From 45d71f938a2e92662a14097b7e1c27c13137c5f6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Renaud=20M=C3=A9trich?= Date: Wed, 29 Jan 2020 15:22:47 +0100 Subject: [PATCH 149/149] Implement --secontext[=full] option to display SELinux contexts This is very useful when debugging SELinux issues, in particular, when a process runs in an unexpected context or didn't transition properly, or typically when a file being opened does not have the proper context. When --secontext=full is specified, strace will print the complete context (user, role, type and category) instead of just the type which is printed for --secontext option, as shown in the examples below: Without any "--secontext" options: ----------------------------------------------------------------------- 118104 16:52:11.141122 select(9, [4 6], NULL, NULL, NULL) = 1 (in [4]) <1.845416> 119820 16:52:13.133319 openat(AT_FDCWD, "/home/rmetrich/.ssh/authorized_keys", O_RDONLY|O_NONBLOCK) = 11 <0.000399> ----------------------------------------------------------------------- With "--secontext=full" option: ----------------------------------------------------------------------- 118104 [system_u:system_r:sshd_t:s0-s0:c0.c1023] 16:52:11.141122 select(9, [4 6], NULL, NULL, NULL) = 1 (in [4]) <1.845416> 119820 [system_u:system_r:sshd_t:s0-s0:c0.c1023] 16:52:13.133319 openat(AT_FDCWD, "/home/rmetrich/.ssh/authorized_keys" [system_u:object_r:nfs_t:s0], O_RDONLY|O_NONBLOCK) = 11 [system_u:object_r:nfs_t:s0] <0.000399> ----------------------------------------------------------------------- With "--secontext" option: ----------------------------------------------------------------------- 118104 [sshd_t] 16:52:11.141122 select(9, [4 6], NULL, NULL, NULL) = 1 (in [4]) <1.845416> 119820 [sshd_t] 16:52:13.133319 openat(AT_FDCWD, "/home/rmetrich/.ssh/authorized_keys" [nfs_t], O_RDONLY|O_NONBLOCK) = 11 [nfs_t] <0.000399> ----------------------------------------------------------------------- To implement this, a new "--with-libselinux" configure option has been introduced. It defaults to "check", which means automatic support on SELinux aware systems. Co-authored-by: Dmitry V. Levin --- Makefile.am | 10 +++ NEWS | 3 + bootstrap | 11 ++- configure.ac | 2 + defs.h | 9 ++ dirent.c | 3 + m4/mpers.m4 | 26 ++++++ m4/st_selinux.m4 | 80 ++++++++++++++++++ open.c | 3 + secontext.c | 139 +++++++++++++++++++++++++++++++ secontext.h | 21 +++++ strace.1.in | 9 ++ strace.c | 53 +++++++++++- strace.spec.in | 3 + syscall.c | 5 ++ tests/.gitignore | 5 ++ tests/Makefile.am | 11 +++ tests/access.c | 23 +++++- tests/chmod.c | 35 +++++--- tests/execve.c | 53 +++++++++--- tests/execve.test | 2 +- tests/execveat.c | 122 +++++++++++++++++++++++++-- tests/faccessat.c | 137 ++++++++++++++++++++++++++++++- tests/faccessat.test | 2 +- tests/fanotify_mark.c | 121 +++++++++++++++++---------- tests/fchmod.c | 23 ++++-- tests/fchmodat.c | 67 +++++++++++++-- tests/fchownat.c | 73 +++++++++++++++-- tests/file_handle.c | 204 +++++++++++++++++++++++++++++++--------------- tests/gen_secontext.sh | 72 ++++++++++++++++ tests/gen_tests.in | 30 +++++++ tests/linkat.c | 150 +++++++++++++++++++++++++++++++++- tests/open.c | 18 ++-- tests/openat.c | 91 +++++++++++++++++---- tests/options-syntax.test | 13 ++- tests/secontext.c | 201 +++++++++++++++++++++++++++++++++++++++++++++ tests/secontext.h | 46 +++++++++++ tests/strace-V.test | 4 +- util.c | 16 ++++ xgetdents.c | 3 + 40 files changed, 1703 insertions(+), 196 deletions(-) create mode 100644 m4/st_selinux.m4 create mode 100644 secontext.c create mode 100644 secontext.h create mode 100755 tests/gen_secontext.sh create mode 100644 tests/secontext.c create mode 100644 tests/secontext.h Index: strace-5.7/Makefile.am =================================================================== --- strace-5.7.orig/Makefile.am 2021-08-24 21:08:35.376312714 +0200 +++ strace-5.7/Makefile.am 2021-08-24 21:08:43.248246086 +0200 @@ -404,11 +404,21 @@ endif endif +if ENABLE_SECONTEXT +libstrace_a_SOURCES += \ + secontext.c \ + secontext.h +strace_CPPFLAGS += $(libselinux_CPPFLAGS) +strace_LDFLAGS += $(libselinux_LDFLAGS) +strace_LDADD += $(libselinux_LIBS) +endif + @CODE_COVERAGE_RULES@ CODE_COVERAGE_BRANCH_COVERAGE = 1 CODE_COVERAGE_GENHTML_OPTIONS = $(CODE_COVERAGE_GENHTML_OPTIONS_DEFAULT) \ --prefix $(shell cd $(abs_top_srcdir)/.. && pwd || echo .) CODE_COVERAGE_IGNORE_PATTERN = '/usr/include/*' '*/tests/*' '*/tests-m32/*' '*/tests-mx32/*' + strace_CPPFLAGS += $(CODE_COVERAGE_CPPFLAGS) strace_CFLAGS += $(CODE_COVERAGE_CFLAGS) strace_LDADD += $(CODE_COVERAGE_LIBS) Index: strace-5.7/NEWS =================================================================== --- strace-5.7.orig/NEWS 2021-08-24 21:08:35.376312714 +0200 +++ strace-5.7/NEWS 2021-08-24 21:08:43.249246078 +0200 @@ -2,6 +2,9 @@ ============================================== * Improvements + * Implemented --secontext[=full] option to display SELinux contexts. + * Added --pidns-translation option for PID namespace translation (addresses + Fedora bug #1035433). * Implemented interval specification in "when=" subexpression of syscall tampering expressions. * Added -e trace=%clock option for tracing syscalls reading of modifying Index: strace-5.7/configure.ac =================================================================== --- strace-5.7.orig/configure.ac 2021-08-24 21:08:35.376312714 +0200 +++ strace-5.7/configure.ac 2021-08-24 21:08:43.250246069 +0200 @@ -764,6 +764,8 @@ st_STACKTRACE +st_SELINUX + if test "$arch" = mips && test "$no_create" != yes; then mkdir -p linux/mips if $srcdir/linux/mips/genstub.sh \ Index: strace-5.7/defs.h =================================================================== --- strace-5.7.orig/defs.h 2021-08-24 21:08:35.377312705 +0200 +++ strace-5.7/defs.h 2021-08-24 21:08:43.251246061 +0200 @@ -287,6 +287,10 @@ */ unsigned int pid_ns; +#ifdef ENABLE_SECONTEXT + int last_dirfd; /* Use AT_FDCWD for 'not set' */ +#endif + struct mmap_cache_t *mmap_cache; /* @@ -1123,6 +1127,11 @@ extern void print_x25_addr(const void /* struct x25_address */ *addr); extern const char *get_sockaddr_by_inode(struct tcb *, int fd, unsigned long inode); extern bool print_sockaddr_by_inode(struct tcb *, int fd, unsigned long inode); + +/** + * Prints dirfd file descriptor and saves it in tcp->last_dirfd, + * the latter is used when printing SELinux contexts. + */ extern void print_dirfd(struct tcb *, int); extern int Index: strace-5.7/dirent.c =================================================================== --- strace-5.7.orig/dirent.c 2021-08-24 21:08:35.377312705 +0200 +++ strace-5.7/dirent.c 2021-08-24 21:08:43.251246061 +0200 @@ -100,6 +100,9 @@ { if (entering(tcp)) { printfd(tcp, tcp->u_arg[0]); +#ifdef ENABLE_SECONTEXT + tcp->last_dirfd = (int) tcp->u_arg[0]; +#endif tprints(", "); } else { if (tcp->u_rval == 0) Index: strace-5.7/m4/mpers.m4 =================================================================== --- strace-5.7.orig/m4/mpers.m4 2021-08-24 21:08:35.377312705 +0200 +++ strace-5.7/m4/mpers.m4 2021-08-24 21:08:43.252246052 +0200 @@ -63,9 +63,11 @@ pushdef([MPERS_NAME], translit([$1], [a-z], [A-Z])) pushdef([HAVE_MPERS], [HAVE_]MPERS_NAME[_MPERS]) pushdef([HAVE_RUNTIME], [HAVE_]MPERS_NAME[_RUNTIME]) +pushdef([HAVE_SELINUX_RUNTIME], [HAVE_]MPERS_NAME[_SELINUX_RUNTIME]) pushdef([MPERS_CFLAGS], [$cc_flags_$1]) pushdef([st_cv_cc], [st_cv_$1_cc]) pushdef([st_cv_runtime], [st_cv_$1_runtime]) +pushdef([st_cv_selinux_runtime], [st_cv_$1_selinux_runtime]) pushdef([st_cv_mpers], [st_cv_$1_mpers]) pushdef([EXEEXT], MPERS_NAME[_EXEEXT])dnl @@ -126,6 +128,26 @@ else st_cv_mpers=no fi]) + AS_IF([test "x$enable_secontext$st_cv_mpers$st_cv_runtime" = xyesyesyes], + [AC_CACHE_CHECK([whether selinux runtime works with mpers_name personality], + [st_cv_selinux_runtime], + [saved_CPPFLAGS="$CPPFLAGS" + saved_LDFLAGS="$LDFLAGS" + saved_LIBS="$LIBS" + CPPFLAGS="$CPPFLAGS $libselinux_CPPFLAGS" + LDFLAGS="$LDFLAGS $libselinux_LDFLAGS" + LIBS="$LIBS $libselinux_LIBS" + AC_LINK_IFELSE([AC_LANG_PROGRAM([[#include ]], + [[return 0]])], + [st_cv_selinux_runtime=yes], + [st_cv_selinux_runtime=no], + [st_cv_selinux_runtime=no]) + LIBS="$saved_LIBS" + LDFLAGS="$saved_LDFLAGS" + CPPFLAGS="$saved_CPPFLAGS" + ]) + ], + [st_cv_selinux_runtime=no]) if test $st_cv_mpers = yes; then AC_DEFINE(HAVE_MPERS, [1], [Define to 1 if you have mpers_name mpers support]) @@ -165,6 +187,7 @@ *) # case "$enable_mpers" st_cv_runtime=no st_cv_mpers=no + st_cv_selinux_runtime=no ;; esac @@ -187,6 +210,7 @@ esac AM_CONDITIONAL(HAVE_RUNTIME, [test "$st_cv_mpers$st_cv_runtime" = yesyes]) +AM_CONDITIONAL(HAVE_SELINUX_RUNTIME, [test "$st_cv_mpers$st_cv_selinux_runtime" = yesyes]) AM_CONDITIONAL(HAVE_MPERS, [test "$st_cv_mpers" = yes]) st_RESTORE_VAR([CC]) @@ -201,9 +225,11 @@ popdef([st_cv_mpers]) popdef([st_cv_runtime]) +popdef([st_cv_selinux_runtime]) popdef([st_cv_cc]) popdef([MPERS_CFLAGS]) popdef([HAVE_RUNTIME]) +popdef([HAVE_SELINUX_RUNTIME]) popdef([HAVE_MPERS]) popdef([MPERS_NAME]) popdef([mpers_name]) Index: strace-5.7/m4/st_selinux.m4 =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ strace-5.7/m4/st_selinux.m4 2021-08-24 21:08:43.252246052 +0200 @@ -0,0 +1,80 @@ +#!/usr/bin/m4 +# +# Copyright (c) 2020 The strace developers. +# All rights reserved. +# +# SPDX-License-Identifier: LGPL-2.1-or-later + +AC_DEFUN([st_SELINUX], [dnl + +libselinux_CPPFLAGS= +libselinux_LDFLAGS= +libselinux_LIBS= +enable_secontext=no + +AC_ARG_WITH([libselinux], + [AS_HELP_STRING([--with-libselinux], + [use libselinux to collect security contexts])], + [case "${withval}" in + yes|no|check) ;; + *) with_libselinux=yes + libselinux_CPPFLAGS="-I${withval}/include" + libselinux_LDFLAGS="-L${withval}/lib" ;; + esac], + [with_libselinux=check] +) + +AS_IF([test "x$with_libselinux" != xno], + [saved_CPPFLAGS="$CPPFLAGS" + CPPFLAGS="$CPPFLAGS $libselinux_CPPFLAGS" + found_selinux_h=no + AC_CHECK_HEADERS([selinux/selinux.h], + [found_selinux_h=yes]) + CPPFLAGS="$saved_CPPFLAGS" + AS_IF([test "x$found_selinux_h" = xyes], + [saved_LDFLAGS="$LDFLAGS" + LDFLAGS="$LDFLAGS $libselinux_LDFLAGS" + AC_CHECK_LIB([selinux],[getpidcon], + [libselinux_LIBS="-lselinux" + enable_secontext=yes + ], + [if test "x$with_libselinux" != xcheck; then + AC_MSG_FAILURE([failed to find getpidcon in libselinux]) + fi + ] + ) + AC_CHECK_LIB([selinux],[getfilecon], + [libselinux_LIBS="-lselinux" + enable_secontext=yes + ], + [if test "x$with_libselinux" != xcheck; then + AC_MSG_FAILURE([failed to find getfilecon in libselinux]) + fi + ] + ) + LDFLAGS="$saved_LDFLAGS" + ], + [if test "x$with_libselinux" != xcheck; then + AC_MSG_FAILURE([failed to find selinux.h]) + fi + ] + ) + ] +) + +AC_MSG_CHECKING([whether to enable security contexts support]) +AS_IF([test "x$enable_secontext" = xyes], + [AC_DEFINE([ENABLE_SECONTEXT], [1], + [Define to enable SELinux security contexts support]) + AC_DEFINE([HAVE_SELINUX_RUNTIME], [1], + [Define to enable SELinux security contexts testing]) + AC_SUBST(libselinux_LIBS) + AC_SUBST(libselinux_LDFLAGS) + AC_SUBST(libselinux_CPPFLAGS) + AC_MSG_RESULT([yes])], + [AC_MSG_RESULT([no])]) + +AM_CONDITIONAL([ENABLE_SECONTEXT], [test "x$enable_secontext" = xyes]) +AM_CONDITIONAL([HAVE_SELINUX_RUNTIME], [test "x$enable_secontext" = xyes]) + +]) Index: strace-5.7/open.c =================================================================== --- strace-5.7.orig/open.c 2021-08-24 21:08:35.378312697 +0200 +++ strace-5.7/open.c 2021-08-24 21:08:43.253246044 +0200 @@ -50,6 +50,9 @@ print_xlat_d(AT_FDCWD); else printfd(tcp, fd); +#ifdef ENABLE_SECONTEXT + tcp->last_dirfd = fd; +#endif } /* Index: strace-5.7/secontext.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ strace-5.7/secontext.c 2021-08-24 21:08:43.253246044 +0200 @@ -0,0 +1,139 @@ +/* + * Copyright (c) 2020-2021 The strace developers. + * All rights reserved. + * + * SPDX-License-Identifier: LGPL-2.1-or-later + */ + +#include "defs.h" + +#include +#include +#include +#include + +#include "secontext.h" +#include "xstring.h" + +bool selinux_context = false; +bool selinux_context_full = false; + +static int +getcontext(int rc, char **secontext, char **result) +{ + if (rc < 0) + return rc; + + *result = NULL; + if (!selinux_context_full) { + char *saveptr = NULL; + char *secontext_copy = xstrdup(*secontext); + const char *token; + unsigned int i; + + /* + * We only want to keep the type (3rd field, ':' separator). + */ + for (token = strtok_r(secontext_copy, ":", &saveptr), i = 0; + token; token = strtok_r(NULL, ":", &saveptr), i++) { + if (i == 2) { + *result = xstrdup(token); + break; + } + } + free(secontext_copy); + } + + if (*result == NULL) { + /* + * On the CI at least, the context may have a trailing \n, + * let's remove it just in case. + */ + size_t len = strlen(*secontext); + for (; len > 0; --len) { + if ((*secontext)[len - 1] != '\n') + break; + } + *result = xstrndup(*secontext, len); + } + freecon(*secontext); + return 0; +} +/* + * Retrieves the SELinux context of the given PID (extracted from the tcb). + * Memory must be freed. + * Returns 0 on success, -1 on failure. + */ +int +selinux_getpidcon(struct tcb *tcp, char **result) +{ + if (!selinux_context) + return -1; + + int proc_pid = 0; + translate_pid(NULL, tcp->pid, PT_TID, &proc_pid); + if (!proc_pid) + return -1; + + char *secontext; + return getcontext(getpidcon(proc_pid, &secontext), &secontext, result); +} + +/* + * Retrieves the SELinux context of the given pid and descriptor. + * Memory must be freed. + * Returns 0 on success, -1 on failure. + */ +int +selinux_getfdcon(pid_t pid, int fd, char **result) +{ + if (!selinux_context || pid <= 0 || fd < 0) + return -1; + + int proc_pid = 0; + translate_pid(NULL, pid, PT_TID, &proc_pid); + if (!proc_pid) + return -1; + + char linkpath[sizeof("/proc/%u/fd/%u") + 2 * sizeof(int)*3]; + xsprintf(linkpath, "/proc/%u/fd/%u", proc_pid, fd); + + char *secontext; + return getcontext(getfilecon(linkpath, &secontext), &secontext, result); +} + +/* + * Retrieves the SELinux context of the given path. + * Memory must be freed. + * Returns 0 on success, -1 on failure. + */ +int +selinux_getfilecon(struct tcb *tcp, const char *path, char **result) +{ + if (!selinux_context) + return -1; + + int proc_pid = 0; + translate_pid(NULL, tcp->pid, PT_TID, &proc_pid); + if (!proc_pid) + return -1; + + int ret = -1; + char fname[PATH_MAX]; + + if (path[0] == '/') + ret = snprintf(fname, sizeof(fname), "/proc/%u/root%s", + proc_pid, path); + else if (tcp->last_dirfd == AT_FDCWD) + ret = snprintf(fname, sizeof(fname), "/proc/%u/cwd/%s", + proc_pid, path); + else if (tcp->last_dirfd >= 0 ) + ret = snprintf(fname, sizeof(fname), "/proc/%u/fd/%u/%s", + proc_pid, tcp->last_dirfd, path); + + if ((unsigned int) ret >= sizeof(fname)) + return -1; + + char *secontext; + return getcontext(getfilecon(fname, &secontext), &secontext, result); +} Index: strace-5.7/secontext.h =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ strace-5.7/secontext.h 2021-08-24 21:08:43.253246044 +0200 @@ -0,0 +1,21 @@ +/* + * SELinux interface. + * + * Copyright (c) 2020-2021 The strace developers. + * + * SPDX-License-Identifier: LGPL-2.1-or-later + */ + +#ifndef STRACE_SECONTEXT_H +#define STRACE_SECONTEXT_H + +#include "defs.h" + +extern bool selinux_context; +extern bool selinux_context_full; + +int selinux_getfdcon(pid_t pid, int fd, char **context); +int selinux_getfilecon(struct tcb *tcp, const char *path, char **context); +int selinux_getpidcon(struct tcb *tcp, char **context); + +#endif /* !STRACE_SECONTEXT_H */ Index: strace-5.7/strace.1.in =================================================================== --- strace-5.7.orig/strace.1.in 2021-08-24 21:08:35.379312688 +0200 +++ strace-5.7/strace.1.in 2021-08-24 21:08:43.254246035 +0200 @@ -53,6 +53,7 @@ .OM \-P path .OM \-p pid .OP \-\-seccomp\-bpf +.if '@ENABLE_SECONTEXT_FALSE@'#' .OP \-\-secontext\fR[=full] .BR "" { .OR \-p pid .BR "" | @@ -1079,6 +1080,14 @@ .B \-\-pidns\-translation If strace and tracee are in different PID namespaces, print PIDs in strace's namespace, too. +.if '@ENABLE_SECONTEXT_FALSE@'#' .TP +.if '@ENABLE_SECONTEXT_FALSE@'#' .BR \-\-secontext "[=full]" +.if '@ENABLE_SECONTEXT_FALSE@'#' When SELinux is available and is not disabled, +.if '@ENABLE_SECONTEXT_FALSE@'#' print in square brackets SELinux contexts of +.if '@ENABLE_SECONTEXT_FALSE@'#' processes, files, and descriptors. When +.if '@ENABLE_SECONTEXT_FALSE@'#' .B full +.if '@ENABLE_SECONTEXT_FALSE@'#' is specified, print the complete context (user, +.if '@ENABLE_SECONTEXT_FALSE@'#' role, type and category) instead of just the type. .SS Statistics .TP 12 .B \-c Index: strace-5.7/strace.c =================================================================== --- strace-5.7.orig/strace.c 2021-08-24 21:08:35.380312680 +0200 +++ strace-5.7/strace.c 2021-08-24 21:08:43.255246027 +0200 @@ -40,6 +40,7 @@ #include "xstring.h" #include "delay.h" #include "wait.h" +#include "secontext.h" /* In some libc, these aren't declared. Do it ourself: */ extern char **environ; @@ -239,6 +240,9 @@ " no-mx32-mpers" # endif #endif /* SUPPORTED_PERSONALITIES > 2 */ +#ifdef ENABLE_SECONTEXT + " secontext" +#endif ""; printf("%s -- version %s\n" @@ -258,11 +262,17 @@ #else # define K_OPT "" #endif +#ifdef ENABLE_SECONTEXT +# define SECONTEXT_OPT "[--secontext[=full]]\n" +#else +# define SECONTEXT_OPT "" +#endif printf("\ Usage: strace [-ACdffhi" K_OPT "qqrtttTvVwxxyyzZ] [-I N] [-b execve] [-e EXPR]...\n\ [-a COLUMN] [-o FILE] [-s STRSIZE] [-X FORMAT] [-O OVERHEAD]\n\ - [-S SORTBY] [-P PATH]... [-p PID]... [-U COLUMNS] [--seccomp-bpf]\n\ + [-S SORTBY] [-P PATH]... [-p PID]... [-U COLUMNS] [--seccomp-bpf]\n"\ + SECONTEXT_OPT "\ { -p PID | [-DDD] [-E VAR=VAL]... [-u USERNAME] PROG [ARGS] }\n\ or: strace -c[dfwzZ] [-I N] [-b execve] [-e EXPR]... [-O OVERHEAD]\n\ [-S SORTBY] [-P PATH]... [-p PID]... [-U COLUMNS] [--seccomp-bpf]\n\ @@ -401,6 +411,14 @@ -yy, --decode-fds=all\n\ print all available information associated with file\n\ descriptors in addition to paths\n\ +" +#ifdef ENABLE_SECONTEXT +"\ + --secontext[=full]\n\ + print SELinux contexts (type only unless 'full' is specified)\n\ +" +#endif +"\ \n\ Statistics:\n\ -c, --summary-only\n\ @@ -774,6 +792,14 @@ else if (nprocs > 1 && !outfname) tprintf("[pid %5u] ", tcp->pid); +#ifdef ENABLE_SECONTEXT + char *context; + if (!selinux_getpidcon(tcp, &context)) { + tprintf("[%s] ", context); + free(context); + } +#endif + if (tflag_format) { struct timespec ts; clock_gettime(CLOCK_REALTIME, &ts); @@ -885,6 +911,9 @@ #if SUPPORTED_PERSONALITIES > 1 tcp->currpers = current_personality; #endif +#ifdef ENABLE_SECONTEXT + tcp->last_dirfd = AT_FDCWD; +#endif nprocs++; debug_msg("new tcb for pid %d, active tcbs:%d", tcp->pid, nprocs); @@ -2027,6 +2056,9 @@ GETOPT_OUTPUT_SEPARATELY, GETOPT_TS, GETOPT_PIDNS_TRANSLATION, +#ifdef ENABLE_SECONTEXT + GETOPT_SECONTEXT, +#endif GETOPT_QUAL_TRACE, GETOPT_QUAL_ABBREV, @@ -2082,6 +2114,9 @@ { "failed-only", no_argument, 0, 'Z' }, { "failing-only", no_argument, 0, 'Z' }, { "seccomp-bpf", no_argument, 0, GETOPT_SECCOMP }, +#ifdef ENABLE_SECONTEXT + { "secontext", optional_argument, 0, GETOPT_SECONTEXT }, +#endif { "trace", required_argument, 0, GETOPT_QUAL_TRACE }, { "abbrev", required_argument, 0, GETOPT_QUAL_ABBREV }, @@ -2307,6 +2342,17 @@ case GETOPT_SECCOMP: seccomp_filtering = true; break; +#ifdef ENABLE_SECONTEXT + case GETOPT_SECONTEXT: + selinux_context = true; + if (optarg) { + if (!strcmp(optarg, "full")) + selinux_context_full = true; + else + error_opt_arg(c, lopt, optarg); + } + break; +#endif case GETOPT_QUAL_TRACE: qualify_trace(optarg); break; @@ -2486,6 +2532,11 @@ if (!number_set_array_is_empty(decode_fd_set, 0)) error_msg("-y/--decode-fds has no effect " "with -c/--summary-only"); +#ifdef ENABLE_SECONTEXT + if (selinux_context) + error_msg("--secontext has no effect with " + "-c/--summary-only"); +#endif } if (!outfname) { Index: strace-5.7/strace.spec.in =================================================================== --- strace-5.7.orig/strace.spec.in 2021-08-24 21:08:35.380312680 +0200 +++ strace-5.7/strace.spec.in 2021-08-24 21:08:43.255246027 +0200 @@ -29,11 +29,14 @@ # Install binutils-devel to enable symbol demangling. %if 0%{?fedora} >= 20 || 0%{?centos} >= 6 || 0%{?rhel} >= 6 %define buildrequires_stacktrace BuildRequires: elfutils-devel binutils-devel +%define buildrequires_selinux BuildRequires: libselinux-devel %endif %if 0%{?suse_version} >= 1100 %define buildrequires_stacktrace BuildRequires: libdw-devel binutils-devel +%define buildrequires_selinux BuildRequires: libselinux-devel %endif %{?buildrequires_stacktrace} +%{?buildrequires_selinux} # OBS compatibility %{?!buildroot:BuildRoot: %_tmppath/buildroot-%name-%version-%release} Index: strace-5.7/syscall.c =================================================================== --- strace-5.7.orig/syscall.c 2021-08-24 21:08:35.381312671 +0200 +++ strace-5.7/syscall.c 2021-08-24 21:08:43.256246018 +0200 @@ -23,6 +23,7 @@ #include "delay.h" #include "retval.h" #include +#include /* for struct iovec */ #include @@ -982,6 +983,10 @@ tcp->sys_func_rval = 0; free_tcb_priv_data(tcp); +#ifdef ENABLE_SECONTEXT + tcp->last_dirfd = AT_FDCWD; +#endif + if (cflag) tcp->ltime = tcp->stime; } Index: strace-5.7/tests/Makefile.am =================================================================== --- strace-5.7.orig/tests/Makefile.am 2021-08-24 21:08:35.381312671 +0200 +++ strace-5.7/tests/Makefile.am 2021-08-24 21:08:43.257246010 +0200 @@ -28,6 +28,12 @@ -DTESTS_SIZEOF_LONG=$(SIZEOF_LONG) AM_LDFLAGS = $(ARCH_MFLAGS) +if HAVE_SELINUX_RUNTIME +libselinux_LDADD = $(libselinux_LIBS) +else +libselinux_LDADD = +endif + libtests_a_SOURCES = \ create_nl_socket.c \ create_tmpfile.c \ @@ -54,6 +60,8 @@ printxval-Xabbrev.c \ printxval-Xraw.c \ printxval-Xverbose.c \ + secontext.c \ + secontext.h \ signal2name.c \ skip_unavailable.c \ sprintrc.c \ @@ -76,7 +84,10 @@ include pure_executables.am +include secontext.am + check_PROGRAMS = $(PURE_EXECUTABLES) \ + $(secontext_EXECUTABLES) \ _newselect-P \ answer \ attach-f-p \ Index: strace-5.7/tests/access.c =================================================================== --- strace-5.7.orig/tests/access.c 2021-08-24 21:08:35.381312671 +0200 +++ strace-5.7/tests/access.c 2021-08-24 21:08:43.257246010 +0200 @@ -10,9 +10,12 @@ #ifdef __NR_access +# include # include # include +# include "secontext.h" + int main(void) { @@ -22,15 +25,27 @@ */ create_and_enter_subdir("access_subdir"); + char *my_secontext = SECONTEXT_PID_MY(); + static const char sample[] = "access_sample"; + (void) unlink(sample); + if (open(sample, O_CREAT|O_RDONLY, 0400) == -1) + perror_msg_and_fail("open: %s", sample); long rc = syscall(__NR_access, sample, F_OK); - printf("access(\"%s\", F_OK) = %ld %s (%m)\n", - sample, rc, errno2name()); + printf("%s%s(\"%s\"%s, F_OK) = %s\n", + my_secontext, "access", + sample, SECONTEXT_FILE(sample), + sprintrc(rc)); + + if (unlink(sample)) + perror_msg_and_fail("unlink: %s", sample); rc = syscall(__NR_access, sample, R_OK|W_OK|X_OK); - printf("access(\"%s\", R_OK|W_OK|X_OK) = %ld %s (%m)\n", - sample, rc, errno2name()); + printf("%s%s(\"%s\", R_OK|W_OK|X_OK) = %s\n", + my_secontext, "access", + sample, + sprintrc(rc)); leave_and_remove_subdir(); Index: strace-5.7/tests/chmod.c =================================================================== --- strace-5.7.orig/tests/chmod.c 2021-08-24 21:08:35.382312663 +0200 +++ strace-5.7/tests/chmod.c 2021-08-24 21:08:43.257246010 +0200 @@ -16,6 +16,8 @@ # include # include +# include "secontext.h" + int main(void) { @@ -25,22 +27,33 @@ */ create_and_enter_subdir("chmod_subdir"); - static const char fname[] = "chmod_test_file"; - - if (open(fname, O_CREAT|O_RDONLY, 0400) < 0) - perror_msg_and_fail("open"); - - long rc = syscall(__NR_chmod, fname, 0600); - printf("chmod(\"%s\", 0600) = %s\n", fname, sprintrc(rc)); - - if (unlink(fname)) - perror_msg_and_fail("unlink"); - - rc = syscall(__NR_chmod, fname, 051); - printf("chmod(\"%s\", 051) = %s\n", fname, sprintrc(rc)); + char *my_secontext = SECONTEXT_PID_MY(); - rc = syscall(__NR_chmod, fname, 004); - printf("chmod(\"%s\", 004) = %s\n", fname, sprintrc(rc)); + static const char sample[] = "chmod_test_file"; + (void) unlink(sample); + if (open(sample, O_CREAT|O_RDONLY, 0400) < 0) + perror_msg_and_fail("open: %s", sample); + + long rc = syscall(__NR_chmod, sample, 0600); + printf("%s%s(\"%s\"%s, 0600) = %s\n", + my_secontext, "chmod", + sample, SECONTEXT_FILE(sample), + sprintrc(rc)); + + if (unlink(sample)) + perror_msg_and_fail("unlink: %s", sample); + + rc = syscall(__NR_chmod, sample, 051); + printf("%s%s(\"%s\", 051) = %s\n", + my_secontext, "chmod", + sample, + sprintrc(rc)); + + rc = syscall(__NR_chmod, sample, 004); + printf("%s%s(\"%s\", 004) = %s\n", + my_secontext, "chmod", + sample, + sprintrc(rc)); leave_and_remove_subdir(); Index: strace-5.7/tests/execve.c =================================================================== --- strace-5.7.orig/tests/execve.c 2021-08-24 21:08:35.382312663 +0200 +++ strace-5.7/tests/execve.c 2021-08-24 21:08:43.258246001 +0200 @@ -9,9 +9,12 @@ */ #include "tests.h" +#include #include #include +#include "secontext.h" + static const char *errstr; static int @@ -52,9 +55,16 @@ char ** const tail_argv = tail_memdup(argv, sizeof(argv)); char ** const tail_envp = tail_memdup(envp, sizeof(envp)); + char *my_secontext = SECONTEXT_PID_MY(); + + (void) unlink(FILENAME); + if (open(FILENAME, O_RDONLY | O_CREAT, 0400) < 0) + perror_msg_and_fail("open"); + + char *FILENAME_secontext = SECONTEXT_FILE(FILENAME); call_execve(FILENAME, tail_argv, tail_envp); - printf("execve(\"%s\"" + printf("%s%s(\"%s\"%s" ", [\"%s\", \"%s\", \"%s\", %p, %p, %p, ... /* %p */]" #if VERBOSE ", [\"%s\", \"%s\", %p, %p, %p, ... /* %p */]" @@ -62,7 +72,9 @@ ", %p /* 5 vars, unterminated */" #endif ") = %s\n", - Q_FILENAME, q_argv[0], q_argv[1], q_argv[2], + my_secontext, "execve", + Q_FILENAME, FILENAME_secontext, + q_argv[0], q_argv[1], q_argv[2], argv[3], argv[4], argv[5], (char *) tail_argv + sizeof(argv) #if VERBOSE , q_envp[0], q_envp[1], envp[2], envp[3], envp[4], @@ -77,14 +89,16 @@ (void) q_envp; /* workaround for clang bug #33068 */ call_execve(FILENAME, tail_argv, tail_envp); - printf("execve(\"%s\", [\"%s\", \"%s\", \"%s\"]" + printf("%s%s(\"%s\"%s, [\"%s\", \"%s\", \"%s\"]" #if VERBOSE ", [\"%s\", \"%s\"]" #else ", %p /* 2 vars */" #endif ") = %s\n", - Q_FILENAME, q_argv[0], q_argv[1], q_argv[2] + my_secontext, "execve", + Q_FILENAME, FILENAME_secontext, + q_argv[0], q_argv[1], q_argv[2] #if VERBOSE , q_envp[0], q_envp[1] #else @@ -93,14 +107,16 @@ , errstr); call_execve(FILENAME, tail_argv + 2, tail_envp + 1); - printf("execve(\"%s\", [\"%s\"]" + printf("%s%s(\"%s\"%s, [\"%s\"]" #if VERBOSE ", [\"%s\"]" #else ", %p /* 1 var */" #endif ") = %s\n", - Q_FILENAME, q_argv[2] + my_secontext, "execve", + Q_FILENAME, FILENAME_secontext, + q_argv[2] #if VERBOSE , q_envp[1] #else @@ -113,13 +129,15 @@ *empty = NULL; call_execve(FILENAME, empty, empty); - printf("execve(\"%s\", []" + printf("%s%s(\"%s\"%s, []" #if VERBOSE ", []" #else ", %p /* 0 vars */" #endif - ") = %s\n", Q_FILENAME + ") = %s\n", + my_secontext, "execve", + Q_FILENAME, FILENAME_secontext #if !VERBOSE , empty #endif @@ -143,7 +161,10 @@ a[i] = b[i] = NULL; call_execve(FILENAME, a, b); - printf("execve(\"%s\", [\"%.*s\"...", Q_FILENAME, DEFAULT_STRLEN, a[0]); + printf("%s%s(\"%s\"%s, [\"%.