From patchwork Fri Aug 19 14:46:58 2016
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: James Carter <jwcart2@tycho.nsa.gov>
X-Patchwork-Id: 9290413
Return-Path: <selinux-bounces@tycho.nsa.gov>
Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org
	[172.30.200.125])
	by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id
	48C206077B for <patchwork-selinux@patchwork.kernel.org>;
	Fri, 19 Aug 2016 14:46:45 +0000 (UTC)
Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 3907E29328
	for <patchwork-selinux@patchwork.kernel.org>;
	Fri, 19 Aug 2016 14:46:45 +0000 (UTC)
Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486)
	id 29E3529467; Fri, 19 Aug 2016 14:46:45 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	pdx-wl-mail.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.2 required=2.0 tests=BAYES_00, RCVD_IN_DNSWL_MED
	autolearn=ham version=3.3.1
Received: from emsm-gh1-uea11.nsa.gov (smtp.nsa.gov [8.44.101.9])
	(using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 72C3F29328
	for <patchwork-selinux@patchwork.kernel.org>;
	Fri, 19 Aug 2016 14:46:44 +0000 (UTC)
X-IronPort-AV: E=Sophos;i="5.28,544,1464652800"; d="scan'208";a="18606774"
IronPort-PHdr: =?us-ascii?q?9a23=3A5c6adBOuG/YuRtOxx80l6mtUPXoX/o7sNwtQ0KIM?=
	=?us-ascii?q?zox0KPv/rarrMEGX3/hxlliBBdydsKMdzbCI+P+/ESxYuNDa4ShEKMQNHzY+yu?=
	=?us-ascii?q?wu1zQ6B8CEDUCpZNXLVAcdWPp4aVl+4nugOlJUEsutL3fbo3m18CJAUk6nbVk9?=
	=?us-ascii?q?GO35F8bogtit0KjqotuIMlwO3mT2Puw6bE3v616A7o9O2coqA51y4yOBmmFPde?=
	=?us-ascii?q?VSyDEgDnOotDG42P2N+oV++T9bofMr+p0Ie6z7e6MlUe4QV2x+YCgI/smjiT3v?=
	=?us-ascii?q?BUvKvCNdAS0qlU9TDgzE6gzqdovguSv98Oxm0W+VOtOlY6ozXGGA5qJmU1fDgT?=
	=?us-ascii?q?0bOiRxpGPIgcVqkPhzvAOqpxs5xZXdJo6SKqwtLevmYdoGSD8ZDY5qXCtbD9b5?=
	=?us-ascii?q?NdMC?=
X-IPAS-Result: =?us-ascii?q?A2HPBgBGG7dX/wHyM5BeHAEBgyaBQw+5YyCHa0wBAQEBAQE?=
	=?us-ascii?q?BAgECWyeCMgQDEYIcAiQTFCAOAwkCFykICAMBLRUfCwUYBIgQvAuPChEBhXcFj?=
	=?us-ascii?q?h6LJwKPHgKJa4VdApA1VIFNRRyBaFSFd4E2AQEB?=
Received: from unknown (HELO tarius.tycho.ncsc.mil) ([144.51.242.1])
	by emsm-gh1-uea11.nsa.gov with ESMTP; 19 Aug 2016 14:46:42 +0000
Received: from prometheus.infosec.tycho.ncsc.mil (prometheus [192.168.25.40])
	by tarius.tycho.ncsc.mil (8.14.4/8.14.4) with ESMTP id u7JEkY3a025598;
	Fri, 19 Aug 2016 10:46:35 -0400
Received: from tarius.tycho.ncsc.mil (tarius.infosec.tycho.ncsc.mil
	[144.51.242.1])
	by prometheus.infosec.tycho.ncsc.mil (8.15.2/8.15.2) with ESMTP id
	u7JEkXm3024936 for <selinux@prometheus.infosec.tycho.ncsc.mil>;
	Fri, 19 Aug 2016 10:46:33 -0400
Received: from moss-lions.infosec.tycho.ncsc.mil (moss-lions [192.168.25.4])
	by tarius.tycho.ncsc.mil (8.14.4/8.14.4) with ESMTP id
	u7JEkXi1025596
	for <selinux@tycho.nsa.gov>; Fri, 19 Aug 2016 10:46:33 -0400
From: James Carter <jwcart2@tycho.nsa.gov>
To: selinux@tycho.nsa.gov
Subject: [PATCH] libsepol: Change which attributes CIL keeps in the binary
	policy
Date: Fri, 19 Aug 2016 10:46:58 -0400
Message-Id: <1471618018-28718-1-git-send-email-jwcart2@tycho.nsa.gov>
X-Mailer: git-send-email 2.7.4
X-BeenThere: selinux@tycho.nsa.gov
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: "Security-Enhanced Linux \(SELinux\) mailing list"
	<selinux.tycho.nsa.gov>
List-Post: <mailto:selinux@tycho.nsa.gov>
List-Help: <mailto:selinux-request@tycho.nsa.gov?subject=help>
MIME-Version: 1.0
Errors-To: selinux-bounces@tycho.nsa.gov
Sender: "Selinux" <selinux-bounces@tycho.nsa.gov>
X-Virus-Scanned: ClamAV using ClamSMTP

