[ SEMANAGE ] Implement dbase_file_set, fix memleak

[ SEMANAGE ] Implement dbase_file_set, fix memleak

[Ivan Gyurdiev]

[-- Attachment #1: Type: text/plain, Size: 1136 bytes --]

Changes:
- implement dbase_file_set
- fix a memory leak in dbase_file_modify that I've been trying to find - 
there are no more leaks that I know of


=============
I'll be really busy until the middle of next week - not sure if I can 
get a many patches written.

A short TODO:
- interface: pass handle into sepol records, or implement status codes
- stub: implement interface parse/print
- stub: implement dbase_policydb_list
- fix: fix port key handling of modify() [ do not replace an entire 
range on weak match (not exact) ]
- improvement: track when the policy is modified, and do not rebuild on 
commit if it wasn't modified
- add error messages everywhere (and further propagate handle), and make 
sure they're user-friendly
- uncomment if0-ed code, add new semanage interfaces to semanage.h, and 
the map file

Not important at this time:
- stub: implement dbase_policydb_del    (not currently used)
- stub: implement dbase_policydb_flush  (not currently used)
- fix: users parser/genusers parser should not look for range substring 
- that's ambiguous
- fix: seusers parser should allow multiline MLS context with whitespace

[-- Attachment #2: libsemanage.dbase_file_set.diff --]
[-- Type: text/x-patch, Size: 1308 bytes --]

diff -Naurp --exclude CVS --exclude ChangeLog --exclude direct_api.c --exclude semanage_store.c --exclude VERSION --exclude libsemanage.map --exclude 'module_record*' --exclude 'database_directory*' --exclude Makefile old/libsemanage/src/database_file.c new/libsemanage/src/database_file.c
--- old/libsemanage/src/database_file.c	2005-10-25 09:06:53.000000000 -0400
+++ new/libsemanage/src/database_file.c	2005-10-26 19:28:35.000000000 -0400
@@ -388,14 +388,26 @@ static int dbase_file_set(
 	record_key_t* key,
 	record_t* data) {
 
+	cache_entry_t* entry;
+	int status;
+
 	if (enter_rw(handle, dbase) < 0)
 		goto err;
 
-        /* Stub */
-        key = NULL;
-        data = NULL;
+	status = dbase_file_cache_locate(handle, dbase, key, &entry);
+	if (status < 0)
+		goto err;
+        if (status == STATUS_NODATA) {
+		/* FIXME: handle error */
+		goto err;
+	}
+	else {
+		dbase->rtable->free(entry->data);
+		entry->data = data;
+	}
+
 	dbase->modified = 1;
-        return STATUS_ERR;
+        return STATUS_SUCCESS;
 
 	err:
 	/* FIXME: handle error */
@@ -422,8 +434,10 @@ static int dbase_file_modify(
 		if (dbase_file_cache_add(dbase, data) < 0)
 			goto err;
 	}
-	else
+	else {
+		dbase->rtable->free(entry->data);
 		entry->data = data;
+	}
 
 	dbase->modified = 1;
 	return STATUS_SUCCESS;

Re: [ SEMANAGE ] Implement dbase_file_set, fix memleak

[Ivan Gyurdiev]

>
> A short TODO:
> - interface: pass handle into sepol records, or implement status codes
> - stub: implement interface parse/print
> - stub: implement dbase_policydb_list
> - fix: fix port key handling of modify() [ do not replace an entire 
> range on weak match (not exact) ]
> - improvement: track when the policy is modified, and do not rebuild 
> on commit if it wasn't modified
> - add error messages everywhere (and further propagate handle), and 
> make sure they're user-friendly
> - uncomment if0-ed code, add new semanage interfaces to semanage.h, 
> and the map file

Another TODO:
============
- investigate whether database functions should be made reentrant, 
exactly what kind of code can and cannot be executed in the iterate() 
handler, and document that  - things like: are modify() functions 
allowed on the same database in iterate()? Other databases? queries()? 
Out-of-transaction vs in-transaction behavior?


--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

Re: [ SEMANAGE ] Implement dbase_file_set, fix memleak

[Stephen Smalley]

On Wed, 2005-10-26 at 19:42 -0400, Ivan Gyurdiev wrote:
> Changes:
> - implement dbase_file_set
> - fix a memory leak in dbase_file_modify that I've been trying to find - 
> there are no more leaks that I know of

Merged both patches (query APIs, dbase_file_set) as of libsemanage
1.3.36.

-- 
Stephen Smalley
National Security Agency


--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.

