1*2d543d20SAndroid Build Coastguard Worker /*
2*2d543d20SAndroid Build Coastguard Worker * Author: Karl MacMillan <[email protected]>
3*2d543d20SAndroid Build Coastguard Worker *
4*2d543d20SAndroid Build Coastguard Worker * Modified:
5*2d543d20SAndroid Build Coastguard Worker * Dan Walsh <[email protected]> - Added security_load_booleans().
6*2d543d20SAndroid Build Coastguard Worker */
7*2d543d20SAndroid Build Coastguard Worker
8*2d543d20SAndroid Build Coastguard Worker #ifndef DISABLE_BOOL
9*2d543d20SAndroid Build Coastguard Worker
10*2d543d20SAndroid Build Coastguard Worker #include <sys/types.h>
11*2d543d20SAndroid Build Coastguard Worker #include <sys/stat.h>
12*2d543d20SAndroid Build Coastguard Worker #include <fcntl.h>
13*2d543d20SAndroid Build Coastguard Worker #include <stdlib.h>
14*2d543d20SAndroid Build Coastguard Worker #include <dirent.h>
15*2d543d20SAndroid Build Coastguard Worker #include <string.h>
16*2d543d20SAndroid Build Coastguard Worker #include <stdio.h>
17*2d543d20SAndroid Build Coastguard Worker #include <stdio_ext.h>
18*2d543d20SAndroid Build Coastguard Worker #include <unistd.h>
19*2d543d20SAndroid Build Coastguard Worker #include <fnmatch.h>
20*2d543d20SAndroid Build Coastguard Worker #include <limits.h>
21*2d543d20SAndroid Build Coastguard Worker #include <ctype.h>
22*2d543d20SAndroid Build Coastguard Worker #include <errno.h>
23*2d543d20SAndroid Build Coastguard Worker
24*2d543d20SAndroid Build Coastguard Worker #include "selinux_internal.h"
25*2d543d20SAndroid Build Coastguard Worker #include "policy.h"
26*2d543d20SAndroid Build Coastguard Worker
27*2d543d20SAndroid Build Coastguard Worker #define SELINUX_BOOL_DIR "/booleans/"
28*2d543d20SAndroid Build Coastguard Worker
filename_select(const struct dirent * d)29*2d543d20SAndroid Build Coastguard Worker static int filename_select(const struct dirent *d)
30*2d543d20SAndroid Build Coastguard Worker {
31*2d543d20SAndroid Build Coastguard Worker if (d->d_name[0] == '.'
32*2d543d20SAndroid Build Coastguard Worker && (d->d_name[1] == '\0'
33*2d543d20SAndroid Build Coastguard Worker || (d->d_name[1] == '.' && d->d_name[2] == '\0')))
34*2d543d20SAndroid Build Coastguard Worker return 0;
35*2d543d20SAndroid Build Coastguard Worker return 1;
36*2d543d20SAndroid Build Coastguard Worker }
37*2d543d20SAndroid Build Coastguard Worker
security_get_boolean_names(char *** names,int * len)38*2d543d20SAndroid Build Coastguard Worker int security_get_boolean_names(char ***names, int *len)
39*2d543d20SAndroid Build Coastguard Worker {
40*2d543d20SAndroid Build Coastguard Worker char path[PATH_MAX];
41*2d543d20SAndroid Build Coastguard Worker int i, rc;
42*2d543d20SAndroid Build Coastguard Worker struct dirent **namelist;
43*2d543d20SAndroid Build Coastguard Worker char **n;
44*2d543d20SAndroid Build Coastguard Worker
45*2d543d20SAndroid Build Coastguard Worker if (!len || names == NULL) {
46*2d543d20SAndroid Build Coastguard Worker errno = EINVAL;
47*2d543d20SAndroid Build Coastguard Worker return -1;
48*2d543d20SAndroid Build Coastguard Worker }
49*2d543d20SAndroid Build Coastguard Worker if (!selinux_mnt) {
50*2d543d20SAndroid Build Coastguard Worker errno = ENOENT;
51*2d543d20SAndroid Build Coastguard Worker return -1;
52*2d543d20SAndroid Build Coastguard Worker }
