Menu
▾
▴
[Selinux-commits] SF.net SVN: selinux: [2468] trunk/libselinux/src
|
From: <ew...@us...> - 2007-06-07 18:41:16
|
Revision: 2468
http://svn.sourceforge.net/selinux/?rev=2468&view=rev
Author: ewalsh
Date: 2007-06-07 11:41:15 -0700 (Thu, 07 Jun 2007)
Log Message:
-----------
Author: "Christopher J. PeBenito"
Email: cpe...@tr...
Subject: libselinux: add checking for kernel object class discovery
Date: Thu, 07 Jun 2007 13:41:58 +0000
Detect if object class discovery kernel support exists. Fall back to hardcoded
values for compatibility.
Signed-off-by: Chris PeBenito <cpe...@tr...>
Acked-by: Eamon Walsh <ew...@ty...>
Modified Paths:
--------------
trunk/libselinux/src/init.c
trunk/libselinux/src/stringrep.c
Modified: trunk/libselinux/src/init.c
===================================================================
--- trunk/libselinux/src/init.c 2007-06-07 18:40:51 UTC (rev 2467)
+++ trunk/libselinux/src/init.c 2007-06-07 18:41:15 UTC (rev 2468)
@@ -9,6 +9,7 @@
#include <dlfcn.h>
#include <sys/vfs.h>
#include <stdint.h>
+#include <limits.h>
#include "dso.h"
#include "policy.h"
@@ -17,6 +18,7 @@
char *selinux_mnt = NULL;
int selinux_page_size = 0;
+int obj_class_compat = 1;
static void init_selinuxmnt(void)
{
@@ -87,11 +89,33 @@
hidden_def(set_selinuxmnt)
+static void init_obj_class_compat(void)
+{
+ char path[PATH_MAX];
+ struct stat s;
+
+ if (!selinux_mnt)
+ return;
+
+ snprintf(path,PATH_MAX,"%s/class",selinux_mnt);
+ if (stat(path,&s) < 0)
+ return;
+
+ if (S_ISDIR(s.st_mode))
+ obj_class_compat = 0;
+}
+
+static void fini_obj_class_compat(void)
+{
+ obj_class_compat = 1;
+}
+
static void init_lib(void) __attribute__ ((constructor));
static void init_lib(void)
{
selinux_page_size = sysconf(_SC_PAGE_SIZE);
init_selinuxmnt();
+ init_obj_class_compat();
init_context_translations();
}
@@ -99,5 +123,6 @@
static void fini_lib(void)
{
fini_selinuxmnt();
+ fini_obj_class_compat();
fini_context_translations();
}
Modified: trunk/libselinux/src/stringrep.c
===================================================================
--- trunk/libselinux/src/stringrep.c 2007-06-07 18:40:51 UTC (rev 2467)
+++ trunk/libselinux/src/stringrep.c 2007-06-07 18:41:15 UTC (rev 2468)
@@ -151,6 +151,8 @@
#define NVECTORS ARRAY_SIZE(av_perm_to_string)
#define MAXVECTORS 8*sizeof(access_vector_t)
+extern int obj_class_compat;
+
struct discover_class_node {
char *name;
security_class_t value;
@@ -417,6 +419,9 @@
{
struct discover_class_node *node;
+ if (obj_class_compat)
+ return string_to_security_class_compat(s);
+
node = get_class_cache_entry_name(s);
if (node == NULL) {
node = discover_class(s);
@@ -434,6 +439,9 @@
{
struct discover_class_node *node;
+ if (obj_class_compat)
+ return string_to_av_perm_compat(tclass,s);
+
node = get_class_cache_entry_value(tclass);
if (node != NULL) {
size_t i;
@@ -450,6 +458,9 @@
{
struct discover_class_node *node;
+ if (obj_class_compat)
+ return security_class_to_string_compat(tclass);
+
node = get_class_cache_entry_value(tclass);
if (node == NULL) {
errno = EINVAL;
@@ -464,6 +475,9 @@
struct discover_class_node *node;
size_t i;
+ if (obj_class_compat)
+ return security_av_perm_to_string_compat(tclass,av);
+
node = get_class_cache_entry_value(tclass);
if (av && node)
for (i = 0; i<MAXVECTORS; i++)
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