*s\"...", + my_secontext, "execve", + Q_FILENAME, FILENAME_secontext, + DEFAULT_STRLEN, a[0]); for (i = 1; i < DEFAULT_STRLEN; ++i) printf(", \"%s\"", a[i]); #if VERBOSE @@ -162,7 +183,10 @@ printf(") = %s\n", errstr); call_execve(FILENAME, a + 1, b + 1); - printf("execve(\"%s\", [\"%s\"", Q_FILENAME, a[1]); + printf("%s%s(\"%s\"%s, [\"%s\"", + my_secontext, "execve", + Q_FILENAME, FILENAME_secontext, + a[1]); for (i = 2; i <= DEFAULT_STRLEN; ++i) printf(", \"%s\"", a[i]); #if VERBOSE @@ -175,12 +199,17 @@ #endif printf(") = %s\n", errstr); + if (unlink(FILENAME)) + perror_msg_and_fail("unlink"); + call_execve(FILENAME, (char **) tail_argv[ARRAY_SIZE(q_argv)], efault); - printf("execve(\"%s\", NULL, %p) = %s\n", + printf("%s%s(\"%s\", NULL, %p) = %s\n", + my_secontext, "execve", Q_FILENAME, efault, errstr); call_execve(FILENAME, efault, NULL); - printf("execve(\"%s\", %p, NULL) = %s\n", + printf("%s%s(\"%s\", %p, NULL) = %s\n", + my_secontext, "execve", Q_FILENAME, efault, errstr); leave_and_remove_subdir(); Index: strace-5.7/tests/execve.test =================================================================== --- strace-5.7.orig/tests/execve.test 2021-08-24 21:08:35.382312663 +0200 +++ strace-5.7/tests/execve.test 2021-08-24 21:08:43.258246001 +0200 @@ -11,7 +11,7 @@ check_prog grep run_prog > /dev/null -run_strace -eexecve $args > "$EXP" +run_strace -eexecve "$@" $args > "$EXP" # Filter out execve() call made by strace. grep -F test.execve < "$LOG" > "$OUT" Index: strace-5.7/tests/execveat.c =================================================================== --- strace-5.7.orig/tests/execveat.c 2021-08-24 21:08:35.383312654 +0200 +++ strace-5.7/tests/execveat.c 2021-08-24 21:08:43.259245993 +0200 @@ -13,9 +13,102 @@ #ifdef __NR_execveat +# include # include # include +# include "secontext.h" + +static void +tests_with_existing_file(void) +{ + /* + * Make sure the current workdir of the tracee + * is different from the current workdir of the tracer. + */ + create_and_enter_subdir("execveat_subdir"); + + char *my_secontext = SECONTEXT_PID_MY(); + + static const char sample[] = "execveat_sample"; + (void) unlink(sample); + if (open(sample, O_RDONLY | O_CREAT, 0400) < 0) + perror_msg_and_fail("open"); + + char *sample_secontext = SECONTEXT_FILE(sample); + static const char *argv[] = { sample, NULL }; + + /* + * Tests with AT_FDCWD. + */ + + long rc = syscall(__NR_execveat, -100, sample, argv, NULL, 0); + printf("%s%s(AT_FDCWD, \"%s\"%s, [\"%s\"], NULL, 0) = %s\n", + my_secontext, "execveat", + sample, sample_secontext, + argv[0], + sprintrc(rc)); + + if (unlink(sample)) + perror_msg_and_fail("unlink"); + + rc = syscall(__NR_execveat, -100, sample, argv, NULL, 0); + printf("%s%s(AT_FDCWD, \"%s\", [\"%s\"], NULL, 0) = %s\n", + my_secontext, "execveat", + sample, + argv[0], + sprintrc(rc)); + + /* + * Tests with dirfd. + */ + + int cwd_fd = get_dir_fd("."); + char *cwd = get_fd_path(cwd_fd); + char *cwd_secontext = SECONTEXT_FILE("."); + char *sample_realpath = xasprintf("%s/%s", cwd, sample); + + /* no file */ + rc = syscall(__NR_execveat, cwd_fd, sample, argv, NULL, 0); + printf("%s%s(%d%s, \"%s\", [\"%s\"], NULL, 0) = %s\n", + my_secontext, "execveat", + cwd_fd, cwd_secontext, + sample, + argv[0], + sprintrc(rc)); + + if (open(sample, O_RDONLY | O_CREAT, 0400) < 0) + perror_msg_and_fail("open"); + + rc = syscall(__NR_execveat, cwd_fd, sample, argv, NULL, 0); + printf("%s%s(%d%s, \"%s\"%s, [\"%s\"], NULL, 0) = %s\n", + my_secontext, "execveat", + cwd_fd, cwd_secontext, + sample, sample_secontext, + argv[0], + sprintrc(rc)); + + /* cwd_fd ignored when path is absolute */ + if (chdir("../..")) + perror_msg_and_fail("chdir"); + + rc = syscall(__NR_execveat, cwd_fd, sample_realpath, argv, NULL, 0); + printf("%s%s(%d%s, \"%s\"%s, [\"%s\"], NULL, 0) = %s\n", + my_secontext, "execveat", + cwd_fd, cwd_secontext, + sample_realpath, sample_secontext, + argv[0], + sprintrc(rc)); + + if (fchdir(cwd_fd)) + perror_msg_and_fail("fchdir"); + + if (unlink(sample)) + perror_msg_and_fail("unlink"); + + leave_and_remove_subdir(); +} + # define FILENAME "test.execveat\nfilename" # define Q_FILENAME "test.execveat\\nfilename" @@ -40,9 +133,10 @@ { const char ** const tail_argv = tail_memdup(argv, sizeof(argv)); const char ** const tail_envp = tail_memdup(envp, sizeof(envp)); + char *my_secontext = SECONTEXT_PID_MY(); syscall(__NR_execveat, -100, FILENAME, tail_argv, tail_envp, 0x1100); - printf("execveat(AT_FDCWD, \"%s\"" + printf("%s%s(AT_FDCWD, \"%s\"" ", [\"%s\", \"%s\", \"%s\", %p, %p, %p, ... /* %p */]" # if VERBOSE ", [\"%s\", \"%s\", %p, %p, %p, ... /* %p */]" @@ -50,6 +144,7 @@ ", %p /* 5 vars, unterminated */" # endif ", AT_SYMLINK_NOFOLLOW|AT_EMPTY_PATH) = -1 %s (%m)\n", + my_secontext, "execveat", Q_FILENAME, q_argv[0], q_argv[1], q_argv[2], argv[3], argv[4], argv[5], (char *) tail_argv + sizeof(argv), # if VERBOSE @@ -65,13 +160,14 @@ (void) q_envp; /* workaround for clang bug #33068 */ syscall(__NR_execveat, -100, FILENAME, tail_argv, tail_envp, 0x1100); - printf("execveat(AT_FDCWD, \"%s\", [\"%s\", \"%s\", \"%s\"]" + printf("%s%s(AT_FDCWD, \"%s\", [\"%s\", \"%s\", \"%s\"]" # if VERBOSE ", [\"%s\", \"%s\"]" # else ", %p /* 2 vars */" # endif ", AT_SYMLINK_NOFOLLOW|AT_EMPTY_PATH) = -1 %s (%m)\n", + my_secontext, "execveat", Q_FILENAME, q_argv[0], q_argv[1], q_argv[2], # if VERBOSE q_envp[0], q_envp[1], @@ -81,13 +177,14 @@ errno2name()); syscall(__NR_execveat, -100, FILENAME, tail_argv + 2, tail_envp + 1, 0x1100); - printf("execveat(AT_FDCWD, \"%s\", [\"%s\"]" + printf("%s%s(AT_FDCWD, \"%s\", [\"%s\"]" # if VERBOSE ", [\"%s\"]" # else ", %p /* 1 var */" # endif ", AT_SYMLINK_NOFOLLOW|AT_EMPTY_PATH) = -1 %s (%m)\n", + my_secontext, "execveat", Q_FILENAME, q_argv[2], # if VERBOSE q_envp[1], @@ -101,13 +198,14 @@ *empty = NULL; syscall(__NR_execveat, -100, FILENAME, empty, empty, 0x1100); - printf("execveat(AT_FDCWD, \"%s\", []" + printf("%s%s(AT_FDCWD, \"%s\", []" # if VERBOSE ", []" # else ", %p /* 0 vars */" # endif ", AT_SYMLINK_NOFOLLOW|AT_EMPTY_PATH) = -1 %s (%m)\n", + my_secontext, "execveat", Q_FILENAME, # if !VERBOSE empty, @@ -132,7 +230,9 @@ a[i] = b[i] = NULL; syscall(__NR_execveat, -100, FILENAME, a, b, 0x1100); - printf("execveat(AT_FDCWD, \"%s\", [\"%.*s\"...", Q_FILENAME, DEFAULT_STRLEN, a[0]); + printf("%s%s(AT_FDCWD, \"%s\", [\"%.*s\"...", + my_secontext, "execveat", + Q_FILENAME, DEFAULT_STRLEN, a[0]); for (i = 1; i < DEFAULT_STRLEN; ++i) printf(", \"%s\"", a[i]); # if VERBOSE @@ -152,7 +252,9 @@ errno2name()); syscall(__NR_execveat, -100, FILENAME, a + 1, b + 1, 0x1100); - printf("execveat(AT_FDCWD, \"%s\", [\"%s\"", Q_FILENAME, a[1]); + printf("%s%s(AT_FDCWD, \"%s\", [\"%s\"", + my_secontext, "execveat", + Q_FILENAME, a[1]); for (i = 2; i <= DEFAULT_STRLEN; ++i) printf(", \"%s\"", a[i]); # if VERBOSE @@ -167,15 +269,19 @@ errno2name()); syscall(__NR_execveat, -100, FILENAME, NULL, efault, 0x1100); - printf("execveat(AT_FDCWD, \"%s\", NULL, %p" + printf("%s%s(AT_FDCWD, \"%s\", NULL, %p" ", AT_SYMLINK_NOFOLLOW|AT_EMPTY_PATH) = -1 %s (%m)\n", + my_secontext, "execveat", Q_FILENAME, efault, errno2name()); syscall(__NR_execveat, -100, FILENAME, efault, NULL, 0x1100); - printf("execveat(AT_FDCWD, \"%s\", %p, NULL" + printf("%s%s(AT_FDCWD, \"%s\", %p, NULL" ", AT_SYMLINK_NOFOLLOW|AT_EMPTY_PATH) = -1 %s (%m)\n", + my_secontext, "execveat", Q_FILENAME, efault, errno2name()); + tests_with_existing_file(); + puts("+++ exited with 0 +++"); return 0; } Index: strace-5.7/tests/faccessat.c =================================================================== --- strace-5.7.orig/tests/faccessat.c 2021-08-24 21:08:35.383312654 +0200 +++ strace-5.7/tests/faccessat.c 2021-08-24 21:08:43.260245984 +0200 @@ -12,12 +12,16 @@ #ifdef __NR_faccessat -# include "xmalloc.h" # include # include # include -# ifndef FD_PATH +# include "secontext.h" +# include "xmalloc.h" + +# ifdef FD_PATH +# define YFLAG +# else # define FD_PATH "" # endif # ifndef SKIP_IF_PROC_IS_UNAVAILABLE @@ -43,11 +47,130 @@ return rc; } +# ifndef PATH_TRACING +static void +tests_with_existing_file(void) +{ + /* + * Make sure the current workdir of the tracee + * is different from the current workdir of the tracer. + */ + create_and_enter_subdir("faccessat_subdir"); + + char *my_secontext = SECONTEXT_PID_MY(); + + k_faccessat(-1, NULL, F_OK); + printf("%s%s(-1, NULL, F_OK) = %s\n", + my_secontext, "faccessat", errstr); + + static const char sample[] = "faccessat_sample"; + (void) unlink(sample); + int fd = open(sample, O_CREAT|O_RDONLY, 0400); + if (fd == -1) + perror_msg_and_fail("open"); + close(fd); + char *sample_secontext = SECONTEXT_FILE(sample); + + /* + * Tests with AT_FDCWD. + */ + + k_faccessat(-100, sample, F_OK); + printf("%s%s(AT_FDCWD, \"%s\"%s, F_OK) = %s\n", + my_secontext, "faccessat", + sample, sample_secontext, + errstr); + + if (unlink(sample)) + perror_msg_and_fail("unlink"); + + k_faccessat(-100, sample, F_OK); + printf("%s%s(AT_FDCWD, \"%s\", F_OK) = %s\n", + my_secontext, "faccessat", + sample, + errstr); + + /* + * Tests with dirfd. + */ + + int cwd_fd = get_dir_fd("."); + char *cwd = get_fd_path(cwd_fd); + char *cwd_secontext = SECONTEXT_FILE("."); + char *sample_realpath = xasprintf("%s/%s", cwd, sample); + + /* no file */ + k_faccessat(cwd_fd, sample, F_OK); +# ifdef YFLAG + printf("%s%s(%d<%s>%s, \"%s\", F_OK) = %s\n", +# else + printf("%s%s(%d%s, \"%s\", F_OK) = %s\n", +# endif + my_secontext, "faccessat", + cwd_fd, +# ifdef YFLAG + cwd, +# endif + cwd_secontext, + sample, + errstr); + + fd = open(sample, O_CREAT|O_RDONLY, 0400); + if (fd == -1) + perror_msg_and_fail("open"); + close(fd); + + k_faccessat(cwd_fd, sample, F_OK); +# ifdef YFLAG + printf("%s%s(%d<%s>%s, \"%s\"%s, F_OK) = %s\n", +# else + printf("%s%s(%d%s, \"%s\"%s, F_OK) = %s\n", +# endif + my_secontext, "faccessat", + cwd_fd, +# ifdef YFLAG + cwd, +# endif + cwd_secontext, + sample, sample_secontext, + errstr); + + /* cwd_fd ignored when path is absolute */ + if (chdir("../..")) + perror_msg_and_fail("chdir"); + + k_faccessat(cwd_fd, sample_realpath, F_OK); +# ifdef YFLAG + printf("%s%s(%d<%s>%s, \"%s\"%s, F_OK) = %s\n", +# else + printf("%s%s(%d%s, \"%s\"%s, F_OK) = %s\n", +# endif + my_secontext, "faccessat", + cwd_fd, +# ifdef YFLAG + cwd, +# endif + cwd_secontext, + sample_realpath, sample_secontext, + errstr); + + if (fchdir(cwd_fd)) + perror_msg_and_fail("fchdir"); + + if (unlink(sample)) + perror_msg_and_fail("unlink"); + + leave_and_remove_subdir(); +} +# endif + int main(void) { SKIP_IF_PROC_IS_UNAVAILABLE; +# ifndef TEST_SECONTEXT + TAIL_ALLOC_OBJECT_CONST_PTR(const char, unterminated); char *unterminated_str = xasprintf("%p", unterminated); const void *const efault = unterminated + 1; @@ -120,10 +243,10 @@ k_faccessat(dirfds[dirfd_i].val, paths[path_i].val, modes[mode_i].val); -# ifdef PATH_TRACING +# ifdef PATH_TRACING if (dirfds[dirfd_i].val == fd || paths[path_i].val == fd_path) -# endif +# endif printf("faccessat(%s, %s, %s) = %s\n", dirfds[dirfd_i].str, paths[path_i].str, @@ -133,6 +256,12 @@ } } +# endif /* !TEST_SECONTEXT */ + +# ifndef PATH_TRACING + tests_with_existing_file(); +# endif + puts("+++ exited with 0 +++"); return 0; } Index: strace-5.7/tests/faccessat.test =================================================================== --- strace-5.7.orig/tests/faccessat.test 2021-08-24 21:08:35.383312654 +0200 +++ strace-5.7/tests/faccessat.test 2021-08-24 21:08:43.260245984 +0200 @@ -15,5 +15,5 @@ run_strace -a23 --trace=faccessat "$@" $args > "$EXP" # Filter out faccessat() calls made by ld.so and libc. -sed -n '/^faccessat(-1, NULL,/,$p' < "$LOG" > "$OUT" +sed -n '/faccessat(-1, NULL,/,$p' < "$LOG" > "$OUT" match_diff "$OUT" "$EXP" Index: strace-5.7/tests/fanotify_mark.c =================================================================== --- strace-5.7.orig/tests/fanotify_mark.c 2021-08-24 21:07:01.122112055 +0200 +++ strace-5.7/tests/fanotify_mark.c 2021-08-24 21:08:43.261245976 +0200 @@ -3,7 +3,7 @@ * * Copyright (c) 2015-2016 Dmitry V. Levin * Copyright (c) 2016 Eugene Syromyatnikov - * Copyright (c) 2015-2020 The strace developers. + * Copyright (c) 2015-2021 The strace developers. * All rights reserved. * * SPDX-License-Identifier: GPL-2.0-or-later @@ -21,6 +21,8 @@ # include # include +# include "secontext.h" + # if XLAT_RAW # define str_fan_mark_add "0x1" # define str_fan_modify_ondir "0x40000002" @@ -35,6 +37,7 @@ # define str_at_fdcwd "AT_FDCWD" # endif +# ifndef TEST_SECONTEXT /* Performs fanotify_mark call via the syscall interface. */ static void do_call(kernel_ulong_t fd, kernel_ulong_t flags, const char *flags_str, @@ -44,18 +47,18 @@ long rc; rc = syscall(__NR_fanotify_mark, fd, flags, -# if (LONG_MAX > INT_MAX) \ - || (defined __x86_64__ && defined __ILP32__) \ - || defined LINUX_MIPSN32 +# if (LONG_MAX > INT_MAX) \ + || (defined __x86_64__ && defined __ILP32__) \ + || defined LINUX_MIPSN32 mask, -# else +# else /* arch/parisc/kernel/sys_parisc32.c, commit ab8a261b */ -# ifdef HPPA +# ifdef HPPA LL_VAL_TO_PAIR((mask << 32) | (mask >> 32)), -# else +# else LL_VAL_TO_PAIR(mask), +# endif # endif -# endif dirfd, path); printf("fanotify_mark(%d, %s, %s, %s, %s) = %s\n", @@ -68,12 +71,14 @@ const char *str; }; -# define STR16 "0123456789abcdef" -# define STR64 STR16 STR16 STR16 STR16 +# define STR16 "0123456789abcdef" +# define STR64 STR16 STR16 STR16 STR16 +# endif /* !TEST_SECONTEXT */ int main(void) { +# ifndef TEST_SECONTEXT enum { PATH1_SIZE = 64, }; @@ -87,47 +92,47 @@ { F8ILL_KULONG_MASK, "0" }, { (kernel_ulong_t) 0xdec0deddefacec00ULL, "0xefacec00" -# if !XLAT_RAW +# if !XLAT_RAW " /* FAN_MARK_??? */" -# endif +# endif }, { (kernel_ulong_t) 0xda7a105700000040ULL, -# if XLAT_RAW +# if XLAT_RAW "0x40" -# elif XLAT_VERBOSE +# elif XLAT_VERBOSE "0x40 /* FAN_MARK_IGNORED_SURV_MODIFY */" -# else +# else "FAN_MARK_IGNORED_SURV_MODIFY" -# endif +# endif }, { (kernel_ulong_t) 0xbadc0deddeadffffULL, -# if XLAT_RAW || XLAT_VERBOSE +# if XLAT_RAW || XLAT_VERBOSE "0xdeadffff" -# endif -# if XLAT_VERBOSE +# endif +# if XLAT_VERBOSE " /* " -# endif -# if !XLAT_RAW +# endif +# if !XLAT_RAW "FAN_MARK_ADD|FAN_MARK_REMOVE|FAN_MARK_DONT_FOLLOW|" "FAN_MARK_ONLYDIR|FAN_MARK_MOUNT|FAN_MARK_IGNORED_MASK|" "FAN_MARK_IGNORED_SURV_MODIFY|FAN_MARK_FLUSH|" "FAN_MARK_FILESYSTEM|0xdeadfe00" -# endif -# if XLAT_VERBOSE +# endif +# if XLAT_VERBOSE " */" -# endif +# endif }, }; static const struct strval64 masks[] = { { ARG_ULL_STR(0) }, { 0xdeadfeedffffffffULL, -# if XLAT_RAW || XLAT_VERBOSE +# if XLAT_RAW || XLAT_VERBOSE "0xdeadfeedffffffff" -# endif -# if XLAT_VERBOSE +# endif +# if XLAT_VERBOSE " /* " -# endif -# if !XLAT_RAW +# endif +# if !XLAT_RAW "FAN_ACCESS|" "FAN_MODIFY|" "FAN_ATTRIB|" @@ -149,27 +154,27 @@ "FAN_ONDIR|" "FAN_EVENT_ON_CHILD|" "0xdeadfeedb7f0a000" -# endif -# if XLAT_VERBOSE +# endif +# if XLAT_VERBOSE " */" -# endif +# endif }, { ARG_ULL_STR(0xffffffffb7f0a000) -# if !XLAT_RAW +# if !XLAT_RAW " /* FAN_??? */" -# endif +# endif }, }; static const struct strval dirfds[] = { { (kernel_ulong_t) 0xfacefeed00000001ULL, "1" }, { (kernel_ulong_t) 0xdec0ded0ffffffffULL, -# if XLAT_RAW +# if XLAT_RAW "-1" -# elif XLAT_VERBOSE +# elif XLAT_VERBOSE "-1 /* FAN_NOFD */" -# else +# else "FAN_NOFD" -# endif +# endif }, { (kernel_ulong_t) 0xbadfacedffffff9cULL, str_at_fdcwd }, { (kernel_ulong_t) 0xdefaced1beeff00dULL, "-1091571699" }, @@ -202,12 +207,6 @@ snprintf(bogus_path1_after_addr, sizeof(bogus_path1_after_addr), "%p", bogus_path1 + PATH1_SIZE); - rc = fanotify_mark(-1, FAN_MARK_ADD, FAN_MODIFY | FAN_ONDIR, - -100, "."); - printf("fanotify_mark(-1, %s, %s, %s, \".\") = %s\n", - str_fan_mark_add, str_fan_modify_ondir, str_at_fdcwd, - sprintrc(rc)); - for (i = 0; i < ARRAY_SIZE(fds); i++) { for (j = 0; j < ARRAY_SIZE(flags); j++) { for (k = 0; k < ARRAY_SIZE(masks); k++) { @@ -226,6 +225,40 @@ } } } +# else /* TEST_SECONTEXT */ + int rc; +# endif + /* + * Test with AT_FDCWD. + */ + + char *my_secontext = SECONTEXT_PID_MY(); + char path[] = "."; + char *path_secontext = SECONTEXT_FILE(path); + + rc = fanotify_mark(-1, FAN_MARK_ADD, FAN_MODIFY | FAN_ONDIR, + -100, path); + printf("%s%s(-1, %s, %s, %s, \"%s\"%s) = %s\n", + my_secontext, "fanotify_mark", + str_fan_mark_add, str_fan_modify_ondir, str_at_fdcwd, + path, path_secontext, + sprintrc(rc)); + + /* + * Test with dirfd. + */ + + int cwd_fd = get_dir_fd("."); + char *cwd_secontext = SECONTEXT_FILE("."); + + rc = fanotify_mark(-1, FAN_MARK_ADD, FAN_MODIFY | FAN_ONDIR, + cwd_fd, path); + printf("%s%s(-1, %s, %s, %d%s, \"%s\"%s) = %s\n", + my_secontext, "fanotify_mark", + str_fan_mark_add, str_fan_modify_ondir, + cwd_fd, cwd_secontext, + path, path_secontext, + sprintrc(rc)); puts("+++ exited with 0 +++"); return 0; Index: strace-5.7/tests/fchmod.c =================================================================== --- strace-5.7.orig/tests/fchmod.c 2021-08-24 21:08:35.384312646 +0200 +++ strace-5.7/tests/fchmod.c 2021-08-24 21:08:43.261245976 +0200 @@ -18,6 +18,8 @@ # include # include +# include "secontext.h" + int main(void) { @@ -27,6 +29,8 @@ */ create_and_enter_subdir("fchmod_subdir"); + char *my_secontext = SECONTEXT_PID_MY(); + static const char sample[] = "fchmod_sample_file"; (void) unlink(sample); int fd = open(sample, O_CREAT|O_RDONLY, 0400); @@ -37,16 +41,19 @@ char *sample_realpath = get_fd_path(fd); # endif + const char *sample_secontext = SECONTEXT_FILE(sample); long rc = syscall(__NR_fchmod, fd, 0600); # ifdef YFLAG - printf("fchmod(%d<%s>, 0600) = %s\n", + printf("%s%s(%d<%s>%s, 0600) = %s\n", # else - printf("fchmod(%d, 0600) = %s\n", + printf("%s%s(%d%s, 0600) = %s\n", # endif + my_secontext, "fchmod", fd, # ifdef YFLAG sample_realpath, # endif + sample_secontext, sprintrc(rc)); if (unlink(sample)) @@ -54,26 +61,30 @@ rc = syscall(__NR_fchmod, fd, 051); # ifdef YFLAG - printf("fchmod(%d<%s (deleted)>, 051) = %s\n", + printf("%s%s(%d<%s (deleted)>%s, 051) = %s\n", # else - printf("fchmod(%d, 051) = %s\n", + printf("%s%s(%d%s, 051) = %s\n", # endif + my_secontext, "fchmod", fd, # ifdef YFLAG sample_realpath, # endif + sample_secontext, sprintrc(rc)); rc = syscall(__NR_fchmod, fd, 004); # ifdef YFLAG - printf("fchmod(%d<%s (deleted)>, 004) = %s\n", + printf("%s%s(%d<%s (deleted)>%s, 004) = %s\n", # else - printf("fchmod(%d, 004) = %s\n", + printf("%s%s(%d%s, 004) = %s\n", # endif + my_secontext, "fchmod", fd, # ifdef YFLAG sample_realpath, # endif + sample_secontext, sprintrc(rc)); leave_and_remove_subdir(); Index: strace-5.7/tests/fchmodat.c =================================================================== --- strace-5.7.orig/tests/fchmodat.c 2021-08-24 21:08:35.384312646 +0200 +++ strace-5.7/tests/fchmodat.c 2021-08-24 21:08:43.261245976 +0200 @@ -17,6 +17,8 @@ # include # include +# include "secontext.h" + int main(void) { @@ -26,26 +28,81 @@ */ create_and_enter_subdir("fchmodat_subdir"); - static const char sample[] = "fchmodat_sample"; + char *my_secontext = SECONTEXT_PID_MY(); + static const char sample[] = "fchmodat_sample_file"; if (open(sample, O_RDONLY | O_CREAT, 0400) < 0) perror_msg_and_fail("open"); + char *sample_secontext = SECONTEXT_FILE(sample); + + /* + * Tests with AT_FDCWD. + */ + long rc = syscall(__NR_fchmodat, -100, sample, 0600); - printf("fchmodat(AT_FDCWD, \"%s\", 0600) = %s\n", - sample, sprintrc(rc)); + printf("%s%s(AT_FDCWD, \"%s\"%s, 0600) = %s\n", + my_secontext, "fchmodat", + sample, sample_secontext, + sprintrc(rc)); if (unlink(sample)) perror_msg_and_fail("unlink"); rc = syscall(__NR_fchmodat, -100, sample, 051); - printf("fchmodat(AT_FDCWD, \"%s\", 051) = %s\n", + printf("%s%s(AT_FDCWD, \"%s\", 051) = %s\n", + my_secontext, "fchmodat", sample, sprintrc(rc)); rc = syscall(__NR_fchmodat, -100, sample, 004); - printf("fchmodat(AT_FDCWD, \"%s\", 004) = %s\n", + printf("%s%s(AT_FDCWD, \"%s\", 004) = %s\n", + my_secontext, "fchmodat", sample, sprintrc(rc)); + /* + * Tests with dirfd. + */ + + int cwd_fd = get_dir_fd("."); + char *cwd = get_fd_path(cwd_fd); + char *cwd_secontext = SECONTEXT_FILE("."); + char *sample_realpath = xasprintf("%s/%s", cwd, sample); + + /* no file */ + rc = syscall(__NR_fchmodat, cwd_fd, sample, 0400); + printf("%s%s(%d%s, \"%s\", 0400) = %s\n", + my_secontext, "fchmodat", + cwd_fd, cwd_secontext, + sample, + sprintrc(rc)); + + if (open(sample, O_RDONLY | O_CREAT, 0400) < 0) + perror_msg_and_fail("open"); + + rc = syscall(__NR_fchmodat, cwd_fd, sample, 0400); + printf("%s%s(%d%s, \"%s\"%s, 0400) = %s\n", + my_secontext, "fchmodat", + cwd_fd, cwd_secontext, + sample, sample_secontext, + sprintrc(rc)); + + /* cwd_fd ignored when path is absolute */ + if (chdir("../..")) + perror_msg_and_fail("chdir"); + + rc = syscall(__NR_fchmodat, cwd_fd, sample_realpath, 0400); + printf("%s%s(%d%s, \"%s\"%s, 0400) = %s\n", + my_secontext, "fchmodat", + cwd_fd, cwd_secontext, + sample_realpath, sample_secontext, + sprintrc(rc)); + + if (fchdir(cwd_fd)) + perror_msg_and_fail("fchdir"); + + if (unlink(sample)) + perror_msg_and_fail("unlink"); + leave_and_remove_subdir(); puts("+++ exited with 0 +++"); Index: strace-5.7/tests/fchownat.c =================================================================== --- strace-5.7.orig/tests/fchownat.c 2021-08-24 21:08:35.384312646 +0200 +++ strace-5.7/tests/fchownat.c 2021-08-24 21:08:43.262245968 +0200 @@ -17,6 +17,8 @@ # include # include +# include "secontext.h" + int main(void) { @@ -26,25 +28,86 @@ */ create_and_enter_subdir("fchownat_subdir"); - static const char sample[] = "fchownat_sample"; + char *my_secontext = SECONTEXT_PID_MY(); uid_t uid = geteuid(); uid_t gid = getegid(); - if (open(sample, O_RDONLY | O_CREAT, 0400) == -1) + static const char sample[] = "fchownat_sample"; + int fd = open(sample, O_RDONLY | O_CREAT, 0400); + if (fd == -1) perror_msg_and_fail("open"); + close(fd); + + char *sample_secontext = SECONTEXT_FILE(sample); + + /* + * Tests with AT_FDCWD. + */ long rc = syscall(__NR_fchownat, AT_FDCWD, sample, uid, gid, 0); - printf("fchownat(AT_FDCWD, \"%s\", %d, %d, 0) = %s\n", - sample, uid, gid, sprintrc(rc)); + printf("%s%s(AT_FDCWD, \"%s\"%s, %d, %d, 0) = %s\n", + my_secontext, "fchownat", + sample, sample_secontext, + uid, gid, sprintrc(rc)); if (unlink(sample)) perror_msg_and_fail("unlink"); rc = syscall(__NR_fchownat, AT_FDCWD, sample, -1, -1L, AT_SYMLINK_NOFOLLOW); - printf("fchownat(AT_FDCWD, \"%s\", -1, -1, AT_SYMLINK_NOFOLLOW) = %s\n", + printf("%s%s(AT_FDCWD, \"%s\", -1, -1, AT_SYMLINK_NOFOLLOW) = %s\n", + my_secontext, "fchownat", sample, sprintrc(rc)); + /* + * Tests with dirfd. + */ + + int cwd_fd = get_dir_fd("."); + char *cwd = get_fd_path(cwd_fd); + char *cwd_secontext = SECONTEXT_FILE("."); + char *sample_realpath = xasprintf("%s/%s", cwd, sample); + + /* no file */ + rc = syscall(__NR_fchownat, cwd_fd, sample, uid, gid, 0); + printf("%s%s(%d%s, \"%s\", %d, %d, 0) = %s\n", + my_secontext, "fchownat", + cwd_fd, cwd_secontext, + sample, + uid, gid, + sprintrc(rc)); + + fd = open(sample, O_RDONLY | O_CREAT, 0400); + if (fd == -1) + perror_msg_and_fail("open"); + close(fd); + + rc = syscall(__NR_fchownat, cwd_fd, sample, uid, gid, 0); + printf("%s%s(%d%s, \"%s\"%s, %d, %d, 0) = %s\n", + my_secontext, "fchownat", + cwd_fd, cwd_secontext, + sample, sample_secontext, + uid, gid, + sprintrc(rc)); + + /* cwd_fd ignored when path is absolute */ + if (chdir("../..")) + perror_msg_and_fail("chdir"); + + rc = syscall(__NR_fchownat, cwd_fd, sample_realpath, uid, gid, 0); + printf("%s%s(%d%s, \"%s\"%s, %d, %d, 0) = %s\n", + my_secontext, "fchownat", + cwd_fd, cwd_secontext, + sample_realpath, sample_secontext, + uid, gid, + sprintrc(rc)); + + if (fchdir(cwd_fd)) + perror_msg_and_fail("fchdir"); + + if (unlink(sample)) + perror_msg_and_fail("unlink"); + leave_and_remove_subdir(); puts("+++ exited with 0 +++"); Index: strace-5.7/tests/file_handle.c =================================================================== --- strace-5.7.orig/tests/file_handle.c 2021-08-24 21:08:35.385312637 +0200 +++ strace-5.7/tests/file_handle.c 2021-08-24 21:08:43.263245959 +0200 @@ -21,6 +21,8 @@ # include # include +# include "secontext.h" + enum assert_rc { ASSERT_NONE, ASSERT_SUCCESS, @@ -48,6 +50,7 @@ printf("..."); } +# ifndef TEST_SECONTEXT void do_name_to_handle_at(kernel_ulong_t dirfd, const char *dirfd_str, kernel_ulong_t pathname, const char *pathname_str, @@ -129,6 +132,7 @@ printf("%s\n", sprintrc(rc)); } +# endif /* !TEST_SECONTEXT */ struct strval { kernel_ulong_t val; @@ -141,12 +145,86 @@ int main(void) { + char *my_secontext = SECONTEXT_PID_MY(); enum { PATH1_SIZE = 64, }; static const kernel_ulong_t fdcwd = (kernel_ulong_t) 0x87654321ffffff9cULL; + + struct file_handle *handle = + tail_alloc(sizeof(struct file_handle) + MAX_HANDLE_SZ); + struct file_handle *handle_0 = + tail_alloc(sizeof(struct file_handle) + 0); + struct file_handle *handle_8 = + tail_alloc(sizeof(struct file_handle) + 8); + struct file_handle *handle_128 = + tail_alloc(sizeof(struct file_handle) + 128); + struct file_handle *handle_256 = + tail_alloc(sizeof(struct file_handle) + 256); + TAIL_ALLOC_OBJECT_CONST_PTR(int, bogus_mount_id); + + char handle_0_addr[sizeof("0x") + sizeof(void *) * 2]; + + const int flags = 0x400; + int mount_id; + + handle_0->handle_bytes = 256; + handle_8->handle_bytes = 0; + handle_128->handle_bytes = 128; + handle_256->handle_bytes = 256; + + fill_memory((char *) handle_128 + sizeof(struct file_handle), 128); + fill_memory((char *) handle_256 + sizeof(struct file_handle), 256); + + snprintf(handle_0_addr, sizeof(handle_0_addr), "%p", + handle_0 + sizeof(struct file_handle)); + + handle->handle_bytes = 0; + + char path[] = "."; + char *path_secontext = SECONTEXT_FILE(path); + + assert(syscall(__NR_name_to_handle_at, fdcwd, path, handle, &mount_id, + flags | 1) == -1); + if (EINVAL != errno) + perror_msg_and_skip("name_to_handle_at"); + printf("%s%s(AT_FDCWD, \"%s\"%s, {handle_bytes=0}, %p" + ", AT_SYMLINK_FOLLOW|0x1) = -1 EINVAL (%m)\n", + my_secontext, "name_to_handle_at", + path, path_secontext, + &mount_id); + + assert(syscall(__NR_name_to_handle_at, fdcwd, path, handle, &mount_id, + flags) == -1); + if (EOVERFLOW != errno) + perror_msg_and_skip("name_to_handle_at"); + printf("%s%s(AT_FDCWD, \"%s\"%s, {handle_bytes=0 => %u}" + ", %p, AT_SYMLINK_FOLLOW) = -1 EOVERFLOW (%m)\n", + my_secontext, "name_to_handle_at", + path, path_secontext, + handle->handle_bytes, &mount_id); + + assert(syscall(__NR_name_to_handle_at, fdcwd, path, handle, &mount_id, + flags) == 0); + printf("%s%s(AT_FDCWD, \"%s\"%s, {handle_bytes=%u" + ", handle_type=%d, f_handle=", + my_secontext, "name_to_handle_at", + path, path_secontext, + handle->handle_bytes, handle->handle_type); + print_handle_data(handle->f_handle, handle->handle_bytes); + printf("}, [%d], AT_SYMLINK_FOLLOW) = 0\n", mount_id); + + printf("%s%s(-1, {handle_bytes=%u, handle_type=%d, f_handle=", + my_secontext, "open_by_handle_at", + handle->handle_bytes, handle->handle_type); + print_handle_data(handle->f_handle, handle->handle_bytes); + int rc = syscall(__NR_open_by_handle_at, -1, handle, + O_RDONLY | O_DIRECTORY); + printf("}, O_RDONLY|O_DIRECTORY) = %d %s (%m)\n", rc, errno2name()); + +# ifndef TEST_SECONTEXT static const struct strval dirfds[] = { { (kernel_ulong_t) 0xdeadca57badda7a1ULL, "-1159878751" }, { (kernel_ulong_t) 0x12345678ffffff9cULL, "AT_FDCWD" }, @@ -171,29 +249,11 @@ }; static const char str64[] = STR64; - - char *bogus_path1 = tail_memdup(str64, PATH1_SIZE); char *bogus_path2 = tail_memdup(str64, sizeof(str64)); - - struct file_handle *handle = - tail_alloc(sizeof(struct file_handle) + MAX_HANDLE_SZ); - struct file_handle *handle_0 = - tail_alloc(sizeof(struct file_handle) + 0); - struct file_handle *handle_8 = - tail_alloc(sizeof(struct file_handle) + 8); - struct file_handle *handle_128 = - tail_alloc(sizeof(struct file_handle) + 128); - struct file_handle *handle_256 = - tail_alloc(sizeof(struct file_handle) + 256); - TAIL_ALLOC_OBJECT_CONST_PTR(int, bogus_mount_id); - - char handle_0_addr[sizeof("0x") + sizeof(void *) * 2]; - char bogus_path1_addr[sizeof("0x") + sizeof(void *) * 2]; char bogus_path1_after_addr[sizeof("0x") + sizeof(void *) * 2]; - struct strval paths[] = { { (kernel_ulong_t) 0, "NULL" }, { (kernel_ulong_t) (uintptr_t) (bogus_path1 + PATH1_SIZE), @@ -229,62 +289,16 @@ (kernel_ulong_t) (uintptr_t) bogus_mount_id, }; - const int flags = 0x400; - int mount_id; unsigned int i; unsigned int j; unsigned int k; unsigned int l; unsigned int m; - snprintf(bogus_path1_addr, sizeof(bogus_path1_addr), "%p", bogus_path1); snprintf(bogus_path1_after_addr, sizeof(bogus_path1_after_addr), "%p", bogus_path1 + PATH1_SIZE); - handle_0->handle_bytes = 256; - handle_8->handle_bytes = 0; - handle_128->handle_bytes = 128; - handle_256->handle_bytes = 256; - - fill_memory((char *) handle_128 + sizeof(struct file_handle), 128); - fill_memory((char *) handle_256 + sizeof(struct file_handle), 256); - - snprintf(handle_0_addr, sizeof(handle_0_addr), "%p", - handle_0 + sizeof(struct file_handle)); - - handle->handle_bytes = 0; - - assert(syscall(__NR_name_to_handle_at, fdcwd, ".", handle, &mount_id, - flags | 1) == -1); - if (EINVAL != errno) - perror_msg_and_skip("name_to_handle_at"); - printf("name_to_handle_at(AT_FDCWD, \".\", {handle_bytes=0}, %p" - ", AT_SYMLINK_FOLLOW|0x1) = -1 EINVAL (%m)\n", &mount_id); - - assert(syscall(__NR_name_to_handle_at, fdcwd, ".", handle, &mount_id, - flags) == -1); - if (EOVERFLOW != errno) - perror_msg_and_skip("name_to_handle_at"); - printf("name_to_handle_at(AT_FDCWD, \".\", {handle_bytes=0 => %u}" - ", %p, AT_SYMLINK_FOLLOW) = -1 EOVERFLOW (%m)\n", - handle->handle_bytes, &mount_id); - - assert(syscall(__NR_name_to_handle_at, fdcwd, ".", handle, &mount_id, - flags) == 0); - printf("name_to_handle_at(AT_FDCWD, \".\", {handle_bytes=%u" - ", handle_type=%d, f_handle=", - handle->handle_bytes, handle->handle_type); - print_handle_data(handle->f_handle, handle->handle_bytes); - printf("}, [%d], AT_SYMLINK_FOLLOW) = 0\n", mount_id); - - printf("open_by_handle_at(-1, {handle_bytes=%u, handle_type=%d" - ", f_handle=", handle->handle_bytes, handle->handle_type); - print_handle_data(handle->f_handle, handle->handle_bytes); - int rc = syscall(__NR_open_by_handle_at, -1, handle, - O_RDONLY | O_DIRECTORY); - printf("}, O_RDONLY|O_DIRECTORY) = %d %s (%m)\n", rc, errno2name()); - for (i = 0; i < ARRAY_SIZE(dirfds); i++) { for (j = 0; j < ARRAY_SIZE(paths); j++) { for (k = 0; k < ARRAY_SIZE(name_handles); k++) { @@ -320,6 +334,68 @@ } } } +# endif + + /* + * Tests with dirfd. + */ + + int cwd_fd = get_dir_fd("."); + char *cwd = get_fd_path(cwd_fd); + char *cwd_secontext = SECONTEXT_FILE("."); + + assert(syscall(__NR_name_to_handle_at, cwd_fd, path, handle, &mount_id, + flags) == 0); + printf("%s%s(%d%s, \"%s\"%s, {handle_bytes=%u, handle_type=%d" + ", f_handle=", + my_secontext, "name_to_handle_at", + cwd_fd, cwd_secontext, + path, path_secontext, + handle->handle_bytes, handle->handle_type); + print_handle_data((unsigned char *) handle + + sizeof(struct file_handle), + handle->handle_bytes); + printf("}, [%d], AT_SYMLINK_FOLLOW) = 0\n", mount_id); + + printf("%s%s(-1, {handle_bytes=%u, handle_type=%d, f_handle=", + my_secontext, "open_by_handle_at", + handle->handle_bytes, handle->handle_type); + print_handle_data((unsigned char *) handle + + sizeof(struct file_handle), + handle->handle_bytes); + rc = syscall(__NR_open_by_handle_at, -1, handle, + O_RDONLY | O_DIRECTORY); + printf("}, O_RDONLY|O_DIRECTORY) = %s\n", sprintrc(rc)); + + /* cwd_fd ignored when path is absolute */ + if (chdir("..")) + perror_msg_and_fail("chdir"); + + assert(syscall(__NR_name_to_handle_at, cwd_fd, cwd, handle, &mount_id, + flags) == 0); + printf("%s%s(%d%s, \"%s\"%s, {handle_bytes=%u" + ", handle_type=%d, f_handle=", + my_secontext, "name_to_handle_at", + cwd_fd, cwd_secontext, + cwd, cwd_secontext, + handle->handle_bytes, handle->handle_type); + print_handle_data((unsigned char *) handle + + sizeof(struct file_handle), + handle->handle_bytes); + printf("}, [%d], AT_SYMLINK_FOLLOW) = 0\n", mount_id); + + printf("%s%s(-1, {handle_bytes=%u, handle_type=%d, f_handle=", + my_secontext, "open_by_handle_at", + handle->handle_bytes, handle->handle_type); + print_handle_data((unsigned char *) handle + + sizeof(struct file_handle), + handle->handle_bytes); + rc = syscall(__NR_open_by_handle_at, -1, handle, + O_RDONLY | O_DIRECTORY); + printf("}, O_RDONLY|O_DIRECTORY) = %s\n", sprintrc(rc)); + + if (fchdir(cwd_fd)) + perror_msg_and_fail("fchdir"); puts("+++ exited with 0 +++"); return 0; Index: strace-5.7/tests/gen_secontext.sh =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ strace-5.7/tests/gen_secontext.sh 2021-08-24 21:08:43.263245959 +0200 @@ -0,0 +1,72 @@ +#!