Skip Research MenusResearch Menu
|
Re: getfilecon return code
On Mon, 2007-07-09 at 14:30 -0400, Stephen Smalley wrote:
> On Mon, 2007-07-09 at 14:07 -0400, John D. Ramsdell wrote:
> > I hadn't carefully read the manual page for getfilecon until now, but
> > I notice it states that a positive number is returned indicating the
> > number of bytes malloc'd for the context, and -1 is returned
> > indicating failure and that errno is set. I would have guessed from
> > the description that zero is never an allowed return value. In fact,
> > I wrote code that freecon'd a context whenever the return value was
> > not -1.
>
> freecon(NULL) is perfectly legal and harmless, like free(NULL), so that
> part is ok.
>
> It is possible to set extended attributes with no values, e.g.
> $ setfattr -n user.foo /path/to/foo
> $ getfattr -n user.foo /path/to/foo
> and directly calling getxattr() on that file will return 0.
>
> So technically this is a possible case, even if it is unusual and was
> introduced in this case by the proc sysctl rewrite in the kernel leaving
> us with "private" /proc/sys inodes.
>
> I'd be inclined to change security_inode_getsecurity() in the kernel to
> return -EOPNOTSUPP in the IS_PRIVATE(inode) case. But that won't help
> with current kernels, of course.
>
> libselinux could remap a zero return from getxattr to a -1 return with
> errno EOPNOTSUPP in the meantime if we want to present this behavior to
> applications now.
Like so:
Index: trunk/libselinux/src/fgetfilecon.c
- trunk/libselinux/src/fgetfilecon.c (revision 2492)
+++ trunk/libselinux/src/fgetfilecon.c (working copy)
@@ -37,6 +37,11 @@
ret = fgetxattr(fd, XATTR_NAME_SELINUX, buf, size - 1);
}
out:
+ if (ret == 0) {
+ /* Re-map empty attribute values to errors. */
+ errno = EOPNOTSUPP;
+ ret = -1;
+ }
if (ret < 0)
free(buf);
else
Index: trunk/libselinux/src/lgetfilecon.c
- trunk/libselinux/src/lgetfilecon.c (revision 2492)
+++ trunk/libselinux/src/lgetfilecon.c (working copy)
@@ -37,6 +37,11 @@
ret = lgetxattr(path, XATTR_NAME_SELINUX, buf, size - 1);
}
out:
+ if (ret == 0) {
+ /* Re-map empty attribute values to errors. */
+ errno = EOPNOTSUPP;
+ ret = -1;
+ }
if (ret < 0)
free(buf);
else
Index: trunk/libselinux/src/getfilecon.c
- trunk/libselinux/src/getfilecon.c (revision 2492)
+++ trunk/libselinux/src/getfilecon.c (working copy)
@@ -37,6 +37,11 @@
ret = getxattr(path, XATTR_NAME_SELINUX, buf, size - 1);
}
out:
+ if (ret == 0) {
+ /* Re-map empty attribute values to errors. */
+ errno = EOPNOTSUPP;
+ ret = -1;
+ }
if (ret < 0)
free(buf);
else
--
Stephen Smalley
National Security Agency
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
Received on Mon 9 Jul 2007 - 14:42:38 EDT
|
|