José Bollo [Tue, 17 Dec 2013 12:25:47 +0000 (13:25 +0100)]
libsmack: fix a bug in validation of labels
The function `get_label` didn't handle the characters below
' ' and above '~' correctly.
Signed-off-by: José Bollo <jose.bollo@open.eurogiciel.org>
José Bollo [Tue, 17 Dec 2013 10:49:44 +0000 (11:49 +0100)]
chsmack: update of the manual
This new version of the manual includes the options
the dereferencing symbolic links and for removing
smack's labels.
Signed-off-by: José Bollo <jose.bollo@open.eurogiciel.org>
José Bollo [Tue, 10 Dec 2013 14:33:13 +0000 (15:33 +0100)]
chsmack: refusing repeated labels
Refusing to set many time a label is important for
security. If a label is set more than one time, wich
label is to use? Wich is the good?
Signed-off-by: José Bollo <jose.bollo@open.eurogiciel.org>
José Bollo [Tue, 10 Dec 2013 14:29:14 +0000 (15:29 +0100)]
chsmack: add option to remove labels
Adding that option allow chsmack to remove the smack labels.
It is really important to have it.
Signed-off-by: José Bollo <jose.bollo@open.eurogiciel.org>
José Bollo [Tue, 10 Dec 2013 14:22:15 +0000 (15:22 +0100)]
chsmack: split option scan in two parts
It prepares the futur option to remove smack labels.
It also separate the validation of the labels what can
improve the readability of the code.
Also add a check that the option transmute isn't repeated.
Signed-off-by: José Bollo <jose.bollo@open.eurogiciel.org>
José Bollo [Tue, 10 Dec 2013 14:11:41 +0000 (15:11 +0100)]
chsmack: using flags for labels
That modification prepare the addition of the option
to remove Smack labels. It seems also best to be agnostic
on what are valid smack labels (and rely on libsmack in the
futur) that maybe one day could be empty strings!
Signed-off-by: José Bollo <jose.bollo@open.eurogiciel.org>
José Bollo [Tue, 10 Dec 2013 14:01:58 +0000 (15:01 +0100)]
chsmack: checking transmute on directories
The transmute flag is meaningfull only on directories.
The program now check that the transmute flag is set
only on directories.
Signed-off-by: José Bollo <jose.bollo@open.eurogiciel.org>
José Bollo [Tue, 10 Dec 2013 13:47:27 +0000 (14:47 +0100)]
chsmack: add dereference option
Add the options that allow to follow the symbolic
links instead of modifying it. There is no really
need but it may help.
The text of the short option is moved.
It prepares to scan options in two passes. It also
centralize the definition of options, avoiding to have
many lines between the definitions.
Signed-off-by: José Bollo <jose.bollo@open.eurogiciel.org>
José Bollo [Tue, 10 Dec 2013 13:46:18 +0000 (14:46 +0100)]
chsmack: exchanging order of nested blocks if/for
Prepare to add the removing of labels and also reduce
the count of tests.
Signed-off-by: José Bollo <jose.bollo@open.eurogiciel.org>
José Bollo [Tue, 10 Dec 2013 13:43:32 +0000 (14:43 +0100)]
chsmack: use of 'smack_set_label_for_path'
To prepare to the future libsmack that will have a function
for writing Smack labels and to prepare to the handling of
symbolic links, the write of the labels is put in the
function 'smack_set_label_for_path'.
Signed-off-by: José Bollo <jose.bollo@open.eurogiciel.org>
José Bollo [Tue, 10 Dec 2013 13:37:31 +0000 (14:37 +0100)]
chsmack: use of 'smack_new_label_from_path'
The library libsmack offer a function for reading
Smack labels. It is better to use the function of the
library.
Signed-off-by: José Bollo <jose.bollo@open.eurogiciel.org>
José Bollo [Tue, 10 Dec 2013 13:26:40 +0000 (14:26 +0100)]
chsmack: validation of labels
To prepare to the future of libsmack (that will include the
validation function 'smack_label_length'), the validation
of the smack labels is separated from the main function.
