From: william.c.roberts@intel.com
To: selinux@tycho.nsa.gov, seandroid-list@tycho.nsa.gov, sds@tycho.nsa.gov
Subject: [PATCH] libselinux: re-introduce DISABLE_BOOL=y
Date: Thu, 29 Sep 2016 14:02:25 -0400 [thread overview]
Message-ID: <1475172145-16428-1-git-send-email-william.c.roberts@intel.com> (raw)
From: William Roberts <william.c.roberts@intel.com>
Provide stubs to the public boolean API that always returns -1.
On Android, boolean symbols are needed for:
external/ltrace/sysdeps/linux-gnu/trace.c
Signed-off-by: William Roberts <william.c.roberts@intel.com>
---
libselinux/Makefile | 4 +++
libselinux/src/booleans.c | 64 +++++++++++++++++++++++++++++++++++++++--------
2 files changed, 58 insertions(+), 10 deletions(-)
diff --git a/libselinux/Makefile b/libselinux/Makefile
index f607115..b5f32bb 100644
--- a/libselinux/Makefile
+++ b/libselinux/Makefile
@@ -5,6 +5,7 @@ DISABLE_RPM ?= y
ANDROID_HOST ?= n
ifeq ($(ANDROID_HOST),y)
override DISABLE_SETRANS=y
+ override DISABLE_BOOL=y
endif
ifeq ($(DISABLE_RPM),y)
DISABLE_FLAGS+= -DDISABLE_RPM
@@ -12,6 +13,9 @@ endif
ifeq ($(DISABLE_SETRANS),y)
DISABLE_FLAGS+= -DDISABLE_SETRANS
endif
+ifeq ($(DISABLE_BOOL),y)
+ DISABLE_FLAGS+= -DDISABLE_BOOL
+endif
export DISABLE_SETRANS DISABLE_RPM DISABLE_FLAGS ANDROID_HOST
USE_PCRE2 ?= n
diff --git a/libselinux/src/booleans.c b/libselinux/src/booleans.c
index c438af1..cbb0610 100644
--- a/libselinux/src/booleans.c
+++ b/libselinux/src/booleans.c
@@ -25,6 +25,8 @@
#define SELINUX_BOOL_DIR "/booleans/"
+#ifndef DISABLE_BOOL
+
static int filename_select(const struct dirent *d)
{
if (d->d_name[0] == '.'
@@ -85,8 +87,6 @@ int security_get_boolean_names(char ***names, int *len)
goto out;
}
-hidden_def(security_get_boolean_names)
-
char *selinux_boolean_sub(const char *name)
{
char *sub = NULL;
@@ -141,8 +141,6 @@ out:
return sub;
}
-hidden_def(selinux_boolean_sub)
-
static int bool_open(const char *name, int flag) {
char *fname = NULL;
char *alt_name = NULL;
@@ -262,8 +260,6 @@ int security_get_boolean_active(const char *name)
return val;
}
-hidden_def(security_get_boolean_active)
-
int security_set_boolean(const char *name, int value)
{
int fd, ret;
@@ -297,8 +293,6 @@ int security_set_boolean(const char *name, int value)
return -1;
}
-hidden_def(security_set_boolean)
-
int security_commit_booleans(void)
{
int fd, ret;
@@ -327,8 +321,6 @@ int security_commit_booleans(void)
return -1;
}
-hidden_def(security_commit_booleans)
-
static char *strtrim(char *dest, char *source, int size)
{
int i = 0;
@@ -567,3 +559,55 @@ int security_load_booleans(char *path)
errno = EINVAL;
return errors ? -1 : 0;
}
+
+#else
+int security_set_boolean_list(size_t boolcnt __attribute__((unused)),
+ SELboolean * boollist __attribute__((unused)),
+ int permanent __attribute__((unused)))
+{
+ return -1;
+}
+
+int security_load_booleans(char *path __attribute__((unused)))
+{
+ return -1;
+}
+
+int security_get_boolean_names(char ***names __attribute__((unused)),
+ int *len __attribute__((unused)))
+{
+ return -1;
+}
+
+int security_get_boolean_pending(const char *name __attribute__((unused)))
+{
+ return -1;
+}
+
+int security_get_boolean_active(const char *name __attribute__((unused)))
+{
+ return -1;
+}
+
+int security_set_boolean(const char *name __attribute__((unused)),
+ int value __attribute__((unused)))
+{
+ return -1;
+}
+
+int security_commit_booleans(void)
+{
+ return -1;
+}
+
+char *selinux_boolean_sub(const char *name __attribute__((unused)))
+{
+ return NULL;
+}
+#endif
+
+hidden_def(security_get_boolean_names)
+hidden_def(selinux_boolean_sub)
+hidden_def(security_get_boolean_active)
+hidden_def(security_set_boolean)
+hidden_def(security_commit_booleans)
--
1.9.1
next reply other threads:[~2016-09-29 18:02 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-09-29 18:02 william.c.roberts [this message]
2016-09-29 18:08 ` [PATCH] libselinux: re-introduce DISABLE_BOOL=y Stephen Smalley
2016-09-29 18:15 ` William Roberts
2016-09-29 18:44 ` Stephen Smalley
2016-09-29 18:46 ` William Roberts
2016-09-29 18:54 ` Stephen Smalley
2016-09-29 19:15 ` William Roberts
2016-09-29 19:27 ` William Roberts
2016-09-29 19:37 ` Stephen Smalley
2016-09-29 19:42 ` Stephen Smalley
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1475172145-16428-1-git-send-email-william.c.roberts@intel.com \
--to=william.c.roberts@intel.com \
--cc=sds@tycho.nsa.gov \
--cc=seandroid-list@tycho.nsa.gov \
--cc=selinux@tycho.nsa.gov \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.