am 565861ae: Update to checkpolicy 2.4.

* commit '565861ae694b706999e672b7e8173a500988f5e1':
  Update to checkpolicy 2.4.

12 files changed, 186 insertions, 56 deletions

diff --git a/ChangeLog b/ChangeLog
index 0c76070..127cd6a 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,17 @@
+2.4 2015-02-02
+	* Fix bugs found by hardened gcc flags, from Nicolas Iooss.
+	* Add missing semicolon in cond_else parser rule, from Steven Capelli.
+	* Clear errno before call to strtol(3) from Dan Albert.
+	* Global C++11 compatibility from Dan Albert.
+	* Allow libsepol C++ static library on device from Daniel Cashman.
+
+2.3 2014-05-06
+	* Add Android support for building dispol.
+	* Report source file and line information for neverallow failures.
+	* Prevent incompatible option combinations for checkmodule.
+	* Drop -lselinux from LDLIBS for test programs; not used.
+	* Add debug feature to display constraints/validatetrans from Richard Haines.
+
 2.2 2013-10-30
 	* Fix hyphen usage in man pages from Laurent Bigonville.
 	* handle-unknown / -U required argument fix from Laurent Bigonville.
diff --git a/VERSION b/VERSION
index 8bbe6cf..6b4950e 100644
--- a/VERSION
+++ b/VERSION
@@ -1 +1 @@
-2.2
+2.4
diff --git a/checkmodule.c b/checkmodule.c
index 41ebab5..0255928 100644
--- a/checkmodule.c
+++ b/checkmodule.c
@@ -41,13 +41,13 @@ static sidtab_t sidtab;
 extern int mlspol;
 
 static int handle_unknown = SEPOL_DENY_UNKNOWN;
-static char *txtfile = "policy.conf";
-static char *binfile = "policy";
+static const char *txtfile = "policy.conf";
+static const char *binfile = "policy";
 
 unsigned int policy_type = POLICY_BASE;
 unsigned int policyvers = MOD_POLICYDB_VERSION_MAX;
 
-static int read_binary_policy(policydb_t * p, char *file, char *progname)
+static int read_binary_policy(policydb_t * p, const char *file, const char *progname)
 {
 	int fd;
 	struct stat sb;
@@ -108,7 +108,7 @@ static int read_binary_policy(policydb_t * p, char *file, char *progname)
 	return 0;
 }
 
-static int write_binary_policy(policydb_t * p, char *file, char *progname)
+static int write_binary_policy(policydb_t * p, const char *file, char *progname)
 {
 	FILE *outfp = NULL;
 	struct policy_file pf;
@@ -161,7 +161,7 @@ static void usage(char *progname)
 
 int main(int argc, char **argv)
 {
-	char *file = txtfile, *outfile = NULL;
+	const char *file = txtfile, *outfile = NULL;
 	unsigned int binary = 0;
 	int ch;
 	int show_version = 0;
@@ -224,8 +224,12 @@ int main(int argc, char **argv)
 	}
 
 	if (handle_unknown && (policy_type != POLICY_BASE)) {
-		printf("Handling of unknown classes and permissions is only ");
-		printf("valid in the base module\n");
+		fprintf(stderr, "%s:  Handling of unknown classes and permissions is only valid in the base module.\n", argv[0]);
+		exit(1);
+	}
+
+	if (binary && (policy_type != POLICY_BASE)) {
+		fprintf(stderr, "%s:  -b and -m are incompatible with each other.\n", argv[0]);
 		exit(1);
 	}
 
diff --git a/checkpolicy.c b/checkpolicy.c
index 2a09734..61a2e89 100644
--- a/checkpolicy.c
+++ b/checkpolicy.c
@@ -96,8 +96,8 @@ extern policydb_t *policydbp;
 extern int mlspol;
 
 static int handle_unknown = SEPOL_DENY_UNKNOWN;
-static char *txtfile = "policy.conf";
-static char *binfile = "policy";
+static const char *txtfile = "policy.conf";
+static const char *binfile = "policy";
 
 unsigned int policyvers = POLICYDB_VERSION_MAX;
 
