diff options
| author | Laszlo Szekeres <inbox@lszekeres.com> | 2016-03-04 20:33:06 -0500 |
|---|---|---|
| committer | Laszlo Szekeres <inbox@lszekeres.com> | 2016-03-05 19:11:33 -0500 |
| commit | 45d8a085662f7689c0b6978cf2e33845f6095000 (patch) | |
| tree | abc0a627026a33ccbf6e2bfa58613edd8969debf /runtime | |
| parent | f244db54bfc37f5cc1d831f54c74e818e69bd28c (diff) | |
| download | klee-45d8a085662f7689c0b6978cf2e33845f6095000.tar.gz | |
Fix SELinux signatures in runtime
The SELinux function signatures have changed between version 2.2 and 2.3. In particular, the type of the "security context" parameter was changed from char * to const char *, with the following patch: SELinuxProject/selinux@9eb9c9327563014ad6a807814e7975424642d5b9. Recent Linux distributions (e.g. Ubuntu 15.10) ship with the updated version of libselinux. This change makes the SELinux runtime compatible with the newer versions of the library by replacing security_context_t with its original char * definition and defining it as const only if the installed library does so. Whether the system uses const char * types is detected with the configure script. Fixes klee/klee#303.
Diffstat (limited to 'runtime')
| -rw-r--r-- | runtime/POSIX/selinux.c | 18 |
1 files changed, 9 insertions, 9 deletions
diff --git a/runtime/POSIX/selinux.c b/runtime/POSIX/selinux.c index 38acba6c..c07aa7d9 100644 --- a/runtime/POSIX/selinux.c +++ b/runtime/POSIX/selinux.c @@ -23,7 +23,7 @@ int exe_selinux = 1; /* NULL is the default policy behavior */ -security_context_t create_con = NULL; +KLEE_SELINUX_CTX_CONST char *create_con = NULL; int is_selinux_enabled() { @@ -33,13 +33,13 @@ int is_selinux_enabled() { /***/ -int getfscreatecon(security_context_t *context) { - *context = create_con; +int getfscreatecon(char **context) { + *context = (char *)create_con; return 0; } -int setfscreatecon(security_context_t context) { +int setfscreatecon(KLEE_SELINUX_CTX_CONST char *context) { if (context == NULL) { create_con = context; return 0; @@ -56,7 +56,7 @@ int setfscreatecon(security_context_t context) { /***/ -int setfilecon(const char *path, security_context_t con) { +int setfilecon(const char *path, KLEE_SELINUX_CTX_CONST char *con) { if (con) return 0; @@ -64,17 +64,17 @@ int setfilecon(const char *path, security_context_t con) { return -1; } -int lsetfilecon(const char *path, security_context_t con) { +int lsetfilecon(const char *path, KLEE_SELINUX_CTX_CONST char *con) { return setfilecon(path, con); } -int fsetfilecon(int fd, security_context_t con) { +int fsetfilecon(int fd, KLEE_SELINUX_CTX_CONST char *con) { return setfilecon("", con); } /***/ -void freecon(security_context_t con) {} -void freeconary(security_context_t *con) {} +void freecon(char *con) {} +void freeconary(char **con) {} #endif |