From 65eff7fbdbddad8c1f9af7cb48cd3b5dca3c5c9d Mon Sep 17 00:00:00 2001 From: Sunyeop Lee Date: Fri, 24 Mar 2017 11:08:28 +0530 Subject: [PATCH] Update old tunables framework document/script. Since commit 8b9e9c3c0bae497ad5e2d0ae2f333f62feddcc12, security_level replaces is_secure. There were some old files need to be updated. 2017-03-23 Sunyeop Lee * README.tunables: Updated descriptions. * elf/dl-tunables.list: Fixed typo: SXID_NONE -> NONE. * scripts/gen-tunables.awk: Updated the code related to the commit. --- ChangeLog | 7 +++++++ README.tunables | 14 +++++++------- elf/dl-tunables.list | 2 +- scripts/gen-tunables.awk | 12 ++++++------ 4 files changed, 21 insertions(+), 14 deletions(-) diff --git a/ChangeLog b/ChangeLog index 4ec8d83aec..205652ba59 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,10 @@ +2017-03-24 Sunyeop Lee + + * README.tunables: Updated descriptions. + * elf/dl-tunables.list: Fixed typo: SXID_NONE -> NONE. + * scripts/gen-tunables.awk: Updated the code related to the + commit. + 2017-03-23 Wilco Dijkstra * benchtests/Makefile (string-benchset): Add memcpy-random. diff --git a/README.tunables b/README.tunables index df74f3b24b..aace2fca8f 100644 --- a/README.tunables +++ b/README.tunables @@ -58,13 +58,13 @@ The list of allowed attributes are: - env_alias: An alias environment variable -- is_secure: Specify whether the tunable should be read for setuid - binaries. True allows the tunable to be read for - setuid binaries while false disables it. Note that - even if this is set as true and the value is read, it - may not be used if it does not validate against the - acceptable values or is not considered safe by the - module. +- security_level: Specify security level of the tunable. Valid values: + + SXID_ERASE: (default) Don't read for AT_SECURE binaries and + removed so that child processes can't read it. + SXID_IGNORE: Don't read for AT_SECURE binaries, but retained for + non-AT_SECURE subprocesses. + NONE: Read all the time. 2. Call either the TUNABLE_SET_VALUE and pass into it the tunable name and a pointer to the variable that should be set with the tunable value. diff --git a/elf/dl-tunables.list b/elf/dl-tunables.list index cb9e8f173b..b9f1488798 100644 --- a/elf/dl-tunables.list +++ b/elf/dl-tunables.list @@ -27,7 +27,7 @@ # removed so that child processes can't read it. # SXID_IGNORE: Don't read for AT_SECURE binaries, but retained for # non-AT_SECURE subprocesses. -# SXID_NONE: Read all the time. +# NONE: Read all the time. glibc { malloc { diff --git a/scripts/gen-tunables.awk b/scripts/gen-tunables.awk index e7bfc22b05..601240ac0d 100644 --- a/scripts/gen-tunables.awk +++ b/scripts/gen-tunables.awk @@ -51,8 +51,8 @@ $1 == "}" { if (!env_alias[top_ns][ns][tunable]) { env_alias[top_ns][ns][tunable] = "NULL" } - if (!is_secure[top_ns][ns][tunable]) { - is_secure[top_ns][ns][tunable] = "SXID_ERASE" + if (!security_level[top_ns][ns][tunable]) { + security_level[top_ns][ns][tunable] = "SXID_ERASE" } tunable = "" @@ -104,12 +104,12 @@ $1 == "}" { } else if (attr == "security_level") { if (val == "SXID_ERASE" || val == "SXID_IGNORE" || val == "NONE") { - is_secure[top_ns][ns][tunable] = val + security_level[top_ns][ns][tunable] = val } else { - printf("Line %d: Invalid value (%s) for is_secure: %s, ", NR, val, + printf("Line %d: Invalid value (%s) for security_level: %s, ", NR, val, $0) - print("Allowed values are 'true' or 'false'") + print("Allowed values are 'SXID_ERASE', 'SXID_IGNORE', or 'NONE'") exit 1 } } @@ -148,7 +148,7 @@ END { printf (" {TUNABLE_NAME_S(%s, %s, %s)", t, n, m) printf (", {TUNABLE_TYPE_%s, %s, %s}, {.numval = 0}, NULL, TUNABLE_SECLEVEL_%s, %s},\n", types[t][n][m], minvals[t][n][m], maxvals[t][n][m], - is_secure[t][n][m], env_alias[t][n][m]); + security_level[t][n][m], env_alias[t][n][m]); } } }