/bin/sh -efu +# +# Copyright (c) 2021 The strace developers. +# All rights reserved. +# +# SPDX-License-Identifier: GPL-2.0-or-later + +usage() +{ + cat >&2 <] + +Generate secontext files from list. +EOF + exit 1 +} + +if [ $# -eq 0 ]; then + input="${0%/*}/gen_tests.in" +else + input="$1" + shift +fi +dir="$(dirname "$input")" +[ $# -eq 0 ] || usage + +{ + cat < "$dir/secontext.am" + +sed -r -n 's/^([^#[:space:]]+--secontext)[[:space:]].*/\1/p' < "$input" | +while read -r name; do { + cat <<-EOF > "$dir/$name.c" + /* + * Copyright (c) 2021 The strace developers. + * All rights reserved. + * + * SPDX-License-Identifier: GPL-2.0-or-later + */ + + #include "tests.h" + + #ifdef HAVE_SELINUX_RUNTIME + + # define TEST_SECONTEXT + # include "${name%--secontext}.c" + + #else + + SKIP_MAIN_UNDEFINED("HAVE_SELINUX_RUNTIME") + + #endif + EOF +} < /dev/null; done + +sed -r -n 's/^([^#[:space:]]+--secontext_full)[[:space:]].*/\1/p' < "$input" | +while read -r name; do { + cat <<-EOF > "$dir/$name.c" + #define PRINT_SECONTEXT_FULL + #include "${name%_full}.c" + EOF +} < /dev/null; done Index: strace-5.7/tests/gen_tests.in =================================================================== --- strace-5.7.orig/tests/gen_tests.in 2021-08-24 21:08:35.385312637 +0200 +++ strace-5.7/tests/gen_tests.in 2021-08-24 21:08:43.263245959 +0200 @@ -10,6 +10,8 @@ accept -a22 accept4 -a37 access -a30 --trace-path=access_sample +access--secontext -a30 --secontext --trace-path=access_sample -e trace=access +access--secontext_full -a30 --secontext=full --trace-path=access_sample -e trace=access acct -a20 add_key -a30 -s12 adjtimex -a15 @@ -24,6 +26,8 @@ bpf-v -a20 -v -e trace=bpf btrfs +ioctl.test chmod -a28 +chmod--secontext -a28 --secontext -e trace=chmod +chmod--secontext_full -a28 --secontext=full -e trace=chmod chown -a28 chown32 -a31 chroot -a24 @@ -71,25 +75,43 @@ epoll_pwait epoll_wait -a26 erestartsys -a34 -e signal=none -e trace=recvfrom +execve--secontext +execve.test --secontext +execve--secontext_full +execve.test --secontext=full execveat +execveat--secontext --secontext --trace=execveat +execveat--secontext_full --secontext=full --trace=execveat execveat-v -v -e trace=execveat +faccessat--secontext +faccessat.test -a24 --secontext +faccessat--secontext_full +faccessat.test -a24 --secontext=full faccessat-P -a23 --trace=faccessat -P /dev/full faccessat-y +faccessat.test -a24 -y +faccessat-y--secontext +faccessat.test -a24 -y --secontext +faccessat-y--secontext_full +faccessat.test -a24 -y --secontext=full faccessat-yy +faccessat.test -a24 -yy fadvise64_64 +fadvise64.test fallocate -a18 fanotify_init fanotify_mark -a32 +fanotify_mark--secontext -a32 --secontext -e trace=fanotify_mark +fanotify_mark--secontext_full -a32 --secontext=full -e trace=fanotify_mark fanotify_mark-Xabbrev -a32 -Xabbrev -e trace=fanotify_mark fanotify_mark-Xraw -a32 -Xraw -e trace=fanotify_mark fanotify_mark-Xverbose -a32 -Xverbose -e trace=fanotify_mark fchdir -a11 fchmod -a15 +fchmod--secontext -a15 --secontext -e trace=fchmod +fchmod--secontext_full -a15 --secontext=full -e trace=fchmod fchmod-y -y -e trace=fchmod +fchmod-y--secontext -a15 -y --secontext -e trace=fchmod +fchmod-y--secontext_full -a15 -y --secontext=full -e trace=fchmod fchmodat +fchmodat--secontext --secontext -e trace=fchmodat +fchmodat--secontext_full --secontext=full -e trace=fchmodat fchown -a16 fchown32 -a18 fchownat +fchownat--secontext --secontext -e trace=fchownat +fchownat--secontext_full --secontext=full -e trace=fchownat fcntl -a8 fcntl--pidns-translation test_pidns -a8 -e trace=fcntl fcntl64 -a8 @@ -97,6 +119,8 @@ fdatasync -a14 file_handle -e trace=name_to_handle_at,open_by_handle_at file_ioctl +ioctl.test +file_handle--secontext --secontext -e trace=name_to_handle_at,open_by_handle_at +file_handle--secontext_full --secontext=full -e trace=name_to_handle_at,open_by_handle_at filter_seccomp . "${srcdir=.}/filter_seccomp.sh"; test_prog_set --seccomp-bpf -f filter_seccomp-flag ../$NAME finit_module -a25 @@ -295,6 +319,8 @@ lchown32 -a32 link linkat +linkat--secontext --secontext -e trace=linkat +linkat--secontext_full --secontext=full -e trace=linkat lookup_dcookie -a27 lstat -a31 --no-abbrev --trace-path=stat.sample --trace-path=/dev/full lstat64 -a32 --no-abbrev --trace-path=stat.sample --trace-path=/dev/full @@ -434,9 +460,13 @@ oldselect-efault-P -a13 -e trace=select -P /dev/full 9>>/dev/full oldstat -a32 -v -P stat.sample -P /dev/full open -a30 -P $NAME.sample +open--secontext -a30 -P open.sample --secontext --trace=open +open--secontext_full -a30 -P open.sample --secontext=full --trace=open open_tree -a30 -y open_tree-P -a30 --decode-fds -P /dev/full -e trace=open_tree openat -a36 -P $NAME.sample +openat--secontext -a36 -P openat.sample -P $PWD/openat.sample --secontext -e trace=openat +openat--secontext_full -a36 -P openat.sample -P $PWD/openat.sample --secontext=full -e trace=openat openat2 -a35 openat2-Xabbrev --trace=openat2 -a35 -Xabbrev openat2-Xraw --trace=openat2 -a32 -Xraw Index: strace-5.7/tests/linkat.c =================================================================== --- strace-5.7.orig/tests/linkat.c 2021-08-24 21:08:35.385312637 +0200 +++ strace-5.7/tests/linkat.c 2021-08-24 21:08:43.264245951 +0200 @@ -10,8 +10,14 @@ #ifdef __NR_linkat +# include # include +# include # include +# include + +# include "secontext.h" +# include "xmalloc.h" int main(void) @@ -27,18 +33,158 @@ const long fd_old = (long) 0xdeadbeefffffffffULL; const long fd_new = (long) 0xdeadbeeffffffffeULL; + char *my_secontext = SECONTEXT_PID_MY(); + + (void) unlink(sample_1); + (void) unlink(sample_2); + long rc = syscall(__NR_linkat, fd_old, sample_1, fd_new, sample_2, 0); - printf("linkat(%d, \"%s\", %d, \"%s\", 0) = %ld %s (%m)\n", + printf("%s%s(%d, \"%s\", %d, \"%s\", 0) = %ld %s (%m)\n", + my_secontext, "linkat", (int) fd_old, sample_1, (int) fd_new, sample_2, rc, errno2name()); rc = syscall(__NR_linkat, -100, sample_1, -100, sample_2, -1L); - printf("linkat(%s, \"%s\", %s, \"%s\", %s) = %ld %s (%m)\n", + printf("%s%s(%s, \"%s\", %s, \"%s\", %s) = %ld %s (%m)\n", + my_secontext, "linkat", "AT_FDCWD", sample_1, "AT_FDCWD", sample_2, "AT_SYMLINK_NOFOLLOW|AT_REMOVEDIR|AT_SYMLINK_FOLLOW" "|AT_NO_AUTOMOUNT|AT_EMPTY_PATH|AT_RECURSIVE|0xffff60ff", rc, errno2name()); + /* + * Tests with AT_FDCWD. + */ + + int fd_sample_1 = open(sample_1, O_RDONLY | O_CREAT, 0400); + if (fd_sample_1 < 0) + perror_msg_and_fail("open"); + if (close(fd_sample_1)) + perror_msg_and_fail("close"); + + char *sample_1_secontext = SECONTEXT_FILE(sample_1); + + rc = syscall(__NR_linkat, -100, sample_1, -100, sample_2, 0); + /* no context printed for sample_2 since file doesn't exist yet */ + printf("%s%s(AT_FDCWD, \"%s\"%s, AT_FDCWD, \"%s\", 0) = %s\n", + my_secontext, "linkat", + sample_1, sample_1_secontext, + sample_2, + sprintrc(rc)); + + const char *sample_2_secontext = sample_1_secontext; + + rc = syscall(__NR_linkat, -100, sample_1, -100, sample_2, 0); + printf("%s%s(AT_FDCWD, \"%s\"%s, AT_FDCWD, \"%s\"%s, 0) = %s\n", + my_secontext, "linkat", + sample_1, sample_1_secontext, + sample_2, sample_2_secontext, + sprintrc(rc)); + + int fd_sample_2 = open(sample_2, O_RDONLY | O_CREAT, 0400); + if (fd_sample_2 < 0) + perror_msg_and_fail("open"); + if (close(fd_sample_2)) + perror_msg_and_fail("close"); + + free(sample_1_secontext); + update_secontext_type(sample_1, "default_t"); + sample_1_secontext = SECONTEXT_FILE(sample_1); + sample_2_secontext = sample_1_secontext; + + rc = syscall(__NR_linkat, -100, sample_1, -100, sample_2, 0); + printf("%s%s(AT_FDCWD, \"%s\"%s, AT_FDCWD, \"%s\"%s, 0) = %s\n", + my_secontext, "linkat", + sample_1, sample_1_secontext, + sample_2, sample_2_secontext, + sprintrc(rc)); + + if (unlink(sample_2)) + perror_msg_and_fail("unlink: %s", sample_2); + + /* + * Tests with dirfd. + */ + + int dfd_old = get_dir_fd("."); + char *cwd = get_fd_path(dfd_old); + char *dfd_old_secontext = SECONTEXT_FILE("."); + + rc = syscall(__NR_linkat, dfd_old, sample_1, -100, sample_2, 0); + /* no context printed for sample_2 since file doesn't exist yet */ + printf("%s%s(%d%s, \"%s\"%s, AT_FDCWD, \"%s\", 0) = %s\n", + my_secontext, "linkat", + dfd_old, dfd_old_secontext, + sample_1, sample_1_secontext, + sample_2, + sprintrc(rc)); + + rc = syscall(__NR_linkat, dfd_old, sample_1, -100, sample_2, 0); + printf("%s%s(%d%s, \"%s\"%s, AT_FDCWD, \"%s\"%s, 0) = %s\n", + my_secontext, "linkat", + dfd_old, dfd_old_secontext, + sample_1, sample_1_secontext, + sample_2, sample_2_secontext, + sprintrc(rc)); + + if (unlink(sample_2)) + perror_msg_and_fail("unlink: %s", sample_2); + + static const char new_dir[] = "new"; + char *new_sample_2 = xasprintf("%s/%s", new_dir, sample_2); + + (void) unlink(new_sample_2); + (void) rmdir(new_dir); + + if (mkdir(new_dir, 0700)) + perror_msg_and_fail("mkdir"); + char *new_dir_realpath = xasprintf("%s/%s", cwd, new_dir); + char *new_dir_secontext = SECONTEXT_FILE(new_dir); + int dfd_new = get_dir_fd(new_dir); + + rc = syscall(__NR_linkat, dfd_old, sample_1, dfd_new, sample_2, 0); + /* no context printed for sample_2 since file doesn't exist yet */ + printf("%s%s(%d%s, \"%s\"%s, %d%s, \"%s\", 0) = %s\n", + my_secontext, "linkat", + dfd_old, dfd_old_secontext, + sample_1, sample_1_secontext, + dfd_new, new_dir_secontext, + sample_2, + sprintrc(rc)); + + rc = syscall(__NR_linkat, dfd_old, sample_1, dfd_new, sample_2, 0); + printf("%s%s(%d%s, \"%s\"%s, %d%s, \"%s\"%s, 0) = %s\n", + my_secontext, "linkat", + dfd_old, dfd_old_secontext, + sample_1, sample_1_secontext, + dfd_new, new_dir_secontext, + sample_2, SECONTEXT_FILE(new_sample_2), + sprintrc(rc)); + + char *new_sample_2_realpath = xasprintf("%s/%s", new_dir_realpath, sample_2); + + /* dfd ignored when path is absolute */ + if (chdir("../..")) + perror_msg_and_fail("chdir"); + + rc = syscall(__NR_linkat, dfd_old, sample_1, -100, new_sample_2_realpath, 0); + printf("%s%s(%d%s, \"%s\"%s, AT_FDCWD, \"%s\"%s, 0) = %s\n", + my_secontext, "linkat", + dfd_old, dfd_old_secontext, + sample_1, sample_1_secontext, + new_sample_2_realpath, SECONTEXT_FILE(new_sample_2_realpath), + sprintrc(rc)); + + if (fchdir(dfd_old)) + perror_msg_and_fail("fchdir"); + + if (unlink(sample_1)) + perror_msg_and_fail("unlink: %s", sample_1); + if (unlink(new_sample_2)) + perror_msg_and_fail("unlink: %s", new_sample_2); + if (rmdir(new_dir)) + perror_msg_and_fail("rmdir: %s", new_dir); + leave_and_remove_subdir(); puts("+++ exited with 0 +++"); Index: strace-5.7/tests/open.c =================================================================== --- strace-5.7.orig/tests/open.c 2021-08-24 21:08:35.386312629 +0200 +++ strace-5.7/tests/open.c 2021-08-24 21:08:43.264245951 +0200 @@ -15,6 +15,8 @@ # include # include +# include "secontext.h" + int main(void) { @@ -25,10 +27,12 @@ create_and_enter_subdir("open_subdir"); static const char sample[] = "open.sample"; + char *my_secontext = SECONTEXT_PID_MY(); long fd = syscall(__NR_open, sample, O_RDONLY|O_CREAT, 0400); - printf("open(\"%s\", O_RDONLY|O_CREAT, 0400) = %s\n", - sample, sprintrc(fd)); + printf("%s%s(\"%s\", O_RDONLY|O_CREAT, 0400) = %s%s\n", + my_secontext, "open", + sample, sprintrc(fd), SECONTEXT_FILE(sample)); if (fd != -1) { close(fd); @@ -36,16 +40,18 @@ perror_msg_and_fail("unlink"); fd = syscall(__NR_open, sample, O_RDONLY); - printf("open(\"%s\", O_RDONLY) = %s\n", sample, sprintrc(fd)); + printf("%s%s(\"%s\", O_RDONLY) = %s\n", + my_secontext, "open", sample, sprintrc(fd)); fd = syscall(__NR_open, sample, O_WRONLY|O_NONBLOCK|0x80000000); - printf("open(\"%s\", O_WRONLY|O_NONBLOCK|0x80000000) = %s\n", - sample, sprintrc(fd)); + printf("%s%s(\"%s\", O_WRONLY|O_NONBLOCK|0x80000000) = %s\n", + my_secontext, "open", sample, sprintrc(fd)); } # ifdef O_TMPFILE fd = syscall(__NR_open, sample, O_WRONLY|O_TMPFILE, 0600); - printf("open(\"%s\", O_WRONLY|O_TMPFILE, 0600) = %s\n", + printf("%s%s(\"%s\", O_WRONLY|O_TMPFILE, 0600) = %s\n", + my_secontext, "open", sample, sprintrc(fd)); # endif /* O_TMPFILE */ Index: strace-5.7/tests/openat.c =================================================================== --- strace-5.7.orig/tests/openat.c 2021-08-24 21:08:35.386312629 +0200 +++ strace-5.7/tests/openat.c 2021-08-24 21:08:43.264245951 +0200 @@ -15,6 +15,8 @@ # include # include +# include "secontext.h" + # ifdef O_TMPFILE /* The kernel & C libraries often inline O_DIRECTORY. */ # define STRACE_O_TMPFILE (O_TMPFILE & ~O_DIRECTORY) @@ -26,10 +28,12 @@ static void test_mode_flag(unsigned int mode_val, const char *mode_str, - unsigned int flag_val, const char *flag_str) + unsigned int flag_val, const char *flag_str, + const char *my_secontext) { long rc = syscall(__NR_openat, -1, sample, mode_val | flag_val, 0); - printf("openat(-1, \"%s\", %s%s%s%s) = %s\n", + printf("%s%s(-1, \"%s\", %s%s%s%s) = %s\n", + my_secontext, "openat", sample, mode_str, flag_val ? "|" : "", flag_str, flag_val & (O_CREAT | STRACE_O_TMPFILE) ? ", 000" : "", @@ -45,20 +49,7 @@ */ create_and_enter_subdir("openat_subdir"); - long fd = syscall(__NR_openat, -100, sample, O_RDONLY|O_CREAT, 0400); - printf("openat(AT_FDCWD, \"%s\", O_RDONLY|O_CREAT, 0400) = %s\n", - sample, sprintrc(fd)); - - if (fd != -1) { - close(fd); - if (unlink(sample) == -1) - perror_msg_and_fail("unlink"); - - fd = syscall(__NR_openat, -100, sample, O_RDONLY); - printf("openat(AT_FDCWD, \"%s\", O_RDONLY) = %s\n", - sample, sprintrc(fd)); - } - + char *my_secontext = SECONTEXT_PID_MY(); struct { unsigned int val; const char *str; @@ -105,7 +96,73 @@ for (unsigned int m = 0; m < ARRAY_SIZE(modes); ++m) for (unsigned int f = 0; f < ARRAY_SIZE(flags); ++f) test_mode_flag(modes[m].val, modes[m].str, - flags[f].val, flags[f].str); + flags[f].val, flags[f].str, + my_secontext); + + /* + * Tests with AT_FDCWD. + */ + + (void) unlink(sample); + long fd = syscall(__NR_openat, -100, sample, O_RDONLY|O_CREAT, 0400); + + char *sample_secontext = SECONTEXT_FILE(sample); + + /* + * File context in openat() is not displayed because file doesn't exist + * yet, but is displayed in return value since the file got created. + */ + printf("%s%s(AT_FDCWD, \"%s\", O_RDONLY|O_CREAT, 0400) = %s%s\n", + my_secontext, "openat", + sample, + sprintrc(fd), sample_secontext); + + close(fd); + + fd = syscall(__NR_openat, -100, sample, O_RDONLY); + printf("%s%s(AT_FDCWD, \"%s\"%s, O_RDONLY) = %s%s\n", + my_secontext, "openat", + sample, sample_secontext, + sprintrc(fd), sample_secontext); + if (fd != -1) { + close(fd); + if (unlink(sample)) + perror_msg_and_fail("unlink"); + } + + /* + * Tests with dirfd. + */ + + int cwd_fd = get_dir_fd("."); + char *cwd_secontext = SECONTEXT_FILE("."); + + fd = syscall(__NR_openat, cwd_fd, sample, O_RDONLY|O_CREAT, 0400); + if (fd == -1) + perror_msg_and_fail("openat"); + close(fd); + + /* + * File context in openat() is not displayed because file doesn't exist + * yet, but is displayed in return value since the file got created. + */ + printf("%s%s(%d%s, \"%s\", O_RDONLY|O_CREAT, 0400) = %s%s\n", + my_secontext, "openat", + cwd_fd, cwd_secontext, + sample, + sprintrc(fd), sample_secontext); + + fd = syscall(__NR_openat, cwd_fd, sample, O_RDONLY); + printf("%s%s(%d%s, \"%s\"%s, O_RDONLY) = %s%s\n", + my_secontext, "openat", + cwd_fd, cwd_secontext, + sample, sample_secontext, + sprintrc(fd), sample_secontext); + if (fd != -1) { + close(fd); + if (unlink(sample)) + perror_msg_and_fail("unlink"); + } leave_and_remove_subdir(); Index: strace-5.7/tests/options-syntax.test =================================================================== --- strace-5.7.orig/tests/options-syntax.test 2021-08-24 21:08:35.386312629 +0200 +++ strace-5.7/tests/options-syntax.test 2021-08-24 21:08:43.265245942 +0200 @@ -2,14 +2,16 @@ # # Check strace options syntax. # -# Copyright (c) 2016 Dmitry V. Levin -# Copyright (c) 2016-2020 The strace developers. +# Copyright (c) 2016 Dmitry V. Levin +# Copyright (c) 2016-2021 The strace developers. # All rights reserved. # # SPDX-License-Identifier: GPL-2.0-or-later . "${srcdir=.}/syntax.sh" +compiled_with_secontext=$(get_config_option ENABLE_SECONTEXT "y") + check_e "Invalid process id: '0'" -p 0 check_e "Invalid process id: '0'" --attach=0 check_e "Invalid process id: '-42'" -p -42 @@ -46,6 +48,8 @@ check_e '-t and --absolute-timestamps cannot be provided simultaneously' --absolute-timestamps -ttt -p $$ check_e '-t and --absolute-timestamps cannot be provided simultaneously' -t --timestamps=ns -t -p $$ check_e '-t and --absolute-timestamps cannot be provided simultaneously' --timestamps=ns -t --absolute-timestamps=unix -p $$ +[ -z "$compiled_with_secontext" ] || + check_h "invalid --secontext argument: 'ss'" --secontext=ss check_h 'PROG [ARGS] must be specified with -D/--daemonize' -D -p $$ check_h 'PROG [ARGS] must be specified with -D/--daemonize' -DD -p $$ check_h 'PROG [ARGS] must be specified with -D/--daemonize' -DDD -p $$ @@ -281,6 +285,11 @@ $STRACE_EXE: Only the last of -z/--successful-only/-Z/--failed-only options will take effect. See status qualifier for more complex filters. $STRACE_EXE: $umsg" -u :nosuchuser: -cirtTyzZ true + if [ -n "$compiled_with_secontext" ]; then + check_e "--secontext has no effect with -c/--summary-only +$STRACE_EXE: $umsg" -u :nosuchuser: -c --secontext true + fi + for c in --output-separately -A/--output-append-mode; do check_e "$c has no effect without -o/--output $STRACE_EXE: $umsg" -u :nosuchuser: ${c%%/*} true Index: strace-5.7/tests/secontext.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ strace-5.7/tests/secontext.c 2021-08-24 21:08:43.265245942 +0200 @@ -0,0 +1,201 @@ +/* + * Copyright (c) 2021 The strace developers. + * All rights reserved. + * + * SPDX-License-Identifier: GPL-2.0-or-later + */ + +#include "tests.h" + +#ifdef HAVE_SELINUX_RUNTIME + +# include +# include +# include +# include +# include +# include + +# include "xmalloc.h" + +# define TEST_SECONTEXT +# include "secontext.h" + +static char * +secontext_format(char *context, const char *fmt) + ATTRIBUTE_FORMAT((printf, 2, 0)) ATTRIBUTE_MALLOC; + +static char * +secontext_format(char *context, const char *fmt) +{ + int saved_errno = errno; + char *res = context ? xasprintf(fmt, context) : xstrdup(""); + free(context); + errno = saved_errno; + return res; +} + +# define FORMAT_SPACE_BEFORE(string) secontext_format(string, " [%s]") +# define FORMAT_SPACE_AFTER(string) secontext_format(string, "[%s] ") + +static char * +strip_trailing_newlines(char *context) +{ + /* + * On the CI at least, the context may have a trailing \n, + * let's remove it just in case. + */ + size_t len = strlen(context); + for (; len > 0; --len) { + if (context[len - 1] != '\n') + break; + } + context[len] = '\0'; + return context; +} + +static char * +raw_secontext_full_file(const char *filename) +{ + int saved_errno = errno; + char *full_secontext = NULL; + char *secontext; + + if (getfilecon(filename, &secontext) >= 0) { + full_secontext = strip_trailing_newlines(xstrdup(secontext)); + freecon(secontext); + } + errno = saved_errno; + return full_secontext; +} + +static char * +raw_secontext_short_file(const char *filename) +{ + int saved_errno = errno; + + char *ctx = raw_secontext_full_file(filename); + if (ctx == NULL) + return ctx; + + char *saveptr = NULL; + const char *token; + unsigned int i; + + char *ctx_copy = xstrdup(ctx); + char *context = NULL; + for (token = strtok_r(ctx_copy, ":", &saveptr), i = 0; + token; token = strtok_r(NULL, ":", &saveptr), i++) { + if (i == 2) { + context = xstrdup(token); + break; + } + } + if (context == NULL) + context = xstrdup(ctx); + free(ctx_copy); + free(ctx); + + errno = saved_errno; + return context; +} + +static char * +raw_secontext_full_pid(pid_t pid) +{ + int saved_errno = errno; + char *full_secontext = NULL; + char *secontext; + + if (getpidcon(pid, &secontext) == 0) { + full_secontext = strip_trailing_newlines(xstrdup(secontext)); + freecon(secontext); + } + errno = saved_errno; + return full_secontext; +} + +static char * +raw_secontext_short_pid(pid_t pid) +{ + int saved_errno = errno; + + char *ctx = raw_secontext_full_pid(pid); + if (ctx == NULL) + return ctx; + + char *saveptr = NULL; + const char *token; + int i; + + char *ctx_copy = xstrdup(ctx); + char *context = NULL; + for (token = strtok_r(ctx_copy, ":", &saveptr), i = 0; + token; token = strtok_r(NULL, ":", &saveptr), i++) { + if (i == 2) { + context = xstrdup(token); + break; + } + } + if (context == NULL) + context = xstrdup(ctx); + free(ctx_copy); + free(ctx); + + errno = saved_errno; + return context; +} + +char * +secontext_full_file(const char *filename) +{ + return FORMAT_SPACE_BEFORE(raw_secontext_full_file(filename)); +} + +char * +secontext_full_pid(pid_t pid) +{ + return FORMAT_SPACE_AFTER(raw_secontext_full_pid(pid)); +} + +char * +secontext_short_file(const char *filename) +{ + return FORMAT_SPACE_BEFORE(raw_secontext_short_file(filename)); +} + +char * +secontext_short_pid(pid_t pid) +{ + return FORMAT_SPACE_AFTER(raw_secontext_short_pid(pid)); +} + +void +update_secontext_type(const char *file, const char *newtype) +{ + char *ctx = raw_secontext_full_file(file); + if (ctx == NULL) + return; + + char *saveptr = NULL; + char *token; + int field; + char *split[4]; + + for (token = strtok_r(ctx, ":", &saveptr), field = 0; + token; token = strtok_r(NULL, ":", &saveptr), field++) { + assert(field < 4); + split[field] = token; + } + assert(field == 4); + + char *newcontext = xasprintf("%s:%s:%s:%s", split[0], split[1], + newtype, split[3]); + + (void) setfilecon(file, newcontext); + + free(newcontext); + free(ctx); +} + +#endif /* HAVE_SELINUX_RUNTIME */ Index: strace-5.7/tests/secontext.h =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ strace-5.7/tests/secontext.h 2021-08-24 21:08:43.265245942 +0200 @@ -0,0 +1,46 @@ +/* + * Copyright (c) 2021 The strace developers. + * All rights reserved. + * + * SPDX-License-Identifier: GPL-2.0-or-later + */ + +#include "tests.h" +#include "xmalloc.h" +#include + +#if defined TEST_SECONTEXT && defined HAVE_SELINUX_RUNTIME + +void update_secontext_type(const char *file, const char *newtype); + +# ifdef PRINT_SECONTEXT_FULL + +char *secontext_full_file(const char *) ATTRIBUTE_MALLOC; +char *secontext_full_pid(pid_t) ATTRIBUTE_MALLOC; + +# define SECONTEXT_FILE(filename) secontext_full_file(filename) +# define SECONTEXT_PID(pid) secontext_full_pid(pid) + +# else + +char *secontext_short_file(const char *) ATTRIBUTE_MALLOC; +char *secontext_short_pid(pid_t) ATTRIBUTE_MALLOC; + +# define SECONTEXT_FILE(filename) secontext_short_file(filename) +# define SECONTEXT_PID(pid) secontext_short_pid(pid) + +# endif + +#else + +static inline void +update_secontext_type(const char *file, const char *newtype) +{ +} + +# define SECONTEXT_FILE(filename) xstrdup("") +# define SECONTEXT_PID(pid) xstrdup("") + +#endif + +#define SECONTEXT_PID_MY() SECONTEXT_PID(getpid()) Index: strace-5.7/tests/strace-V.test =================================================================== --- strace-5.7.orig/tests/strace-V.test 2021-08-24 21:08:35.387312620 +0200 +++ strace-5.7/tests/strace-V.test 2021-08-24 21:08:43.266245934 +0200 @@ -33,7 +33,9 @@ ;; esac -features="${option_unwind}${option_demangle}${option_m32}${option_mx32}" +option_secontext=$(get_config_option ENABLE_SECONTEXT " secontext") + +features="${option_unwind}${option_demangle}${option_m32}${option_mx32}${option_secontext}" [ -n "$features" ] || features=" (none)" cat > "$EXP" << __EOF__ Index: strace-5.7/tests-m32/Makefile.am =================================================================== --- strace-5.7.orig/tests-m32/Makefile.am 2021-08-24 21:08:35.387312620 +0200 +++ strace-5.7/tests-m32/Makefile.am 2021-08-24 21:08:43.266245934 +0200 @@ -28,6 +28,12 @@ -DTESTS_SIZEOF_LONG=$(SIZEOF_LONG) AM_LDFLAGS = $(ARCH_MFLAGS) +if HAVE_SELINUX_RUNTIME +libselinux_LDADD = $(libselinux_LIBS) +else +libselinux_LDADD = +endif + libtests_a_SOURCES = \ create_nl_socket.c \ create_tmpfile.c \ @@ -54,6 +60,8 @@ printxval-Xabbrev.c \ printxval-Xraw.c \ printxval-Xverbose.c \ + secontext.c \ + secontext.h \ signal2name.c \ skip_unavailable.c \ sprintrc.c \ @@ -76,7 +84,10 @@ include pure_executables.am +include secontext.am + check_PROGRAMS = $(PURE_EXECUTABLES) \ + $(secontext_EXECUTABLES) \ _newselect-P \ answer \ attach-f-p \ Index: strace-5.7/tests-m32/access.c =================================================================== --- strace-5.7.orig/tests-m32/access.c 2021-08-24 21:08:35.387312620 +0200 +++ strace-5.7/tests-m32/access.c 2021-08-24 21:08:43.266245934 +0200 @@ -10,9 +10,12 @@ #ifdef __NR_access +# include # include # include +# include "secontext.h" + int main(void) { @@ -22,15 +25,27 @@ */ create_and_enter_subdir("access_subdir"); + char *my_secontext = SECONTEXT_PID_MY(); + static const char sample[] = "access_sample"; + (void) unlink(sample); + if (open(sample, O_CREAT|O_RDONLY, 0400) == -1) + perror_msg_and_fail("open: %s", sample); long rc = syscall(__NR_access, sample, F_OK); - printf("access(\"%s\", F_OK) = %ld %s (%m)\n", - sample, rc, errno2name()); + printf("%s%s(\"%s\"%s, F_OK) = %s\n", + my_secontext, "access", + sample, SECONTEXT_FILE(sample), + sprintrc(rc)); + + if (unlink(sample)) + perror_msg_and_fail("unlink: %s", sample); rc = syscall(__NR_access, sample, R_OK|W_OK|X_OK); - printf("access(\"%s\", R_OK|W_OK|X_OK) = %ld %s (%m)\n", - sample, rc, errno2name()); + printf("%s%s(\"%s\", R_OK|W_OK|X_OK) = %s\n", + my_secontext, "access", + sample, + sprintrc(rc)); leave_and_remove_subdir(); Index: strace-5.7/tests-m32/chmod.c =================================================================== --- strace-5.7.orig/tests-m32/chmod.c 2021-08-24 21:08:35.387312620 +0200 +++ strace-5.7/tests-m32/chmod.c 2021-08-24 21:08:43.267245925 +0200 @@ -16,6 +16,8 @@ # include # include +# include "secontext.h" + int main(void) { @@ -25,22 +27,33 @@ */ create_and_enter_subdir("chmod_subdir"); - static const char fname[] = "chmod_test_file"; - - if (open(fname, O_CREAT|O_RDONLY, 0400) < 0) - perror_msg_and_fail("open"); - - long rc = syscall(__NR_chmod, fname, 0600); - printf("chmod(\"%s\", 0600) = %s\n", fname, sprintrc(rc)); - - if (unlink(fname)) - perror_msg_and_fail("unlink"); - - rc = syscall(__NR_chmod, fname, 051); - printf("chmod(\"%s\", 051) = %s\n", fname, sprintrc(rc)); + char *my_secontext = SECONTEXT_PID_MY(); - rc = syscall(__NR_chmod, fname, 004); - printf("chmod(\"%s\", 004) = %s\n", fname, sprintrc(rc)); + static const char sample[] = "chmod_test_file"; + (void) unlink(sample); + if (open(sample, O_CREAT|O_RDONLY, 0400) < 0) + perror_msg_and_fail("open: %s", sample); + + long rc = syscall(__NR_chmod, sample, 0600); + printf("%s%s(\"%s\"%s, 0600) = %s\n", + my_secontext, "chmod", + sample, SECONTEXT_FILE(sample), + sprintrc(rc)); + + if (unlink(sample)) + perror_msg_and_fail("unlink: %s", sample); + + rc = syscall(__NR_chmod, sample, 051); + printf("%s%s(\"%s\", 051) = %s\n", + my_secontext, "chmod", + sample, + sprintrc(rc)); + + rc = syscall(__NR_chmod, sample, 004); + printf("%s%s(\"%s\", 004) = %s\n", + my_secontext, "chmod", + sample, + sprintrc(rc)); leave_and_remove_subdir(); Index: strace-5.7/tests-m32/execve.c =================================================================== --- strace-5.7.orig/tests-m32/execve.c 2021-08-24 21:08:35.388312612 +0200 +++ strace-5.7/tests-m32/execve.c 2021-08-24 21:08:43.267245925 +0200 @@ -9,9 +9,12 @@ */ #include "tests.h" +#include #include #include +#include "secontext.h" + static const char *errstr; static int @@ -52,9 +55,16 @@ char ** const tail_argv = tail_memdup(argv, sizeof(argv)); char ** const tail_envp = tail_memdup(envp, sizeof(envp)); + char *my_secontext = SECONTEXT_PID_MY(); + + (void) unlink(FILENAME); + if (open(FILENAME, O_RDONLY | O_CREAT, 0400) < 0) + perror_msg_and_fail("open"); + + char *FILENAME_secontext = SECONTEXT_FILE(FILENAME); call_execve(FILENAME, tail_argv, tail_envp); - printf("execve(\"%s\"" + printf("%s%s(\"%s\"%s" ", [\"%s\", \"%s\", \"%s\", %p, %p, %p, ... /* %p */]" #if VERBOSE ", [\"%s\", \"%s\", %p, %p, %p, ... /* %p */]" @@ -62,7 +72,9 @@ ", %p /* 5 vars, unterminated */" #endif ") = %s\n", - Q_FILENAME, q_argv[0], q_argv[1], q_argv[2], + my_secontext, "execve", + Q_FILENAME, FILENAME_secontext, + q_argv[0], q_argv[1], q_argv[2], argv[3], argv[4], argv[5], (char *) tail_argv + sizeof(argv) #if VERBOSE , q_envp[0], q_envp[1], envp[2], envp[3], envp[4], @@ -77,14 +89,16 @@ (void) q_envp; /* workaround for clang bug #33068 */ call_execve(FILENAME, tail_argv, tail_envp); - printf("execve(\"%s\", [\"%s\", \"%s\", \"%s\"]" + printf("%s%s(\"%s\"%s, [\"%s\", \"%s\", \"%s\"]" #if VERBOSE ", [\"%s\", \"%s\"]" #else ", %p /* 2 vars */" #endif ") = %s\n", - Q_FILENAME, q_argv[0], q_argv[1], q_argv[2] + my_secontext, "execve", + Q_FILENAME, FILENAME_secontext, + q_argv[0], q_argv[1], q_argv[2] #if VERBOSE , q_envp[0], q_envp[1] #else @@ -93,14 +107,16 @@ , errstr); call_execve(FILENAME, tail_argv + 2, tail_envp + 1); - printf("execve(\"%s\", [\"%s\"]" + printf("%s%s(\"%s\"%s, [\"%s\"]" #if VERBOSE ", [\"%s\"]" #else ", %p /* 1 var */" #endif ") = %s\n", - Q_FILENAME, q_argv[2] + my_secontext, "execve", + Q_FILENAME, FILENAME_secontext, + q_argv[2] #if VERBOSE , q_envp[1] #else @@ -113,13 +129,15 @@ *empty = NULL; call_execve(FILENAME, empty, empty); - printf("execve(\"%s\", []" + printf("%s%s(\"%s\"%s, []" #if VERBOSE ", []" #else ", %p /* 0 vars */" #endif - ") = %s\n", Q_FILENAME + ") = %s\n", + my_secontext, "execve", + Q_FILENAME, FILENAME_secontext #if !VERBOSE , empty #endif @@ -143,7 +161,10 @@ a[i] = b[i] = NULL; call_execve(FILENAME, a, b); - printf("execve(\"%s\", [\"%.*s\"...", Q_FILENAME, DEFAULT_STRLEN, a[0]); + printf("%s%s(\"%s\"%s, [\"%.