Jarkko Sakkinen [Thu, 21 Nov 2013 09:10:56 +0000 (11:10 +0200)]
Merge remote-tracking branch 'jsakkine/issue45'
Rafal Krypa [Wed, 20 Nov 2013 11:47:26 +0000 (12:47 +0100)]
Solve problem with "make distcheck" breaking on systemd config files.
Dist packages created by "make dist" were built without smack.mount and
smack.service files. This caused the packages to fail to build.
Adding the files to EXTRA_DIST solves the problem.
Jarkko Sakkinen [Tue, 19 Nov 2013 20:34:02 +0000 (22:34 +0200)]
Generate API documentation by using Doxygen.
Generate API documentation from smack.h by using Doxygen so that
documentation needs to be maintained only in one place.
Jarkko Sakkinen [Tue, 19 Nov 2013 13:07:17 +0000 (15:07 +0200)]
Copy labels using get_label()
Copy and validate labels in a single transaction:
- No trust for having '\0' in the src buffer when copying
labels.
- Improves performance by combining length calculation, validation
and copying.
Jarkko Sakkinen [Tue, 19 Nov 2013 11:49:37 +0000 (13:49 +0200)]
Helper function get_label()
The helper function ssize_t get_label(char *dest, const char *src)
validates the given label and copies it to the dest buffer if
available.
Jarkko Sakkinen [Tue, 19 Nov 2013 08:36:52 +0000 (10:36 +0200)]
Merge remote-tracking branch 'jarkkos/strcpy-fix'
Jarkko Sakkinen [Tue, 19 Nov 2013 08:34:50 +0000 (10:34 +0200)]
Merge remote-tracking branch 'jarkkos/copyright-fix'
Jarkko Sakkinen [Mon, 18 Nov 2013 16:04:03 +0000 (18:04 +0200)]
Use strncpy() always copying labels.
Defence in depth and a good practice. Places an absolute limit
to the length copied.
Jarkko Sakkinen [Thu, 14 Nov 2013 15:29:05 +0000 (17:29 +0200)]
Fixed copyright clauses.
Checked that copyright notices are properly set up as according to:
http://www.gnu.org/licenses/gpl-howto.html
Corrected where they are not. Note that one or two-line fixes do not
count as copyrightable assets.
Additionally, fixed a minor indentation issue in chsmack.c.
Rafał Krypa [Thu, 14 Nov 2013 23:58:22 +0000 (00:58 +0100)]
Regression fix: don't modify smack_accesses while applying the rules.
Regression introduced in
eaf908fd caused access_type field to be modified,
when smack_accesses_apply() is called with clear set to true.
This patch reverts that, restoring invariant that smack_accessess_apply()
doesn't modify given rule set.
Jarkko Sakkinen [Wed, 30 Oct 2013 13:52:19 +0000 (15:52 +0200)]
Fix man pages
Regression from 1edba54.
Janusz Kozerski [Mon, 28 Oct 2013 13:28:59 +0000 (14:28 +0100)]
Use smack_label_length() internally instead strnlen()
Use smack_label_length() to check correctness labels instead strnlen().
Janusz Kozerski [Mon, 28 Oct 2013 13:44:05 +0000 (14:44 +0100)]
Fix value returned by smack_label_length()
In some cases smack_label_length have returned 0 on incorrect label.
Now smack_label_length() always returns -1 in case of incorrect label.
Jarkko Sakkinen [Mon, 28 Oct 2013 12:59:06 +0000 (14:59 +0200)]
Merge remote-tracking branch 'jarkkos/errno-cleanup'
Jarkko Sakkinen [Fri, 25 Oct 2013 13:06:28 +0000 (16:06 +0300)]
Remove errno assignments
If we want to report something libsmack specific, then we should
have our own error codes. By using errno values to report libsmack
specific error condition we almost zero their value. By removing
these assignment you can resolved from a changed errno value that
a system call failed.
This patch does not break API contract as use of errno values is
undefined in the API documentation.
