From b2816478da2e001cac5d1435896d3eb410cdfc0e Mon Sep 17 00:00:00 2001
From: Jarkko Sakkinen <jarkko.sakkinen@iki.fi>
Date: Sun, 11 Dec 2011 00:21:49 +0200
Subject: [PATCH] Added smack_get_self_label().

---
 libsmack/libsmack.c   | 50 ++++++++++++++++++++------------------------------
 libsmack/libsmack.sym |  3 ++-
 libsmack/sys/smack.h  | 24 +++++++++++++-----------
 utils/common.c        |  1 -
 utils/common.h        |  2 +-
 utils/smackself.c     | 12 ++++++++----
 6 files changed, 44 insertions(+), 48 deletions(-)

diff --git a/libsmack/libsmack.c b/libsmack/libsmack.c
index 60ace08..fafc8d7 100644
--- a/libsmack/libsmack.c
+++ b/libsmack/libsmack.c
@@ -243,30 +243,37 @@ int smack_have_access(const char *subject, const char *object,
 	return buf[0] == '1';
 }
 
-int smack_new_label_from_self(char **label)
+ssize_t smack_get_self_label(char *buf, size_t count)
 {
-	char *result;
 	int fd;
 	int ret;
 
-	result = calloc(LABEL_LEN + 1, 1);
-	if (result == NULL)
-		return -1;
-
 	fd = open(SELF_LABEL_FILE, O_RDONLY);
-	if (fd < 0) {
-		free(result);
+	if (fd < 0)
 		return -1;
-	}
 
-	ret = read(fd, result, LABEL_LEN);
+	ret = read(fd, buf, count);
 	close(fd);
-	if (ret < 0) {
-		free(result);
+	if (ret < 0)
+		return -1;
+
+	return count;
+}
+
+int smack_set_self_label(char *label)
+{
+	int fd;
+
+	fd = open(SELF_LABEL_FILE, O_WRONLY);
+	if (fd < 0)
+		return -1;
+
+	if (write(fd, label, strlen(label)) < 0) {
+		close(fd);
 		return -1;
 	}
 
-	*label = result;
+	close(fd);
 	return 0;
 }
 
@@ -295,23 +302,6 @@ int smack_new_label_from_socket(int fd, char **label)
 	return 0;
 }
 
-int smack_set_self_label(char *label)
-{
-	int fd;
-
-	fd = open(SELF_LABEL_FILE, O_WRONLY);
-	if (fd < 0)
-		return -1;
-
-	if (write(fd, label, strlen(label)) < 0) {
-		close(fd);
-		return -1;
-	}
-
-	close(fd);
-	return 0;
-}
-
 static int accesses_apply(struct smack_accesses *handle, int clear)
 {
 	char buf[LOAD_LEN + 1];
diff --git a/libsmack/libsmack.sym b/libsmack/libsmack.sym
index a7d4de2..eb0bfb4 100644
--- a/libsmack/libsmack.sym
+++ b/libsmack/libsmack.sym
@@ -8,7 +8,8 @@ global:
 	smack_accesses_add;
 	smack_accesses_add_from_file;
 	smack_have_access;
-	smack_new_label_from_self;
+	smack_get_self_label;
+	smack_set_self_label;
 	smack_new_label_from_socket;
 local:
 	*;
diff --git a/libsmack/sys/smack.h b/libsmack/sys/smack.h
index 707edb1..2944ad0 100644
--- a/libsmack/sys/smack.h
+++ b/libsmack/sys/smack.h
@@ -29,6 +29,8 @@
 #ifndef SMACK_H
 #define SMACK_H
 
+#include <sys/types.h>
+
 /*!
  * Handle to a in-memory representation of set of Smack rules.
  */
@@ -112,12 +114,19 @@ int smack_have_access(const char *subject, const char *object,
 
 /*!
   * Get the label that is associated with the callers process.
-  * Caller is responsible of freeing the returned label.
   *
-  * @param label returned label
-  * @return 0 on success and negative value on failure.
+  * @param buf character buffer where label is read
+  * @param count length of the buffer
+  * @return label length on success and negative value on failure.
   */
-int smack_new_label_from_self(char **label);
+ssize_t smack_get_self_label(char *buf, size_t count);
+
+/*!
+ * Set the label that is associated with the callers process.
+ *
+ * @param label new label for callers process
+ */
+int smack_set_self_label(char *label);
 
 /*!
   * Get the label that is associated with a peer on the other end of an
@@ -130,13 +139,6 @@ int smack_new_label_from_self(char **label);
   */
 int smack_new_label_from_socket(int fd, char **label);
 
-/*!
- * Set Smack label for callers process. Requires CAP_MAC_ADMIN.
- *
- * @param label new label for callers process
- */
-int smack_set_self_label(char *label);
-
 #ifdef __cplusplus
 }
 #endif
diff --git a/utils/common.c b/utils/common.c
index b15b97b..8e03b9e 100644
--- a/utils/common.c
+++ b/utils/common.c
@@ -36,7 +36,6 @@
 #include <string.h>
 
 #define SMACKFS_MAGIC 0x43415d53
-#define LABEL_LEN 23
 #define CAT_MAX_COUNT 240
 #define CAT_MAX_VALUE 63
 #define LEVEL_MAX 255
diff --git a/utils/common.h b/utils/common.h
index 07d8c2e..43ebb91 100644
--- a/utils/common.h
+++ b/utils/common.h
@@ -25,13 +25,13 @@
 #ifndef COMMON_H
 #define COMMON_H
 
+#define LABEL_LEN 23
 #define SMACKFS_MNT "/smack"
 #define ACCESSES_PATH "/etc/smack/accesses"
 #define ACCESSES_D_PATH "/etc/smack/accesses.d"
 #define CIPSO_PATH "/etc/smack/cipso"
 #define CIPSO_D_PATH "/etc/smack/cipso.d"
 
-
 int clear(void);
 int is_smackfs_mounted(void);
 int apply_rules(const char *path, int clear);
diff --git a/utils/smackself.c b/utils/smackself.c
index 55afea0..1d98d8b 100644
--- a/utils/smackself.c
+++ b/utils/smackself.c
@@ -25,17 +25,21 @@
 #include <sys/smack.h>
 #include <stdio.h>
 #include <stdlib.h>
+#include "common.h"
 
 int main(int argc, char **argv)
 {
-	char *label = NULL;
+	char label[LABEL_LEN + 1];
+	int len;
 
-	if (smack_new_label_from_self(&label)) {
-		perror("smack_new_label_from_self");
+	len = smack_get_self_label(label, LABEL_LEN);
+	if (len < 0) {
+		perror("smack_get_self_label");
 		return EXIT_FAILURE;
 	}
 
+	label[len] = '\0';
+
 	printf("%s", label);
-	free(label);
 	return EXIT_SUCCESS;
 }
-- 
2.7.4