing file: %s\n", pol.policy_file_name);
fclose(pol.policy_file);
if (pol.db)
sepol_policydb_free(pol.db);
if (pol.pf)
sepol_policy_file_free(pol.pf);
if (pol.handle)
sepol_handle_destroy(pol.handle);
}
log_info("Freeing lists\n");
list_free(&input_file_list);
list_free(&line_order_list);
list_free(&nallow_list);
list_free(&coredomain_violation_list);
hdestroy();
}
int main(int argc, char *argv[]) {
if (!hcreate(TABLE_SIZE)) {
log_error("Could not create hash table: %s\n", strerror(errno));
exit(EXIT_FAILURE);
}
atexit(cleanup);
handle_options(argc, argv);
init();
log_info("Starting to parse\n");
parse();
log_info("Parsing completed, generating output\n");
validate();
output();
log_info("Success, generated output\n");
exit(EXIT_SUCCESS);
}