Jarkko Sakkinen [Fri, 25 Oct 2013 12:58:48 +0000 (15:58 +0300)]
Fix: smack_label_length(): int -> ssize_t
Janusz Kozerski [Wed, 2 Oct 2013 07:52:23 +0000 (09:52 +0200)]
Add smack_label_length() function
Kernel does not validate the Smack label - instead the label will be
cut on the first incorrect character (after parsing at least one
correct character).
This function gives the user possibility to verify the correctness
of the Smack label before use and calculate labels length.
Additionally, all string length calculations are replaces with this
function to make implementation safer.
[jarkko.sakkinen@linux.intel.com:
did some modifications:
- smack_is_label_valid() -> smack_label_length()
- libsmack.c:
* return length
* loop invariant had off-by-one error
* cosmetic: "++i" not "i++"
- libsmack.h:
* updated documentation
* cosmetic: formatting errors in @param and @return]
Zofia Abramowska [Tue, 6 Aug 2013 13:42:33 +0000 (15:42 +0200)]
Cleaning error logs for rules applying utilities
Removed perror logs from main utilities files. Moved error logs
inside /utils/common.c. Errors are logged from I/O operations and
applying rules/cipso from files.
Jarkko Sakkinen [Tue, 22 Oct 2013 19:26:26 +0000 (22:26 +0300)]
Add parameter name back to the chsmack error message
This patch add parameter name back to the error message. Instead
of relaying on hazardous longindex parameter of getopt_long(), a
look-up table is constructed to map short option to the corresponding
struct option entry.
Additionally, the basename of the application is added to the error
message. Also usage message is converted to use basename instead of
the full path name.
José Bollo [Mon, 21 Oct 2013 10:18:50 +0000 (12:18 +0200)]
utils/chsmack: fix hazardous option parsing
The variable option_index was only set to a proper value if the
given option is a long option. There was also exit() missing on
error condition if SMACK label was invalid.
This patch removes option_index, parameter name from corresponding
error message and adds exit() call when the error condition
realizes.
[jarkko.sakkinen@linux.intel.com: rewrote patch description]
Jarkko Sakkinen [Mon, 21 Oct 2013 16:21:42 +0000 (19:21 +0300)]
Fix: accept 255 character labels
Example:
# /home/jsakkine/devel/smack/utils/chsmack \
-a$(printf '12345%.0s' {1..51}) foo
foo: Invalid argument
# /home/jsakkine/devel/smack/utils/chsmack \
-a$(printf '12345%.0s' {1..51} | head -c -1) foo
#
This patch fixes this issue.
Jarkko Sakkinen [Tue, 8 Oct 2013 14:36:32 +0000 (17:36 +0300)]
Merge branch 'cipso_bug' of git://github.com/zos/smack into zos-cipso_bug
Zofia Abramowska [Tue, 8 Oct 2013 14:24:24 +0000 (16:24 +0200)]
Change apply_cipso_cb() to use proper apply_cipso_file()
apply_cipso_cb() used improper apply_rules_file(). Changed this to
call apply_cipso_file() instead.
Jarkko Sakkinen [Tue, 8 Oct 2013 13:17:23 +0000 (16:17 +0300)]
Fix: allow CIPSO labels with zero categories
There was false restriction in smack_cipso_add_from_file() that
disallowed CIPSO labels without categories.
For example, this example given in the SMACK kernel documentation
should be perfectly legal:
TopSecret 7
Jarkko Sakkinen [Wed, 2 Oct 2013 08:07:59 +0000 (11:07 +0300)]
Documented order in which access rules are applied to kernel.
Jarkko Sakkinen [Wed, 2 Oct 2013 05:49:02 +0000 (08:49 +0300)]
Fixes for doxygen errors coming from 3810596.
Doxygen errors that are regression from 3810596. Went in because
I forgot to install doxygen into my test environment.
Jarkko Sakkinen [Wed, 2 Oct 2013 05:38:59 +0000 (08:38 +0300)]
libsmack: clean up smack_accesses_add_modify()
This patch makes smack_accesses_add_modify() easier to follow by
changing variable names bit more self-documentative and less easier
to mix up with adding and deleting rules. This patch also fixes some
very minor coding style errors.
Also documentation of this function is cleaned up.
Jarkko Sakkinen [Tue, 1 Oct 2013 23:56:06 +0000 (02:56 +0300)]
Cleaned up init code.
There was lot of clutter and misleading comments in the code
and some minor coding convention issues. This patch cleans up
init.c for the most part.
Jarkko Sakkinen [Wed, 2 Oct 2013 17:38:17 +0000 (20:38 +0300)]
Update version and maintainer information
Set version information to 1.1 for the next libsmack release.
Change maintainer email from @intel.com to @linux.intel.com.
Jarkko Sakkinen [Mon, 30 Sep 2013 13:18:32 +0000 (16:18 +0300)]
Major documentation cleanup.
smack.h was starting to rotten so I did a major cleanup for it.
Also fixed couple of minor doxygen issues by removing deprecated
variables.
Jarkko Sakkinen [Mon, 30 Sep 2013 11:56:34 +0000 (14:56 +0300)]
Removed redundant is_smackfs_mounted().
This functionality is fully handled in the library initialization.
Jarkko Sakkinen [Mon, 30 Sep 2013 11:31:33 +0000 (14:31 +0300)]
Revert "Avoid memory allocation while opening smackfs files."
This reverts commit
6c1d15b1fe420b848d7afdd0a7ef0c20dfdcc08e.
Jarkko Sakkinen [Tue, 18 Jun 2013 06:37:42 +0000 (09:37 +0300)]
Added AUTHORS file.
Jarkko Sakkinen [Mon, 17 Jun 2013 21:59:01 +0000 (00:59 +0300)]
Cleaned up command line arguments handling in chsmack.
Argument handling code looks terrible at the moment in chsmack.
Migrated to getopt_long().
jarkkos [Fri, 16 Aug 2013 10:21:16 +0000 (03:21 -0700)]
Merge pull request #13 from rafal-krypa/samsung
Samsung
Rafal Krypa [Mon, 22 Jul 2013 09:22:30 +0000 (11:22 +0200)]
Avoid memory allocation while opening smackfs files.
Using openat() on pre-opened smackfs directory eliminates need to construct
absolute path to a smackfs file before opening it.
Rafal Krypa [Fri, 16 Aug 2013 08:48:56 +0000 (10:48 +0200)]
Prevent potentially unterminated buffers while adding rule to the list
Functions smack_accesses_add() and smack_accesses_add_modify() don't check
length of arguments subject and object. These arguments are used as source
for strncpy(), which can cause labels to be truncated.
But the length argument for strncpy() is too large. This might cause
rule->subject or rule->object to be not terminated by null character.
It can happen when these functions are called from outside libsmack.
It can also happen while parsing files in smack_accesses_add_from_file(),
because that function doesn't validate subject and object too.
This commit fixes the problem by checking arguments in smack_accesses_add()
and smack_accesses_add_modify(). After checking strcpy() is safe for
copying them.
Jarkko Sakkinen [Sun, 16 Jun 2013 12:13:57 +0000 (15:13 +0300)]
Removed doc/smackd.8 from debian/smack-utils.manpages
Jarkko Sakkinen [Sun, 16 Jun 2013 12:10:56 +0000 (15:10 +0300)]
LIBSMACK -> LIBSMAC_1.0 in libsmack.sym
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@intel.com>
Jarkko Sakkinen [Sun, 16 Jun 2013 12:06:57 +0000 (15:06 +0300)]
Added smackctl back.
Added smackctl back because Debian needs it.
Jarkko Sakkinen [Thu, 13 Jun 2013 05:34:47 +0000 (08:34 +0300)]
Documentation fixes
* Added doc/smack_new_label_from_path.3.
* Fixed doxygen warnings from smack.h.
Jarkko Sakkinen [Thu, 13 Jun 2013 04:22:32 +0000 (07:22 +0300)]
Removed smackd and smackctl.