53*2d543d20SAndroid Build Coastguard Worker
54*2d543d20SAndroid Build Coastguard Worker snprintf(path, sizeof path, "%s%s", selinux_mnt, SELINUX_BOOL_DIR);
55*2d543d20SAndroid Build Coastguard Worker *len = scandir(path, &namelist, &filename_select, alphasort);
56*2d543d20SAndroid Build Coastguard Worker if (*len < 0) {
57*2d543d20SAndroid Build Coastguard Worker return -1;
58*2d543d20SAndroid Build Coastguard Worker }
59*2d543d20SAndroid Build Coastguard Worker if (*len == 0) {
60*2d543d20SAndroid Build Coastguard Worker free(namelist);
61*2d543d20SAndroid Build Coastguard Worker errno = ENOENT;
62*2d543d20SAndroid Build Coastguard Worker return -1;
63*2d543d20SAndroid Build Coastguard Worker }
64*2d543d20SAndroid Build Coastguard Worker
65*2d543d20SAndroid Build Coastguard Worker n = (char **)malloc(sizeof(char *) * *len);
66*2d543d20SAndroid Build Coastguard Worker if (!n) {
67*2d543d20SAndroid Build Coastguard Worker rc = -1;
68*2d543d20SAndroid Build Coastguard Worker goto bad;
69*2d543d20SAndroid Build Coastguard Worker }
70*2d543d20SAndroid Build Coastguard Worker
71*2d543d20SAndroid Build Coastguard Worker for (i = 0; i < *len; i++) {
72*2d543d20SAndroid Build Coastguard Worker n[i] = strdup(namelist[i]->d_name);
73*2d543d20SAndroid Build Coastguard Worker if (!n[i]) {
74*2d543d20SAndroid Build Coastguard Worker rc = -1;
75*2d543d20SAndroid Build Coastguard Worker goto bad_freen;
76*2d543d20SAndroid Build Coastguard Worker }
77*2d543d20SAndroid Build Coastguard Worker }
78*2d543d20SAndroid Build Coastguard Worker rc = 0;
79*2d543d20SAndroid Build Coastguard Worker *names = n;
80*2d543d20SAndroid Build Coastguard Worker out:
81*2d543d20SAndroid Build Coastguard Worker for (i = 0; i < *len; i++) {
82*2d543d20SAndroid Build Coastguard Worker free(namelist[i]);
83*2d543d20SAndroid Build Coastguard Worker }
84*2d543d20SAndroid Build Coastguard Worker free(namelist);
85*2d543d20SAndroid Build Coastguard Worker return rc;
86*2d543d20SAndroid Build Coastguard Worker bad_freen:
87*2d543d20SAndroid Build Coastguard Worker if (i > 0) {
88*2d543d20SAndroid Build Coastguard Worker while (i >= 1)
89*2d543d20SAndroid Build Coastguard Worker free(n[--i]);
90*2d543d20SAndroid Build Coastguard Worker }
91*2d543d20SAndroid Build Coastguard Worker free(n);
92*2d543d20SAndroid Build Coastguard Worker bad:
93*2d543d20SAndroid Build Coastguard Worker goto out;
94*2d543d20SAndroid Build Coastguard Worker }
95*2d543d20SAndroid Build Coastguard Worker
selinux_boolean_sub(const char * name)96*2d543d20SAndroid Build Coastguard Worker char *selinux_boolean_sub(const char *name)
97*2d543d20SAndroid Build Coastguard Worker {
98*2d543d20SAndroid Build Coastguard Worker char *sub = NULL;
99*2d543d20SAndroid Build Coastguard Worker char *line_buf = NULL;
100*2d543d20SAndroid Build Coastguard Worker size_t line_len;
101*2d543d20SAndroid Build Coastguard Worker FILE *cfg;
102*2d543d20SAndroid Build Coastguard Worker
103*2d543d20SAndroid Build Coastguard Worker if (!name)
104*2d543d20SAndroid Build Coastguard Worker return NULL;
105*2d543d20SAndroid Build Coastguard Worker
106*2d543d20SAndroid Build Coastguard Worker cfg = fopen(selinux_booleans_subs_path(), "re");
107*2d543d20SAndroid Build Coastguard Worker if (!cfg)
