1*2d543d20SAndroid Build Coastguard Worker #include <unistd.h>
2*2d543d20SAndroid Build Coastguard Worker #include <fcntl.h>
3*2d543d20SAndroid Build Coastguard Worker #include <string.h>
4*2d543d20SAndroid Build Coastguard Worker #include "selinux_internal.h"
5*2d543d20SAndroid Build Coastguard Worker #include <stdlib.h>
6*2d543d20SAndroid Build Coastguard Worker #include <errno.h>
7*2d543d20SAndroid Build Coastguard Worker #include <limits.h>
8*2d543d20SAndroid Build Coastguard Worker #include <stdio.h>
9*2d543d20SAndroid Build Coastguard Worker #include "policy.h"
10*2d543d20SAndroid Build Coastguard Worker
is_selinux_enabled(void)11*2d543d20SAndroid Build Coastguard Worker int is_selinux_enabled(void)
12*2d543d20SAndroid Build Coastguard Worker {
13*2d543d20SAndroid Build Coastguard Worker /* init_selinuxmnt() gets called before this function. We
14*2d543d20SAndroid Build Coastguard Worker * will assume that if a selinux file system is mounted, then
15*2d543d20SAndroid Build Coastguard Worker * selinux is enabled. */
16*2d543d20SAndroid Build Coastguard Worker #ifdef ANDROID
17*2d543d20SAndroid Build Coastguard Worker return (selinux_mnt ? 1 : 0);
18*2d543d20SAndroid Build Coastguard Worker #else
19*2d543d20SAndroid Build Coastguard Worker return (selinux_mnt && has_selinux_config);
20*2d543d20SAndroid Build Coastguard Worker #endif
21*2d543d20SAndroid Build Coastguard Worker }
22*2d543d20SAndroid Build Coastguard Worker
23*2d543d20SAndroid Build Coastguard Worker
24*2d543d20SAndroid Build Coastguard Worker /*
25*2d543d20SAndroid Build Coastguard Worker * Function: is_selinux_mls_enabled()
26*2d543d20SAndroid Build Coastguard Worker * Return: 1 on success
27*2d543d20SAndroid Build Coastguard Worker * 0 on failure
28*2d543d20SAndroid Build Coastguard Worker */
is_selinux_mls_enabled(void)29*2d543d20SAndroid Build Coastguard Worker int is_selinux_mls_enabled(void)
30*2d543d20SAndroid Build Coastguard Worker {
31*2d543d20SAndroid Build Coastguard Worker char buf[20], path[PATH_MAX];
32*2d543d20SAndroid Build Coastguard Worker int fd, ret, enabled = 0;
33*2d543d20SAndroid Build Coastguard Worker
34*2d543d20SAndroid Build Coastguard Worker if (!selinux_mnt)
35*2d543d20SAndroid Build Coastguard Worker return enabled;
36*2d543d20SAndroid Build Coastguard Worker
37*2d543d20SAndroid Build Coastguard Worker snprintf(path, sizeof path, "%s/mls", selinux_mnt);
38*2d543d20SAndroid Build Coastguard Worker fd = open(path, O_RDONLY | O_CLOEXEC);
39*2d543d20SAndroid Build Coastguard Worker if (fd < 0)
40*2d543d20SAndroid Build Coastguard Worker return enabled;
41*2d543d20SAndroid Build Coastguard Worker
42*2d543d20SAndroid Build Coastguard Worker memset(buf, 0, sizeof buf);
43*2d543d20SAndroid Build Coastguard Worker
44*2d543d20SAndroid Build Coastguard Worker do {
45*2d543d20SAndroid Build Coastguard Worker ret = read(fd, buf, sizeof buf - 1);
46*2d543d20SAndroid Build Coastguard Worker } while (ret < 0 && errno == EINTR);
47*2d543d20SAndroid Build Coastguard Worker close(fd);
48*2d543d20SAndroid Build Coastguard Worker if (ret < 0)
49*2d543d20SAndroid Build Coastguard Worker return enabled;
50*2d543d20SAndroid Build Coastguard Worker
51*2d543d20SAndroid Build Coastguard Worker if (!strcmp(buf, "1"))
52*2d543d20SAndroid Build Coastguard Worker enabled = 1;
53*2d543d20SAndroid Build Coastguard Worker
54*2d543d20SAndroid Build Coastguard Worker return enabled;
55*2d543d20SAndroid Build Coastguard Worker }
56*2d543d20SAndroid Build Coastguard Worker
57