From 18cc016f42f2c846ac82b87cf30ff16960328e47 Mon Sep 17 00:00:00 2001
From: Chris PeBenito <cpebenito@tresys.com>
Date: Jan 30 2006 18:22:24 +0000
Subject: remove kernel module reversed interfaces.


---

diff --git a/refpolicy/Changelog b/refpolicy/Changelog
index 9c5445b..7078d54 100644
--- a/refpolicy/Changelog
+++ b/refpolicy/Changelog
@@ -1,3 +1,4 @@
+- Remove kernel module reversed interfaces.
 - Add filename attribute to module XML tag and lineno attribute to
   interface XML tag.
 - Changed QUIET build option to a yes or no option.
diff --git a/refpolicy/policy/modules/kernel/kernel.if b/refpolicy/policy/modules/kernel/kernel.if
index 323164a..b512d8e 100644
--- a/refpolicy/policy/modules/kernel/kernel.if
+++ b/refpolicy/policy/modules/kernel/kernel.if
@@ -216,6 +216,23 @@ interface(`kernel_tcp_recvfrom',`
 
 ########################################
 ## <summary>
+##	Send UDP network traffic to the kernel.
+## </summary>
+## <param name="domain">
+##	Domain allowed access.
+## </param>
+#
+interface(`kernel_udp_sendto',`
+	gen_require(`
+		type kernel_t;
+	')
+
+	allow $1 kernel_t:udp_socket sendto;
+	allow kernel_t $1:udp_socket recvfrom;
+')
+
+########################################
+## <summary>
 ##	Receive messages from kernel UDP sockets.
 ## </summary>
 ## <param name="domain">
@@ -1667,197 +1684,3 @@ interface(`kernel_unconfined',`
 
