Imported Upstream version 1.15.1
[deb_xorg-server.git] / Xext / xselinux_label.c
1 /************************************************************
2
3 Author: Eamon Walsh <ewalsh@tycho.nsa.gov>
4
5 Permission to use, copy, modify, distribute, and sell this software and its
6 documentation for any purpose is hereby granted without fee, provided that
7 this permission notice appear in supporting documentation. This permission
8 notice shall be included in all copies or substantial portions of the
9 Software.
10
11 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
12 IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
14 AUTHOR BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN
15 AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
16 CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
17
18 ********************************************************/
19
20 #ifdef HAVE_DIX_CONFIG_H
21 #include <dix-config.h>
22 #endif
23
24 #include <selinux/label.h>
25
26 #include "registry.h"
27 #include "xselinuxint.h"
28
29 /* selection and property atom cache */
30 typedef struct {
31 SELinuxObjectRec prp;
32 SELinuxObjectRec sel;
33 } SELinuxAtomRec;
34
35 /* dynamic array */
36 typedef struct {
37 unsigned size;
38 void **array;
39 } SELinuxArrayRec;
40
41 /* labeling handle */
42 static struct selabel_handle *label_hnd;
43
44 /* Array of object classes indexed by resource type */
45 SELinuxArrayRec arr_types;
46
47 /* Array of event SIDs indexed by event type */
48 SELinuxArrayRec arr_events;
49
50 /* Array of property and selection SID structures */
51 SELinuxArrayRec arr_atoms;
52
53 /*
54 * Dynamic array helpers
55 */
56 static void *
57 SELinuxArrayGet(SELinuxArrayRec * rec, unsigned key)
58 {
59 return (rec->size > key) ? rec->array[key] : 0;
60 }
61
62 static int
63 SELinuxArraySet(SELinuxArrayRec * rec, unsigned key, void *val)
64 {
65 if (key >= rec->size) {
66 /* Need to increase size of array */
67 rec->array = realloc(rec->array, (key + 1) * sizeof(val));
68 if (!rec->array)
69 return FALSE;
70 memset(rec->array + rec->size, 0, (key - rec->size + 1) * sizeof(val));
71 rec->size = key + 1;
72 }
73
74 rec->array[key] = val;
75 return TRUE;
76 }
77
78 static void
79 SELinuxArrayFree(SELinuxArrayRec * rec, int free_elements)
80 {
81 if (free_elements) {
82 unsigned i = rec->size;
83
84 while (i)
85 free(rec->array[--i]);
86 }
87
88 free(rec->array);
89 rec->size = 0;
90 rec->array = NULL;
91 }
92
93 /*
94 * Looks up a name in the selection or property mappings
95 */
96 static int
97 SELinuxAtomToSIDLookup(Atom atom, SELinuxObjectRec * obj, int map, int polymap)
98 {
99 const char *name = NameForAtom(atom);
100 security_context_t ctx;
101 int rc = Success;
102
103 obj->poly = 1;
104
105 /* Look in the mappings of names to contexts */
106 if (selabel_lookup_raw(label_hnd, &ctx, name, map) == 0) {
107 obj->poly = 0;
108 }
109 else if (errno != ENOENT) {
110 ErrorF("SELinux: a property label lookup failed!\n");
111 return BadValue;
112 }
113 else if (selabel_lookup_raw(label_hnd, &ctx, name, polymap) < 0) {
114 ErrorF("SELinux: a property label lookup failed!\n");
115 return BadValue;
116 }
117
118 /* Get a SID for context */
119 if (avc_context_to_sid_raw(ctx, &obj->sid) < 0) {
