From 48212742b260512ba4e5cf50fe6f5d72cc90f2b1 Mon Sep 17 00:00:00 2001
From: Nick Kralevich <nnk@google.com>
Date: Sun, 15 Jun 2014 08:41:55 -0700
Subject: [PATCH] Don't allow types which are both file_type and fs_type

It's a bug to have a type with both the file_type and fs_type
attribute. A type should be declared with either file_type,
or fs_type, but not both.

Create a neverallow rule which detects this situation. This works
because we have the following allow rule:

  allow fs_type self:filesystem associate;

If a type is a file_type and an fs_type, the associate allow rule
will conflict with this neverallow rule.

Not sure if this is the cleanest way to accomplish this, but it
seems to work.

Change-Id: Ida387b1df260efca15de38ae7a66ed25e353acaa
---
 file.te | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/file.te b/file.te
index b031d747c..4e2b717e6 100644
--- a/file.te
+++ b/file.te
@@ -154,3 +154,12 @@ allow file_type labeledfs:filesystem associate;
 allow file_type tmpfs:filesystem associate;
 allow file_type rootfs:filesystem associate;
 allow dev_type tmpfs:filesystem associate;
+
+# It's a bug to assign the file_type attribute and fs_type attribute
+# to any type. Do not allow it.
+#
+# For example, the following is a bug:
+#   type apk_data_file, file_type, data_file_type, fs_type;
+# Should be:
+#   type apk_data_file, file_type, data_file_type;
+neverallow fs_type file_type:filesystem *;
-- 
GitLab