The removal of attributes that are only used in neverallow rules is
hindering AOSP adoption of the CIL compiler. This is because AOSP
extracts neverallow rules from its policy.conf for use in the Android
compatibility test suite. These neverallow rules are applied against
the binary policy being tested to check for a violation. Any neverallow
rules with an attribute that has been removed cannot be checked.

Now attributes are kept unless they are not used in any allow rule and
they are auto-generated or named "cil_gen_require" or do not have any
types associated with them.

Signed-off-by: James Carter <jwcart2@tycho.nsa.gov>
---
 libsepol/cil/src/cil_post.c  | 27 +++++++++++++++++++++++++++
 libsepol/src/module_to_cil.c |  8 +++++---
 2 files changed, 32 insertions(+), 3 deletions(-)

diff --git a/libsepol/cil/src/cil_post.c b/libsepol/cil/src/cil_post.c
index a694b33..f8447c9 100644
--- a/libsepol/cil/src/cil_post.c
+++ b/libsepol/cil/src/cil_post.c
@@ -47,6 +47,9 @@
 #include "cil_verify.h"
 #include "cil_symtab.h"
 
+#define GEN_REQUIRE_ATTR "cil_gen_require" /* Also in libsepol/src/module_to_cil.c */
+#define TYPEATTR_INFIX "_typeattr_"        /* Also in libsepol/src/module_to_cil.c */
+
 static int __cil_expr_to_bitmap(struct cil_list *expr, ebitmap_t *out, int max, struct cil_db *db);
 static int __cil_expr_list_to_bitmap(struct cil_list *expr_list, ebitmap_t *out, int max, struct cil_db *db);
 
@@ -1186,6 +1189,27 @@ exit:
 	return SEPOL_ERR;
 }
 
+static int cil_typeattribute_used(struct cil_typeattribute *cil_attr)
+{
+	if (cil_attr->used) {
+		return CIL_TRUE;
+	}
+
+	if (strcmp(DATUM(cil_attr)->name, GEN_REQUIRE_ATTR) == 0) {
+		return CIL_FALSE;
+	}
+
+	if (strstr(DATUM(cil_attr)->name,TYPEATTR_INFIX) != NULL) {
+		return CIL_FALSE;
+	}
+
+	if (ebitmap_cardinality(cil_attr->types) == 0) {
+		return CIL_FALSE;
+	}
+
+	return CIL_TRUE;
+}
+
 static int __cil_post_db_attr_helper(struct cil_tree_node *node, uint32_t *finished, void *extra_args)
 {
 	int rc = SEPOL_ERR;
@@ -1208,6 +1232,9 @@ static int __cil_post_db_attr_helper(struct cil_tree_node *node, uint32_t *finis
 		if (attr->types == NULL) {
 			rc = __evaluate_type_expression(attr, db);
 			if (rc != SEPOL_OK) goto exit;
+			if (cil_typeattribute_used(attr)) {
+				attr->used = CIL_TRUE;
+			}
 		}
 		break;
 	}
diff --git a/libsepol/src/module_to_cil.c b/libsepol/src/module_to_cil.c
index fc65019..508a861 100644
--- a/libsepol/src/module_to_cil.c
+++ b/libsepol/src/module_to_cil.c
@@ -60,7 +60,9 @@ FILE *out_file;
 #define STACK_SIZE 16
 #define DEFAULT_LEVEL "systemlow"
 #define DEFAULT_OBJECT "object_r"
-#define GEN_REQUIRE_ATTR "cil_gen_require"
+#define GEN_REQUIRE_ATTR "cil_gen_require" /* Also in libsepol/cil/src/cil_post.c */
+#define TYPEATTR_INFIX "_typeattr_"        /* Also in libsepol/cil/src/cil_post.c */
+#define ROLEATTR_INFIX "_roleattr_"
 
 __attribute__ ((format(printf, 1, 2)))
 static void log_err(const char *fmt, ...)
@@ -628,9 +630,9 @@ static int set_to_cil_attr(struct policydb *pdb, int is_type, char ***names, uin
 	num_attrs++;
 
 	if (is_type) {
-		attr_infix = "_typeattr_";
+		attr_infix = TYPEATTR_INFIX;
 	} else {
-		attr_infix = "_roleattr_";
+		attr_infix = ROLEATTR_INFIX;
 	}
 
 	len = strlen(pdb->name) + strlen(attr_infix) + num_digits(num_attrs) + 1;