@@ -289,9 +289,9 @@ static int identify_equiv_types(void)
 
 extern char *av_to_string(uint32_t tclass, sepol_access_vector_t av);
 
-int display_bools()
+int display_bools(void)
 {
-	int i;
+	uint32_t i;
 
 	for (i = 0; i < policydbp->p_bools.nprim; i++) {
 		printf("%s : %d\n", policydbp->p_bool_val_to_name[i],
@@ -335,7 +335,7 @@ void display_expr(cond_expr_t * exp)
 	}
 }
 
-int display_cond_expressions()
+int display_cond_expressions(void)
 {
 	cond_node_t *cur;
 
@@ -361,7 +361,7 @@ int change_bool(char *name, int state)
 	return 0;
 }
 
-static int check_level(hashtab_key_t key, hashtab_datum_t datum, void *arg)
+static int check_level(hashtab_key_t key, hashtab_datum_t datum, void *arg __attribute__ ((unused)))
 {
 	level_datum_t *levdatum = (level_datum_t *) datum;
 
@@ -377,11 +377,12 @@ static int check_level(hashtab_key_t key, hashtab_datum_t datum, void *arg)
 int main(int argc, char **argv)
 {
 	sepol_security_class_t tclass;
-	sepol_security_id_t ssid, tsid, *sids;
+	sepol_security_id_t ssid, tsid, *sids, oldsid, newsid, tasksid;
 	sepol_security_context_t scontext;
 	struct sepol_av_decision avd;
 	class_datum_t *cladatum;
-	char ans[80 + 1], *file = txtfile, *outfile = NULL, *path, *fstype;
+	const char *file = txtfile;
+	char ans[80 + 1], *outfile = NULL, *path, *fstype;
 	size_t scontext_len, pathlen;
 	unsigned int i;
 	unsigned int protocol, port;
@@ -395,6 +396,9 @@ int main(int argc, char **argv)
 	char *name;
 	int state;
 	int show_version = 0;
+	char *reason_buf = NULL;
+	unsigned int reason;
+	int flags;
 	struct policy_file pf;
 	struct option long_options[] = {
 		{"output", required_argument, NULL, 'o'},
@@ -646,6 +650,8 @@ int main(int argc, char **argv)
 	printf("f)  display conditional bools\n");
 	printf("g)  display conditional expressions\n");
 	printf("h)  change a boolean value\n");
+	printf("i)  display constraint expressions\n");
+	printf("j)  display validatetrans expressions\n");
 #ifdef EQUIVTYPES
 	printf("z)  Show equivalent types\n");
 #endif
@@ -1062,6 +1068,109 @@ int main(int argc, char **argv)
 			change_bool(name, state);
 			free(name);
 			break;
+		case 'i':
+			printf("source sid?  ");
+			FGETS(ans, sizeof(ans), stdin);
+			ssid = atoi(ans);
+
+			printf("target sid?  ");
+			FGETS(ans, sizeof(ans), stdin);
+			tsid = atoi(ans);
+
+			printf("target class?  ");
+			FGETS(ans, sizeof(ans), stdin);
+			if (isdigit(ans[0])) {
+				tclass = atoi(ans);
+				if (!tclass
+				    || tclass > policydb.p_classes.nprim) {
+					printf("\nNo such class.\n");
+					break;
+				}
+				cladatum =
+				    policydb.class_val_to_struct[tclass - 1];
+			} else {
+				ans[strlen(ans) - 1] = 0;
+				cladatum =
+				    (class_datum_t *) hashtab_search(policydb.
+								     p_classes.
+								     table,
+								     ans);
+				if (!cladatum) {
+					printf("\nNo such class\n");
+					break;
+				}
+				tclass = cladatum->s.value;
+			}
+
+			flags = SHOW_GRANTED;
+			if (sepol_compute_av_reason_buffer(ssid, tsid,
+					tclass, 0, &avd, &reason,
+					&reason_buf, flags)) {
+				printf("\nconstraint error\n");
+				break;
+			}
+			if (reason_buf) {
+				printf("\nConstraint expressions:\n%s",
+						reason_buf);
+				free(reason_buf);
+			} else {
+				printf("\nNo constraints found.\n");
+			}
+			break;
+		case 'j':
+			printf("old sid?  ");
+			FGETS(ans, sizeof(ans), stdin);
+			oldsid = atoi(ans);
+
+			printf("new sid?  ");
+			FGETS(ans, sizeof(ans), stdin);
+			newsid = atoi(ans);
+
+			printf("task sid?  ");
+			FGETS(ans, sizeof(ans), stdin);
+			tasksid = atoi(ans);
+
+			printf("target class?  ");
+			FGETS(ans, sizeof(ans), stdin);
+			if (isdigit(ans[0])) {
+				tclass = atoi(ans);
+				if (!tclass
+				    || tclass > policydb.p_classes.nprim) {
+					printf("\nNo such class.\n");
+					break;
+				}
+				cladatum =
+				    policydb.class_val_to_struct[tclass - 1];
+			} else {
+				ans[strlen(ans) - 1] = 0;
+				cladatum =
+				    (class_datum_t *) hashtab_search(policydb.
+								     p_classes.
+								     table,
+								     ans);
+				if (!cladatum) {
+					printf("\nNo such class\n");
+					break;
+				}
+				tclass = cladatum->s.value;
+			}
+
+			flags = SHOW_GRANTED;
+			if (sepol_validate_transition_reason_buffer(oldsid,
+						newsid, tasksid, tclass,
+						&reason_buf, flags)) {
+				printf("\nvalidatetrans error\n");
+				break;
+			}
+			if (reason_buf) {
+				printf("\nValidatetrans expressions:\n%s",
+						reason_buf);
+				free(reason_buf);
+			} else {
+				printf(
+				    "\nNo validatetrans expressions found.\n");
+			}
+			break;
 #ifdef EQUIVTYPES
 		case 'z':
 			identify_equiv_types();
diff --git a/module_compiler.c b/module_compiler.c
index ffffaf1..d7f27f5 100644
--- a/module_compiler.c
+++ b/module_compiler.c
@@ -39,8 +39,9 @@ typedef struct scope_stack {
 
