commit 8290d1083ec7eee3f32265012f5d6be2774c4afc
author Stephen Smalley <sds@tycho.nsa.gov> Fri Jan 13 08:53:56 2012 -0500
committer Stephen Smalley <sds@tycho.nsa.gov> Fri Feb 03 11:11:15 2012 -0500
tree 6d7e239b2a5b3d4a8faf8c3f404f8d9b3270f61d
parent 0458d373261d89979529853fa63cdd998b12e04a

Extend toolbox with SE Android support.

Add -Z option to ls and ps for displaying security contexts.
Modify id to display security context.
Add new SELinux commands: chcon, getenforce, getsebool, load_policy, restorecon, runcon, setenforce, setsebool.

Change-Id: Ia20941be4a6cd706fe392fed6e38a37d880ec5f1

toolbox/load_policy.c

diff --git a/toolbox/load_policy.c b/toolbox/load_policy.c
new file mode 100644
index 0000000..eb5aba6
--- /dev/null
+++ b/toolbox/load_policy.c
@@ -0,0 +1,49 @@
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <unistd.h>
+#include <fcntl.h>
+#include <sys/stat.h>
+#include <sys/mman.h>
+#include <errno.h>
+#include <selinux/selinux.h>
+
+int load_policy_main(int argc, char **argv)
+{
+    int fd, rc, vers;
+    struct stat sb;
+    void *map;
+    const char *path;
+
+    if (argc != 2) {
+        fprintf(stderr, "usage:  %s policy-file\n", argv[0]);
+        exit(1);
+    }
+
+    path = argv[1];
+    fd = open(path, O_RDONLY);
+    if (fd < 0) {
+        fprintf(stderr, "Could not open %s:  %s\n", path, strerror(errno));
+        exit(2);
+    }
+
+    if (fstat(fd, &sb) < 0) {
+        fprintf(stderr, "Could not stat %s:  %s\n", path, strerror(errno));
+        exit(3);
+    }
+
+    map = mmap(NULL, sb.st_size, PROT_READ, MAP_PRIVATE, fd, 0);
+    if (map == MAP_FAILED) {
+        fprintf(stderr, "Could not mmap %s:  %s\n", path, strerror(errno));
+        exit(4);
+    }
+
+    rc = security_load_policy(map, sb.st_size);
+    if (rc < 0) {
+        fprintf(stderr, "Could not load %s:  %s\n", path, strerror(errno));
+        exit(5);
+    }
+    munmap(map, sb.st_size);
+    close(fd);
+    exit(0);
+}