#define SMACK64 "security.SMACK64"
#define SMACK64_LEN 23
+#define SMACK_PROC_PATH "/proc/%d/attr/current"
+#define LINE_BUFFER_SIZE 255
+
struct smack_object {
char object[SMACK64_LEN + 1];
unsigned ac;
return ((o->ac & ac) == ac);
}
-int smack_set_smack(const char *path, const char *smack)
+int smack_set_file_smack(const char *path, const char *smack)
{
size_t size;
int ret;
return ret;
}
-int smack_get_smack(const char *path, char **smack)
+int smack_get_file_smack(const char *path, char **smack)
{
ssize_t ret;
char *buf;
return 0;
}
+int smack_get_proc_smack(int pid, char **smack)
+{
+ char buf[LINE_BUFFER_SIZE];
+ FILE *file;
+
+ snprintf(buf, LINE_BUFFER_SIZE, SMACK_PROC_PATH, pid);
+
+ file = fopen(buf, "r");
+ if (file == NULL)
+ return -1;
+
+ if (fgets(buf, LINE_BUFFER_SIZE, file) == NULL) {
+ fclose(file);
+ return -1;
+ }
+
+ fclose(file);
+ *smack = strdup(buf);
+ return *smack != NULL ? 0 : - 1;
+}
+
+
static int update_rule(struct smack_ruleset *handle,
const char *subject_str,
const char *object_str, unsigned ac)
* @param smack new value
* @return 0 on success
*/
-extern int smack_set_smack(const char *path, const char *smack);
+extern int smack_set_file_smack(const char *path, const char *smack);
/*!
* Get SMACK64 security attribute for a given path. Follows symbolic links.
* @param smack current value
* @return 0 on success
*/
-extern int smack_get_smack(const char *path, char **smack);
+extern int smack_get_file_smack(const char *path, char **smack);
+
+/*!
+ * Get SMACK64 security attribute for a given pid.
+ *
+ * @param pid pid of a process
+ * @param smack current value
+ * @return 0 on success
+ */
+extern int smack_get_proc_smack(int pid, char **smack);
#ifdef __cplusplus
}
}
END_TEST
-START_TEST(test_set_smack)
+START_TEST(test_set_file_smack)
{
FILE *file;
int rc;
fprintf(file, "dummy\n");
fclose(file);
- rc = smack_set_smack("set_smack-dummy.txt", "Apple");
+ rc = smack_set_file_smack("set_smack-dummy.txt", "Apple");
fail_unless(rc == 0, "Failed to set SMACK64");
- rc = smack_get_smack("set_smack-dummy.txt", &smack);
+ rc = smack_get_file_smack("set_smack-dummy.txt", &smack);
fail_unless(rc == 0, "Failed to get SMACK64");
rc = strcmp(smack, "Apple");
/*
tc_core = tcase_create("Security attributes");
- tcase_add_test(tc_core, test_set_smack);
+ tcase_add_test(tc_core, test_set_file_smack);
suite_add_tcase(s, tc_core);
*/