 extern policydb_t *policydbp;
 extern queue_t id_queue;
-extern int yyerror(char *msg);
-extern void yyerror2(char *fmt, ...);
+extern int yyerror(const char *msg);
+__attribute__ ((format(printf, 1, 2)))
+extern void yyerror2(const char *fmt, ...);
 
 static int push_stack(int stack_type, ...);
 static void pop_stack(void);
@@ -700,7 +701,7 @@ int add_perm_to_class(uint32_t perm_value, uint32_t class_value)
 	assert(class_value >= 1);
 	scope = &decl->required;
 	if (class_value > scope->class_perms_len) {
-		int i;
+		uint32_t i;
 		ebitmap_t *new_map = realloc(scope->class_perms_map,
 					     class_value * sizeof(*new_map));
 		if (new_map == NULL) {
@@ -1224,7 +1225,7 @@ int require_cat(int pass)
 
 static int is_scope_in_stack(scope_datum_t * scope, scope_stack_t * stack)
 {
-	int i;
+	uint32_t i;
 	if (stack == NULL) {
 		return 0;	/* no matching scope found */
 	}
@@ -1445,7 +1446,7 @@ int begin_optional(int pass)
 	return -1;
 }
 
-int end_optional(int pass)
+int end_optional(int pass __attribute__ ((unused)))
 {
 	/* once nested conditionals are allowed, do the stack unfolding here */
 	pop_stack();
@@ -1481,7 +1482,7 @@ int begin_optional_else(int pass)
 
 static int copy_requirements(avrule_decl_t * dest, scope_stack_t * stack)
 {
-	int i;
+	uint32_t i;
 	if (stack == NULL) {
 		return 0;
 	}
diff --git a/policy_define.c b/policy_define.c
index cfd255e..a6c5d65 100644
--- a/policy_define.c
+++ b/policy_define.c
@@ -63,8 +63,8 @@ extern unsigned long source_lineno;
 extern unsigned int policydb_errors;
 extern char source_file[PATH_MAX];
 