108*2d543d20SAndroid Build Coastguard Worker goto out;
109*2d543d20SAndroid Build Coastguard Worker
110*2d543d20SAndroid Build Coastguard Worker while (getline(&line_buf, &line_len, cfg) != -1) {
111*2d543d20SAndroid Build Coastguard Worker char *ptr;
112*2d543d20SAndroid Build Coastguard Worker char *src = line_buf;
113*2d543d20SAndroid Build Coastguard Worker char *dst;
114*2d543d20SAndroid Build Coastguard Worker while (*src && isspace((unsigned char)*src))
115*2d543d20SAndroid Build Coastguard Worker src++;
116*2d543d20SAndroid Build Coastguard Worker if (!*src)
117*2d543d20SAndroid Build Coastguard Worker continue;
118*2d543d20SAndroid Build Coastguard Worker if (src[0] == '#')
119*2d543d20SAndroid Build Coastguard Worker continue;
120*2d543d20SAndroid Build Coastguard Worker
121*2d543d20SAndroid Build Coastguard Worker ptr = src;
122*2d543d20SAndroid Build Coastguard Worker while (*ptr && !isspace((unsigned char)*ptr))
123*2d543d20SAndroid Build Coastguard Worker ptr++;
124*2d543d20SAndroid Build Coastguard Worker *ptr++ = '\0';
125*2d543d20SAndroid Build Coastguard Worker if (strcmp(src, name) != 0)
126*2d543d20SAndroid Build Coastguard Worker continue;
127*2d543d20SAndroid Build Coastguard Worker
128*2d543d20SAndroid Build Coastguard Worker dst = ptr;
129*2d543d20SAndroid Build Coastguard Worker while (*dst && isspace((unsigned char)*dst))
130*2d543d20SAndroid Build Coastguard Worker dst++;
131*2d543d20SAndroid Build Coastguard Worker if (!*dst)
132*2d543d20SAndroid Build Coastguard Worker continue;
133*2d543d20SAndroid Build Coastguard Worker ptr = dst;
134*2d543d20SAndroid Build Coastguard Worker while (*ptr && !isspace((unsigned char)*ptr))
135*2d543d20SAndroid Build Coastguard Worker ptr++;
136*2d543d20SAndroid Build Coastguard Worker *ptr = '\0';
137*2d543d20SAndroid Build Coastguard Worker
138*2d543d20SAndroid Build Coastguard Worker if (!strchr(dst, '/'))
139*2d543d20SAndroid Build Coastguard Worker sub = strdup(dst);
140*2d543d20SAndroid Build Coastguard Worker
141*2d543d20SAndroid Build Coastguard Worker break;
142*2d543d20SAndroid Build Coastguard Worker }
143*2d543d20SAndroid Build Coastguard Worker free(line_buf);
144*2d543d20SAndroid Build Coastguard Worker fclose(cfg);
145*2d543d20SAndroid Build Coastguard Worker out:
146*2d543d20SAndroid Build Coastguard Worker if (!sub)
147*2d543d20SAndroid Build Coastguard Worker sub = strdup(name);
148*2d543d20SAndroid Build Coastguard Worker return sub;
149*2d543d20SAndroid Build Coastguard Worker }
150*2d543d20SAndroid Build Coastguard Worker
bool_open(const char * name,int flag)151*2d543d20SAndroid Build Coastguard Worker static int bool_open(const char *name, int flag) {
152*2d543d20SAndroid Build Coastguard Worker char *fname = NULL;
153*2d543d20SAndroid Build Coastguard Worker char *alt_name = NULL;
154*2d543d20SAndroid Build Coastguard Worker size_t len;
155*2d543d20SAndroid Build Coastguard Worker int fd = -1;
156*2d543d20SAndroid Build Coastguard Worker int ret;
157*2d543d20SAndroid Build Coastguard Worker char *ptr;
158*2d543d20SAndroid Build Coastguard Worker
159*2d543d20SAndroid Build Coastguard Worker if (!name || strchr(name, '/')) {
160*2d543d20SAndroid Build Coastguard Worker errno = EINVAL;
161*2d543d20SAndroid Build Coastguard Worker return -1;
