kdbus: fix for GetConnectionSELinuxSecurityContext method call

To keep compatibility with dbus1, GetConnectionSELinuxSecurityContext method call should always return SELinuxSecurityContextUnknown error on systems without SELinux (even if other LSM systems, like for example SMACK, are available on platform). Change-Id: I347cdf665a03fc047d267752b23c4503bf5218e3
author: Lukasz Skalski <l.skalski@samsung.com> 2016-09-05 11:35:38 +0200
committer: Lukasz Skalski <l.skalski@samsung.com> 2016-09-05 11:35:38 +0200
commit: 1baefdfc868b98e1dc513ed9e32a51e0ca56f5f1 (patch)
tree: 895d661f7f3ecf778b83b66e853f9aae2e76e878
parent: f1d7bedbedb685d4b9b8e9bd3132f860ea5a4276 (diff)
download: dbus-1baefdfc868b98e1dc513ed9e32a51e0ca56f5f1.tar.gz
dbus-1baefdfc868b98e1dc513ed9e32a51e0ca56f5f1.tar.bz2
dbus-1baefdfc868b98e1dc513ed9e32a51e0ca56f5f1.zip
1 files changed, 26 insertions, 6 deletions
diff --git a/dbus/dbus-transport-kdbus.c b/dbus/dbus-transport-kdbus.c
index d8cb5a94..e23ded2b 100755
--- a/dbus/dbus-transport-kdbus.c
+++ b/dbus/dbus-transport-kdbus.c
@@ -1946,6 +1946,17 @@ oom:
   return NULL;
 }
 
+static dbus_bool_t
+_mac_smack_use (void)
+{
+  static int cached_use = -1;
+
+  if (cached_use < 0)
+    cached_use = access("/sys/fs/smackfs/", F_OK) >= 0;
+
+  return cached_use;
+}
+
 static DBusMessage *
 capture_org_freedesktop_DBus_GetConnectionSELinuxSecurityContext (DBusTransportKdbus *transport,
                                                                   DBusMessage        *message,
@@ -1958,14 +1969,23 @@ capture_org_freedesktop_DBus_GetConnectionSELinuxSecurityContext (DBusTransportK
 
   if (info.sec_label != NULL)
     {
-      DBusMessage *reply;
+      if (_mac_smack_use())
+        {
+          dbus_set_error (error, DBUS_ERROR_SELINUX_SECURITY_CONTEXT_UNKNOWN,
+                          "Could not determine security context");
+          dbus_free (info.sec_label);
+        }
+      else
+        {
+          DBusMessage *reply;
 
-      reply = reply_fixed_array (message, DBUS_TYPE_BYTE,
-                                 info.sec_label,
-                                 strlen (info.sec_label)+1);
+          reply = reply_fixed_array (message, DBUS_TYPE_BYTE,
+                                     info.sec_label,
+                                     strlen (info.sec_label)+1);
 
-      dbus_free (info.sec_label);
-      return reply;
+          dbus_free (info.sec_label);
+          return reply;
+        }
     }
   else
     {
author	Lukasz Skalski <l.skalski@samsung.com>	2016-09-05 11:35:38 +0200
committer	Lukasz Skalski <l.skalski@samsung.com>	2016-09-05 11:35:38 +0200
commit	1baefdfc868b98e1dc513ed9e32a51e0ca56f5f1 (patch)
tree	895d661f7f3ecf778b83b66e853f9aae2e76e878
parent	f1d7bedbedb685d4b9b8e9bd3132f860ea5a4276 (diff)
download	dbus-1baefdfc868b98e1dc513ed9e32a51e0ca56f5f1.tar.gz dbus-1baefdfc868b98e1dc513ed9e32a51e0ca56f5f1.tar.bz2 dbus-1baefdfc868b98e1dc513ed9e32a51e0ca56f5f1.zip