From patchwork Tue Sep 13 18:57:58 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Stephen Smalley X-Patchwork-Id: 9329825 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 824866077F for ; Tue, 13 Sep 2016 18:56:55 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 7781B295BB for ; Tue, 13 Sep 2016 18:56:55 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 6AE67295BE; Tue, 13 Sep 2016 18:56:55 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-1.9 required=2.0 tests=BAYES_00 autolearn=ham version=3.3.1 Received: from emsm-gh1-uea10.nsa.gov (emsm-gh1-uea10.nsa.gov [8.44.101.8]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id B3862295BB for ; Tue, 13 Sep 2016 18:56:54 +0000 (UTC) X-IronPort-AV: E=Sophos;i="5.30,330,1470700800"; d="scan'208";a="17540929" IronPort-PHdr: =?us-ascii?q?9a23=3An293ERDNQn0ILbyNWPcJUyQJP3N1i/DPJgcQr6Af?= =?us-ascii?q?oPdwSP78osbcNUDSrc9gkEXOFd2CrakV0qyJ6+u5AjVIoc7Y9itTKNoUD15NoP?= =?us-ascii?q?5VtjRoONSCB0z/IayiRA0BN+MGamVY+WqmO1NeAsf0ag6aiHSz6TkPBke3blIt?= =?us-ascii?q?dazLE4Lfx/66y/q1s8WKJV4Z3XziOfgrd0z+7V2I8JJH2c06cud54yCKi0MAQ/?= =?us-ascii?q?5Ry2JsKADbtDfHzeD0wqRe9T9Nsekq7c9KXPayVa05SbtFEGZuaDhtt4XWrx2L?= =?us-ascii?q?cS+jrjtZCD1XwVJ0BF3e4RX7WIrhmjfrvep6ni+BNIv5Sq5ndy6l6vJQVBLwiC?= =?us-ascii?q?oBfwU8+WXTh9042LlXuzq9thd/xMjSe4jTO/1gKPCONegGTHZMC54CHxdKBZmx?= =?us-ascii?q?Os5VV+c=3D?= X-IPAS-Result: =?us-ascii?q?A2FhBABiS9hX/wHyM5BdGgEBAQECAQEBAQgBAQEBFgEBAQM?= =?us-ascii?q?BAQEJAQEBgw8BAQEBAR6BRA+6SSWHWkwBAQEBAQEBAQIBAlsngjIEAxMFghgCN?= =?us-ascii?q?xQgCwMDCQIXKQgIAwEtFR8LBRgEiCm9GyWPDwIRAWiEcx0FiCgChzyJf49QAol?= =?us-ascii?q?2hWgCkFNUgnMbgWpUhTMPF2GBJwEBAQ?= Received: from unknown (HELO tarius.tycho.ncsc.mil) ([144.51.242.1]) by emsm-gh1-uea10.nsa.gov with ESMTP; 13 Sep 2016 18:56:50 +0000 Received: from prometheus.infosec.tycho.ncsc.mil (prometheus [192.168.25.40]) by tarius.tycho.ncsc.mil (8.14.4/8.14.4) with ESMTP id u8DIteLJ021739; Tue, 13 Sep 2016 14:55:50 -0400 Received: from tarius.tycho.ncsc.mil (tarius.infosec.tycho.ncsc.mil [144.51.242.1]) by prometheus.infosec.tycho.ncsc.mil (8.15.2/8.15.2) with ESMTP id u8DItcES182158 for ; Tue, 13 Sep 2016 14:55:38 -0400 Received: from moss-pluto.infosec.tycho.ncsc.mil (moss-pluto [192.168.25.131]) by tarius.tycho.ncsc.mil (8.14.4/8.14.4) with ESMTP id u8DItbHv021733; Tue, 13 Sep 2016 14:55:37 -0400 From: Stephen Smalley To: selinux@tycho.nsa.gov Subject: [PATCH] selinux-testsuite: fix file/test failure Date: Tue, 13 Sep 2016 14:57:58 -0400 Message-Id: <1473793078-14237-1-git-send-email-sds@tycho.nsa.gov> X-Mailer: git-send-email 2.7.4 X-BeenThere: selinux@tycho.nsa.gov X-Mailman-Version: 2.1.20 Precedence: list List-Id: "Security-Enhanced Linux \(SELinux\) mailing list" List-Post: List-Help: Cc: Stephen Smalley MIME-Version: 1.0 Errors-To: selinux-bounces@tycho.nsa.gov Sender: "Selinux" X-Virus-Scanned: ClamAV using ClamSMTP On 4.8-rc5, Paul Moore reported the following test failure: file/test ............... 8/16 # Test 8 got: "256" (file/test at line 85) file/test ............... Failed 1/16 subtests ... this happens to be the SIGIO/good test. Running the test by hand yields the following AVC: type=AVC msg=audit(1473785577.548:448): avc: denied { execute } for pid=2336 comm="wait_io" path="/root/sources/selinux-testsuite/tests/file/wait_io" dev="sda3" ino=399656 scontext=unconfined_u:unconfined_r:fileop_t:s0-s0:c0.c1023 tcontext=system_u:object_r:fileop_exec_t:s0 tclass=file permissive=0 commit 9f834ec18defc369d73ccf9e87a2790bfa05bf46 ("binfmt_elf: switch to new creds when switching to new mm") moved the switching of credentials before mapping the executable, and therefore triggers a file execute check between the new domain and the executable type on domain transitions. Switch the test policy to use domain_entry_file() rather than a handcoded allow rule, thereby allowing both permissions. Reported-by: Paul Moore Signed-off-by: Stephen Smalley --- policy/test_file.te | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/policy/test_file.te b/policy/test_file.te index eb93a49..24c8b16 100644 --- a/policy/test_file.te +++ b/policy/test_file.te @@ -66,7 +66,7 @@ userdom_sysadm_entry_spec_domtrans_to(fileopdomain) corecmd_bin_entry_type(fileopdomain) sysadm_bin_spec_domtrans_to(fileopdomain) -allow fileop_t fileop_exec_t:file entrypoint; +domain_entry_file(fileop_t, fileop_exec_t) domain_auto_trans(test_fileop_t, fileop_exec_t, fileop_t) allow test_fileop_t fileop_t:fd use; allow fileop_t test_fileop_t:fd use;