[RFC Patch 1/3] Context Mounts and Unsupported Contexts: kernel

All of lore.kernel.org
 help / color / mirror / Atom feed

* [RFC Patch 1/3] Context Mounts and Unsupported Contexts: kernel
@ 2006-08-15 15:56 Cory Olmo
  2006-08-15 19:21 ` James Morris
  0 siblings, 1 reply; 4+ messages in thread
From: Cory Olmo @ 2006-08-15 15:56 UTC (permalink / raw)
  To: selinux

[-- Attachment #1: Type: text/plain, Size: 600 bytes --]

This patch modifies selinux_sb_copy_data() so that it will only take an 
option after seeing a ',' if it hasn't seen a quote or if the quotes are 
matched.  When it does take the option, if the option is an selinux option 
then it calls a new function take_selinux_option().  This new function will 
strip the quotes and replace the previously used comma separator with a '|'.  
try_context_mount() was modified to look for the '|' as the separator 
instead of ','.

 linux-2.6.17/security/selinux/hooks.c |   36 +++++++++++++++++++++++++++++++++---
 1 file changed, 33 insertions(+), 3 deletions(-)

[-- Attachment #2: linux-2.6-quoted_context.patch --]
[-- Type: text/x-patch, Size: 1767 bytes --]

diff --git a/linux-2.6.17.i686/security/selinux/hooks.c b/linux-2.6.17.i686/security/selinux/hooks.c
index 93bc2df..378d90c 100644
--- a/linux-2.6.17.i686/security/selinux/hooks.c
+++ b/linux-2.6.17.i686/security/selinux/hooks.c
@@ -398,7 +398,7 @@ static int try_context_mount(struct supe
 		/* Standard string-based options. */
 		char *p, *options = data;
 
-		while ((p = strsep(&options, ",")) != NULL) {
+		while ((p = strsep(&options, "|")) != NULL) {
 			int token;
 			substring_t args[MAX_OPT_ARGS];
 
@@ -1949,11 +1949,34 @@ static inline void take_option(char **to
 	*to += len;
 }
 
+static inline void take_selinux_option(char **to, char *from, int *first, 
+		                       int len)
+{
+	int current_size = 0;
+
+	if (!*first) {
+		**to = '|';
+		*to += 1;
+	}
+	else
+		*first = 0;
+
+	while (current_size < len) {
+		if (*from != '"') {
+			**to = *from;
+			*to += 1;
+		}
+		from += 1;
+		current_size += 1;
+	}
+}
+
 static int selinux_sb_copy_data(struct file_system_type *type, void *orig, void *copy)
 {
 	int fnosec, fsec, rc = 0;
 	char *in_save, *in_curr, *in_end;
 	char *sec_curr, *nosec_save, *nosec;
+	int open_quote = 0;
 
 	in_curr = orig;
 	sec_curr = copy;
@@ -1975,11 +1998,18 @@ static int selinux_sb_copy_data(struct f
 	in_save = in_end = orig;
 
 	do {
-		if (*in_end == ',' || *in_end == '\0') {
+		if (*in_end == '"') {
+			if (open_quote == 0)
+				open_quote -= 1;
+			else
+				open_quote += 1;
+		}
+		if (((*in_end == ',') && (open_quote == 0)) ||
+				*in_end == '\0') {
 			int len = in_end - in_curr;
 
 			if (selinux_option(in_curr, len))
-				take_option(&sec_curr, in_curr, &fsec, len);
+				take_selinux_option(&sec_curr, in_curr, &fsec, len);
 			else
 				take_option(&nosec, in_curr, &fnosec, len);
 

^ permalink raw reply related	[flat|nested] 4+ messages in thread

* Re: [RFC Patch 1/3] Context Mounts and Unsupported Contexts: kernel
  2006-08-15 15:56 [RFC Patch 1/3] Context Mounts and Unsupported Contexts: kernel Cory Olmo
@ 2006-08-15 19:21 ` James Morris
  2006-08-15 20:49   ` Cory Olmo
  0 siblings, 1 reply; 4+ messages in thread
From: James Morris @ 2006-08-15 19:21 UTC (permalink / raw)
  To: Cory Olmo; +Cc: selinux

On Tue, 15 Aug 2006, Cory Olmo wrote:

> This patch modifies selinux_sb_copy_data() so that it will only take an 
> option after seeing a ',' if it hasn't seen a quote or if the quotes are 
> matched. 


