#include <fcntl.h>
#include <string.h>
#include <strings.h>
-#include <sys/smack.h>
#include <sys/wait.h>
#include <ftw.h>
static int feature_support_capability;
+enum smack_label_type {
+ SMACK_LABEL_ACCESS,
+ SMACK_LABEL_EXEC,
+ SMACK_LABEL_MMAP,
+ SMACK_LABEL_TRANSMUTE,
+ SMACK_LABEL_IPIN,
+ SMACK_LABEL_IPOUT,
+};
+
+#define SMACK_LABEL_LEN 255
+
/************************************************************
* common functions
************************************************************/
}
}
+static inline char *SS_get_xattr_name(enum smack_label_type type)
+{
+ switch (type) {
+ case SMACK_LABEL_ACCESS:
+ return "security.SMACK64";
+ case SMACK_LABEL_EXEC:
+ return "security.SMACK64EXEC";
+ case SMACK_LABEL_MMAP:
+ return "security.SMACK64MMAP";
+ case SMACK_LABEL_TRANSMUTE:
+ return "security.SMACK64TRANSMUTE";
+ case SMACK_LABEL_IPIN:
+ return "security.SMACK64IPIN";
+ case SMACK_LABEL_IPOUT:
+ return "security.SMACK64IPOUT";
+ default:
+ /* Should not reach this point */
+ return NULL;
+ }
+}
+
+int SS_smack_lsetlabel(const char *path, const char *label, enum smack_label_type type)
+{
+ if (path == NULL) {
+ LOGE("Path is NULL\n");
+ return -1;
+ }
+
+ char *xattr_name = SS_get_xattr_name(type);
+ if (xattr_name == NULL) {
+ LOGE("Failed get xattr name\n");
+ return -1;
+ }
+
+ /* Check validity of labels for LABEL_TRANSMUTE */
+ if (type == SMACK_LABEL_TRANSMUTE && label != NULL) {
+ if (!strncmp(label, "0", strlen("0"))) {
+ label = NULL;
+ } else if (!strncmp(label, "1", strlen("0"))) {
+ label = "TRUE";
+ } else {
+ return -1;
+ }
+ }
+
+ if (label == NULL || label[0] == '\0') {
+ return lremovexattr(path, xattr_name);
+ } else {
+ int len = strnlen(label, SMACK_LABEL_LEN + 1);
+ if (len > SMACK_LABEL_LEN) {
+ return -1;
+ }
+ return lsetxattr(path, xattr_name, label, len, 0);
+ }
+}
+
/*!
*******************************************************************************
* Set file attributes.<p>
// Get Smack value -> Set Smack value
if (*smack_attr_pos != '\0') {
- smack_lsetlabel(setFilePath, NULL, SMACK_LABEL_ACCESS);
- smack_lsetlabel(setFilePath, NULL, SMACK_LABEL_EXEC);
- smack_lsetlabel(setFilePath, NULL, SMACK_LABEL_MMAP);
- smack_lsetlabel(setFilePath, NULL, SMACK_LABEL_TRANSMUTE);
+ SS_smack_lsetlabel(setFilePath, NULL, SMACK_LABEL_ACCESS);
+ SS_smack_lsetlabel(setFilePath, NULL, SMACK_LABEL_EXEC);
+ SS_smack_lsetlabel(setFilePath, NULL, SMACK_LABEL_MMAP);
+ SS_smack_lsetlabel(setFilePath, NULL, SMACK_LABEL_TRANSMUTE);
psmack = strstr(smack_attr_pos, "access=\"");
if (psmack) {
memset(tmpSmackAttribs, 0x0, sizeof(tmpSmackAttribs));
- memcpy(tmpSmackAttribs, psmack, strlen(psmack));
+ memcpy(tmpSmackAttribs, psmack, sizeof(tmpSmackAttribs) - 1);
smack_value = strtok_r(tmpSmackAttribs, "\"", &saveptr);
if (smack_value) {
