diff options
| author | Daan De Meyer <daan.j.demeyer@gmail.com> | 2022-12-22 14:28:27 +0100 |
|---|---|---|
| committer | Daan De Meyer <daan.j.demeyer@gmail.com> | 2023-02-20 12:45:43 +0100 |
| commit | 9dcb8923ccfc1cfaac3a0ca6f2b632e1fca560ce (patch) | |
| tree | 5dada3ec84a210243b6b65414819696b9ca8e8ef /src | |
| parent | tmpfile-util-label: Add fopen_temporary_at_label() (diff) | |
| download | systemd-9dcb8923ccfc1cfaac3a0ca6f2b632e1fca560ce.tar.xz systemd-9dcb8923ccfc1cfaac3a0ca6f2b632e1fca560ce.zip | |
smack-util: Add renameat_and_apply_smack_floor_label()
Also add mac_smack_apply_at() as its a requirement for
renameat_and_apply_smack_floor_label().
Diffstat (limited to '')
| -rw-r--r-- | src/shared/smack-util.c | 22 | ||||
| -rw-r--r-- | src/shared/smack-util.h | 10 |
2 files changed, 19 insertions, 13 deletions
diff --git a/src/shared/smack-util.c b/src/shared/smack-util.c index b3b5c905ad..60fd24c0ba 100644 --- a/src/shared/smack-util.c +++ b/src/shared/smack-util.c @@ -67,8 +67,8 @@ int mac_smack_read_fd(int fd, SmackAttr attr, char **label) { return fgetxattr_malloc(fd, smack_attr_to_string(attr), label); } -int mac_smack_apply(const char *path, SmackAttr attr, const char *label) { - int r; +int mac_smack_apply_at(int dir_fd, const char *path, SmackAttr attr, const char *label) { + _cleanup_close_ int fd = -EBADF; assert(path); assert(attr >= 0 && attr < _SMACK_ATTR_MAX); @@ -76,14 +76,11 @@ int mac_smack_apply(const char *path, SmackAttr attr, const char *label) { if (!mac_smack_use()) return 0; - if (label) - r = lsetxattr(path, smack_attr_to_string(attr), label, strlen(label), 0); - else - r = lremovexattr(path, smack_attr_to_string(attr)); - if (r < 0) + fd = openat(dir_fd, path, O_PATH|O_CLOEXEC|O_NOFOLLOW); + if (fd < 0) return -errno; - return 0; + return mac_smack_apply_fd(fd, attr, label); } int mac_smack_apply_fd(int fd, SmackAttr attr, const char *label) { @@ -277,13 +274,16 @@ int mac_smack_copy(const char *dest, const char *src) { } #endif -int rename_and_apply_smack_floor_label(const char *from, const char *to) { +int renameat_and_apply_smack_floor_label(int fdf, const char *from, int fdt, const char *to) { + + assert(fdf >= 0 || fdf == AT_FDCWD); + assert(fdt >= 0 || fdt == AT_FDCWD); - if (rename(from, to) < 0) + if (renameat(fdf, from, fdt, to) < 0) return -errno; #if HAVE_SMACK_RUN_LABEL - return mac_smack_apply(to, SMACK_ATTR_ACCESS, SMACK_FLOOR_LABEL); + return mac_smack_apply_at(fdt, to, SMACK_ATTR_ACCESS, SMACK_FLOOR_LABEL); #else return 0; #endif diff --git a/src/shared/smack-util.h b/src/shared/smack-util.h index da8be5e6f0..17b31c6c25 100644 --- a/src/shared/smack-util.h +++ b/src/shared/smack-util.h @@ -38,9 +38,15 @@ const char* smack_attr_to_string(SmackAttr i) _const_; SmackAttr smack_attr_from_string(const char *s) _pure_; int mac_smack_read(const char *path, SmackAttr attr, char **label); int mac_smack_read_fd(int fd, SmackAttr attr, char **label); -int mac_smack_apply(const char *path, SmackAttr attr, const char *label); +int mac_smack_apply_at(int dir_fd, const char *path, SmackAttr attr, const char *label); +static inline int mac_smack_apply(const char *path, SmackAttr attr, const char *label) { + return mac_smack_apply_at(AT_FDCWD, path, attr, label); +} int mac_smack_apply_fd(int fd, SmackAttr attr, const char *label); int mac_smack_apply_pid(pid_t pid, const char *label); int mac_smack_copy(const char *dest, const char *src); -int rename_and_apply_smack_floor_label(const char *temp_path, const char *dest_path); +int renameat_and_apply_smack_floor_label(int fdf, const char *from, int fdt, const char *to); +static inline int rename_and_apply_smack_floor_label(const char *from, const char *to) { + return renameat_and_apply_smack_floor_label(AT_FDCWD, from, AT_FDCWD, to); +} |