toys/android/load_policy.c

*cf5a6c84SAndroid Build Coastguard Worker/* load_policy.c - Load an SELinux policy file
*cf5a6c84SAndroid Build Coastguard Worker *
*cf5a6c84SAndroid Build Coastguard Worker * Copyright 2015 The Android Open Source Project
*cf5a6c84SAndroid Build Coastguard Worker
*cf5a6c84SAndroid Build Coastguard WorkerUSE_LOAD_POLICY(NEWTOY(load_policy, "<1>1", TOYFLAG_USR|TOYFLAG_SBIN))
*cf5a6c84SAndroid Build Coastguard Worker
*cf5a6c84SAndroid Build Coastguard Workerconfig LOAD_POLICY
*cf5a6c84SAndroid Build Coastguard Worker  bool "load_policy"
*cf5a6c84SAndroid Build Coastguard Worker  depends on TOYBOX_SELINUX
*cf5a6c84SAndroid Build Coastguard Worker  default y
*cf5a6c84SAndroid Build Coastguard Worker  help
*cf5a6c84SAndroid Build Coastguard Worker    usage: load_policy FILE
*cf5a6c84SAndroid Build Coastguard Worker
*cf5a6c84SAndroid Build Coastguard Worker    Load the specified SELinux policy file.
*cf5a6c84SAndroid Build Coastguard Worker*/
*cf5a6c84SAndroid Build Coastguard Worker
*cf5a6c84SAndroid Build Coastguard Worker#define FOR_load_policy
*cf5a6c84SAndroid Build Coastguard Worker#include "toys.h"
*cf5a6c84SAndroid Build Coastguard Worker
*cf5a6c84SAndroid Build Coastguard Workervoid load_policy_main(void)
*cf5a6c84SAndroid Build Coastguard Worker{
*cf5a6c84SAndroid Build Coastguard Worker  int fd = xopenro(*toys.optargs);
*cf5a6c84SAndroid Build Coastguard Worker  off_t policy_len = fdlength(fd);
*cf5a6c84SAndroid Build Coastguard Worker  char *policy_data = xmmap(0, policy_len, PROT_READ, MAP_PRIVATE, fd, 0);
*cf5a6c84SAndroid Build Coastguard Worker
*cf5a6c84SAndroid Build Coastguard Worker  close(fd);
*cf5a6c84SAndroid Build Coastguard Worker  if (security_load_policy(policy_data, policy_len) < 0)
*cf5a6c84SAndroid Build Coastguard Worker    perror_exit("security_load_policy %s", *toys.optargs);
*cf5a6c84SAndroid Build Coastguard Worker
*cf5a6c84SAndroid Build Coastguard Worker  munmap(policy_data, policy_len);
*cf5a6c84SAndroid Build Coastguard Worker}