1
2
3
4
5
6#if CFG_TOYBOX_SELINUX
7#include <selinux/selinux.h>
8#else
9#define is_selinux_enabled() 0
10#define setfscreatecon(...) (-1)
11#define getcon(...) (-1)
12#define getfilecon(...) (-1)
13#define lgetfilecon(...) (-1)
14#define fgetfilecon(...) (-1)
15#define setfilecon(...) (-1)
16#define lsetfilecon(...) (-1)
17#define fsetfilecon(...) (-1)
18#endif
19
20#if CFG_TOYBOX_SMACK
21#include <sys/smack.h>
22#include <linux/xattr.h>
23#else
24#ifndef XATTR_NAME_SMACK
25#define XATTR_NAME_SMACK 0
26#endif
27#define smack_smackfs_path(...) (-1)
28#define smack_new_label_from_self(...) (-1)
29#define smack_new_label_from_path(...) (-1)
30#define smack_new_label_from_file(...) (-1)
31#define smack_set_label_for_self(...) (-1)
32#define smack_set_label_for_path(...) (-1)
33#define smack_set_label_for_file(...) (-1)
34#endif
35
36
37static inline int lsm_enabled(void)
38{
39 if (CFG_TOYBOX_SMACK) return !!smack_smackfs_path();
40 else return is_selinux_enabled() == 1;
41}
42
43static inline char *lsm_name(void)
44{
45 if (CFG_TOYBOX_SMACK) return "Smack";
46 if (CFG_TOYBOX_SELINUX) return "SELinux";
47
48 return "LSM";
49}
50
51
52static inline char *lsm_context(void)
53{
54 int ok = 0;
55 char *result = 0;
56
57 if (CFG_TOYBOX_SMACK) ok = smack_new_label_from_self(&result) > 0;
58 else ok = getcon(&result) == 0;
59
60 return ok ? result : strdup("?");
61}
62
63
64static inline int lsm_set_create(char *context)
65{
66 if (CFG_TOYBOX_SMACK) return smack_set_label_for_self(context);
67 else return setfscreatecon(context);
68}
69
70
71static inline int lsm_set_context(char *filename, char *context)
72{
73 if (CFG_TOYBOX_SMACK)
74 return smack_set_label_for_path(filename, XATTR_NAME_SMACK, 1, context);
75 else return setfilecon(filename, context);
76}
77
78
79static inline int lsm_lset_context(char *filename, char *context)
80{
81 if (CFG_TOYBOX_SMACK)
82 return smack_set_label_for_path(filename, XATTR_NAME_SMACK, 0, context);
83 else return lsetfilecon(filename, context);
84}
85
86
87static inline int lsm_fset_context(int file, char *context)
88{
89 if (CFG_TOYBOX_SMACK)
90 return smack_set_label_for_file(file, XATTR_NAME_SMACK, context);
91 else return fsetfilecon(file, context);
92}
93
94
95
96static inline int lsm_get_context(char *filename, char **context)
97{
98 if (CFG_TOYBOX_SMACK)
99 return smack_new_label_from_path(filename, XATTR_NAME_SMACK, 1, context);
100 else return getfilecon(filename, context);
101}
102
103static inline int lsm_lget_context(char *filename, char **context)
104{
105 if (CFG_TOYBOX_SMACK)
106 return smack_new_label_from_path(filename, XATTR_NAME_SMACK, 0, context);
107 else return lgetfilecon(filename, context);
108}
109
110static inline int lsm_fget_context(int file, char **context)
111{
112 if (CFG_TOYBOX_SMACK)
113 return smack_new_label_from_file(file, XATTR_NAME_SMACK, context);
114 return fgetfilecon(file, context);
115}
116