diff options
| author | Daniel Dunbar <daniel@zuster.org> | 2009-05-21 04:36:41 +0000 |
|---|---|---|
| committer | Daniel Dunbar <daniel@zuster.org> | 2009-05-21 04:36:41 +0000 |
| commit | 6f290d8f9e9d7faac295cb51fc96884a18f4ded4 (patch) | |
| tree | 46e7d426abc0c9f06ac472ac6f7f9e661b5d78cb /runtime/POSIX/selinux.c | |
| parent | a55960edd4dcd7535526de8d2277642522aa0209 (diff) | |
| download | klee-6f290d8f9e9d7faac295cb51fc96884a18f4ded4.tar.gz | |
Initial KLEE checkin.
- Lots more tweaks, documentation, and web page content is needed, but this should compile & work on OS X & Linux. git-svn-id: https://llvm.org/svn/llvm-project/klee/trunk@72205 91177308-0d34-0410-b5e6-96231b3b80d8
Diffstat (limited to 'runtime/POSIX/selinux.c')
| -rw-r--r-- | runtime/POSIX/selinux.c | 80 |
1 files changed, 80 insertions, 0 deletions
diff --git a/runtime/POSIX/selinux.c b/runtime/POSIX/selinux.c new file mode 100644 index 00000000..38acba6c --- /dev/null +++ b/runtime/POSIX/selinux.c @@ -0,0 +1,80 @@ +//===-- selinux.c ---------------------------------------------------------===// +// +// The KLEE Symbolic Virtual Machine +// +// This file is distributed under the University of Illinois Open Source +// License. See LICENSE.TXT for details. +// +//===----------------------------------------------------------------------===// + +/* Very basic SELinux support */ + +#include "klee/Config/config.h" + +#ifdef HAVE_SELINUX_SELINUX_H + +#include "klee/klee.h" + +#include <selinux/selinux.h> +#include <stdlib.h> +#include <errno.h> + +/* for now, assume we run on an SELinux machine */ +int exe_selinux = 1; + +/* NULL is the default policy behavior */ +security_context_t create_con = NULL; + + +int is_selinux_enabled() { + return exe_selinux; +} + + +/***/ + +int getfscreatecon(security_context_t *context) { + *context = create_con; + return 0; +} + + +int setfscreatecon(security_context_t context) { + if (context == NULL) { + create_con = context; + return 0; + } + + /* on my machine, setfscreatecon seems to incorrectly accept one + char strings.. Also, make sure mcstrans > 0.2.8 for replay + (important bug fixed) */ + if (context[0] != '\0' && context[1] == '\0') + klee_silent_exit(1); + + return -1; +} + +/***/ + +int setfilecon(const char *path, security_context_t con) { + if (con) + return 0; + + errno = ENOSPC; + return -1; +} + +int lsetfilecon(const char *path, security_context_t con) { + return setfilecon(path, con); +} + +int fsetfilecon(int fd, security_context_t con) { + return setfilecon("", con); +} + +/***/ + +void freecon(security_context_t con) {} +void freeconary(security_context_t *con) {} + +#endif |