Re: [PATCH v3 3/14] selinux: more strict policy parsing

Next message: Paul Moore: "Re: [PATCH v3 8/14] selinux: reorder policydb_index()"
Previous message: Jiayuan Chen: "Re: [PATCH v2] mm/damon: replace damon_rand() with a per-ctx lockless PRNG"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Paul Moore

Date: Wed May 06 2026 - 19:43:17 EST

On May 11, 2025 =?UTF-8?q?Christian=20G=C3=B6ttsche?= <cgoettsche@xxxxxxxxxxxxx> wrote:
>
> Be more strict during parsing of policies and reject invalid values.
>
> Add some error messages in the case of policy parse failures, to
> enhance debugging, either on a malformed policy or a too strict check.
>
> Signed-off-by: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
> Acked-by: Stephen Smalley <stephen.smalley.work@xxxxxxxxx>
> ---
> v3:
> - incorporate the overflow checks on security classes from the
> previous patch, and permit U16_MAX as class ID
> - minimize the usage of magic values, by using macros or trivial
> helper functions
> v2:
> accept unknown xperm specifiers to support backwards compatibility for
> future ones, suggested by Thiébaud
> ---
> security/selinux/include/security.h | 1 +
> security/selinux/ss/avtab.c | 35 ++++-
> security/selinux/ss/avtab.h | 13 ++
> security/selinux/ss/conditional.c | 18 +--
> security/selinux/ss/constraint.h | 1 +
> security/selinux/ss/policydb.c | 196 +++++++++++++++++++++++-----
> security/selinux/ss/policydb.h | 23 +++-
> security/selinux/ss/services.c | 6 +-
> 8 files changed, 233 insertions(+), 60 deletions(-)

I fixed the checkpatch.pl warning in pr_warn_once_policyload() but
otherwise this looks good to me, merged into selinux/dev. Thanks!

--
paul-moore.com