*s\"...", + my_secontext, "execve", + Q_FILENAME, FILENAME_secontext, + DEFAULT_STRLEN, a[0]); for (i = 1; i < DEFAULT_STRLEN; ++i) printf(", \"%s\"", a[i]); #if VERBOSE @@ -162,7 +183,10 @@ printf(") = %s\n", errstr); call_execve(FILENAME, a + 1, b + 1); - printf("execve(\"%s\", [\"%s\"", Q_FILENAME, a[1]); + printf("%s%s(\"%s\"%s, [\"%s\"", + my_secontext, "execve", + Q_FILENAME, FILENAME_secontext, + a[1]); for (i = 2; i <= DEFAULT_STRLEN; ++i) printf(", \"%s\"", a[i]); #if VERBOSE @@ -175,12 +199,17 @@ #endif printf(") = %s\n", errstr); + if (unlink(FILENAME)) + perror_msg_and_fail("unlink"); + call_execve(FILENAME, (char **) tail_argv[ARRAY_SIZE(q_argv)], efault); - printf("execve(\"%s\", NULL, %p) = %s\n", + printf("%s%s(\"%s\", NULL, %p) = %s\n", + my_secontext, "execve", Q_FILENAME, efault, errstr); call_execve(FILENAME, efault, NULL); - printf("execve(\"%s\", %p, NULL) = %s\n", + printf("%s%s(\"%s\", %p, NULL) = %s\n", + my_secontext, "execve", Q_FILENAME, efault, errstr); leave_and_remove_subdir(); Index: strace-5.7/tests-m32/execve.test =================================================================== --- strace-5.7.orig/tests-m32/execve.test 2021-08-24 21:08:35.388312612 +0200 +++ strace-5.7/tests-m32/execve.test 2021-08-24 21:08:43.268245917 +0200 @@ -11,7 +11,7 @@ check_prog grep run_prog > /dev/null -run_strace -eexecve $args > "$EXP" +run_strace -eexecve "$@" $args > "$EXP" # Filter out execve() call made by strace. grep -F test.execve < "$LOG" > "$OUT" Index: strace-5.7/tests-m32/execveat.c =================================================================== --- strace-5.7.orig/tests-m32/execveat.c 2021-08-24 21:08:35.388312612 +0200 +++ strace-5.7/tests-m32/execveat.c 2021-08-24 21:08:43.268245917 +0200 @@ -13,9 +13,102 @@ #ifdef __NR_execveat +# include # include # include +# include "secontext.h" + +static void +tests_with_existing_file(void) +{ + /* + * Make sure the current workdir of the tracee + * is different from the current workdir of the tracer. + */ + create_and_enter_subdir("execveat_subdir"); + + char *my_secontext = SECONTEXT_PID_MY(); + + static const char sample[] = "execveat_sample"; + (void) unlink(sample); + if (open(sample, O_RDONLY | O_CREAT, 0400) < 0) + perror_msg_and_fail("open"); + + char *sample_secontext = SECONTEXT_FILE(sample); + static const char *argv[] = { sample, NULL }; + + /* + * Tests with AT_FDCWD. + */ + + long rc = syscall(__NR_execveat, -100, sample, argv, NULL, 0); + printf("%s%s(AT_FDCWD, \"%s\"%s, [\"%s\"], NULL, 0) = %s\n", + my_secontext, "execveat", + sample, sample_secontext, + argv[0], + sprintrc(rc)); + + if (unlink(sample)) + perror_msg_and_fail("unlink"); + + rc = syscall(__NR_execveat, -100, sample, argv, NULL, 0); + printf("%s%s(AT_FDCWD, \"%s\", [\"%s\"], NULL, 0) = %s\n", + my_secontext, "execveat", + sample, + argv[0], + sprintrc(rc)); + + /* + * Tests with dirfd. + */ + + int cwd_fd = get_dir_fd("."); + char *cwd = get_fd_path(cwd_fd); + char *cwd_secontext = SECONTEXT_FILE("."); + char *sample_realpath = xasprintf("%s/%s", cwd, sample); + + /* no file */ + rc = syscall(__NR_execveat, cwd_fd, sample, argv, NULL, 0); + printf("%s%s(%d%s, \"%s\", [\"%s\"], NULL, 0) = %s\n", + my_secontext, "execveat", + cwd_fd, cwd_secontext, + sample, + argv[0], + sprintrc(rc)); + + if (open(sample, O_RDONLY | O_CREAT, 0400) < 0) + perror_msg_and_fail("open"); + + rc = syscall(__NR_execveat, cwd_fd, sample, argv, NULL, 0); + printf("%s%s(%d%s, \"%s\"%s, [\"%s\"], NULL, 0) = %s\n", + my_secontext, "execveat", + cwd_fd, cwd_secontext, + sample, sample_secontext, + argv[0], + sprintrc(rc)); + + /* cwd_fd ignored when path is absolute */ + if (chdir("../..")) + perror_msg_and_fail("chdir"); + + rc = syscall(__NR_execveat, cwd_fd, sample_realpath, argv, NULL, 0); + printf("%s%s(%d%s, \"%s\"%s, [\"%s\"], NULL, 0) = %s\n", + my_secontext, "execveat", + cwd_fd, cwd_secontext, + sample_realpath, sample_secontext, + argv[0], + sprintrc(rc)); + + if (fchdir(cwd_fd)) + perror_msg_and_fail("fchdir"); + + if (unlink(sample)) + perror_msg_and_fail("unlink"); + + leave_and_remove_subdir(); +} + # define FILENAME "test.execveat\nfilename" # define Q_FILENAME "test.execveat\\nfilename" @@ -40,9 +133,10 @@ { const char ** const tail_argv = tail_memdup(argv, sizeof(argv)); const char ** const tail_envp = tail_memdup(envp, sizeof(envp)); + char *my_secontext = SECONTEXT_PID_MY(); syscall(__NR_execveat, -100, FILENAME, tail_argv, tail_envp, 0x1100); - printf("execveat(AT_FDCWD, \"%s\"" + printf("%s%s(AT_FDCWD, \"%s\"" ", [\"%s\", \"%s\", \"%s\", %p, %p, %p, ... /* %p */]" # if VERBOSE ", [\"%s\", \"%s\", %p, %p, %p, ... /* %p */]" @@ -50,6 +144,7 @@ ", %p /* 5 vars, unterminated */" # endif ", AT_SYMLINK_NOFOLLOW|AT_EMPTY_PATH) = -1 %s (%m)\n", + my_secontext, "execveat", Q_FILENAME, q_argv[0], q_argv[1], q_argv[2], argv[3], argv[4], argv[5], (char *) tail_argv + sizeof(argv), # if VERBOSE @@ -65,13 +160,14 @@ (void) q_envp; /* workaround for clang bug #33068 */ syscall(__NR_execveat, -100, FILENAME, tail_argv, tail_envp, 0x1100); - printf("execveat(AT_FDCWD, \"%s\", [\"%s\", \"%s\", \"%s\"]" + printf("%s%s(AT_FDCWD, \"%s\", [\"%s\", \"%s\", \"%s\"]" # if VERBOSE ", [\"%s\", \"%s\"]" # else ", %p /* 2 vars */" # endif ", AT_SYMLINK_NOFOLLOW|AT_EMPTY_PATH) = -1 %s (%m)\n", + my_secontext, "execveat", Q_FILENAME, q_argv[0], q_argv[1], q_argv[2], # if VERBOSE q_envp[0], q_envp[1], @@ -81,13 +177,14 @@ errno2name()); syscall(__NR_execveat, -100, FILENAME, tail_argv + 2, tail_envp + 1, 0x1100); - printf("execveat(AT_FDCWD, \"%s\", [\"%s\"]" + printf("%s%s(AT_FDCWD, \"%s\", [\"%s\"]" # if VERBOSE ", [\"%s\"]" # else ", %p /* 1 var */" # endif ", AT_SYMLINK_NOFOLLOW|AT_EMPTY_PATH) = -1 %s (%m)\n", + my_secontext, "execveat", Q_FILENAME, q_argv[2], # if VERBOSE q_envp[1], @@ -101,13 +198,14 @@ *empty = NULL; syscall(__NR_execveat, -100, FILENAME, empty, empty, 0x1100); - printf("execveat(AT_FDCWD, \"%s\", []" + printf("%s%s(AT_FDCWD, \"%s\", []" # if VERBOSE ", []" # else ", %p /* 0 vars */" # endif ", AT_SYMLINK_NOFOLLOW|AT_EMPTY_PATH) = -1 %s (%m)\n", + my_secontext, "execveat", Q_FILENAME, # if !VERBOSE empty, @@ -132,7 +230,9 @@ a[i] = b[i] = NULL; syscall(__NR_execveat, -100, FILENAME, a, b, 0x1100); - printf("execveat(AT_FDCWD, \"%s\", [\"%.*s\"...", Q_FILENAME, DEFAULT_STRLEN, a[0]); + printf("%s%s(AT_FDCWD, \"%s\", [\"%.*s\"...", + my_secontext, "execveat", + Q_FILENAME, DEFAULT_STRLEN, a[0]); for (i = 1; i < DEFAULT_STRLEN; ++i) printf(", \"%s\"", a[i]); # if VERBOSE @@ -152,7 +252,9 @@ errno2name()); syscall(__NR_execveat, -100, FILENAME, a + 1, b + 1, 0x1100); - printf("execveat(AT_FDCWD, \"%s\", [\"%s\"", Q_FILENAME, a[1]); + printf("%s%s(AT_FDCWD, \"%s\", [\"%s\"", + my_secontext, "execveat", + Q_FILENAME, a[1]); for (i = 2; i <= DEFAULT_STRLEN; ++i) printf(", \"%s\"", a[i]); # if VERBOSE @@ -167,15 +269,19 @@ errno2name()); syscall(__NR_execveat, -100, FILENAME, NULL, efault, 0x1100); - printf("execveat(AT_FDCWD, \"%s\", NULL, %p" + printf("%s%s(AT_FDCWD, \"%s\", NULL, %p" ", AT_SYMLINK_NOFOLLOW|AT_EMPTY_PATH) = -1 %s (%m)\n", + my_secontext, "execveat", Q_FILENAME, efault, errno2name()); syscall(__NR_execveat, -100, FILENAME, efault, NULL, 0x1100); - printf("execveat(AT_FDCWD, \"%s\", %p, NULL" + printf("%s%s(AT_FDCWD, \"%s\", %p, NULL" ", AT_SYMLINK_NOFOLLOW|AT_EMPTY_PATH) = -1 %s (%m)\n", + my_secontext, "execveat", Q_FILENAME, efault, errno2name()); + tests_with_existing_file(); + puts("+++ exited with 0 +++"); return 0; } Index: strace-5.7/tests-m32/faccessat.c =================================================================== --- strace-5.7.orig/tests-m32/faccessat.c 2021-08-24 21:08:35.389312604 +0200 +++ strace-5.7/tests-m32/faccessat.c 2021-08-24 21:08:43.269245908 +0200 @@ -12,12 +12,16 @@ #ifdef __NR_faccessat -# include "xmalloc.h" # include # include # include -# ifndef FD_PATH +# include "secontext.h" +# include "xmalloc.h" + +# ifdef FD_PATH +# define YFLAG +# else # define FD_PATH "" # endif # ifndef SKIP_IF_PROC_IS_UNAVAILABLE @@ -43,11 +47,130 @@ return rc; } +# ifndef PATH_TRACING +static void +tests_with_existing_file(void) +{ + /* + * Make sure the current workdir of the tracee + * is different from the current workdir of the tracer. + */ + create_and_enter_subdir("faccessat_subdir"); + + char *my_secontext = SECONTEXT_PID_MY(); + + k_faccessat(-1, NULL, F_OK); + printf("%s%s(-1, NULL, F_OK) = %s\n", + my_secontext, "faccessat", errstr); + + static const char sample[] = "faccessat_sample"; + (void) unlink(sample); + int fd = open(sample, O_CREAT|O_RDONLY, 0400); + if (fd == -1) + perror_msg_and_fail("open"); + close(fd); + char *sample_secontext = SECONTEXT_FILE(sample); + + /* + * Tests with AT_FDCWD. + */ + + k_faccessat(-100, sample, F_OK); + printf("%s%s(AT_FDCWD, \"%s\"%s, F_OK) = %s\n", + my_secontext, "faccessat", + sample, sample_secontext, + errstr); + + if (unlink(sample)) + perror_msg_and_fail("unlink"); + + k_faccessat(-100, sample, F_OK); + printf("%s%s(AT_FDCWD, \"%s\", F_OK) = %s\n", + my_secontext, "faccessat", + sample, + errstr); + + /* + * Tests with dirfd. + */ + + int cwd_fd = get_dir_fd("."); + char *cwd = get_fd_path(cwd_fd); + char *cwd_secontext = SECONTEXT_FILE("."); + char *sample_realpath = xasprintf("%s/%s", cwd, sample); + + /* no file */ + k_faccessat(cwd_fd, sample, F_OK); +# ifdef YFLAG + printf("%s%s(%d<%s>%s, \"%s\", F_OK) = %s\n", +# else + printf("%s%s(%d%s, \"%s\", F_OK) = %s\n", +# endif + my_secontext, "faccessat", + cwd_fd, +# ifdef YFLAG + cwd, +# endif + cwd_secontext, + sample, + errstr); + + fd = open(sample, O_CREAT|O_RDONLY, 0400); + if (fd == -1) + perror_msg_and_fail("open"); + close(fd); + + k_faccessat(cwd_fd, sample, F_OK); +# ifdef YFLAG + printf("%s%s(%d<%s>%s, \"%s\"%s, F_OK) = %s\n", +# else + printf("%s%s(%d%s, \"%s\"%s, F_OK) = %s\n", +# endif + my_secontext, "faccessat", + cwd_fd, +# ifdef YFLAG + cwd, +# endif + cwd_secontext, + sample, sample_secontext, + errstr); + + /* cwd_fd ignored when path is absolute */ + if (chdir("../..")) + perror_msg_and_fail("chdir"); + + k_faccessat(cwd_fd, sample_realpath, F_OK); +# ifdef YFLAG + printf("%s%s(%d<%s>%s, \"%s\"%s, F_OK) = %s\n", +# else + printf("%s%s(%d%s, \"%s\"%s, F_OK) = %s\n", +# endif + my_secontext, "faccessat", + cwd_fd, +# ifdef YFLAG + cwd, +# endif + cwd_secontext, + sample_realpath, sample_secontext, + errstr); + + if (fchdir(cwd_fd)) + perror_msg_and_fail("fchdir"); + + if (unlink(sample)) + perror_msg_and_fail("unlink"); + + leave_and_remove_subdir(); +} +# endif + int main(void) { SKIP_IF_PROC_IS_UNAVAILABLE; +# ifndef TEST_SECONTEXT + TAIL_ALLOC_OBJECT_CONST_PTR(const char, unterminated); char *unterminated_str = xasprintf("%p", unterminated); const void *const efault = unterminated + 1; @@ -120,10 +243,10 @@ k_faccessat(dirfds[dirfd_i].val, paths[path_i].val, modes[mode_i].val); -# ifdef PATH_TRACING +# ifdef PATH_TRACING if (dirfds[dirfd_i].val == fd || paths[path_i].val == fd_path) -# endif +# endif printf("faccessat(%s, %s, %s) = %s\n", dirfds[dirfd_i].str, paths[path_i].str, @@ -133,6 +256,12 @@ } } +# endif /* !TEST_SECONTEXT */ + +# ifndef PATH_TRACING + tests_with_existing_file(); +# endif + puts("+++ exited with 0 +++"); return 0; } Index: strace-5.7/tests-m32/faccessat.test =================================================================== --- strace-5.7.orig/tests-m32/faccessat.test 2021-08-24 21:08:35.389312604 +0200 +++ strace-5.7/tests-m32/faccessat.test 2021-08-24 21:08:43.269245908 +0200 @@ -15,5 +15,5 @@ run_strace -a23 --trace=faccessat "$@" $args > "$EXP" # Filter out faccessat() calls made by ld.so and libc. -sed -n '/^faccessat(-1, NULL,/,$p' < "$LOG" > "$OUT" +sed -n '/faccessat(-1, NULL,/,$p' < "$LOG" > "$OUT" match_diff "$OUT" "$EXP" Index: strace-5.7/tests-m32/fanotify_mark.c =================================================================== --- strace-5.7.orig/tests-m32/fanotify_mark.c 2021-08-24 21:07:01.122112055 +0200 +++ strace-5.7/tests-m32/fanotify_mark.c 2021-08-24 21:08:43.269245908 +0200 @@ -3,7 +3,7 @@ * * Copyright (c) 2015-2016 Dmitry V. Levin * Copyright (c) 2016 Eugene Syromyatnikov - * Copyright (c) 2015-2020 The strace developers. + * Copyright (c) 2015-2021 The strace developers. * All rights reserved. * * SPDX-License-Identifier: GPL-2.0-or-later @@ -21,6 +21,8 @@ # include # include +# include "secontext.h" + # if XLAT_RAW # define str_fan_mark_add "0x1" # define str_fan_modify_ondir "0x40000002" @@ -35,6 +37,7 @@ # define str_at_fdcwd "AT_FDCWD" # endif +# ifndef TEST_SECONTEXT /* Performs fanotify_mark call via the syscall interface. */ static void do_call(kernel_ulong_t fd, kernel_ulong_t flags, const char *flags_str, @@ -44,18 +47,18 @@ long rc; rc = syscall(__NR_fanotify_mark, fd, flags, -# if (LONG_MAX > INT_MAX) \ - || (defined __x86_64__ && defined __ILP32__) \ - || defined LINUX_MIPSN32 +# if (LONG_MAX > INT_MAX) \ + || (defined __x86_64__ && defined __ILP32__) \ + || defined LINUX_MIPSN32 mask, -# else +# else /* arch/parisc/kernel/sys_parisc32.c, commit ab8a261b */ -# ifdef HPPA +# ifdef HPPA LL_VAL_TO_PAIR((mask << 32) | (mask >> 32)), -# else +# else LL_VAL_TO_PAIR(mask), +# endif # endif -# endif dirfd, path); printf("fanotify_mark(%d, %s, %s, %s, %s) = %s\n", @@ -68,12 +71,14 @@ const char *str; }; -# define STR16 "0123456789abcdef" -# define STR64 STR16 STR16 STR16 STR16 +# define STR16 "0123456789abcdef" +# define STR64 STR16 STR16 STR16 STR16 +# endif /* !TEST_SECONTEXT */ int main(void) { +# ifndef TEST_SECONTEXT enum { PATH1_SIZE = 64, }; @@ -87,47 +92,47 @@ { F8ILL_KULONG_MASK, "0" }, { (kernel_ulong_t) 0xdec0deddefacec00ULL, "0xefacec00" -# if !XLAT_RAW +# if !XLAT_RAW " /* FAN_MARK_??? */" -# endif +# endif }, { (kernel_ulong_t) 0xda7a105700000040ULL, -# if XLAT_RAW +# if XLAT_RAW "0x40" -# elif XLAT_VERBOSE +# elif XLAT_VERBOSE "0x40 /* FAN_MARK_IGNORED_SURV_MODIFY */" -# else +# else "FAN_MARK_IGNORED_SURV_MODIFY" -# endif +# endif }, { (kernel_ulong_t) 0xbadc0deddeadffffULL, -# if XLAT_RAW || XLAT_VERBOSE +# if XLAT_RAW || XLAT_VERBOSE "0xdeadffff" -# endif -# if XLAT_VERBOSE +# endif +# if XLAT_VERBOSE " /* " -# endif -# if !XLAT_RAW +# endif +# if !XLAT_RAW "FAN_MARK_ADD|FAN_MARK_REMOVE|FAN_MARK_DONT_FOLLOW|" "FAN_MARK_ONLYDIR|FAN_MARK_MOUNT|FAN_MARK_IGNORED_MASK|" "FAN_MARK_IGNORED_SURV_MODIFY|FAN_MARK_FLUSH|" "FAN_MARK_FILESYSTEM|0xdeadfe00" -# endif -# if XLAT_VERBOSE +# endif +# if XLAT_VERBOSE " */" -# endif +# endif }, }; static const struct strval64 masks[] = { { ARG_ULL_STR(0) }, { 0xdeadfeedffffffffULL, -# if XLAT_RAW || XLAT_VERBOSE +# if XLAT_RAW || XLAT_VERBOSE "0xdeadfeedffffffff" -# endif -# if XLAT_VERBOSE +# endif +# if XLAT_VERBOSE " /* " -# endif -# if !XLAT_RAW +# endif +# if !XLAT_RAW "FAN_ACCESS|" "FAN_MODIFY|" "FAN_ATTRIB|" @@ -149,27 +154,27 @@ "FAN_ONDIR|" "FAN_EVENT_ON_CHILD|" "0xdeadfeedb7f0a000" -# endif -# if XLAT_VERBOSE +# endif +# if XLAT_VERBOSE " */" -# endif +# endif }, { ARG_ULL_STR(0xffffffffb7f0a000) -# if !XLAT_RAW +# if !XLAT_RAW " /* FAN_??? */" -# endif +# endif }, }; static const struct strval dirfds[] = { { (kernel_ulong_t) 0xfacefeed00000001ULL, "1" }, { (kernel_ulong_t) 0xdec0ded0ffffffffULL, -# if XLAT_RAW +# if XLAT_RAW "-1" -# elif XLAT_VERBOSE +# elif XLAT_VERBOSE "-1 /* FAN_NOFD */" -# else +# else "FAN_NOFD" -# endif +# endif }, { (kernel_ulong_t) 0xbadfacedffffff9cULL, str_at_fdcwd }, { (kernel_ulong_t) 0xdefaced1beeff00dULL, "-1091571699" }, @@ -202,12 +207,6 @@ snprintf(bogus_path1_after_addr, sizeof(bogus_path1_after_addr), "%p", bogus_path1 + PATH1_SIZE); - rc = fanotify_mark(-1, FAN_MARK_ADD, FAN_MODIFY | FAN_ONDIR, - -100, "."); - printf("fanotify_mark(-1, %s, %s, %s, \".\") = %s\n", - str_fan_mark_add, str_fan_modify_ondir, str_at_fdcwd, - sprintrc(rc)); - for (i = 0; i < ARRAY_SIZE(fds); i++) { for (j = 0; j < ARRAY_SIZE(flags); j++) { for (k = 0; k < ARRAY_SIZE(masks); k++) { @@ -226,6 +225,40 @@ } } } +# else /* TEST_SECONTEXT */ + int rc; +# endif + /* + * Test with AT_FDCWD. + */ + + char *my_secontext = SECONTEXT_PID_MY(); + char path[] = "."; + char *path_secontext = SECONTEXT_FILE(path); + + rc = fanotify_mark(-1, FAN_MARK_ADD, FAN_MODIFY | FAN_ONDIR, + -100, path); + printf("%s%s(-1, %s, %s, %s, \"%s\"%s) = %s\n", + my_secontext, "fanotify_mark", + str_fan_mark_add, str_fan_modify_ondir, str_at_fdcwd, + path, path_secontext, + sprintrc(rc)); + + /* + * Test with dirfd. + */ + + int cwd_fd = get_dir_fd("."); + char *cwd_secontext = SECONTEXT_FILE("."); + + rc = fanotify_mark(-1, FAN_MARK_ADD, FAN_MODIFY | FAN_ONDIR, + cwd_fd, path); + printf("%s%s(-1, %s, %s, %d%s, \"%s\"%s) = %s\n", + my_secontext, "fanotify_mark", + str_fan_mark_add, str_fan_modify_ondir, + cwd_fd, cwd_secontext, + path, path_secontext, + sprintrc(rc)); puts("+++ exited with 0 +++"); return 0; Index: strace-5.7/tests-m32/fchmod.c =================================================================== --- strace-5.7.orig/tests-m32/fchmod.c 2021-08-24 21:08:35.389312604 +0200 +++ strace-5.7/tests-m32/fchmod.c 2021-08-24 21:08:43.270245900 +0200 @@ -18,6 +18,8 @@ # include # include +# include "secontext.h" + int main(void) { @@ -27,6 +29,8 @@ */ create_and_enter_subdir("fchmod_subdir"); + char *my_secontext = SECONTEXT_PID_MY(); + static const char sample[] = "fchmod_sample_file"; (void) unlink(sample); int fd = open(sample, O_CREAT|O_RDONLY, 0400); @@ -37,16 +41,19 @@ char *sample_realpath = get_fd_path(fd); # endif + const char *sample_secontext = SECONTEXT_FILE(sample); long rc = syscall(__NR_fchmod, fd, 0600); # ifdef YFLAG - printf("fchmod(%d<%s>, 0600) = %s\n", + printf("%s%s(%d<%s>%s, 0600) = %s\n", # else - printf("fchmod(%d, 0600) = %s\n", + printf("%s%s(%d%s, 0600) = %s\n", # endif + my_secontext, "fchmod", fd, # ifdef YFLAG sample_realpath, # endif + sample_secontext, sprintrc(rc)); if (unlink(sample)) @@ -54,26 +61,30 @@ rc = syscall(__NR_fchmod, fd, 051); # ifdef YFLAG - printf("fchmod(%d<%s (deleted)>, 051) = %s\n", + printf("%s%s(%d<%s (deleted)>%s, 051) = %s\n", # else - printf("fchmod(%d, 051) = %s\n", + printf("%s%s(%d%s, 051) = %s\n", # endif + my_secontext, "fchmod", fd, # ifdef YFLAG sample_realpath, # endif + sample_secontext, sprintrc(rc)); rc = syscall(__NR_fchmod, fd, 004); # ifdef YFLAG - printf("fchmod(%d<%s (deleted)>, 004) = %s\n", + printf("%s%s(%d<%s (deleted)>%s, 004) = %s\n", # else - printf("fchmod(%d, 004) = %s\n", + printf("%s%s(%d%s, 004) = %s\n", # endif + my_secontext, "fchmod", fd, # ifdef YFLAG sample_realpath, # endif + sample_secontext, sprintrc(rc)); leave_and_remove_subdir(); Index: strace-5.7/tests-m32/fchmodat.c =================================================================== --- strace-5.7.orig/tests-m32/fchmodat.c 2021-08-24 21:08:35.390312595 +0200 +++ strace-5.7/tests-m32/fchmodat.c 2021-08-24 21:08:43.270245900 +0200 @@ -17,6 +17,8 @@ # include # include +# include "secontext.h" + int main(void) { @@ -26,26 +28,81 @@ */ create_and_enter_subdir("fchmodat_subdir"); - static const char sample[] = "fchmodat_sample"; + char *my_secontext = SECONTEXT_PID_MY(); + static const char sample[] = "fchmodat_sample_file"; if (open(sample, O_RDONLY | O_CREAT, 0400) < 0) perror_msg_and_fail("open"); + char *sample_secontext = SECONTEXT_FILE(sample); + + /* + * Tests with AT_FDCWD. + */ + long rc = syscall(__NR_fchmodat, -100, sample, 0600); - printf("fchmodat(AT_FDCWD, \"%s\", 0600) = %s\n", - sample, sprintrc(rc)); + printf("%s%s(AT_FDCWD, \"%s\"%s, 0600) = %s\n", + my_secontext, "fchmodat", + sample, sample_secontext, + sprintrc(rc)); if (unlink(sample)) perror_msg_and_fail("unlink"); rc = syscall(__NR_fchmodat, -100, sample, 051); - printf("fchmodat(AT_FDCWD, \"%s\", 051) = %s\n", + printf("%s%s(AT_FDCWD, \"%s\", 051) = %s\n", + my_secontext, "fchmodat", sample, sprintrc(rc)); rc = syscall(__NR_fchmodat, -100, sample, 004); - printf("fchmodat(AT_FDCWD, \"%s\", 004) = %s\n", + printf("%s%s(AT_FDCWD, \"%s\", 004) = %s\n", + my_secontext, "fchmodat", sample, sprintrc(rc)); + /* + * Tests with dirfd. + */ + + int cwd_fd = get_dir_fd("."); + char *cwd = get_fd_path(cwd_fd); + char *cwd_secontext = SECONTEXT_FILE("."); + char *sample_realpath = xasprintf("%s/%s", cwd, sample); + + /* no file */ + rc = syscall(__NR_fchmodat, cwd_fd, sample, 0400); + printf("%s%s(%d%s, \"%s\", 0400) = %s\n", + my_secontext, "fchmodat", + cwd_fd, cwd_secontext, + sample, + sprintrc(rc)); + + if (open(sample, O_RDONLY | O_CREAT, 0400) < 0) + perror_msg_and_fail("open"); + + rc = syscall(__NR_fchmodat, cwd_fd, sample, 0400); + printf("%s%s(%d%s, \"%s\"%s, 0400) = %s\n", + my_secontext, "fchmodat", + cwd_fd, cwd_secontext, + sample, sample_secontext, + sprintrc(rc)); + + /* cwd_fd ignored when path is absolute */ + if (chdir("../..")) + perror_msg_and_fail("chdir"); + + rc = syscall(__NR_fchmodat, cwd_fd, sample_realpath, 0400); + printf("%s%s(%d%s, \"%s\"%s, 0400) = %s\n", + my_secontext, "fchmodat", + cwd_fd, cwd_secontext, + sample_realpath, sample_secontext, + sprintrc(rc)); + + if (fchdir(cwd_fd)) + perror_msg_and_fail("fchdir"); + + if (unlink(sample)) + perror_msg_and_fail("unlink"); + leave_and_remove_subdir(); puts("+++ exited with 0 +++"); Index: strace-5.7/tests-m32/fchownat.c =================================================================== --- strace-5.7.orig/tests-m32/fchownat.c 2021-08-24 21:08:35.390312595 +0200 +++ strace-5.7/tests-m32/fchownat.c 2021-08-24 21:08:43.270245900 +0200 @@ -17,6 +17,8 @@ # include # include +# include "secontext.h" + int main(void) { @@ -26,25 +28,86 @@ */ create_and_enter_subdir("fchownat_subdir"); - static const char sample[] = "fchownat_sample"; + char *my_secontext = SECONTEXT_PID_MY(); uid_t uid = geteuid(); uid_t gid = getegid(); - if (open(sample, O_RDONLY | O_CREAT, 0400) == -1) + static const char sample[] = "fchownat_sample"; + int fd = open(sample, O_RDONLY | O_CREAT, 0400); + if (fd == -1) perror_msg_and_fail("open"); + close(fd); + + char *sample_secontext = SECONTEXT_FILE(sample); + + /* + * Tests with AT_FDCWD. + */ long rc = syscall(__NR_fchownat, AT_FDCWD, sample, uid, gid, 0); - printf("fchownat(AT_FDCWD, \"%s\", %d, %d, 0) = %s\n", - sample, uid, gid, sprintrc(rc)); + printf("%s%s(AT_FDCWD, \"%s\"%s, %d, %d, 0) = %s\n", + my_secontext, "fchownat", + sample, sample_secontext, + uid, gid, sprintrc(rc)); if (unlink(sample)) perror_msg_and_fail("unlink"); rc = syscall(__NR_fchownat, AT_FDCWD, sample, -1, -1L, AT_SYMLINK_NOFOLLOW); - printf("fchownat(AT_FDCWD, \"%s\", -1, -1, AT_SYMLINK_NOFOLLOW) = %s\n", + printf("%s%s(AT_FDCWD, \"%s\", -1, -1, AT_SYMLINK_NOFOLLOW) = %s\n", + my_secontext, "fchownat", sample, sprintrc(rc)); + /* + * Tests with dirfd. + */ + + int cwd_fd = get_dir_fd("."); + char *cwd = get_fd_path(cwd_fd); + char *cwd_secontext = SECONTEXT_FILE("."); + char *sample_realpath = xasprintf("%s/%s", cwd, sample); + + /* no file */ + rc = syscall(__NR_fchownat, cwd_fd, sample, uid, gid, 0); + printf("%s%s(%d%s, \"%s\", %d, %d, 0) = %s\n", + my_secontext, "fchownat", + cwd_fd, cwd_secontext, + sample, + uid, gid, + sprintrc(rc)); + + fd = open(sample, O_RDONLY | O_CREAT, 0400); + if (fd == -1) + perror_msg_and_fail("open"); + close(fd); + + rc = syscall(__NR_fchownat, cwd_fd, sample, uid, gid, 0); + printf("%s%s(%d%s, \"%s\"%s, %d, %d, 0) = %s\n", + my_secontext, "fchownat", + cwd_fd, cwd_secontext, + sample, sample_secontext, + uid, gid, + sprintrc(rc)); + + /* cwd_fd ignored when path is absolute */ + if (chdir("../..")) + perror_msg_and_fail("chdir"); + + rc = syscall(__NR_fchownat, cwd_fd, sample_realpath, uid, gid, 0); + printf("%s%s(%d%s, \"%s\"%s, %d, %d, 0) = %s\n", + my_secontext, "fchownat", + cwd_fd, cwd_secontext, + sample_realpath, sample_secontext, + uid, gid, + sprintrc(rc)); + + if (fchdir(cwd_fd)) + perror_msg_and_fail("fchdir"); + + if (unlink(sample)) + perror_msg_and_fail("unlink"); + leave_and_remove_subdir(); puts("+++ exited with 0 +++"); Index: strace-5.7/tests-m32/file_handle.c =================================================================== --- strace-5.7.orig/tests-m32/file_handle.c 2021-08-24 21:08:35.390312595 +0200 +++ strace-5.7/tests-m32/file_handle.c 2021-08-24 21:08:43.271245891 +0200 @@ -21,6 +21,8 @@ # include # include +# include "secontext.h" + enum assert_rc { ASSERT_NONE, ASSERT_SUCCESS, @@ -48,6 +50,7 @@ printf("..."); } +# ifndef TEST_SECONTEXT void do_name_to_handle_at(kernel_ulong_t dirfd, const char *dirfd_str, kernel_ulong_t pathname, const char *pathname_str, @@ -129,6 +132,7 @@ printf("%s\n", sprintrc(rc)); } +# endif /* !TEST_SECONTEXT */ struct strval { kernel_ulong_t val; @@ -141,12 +145,86 @@ int main(void) { + char *my_secontext = SECONTEXT_PID_MY(); enum { PATH1_SIZE = 64, }; static const kernel_ulong_t fdcwd = (kernel_ulong_t) 0x87654321ffffff9cULL; + + struct file_handle *handle = + tail_alloc(sizeof(struct file_handle) + MAX_HANDLE_SZ); + struct file_handle *handle_0 = + tail_alloc(sizeof(struct file_handle) + 0); + struct file_handle *handle_8 = + tail_alloc(sizeof(struct file_handle) + 8); + struct file_handle *handle_128 = + tail_alloc(sizeof(struct file_handle) + 128); + struct file_handle *handle_256 = + tail_alloc(sizeof(struct file_handle) + 256); + TAIL_ALLOC_OBJECT_CONST_PTR(int, bogus_mount_id); + + char handle_0_addr[sizeof("0x") + sizeof(void *) * 2]; + + const int flags = 0x400; + int mount_id; + + handle_0->handle_bytes = 256; + handle_8->handle_bytes = 0; + handle_128->handle_bytes = 128; + handle_256->handle_bytes = 256; + + fill_memory((char *) handle_128 + sizeof(struct file_handle), 128); + fill_memory((char *) handle_256 + sizeof(struct file_handle), 256); + + snprintf(handle_0_addr, sizeof(handle_0_addr), "%p", + handle_0 + sizeof(struct file_handle)); + + handle->handle_bytes = 0; + + char path[] = "."; + char *path_secontext = SECONTEXT_FILE(path); + + assert(syscall(__NR_name_to_handle_at, fdcwd, path, handle, &mount_id, + flags | 1) == -1); + if (EINVAL != errno) + perror_msg_and_skip("name_to_handle_at"); + printf("%s%s(AT_FDCWD, \"%s\"%s, {handle_bytes=0}, %p" + ", AT_SYMLINK_FOLLOW|0x1) = -1 EINVAL (%m)\n", + my_secontext, "name_to_handle_at", + path, path_secontext, + &mount_id); + + assert(syscall(__NR_name_to_handle_at, fdcwd, path, handle, &mount_id, + flags) == -1); + if (EOVERFLOW != errno) + perror_msg_and_skip("name_to_handle_at"); + printf("%s%s(AT_FDCWD, \"%s\"%s, {handle_bytes=0 => %u}" + ", %p, AT_SYMLINK_FOLLOW) = -1 EOVERFLOW (%m)\n", + my_secontext, "name_to_handle_at", + path, path_secontext, + handle->handle_bytes, &mount_id); + + assert(syscall(__NR_name_to_handle_at, fdcwd, path, handle, &mount_id, + flags) == 0); + printf("%s%s(AT_FDCWD, \"%s\"%s, {handle_bytes=%u" + ", handle_type=%d, f_handle=", + my_secontext, "name_to_handle_at", + path, path_secontext, + handle->handle_bytes, handle->handle_type); + print_handle_data(handle->f_handle, handle->handle_bytes); + printf("}, [%d], AT_SYMLINK_FOLLOW) = 0\n", mount_id); + + printf("%s%s(-1, {handle_bytes=%u, handle_type=%d, f_handle=", + my_secontext, "open_by_handle_at", + handle->handle_bytes, handle->handle_type); + print_handle_data(handle->f_handle, handle->handle_bytes); + int rc = syscall(__NR_open_by_handle_at, -1, handle, + O_RDONLY | O_DIRECTORY); + printf("}, O_RDONLY|O_DIRECTORY) = %d %s (%m)\n", rc, errno2name()); + +# ifndef TEST_SECONTEXT static const struct strval dirfds[] = { { (kernel_ulong_t) 0xdeadca57badda7a1ULL, "-1159878751" }, { (kernel_ulong_t) 0x12345678ffffff9cULL, "AT_FDCWD" }, @@ -171,29 +249,11 @@ }; static const char str64[] = STR64; - - char *bogus_path1 = tail_memdup(str64, PATH1_SIZE); char *bogus_path2 = tail_memdup(str64, sizeof(str64)); - - struct file_handle *handle = - tail_alloc(sizeof(struct file_handle) + MAX_HANDLE_SZ); - struct file_handle *handle_0 = - tail_alloc(sizeof(struct file_handle) + 0); - struct file_handle *handle_8 = - tail_alloc(sizeof(struct file_handle) + 8); - struct file_handle *handle_128 = - tail_alloc(sizeof(struct file_handle) + 128); - struct file_handle *handle_256 = - tail_alloc(sizeof(struct file_handle) + 256); - TAIL_ALLOC_OBJECT_CONST_PTR(int, bogus_mount_id); - - char handle_0_addr[sizeof("0x") + sizeof(void *) * 2]; - char bogus_path1_addr[sizeof("0x") + sizeof(void *) * 2]; char bogus_path1_after_addr[sizeof("0x") + sizeof(void *) * 2]; - struct strval paths[] = { { (kernel_ulong_t) 0, "NULL" }, { (kernel_ulong_t) (uintptr_t) (bogus_path1 + PATH1_SIZE), @@ -229,62 +289,16 @@ (kernel_ulong_t) (uintptr_t) bogus_mount_id, }; - const int flags = 0x400; - int mount_id; unsigned int i; unsigned int j; unsigned int k; unsigned int l; unsigned int m; - snprintf(bogus_path1_addr, sizeof(bogus_path1_addr), "%p", bogus_path1); snprintf(bogus_path1_after_addr, sizeof(bogus_path1_after_addr), "%p", bogus_path1 + PATH1_SIZE); - handle_0->handle_bytes = 256; - handle_8->handle_bytes = 0; - handle_128->handle_bytes = 128; - handle_256->handle_bytes = 256; - - fill_memory((char *) handle_128 + sizeof(struct file_handle), 128); - fill_memory((char *) handle_256 + sizeof(struct file_handle), 256); - - snprintf(handle_0_addr, sizeof(handle_0_addr), "%p", - handle_0 + sizeof(struct file_handle)); - - handle->handle_bytes = 0; - - assert(syscall(__NR_name_to_handle_at, fdcwd, ".", handle, &mount_id, - flags | 1) == -1); - if (EINVAL != errno) - perror_msg_and_skip("name_to_handle_at"); - printf("name_to_handle_at(AT_FDCWD, \".\", {handle_bytes=0}, %p" - ", AT_SYMLINK_FOLLOW|0x1) = -1 EINVAL (%m)\n", &mount_id); - - assert(syscall(__NR_name_to_handle_at, fdcwd, ".", handle, &mount_id, - flags) == -1); - if (EOVERFLOW != errno) - perror_msg_and_skip("name_to_handle_at"); - printf("name_to_handle_at(AT_FDCWD, \".\", {handle_bytes=0 => %u}" - ", %p, AT_SYMLINK_FOLLOW) = -1 EOVERFLOW (%m)\n", - handle->handle_bytes, &mount_id); - - assert(syscall(__NR_name_to_handle_at, fdcwd, ".", handle, &mount_id, - flags) == 0); - printf("name_to_handle_at(AT_FDCWD, \".