libselinux/0031-libselinux-do-not-use-status-page-fallback-mode-inte.patch

From 3cef4110bee88ac81dfb5e62c2a8b7902248abba Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= <cgzones@googlemail.com>
Date: Mon, 10 May 2021 12:56:48 +0200
Subject: [PATCH] libselinux: do not use status page fallback mode internally
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Currently `avc_init_internal()`, called by `avc_open(3)` and
`avc_init(3)`, does open the SELinux status page with fallback mode
enabled.

Quote from man:selinux_status_open(3):
    In this case, this function tries to open a netlink socket using
    .BR avc_netlink_open (3) and overwrite corresponding callbacks
    (setenforce and policyload).  Thus, we need to pay attention to the
    interaction with these interfaces, when fallback mode is enabled.

Calling `selinux_status_open` internally in fallback mode is bad, cause
it overrides callbacks from client applications or the internal
fallback-callbacks get overridden by client applications.
Note that `avc_open(3)` gets called under the hood by
`selinux_check_access(3)` without checking for failure.
Also the status page is available since Linux 2.6.37, so failures of
`selinux_status_open(3)` in non-fallback mode should only be caused by
policies not allowing the client process to open/read/map
the /sys/fs/selinux/status file.

Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
---
 libselinux/src/avc.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/libselinux/src/avc.c b/libselinux/src/avc.c
index 8314d7ba3de6..daaedbc6a6fd 100644
--- a/libselinux/src/avc.c
+++ b/libselinux/src/avc.c
@@ -214,7 +214,7 @@ static int avc_init_internal(const char *prefix,
 		avc_enforcing = rc;
 	}
 
-	rc = selinux_status_open(1);
+	rc = selinux_status_open(0);
 	if (rc < 0) {
 		avc_log(SELINUX_ERROR,
 			"%s: could not open selinux status page: %d (%s)\n",
-- 
2.32.0