162*2d543d20SAndroid Build Coastguard Worker }
163*2d543d20SAndroid Build Coastguard Worker
164*2d543d20SAndroid Build Coastguard Worker /* note the 'sizeof' gets us enough room for the '\0' */
165*2d543d20SAndroid Build Coastguard Worker len = strlen(name) + strlen(selinux_mnt) + sizeof(SELINUX_BOOL_DIR);
166*2d543d20SAndroid Build Coastguard Worker fname = malloc(sizeof(char) * len);
167*2d543d20SAndroid Build Coastguard Worker if (!fname)
168*2d543d20SAndroid Build Coastguard Worker return -1;
169*2d543d20SAndroid Build Coastguard Worker
170*2d543d20SAndroid Build Coastguard Worker ret = snprintf(fname, len, "%s%s%s", selinux_mnt, SELINUX_BOOL_DIR, name);
171*2d543d20SAndroid Build Coastguard Worker if (ret < 0 || (size_t)ret >= len)
172*2d543d20SAndroid Build Coastguard Worker goto out;
173*2d543d20SAndroid Build Coastguard Worker
174*2d543d20SAndroid Build Coastguard Worker fd = open(fname, flag);
175*2d543d20SAndroid Build Coastguard Worker if (fd >= 0 || errno != ENOENT)
176*2d543d20SAndroid Build Coastguard Worker goto out;
177*2d543d20SAndroid Build Coastguard Worker
178*2d543d20SAndroid Build Coastguard Worker alt_name = selinux_boolean_sub(name);
179*2d543d20SAndroid Build Coastguard Worker if (!alt_name)
180*2d543d20SAndroid Build Coastguard Worker goto out;
181*2d543d20SAndroid Build Coastguard Worker
182*2d543d20SAndroid Build Coastguard Worker /* note the 'sizeof' gets us enough room for the '\0' */
183*2d543d20SAndroid Build Coastguard Worker len = strlen(alt_name) + strlen(selinux_mnt) + sizeof(SELINUX_BOOL_DIR);
184*2d543d20SAndroid Build Coastguard Worker ptr = realloc(fname, len);
185*2d543d20SAndroid Build Coastguard Worker if (!ptr)
186*2d543d20SAndroid Build Coastguard Worker goto out;
187*2d543d20SAndroid Build Coastguard Worker fname = ptr;
188*2d543d20SAndroid Build Coastguard Worker
189*2d543d20SAndroid Build Coastguard Worker ret = snprintf(fname, len, "%s%s%s", selinux_mnt, SELINUX_BOOL_DIR, alt_name);
190*2d543d20SAndroid Build Coastguard Worker if (ret < 0 || (size_t)ret >= len)
191*2d543d20SAndroid Build Coastguard Worker goto out;
192*2d543d20SAndroid Build Coastguard Worker
193*2d543d20SAndroid Build Coastguard Worker fd = open(fname, flag);
194*2d543d20SAndroid Build Coastguard Worker out:
195*2d543d20SAndroid Build Coastguard Worker free(fname);
196*2d543d20SAndroid Build Coastguard Worker free(alt_name);
197*2d543d20SAndroid Build Coastguard Worker
198*2d543d20SAndroid Build Coastguard Worker return fd;
199*2d543d20SAndroid Build Coastguard Worker }
200*2d543d20SAndroid Build Coastguard Worker
201*2d543d20SAndroid Build Coastguard Worker #define STRBUF_SIZE 3
get_bool_value(const char * name,char ** buf)202*2d543d20SAndroid Build Coastguard Worker static int get_bool_value(const char *name, char **buf)
203*2d543d20SAndroid Build Coastguard Worker {
204*2d543d20SAndroid Build Coastguard Worker int fd, len;
205*2d543d20SAndroid Build Coastguard Worker int errno_tmp;
206*2d543d20SAndroid Build Coastguard Worker
207*2d543d20SAndroid Build Coastguard Worker if (!selinux_mnt) {
208*2d543d20SAndroid Build Coastguard Worker errno = ENOENT;
209*2d543d20SAndroid Build Coastguard Worker return -1;
210*2d543d20SAndroid Build Coastguard Worker }
211*2d543d20SAndroid Build Coastguard Worker
