int sepolHasType(const sepol * pol, const char *type)
{
if (!pol || !type) {
return 0;
}
return (argvSearch(pol->types, type, NULL) != NULL) ||
(argvSearch(pol->types, RPMPOL_TYPE_DEFAULT, NULL) != NULL);
}
static rpmRC writeModuleToHeader(ModuleRec mod, Package pkg)
{
rpmRC rc = RPMRC_FAIL;
ARGV_t av;
uint32_t count;
struct rpmtd_s policies;
struct rpmtd_s policynames;
struct rpmtd_s policyflags;
struct rpmtd_s policytypes;
struct rpmtd_s policytypesidx;
rpmtdReset(&policies);
rpmtdReset(&policynames);
rpmtdReset(&policyflags);
rpmtdReset(&policytypes);
rpmtdReset(&policytypesidx);
if (!mod || !pkg) {
goto exit;
}
/* check for duplicates */
if (headerIsEntry(pkg->header, RPMTAG_POLICYNAMES)) {
int typeCount;
const char *name;
char *type;
int i;
int idx;
headerGet(pkg->header, RPMTAG_POLICYNAMES, &policynames, HEADERGET_MINMEM);
headerGet(pkg->header, RPMTAG_POLICYFLAGS, &policyflags, HEADERGET_ARGV | HEADERGET_MINMEM);
headerGet(pkg->header, RPMTAG_POLICYTYPES, &policytypes, HEADERGET_ARGV | HEADERGET_MINMEM);
headerGet(pkg->header, RPMTAG_POLICYTYPESINDEXES, &policytypesidx, HEADERGET_ARGV | HEADERGET_MINMEM);
typeCount = rpmtdCount(&policytypes);
while ((name = rpmtdNextString(&policynames))) {
int overlappingtypes = 0;
idx = rpmtdGetIndex(&policynames);
for (i = 0; i < typeCount; i++) {
if (((int *) policytypesidx.data)[i] != idx) {
continue;
}
type = ((char **) policytypes.data)[i];
if (rstreq(type, RPMPOL_TYPE_DEFAULT) ||
argvSearch(mod->types, type, NULL) ||
argvSearch(mod->types, RPMPOL_TYPE_DEFAULT, NULL)) {
overlappingtypes = 1;
break;
}
}
if (!overlappingtypes) {
continue;
}
if (rstreq(mod->name, name)) {
rpmlog(RPMLOG_ERR, _("Policy module '%s' duplicated with overlapping types\n"), name);
goto exit;
}
if ((mod->flags && RPMPOL_FLAG_BASE) &&
(((int *) policyflags.data)[idx] & RPMPOL_FLAG_BASE)) {
rpmlog(RPMLOG_ERR, _("Base modules '%s' and '%s' have overlapping types\n"), mod->name, name);
goto exit;
}
}
}
if (headerIsEntry(pkg->header, RPMTAG_POLICIES)) {
if (!headerGet(pkg->header, RPMTAG_POLICIES, &policies, HEADERGET_MINMEM)) {
rpmlog(RPMLOG_ERR, _("Failed to get policies from header\n"));
goto exit;
}
count = rpmtdCount(&policies);
} else {
count = 0;
}
/* save everything to the header */
headerPutString(pkg->header, RPMTAG_POLICIES, mod->data);
headerPutString(pkg->header, RPMTAG_POLICYNAMES, mod->name);
headerPutUint32(pkg->header, RPMTAG_POLICYFLAGS, &mod->flags, 1);
for (av = mod->types; av && *av; av++) {
headerPutString(pkg->header, RPMTAG_POLICYTYPES, *av);
headerPutUint32(pkg->header, RPMTAG_POLICYTYPESINDEXES, &count, 1);
}
rc = RPMRC_OK;
exit:
rpmtdFreeData(&policies);
rpmtdFreeData(&policynames);
rpmtdFreeData(&policyflags);
rpmtdFreeData(&policytypes);
rpmtdFreeData(&policytypesidx);
return rc;
}
static int open_dso(const char * path, pid_t * pidp, rpm_loff_t *fsizep)
{
static const char * cmd = NULL;
static int initted = 0;
int fdno;
if (!initted) {
cmd = rpmExpand("%{?__prelink_undo_cmd}", NULL);
initted++;
}
if (pidp) *pidp = 0;
if (fsizep) {
struct stat sb, * st = &sb;
if (stat(path, st) < 0)
return -1;
*fsizep = st->st_size;
}
fdno = open(path, O_RDONLY);
if (fdno < 0)
return fdno;
if (!(cmd && *cmd))
return fdno;
if (pidp != NULL && is_prelinked(fdno)) {
int pipes[2];
pid_t pid;
close(fdno);
pipes[0] = pipes[1] = -1;
if (pipe(pipes) < 0)
return -1;
pid = fork();
if (pid < 0) {
close(pipes[0]);
close(pipes[1]);
return -1;
}
if (pid == 0) {
ARGV_t av, lib;
int dfd;
argvSplit(&av, cmd, " ");
close(pipes[0]);
dfd = dup2(pipes[1], STDOUT_FILENO);
close(pipes[1]);
if (dfd >= 0 && (lib = argvSearch(av, "library", NULL)) != NULL) {
*lib = (char *) path;
