16cd6a6acSopenharmony_ci#include <unistd.h> 26cd6a6acSopenharmony_ci#include <sys/types.h> 36cd6a6acSopenharmony_ci#include <fcntl.h> 46cd6a6acSopenharmony_ci#include <stdlib.h> 56cd6a6acSopenharmony_ci#include <errno.h> 66cd6a6acSopenharmony_ci#include <string.h> 76cd6a6acSopenharmony_ci#include <stdio.h> 86cd6a6acSopenharmony_ci#include "selinux_internal.h" 96cd6a6acSopenharmony_ci#include "policy.h" 106cd6a6acSopenharmony_ci#include <limits.h> 116cd6a6acSopenharmony_ci 126cd6a6acSopenharmony_ciint security_check_context_raw(const char * con) 136cd6a6acSopenharmony_ci{ 146cd6a6acSopenharmony_ci char path[PATH_MAX]; 156cd6a6acSopenharmony_ci int fd, ret; 166cd6a6acSopenharmony_ci 176cd6a6acSopenharmony_ci if (!selinux_mnt) { 186cd6a6acSopenharmony_ci errno = ENOENT; 196cd6a6acSopenharmony_ci return -1; 206cd6a6acSopenharmony_ci } 216cd6a6acSopenharmony_ci 226cd6a6acSopenharmony_ci snprintf(path, sizeof path, "%s/context", selinux_mnt); 236cd6a6acSopenharmony_ci fd = open(path, O_RDWR | O_CLOEXEC); 246cd6a6acSopenharmony_ci if (fd < 0) 256cd6a6acSopenharmony_ci return -1; 266cd6a6acSopenharmony_ci 276cd6a6acSopenharmony_ci ret = write(fd, con, strlen(con) + 1); 286cd6a6acSopenharmony_ci close(fd); 296cd6a6acSopenharmony_ci if (ret < 0) 306cd6a6acSopenharmony_ci return -1; 316cd6a6acSopenharmony_ci return 0; 326cd6a6acSopenharmony_ci} 336cd6a6acSopenharmony_ci 346cd6a6acSopenharmony_ci 356cd6a6acSopenharmony_ciint security_check_context(const char * con) 366cd6a6acSopenharmony_ci{ 376cd6a6acSopenharmony_ci int ret; 386cd6a6acSopenharmony_ci char * rcon; 396cd6a6acSopenharmony_ci 406cd6a6acSopenharmony_ci if (selinux_trans_to_raw_context(con, &rcon)) 416cd6a6acSopenharmony_ci return -1; 426cd6a6acSopenharmony_ci 436cd6a6acSopenharmony_ci ret = security_check_context_raw(rcon); 446cd6a6acSopenharmony_ci 456cd6a6acSopenharmony_ci freecon(rcon); 466cd6a6acSopenharmony_ci 476cd6a6acSopenharmony_ci return ret; 486cd6a6acSopenharmony_ci} 496cd6a6acSopenharmony_ci 50