From patchwork Thu Oct 11 12:35:42 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: James Carter X-Patchwork-Id: 10636605 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 953BE5CAF for ; Thu, 11 Oct 2018 12:37:25 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 8B2BF2B44F for ; Thu, 11 Oct 2018 12:37:25 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 7F4DB2B45B; Thu, 11 Oct 2018 12:37:25 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-5.2 required=2.0 tests=BAYES_00,MAILING_LIST_MULTI, RCVD_IN_DNSWL_MED autolearn=ham version=3.3.1 Received: from USFB19PA12.eemsg.mail.mil (uphb19pa09.eemsg.mail.mil [214.24.26.83]) (using TLSv1.2 with cipher DHE-RSA-AES256-SHA256 (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id C38312B44F for ; Thu, 11 Oct 2018 12:37:24 +0000 (UTC) X-EEMSG-check-008: 222198925|USFB19PA12_EEMSG_MP8.csd.disa.mil Received: from emsm-gh1-uea10.ncsc.mil ([214.29.60.2]) by USFB19PA12.eemsg.mail.mil with ESMTP; 11 Oct 2018 12:37:23 +0000 X-IronPort-AV: E=Sophos;i="5.54,368,1534809600"; d="scan'208";a="16722917" IronPort-PHdr: 9a23:3EV3yB0+7RPjsQz7smDT+DRfVm0co7zxezQtwd8Zse8WKfzxwZ3uMQTl6Ol3ixeRBMOHs60C07KempujcFRI2YyGvnEGfc4EfD4+ouJSoTYdBtWYA1bwNv/gYn9yNs1DUFh44yPzahANS47xaFLIv3K98yMZFAnhOgppPOT1HZPZg9iq2+yo9JDffwdFiCChbb9uMR67sRjfus4KjIV4N60/0AHJonxGe+RXwWNnO1eelAvi68mz4ZBu7T1et+ou+MBcX6r6eb84TaFDAzQ9L281/szrugLdQgaJ+3ART38ZkhtMAwjC8RH6QpL8uTb0u+ZhxCWXO9D9Qr4uWTSm8qxlVhnmhikaPDI96W3blNB8gKddrRm8pRJw3pTUbZmVOvRgcK3TftQUSmhPXshMTyxMAJ6wYoUAAOUdMuhXsZL9qkASrRa8HwSgGPnixiNWinLwwKY00/4hEQbD3AE4G9wBqnHUo8vuNKwPT+261rPIzSndYPNMxDzw74rIcx49rv6WR7JwbdTdxFIzFwLFklqQqYvlMymT1uQWqWeX9eVgVeWxi2M+rQx6vzuhxt80h4XUiY8YxUrI+CVkzIovO9G1R1B3bcS5HJZWqiqULZF5Qtk4TGFtoCs6z7oGtoOlcyUS05QnwgLfa+SAc4iV/hLvTOaRLil8hHJiYL+/mwy98VKhyu3hTcm4ykpKrypZndnMsXABzRrT5dScSvRh5Euh3DeP1wTL5uFFJ0A7i7bbJoY8zrM/mZcfq0TOEjLslEnog6KaaF8o9vWw5+TieLrmp5ucN4FuigH5N6Qjgte/Dvo8MggPWWib5Ou92KT48k3+XbVKiOE5nbfCsJ3BOcQaprK2Aw9S0oo57Ra/FC2p3M4XnXkAMlJJYAiHgJTxO1HSPPD4Cu+yg1arkDdt3f/GIr3hDY/LLnXYkrfherB960tGxwoo0dBQ+YhUCqobLPL0QE/xu8TSDgUlPAys3+bnFNJ925scWWKNGKCWLKDSsUSP5uIpIumMepQYuDj5K/g46P/hlmI5mVkBfam0x5cXb2q4Hvt+KUWDfXXsmssBEXsNvgcmVOzllkaNXiBVZ3azQ6I84So2CIO4AojdWI+hmruB3D20HpdOfGBJFkiMEWv0d4WDQ/oDdSWSIslnkjMZS7ehT44h2Aq0uwDk0bpnKfDY+ioCtZLszNJ1/fHclQku9TxoCMSQy3+CT3lukWMSRj82x7tyoVRnxVeZ0Kh4mORYFdhJ6PxVTAg2L5ncz/Z1C9rqQALOYs+JSEq6QtWhGTwwQNMxw9sLY0ljAdWvlR7D0DS3DL8SjbyEHoQ08rjb33jzOcly12rG2LMmj1k8TctFLXemibJn9wjPG47JlF2Ul6iwdasG2i7C6GaDzXGVsUFdSA5wULzJXWsRZ0vNt9j54VnCT7C2A7Q9LgRB0dKCKrdNatDxjlVJXvTjONPDY2+qmGe/HxWIxrSRbIbwfGUdxirdAlAekw8P5XaGKRQ+BiC5rm3EETNuD1PvbF328eRlsny0Uko0wxuNb0172Lq/4gQViuCES/MPwrIEvz8spCluE1a5wd3WEMaApgpmfKhHetMy/FZH2nzftwxhP5yvNbpuhlgAfARrp0nuzQl4Cp1ckcg2q3Mn1BByJr+F315aeDOY2J/xNqfRKmbs4BClc7TW1U3G0NaK5qcP7+w1q07tvAGzEUoi6Gln3sJO03ua4ZXLAg8SXoj3Ukot8Rh1ua3aaDEn54zIzX1sLbW0sjja1tMnHuQlzgqgcMlFMKOfDwLyDdMVB9K1J+w3nlildBUEPPpd9KQsJcOpa+OG2LK3POZnhD+mi2VH4IR50k2S7CpxUfTH0Igfw/GfxAeHUC38jFi5uMDthY9EfS0SHna4ySX8GYFRerd9fZwQBGiyJM23w8lxiIT2W35E7lKjAU0J2NOxcxqIc1P9xRFQ1VgQoXG/hyu4ziB7ky0urqqFxiDB3+TidB0BOm5EX2RiiVbsIY6ugNAAW0ikdQ8plAGq5Uzi3ahUuLx/L3XPQUdPZyX2K2BiUrCstrabeM5A9pcosSRRUOShblGXUaX9owMb0yPlHmtR2Cs7eyusuprngxxwkHidI2prrHrFZcFwwg/S5MbbRf5V2joJWjN4hiXQBlmyJNSp5siUmIvYsuykUGKhTJJTezHxzYycrCu7+XFqARqnkvCwhNLnFxM63DT419Z0UyXItxD8bZf316igNuJnZEZoDkfm68VmAoF+jpcwhJYI1HgCnJqV4H4HnnnrMdpB36L+cGQCRSQQzt7I+wjqxldjLmmTy4LiUXWd39FhaMWkbWMY3SI99c9KB7mO4LxCgyR1vkKyrRjNbvhlgjcd1fwu5WYEg+EPpQUg1TudArYPEklYJyDskQqH78ympqVNeGmvaaSw1FZ5nd25FLGNuBxcWHLid5g+HC9w8sV+PEvC0HLp7IHoYt7QbcgctheMiRfPk/BVKI4tlvoNnSdnOmL8vXk7xOMgiBxu2p+6vIaZJGVx4KK5AhlYNjjraM8J/DHik7pelN6M34+zBpVhBikLXJzwQPKmCj0Ss+jnNwGLEDAnpHeUB6fQHQiF6Eh8t3LPCZerN3OJK3YF0dVuXh6dJFZQgAoMRjU1goY5Fhy2xMzmaEp54yoe5lr8qhRS1uJoKwPwXX3EqQeudDg0VIOfIwZM4QFa+UjZK8qe4fxvHytA5J2usBSNKnCHZwRPFWwJVFaECE7+Mbm1/9bA9fSYBu2lL/bVe7qBteleW+2PxZK13Yts5yyMOdmXPnl+E/073VJOUmtiFMjenzUPSjcXlz7Wb8KBvxez5DF4otqk8Pv1XALv5I2PC6ZdMNh05x+3gb2DN/OLhCpjJzdXzI8MxWTPyLgZxlISjDtudza1G7QaqSHNVL7QmrNQDxMDcCxzNcRI76U63gRWJMHUlMj61r9igf4zEVtFUkbhms6xb8wQP269LE/HBFqMNLmeJz3Lw8H2Ybu7Sb1UjeVUqwO/tC2eE0/iIjSDjSfmWwqoMeFWgyGRJAZet52lchZxFWjjS8rrahulP9BtiT072r40hnTRNW4AKzd8dVhNrr6R7S9ChPVwBXBB5GJ/LeaYgyaZ8/XYKpEOvPtxHCt0jPxV724gy7RJ7CFJX+d6mCrIrtFzpFGmnPGPyiB5XxtOsDpLgpyEvVl6M6XD6pZAQWrE/A4K7WiIFhsFvcVlCtzytKBL0dXAjrjzKC1F89Pa5ssTGdTbKN+dMHogLRroGCTYDA0bQj63LWvfnVBSkOmO9n2JqZg3spzsmJ0USrBFUlw0F/QaB19qHNwEPZd7RDQkkaSUjMQQ/3qxsAHRRNlGvpDATv+SGuvgKDKYjblCehsJzqj1IpgUNo3+x0NtcEJ6nJjQF0rWQ99NvjVrbhUor0VV7Hh+Umoz1lr4ZQyx5X8TEvi0ngIrhgZlf+Qi6i3s41Y2J1rNois8ik8xlsv5gTqJaj7+ML+wXZ1KCyrzr0UxLpL7QwNybQ2unUxlNCzJSK9Qj7pgb29kkxXQuZ1RFv5AVadEegMfxemLZ/U01lRRsj+oxUtG5eTZF5RtjA4qcJ6qr3JH3QJsdsU4KrfRJKVTyFhcn6yOvjKy2uA33gAeO14H8HmOdy4QpEwIKr4mKjKz8eNy7wyPgCFMd3USV/U0uPJq7VkyO/6Azi761L5DME+xPfSFL6yFo2jAidKIQlQo20MSkUlF/KR50cckc0qQTEAh1KKfGQkTO8feLg9YdNZd9H/WfSmSq+rN2o51M5+7Fu/2Ue+ErLwUjV68HAY1A4QM6dwMEYWu0E7CMcjqN6IKyRIp5ATvJVWKEu5JeA6Vnzgbo8Gz1ph33ZNSJjsFG2VyLT235qrLpg8tmPeDRs05Ym0dXoQfLX82RNe6lDRHv3teCDm30+QZyAeG7z/9qSTQDCX8b9R5a/eOYBNgEte29isj86Kuk17Y7o3eJ33mNdRlotLO5/kWqIqHC/NVSLl9sl3Tm4pDSnyrTWHAD8C6K4L3a4k2Ytz+Emy6XUCnizIpU8fxO86gLq2SjgHyRoZbrpWb3DElNc+yDTwfFQ1/p+cf66J4Yg0Dfoc0YQXyuwQ4KaO/PB+S0s+yTGa1NTtWU/5fwP2iZ7xQyyojdPW6yXUnTpE+wem66ksNRJYNjhHF2/mse5NeUS/oGnxGegXPoyU5m3JmNuYozec12AnIvkUEMzCXaOxpb3RJsMsmBVOPJ3V6EGk4SkSdjYrC4w6sw6sd8zFbn9lKze1PqGL+sYPHYDKwRKyrro3YszYnbdgjuKBxLZDvIs6du5/EmDzQUoXQuBWfUCGmD/pahsRQICVATflKnmEqJ9cLtpdf5koqSMg+PaBPB7cxqbywbzprEzISxzcDV4ycxDwCnvu827zCmxeMbZstLR0Ev49GgtYGTyF2ZSYeq7O5WIXNi2+IUG4LLxkP7Q5U/gIPipdwfvz54IrPVJJM0yVWo+5uXSTWCpll7ED7SmaLgVjiVPqujeqp3R5IzP321tkXQhl/CVJSx+xOjEsnNKl3K7UMvo7NqjKHbk36s37xxOakOVVcx9bZeEH/DIrAqWXzSDYc+WEOSY9J1n7fCYwYkxBlZ6YzuFVMPIemd17i5zw+2YtmAaS3WNu2x1YhsXYGXT2lE8RAC+FhtFLYRiFlb4qsqJX/NJVYWnVQ94GFq1dFjEVtNDa0yZhGJMFX5T4MRzxPri+DvNapTc1DxMt2D4MNIthjunfyAqVEOIOLr30xoLzvxWfT+yogv1ei2DWzB6i4Qvpb/2IEHAUpKX6eqk4yAOQy6WrS7krCslZv/+dcHLSPi1t+oCplFJBUGjlJzWylL0h0THRevOVaNaXVc8hYQ/YsYB+iIAExGuA90EyI5050m231YytotgtV4yrdRRU7VTEJgrfxnj0TssOnOT4fS59TaDUucSfEJByBmSBWuhZfZFtmW5YHDdZZ47sbx5db/tLeSUawLiEIRBpiNgYj3Ppek05DtV+UeSHbDQqmb/bAqAZ3fduLrM60MPv54BpHipn5v+wi8KUDXXKmkxW3Qd/Ct4/8qsGKtkyWeaf9NO28Z2PBTDfSgh2rgLckDoPF/y7NPwpHJZh6zmAkYZv6CWLROxRJOb4bLVJBVa9mcdVGvvxaZ8h8daYN4q9tAxKKSwjhGIOxsfZGKUzTSi7GLyWb9ey/o5zc4qDBSeT6YcyM3XnHSbptPphm8Tn7B6vq0YhG90r32/Zi7Fl1RkTdPiCastvhOh0E69W4ekvlpJ0pEivcAI1sn3r12kFAa80XTjWx/5QZ05NY5mz/SeB50kjvqO1d7aRk6Y0s7r91zse7OLndJu5HsU99BRiUHB9l+o8qAGhlSGBbevURJ+vJfaQFkcDurPj6F7QN5x2J5+NZadXGJ0bbmsm8Ez2cUgJLnAMAqT4cMwud2OWIm7duRsa5uef52kws41+kLh4F1rxt5pmL+rCOpODJaxvd178EWrLlRsnrtLQjp1uS5eE4lL4JYmF1ZQynH/QaVs4Z3Gjg1romzSMrE8PEBLLg4+VOV3c2kzPvgZx9GE8WGvwMF7qR4Ytehns4m/DeNtAOfaBNhn2PFQW9HrEfxnCl7SqXIG94ghDByBzwTmaz40XwrSBmWyfMyM3jkkVNXLmtGUhSRzapOVN/sD6XPgros9r3uaIv4E4qMmzksM+Nm3agObNWGc3/P9+cISgvqVIJjZ0xWMag2YQGFtq8OtsR9m9xbufG4WOxjyBBu7tHh5bZ4syN+/XXA2Ovj6uBprWJ2TBX13k4vVYk6ty6MfHO/dKKSeyy12kNVyd/pxfBXxmtp7zZsV8UN0KL0EPQlY0EJN5Z22c31l386OglXt0z6B1UFpzcaPMauTDzJDz0zE6QY9IzUSmf3SVYHlbxEVRjA6g832TwvMPVmnvK/V0nWJVwfVT9hRNrF4U4NV4t6F8PzyoGEAgNahObDLazCETnN4QEVk8DaRKZ07i8YKs321N8wq+37u/JceN8H7YNNupajgOWh1dUBJQWsbEFTbJnf19d87LXphT8C4f5Qvfqj30wNee6QspC68AWq2Mi4hqjRxqn8ZpD4agUiJSJdq5cf5fBp8F970Zi5T4KaCNNmhx/gA2jXeAbvuDj7cDRsIC05ea2SKYtW+IX+gA6BmRmlZvwgUwsrs/M2udZS43VlZ7//x5XL36Nooba3AF2KfASJIKzYLZg63IHKjAZJ3IKI9WbcOE84yt3PzXI+1xCA98DZc8CPMXThw9YkEvpV69P9sDDAF+XF59zd9w072rw0D019Zo8UuD96D65PJzf61BNP+hfjCV3j9/CpfIawfzVCCQN5nmZcRd1yDuYy5aRE/bw4fmMyNbMWlMDBCE5T4ddJDuE+QygXee1ipTpUgWK5c/3gZI+cl+QR3OrkKQCqKZMHvZKij/n0ThGCoD1m/WVvsKu6GRNtV1HF5184AbYGKVZIpV7ORP4ltSkRkh8GivzYsfUeQQyuOCO3OcD//1+N1fiZY8cOh8Eybf66X1PTgt0Sb72pU2UXeQLa9tjVvzEr2pZ6YV6K68AJFKdvoDlri9UqFAqBw8kcKQwrjJfdkbSnQBYWL35uKAehQsGUN54uEhMGWSqNGI4+TXHSfcdsK7EE/ER8zOOXoQQXEhydCBzWRW43NNpYbT6s+pAtzZklyZwu7AB2iZ6SQH07S/zrKsXxWgI5KCztDJHv2dMCOqZjXGbWh140P0WgPJEWD7Z4lumbSxGNtP/ X-IPAS-Result: A2AuAABbQ79b/wHyM5BiGgEBAQEBAgEBAQEHAgEBAQGBVAIBAQEBCwGBWSqBZSiMaotXTAEBAQEBAQaKNYkXhH2BWjETAYkXITcKDQEDAQEBAQEBAgFsKII2JIJgAwMBAjcUIAsDAwkBAUAICAMBLRURDgsFGASCQD+BdQ2nT4R3hGKHJYQggRCBB4hvARIBbIULAoEoAY1Kjx0GA5BJCxeQESyXPiJkcSsIAhgpSoEegU6CJheONFN7AQGJJoI+AQE Received: from tarius.tycho.ncsc.mil ([144.51.242.1]) by EMSM-GH1-UEA10.NCSC.MIL with ESMTP; 11 Oct 2018 12:37:20 +0000 Received: from prometheus.infosec.tycho.ncsc.mil (prometheus [192.168.25.40]) by tarius.tycho.ncsc.mil (8.14.4/8.14.4) with ESMTP id w9BCbJMx028193; Thu, 11 Oct 2018 08:37:20 -0400 Received: from tarius.tycho.ncsc.mil (tarius.infosec.tycho.ncsc.mil [144.51.242.1]) by prometheus.infosec.tycho.ncsc.mil (8.15.2/8.15.2) with ESMTP id w9BCZIIB030945 for ; Thu, 11 Oct 2018 08:35:18 -0400 Received: from moss-lions.infosec.tycho.ncsc.mil (moss-lions [192.168.25.4]) by tarius.tycho.ncsc.mil (8.14.4/8.14.4) with ESMTP id w9BCZHD8028155; Thu, 11 Oct 2018 08:35:18 -0400 From: James Carter To: selinux@vger.kernel.org Date: Thu, 11 Oct 2018 08:35:42 -0400 Message-Id: <20181011123543.14822-2-jwcart2@tycho.nsa.gov> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20181011123543.14822-1-jwcart2@tycho.nsa.gov> References: <20181011123543.14822-1-jwcart2@tycho.nsa.gov> Subject: [PATCH 1/2] libsepol: Create policydb_sort_ocontexts() X-BeenThere: selinux@tycho.nsa.gov X-Mailman-Version: 2.1.21 Precedence: list List-Id: "Security-Enhanced Linux \(SELinux\) mailing list" List-Post: List-Help: Cc: selinux@tycho.nsa.gov MIME-Version: 1.0 Errors-To: selinux-bounces@tycho.nsa.gov Sender: "Selinux" X-Virus-Scanned: ClamAV using ClamSMTP Create the function called policydb_sort_ocontexts() that calls the internal function sort_ocontexts() to sort the ocontexts of a policydb. The function sort_ocontexts() is already used by sepol_kernel_policydb_to_conf() and sepol_kernel_policydb_to_cil() when converting a binary policy to cil or policy.conf format. Signed-off-by: James Carter --- libsepol/include/sepol/policydb/policydb.h | 2 ++ libsepol/src/policydb.c | 5 +++++ 2 files changed, 7 insertions(+) diff --git a/libsepol/include/sepol/policydb/policydb.h b/libsepol/include/sepol/policydb/policydb.h index 271a82c9..591ce6e0 100644 --- a/libsepol/include/sepol/policydb/policydb.h +++ b/libsepol/include/sepol/policydb/policydb.h @@ -640,6 +640,8 @@ extern void policydb_destroy(policydb_t * p); extern int policydb_load_isids(policydb_t * p, sidtab_t * s); +extern int policydb_sort_ocontexts(policydb_t *p); + /* Deprecated */ extern int policydb_context_isvalid(const policydb_t * p, const context_struct_t * c); diff --git a/libsepol/src/policydb.c b/libsepol/src/policydb.c index dfedfafe..a6d76ca3 100644 --- a/libsepol/src/policydb.c +++ b/libsepol/src/policydb.c @@ -51,6 +51,7 @@ #include #include +#include "kernel_to_common.h" #include "private.h" #include "debug.h" #include "mls.h" @@ -4301,3 +4302,7 @@ int policydb_set_target_platform(policydb_t *p, int platform) return 0; } +int policydb_sort_ocontexts(policydb_t *p) +{ + return sort_ocontexts(p); +} From patchwork Thu Oct 11 12:35:43 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: James Carter X-Patchwork-Id: 10636603 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 3DEA116B1 for ; Thu, 11 Oct 2018 12:37:21 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 3223A2B45A for ; Thu, 11 Oct 2018 12:37:21 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 257622B45D; Thu, 11 Oct 2018 12:37:21 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-5.2 required=2.0 tests=BAYES_00,MAILING_LIST_MULTI, RCVD_IN_DNSWL_MED autolearn=ham version=3.3.1 Received: from