1 #include <unistd.h>
2 #include <sys/types.h>
3 #include <fcntl.h>
4 #include <stdlib.h>
5 #include <stdio.h>
6 #include <errno.h>
7 #include <string.h>
8 #include "selinux_internal.h"
9 #include "policy.h"
10 #include <limits.h>
11 
security_canonicalize_context_raw(const char * con,char ** canoncon)12 int security_canonicalize_context_raw(const char * con,
13 				      char ** canoncon)
14 {
15 	char path[PATH_MAX];
16 	char *buf;
17 	size_t size;
18 	int fd, ret;
19 
20 	if (!selinux_mnt) {
21 		errno = ENOENT;
22 		return -1;
23 	}
24 
25 	snprintf(path, sizeof path, "%s/context", selinux_mnt);
26 	fd = open(path, O_RDWR);
27 	if (fd < 0)
28 		return -1;
29 
30 	size = selinux_page_size;
31 	buf = malloc(size);
32 	if (!buf) {
33 		ret = -1;
34 		goto out;
35 	}
36 	strncpy(buf, con, size);
37 
38 	ret = write(fd, buf, strlen(buf) + 1);
39 	if (ret < 0)
40 		goto out2;
41 
42 	memset(buf, 0, size);
43 	ret = read(fd, buf, size - 1);
44 	if (ret < 0 && errno == EINVAL) {
45 		/* Fall back to the original context for kernels
46 		   that do not support the extended interface. */
47 		strncpy(buf, con, size);
48 	}
49 
50 	*canoncon = strdup(buf);
51 	if (!(*canoncon)) {
52 		ret = -1;
53 		goto out2;
54 	}
55 	ret = 0;
56       out2:
57 	free(buf);
58       out:
59 	close(fd);
60 	return ret;
61 }
62 
hidden_def(security_canonicalize_context_raw)63 hidden_def(security_canonicalize_context_raw)
64 
65 int security_canonicalize_context(const char * con,
66 				      char ** canoncon)
67 {
68 	int ret;
69 	char * rcon;
70 	char * rcanoncon;
71 
72 	if (selinux_trans_to_raw_context(con, &rcon))
73 		return -1;
74 
75 	ret = security_canonicalize_context_raw(rcon, &rcanoncon);
76 
77 	freecon(rcon);
78 	if (!ret) {
79 		ret = selinux_raw_to_trans_context(rcanoncon, canoncon);
80 		freecon(rcanoncon);
81 	}
82 
83 	return ret;
84 }
85 
86 hidden_def(security_canonicalize_context)
87