1*2d543d20SAndroid Build Coastguard Worker #include <stdio.h>
2*2d543d20SAndroid Build Coastguard Worker #include <stdlib.h>
3*2d543d20SAndroid Build Coastguard Worker #include <string.h>
4*2d543d20SAndroid Build Coastguard Worker #include <getopt.h>
5*2d543d20SAndroid Build Coastguard Worker #include <errno.h>
6*2d543d20SAndroid Build Coastguard Worker #include <stdbool.h>
7*2d543d20SAndroid Build Coastguard Worker #include <selinux/selinux.h>
8*2d543d20SAndroid Build Coastguard Worker #include <selinux/label.h>
9*2d543d20SAndroid Build Coastguard Worker
usage(const char * progname)10*2d543d20SAndroid Build Coastguard Worker static __attribute__ ((__noreturn__)) void usage(const char *progname)
11*2d543d20SAndroid Build Coastguard Worker {
12*2d543d20SAndroid Build Coastguard Worker fprintf(stderr,
13*2d543d20SAndroid Build Coastguard Worker "usage: %s [-v] -p <path> [-f file]\n\n"
14*2d543d20SAndroid Build Coastguard Worker "Where:\n\t"
15*2d543d20SAndroid Build Coastguard Worker "-v Validate file_contxts entries against loaded policy.\n\t"
16*2d543d20SAndroid Build Coastguard Worker "-p Path to check if a match or partial match is possible\n\t"
17*2d543d20SAndroid Build Coastguard Worker " against a regex entry in the file_contexts file.\n\t"
18*2d543d20SAndroid Build Coastguard Worker "-f Optional file_contexts file (defaults to current policy).\n\n"
19*2d543d20SAndroid Build Coastguard Worker "Example:\n\t"
20*2d543d20SAndroid Build Coastguard Worker "%s -p /sys/devices/system/cpu/online\n\t"
21*2d543d20SAndroid Build Coastguard Worker " Check if a match or partial match is possible against\n\t"
22*2d543d20SAndroid Build Coastguard Worker " the path \"/sys/devices/system/cpu/online\", returning\n\t"
23*2d543d20SAndroid Build Coastguard Worker " TRUE or FALSE.\n\n", progname, progname);
24*2d543d20SAndroid Build Coastguard Worker exit(1);
25*2d543d20SAndroid Build Coastguard Worker }
26*2d543d20SAndroid Build Coastguard Worker
main(int argc,char ** argv)27*2d543d20SAndroid Build Coastguard Worker int main(int argc, char **argv)
28*2d543d20SAndroid Build Coastguard Worker {
29*2d543d20SAndroid Build Coastguard Worker int opt;
30*2d543d20SAndroid Build Coastguard Worker bool partial_match;
31*2d543d20SAndroid Build Coastguard Worker const char *validate = NULL, *path = NULL, *file = NULL;
32*2d543d20SAndroid Build Coastguard Worker
33*2d543d20SAndroid Build Coastguard Worker struct selabel_handle *hnd;
34*2d543d20SAndroid Build Coastguard Worker struct selinux_opt selabel_option[] = {
35*2d543d20SAndroid Build Coastguard Worker { SELABEL_OPT_PATH, file },
36*2d543d20SAndroid Build Coastguard Worker { SELABEL_OPT_VALIDATE, validate }
37*2d543d20SAndroid Build Coastguard Worker };
38*2d543d20SAndroid Build Coastguard Worker
39*2d543d20SAndroid Build Coastguard Worker if (argc < 2)
40*2d543d20SAndroid Build Coastguard Worker usage(argv[0]);
41*2d543d20SAndroid Build Coastguard Worker
42*2d543d20SAndroid Build Coastguard Worker while ((opt = getopt(argc, argv, "f:vp:")) > 0) {
43*2d543d20SAndroid Build Coastguard Worker switch (opt) {
44*2d543d20SAndroid Build Coastguard Worker case 'f':
45*2d543d20SAndroid Build Coastguard Worker file = optarg;
46*2d543d20SAndroid Build Coastguard Worker break;
47*2d543d20SAndroid Build Coastguard Worker case 'v':
48*2d543d20SAndroid Build Coastguard Worker validate = (char *)1;
49*2d543d20SAndroid Build Coastguard Worker break;
50*2d543d20SAndroid Build Coastguard Worker case 'p':
51*2d543d20SAndroid Build Coastguard Worker path = optarg;
52*2d543d20SAndroid Build Coastguard Worker break;
53*2d543d20SAndroid Build Coastguard Worker default:
54*2d543d20SAndroid Build Coastguard Worker usage(argv[0]);
55*2d543d20SAndroid Build Coastguard Worker }
56*2d543d20SAndroid Build Coastguard Worker }
57*2d543d20SAndroid Build Coastguard Worker
58*2d543d20SAndroid Build Coastguard Worker if (!path || optind != argc)
59*2d543d20SAndroid Build Coastguard Worker usage(argv[0]);
60*2d543d20SAndroid Build Coastguard Worker
61*2d543d20SAndroid Build Coastguard Worker selabel_option[0].value = file;
62*2d543d20SAndroid Build Coastguard Worker selabel_option[1].value = validate;
63*2d543d20SAndroid Build Coastguard Worker
64*2d543d20SAndroid Build Coastguard Worker hnd = selabel_open(SELABEL_CTX_FILE, selabel_option, 2);
65*2d543d20SAndroid Build Coastguard Worker if (!hnd) {
66*2d543d20SAndroid Build Coastguard Worker fprintf(stderr, "ERROR: selabel_open - Could not obtain "
67*2d543d20SAndroid Build Coastguard Worker "handle: %s\n",
68*2d543d20SAndroid Build Coastguard Worker strerror(errno));
69*2d543d20SAndroid Build Coastguard Worker return -1;
70*2d543d20SAndroid Build Coastguard Worker }
71*2d543d20SAndroid Build Coastguard Worker
72*2d543d20SAndroid Build Coastguard Worker partial_match = selabel_partial_match(hnd, path);
73*2d543d20SAndroid Build Coastguard Worker
74*2d543d20SAndroid Build Coastguard Worker printf("Match or Partial match: %s\n",
75*2d543d20SAndroid Build Coastguard Worker partial_match ? "TRUE" : "FALSE");
76*2d543d20SAndroid Build Coastguard Worker
77*2d543d20SAndroid Build Coastguard Worker selabel_close(hnd);
78*2d543d20SAndroid Build Coastguard Worker return partial_match;
79*2d543d20SAndroid Build Coastguard Worker }
80