For shell usage smackload is enough so we don't want to be these as
part of the 1.0 release. systemd has built-in support for loading
SMACK rules.
jarkkos [Sat, 8 Jun 2013 08:02:50 +0000 (01:02 -0700)]
Merge pull request #12 from rafal-krypa/samsung
Use xattr.h from libc, not from libattr.
Jarkko Sakkinen [Mon, 3 Jun 2013 16:48:33 +0000 (19:48 +0300)]
smack_new_label_from_path fix: removed const specifier
Label parameter had const specifier by mistake.
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@intel.com>
Jarkko Sakkinen [Mon, 3 Jun 2013 08:52:05 +0000 (11:52 +0300)]
Added missing smack_new_label_from_path symbol to libsmack.sym
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@intel.com>
Jarkko Sakkinen [Mon, 3 Jun 2013 08:31:02 +0000 (11:31 +0300)]
Return length of the label on success in smack_new_label_from*
Return length of the label on success and negative value on
failure.
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@intel.com>
Jarkko Sakkinen [Mon, 3 Jun 2013 08:20:16 +0000 (11:20 +0300)]
fix: smack_new_from_path() follow parameter
Mistake in smack_new_from_path(). When follow is true getxattr()
should be called and lgetxattr() otherwise.
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@intel.com>
Rafal Krypa [Fri, 31 May 2013 05:49:42 +0000 (14:49 +0900)]
Use xattr.h from libc, not from libattr.
This fixes include in libsmack.c introduced in commit f409c17.
Jarkko Sakkinen [Mon, 27 May 2013 06:54:19 +0000 (09:54 +0300)]
Added follow parameter to smack_new_label_from_path()
Added follow parameter to smack_new_label_from_path() so that it
is useful for coreutils commands.
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@intel.com>
Jarkko Sakkinen [Tue, 21 May 2013 03:24:46 +0000 (20:24 -0700)]
Added function smack_label_from_path()
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@intel.com>
Jarkko Sakkinen [Tue, 21 May 2013 02:50:25 +0000 (19:50 -0700)]
Finalized cipso API.
Aligned cipso API with accesses API so that they have same style.
Added documenation comments for cipso API.
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@intel.com>
jarkkos [Tue, 14 May 2013 11:28:42 +0000 (04:28 -0700)]
Merge pull request #11 from rafal-krypa/samsung
Samsung
Rafal Krypa [Thu, 7 Feb 2013 14:52:45 +0000 (15:52 +0100)]
libsmack: add support for modification rules.
A new API function smack_accesses_add_modify() is provided for adding
modification rule to a set. Rule specifies permissions to grant and
permissions to revoke. If a rule for given subject and object already
existed, unmentioned permissions will be left unchanged.
Also smack_access_save() and smack_access_add_from_file() are modified
to support reading and writing such rules from/to a file.
Rafal Krypa [Thu, 3 Jan 2013 09:34:34 +0000 (10:34 +0100)]
libsmack: parse whole access type string, not only first 5 bytes.
Previous version of this function parsed only first ACC_LEN (5)
characters of access_type. Now the whole string will be read.
This will prevent silent ignoring of access type characters in cases
like "-rwxat" or "rrwxat".
Brian McGillion [Tue, 26 Mar 2013 09:41:07 +0000 (02:41 -0700)]
Merge pull request #10 from banada/master
disable services for systemd versions > 198
Nathaniel Chen [Fri, 8 Mar 2013 18:05:56 +0000 (10:05 -0800)]
disable services for new systemd versions
do not install smack.mount or smack.service if systemd is version
198 or higher. This functionality is now built into systemd.
PassionZhao [Wed, 20 Mar 2013 06:53:28 +0000 (23:53 -0700)]
Merge pull request #9 from PassionZhao/master
Fix the bug "smackcipso can't set CIPSO"
Passion,Zhao [Thu, 7 Mar 2013 14:13:07 +0000 (22:13 +0800)]
smackcipso can't set CIPSO correctly, see the bug report:
https://tizendev.org/bugs/browse/TDIS-3891
The reason is that upstream libsmack only use "smackfs/cipso2" long-label interface,
but the code's logical is still for orginal fixed length label.
