* [ SEMANAGE ] Implement dbase_file_set, fix memleak
@ 2005-10-26 23:42 Ivan Gyurdiev
2005-10-27 8:37 ` Ivan Gyurdiev
` (2 more replies)
0 siblings, 3 replies; 4+ messages in thread
From: Ivan Gyurdiev @ 2005-10-26 23:42 UTC (permalink / raw)
To: selinux; +Cc: Stephen Smalley, Joshua Brindle
[-- Attachment #1: Type: text/plain, Size: 1136 bytes --]
Changes:
- implement dbase_file_set
- fix a memory leak in dbase_file_modify that I've been trying to find -
there are no more leaks that I know of
=============
I'll be really busy until the middle of next week - not sure if I can
get a many patches written.
A short TODO:
- interface: pass handle into sepol records, or implement status codes
- stub: implement interface parse/print
- stub: implement dbase_policydb_list
- fix: fix port key handling of modify() [ do not replace an entire
range on weak match (not exact) ]
- improvement: track when the policy is modified, and do not rebuild on
commit if it wasn't modified
- add error messages everywhere (and further propagate handle), and make
sure they're user-friendly
- uncomment if0-ed code, add new semanage interfaces to semanage.h, and
the map file
Not important at this time:
- stub: implement dbase_policydb_del (not currently used)
- stub: implement dbase_policydb_flush (not currently used)
- fix: users parser/genusers parser should not look for range substring
- that's ambiguous
- fix: seusers parser should allow multiline MLS context with whitespace
[-- Attachment #2: libsemanage.dbase_file_set.diff --]
[-- Type: text/x-patch, Size: 1308 bytes --]
diff -Naurp --exclude CVS --exclude ChangeLog --exclude direct_api.c --exclude semanage_store.c --exclude VERSION --exclude libsemanage.map --exclude 'module_record*' --exclude 'database_directory*' --exclude Makefile old/libsemanage/src/database_file.c new/libsemanage/src/database_file.c
--- old/libsemanage/src/database_file.c 2005-10-25 09:06:53.000000000 -0400
+++ new/libsemanage/src/database_file.c 2005-10-26 19:28:35.000000000 -0400
@@ -388,14 +388,26 @@ static int dbase_file_set(
record_key_t* key,
record_t* data) {
+ cache_entry_t* entry;
+ int status;
+
if (enter_rw(handle, dbase) < 0)
goto err;
- /* Stub */
- key = NULL;
- data = NULL;
+ status = dbase_file_cache_locate(handle, dbase, key, &entry);
+ if (status < 0)
+ goto err;
+ if (status == STATUS_NODATA) {
+ /* FIXME: handle error */
+ goto err;
+ }
+ else {
+ dbase->rtable->free(entry->data);
+ entry->data = data;
+ }
+
dbase->modified = 1;
- return STATUS_ERR;
+ return STATUS_SUCCESS;
err:
/* FIXME: handle error */
@@ -422,8 +434,10 @@ static int dbase_file_modify(
if (dbase_file_cache_add(dbase, data) < 0)
goto err;
}
- else
+ else {
+ dbase->rtable->free(entry->data);
entry->data = data;
+ }
dbase->modified = 1;
return STATUS_SUCCESS;
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [ SEMANAGE ] Implement dbase_file_set, fix memleak
2005-10-26 23:42 [ SEMANAGE ] Implement dbase_file_set, fix memleak Ivan Gyurdiev
@ 2005-10-27 8:37 ` Ivan Gyurdiev
2005-10-27 13:49 ` Stephen Smalley
[not found] ` <4360E189.2010304@tresys.com>
2 siblings, 0 replies; 4+ messages in thread
From: Ivan Gyurdiev @ 2005-10-27 8:37 UTC (permalink / raw)
To: selinux; +Cc: Stephen Smalley, Joshua Brindle
>
> A short TODO:
> - interface: pass handle into sepol records, or implement status codes
> - stub: implement interface parse/print
> - stub: implement dbase_policydb_list
> - fix: fix port key handling of modify() [ do not replace an entire
> range on weak match (not exact) ]
> - improvement: track when the policy is modified, and do not rebuild
> on commit if it wasn't modified
> - add error messages everywhere (and further propagate handle), and
> make sure they're user-friendly
> - uncomment if0-ed code, add new semanage interfaces to semanage.h,
> and the map file
Another TODO:
============
- investigate whether database functions should be made reentrant,
exactly what kind of code can and cannot be executed in the iterate()
handler, and document that - things like: are modify() functions
allowed on the same database in iterate()? Other databases? queries()?
Out-of-transaction vs in-transaction behavior?
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [ SEMANAGE ] Implement dbase_file_set, fix memleak
2005-10-26 23:42 [ SEMANAGE ] Implement dbase_file_set, fix memleak Ivan Gyurdiev
2005-10-27 8:37 ` Ivan Gyurdiev
@ 2005-10-27 13:49 ` Stephen Smalley
[not found] ` <4360E189.2010304@tresys.com>
2 siblings, 0 replies; 4+ messages in thread
From: Stephen Smalley @ 2005-10-27 13:49 UTC (permalink / raw)
To: Ivan Gyurdiev; +Cc: selinux, Joshua Brindle
On Wed, 2005-10-26 at 19:42 -0400, Ivan Gyurdiev wrote:
> Changes:
> - implement dbase_file_set
> - fix a memory leak in dbase_file_modify that I've been trying to find -
> there are no more leaks that I know of
Merged both patches (query APIs, dbase_file_set) as of libsemanage
1.3.36.