-extern int yywarn(char *msg);
-extern int yyerror(char *msg);
+extern int yywarn(const char *msg);
+extern int yyerror(const char *msg);
 
 #define ERRORMSG_LEN 255
 static char errormsg[ERRORMSG_LEN + 1] = {0};
@@ -81,7 +81,8 @@ void init_parser(int pass_number)
 	pass = pass_number;
 }
 
-void yyerror2(char *fmt, ...)
+__attribute__ ((format(printf, 1, 2)))
+void yyerror2(const char *fmt, ...)
 {
 	va_list ap;
 	va_start(ap, fmt);
@@ -106,7 +107,7 @@ int insert_separator(int push)
 	return 0;
 }
 
-int insert_id(char *id, int push)
+int insert_id(const char *id, int push)
 {
 	char *newid = 0;
 	int error;
@@ -827,7 +828,7 @@ int define_sens(void)
 int define_dominance(void)
 {
 	level_datum_t *datum;
-	int order;
+	uint32_t order;
 	char *id;
 
 	if (!mlspol) {
@@ -994,7 +995,7 @@ int define_category(void)
 	return -1;
 }
 
-static int clone_level(hashtab_key_t key, hashtab_datum_t datum, void *arg)
+static int clone_level(hashtab_key_t key __attribute__ ((unused)), hashtab_datum_t datum, void *arg)
 {
 	level_datum_t *levdatum = (level_datum_t *) datum;
 	mls_level_t *level = (mls_level_t *) arg, *newlevel;
@@ -2122,8 +2123,8 @@ role_datum_t *merge_roles_dom(role_datum_t * r1, role_datum_t * r2)
 }
 
 /* This function eliminates the ordering dependency of role dominance rule */
-static int dominate_role_recheck(hashtab_key_t key, hashtab_datum_t datum,
-				 void *arg)
+static int dominate_role_recheck(hashtab_key_t key __attribute__ ((unused)),
+				 hashtab_datum_t datum, void *arg)
 {
 	role_datum_t *rdp = (role_datum_t *) arg;
 	role_datum_t *rdatum = (role_datum_t *) datum;
@@ -3442,7 +3443,7 @@ static int parse_categories(char *id, level_datum_t * levdatum, ebitmap_t * cats
 	return 0;
 }
 
-static int parse_semantic_categories(char *id, level_datum_t * levdatum,
+static int parse_semantic_categories(char *id, level_datum_t * levdatum __attribute__ ((unused)),
 				     mls_semantic_cat_t ** cats)
 {
 	cat_datum_t *cdatum;
@@ -3959,7 +3960,7 @@ int define_iomem_context(unsigned long low, unsigned long high)
 	newc->u.iomem.high_iomem = high;
 
 	if (low > high) {
-		yyerror2("low memory 0x%x exceeds high memory 0x%x", low, high);
+		yyerror2("low memory 0x%lx exceeds high memory 0x%lx", low, high);
 		free(newc);
 		return -1;
 	}
@@ -3971,12 +3972,12 @@ int define_iomem_context(unsigned long low, unsigned long high)
 
 	head = policydbp->ocontexts[OCON_XEN_IOMEM];
 	for (l = NULL, c = head; c; l = c, c = c->next) {
-		unsigned int low2, high2;
+		uint32_t low2, high2;
 
 		low2 = c->u.iomem.low_iomem;
 		high2 = c->u.iomem.high_iomem;
 		if (low <= high2 && low2 <= high) {
-			yyerror2("iomemcon entry for 0x%x-0x%x overlaps with "
+			yyerror2("iomemcon entry for 0x%lx-0x%lx overlaps with "
 				"earlier entry 0x%x-0x%x", low, high,
 				low2, high2);
 			goto bad;
@@ -4023,7 +4024,7 @@ int define_ioport_context(unsigned long low, unsigned long high)
 	newc->u.ioport.high_ioport = high;
 