Now update smack_cipso_apply() to support flexible label (<=256 including tailing '\0')
Signed-off-by: Passion,Zhao <passion.zhao@intel.com>
Brian McGillion [Tue, 19 Feb 2013 09:18:44 +0000 (01:18 -0800)]
Merge pull request #8 from rafal-krypa/samsung
libsmack: check label length in smack_revoke_subject().
Rafal Krypa [Thu, 3 Jan 2013 09:18:31 +0000 (10:18 +0100)]
libsmack: check label length in smack_revoke_subject().
Brian McGillion [Tue, 8 Jan 2013 08:20:09 +0000 (00:20 -0800)]
Merge pull request #7 from phmccarty/master
Run AM_PROG_AR to fix build with newer automake
Patrick McCarty [Mon, 7 Jan 2013 20:24:54 +0000 (12:24 -0800)]
Run AM_PROG_AR to fix build with newer automake
Rafal Krypa [Wed, 12 Dec 2012 18:32:01 +0000 (19:32 +0100)]
libsmack: add function for setting current process label.
Rafal Krypa [Thu, 29 Nov 2012 11:16:27 +0000 (12:16 +0100)]
libsmack: add API for revoking all rules for a subject label.
Rafal Krypa [Wed, 9 May 2012 10:07:32 +0000 (12:07 +0200)]
Fix three compilation warnings.
Rafal Krypa [Tue, 3 Jul 2012 12:57:43 +0000 (14:57 +0200)]
Fix paths to upstream repositories.
Rafal Krypa [Thu, 29 Nov 2012 11:59:06 +0000 (12:59 +0100)]
Move definition of max label length to a single place and export it in
libsmack header file.
Rafal Krypa [Thu, 14 Jun 2012 17:13:54 +0000 (19:13 +0200)]
Install missing manual page links for library functions.
Jarkko Sakkinen [Thu, 8 Nov 2012 07:39:05 +0000 (09:39 +0200)]
Removed dso.h
We don't need this because we're using version script. Fixed init.c
accordingly.
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@iki.fi>
Jarkko Sakkinen [Thu, 8 Nov 2012 07:33:19 +0000 (09:33 +0200)]
Declare smack_mnt as non-static in init.c.
Use it directly in libsmack.c. It will be declared as local symbol
in DSO because we declare visible symbols explicitly in libsmack.sym.
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@iki.fi>
Passion,Zhao [Mon, 5 Nov 2012 12:27:10 +0000 (20:27 +0800)]
Add support for smackfs directory: /sys/fs/smackfs/
Signed-off-by: Passion,Zhao <passion.zhao@intel.com>
Suggested-by: Jarkko Sakkinen <jarkko.sakkinen@intel.com>
jarkkos [Fri, 2 Nov 2012 11:16:28 +0000 (04:16 -0700)]
Merge pull request #2 from PassionZhao/master
Move cipso_free,cipso_new,cipso_apply from utils/common.c to libsmack/libsmack.c
Passion,Zhao [Fri, 2 Nov 2012 09:24:27 +0000 (17:24 +0800)]
Move cipso_free,cipso_new,cipso_apply from utils/common.c to libsmack/libsmack.c
In libsmack/libsmack.c, move smack_cipso-* right after smack-access-*
jarkkos [Mon, 29 Oct 2012 11:03:04 +0000 (04:03 -0700)]
Merge pull request #1 from sofar/fixes
smack.service: provide [Install] section in systemd unit file.
Auke Kok [Wed, 24 Oct 2012 20:30:46 +0000 (13:30 -0700)]
smack.mount: "WantedBy" is illegal in [Unit] context.
There is no need to define a dependency or preferred mounting
point as smack.service already requires smack.mount to be
started, and smack.service forces itself to be part of
basic.target.
WantedBy additionally is illegal in [Unit] and so does
nothing but create a warning.
Since mounting smackfs without enabling smack.service doesn't
really do much, we opt out of putting Also=smack.mount in
smack.service.
