blob: 38acba6c26a1a4007fe041618dbd841b1382efd2 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
|
//===-- selinux.c ---------------------------------------------------------===//
//
// The KLEE Symbolic Virtual Machine
//
// This file is distributed under the University of Illinois Open Source
// License. See LICENSE.TXT for details.
//
//===----------------------------------------------------------------------===//
/* Very basic SELinux support */
#include "klee/Config/config.h"
#ifdef HAVE_SELINUX_SELINUX_H
#include "klee/klee.h"
#include <selinux/selinux.h>
#include <stdlib.h>
#include <errno.h>
/* for now, assume we run on an SELinux machine */
int exe_selinux = 1;
/* NULL is the default policy behavior */
security_context_t create_con = NULL;
int is_selinux_enabled() {
return exe_selinux;
}
/***/
int getfscreatecon(security_context_t *context) {
*context = create_con;
return 0;
}
int setfscreatecon(security_context_t context) {
if (context == NULL) {
create_con = context;
return 0;
}
/* on my machine, setfscreatecon seems to incorrectly accept one
char strings.. Also, make sure mcstrans > 0.2.8 for replay
(important bug fixed) */
if (context[0] != '\0' && context[1] == '\0')
klee_silent_exit(1);
return -1;
}
/***/
int setfilecon(const char *path, security_context_t con) {
if (con)
return 0;
errno = ENOSPC;
return -1;
}
int lsetfilecon(const char *path, security_context_t con) {
return setfilecon(path, con);
}
int fsetfilecon(int fd, security_context_t con) {
return setfilecon("", con);
}
/***/
void freecon(security_context_t con) {}
void freeconary(security_context_t *con) {}
#endif
|
