From 34e635b5bec3afed902ee6bb232f418e0437d568 Mon Sep 17 00:00:00 2001 From: Jarkko Sakkinen Date: Mon, 30 Sep 2013 14:31:33 +0300 Subject: [PATCH] Revert "Avoid memory allocation while opening smackfs files." This reverts commit 6c1d15b1fe420b848d7afdd0a7ef0c20dfdcc08e. --- libsmack/init.c | 12 ++---------- libsmack/libsmack.c | 48 +++++++++++++++++++++++++++--------------------- utils/common.c | 8 ++++++-- 3 files changed, 35 insertions(+), 33 deletions(-) diff --git a/libsmack/init.c b/libsmack/init.c index c3465d9..1711904 100644 --- a/libsmack/init.c +++ b/libsmack/init.c @@ -44,7 +44,6 @@ #define OLDSMACKFSMNT "/smack" char *smack_mnt = NULL; -int smack_mnt_dirfd = -1; void set_smackmnt(const char *mnt) { @@ -62,31 +61,24 @@ static int verify_smackmnt(const char *mnt) { struct statfs sfbuf; int rc; - int fd; - - fd = open(mnt, O_RDONLY, 0); - if (fd < 0) - return -1; do { - rc = fstatfs(fd, &sfbuf); + rc = statfs(mnt, &sfbuf); } while (rc < 0 && errno == EINTR); if (rc == 0) { if ((uint32_t)sfbuf.f_type == (uint32_t)SMACK_MAGIC) { struct statvfs vfsbuf; - rc = fstatvfs(fd, &vfsbuf); + rc = statvfs(mnt, &vfsbuf); if (rc == 0) { if (!(vfsbuf.f_flag & ST_RDONLY)) { set_smackmnt(mnt); } - smack_mnt_dirfd = fd; return 0; } } } - close(fd); return -1; } diff --git a/libsmack/libsmack.c b/libsmack/libsmack.c index e0487ca..d98f233 100644 --- a/libsmack/libsmack.c +++ b/libsmack/libsmack.c @@ -30,6 +30,7 @@ #include #include #include +#include #include #define ACC_LEN 5 @@ -51,7 +52,6 @@ #define SELF_LABEL_FILE "/proc/self/attr/current" extern char *smack_mnt; -extern int smack_mnt_dirfd; struct smack_rule { char subject[SMACK_LABEL_LEN + 1]; @@ -285,18 +285,21 @@ int smack_have_access(const char *subject, const char *object, int ret; int fd; int access2 = 1; + char path[PATH_MAX]; - if (smack_mnt_dirfd < 0) { + if (!smack_mnt) { errno = EFAULT; - return -1; + return -1; } - - fd = openat(smack_mnt_dirfd, "access2", O_RDWR); + + snprintf(path, sizeof path, "%s/access2", smack_mnt); + fd = open(path, O_RDWR); if (fd < 0) { if (errno != ENOENT) return -1; - - fd = openat(smack_mnt_dirfd, "access", O_RDWR); + + snprintf(path, sizeof path, "%s/access", smack_mnt); + fd = open(path, O_RDWR); if (fd < 0) return -1; access2 = 0; @@ -363,14 +366,16 @@ int smack_cipso_apply(struct smack_cipso *cipso) char buf[CIPSO_MAX_SIZE]; int fd; int i; + char path[PATH_MAX]; int offset=0; - if (smack_mnt_dirfd < 0) { + if (!smack_mnt) { errno = EFAULT; return -1; } - fd = openat(smack_mnt_dirfd, "cipso2", O_WRONLY); + snprintf(path, sizeof path, "%s/cipso2", smack_mnt); + fd = open(path, O_WRONLY); if (fd < 0) return -1; @@ -595,17 +600,14 @@ int smack_revoke_subject(const char *subject) int ret; int fd; int len; - - if (smack_mnt_dirfd < 0) { - errno = EFAULT; - return -1; - } + char path[PATH_MAX]; len = strnlen(subject, SMACK_LABEL_LEN + 1); if (len > SMACK_LABEL_LEN) return -1; - fd = openat(smack_mnt_dirfd, "revoke-subject", O_WRONLY); + snprintf(path, sizeof path, "%s/revoke-subject", smack_mnt); + fd = open(path, O_WRONLY); if (fd < 0) return -1; @@ -624,25 +626,29 @@ static int accesses_apply(struct smack_accesses *handle, int clear) int load_fd; int change_fd; int load2 = 1; + char path[PATH_MAX]; - if (smack_mnt_dirfd < 0) { + if (!smack_mnt) { errno = EFAULT; - return -1; + return -1; } - - load_fd = openat(smack_mnt_dirfd, "load2", O_WRONLY); + + snprintf(path, sizeof path, "%s/load2", smack_mnt); + load_fd = open(path, O_WRONLY); if (load_fd < 0) { if (errno != ENOENT) return -1; /* fallback */ - load_fd = openat(smack_mnt_dirfd, "load", O_WRONLY); + snprintf(path, sizeof path, "%s/load", smack_mnt); + load_fd = open(path, O_WRONLY); /* Try to continue if the file doesn't exist, we might not need it. */ if (load_fd < 0 && errno != ENOENT) return -1; load2 = 0; } - change_fd = openat(smack_mnt_dirfd, "change-rule", O_WRONLY); + snprintf(path, sizeof path, "%s/change-rule", smack_mnt); + change_fd = open(path, O_WRONLY); /* Try to continue if the file doesn't exist, we might not need it. */ if (change_fd < 0 && errno != ENOENT) { ret = -1; diff --git a/utils/common.c b/utils/common.c index 2ec0f35..0ff1e78 100644 --- a/utils/common.c +++ b/utils/common.c @@ -30,6 +30,7 @@ #include #include #include +#include #define SMACK_MAGIC 0x43415d53 @@ -66,8 +67,10 @@ int clear(void) int fd; int ret; const char * smack_mnt; + char path[PATH_MAX]; - if (smack_mnt_dirfd < 0) { + smack_mnt = smack_smackfs_path(); + if (!smack_mnt) { errno = EFAULT; return -1; } @@ -75,7 +78,8 @@ int clear(void) if (is_smackfs_mounted() != 1) return -1; - fd = openat(smack_mnt_dirfd, "load2", O_RDONLY); + snprintf(path, sizeof path, "%s/load2", smack_mnt); + fd = open(path, O_RDONLY); if (fd < 0) return -1; -- 2.7.4