unsetenv("MALLOC_CHECK_");
execve(av[0], av+1, environ);
}
_exit(127); /* not normally reached */
} else {
*pidp = pid;
fdno = pipes[0];
close(pipes[1]);
}
}
return fdno;
}
static ModuleRec newModule(const char *path, const char *name,
const char *types, uint32_t flags)
{
ModuleRec mod;
uint8_t *raw = NULL;
ssize_t rawlen = 0;
const char *buildDir = "%{_builddir}/%{?buildsubdir}/";
if (!path) {
rpmlog(RPMLOG_ERR, _("%%semodule requires a file path\n"));
return NULL;
}
mod = xcalloc(1, sizeof(*mod));
mod->path = rpmGenPath(buildDir, NULL, path);
if ((rpmioSlurp(mod->path, &raw, &rawlen)) != 0 || raw == NULL) {
rpmlog(RPMLOG_ERR, _("Failed to read policy file: %s\n"),
mod->path);
goto err;
}
mod->data = b64encode(raw, rawlen, -1);
if (!mod->data) {
rpmlog(RPMLOG_ERR, _("Failed to encode policy file: %s\n"),
mod->path);
goto err;
}
if (name) {
mod->name = xstrdup(name);
} else {
/* assume base name (minus extension) if name is not given */
char *tmp = xstrdup(mod->path);
char *bname = basename(tmp);
char *end = strchr(bname, '.');
if (end)
*end = '\0';
if (strlen(bname) > 0) {
mod->name = xstrdup(bname);
} else {
rpmlog(RPMLOG_ERR, _("Failed to determine a policy name: %s\n"),
mod->path);
_free(tmp);
goto err;
}
_free(tmp);
}
if (types) {
mod->types = argvSplitString(types, ",", ARGV_SKIPEMPTY);
argvSort(mod->types, NULL);
if (argvSearch(mod->types, RPMPOL_TYPE_DEFAULT, NULL) && argvCount(mod->types) > 1) {
rpmlog(RPMLOG_WARNING, _("'%s' type given with other types in %%semodule %s. Compacting types to '%s'.\n"),
RPMPOL_TYPE_DEFAULT, mod->path, RPMPOL_TYPE_DEFAULT);
mod->types = argvFree(mod->types);
argvAdd(&mod->types, RPMPOL_TYPE_DEFAULT);
}
} else {
argvAdd(&mod->types, RPMPOL_TYPE_DEFAULT);
}
mod->flags = flags;
return mod;
err:
freeModule(mod);
return NULL;
}
static int findPreambleTag(Spec spec, /*@out@*/rpmTag * tagp,
/*@null@*/ /*@out@*/ const char ** macro, /*@out@*/ char * lang)
/*@modifies *tagp, *macro, *lang @*/
{
PreambleRec p;
char *s;
size_t len = 0;
/* Search for defined tags. */
for (p = preambleList; p->token != NULL; p++) {
len = strlen(p->token);
if (!(p->token && !xstrncasecmp(spec->line, p->token, len)))
continue;
if (p->obsolete) {
rpmlog(RPMLOG_ERR, _("Legacy syntax is unsupported: %s\n"),
p->token);
p = NULL;
}
break;
}
if (p == NULL)
return 1;
/* Search for arbitrary tags. */
if (tagp && p->token == NULL) {
ARGV_t aTags = NULL;
int rc = 1; /* assume failure */
/*@-noeffect@*/
(void) tagName(0); /* XXX force arbitrary tags to be initialized. */
/*@=noeffect@*/
aTags = rpmTags->aTags;
if (aTags != NULL && aTags[0] != NULL) {
ARGV_t av;
s = tagCanonicalize(spec->line);
#if defined(RPM_VENDOR_OPENPKG) /* wildcard-matching-arbitrary-tagnames */
av = argvSearchLinear(aTags, s, argvFnmatchCasefold);
#else
av = argvSearch(aTags, s, argvStrcasecmp);
#endif
if (av != NULL) {
*tagp = tagGenerate(s);
rc = 0;
}
s = _free(s);
}
return rc;
}
s = spec->line + len;
SKIPSPACE(s);
switch (p->multiLang) {
default:
case 0:
/* Unless this is a source or a patch, a ':' better be next */
if (p->tag != RPMTAG_SOURCE && p->tag != RPMTAG_PATCH) {
if (*s != ':') return 1;
}
*lang = '\0';
break;
case 1: /* Parse optional ( <token> ). */
if (*s == ':') {
strcpy(lang, RPMBUILD_DEFAULT_LANG);
break;
}
if (*s != '(') return 1;
s++;
SKIPSPACE(s);
while (!xisspace(*s) && *s != ')')
*lang++ = *s++;
*lang = '\0';
SKIPSPACE(s);
if (*s != ')') return 1;
s++;
SKIPSPACE(s);
if (*s != ':') return 1;
break;
}
if (tagp)
*tagp = p->tag;
if (macro)
/*@-onlytrans -observertrans -dependenttrans@*/ /* FIX: double indirection. */
*macro = p->token;
/*@=onlytrans =observertrans =dependenttrans@*/
return 0;
}