Signed-off-by: José Bollo <jose.bollo@open.eurogiciel.org>
José Bollo [Tue, 10 Dec 2013 13:13:23 +0000 (14:13 +0100)]
chsmack: put usage string at head
Setting it at head is a reading improvement for
developpers that can quickly show the usage of the
program. It also makes the main function more readable.
Signed-off-by: José Bollo <jose.bollo@open.eurogiciel.org>
José Bollo [Tue, 10 Dec 2013 13:10:23 +0000 (14:10 +0100)]
chsmack: using linux constants for Smack's names
It is better to rely on the centralisation of names in a
single file: it can avoid errors.
The declarations of <linux/xattr.h> contains the definitions
of the names of the Smack's security attributes.
As Smack only runs on Linux and libsmack doesn't provides
a centralized version of the names of the security attributes
(because it were not needed), using the linux header seems
to be a good choice.
Signed-off-by: José Bollo <jose.bollo@open.eurogiciel.org>
Jarkko Sakkinen [Tue, 10 Dec 2013 11:19:02 +0000 (13:19 +0200)]
tests: starting point for stress testing
This starting point for stress testing. Generates 200 files each
with 10000 random access rules. Does not yet support modify rules.
Next step would be probably making this more parametrized.
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
José Bollo [Tue, 10 Dec 2013 09:23:37 +0000 (10:23 +0100)]
Fix return value of 'smack_new_label_from_path'
Change-Id: Ic5412e9555a64a81bf1a871b30844d73dbed5758
Signed-off-by: José Bollo <jose.bollo@open.eurogiciel.org>
Jarkko Sakkinen [Mon, 9 Dec 2013 13:05:27 +0000 (15:05 +0200)]
Revert "utils: use common code for apply_rules and apply_cipso"
This reverts commit
68e38ff3936597a3189d29f57a68dae5ac08db1e.
Jarkko Sakkinen [Thu, 5 Dec 2013 18:48:19 +0000 (20:48 +0200)]
Bumped version to 1.0.3.
Rafal Krypa [Wed, 4 Dec 2013 15:58:53 +0000 (16:58 +0100)]
utils: use common code for apply_rules and apply_cipso
Code for apply_rules() has been rewritten to use opendir() and readdir(),
but apply_cipso() remained implemented with nftw().
This patch implements both applying functions with opendir() and readdir()
using a common internal function apply_dir().
The resulting code is 45 lines shorter and keeps directory traversal logic
in single place.
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
Jarkko Sakkinen [Thu, 5 Dec 2013 18:18:02 +0000 (20:18 +0200)]
libsmack: clean up redundant stuff
Cleaned up redundant constants and code. Grouped related constants
nearby each other.
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Rafal Krypa [Mon, 22 Jul 2013 17:05:09 +0000 (19:05 +0200)]
libsmack: add support for new access mode for setting locks ("l")
This change should be backward compatible for kernels without l-mode support
as long as requested permissions don't contain this mode.
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
Jarkko Sakkinen [Thu, 5 Dec 2013 17:26:01 +0000 (19:26 +0200)]
utils: common.c: invalid fprintf()
fprintf() has path parameter that was not utilized.
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Jarkko Sakkinen [Thu, 28 Nov 2013 23:09:22 +0000 (01:09 +0200)]
utils: apply access rules to load/load2 in one shot
Open load/load2 only once. Inside the callback only collect rules
using smack_accessed_add_from_file(). Finally, apply access rules
in a single slot.
This was inspired by feedback from Rafal Krypa <r.krypa@samsung.com>.
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Jarkko Sakkinen [Tue, 3 Dec 2013 16:22:55 +0000 (18:22 +0200)]
Do not silently ignore files when applying them in smackload/ctl
Detect unknown file types and non-regular files and fail if they
are found with proper error reporting.
