basic: add mknodat_label()

Add helper for mknodat(2) which creates the destination with the correct security label.
2025-01-07 21:18:41 +03:00 · 2024-04-27 21:22:02 +02:00 · 2024-04-27 21:22:02 +02:00 · 22b768d127
commit 22b768d127
parent aab7bb5968
2 changed files with 10 additions and 5 deletions
--- a/src/shared/label-util.c
+++ b/src/shared/label-util.c
@ -81,22 +81,23 @@ int symlink_atomic_full_label(const char *from, const char *to, bool make_relati
        return mac_smack_fix(to, 0);
 }
-int mknod_label(const char *pathname, mode_t mode, dev_t dev) {
+int mknodat_label(int dirfd, const char *pathname, mode_t mode, dev_t dev) {
        int r;
        assert(dirfd >= 0 || dirfd == AT_FDCWD);
        assert(pathname);
-        r = mac_selinux_create_file_prepare(pathname, mode);
+        r = mac_selinux_create_file_prepare_at(dirfd, pathname, mode);
        if (r < 0)
                return r;
-        r = RET_NERRNO(mknod(pathname, mode, dev));
+        r = RET_NERRNO(mknodat(dirfd, pathname, mode, dev));
        mac_selinux_create_file_clear();
        if (r < 0)
                return r;
-        return mac_smack_fix(pathname, 0);
+        return mac_smack_fix_full(dirfd, pathname, NULL, 0);
 }
 int btrfs_subvol_make_label(const char *path) {
--- a/src/shared/label-util.h
+++ b/src/shared/label-util.h
@ -21,7 +21,11 @@ int symlink_atomic_full_label(const char *from, const char *to, bool make_relati
 static inline int symlink_atomic_label(const char *from, const char *to) {
        return symlink_atomic_full_label(from, to, false);
 }
-int mknod_label(const char *pathname, mode_t mode, dev_t dev);
+
 int mknodat_label(int dirfd, const char *pathname, mode_t mode, dev_t dev);
 static inline int mknod_label(const char *pathname, mode_t mode, dev_t dev) {
        return mknodat_label(AT_FDCWD, pathname, mode, dev);
 }
 int btrfs_subvol_make_label(const char *path);