 	kernel_rw_all_sysctl($1)
 ')
-
-################################################################################
-#
-# Reversed interfaces
-#
-# The following are reversed interfaces, meaning the point of view of the caller
-# of the interface is the object (target) type, rather than the subject (source)
-# type, like all other interfaces in the policy.  These interfaces are here to
-# decouple policy from the base module, and should not be used anywhere else.
-#
-################################################################################
-
-########################################
-## <summary>
-##	Allow the kernel to send a SIGCHLD
-##	signal to the specified domain.
-## </summary>
-## <param name="domain">
-##	Domain receiving the SIGCHLD.
-## </param>
-#
-interface(`kernel_sigchld_from',`
-	gen_require(`
-		type kernel_t;
-	')
-
-	allow kernel_t $1:process sigchld;
-')
-
-########################################
-## <summary>
-##	Allow unlabeled processes to send a SIGCHLD
-##	signal to the specified domain.
-## </summary>
-## <param name="domain">
-##	Domain receiving the SIGCHLD.
-## </param>
-#
-interface(`kernel_sigchld_from_unlabeled',`
-	gen_require(`
-		type unlabeled_t;
-	')
-
-	allow unlabeled_t $1:process sigchld;
-')
-
-########################################
-## <summary>
-##	Allow the kernel to search the
-##	specified directory.
-## </summary>
-## <param name="dir_type">
-##	Directory type to search.
-## </param>
-#
-interface(`kernel_search_from',`
-	gen_require(`
-		type kernel_t;
-	')
-
-	allow kernel_t $1:dir search;
-')
-
-########################################
-## <summary>
-##	Allow the kernel to read the contents
-##	of the specified directory.
-## </summary>
-## <param name="dir_type">
-##	Directory type to list.
-## </param>
-#
-interface(`kernel_list_from',`
-	gen_require(`
-		type kernel_t;
-	')
-
-	allow kernel_t $1:dir r_dir_perms;
-')
-
-########################################
-## <summary>
-##	Allow the kernel to read the
-##	specified file.
-## </summary>
-## <param name="dir_type">
-##	Directory type to list.
-## </param>
-#
-interface(`kernel_read_file_from',`
-	gen_require(`
-		type kernel_t;
-	')
-
-	allow kernel_t $1:file r_file_perms;
-')
-
-########################################
-## <summary>
-##	Use the specified types for /lib directory
-##	and use the dynamic link/loader for automatic loading
-##	of shared libraries, and the link/loader
-##	cache.
-## </summary>
-## <param name="lib_type">
-##	The type of the lib directories.
-## </param>
-## <param name="ld_type">
-##	The type of the dynamic link/loader.
-## </param>
-## <param name="cache_type">
-##	The type of the dynamic link/loader cache.
-## </param>
-#
-interface(`kernel_use_ld_so_from',`
-	gen_require(`
-		type kernel_t;
-	')
-
-	files_list_etc(kernel_t)
-	allow kernel_t $1:dir r_dir_perms;
-	allow kernel_t $1:lnk_file r_file_perms;
-	allow kernel_t $2:lnk_file r_file_perms;
-	allow kernel_t $2:file rx_file_perms;
-	allow kernel_t $3:file r_file_perms;
-')
-
-########################################
-## <summary>
-##	Allow the kernel to load and execute
-##	functions from the specified shared libraries.
-## </summary>
-## <param name="lib_dir_type">
-##	The type of the lib directories.
-## </param>
-## <param name="shlib_type">
-##	Shared library type.
-## </param>
-#
-interface(`kernel_use_shared_libs_from',`
-	gen_require(`
-		type kernel_t;
-	')
-
-	allow kernel_t $1:dir r_dir_perms;
-	allow kernel_t $1:lnk_file r_file_perms;
-	allow kernel_t $2:lnk_file r_file_perms;
-	allow kernel_t $2:file rx_file_perms;
-')
-
-#######################################
-## <summary>
-##	Allow the kernel to send a syslog
-##	message to the specified domain,
-##	connecting over the specified named
-##	socket.
-## </summary>
-## <param name="socket">
-##	The type of the named socket file.
-## </param>
-## <param name="syslog_type">
-##	The domain of the syslog daemon.
-## </param>
-#
-interface(`kernel_send_syslog_msg_from',`
-	gen_require(`
-		type syslogd_t, devlog_t;
-	')
-
-	allow kernel_t $1:lnk_file read;
-	allow kernel_t $1:sock_file rw_file_perms;
-
-	# the type of socket depends on the syslog daemon
-	allow kernel_t $2:unix_dgram_socket sendto;
-	allow kernel_t $2:unix_stream_socket connectto;
-')
-
-########################################
-## <summary>
-##	Allow the kernel to send UDP network traffic
-##	the specified domain.
-## </summary>
-## <param name="domain">
-##	The type of the receiving domain.
-## </param>
-#
-interface(`kernel_udp_sendfrom',`
-	gen_require(`
-		type kernel_t;
-	')
-
-	allow kernel_t $1:udp_socket sendto;
-	allow $1 kernel_t:udp_socket recvfrom;
-')
diff --git a/refpolicy/policy/modules/kernel/kernel.te b/refpolicy/policy/modules/kernel/kernel.te
index e5f3996..b6a5823 100644
--- a/refpolicy/policy/modules/kernel/kernel.te
+++ b/refpolicy/policy/modules/kernel/kernel.te
@@ -1,5 +1,5 @@
 
-policy_module(kernel,1.2.0)
+policy_module(kernel,1.2.1)
 
 ########################################
 #
@@ -244,10 +244,31 @@ tunable_policy(`read_default_t',`
 	files_read_default_pipes(kernel_t)
 ')
 
+optional_policy(`hotplug',`
+	hotplug_search_config(kernel_t)
+')
+
+optional_policy(`init',`
+	init_sigchld(kernel_t)
+')
+
+optional_policy(`libraries',`
+	libs_use_ld_so(kernel_t)
+	libs_use_shared_libs(kernel_t)
+')
+
+optional_policy(`logging',`
+	logging_send_syslog_msg(kernel_t)
+')
+
 optional_policy(`nis',`
 	nis_use_ypbind(kernel_t)
 ')
 
+optional_policy(`portmap',`
+	portmap_udp_sendto(kernel_t)
+')
+
 optional_policy(`rpc',`
 	# nfs kernel server needs kernel UDP access.  It is less risky and painful
 	# to just give it everything.
@@ -271,9 +292,7 @@ optional_policy(`rpc',`
 
 	rpc_manage_nfs_ro_content(kernel_t)
 	rpc_manage_nfs_rw_content(kernel_t)
-
 	rpc_udp_rw_nfs_sockets(kernel_t) 
-	#rpc_udp_sendto_sockets(kernel_t) 
 	rpc_udp_sendto_nfs(kernel_t)
 
 	tunable_policy(`nfs_export_all_ro',`
@@ -295,6 +314,11 @@ optional_policy(`rpc',`
 	')
 ')
 
