aboutsummaryrefslogtreecommitdiff
path: root/toys/pending/load_policy.c
blob: ffe113e2b2f1013e7bdacfa55745c36b09bd3201 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41

/* runcon.c - Run command in specified security context
 *
 * Copyright 2015 The Android Open Source Project

USE_LOAD_POLICY(NEWTOY(load_policy, "<1>1", TOYFLAG_USR|TOYFLAG_SBIN))

config LOAD_POLICY
  bool "load_policy"
  depends on TOYBOX_SELINUX
  default n
  help
    usage: load_policy FILE

    Load the specified policy file.
*/

#define FOR_load_policy
#include "toys.h"

void load_policy_main(void)
{
  char *path = *toys.optargs;
  char *policy_data = 0;
  off_t policy_len;
  int fd;

  if ((fd = open(path, O_RDONLY)) != -1) {
    policy_len = fdlength(fd);
    policy_data = mmap(0, policy_len, PROT_READ, MAP_PRIVATE, fd, 0);
    close(fd);
  }

  if (!policy_data) {
    error_exit("Couldn't read %s: %s", path, strerror(errno));
  }

  if (security_load_policy(policy_data, policy_len) < 0)
    error_exit("Couldn't load %s: %s", path, strerror(errno));

  munmap(policy_data, policy_len);
}
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-07 10:29:59 +0000