From: Jarkko Sakkinen Date: Fri, 11 Nov 2011 09:49:42 +0000 (+0200) Subject: libsmack: smack_accesses_new_from_file -> smack_accesses_add_from_file X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=ee9d2b3a9536adab93c2197bfb45917350c377da;p=framework%2Fsecurity%2Fsmack.git libsmack: smack_accesses_new_from_file -> smack_accesses_add_from_file --- diff --git a/libsmack/libsmack.c b/libsmack/libsmack.c index ca64401..1b96524 100644 --- a/libsmack/libsmack.c +++ b/libsmack/libsmack.c @@ -78,55 +78,6 @@ int smack_accesses_new(struct smack_accesses **accesses) return 0; } -int smack_accesses_new_from_file(int fd, struct smack_accesses **accesses) -{ - struct smack_accesses *result = NULL; - FILE *file = NULL; - char buf[READ_BUF_SIZE]; - char *ptr; - const char *subject, *object, *access; - int newfd; - - if (smack_accesses_new(&result)) - goto err_out; - - newfd = dup(fd); - if (newfd == -1) - goto err_out; - - file = fdopen(newfd, "r"); - if (file == NULL) { - close(newfd); - goto err_out; - } - - while (fgets(buf, READ_BUF_SIZE, file) != NULL) { - subject = strtok_r(buf, " \t\n", &ptr); - object = strtok_r(NULL, " \t\n", &ptr); - access = strtok_r(NULL, " \t\n", &ptr); - - if (subject == NULL || object == NULL || access == NULL || - strtok_r(NULL, " \t\n", &ptr) != NULL) { - errno = EINVAL; - goto err_out; - } - - if (smack_accesses_add(result, subject, object, access)) - goto err_out; - } - - if (ferror(file)) - goto err_out; - - fclose(file); - *accesses = result; - return 0; -err_out: - fclose(file); - smack_accesses_free(result); - return -1; -} - void smack_accesses_free(struct smack_accesses *handle) { if (handle == NULL) @@ -212,6 +163,51 @@ int smack_accesses_add(struct smack_accesses *handle, const char *subject, return 0; } +int smack_accesses_add_from_file(struct smack_accesses *accesses, int fd) +{ + FILE *file = NULL; + char buf[READ_BUF_SIZE]; + char *ptr; + const char *subject, *object, *access; + int newfd; + + newfd = dup(fd); + if (newfd == -1) + return -1; + + file = fdopen(newfd, "r"); + if (file == NULL) { + close(newfd); + return -1; + } + + while (fgets(buf, READ_BUF_SIZE, file) != NULL) { + subject = strtok_r(buf, " \t\n", &ptr); + object = strtok_r(NULL, " \t\n", &ptr); + access = strtok_r(NULL, " \t\n", &ptr); + + if (subject == NULL || object == NULL || access == NULL || + strtok_r(NULL, " \t\n", &ptr) != NULL) { + errno = EINVAL; + fclose(file); + return -1; + } + + if (smack_accesses_add(accesses, subject, object, access)) { + fclose(file); + return -1; + } + } + + if (ferror(file)) { + fclose(file); + return -1; + } + + fclose(file); + return 0; +} + int smack_have_access(const char *subject, const char *object, const char *access_type) { diff --git a/libsmack/libsmack.sym b/libsmack/libsmack.sym index 2298418..a7d4de2 100644 --- a/libsmack/libsmack.sym +++ b/libsmack/libsmack.sym @@ -1,12 +1,12 @@ LIBSMACK_1.0 { global: smack_accesses_new; - smack_accesses_new_from_file; smack_accesses_free; smack_accesses_save; smack_accesses_apply; smack_accesses_clear; smack_accesses_add; + smack_accesses_add_from_file; smack_have_access; smack_new_label_from_self; smack_new_label_from_socket; diff --git a/libsmack/sys/smack.h b/libsmack/sys/smack.h index 9c12b63..de4a593 100644 --- a/libsmack/sys/smack.h +++ b/libsmack/sys/smack.h @@ -47,16 +47,6 @@ struct smack_accesses; int smack_accesses_new(struct smack_accesses **accesses); /*! - * Creates a new smack_accesses instance from a given - * file descriptor. - * - * @param fd file descriptor - * @param accesses created instance - * @return 0 on success and negative value on failure. - */ -int smack_accesses_new_from_file(int fd, struct smack_accesses **accesses); - -/*! * Destroy a struct smack_accesses *instance. * * @param handle handle to a struct smack_accesses *instance @@ -101,6 +91,15 @@ int smack_accesses_add(struct smack_accesses *handle, const char *subject, const char *object, const char *access_type); /*! + * Add rules from file. + * + * @param accesses instance + * @param fd file descriptor + * @return 0 on success and negative value on failure. + */ +int smack_accesses_add_from_file(struct smack_accesses *accesses, int fd); + +/*! * Check for Smack access. * * @param subject subject of the rule diff --git a/utils/smackctl.c b/utils/smackctl.c index 9a58bf6..8b8a55c 100644 --- a/utils/smackctl.c +++ b/utils/smackctl.c @@ -237,16 +237,23 @@ static int apply_rules(const char *path, int clear) int fd = 0; int ret = 0; + if (smack_accesses_new(&rules)) { + perror("smack_accesses_new"); + return -1; + } + fd = open(path, O_RDONLY); if (fd < 0) { perror("open"); + smack_accesses_free(rules); return -1; } - ret = smack_accesses_new_from_file(fd, &rules); + ret = smack_accesses_add_from_file(rules, fd); close(fd); if (rules == NULL) { - perror("smack_accesses_new"); + perror("smack_accesses_add_from_file"); + smack_accesses_free(rules); return -1; } @@ -254,7 +261,9 @@ static int apply_rules(const char *path, int clear) ret = smack_accesses_apply(rules); else ret = smack_accesses_clear(rules); + smack_accesses_free(rules); + if (ret) { perror("smack_accesses_apply"); return -1;