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Jarkko Sakkinen [Mon, 2 Dec 2013 17:34:51 +0000 (19:34 +0200)]
Merge remote-tracking branch 'jsakkine/issue60' into v1.0.x
Jarkko Sakkinen [Mon, 2 Dec 2013 16:22:49 +0000 (18:22 +0200)]
Merge remote-tracking branch 'rafal-krypa/issue70' into v1.0.x
Rafal Krypa [Mon, 2 Dec 2013 14:04:37 +0000 (15:04 +0100)]
smackctl: fix reporting "unknown action" (regression in ce452ab)
Running "smackctl apply" and "smackctl clear" ended with error and
message about unknown action, although the action was known and
performed successfully.
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
Rafal Krypa [Mon, 2 Dec 2013 15:03:28 +0000 (16:03 +0100)]
libsmack: fix smack_cipso_apply() failing with more than one rule
Fixing regression in
f47b9c90 that causes smack_cipso_apply() to fail due
to a typo.
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
Jarkko Sakkinen [Sun, 1 Dec 2013 15:03:55 +0000 (17:03 +0200)]
libsmack: remove redundant check for clear flag form accesses_apply()
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Jarkko Sakkinen [Sun, 1 Dec 2013 15:01:42 +0000 (17:01 +0200)]
libsmack: remove redundant strlen() call from accesses_apply()
Return value of snprintf() should give the same length as strlen()
would given that string fits into buffer.
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Jarkko Sakkinen [Sun, 1 Dec 2013 14:51:04 +0000 (16:51 +0200)]
libsmack: check in accesses_apply() that rule has short labels
Check rule has short labels when only 'load' is available.
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Jarkko Sakkinen [Mon, 2 Dec 2013 06:33:00 +0000 (08:33 +0200)]
Merge remote-tracking branch 'rafal-krypa/issue68' into v1.0.x
Jarkko Sakkinen [Sun, 1 Dec 2013 14:43:14 +0000 (16:43 +0200)]
libsmack: early fail in accesses_apply() if modify rules are not supported
In accesses_apply(), in the beginning of each iteration, check
that change_fd is a valid file descriptor if the current rule
is a modify rule. Return with -1 immediately if that is not the
case.
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Rafal Krypa [Thu, 3 Jan 2013 09:34:34 +0000 (10:34 +0100)]
libsmack: parse whole access type string, not only first 5 bytes.
Previous version of this function parsed only first ACC_LEN (5)
characters of access_type. Now the whole string will be read.
This will prevent silent ignoring of access type characters in cases
like "-rwxat" or "rrwxat".
Re-applying because it was reverted by
d2283792.
Rafal Krypa [Fri, 29 Nov 2013 19:42:25 +0000 (20:42 +0100)]
libsmack: fixed segfault in get_label() (regression in 66483b)
Commit 66483b introduced segfault in API functions smack_revoke_subject()
and smack_set_label_for_self().
Fix the accidental NULL pointer dereference.
Jarkko Sakkinen [Thu, 28 Nov 2013 16:04:12 +0000 (18:04 +0200)]
Merge remote-tracking branch 'jsakkine/issue64' into v1.0.x
Jarkko Sakkinen [Thu, 28 Nov 2013 15:49:47 +0000 (17:49 +0200)]
libsmack: fixed apply_accesses() (regression in
d2283792)
Took accesses_apply() from 8fd0167 and converted it mechanically
as possible to use the changed struct smack_rule. Now smackload
works succesfully for a single file too. Mistake I did in
d2283792 was that I unncessarily cleaned up accesses_apply()
at the same time as changing things. My bad.
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Jarkko Sakkinen [Wed, 27 Nov 2013 22:03:06 +0000 (00:03 +0200)]
isgx: fix: clear flag for directory parameter in smackload/smackctl
Clear flag was not properly applied when directory is given
for smackload. This patch fixes the issue. I decided to move
into opendir/readdir approach because nftw() does not support
supplying any kind of state to the callback. The end result
looks also more manageable that we had before.
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Rafal Krypa [Thu, 21 Nov 2013 12:42:24 +0000 (13:42 +0100)]
debian: enable parallel build.
Support `dpkg-buildpackage -j' by adding --parallel to dh invocations.
Rafal Krypa [Fri, 3 May 2013 12:04:51 +0000 (14:04 +0200)]
debian: convert for multi-arch packages.
Rafal Krypa [Fri, 22 Nov 2013 09:45:45 +0000 (10:45 +0100)]
debian: add build dependency on doxygen.
Make sure that devel manuals will be generated for libsmack-dev package.
Jarkko Sakkinen [Tue, 26 Nov 2013 19:02:05 +0000 (21:02 +0200)]
libsmack: revert access codes
Revert access codes as internal representation for access types
because they work much better when we have to merge rules.
Other aim of this patch is to clean up internal presentation.
After this change the whole access state can be represented
with only two integers.
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Jarkko Sakkinen [Mon, 25 Nov 2013 13:08:20 +0000 (15:08 +0200)]
utils: more verbose error reporting when applying rules
Add more verbose error reporting when applying either access
rules or CIPSO. The key point is to be able to separate whether
error occured during reading or applying phase.
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Zofia Abramowska [Fri, 22 Nov 2013 09:38:06 +0000 (10:38 +0100)]
Fix memory leak on smack_cipso
smack_cipso_free() didn't release main pointer, which was
inconsistent with header description and further usage in
apply_cipso_file().
(cherry picked from commit
6304f9a3f73312a7feb3b25fa593919744acb947)
Jarkko Sakkinen [Thu, 21 Nov 2013 18:50:37 +0000 (20:50 +0200)]
utils: fix CIPSO error messages in common.c
When applying CIPSO fails use different error message than when
applying access rules. Additionally, fixed indentation for lines
printing error message that are over 80 characters long.
(cherry picked from commit
43b5e8da94acba1f790eb65b4256ba6013397dde)
Jarkko Sakkinen [Thu, 21 Nov 2013 15:36:35 +0000 (17:36 +0200)]
doc: show version
Fix documentation to show correct package version.
(cherry picked from commit
399e3a662c0ddb81cae94804a96416ae856e7507)
Rafal Krypa [Thu, 21 Nov 2013 12:40:08 +0000 (13:40 +0100)]
doc: fix parallel build, broken by c5e2007.
Parallel make failed, because dependencies were not properly specified
for all auto generated man pages.
(cherry picked from commit
d9e0abc8657dc1ee5aab391af4543a7cd1c9d757)
Rafal Krypa [Thu, 21 Nov 2013 11:47:26 +0000 (12:47 +0100)]
debian: fix package build, broken by c5e2007.
Auto generated manpages are in different locations than static ones, so
libsmack-dev.manpages needs to be modified.
It now includes all generated section 3 manuals.
(cherry picked from commit
b3b70c21b75cc5e92d7334406557a8f49d0b4714)
Jarkko Sakkinen [Tue, 19 Nov 2013 20:34:02 +0000 (22:34 +0200)]
Generate API documentation by using Doxygen.
Generate API documentation from smack.h by using Doxygen so that
documentation needs to be maintained only in one place.
(cherry picked from commit
c5e200768a99451c559570b0a44673a8ecd5ee7f)
Conflicts:
doc/Makefile.am
doc/smack_have_access.3
Rafal Krypa [Wed, 20 Nov 2013 11:47:26 +0000 (12:47 +0100)]
Solve problem with "make distcheck" breaking on systemd config files.
Dist packages created by "make dist" were built without smack.mount and
smack.service files. This caused the packages to fail to build.
Adding the files to EXTRA_DIST solves the problem.
(cherry picked from commit
73ec7d5be2c87bf13dbd45f2cb8433122b1bd08d)
Jarkko Sakkinen [Tue, 19 Nov 2013 13:07:17 +0000 (15:07 +0200)]
Copy labels using get_label()
Copy and validate labels in a single transaction:
- No trust for having '\0' in the src buffer when copying
labels.
- Improves performance by combining length calculation, validation
and copying.
