*/
typedef struct smack_users *smack_users_t;
-/*!
- * Flags for extended attributes.
- */
-#define SMACK_XATTR_SYMLINK 1
-
#ifdef __cplusplus
extern "C" {
#endif
const char *smack_get_user_label(smack_users_t handle, const char *user);
/*!
- * Set SMACK64 security attribute for a given path.
+ * Set SMACK64 security attribute for a given file.
*
* @param path path to a file
* @param smack new value
- * @param flags set flags
* @return 0 on success
*/
-extern int smack_set_smack_to_file(const char *path, const char *smack,
- int flags);
+extern int smack_set_smack_to_file(const char *path, const char *smack);
/*!
* Get SMACK64 security attribute for a given path.
*
* @param path path to a file
* @param smack current value
- * @param flags set flags
* @return 0 on success
*/
-extern int smack_get_smack_from_file(const char *path, char **smack,
- int flags);
+extern int smack_get_smack_from_file(const char *path, char **smack);
+
+/*!
+ * Set SMACK64 security attribute for a given file or symbolic link.
+ *
+ * @param path path to a file
+ * @param smack new value
+ * @return 0 on success
+ */
+extern int smack_set_smack_to_file_or_symlink(const char *path, const char *smack);
+
+/*!
+ * Get SMACK64 security attribute for a given file or symlink.
+ * Allocated memory must be freed by the caller.
+ *
+ * @param path path to a file
+ * @param smack current value
+ * @return 0 on success
+ */
+extern int smack_get_smack_from_file_or_symlink(const char *path, char **smack);
/*!
* Get SMACK64 security attribute for a given pid.
*
* @param path path to a file
* @param smack new value
- * @param flags set flags
* @return 0 on success
*/
-extern int smack_set_smackexec_to_file(const char *path, const char *smack,
- int flags);
+extern int smack_set_smackexec_to_file(const char *path, const char *smack);
/*!
* Get SMACK64EXEC security attribute for a given path.
* @param flags set flags
* @return 0 on success
*/
-extern int smack_get_smackexec_from_file(const char *path, char **smack,
- int flags);
+extern int smack_get_smackexec_from_file(const char *path, char **smack);
#ifdef __cplusplus
#define SMACK_PROC_PATH "/proc/%d/attr/current"
#define LINE_BUFFER_SIZE 255
-int smack_set_smack_to_file(const char *path, const char *smack, int flags)
+int smack_set_smack_to_file(const char *path, const char *smack)
{
size_t size;
int ret;
if (size > SMACK64_LEN)
return -1;
- if ((flags & SMACK_XATTR_SYMLINK) == 0)
- ret = setxattr(path, SMACK64, smack, size, 0);
- else
- ret = lsetxattr(path, SMACK64, smack, size, 0);
-
- return ret;
+ return setxattr(path, SMACK64, smack, size, 0);
}
-int smack_get_smack_from_file(const char *path, char **smack, int flags)
+int smack_get_smack_from_file(const char *path, char **smack)
{
ssize_t ret;
char *buf;
- if ((flags & SMACK_XATTR_SYMLINK) == 0)
- ret = getxattr(path, SMACK64, NULL, 0);
- else
- ret = lgetxattr(path, SMACK64, NULL, 0);
-
+ ret = getxattr(path, SMACK64, NULL, 0);
if (ret < 0)
return -1;
buf = malloc(ret + 1);
- if ((flags & SMACK_XATTR_SYMLINK) == 0)
- ret = getxattr(path, SMACK64, buf, ret);
- else
- ret = lgetxattr(path, SMACK64, buf, ret);
-
+ ret = getxattr(path, SMACK64, buf, ret);
if (ret < 0) {
free(buf);
return -1;
return 0;
}
-int smack_get_smack_from_proc(int pid, char **smack)
+int smack_set_smack_to_file_or_symlink(const char *path, const char *smack)
{
- char buf[LINE_BUFFER_SIZE];
- FILE *file;
+ size_t size;
+ int ret;
- snprintf(buf, LINE_BUFFER_SIZE, SMACK_PROC_PATH, pid);
+ size = strlen(smack);
+ if (size > SMACK64_LEN)
+ return -1;
- file = fopen(buf, "r");
- if (file == NULL)
+ return lsetxattr(path, SMACK64, smack, size, 0);
+}
