From 45d8a085662f7689c0b6978cf2e33845f6095000 Mon Sep 17 00:00:00 2001 From: Laszlo Szekeres Date: Fri, 4 Mar 2016 20:33:06 -0500 Subject: Fix SELinux signatures in runtime The SELinux function signatures have changed between version 2.2 and 2.3. In particular, the type of the "security context" parameter was changed from char * to const char *, with the following patch: SELinuxProject/selinux@9eb9c9327563014ad6a807814e7975424642d5b9. Recent Linux distributions (e.g. Ubuntu 15.10) ship with the updated version of libselinux. This change makes the SELinux runtime compatible with the newer versions of the library by replacing security_context_t with its original char * definition and defining it as const only if the installed library does so. Whether the system uses const char * types is detected with the configure script. Fixes klee/klee#303. --- runtime/POSIX/selinux.c | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) (limited to 'runtime/POSIX') diff --git a/runtime/POSIX/selinux.c b/runtime/POSIX/selinux.c index 38acba6c..c07aa7d9 100644 --- a/runtime/POSIX/selinux.c +++ b/runtime/POSIX/selinux.c @@ -23,7 +23,7 @@ int exe_selinux = 1; /* NULL is the default policy behavior */ -security_context_t create_con = NULL; +KLEE_SELINUX_CTX_CONST char *create_con = NULL; int is_selinux_enabled() { @@ -33,13 +33,13 @@ int is_selinux_enabled() { /***/ -int getfscreatecon(security_context_t *context) { - *context = create_con; +int getfscreatecon(char **context) { + *context = (char *)create_con; return 0; } -int setfscreatecon(security_context_t context) { +int setfscreatecon(KLEE_SELINUX_CTX_CONST char *context) { if (context == NULL) { create_con = context; return 0; @@ -56,7 +56,7 @@ int setfscreatecon(security_context_t context) { /***/ -int setfilecon(const char *path, security_context_t con) { +int setfilecon(const char *path, KLEE_SELINUX_CTX_CONST char *con) { if (con) return 0; @@ -64,17 +64,17 @@ int setfilecon(const char *path, security_context_t con) { return -1; } -int lsetfilecon(const char *path, security_context_t con) { +int lsetfilecon(const char *path, KLEE_SELINUX_CTX_CONST char *con) { return setfilecon(path, con); } -int fsetfilecon(int fd, security_context_t con) { +int fsetfilecon(int fd, KLEE_SELINUX_CTX_CONST char *con) { return setfilecon("", con); } /***/ -void freecon(security_context_t con) {} -void freeconary(security_context_t *con) {} +void freecon(char *con) {} +void freeconary(char **con) {} #endif -- cgit 1.4.1