(cherry picked from commit
16f84d57e2766f1ccfd59ae77fad407b6cc5ff81)
Jarkko Sakkinen [Tue, 19 Nov 2013 11:49:37 +0000 (13:49 +0200)]
Helper function get_label()
The helper function ssize_t get_label(char *dest, const char *src)
validates the given label and copies it to the dest buffer if
available.
(cherry picked from commit
09fdff9a456dec54a4c8548c9b9acbcbce48d59a)
Jarkko Sakkinen [Mon, 18 Nov 2013 16:04:03 +0000 (18:04 +0200)]
Use strncpy() always copying labels.
Defence in depth and a good practice. Places an absolute limit
to the length copied.
(cherry picked from commit
0eee8f8b3efd153c5ef09c08244e189f0cda51a4)
Jarkko Sakkinen [Thu, 14 Nov 2013 15:29:05 +0000 (17:29 +0200)]
Fixed copyright clauses.
Checked that copyright notices are properly set up as according to:
http://www.gnu.org/licenses/gpl-howto.html
Corrected where they are not. Note that one or two-line fixes do not
count as copyrightable assets.
Additionally, fixed a minor indentation issue in chsmack.c.
(cherry picked from commit
7b41f3cff96755146539f74a8c780ac9bbe71b36)
Rafał Krypa [Thu, 14 Nov 2013 23:58:22 +0000 (00:58 +0100)]
Regression fix: don't modify smack_accesses while applying the rules.
Regression introduced in
eaf908fd caused access_type field to be modified,
when smack_accesses_apply() is called with clear set to true.
This patch reverts that, restoring invariant that smack_accessess_apply()
doesn't modify given rule set.
(cherry picked from commit
74f5b5c21a2ed9c0576c3c3ab3802d11d66098a9)
Jarkko Sakkinen [Wed, 30 Oct 2013 13:52:19 +0000 (15:52 +0200)]
Fix man pages
Regression from 1edba54.
(cherry picked from commit
e6f32e4403ad549102cfbdbd02b4dcd254da84d2)
Janusz Kozerski [Mon, 28 Oct 2013 13:28:59 +0000 (14:28 +0100)]
Use smack_label_length() internally instead strnlen()
Use smack_label_length() to check correctness labels instead strnlen().
(cherry picked from commit
6d3fd3049e08377f75b554cedcd200286fbf359c)
Janusz Kozerski [Mon, 28 Oct 2013 13:44:05 +0000 (14:44 +0100)]
Fix value returned by smack_label_length()
In some cases smack_label_length have returned 0 on incorrect label.
Now smack_label_length() always returns -1 in case of incorrect label.
(cherry picked from commit
f7e4232a319b269f6214af660173eebaa605ad9e)
Jarkko Sakkinen [Fri, 25 Oct 2013 13:06:28 +0000 (16:06 +0300)]
Remove errno assignments
If we want to report something libsmack specific, then we should
have our own error codes. By using errno values to report libsmack
specific error condition we almost zero their value. By removing
these assignment you can resolved from a changed errno value that
a system call failed.
This patch does not break API contract as use of errno values is
undefined in the API documentation.
(cherry picked from commit
1edba541de63b088a60d89e4a0433bf9149c4b13)
Jarkko Sakkinen [Fri, 25 Oct 2013 12:46:56 +0000 (15:46 +0300)]
Removed smack_label_length() API
In order to use this smack_label_length() in 1.0 branch, this patch
takes it away from the API. Adds temporarily unused attribute to the
function siganture.
Janusz Kozerski [Wed, 2 Oct 2013 07:52:23 +0000 (09:52 +0200)]
Add smack_label_length() function
Kernel does not validate the Smack label - instead the label will be
cut on the first incorrect character (after parsing at least one
correct character).
This function gives the user possibility to verify the correctness
of the Smack label before use and calculate labels length.
Additionally, all string length calculations are replaces with this
function to make implementation safer.