+optional_policy(`selinuxutil',`
+	seutil_read_config(kernel_t)
+	seutil_read_binary_pol(kernel_t)
+')
+
 ########################################
 #
 # Unlabeled process local policy
@@ -303,3 +327,11 @@ optional_policy(`rpc',`
 ifdef(`targeted_policy',`
 	allow unlabeled_t self:filesystem associate;
 ')
+
+optional_policy(`init',`
+	# If you load a new policy that removes active domains, processes can
+	# get stuck if you do not allow unlabeled processes to signal init.
+	# If you load an incompatible policy, you should probably reboot,
+	# since you may have compromised system security.
+	init_sigchld(unlabeled_t)
+')
diff --git a/refpolicy/policy/modules/services/portmap.te b/refpolicy/policy/modules/services/portmap.te
index 96bcc65..d0ecdbd 100644
--- a/refpolicy/policy/modules/services/portmap.te
+++ b/refpolicy/policy/modules/services/portmap.te
@@ -1,5 +1,5 @@
 
-policy_module(portmap,1.1.0)
+policy_module(portmap,1.1.1)
 
 ########################################
 #
@@ -45,7 +45,6 @@ files_filetrans_pid(portmap_t,portmap_var_run_t)
 kernel_read_kernel_sysctl(portmap_t)
 kernel_list_proc(portmap_t)
 kernel_read_proc_symlinks(portmap_t)
-kernel_udp_sendfrom(portmap_t)
 kernel_tcp_recvfrom(portmap_t) 
 
 corenet_tcp_sendrecv_all_if(portmap_t)
diff --git a/refpolicy/policy/modules/services/rpc.if b/refpolicy/policy/modules/services/rpc.if
index 50ba3a3..eeb169f 100644
--- a/refpolicy/policy/modules/services/rpc.if
+++ b/refpolicy/policy/modules/services/rpc.if
@@ -258,11 +258,10 @@ interface(`rpc_udp_rw_nfs_sockets',`
 
 ########################################
 ## <summary>
-##      Allow NFS to send UDP network traffic
-##      the specified domain and recieve from it.
+##	Send UDP traffic to NFSd.
 ## </summary>
 ## <param name="domain">
-##      The type of the receiving domain.
+##      Domain allowed access.
 ## </param>
 #
 interface(`rpc_udp_sendto_nfs',`
@@ -270,8 +269,8 @@ interface(`rpc_udp_sendto_nfs',`
 		type nfsd_t;
 	')
 
-	allow nfsd_t $1:udp_socket sendto;
-	allow $1 nfsd_t:udp_socket recvfrom;
+	allow $1 nfsd_t:udp_socket sendto;
+	allow nfsd_t $1:udp_socket recvfrom;
 ')
 
 ########################################
diff --git a/refpolicy/policy/modules/services/rpc.te b/refpolicy/policy/modules/services/rpc.te
index db9be79..8743033 100644
--- a/refpolicy/policy/modules/services/rpc.te
+++ b/refpolicy/policy/modules/services/rpc.te
@@ -1,5 +1,5 @@
 
-policy_module(rpc,1.1.0)
+policy_module(rpc,1.1.1)
 
 ########################################
 #
@@ -84,7 +84,7 @@ allow nfsd_t { nfsd_rw_t nfsd_ro_t }:dir r_dir_perms;
 # for /proc/fs/nfs/exports - should we have a new type?
 kernel_read_system_state(nfsd_t) 
 kernel_read_network_state(nfsd_t) 
-kernel_udp_sendfrom(nfsd_t)	
+kernel_udp_sendto(nfsd_t)
 kernel_tcp_recvfrom(nfsd_t) 
 
 corenet_udp_bind_generic_port(nfsd_t)
diff --git a/refpolicy/policy/modules/system/hotplug.te b/refpolicy/policy/modules/system/hotplug.te
index 4ae405c..de64e15 100644
--- a/refpolicy/policy/modules/system/hotplug.te
+++ b/refpolicy/policy/modules/system/hotplug.te
@@ -1,5 +1,5 @@
 