212*2d543d20SAndroid Build Coastguard Worker *buf = malloc(sizeof(char) * (STRBUF_SIZE + 1));
213*2d543d20SAndroid Build Coastguard Worker if (!*buf)
214*2d543d20SAndroid Build Coastguard Worker return -1;
215*2d543d20SAndroid Build Coastguard Worker
216*2d543d20SAndroid Build Coastguard Worker (*buf)[STRBUF_SIZE] = 0;
217*2d543d20SAndroid Build Coastguard Worker
218*2d543d20SAndroid Build Coastguard Worker fd = bool_open(name, O_RDONLY | O_CLOEXEC);
219*2d543d20SAndroid Build Coastguard Worker if (fd < 0)
220*2d543d20SAndroid Build Coastguard Worker goto out_err;
221*2d543d20SAndroid Build Coastguard Worker
222*2d543d20SAndroid Build Coastguard Worker len = read(fd, *buf, STRBUF_SIZE);
223*2d543d20SAndroid Build Coastguard Worker errno_tmp = errno;
224*2d543d20SAndroid Build Coastguard Worker close(fd);
225*2d543d20SAndroid Build Coastguard Worker errno = errno_tmp;
226*2d543d20SAndroid Build Coastguard Worker if (len != STRBUF_SIZE)
227*2d543d20SAndroid Build Coastguard Worker goto out_err;
228*2d543d20SAndroid Build Coastguard Worker
229*2d543d20SAndroid Build Coastguard Worker return 0;
230*2d543d20SAndroid Build Coastguard Worker out_err:
231*2d543d20SAndroid Build Coastguard Worker free(*buf);
232*2d543d20SAndroid Build Coastguard Worker return -1;
233*2d543d20SAndroid Build Coastguard Worker }
234*2d543d20SAndroid Build Coastguard Worker
security_get_boolean_pending(const char * name)235*2d543d20SAndroid Build Coastguard Worker int security_get_boolean_pending(const char *name)
236*2d543d20SAndroid Build Coastguard Worker {
237*2d543d20SAndroid Build Coastguard Worker char *buf;
238*2d543d20SAndroid Build Coastguard Worker int val;
239*2d543d20SAndroid Build Coastguard Worker
240*2d543d20SAndroid Build Coastguard Worker if (get_bool_value(name, &buf))
241*2d543d20SAndroid Build Coastguard Worker return -1;
242*2d543d20SAndroid Build Coastguard Worker
243*2d543d20SAndroid Build Coastguard Worker if (atoi(&buf[1]))
244*2d543d20SAndroid Build Coastguard Worker val = 1;
245*2d543d20SAndroid Build Coastguard Worker else
246*2d543d20SAndroid Build Coastguard Worker val = 0;
247*2d543d20SAndroid Build Coastguard Worker free(buf);
248*2d543d20SAndroid Build Coastguard Worker return val;
249*2d543d20SAndroid Build Coastguard Worker }
250*2d543d20SAndroid Build Coastguard Worker
security_get_boolean_active(const char * name)251*2d543d20SAndroid Build Coastguard Worker int security_get_boolean_active(const char *name)
252*2d543d20SAndroid Build Coastguard Worker {
253*2d543d20SAndroid Build Coastguard Worker char *buf;
254*2d543d20SAndroid Build Coastguard Worker int val;
255*2d543d20SAndroid Build Coastguard Worker
256*2d543d20SAndroid Build Coastguard Worker if (get_bool_value(name, &buf))
257*2d543d20SAndroid Build Coastguard Worker return -1;
258*2d543d20SAndroid Build Coastguard Worker
259*2d543d20SAndroid Build Coastguard Worker buf[1] = '\0';
260*2d543d20SAndroid Build Coastguard Worker if (atoi(buf))
261*2d543d20SAndroid Build Coastguard Worker val = 1;
262*2d543d20SAndroid Build Coastguard Worker else
263*2d543d20SAndroid Build Coastguard Worker val = 0;
264*2d543d20SAndroid Build Coastguard Worker free(buf);
265*2d543d20SAndroid Build Coastguard Worker return val;
266*2d543d20SAndroid Build Coastguard Worker }