--
Stephen Smalley
National Security Agency
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [ SEMANAGE ] Implement dbase_file_set, fix memleak
[not found] ` <4360EE32.9040706@cornell.edu>
@ 2005-10-27 15:27 ` Ivan Gyurdiev
0 siblings, 0 replies; 4+ messages in thread
From: Ivan Gyurdiev @ 2005-10-27 15:27 UTC (permalink / raw)
To: Ivan Gyurdiev <ivg2@cornell.edu>
Cc: Joshua Brindle, Stephen Smalley, Karl MacMillan, Chad Sellers,
Daniel J Walsh
[-- Attachment #1: Type: text/plain, Size: 246 bytes --]
... (back on-list)
>
> Conclusion:
> - should be safe to uncomment all the code (in theory :)
Here... (but the other things mentioned still need to be addressed).
Changes:
- enable some things for testing: semanage users, seusers, booleans.
[-- Attachment #2: libsemanage.enable_dbase1.diff --]
[-- Type: text/x-patch, Size: 3266 bytes --]
diff -Naurp --exclude CVS --exclude ChangeLog --exclude VERSION --exclude 'module_record*' --exclude 'database_directory*' --exclude Makefile old/libsemanage/include/semanage/semanage.h new/libsemanage/include/semanage/semanage.h
--- old/libsemanage/include/semanage/semanage.h 2005-10-25 08:25:32.000000000 -0400
+++ new/libsemanage/include/semanage/semanage.h 2005-10-27 11:18:46.000000000 -0400
@@ -25,4 +25,26 @@
#include <semanage/modules.h>
#include <semanage/debug.h>
+/* Records */
+#include <semanage/boolean_record.h>
+#include <semanage/user_record.h>
+#include <semanage/seuser_record.h>
+#if 0
+#include <semanage/iface_record.h>
+#include <semanage/port_record.h>
+#endif
+
+/* Dbase */
+#include <semanage/booleans_local.h>
+#include <semanage/booleans_policy.h>
+#include <semanage/users_local.h>
+#include <semanage/users_policy.h>
+#include <semanage/seusers.h>
+#if 0
+#include <semanage/ports_local.h>
+#include <semanage/ports_policy.h>
+#include <semanage/interfaces_local.h>
+#include <semanage/interfaces_policy.h>
+#endif
+
#endif
diff -Naurp --exclude CVS --exclude ChangeLog --exclude VERSION --exclude 'module_record*' --exclude 'database_directory*' --exclude Makefile old/libsemanage/src/direct_api.c new/libsemanage/src/direct_api.c
--- old/libsemanage/src/direct_api.c 2005-10-25 08:25:32.000000000 -0400
+++ new/libsemanage/src/direct_api.c 2005-10-27 10:49:39.000000000 -0400
@@ -349,11 +349,9 @@ static int semanage_direct_commit(semana
if (semanage_verify_kernel(sh) != 0)
goto cleanup;
-#if 0
/* Commit changes to components */
if (semanage_commit_components(sh) < 0)
goto cleanup;
-#endif
retval = semanage_install_sandbox(sh);
diff -Naurp --exclude CVS --exclude ChangeLog --exclude VERSION --exclude 'module_record*' --exclude 'database_directory*' --exclude Makefile old/libsemanage/src/libsemanage.map new/libsemanage/src/libsemanage.map
--- old/libsemanage/src/libsemanage.map 2005-10-25 08:25:32.000000000 -0400
+++ new/libsemanage/src/libsemanage.map 2005-10-27 11:22:53.000000000 -0400
@@ -9,5 +9,6 @@ LIBSEMANAGE_1.0 {
semanage_module_list_nth; semanage_module_get_name;
semanage_module_get_version; semanage_select_store;
semanage_reload_policy; semanage_set_reload;
+ semanage_user_*; semanage_bool_*; semanage_seuser_*;
local: *;
};
diff -Naurp --exclude CVS --exclude ChangeLog --exclude VERSION --exclude 'module_record*' --exclude 'database_directory*' --exclude Makefile old/libsemanage/src/semanage_store.c new/libsemanage/src/semanage_store.c
--- old/libsemanage/src/semanage_store.c 2005-10-25 08:25:32.000000000 -0400
+++ new/libsemanage/src/semanage_store.c 2005-10-25 22:06:48.000000000 -0400
@@ -1351,7 +1351,6 @@ int semanage_expand_sandbox(semanage_han
goto cleanup;
}
-#if 0
dbase_policydb_attach(sh, semanage_user_dbase_policy(sh)->dbase, out);
dbase_policydb_attach(sh, semanage_port_dbase_policy(sh)->dbase, out);
dbase_policydb_attach(sh, semanage_iface_dbase_policy(sh)->dbase, out);
@@ -1368,7 +1367,6 @@ int semanage_expand_sandbox(semanage_han
ERR(sh, "Unable to merge local modifications into policy.");
goto cleanup;
}
-#endif
if ((kernel_filename = semanage_path(SEMANAGE_TMP, SEMANAGE_KERNEL)) == NULL) {
goto cleanup;
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2005-10-27 15:27 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2005-10-26 23:42 [ SEMANAGE ] Implement dbase_file_set, fix memleak Ivan Gyurdiev
2005-10-27 8:37 ` Ivan Gyurdiev
2005-10-27 13:49 ` Stephen Smalley
[not found] ` <4360E189.2010304@tresys.com>
[not found] ` <4360E87D.6030504@cornell.edu>
[not found] ` <4360E94D.7040101@cornell.edu>
[not found] ` <4360EACD.80008@cornell.edu>
[not found] ` <4360EE32.9040706@cornell.edu>
2005-10-27 15:27 ` Ivan Gyurdiev
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.