[jarkko.sakkinen@linux.intel.com:
did some modifications:
- smack_is_label_valid() -> smack_label_length()
- libsmack.c:
* return length
* loop invariant had off-by-one error
* cosmetic: "++i" not "i++"
- libsmack.h:
* updated documentation
* cosmetic: formatting errors in @param and @return]
(cherry picked from commit
8b083a8c67219c5d1dbfbf2ad1082c1954f9c9fa)
Zofia Abramowska [Tue, 6 Aug 2013 13:42:33 +0000 (15:42 +0200)]
Cleaning error logs for rules applying utilities
Removed perror logs from main utilities files. Moved error logs
inside /utils/common.c. Errors are logged from I/O operations and
applying rules/cipso from files.
(cherry picked from commit
bcaf9018f41809cb93aaccf9e9fb49b59750dc7e)
Jarkko Sakkinen [Tue, 22 Oct 2013 19:26:26 +0000 (22:26 +0300)]
Add parameter name back to the chsmack error message
This patch add parameter name back to the error message. Instead
of relaying on hazardous longindex parameter of getopt_long(), a
look-up table is constructed to map short option to the corresponding
struct option entry.
Additionally, the basename of the application is added to the error
message. Also usage message is converted to use basename instead of
the full path name.
(cherry picked from commit
d98a04ff7ccbcfcf36d9d4d43de68448b70da9fa)
José Bollo [Mon, 21 Oct 2013 10:18:50 +0000 (12:18 +0200)]
utils/chsmack: fix hazardous option parsing
The variable option_index was only set to a proper value if the
given option is a long option. There was also exit() missing on
error condition if SMACK label was invalid.
This patch removes option_index, parameter name from corresponding
error message and adds exit() call when the error condition
realizes.
[jarkko.sakkinen@linux.intel.com: rewrote patch description]
(cherry picked from commit
18ebc2fe71da94599e45029d7b26144c6bbe7cb4)
Jarkko Sakkinen [Mon, 21 Oct 2013 16:21:42 +0000 (19:21 +0300)]
Fix: accept 255 character labels
Example:
# /home/jsakkine/devel/smack/utils/chsmack \
-a$(printf '12345%.0s' {1..51}) foo
foo: Invalid argument
# /home/jsakkine/devel/smack/utils/chsmack \
-a$(printf '12345%.0s' {1..51} | head -c -1) foo
#
This patch fixes this issue.
(cherry picked from commit
1794fed08418b0e254e1e3a7325a8a67f8186bbc)
Zofia Abramowska [Tue, 8 Oct 2013 14:24:24 +0000 (16:24 +0200)]
Change apply_cipso_cb() to use proper apply_cipso_file()
apply_cipso_cb() used improper apply_rules_file(). Changed this to
call apply_cipso_file() instead.
(cherry picked from commit
d45ffe9082243377cdba9a2d224bab0e110501e0)
Jarkko Sakkinen [Tue, 8 Oct 2013 13:17:23 +0000 (16:17 +0300)]
Fix: allow CIPSO labels with zero categories
There was false restriction in smack_cipso_add_from_file() that
disallowed CIPSO labels without categories.
For example, this example given in the SMACK kernel documentation
should be perfectly legal:
TopSecret 7
(cherry picked from commit
4e4ea9142727ca7f14bf1d64cd81949b28bb1d0b)
Jarkko Sakkinen [Wed, 2 Oct 2013 08:07:59 +0000 (11:07 +0300)]
Documented order in which access rules are applied to kernel.
(cherry picked from commit
f82cadf3b7a9d84ae0bf2aa06fb8ecff9b4332dc)
Jarkko Sakkinen [Wed, 2 Oct 2013 05:49:02 +0000 (08:49 +0300)]
Fixes for doxygen errors coming from 3810596.
Doxygen errors that are regression from 3810596. Went in because
I forgot to install doxygen into my test environment.
(cherry picked from commit
8ef1846c05d32a92b23538ee491fd31350c2a045)
Jarkko Sakkinen [Wed, 2 Oct 2013 05:38:59 +0000 (08:38 +0300)]
libsmack: clean up smack_accesses_add_modify()
This patch makes smack_accesses_add_modify() easier to follow by
changing variable names bit more self-documentative and less easier
to mix up with adding and deleting rules. This patch also fixes some
very minor coding style errors.
