16cd6a6acSopenharmony_ci#include <unistd.h> 26cd6a6acSopenharmony_ci#include <fcntl.h> 36cd6a6acSopenharmony_ci#include <string.h> 46cd6a6acSopenharmony_ci#include "selinux_internal.h" 56cd6a6acSopenharmony_ci#include <stdlib.h> 66cd6a6acSopenharmony_ci#include <errno.h> 76cd6a6acSopenharmony_ci#include <limits.h> 86cd6a6acSopenharmony_ci#include <stdio.h> 96cd6a6acSopenharmony_ci#include "policy.h" 106cd6a6acSopenharmony_ci 116cd6a6acSopenharmony_ciint is_selinux_enabled(void) 126cd6a6acSopenharmony_ci{ 136cd6a6acSopenharmony_ci /* init_selinuxmnt() gets called before this function. We 146cd6a6acSopenharmony_ci * will assume that if a selinux file system is mounted, then 156cd6a6acSopenharmony_ci * selinux is enabled. */ 166cd6a6acSopenharmony_ci#ifdef ANDROID 176cd6a6acSopenharmony_ci return (selinux_mnt ? 1 : 0); 186cd6a6acSopenharmony_ci#else 196cd6a6acSopenharmony_ci return (selinux_mnt && has_selinux_config); 206cd6a6acSopenharmony_ci#endif 216cd6a6acSopenharmony_ci} 226cd6a6acSopenharmony_ci 236cd6a6acSopenharmony_ci 246cd6a6acSopenharmony_ci/* 256cd6a6acSopenharmony_ci * Function: is_selinux_mls_enabled() 266cd6a6acSopenharmony_ci * Return: 1 on success 276cd6a6acSopenharmony_ci * 0 on failure 286cd6a6acSopenharmony_ci */ 296cd6a6acSopenharmony_ciint is_selinux_mls_enabled(void) 306cd6a6acSopenharmony_ci{ 316cd6a6acSopenharmony_ci char buf[20], path[PATH_MAX]; 326cd6a6acSopenharmony_ci int fd, ret, enabled = 0; 336cd6a6acSopenharmony_ci 346cd6a6acSopenharmony_ci if (!selinux_mnt) 356cd6a6acSopenharmony_ci return enabled; 366cd6a6acSopenharmony_ci 376cd6a6acSopenharmony_ci snprintf(path, sizeof path, "%s/mls", selinux_mnt); 386cd6a6acSopenharmony_ci fd = open(path, O_RDONLY | O_CLOEXEC); 396cd6a6acSopenharmony_ci if (fd < 0) 406cd6a6acSopenharmony_ci return enabled; 416cd6a6acSopenharmony_ci 426cd6a6acSopenharmony_ci memset(buf, 0, sizeof buf); 436cd6a6acSopenharmony_ci 446cd6a6acSopenharmony_ci do { 456cd6a6acSopenharmony_ci ret = read(fd, buf, sizeof buf - 1); 466cd6a6acSopenharmony_ci } while (ret < 0 && errno == EINTR); 476cd6a6acSopenharmony_ci close(fd); 486cd6a6acSopenharmony_ci if (ret < 0) 496cd6a6acSopenharmony_ci return enabled; 506cd6a6acSopenharmony_ci 516cd6a6acSopenharmony_ci if (!strcmp(buf, "1")) 526cd6a6acSopenharmony_ci enabled = 1; 536cd6a6acSopenharmony_ci 546cd6a6acSopenharmony_ci return enabled; 556cd6a6acSopenharmony_ci} 566cd6a6acSopenharmony_ci 57