* bus/selinux.c: Add c-file-style to top of file
(log_audit_callback): Don't free the data here anymore
(bus_selinux_check): Don't take spid and tpid since appending
that to auxdata may OOM.
(bus_selinux_allows_acquire_service): Handle OOM and signal back
to the caller if we are OOM by taking an error object.
(bus_selinux_allows_send): -do-
* bus/selinux.h: Fix prototypes for bus_selinux_allows_acquire_service
and bus_selinux_allows_send
* bus/bus.c (bus_context_check_security_policy): Pass error and
pass on OOM thrown by bus_selinux_allows_send()
* bus/services.c (bus_registry_acquire_service): Pass error and
pass on OOM thrown by bus_selinux_allows_acquire_service()
* dbus/dbus-string.c (_dbus_string_get_length): New
function, writes DBusString to C buffer.
* dbus/dbus-string.h: Prototype it.
* dbus/dbus-message.c (dbus_message_type_to_string): New
function, converts message type into C string.
* dbus/dbus-message.h: Prototype it.
* bus/selinux.c (bus_selinux_check): Take source pid,
target pid, and audit data. Pass audit data to
avc_has_perm.
(log_audit_callback): New function, appends extra
audit information.
(bus_selinux_allows_acquire_service): Also take
service name, add it to audit data.
(bus_selinux_allows_send): Also take message
type, interface, method member, error name,
and destination, and add them to audit data.
(log_cb): Initialize func_audit.
* bus/selinux.h (bus_selinux_allows_acquire_service)
(bus_selinux_allows_send): Update prototypes
* bus/services.c (bus_registry_acquire_service): Pass
service name to bus_selinux_allows_acquire_service.
* bus/bus.c (bus_context_check_security_policy): Pass
additional audit data. Move assignment of dest
to its own line.
* bus/bus.c (load_config): Break into three
separate functions: process_config_first_time_only,
process_config_every_time, and process_config_postinit.
(process_config_every_time): Move call of
bus_registry_set_service_context_table into
process_config_postinit.
(process_config_postinit): New function, does
any processing that needs to happen late
in initialization (and also on reload).
(bus_context_new): Instead of calling load_config,
open config parser here and call process_config_first_time_only
and process_config_every_time directly. Later, after
we have forked but before changing UID,
invoke bus_selinux_full_init, and then call
process_config_postinit.
(bus_context_reload_config): As in bus_context_new,
load parse file inside here, and call process_config_every_time
and process_config_postinit.
* bus/services.h, bus/services.c
(bus_registry_set_service_context_table): Rename
from bus_registry_set_sid_table. Take string hash from config
parser, and convert them here into SIDs.
* bus/config-parser.c (struct BusConfigParser): Have
config parser only store a mapping of service->context
string.
(merge_service_context_hash): New function.
(merge_included): Merge context string hashes instead
of using bus_selinux_id_table_union.
(bus_config_parser_new): Don't use bus_selinux_id_table_new;
simply create a new string hash.
(bus_config_parser_unref): Unref it.
(start_selinux_child): Simply insert strings into hash,
don't call bus_selinux_id_table_copy_over.
* bus/selinux.h, bus/selinux.c (bus_selinux_id_table_union)
(bus_selinux_id_table_copy_over): Delete.
* bus/selinux.c (bus_selinux_init): Split into two functions,
bus_selinux_pre_init and bus_selinux_post_init.
(bus_selinux_pre_init): Just determine whether SELinux is
enabled.
(bus_selinux_post_init): Do everything else.
* bus/main.c (main): Call bus_selinux_pre_init before parsing
config file, and bus_selinux_post_init after. This ensures that
we don't lose the policyreload notification thread that
bus_selinux_init created before forking previously.
* bus/test-main.c (test_pre_hook): Update for split.
* bus/selinux.h: Add bus_selinux_enabled.
* bus/selinux.c (bus_selinux_enabled): Implement it.
* bus/config-parser.c (struct include): Add
if_selinux_enabled member.
(start_busconfig_child): Parse if_selinux_enabled
attribute for include.
(bus_config_parser_content): Handle it.
* bus/session.conf.in, bus/system.conf.in: Add
inclusion of context mapping to default config files;
conditional on SELinux being enabled.
* doc/busconfig.dtd: Add to if_selinux_enabled to default DTD.
* test/data/invalid-config-files/badselinux-1.conf,
test/data/invalid-config-files/badselinux-2.conf:
Test files for bad syntax.
* bus/selinux.h: Prototype bus_selinux_get_policy_root.
* bus/selinux.c: Create a thread for policy reload notification.
(bus_selinux_get_policy_root): Implement.
Updated SELinux support from Matthew Rickard <mjricka@epoch.ncsc.mil>
* bus/config-parser.c (start_busconfig_child)
(bus_config_parser_content): Support SELinux-root relative
inclusion.
* configure.in <HAVE_SELINUX>: Add -lpthread.
* bus/test-main.c (test_pre_hook, test_post_hook): New.
(test_post_hook): Move memory checking into here.
(test_pre_hook, test_post_hook): Move SELinux checks in
here, but conditional on a DBUS_TEST_SELINUX environment
variable. Unfortunately we can't run the SELinux checks
as a normal user, since they won't have any permissions
for /selinux. So this will have to be tested manually
for now, until we have virtualization for most of
libselinux.
SELinux support from Matthew Rickard <mjricka@epoch.ncsc.mil>
* bus/selinux.c, bus/selinux.h: new file encapsulating selinux
functionality
* configure.in: add --enable-selinux
* bus/policy.c (bus_policy_merge): add FIXME to a comment
* bus/main.c (main): initialize and shut down selinux
* bus/connection.c: store SELinux ID on each connection, to avoid
repeated getting of the string context and converting it into
an ID
* bus/bus.c (bus_context_get_policy): new accessor, though it
isn't used
(bus_context_check_security_policy): check whether the security
context of sender connection can send to the security context of
recipient connection
* bus/config-parser.c: add parsing for <selinux> and <associate>
* dbus/dbus-transport.c (_dbus_transport_get_unix_fd): to
implement dbus_connection_get_unix_fd()
* dbus/dbus-connection.c (dbus_connection_get_unix_fd): new
function, used by the selinux stuff
