From 9ad517718259801bcc9be8bad2a1c60cba18c442 Mon Sep 17 00:00:00 2001
From: Tyler Hicks <tyhicks@canonical.com>
Date: Fri, 6 Feb 2015 18:00:12 -0600
Subject: [FIX FOR 10/13] fix: Pass the message type to the AppArmor hook

Pass the int representation of the message type, rather than the string
representation, so that the type of the message can be checked more
efficiently.

Also, remove the message type check from the conditional that detects
requested replies. It is sufficient to look at the requested_reply bool.
The extra check to make sure that the message is of a reply type is not
needed.

Signed-off-by: Tyler Hicks <tyhicks@canonical.com>
---
 bus/apparmor.c | 24 ++++++++++++------------
 bus/apparmor.h |  2 +-
 bus/bus.c      |  2 +-
 3 files changed, 14 insertions(+), 14 deletions(-)

diff --git a/bus/apparmor.c b/bus/apparmor.c
index 0b0ae0c..9f42c81 100644
--- a/bus/apparmor.c
+++ b/bus/apparmor.c
@@ -706,7 +706,7 @@ bus_apparmor_allows_acquire_service (DBusConnection     *connection,
  * @param requested_reply TRUE if the message is a reply requested by
  *                        proposed_recipient
  * @param bustype name of the bus
- * @param msgtype message type (method_call, error, etc.)
+ * @param msgtype message type (DBUS_MESSAGE_TYPE_METHOD_CALL, etc.)
  * @param path object path the message should be sent to
  * @param interface the type of the object instance
  * @param member the member of the object
@@ -721,7 +721,7 @@ bus_apparmor_allows_send (DBusConnection     *sender,
                           DBusConnection     *proposed_recipient,
                           dbus_bool_t         requested_reply,
                           const char         *bustype,
-                          const char         *msgtype,
+                          int                 msgtype,
                           const char         *path,
                           const char         *interface,
                           const char         *member,
@@ -739,6 +739,7 @@ bus_apparmor_allows_send (DBusConnection     *sender,
   unsigned long pid;
   int len, res, src_errno = 0, dst_errno = 0;
   uint32_t src_perm = AA_DBUS_SEND, dst_perm = AA_DBUS_RECEIVE;
+  const char *msgtypestr = dbus_message_type_to_string(msgtype);
 
   if (!apparmor_enabled)
     return TRUE;
@@ -757,14 +758,13 @@ bus_apparmor_allows_send (DBusConnection     *sender,
       bus_apparmor_confinement_ref (dst_con);
     }
 
-  /* map reply messages: "error" and "method_return" to initial send and
-   * receive. That is permission to receive a message from X grants
-   * permission to reply to X.  And permission to send a message to Y
-   * grants permission to receive a reply from Y. Note that this only applies
-   * to requested replies. Unrequested replies still require a policy query.
+  /* map reply messages to initial send and receive permission. That is
+   * permission to receive a message from X grants permission to reply to X.
+   * And permission to send a message to Y grants permission to receive a reply
+   * from Y. Note that this only applies to requested replies. Unrequested
+   * replies still require a policy query.
    */
-  if (requested_reply &&
-      (strcmp (msgtype, "error") == 0 || strcmp (msgtype, "method_return") == 0))
+  if (requested_reply)
     {
       /* ignore requested reply messages and let dbus reply mapping handle them
        * as the send was already allowed
@@ -845,7 +845,7 @@ bus_apparmor_allows_send (DBusConnection     *sender,
                                    sender,
                                    proposed_recipient,
                                    requested_reply,
-                                   msgtype,
+                                   msgtypestr,
                                    path,
                                    interface,
                                    member,
@@ -909,7 +909,7 @@ bus_apparmor_allows_send (DBusConnection     *sender,
           !_dbus_append_pair_str (&auxdata, "peer_info", strerror (dst_errno)))
         goto oom;
 
-      log_message (src_allow, msgtype, &auxdata);
+      log_message (src_allow, msgtypestr, &auxdata);
     }
   if (dst_audit)
     {
@@ -945,7 +945,7 @@ bus_apparmor_allows_send (DBusConnection     *sender,
           !_dbus_append_pair_str (&auxdata, "peer_info", strerror (src_errno)))
         goto oom;
 
-      log_message (dst_allow, msgtype, &auxdata);
+      log_message (dst_allow, msgtypestr, &auxdata);
     }
 
  out:
diff --git a/bus/apparmor.h b/bus/apparmor.h
index bb52575..3f3d646 100644
--- a/bus/apparmor.h
+++ b/bus/apparmor.h
@@ -50,7 +50,7 @@ dbus_bool_t bus_apparmor_allows_send (DBusConnection     *sender,
                                       DBusConnection     *proposed_recipient,
                                       dbus_bool_t         requested_reply,
                                       const char         *bustype,
-                                      const char         *msgtype,
+                                      int                 msgtype,
                                       const char         *path,
                                       const char         *interface,
                                       const char         *member,
diff --git a/bus/bus.c b/bus/bus.c
index d964833..68de1b2 100644
--- a/bus/bus.c
+++ b/bus/bus.c
@@ -1626,7 +1626,7 @@ bus_context_check_security_policy (BusContext     *context,
       if (!bus_apparmor_allows_send (sender, proposed_recipient,
                                      requested_reply,
                                      bus_context_get_type (context),
-                                     dbus_message_type_to_string (dbus_message_get_type (message)),
+                                     dbus_message_get_type (message),
                                      dbus_message_get_path (message),
                                      dbus_message_get_interface (message),
                                      dbus_message_get_member (message),
-- 
2.1.0