113cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle#include <unistd.h> 213cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle#include <sys/types.h> 313cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle#include <fcntl.h> 413cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle#include <stdlib.h> 513cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle#include <errno.h> 613cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle#include <string.h> 713cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle#include <stdio.h> 813cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle#include "selinux_internal.h" 913cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle#include "policy.h" 1013cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle#include <limits.h> 1113cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 129eb9c9327563014ad6a807814e7975424642d5b9Stephen Smalleyint security_check_context_raw(const char * con) 1313cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle{ 1413cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle char path[PATH_MAX]; 1513cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle int fd, ret; 1613cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 1713cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle if (!selinux_mnt) { 1813cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle errno = ENOENT; 1913cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle return -1; 2013cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle } 2113cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 2213cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle snprintf(path, sizeof path, "%s/context", selinux_mnt); 2313cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle fd = open(path, O_RDWR); 2413cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle if (fd < 0) 2513cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle return -1; 2613cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 2713cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle ret = write(fd, con, strlen(con) + 1); 2813cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle close(fd); 2913cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle if (ret < 0) 3013cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle return -1; 3113cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle return 0; 3213cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle} 3313cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 3413cd4c8960688af11ad23b4c946149015c80d54Joshua Brindlehidden_def(security_check_context_raw) 3513cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 369eb9c9327563014ad6a807814e7975424642d5b9Stephen Smalleyint security_check_context(const char * con) 3713cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle{ 3813cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle int ret; 399eb9c9327563014ad6a807814e7975424642d5b9Stephen Smalley char * rcon; 4013cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 4113cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle if (selinux_trans_to_raw_context(con, &rcon)) 4213cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle return -1; 4313cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 4413cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle ret = security_check_context_raw(rcon); 4513cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 4613cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle freecon(rcon); 4713cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 4813cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle return ret; 4913cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle} 5013cd4c8960688af11ad23b4c946149015c80d54Joshua Brindle 5113cd4c8960688af11ad23b4c946149015c80d54Joshua Brindlehidden_def(security_check_context) 52