diff options
| author | Lennart Poettering <lennart@poettering.net> | 2021-11-12 15:13:37 +0100 |
|---|---|---|
| committer | Lennart Poettering <lennart@poettering.net> | 2021-11-16 17:02:03 +0100 |
| commit | fc0f4d602429d5080df86af68e9aafa593572962 (patch) | |
| tree | 242ca377f8883e0845d8698f746be4ed75bdf405 | |
| parent | d1cd465e21eb3fd100819378e906483dded1ce71 (diff) | |
| download | systemd-fc0f4d602429d5080df86af68e9aafa593572962.tar.gz | |
selinux: make mac_selinux_create_file_prepare() at wrapper around _at()
Let's make sure mac_selinux_create_file_prepare_at() works fine with
AT_FDCWD, and then make mac_selinux_create_file_prepare() just a inline
wrapper around it.
| -rw-r--r-- | src/shared/selinux-util.c | 38 | ||||
| -rw-r--r-- | src/shared/selinux-util.h | 5 |
2 files changed, 15 insertions, 28 deletions
diff --git a/src/shared/selinux-util.c b/src/shared/selinux-util.c index 5745fe09a2..a1359a5bfd 100644 --- a/src/shared/selinux-util.c +++ b/src/shared/selinux-util.c @@ -497,25 +497,30 @@ static int selinux_create_file_prepare_abspath(const char *abspath, mode_t mode) } #endif -int mac_selinux_create_file_prepare_at(int dirfd, const char *path, mode_t mode) { +int mac_selinux_create_file_prepare_at( + int dir_fd, + const char *path, + mode_t mode) { + #if HAVE_SELINUX _cleanup_free_ char *abspath = NULL; int r; - assert(path); + if (dir_fd < 0 && dir_fd != AT_FDCWD) + return -EBADF; if (!label_hnd) return 0; - if (!path_is_absolute(path)) { - if (dirfd == AT_FDCWD) + if (isempty(path) || !path_is_absolute(path)) { + if (dir_fd == AT_FDCWD) r = safe_getcwd(&abspath); else - r = fd_get_path(dirfd, &abspath); + r = fd_get_path(dir_fd, &abspath); if (r < 0) return r; - if (!path_extend(&abspath, path)) + if (!isempty(path) && !path_extend(&abspath, path)) return -ENOMEM; path = abspath; @@ -527,27 +532,6 @@ int mac_selinux_create_file_prepare_at(int dirfd, const char *path, mode_t mode) #endif } -int mac_selinux_create_file_prepare(const char *path, mode_t mode) { -#if HAVE_SELINUX - int r; - - _cleanup_free_ char *abspath = NULL; - - assert(path); - - if (!label_hnd) - return 0; - - r = path_make_absolute_cwd(path, &abspath); - if (r < 0) - return r; - - return selinux_create_file_prepare_abspath(abspath, mode); -#else - return 0; -#endif -} - int mac_selinux_create_file_prepare_label(const char *path, const char *label) { #if HAVE_SELINUX diff --git a/src/shared/selinux-util.h b/src/shared/selinux-util.h index 4147a3ad50..a9ddbfc653 100644 --- a/src/shared/selinux-util.h +++ b/src/shared/selinux-util.h @@ -1,6 +1,7 @@ /* SPDX-License-Identifier: LGPL-2.1-or-later */ #pragma once +#include <fcntl.h> #include <stdbool.h> #include <sys/socket.h> #include <sys/types.h> @@ -41,8 +42,10 @@ int mac_selinux_get_our_label(char **label); int mac_selinux_get_child_mls_label(int socket_fd, const char *exe, const char *exec_label, char **label); char* mac_selinux_free(char *label); -int mac_selinux_create_file_prepare(const char *path, mode_t mode); int mac_selinux_create_file_prepare_at(int dirfd, const char *path, mode_t mode); +static inline int mac_selinux_create_file_prepare(const char *path, mode_t mode) { + return mac_selinux_create_file_prepare_at(AT_FDCWD, path, mode); +} int mac_selinux_create_file_prepare_label(const char *path, const char *label); void mac_selinux_create_file_clear(void); |