apparmor/changehat/libapparmor/src/change_hat.c

/*   $Id: change_hat.c 13 2006-04-12 21:43:34Z steve-beattie $

     Copyright (c) 2003, 2004, 2005, 2006 Novell, Inc. (All rights reserved)

     The libapparmor library is licensed under the terms of the GNU
     Lesser General Public License, version 2.1. Please see the file
     COPYING.LGPL.

*/

#define _GNU_SOURCE	/* for asprintf */

#include <stdlib.h>
#include <stdio.h>
#include <string.h>
#include <unistd.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <sys/syscall.h>
#include <fcntl.h>
#include <errno.h>
#include <limits.h>

#define symbol_version(real, name, version) \
		__asm__ (".symver " #real "," #name "@" #version)
#define default_symbol_version(real, name, version) \
		__asm__ (".symver " #real "," #name "@@" #version)

int __change_hat(char *subprofile, unsigned int token)
{
	int rc = -1;
	int fd, ret, len = 0, ctlerr = 0;
	char *buf = NULL;
	const char *cmd = "changehat";
	char *ctl = NULL;
	pid_t tid = syscall(SYS_gettid);

	/* both may not be null */
	if (!(token || subprofile)) {
		errno = EINVAL;
		goto out;
	}

	if (subprofile && strnlen(subprofile, PATH_MAX + 1) > PATH_MAX) {
		errno = EPROTO;
		goto out;
	}

	len = asprintf(&buf, "%s %08x^%s", cmd, token,
		       subprofile ? subprofile : "");
	if (len < 0) {
		goto out;
	}

	ctlerr = asprintf(&ctl, "/proc/%d/attr/current", tid);
	if (ctlerr < 0) {
		goto out;
	}

	fd = open(ctl, O_WRONLY);
	if (fd == -1) {
		goto out;
	}

	ret = write(fd, buf, len);
	if (ret != len) {
		int saved;
		if (ret != -1) {
			errno = EPROTO;
		}
		saved = errno;
		(void)close(fd);
		errno = saved;
		goto out;
	}

	rc = 0;
	(void)close(fd);

out:
	if (buf) {
		/* clear local copy of magic token before freeing */
		memset(buf, '\0', len);
		free(buf);
	}
	if (ctl) {
		free(ctl);
	}
	return rc;
}

/* create an alias for the old change_hat@IMMUNIX_1.0 symbol */
extern typeof((__change_hat)) __old_change_hat __attribute__((alias ("__change_hat")));
symbol_version(__old_change_hat, change_hat, IMMUNIX_1.0);
default_symbol_version(__change_hat, change_hat, APPARMOR_1.0);
- Merged the library previously known as "libaalogparse" with libapparmor. - Moved the old libapparmor library to libapparmor-deprecated. 2007-07-28 15:41:04 +00:00			`/* $Id: change_hat.c 13 2006-04-12 21:43:34Z steve-beattie $`

			`Copyright (c) 2003, 2004, 2005, 2006 Novell, Inc. (All rights reserved)`

			`The libapparmor library is licensed under the terms of the GNU`
			`Lesser General Public License, version 2.1. Please see the file`
			`COPYING.LGPL.`

			`*/`

			`#define _GNU_SOURCE /* for asprintf */`

			`#include <stdlib.h>`
			`#include <stdio.h>`
			`#include <string.h>`
			`#include <unistd.h>`
			`#include <sys/types.h>`
			`#include <sys/stat.h>`
			`#include <sys/syscall.h>`
			`#include <fcntl.h>`
			`#include <errno.h>`
			`#include <limits.h>`

Fix braindead symbol versioning issue where applications that linked against libapparmor::change_hat would be linking against change_hat@IMMUNIX_1.0 rather than change_hat@APPARMOR_1.0 (the preferred version). Remove -module to prevent linking portability warning when building mod_apparmor. Use RPM_OPT_FLAGS for CFLAGS when building rpms. 2007-08-16 04:19:54 +00:00			`#define symbol_version(real, name, version) \`
			`__asm__ (".symver " #real "," #name "@" #version)`
			`#define default_symbol_version(real, name, version) \`
			`__asm__ (".symver " #real "," #name "@@" #version)`

			`int __change_hat(char *subprofile, unsigned int token)`
- Merged the library previously known as "libaalogparse" with libapparmor. - Moved the old libapparmor library to libapparmor-deprecated. 2007-07-28 15:41:04 +00:00			`{`
			`int rc = -1;`
			`int fd, ret, len = 0, ctlerr = 0;`
			`char *buf = NULL;`
			`const char *cmd = "changehat";`
			`char *ctl = NULL;`
			`pid_t tid = syscall(SYS_gettid);`

			`/* both may not be null */`
			`if (!(token \|\| subprofile)) {`
			`errno = EINVAL;`
			`goto out;`
			`}`

			`if (subprofile && strnlen(subprofile, PATH_MAX + 1) > PATH_MAX) {`
			`errno = EPROTO;`
			`goto out;`
			`}`

			`len = asprintf(&buf, "%s %08x^%s", cmd, token,`
			`subprofile ? subprofile : "");`
			`if (len < 0) {`
			`goto out;`
			`}`

			`ctlerr = asprintf(&ctl, "/proc/%d/attr/current", tid);`
			`if (ctlerr < 0) {`
			`goto out;`
			`}`

			`fd = open(ctl, O_WRONLY);`
			`if (fd == -1) {`
			`goto out;`
			`}`

			`ret = write(fd, buf, len);`
			`if (ret != len) {`
			`int saved;`
			`if (ret != -1) {`
			`errno = EPROTO;`
			`}`
			`saved = errno;`
			`(void)close(fd);`
			`errno = saved;`
			`goto out;`
			`}`

			`rc = 0;`
			`(void)close(fd);`

			`out:`
			`if (buf) {`
			`/* clear local copy of magic token before freeing */`
			`memset(buf, '\0', len);`
			`free(buf);`
			`}`
			`if (ctl) {`
			`free(ctl);`
			`}`
			`return rc;`
			`}`
Fix braindead symbol versioning issue where applications that linked against libapparmor::change_hat would be linking against change_hat@IMMUNIX_1.0 rather than change_hat@APPARMOR_1.0 (the preferred version). Remove -module to prevent linking portability warning when building mod_apparmor. Use RPM_OPT_FLAGS for CFLAGS when building rpms. 2007-08-16 04:19:54 +00:00
			`/* create an alias for the old change_hat@IMMUNIX_1.0 symbol */`
			`extern typeof((__change_hat)) __old_change_hat __attribute__((alias ("__change_hat")));`
			`symbol_version(__old_change_hat, change_hat, IMMUNIX_1.0);`
			`default_symbol_version(__change_hat, change_hat, APPARMOR_1.0);`