src/shared: import more code cleanups from upstream

Signed-off-by: Anthony G. Basile <blueness@gentoo.org>

src/shared/Makefile.am

@@ -7,18 +7,20 @@ libudev_shared_la_SOURCES=\
 	cgroup-util.c \
 	conf-files.c \
 	device-nodes.c \
-        dev-setup.c \
+	dev-setup.c \
 	exit-status.c \
 	fileio.c \
 	hashmap.c \
-        label.c \
+	label.c \
 	log.c \
-        mkdir.c \
+	mkdir.c \
+	mkdir-label.c \
 	MurmurHash2.c \
 	path-util.c \
+	selinux-util.c \
 	set.c \
 	siphash24.c \
-        smack-util.c \
+	smack-util.c \
 	strbuf.c \
 	strv.c \
 	strxcpyx.c  \
@@ -32,21 +34,22 @@ noinst_HEADERS = \
 	conf-files.h \
 	def.h \
 	device-nodes.h \
-        dev-setup.h \
+	dev-setup.h \
 	exit-status.h \
 	fileio.h \
 	hashmap.h \
 	ioprio.h \
-        label.h \
+	label.h \
 	log.h \
 	macro.h \
 	missing.h \
-        mkdir.h \
+	mkdir.h \
 	MurmurHash2.h \
 	path-util.h \
+	selinux-util.h \
 	set.h \
 	siphash24.h \
-        smack-util.h \
+	smack-util.h \
 	socket-util.h \
 	sparse-endian.h \
 	strbuf.h \
@@ -55,7 +58,7 @@ noinst_HEADERS = \
 	time-util.h \
 	util.h \
 	utf8.h \
-        udev-util.h \
+	udev-util.h \
 	virt.h
 
 libudev_shared_la_LDFLAGS = \

src/shared/device-nodes.c

@@ -21,8 +21,8 @@
 
 #include <stdlib.h>
 #include <stdio.h>
-#include <stdint.h>
 #include <string.h>
+#include <stdint.h>
 #include <sys/types.h>
 
 #include "device-nodes.h"
@@ -42,7 +42,7 @@ int encode_devnode_name(const char *str, char *str_enc, size_t len) {
         size_t i, j;
 
         if (str == NULL || str_enc == NULL)
-                return -1;
+                return -EINVAL;
 
         for (i = 0, j = 0; str[i] != '\0'; i++) {
                 int seqlen;
@@ -71,5 +71,5 @@ int encode_devnode_name(const char *str, char *str_enc, size_t len) {
         str_enc[j] = '\0';
         return 0;
 err:
-        return -1;
+        return -EINVAL;
 }

src/shared/fileio.c

@@ -83,29 +83,33 @@ int read_one_line_file(const char *fn, char **line) {
         return 0;
 }
 
-int read_full_file(const char *fn, char **contents, size_t *size) {
-        _cleanup_fclose_ FILE *f = NULL;
+int read_full_stream(FILE *f, char **contents, size_t *size) {
         size_t n, l;
         _cleanup_free_ char *buf = NULL;
         struct stat st;
 
-        assert(fn);
+        assert(f);
         assert(contents);
 
-        f = fopen(fn, "re");
-        if (!f)
-                return -errno;
-
         if (fstat(fileno(f), &st) < 0)
                 return -errno;
 
-        /* Safety check */
-        if (st.st_size > 4*1024*1024)
-                return -E2BIG;
+        n = LINE_MAX;
 
-        n = st.st_size > 0 ? st.st_size : LINE_MAX;
-        l = 0;
+        if (S_ISREG(st.st_mode)) {
+
+                /* Safety check */
+                if (st.st_size > 4*1024*1024)
+                        return -E2BIG;
+
+                /* Start with the right file size, but be prepared for
+                 * files from /proc which generally report a file size
+                 * of 0 */
+                if (st.st_size > 0)
+                        n = st.st_size;
+        }
 
+        l = 0;
         for (;;) {
                 char *t;
                 size_t k;
@@ -141,3 +145,16 @@ int read_full_file(const char *fn, char **contents, size_t *size) {
 
         return 0;
 }
+
+int read_full_file(const char *fn, char **contents, size_t *size) {
+        _cleanup_fclose_ FILE *f = NULL;
+
+        assert(fn);
+        assert(contents);
+
+        f = fopen(fn, "re");
+        if (!f)
+                return -errno;
+
+        return read_full_stream(f, contents, size);
+}

src/shared/fileio.h

@@ -25,3 +25,4 @@ int write_string_stream(FILE *f, const char *line);
 int write_string_file(const char *fn, const char *line);
 int read_one_line_file(const char *fn, char **line);
 int read_full_file(const char *fn, char **contents, size_t *size);
+int read_full_stream(FILE *f, char **contents, size_t *size);

src/shared/label.c

@@ -28,23 +28,54 @@
 #include "label.h"
 #include "util.h"
 #include "path-util.h"
+#include "selinux-util.h"
+#include "smack-util.h"
 
 #ifdef HAVE_SELINUX
-#include <stdbool.h>
-#include <selinux/selinux.h>
-#include <selinux/label.h>
-
 static struct selabel_handle *label_hnd = NULL;
-static int use_selinux_cached = -1;
+#endif
 
-bool use_selinux(void) {
-        if (use_selinux_cached < 0)
-                use_selinux_cached = is_selinux_enabled() > 0;
+static int smack_relabel_in_dev(const char *path) {
+        int r = 0;
 
-        return use_selinux_cached;
-}
+#ifdef HAVE_SMACK
+        struct stat sb;
+        const char *label;
+
+        /*
+         * Path must be in /dev and must exist
+         */
+        if (!path_startswith(path, "/dev"))
+                return 0;
+
+        r = lstat(path, &sb);
+        if (r < 0)
+                return -errno;
+
+        /*
+         * Label directories and character devices "*".
+         * Label symlinks "_".
+         * Don't change anything else.
+         */
+        if (S_ISDIR(sb.st_mode))
+                label = SMACK_STAR_LABEL;
+        else if (S_ISLNK(sb.st_mode))
+                label = SMACK_FLOOR_LABEL;
+        else if (S_ISCHR(sb.st_mode))
+                label = SMACK_STAR_LABEL;
+        else
+                return 0;
+
+        r = setxattr(path, "security.SMACK64", label, strlen(label), 0);
+        if (r < 0) {
+                log_error("Smack relabeling \"%s\" %m", path);
+                return -errno;
+        }
 #endif
 
+        return r;
+}
+
 int label_init(const char *prefix) {
         int r = 0;
 
@@ -92,14 +123,14 @@ int label_init(const char *prefix) {
         return r;
 }
 
-int label_fix(const char *path, bool ignore_enoent, bool ignore_erofs) {
+static int label_fix_selinux(const char *path, bool ignore_enoent, bool ignore_erofs) {
         int r = 0;
 
 #ifdef HAVE_SELINUX
         struct stat st;
         security_context_t fcon;
 
-        if (!use_selinux() || !label_hnd)
+        if (!label_hnd)
                 return 0;
 
         r = lstat(path, &st);
@@ -122,6 +153,7 @@ int label_fix(const char *path, bool ignore_enoent, bool ignore_erofs) {
 
         if (r < 0) {
                 /* Ignore ENOENT in some cases */
+
                 if (ignore_enoent && errno == ENOENT)
                         return 0;
 
@@ -137,10 +169,31 @@ int label_fix(const char *path, bool ignore_enoent, bool ignore_erofs) {
         return r;
 }
 
+int label_fix(const char *path, bool ignore_enoent, bool ignore_erofs) {
+        int r = 0;
+
+        if (use_selinux()) {
+                r = label_fix_selinux(path, ignore_enoent, ignore_erofs);
+                if (r < 0)
+                        return r;
+        }
+
+        if (use_smack()) {
+                r = smack_relabel_in_dev(path);
+                if (r < 0)
+                        return r;
+        }
+
+        return r;
+}
+
 void label_finish(void) {
 
 #ifdef HAVE_SELINUX
-        if (use_selinux() && label_hnd)
+        if (!use_selinux())
+                return;
+
+        if (label_hnd)
                 selabel_close(label_hnd);
 #endif
 }
@@ -177,34 +230,35 @@ int label_context_set(const char *path, mode_t mode) {
 void label_context_clear(void) {
 
 #ifdef HAVE_SELINUX
+        PROTECT_ERRNO;
+
         if (!use_selinux())
                 return;
 
         setfscreatecon(NULL);
 #endif
 }
 
-int label_mkdir(const char *path, mode_t mode, bool apply) {
+static int label_mkdir_selinux(const char *path, mode_t mode) {
+        int r = 0;
 
-        /* Creates a directory and labels it according to the SELinux policy */
 #ifdef HAVE_SELINUX
-        int r;
+        /* Creates a directory and labels it according to the SELinux policy */
         security_context_t fcon = NULL;
 
-        if (!apply || !use_selinux() || !label_hnd)
-                goto skipped;
+        if (!label_hnd)
+                return 0;
 
         if (path_is_absolute(path))
                 r = selabel_lookup_raw(label_hnd, &fcon, path, S_IFDIR);
         else {
-                char *newpath;
+                _cleanup_free_ char *newpath;
 
                 newpath = path_make_absolute_cwd(path);
                 if (!newpath)
                         return -ENOMEM;
 
                 r = selabel_lookup_raw(label_hnd, &fcon, newpath, S_IFDIR);
-                free(newpath);
         }
 
         if (r == 0)
@@ -226,12 +280,35 @@ int label_mkdir(const char *path, mode_t mode, bool apply) {
 finish:
         setfscreatecon(NULL);
         freecon(fcon);
+#endif
 
         return r;
+}
 
-skipped:
-#endif
-        return mkdir(path, mode) < 0 ? -errno : 0;
+int label_mkdir(const char *path, mode_t mode) {
+        int r;
+
+        if (use_selinux()) {
+                r = label_mkdir_selinux(path, mode);
+                if (r < 0)
+                        return r;
+        }
+
+        if (use_smack()) {
+                r = mkdir(path, mode);
+                if (r < 0 && errno != EEXIST)
+                        return -errno;
+
+                r = smack_relabel_in_dev(path);
+                if (r < 0)
+                        return r;
+        }
+
+        r = mkdir(path, mode);
+        if (r < 0 && errno != EEXIST)
+                return -errno;
+
+        return 0;
 }
 
 int label_apply(const char *path, const char *label) {

src/shared/label.h

@@ -33,6 +33,6 @@ int label_fix(const char *path, bool ignore_enoent, bool ignore_erofs);
 int label_context_set(const char *path, mode_t mode);
 void label_context_clear(void);
 
-int label_mkdir(const char *path, mode_t mode, bool apply);
+int label_mkdir(const char *path, mode_t mode);
 
 int label_apply(const char *path, const char *label);

src/shared/log.c

@@ -30,11 +30,11 @@
 #include <string.h>
 
 #include "log.h"
-#include "time-util.h"
 #include "util.h"
 #include "missing.h"
 #include "macro.h"
 #include "socket-util.h"
+#include "time-util.h"
 
 #define SNDBUF_SIZE (8*1024*1024)
 

src/shared/missing.h

@@ -78,10 +78,6 @@ static inline pid_t gettid(void) {
 }
 #endif
 
-#ifndef MS_PRIVATE
-#define MS_PRIVATE  (1 << 18)
-#endif
-
 #ifndef MS_REC
 #define MS_REC 16384
 #endif