\", {handle_bytes=%u" - ", handle_type=%d, f_handle=", - handle->handle_bytes, handle->handle_type); - print_handle_data(handle->f_handle, handle->handle_bytes); - printf("}, [%d], AT_SYMLINK_FOLLOW) = 0\n", mount_id); - - printf("open_by_handle_at(-1, {handle_bytes=%u, handle_type=%d" - ", f_handle=", handle->handle_bytes, handle->handle_type); - print_handle_data(handle->f_handle, handle->handle_bytes); - int rc = syscall(__NR_open_by_handle_at, -1, handle, - O_RDONLY | O_DIRECTORY); - printf("}, O_RDONLY|O_DIRECTORY) = %d %s (%m)\n", rc, errno2name()); - for (i = 0; i < ARRAY_SIZE(dirfds); i++) { for (j = 0; j < ARRAY_SIZE(paths); j++) { for (k = 0; k < ARRAY_SIZE(name_handles); k++) { @@ -320,6 +334,68 @@ } } } +# endif + + /* + * Tests with dirfd. + */ + + int cwd_fd = get_dir_fd("."); + char *cwd = get_fd_path(cwd_fd); + char *cwd_secontext = SECONTEXT_FILE("."); + + assert(syscall(__NR_name_to_handle_at, cwd_fd, path, handle, &mount_id, + flags) == 0); + printf("%s%s(%d%s, \"%s\"%s, {handle_bytes=%u, handle_type=%d" + ", f_handle=", + my_secontext, "name_to_handle_at", + cwd_fd, cwd_secontext, + path, path_secontext, + handle->handle_bytes, handle->handle_type); + print_handle_data((unsigned char *) handle + + sizeof(struct file_handle), + handle->handle_bytes); + printf("}, [%d], AT_SYMLINK_FOLLOW) = 0\n", mount_id); + + printf("%s%s(-1, {handle_bytes=%u, handle_type=%d, f_handle=", + my_secontext, "open_by_handle_at", + handle->handle_bytes, handle->handle_type); + print_handle_data((unsigned char *) handle + + sizeof(struct file_handle), + handle->handle_bytes); + rc = syscall(__NR_open_by_handle_at, -1, handle, + O_RDONLY | O_DIRECTORY); + printf("}, O_RDONLY|O_DIRECTORY) = %s\n", sprintrc(rc)); + + /* cwd_fd ignored when path is absolute */ + if (chdir("..")) + perror_msg_and_fail("chdir"); + + assert(syscall(__NR_name_to_handle_at, cwd_fd, cwd, handle, &mount_id, + flags) == 0); + printf("%s%s(%d%s, \"%s\"%s, {handle_bytes=%u" + ", handle_type=%d, f_handle=", + my_secontext, "name_to_handle_at", + cwd_fd, cwd_secontext, + cwd, cwd_secontext, + handle->handle_bytes, handle->handle_type); + print_handle_data((unsigned char *) handle + + sizeof(struct file_handle), + handle->handle_bytes); + printf("}, [%d], AT_SYMLINK_FOLLOW) = 0\n", mount_id); + + printf("%s%s(-1, {handle_bytes=%u, handle_type=%d, f_handle=", + my_secontext, "open_by_handle_at", + handle->handle_bytes, handle->handle_type); + print_handle_data((unsigned char *) handle + + sizeof(struct file_handle), + handle->handle_bytes); + rc = syscall(__NR_open_by_handle_at, -1, handle, + O_RDONLY | O_DIRECTORY); + printf("}, O_RDONLY|O_DIRECTORY) = %s\n", sprintrc(rc)); + + if (fchdir(cwd_fd)) + perror_msg_and_fail("fchdir"); puts("+++ exited with 0 +++"); return 0; Index: strace-5.7/tests-m32/gen_secontext.sh =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ strace-5.7/tests-m32/gen_secontext.sh 2021-08-24 21:08:43.271245891 +0200 @@ -0,0 +1,72 @@ +#!/bin/sh -efu +# +# Copyright (c) 2021 The strace developers. +# All rights reserved. +# +# SPDX-License-Identifier: GPL-2.0-or-later + +usage() +{ + cat >&2 <] + +Generate secontext files from list. +EOF + exit 1 +} + +if [ $# -eq 0 ]; then + input="${0%/*}/gen_tests.in" +else + input="$1" + shift +fi +dir="$(dirname "$input")" +[ $# -eq 0 ] || usage + +{ + cat < "$dir/secontext.am" + +sed -r -n 's/^([^#[:space:]]+--secontext)[[:space:]].*/\1/p' < "$input" | +while read -r name; do { + cat <<-EOF > "$dir/$name.c" + /* + * Copyright (c) 2021 The strace developers. + * All rights reserved. + * + * SPDX-License-Identifier: GPL-2.0-or-later + */ + + #include "tests.h" + + #ifdef HAVE_SELINUX_RUNTIME + + # define TEST_SECONTEXT + # include "${name%--secontext}.c" + + #else + + SKIP_MAIN_UNDEFINED("HAVE_SELINUX_RUNTIME") + + #endif + EOF +} < /dev/null; done + +sed -r -n 's/^([^#[:space:]]+--secontext_full)[[:space:]].*/\1/p' < "$input" | +while read -r name; do { + cat <<-EOF > "$dir/$name.c" + #define PRINT_SECONTEXT_FULL + #include "${name%_full}.c" + EOF +} < /dev/null; done Index: strace-5.7/tests-m32/gen_tests.in =================================================================== --- strace-5.7.orig/tests-m32/gen_tests.in 2021-08-24 21:08:35.391312587 +0200 +++ strace-5.7/tests-m32/gen_tests.in 2021-08-24 21:08:43.272245883 +0200 @@ -10,6 +10,8 @@ accept -a22 accept4 -a37 access -a30 --trace-path=access_sample +access--secontext -a30 --secontext --trace-path=access_sample -e trace=access +access--secontext_full -a30 --secontext=full --trace-path=access_sample -e trace=access acct -a20 add_key -a30 -s12 adjtimex -a15 @@ -24,6 +26,8 @@ bpf-v -a20 -v -e trace=bpf btrfs +ioctl.test chmod -a28 +chmod--secontext -a28 --secontext -e trace=chmod +chmod--secontext_full -a28 --secontext=full -e trace=chmod chown -a28 chown32 -a31 chroot -a24 @@ -71,25 +75,43 @@ epoll_pwait epoll_wait -a26 erestartsys -a34 -e signal=none -e trace=recvfrom +execve--secontext +execve.test --secontext +execve--secontext_full +execve.test --secontext=full execveat +execveat--secontext --secontext --trace=execveat +execveat--secontext_full --secontext=full --trace=execveat execveat-v -v -e trace=execveat +faccessat--secontext +faccessat.test -a24 --secontext +faccessat--secontext_full +faccessat.test -a24 --secontext=full faccessat-P -a23 --trace=faccessat -P /dev/full faccessat-y +faccessat.test -a24 -y +faccessat-y--secontext +faccessat.test -a24 -y --secontext +faccessat-y--secontext_full +faccessat.test -a24 -y --secontext=full faccessat-yy +faccessat.test -a24 -yy fadvise64_64 +fadvise64.test fallocate -a18 fanotify_init fanotify_mark -a32 +fanotify_mark--secontext -a32 --secontext -e trace=fanotify_mark +fanotify_mark--secontext_full -a32 --secontext=full -e trace=fanotify_mark fanotify_mark-Xabbrev -a32 -Xabbrev -e trace=fanotify_mark fanotify_mark-Xraw -a32 -Xraw -e trace=fanotify_mark fanotify_mark-Xverbose -a32 -Xverbose -e trace=fanotify_mark fchdir -a11 fchmod -a15 +fchmod--secontext -a15 --secontext -e trace=fchmod +fchmod--secontext_full -a15 --secontext=full -e trace=fchmod fchmod-y -y -e trace=fchmod +fchmod-y--secontext -a15 -y --secontext -e trace=fchmod +fchmod-y--secontext_full -a15 -y --secontext=full -e trace=fchmod fchmodat +fchmodat--secontext --secontext -e trace=fchmodat +fchmodat--secontext_full --secontext=full -e trace=fchmodat fchown -a16 fchown32 -a18 fchownat +fchownat--secontext --secontext -e trace=fchownat +fchownat--secontext_full --secontext=full -e trace=fchownat fcntl -a8 fcntl--pidns-translation test_pidns -a8 -e trace=fcntl fcntl64 -a8 @@ -97,6 +119,8 @@ fdatasync -a14 file_handle -e trace=name_to_handle_at,open_by_handle_at file_ioctl +ioctl.test +file_handle--secontext --secontext -e trace=name_to_handle_at,open_by_handle_at +file_handle--secontext_full --secontext=full -e trace=name_to_handle_at,open_by_handle_at filter_seccomp . "${srcdir=.}/filter_seccomp.sh"; test_prog_set --seccomp-bpf -f filter_seccomp-flag ../$NAME finit_module -a25 @@ -295,6 +319,8 @@ lchown32 -a32 link linkat +linkat--secontext --secontext -e trace=linkat +linkat--secontext_full --secontext=full -e trace=linkat lookup_dcookie -a27 lstat -a31 --no-abbrev --trace-path=stat.sample --trace-path=/dev/full lstat64 -a32 --no-abbrev --trace-path=stat.sample --trace-path=/dev/full @@ -434,9 +460,13 @@ oldselect-efault-P -a13 -e trace=select -P /dev/full 9>>/dev/full oldstat -a32 -v -P stat.sample -P /dev/full open -a30 -P $NAME.sample +open--secontext -a30 -P open.sample --secontext --trace=open +open--secontext_full -a30 -P open.sample --secontext=full --trace=open open_tree -a30 -y open_tree-P -a30 --decode-fds -P /dev/full -e trace=open_tree openat -a36 -P $NAME.sample +openat--secontext -a36 -P openat.sample -P $PWD/openat.sample --secontext -e trace=openat +openat--secontext_full -a36 -P openat.sample -P $PWD/openat.sample --secontext=full -e trace=openat openat2 -a35 openat2-Xabbrev --trace=openat2 -a35 -Xabbrev openat2-Xraw --trace=openat2 -a32 -Xraw Index: strace-5.7/tests-m32/linkat.c =================================================================== --- strace-5.7.orig/tests-m32/linkat.c 2021-08-24 21:08:35.391312587 +0200 +++ strace-5.7/tests-m32/linkat.c 2021-08-24 21:08:43.272245883 +0200 @@ -10,8 +10,14 @@ #ifdef __NR_linkat +# include # include +# include # include +# include + +# include "secontext.h" +# include "xmalloc.h" int main(void) @@ -27,18 +33,158 @@ const long fd_old = (long) 0xdeadbeefffffffffULL; const long fd_new = (long) 0xdeadbeeffffffffeULL; + char *my_secontext = SECONTEXT_PID_MY(); + + (void) unlink(sample_1); + (void) unlink(sample_2); + long rc = syscall(__NR_linkat, fd_old, sample_1, fd_new, sample_2, 0); - printf("linkat(%d, \"%s\", %d, \"%s\", 0) = %ld %s (%m)\n", + printf("%s%s(%d, \"%s\", %d, \"%s\", 0) = %ld %s (%m)\n", + my_secontext, "linkat", (int) fd_old, sample_1, (int) fd_new, sample_2, rc, errno2name()); rc = syscall(__NR_linkat, -100, sample_1, -100, sample_2, -1L); - printf("linkat(%s, \"%s\", %s, \"%s\", %s) = %ld %s (%m)\n", + printf("%s%s(%s, \"%s\", %s, \"%s\", %s) = %ld %s (%m)\n", + my_secontext, "linkat", "AT_FDCWD", sample_1, "AT_FDCWD", sample_2, "AT_SYMLINK_NOFOLLOW|AT_REMOVEDIR|AT_SYMLINK_FOLLOW" "|AT_NO_AUTOMOUNT|AT_EMPTY_PATH|AT_RECURSIVE|0xffff60ff", rc, errno2name()); + /* + * Tests with AT_FDCWD. + */ + + int fd_sample_1 = open(sample_1, O_RDONLY | O_CREAT, 0400); + if (fd_sample_1 < 0) + perror_msg_and_fail("open"); + if (close(fd_sample_1)) + perror_msg_and_fail("close"); + + char *sample_1_secontext = SECONTEXT_FILE(sample_1); + + rc = syscall(__NR_linkat, -100, sample_1, -100, sample_2, 0); + /* no context printed for sample_2 since file doesn't exist yet */ + printf("%s%s(AT_FDCWD, \"%s\"%s, AT_FDCWD, \"%s\", 0) = %s\n", + my_secontext, "linkat", + sample_1, sample_1_secontext, + sample_2, + sprintrc(rc)); + + const char *sample_2_secontext = sample_1_secontext; + + rc = syscall(__NR_linkat, -100, sample_1, -100, sample_2, 0); + printf("%s%s(AT_FDCWD, \"%s\"%s, AT_FDCWD, \"%s\"%s, 0) = %s\n", + my_secontext, "linkat", + sample_1, sample_1_secontext, + sample_2, sample_2_secontext, + sprintrc(rc)); + + int fd_sample_2 = open(sample_2, O_RDONLY | O_CREAT, 0400); + if (fd_sample_2 < 0) + perror_msg_and_fail("open"); + if (close(fd_sample_2)) + perror_msg_and_fail("close"); + + free(sample_1_secontext); + update_secontext_type(sample_1, "default_t"); + sample_1_secontext = SECONTEXT_FILE(sample_1); + sample_2_secontext = sample_1_secontext; + + rc = syscall(__NR_linkat, -100, sample_1, -100, sample_2, 0); + printf("%s%s(AT_FDCWD, \"%s\"%s, AT_FDCWD, \"%s\"%s, 0) = %s\n", + my_secontext, "linkat", + sample_1, sample_1_secontext, + sample_2, sample_2_secontext, + sprintrc(rc)); + + if (unlink(sample_2)) + perror_msg_and_fail("unlink: %s", sample_2); + + /* + * Tests with dirfd. + */ + + int dfd_old = get_dir_fd("."); + char *cwd = get_fd_path(dfd_old); + char *dfd_old_secontext = SECONTEXT_FILE("."); + + rc = syscall(__NR_linkat, dfd_old, sample_1, -100, sample_2, 0); + /* no context printed for sample_2 since file doesn't exist yet */ + printf("%s%s(%d%s, \"%s\"%s, AT_FDCWD, \"%s\", 0) = %s\n", + my_secontext, "linkat", + dfd_old, dfd_old_secontext, + sample_1, sample_1_secontext, + sample_2, + sprintrc(rc)); + + rc = syscall(__NR_linkat, dfd_old, sample_1, -100, sample_2, 0); + printf("%s%s(%d%s, \"%s\"%s, AT_FDCWD, \"%s\"%s, 0) = %s\n", + my_secontext, "linkat", + dfd_old, dfd_old_secontext, + sample_1, sample_1_secontext, + sample_2, sample_2_secontext, + sprintrc(rc)); + + if (unlink(sample_2)) + perror_msg_and_fail("unlink: %s", sample_2); + + static const char new_dir[] = "new"; + char *new_sample_2 = xasprintf("%s/%s", new_dir, sample_2); + + (void) unlink(new_sample_2); + (void) rmdir(new_dir); + + if (mkdir(new_dir, 0700)) + perror_msg_and_fail("mkdir"); + char *new_dir_realpath = xasprintf("%s/%s", cwd, new_dir); + char *new_dir_secontext = SECONTEXT_FILE(new_dir); + int dfd_new = get_dir_fd(new_dir); + + rc = syscall(__NR_linkat, dfd_old, sample_1, dfd_new, sample_2, 0); + /* no context printed for sample_2 since file doesn't exist yet */ + printf("%s%s(%d%s, \"%s\"%s, %d%s, \"%s\", 0) = %s\n", + my_secontext, "linkat", + dfd_old, dfd_old_secontext, + sample_1, sample_1_secontext, + dfd_new, new_dir_secontext, + sample_2, + sprintrc(rc)); + + rc = syscall(__NR_linkat, dfd_old, sample_1, dfd_new, sample_2, 0); + printf("%s%s(%d%s, \"%s\"%s, %d%s, \"%s\"%s, 0) = %s\n", + my_secontext, "linkat", + dfd_old, dfd_old_secontext, + sample_1, sample_1_secontext, + dfd_new, new_dir_secontext, + sample_2, SECONTEXT_FILE(new_sample_2), + sprintrc(rc)); + + char *new_sample_2_realpath = xasprintf("%s/%s", new_dir_realpath, sample_2); + + /* dfd ignored when path is absolute */ + if (chdir("../..")) + perror_msg_and_fail("chdir"); + + rc = syscall(__NR_linkat, dfd_old, sample_1, -100, new_sample_2_realpath, 0); + printf("%s%s(%d%s, \"%s\"%s, AT_FDCWD, \"%s\"%s, 0) = %s\n", + my_secontext, "linkat", + dfd_old, dfd_old_secontext, + sample_1, sample_1_secontext, + new_sample_2_realpath, SECONTEXT_FILE(new_sample_2_realpath), + sprintrc(rc)); + + if (fchdir(dfd_old)) + perror_msg_and_fail("fchdir"); + + if (unlink(sample_1)) + perror_msg_and_fail("unlink: %s", sample_1); + if (unlink(new_sample_2)) + perror_msg_and_fail("unlink: %s", new_sample_2); + if (rmdir(new_dir)) + perror_msg_and_fail("rmdir: %s", new_dir); + leave_and_remove_subdir(); puts("+++ exited with 0 +++"); Index: strace-5.7/tests-m32/open.c =================================================================== --- strace-5.7.orig/tests-m32/open.c 2021-08-24 21:08:35.391312587 +0200 +++ strace-5.7/tests-m32/open.c 2021-08-24 21:08:43.272245883 +0200 @@ -15,6 +15,8 @@ # include # include +# include "secontext.h" + int main(void) { @@ -25,10 +27,12 @@ create_and_enter_subdir("open_subdir"); static const char sample[] = "open.sample"; + char *my_secontext = SECONTEXT_PID_MY(); long fd = syscall(__NR_open, sample, O_RDONLY|O_CREAT, 0400); - printf("open(\"%s\", O_RDONLY|O_CREAT, 0400) = %s\n", - sample, sprintrc(fd)); + printf("%s%s(\"%s\", O_RDONLY|O_CREAT, 0400) = %s%s\n", + my_secontext, "open", + sample, sprintrc(fd), SECONTEXT_FILE(sample)); if (fd != -1) { close(fd); @@ -36,16 +40,18 @@ perror_msg_and_fail("unlink"); fd = syscall(__NR_open, sample, O_RDONLY); - printf("open(\"%s\", O_RDONLY) = %s\n", sample, sprintrc(fd)); + printf("%s%s(\"%s\", O_RDONLY) = %s\n", + my_secontext, "open", sample, sprintrc(fd)); fd = syscall(__NR_open, sample, O_WRONLY|O_NONBLOCK|0x80000000); - printf("open(\"%s\", O_WRONLY|O_NONBLOCK|0x80000000) = %s\n", - sample, sprintrc(fd)); + printf("%s%s(\"%s\", O_WRONLY|O_NONBLOCK|0x80000000) = %s\n", + my_secontext, "open", sample, sprintrc(fd)); } # ifdef O_TMPFILE fd = syscall(__NR_open, sample, O_WRONLY|O_TMPFILE, 0600); - printf("open(\"%s\", O_WRONLY|O_TMPFILE, 0600) = %s\n", + printf("%s%s(\"%s\", O_WRONLY|O_TMPFILE, 0600) = %s\n", + my_secontext, "open", sample, sprintrc(fd)); # endif /* O_TMPFILE */ Index: strace-5.7/tests-m32/openat.c =================================================================== --- strace-5.7.orig/tests-m32/openat.c 2021-08-24 21:08:35.392312578 +0200 +++ strace-5.7/tests-m32/openat.c 2021-08-24 21:08:43.273245874 +0200 @@ -15,6 +15,8 @@ # include # include +# include "secontext.h" + # ifdef O_TMPFILE /* The kernel & C libraries often inline O_DIRECTORY. */ # define STRACE_O_TMPFILE (O_TMPFILE & ~O_DIRECTORY) @@ -26,10 +28,12 @@ static void test_mode_flag(unsigned int mode_val, const char *mode_str, - unsigned int flag_val, const char *flag_str) + unsigned int flag_val, const char *flag_str, + const char *my_secontext) { long rc = syscall(__NR_openat, -1, sample, mode_val | flag_val, 0); - printf("openat(-1, \"%s\", %s%s%s%s) = %s\n", + printf("%s%s(-1, \"%s\", %s%s%s%s) = %s\n", + my_secontext, "openat", sample, mode_str, flag_val ? "|" : "", flag_str, flag_val & (O_CREAT | STRACE_O_TMPFILE) ? ", 000" : "", @@ -45,20 +49,7 @@ */ create_and_enter_subdir("openat_subdir"); - long fd = syscall(__NR_openat, -100, sample, O_RDONLY|O_CREAT, 0400); - printf("openat(AT_FDCWD, \"%s\", O_RDONLY|O_CREAT, 0400) = %s\n", - sample, sprintrc(fd)); - - if (fd != -1) { - close(fd); - if (unlink(sample) == -1) - perror_msg_and_fail("unlink"); - - fd = syscall(__NR_openat, -100, sample, O_RDONLY); - printf("openat(AT_FDCWD, \"%s\", O_RDONLY) = %s\n", - sample, sprintrc(fd)); - } - + char *my_secontext = SECONTEXT_PID_MY(); struct { unsigned int val; const char *str; @@ -105,7 +96,73 @@ for (unsigned int m = 0; m < ARRAY_SIZE(modes); ++m) for (unsigned int f = 0; f < ARRAY_SIZE(flags); ++f) test_mode_flag(modes[m].val, modes[m].str, - flags[f].val, flags[f].str); + flags[f].val, flags[f].str, + my_secontext); + + /* + * Tests with AT_FDCWD. + */ + + (void) unlink(sample); + long fd = syscall(__NR_openat, -100, sample, O_RDONLY|O_CREAT, 0400); + + char *sample_secontext = SECONTEXT_FILE(sample); + + /* + * File context in openat() is not displayed because file doesn't exist + * yet, but is displayed in return value since the file got created. + */ + printf("%s%s(AT_FDCWD, \"%s\", O_RDONLY|O_CREAT, 0400) = %s%s\n", + my_secontext, "openat", + sample, + sprintrc(fd), sample_secontext); + + close(fd); + + fd = syscall(__NR_openat, -100, sample, O_RDONLY); + printf("%s%s(AT_FDCWD, \"%s\"%s, O_RDONLY) = %s%s\n", + my_secontext, "openat", + sample, sample_secontext, + sprintrc(fd), sample_secontext); + if (fd != -1) { + close(fd); + if (unlink(sample)) + perror_msg_and_fail("unlink"); + } + + /* + * Tests with dirfd. + */ + + int cwd_fd = get_dir_fd("."); + char *cwd_secontext = SECONTEXT_FILE("."); + + fd = syscall(__NR_openat, cwd_fd, sample, O_RDONLY|O_CREAT, 0400); + if (fd == -1) + perror_msg_and_fail("openat"); + close(fd); + + /* + * File context in openat() is not displayed because file doesn't exist + * yet, but is displayed in return value since the file got created. + */ + printf("%s%s(%d%s, \"%s\", O_RDONLY|O_CREAT, 0400) = %s%s\n", + my_secontext, "openat", + cwd_fd, cwd_secontext, + sample, + sprintrc(fd), sample_secontext); + + fd = syscall(__NR_openat, cwd_fd, sample, O_RDONLY); + printf("%s%s(%d%s, \"%s\"%s, O_RDONLY) = %s%s\n", + my_secontext, "openat", + cwd_fd, cwd_secontext, + sample, sample_secontext, + sprintrc(fd), sample_secontext); + if (fd != -1) { + close(fd); + if (unlink(sample)) + perror_msg_and_fail("unlink"); + } leave_and_remove_subdir(); Index: strace-5.7/tests-m32/options-syntax.test =================================================================== --- strace-5.7.orig/tests-m32/options-syntax.test 2021-08-24 21:08:35.392312578 +0200 +++ strace-5.7/tests-m32/options-syntax.test 2021-08-24 21:08:43.273245874 +0200 @@ -2,14 +2,16 @@ # # Check strace options syntax. # -# Copyright (c) 2016 Dmitry V. Levin -# Copyright (c) 2016-2020 The strace developers. +# Copyright (c) 2016 Dmitry V. Levin +# Copyright (c) 2016-2021 The strace developers. # All rights reserved. # # SPDX-License-Identifier: GPL-2.0-or-later . "${srcdir=.}/syntax.sh" +compiled_with_secontext=$(get_config_option ENABLE_SECONTEXT "y") + check_e "Invalid process id: '0'" -p 0 check_e "Invalid process id: '0'" --attach=0 check_e "Invalid process id: '-42'" -p -42 @@ -46,6 +48,8 @@ check_e '-t and --absolute-timestamps cannot be provided simultaneously' --absolute-timestamps -ttt -p $$ check_e '-t and --absolute-timestamps cannot be provided simultaneously' -t --timestamps=ns -t -p $$ check_e '-t and --absolute-timestamps cannot be provided simultaneously' --timestamps=ns -t --absolute-timestamps=unix -p $$ +[ -z "$compiled_with_secontext" ] || + check_h "invalid --secontext argument: 'ss'" --secontext=ss check_h 'PROG [ARGS] must be specified with -D/--daemonize' -D -p $$ check_h 'PROG [ARGS] must be specified with -D/--daemonize' -DD -p $$ check_h 'PROG [ARGS] must be specified with -D/--daemonize' -DDD -p $$ @@ -281,6 +285,11 @@ $STRACE_EXE: Only the last of -z/--successful-only/-Z/--failed-only options will take effect. See status qualifier for more complex filters. $STRACE_EXE: $umsg" -u :nosuchuser: -cirtTyzZ true + if [ -n "$compiled_with_secontext" ]; then + check_e "--secontext has no effect with -c/--summary-only +$STRACE_EXE: $umsg" -u :nosuchuser: -c --secontext true + fi + for c in --output-separately -A/--output-append-mode; do check_e "$c has no effect without -o/--output $STRACE_EXE: $umsg" -u :nosuchuser: ${c%%/*} true Index: strace-5.7/tests-m32/secontext.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ strace-5.7/tests-m32/secontext.c 2021-08-24 21:08:43.274245866 +0200 @@ -0,0 +1,201 @@ +/* + * Copyright (c) 2021 The strace developers. + * All rights reserved. + * + * SPDX-License-Identifier: GPL-2.0-or-later + */ + +#include "tests.h" + +#ifdef HAVE_SELINUX_RUNTIME + +# include +# include +# include +# include +# include +# include + +# include "xmalloc.h" + +# define TEST_SECONTEXT +# include "secontext.h" + +static char * +secontext_format(char *context, const char *fmt) + ATTRIBUTE_FORMAT((printf, 2, 0)) ATTRIBUTE_MALLOC; + +static char * +secontext_format(char *context, const char *fmt) +{ + int saved_errno = errno; + char *res = context ? xasprintf(fmt, context) : xstrdup(""); + free(context); + errno = saved_errno; + return res; +} + +# define FORMAT_SPACE_BEFORE(string) secontext_format(string, " [%s]") +# define FORMAT_SPACE_AFTER(string) secontext_format(string, "[%s] ") + +static char * +strip_trailing_newlines(char *context) +{ + /* + * On the CI at least, the context may have a trailing \n, + * let's remove it just in case. + */ + size_t len = strlen(context); + for (; len > 0; --len) { + if (context[len - 1] != '\n') + break; + } + context[len] = '\0'; + return context; +} + +static char * +raw_secontext_full_file(const char *filename) +{ + int saved_errno = errno; + char *full_secontext = NULL; + char *secontext; + + if (getfilecon(filename, &secontext) >= 0) { + full_secontext = strip_trailing_newlines(xstrdup(secontext)); + freecon(secontext); + } + errno = saved_errno; + return full_secontext; +} + +static char * +raw_secontext_short_file(const char *filename) +{ + int saved_errno = errno; + + char *ctx = raw_secontext_full_file(filename); + if (ctx == NULL) + return ctx; + + char *saveptr = NULL; + const char *token; + unsigned int i; + + char *ctx_copy = xstrdup(ctx); + char *context = NULL; + for (token = strtok_r(ctx_copy, ":", &saveptr), i = 0; + token; token = strtok_r(NULL, ":", &saveptr), i++) { + if (i == 2) { + context = xstrdup(token); + break; + } + } + if (context == NULL) + context = xstrdup(ctx); + free(ctx_copy); + free(ctx); + + errno = saved_errno; + return context; +} + +static char * +raw_secontext_full_pid(pid_t pid) +{ + int saved_errno = errno; + char *full_secontext = NULL; + char *secontext; + + if (getpidcon(pid, &secontext) == 0) { + full_secontext = strip_trailing_newlines(xstrdup(secontext)); + freecon(secontext); + } + errno = saved_errno; + return full_secontext; +} + +static char * +raw_secontext_short_pid(pid_t pid) +{ + int saved_errno = errno; + + char *ctx = raw_secontext_full_pid(pid); + if (ctx == NULL) + return ctx; + + char *saveptr = NULL; + const char *token; + int i; + + char *ctx_copy = xstrdup(ctx); + char *context = NULL; + for (token = strtok_r(ctx_copy, ":", &saveptr), i = 0; + token; token = strtok_r(NULL, ":", &saveptr), i++) { + if (i == 2) { + context = xstrdup(token); + break; + } + } + if (context == NULL) + context = xstrdup(ctx); + free(ctx_copy); + free(ctx); + + errno = saved_errno; + return context; +} + +char * +secontext_full_file(const char *filename) +{ + return FORMAT_SPACE_BEFORE(raw_secontext_full_file(filename)); +} + +char * +secontext_full_pid(pid_t pid) +{ + return FORMAT_SPACE_AFTER(raw_secontext_full_pid(pid)); +} + +char * +secontext_short_file(const char *filename) +{ + return FORMAT_SPACE_BEFORE(raw_secontext_short_file(filename)); +} + +char * +secontext_short_pid(pid_t pid) +{ + return FORMAT_SPACE_AFTER(raw_secontext_short_pid(pid)); +} + +void +update_secontext_type(const char *file, const char *newtype) +{ + char *ctx = raw_secontext_full_file(file); + if (ctx == NULL) + return; + + char *saveptr = NULL; + char *token; + int field; + char *split[4]; + + for (token = strtok_r(ctx, ":", &saveptr), field = 0; + token; token = strtok_r(NULL, ":", &saveptr), field++) { + assert(field < 4); + split[field] = token; + } + assert(field == 4); + + char *newcontext = xasprintf("%s:%s:%s:%s", split[0], split[1], + newtype, split[3]); + + (void) setfilecon(file, newcontext); + + free(newcontext); + free(ctx); +} + +#endif /* HAVE_SELINUX_RUNTIME */ Index: strace-5.7/tests-m32/secontext.h =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ strace-5.7/tests-m32/secontext.h 2021-08-24 21:08:43.274245866 +0200 @@ -0,0 +1,46 @@ +/* + * Copyright (c) 2021 The strace developers. + * All rights reserved. + * + * SPDX-License-Identifier: GPL-2.0-or-later + */ + +#include "tests.h" +#include "xmalloc.h" +#include + +#if defined TEST_SECONTEXT && defined HAVE_SELINUX_RUNTIME + +void update_secontext_type(const char *file, const char *newtype); + +# ifdef PRINT_SECONTEXT_FULL + +char *secontext_full_file(const char *) ATTRIBUTE_MALLOC; +char *secontext_full_pid(pid_t) ATTRIBUTE_MALLOC; + +# define SECONTEXT_FILE(filename) secontext_full_file(filename) +# define SECONTEXT_PID(pid) secontext_full_pid(pid) + +# else + +char *secontext_short_file(const char *) ATTRIBUTE_MALLOC; +char *secontext_short_pid(pid_t) ATTRIBUTE_MALLOC; + +# define SECONTEXT_FILE(filename) secontext_short_file(filename) +# define SECONTEXT_PID(pid) secontext_short_pid(pid) + +# endif + +#else + +static inline void +update_secontext_type(const char *file, const char *newtype) +{ +} + +# define SECONTEXT_FILE(filename) xstrdup("") +# define SECONTEXT_PID(pid) xstrdup("") + +#endif + +#define SECONTEXT_PID_MY() SECONTEXT_PID(getpid()) Index: strace-5.7/tests-m32/strace-V.test =================================================================== --- strace-5.7.orig/tests-m32/strace-V.test 2021-08-24 21:08:35.392312578 +0200 +++ strace-5.7/tests-m32/strace-V.test 2021-08-24 21:08:43.274245866 +0200 @@ -33,7 +33,9 @@ ;; esac -features="${option_unwind}${option_demangle}${option_m32}${option_mx32}" +option_secontext=$(get_config_option ENABLE_SECONTEXT " secontext") + +features="${option_unwind}${option_demangle}${option_m32}${option_mx32}${option_secontext}" [ -n "$features" ] || features=" (none)" cat > "$EXP" << __EOF__ Index: strace-5.7/tests-mx32/Makefile.am =================================================================== --- strace-5.7.orig/tests-mx32/Makefile.am 2021-08-24 21:08:35.393312570 +0200 +++ strace-5.7/tests-mx32/Makefile.am 2021-08-24 21:08:43.274245866 +0200 @@ -28,6 +28,12 @@ -DTESTS_SIZEOF_LONG=$(SIZEOF_LONG) AM_LDFLAGS = $(ARCH_MFLAGS) +if HAVE_SELINUX_RUNTIME +libselinux_LDADD = $(libselinux_LIBS) +else +libselinux_LDADD = +endif + libtests_a_SOURCES = \ create_nl_socket.c \ create_tmpfile.c \ @@ -54,6 +60,8 @@ printxval-Xabbrev.c \ printxval-Xraw.c \ printxval-Xverbose.c \ + secontext.c \ + secontext.h \ signal2name.c \ skip_unavailable.c \ sprintrc.c \ @@ -76,7 +84,10 @@ include pure_executables.am +include secontext.am + check_PROGRAMS = $(PURE_EXECUTABLES) \ + $(secontext_EXECUTABLES) \ _newselect-P \ answer \ attach-f-p \ Index: strace-5.7/tests-mx32/access.c =================================================================== --- strace-5.7.orig/tests-mx32/access.c 2021-08-24 21:08:35.393312570 +0200 +++ strace-5.7/tests-mx32/access.c 2021-08-24 21:08:43.275245858 +0200 @@ -10,9 +10,12 @@ #ifdef __NR_access +# include # include # include +# include "secontext.h" + int main(void) { @@ -22,15 +25,27 @@ */ create_and_enter_subdir("access_subdir"); + char *my_secontext = SECONTEXT_PID_MY(); + static const char sample[] = "access_sample"; + (void) unlink(sample); + if (open(sample, O_CREAT|O_RDONLY, 0400) == -1) + perror_msg_and_fail("open: %s", sample); long rc = syscall(__NR_access, sample, F_OK); - printf("access(\"%s\", F_OK) = %ld %s (%m)\n", - sample, rc, errno2name()); + printf("%s%s(\"%s\"%s, F_OK) = %s\n", + my_secontext, "access", + sample, SECONTEXT_FILE(sample), + sprintrc(rc)); + + if (unlink(sample)) + perror_msg_and_fail("unlink: %s", sample); rc = syscall(__NR_access, sample, R_OK|W_OK|X_OK); - printf("access(\"%s\", R_OK|W_OK|X_OK) = %ld %s (%m)\n", - sample, rc, errno2name()); + printf("%s%s(\"%s\", R_OK|W_OK|X_OK) = %s\n", + my_secontext, "access", + sample, + sprintrc(rc)); leave_and_remove_subdir(); Index: strace-5.7/tests-mx32/chmod.c =================================================================== --- strace-5.7.orig/tests-mx32/chmod.c 2021-08-24 21:08:35.393312570 +0200 +++ strace-5.7/tests-mx32/chmod.c 2021-08-24 21:08:43.275245858 +0200 @@ -16,6 +16,8 @@ # include # include +# include "secontext.h" + int main(void) { @@ -25,22 +27,33 @@ */ create_and_enter_subdir("chmod_subdir"); - static const char fname[] = "chmod_test_file"; - - if (open(fname, O_CREAT|O_RDONLY, 0400) < 0) - perror_msg_and_fail("open"); - - long rc = syscall(__NR_chmod, fname, 0600); - printf("chmod(\"%s\", 0600) = %s\n", fname, sprintrc(rc)); - - if (unlink(fname)) - perror_msg_and_fail("unlink"); - - rc = syscall(__NR_chmod, fname, 051); - printf("chmod(\"%s\", 051) = %s\n", fname, sprintrc(rc)); + char *my_secontext = SECONTEXT_PID_MY(); - rc = syscall(__NR_chmod, fname, 004); - printf("chmod(\"%s\", 004) = %s\n", fname, sprintrc(rc)); + static const char sample[] = "chmod_test_file"; + (void) unlink(sample); + if (open(sample, O_CREAT|O_RDONLY, 0400) < 0) + perror_msg_and_fail("open: %s", sample); + + long rc = syscall(__NR_chmod, sample, 0600); + printf("%s%s(\"%s\"%s, 0600) = %s\n", + my_secontext, "chmod", + sample, SECONTEXT_FILE(sample), + sprintrc(rc)); + + if (unlink(sample)) + perror_msg_and_fail("unlink: %s", sample); + + rc = syscall(__NR_chmod, sample, 051); + printf("%s%s(\"%s\", 051) = %s\n", + my_secontext, "chmod", + sample, + sprintrc(rc)); + + rc = syscall(__NR_chmod, sample, 004); + printf("%s%s(\"%s\", 004) = %s\n", + my_secontext, "chmod", + sample, + sprintrc(rc)); leave_and_remove_subdir(); Index: strace-5.7/tests-mx32/execve.c =================================================================== --- strace-5.7.orig/tests-mx32/execve.c 2021-08-24 21:08:35.394312561 +0200 +++ strace-5.7/tests-mx32/execve.c 2021-08-24 21:08:43.275245858 +0200 @@ -9,9 +9,12 @@ */ #include "tests.h" +#include #include #include +#include "secontext.h" + static const char *errstr; static int @@ -52,9 +55,16 @@ char ** const tail_argv = tail_memdup(argv, sizeof(argv)); char ** const tail_envp = tail_memdup(envp, sizeof(envp)); + char *my_secontext = SECONTEXT_PID_MY(); + + (void) unlink(FILENAME); + if (open(FILENAME, O_RDONLY | O_CREAT, 0400) < 0) + perror_msg_and_fail("open"); + + char *FILENAME_secontext = SECONTEXT_FILE(FILENAME); call_execve(FILENAME, tail_argv, tail_envp); - printf("execve(\"%s\"" + printf("%s%s(\"%s\"%s" ", [\"%s\", \"%s\", \"%s\", %p, %p, %p, ... /* %p */]" #if VERBOSE ", [\"%s\", \"%s\", %p, %p, %p, ... /* %p */]" @@ -62,7 +72,9 @@ ", %p /* 5 vars, unterminated */" #endif ") = %s\n", - Q_FILENAME, q_argv[0], q_argv[1], q_argv[2], + my_secontext, "execve", + Q_FILENAME, FILENAME_secontext, + q_argv[0], q_argv[1], q_argv[2], argv[3], argv[4], argv[5], (char *) tail_argv + sizeof(argv) #if VERBOSE , q_envp[0], q_envp[1], envp[2], envp[3], envp[4], @@ -77,14 +89,16 @@ (void) q_envp; /* workaround for clang bug #33068 */ call_execve(FILENAME, tail_argv, tail_envp); - printf("execve(\"%s\", [\"%s\", \"%s\", \"%s\"]" + printf("%s%s(\"%s\"%s, [\"%s\", \"%s\", \"%s\"]" #if VERBOSE ", [\"%s\", \"%s\"]" #else ", %p /* 2 vars */" #endif ") = %s\n", - Q_FILENAME, q_argv[0], q_argv[1], q_argv[2] + my_secontext, "execve", + Q_FILENAME, FILENAME_secontext, + q_argv[0], q_argv[1], q_argv[2] #if VERBOSE , q_envp[0], q_envp[1] #else @@ -93,14 +107,16 @@ , errstr); call_execve(FILENAME, tail_argv + 2, tail_envp + 1); - printf("execve(\"%s\", [\"%s\"]" + printf("%s%s(\"%s\"%s, [\"%s\"]" #if VERBOSE ", [\"%s\"]" #else ", %p /* 1 var */" #endif ") = %s\n", - Q_FILENAME, q_argv[2] + my_secontext, "execve", + Q_FILENAME, FILENAME_secontext, + q_argv[2] #if VERBOSE , q_envp[1] #else @@ -113,13 +129,15 @@ *empty = NULL; call_execve(FILENAME, empty, empty); - printf("execve(\"%s\", []" + printf("%s%s(\"%s\"%s, []" #if VERBOSE ", []" #else ", %p /* 0 vars */" #endif - ") = %s\n", Q_FILENAME + ") = %s\n", + my_secontext, "execve", + Q_FILENAME, FILENAME_secontext #if !VERBOSE , empty #endif @@ -143,7 +161,10 @@ a[i] = b[i] = NULL; call_execve(FILENAME, a, b); - printf("execve(\"%s\", [\"%.