Re: [ SEMANAGE ] Implement dbase_file_set, fix memleak

[Ivan Gyurdiev]

[-- Attachment #1: Type: text/plain, Size: 246 bytes --]

... (back on-list)
>
> Conclusion:
> - should be safe to uncomment all the code (in theory :)
Here... (but the other things mentioned still need to be addressed).

Changes:
- enable some things for testing: semanage users, seusers, booleans.





[-- Attachment #2: libsemanage.enable_dbase1.diff --]
[-- Type: text/x-patch, Size: 3266 bytes --]

diff -Naurp --exclude CVS --exclude ChangeLog --exclude VERSION --exclude 'module_record*' --exclude 'database_directory*' --exclude Makefile old/libsemanage/include/semanage/semanage.h new/libsemanage/include/semanage/semanage.h
--- old/libsemanage/include/semanage/semanage.h	2005-10-25 08:25:32.000000000 -0400
+++ new/libsemanage/include/semanage/semanage.h	2005-10-27 11:18:46.000000000 -0400
@@ -25,4 +25,26 @@
 #include <semanage/modules.h>
 #include <semanage/debug.h>
 
+/* Records */
+#include <semanage/boolean_record.h>
+#include <semanage/user_record.h>
+#include <semanage/seuser_record.h>
+#if 0
+#include <semanage/iface_record.h>
+#include <semanage/port_record.h>
+#endif
+
+/* Dbase */
+#include <semanage/booleans_local.h>
+#include <semanage/booleans_policy.h>
+#include <semanage/users_local.h>
+#include <semanage/users_policy.h>
+#include <semanage/seusers.h>
+#if 0
+#include <semanage/ports_local.h>
+#include <semanage/ports_policy.h>
+#include <semanage/interfaces_local.h>
+#include <semanage/interfaces_policy.h>
+#endif
+
 #endif
diff -Naurp --exclude CVS --exclude ChangeLog --exclude VERSION --exclude 'module_record*' --exclude 'database_directory*' --exclude Makefile old/libsemanage/src/direct_api.c new/libsemanage/src/direct_api.c
--- old/libsemanage/src/direct_api.c	2005-10-25 08:25:32.000000000 -0400
+++ new/libsemanage/src/direct_api.c	2005-10-27 10:49:39.000000000 -0400
@@ -349,11 +349,9 @@ static int semanage_direct_commit(semana
 	if (semanage_verify_kernel(sh) != 0)
 		goto cleanup;
 
-#if 0
 	/* Commit changes to components */
 	if (semanage_commit_components(sh) < 0)
 		goto cleanup;
-#endif
 
 	retval = semanage_install_sandbox(sh);
 
diff -Naurp --exclude CVS --exclude ChangeLog --exclude VERSION --exclude 'module_record*' --exclude 'database_directory*' --exclude Makefile old/libsemanage/src/libsemanage.map new/libsemanage/src/libsemanage.map
--- old/libsemanage/src/libsemanage.map	2005-10-25 08:25:32.000000000 -0400
+++ new/libsemanage/src/libsemanage.map	2005-10-27 11:22:53.000000000 -0400
@@ -9,5 +9,6 @@ LIBSEMANAGE_1.0 {
 	  semanage_module_list_nth; semanage_module_get_name;
 	  semanage_module_get_version; semanage_select_store;
 	  semanage_reload_policy; semanage_set_reload;
+	  semanage_user_*; semanage_bool_*; semanage_seuser_*;
   local: *;
 };
diff -Naurp --exclude CVS --exclude ChangeLog --exclude VERSION --exclude 'module_record*' --exclude 'database_directory*' --exclude Makefile old/libsemanage/src/semanage_store.c new/libsemanage/src/semanage_store.c
--- old/libsemanage/src/semanage_store.c	2005-10-25 08:25:32.000000000 -0400
+++ new/libsemanage/src/semanage_store.c	2005-10-25 22:06:48.000000000 -0400
@@ -1351,7 +1351,6 @@ int semanage_expand_sandbox(semanage_han
 		goto cleanup;
 	}
 
-#if 0
 	dbase_policydb_attach(sh, semanage_user_dbase_policy(sh)->dbase, out);
 	dbase_policydb_attach(sh, semanage_port_dbase_policy(sh)->dbase, out);
 	dbase_policydb_attach(sh, semanage_iface_dbase_policy(sh)->dbase, out);
@@ -1368,7 +1367,6 @@ int semanage_expand_sandbox(semanage_han
 		ERR(sh, "Unable to merge local modifications into policy.");
 		goto cleanup;
 	}
-#endif
 
 	if ((kernel_filename = semanage_path(SEMANAGE_TMP, SEMANAGE_KERNEL)) == NULL) {
 		goto cleanup;