USFB19PA12.eemsg.mail.mil (uphb19pa09.eemsg.mail.mil [214.24.26.83]) (using TLSv1.2 with cipher DHE-RSA-AES256-SHA256 (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id CED4F2B45A for ; Thu, 11 Oct 2018 12:37:19 +0000 (UTC) X-EEMSG-check-008: 222198898|USFB19PA12_EEMSG_MP8.csd.disa.mil Received: from emsm-gh1-uea10.ncsc.mil ([214.29.60.2]) by USFB19PA12.eemsg.mail.mil with ESMTP; 11 Oct 2018 12:37:17 +0000 X-IronPort-AV: E=Sophos;i="5.54,368,1534809600"; d="scan'208";a="16722909" IronPort-PHdr: 9a23:Ql9BIhzbP7dYtDrXCy+O+j09IxM/srCxBDY+r6Qd1uoVKvad9pjvdHbS+e9qxAeQG9mDtLQc06L/iOPJYSQ4+5GPsXQPItRndiQuroEopTEmG9OPEkbhLfTnPGQQFcVGU0J5rTngaRAGUMnxaEfPrXKs8DUcBgvwNRZvJuTyB4Xek9m72/q99pHPYQhEniaxba9vJxiqsAvdsdUbj5F/Iagr0BvJpXVIe+VSxWx2IF+Yggjx6MSt8pN96ipco/0u+dJOXqX8ZKQ4UKdXDC86PGAv5c3krgfMQA2S7XYBSGoWkx5IAw/Y7BHmW5r6ryX3uvZh1CScIMb5Q6o0WTC/5Kl1ThHmhjoMOzog/G3JlsB8iaRWqw+jqRNi2Y7ZeIGbOuRwcK3eet0VR2RBUNtJVyFDH4+xYYQAAPYOM+lGtInwvEcOoBmkCAWwHu7j1iFEi3nr1qM6yeQhFgTG0RQkEd0UtXTbss71P7oMXO+v1qnI0SvMb+lL0jr66ojJfAwuruuWXbJsb8bc0lUvFgPZgVWQrozpJTWV1v8XvGSB4OpgUvyvhnchpgpsoTav3t8hhpTGi48a0FzJ9Th1zJwrKdC3VkJ3e8OoHZ1NvC+ALYR2WNktQ2RwtSY/zb0JpIC0cTARyJQi2x7fc/uHc5WU4h77VOaePzN4hHV9dbKjnRmy60mgyvDnVsWuzFZLrjZKktnLtnwX0Rzc9tOHRedn8kek2DaP0xjf6uBCIU8qiarWM4Mtz7E/m5YJsUnPAzX6lFv5gaOIbEko5/Ck6+H9bbXnop+cOZV0igb7Mqk2gcywH+A4MgkIX2iG9uWwzabs/UrkQLVMkvI5jLLZvYvGJcUbuqG5AwhV3pwl6xakFTiqytsYnX4ZLF5dYhKIk5DpO03SIPD/Ffq/gVOskDFxyPDaPr3uGJPNI2PBkLfme7Z97lRTyBEvzd9B/ZJUEasNIPXpWk/+rNbYFAM2MxSow+b7D9VwzoEeWWCVDaCFM6PSqliI5uQuI+mSf4IVtjL9K+Uq5vH1kH85n0MdfbSz0ZsQcnC4EexsI1+Fbnr0ntcBDWAKsxIwTezrjF2CVCBcZ2ypUqIy+D40FYWmDZ3ZSYC1mryB2yW7EYNKaWBaEFyMFm3od4qcUfcWdC2SOtNhkiADVbW5VoAuyRSutAj8y7p7M+bZ4TMYuoz51Nh05uzTkhcy+SZyD8uDz2GHV3t0kX8QRz8qwKB/plRwxUmb0adimfxYFMdT6uhRUgggL57czvd6C8j2Wg3bYtiGVkyqQtK8ATE+Vtgx2cMBY15hG9W+iRDOxymqDKUWl7yMGZw56aHc0GLyJ8Z61nbKzq4hj0MpQsFXL22pmrZ/9xTPB47Oi0iWjbuldb4d3CHT7meO1nCBs11dUAJqVqXFR38fbFPMrdvl/kPCU6OuCbM/PwRd08GCLrVFasb1jVRGQ/fuI8/ebH6wm2iuAxaI2rKMY5Dwd2UbwirdFFAOkxoP8naeKQg+GiChrnrEDDNzCF3ieEzs8exxqX+hSE870R2KZVV717Wp4h4VmeCcS/QL07IftichsTJ0HE2h39/NENqAoQ1hfatZYdwn5ldLz2TZuBJhPpa4NaBtmkYecxhrv0Ppzxh2BJ9Pkcw2rHw01gpyMrmV0E1feDOCxp/wJ7jXJnP1/BC1ZK7cwkve38qO+qcT9PQ4rE3uvAeoFkom93VozcJV3mCG6ZrUFgoSVoj9UkEt9xh1v7vaeDUy55vI1X1wNqm5qiLN284zC+s/0RuvY9BfMKaYGwDoCM0aG9KiKOo0lFi1dhgEJvxd9LYoP8O6cPuLwLCrPOd8kzK6imRH+ppx3V6M9yp7TO7I0I0Iw/WZ3guBTTj8llChvtrwmYBeajEYBnC/xjT8BI5Neq1yep4GCWOvI82s2tVynoXtVGBc9F6iAVMGxcCodAGJb1zl3A1Q00UXrmC8mSeiyTx7jS0ppLKF3CPS2+TiaAYHOmlTSWl4ilfsJYy0gM4AXEe0aAgomgCo5V3nx6dHv6RzNW7TQV1HfyLuNWFtTrOwtqaeY85I8J4osjtYUOKnYV2BSb7yvR0a0zjlH2RA2DA3bTaquo/2nxZikmKSMG5zrGbFecF33Rrf/MbTReNV3jUYXCl3kz/XBkSiMNmz5tiUiozDvf6kV2K6TJFTai7rzZ6atCSn+2JqDxq/n+q8mtL5CwQ61zH018VyXyXSsBn8epXr17i9Me9/YEloAkLz5tFkGoF4j4QwhIsc2X4EiZWJ5XAHi3v8Mc1H2aLia3oAXSYLzMTI4Ajhw0BsMnOJx575V3mEzMtufd+6bnkR2iIn4MBAEL2U46BcnStpvlq4qhrcYfZnkTcb1fsu