 	if (low > high) {
-		yyerror2("low ioport 0x%x exceeds high ioport 0x%x", low, high);
+		yyerror2("low ioport 0x%lx exceeds high ioport 0x%lx", low, high);
 		free(newc);
 		return -1;
 	}
@@ -4035,12 +4036,12 @@ int define_ioport_context(unsigned long low, unsigned long high)
 
 	head = policydbp->ocontexts[OCON_XEN_IOPORT];
 	for (l = NULL, c = head; c; l = c, c = c->next) {
-		unsigned int low2, high2;
+		uint32_t low2, high2;
 
 		low2 = c->u.ioport.low_ioport;
 		high2 = c->u.ioport.high_ioport;
 		if (low <= high2 && low2 <= high) {
-			yyerror2("ioportcon entry for 0x%x-0x%x overlaps with"
+			yyerror2("ioportcon entry for 0x%lx-0x%lx overlaps with"
 				"earlier entry 0x%x-0x%x", low, high,
 				low2, high2);
 			goto bad;
@@ -4096,7 +4097,7 @@ int define_pcidevice_context(unsigned long device)
 
 		device2 = c->u.device;
 		if (device == device2) {
-			yyerror2("duplicate pcidevicecon entry for 0x%x ",
+			yyerror2("duplicate pcidevicecon entry for 0x%lx",
 				 device);
 			goto bad;
 		}
diff --git a/policy_define.h b/policy_define.h
index 8bfd8f6..4ef0f4f 100644
--- a/policy_define.h
+++ b/policy_define.h
@@ -64,7 +64,7 @@ int define_typebounds(void);
 int define_type(int alias);
 int define_user(void);
 int define_validatetrans(constraint_expr_t *expr);
-int insert_id(char *id,int push);
+int insert_id(const char *id,int push);
 int insert_separator(int push);
 role_datum_t *define_role_dom(role_datum_t *r);
 role_datum_t *merge_roles_dom(role_datum_t *r1,role_datum_t *r2);
diff --git a/policy_parse.y b/policy_parse.y
index b40f413..15c8997 100644
--- a/policy_parse.y
+++ b/policy_parse.y
@@ -58,10 +58,10 @@ extern unsigned int pass;
 
 extern char yytext[];
 extern int yylex(void);
-extern int yywarn(char *msg);
-extern int yyerror(char *msg);
+extern int yywarn(const char *msg);
+extern int yyerror(const char *msg);
 
-typedef int (* require_func_t)();
+typedef int (* require_func_t)(int pass);
 
 %}
 
@@ -356,6 +356,7 @@ cond_else		: ELSE '{' cond_pol_list '}'
 			{ $$ = $3; }
 			| /* empty */ 
 			{ $$ = NULL; }
+			;
 cond_expr               : '(' cond_expr ')'
 			{ $$ = $2;}
 			| NOT cond_expr
diff --git a/policy_scan.l b/policy_scan.l
index 454bb84..3a73962 100644
--- a/policy_scan.l
+++ b/policy_scan.l
@@ -25,7 +25,7 @@
 #include <stdint.h>
 #include <string.h>
 
-typedef int (* require_func_t)();
+typedef int (* require_func_t)(void);
 
 #ifdef ANDROID
 #include "policy_parse.h"
@@ -35,7 +35,7 @@ typedef int (* require_func_t)();
 
 static char linebuf[2][255];
 static unsigned int lno = 0;
-int yywarn(char *msg);
+int yywarn(const char *msg);
 
 void set_source_file(const char *name);
 
@@ -272,7 +272,7 @@ LOW				{ return(LOW); }
 "*"				{ return(yytext[0]); } 
 .                               { yywarn("unrecognized character");}
 %%
-int yyerror(char *msg)
+int yyerror(const char *msg)
 {
 	if (source_file[0])
 		fprintf(stderr, "%s:%ld:",
@@ -288,7 +288,7 @@ int yyerror(char *msg)
 	return -1;
 }
 