Also documentation of this function is cleaned up.
(cherry picked from commit
22c98dd03e352057b23f8d8d2d9ad252175c685b)
Jarkko Sakkinen [Tue, 1 Oct 2013 23:56:06 +0000 (02:56 +0300)]
Cleaned up init code.
There was lot of clutter and misleading comments in the code
and some minor coding convention issues. This patch cleans up
init.c for the most part.
(cherry picked from commit
c59864f9d4a67dcf76ba01d9c4db2b12fada6339)
Jarkko Sakkinen [Wed, 2 Oct 2013 17:41:16 +0000 (20:41 +0300)]
Update configure.ac version and mainter information
Update version to 1.0.2 and maintaer email from @intel.com
to @linux.intel.com.
Jarkko Sakkinen [Wed, 2 Oct 2013 17:33:06 +0000 (20:33 +0300)]
Set revision for v1.0.2 release
This was forgotten to set for v1.0.1. My apologies.
Setting this early on so will not be forgotten when
v1.0.2 is tagged.
Jarkko Sakkinen [Mon, 30 Sep 2013 13:18:32 +0000 (16:18 +0300)]
Major documentation cleanup.
smack.h was starting to rotten so I did a major cleanup for it.
Also fixed couple of minor doxygen issues by removing deprecated
variables.
Jarkko Sakkinen [Mon, 30 Sep 2013 11:56:34 +0000 (14:56 +0300)]
Removed redundant is_smackfs_mounted().
This functionality is fully handled in the library initialization.
Jarkko Sakkinen [Mon, 30 Sep 2013 11:32:31 +0000 (14:32 +0300)]
Revert "Avoid memory allocation while opening smackfs files."
This reverts commit
0426039bffdb82b0f7974639c1c1e361929b1cd5.
Rafal Krypa [Mon, 22 Jul 2013 09:22:30 +0000 (11:22 +0200)]
Avoid memory allocation while opening smackfs files.
Using openat() on pre-opened smackfs directory eliminates need to construct
absolute path to a smackfs file before opening it.
Rafal Krypa [Fri, 16 Aug 2013 08:48:56 +0000 (10:48 +0200)]
Prevent potentially unterminated buffers while adding rule to the list
Functions smack_accesses_add() and smack_accesses_add_modify() don't check
length of arguments subject and object. These arguments are used as source
for strncpy(), which can cause labels to be truncated.
But the length argument for strncpy() is too large. This might cause
rule->subject or rule->object to be not terminated by null character.
It can happen when these functions are called from outside libsmack.
It can also happen while parsing files in smack_accesses_add_from_file(),
because that function doesn't validate subject and object too.
This commit fixes the problem by checking arguments in smack_accesses_add()
and smack_accesses_add_modify(). After checking strcpy() is safe for
copying them.
Jarkko Sakkinen [Tue, 18 Jun 2013 06:37:42 +0000 (09:37 +0300)]
Added AUTHORS file.
Jarkko Sakkinen [Mon, 17 Jun 2013 21:59:01 +0000 (00:59 +0300)]
Cleaned up command line arguments handling in chsmack.
Argument handling code looks terrible at the moment in chsmack.
Migrated to getopt_long().
Jarkko Sakkinen [Sun, 16 Jun 2013 12:13:57 +0000 (15:13 +0300)]
Removed doc/smackd.8 from debian/smack-utils.manpages
Jarkko Sakkinen [Sun, 16 Jun 2013 12:10:56 +0000 (15:10 +0300)]
LIBSMACK -> LIBSMAC_1.0 in libsmack.sym
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@intel.com>
Jarkko Sakkinen [Sun, 16 Jun 2013 12:06:57 +0000 (15:06 +0300)]
Added smackctl back.
Added smackctl back because Debian needs it.
Jarkko Sakkinen [Thu, 13 Jun 2013 05:34:47 +0000 (08:34 +0300)]
Documentation fixes
* Added doc/smack_new_label_from_path.3.