267*2d543d20SAndroid Build Coastguard Worker
security_set_boolean(const char * name,int value)268*2d543d20SAndroid Build Coastguard Worker int security_set_boolean(const char *name, int value)
269*2d543d20SAndroid Build Coastguard Worker {
270*2d543d20SAndroid Build Coastguard Worker int fd, ret;
271*2d543d20SAndroid Build Coastguard Worker char buf[2];
272*2d543d20SAndroid Build Coastguard Worker
273*2d543d20SAndroid Build Coastguard Worker if (!selinux_mnt) {
274*2d543d20SAndroid Build Coastguard Worker errno = ENOENT;
275*2d543d20SAndroid Build Coastguard Worker return -1;
276*2d543d20SAndroid Build Coastguard Worker }
277*2d543d20SAndroid Build Coastguard Worker if (value < 0 || value > 1) {
278*2d543d20SAndroid Build Coastguard Worker errno = EINVAL;
279*2d543d20SAndroid Build Coastguard Worker return -1;
280*2d543d20SAndroid Build Coastguard Worker }
281*2d543d20SAndroid Build Coastguard Worker
282*2d543d20SAndroid Build Coastguard Worker fd = bool_open(name, O_WRONLY | O_CLOEXEC);
283*2d543d20SAndroid Build Coastguard Worker if (fd < 0)
284*2d543d20SAndroid Build Coastguard Worker return -1;
285*2d543d20SAndroid Build Coastguard Worker
286*2d543d20SAndroid Build Coastguard Worker if (value)
287*2d543d20SAndroid Build Coastguard Worker buf[0] = '1';
288*2d543d20SAndroid Build Coastguard Worker else
289*2d543d20SAndroid Build Coastguard Worker buf[0] = '0';
290*2d543d20SAndroid Build Coastguard Worker buf[1] = '\0';
291*2d543d20SAndroid Build Coastguard Worker
292*2d543d20SAndroid Build Coastguard Worker ret = write(fd, buf, 2);
293*2d543d20SAndroid Build Coastguard Worker close(fd);
294*2d543d20SAndroid Build Coastguard Worker
295*2d543d20SAndroid Build Coastguard Worker if (ret > 0)
296*2d543d20SAndroid Build Coastguard Worker return 0;
297*2d543d20SAndroid Build Coastguard Worker else
298*2d543d20SAndroid Build Coastguard Worker return -1;
299*2d543d20SAndroid Build Coastguard Worker }
300*2d543d20SAndroid Build Coastguard Worker
security_commit_booleans(void)301*2d543d20SAndroid Build Coastguard Worker int security_commit_booleans(void)
302*2d543d20SAndroid Build Coastguard Worker {
303*2d543d20SAndroid Build Coastguard Worker int fd, ret;
304*2d543d20SAndroid Build Coastguard Worker char buf[2];
305*2d543d20SAndroid Build Coastguard Worker char path[PATH_MAX];
306*2d543d20SAndroid Build Coastguard Worker
307*2d543d20SAndroid Build Coastguard Worker if (!selinux_mnt) {
308*2d543d20SAndroid Build Coastguard Worker errno = ENOENT;
309*2d543d20SAndroid Build Coastguard Worker return -1;
310*2d543d20SAndroid Build Coastguard Worker }
311*2d543d20SAndroid Build Coastguard Worker
312*2d543d20SAndroid Build Coastguard Worker snprintf(path, sizeof path, "%s/commit_pending_bools", selinux_mnt);
313*2d543d20SAndroid Build Coastguard Worker fd = open(path, O_WRONLY | O_CLOEXEC);
314*2d543d20SAndroid Build Coastguard Worker if (fd < 0)
315*2d543d20SAndroid Build Coastguard Worker return -1;
316*2d543d20SAndroid Build Coastguard Worker
317*2d543d20SAndroid Build Coastguard Worker buf[0] = '1';
318*2d543d20SAndroid Build Coastguard Worker buf[1] = '\0';
319*2d543d20SAndroid Build Coastguard Worker
320*2d543d20SAndroid Build Coastguard Worker ret = write(fd, buf, 2);
321*2d543d20SAndroid Build Coastguard Worker close(fd);