73sajvoHuAUz0yqdBaoSElNAPSz2kBSI7c6xo7lLZGq1driwzkV+l8i7DL6eugFcRGr5epA6EC919Mp/NFbM32Pv6oH4Ytbfd8kethuKnBfclOhaNIg+luIUiiZ9P2Lyo2ElwfYhjRNyxZG6oJSHK2J18aK3GB5XKCD6Z9gJ9THrkaZemd2W0pu1EZp9HzUHRpzoTeinEDgKr/ToKx6OECEgqnecAbffBRGQ51x4oHLJEpCrK3aXKWIYzdp8WhaSOlZTgAcOXDU1hpQ5DBylxNT9cEdl4TAc/kX3pQBLxuJsNhn/SXvfpByyZjcvVpeQMABa7hpc6EfRMMye6P9zHi5D85K9rA2NMHGbZx9SAWAHQEOEG0vjPr6o5dXa9OiYHOW+JePUYbqSsexeS+uIxZW334R9/jaMOcKPPn95AvImxEVMRnF5FN7fmzkVTCwXjS3NZdaBpBig4i13sty/8PPzVQLt5YuOC6NSMdJr+xC3naeMKfWdhCN4KTZEzJMD22XEyL8F3F4dkytubSWiEawctS7RS6LdgqxXDh4fayxtL8ZI6qU83gdDOcHFltP1yr54jvkwC1hbT1DhnN+mZdASKWGnKFzHHFqLNKiBJTDTxcH4f7mzSblLgeVXsB2woiqbHFXlPjSYlDnpVgqjMedSgyGHJBZeop2ycg5xCWj/S9Lrcge7P8FsjTIo27I0nG/FNW4HPDdnckNNtKCf7SRWgvVnAWxO8HpkIfOCmymH8+nSMowWvudzAiRoi+Ja52w3xKZS7CFCQvx6hTXdrtpvo1y9iOaA1CBnUB1UpjZMnoKLsl1oOb/F+ZlYRXbE4BUN4H2NBBsQudtlC8Dgu7tLx9fVjqLzMjBC8tzP/cQCG8fUNdiHMHs9MRvpAjLUChUKTSKzP2HFm0NdiO2S9mGSrpUirpjsn4AORaFdVF00EfMXEUtlHNofIJttWTMki7GbhtYS5XWitBnRWNlavpffW/KJH/rvLDeZjb9ZZxoH2r73MYMTNojn1EN4cVl6gJ7GG0zOUtBRuidhdBM7oF1R8HhiSW0+w17lagKo4H8UCf60nh43hxBjbuQs9Dbj+Uw4KkDMpCQujEk7gc/ljiyJcD7tMKewWplbBDDwt0gwLpz0XR56bQiynExiMzfEQahegqB7emBqkgDcv4JDGfBBTaFeZh8f2+2Xbe0y0VtAsiWn2VNH5ezdBJR5igQqd4WhoGhd1AJ9ctE1P7fQK7BTzllQnK6OuTWo1u8pyg8EO0kN6H+SeDIPuEEQObkmOiuo/uho6QOcnjtOY3UDWOQxrfJr7Ew9Pf6MzyX6075MMkqxLfCQL7uFu2jcks6FWkkw1kUJl0ZZ/bh21sMjc1GMWU420bWfDQgEO83ZJA5JaMpS8WTccjyVseXR2551OZuyFvzwR++UqKkUml6kHBouH4kU9MQOBIOs0EbDIsr8ML4F0w8i5Br1K1WBDfRJfh2LkDMGo8GwzJ93wYddKSsHAWV4Kym34KjYphMyivqZQNg2emsaXpcDNn8uVsy2gTJWv3RBDDmy0+IW0guC4iT9pivOEjbzccBvZPCOZRNjENu24ykw87CqiV7L9ZXTP2T6Os54ut/M9+wau5eHC/VbTbRmvUbTgY9YSGCuU27IDN66OoPwZ5MqbdPqFnawSka/hC4tT8ftINatKbCFjhvyRYZJtomXxjMjONS8FjEfGhdwu/oM6Lh6ZQIdf5oxeQTouBgmN6yjPAeY1c2jQ3qqKTtTVPRf0fm2Z7lMwCY2aO+11mcgRIkgz+ar6U4NWI0KjhbGyPahYIlRTzP+FWFDdAXUuyU5jXRhOfgvzeslxhPHr0UcOSiRdON1cGxEo808BVSKLHV4EGo3XVmcgpbC4g63xL0S+jNdn9dN3e1evnn+pYXTYDW2WKyksZ/VqTYvbcA6o61tNozuOteGu47DkTzeVpbQthaIXzK9F/pfhtdfOjlYQOVSlWEjJ8MGpZJL6VAtWccmO7xPFK4sq6iyaTp/ES4d1zIWV5+b0TwZhee8xqHamQuOf5QkLBwEqo9Ngt8HXy5xeCMeq7epV5/KmG+cVmgLPAAT4BxX6wIOioB8YuLo7JfGQZJX1zFWpPd0XTfRGZlz61v3UGeWjkbkSP+5ieymwRpSzO7w0tkcQBN/FVJdyPhImUQ1M7x3Nq0QvpLQsjCSa0P6vWXtyO+4K1lN08HUcEf4DIXdv2rmTiIc4WEURZNIyHzHF5QdiRB5aKEwpFVIOo+mZF3z5zk5x4RtA7m4VNykx1c/onYAXCemCd1BC/tpsFjPQj1qf4irqIn5O5VVWmJQ+oeSq1FXkEV3NC621IRTJtpR4jEWWjhPujKdsMG0SMJdxc98F4UMLctnu3fhBKNEP4Cco3syurH0y3/Z/TU8vE27xDW1Fa+4VfhW/3YCGgUzOmSRtlUvD/Y28mjM6FzNtUp0/+hDDLiVkUpxuCp9HoxJBjtR03ClLkh8TH5Cs+pAM6TZac1cQ/41ZR+0IBwzDvsm0kOG/E1umnf5eSNyvBNA+y/BRwk0STUVgrD1lD0ascGnPD8XRolGbTo/cijFLBibljpPvBZFbEFqWY4WDcpZ+70B2otU5MXCQ162KS4ZRBxiKh440f1HmE5BsUWYfDvQDQ+2evfPrBJ3Z8aRrMimLPjj+gdIlJ/nuvgi96ofX32mhRGtQdfGoo/9t9yFrFGBe7vjPu2nf3DBUCbDggyqibcjFZnK8DDZMBBHJJli1XokfZ/hBHbQMhRHPKIaKVBUVaJ7adVauuBVfdJkeKIS9KBxARKIWw3gF5ayrPlcKVbTXy7RIz+G8uylroLZ9abdRvT4ZsyQ23bHRLp6Po9g5jnnB7jq0YFf+k3s2