libsepol/tests/policies/test-neverallow/policy.conf

class process
class blk_file
class chr_file
class dir
class fifo_file
class file
class lnk_file
class sock_file

sid kernel
sid security
sid unlabeled
sid file
sid port
sid netif
sid netmsg
sid node
sid devnull

class process { dyntransition transition }
class file { getattr ioctl open read write }

ifdef(`enable_mls',`
sensitivity s0;
dominance { s0 }
category c0; category c1; category c2; category c3;
category c4; category c5; category c6; category c7;
category c8; category c9; category c10; category c11;
category c12; category c13; category c14; category c15;
category c16; category c17; category c18; category c19;
category c20; category c21; category c22; category c23;

level s0:c0.c23;

mlsconstrain file { write } ( h1 dom h2 );
')


########################################
#
# Test start
#
########################################


## Test 1 (basic)

type test1_t;
allow      test1_t test1_t : file { read write };
neverallow test1_t test1_t : file read;


## Test 2 (wildcard permission)

type test2_t;
allow      test2_t test2_t : file { read write };
neverallow test2_t test2_t : file *;


## Test 3 (complement permission)

type test3_t;
allow      test3_t test3_t : file { read write };
neverallow test3_t test3_t : file ~{ write };


## Test 4 (wildcard source)

type test4_t;
allow      test4_t test4_t : file { read write };
neverallow *       test4_t : file read;


## Test 5 (wildcard target)

type test5_t;
allow      test5_t test5_t : file { read write };
neverallow test5_t *       : file read;


## Test 6 (complement source)

type test6_1_t;
type test6_2_t;
allow      { test6_1_t test6_2_t } { test6_1_t test6_2_t } : file { read write };
neverallow ~{ test6_2_t }          test6_1_t               : file read;


## Test 7 (complement target)

type test7_1_t;
type test7_2_t;
allow      { test7_1_t test7_2_t } { test7_1_t test7_2_t } : file { read write };
neverallow test7_1_t               ~{ test7_2_t }          : file read;


## Test 8 (source attribute)

attribute test8_a;
type test8_t, test8_a;
allow      test8_a test8_a : file read;
allow      test8_t test8_t : file write;
neverallow test8_a test8_t : file { read write };


## Test 9 (target attribute)

attribute test9_a;
type test9_t, test9_a;
allow      test9_a test9_a : file read;
allow      test9_t test9_t : file write;
neverallow test9_t test9_a : file { read write };


## Test 10 (self)

attribute test10_a;
type test10_1_t, test10_a;
type test10_2_t;
allow      { test10_1_t test10_2_t } { test10_1_t test10_2_t } : file read;
neverallow test10_a                  self                      : file *;


## Test 11 (wildcard)

type test11_t;
allow      test11_t self : process *;
neverallow *        *    : process *;


## Test 12 (complement attributes)

attribute test12_1_a;
attribute test12_2_a;
attribute test12_3_a;
type test12_1_t, test12_1_a;
type test12_2_t, test12_2_a;
type test12_3_t, test12_3_a;
allow     { test12_1_a test12_2_a test12_3_a } { test12_1_a test12_2_a test12_3_a } : file *;
neverallow ~{ test12_1_a test12_2_t }          ~{ test12_3_a }                      : file getattr;
neverallow ~{ test12_1_a }                     ~{ test12_2_a test12_3_t }           : file open;


## Test 13 (excludes)

attribute test13_1_a;
attribute test13_2_a;
attribute test13_3_a;
type test13_1_t, test13_1_a;
type test13_2_t, test13_2_a;
type test13_3_t, test13_3_a;
allow      { test13_1_a test13_2_a test13_3_a }                         { test13_1_a test13_2_a test13_3_a }                         : file { read write };
neverallow { test13_1_a test13_2_a test13_3_a -test13_2_a -test13_3_t } { test13_1_a test13_2_a test13_3_a -test13_2_t -test13_3_a } : file read;


## Test 14 (misc avrules)

type test14_t;
auditallow      test14_t test14_t : file read;
dontaudit       test14_t test14_t : file write;
neverallow      test14_t test14_t : file { read write };
type_transition test14_t test14_t : file test14_t;
type_transition test14_t test14_t : file test14_t "objname";
neverallow      test14_t test14_t : file *;  # nofail