322*2d543d20SAndroid Build Coastguard Worker
323*2d543d20SAndroid Build Coastguard Worker if (ret > 0)
324*2d543d20SAndroid Build Coastguard Worker return 0;
325*2d543d20SAndroid Build Coastguard Worker else
326*2d543d20SAndroid Build Coastguard Worker return -1;
327*2d543d20SAndroid Build Coastguard Worker }
328*2d543d20SAndroid Build Coastguard Worker
rollback(SELboolean * boollist,int end)329*2d543d20SAndroid Build Coastguard Worker static void rollback(SELboolean * boollist, int end)
330*2d543d20SAndroid Build Coastguard Worker {
331*2d543d20SAndroid Build Coastguard Worker int i;
332*2d543d20SAndroid Build Coastguard Worker
333*2d543d20SAndroid Build Coastguard Worker for (i = 0; i < end; i++)
334*2d543d20SAndroid Build Coastguard Worker security_set_boolean(boollist[i].name,
335*2d543d20SAndroid Build Coastguard Worker security_get_boolean_active(boollist[i].
336*2d543d20SAndroid Build Coastguard Worker name));
337*2d543d20SAndroid Build Coastguard Worker }
338*2d543d20SAndroid Build Coastguard Worker
security_set_boolean_list(size_t boolcnt,SELboolean * boollist,int permanent)339*2d543d20SAndroid Build Coastguard Worker int security_set_boolean_list(size_t boolcnt, SELboolean * boollist,
340*2d543d20SAndroid Build Coastguard Worker int permanent)
341*2d543d20SAndroid Build Coastguard Worker {
342*2d543d20SAndroid Build Coastguard Worker
343*2d543d20SAndroid Build Coastguard Worker size_t i;
344*2d543d20SAndroid Build Coastguard Worker for (i = 0; i < boolcnt; i++) {
345*2d543d20SAndroid Build Coastguard Worker boollist[i].value = !!boollist[i].value;
346*2d543d20SAndroid Build Coastguard Worker if (security_set_boolean(boollist[i].name, boollist[i].value)) {
347*2d543d20SAndroid Build Coastguard Worker rollback(boollist, i);
348*2d543d20SAndroid Build Coastguard Worker return -1;
349*2d543d20SAndroid Build Coastguard Worker }
350*2d543d20SAndroid Build Coastguard Worker }
351*2d543d20SAndroid Build Coastguard Worker
352*2d543d20SAndroid Build Coastguard Worker /* OK, let's do the commit */
353*2d543d20SAndroid Build Coastguard Worker if (security_commit_booleans()) {
354*2d543d20SAndroid Build Coastguard Worker return -1;
355*2d543d20SAndroid Build Coastguard Worker }
356*2d543d20SAndroid Build Coastguard Worker
357*2d543d20SAndroid Build Coastguard Worker /* Return error as flag no longer used */
358*2d543d20SAndroid Build Coastguard Worker if (permanent)
359*2d543d20SAndroid Build Coastguard Worker return -1;
360*2d543d20SAndroid Build Coastguard Worker
361*2d543d20SAndroid Build Coastguard Worker return 0;
362*2d543d20SAndroid Build Coastguard Worker }
363*2d543d20SAndroid Build Coastguard Worker
364*2d543d20SAndroid Build Coastguard Worker /* This function is deprecated */
security_load_booleans(char * path)365*2d543d20SAndroid Build Coastguard Worker int security_load_booleans(char *path __attribute__((unused)))
366*2d543d20SAndroid Build Coastguard Worker {
367*2d543d20SAndroid Build Coastguard Worker return -1;
368*2d543d20SAndroid Build Coastguard Worker }
369*2d543d20SAndroid Build Coastguard Worker #else
370*2d543d20SAndroid Build Coastguard Worker
371*2d543d20SAndroid Build Coastguard Worker #include <stdlib.h>
372*2d543d20SAndroid Build Coastguard Worker #include "selinux_internal.h"