Why?


-- 
James Morris
<jmorris@namei.org>

--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [RFC Patch 1/3] Context Mounts and Unsupported Contexts: kernel
  2006-08-15 19:21 ` James Morris
@ 2006-08-15 20:49   ` Cory Olmo
  2006-08-16 13:58     ` James Morris
  0 siblings, 1 reply; 4+ messages in thread
From: Cory Olmo @ 2006-08-15 20:49 UTC (permalink / raw)
  To: James Morris; +Cc: selinux

On Tue, 15 Aug 2006 15:21:48 -0400
James Morris <jmorris@namei.org> wrote:

> On Tue, 15 Aug 2006, Cory Olmo wrote:
> 
> > This patch modifies selinux_sb_copy_data() so that it will only take
> an 
> > option after seeing a ',' if it hasn't seen a quote or if the quotes
> are 
> > matched. 
> 
> 
> Why?

Sorry the wording was poor on this one.  The goal is to allow the context 
portion of the option data to contain commas.  To do that I went with 
quoting the context.  In order for the quoted context to be taken as a 
single option, selinux_sb_copy_data() needed to know when it had seen an 
opening quote and be able to hold off on taking the option until it had 
seen the closing quote.  

This patch modifies selinux_sb_copy_data() to mark a flag value when it runs 
across a '"'.  This flag value is consulted each time a comma is 
encountered.  If the flag indicates that the current option has an embedded 
quote it will move on to the next character.  If the flag indicates that 
there is either a matched set of quotes or no quotes at all then the option 
can be taken.  If the option happens to be an selinux option then the new 
routine take_selinux_option() is called.  take_selinux_option() will copy the 
option to the previously allocated selinux data page.  While it is doing the 
copying it will skip any quotes present in the option so the data page contains 
only the raw unquoted context.  The previously used comma separator between 
options in the selinux data page is also replaced with a '|' character which 
allows try_context_mount() to properly extract whole context option strings 
as well.

> 
> 
> -- 
> James Morris
> <jmorris@namei.org>

--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [RFC Patch 1/3] Context Mounts and Unsupported Contexts: kernel
  2006-08-15 20:49   ` Cory Olmo
@ 2006-08-16 13:58     ` James Morris
  0 siblings, 0 replies; 4+ messages in thread
From: James Morris @ 2006-08-16 13:58 UTC (permalink / raw)
  To: Cory Olmo; +Cc: selinux

On Tue, 15 Aug 2006, Cory Olmo wrote:

> > Why?
> 
> Sorry the wording was poor on this one.  The goal is to allow the context 
> portion of the option data to contain commas.  To do that I went with 
> quoting the context.  In order for the quoted context to be taken as a 
> single option, selinux_sb_copy_data() needed to know when it had seen an 
> opening quote and be able to hold off on taking the option until it had 
> seen the closing quote.  

Thanks for the explanation.

Patches which are destined for upstream need, clear, concise descriptions 
which can be understood by general kernel developers.  I suggest also 
adding examples of the contexts to your description.


- James
-- 
James Morris
<jmorris@namei.org>

--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

^ permalink raw reply	[flat|nested] 4+ messages in thread

end of thread, other threads:[~2006-08-16 13:58 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2006-08-15 15:56 [RFC Patch 1/3] Context Mounts and Unsupported Contexts: kernel Cory Olmo
2006-08-15 19:21 ` James Morris
2006-08-15 20:49   ` Cory Olmo
2006-08-16 13:58     ` James Morris

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.