[Selinux-commits] SF.net SVN: selinux: [2468] trunk/libselinux/src

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Revision: 2468
          http://svn.sourceforge.net/selinux/?rev=2468&view=rev
Author:   ewalsh
Date:     2007-06-07 11:41:15 -0700 (Thu, 07 Jun 2007)

Log Message:
-----------
Author: "Christopher J. PeBenito"
Email: cpe...@tr...
Subject: libselinux: add checking for kernel object class discovery
Date: Thu, 07 Jun 2007 13:41:58 +0000

Detect if object class discovery kernel support exists.  Fall back to hardcoded
values for compatibility.

Signed-off-by: Chris PeBenito <cpe...@tr...>
Acked-by: Eamon Walsh <ew...@ty...>

Modified Paths:
--------------
    trunk/libselinux/src/init.c
    trunk/libselinux/src/stringrep.c

Modified: trunk/libselinux/src/init.c
===================================================================

--- trunk/libselinux/src/init.c	2007-06-07 18:40:51 UTC (rev 2467)
+++ trunk/libselinux/src/init.c	2007-06-07 18:41:15 UTC (rev 2468)
@@ -9,6 +9,7 @@
 #include <dlfcn.h>
 #include <sys/vfs.h>
 #include <stdint.h>
+#include <limits.h>
 
 #include "dso.h"
 #include "policy.h"
@@ -17,6 +18,7 @@
 
 char *selinux_mnt = NULL;
 int selinux_page_size = 0;
+int obj_class_compat = 1;
 
 static void init_selinuxmnt(void)
 {
@@ -87,11 +89,33 @@
 
 hidden_def(set_selinuxmnt)
 
+static void init_obj_class_compat(void)
+{
+	char path[PATH_MAX];
+	struct stat s;
+
+	if (!selinux_mnt)
+		return;
+
+	snprintf(path,PATH_MAX,"%s/class",selinux_mnt);
+	if (stat(path,&s) < 0)
+		return;
+
+	if (S_ISDIR(s.st_mode))
+		obj_class_compat = 0;
+}
+
+static void fini_obj_class_compat(void)
+{
+	obj_class_compat = 1;
+}
+
 static void init_lib(void) __attribute__ ((constructor));
 static void init_lib(void)
 {
 	selinux_page_size = sysconf(_SC_PAGE_SIZE);
 	init_selinuxmnt();
+	init_obj_class_compat();
 	init_context_translations();
 }
 
@@ -99,5 +123,6 @@
 static void fini_lib(void)
 {
 	fini_selinuxmnt();
+	fini_obj_class_compat();
 	fini_context_translations();
 }

Modified: trunk/libselinux/src/stringrep.c
===================================================================
--- trunk/libselinux/src/stringrep.c	2007-06-07 18:40:51 UTC (rev 2467)
+++ trunk/libselinux/src/stringrep.c	2007-06-07 18:41:15 UTC (rev 2468)
@@ -151,6 +151,8 @@
 #define NVECTORS ARRAY_SIZE(av_perm_to_string)
 #define MAXVECTORS 8*sizeof(access_vector_t)
 
+extern int obj_class_compat;
+
 struct discover_class_node {
 	char *name;
 	security_class_t value;
@@ -417,6 +419,9 @@
 {
 	struct discover_class_node *node;
 
+	if (obj_class_compat)
+		return string_to_security_class_compat(s);
+
 	node = get_class_cache_entry_name(s);
 	if (node == NULL) {
 		node = discover_class(s);
@@ -434,6 +439,9 @@
 {
 	struct discover_class_node *node;
 
+	if (obj_class_compat)
+		return string_to_av_perm_compat(tclass,s);
+
 	node = get_class_cache_entry_value(tclass);
 	if (node != NULL) {
 		size_t i;
@@ -450,6 +458,9 @@
 {
 	struct discover_class_node *node;
 
+	if (obj_class_compat)
+		return security_class_to_string_compat(tclass);
+
 	node = get_class_cache_entry_value(tclass);
 	if (node == NULL) {
 		errno = EINVAL;
@@ -464,6 +475,9 @@
 	struct discover_class_node *node;
 	size_t i;
 
+	if (obj_class_compat)
+		return security_av_perm_to_string_compat(tclass,av);
+
 	node = get_class_cache_entry_value(tclass);
 	if (av && node)
 		for (i = 0; i<MAXVECTORS; i++)


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.