smack_value = strtok_r(NULL, "\"", &saveptr);
//LOGL(LOG_SSENGINE, "[SMACK_LABEL_ACCESS] smack_value=%s\n", smack_value);
if (smack_value) {
- ret = smack_lsetlabel(setFilePath, smack_value, SMACK_LABEL_ACCESS);
+ ret = SS_smack_lsetlabel(setFilePath, smack_value, SMACK_LABEL_ACCESS);
if (ret < 0)
- LOGL(LOG_SSENGINE, "smack_lsetlabel() failed\n");
+ LOGL(LOG_SSENGINE, "SS_smack_lsetlabel() failed\n");
}
}
}
psmack = strstr(smack_attr_pos, "execute=\"");
if (psmack) {
memset(tmpSmackAttribs, 0x0, sizeof(tmpSmackAttribs));
- memcpy(tmpSmackAttribs, psmack, strlen(psmack));
+ memcpy(tmpSmackAttribs, psmack, sizeof(tmpSmackAttribs) - 1);
smack_value = strtok_r(tmpSmackAttribs, "\"", &saveptr);
if (smack_value) {
smack_value = strtok_r(NULL, "\"", &saveptr);
//LOGL(LOG_SSENGINE, "[SMACK_LABEL_EXEC] smack_value=%s\n", smack_value);
if (smack_value) {
- ret = smack_lsetlabel(setFilePath, smack_value, SMACK_LABEL_EXEC);
+ ret = SS_smack_lsetlabel(setFilePath, smack_value, SMACK_LABEL_EXEC);
if (ret < 0)
- LOGL(LOG_SSENGINE, "smack_lsetlabel() failed\n");
+ LOGL(LOG_SSENGINE, "SS_smack_lsetlabel() failed\n");
}
}
}
psmack = strstr(smack_attr_pos, "mmap=\"");
if (psmack) {
memset(tmpSmackAttribs, 0x0, sizeof(tmpSmackAttribs));
- memcpy(tmpSmackAttribs, psmack, strlen(psmack));
+ memcpy(tmpSmackAttribs, psmack, sizeof(tmpSmackAttribs) - 1);
smack_value = strtok_r(tmpSmackAttribs, "\"", &saveptr);
if (smack_value) {
smack_value = strtok_r(NULL, "\"", &saveptr);
//LOGL(LOG_SSENGINE, "[SMACK_LABEL_MMAP] smack_value=%s\n", smack_value);
if (smack_value) {
- ret = smack_lsetlabel(setFilePath, smack_value, SMACK_LABEL_MMAP);
+ ret = SS_smack_lsetlabel(setFilePath, smack_value, SMACK_LABEL_MMAP);
if (ret < 0)
- LOGL(LOG_SSENGINE, "smack_lsetlabel() failed\n");
+ LOGL(LOG_SSENGINE, "SS_smack_lsetlabel() failed\n");
}
}
}
psmack = strstr(smack_attr_pos, "transmute=\"");
if (psmack) {
memset(tmpSmackAttribs, 0x0, sizeof(tmpSmackAttribs));
- memcpy(tmpSmackAttribs, psmack, strlen(psmack));
+ memcpy(tmpSmackAttribs, psmack, sizeof(tmpSmackAttribs) - 1);
smack_value = strtok_r(tmpSmackAttribs, "\"", &saveptr);
if (smack_value) {
smack_value = strtok_r(NULL, "\"", &saveptr);
//LOGL(LOG_SSENGINE, "[SMACK_LABEL_TRANSMUTE] smack_value=%s\n", smack_value);
if (smack_value) {
if (strcasecmp(smack_value, "TRUE") == 0)
- ret = smack_lsetlabel(setFilePath, "1", SMACK_LABEL_TRANSMUTE);
+ ret = SS_smack_lsetlabel(setFilePath, "1", SMACK_LABEL_TRANSMUTE);
else
- ret = smack_lsetlabel(setFilePath, "0", SMACK_LABEL_TRANSMUTE);
+ ret = SS_smack_lsetlabel(setFilePath, "0", SMACK_LABEL_TRANSMUTE);
if (ret < 0)
- LOGL(LOG_SSENGINE, "smack_lsetlabel() failed\n");
+ LOGL(LOG_SSENGINE, "SS_smack_lsetlabel() failed\n");
}
}
}
projects / platform / core / system / libtota.git / commitdiff