-int yywarn(char *msg)
+int yywarn(const char *msg)
 {
 	if (source_file[0])
 		fprintf(stderr, "%s:%ld:",
diff --git a/test/Makefile b/test/Makefile
index 63b4d24..c2367e1 100644
--- a/test/Makefile
+++ b/test/Makefile
@@ -9,7 +9,7 @@ INCLUDEDIR ?= $(PREFIX)/include
 CFLAGS ?= -g -Wall -W -Werror -O2 -pipe
 override CFLAGS += -I$(INCLUDEDIR)
 
-LDLIBS=-lfl -lselinux $(LIBDIR)/libsepol.a -L$(LIBDIR)
+LDLIBS=-lfl $(LIBDIR)/libsepol.a -L$(LIBDIR)
 
 all: dispol dismod
 
diff --git a/test/dismod.c b/test/dismod.c
index 96ef047..db9ae55 100644
--- a/test/dismod.c
+++ b/test/dismod.c
@@ -65,7 +65,7 @@ static const char *symbol_labels[9] = {
 	"levels ", "cats   ", "attribs"
 };
 
-void usage(char *progname)
+void usage(const char *progname)
 {
 	printf("usage:  %s binary_pol_file\n\n", progname);
 	exit(1);
@@ -99,7 +99,7 @@ static void render_access_bitmap(ebitmap_t * map, uint32_t class,
 }
 
 static void display_id(policydb_t * p, FILE * fp, uint32_t symbol_type,
-		       uint32_t symbol_value, char *prefix)
+		       uint32_t symbol_value, const char *prefix)
 {
 	char *id = p->sym_val_to_name[symbol_type][symbol_value];
 	scope_datum_t *scope =
@@ -269,7 +269,7 @@ int display_avrule(avrule_t * avrule, policydb_t * policy,
 
 	cur = avrule->perms;
 	while (cur) {
-		display_id(policy, fp, SYM_CLASSES, cur->class - 1, "");
+		display_id(policy, fp, SYM_CLASSES, cur->tclass - 1, "");
 		cur = cur->next;
 	}
 
@@ -278,7 +278,7 @@ int display_avrule(avrule_t * avrule, policydb_t * policy,
 	fprintf(fp, " ");
 
 	if (avrule->specified & (AVRULE_AV | AVRULE_NEVERALLOW)) {
-		render_access_mask(avrule->perms->data, avrule->perms->class,
+		render_access_mask(avrule->perms->data, avrule->perms->tclass,
 				   policy, fp);
 	} else if (avrule->specified & AVRULE_TYPE) {
 		display_id(policy, fp, SYM_TYPES, avrule->perms->data - 1, "");
@@ -807,7 +807,7 @@ static void display_policycaps(policydb_t * p, FILE * fp)
 	}
 }
 
-int menu()
+int menu(void)
 {
 	printf("\nSelect a command:\n");
 	printf("1)  display unconditional AVTAB\n");
diff --git a/test/dispol.c b/test/dispol.c
index f41acdc..9d66358 100644
--- a/test/dispol.c
+++ b/test/dispol.c
@@ -37,7 +37,7 @@
 
 static policydb_t policydb;
 
-void usage(char *progname)
+void usage(const char *progname)
 {
 	printf("usage:  %s binary_pol_file\n\n", progname);
 	exit(1);
@@ -320,9 +320,9 @@ static void display_policycaps(policydb_t * p, FILE * fp)
 }
 
 static void display_id(policydb_t *p, FILE *fp, uint32_t symbol_type,
-		       uint32_t symbol_value, char *prefix)
+		       uint32_t symbol_value, const char *prefix)
 {
-	char *id = p->sym_val_to_name[symbol_type][symbol_value];
+	const char *id = p->sym_val_to_name[symbol_type][symbol_value];
 	fprintf(fp, " %s%s", prefix, id);
 }
 
@@ -369,7 +369,7 @@ static void display_filename_trans(policydb_t *p, FILE *fp)
 	}
 }
 
-int menu()
+int menu(void)
 {
 	printf("\nSelect a command:\n");
 	printf("1)  display unconditional AVTAB\n");