+
+int smack_get_smack_from_file_or_symlink(const char *path, char **smack)
+{
+ ssize_t ret;
+ char *buf;
+
+ ret = lgetxattr(path, SMACK64, NULL, 0);
+ if (ret < 0)
return -1;
- if (fgets(buf, LINE_BUFFER_SIZE, file) == NULL) {
- fclose(file);
+ buf = malloc(ret + 1);
+
+ ret = lgetxattr(path, SMACK64, buf, ret);
+ if (ret < 0) {
+ free(buf);
return -1;
}
- fclose(file);
- *smack = strdup(buf);
- return *smack != NULL ? 0 : - 1;
+ buf[ret] = '\0';
+ *smack = buf;
+ return 0;
+
}
-int smack_set_smackexec_to_file(const char *path, const char *smack, int flags)
+int smack_set_smackexec_to_file(const char *path, const char *smack)
{
size_t size;
int ret;
if (size > SMACK64_LEN)
return -1;
- if ((flags & SMACK_XATTR_SYMLINK) == 0)
- ret = setxattr(path, SMACK64EXEC, smack, size, 0);
- else
- ret = lsetxattr(path, SMACK64EXEC, smack, size, 0);
+ ret = setxattr(path, SMACK64EXEC, smack, size, 0);
return ret;
}
-int smack_get_smackexec_from_file(const char *path, char **smack, int flags)
+int smack_get_smackexec_from_file(const char *path, char **smack)
{
ssize_t ret;
char *buf;
- if ((flags & SMACK_XATTR_SYMLINK) == 0)
- ret = getxattr(path, SMACK64EXEC, NULL, 0);
- else
- ret = lgetxattr(path, SMACK64EXEC, NULL, 0);
-
+ ret = getxattr(path, SMACK64EXEC, NULL, 0);
if (ret < 0)
return -1;
buf = malloc(ret + 1);
- if ((flags & SMACK_XATTR_SYMLINK) == 0)
- ret = getxattr(path, SMACK64EXEC, buf, ret);
- else
- ret = lgetxattr(path, SMACK64EXEC, buf, ret);
-
+ ret = getxattr(path, SMACK64EXEC, buf, ret);
if (ret < 0) {
free(buf);
return -1;
return 0;
}
+int smack_get_smack_from_proc(int pid, char **smack)
+{
+ char buf[LINE_BUFFER_SIZE];
+ FILE *file;
+
+ snprintf(buf, LINE_BUFFER_SIZE, SMACK_PROC_PATH, pid);
+
+ file = fopen(buf, "r");
+ if (file == NULL)
+ return -1;
+
+ if (fgets(buf, LINE_BUFFER_SIZE, file) == NULL) {
+ fclose(file);
+ return -1;
+ }
+
+ fclose(file);
+ *smack = strdup(buf);
+ return *smack != NULL ? 0 : - 1;
+}
START_TEST(test_set_smack_to_file)
{
FILE *file;
- int rc = NULL;
- char *smack;
+ int rc = 0;
+ char *smack = NULL;
file = fopen("set_smack-dummy.txt", "w");
fprintf(file, "dummy\n");
fclose(file);
- rc = smack_set_smack_to_file("set_smack-dummy.txt", "Apple", 0);
+ rc = smack_set_smack_to_file("set_smack-dummy.txt", "Apple");
fail_unless(rc == 0, "Failed to set SMACK64");
- rc = smack_get_smack_from_file("set_smack-dummy.txt", &smack, 0);
+ rc = smack_get_smack_from_file("set_smack-dummy.txt", &smack);
fail_unless(rc == 0, "Failed to get SMACK64");
rc = strcmp(smack, "Apple");
START_TEST(test_set_smack_to_file_symlink)
{
FILE *file;
- int rc;
+ int rc = 0;
char *smack = NULL;
symlink("unknown.txt", "set_smack-symlink.txt");
- rc = smack_set_smack_to_file("set_smack-symlink.txt", "Apple", SMACK_XATTR_SYMLINK);
+ rc = smack_set_smack_to_file_or_symlink("set_smack-symlink.txt", "Apple");
fail_unless(rc == 0, "Failed to set SMACK64");
- rc = smack_get_smack_from_file("set_smack-symlink.txt", &smack, SMACK_XATTR_SYMLINK);
+ rc = smack_get_smack_from_file_or_symlink("set_smack-symlink.txt", &smack);
fail_unless(rc == 0, "Failed to get SMACK64");
rc = strcmp(smack, "Apple");
fprintf(file, "dummy\n");
fclose(file);
- rc = smack_set_smackexec_to_file("set_smack-dummy.txt", "Apple", 0);
+ rc = smack_set_smackexec_to_file("set_smack-dummy.txt", "Apple");
fail_unless(rc == 0, "Failed to set SMACK64EXEC");
- rc = smack_get_smackexec_from_file("set_smack-dummy.txt", &smack, 0);
+ rc = smack_get_smackexec_from_file("set_smack-dummy.txt", &smack);
fail_unless(rc == 0, "Failed to get SMACK64EXEC");
rc = strcmp(smack, "Apple");
projects / framework / security / smack.git / commitdiff