*s\"...", Q_FILENAME, DEFAULT_STRLEN, a[0]); + printf("%s%s(\"%s\"%s, [\"%.*s\"...", + my_secontext, "execve", + Q_FILENAME, FILENAME_secontext, + DEFAULT_STRLEN, a[0]); for (i = 1; i < DEFAULT_STRLEN; ++i) printf(", \"%s\"", a[i]); #if VERBOSE @@ -162,7 +183,10 @@ printf(") = %s\n", errstr); call_execve(FILENAME, a + 1, b + 1); - printf("execve(\"%s\", [\"%s\"", Q_FILENAME, a[1]); + printf("%s%s(\"%s\"%s, [\"%s\"", + my_secontext, "execve", + Q_FILENAME, FILENAME_secontext, + a[1]); for (i = 2; i <= DEFAULT_STRLEN; ++i) printf(", \"%s\"", a[i]); #if VERBOSE @@ -175,12 +199,17 @@ #endif printf(") = %s\n", errstr); + if (unlink(FILENAME)) + perror_msg_and_fail("unlink"); + call_execve(FILENAME, (char **) tail_argv[ARRAY_SIZE(q_argv)], efault); - printf("execve(\"%s\", NULL, %p) = %s\n", + printf("%s%s(\"%s\", NULL, %p) = %s\n", + my_secontext, "execve", Q_FILENAME, efault, errstr); call_execve(FILENAME, efault, NULL); - printf("execve(\"%s\", %p, NULL) = %s\n", + printf("%s%s(\"%s\", %p, NULL) = %s\n", + my_secontext, "execve", Q_FILENAME, efault, errstr); leave_and_remove_subdir(); Index: strace-5.7/tests-mx32/execve.test =================================================================== --- strace-5.7.orig/tests-mx32/execve.test 2021-08-24 21:08:35.394312561 +0200 +++ strace-5.7/tests-mx32/execve.test 2021-08-24 21:08:43.275245858 +0200 @@ -11,7 +11,7 @@ check_prog grep run_prog > /dev/null -run_strace -eexecve $args > "$EXP" +run_strace -eexecve "$@" $args > "$EXP" # Filter out execve() call made by strace. grep -F test.execve < "$LOG" > "$OUT" Index: strace-5.7/tests-mx32/execveat.c =================================================================== --- strace-5.7.orig/tests-mx32/execveat.c 2021-08-24 21:08:35.394312561 +0200 +++ strace-5.7/tests-mx32/execveat.c 2021-08-24 21:08:43.276245849 +0200 @@ -13,9 +13,102 @@ #ifdef __NR_execveat +# include # include # include +# include "secontext.h" + +static void +tests_with_existing_file(void) +{ + /* + * Make sure the current workdir of the tracee + * is different from the current workdir of the tracer. + */ + create_and_enter_subdir("execveat_subdir"); + + char *my_secontext = SECONTEXT_PID_MY(); + + static const char sample[] = "execveat_sample"; + (void) unlink(sample); + if (open(sample, O_RDONLY | O_CREAT, 0400) < 0) + perror_msg_and_fail("open"); + + char *sample_secontext = SECONTEXT_FILE(sample); + static const char *argv[] = { sample, NULL }; + + /* + * Tests with AT_FDCWD. + */ + + long rc = syscall(__NR_execveat, -100, sample, argv, NULL, 0); + printf("%s%s(AT_FDCWD, \"%s\"%s, [\"%s\"], NULL, 0) = %s\n", + my_secontext, "execveat", + sample, sample_secontext, + argv[0], + sprintrc(rc)); + + if (unlink(sample)) + perror_msg_and_fail("unlink"); + + rc = syscall(__NR_execveat, -100, sample, argv, NULL, 0); + printf("%s%s(AT_FDCWD, \"%s\", [\"%s\"], NULL, 0) = %s\n", + my_secontext, "execveat", + sample, + argv[0], + sprintrc(rc)); + + /* + * Tests with dirfd. + */ + + int cwd_fd = get_dir_fd("."); + char *cwd = get_fd_path(cwd_fd); + char *cwd_secontext = SECONTEXT_FILE("."); + char *sample_realpath = xasprintf("%s/%s", cwd, sample); + + /* no file */ + rc = syscall(__NR_execveat, cwd_fd, sample, argv, NULL, 0); + printf("%s%s(%d%s, \"%s\", [\"%s\"], NULL, 0) = %s\n", + my_secontext, "execveat", + cwd_fd, cwd_secontext, + sample, + argv[0], + sprintrc(rc)); + + if (open(sample, O_RDONLY | O_CREAT, 0400) < 0) + perror_msg_and_fail("open"); + + rc = syscall(__NR_execveat, cwd_fd, sample, argv, NULL, 0); + printf("%s%s(%d%s, \"%s\"%s, [\"%s\"], NULL, 0) = %s\n", + my_secontext, "execveat", + cwd_fd, cwd_secontext, + sample, sample_secontext, + argv[0], + sprintrc(rc)); + + /* cwd_fd ignored when path is absolute */ + if (chdir("../..")) + perror_msg_and_fail("chdir"); + + rc = syscall(__NR_execveat, cwd_fd, sample_realpath, argv, NULL, 0); + printf("%s%s(%d%s, \"%s\"%s, [\"%s\"], NULL, 0) = %s\n", + my_secontext, "execveat", + cwd_fd, cwd_secontext, + sample_realpath, sample_secontext, + argv[0], + sprintrc(rc)); + + if (fchdir(cwd_fd)) + perror_msg_and_fail("fchdir"); + + if (unlink(sample)) + perror_msg_and_fail("unlink"); + + leave_and_remove_subdir(); +} + # define FILENAME "test.execveat\nfilename" # define Q_FILENAME "test.execveat\\nfilename" @@ -40,9 +133,10 @@ { const char ** const tail_argv = tail_memdup(argv, sizeof(argv)); const char ** const tail_envp = tail_memdup(envp, sizeof(envp)); + char *my_secontext = SECONTEXT_PID_MY(); syscall(__NR_execveat, -100, FILENAME, tail_argv, tail_envp, 0x1100); - printf("execveat(AT_FDCWD, \"%s\"" + printf("%s%s(AT_FDCWD, \"%s\"" ", [\"%s\", \"%s\", \"%s\", %p, %p, %p, ... /* %p */]" # if VERBOSE ", [\"%s\", \"%s\", %p, %p, %p, ... /* %p */]" @@ -50,6 +144,7 @@ ", %p /* 5 vars, unterminated */" # endif ", AT_SYMLINK_NOFOLLOW|AT_EMPTY_PATH) = -1 %s (%m)\n", + my_secontext, "execveat", Q_FILENAME, q_argv[0], q_argv[1], q_argv[2], argv[3], argv[4], argv[5], (char *) tail_argv + sizeof(argv), # if VERBOSE @@ -65,13 +160,14 @@ (void) q_envp; /* workaround for clang bug #33068 */ syscall(__NR_execveat, -100, FILENAME, tail_argv, tail_envp, 0x1100); - printf("execveat(AT_FDCWD, \"%s\", [\"%s\", \"%s\", \"%s\"]" + printf("%s%s(AT_FDCWD, \"%s\", [\"%s\", \"%s\", \"%s\"]" # if VERBOSE ", [\"%s\", \"%s\"]" # else ", %p /* 2 vars */" # endif ", AT_SYMLINK_NOFOLLOW|AT_EMPTY_PATH) = -1 %s (%m)\n", + my_secontext, "execveat", Q_FILENAME, q_argv[0], q_argv[1], q_argv[2], # if VERBOSE q_envp[0], q_envp[1], @@ -81,13 +177,14 @@ errno2name()); syscall(__NR_execveat, -100, FILENAME, tail_argv + 2, tail_envp + 1, 0x1100); - printf("execveat(AT_FDCWD, \"%s\", [\"%s\"]" + printf("%s%s(AT_FDCWD, \"%s\", [\"%s\"]" # if VERBOSE ", [\"%s\"]" # else ", %p /* 1 var */" # endif ", AT_SYMLINK_NOFOLLOW|AT_EMPTY_PATH) = -1 %s (%m)\n", + my_secontext, "execveat", Q_FILENAME, q_argv[2], # if VERBOSE q_envp[1], @@ -101,13 +198,14 @@ *empty = NULL; syscall(__NR_execveat, -100, FILENAME, empty, empty, 0x1100); - printf("execveat(AT_FDCWD, \"%s\", []" + printf("%s%s(AT_FDCWD, \"%s\", []" # if VERBOSE ", []" # else ", %p /* 0 vars */" # endif ", AT_SYMLINK_NOFOLLOW|AT_EMPTY_PATH) = -1 %s (%m)\n", + my_secontext, "execveat", Q_FILENAME, # if !VERBOSE empty, @@ -132,7 +230,9 @@ a[i] = b[i] = NULL; syscall(__NR_execveat, -100, FILENAME, a, b, 0x1100); - printf("execveat(AT_FDCWD, \"%s\", [\"%.*s\"...", Q_FILENAME, DEFAULT_STRLEN, a[0]); + printf("%s%s(AT_FDCWD, \"%s\", [\"%.*s\"...", + my_secontext, "execveat", + Q_FILENAME, DEFAULT_STRLEN, a[0]); for (i = 1; i < DEFAULT_STRLEN; ++i) printf(", \"%s\"", a[i]); # if VERBOSE @@ -152,7 +252,9 @@ errno2name()); syscall(__NR_execveat, -100, FILENAME, a + 1, b + 1, 0x1100); - printf("execveat(AT_FDCWD, \"%s\", [\"%s\"", Q_FILENAME, a[1]); + printf("%s%s(AT_FDCWD, \"%s\", [\"%s\"", + my_secontext, "execveat", + Q_FILENAME, a[1]); for (i = 2; i <= DEFAULT_STRLEN; ++i) printf(", \"%s\"", a[i]); # if VERBOSE @@ -167,15 +269,19 @@ errno2name()); syscall(__NR_execveat, -100, FILENAME, NULL, efault, 0x1100); - printf("execveat(AT_FDCWD, \"%s\", NULL, %p" + printf("%s%s(AT_FDCWD, \"%s\", NULL, %p" ", AT_SYMLINK_NOFOLLOW|AT_EMPTY_PATH) = -1 %s (%m)\n", + my_secontext, "execveat", Q_FILENAME, efault, errno2name()); syscall(__NR_execveat, -100, FILENAME, efault, NULL, 0x1100); - printf("execveat(AT_FDCWD, \"%s\", %p, NULL" + printf("%s%s(AT_FDCWD, \"%s\", %p, NULL" ", AT_SYMLINK_NOFOLLOW|AT_EMPTY_PATH) = -1 %s (%m)\n", + my_secontext, "execveat", Q_FILENAME, efault, errno2name()); + tests_with_existing_file(); + puts("+++ exited with 0 +++"); return 0; } Index: strace-5.7/tests-mx32/faccessat.c =================================================================== --- strace-5.7.orig/tests-mx32/faccessat.c 2021-08-24 21:08:35.394312561 +0200 +++ strace-5.7/tests-mx32/faccessat.c 2021-08-24 21:08:43.276245849 +0200 @@ -12,12 +12,16 @@ #ifdef __NR_faccessat -# include "xmalloc.h" # include # include # include -# ifndef FD_PATH +# include "secontext.h" +# include "xmalloc.h" + +# ifdef FD_PATH +# define YFLAG +# else # define FD_PATH "" # endif # ifndef SKIP_IF_PROC_IS_UNAVAILABLE @@ -43,11 +47,130 @@ return rc; } +# ifndef PATH_TRACING +static void +tests_with_existing_file(void) +{ + /* + * Make sure the current workdir of the tracee + * is different from the current workdir of the tracer. + */ + create_and_enter_subdir("faccessat_subdir"); + + char *my_secontext = SECONTEXT_PID_MY(); + + k_faccessat(-1, NULL, F_OK); + printf("%s%s(-1, NULL, F_OK) = %s\n", + my_secontext, "faccessat", errstr); + + static const char sample[] = "faccessat_sample"; + (void) unlink(sample); + int fd = open(sample, O_CREAT|O_RDONLY, 0400); + if (fd == -1) + perror_msg_and_fail("open"); + close(fd); + char *sample_secontext = SECONTEXT_FILE(sample); + + /* + * Tests with AT_FDCWD. + */ + + k_faccessat(-100, sample, F_OK); + printf("%s%s(AT_FDCWD, \"%s\"%s, F_OK) = %s\n", + my_secontext, "faccessat", + sample, sample_secontext, + errstr); + + if (unlink(sample)) + perror_msg_and_fail("unlink"); + + k_faccessat(-100, sample, F_OK); + printf("%s%s(AT_FDCWD, \"%s\", F_OK) = %s\n", + my_secontext, "faccessat", + sample, + errstr); + + /* + * Tests with dirfd. + */ + + int cwd_fd = get_dir_fd("."); + char *cwd = get_fd_path(cwd_fd); + char *cwd_secontext = SECONTEXT_FILE("."); + char *sample_realpath = xasprintf("%s/%s", cwd, sample); + + /* no file */ + k_faccessat(cwd_fd, sample, F_OK); +# ifdef YFLAG + printf("%s%s(%d<%s>%s, \"%s\", F_OK) = %s\n", +# else + printf("%s%s(%d%s, \"%s\", F_OK) = %s\n", +# endif + my_secontext, "faccessat", + cwd_fd, +# ifdef YFLAG + cwd, +# endif + cwd_secontext, + sample, + errstr); + + fd = open(sample, O_CREAT|O_RDONLY, 0400); + if (fd == -1) + perror_msg_and_fail("open"); + close(fd); + + k_faccessat(cwd_fd, sample, F_OK); +# ifdef YFLAG + printf("%s%s(%d<%s>%s, \"%s\"%s, F_OK) = %s\n", +# else + printf("%s%s(%d%s, \"%s\"%s, F_OK) = %s\n", +# endif + my_secontext, "faccessat", + cwd_fd, +# ifdef YFLAG + cwd, +# endif + cwd_secontext, + sample, sample_secontext, + errstr); + + /* cwd_fd ignored when path is absolute */ + if (chdir("../..")) + perror_msg_and_fail("chdir"); + + k_faccessat(cwd_fd, sample_realpath, F_OK); +# ifdef YFLAG + printf("%s%s(%d<%s>%s, \"%s\"%s, F_OK) = %s\n", +# else + printf("%s%s(%d%s, \"%s\"%s, F_OK) = %s\n", +# endif + my_secontext, "faccessat", + cwd_fd, +# ifdef YFLAG + cwd, +# endif + cwd_secontext, + sample_realpath, sample_secontext, + errstr); + + if (fchdir(cwd_fd)) + perror_msg_and_fail("fchdir"); + + if (unlink(sample)) + perror_msg_and_fail("unlink"); + + leave_and_remove_subdir(); +} +# endif + int main(void) { SKIP_IF_PROC_IS_UNAVAILABLE; +# ifndef TEST_SECONTEXT + TAIL_ALLOC_OBJECT_CONST_PTR(const char, unterminated); char *unterminated_str = xasprintf("%p", unterminated); const void *const efault = unterminated + 1; @@ -120,10 +243,10 @@ k_faccessat(dirfds[dirfd_i].val, paths[path_i].val, modes[mode_i].val); -# ifdef PATH_TRACING +# ifdef PATH_TRACING if (dirfds[dirfd_i].val == fd || paths[path_i].val == fd_path) -# endif +# endif printf("faccessat(%s, %s, %s) = %s\n", dirfds[dirfd_i].str, paths[path_i].str, @@ -133,6 +256,12 @@ } } +# endif /* !TEST_SECONTEXT */ + +# ifndef PATH_TRACING + tests_with_existing_file(); +# endif + puts("+++ exited with 0 +++"); return 0; } Index: strace-5.7/tests-mx32/faccessat.test =================================================================== --- strace-5.7.orig/tests-mx32/faccessat.test 2021-08-24 21:08:35.395312553 +0200 +++ strace-5.7/tests-mx32/faccessat.test 2021-08-24 21:08:43.276245849 +0200 @@ -15,5 +15,5 @@ run_strace -a23 --trace=faccessat "$@" $args > "$EXP" # Filter out faccessat() calls made by ld.so and libc. -sed -n '/^faccessat(-1, NULL,/,$p' < "$LOG" > "$OUT" +sed -n '/faccessat(-1, NULL,/,$p' < "$LOG" > "$OUT" match_diff "$OUT" "$EXP" Index: strace-5.7/tests-mx32/fanotify_mark.c =================================================================== --- strace-5.7.orig/tests-mx32/fanotify_mark.c 2021-08-24 21:07:01.122112055 +0200 +++ strace-5.7/tests-mx32/fanotify_mark.c 2021-08-24 21:08:43.276245849 +0200 @@ -3,7 +3,7 @@ * * Copyright (c) 2015-2016 Dmitry V. Levin * Copyright (c) 2016 Eugene Syromyatnikov - * Copyright (c) 2015-2020 The strace developers. + * Copyright (c) 2015-2021 The strace developers. * All rights reserved. * * SPDX-License-Identifier: GPL-2.0-or-later @@ -21,6 +21,8 @@ # include # include +# include "secontext.h" + # if XLAT_RAW # define str_fan_mark_add "0x1" # define str_fan_modify_ondir "0x40000002" @@ -35,6 +37,7 @@ # define str_at_fdcwd "AT_FDCWD" # endif +# ifndef TEST_SECONTEXT /* Performs fanotify_mark call via the syscall interface. */ static void do_call(kernel_ulong_t fd, kernel_ulong_t flags, const char *flags_str, @@ -44,18 +47,18 @@ long rc; rc = syscall(__NR_fanotify_mark, fd, flags, -# if (LONG_MAX > INT_MAX) \ - || (defined __x86_64__ && defined __ILP32__) \ - || defined LINUX_MIPSN32 +# if (LONG_MAX > INT_MAX) \ + || (defined __x86_64__ && defined __ILP32__) \ + || defined LINUX_MIPSN32 mask, -# else +# else /* arch/parisc/kernel/sys_parisc32.c, commit ab8a261b */ -# ifdef HPPA +# ifdef HPPA LL_VAL_TO_PAIR((mask << 32) | (mask >> 32)), -# else +# else LL_VAL_TO_PAIR(mask), +# endif # endif -# endif dirfd, path); printf("fanotify_mark(%d, %s, %s, %s, %s) = %s\n", @@ -68,12 +71,14 @@ const char *str; }; -# define STR16 "0123456789abcdef" -# define STR64 STR16 STR16 STR16 STR16 +# define STR16 "0123456789abcdef" +# define STR64 STR16 STR16 STR16 STR16 +# endif /* !TEST_SECONTEXT */ int main(void) { +# ifndef TEST_SECONTEXT enum { PATH1_SIZE = 64, }; @@ -87,47 +92,47 @@ { F8ILL_KULONG_MASK, "0" }, { (kernel_ulong_t) 0xdec0deddefacec00ULL, "0xefacec00" -# if !XLAT_RAW +# if !XLAT_RAW " /* FAN_MARK_??? */" -# endif +# endif }, { (kernel_ulong_t) 0xda7a105700000040ULL, -# if XLAT_RAW +# if XLAT_RAW "0x40" -# elif XLAT_VERBOSE +# elif XLAT_VERBOSE "0x40 /* FAN_MARK_IGNORED_SURV_MODIFY */" -# else +# else "FAN_MARK_IGNORED_SURV_MODIFY" -# endif +# endif }, { (kernel_ulong_t) 0xbadc0deddeadffffULL, -# if XLAT_RAW || XLAT_VERBOSE +# if XLAT_RAW || XLAT_VERBOSE "0xdeadffff" -# endif -# if XLAT_VERBOSE +# endif +# if XLAT_VERBOSE " /* " -# endif -# if !XLAT_RAW +# endif +# if !XLAT_RAW "FAN_MARK_ADD|FAN_MARK_REMOVE|FAN_MARK_DONT_FOLLOW|" "FAN_MARK_ONLYDIR|FAN_MARK_MOUNT|FAN_MARK_IGNORED_MASK|" "FAN_MARK_IGNORED_SURV_MODIFY|FAN_MARK_FLUSH|" "FAN_MARK_FILESYSTEM|0xdeadfe00" -# endif -# if XLAT_VERBOSE +# endif +# if XLAT_VERBOSE " */" -# endif +# endif }, }; static const struct strval64 masks[] = { { ARG_ULL_STR(0) }, { 0xdeadfeedffffffffULL, -# if XLAT_RAW || XLAT_VERBOSE +# if XLAT_RAW || XLAT_VERBOSE "0xdeadfeedffffffff" -# endif -# if XLAT_VERBOSE +# endif +# if XLAT_VERBOSE " /* " -# endif -# if !XLAT_RAW +# endif +# if !XLAT_RAW "FAN_ACCESS|" "FAN_MODIFY|" "FAN_ATTRIB|" @@ -149,27 +154,27 @@ "FAN_ONDIR|" "FAN_EVENT_ON_CHILD|" "0xdeadfeedb7f0a000" -# endif -# if XLAT_VERBOSE +# endif +# if XLAT_VERBOSE " */" -# endif +# endif }, { ARG_ULL_STR(0xffffffffb7f0a000) -# if !XLAT_RAW +# if !XLAT_RAW " /* FAN_??? */" -# endif +# endif }, }; static const struct strval dirfds[] = { { (kernel_ulong_t) 0xfacefeed00000001ULL, "1" }, { (kernel_ulong_t) 0xdec0ded0ffffffffULL, -# if XLAT_RAW +# if XLAT_RAW "-1" -# elif XLAT_VERBOSE +# elif XLAT_VERBOSE "-1 /* FAN_NOFD */" -# else +# else "FAN_NOFD" -# endif +# endif }, { (kernel_ulong_t) 0xbadfacedffffff9cULL, str_at_fdcwd }, { (kernel_ulong_t) 0xdefaced1beeff00dULL, "-1091571699" }, @@ -202,12 +207,6 @@ snprintf(bogus_path1_after_addr, sizeof(bogus_path1_after_addr), "%p", bogus_path1 + PATH1_SIZE); - rc = fanotify_mark(-1, FAN_MARK_ADD, FAN_MODIFY | FAN_ONDIR, - -100, "."); - printf("fanotify_mark(-1, %s, %s, %s, \".\") = %s\n", - str_fan_mark_add, str_fan_modify_ondir, str_at_fdcwd, - sprintrc(rc)); - for (i = 0; i < ARRAY_SIZE(fds); i++) { for (j = 0; j < ARRAY_SIZE(flags); j++) { for (k = 0; k < ARRAY_SIZE(masks); k++) { @@ -226,6 +225,40 @@ } } } +# else /* TEST_SECONTEXT */ + int rc; +# endif + /* + * Test with AT_FDCWD. + */ + + char *my_secontext = SECONTEXT_PID_MY(); + char path[] = "."; + char *path_secontext = SECONTEXT_FILE(path); + + rc = fanotify_mark(-1, FAN_MARK_ADD, FAN_MODIFY | FAN_ONDIR, + -100, path); + printf("%s%s(-1, %s, %s, %s, \"%s\"%s) = %s\n", + my_secontext, "fanotify_mark", + str_fan_mark_add, str_fan_modify_ondir, str_at_fdcwd, + path, path_secontext, + sprintrc(rc)); + + /* + * Test with dirfd. + */ + + int cwd_fd = get_dir_fd("."); + char *cwd_secontext = SECONTEXT_FILE("."); + + rc = fanotify_mark(-1, FAN_MARK_ADD, FAN_MODIFY | FAN_ONDIR, + cwd_fd, path); + printf("%s%s(-1, %s, %s, %d%s, \"%s\"%s) = %s\n", + my_secontext, "fanotify_mark", + str_fan_mark_add, str_fan_modify_ondir, + cwd_fd, cwd_secontext, + path, path_secontext, + sprintrc(rc)); puts("+++ exited with 0 +++"); return 0; Index: strace-5.7/tests-mx32/fchmod.c =================================================================== --- strace-5.7.orig/tests-mx32/fchmod.c 2021-08-24 21:08:35.395312553 +0200 +++ strace-5.7/tests-mx32/fchmod.c 2021-08-24 21:08:43.277245841 +0200 @@ -18,6 +18,8 @@ # include # include +# include "secontext.h" + int main(void) { @@ -27,6 +29,8 @@ */ create_and_enter_subdir("fchmod_subdir"); + char *my_secontext = SECONTEXT_PID_MY(); + static const char sample[] = "fchmod_sample_file"; (void) unlink(sample); int fd = open(sample, O_CREAT|O_RDONLY, 0400); @@ -37,16 +41,19 @@ char *sample_realpath = get_fd_path(fd); # endif + const char *sample_secontext = SECONTEXT_FILE(sample); long rc = syscall(__NR_fchmod, fd, 0600); # ifdef YFLAG - printf("fchmod(%d<%s>, 0600) = %s\n", + printf("%s%s(%d<%s>%s, 0600) = %s\n", # else - printf("fchmod(%d, 0600) = %s\n", + printf("%s%s(%d%s, 0600) = %s\n", # endif + my_secontext, "fchmod", fd, # ifdef YFLAG sample_realpath, # endif + sample_secontext, sprintrc(rc)); if (unlink(sample)) @@ -54,26 +61,30 @@ rc = syscall(__NR_fchmod, fd, 051); # ifdef YFLAG - printf("fchmod(%d<%s (deleted)>, 051) = %s\n", + printf("%s%s(%d<%s (deleted)>%s, 051) = %s\n", # else - printf("fchmod(%d, 051) = %s\n", + printf("%s%s(%d%s, 051) = %s\n", # endif + my_secontext, "fchmod", fd, # ifdef YFLAG sample_realpath, # endif + sample_secontext, sprintrc(rc)); rc = syscall(__NR_fchmod, fd, 004); # ifdef YFLAG - printf("fchmod(%d<%s (deleted)>, 004) = %s\n", + printf("%s%s(%d<%s (deleted)>%s, 004) = %s\n", # else - printf("fchmod(%d, 004) = %s\n", + printf("%s%s(%d%s, 004) = %s\n", # endif + my_secontext, "fchmod", fd, # ifdef YFLAG sample_realpath, # endif + sample_secontext, sprintrc(rc)); leave_and_remove_subdir(); Index: strace-5.7/tests-mx32/fchmodat.c =================================================================== --- strace-5.7.orig/tests-mx32/fchmodat.c 2021-08-24 21:08:35.396312544 +0200 +++ strace-5.7/tests-mx32/fchmodat.c 2021-08-24 21:08:43.277245841 +0200 @@ -17,6 +17,8 @@ # include # include +# include "secontext.h" + int main(void) { @@ -26,26 +28,81 @@ */ create_and_enter_subdir("fchmodat_subdir"); - static const char sample[] = "fchmodat_sample"; + char *my_secontext = SECONTEXT_PID_MY(); + static const char sample[] = "fchmodat_sample_file"; if (open(sample, O_RDONLY | O_CREAT, 0400) < 0) perror_msg_and_fail("open"); + char *sample_secontext = SECONTEXT_FILE(sample); + + /* + * Tests with AT_FDCWD. + */ + long rc = syscall(__NR_fchmodat, -100, sample, 0600); - printf("fchmodat(AT_FDCWD, \"%s\", 0600) = %s\n", - sample, sprintrc(rc)); + printf("%s%s(AT_FDCWD, \"%s\"%s, 0600) = %s\n", + my_secontext, "fchmodat", + sample, sample_secontext, + sprintrc(rc)); if (unlink(sample)) perror_msg_and_fail("unlink"); rc = syscall(__NR_fchmodat, -100, sample, 051); - printf("fchmodat(AT_FDCWD, \"%s\", 051) = %s\n", + printf("%s%s(AT_FDCWD, \"%s\", 051) = %s\n", + my_secontext, "fchmodat", sample, sprintrc(rc)); rc = syscall(__NR_fchmodat, -100, sample, 004); - printf("fchmodat(AT_FDCWD, \"%s\", 004) = %s\n", + printf("%s%s(AT_FDCWD, \"%s\", 004) = %s\n", + my_secontext, "fchmodat", sample, sprintrc(rc)); + /* + * Tests with dirfd. + */ + + int cwd_fd = get_dir_fd("."); + char *cwd = get_fd_path(cwd_fd); + char *cwd_secontext = SECONTEXT_FILE("."); + char *sample_realpath = xasprintf("%s/%s", cwd, sample); + + /* no file */ + rc = syscall(__NR_fchmodat, cwd_fd, sample, 0400); + printf("%s%s(%d%s, \"%s\", 0400) = %s\n", + my_secontext, "fchmodat", + cwd_fd, cwd_secontext, + sample, + sprintrc(rc)); + + if (open(sample, O_RDONLY | O_CREAT, 0400) < 0) + perror_msg_and_fail("open"); + + rc = syscall(__NR_fchmodat, cwd_fd, sample, 0400); + printf("%s%s(%d%s, \"%s\"%s, 0400) = %s\n", + my_secontext, "fchmodat", + cwd_fd, cwd_secontext, + sample, sample_secontext, + sprintrc(rc)); + + /* cwd_fd ignored when path is absolute */ + if (chdir("../..")) + perror_msg_and_fail("chdir"); + + rc = syscall(__NR_fchmodat, cwd_fd, sample_realpath, 0400); + printf("%s%s(%d%s, \"%s\"%s, 0400) = %s\n", + my_secontext, "fchmodat", + cwd_fd, cwd_secontext, + sample_realpath, sample_secontext, + sprintrc(rc)); + + if (fchdir(cwd_fd)) + perror_msg_and_fail("fchdir"); + + if (unlink(sample)) + perror_msg_and_fail("unlink"); + leave_and_remove_subdir(); puts("+++ exited with 0 +++"); Index: strace-5.7/tests-mx32/fchownat.c =================================================================== --- strace-5.7.orig/tests-mx32/fchownat.c 2021-08-24 21:08:35.396312544 +0200 +++ strace-5.7/tests-mx32/fchownat.c 2021-08-24 21:08:43.277245841 +0200 @@ -17,6 +17,8 @@ # include # include +# include "secontext.h" + int main(void) { @@ -26,25 +28,86 @@ */ create_and_enter_subdir("fchownat_subdir"); - static const char sample[] = "fchownat_sample"; + char *my_secontext = SECONTEXT_PID_MY(); uid_t uid = geteuid(); uid_t gid = getegid(); - if (open(sample, O_RDONLY | O_CREAT, 0400) == -1) + static const char sample[] = "fchownat_sample"; + int fd = open(sample, O_RDONLY | O_CREAT, 0400); + if (fd == -1) perror_msg_and_fail("open"); + close(fd); + + char *sample_secontext = SECONTEXT_FILE(sample); + + /* + * Tests with AT_FDCWD. + */ long rc = syscall(__NR_fchownat, AT_FDCWD, sample, uid, gid, 0); - printf("fchownat(AT_FDCWD, \"%s\", %d, %d, 0) = %s\n", - sample, uid, gid, sprintrc(rc)); + printf("%s%s(AT_FDCWD, \"%s\"%s, %d, %d, 0) = %s\n", + my_secontext, "fchownat", + sample, sample_secontext, + uid, gid, sprintrc(rc)); if (unlink(sample)) perror_msg_and_fail("unlink"); rc = syscall(__NR_fchownat, AT_FDCWD, sample, -1, -1L, AT_SYMLINK_NOFOLLOW); - printf("fchownat(AT_FDCWD, \"%s\", -1, -1, AT_SYMLINK_NOFOLLOW) = %s\n", + printf("%s%s(AT_FDCWD, \"%s\", -1, -1, AT_SYMLINK_NOFOLLOW) = %s\n", + my_secontext, "fchownat", sample, sprintrc(rc)); + /* + * Tests with dirfd. + */ + + int cwd_fd = get_dir_fd("."); + char *cwd = get_fd_path(cwd_fd); + char *cwd_secontext = SECONTEXT_FILE("."); + char *sample_realpath = xasprintf("%s/%s", cwd, sample); + + /* no file */ + rc = syscall(__NR_fchownat, cwd_fd, sample, uid, gid, 0); + printf("%s%s(%d%s, \"%s\", %d, %d, 0) = %s\n", + my_secontext, "fchownat", + cwd_fd, cwd_secontext, + sample, + uid, gid, + sprintrc(rc)); + + fd = open(sample, O_RDONLY | O_CREAT, 0400); + if (fd == -1) + perror_msg_and_fail("open"); + close(fd); + + rc = syscall(__NR_fchownat, cwd_fd, sample, uid, gid, 0); + printf("%s%s(%d%s, \"%s\"%s, %d, %d, 0) = %s\n", + my_secontext, "fchownat", + cwd_fd, cwd_secontext, + sample, sample_secontext, + uid, gid, + sprintrc(rc)); + + /* cwd_fd ignored when path is absolute */ + if (chdir("../..")) + perror_msg_and_fail("chdir"); + + rc = syscall(__NR_fchownat, cwd_fd, sample_realpath, uid, gid, 0); + printf("%s%s(%d%s, \"%s\"%s, %d, %d, 0) = %s\n", + my_secontext, "fchownat", + cwd_fd, cwd_secontext, + sample_realpath, sample_secontext, + uid, gid, + sprintrc(rc)); + + if (fchdir(cwd_fd)) + perror_msg_and_fail("fchdir"); + + if (unlink(sample)) + perror_msg_and_fail("unlink"); + leave_and_remove_subdir(); puts("+++ exited with 0 +++"); Index: strace-5.7/tests-mx32/file_handle.c =================================================================== --- strace-5.7.orig/tests-mx32/file_handle.c 2021-08-24 21:08:35.396312544 +0200 +++ strace-5.7/tests-mx32/file_handle.c 2021-08-24 21:08:43.277245841 +0200 @@ -21,6 +21,8 @@ # include # include +# include "secontext.h" + enum assert_rc { ASSERT_NONE, ASSERT_SUCCESS, @@ -48,6 +50,7 @@ printf("..."); } +# ifndef TEST_SECONTEXT void do_name_to_handle_at(kernel_ulong_t dirfd, const char *dirfd_str, kernel_ulong_t pathname, const char *pathname_str, @@ -129,6 +132,7 @@ printf("%s\n", sprintrc(rc)); } +# endif /* !TEST_SECONTEXT */ struct strval { kernel_ulong_t val; @@ -141,12 +145,86 @@ int main(void) { + char *my_secontext = SECONTEXT_PID_MY(); enum { PATH1_SIZE = 64, }; static const kernel_ulong_t fdcwd = (kernel_ulong_t) 0x87654321ffffff9cULL; + + struct file_handle *handle = + tail_alloc(sizeof(struct file_handle) + MAX_HANDLE_SZ); + struct file_handle *handle_0 = + tail_alloc(sizeof(struct file_handle) + 0); + struct file_handle *handle_8 = + tail_alloc(sizeof(struct file_handle) + 8); + struct file_handle *handle_128 = + tail_alloc(sizeof(struct file_handle) + 128); + struct file_handle *handle_256 = + tail_alloc(sizeof(struct file_handle) + 256); + TAIL_ALLOC_OBJECT_CONST_PTR(int, bogus_mount_id); + + char handle_0_addr[sizeof("0x") + sizeof(void *) * 2]; + + const int flags = 0x400; + int mount_id; + + handle_0->handle_bytes = 256; + handle_8->handle_bytes = 0; + handle_128->handle_bytes = 128; + handle_256->handle_bytes = 256; + + fill_memory((char *) handle_128 + sizeof(struct file_handle), 128); + fill_memory((char *) handle_256 + sizeof(struct file_handle), 256); + + snprintf(handle_0_addr, sizeof(handle_0_addr), "%p", + handle_0 + sizeof(struct file_handle)); + + handle->handle_bytes = 0; + + char path[] = "."; + char *path_secontext = SECONTEXT_FILE(path); + + assert(syscall(__NR_name_to_handle_at, fdcwd, path, handle, &mount_id, + flags | 1) == -1); + if (EINVAL != errno) + perror_msg_and_skip("name_to_handle_at"); + printf("%s%s(AT_FDCWD, \"%s\"%s, {handle_bytes=0}, %p" + ", AT_SYMLINK_FOLLOW|0x1) = -1 EINVAL (%m)\n", + my_secontext, "name_to_handle_at", + path, path_secontext, + &mount_id); + + assert(syscall(__NR_name_to_handle_at, fdcwd, path, handle, &mount_id, + flags) == -1); + if (EOVERFLOW != errno) + perror_msg_and_skip("name_to_handle_at"); + printf("%s%s(AT_FDCWD, \"%s\"%s, {handle_bytes=0 => %u}" + ", %p, AT_SYMLINK_FOLLOW) = -1 EOVERFLOW (%m)\n", + my_secontext, "name_to_handle_at", + path, path_secontext, + handle->handle_bytes, &mount_id); + + assert(syscall(__NR_name_to_handle_at, fdcwd, path, handle, &mount_id, + flags) == 0); + printf("%s%s(AT_FDCWD, \"%s\"%s, {handle_bytes=%u" + ", handle_type=%d, f_handle=", + my_secontext, "name_to_handle_at", + path, path_secontext, + handle->handle_bytes, handle->handle_type); + print_handle_data(handle->f_handle, handle->handle_bytes); + printf("}, [%d], AT_SYMLINK_FOLLOW) = 0\n", mount_id); + + printf("%s%s(-1, {handle_bytes=%u, handle_type=%d, f_handle=", + my_secontext, "open_by_handle_at", + handle->handle_bytes, handle->handle_type); + print_handle_data(handle->f_handle, handle->handle_bytes); + int rc = syscall(__NR_open_by_handle_at, -1, handle, + O_RDONLY | O_DIRECTORY); + printf("}, O_RDONLY|O_DIRECTORY) = %d %s (%m)\n", rc, errno2name()); + +# ifndef TEST_SECONTEXT static const struct strval dirfds[] = { { (kernel_ulong_t) 0xdeadca57badda7a1ULL, "-1159878751" }, { (kernel_ulong_t) 0x12345678ffffff9cULL, "AT_FDCWD" }, @@ -171,29 +249,11 @@ }; static const char str64[] = STR64; - - char *bogus_path1 = tail_memdup(str64, PATH1_SIZE); char *bogus_path2 = tail_memdup(str64, sizeof(str64)); - - struct file_handle *handle = - tail_alloc(sizeof(struct file_handle) + MAX_HANDLE_SZ); - struct file_handle *handle_0 = - tail_alloc(sizeof(struct file_handle) + 0); - struct file_handle *handle_8 = - tail_alloc(sizeof(struct file_handle) + 8); - struct file_handle *handle_128 = - tail_alloc(sizeof(struct file_handle) + 128); - struct file_handle *handle_256 = - tail_alloc(sizeof(struct file_handle) + 256); - TAIL_ALLOC_OBJECT_CONST_PTR(int, bogus_mount_id); - - char handle_0_addr[sizeof("0x") + sizeof(void *) * 2]; - char bogus_path1_addr[sizeof("0x") + sizeof(void *) * 2]; char bogus_path1_after_addr[sizeof("0x") + sizeof(void *) * 2]; - struct strval paths[] = { { (kernel_ulong_t) 0, "NULL" }, { (kernel_ulong_t) (uintptr_t) (bogus_path1 + PATH1_SIZE), @@ -229,62 +289,16 @@ (kernel_ulong_t) (uintptr_t) bogus_mount_id, }; - const int flags = 0x400; - int mount_id; unsigned int i; unsigned int j; unsigned int k; unsigned int l; unsigned int m; - snprintf(bogus_path1_addr, sizeof(bogus_path1_addr), "%p", bogus_path1); snprintf(bogus_path1_after_addr, sizeof(bogus_path1_after_addr), "%p", bogus_path1 + PATH1_SIZE); - handle_0->handle_bytes = 256; - handle_8->handle_bytes = 0; - handle_128->handle_bytes = 128; - handle_256->handle_bytes = 256; - - fill_memory((char *) handle_128 + sizeof(struct file_handle), 128); - fill_memory((char *) handle_256 + sizeof(struct file_handle), 256); - - snprintf(handle_0_addr, sizeof(handle_0_addr), "%p", - handle_0 + sizeof(struct file_handle)); - - handle->handle_bytes = 0; - - assert(syscall(__NR_name_to_handle_at, fdcwd, ".", handle, &mount_id, - flags | 1) == -1); - if (EINVAL != errno) - perror_msg_and_skip("name_to_handle_at"); - printf("name_to_handle_at(AT_FDCWD, \".