## Test 15 (extended permissions - standard allow)

type test15_t;
allow           test15_t self : file ioctl;
neverallowxperm test15_t self : file ioctl 0x1111;


## Test 16 (extended permissions - allowxperm)

type test16_t;
allow           test16_t self : file ioctl;
allowxperm      test16_t self : file ioctl 0x1111;
neverallowxperm test16_t self : file ioctl 0x1111;


## Test 17 (extended permissions - allowxperm mismatch)

type test17_t;
allow           test17_t self : file ioctl;
allowxperm      test17_t self : file ioctl 0x1111;
neverallowxperm test17_t self : file ioctl 0x2222;  # nofail


## Test 18 (extended permissions - allowxperm range I)

type test18_t;
allow           test18_t self : file ioctl;
allowxperm      test18_t self : file ioctl { 0x1100-0x1300 };
neverallowxperm test18_t self : file ioctl 0x1111;


## Test 19 (extended permissions - allowxperm range II)

type test19_t;
allow           test19_t self : file ioctl;
allowxperm      test19_t self : file ioctl 0x1111;
neverallowxperm test19_t self : file ioctl { 0x1100-0x1300 };


## Test 20 (extended permissions - misc targets I)

attribute test20_a;
type test20_t, test20_a;

allow           test20_a test20_a : file ioctl;
allowxperm      test20_a test20_a : file ioctl 0x1111;
neverallowxperm test20_a self     : file ioctl 0x1111;


## Test 21 (extended permissions - misc targets II)

attribute test21_1_a;
attribute test21_2_a;
type test21_t, test21_1_a, test21_2_a;

allow           test21_1_a test21_1_a : file ioctl;
allowxperm      test21_1_a test21_2_a : file ioctl 0x1111;
neverallowxperm test21_1_a self       : file ioctl 0x1111;


## Test 22 (extended permissions - misc targets III)

attribute test22_a;
type test22_t, test22_a;

allow           test22_a test22_a : file ioctl;
allowxperm      test22_t self     : file ioctl 0x1111;
neverallowxperm test22_a self     : file ioctl 0x1111;


## Test 23 (extended permissions - misc targets IV)

attribute test23_a;
type test23_t, test23_a;

allow           test23_a test23_a : file ioctl;
allowxperm      test23_t test23_t : file ioctl 0x1111;
neverallowxperm test23_a self     : file ioctl 0x1111;


## Test 24 (extended permissions - misc targets V)

attribute test24_a;
type test24_t, test24_a;

allow           test24_a test24_a : file ioctl;
allowxperm      test24_t test24_a : file ioctl 0x1111;
neverallowxperm test24_a self     : file ioctl 0x1111;


## Test 25 (extended permissions - misc targets VI)

attribute test25_a;
type test25_t, test25_a;

allow           test25_a test25_a : file ioctl;
allowxperm      test25_a self     : file ioctl 0x1111;
neverallowxperm test25_a self     : file ioctl 0x1111;


## Test 26 (extended permissions - assert twice)

attribute test26_a;
type test26_1_t, test26_a;
type test26_2_t, test26_a;
allow           test26_a   test26_a : file ioctl;
allowxperm      test26_a   test26_a : file ioctl 0x1111;
neverallowxperm test26_1_t test26_a : file ioctl 0x1111;


########################################
#
# Test End
#
########################################


type sys_isid;
role sys_role;
role sys_role types sys_isid;
gen_user(sys_user,, sys_role, s0, s0 - s0:c0.c23)
sid kernel gen_context(sys_user:sys_role:sys_isid, s0)
sid security gen_context(sys_user:sys_role:sys_isid, s0)
sid unlabeled gen_context(sys_user:sys_role:sys_isid, s0)
sid file gen_context(sys_user:sys_role:sys_isid, s0)
sid port gen_context(sys_user:sys_role:sys_isid, s0)
sid netif gen_context(sys_user:sys_role:sys_isid, s0)
sid netmsg gen_context(sys_user:sys_role:sys_isid, s0)
sid node gen_context(sys_user:sys_role:sys_isid, s0)
sid devnull gen_context(sys_user:sys_role:sys_isid, s0)
fs_use_trans devpts gen_context(sys_user:sys_role:sys_isid, s0);
fs_use_trans devtmpfs gen_context(sys_user:sys_role:sys_isid, s0);