1*2d543d20SAndroid Build Coastguard Worker #include <unistd.h>
2*2d543d20SAndroid Build Coastguard Worker #include <sys/types.h>
3*2d543d20SAndroid Build Coastguard Worker #include <fcntl.h>
4*2d543d20SAndroid Build Coastguard Worker #include <stdio.h>
5*2d543d20SAndroid Build Coastguard Worker #include <stdlib.h>
6*2d543d20SAndroid Build Coastguard Worker #include <errno.h>
7*2d543d20SAndroid Build Coastguard Worker #include <string.h>
8*2d543d20SAndroid Build Coastguard Worker #include <ctype.h>
9*2d543d20SAndroid Build Coastguard Worker #include <selinux/selinux.h>
10*2d543d20SAndroid Build Coastguard Worker
usage(const char * name,const char * detail,int rc)11*2d543d20SAndroid Build Coastguard Worker static __attribute__ ((__noreturn__)) void usage(const char *name, const char *detail, int rc)
12*2d543d20SAndroid Build Coastguard Worker {
13*2d543d20SAndroid Build Coastguard Worker fprintf(stderr, "usage: %s command [ fromcon ]\n", name);
14*2d543d20SAndroid Build Coastguard Worker if (detail)
15*2d543d20SAndroid Build Coastguard Worker fprintf(stderr, "%s: %s\n", name, detail);
16*2d543d20SAndroid Build Coastguard Worker exit(rc);
17*2d543d20SAndroid Build Coastguard Worker }
18*2d543d20SAndroid Build Coastguard Worker
get_selinux_proc_context(const char * command,const char * execcon)19*2d543d20SAndroid Build Coastguard Worker static char * get_selinux_proc_context(const char *command, const char * execcon) {
20*2d543d20SAndroid Build Coastguard Worker char * fcon = NULL, *newcon = NULL;
21*2d543d20SAndroid Build Coastguard Worker
22*2d543d20SAndroid Build Coastguard Worker int ret = getfilecon(command, &fcon);
23*2d543d20SAndroid Build Coastguard Worker if (ret < 0) goto err;
24*2d543d20SAndroid Build Coastguard Worker ret = security_compute_create(execcon, fcon, string_to_security_class("process"), &newcon);
25*2d543d20SAndroid Build Coastguard Worker if (ret < 0) goto err;
26*2d543d20SAndroid Build Coastguard Worker
27*2d543d20SAndroid Build Coastguard Worker err:
28*2d543d20SAndroid Build Coastguard Worker freecon(fcon);
29*2d543d20SAndroid Build Coastguard Worker return newcon;
30*2d543d20SAndroid Build Coastguard Worker }
31*2d543d20SAndroid Build Coastguard Worker
main(int argc,char ** argv)32*2d543d20SAndroid Build Coastguard Worker int main(int argc, char **argv)
33*2d543d20SAndroid Build Coastguard Worker {
34*2d543d20SAndroid Build Coastguard Worker int ret = -1;
35*2d543d20SAndroid Build Coastguard Worker char * proccon = NULL, *con = NULL;
36*2d543d20SAndroid Build Coastguard Worker if (argc < 2 || argc > 3)
37*2d543d20SAndroid Build Coastguard Worker usage(argv[0], "Invalid number of arguments", -1);
38*2d543d20SAndroid Build Coastguard Worker
39*2d543d20SAndroid Build Coastguard Worker if (argc == 2) {
40*2d543d20SAndroid Build Coastguard Worker if (getcon(&con) < 0) {
41*2d543d20SAndroid Build Coastguard Worker perror(argv[0]);
42*2d543d20SAndroid Build Coastguard Worker return -1;
43*2d543d20SAndroid Build Coastguard Worker }
44*2d543d20SAndroid Build Coastguard Worker } else {
45*2d543d20SAndroid Build Coastguard Worker con = strdup(argv[2]);
46*2d543d20SAndroid Build Coastguard Worker if (security_check_context(con)) {
47*2d543d20SAndroid Build Coastguard Worker fprintf(stderr, "%s: invalid from context '%s'\n", argv[0], con);
48*2d543d20SAndroid Build Coastguard Worker free(con);
49*2d543d20SAndroid Build Coastguard Worker return -1;
50*2d543d20SAndroid Build Coastguard Worker }
51*2d543d20SAndroid Build Coastguard Worker }
52*2d543d20SAndroid Build Coastguard Worker
53*2d543d20SAndroid Build Coastguard Worker proccon = get_selinux_proc_context(argv[1], con);
54*2d543d20SAndroid Build Coastguard Worker if (proccon) {
55*2d543d20SAndroid Build Coastguard Worker printf("%s\n", proccon);
56*2d543d20SAndroid Build Coastguard Worker ret = 0;
57*2d543d20SAndroid Build Coastguard Worker } else {
58*2d543d20SAndroid Build Coastguard Worker perror(argv[0]);
59*2d543d20SAndroid Build Coastguard Worker }
60*2d543d20SAndroid Build Coastguard Worker
61*2d543d20SAndroid Build Coastguard Worker free(proccon);
62*2d543d20SAndroid Build Coastguard Worker free(con);
63*2d543d20SAndroid Build Coastguard Worker return ret;
64*2d543d20SAndroid Build Coastguard Worker }
65