1*2d543d20SAndroid Build Coastguard Worker #include <unistd.h> 2*2d543d20SAndroid Build Coastguard Worker #include <sys/types.h> 3*2d543d20SAndroid Build Coastguard Worker #include <fcntl.h> 4*2d543d20SAndroid Build Coastguard Worker #include <stdlib.h> 5*2d543d20SAndroid Build Coastguard Worker #include <errno.h> 6*2d543d20SAndroid Build Coastguard Worker #include <string.h> 7*2d543d20SAndroid Build Coastguard Worker #include <stdio.h> 8*2d543d20SAndroid Build Coastguard Worker #include "selinux_internal.h" 9*2d543d20SAndroid Build Coastguard Worker #include "policy.h" 10*2d543d20SAndroid Build Coastguard Worker #include <limits.h> 11*2d543d20SAndroid Build Coastguard Worker security_check_context_raw(const char * con)12*2d543d20SAndroid Build Coastguard Workerint security_check_context_raw(const char * con) 13*2d543d20SAndroid Build Coastguard Worker { 14*2d543d20SAndroid Build Coastguard Worker char path[PATH_MAX]; 15*2d543d20SAndroid Build Coastguard Worker int fd, ret; 16*2d543d20SAndroid Build Coastguard Worker 17*2d543d20SAndroid Build Coastguard Worker if (!selinux_mnt) { 18*2d543d20SAndroid Build Coastguard Worker errno = ENOENT; 19*2d543d20SAndroid Build Coastguard Worker return -1; 20*2d543d20SAndroid Build Coastguard Worker } 21*2d543d20SAndroid Build Coastguard Worker 22*2d543d20SAndroid Build Coastguard Worker snprintf(path, sizeof path, "%s/context", selinux_mnt); 23*2d543d20SAndroid Build Coastguard Worker fd = open(path, O_RDWR | O_CLOEXEC); 24*2d543d20SAndroid Build Coastguard Worker if (fd < 0) 25*2d543d20SAndroid Build Coastguard Worker return -1; 26*2d543d20SAndroid Build Coastguard Worker 27*2d543d20SAndroid Build Coastguard Worker ret = write(fd, con, strlen(con) + 1); 28*2d543d20SAndroid Build Coastguard Worker close(fd); 29*2d543d20SAndroid Build Coastguard Worker if (ret < 0) 30*2d543d20SAndroid Build Coastguard Worker return -1; 31*2d543d20SAndroid Build Coastguard Worker return 0; 32*2d543d20SAndroid Build Coastguard Worker } 33*2d543d20SAndroid Build Coastguard Worker 34*2d543d20SAndroid Build Coastguard Worker security_check_context(const char * con)35*2d543d20SAndroid Build Coastguard Workerint security_check_context(const char * con) 36*2d543d20SAndroid Build Coastguard Worker { 37*2d543d20SAndroid Build Coastguard Worker int ret; 38*2d543d20SAndroid Build Coastguard Worker char * rcon; 39*2d543d20SAndroid Build Coastguard Worker 40*2d543d20SAndroid Build Coastguard Worker if (selinux_trans_to_raw_context(con, &rcon)) 41*2d543d20SAndroid Build Coastguard Worker return -1; 42*2d543d20SAndroid Build Coastguard Worker 43*2d543d20SAndroid Build Coastguard Worker ret = security_check_context_raw(rcon); 44*2d543d20SAndroid Build Coastguard Worker 45*2d543d20SAndroid Build Coastguard Worker freecon(rcon); 46*2d543d20SAndroid Build Coastguard Worker 47*2d543d20SAndroid Build Coastguard Worker return ret; 48*2d543d20SAndroid Build Coastguard Worker } 49*2d543d20SAndroid Build Coastguard Worker 50