-policy_module(hotplug,1.1.0)
+policy_module(hotplug,1.1.1)
 
 ########################################
 #
@@ -13,7 +13,6 @@ init_daemon_domain(hotplug_t,hotplug_exec_t)
 
 type hotplug_etc_t;
 files_config_file(hotplug_etc_t)
-kernel_search_from(hotplug_etc_t)
 init_daemon_domain(hotplug_t,hotplug_etc_t)
 
 type hotplug_var_run_t;
diff --git a/refpolicy/policy/modules/system/init.te b/refpolicy/policy/modules/system/init.te
index 91fa300..60754d0 100644
--- a/refpolicy/policy/modules/system/init.te
+++ b/refpolicy/policy/modules/system/init.te
@@ -1,5 +1,5 @@
 
-policy_module(init,1.2.0)
+policy_module(init,1.2.1)
 
 gen_require(`
 	class passwd rootok;
@@ -118,12 +118,6 @@ domain_auto_trans(init_t,initrc_exec_t,initrc_t)
 
 kernel_read_system_state(init_t)
 kernel_share_state(init_t)
-kernel_sigchld_from(init_t)
-# If you load a new policy that removes active domains, processes can
-# get stuck if you do not allow unlabeled processes to signal init.
-# If you load an incompatible policy, you should probably reboot,
-# since you may have compromised system security.
-kernel_sigchld_from_unlabeled(init_t)
 
 dev_read_sysfs(init_t)
 
diff --git a/refpolicy/policy/modules/system/libraries.te b/refpolicy/policy/modules/system/libraries.te
index edece21..2b31a94 100644
--- a/refpolicy/policy/modules/system/libraries.te
+++ b/refpolicy/policy/modules/system/libraries.te
@@ -24,9 +24,6 @@ files_type(ld_so_t)
 type lib_t;
 files_type(lib_t)
 
-kernel_use_ld_so_from(lib_t,ld_so_t,ld_so_cache_t)
-kernel_use_shared_libs_from(lib_t,{ shlib_t textrel_shlib_t })
-
 #
 # shlib_t is the type of shared objects in the system lib
 # directories.
diff --git a/refpolicy/policy/modules/system/logging.te b/refpolicy/policy/modules/system/logging.te
index 082d7f6..4a49c91 100644
--- a/refpolicy/policy/modules/system/logging.te
+++ b/refpolicy/policy/modules/system/logging.te
@@ -296,7 +296,6 @@ files_filetrans_pid(syslogd_t,syslogd_var_run_t)
 
 kernel_read_kernel_sysctl(syslogd_t)
 kernel_read_proc_symlinks(syslogd_t)
-kernel_send_syslog_msg_from(devlog_t,syslogd_t)
 # Allow access to /proc/kmsg for syslog-ng
 kernel_read_messages(syslogd_t)
 kernel_clear_ring_buffer(syslogd_t)
diff --git a/refpolicy/policy/modules/system/selinuxutil.te b/refpolicy/policy/modules/system/selinuxutil.te
index ba76789..3bc1b79 100644
--- a/refpolicy/policy/modules/system/selinuxutil.te
+++ b/refpolicy/policy/modules/system/selinuxutil.te
@@ -22,8 +22,6 @@ attribute can_relabelto_binary_policy;
 # (fix dup decl)
 type selinux_config_t;
 files_type(selinux_config_t)
-kernel_list_from(selinux_config_t)
-kernel_read_file_from(selinux_config_t)
 
 type checkpolicy_t, can_write_binary_policy;
 domain_type(checkpolicy_t)
@@ -68,8 +66,6 @@ domain_entry_file(newrole_t,newrole_exec_t)
 #
 type policy_config_t;
 files_type(policy_config_t)
-kernel_list_from(policy_config_t)
-kernel_read_file_from(policy_config_t)
 
 neverallow ~can_relabelto_binary_policy policy_config_t:file relabelto;
 #neverallow ~can_write_binary_policy policy_config_t:file { write append };