Commits · 610a4b1c32490ac9f6f7ca0fafba8c182a542934 · CodeLinaro / public-release-test / platform / system / sepolicy

Oct 16, 2013

tools: update lengths from int to size_t · 610a4b1c
William Roberts authored 11 years ago
```
Change-Id: If4839218b200a0d90bdf7779d2e039719fae85a5
```
610a4b1c

tools: require that seinfo and packagename be used · 61846291

William Roberts authored 11 years ago

Modify check_seapp.c to verify that a packagname (name)
must be specified with a signing key (seinfo). This will
help thwart spoof attacks on the packagename.

Change-Id: I8f1aa8a479cb5beb5c3522d85e3181604931ea72

61846291

Oct 15, 2013

tools: drop unused field in struct · d1f1070a

William Roberts authored 11 years ago

check_seapp at one point in time switch from a home implementation
of a hash table to using GLIBC search.h routines. A struct in one
of the fields was never removed during this transition.

Change-Id: I65c028103ffe90fa52e0b3c9fce28124ed9c7ff9

d1f1070a

Apr 29, 2013
- Support strict duplicate checking · 63297211
  William Roberts authored 11 years ago
```
Change-Id: I3bb4755b86a90414a3912c8099dd7a4389249b24
```
  63297211
Apr 20, 2013
- Fix segfault on -v with duplicates · 1e8c061b
  William Roberts authored 11 years ago
```
Change-Id: Ic040af5cfcd1be22074a691ecdd01e890866bc19
```
  1e8c061b
Mar 20, 2013

Generalize levelFromUid support. · 38084146

Stephen Smalley authored 12 years ago


Introduce a levelFrom=none|app|user|all syntax for specifying
per-app, per-user, or per-combination level assignment.
levelFromUid=true|false remains valid syntax but is deprecated.
levelFromUid=true is equivalent to levelFrom=app.

Update check_seapp to accept the new syntax.
Update seapp_contexts to document the new syntax and switch
from levelFromUid=true to levelFrom=app.  No change in behavior.

Change-Id: Ibaddeed9bc3e2586d524efc2f1faa5ce65dea470
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>

38084146

Nov 27, 2012
- Whitespace and doxygen fix · fff2980a
  William Roberts authored 12 years ago
```
Change-Id: I7b6ad050051854120dc8031b17da6aec0e644be3
```
  fff2980a
Nov 01, 2012
- Moved Android policy tools to tools directory · cdfb06f5
  Alice Chu authored 12 years ago
```
Change-Id: I57b0dd9f8071eae492020f410c87f465ba820711
```
  cdfb06f5
Oct 30, 2012
- Change 0 to NULL Byte · f6647eb9
  Alice Chu authored 12 years ago
```
Change-Id: I16b47f8dbf64e8dffb550b5a89321f920604ef7a
```
  f6647eb9
Oct 23, 2012

Add double free protection to checkseapp. · 5dbfdc0b

rpcraig authored 12 years ago


A double free error occurs when building with non glibc
devices. The hdestroy() function frees all comparison
keys internally in these cases. So avoid an explicit
call to free().

Change-Id: If9c5dc1a969605cd1eeb9218de02a9f8dbbd3ae1
Signed-off-by: rpcraig <rpcraig@tycho.ncsc.mil>

5dbfdc0b

Sep 17, 2012

Fix for segfault/jmp depends on unitialized variable · b3ab56c2

William Roberts authored 12 years ago

When realloc creates the first block of memory, it must
be initialized to NULL for the following strcat functions
to operate correctly.

Change-Id: I98fc14e1b19de5aa205354d16e54445293430d8e

b3ab56c2

Fix check_seapp segfault and undefined linking err · a53ccf39

William Roberts authored 12 years ago

When LINK_SEPOL_STATIC was not defined, symbol
log_warning was trying to be resolved by the linker.
That symbol was not defined as it should have been
log_warn and not log_warning.

When a key would be validated in key_map_validate(), an
unchecked key, like user, could cuase a segfault when
the se_key was getting free'd no matter what at the end
of the function, even if no se_key was alloc'd.

Change-Id: If334ba7350e6d2ad1fa9bed142bb2fabe7caa057

a53ccf39

Sep 05, 2012
- Corrected gramatical issues · ae23a1f3
  William Roberts authored 12 years ago
```
Change-Id: I62ce62475f4a17d278243cc96db773872b2dc89c
```
  ae23a1f3
- Added new line to end of file · a8613180
  William Roberts authored 12 years ago
```
Change-Id: I4f0576a47ca2e99bca719bf321349c7d7d05cd3c
```
  a8613180
Sep 04, 2012

Fix mls checking code · 0ae3a8a2
William Roberts authored 12 years ago
```
Change-Id: I614caa520e218f8f148eef641fed2301571da8e1
```
0ae3a8a2

Support overrides in seapp_contexts · f0e0a94e

William Roberts authored 12 years ago

Provides support for overriding seapp_contexts declerations
in per device seapp_contexts files.

Change-Id: I23a0ffa1d24f1ce57825b168f29a2e885d3e1c51

f0e0a94e