about summary refs log tree commit diff homepage
path: root/runtime/POSIX/selinux.c
diff options
context:
space:
mode:
authorLaszlo Szekeres <inbox@lszekeres.com>2016-03-04 20:33:06 -0500
committerLaszlo Szekeres <inbox@lszekeres.com>2016-03-05 19:11:33 -0500
commit45d8a085662f7689c0b6978cf2e33845f6095000 (patch)
treeabc0a627026a33ccbf6e2bfa58613edd8969debf /runtime/POSIX/selinux.c
parentf244db54bfc37f5cc1d831f54c74e818e69bd28c (diff)
downloadklee-45d8a085662f7689c0b6978cf2e33845f6095000.tar.gz
Fix SELinux signatures in runtime
The SELinux function signatures have changed between version 2.2 and
2.3. In particular, the type of the "security context" parameter was
changed from char * to const char *, with the following patch:
SELinuxProject/selinux@9eb9c9327563014ad6a807814e7975424642d5b9.

Recent Linux distributions (e.g. Ubuntu 15.10) ship with the updated
version of libselinux. This change makes the SELinux runtime compatible
with the newer versions of the library by replacing security_context_t
with its original char * definition and defining it as const only if the
installed library does so. Whether the system uses const char * types is
detected with the configure script.

Fixes klee/klee#303.
Diffstat (limited to 'runtime/POSIX/selinux.c')
-rw-r--r--runtime/POSIX/selinux.c18
1 files changed, 9 insertions, 9 deletions
diff --git a/runtime/POSIX/selinux.c b/runtime/POSIX/selinux.c
index 38acba6c..c07aa7d9 100644
--- a/runtime/POSIX/selinux.c
+++ b/runtime/POSIX/selinux.c
@@ -23,7 +23,7 @@
 int exe_selinux = 1;
 
 /* NULL is the default policy behavior */
-security_context_t create_con = NULL;
+KLEE_SELINUX_CTX_CONST char *create_con = NULL;
 
 
 int is_selinux_enabled() {
@@ -33,13 +33,13 @@ int is_selinux_enabled() {
 
 /***/
 
-int getfscreatecon(security_context_t *context) {
-  *context = create_con;
+int getfscreatecon(char **context) {
+  *context = (char *)create_con;
   return 0;
 }
 
 
-int setfscreatecon(security_context_t context) {
+int setfscreatecon(KLEE_SELINUX_CTX_CONST char *context) {
   if (context == NULL) {
     create_con = context;
     return 0;
@@ -56,7 +56,7 @@ int setfscreatecon(security_context_t context) {
 
 /***/
 
-int setfilecon(const char *path, security_context_t con) {
+int setfilecon(const char *path, KLEE_SELINUX_CTX_CONST char *con) {
   if (con)
     return 0;
   
@@ -64,17 +64,17 @@ int setfilecon(const char *path, security_context_t con) {
   return -1;  
 }
 
-int lsetfilecon(const char *path, security_context_t con) {
+int lsetfilecon(const char *path, KLEE_SELINUX_CTX_CONST char *con) {
   return setfilecon(path, con);
 }
 
-int fsetfilecon(int fd, security_context_t con) {
+int fsetfilecon(int fd, KLEE_SELINUX_CTX_CONST char *con) {
   return setfilecon("", con);
 }
 
 /***/
 
-void freecon(security_context_t con) {}
-void freeconary(security_context_t *con) {}
+void freecon(char *con) {}
+void freeconary(char **con) {}
 
 #endif