| Message ID | 20220706113804.8272-1-cgzones@googlemail.com (mailing list archive) |
|---|---|
| State | Accepted |
| Commit | ba9820a0020d |
| Headers | show |
| Series | [v2] libselinux: set errno to EBADF on O_PATH emulation ENOENT failure | expand |
On Wed, Jul 6, 2022 at 7:42 AM Christian Göttsche <cgzones@googlemail.com> wrote: > > When the O_PATH emulation fails due to getxattr(2)/setxattr(2) failing > with ENOENT, e.g. because no procfs being available, override the errno > value to EBADF. This avoids confusion to the caller as it would suggest > the target of the operation does not exist, which is not the case: > > setfiles: Could not set context for /: No such file or directory > > Fixes: a782abf2 ("libselinux: emulate O_PATH support in fgetfilecon/fsetfilecon") > Signed-off-by: Christian Göttsche <cgzones@googlemail.com> Acked-by: James Carter <jwcart2@gmail.com> > --- > v2: > only override errno on ENOENT > Signed-off-by: Christian Göttsche <cgzones@googlemail.com> > --- > libselinux/src/fgetfilecon.c | 5 ++++- > libselinux/src/fsetfilecon.c | 5 ++++- > 2 files changed, 8 insertions(+), 2 deletions(-) > > diff --git a/libselinux/src/fgetfilecon.c b/libselinux/src/fgetfilecon.c > index baf38ec1..d7051171 100644 > --- a/libselinux/src/fgetfilecon.c > +++ b/libselinux/src/fgetfilecon.c > @@ -26,7 +26,10 @@ static ssize_t fgetxattr_wrapper(int fd, const char *name, void *value, size_t s > > snprintf(buf, sizeof(buf), "/proc/self/fd/%d", fd); > errno = saved_errno; > - return getxattr(buf, name, value, size); > + ret = getxattr(buf, name, value, size); > + if (ret < 0 && errno == ENOENT) > + errno = EBADF; > + return ret; > } > > int fgetfilecon_raw(int fd, char ** context) > diff --git a/libselinux/src/fsetfilecon.c b/libselinux/src/fsetfilecon.c > index be821c7a..19ea15b7 100644 > --- a/libselinux/src/fsetfilecon.c > +++ b/libselinux/src/fsetfilecon.c > @@ -25,7 +25,10 @@ static int fsetxattr_wrapper(int fd, const char* name, const void* value, size_t > > snprintf(buf, sizeof(buf), "/proc/self/fd/%d", fd); > errno = saved_errno; > - return setxattr(buf, name, value, size, flags); > + rc = setxattr(buf, name, value, size, flags); > + if (rc < 0 && errno == ENOENT) > + errno = EBADF; > + return rc; > } > > int fsetfilecon_raw(int fd, const char * context) > -- > 2.36.1 >
On Thu, Jul 7, 2022 at 1:44 PM James Carter <jwcart2@gmail.com> wrote: > > On Wed, Jul 6, 2022 at 7:42 AM Christian Göttsche > <cgzones@googlemail.com> wrote: > > > > When the O_PATH emulation fails due to getxattr(2)/setxattr(2) failing > > with ENOENT, e.g. because no procfs being available, override the errno > > value to EBADF. This avoids confusion to the caller as it would suggest > > the target of the operation does not exist, which is not the case: > > > > setfiles: Could not set context for /: No such file or directory > > > > Fixes: a782abf2 ("libselinux: emulate O_PATH support in fgetfilecon/fsetfilecon") > > Signed-off-by: Christian Göttsche <cgzones@googlemail.com> > > Acked-by: James Carter <jwcart2@gmail.com> > Merged. Thanks, Jim > > --- > > v2: > > only override errno on ENOENT > > Signed-off-by: Christian Göttsche <cgzones@googlemail.com> > > --- > > libselinux/src/fgetfilecon.c | 5 ++++- > > libselinux/src/fsetfilecon.c | 5 ++++- > > 2 files changed, 8 insertions(+), 2 deletions(-) > > > > diff --git a/libselinux/src/fgetfilecon.c b/libselinux/src/fgetfilecon.c > > index baf38ec1..d7051171 100644 > > --- a/libselinux/src/fgetfilecon.c > > +++ b/libselinux/src/fgetfilecon.c > > @@ -26,7 +26,10 @@ static ssize_t fgetxattr_wrapper(int fd, const char *name, void *value, size_t s > > > > snprintf(buf, sizeof(buf), "/proc/self/fd/%d", fd); > > errno = saved_errno; > > - return getxattr(buf, name, value, size); > > + ret = getxattr(buf, name, value, size); > > + if (ret < 0 && errno == ENOENT) > > + errno = EBADF; > > + return ret; > > } > > > > int fgetfilecon_raw(int fd, char ** context) > > diff --git a/libselinux/src/fsetfilecon.c b/libselinux/src/fsetfilecon.c > > index be821c7a..19ea15b7 100644 > > --- a/libselinux/src/fsetfilecon.c > > +++ b/libselinux/src/fsetfilecon.c > > @@ -25,7 +25,10 @@ static int fsetxattr_wrapper(int fd, const char* name, const void* value, size_t > > > > snprintf(buf, sizeof(buf), "/proc/self/fd/%d", fd); > > errno = saved_errno; > > - return setxattr(buf, name, value, size, flags); > > + rc = setxattr(buf, name, value, size, flags); > > + if (rc < 0 && errno == ENOENT) > > + errno = EBADF; > > + return rc; > > } > > > > int fsetfilecon_raw(int fd, const char * context) > > -- > > 2.36.1 > >
diff --git a/libselinux/src/fgetfilecon.c b/libselinux/src/fgetfilecon.c index baf38ec1..d7051171 100644 --- a/libselinux/src/fgetfilecon.c +++ b/libselinux/src/fgetfilecon.c @@ -26,7 +26,10 @@ static ssize_t fgetxattr_wrapper(int fd, const char *name, void *value, size_t s snprintf(buf, sizeof(buf), "/proc/self/fd/%d", fd); errno = saved_errno; - return getxattr(buf, name, value, size); + ret = getxattr(buf, name, value, size); + if (ret < 0 && errno == ENOENT) + errno = EBADF; + return ret; } int fgetfilecon_raw(int fd, char ** context) diff --git a/libselinux/src/fsetfilecon.c b/libselinux/src/fsetfilecon.c index be821c7a..19ea15b7 100644 --- a/libselinux/src/fsetfilecon.c +++ b/libselinux/src/fsetfilecon.c @@ -25,7 +25,10 @@ static int fsetxattr_wrapper(int fd, const char* name, const void* value, size_t snprintf(buf, sizeof(buf), "/proc/self/fd/%d", fd); errno = saved_errno; - return setxattr(buf, name, value, size, flags); + rc = setxattr(buf, name, value, size, flags); + if (rc < 0 && errno == ENOENT) + errno = EBADF; + return rc; } int fsetfilecon_raw(int fd, const char * context)
When the O_PATH emulation fails due to getxattr(2)/setxattr(2) failing with ENOENT, e.g. because no procfs being available, override the errno value to EBADF. This avoids confusion to the caller as it would suggest the target of the operation does not exist, which is not the case: setfiles: Could not set context for /: No such file or directory Fixes: a782abf2 ("libselinux: emulate O_PATH support in fgetfilecon/fsetfilecon") Signed-off-by: Christian Göttsche <cgzones@googlemail.com> --- v2: only override errno on ENOENT Signed-off-by: Christian Göttsche <cgzones@googlemail.com> --- libselinux/src/fgetfilecon.c | 5 ++++- libselinux/src/fsetfilecon.c | 5 ++++- 2 files changed, 8 insertions(+), 2 deletions(-)