vdu7096UkbJMySArNTnOwMK69KvdlP4sZ01ATzWAJlxkH33xkFDbcYXQDOl8I4eyJxH7Hb8U+V40lL8sOdK7blr9ZE346x1ycezPardNfZavlV7DRWPGgpq8ZEtAGx+R29PeO8RNOnecrgZjcz0rOD3DaMX4gWP++NFcdvHO13Bms6nBzGZThxEmhsBqTEEIQaH0v6FmrV7ScC7qujl1EMt5EK+Lh0dzLx344eL5LaIrvfNbxTN1bgERrTqRsTro7Qjp0yS/uYkmKcTdGJ6ZQOnEe4dVtMSx2r7wqAqyDgjE8XdEL76//5DTX05lCr6m59hB1UWBu8UHb2T8IRcmWc4m+rZOscKfaBCnmaPCAOrE74DyX6t8CuXI2hljwrQ0xHxX2O89lv2ojJ5QSfWydfsjFZVXKGtBUhORyqpJVN4sDSXMQrpqtr4o6I14VoyMmz5qd2NlWyhOKhNE834PtycLjE+pEgLg50pWtyvxYcbFMK/INgP/nF+YP/e5nilkiBbpadImZbe7tuT+vrJAXmql7eapKmVxDBE1ng4ukky6t+kNvHJ6dyFXfCo12IKQidkvAvBWR+1paDBo1ASJ0OLzF/BmJYWMdFBwXk4ykbm6fAmQNIy9wVeFYHAaugApT/pOzv0xlCfbMwxViWE1TtYAE71G0FiGKcgwGLwoN7JlXDI9lIzWIZwcVDniAdsD4U8LkIt9EQXwjQdHgcQcxybC6uoBUv9J4seSUcDcQiH3KS9eqovxU1zxbev6/XJbe1yAKoNMvhdgxWLnFhcHZIWqrMRT65me19a767XvQniC47oX/T8knowL/K1SNhA8c8Fr3si/hq/Rx245JdN8bkbjJGIdrZabpXXvcF87kJn5TsReSxXhBhwkQm1UecGpODs+tLbqoan6v6yVKYxQOUa7xY1B3xkj5vxnF8sv8ra1+JdSo3Jk4Tw7hpBI3mQuIbVyxN8M/YBK5q3fLZ88HUKPy8eJ3YQMteNc/k85zViMC7P51xDHswMeckYM9TTlgxOjE3mRq1T/NLBGlCEE4dza9wo723vxTAx8Js8VPvg6TCvKZDb7lFNJO9DjD53mdLDvucVx/3SBDIQ4XmDZBh/2jmCxIWVC/bs4eWMz8nZV1YcESEqU4ddJTyC+Qu8S+qrlZXpVB2b6svygJI4aUKRSWa9nKMfsqZDCeRAkDn03iBCFoDpgPKYq9is53FUtl1AC4l+9gDFGKNDPpV7PhT4i8arRkhgBiflfsHbaAYusvKMxugQ++V+K1f+ZYgDLxIGzrL67mBVThFvSL7tpVuZW/geZN54R/PFtHxV7phgK6AXNliHuJPqtitIqEwxAAIxc78woDlaeVXPkQBWQKv0pqAPihEdUd94vk9MH3i8OGQg6DrbBuxpi/yKBfgU9CiDZrIBXl8uMS5kRR6xnpJ0dOiHh/dC50FPmy5m6NMjySBrXlPouzLnrrgRgxo86bq4s3MHonUDQeKAxXSbQW5fxegH2P9PQ03p7kaxNTxZNIY= X-IPAS-Result: A2B9AABbQ79b/wHyM5BiGwEBAQEDAQEBBwMBAQGBVAMBAQELAYFZKoFlKIxqi1dMAQEBAQEBBoIviAaOFIFdLhMBiRchNwoNAQMBAQEBAQECAWwogjYkgmADAwECNxQgCwMDCQEBQAgIAwEtFREOCwUYBIJAP4F1DadPhHeEYoclhCCBEIEHgRKCXQeEeQESAWyFCwKBKAGNSo8dBgOQSQsXkBGXaiJkcSsIAhgpSoEegU6CJhcRjiNTewEBiSaCPgEB Received: from tarius.tycho.ncsc.mil ([144.51.242.1]) by EMSM-GH1-UEA10.NCSC.MIL with ESMTP; 11 Oct 2018 12:37:16 +0000 Received: from prometheus.infosec.tycho.ncsc.mil (prometheus [192.168.25.40]) by tarius.tycho.ncsc.mil (8.14.4/8.14.4) with ESMTP id w9BCbExv028183; Thu, 11 Oct 2018 08:37:15 -0400 Received: from tarius.tycho.ncsc.mil (tarius.infosec.tycho.ncsc.mil [144.51.242.1]) by prometheus.infosec.tycho.ncsc.mil (8.15.2/8.15.2) with ESMTP id w9BCZItJ030948 for ; Thu, 11 Oct 2018 08:35:18 -0400 Received: from moss-lions.infosec.tycho.ncsc.mil (moss-lions [192.168.25.4]) by tarius.tycho.ncsc.mil (8.14.4/8.14.4) with ESMTP id w9BCZHD9028155; Thu, 11 Oct 2018 08:35:18 -0400 From: James Carter To: selinux@vger.kernel.org Date: Thu, 11 Oct 2018 08:35:43 -0400 Message-Id: <20181011123543.14822-3-jwcart2@tycho.nsa.gov> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20181011123543.14822-1-jwcart2@tycho.nsa.gov> References: <20181011123543.14822-1-jwcart2@tycho.nsa.gov> Subject: [PATCH 2/2] checkpolicy: Add option to sort ocontexts when creating a binary policy