* Fixed doxygen warnings from smack.h.
Jarkko Sakkinen [Thu, 13 Jun 2013 04:22:32 +0000 (07:22 +0300)]
Removed smackd and smackctl.
For shell usage smackload is enough so we don't want to be these as
part of the 1.0 release. systemd has built-in support for loading
SMACK rules.
jarkkos [Sat, 8 Jun 2013 08:02:50 +0000 (01:02 -0700)]
Merge pull request #12 from rafal-krypa/samsung
Use xattr.h from libc, not from libattr.
Jarkko Sakkinen [Mon, 3 Jun 2013 16:48:33 +0000 (19:48 +0300)]
smack_new_label_from_path fix: removed const specifier
Label parameter had const specifier by mistake.
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@intel.com>
Jarkko Sakkinen [Mon, 3 Jun 2013 08:52:05 +0000 (11:52 +0300)]
Added missing smack_new_label_from_path symbol to libsmack.sym
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@intel.com>
Jarkko Sakkinen [Mon, 3 Jun 2013 08:31:02 +0000 (11:31 +0300)]
Return length of the label on success in smack_new_label_from*
Return length of the label on success and negative value on
failure.
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@intel.com>
Jarkko Sakkinen [Mon, 3 Jun 2013 08:20:16 +0000 (11:20 +0300)]
fix: smack_new_from_path() follow parameter
Mistake in smack_new_from_path(). When follow is true getxattr()
should be called and lgetxattr() otherwise.
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@intel.com>
Rafal Krypa [Fri, 31 May 2013 05:49:42 +0000 (14:49 +0900)]
Use xattr.h from libc, not from libattr.
This fixes include in libsmack.c introduced in commit f409c17.
Jarkko Sakkinen [Mon, 27 May 2013 06:54:19 +0000 (09:54 +0300)]
Added follow parameter to smack_new_label_from_path()
Added follow parameter to smack_new_label_from_path() so that it
is useful for coreutils commands.
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@intel.com>
Jarkko Sakkinen [Tue, 21 May 2013 03:24:46 +0000 (20:24 -0700)]
Added function smack_label_from_path()
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@intel.com>
Jarkko Sakkinen [Tue, 21 May 2013 02:50:25 +0000 (19:50 -0700)]
Finalized cipso API.
Aligned cipso API with accesses API so that they have same style.
Added documenation comments for cipso API.
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@intel.com>
jarkkos [Tue, 14 May 2013 11:28:42 +0000 (04:28 -0700)]
Merge pull request #11 from rafal-krypa/samsung
Samsung
Rafal Krypa [Thu, 7 Feb 2013 14:52:45 +0000 (15:52 +0100)]
libsmack: add support for modification rules.
A new API function smack_accesses_add_modify() is provided for adding
modification rule to a set. Rule specifies permissions to grant and
permissions to revoke. If a rule for given subject and object already
existed, unmentioned permissions will be left unchanged.
Also smack_access_save() and smack_access_add_from_file() are modified
to support reading and writing such rules from/to a file.
Rafal Krypa [Thu, 3 Jan 2013 09:34:34 +0000 (10:34 +0100)]
libsmack: parse whole access type string, not only first 5 bytes.
Previous version of this function parsed only first ACC_LEN (5)
characters of access_type. Now the whole string will be read.
This will prevent silent ignoring of access type characters in cases
like "-rwxat" or "rrwxat".
Brian McGillion [Tue, 26 Mar 2013 09:41:07 +0000 (02:41 -0700)]
Merge pull request #10 from banada/master
disable services for systemd versions > 198
Nathaniel Chen [Fri, 8 Mar 2013 18:05:56 +0000 (10:05 -0800)]
disable services for new systemd versions
do not install smack.mount or smack.service if systemd is version
198 or higher. This functionality is now built into systemd.
PassionZhao [Wed, 20 Mar 2013 06:53:28 +0000 (23:53 -0700)]
Merge pull request #9 from PassionZhao/master
Fix the bug "smackcipso can't set CIPSO"