selinux: don't produce incorrect filename_trans_count

I thought I fixed the counting in filename_trans_read_helper() to count the compat rule count correctly in the final version, but it's still wrong. To really count the same thing as in the compat path, we'd need to add up the cardinalities of stype bitmaps of all datums. Since the kernel currently doesn't implement an ebitmap_cardinality() function (and computing the proper count would just waste CPU cycles anyway), just document that we use the field only in case of the old format and stop updating it in filename_trans_read_helper(). Fixes: 43005902 ("selinux: implement new format of filename transitions") Signed-off-by: Ondrej Mosnacek <omosnace@redhat.com> Signed-off-by: Paul Moore <paul@paul-moore.com>

selinux: don't produce incorrect filename_trans_count
I thought I fixed the counting in filename_trans_read_helper() to count the compat rule count correctly in the final version, but it's still wrong. To really count the same thing as in the compat path, we'd need to add up the cardinalities of stype bitmaps of all datums. Since the kernel currently doesn't implement an ebitmap_cardinality() function (and computing the proper count would just waste CPU cycles anyway), just document that we use the field only in case of the old format and stop updating it in filename_trans_read_helper(). Fixes: 43005902 ("selinux: implement new format of filename transitions") Signed-off-by: Ondrej Mosnacek <omosnace@redhat.com> Signed-off-by: Paul Moore <paul@paul-moore.com>
9521eb3e · Ondrej Mosnacek · Paul Moore · 43005902 · 9521eb3e · 9521eb3e
Commit 9521eb3e authored Apr 20, 2020 by Ondrej Mosnacek Committed by Paul Moore Apr 22, 2020
Hide whitespace changes
Inline Side-by-side

Showing with 5 additions and 9 deletions

security/selinux/ss/policydb.c security/selinux/ss/policydb.c +3 -8

security/selinux/ss/policydb.h security/selinux/ss/policydb.h +2 -1

No files found.
--- a/security/selinux/ss/policydb.c
+++ b/security/selinux/ss/policydb.c
@@ -2016,12 +2016,7 @@ static int filename_trans_read_helper(struct policydb *p, void *fp)
 	if (rc)
 		goto out;
-	rc = ebitmap_set_bit(&p->filename_trans_ttypes, ttype, 1);
+	return ebitmap_set_bit(&p->filename_trans_ttypes, ttype, 1);
-	if (rc)
-		return rc;
-	p->filename_trans_count += ndatum;
-	return 0;
 out:
 	kfree(ft);
@@ -2051,7 +2046,7 @@ static int filename_trans_read(struct policydb *p, void *fp)
 	nel = le32_to_cpu(buf[0]);
 	if (p->policyvers < POLICYDB_VERSION_COMP_FTRANS) {
-		p->filename_trans_count = nel;
+		p->compat_filename_trans_count = nel;
 		p->filename_trans = hashtab_create(filenametr_hash,
 						   filenametr_cmp, (1 << 11));
 		if (!p->filename_trans)
@@ -3568,7 +3563,7 @@ static int filename_trans_write(struct policydb *p, void *fp)
 		return 0;
 	if (p->policyvers < POLICYDB_VERSION_COMP_FTRANS) {
-		buf[0] = cpu_to_le32(p->filename_trans_count);
+		buf[0] = cpu_to_le32(p->compat_filename_trans_count);
 		rc = put_entry(buf, sizeof(u32), 1, fp);
 		if (rc)
 			return rc;

--- a/security/selinux/ss/policydb.h
+++ b/security/selinux/ss/policydb.h
@@ -270,7 +270,8 @@ struct policydb {
 	struct ebitmap filename_trans_ttypes;
 	/* actual set of filename_trans rules */
 	struct hashtab *filename_trans;
-	u32 filename_trans_count;
+	/* only used if policyvers < POLICYDB_VERSION_COMP_FTRANS */
+	u32 compat_filename_trans_count;
 	/* bools indexed by (value - 1) */
 	struct cond_bool_datum **bool_val_to_struct;