'Setools parsing error on ioctl-related filtering'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       seandroid-list
Subject:    Setools parsing error on ioctl-related filtering
From:       Elena Reshetova <elena.reshetova () gmail ! com>
Date:       2016-02-02 8:34:34
Message-ID: CALrft98Zap5VwE8zZ7c-hhs6WRam5+2yL_pF_3FxppttRosoXA () mail ! gmail ! com
[Download RAW message or body]

[Attachment #2 (multipart/alternative)]


Hi,

While using setools out of out tree we noticed that setools/policygrep does
not support parsing ioctl-related filtering.

For example:

/extra/eresheto/gmin-m/external/sepolicy/untrusted_app.te":105:ERROR
'syntax error' at token '0x8900' on line 12830: 0x8900-0x8926 0x8928-0x89ff
#line 105 Traceback (most recent call last): File "selint", line 125, in
<module> policy = policysource.policy.SourcePolicy(ALL_POLICY_FILES) File
"/extra/eresheto/selint/selint/policysource/policy.py", line 75, in
__init__ self._policy = setools.policyrep.SELinuxPolicy(self._policyconf)
File
"/extra/eresheto/gmin-m/prebuilts/python/linux-x86/2.7.5/lib/python2.7/site-packages/setools/policyrep/__init__.py",
 line 86, in __init__ self._load_policy(policyfile) File
"/extra/eresheto/gmin-m/prebuilts/python/linux-x86/2.7.5/lib/python2.7/site-packages/setools/policyrep/__init__.py",
 line 119, in _load_policy format(filename, err))
setools.policyrep.exception.InvalidPolicy: Error opening policy file
"/tmp/tmpdMw6Ow/policy.conf": Invalid policy.

What is the plan to update the "in-tree" setools? Otherwise it is kind of
annoying because even AOSP policy has ioctl-related things, but policygrep
fails on it.

Best Regards,
Elena.


[Attachment #5 (text/html)]

<div dir="ltr"><div><div><div><div><div>Hi,<br><br></div>While using setools out of \
out tree we noticed that setools/policygrep does not support parsing ioctl-related \
filtering.<br><br></div>For \
example:<br><br>/extra/eresheto/gmin-m/external/sepolicy/untrusted_app.te&quot;:105:ERROR \
&#39;syntax error&#39; at token &#39;0x8900&#39; on line 12830: 0x8900-0x8926 \
0x8928-0x89ff #line 105
Traceback (most recent call last):
  File &quot;selint&quot;, line 125, in &lt;module&gt;
    policy = policysource.policy.SourcePolicy(ALL_POLICY_FILES)
  File &quot;/extra/eresheto/selint/selint/policysource/policy.py&quot;, line 75, in \
__init__  self._policy = setools.policyrep.SELinuxPolicy(self._policyconf)
  File &quot;/extra/eresheto/gmin-m/prebuilts/python/linux-x86/2.7.5/lib/python2.7/site-packages/setools/policyrep/__init__.py&quot;, \
line 86, in __init__  self._load_policy(policyfile)
  File &quot;/extra/eresheto/gmin-m/prebuilts/python/linux-x86/2.7.5/lib/python2.7/site-packages/setools/policyrep/__init__.py&quot;, \
line 119, in _load_policy  format(filename, err))
setools.policyrep.exception.InvalidPolicy: Error opening policy file \
&quot;/tmp/tmpdMw6Ow/policy.conf&quot;: Invalid policy. <br><br></div>What is the \
plan to update the &quot;in-tree&quot; setools? Otherwise it is kind of annoying \
because even AOSP policy has ioctl-related things, but policygrep fails on it. \
<br><br></div><div>Best Regards,<br></div><div>Elena.<br></div></div></div>



_______________________________________________
Seandroid-list mailing list
Seandroid-list@tycho.nsa.gov
To unsubscribe, send email to Seandroid-list-leave@tycho.nsa.gov.
To get help, send an email containing "help" to Seandroid-list-request@tycho.nsa.gov.

[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic