Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
OpenHarmony
Startup Init Lite
提交
2263db86
S
Startup Init Lite
项目概览
OpenHarmony
/
Startup Init Lite
1 年多 前同步成功
通知
3
Star
37
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
S
Startup Init Lite
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
未验证
提交
2263db86
编写于
10月 28, 2022
作者:
O
openharmony_ci
提交者:
Gitee
10月 28, 2022
浏览文件
操作
浏览文件
下载
差异文件
!1429 socket create context同步monthly
Merge pull request !1429 from renwei/cherry-pick-1666687007
上级
dd9af471
d38be9f1
变更
2
隐藏空白更改
内联
并排
Showing
2 changed file
with
40 addition
and
9 deletion
+40
-9
services/init/init_service_socket.c
services/init/init_service_socket.c
+2
-0
services/modules/selinux/selinux_adp.c
services/modules/selinux/selinux_adp.c
+38
-9
未找到文件。
services/init/init_service_socket.c
浏览文件 @
2263db86
...
@@ -209,7 +209,9 @@ int CreateServiceSocket(Service *service)
...
@@ -209,7 +209,9 @@ int CreateServiceSocket(Service *service)
int
ret
=
0
;
int
ret
=
0
;
ServiceSocket
*
tmpSock
=
service
->
socketCfg
;
ServiceSocket
*
tmpSock
=
service
->
socketCfg
;
while
(
tmpSock
!=
NULL
)
{
while
(
tmpSock
!=
NULL
)
{
PluginExecCmdByName
(
"setSockCreateCon"
,
service
->
name
);
int
fd
=
CreateSocket
(
tmpSock
);
int
fd
=
CreateSocket
(
tmpSock
);
PluginExecCmdByName
(
"setSockCreateCon"
,
NULL
);
INIT_CHECK_RETURN_VALUE
(
fd
>=
0
,
-
1
);
INIT_CHECK_RETURN_VALUE
(
fd
>=
0
,
-
1
);
if
(
IsOnDemandService
(
service
))
{
if
(
IsOnDemandService
(
service
))
{
if
(
IsConnectionBasedSocket
(
tmpSock
))
{
if
(
IsConnectionBasedSocket
(
tmpSock
))
{
...
...
services/modules/selinux/selinux_adp.c
浏览文件 @
2263db86
...
@@ -23,7 +23,13 @@
...
@@ -23,7 +23,13 @@
#include <policycoreutils.h>
#include <policycoreutils.h>
#include <selinux/selinux.h>
#include <selinux/selinux.h>
#define CMD_RESTORE_INDEX 2
enum
{
CMD_LOAD_POLICY
=
0
,
CMD_SET_SERVICE_CONTEXTS
=
1
,
CMD_SET_SOCKET_CONTEXTS
=
2
,
CMD_RESTORE_INDEX
=
3
,
};
static
int
LoadSelinuxPolicy
(
int
id
,
const
char
*
name
,
int
argc
,
const
char
**
argv
)
static
int
LoadSelinuxPolicy
(
int
id
,
const
char
*
name
,
int
argc
,
const
char
**
argv
)
{
{
UNUSED
(
id
);
UNUSED
(
id
);
...
@@ -62,6 +68,25 @@ static int SetServiceContent(int id, const char *name, int argc, const char **ar
...
@@ -62,6 +68,25 @@ static int SetServiceContent(int id, const char *name, int argc, const char **ar
return
0
;
return
0
;
}
}
static
int
SetSockCreateCon
(
int
id
,
const
char
*
name
,
int
argc
,
const
char
**
argv
)
{
PLUGIN_CHECK
(
name
!=
NULL
&&
argc
>=
1
&&
argv
!=
NULL
,
return
-
1
,
"Invalid parameter"
);
if
(
argv
[
0
]
==
NULL
)
{
setsockcreatecon
(
NULL
);
return
0
;
}
ServiceExtData
*
data
=
GetServiceExtData
(
argv
[
0
],
HOOK_ID_SELINUX
);
if
(
data
!=
NULL
)
{
if
(
setsockcreatecon
((
char
*
)
data
->
data
)
<
0
)
{
PLUGIN_LOGE
(
"failed to set socket context %s's secon (%s)."
,
argv
[
0
],
(
char
*
)
data
->
data
);
_exit
(
PROCESS_EXIT_CODE
);
}
}
return
0
;
}
static
int
RestoreContentRecurse
(
int
id
,
const
char
*
name
,
int
argc
,
const
char
**
argv
)
static
int
RestoreContentRecurse
(
int
id
,
const
char
*
name
,
int
argc
,
const
char
**
argv
)
{
{
PLUGIN_CHECK
(
name
!=
NULL
&&
argc
>=
1
&&
argv
!=
NULL
,
return
-
1
,
"Invalid parameter"
);
PLUGIN_CHECK
(
name
!=
NULL
&&
argc
>=
1
&&
argv
!=
NULL
,
return
-
1
,
"Invalid parameter"
);
...
@@ -72,21 +97,25 @@ static int RestoreContentRecurse(int id, const char *name, int argc, const char
...
@@ -72,21 +97,25 @@ static int RestoreContentRecurse(int id, const char *name, int argc, const char
return
0
;
return
0
;
}
}
static
int32_t
selinuxAdpCmdIds
[
3
]
=
{
0
};
// 3
cmd count
static
int32_t
selinuxAdpCmdIds
[
CMD_RESTORE_INDEX
+
1
]
=
{
0
};
// 4
cmd count
static
void
SelinuxAdpInit
(
void
)
static
void
SelinuxAdpInit
(
void
)
{
{
selinuxAdpCmdIds
[
0
]
=
AddCmdExecutor
(
"loadSelinuxPolicy"
,
LoadSelinuxPolicy
);
selinuxAdpCmdIds
[
CMD_LOAD_POLICY
]
=
AddCmdExecutor
(
"loadSelinuxPolicy"
,
LoadSelinuxPolicy
);
selinuxAdpCmdIds
[
1
]
=
AddCmdExecutor
(
"setServiceContent"
,
SetServiceContent
);
selinuxAdpCmdIds
[
CMD_SET_SERVICE_CONTEXTS
]
=
AddCmdExecutor
(
"setServiceContent"
,
SetServiceContent
);
selinuxAdpCmdIds
[
CMD_SET_SOCKET_CONTEXTS
]
=
AddCmdExecutor
(
"setSockCreateCon"
,
SetSockCreateCon
);
selinuxAdpCmdIds
[
CMD_RESTORE_INDEX
]
=
AddCmdExecutor
(
"restoreContentRecurse"
,
RestoreContentRecurse
);
selinuxAdpCmdIds
[
CMD_RESTORE_INDEX
]
=
AddCmdExecutor
(
"restoreContentRecurse"
,
RestoreContentRecurse
);
}
}
static
void
SelinuxAdpExit
(
void
)
static
void
SelinuxAdpExit
(
void
)
{
{
if
(
selinuxAdpCmdIds
[
0
]
!=
-
1
)
{
if
(
selinuxAdpCmdIds
[
CMD_LOAD_POLICY
]
!=
-
1
)
{
RemoveCmdExecutor
(
"loadSelinuxPolicy"
,
selinuxAdpCmdIds
[
0
]);
RemoveCmdExecutor
(
"loadSelinuxPolicy"
,
selinuxAdpCmdIds
[
CMD_LOAD_POLICY
]);
}
}
if
(
selinuxAdpCmdIds
[
1
]
!=
-
1
)
{
if
(
selinuxAdpCmdIds
[
CMD_SET_SERVICE_CONTEXTS
]
!=
-
1
)
{
RemoveCmdExecutor
(
"setServiceContent"
,
selinuxAdpCmdIds
[
1
]);
RemoveCmdExecutor
(
"setServiceContent"
,
selinuxAdpCmdIds
[
CMD_SET_SERVICE_CONTEXTS
]);
}
if
(
selinuxAdpCmdIds
[
CMD_SET_SOCKET_CONTEXTS
]
!=
-
1
)
{
RemoveCmdExecutor
(
"setSockCreateCon"
,
selinuxAdpCmdIds
[
CMD_SET_SOCKET_CONTEXTS
]);
}
}
if
(
selinuxAdpCmdIds
[
CMD_RESTORE_INDEX
]
!=
-
1
)
{
if
(
selinuxAdpCmdIds
[
CMD_RESTORE_INDEX
]
!=
-
1
)
{
RemoveCmdExecutor
(
"restoreContentRecurse"
,
selinuxAdpCmdIds
[
CMD_RESTORE_INDEX
]);
RemoveCmdExecutor
(
"restoreContentRecurse"
,
selinuxAdpCmdIds
[
CMD_RESTORE_INDEX
]);
...
@@ -103,4 +132,4 @@ MODULE_DESTRUCTOR(void)
...
@@ -103,4 +132,4 @@ MODULE_DESTRUCTOR(void)
{
{
PLUGIN_LOGI
(
"Selinux adapter plug-in exit now ..."
);
PLUGIN_LOGI
(
"Selinux adapter plug-in exit now ..."
);
SelinuxAdpExit
();
SelinuxAdpExit
();
}
}
\ No newline at end of file
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录