X-BeenThere: selinux@tycho.nsa.gov X-Mailman-Version: 2.1.21 Precedence: list List-Id: "Security-Enhanced Linux \(SELinux\) mailing list" List-Post: List-Help: Cc: selinux@tycho.nsa.gov MIME-Version: 1.0 Errors-To: selinux-bounces@tycho.nsa.gov Sender: "Selinux" X-Virus-Scanned: ClamAV using ClamSMTP Add an option, specified by "-S" or "--sort", to sort the ocontexts before writing out the binary policy. Binary policies created by semanage and secilc are always sorted, so this option allows checkpolicy to be consistent with those. It has not been made the default to maintain backwards compatibility for anyone who might be depending on the unsorted behavior of checkpolicy. Signed-off-by: James Carter --- checkpolicy/checkpolicy.c | 22 +++++++++++++++++----- 1 file changed, 17 insertions(+), 5 deletions(-) diff --git a/checkpolicy/checkpolicy.c b/checkpolicy/checkpolicy.c index 12c4c405..14dc91a3 100644 --- a/checkpolicy/checkpolicy.c +++ b/checkpolicy/checkpolicy.c @@ -111,9 +111,9 @@ unsigned int policyvers = POLICYDB_VERSION_MAX; static __attribute__((__noreturn__)) void usage(const char *progname) { printf - ("usage: %s [-b[F]] [-C] [-d] [-U handle_unknown (allow,deny,reject)] [-M]" - "[-c policyvers (%d-%d)] [-o output_file] [-t target_platform (selinux,xen)]" - "[input_file]\n", + ("usage: %s [-b[F]] [-C] [-d] [-U handle_unknown (allow,deny,reject)] [-M] " + "[-c policyvers (%d-%d)] [-o output_file] [-S] " + "[-t target_platform (selinux,xen)] [input_file]\n", progname, POLICYDB_VERSION_MIN, POLICYDB_VERSION_MAX); exit(1); } @@ -394,7 +394,7 @@ int main(int argc, char **argv) size_t scontext_len, pathlen; unsigned int i; unsigned int protocol, port; - unsigned int binary = 0, debug = 0, cil = 0, conf = 0; + unsigned int binary = 0, debug = 0, sort = 0, cil = 0, conf = 0; struct val_to_name v; int ret, ch, fd, target = SEPOL_TARGET_SELINUX; unsigned int nel, uret; @@ -418,11 +418,12 @@ int main(int argc, char **argv) {"mls", no_argument, NULL, 'M'}, {"cil", no_argument, NULL, 'C'}, {"conf",no_argument, NULL, 'F'}, + {"sort", no_argument, NULL, 'S'}, {"help", no_argument, NULL, 'h'}, {NULL, 0, NULL, 0} }; - while ((ch = getopt_long(argc, argv, "o:t:dbU:MCFVc:h", long_options, NULL)) != -1) { + while ((ch = getopt_long(argc, argv, "o:t:dbU:MCFSVc:h", long_options, NULL)) != -1) { switch (ch) { case 'o': outfile = optarg; @@ -462,6 +463,9 @@ int main(int argc, char **argv) break; } usage(argv[0]); + case 'S': + sort = 1; + break; case 'M': mlspol = 1; break; @@ -637,6 +641,14 @@ int main(int argc, char **argv) policy_file_init(&pf); pf.type = PF_USE_STDIO; pf.fp = outfp; + if (sort) { + ret = policydb_sort_ocontexts(&policydb); + if (ret) { + fprintf(stderr, "%s: error sorting ocontexts\n", + argv[0]); + exit(1); + } + } ret = policydb_write(&policydb, &pf); } else { ret = sepol_kernel_policydb_to_conf(outfp, policydbp);