SELinux Mailing List - NSA/CSS

Skip All Menus Skip Top Menu

Top Navigation Menus

Research Skip Research Menus Research Menu Security Enhanced Linux What's New Frequently Asked Questions Background Documents License Download Participating Mail List Archives Remaining Work Contributors Related Work Press Releases Information Assurance Research NIARL In-house Research Areas Mathematical Sciences Program Sabbaticals Computer & Information Sciences Research Technology Transfer Advanced Computing Advanced Mathematics Communications & Networking Information Processing Microelectronics Other Technologies Technology Fact Sheets Publications Related Links	Skip Search Box Searchbox SELinux Mailing List Re: [BUG] Segfault on duplicate require of sensitivity This message: [ Message body ] [ More options ] Related messages: [ Next message ] [ Previous message ] [ In reply to ] [ Next in thread ] From: Joshua Brindle <method_at_manicmethod.com> Date: Tue, 15 May 2007 13:40:56 -0400 Karl MacMillan wrote: > On Tue, 2007-05-15 at 13:18 -0400, Joshua Brindle wrote: > >> Caleb Case wrote: >> >>> On Tue, 2007-05-15 at 10:39 -0400, Karl MacMillan wrote: >>> >>> >>>> On Tue, 2007-05-15 at 10:16 -0400, Caleb Case wrote: >>>> >>>> >>>>> It turns out that level_datum_t is not defined as an actual datum: >>>>> >>>>> >>>>> >>>> [...] >>>> >>>> >>>> >>>>> The options I see here are not good. One option: the level_datum_t >>>>> should be changed into a conforming _datum_t and the fallout of this >>>>> change handled in the rest of the code which expects to see a >>>>> level_datum_t->level. Second option: level_datum_t is treated specially >>>>> in require_symbol (using the symbol_type as the switch). >>>>> >>>>> >>>>> >>>> Making it a _datum_t seems to be the right choice - what is your concern >>>> about following that path? >>>> >>>> Karl >>>> >>>> >>> Mainly I am concerned because level_datum_t is exported in libsepol's >>> protected headers and will require changes to anything that statically >>> links to libsepol. >>> >>> >>> >> Err, I don't think this is the main issue. The level datum references* >> the sens_datum, which exists independantly of the level_datum. I think >> it would cause all sorts of problems to try to change that in the >> current code base. >> >> > > What kind of problems? > > What do we put in the symtab_datum? Do we reproduce what is in the sens_datum? They aren't the same data, I'm not totally sure why they are separated (Darrell, want to chime in on this?). The really crappy thing is that we decided to support mls in require statements by just using the whole string (eg., s0:c0.c126-s15:c0.c128) so that whole string gets a level datum (iirc). I guess we can try adding a symtab_datum and see what the fallout is but I think there are alot of assumptions about how level_datum and sens_datum relate. >> Another option is to just punt on this and it should be handled >> naturally in the policyrep branch. >> > > We can't punt on a reproducible segfault - it needs to be fixed in > stable. > I know, I was half joking... -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with the words "unsubscribe selinux" without quotes as the message. Received on Tue 15 May 2007 - 13:40:58 EDT This message: [ Message body ] Next message: Christopher J. PeBenito: "Re: squid patch" Previous message: Karl MacMillan: "Re: [BUG] Segfault on duplicate require of sensitivity" In reply to: Karl MacMillan: "Re: [BUG] Segfault on duplicate require of sensitivity" Next in thread: Caleb Case: "Re: [BUG] Segfault on duplicate require of sensitivity" Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]
	Date Posted: Jan 15, 2009 \| Last Modified: Jan 15, 2009 \| Last Reviewed: Jan 15, 2009

bottom