1 #include <unistd.h> 2 #include <sys/types.h> 3 #include <fcntl.h> 4 #include <stdlib.h> 5 #include <stdio.h> 6 #include <errno.h> 7 #include <string.h> 8 #include "selinux_internal.h" 9 #include "policy.h" 10 #include <limits.h> 11 12 int security_canonicalize_context_raw(const char * con, 13 char ** canoncon) 14 { 15 char path[PATH_MAX]; 16 char *buf; 17 size_t size; 18 int fd, ret; 19 20 if (!selinux_mnt) { 21 errno = ENOENT; 22 return -1; 23 } 24 25 snprintf(path, sizeof path, "%s/context", selinux_mnt); 26 fd = open(path, O_RDWR | O_CLOEXEC); 27 if (fd < 0) 28 return -1; 29 30 size = selinux_page_size; 31 buf = malloc(size); 32 if (!buf) { 33 ret = -1; 34 goto out; 35 } 36 strncpy(buf, con, size); 37 38 ret = write(fd, buf, strlen(buf) + 1); 39 if (ret < 0) 40 goto out2; 41 42 memset(buf, 0, size); 43 ret = read(fd, buf, size - 1); 44 if (ret < 0 && errno == EINVAL) { 45 /* Fall back to the original context for kernels 46 that do not support the extended interface. */ 47 strncpy(buf, con, size); 48 } 49 50 *canoncon = strdup(buf); 51 if (!(*canoncon)) { 52 ret = -1; 53 goto out2; 54 } 55 ret = 0; 56 out2: 57 free(buf); 58 out: 59 close(fd); 60 return ret; 61 } 62 63 hidden_def(security_canonicalize_context_raw) 64 65 int security_canonicalize_context(const char * con, 66 char ** canoncon) 67 { 68 int ret; 69 char * rcon; 70 char * rcanoncon; 71 72 if (selinux_trans_to_raw_context(con, &rcon)) 73 return -1; 74 75 ret = security_canonicalize_context_raw(rcon, &rcanoncon); 76 77 freecon(rcon); 78 if (!ret) { 79 ret = selinux_raw_to_trans_context(rcanoncon, canoncon); 80 freecon(rcanoncon); 81 } 82 83 return ret; 84 } 85 86 hidden_def(security_canonicalize_context) 87