Auke Kok [Wed, 24 Oct 2012 18:30:51 +0000 (11:30 -0700)]
smack.service: provide [Install] section in systemd unit file.
With this addition, one can `systemctl --enable smack.service`
to enable smack.service and smack.mount at boot time.
Jarkko Sakkinen [Tue, 25 Sep 2012 20:05:38 +0000 (23:05 +0300)]
libsmack: fallback to short labels
Use /smack/load and /smack/access as a fallback if kernel does not
have long label support.
Brian McGillion [Thu, 6 Sep 2012 12:27:12 +0000 (15:27 +0300)]
Update to latest Doxygen standard
Brian McGillion [Wed, 9 May 2012 07:42:38 +0000 (10:42 +0300)]
Must umount /smack before trying to remove it
Joachim Wiedorn [Wed, 9 May 2012 07:19:29 +0000 (10:19 +0300)]
Optimize init script smack.rc
Joachim Wiedorn [Wed, 9 May 2012 06:05:29 +0000 (09:05 +0300)]
Add postinst + postrm scripts for Debian to create /smack directory
Joachim Wiedorn [Wed, 9 May 2012 06:02:43 +0000 (09:02 +0300)]
Update copyright file for Debian
Joachim Wiedorn [Wed, 9 May 2012 05:58:45 +0000 (08:58 +0300)]
Add libsmack1.symbols file for Debian
Joachim Wiedorn [Wed, 9 May 2012 05:57:30 +0000 (08:57 +0300)]
Full update of Debian control file
Joachim Wiedorn [Wed, 9 May 2012 05:54:38 +0000 (08:54 +0300)]
Rename Debian package name libsmack to libsmack1
Joachim Wiedorn [Wed, 9 May 2012 05:52:13 +0000 (08:52 +0300)]
Create manpage links to existing manpages
Brian McGillion [Mon, 7 May 2012 12:03:01 +0000 (15:03 +0300)]
Fix warnings
Brian McGillion [Mon, 7 May 2012 08:49:55 +0000 (11:49 +0300)]
Utils: add debian init script and required directories
Joachim Wiedorn [Sun, 6 May 2012 08:36:01 +0000 (11:36 +0300)]
Fix some typos in manpages
Signed-off-by: Joachim Wiedorn <ad_debian@joonet.de>
Brian McGillion [Fri, 4 May 2012 13:21:06 +0000 (16:21 +0300)]
Add man pages
Brian McGillion [Wed, 2 May 2012 15:39:43 +0000 (18:39 +0300)]
Utils: Add long label support
Brian McGillion [Wed, 2 May 2012 06:46:03 +0000 (09:46 +0300)]
libsmack: Add long label support
Brian McGillion [Wed, 2 May 2012 06:39:19 +0000 (09:39 +0300)]
libsmack: Ignore blank lines in the rules files
Brian McGillion [Wed, 2 May 2012 06:34:55 +0000 (09:34 +0300)]
Init: Dynamically check systemd installation path
Brian McGillion [Wed, 25 Apr 2012 09:06:57 +0000 (12:06 +0300)]
Add initial debian package support
Brian McGillion [Wed, 25 Apr 2012 07:55:31 +0000 (10:55 +0300)]
Remove unnecessary description from perror as there only exists one call to each method
Jarkko Sakkinen [Wed, 22 Feb 2012 10:06:39 +0000 (12:06 +0200)]
utils: improve smackcipso so that it loads also from stdin.
Original smackutil smackcipso allowed to read cipso from
stdin. This adds the same feature here.
Conflicts:
utils/smackcipso.c
Brian McGillion [Mon, 6 Feb 2012 15:40:31 +0000 (17:40 +0200)]
Add init scripts
jarkkos [Thu, 15 Dec 2011 18:35:09 +0000 (10:35 -0800)]
Merge pull request #10 from brianmcgillion/master
Include guard fix
Brian McGillion [Thu, 15 Dec 2011 09:45:51 +0000 (11:45 +0200)]
Improve the include guard to avoid conflicts with applications