120 ErrorF("SELinux: a context_to_SID_raw call failed!\n");
121 rc = BadAlloc;
122 }
123
124 freecon(ctx);
125 return rc;
126 }
127
128 /*
129 * Looks up the SID corresponding to the given property or selection atom
130 */
131 int
132 SELinuxAtomToSID(Atom atom, int prop, SELinuxObjectRec ** obj_rtn)
133 {
134 SELinuxAtomRec *rec;
135 SELinuxObjectRec *obj;
136 int rc, map, polymap;
137
138 rec = SELinuxArrayGet(&arr_atoms, atom);
139 if (!rec) {
140 rec = calloc(1, sizeof(SELinuxAtomRec));
141 if (!rec || !SELinuxArraySet(&arr_atoms, atom, rec))
142 return BadAlloc;
143 }
144
145 if (prop) {
146 obj = &rec->prp;
147 map = SELABEL_X_PROP;
148 polymap = SELABEL_X_POLYPROP;
149 }
150 else {
151 obj = &rec->sel;
152 map = SELABEL_X_SELN;
153 polymap = SELABEL_X_POLYSELN;
154 }
155
156 if (!obj->sid) {
157 rc = SELinuxAtomToSIDLookup(atom, obj, map, polymap);
158 if (rc != Success)
159 goto out;
160 }
161
162 *obj_rtn = obj;
163 rc = Success;
164 out:
165 return rc;
166 }
167
168 /*
169 * Looks up a SID for a selection/subject pair
170 */
171 int
172 SELinuxSelectionToSID(Atom selection, SELinuxSubjectRec * subj,
173 security_id_t * sid_rtn, int *poly_rtn)
174 {
175 int rc;
176 SELinuxObjectRec *obj;
177 security_id_t tsid;
178
179 /* Get the default context and polyinstantiation bit */
180 rc = SELinuxAtomToSID(selection, 0, &obj);
181 if (rc != Success)
182 return rc;
183
184 /* Check for an override context next */
185 if (subj->sel_use_sid) {
186 tsid = subj->sel_use_sid;
187 goto out;
188 }
189
190 tsid = obj->sid;
191
192 /* Polyinstantiate if necessary to obtain the final SID */
193 if (obj->poly && avc_compute_member(subj->sid, obj->sid,
194 SECCLASS_X_SELECTION, &tsid) < 0) {
195 ErrorF("SELinux: a compute_member call failed!\n");
196 return BadValue;
197 }
198 out:
199 *sid_rtn = tsid;
200 if (poly_rtn)
201 *poly_rtn = obj->poly;
202 return Success;
203 }
204
205 /*
206 * Looks up a SID for a property/subject pair
207 */
208 int
209 SELinuxPropertyToSID(Atom property, SELinuxSubjectRec * subj,
210 security_id_t * sid_rtn, int *poly_rtn)
211 {
212 int rc;
213 SELinuxObjectRec *obj;
214 security_id_t tsid, tsid2;
215
216 /* Get the default context and polyinstantiation bit */
217 rc = SELinuxAtomToSID(property, 1, &obj);
218 if (rc != Success)
219 return rc;
220
221 /* Check for an override context next */
222 if (subj->prp_use_sid) {
223 tsid = subj->prp_use_sid;
224 goto out;
225 }
226
227 /* Perform a transition */
228 if (avc_compute_create(subj->sid, obj->sid, SECCLASS_X_PROPERTY, &tsid) < 0) {
229 ErrorF("SELinux: a compute_create call failed!\n");
230 return BadValue;
231 }
232
233 /* Polyinstantiate if necessary to obtain the final SID */
234 if (obj->poly) {
235 tsid2 = tsid;
236 if (avc_compute_member(subj->sid, tsid2,
237 SECCLASS_X_PROPERTY, &tsid) < 0) {
238 ErrorF("SELinux: a compute_member call failed!\n");
239 return BadValue;
240 }
241 }
242 out:
243 *sid_rtn = tsid;
244 if (poly_rtn)
245 *poly_rtn = obj->poly;
246 return Success;
247 }
248
249 /*
250 * Looks up the SID corresponding to the given event type
251 */
252 int
253 SELinuxEventToSID(unsigned type, security_id_t sid_of_window,
254 SELinuxObjectRec * sid_return)
255 {
256 const char *name = LookupEventName(type);
257 security_id_t sid;
258 security_context_t ctx;