373*2d543d20SAndroid Build Coastguard Worker
security_set_boolean_list(size_t boolcnt,SELboolean * boollist,int permanent)374*2d543d20SAndroid Build Coastguard Worker int security_set_boolean_list(size_t boolcnt __attribute__((unused)),
375*2d543d20SAndroid Build Coastguard Worker SELboolean * boollist __attribute__((unused)),
376*2d543d20SAndroid Build Coastguard Worker int permanent __attribute__((unused)))
377*2d543d20SAndroid Build Coastguard Worker {
378*2d543d20SAndroid Build Coastguard Worker return -1;
379*2d543d20SAndroid Build Coastguard Worker }
380*2d543d20SAndroid Build Coastguard Worker
security_load_booleans(char * path)381*2d543d20SAndroid Build Coastguard Worker int security_load_booleans(char *path __attribute__((unused)))
382*2d543d20SAndroid Build Coastguard Worker {
383*2d543d20SAndroid Build Coastguard Worker return -1;
384*2d543d20SAndroid Build Coastguard Worker }
385*2d543d20SAndroid Build Coastguard Worker
security_get_boolean_names(char *** names,int * len)386*2d543d20SAndroid Build Coastguard Worker int security_get_boolean_names(char ***names __attribute__((unused)),
387*2d543d20SAndroid Build Coastguard Worker int *len __attribute__((unused)))
388*2d543d20SAndroid Build Coastguard Worker {
389*2d543d20SAndroid Build Coastguard Worker return -1;
390*2d543d20SAndroid Build Coastguard Worker }
391*2d543d20SAndroid Build Coastguard Worker
security_get_boolean_pending(const char * name)392*2d543d20SAndroid Build Coastguard Worker int security_get_boolean_pending(const char *name __attribute__((unused)))
393*2d543d20SAndroid Build Coastguard Worker {
394*2d543d20SAndroid Build Coastguard Worker return -1;
395*2d543d20SAndroid Build Coastguard Worker }
396*2d543d20SAndroid Build Coastguard Worker
security_get_boolean_active(const char * name)397*2d543d20SAndroid Build Coastguard Worker int security_get_boolean_active(const char *name __attribute__((unused)))
398*2d543d20SAndroid Build Coastguard Worker {
399*2d543d20SAndroid Build Coastguard Worker return -1;
400*2d543d20SAndroid Build Coastguard Worker }
401*2d543d20SAndroid Build Coastguard Worker
security_set_boolean(const char * name,int value)402*2d543d20SAndroid Build Coastguard Worker int security_set_boolean(const char *name __attribute__((unused)),
403*2d543d20SAndroid Build Coastguard Worker int value __attribute__((unused)))
404*2d543d20SAndroid Build Coastguard Worker {
405*2d543d20SAndroid Build Coastguard Worker return -1;
406*2d543d20SAndroid Build Coastguard Worker }
407*2d543d20SAndroid Build Coastguard Worker
security_commit_booleans(void)408*2d543d20SAndroid Build Coastguard Worker int security_commit_booleans(void)
409*2d543d20SAndroid Build Coastguard Worker {
410*2d543d20SAndroid Build Coastguard Worker return -1;
411*2d543d20SAndroid Build Coastguard Worker }
412*2d543d20SAndroid Build Coastguard Worker
selinux_boolean_sub(const char * name)413*2d543d20SAndroid Build Coastguard Worker char *selinux_boolean_sub(const char *name __attribute__((unused)))
414*2d543d20SAndroid Build Coastguard Worker {
415*2d543d20SAndroid Build Coastguard Worker return NULL;
416*2d543d20SAndroid Build Coastguard Worker }
417*2d543d20SAndroid Build Coastguard Worker #endif
418*2d543d20SAndroid Build Coastguard Worker
419