259
260 type &= 127;
261
262 sid = SELinuxArrayGet(&arr_events, type);
263 if (!sid) {
264 /* Look in the mappings of event names to contexts */
265 if (selabel_lookup_raw(label_hnd, &ctx, name, SELABEL_X_EVENT) < 0) {
266 ErrorF("SELinux: an event label lookup failed!\n");
267 return BadValue;
268 }
269 /* Get a SID for context */
270 if (avc_context_to_sid_raw(ctx, &sid) < 0) {
271 ErrorF("SELinux: a context_to_SID_raw call failed!\n");
272 freecon(ctx);
273 return BadAlloc;
274 }
275 freecon(ctx);
276 /* Cache the SID value */
277 if (!SELinuxArraySet(&arr_events, type, sid))
278 return BadAlloc;
279 }
280
281 /* Perform a transition to obtain the final SID */
282 if (avc_compute_create(sid_of_window, sid, SECCLASS_X_EVENT,
283 &sid_return->sid) < 0) {
284 ErrorF("SELinux: a compute_create call failed!\n");
285 return BadValue;
286 }
287
288 return Success;
289 }
290
291 int
292 SELinuxExtensionToSID(const char *name, security_id_t * sid_rtn)
293 {
294 security_context_t ctx;
295
296 /* Look in the mappings of extension names to contexts */
297 if (selabel_lookup_raw(label_hnd, &ctx, name, SELABEL_X_EXT) < 0) {
298 ErrorF("SELinux: a property label lookup failed!\n");
299 return BadValue;
300 }
301 /* Get a SID for context */
302 if (avc_context_to_sid_raw(ctx, sid_rtn) < 0) {
303 ErrorF("SELinux: a context_to_SID_raw call failed!\n");
304 freecon(ctx);
305 return BadAlloc;
306 }
307 freecon(ctx);
308 return Success;
309 }
310
311 /*
312 * Returns the object class corresponding to the given resource type.
313 */
314 security_class_t
315 SELinuxTypeToClass(RESTYPE type)
316 {
317 void *tmp;
318
319 tmp = SELinuxArrayGet(&arr_types, type & TypeMask);
320 if (!tmp) {
321 unsigned long class = SECCLASS_X_RESOURCE;
322
323 if (type & RC_DRAWABLE)
324 class = SECCLASS_X_DRAWABLE;
325 else if (type == RT_GC)
326 class = SECCLASS_X_GC;
327 else if (type == RT_FONT)
328 class = SECCLASS_X_FONT;
329 else if (type == RT_CURSOR)
330 class = SECCLASS_X_CURSOR;
331 else if (type == RT_COLORMAP)
332 class = SECCLASS_X_COLORMAP;
333 else {
334 /* Need to do a string lookup */
335 const char *str = LookupResourceName(type);
336
337 if (!strcmp(str, "PICTURE"))
338 class = SECCLASS_X_DRAWABLE;
339 else if (!strcmp(str, "GLYPHSET"))
340 class = SECCLASS_X_FONT;
341 }
342
343 tmp = (void *) class;
344 SELinuxArraySet(&arr_types, type & TypeMask, tmp);
345 }
346
347 return (security_class_t) (unsigned long) tmp;
348 }
349
350 security_context_t
351 SELinuxDefaultClientLabel(void)
352 {
353 security_context_t ctx;
354
355 if (selabel_lookup_raw(label_hnd, &ctx, "remote", SELABEL_X_CLIENT) < 0)
356 FatalError("SELinux: failed to look up remote-client context\n");
357
358 return ctx;
359 }
360
361 void
362 SELinuxLabelInit(void)
363 {
364 struct selinux_opt selabel_option = { SELABEL_OPT_VALIDATE, (char *) 1 };
365
366 label_hnd = selabel_open(SELABEL_CTX_X, &selabel_option, 1);
367 if (!label_hnd)
368 FatalError("SELinux: Failed to open x_contexts mapping in policy\n");
369 }
370
371 void
372 SELinuxLabelReset(void)
373 {
374 selabel_close(label_hnd);
375 label_hnd = NULL;
376
377 /* Free local state */
378 SELinuxArrayFree(&arr_types, 0);
379 SELinuxArrayFree(&arr_events, 0);
380 SELinuxArrayFree(&arr_atoms, 1);
381 }