\", {handle_bytes=0}, %p" - ", AT_SYMLINK_FOLLOW|0x1) = -1 EINVAL (%m)\n", &mount_id); - - assert(syscall(__NR_name_to_handle_at, fdcwd, ".", handle, &mount_id, - flags) == -1); - if (EOVERFLOW != errno) - perror_msg_and_skip("name_to_handle_at"); - printf("name_to_handle_at(AT_FDCWD, \".\", {handle_bytes=0 => %u}" - ", %p, AT_SYMLINK_FOLLOW) = -1 EOVERFLOW (%m)\n", - handle->handle_bytes, &mount_id); - - assert(syscall(__NR_name_to_handle_at, fdcwd, ".", handle, &mount_id, - flags) == 0); - printf("name_to_handle_at(AT_FDCWD, \".\", {handle_bytes=%u" - ", handle_type=%d, f_handle=", - handle->handle_bytes, handle->handle_type); - print_handle_data(handle->f_handle, handle->handle_bytes); - printf("}, [%d], AT_SYMLINK_FOLLOW) = 0\n", mount_id); - - printf("open_by_handle_at(-1, {handle_bytes=%u, handle_type=%d" - ", f_handle=", handle->handle_bytes, handle->handle_type); - print_handle_data(handle->f_handle, handle->handle_bytes); - int rc = syscall(__NR_open_by_handle_at, -1, handle, - O_RDONLY | O_DIRECTORY); - printf("}, O_RDONLY|O_DIRECTORY) = %d %s (%m)\n", rc, errno2name()); - for (i = 0; i < ARRAY_SIZE(dirfds); i++) { for (j = 0; j < ARRAY_SIZE(paths); j++) { for (k = 0; k < ARRAY_SIZE(name_handles); k++) { @@ -320,6 +334,68 @@ } } } +# endif + + /* + * Tests with dirfd. + */ + + int cwd_fd = get_dir_fd("."); + char *cwd = get_fd_path(cwd_fd); + char *cwd_secontext = SECONTEXT_FILE("."); + + assert(syscall(__NR_name_to_handle_at, cwd_fd, path, handle, &mount_id, + flags) == 0); + printf("%s%s(%d%s, \"%s\"%s, {handle_bytes=%u, handle_type=%d" + ", f_handle=", + my_secontext, "name_to_handle_at", + cwd_fd, cwd_secontext, + path, path_secontext, + handle->handle_bytes, handle->handle_type); + print_handle_data((unsigned char *) handle + + sizeof(struct file_handle), + handle->handle_bytes); + printf("}, [%d], AT_SYMLINK_FOLLOW) = 0\n", mount_id); + + printf("%s%s(-1, {handle_bytes=%u, handle_type=%d, f_handle=", + my_secontext, "open_by_handle_at", + handle->handle_bytes, handle->handle_type); + print_handle_data((unsigned char *) handle + + sizeof(struct file_handle), + handle->handle_bytes); + rc = syscall(__NR_open_by_handle_at, -1, handle, + O_RDONLY | O_DIRECTORY); + printf("}, O_RDONLY|O_DIRECTORY) = %s\n", sprintrc(rc)); + + /* cwd_fd ignored when path is absolute */ + if (chdir("..")) + perror_msg_and_fail("chdir"); + + assert(syscall(__NR_name_to_handle_at, cwd_fd, cwd, handle, &mount_id, + flags) == 0); + printf("%s%s(%d%s, \"%s\"%s, {handle_bytes=%u" + ", handle_type=%d, f_handle=", + my_secontext, "name_to_handle_at", + cwd_fd, cwd_secontext, + cwd, cwd_secontext, + handle->handle_bytes, handle->handle_type); + print_handle_data((unsigned char *) handle + + sizeof(struct file_handle), + handle->handle_bytes); + printf("}, [%d], AT_SYMLINK_FOLLOW) = 0\n", mount_id); + + printf("%s%s(-1, {handle_bytes=%u, handle_type=%d, f_handle=", + my_secontext, "open_by_handle_at", + handle->handle_bytes, handle->handle_type); + print_handle_data((unsigned char *) handle + + sizeof(struct file_handle), + handle->handle_bytes); + rc = syscall(__NR_open_by_handle_at, -1, handle, + O_RDONLY | O_DIRECTORY); + printf("}, O_RDONLY|O_DIRECTORY) = %s\n", sprintrc(rc)); + + if (fchdir(cwd_fd)) + perror_msg_and_fail("fchdir"); puts("+++ exited with 0 +++"); return 0; Index: strace-5.7/tests-mx32/gen_secontext.sh =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ strace-5.7/tests-mx32/gen_secontext.sh 2021-08-24 21:08:43.277245841 +0200 @@ -0,0 +1,72 @@ +#!/bin/sh -efu +# +# Copyright (c) 2021 The strace developers. +# All rights reserved. +# +# SPDX-License-Identifier: GPL-2.0-or-later + +usage() +{ + cat >&2 <] + +Generate secontext files from list. +EOF + exit 1 +} + +if [ $# -eq 0 ]; then + input="${0%/*}/gen_tests.in" +else + input="$1" + shift +fi +dir="$(dirname "$input")" +[ $# -eq 0 ] || usage + +{ + cat < "$dir/secontext.am" + +sed -r -n 's/^([^#[:space:]]+--secontext)[[:space:]].*/\1/p' < "$input" | +while read -r name; do { + cat <<-EOF > "$dir/$name.c" + /* + * Copyright (c) 2021 The strace developers. + * All rights reserved. + * + * SPDX-License-Identifier: GPL-2.0-or-later + */ + + #include "tests.h" + + #ifdef HAVE_SELINUX_RUNTIME + + # define TEST_SECONTEXT + # include "${name%--secontext}.c" + + #else + + SKIP_MAIN_UNDEFINED("HAVE_SELINUX_RUNTIME") + + #endif + EOF +} < /dev/null; done + +sed -r -n 's/^([^#[:space:]]+--secontext_full)[[:space:]].*/\1/p' < "$input" | +while read -r name; do { + cat <<-EOF > "$dir/$name.c" + #define PRINT_SECONTEXT_FULL + #include "${name%_full}.c" + EOF +} < /dev/null; done Index: strace-5.7/tests-mx32/gen_tests.in =================================================================== --- strace-5.7.orig/tests-mx32/gen_tests.in 2021-08-24 21:08:35.397312536 +0200 +++ strace-5.7/tests-mx32/gen_tests.in 2021-08-24 21:08:43.278245832 +0200 @@ -10,6 +10,8 @@ accept -a22 accept4 -a37 access -a30 --trace-path=access_sample +access--secontext -a30 --secontext --trace-path=access_sample -e trace=access +access--secontext_full -a30 --secontext=full --trace-path=access_sample -e trace=access acct -a20 add_key -a30 -s12 adjtimex -a15 @@ -24,6 +26,8 @@ bpf-v -a20 -v -e trace=bpf btrfs +ioctl.test chmod -a28 +chmod--secontext -a28 --secontext -e trace=chmod +chmod--secontext_full -a28 --secontext=full -e trace=chmod chown -a28 chown32 -a31 chroot -a24 @@ -71,25 +75,43 @@ epoll_pwait epoll_wait -a26 erestartsys -a34 -e signal=none -e trace=recvfrom +execve--secontext +execve.test --secontext +execve--secontext_full +execve.test --secontext=full execveat +execveat--secontext --secontext --trace=execveat +execveat--secontext_full --secontext=full --trace=execveat execveat-v -v -e trace=execveat +faccessat--secontext +faccessat.test -a24 --secontext +faccessat--secontext_full +faccessat.test -a24 --secontext=full faccessat-P -a23 --trace=faccessat -P /dev/full faccessat-y +faccessat.test -a24 -y +faccessat-y--secontext +faccessat.test -a24 -y --secontext +faccessat-y--secontext_full +faccessat.test -a24 -y --secontext=full faccessat-yy +faccessat.test -a24 -yy fadvise64_64 +fadvise64.test fallocate -a18 fanotify_init fanotify_mark -a32 +fanotify_mark--secontext -a32 --secontext -e trace=fanotify_mark +fanotify_mark--secontext_full -a32 --secontext=full -e trace=fanotify_mark fanotify_mark-Xabbrev -a32 -Xabbrev -e trace=fanotify_mark fanotify_mark-Xraw -a32 -Xraw -e trace=fanotify_mark fanotify_mark-Xverbose -a32 -Xverbose -e trace=fanotify_mark fchdir -a11 fchmod -a15 +fchmod--secontext -a15 --secontext -e trace=fchmod +fchmod--secontext_full -a15 --secontext=full -e trace=fchmod fchmod-y -y -e trace=fchmod +fchmod-y--secontext -a15 -y --secontext -e trace=fchmod +fchmod-y--secontext_full -a15 -y --secontext=full -e trace=fchmod fchmodat +fchmodat--secontext --secontext -e trace=fchmodat +fchmodat--secontext_full --secontext=full -e trace=fchmodat fchown -a16 fchown32 -a18 fchownat +fchownat--secontext --secontext -e trace=fchownat +fchownat--secontext_full --secontext=full -e trace=fchownat fcntl -a8 fcntl--pidns-translation test_pidns -a8 -e trace=fcntl fcntl64 -a8 @@ -97,6 +119,8 @@ fdatasync -a14 file_handle -e trace=name_to_handle_at,open_by_handle_at file_ioctl +ioctl.test +file_handle--secontext --secontext -e trace=name_to_handle_at,open_by_handle_at +file_handle--secontext_full --secontext=full -e trace=name_to_handle_at,open_by_handle_at filter_seccomp . "${srcdir=.}/filter_seccomp.sh"; test_prog_set --seccomp-bpf -f filter_seccomp-flag ../$NAME finit_module -a25 @@ -295,6 +319,8 @@ lchown32 -a32 link linkat +linkat--secontext --secontext -e trace=linkat +linkat--secontext_full --secontext=full -e trace=linkat lookup_dcookie -a27 lstat -a31 --no-abbrev --trace-path=stat.sample --trace-path=/dev/full lstat64 -a32 --no-abbrev --trace-path=stat.sample --trace-path=/dev/full @@ -434,9 +460,13 @@ oldselect-efault-P -a13 -e trace=select -P /dev/full 9>>/dev/full oldstat -a32 -v -P stat.sample -P /dev/full open -a30 -P $NAME.sample +open--secontext -a30 -P open.sample --secontext --trace=open +open--secontext_full -a30 -P open.sample --secontext=full --trace=open open_tree -a30 -y open_tree-P -a30 --decode-fds -P /dev/full -e trace=open_tree openat -a36 -P $NAME.sample +openat--secontext -a36 -P openat.sample -P $PWD/openat.sample --secontext -e trace=openat +openat--secontext_full -a36 -P openat.sample -P $PWD/openat.sample --secontext=full -e trace=openat openat2 -a35 openat2-Xabbrev --trace=openat2 -a35 -Xabbrev openat2-Xraw --trace=openat2 -a32 -Xraw Index: strace-5.7/tests-mx32/linkat.c =================================================================== --- strace-5.7.orig/tests-mx32/linkat.c 2021-08-24 21:08:35.397312536 +0200 +++ strace-5.7/tests-mx32/linkat.c 2021-08-24 21:08:43.278245832 +0200 @@ -10,8 +10,14 @@ #ifdef __NR_linkat +# include # include +# include # include +# include + +# include "secontext.h" +# include "xmalloc.h" int main(void) @@ -27,18 +33,158 @@ const long fd_old = (long) 0xdeadbeefffffffffULL; const long fd_new = (long) 0xdeadbeeffffffffeULL; + char *my_secontext = SECONTEXT_PID_MY(); + + (void) unlink(sample_1); + (void) unlink(sample_2); + long rc = syscall(__NR_linkat, fd_old, sample_1, fd_new, sample_2, 0); - printf("linkat(%d, \"%s\", %d, \"%s\", 0) = %ld %s (%m)\n", + printf("%s%s(%d, \"%s\", %d, \"%s\", 0) = %ld %s (%m)\n", + my_secontext, "linkat", (int) fd_old, sample_1, (int) fd_new, sample_2, rc, errno2name()); rc = syscall(__NR_linkat, -100, sample_1, -100, sample_2, -1L); - printf("linkat(%s, \"%s\", %s, \"%s\", %s) = %ld %s (%m)\n", + printf("%s%s(%s, \"%s\", %s, \"%s\", %s) = %ld %s (%m)\n", + my_secontext, "linkat", "AT_FDCWD", sample_1, "AT_FDCWD", sample_2, "AT_SYMLINK_NOFOLLOW|AT_REMOVEDIR|AT_SYMLINK_FOLLOW" "|AT_NO_AUTOMOUNT|AT_EMPTY_PATH|AT_RECURSIVE|0xffff60ff", rc, errno2name()); + /* + * Tests with AT_FDCWD. + */ + + int fd_sample_1 = open(sample_1, O_RDONLY | O_CREAT, 0400); + if (fd_sample_1 < 0) + perror_msg_and_fail("open"); + if (close(fd_sample_1)) + perror_msg_and_fail("close"); + + char *sample_1_secontext = SECONTEXT_FILE(sample_1); + + rc = syscall(__NR_linkat, -100, sample_1, -100, sample_2, 0); + /* no context printed for sample_2 since file doesn't exist yet */ + printf("%s%s(AT_FDCWD, \"%s\"%s, AT_FDCWD, \"%s\", 0) = %s\n", + my_secontext, "linkat", + sample_1, sample_1_secontext, + sample_2, + sprintrc(rc)); + + const char *sample_2_secontext = sample_1_secontext; + + rc = syscall(__NR_linkat, -100, sample_1, -100, sample_2, 0); + printf("%s%s(AT_FDCWD, \"%s\"%s, AT_FDCWD, \"%s\"%s, 0) = %s\n", + my_secontext, "linkat", + sample_1, sample_1_secontext, + sample_2, sample_2_secontext, + sprintrc(rc)); + + int fd_sample_2 = open(sample_2, O_RDONLY | O_CREAT, 0400); + if (fd_sample_2 < 0) + perror_msg_and_fail("open"); + if (close(fd_sample_2)) + perror_msg_and_fail("close"); + + free(sample_1_secontext); + update_secontext_type(sample_1, "default_t"); + sample_1_secontext = SECONTEXT_FILE(sample_1); + sample_2_secontext = sample_1_secontext; + + rc = syscall(__NR_linkat, -100, sample_1, -100, sample_2, 0); + printf("%s%s(AT_FDCWD, \"%s\"%s, AT_FDCWD, \"%s\"%s, 0) = %s\n", + my_secontext, "linkat", + sample_1, sample_1_secontext, + sample_2, sample_2_secontext, + sprintrc(rc)); + + if (unlink(sample_2)) + perror_msg_and_fail("unlink: %s", sample_2); + + /* + * Tests with dirfd. + */ + + int dfd_old = get_dir_fd("."); + char *cwd = get_fd_path(dfd_old); + char *dfd_old_secontext = SECONTEXT_FILE("."); + + rc = syscall(__NR_linkat, dfd_old, sample_1, -100, sample_2, 0); + /* no context printed for sample_2 since file doesn't exist yet */ + printf("%s%s(%d%s, \"%s\"%s, AT_FDCWD, \"%s\", 0) = %s\n", + my_secontext, "linkat", + dfd_old, dfd_old_secontext, + sample_1, sample_1_secontext, + sample_2, + sprintrc(rc)); + + rc = syscall(__NR_linkat, dfd_old, sample_1, -100, sample_2, 0); + printf("%s%s(%d%s, \"%s\"%s, AT_FDCWD, \"%s\"%s, 0) = %s\n", + my_secontext, "linkat", + dfd_old, dfd_old_secontext, + sample_1, sample_1_secontext, + sample_2, sample_2_secontext, + sprintrc(rc)); + + if (unlink(sample_2)) + perror_msg_and_fail("unlink: %s", sample_2); + + static const char new_dir[] = "new"; + char *new_sample_2 = xasprintf("%s/%s", new_dir, sample_2); + + (void) unlink(new_sample_2); + (void) rmdir(new_dir); + + if (mkdir(new_dir, 0700)) + perror_msg_and_fail("mkdir"); + char *new_dir_realpath = xasprintf("%s/%s", cwd, new_dir); + char *new_dir_secontext = SECONTEXT_FILE(new_dir); + int dfd_new = get_dir_fd(new_dir); + + rc = syscall(__NR_linkat, dfd_old, sample_1, dfd_new, sample_2, 0); + /* no context printed for sample_2 since file doesn't exist yet */ + printf("%s%s(%d%s, \"%s\"%s, %d%s, \"%s\", 0) = %s\n", + my_secontext, "linkat", + dfd_old, dfd_old_secontext, + sample_1, sample_1_secontext, + dfd_new, new_dir_secontext, + sample_2, + sprintrc(rc)); + + rc = syscall(__NR_linkat, dfd_old, sample_1, dfd_new, sample_2, 0); + printf("%s%s(%d%s, \"%s\"%s, %d%s, \"%s\"%s, 0) = %s\n", + my_secontext, "linkat", + dfd_old, dfd_old_secontext, + sample_1, sample_1_secontext, + dfd_new, new_dir_secontext, + sample_2, SECONTEXT_FILE(new_sample_2), + sprintrc(rc)); + + char *new_sample_2_realpath = xasprintf("%s/%s", new_dir_realpath, sample_2); + + /* dfd ignored when path is absolute */ + if (chdir("../..")) + perror_msg_and_fail("chdir"); + + rc = syscall(__NR_linkat, dfd_old, sample_1, -100, new_sample_2_realpath, 0); + printf("%s%s(%d%s, \"%s\"%s, AT_FDCWD, \"%s\"%s, 0) = %s\n", + my_secontext, "linkat", + dfd_old, dfd_old_secontext, + sample_1, sample_1_secontext, + new_sample_2_realpath, SECONTEXT_FILE(new_sample_2_realpath), + sprintrc(rc)); + + if (fchdir(dfd_old)) + perror_msg_and_fail("fchdir"); + + if (unlink(sample_1)) + perror_msg_and_fail("unlink: %s", sample_1); + if (unlink(new_sample_2)) + perror_msg_and_fail("unlink: %s", new_sample_2); + if (rmdir(new_dir)) + perror_msg_and_fail("rmdir: %s", new_dir); + leave_and_remove_subdir(); puts("+++ exited with 0 +++"); Index: strace-5.7/tests-mx32/open.c =================================================================== --- strace-5.7.orig/tests-mx32/open.c 2021-08-24 21:08:35.397312536 +0200 +++ strace-5.7/tests-mx32/open.c 2021-08-24 21:08:43.278245832 +0200 @@ -15,6 +15,8 @@ # include # include +# include "secontext.h" + int main(void) { @@ -25,10 +27,12 @@ create_and_enter_subdir("open_subdir"); static const char sample[] = "open.sample"; + char *my_secontext = SECONTEXT_PID_MY(); long fd = syscall(__NR_open, sample, O_RDONLY|O_CREAT, 0400); - printf("open(\"%s\", O_RDONLY|O_CREAT, 0400) = %s\n", - sample, sprintrc(fd)); + printf("%s%s(\"%s\", O_RDONLY|O_CREAT, 0400) = %s%s\n", + my_secontext, "open", + sample, sprintrc(fd), SECONTEXT_FILE(sample)); if (fd != -1) { close(fd); @@ -36,16 +40,18 @@ perror_msg_and_fail("unlink"); fd = syscall(__NR_open, sample, O_RDONLY); - printf("open(\"%s\", O_RDONLY) = %s\n", sample, sprintrc(fd)); + printf("%s%s(\"%s\", O_RDONLY) = %s\n", + my_secontext, "open", sample, sprintrc(fd)); fd = syscall(__NR_open, sample, O_WRONLY|O_NONBLOCK|0x80000000); - printf("open(\"%s\", O_WRONLY|O_NONBLOCK|0x80000000) = %s\n", - sample, sprintrc(fd)); + printf("%s%s(\"%s\", O_WRONLY|O_NONBLOCK|0x80000000) = %s\n", + my_secontext, "open", sample, sprintrc(fd)); } # ifdef O_TMPFILE fd = syscall(__NR_open, sample, O_WRONLY|O_TMPFILE, 0600); - printf("open(\"%s\", O_WRONLY|O_TMPFILE, 0600) = %s\n", + printf("%s%s(\"%s\", O_WRONLY|O_TMPFILE, 0600) = %s\n", + my_secontext, "open", sample, sprintrc(fd)); # endif /* O_TMPFILE */ Index: strace-5.7/tests-mx32/openat.c =================================================================== --- strace-5.7.orig/tests-mx32/openat.c 2021-08-24 21:08:35.397312536 +0200 +++ strace-5.7/tests-mx32/openat.c 2021-08-24 21:08:43.278245832 +0200 @@ -15,6 +15,8 @@ # include # include +# include "secontext.h" + # ifdef O_TMPFILE /* The kernel & C libraries often inline O_DIRECTORY. */ # define STRACE_O_TMPFILE (O_TMPFILE & ~O_DIRECTORY) @@ -26,10 +28,12 @@ static void test_mode_flag(unsigned int mode_val, const char *mode_str, - unsigned int flag_val, const char *flag_str) + unsigned int flag_val, const char *flag_str, + const char *my_secontext) { long rc = syscall(__NR_openat, -1, sample, mode_val | flag_val, 0); - printf("openat(-1, \"%s\", %s%s%s%s) = %s\n", + printf("%s%s(-1, \"%s\", %s%s%s%s) = %s\n", + my_secontext, "openat", sample, mode_str, flag_val ? "|" : "", flag_str, flag_val & (O_CREAT | STRACE_O_TMPFILE) ? ", 000" : "", @@ -45,20 +49,7 @@ */ create_and_enter_subdir("openat_subdir"); - long fd = syscall(__NR_openat, -100, sample, O_RDONLY|O_CREAT, 0400); - printf("openat(AT_FDCWD, \"%s\", O_RDONLY|O_CREAT, 0400) = %s\n", - sample, sprintrc(fd)); - - if (fd != -1) { - close(fd); - if (unlink(sample) == -1) - perror_msg_and_fail("unlink"); - - fd = syscall(__NR_openat, -100, sample, O_RDONLY); - printf("openat(AT_FDCWD, \"%s\", O_RDONLY) = %s\n", - sample, sprintrc(fd)); - } - + char *my_secontext = SECONTEXT_PID_MY(); struct { unsigned int val; const char *str; @@ -105,7 +96,73 @@ for (unsigned int m = 0; m < ARRAY_SIZE(modes); ++m) for (unsigned int f = 0; f < ARRAY_SIZE(flags); ++f) test_mode_flag(modes[m].val, modes[m].str, - flags[f].val, flags[f].str); + flags[f].val, flags[f].str, + my_secontext); + + /* + * Tests with AT_FDCWD. + */ + + (void) unlink(sample); + long fd = syscall(__NR_openat, -100, sample, O_RDONLY|O_CREAT, 0400); + + char *sample_secontext = SECONTEXT_FILE(sample); + + /* + * File context in openat() is not displayed because file doesn't exist + * yet, but is displayed in return value since the file got created. + */ + printf("%s%s(AT_FDCWD, \"%s\", O_RDONLY|O_CREAT, 0400) = %s%s\n", + my_secontext, "openat", + sample, + sprintrc(fd), sample_secontext); + + close(fd); + + fd = syscall(__NR_openat, -100, sample, O_RDONLY); + printf("%s%s(AT_FDCWD, \"%s\"%s, O_RDONLY) = %s%s\n", + my_secontext, "openat", + sample, sample_secontext, + sprintrc(fd), sample_secontext); + if (fd != -1) { + close(fd); + if (unlink(sample)) + perror_msg_and_fail("unlink"); + } + + /* + * Tests with dirfd. + */ + + int cwd_fd = get_dir_fd("."); + char *cwd_secontext = SECONTEXT_FILE("."); + + fd = syscall(__NR_openat, cwd_fd, sample, O_RDONLY|O_CREAT, 0400); + if (fd == -1) + perror_msg_and_fail("openat"); + close(fd); + + /* + * File context in openat() is not displayed because file doesn't exist + * yet, but is displayed in return value since the file got created. + */ + printf("%s%s(%d%s, \"%s\", O_RDONLY|O_CREAT, 0400) = %s%s\n", + my_secontext, "openat", + cwd_fd, cwd_secontext, + sample, + sprintrc(fd), sample_secontext); + + fd = syscall(__NR_openat, cwd_fd, sample, O_RDONLY); + printf("%s%s(%d%s, \"%s\"%s, O_RDONLY) = %s%s\n", + my_secontext, "openat", + cwd_fd, cwd_secontext, + sample, sample_secontext, + sprintrc(fd), sample_secontext); + if (fd != -1) { + close(fd); + if (unlink(sample)) + perror_msg_and_fail("unlink"); + } leave_and_remove_subdir(); Index: strace-5.7/tests-mx32/options-syntax.test =================================================================== --- strace-5.7.orig/tests-mx32/options-syntax.test 2021-08-24 21:08:35.398312527 +0200 +++ strace-5.7/tests-mx32/options-syntax.test 2021-08-24 21:08:43.279245824 +0200 @@ -2,14 +2,16 @@ # # Check strace options syntax. # -# Copyright (c) 2016 Dmitry V. Levin -# Copyright (c) 2016-2020 The strace developers. +# Copyright (c) 2016 Dmitry V. Levin +# Copyright (c) 2016-2021 The strace developers. # All rights reserved. # # SPDX-License-Identifier: GPL-2.0-or-later . "${srcdir=.}/syntax.sh" +compiled_with_secontext=$(get_config_option ENABLE_SECONTEXT "y") + check_e "Invalid process id: '0'" -p 0 check_e "Invalid process id: '0'" --attach=0 check_e "Invalid process id: '-42'" -p -42 @@ -46,6 +48,8 @@ check_e '-t and --absolute-timestamps cannot be provided simultaneously' --absolute-timestamps -ttt -p $$ check_e '-t and --absolute-timestamps cannot be provided simultaneously' -t --timestamps=ns -t -p $$ check_e '-t and --absolute-timestamps cannot be provided simultaneously' --timestamps=ns -t --absolute-timestamps=unix -p $$ +[ -z "$compiled_with_secontext" ] || + check_h "invalid --secontext argument: 'ss'" --secontext=ss check_h 'PROG [ARGS] must be specified with -D/--daemonize' -D -p $$ check_h 'PROG [ARGS] must be specified with -D/--daemonize' -DD -p $$ check_h 'PROG [ARGS] must be specified with -D/--daemonize' -DDD -p $$ @@ -281,6 +285,11 @@ $STRACE_EXE: Only the last of -z/--successful-only/-Z/--failed-only options will take effect. See status qualifier for more complex filters. $STRACE_EXE: $umsg" -u :nosuchuser: -cirtTyzZ true + if [ -n "$compiled_with_secontext" ]; then + check_e "--secontext has no effect with -c/--summary-only +$STRACE_EXE: $umsg" -u :nosuchuser: -c --secontext true + fi + for c in --output-separately -A/--output-append-mode; do check_e "$c has no effect without -o/--output $STRACE_EXE: $umsg" -u :nosuchuser: ${c%%/*} true Index: strace-5.7/tests-mx32/secontext.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ strace-5.7/tests-mx32/secontext.c 2021-08-24 21:08:43.279245824 +0200 @@ -0,0 +1,201 @@ +/* + * Copyright (c) 2021 The strace developers. + * All rights reserved. + * + * SPDX-License-Identifier: GPL-2.0-or-later + */ + +#include "tests.h" + +#ifdef HAVE_SELINUX_RUNTIME + +# include +# include +# include +# include +# include +# include + +# include "xmalloc.h" + +# define TEST_SECONTEXT +# include "secontext.h" + +static char * +secontext_format(char *context, const char *fmt) + ATTRIBUTE_FORMAT((printf, 2, 0)) ATTRIBUTE_MALLOC; + +static char * +secontext_format(char *context, const char *fmt) +{ + int saved_errno = errno; + char *res = context ? xasprintf(fmt, context) : xstrdup(""); + free(context); + errno = saved_errno; + return res; +} + +# define FORMAT_SPACE_BEFORE(string) secontext_format(string, " [%s]") +# define FORMAT_SPACE_AFTER(string) secontext_format(string, "[%s] ") + +static char * +strip_trailing_newlines(char *context) +{ + /* + * On the CI at least, the context may have a trailing \n, + * let's remove it just in case. + */ + size_t len = strlen(context); + for (; len > 0; --len) { + if (context[len - 1] != '\n') + break; + } + context[len] = '\0'; + return context; +} + +static char * +raw_secontext_full_file(const char *filename) +{ + int saved_errno = errno; + char *full_secontext = NULL; + char *secontext; + + if (getfilecon(filename, &secontext) >= 0) { + full_secontext = strip_trailing_newlines(xstrdup(secontext)); + freecon(secontext); + } + errno = saved_errno; + return full_secontext; +} + +static char * +raw_secontext_short_file(const char *filename) +{ + int saved_errno = errno; + + char *ctx = raw_secontext_full_file(filename); + if (ctx == NULL) + return ctx; + + char *saveptr = NULL; + const char *token; + unsigned int i; + + char *ctx_copy = xstrdup(ctx); + char *context = NULL; + for (token = strtok_r(ctx_copy, ":", &saveptr), i = 0; + token; token = strtok_r(NULL, ":", &saveptr), i++) { + if (i == 2) { + context = xstrdup(token); + break; + } + } + if (context == NULL) + context = xstrdup(ctx); + free(ctx_copy); + free(ctx); + + errno = saved_errno; + return context; +} + +static char * +raw_secontext_full_pid(pid_t pid) +{ + int saved_errno = errno; + char *full_secontext = NULL; + char *secontext; + + if (getpidcon(pid, &secontext) == 0) { + full_secontext = strip_trailing_newlines(xstrdup(secontext)); + freecon(secontext); + } + errno = saved_errno; + return full_secontext; +} + +static char * +raw_secontext_short_pid(pid_t pid) +{ + int saved_errno = errno; + + char *ctx = raw_secontext_full_pid(pid); + if (ctx == NULL) + return ctx; + + char *saveptr = NULL; + const char *token; + int i; + + char *ctx_copy = xstrdup(ctx); + char *context = NULL; + for (token = strtok_r(ctx_copy, ":", &saveptr), i = 0; + token; token = strtok_r(NULL, ":", &saveptr), i++) { + if (i == 2) { + context = xstrdup(token); + break; + } + } + if (context == NULL) + context = xstrdup(ctx); + free(ctx_copy); + free(ctx); + + errno = saved_errno; + return context; +} + +char * +secontext_full_file(const char *filename) +{ + return FORMAT_SPACE_BEFORE(raw_secontext_full_file(filename)); +} + +char * +secontext_full_pid(pid_t pid) +{ + return FORMAT_SPACE_AFTER(raw_secontext_full_pid(pid)); +} + +char * +secontext_short_file(const char *filename) +{ + return FORMAT_SPACE_BEFORE(raw_secontext_short_file(filename)); +} + +char * +secontext_short_pid(pid_t pid) +{ + return FORMAT_SPACE_AFTER(raw_secontext_short_pid(pid)); +} + +void +update_secontext_type(const char *file, const char *newtype) +{ + char *ctx = raw_secontext_full_file(file); + if (ctx == NULL) + return; + + char *saveptr = NULL; + char *token; + int field; + char *split[4]; + + for (token = strtok_r(ctx, ":", &saveptr), field = 0; + token; token = strtok_r(NULL, ":", &saveptr), field++) { + assert(field < 4); + split[field] = token; + } + assert(field == 4); + + char *newcontext = xasprintf("%s:%s:%s:%s", split[0], split[1], + newtype, split[3]); + + (void) setfilecon(file, newcontext); + + free(newcontext); + free(ctx); +} + +#endif /* HAVE_SELINUX_RUNTIME */ Index: strace-5.7/tests-mx32/secontext.h =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ strace-5.7/tests-mx32/secontext.h 2021-08-24 21:08:43.279245824 +0200 @@ -0,0 +1,46 @@ +/* + * Copyright (c) 2021 The strace developers. + * All rights reserved. + * + * SPDX-License-Identifier: GPL-2.0-or-later + */ + +#include "tests.h" +#include "xmalloc.h" +#include + +#if defined TEST_SECONTEXT && defined HAVE_SELINUX_RUNTIME + +void update_secontext_type(const char *file, const char *newtype); + +# ifdef PRINT_SECONTEXT_FULL + +char *secontext_full_file(const char *) ATTRIBUTE_MALLOC; +char *secontext_full_pid(pid_t) ATTRIBUTE_MALLOC; + +# define SECONTEXT_FILE(filename) secontext_full_file(filename) +# define SECONTEXT_PID(pid) secontext_full_pid(pid) + +# else + +char *secontext_short_file(const char *) ATTRIBUTE_MALLOC; +char *secontext_short_pid(pid_t) ATTRIBUTE_MALLOC; + +# define SECONTEXT_FILE(filename) secontext_short_file(filename) +# define SECONTEXT_PID(pid) secontext_short_pid(pid) + +# endif + +#else + +static inline void +update_secontext_type(const char *file, const char *newtype) +{ +} + +# define SECONTEXT_FILE(filename) xstrdup("") +# define SECONTEXT_PID(pid) xstrdup("") + +#endif + +#define SECONTEXT_PID_MY() SECONTEXT_PID(getpid()) Index: strace-5.7/tests-mx32/strace-V.test =================================================================== --- strace-5.7.orig/tests-mx32/strace-V.test 2021-08-24 21:08:35.398312527 +0200 +++ strace-5.7/tests-mx32/strace-V.test 2021-08-24 21:08:43.279245824 +0200 @@ -33,7 +33,9 @@ ;; esac -features="${option_unwind}${option_demangle}${option_m32}${option_mx32}" +option_secontext=$(get_config_option ENABLE_SECONTEXT " secontext") + +features="${option_unwind}${option_demangle}${option_m32}${option_mx32}${option_secontext}" [ -n "$features" ] || features=" (none)" cat > "$EXP" << __EOF__ Index: strace-5.7/util.c =================================================================== --- strace-5.7.orig/util.c 2021-08-24 21:08:35.399312519 +0200 +++ strace-5.7/util.c 2021-08-24 21:08:43.279245824 +0200 @@ -26,6 +26,7 @@ #include "largefile_wrappers.h" #include "number_set.h" #include "print_utils.h" +#include "secontext.h" #include "static_assert.h" #include "string_to_uint.h" #include "xlat.h" @@ -653,6 +654,13 @@ } else { tprintf("%d", fd); } +#ifdef ENABLE_SECONTEXT + char *context; + if (!selinux_getfdcon(pid, fd, &context)) { + tprintf(" [%s]", context); + free(context); + } +#endif } void @@ -945,6 +953,14 @@ else { path[n++] = !nul_seen; print_quoted_cstring(path, n); + +#ifdef ENABLE_SECONTEXT + char *context; + if (nul_seen && !selinux_getfilecon(tcp, path, &context)) { + tprintf(" [%s]", context); + free(context); + } +#endif } return nul_seen; Index: strace-5.7/xgetdents.c =================================================================== --- strace-5.7.orig/xgetdents.c 2021-08-24 21:08:35.399312519 +0200 +++ strace-5.7/xgetdents.c 2021-08-24 21:08:43.280245815 +0200 @@ -122,6 +122,9 @@ { if (entering(tcp)) { printfd(tcp, tcp->u_arg[0]); +#ifdef ENABLE_SECONTEXT + tcp->last_dirfd = (int) tcp->u_arg[0]; +#endif tprints(", "); return 0; } Index: strace-5.7/Makefile.in =================================================================== --- strace-5.7.orig/Makefile.in 2021-08-24 21:08:35.404312477 +0200 +++ strace-5.7/Makefile.in 2021-08-24 21:08:43.282245798 +0200 @@ -122,14 +122,21 @@ @ENABLE_STACKTRACE_TRUE@@USE_DEMANGLE_TRUE@am__append_11 = $(libiberty_CPPFLAGS) @ENABLE_STACKTRACE_TRUE@@USE_DEMANGLE_TRUE@am__append_12 = $(libiberty_LDFLAGS) @ENABLE_STACKTRACE_TRUE@@USE_DEMANGLE_TRUE@am__append_13 = $(libiberty_LIBS) -@HAVE_M32_MPERS_TRUE@am__append_14 = libmpers-m32.a -@HAVE_M32_MPERS_TRUE@am__append_15 = libmpers-m32.a -@HAVE_M32_MPERS_TRUE@am__append_16 = $(mpers_m32_targets) -@HAVE_M32_MPERS_TRUE@am__append_17 = $(mpers_m32_targets) -@HAVE_MX32_MPERS_TRUE@am__append_18 = libmpers-mx32.a -@HAVE_MX32_MPERS_TRUE@am__append_19 = libmpers-mx32.a -@HAVE_MX32_MPERS_TRUE@am__append_20 = $(mpers_mx32_targets) -@HAVE_MX32_MPERS_TRUE@am__append_21 = $(mpers_mx32_targets) +@ENABLE_SECONTEXT_TRUE@am__append_14 = \ +@ENABLE_SECONTEXT_TRUE@ secontext.c \ +@ENABLE_SECONTEXT_TRUE@ secontext.h + +@ENABLE_SECONTEXT_TRUE@am__append_15 = $(libselinux_CPPFLAGS) +@ENABLE_SECONTEXT_TRUE@am__append_16 = $(libselinux_LDFLAGS) +@ENABLE_SECONTEXT_TRUE@am__append_17 = $(libselinux_LIBS) +@HAVE_M32_MPERS_TRUE@am__append_18 = libmpers-m32.a +@HAVE_M32_MPERS_TRUE@am__append_19 = libmpers-m32.a +@HAVE_M32_MPERS_TRUE@am__append_20 = $(mpers_m32_targets) +@HAVE_M32_MPERS_TRUE@am__append_21 = $(mpers_m32_targets) +@HAVE_MX32_MPERS_TRUE@am__append_22 = libmpers-mx32.a +@HAVE_MX32_MPERS_TRUE@am__append_23 = libmpers-mx32.a +@HAVE_MX32_MPERS_TRUE@am__append_24 = $(mpers_mx32_targets) +@HAVE_MX32_MPERS_TRUE@am__append_25 = $(mpers_mx32_targets) subdir = . ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/xlat/btrfs_compress_types.m4 \ @@ -178,6 +185,7 @@ $(top_srcdir)/m4/st_esyscmd_s.m4 $(top_srcdir)/m4/st_libdw.m4 \ $(top_srcdir)/m4/st_libunwind.m4 \ $(top_srcdir)/m4/st_save_restore_var.m4 \ + $(top_srcdir)/m4/st_selinux.m4 \ $(top_srcdir)/m4/st_stacktrace.m4 \ $(top_srcdir)/m4/st_warn_cflags.m4 \ $(top_srcdir)/m4/warnings.m4 $(top_srcdir)/configure.ac @@ -382,7 +390,7 @@ types/check-rtnl_link.c types/check-rtnl_mdb.c \ types/check-rtnl_neightbl.c types/check-rtnl_route.c \ types/check-v4l2.c unwind.c unwind.h unwind-libdw.c \ - unwind-libunwind.c + unwind-libunwind.c secontext.c secontext.h am__objects_3 = am__dirstamp = $(am__leading_dot)dirstamp am__objects_4 = types/libstrace_a-check-cryptouser.$(OBJEXT) \ @@ -398,6 +406,8 @@ @ENABLE_STACKTRACE_TRUE@am__objects_6 = libstrace_a-unwind.$(OBJEXT) @ENABLE_STACKTRACE_TRUE@@USE_LIBDW_TRUE@am__objects_7 = libstrace_a-unwind-libdw.$(OBJEXT) @ENABLE_STACKTRACE_TRUE@@USE_LIBUNWIND_TRUE@am__objects_8 = libstrace_a-unwind-libunwind.$(OBJEXT) +@ENABLE_SECONTEXT_TRUE@am__objects_9 = \ +@ENABLE_SECONTEXT_TRUE@ libstrace_a-secontext.$(OBJEXT) am_libstrace_a_OBJECTS = libstrace_a-access.$(OBJEXT) \ libstrace_a-affinity.$(OBJEXT) libstrace_a-aio.$(OBJEXT) \ libstrace_a-alpha.$(OBJEXT) \ @@ -567,7 +577,7 @@ libstrace_a-xattr.$(OBJEXT) libstrace_a-xgetdents.$(OBJEXT) \ libstrace_a-xlat.$(OBJEXT) libstrace_a-xmalloc.$(OBJEXT) \ $(am__objects_3) $(am__objects_5) $(am__objects_6) \ - $(am__objects_7) $(am__objects_8) + $(am__objects_7) $(am__objects_8) $(am__objects_9) libstrace_a_OBJECTS = $(am_libstrace_a_OBJECTS) am_strace_OBJECTS = strace-strace.$(OBJEXT) strace_OBJECTS = $(am_strace_OBJECTS) @@ -576,10 +586,12 @@ @ENABLE_STACKTRACE_TRUE@@USE_LIBDW_TRUE@ $(am__DEPENDENCIES_1) @ENABLE_STACKTRACE_TRUE@@USE_LIBUNWIND_TRUE@am__DEPENDENCIES_3 = $(am__DEPENDENCIES_1) @ENABLE_STACKTRACE_TRUE@@USE_DEMANGLE_TRUE@am__DEPENDENCIES_4 = $(am__DEPENDENCIES_1) +@ENABLE_SECONTEXT_TRUE@am__DEPENDENCIES_5 = $(am__DEPENDENCIES_1) strace_DEPENDENCIES = libstrace.a $(am__DEPENDENCIES_1) \ $(am__DEPENDENCIES_1) $(am__DEPENDENCIES_2) \ $(am__DEPENDENCIES_3) $(am__DEPENDENCIES_4) \ - $(am__DEPENDENCIES_1) $(am__append_14) $(am__append_18) + $(am__DEPENDENCIES_5) $(am__DEPENDENCIES_1) $(am__append_18) \ + $(am__append_22) strace_LINK = $(CCLD) $(strace_CFLAGS) $(CFLAGS) $(strace_LDFLAGS) \ $(LDFLAGS) -o $@ am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; @@ -1223,6 +1235,9 @@ libiberty_CPPFLAGS = @libiberty_CPPFLAGS@ libiberty_LDFLAGS = @libiberty_LDFLAGS@ libiberty_LIBS = @libiberty_LIBS@ +libselinux_CPPFLAGS = @libselinux_CPPFLAGS@ +libselinux_LDFLAGS = @libselinux_LDFLAGS@ +libselinux_LIBS = @libselinux_LIBS@ libunwind_CPPFLAGS = @libunwind_CPPFLAGS@ libunwind_LDFLAGS = @libunwind_LDFLAGS@ libunwind_LIBS = @libunwind_LIBS@ @@ -1782,14 +1797,15 @@ xlat/xattrflags.h xlat/xdp_flags.h xlat/xfs_dqblk_flags.h \ xlat/xfs_quota_flags.h strace_CPPFLAGS = $(AM_CPPFLAGS) $(am__append_3) $(am__append_8) \ - $(am__append_11) $(CODE_COVERAGE_CPPFLAGS) + $(am__append_11) $(am__append_15) $(CODE_COVERAGE_CPPFLAGS) strace_CFLAGS = $(AM_CFLAGS) $(am__append_4) $(CODE_COVERAGE_CFLAGS) -strace_LDFLAGS = $(am__append_5) $(am__append_9) $(am__append_12) +strace_LDFLAGS = $(am__append_5) $(am__append_9) $(am__append_12) \ + $(am__append_16) strace_LDADD = libstrace.a $(clock_LIBS) $(timer_LIBS) $(am__append_6) \ - $(am__append_10) $(am__append_13) $(CODE_COVERAGE_LIBS) \ - $(am__append_14) $(am__append_18) + $(am__append_10) $(am__append_13) $(am__append_17) \ + $(CODE_COVERAGE_LIBS) $(am__append_18) $(am__append_22) strace_SOURCES = strace.c -noinst_LIBRARIES = libstrace.a $(am__append_15) $(am__append_19) +noinst_LIBRARIES = libstrace.a $(am__append_19) $(am__append_23) libstrace_a_CPPFLAGS = $(strace_CPPFLAGS) libstrace_a_CFLAGS = $(strace_CFLAGS) libstrace_a_SOURCES = access.c affinity.c aio.c alpha.c arch_defs.h \ @@ -1864,7 +1880,7 @@ wait.h watchdog_ioctl.c xattr.c xfs_quota_stat.h xgetdents.c \ xgetdents.h xlat.c xlat.h xmalloc.c xmalloc.h xstring.h \ $(TYPES_HEADER_FILES) $(strace_SOURCES_check) $(am__append_1) \ - $(am__append_2) $(am__append_7) + $(am__append_2) $(am__append_7) $(am__append_14) strace_SOURCES_check = bpf_attr_check.c $(TYPES_CHECK_FILES) CODE_COVERAGE_BRANCH_COVERAGE = 1 CODE_COVERAGE_GENHTML_OPTIONS = $(CODE_COVERAGE_GENHTML_OPTIONS_DEFAULT) \ @@ -2459,12 +2475,12 @@ ioctl_redefs_h = $(filter-out ioctl_redefs0.h,$(subst ioctlent,ioctl_redefs,$(ioctlent_h))) BUILT_SOURCES = $(ioctl_redefs_h) $(ioctlent_h) bpf_attr_check.c \ native_printer_decls.h native_printer_defs.h printers.h sen.h \ - sys_func.h .version scno.h $(am__append_16) $(am__append_20) + sys_func.h .version scno.h $(am__append_20) $(am__append_24) CLEANFILES = $(ioctl_redefs_h) $(ioctlent_h) $(mpers_preproc_files) \ ioctl_iocdef.h ioctl_iocdef.i bpf_attr_check.c \ native_printer_decls.h native_printer_defs.h printers.h sen.h \ - sys_func.h syscallent.i scno.h $(am__append_17) \ - $(am__append_21) + sys_func.h syscallent.i scno.h $(am__append_21) \ + $(am__append_25) DISTCLEANFILES = gnu/stubs-32.h gnu/stubs-x32.h linux/linux/signal.h SCNO_CPPFLAGS = $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \ $(ARCH_MFLAGS) $(AM_CPPFLAGS) $(CPPFLAGS) @@ -2963,6 +2979,7 @@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libstrace_a-sched.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libstrace_a-scsi.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libstrace_a-seccomp.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libstrace_a-secontext.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libstrace_a-sendfile.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libstrace_a-sg_io_v3.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libstrace_a-sg_io_v4.Po@am__quote@ # am--include-marker @@ -7814,6 +7831,20 @@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libstrace_a_CPPFLAGS) $(CPPFLAGS) $(libstrace_a_CFLAGS) $(CFLAGS) -c -o libstrace_a-unwind-libunwind.obj `if test -f 'unwind-libunwind.c'; then $(CYGPATH_W) 'unwind-libunwind.c'; else $(CYGPATH_W) '$(srcdir)/unwind-libunwind.c'; fi` +libstrace_a-secontext.o: secontext.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libstrace_a_CPPFLAGS) $(CPPFLAGS) $(libstrace_a_CFLAGS) $(CFLAGS) -MT libstrace_a-secontext.o -MD -MP -MF $(DEPDIR)/libstrace_a-secontext.Tpo -c -o libstrace_a-secontext.o `test -f 'secontext.c' || echo '$(srcdir)/'`secontext.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libstrace_a-secontext.Tpo $(DEPDIR)/libstrace_a-secontext.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='secontext.c' object='libstrace_a-secontext.o' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libstrace_a_CPPFLAGS) $(CPPFLAGS) $(libstrace_a_CFLAGS) $(CFLAGS) -c -o libstrace_a-secontext.o `test -f 'secontext.c' || echo '$(srcdir)/'`secontext.c + +libstrace_a-secontext.obj: secontext.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libstrace_a_CPPFLAGS) $(CPPFLAGS) $(libstrace_a_CFLAGS) $(CFLAGS) -MT libstrace_a-secontext.obj -MD -MP -MF $(DEPDIR)/libstrace_a-secontext.Tpo -c -o libstrace_a-secontext.obj `if test -f 'secontext.c'; then $(CYGPATH_W) 'secontext.c'; else $(CYGPATH_W) '$(srcdir)/secontext.c'; fi` +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libstrace_a-secontext.Tpo $(DEPDIR)/libstrace_a-secontext.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='secontext.c' object='libstrace_a-secontext.obj' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libstrace_a_CPPFLAGS) $(CPPFLAGS) $(libstrace_a_CFLAGS) $(CFLAGS) -c -o libstrace_a-secontext.obj `if test -f 'secontext.c'; then $(CYGPATH_W) 'secontext.c'; else $(CYGPATH_W) '$(srcdir)/secontext.c'; fi` + strace-strace.o: strace.c @am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(strace_CPPFLAGS) $(CPPFLAGS) $(strace_CFLAGS) $(CFLAGS) -MT strace-strace.o -MD -MP -MF $(DEPDIR)/strace-strace.Tpo -c -o strace-strace.o `test -f 'strace.c' || echo '$(srcdir)/'`strace.c @am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/strace-strace.Tpo $(DEPDIR)/strace-strace.Po Index: strace-5.7/tests/Makefile.in =================================================================== --- strace-5.7.orig/tests/Makefile.in 2021-08-24 21:08:35.436312206 +0200 +++ strace-5.7/tests/Makefile.in 2021-08-24 21:08:43.286245764 +0200 @@ -22,6 +22,8 @@ # # SPDX-License-Identifier: GPL-2.0-or-later +# Generated by ./tests/gen_secontext.sh from ./tests/gen_tests.in; do not edit. + # scno.h make rules for strace. # # Copyright (c) 2017-2019 Dmitry V. Levin @@ -102,8 +104,8 @@ POST_UNINSTALL = : build_triplet = @build@ host_triplet = @host@ -check_PROGRAMS = $(am__EXEEXT_1) _newselect-P$(EXEEXT) answer$(EXEEXT) \ - attach-f-p$(EXEEXT) attach-f-p-cmd$(EXEEXT) \ +check_PROGRAMS = $(am__EXEEXT_1) $(am__EXEEXT_2) _newselect-P$(EXEEXT) \ + answer$(EXEEXT) attach-f-p$(EXEEXT) attach-f-p-cmd$(EXEEXT) \ attach-p-cmd-cmd$(EXEEXT) attach-p-cmd-p$(EXEEXT) \ block_reset_raise_run$(EXEEXT) block_reset_run$(EXEEXT) \ bpf-obj_get_info_by_fd$(EXEEXT) \ @@ -221,7 +223,7 @@ xetpriority--pidns-translation$(EXEEXT) \ xet_robust_list--pidns-translation$(EXEEXT) zeroargc$(EXEEXT) @ENABLE_STACKTRACE_TRUE@@USE_DEMANGLE_TRUE@am__append_1 = strace-k-demangle.test -TESTS = $(GEN_TESTS) $(DECODER_TESTS) $(MISC_TESTS) $(am__EXEEXT_2) +TESTS = $(GEN_TESTS) $(DECODER_TESTS) $(MISC_TESTS) $(am__EXEEXT_3) subdir = tests ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/xlat/btrfs_compress_types.m4 \ @@ -270,6 +272,7 @@ $(top_srcdir)/m4/st_esyscmd_s.m4 $(top_srcdir)/m4/st_libdw.m4 \ $(top_srcdir)/m4/st_libunwind.m4 \ $(top_srcdir)/m4/st_save_restore_var.m4 \ + $(top_srcdir)/m4/st_selinux.m4 \ $(top_srcdir)/m4/st_stacktrace.m4 \ $(top_srcdir)/m4/st_warn_cflags.m4 \ $(top_srcdir)/m4/warnings.m4 $(top_srcdir)/configure.ac @@ -298,7 +301,8 @@ epoll_create$(EXEEXT) epoll_create1$(EXEEXT) \ epoll_ctl$(EXEEXT) epoll_pwait$(EXEEXT) epoll_wait$(EXEEXT) \ erestartsys$(EXEEXT) eventfd$(EXEEXT) execve$(EXEEXT) \ - execveat$(EXEEXT) faccessat$(EXEEXT) fadvise64$(EXEEXT) \ + execveat$(EXEEXT) faccessat$(EXEEXT) faccessat-P$(EXEEXT) \ + faccessat-y$(EXEEXT) faccessat-yy$(EXEEXT) fadvise64$(EXEEXT) \ fadvise64_64$(EXEEXT) fallocate$(EXEEXT) \ fanotify_init$(EXEEXT) fanotify_mark$(EXEEXT) \ fanotify_mark-Xabbrev$(EXEEXT) fanotify_mark-Xraw$(EXEEXT) \ @@ -543,6 +547,26 @@ xattr-strings$(EXEEXT) xet_robust_list$(EXEEXT) \ xet_thread_area_x86$(EXEEXT) xetitimer$(EXEEXT) \ xetpgid$(EXEEXT) xetpriority$(EXEEXT) xettimeofday$(EXEEXT) +am__EXEEXT_2 = access--secontext$(EXEEXT) \ + access--secontext_full$(EXEEXT) chmod--secontext$(EXEEXT) \ + chmod--secontext_full$(EXEEXT) execve--secontext$(EXEEXT) \ + execve--secontext_full$(EXEEXT) execveat--secontext$(EXEEXT) \ + execveat--secontext_full$(EXEEXT) \ + faccessat--secontext$(EXEEXT) \ + faccessat--secontext_full$(EXEEXT) \ + faccessat-y--secontext$(EXEEXT) \ + faccessat-y--secontext_full$(EXEEXT) \ + fanotify_mark--secontext$(EXEEXT) \ + fanotify_mark--secontext_full$(EXEEXT) \ + fchmod--secontext$(EXEEXT) fchmod--secontext_full$(EXEEXT) \ + fchmod-y--secontext$(EXEEXT) fchmod-y--secontext_full$(EXEEXT) \ + fchmodat--secontext$(EXEEXT) fchmodat--secontext_full$(EXEEXT) \ + fchownat--secontext$(EXEEXT) fchownat--secontext_full$(EXEEXT) \ + file_handle--secontext$(EXEEXT) \ + file_handle--secontext_full$(EXEEXT) \ + linkat--secontext$(EXEEXT) linkat--secontext_full$(EXEEXT) \ + open--secontext$(EXEEXT) open--secontext_full$(EXEEXT) \ + openat--secontext$(EXEEXT) openat--secontext_full$(EXEEXT) ARFLAGS = cru AM_V_AR = $(am__v_AR_@AM_V@) am__v_AR_ = $(am__v_AR_@AM_DEFAULT_V@) @@ -571,6 +595,7 @@ libtests_a-printxval-Xabbrev.$(OBJEXT) \ libtests_a-printxval-Xraw.$(OBJEXT) \ libtests_a-printxval-Xverbose.$(OBJEXT) \ + libtests_a-secontext.$(OBJEXT) \ libtests_a-signal2name.$(OBJEXT) \ libtests_a-skip_unavailable.$(OBJEXT) \ libtests_a-sprintrc.$(OBJEXT) libtests_a-status.$(OBJEXT) \ @@ -600,6 +625,14 @@ access_OBJECTS = access.$(OBJEXT) access_LDADD = $(LDADD) access_DEPENDENCIES = libtests.a +access__secontext_SOURCES = access--secontext.c +access__secontext_OBJECTS = access--secontext.$(OBJEXT) +am__DEPENDENCIES_1 = +@HAVE_SELINUX_RUNTIME_TRUE@am__DEPENDENCIES_2 = $(am__DEPENDENCIES_1) +access__secontext_DEPENDENCIES = $(LDADD) $(am__DEPENDENCIES_2) +access__secontext_full_SOURCES = access--secontext_full.c +access__secontext_full_OBJECTS = access--secontext_full.$(OBJEXT) +access__secontext_full_DEPENDENCIES = $(LDADD) $(am__DEPENDENCIES_2) acct_SOURCES = acct.c acct_OBJECTS = acct.$(OBJEXT) acct_LDADD = $(LDADD) @@ -718,6 +751,12 @@ chmod_OBJECTS = chmod.$(OBJEXT) chmod_LDADD = $(LDADD) chmod_DEPENDENCIES = libtests.a +chmod__secontext_SOURCES = chmod--secontext.c +chmod__secontext_OBJECTS = chmod--secontext.$(OBJEXT) +chmod__secontext_DEPENDENCIES = $(LDADD) $(am__DEPENDENCIES_2) +chmod__secontext_full_SOURCES = chmod--secontext_full.c +chmod__secontext_full_OBJECTS = chmod--secontext_full.$(OBJEXT) +chmod__secontext_full_DEPENDENCIES = $(LDADD) $(am__DEPENDENCIES_2) chown_SOURCES = chown.c chown_OBJECTS = chown.$(OBJEXT) chown_LDADD = $(LDADD) @@ -828,7 +867,6 @@ creat_DEPENDENCIES = libtests.a delay_SOURCES = delay.c delay_OBJECTS = delay.$(OBJEXT) -am__DEPENDENCIES_1 = delay_DEPENDENCIES = $(am__DEPENDENCIES_1) $(LDADD) delete_module_SOURCES = delete_module.c delete_module_OBJECTS = delete_module.$(OBJEXT) @@ -930,6 +968,12 @@ execve_OBJECTS = execve.$(OBJEXT) execve_LDADD = $(LDADD) execve_DEPENDENCIES = libtests.a +execve__secontext_SOURCES = execve--secontext.c +execve__secontext_OBJECTS = execve--secontext.$(OBJEXT) +execve__secontext_DEPENDENCIES = $(LDADD) $(am__DEPENDENCIES_2) +execve__secontext_full_SOURCES = execve--secontext_full.c +execve__secontext_full_OBJECTS = execve--secontext_full.$(OBJEXT) +execve__secontext_full_DEPENDENCIES = $(LDADD) $(am__DEPENDENCIES_2) execve_v_SOURCES = execve-v.c execve_v_OBJECTS = execve-v.$(OBJEXT) execve_v_LDADD = $(LDADD) @@ -938,6 +982,12 @@ execveat_OBJECTS = execveat.$(OBJEXT) execveat_LDADD = $(LDADD) execveat_DEPENDENCIES = libtests.a +execveat__secontext_SOURCES = execveat--secontext.c +execveat__secontext_OBJECTS = execveat--secontext.$(OBJEXT) +execveat__secontext_DEPENDENCIES = $(LDADD) $(am__DEPENDENCIES_2) +execveat__secontext_full_SOURCES = execveat--secontext_full.c +execveat__secontext_full_OBJECTS = execveat--secontext_full.$(OBJEXT) +execveat__secontext_full_DEPENDENCIES = $(LDADD) $(am__DEPENDENCIES_2) execveat_v_SOURCES = execveat-v.c execveat_v_OBJECTS = execveat-v.$(OBJEXT) execveat_v_LDADD = $(LDADD) @@ -946,6 +996,34 @@ faccessat_OBJECTS = faccessat.$(OBJEXT) faccessat_LDADD = $(LDADD) faccessat_DEPENDENCIES = libtests.a +faccessat__secontext_SOURCES = faccessat--secontext.c +faccessat__secontext_OBJECTS = faccessat--secontext.$(OBJEXT) +faccessat__secontext_DEPENDENCIES = $(LDADD) $(am__DEPENDENCIES_2) +faccessat__secontext_full_SOURCES = faccessat--secontext_full.c +faccessat__secontext_full_OBJECTS = \ + faccessat--secontext_full.$(OBJEXT) +faccessat__secontext_full_DEPENDENCIES = $(LDADD) \ + $(am__DEPENDENCIES_2) +faccessat_P_SOURCES = faccessat-P.c +faccessat_P_OBJECTS = faccessat-P.$(OBJEXT) +faccessat_P_LDADD = $(LDADD) +faccessat_P_DEPENDENCIES = libtests.a +faccessat_y_SOURCES = faccessat-y.c +faccessat_y_OBJECTS = faccessat-y.$(OBJEXT) +faccessat_y_LDADD = $(LDADD) +faccessat_y_DEPENDENCIES = libtests.a +faccessat_y__secontext_SOURCES = faccessat-y--secontext.c +faccessat_y__secontext_OBJECTS = faccessat-y--secontext.$(OBJEXT) +faccessat_y__secontext_DEPENDENCIES = $(LDADD) $(am__DEPENDENCIES_2) +faccessat_y__secontext_full_SOURCES = faccessat-y--secontext_full.c +faccessat_y__secontext_full_OBJECTS = \ + faccessat-y--secontext_full.$(OBJEXT) +faccessat_y__secontext_full_DEPENDENCIES = $(LDADD) \ + $(am__DEPENDENCIES_2) +faccessat_yy_SOURCES = faccessat-yy.c +faccessat_yy_OBJECTS = faccessat-yy.$(OBJEXT) +faccessat_yy_LDADD = $(LDADD) +faccessat_yy_DEPENDENCIES = libtests.a fadvise64_SOURCES = fadvise64.c fadvise64_OBJECTS = fadvise64.$(OBJEXT) fadvise64_LDADD = $(LDADD) @@ -966,6 +1044,15 @@ fanotify_mark_OBJECTS = fanotify_mark.$(OBJEXT) fanotify_mark_LDADD = $(LDADD) fanotify_mark_DEPENDENCIES = libtests.a +fanotify_mark__secontext_SOURCES = fanotify_mark--secontext.c +fanotify_mark__secontext_OBJECTS = fanotify_mark--secontext.$(OBJEXT) +fanotify_mark__secontext_DEPENDENCIES = $(LDADD) $(am__DEPENDENCIES_2) +fanotify_mark__secontext_full_SOURCES = \ + fanotify_mark--secontext_full.c +fanotify_mark__secontext_full_OBJECTS = \ + fanotify_mark--secontext_full.$(OBJEXT) +fanotify_mark__secontext_full_DEPENDENCIES = $(LDADD) \ + $(am__DEPENDENCIES_2) fanotify_mark_Xabbrev_SOURCES = fanotify_mark-Xabbrev.c fanotify_mark_Xabbrev_OBJECTS = fanotify_mark-Xabbrev.$(OBJEXT) fanotify_mark_Xabbrev_LDADD = $(LDADD) @@ -986,14 +1073,32 @@ fchmod_OBJECTS = fchmod.$(OBJEXT) fchmod_LDADD = $(LDADD) fchmod_DEPENDENCIES = libtests.a +fchmod__secontext_SOURCES = fchmod--secontext.c +fchmod__secontext_OBJECTS = fchmod--secontext.$(OBJEXT) +fchmod__secontext_DEPENDENCIES = $(LDADD) $(am__DEPENDENCIES_2) +fchmod__secontext_full_SOURCES = fchmod--secontext_full.c +fchmod__secontext_full_OBJECTS = fchmod--secontext_full.$(OBJEXT) +fchmod__secontext_full_DEPENDENCIES = $(LDADD) $(am__DEPENDENCIES_2) fchmod_y_SOURCES = fchmod-y.c fchmod_y_OBJECTS = fchmod-y.$(OBJEXT) fchmod_y_LDADD = $(LDADD) fchmod_y_DEPENDENCIES = libtests.a +fchmod_y__secontext_SOURCES = fchmod-y--secontext.c +fchmod_y__secontext_OBJECTS = fchmod-y--secontext.$(OBJEXT) +fchmod_y__secontext_DEPENDENCIES = $(LDADD) $(am__DEPENDENCIES_2) +fchmod_y__secontext_full_SOURCES = fchmod-y--secontext_full.c +fchmod_y__secontext_full_OBJECTS = fchmod-y--secontext_full.$(OBJEXT) +fchmod_y__secontext_full_DEPENDENCIES = $(LDADD) $(am__DEPENDENCIES_2) fchmodat_SOURCES = fchmodat.c fchmodat_OBJECTS = fchmodat.$(OBJEXT) fchmodat_LDADD = $(LDADD) fchmodat_DEPENDENCIES = libtests.a +fchmodat__secontext_SOURCES = fchmodat--secontext.c +fchmodat__secontext_OBJECTS = fchmodat--secontext.$(OBJEXT) +fchmodat__secontext_DEPENDENCIES = $(LDADD) $(am__DEPENDENCIES_2) +fchmodat__secontext_full_SOURCES = fchmodat--secontext_full.c +fchmodat__secontext_full_OBJECTS = fchmodat--secontext_full.$(OBJEXT) +fchmodat__secontext_full_DEPENDENCIES = $(LDADD) $(am__DEPENDENCIES_2) fchown_SOURCES = fchown.c fchown_OBJECTS = fchown.$(OBJEXT) fchown_LDADD = $(LDADD) @@ -1006,6 +1111,12 @@ fchownat_OBJECTS = fchownat.$(OBJEXT) fchownat_LDADD = $(LDADD) fchownat_DEPENDENCIES = libtests.a +fchownat__secontext_SOURCES = fchownat--secontext.c +fchownat__secontext_OBJECTS = fchownat--secontext.$(OBJEXT) +fchownat__secontext_DEPENDENCIES = $(LDADD) $(am__DEPENDENCIES_2) +fchownat__secontext_full_SOURCES = fchownat--secontext_full.c +fchownat__secontext_full_OBJECTS = fchownat--secontext_full.$(OBJEXT) +fchownat__secontext_full_DEPENDENCIES = $(LDADD) $(am__DEPENDENCIES_2) fcntl_SOURCES = fcntl.c fcntl_OBJECTS = fcntl.$(OBJEXT) fcntl_LDADD = $(LDADD) @@ -1035,6 +1146,14 @@ file_handle_OBJECTS = file_handle.$(OBJEXT) file_handle_LDADD = $(LDADD) file_handle_DEPENDENCIES = libtests.a +file_handle__secontext_SOURCES = file_handle--secontext.c +file_handle__secontext_OBJECTS = file_handle--secontext.$(OBJEXT) +file_handle__secontext_DEPENDENCIES = $(LDADD) $(am__DEPENDENCIES_2) +file_handle__secontext_full_SOURCES = file_handle--secontext_full.c +file_handle__secontext_full_OBJECTS = \ + file_handle--secontext_full.$(OBJEXT) +file_handle__secontext_full_DEPENDENCIES = $(LDADD) \ + $(am__DEPENDENCIES_2) file_ioctl_SOURCES = file_ioctl.c file_ioctl_OBJECTS = file_ioctl.$(OBJEXT) file_ioctl_LDADD = $(LDADD) @@ -1886,6 +2005,12 @@ linkat_OBJECTS = linkat.$(OBJEXT) linkat_LDADD = $(LDADD) linkat_DEPENDENCIES = libtests.a +linkat__secontext_SOURCES = linkat--secontext.c +linkat__secontext_OBJECTS = linkat--secontext.$(OBJEXT) +linkat__secontext_DEPENDENCIES = $(LDADD) $(am__DEPENDENCIES_2) +linkat__secontext_full_SOURCES = linkat--secontext_full.c +linkat__secontext_full_OBJECTS = linkat--secontext_full.$(OBJEXT) +linkat__secontext_full_DEPENDENCIES = $(LDADD) $(am__DEPENDENCIES_2) list_sigaction_signum_SOURCES = list_sigaction_signum.c list_sigaction_signum_OBJECTS = list_sigaction_signum.$(OBJEXT) list_sigaction_signum_LDADD = $(LDADD) @@ -2530,6 +2655,12 @@ open_OBJECTS = open.$(OBJEXT) open_LDADD = $(LDADD) open_DEPENDENCIES = libtests.a +open__secontext_SOURCES = open--secontext.c +open__secontext_OBJECTS = open--secontext.$(OBJEXT) +open__secontext_DEPENDENCIES = $(LDADD) $(am__DEPENDENCIES_2) +open__secontext_full_SOURCES = open--secontext_full.c +open__secontext_full_OBJECTS = open--secontext_full.$(OBJEXT) +open__secontext_full_DEPENDENCIES = $(LDADD) $(am__DEPENDENCIES_2) open_tree_SOURCES = open_tree.c open_tree_OBJECTS = open_tree.$(OBJEXT) open_tree_LDADD = $(LDADD) @@ -2542,6 +2673,12 @@ openat_OBJECTS = openat.$(OBJEXT) openat_LDADD = $(LDADD) openat_DEPENDENCIES = libtests.a +openat__secontext_SOURCES = openat--secontext.c +openat__secontext_OBJECTS = openat--secontext.$(OBJEXT) +openat__secontext_DEPENDENCIES = $(LDADD) $(am__DEPENDENCIES_2) +openat__secontext_full_SOURCES = openat--secontext_full.c +openat__secontext_full_OBJECTS = openat--secontext_full.$(OBJEXT) +openat__secontext_full_DEPENDENCIES = $(LDADD) $(am__DEPENDENCIES_2) openat2_SOURCES = openat2.c openat2_OBJECTS = openat2.$(OBJEXT) openat2_LDADD = $(LDADD) @@ -4487,7 +4624,8 @@ am__v_CCLD_0 = @echo " CCLD " $@; am__v_CCLD_1 = SOURCES = $(libtests_a_SOURCES) _newselect.c _newselect-P.c accept.c \ - accept4.c access.c acct.c add_key.c adjtimex.c aio.c \ + accept4.c access.c access--secontext.c \ + access--secontext_full.c acct.c add_key.c adjtimex.c aio.c \ aio_pgetevents.c alarm.c answer.c attach-f-p.c \ attach-f-p-cmd.c attach-p-cmd-cmd.c attach-p-cmd-p.c \ block_reset_raise_run.c block_reset_run.c bpf.c \ @@ -4495,7 +4633,8 @@ bpf-obj_get_info_by_fd-prog-v.c bpf-obj_get_info_by_fd-v.c \ bpf-success.c bpf-success-long-y.c bpf-success-v.c bpf-v.c \ brk.c btrfs.c caps.c caps-abbrev.c check_sigblock.c \ - check_sigign.c chmod.c chown.c chown32.c chroot.c \ + check_sigign.c chmod.c chmod--secontext.c \ + chmod--secontext_full.c chown.c chown32.c chroot.c \ clock_adjtime.c clock_nanosleep.c clock_xettime.c \ clone-flags.c clone3.c clone3-Xabbrev.c clone3-Xraw.c \ clone3-Xverbose.c clone3-success.c clone3-success-Xabbrev.c \ @@ -4509,25 +4648,35 @@ dup-yy.c dup2.c dup2-P.c dup2-y.c dup2-yy.c dup3.c dup3-P.c \ dup3-y.c dup3-yy.c epoll_create.c epoll_create1.c epoll_ctl.c \ epoll_pwait.c epoll_wait.c erestartsys.c eventfd.c execve.c \ - execve-v.c execveat.c execveat-v.c faccessat.c fadvise64.c \ - fadvise64_64.c fallocate.c fanotify_init.c fanotify_mark.c \ - fanotify_mark-Xabbrev.c fanotify_mark-Xraw.c \ - fanotify_mark-Xverbose.c fchdir.c fchmod.c fchmod-y.c \ - fchmodat.c fchown.c fchown32.c fchownat.c fcntl.c \ - fcntl--pidns-translation.c fcntl64.c \ - fcntl64--pidns-translation.c fdatasync.c fflush.c \ - file_handle.c file_ioctl.c filter-unavailable.c \ - filter_seccomp-flag.c filter_seccomp-perf.c finit_module.c \ - flock.c fork--pidns-translation.c fork-f.c fsconfig.c \ - fsconfig-P.c fsmount.c fsopen.c fspick.c fspick-P.c fstat.c \ - fstat-Xabbrev.c fstat-Xraw.c fstat-Xverbose.c fstat64.c \ - fstat64-Xabbrev.c fstat64-Xraw.c fstat64-Xverbose.c \ - fstatat64.c fstatfs.c fstatfs64.c fsync.c fsync-y.c \ - ftruncate.c ftruncate64.c futex.c futimesat.c get_mempolicy.c \ - get_process_reaper.c getcpu.c getcwd.c getdents.c getdents-v.c \ - getdents64.c getdents64-v.c getegid.c getegid32.c geteuid.c \ - geteuid32.c getgid.c getgid32.c getgroups.c getgroups32.c \ - getpeername.c getpgrp.c getpgrp--pidns-translation.c getpid.c \ + execve--secontext.c execve--secontext_full.c execve-v.c \ + execveat.c execveat--secontext.c execveat--secontext_full.c \ + execveat-v.c faccessat.c faccessat--secontext.c \ + faccessat--secontext_full.c faccessat-P.c faccessat-y.c \ + faccessat-y--secontext.c faccessat-y--secontext_full.c \ + faccessat-yy.c fadvise64.c fadvise64_64.c fallocate.c \ + fanotify_init.c fanotify_mark.c fanotify_mark--secontext.c \ + fanotify_mark--secontext_full.c fanotify_mark-Xabbrev.c \ + fanotify_mark-Xraw.c fanotify_mark-Xverbose.c fchdir.c \ + fchmod.c fchmod--secontext.c fchmod--secontext_full.c \ + fchmod-y.c fchmod-y--secontext.c fchmod-y--secontext_full.c \ + fchmodat.c fchmodat--secontext.c fchmodat--secontext_full.c \ + fchown.c fchown32.c fchownat.c fchownat--secontext.c \ + fchownat--secontext_full.c fcntl.c fcntl--pidns-translation.c \ + fcntl64.c fcntl64--pidns-translation.c fdatasync.c fflush.c \ + file_handle.c file_handle--secontext.c \ + file_handle--secontext_full.c file_ioctl.c \ + filter-unavailable.c filter_seccomp-flag.c \ + filter_seccomp-perf.c finit_module.c flock.c \ + fork--pidns-translation.c fork-f.c fsconfig.c fsconfig-P.c \ + fsmount.c fsopen.c fspick.c fspick-P.c fstat.c fstat-Xabbrev.c \ + fstat-Xraw.c fstat-Xverbose.c fstat64.c fstat64-Xabbrev.c \ + fstat64-Xraw.c fstat64-Xverbose.c fstatat64.c fstatfs.c \ + fstatfs64.c fsync.c fsync-y.c ftruncate.c ftruncate64.c \ + futex.c futimesat.c get_mempolicy.c get_process_reaper.c \ + getcpu.c getcwd.c getdents.c getdents-v.c getdents64.c \ + getdents64-v.c getegid.c getegid32.c geteuid.c geteuid32.c \ + getgid.c getgid32.c getgroups.c getgroups32.c getpeername.c \ + getpgrp.c getpgrp--pidns-translation.c getpid.c \ getpid--pidns-translation.c getppid.c getrandom.c getresgid.c \ getresgid32.c getresuid.c getresuid32.c getrlimit.c \ getrusage.c getsid.c getsid--pidns-translation.c getsockname.c \ @@ -4578,7 +4727,8 @@ kexec_file_load.c kexec_load.c keyctl.c keyctl-Xabbrev.c \ keyctl-Xraw.c keyctl-Xverbose.c kill.c \ kill--pidns-translation.c kill_child.c ksysent.c lchown.c \ - lchown32.c link.c linkat.c list_sigaction_signum.c llseek.c \ + lchown32.c link.c linkat.c linkat--secontext.c \ + linkat--secontext_full.c list_sigaction_signum.c llseek.c \ localtime.c lookup_dcookie.c looping_threads.c lseek.c lstat.c \ lstat64.c madvise.c maybe_switch_current_tcp.c \ maybe_switch_current_tcp--quiet-thread-execve.c mbind.c \ @@ -4629,23 +4779,25 @@ old_mmap-Xabbrev.c old_mmap-Xraw.c old_mmap-Xverbose.c \ old_mmap-v-none.c oldfstat.c oldlstat.c oldselect.c \ oldselect-P.c oldselect-efault.c oldselect-efault-P.c \ - oldstat.c open.c open_tree.c open_tree-P.c openat.c openat2.c \ - openat2-Xabbrev.c openat2-Xraw.c openat2-Xverbose.c \ - openat2-v.c openat2-v-y.c openat2-v-y-Xabbrev.c \ - openat2-v-y-Xraw.c openat2-v-y-Xverbose.c openat2-y.c \ - orphaned_process_group.c osf_utimes.c pause.c pc.c \ - perf_event_open.c perf_event_open_nonverbose.c \ - perf_event_open_unabbrev.c personality.c personality-Xabbrev.c \ - personality-Xraw.c personality-Xverbose.c pidfd_getfd.c \ - pidfd_getfd-y.c pidfd_getfd-yy.c pidfd_open.c \ - pidfd_open--decode-fd-path.c pidfd_open--decode-fd-pidfd.c \ - pidfd_open--decode-fd-socket.c pidfd_open--pidns-translation.c \ - pidfd_open-P.c pidfd_open-y.c pidfd_open-yy.c \ - pidfd_send_signal.c pidfd_send_signal--pidns-translation.c \ - pidns-cache.c pipe.c pipe2.c pkey_alloc.c pkey_free.c \ - pkey_mprotect.c poll.c poll-P.c ppoll.c ppoll-P.c ppoll-v.c \ - prctl-arg2-intptr.c prctl-dumpable.c prctl-name.c \ - prctl-no-args.c prctl-pdeathsig.c prctl-seccomp-filter-v.c \ + oldstat.c open.c open--secontext.c open--secontext_full.c \ + open_tree.c open_tree-P.c openat.c openat--secontext.c \ + openat--secontext_full.c openat2.c openat2-Xabbrev.c \ + openat2-Xraw.c openat2-Xverbose.c openat2-v.c openat2-v-y.c \ + openat2-v-y-Xabbrev.c openat2-v-y-Xraw.c \ + openat2-v-y-Xverbose.c openat2-y.c orphaned_process_group.c \ + osf_utimes.c pause.c pc.c perf_event_open.c \ + perf_event_open_nonverbose.c perf_event_open_unabbrev.c \ + personality.c personality-Xabbrev.c personality-Xraw.c \ + personality-Xverbose.c pidfd_getfd.c pidfd_getfd-y.c \ + pidfd_getfd-yy.c pidfd_open.c pidfd_open--decode-fd-path.c \ + pidfd_open--decode-fd-pidfd.c pidfd_open--decode-fd-socket.c \ + pidfd_open--pidns-translation.c pidfd_open-P.c pidfd_open-y.c \ + pidfd_open-yy.c pidfd_send_signal.c \ + pidfd_send_signal--pidns-translation.c pidns-cache.c pipe.c \ + pipe2.c pkey_alloc.c pkey_free.c pkey_mprotect.c poll.c \ + poll-P.c ppoll.c ppoll-P.c ppoll-v.c prctl-arg2-intptr.c \ + prctl-dumpable.c prctl-name.c prctl-no-args.c \ + prctl-pdeathsig.c prctl-seccomp-filter-v.c \ prctl-seccomp-strict.c prctl-securebits.c prctl-spec-inject.c \ prctl-tid_address.c prctl-tsc.c pread64-pwrite64.c preadv.c \ preadv-pwritev.c preadv2-pwritev2.c print_maxfd.c \ @@ -4735,7 +4887,8 @@ xetpriority.c xetpriority--pidns-translation.c xettimeofday.c \ zeroargc.c DIST_SOURCES = $(libtests_a_SOURCES) _newselect.c _newselect-P.c \ - accept.c accept4.c access.c acct.c add_key.c adjtimex.c aio.c \ + accept.c accept4.c access.c access--secontext.c \ + access--secontext_full.c acct.c add_key.c adjtimex.c aio.c \ aio_pgetevents.c alarm.c answer.c attach-f-p.c \ attach-f-p-cmd.c attach-p-cmd-cmd.c attach-p-cmd-p.c \ block_reset_raise_run.c block_reset_run.c bpf.c \ @@ -4743,7 +4896,8 @@ bpf-obj_get_info_by_fd-prog-v.c bpf-obj_get_info_by_fd-v.c \ bpf-success.c bpf-success-long-y.c bpf-success-v.c bpf-v.c \ brk.c btrfs.c caps.c caps-abbrev.c check_sigblock.c \ - check_sigign.c chmod.c chown.c chown32.c chroot.c \ + check_sigign.c chmod.c chmod--secontext.c \ + chmod--secontext_full.c chown.c chown32.c chroot.c \ clock_adjtime.c clock_nanosleep.c clock_xettime.c \ clone-flags.c clone3.c clone3-Xabbrev.c clone3-Xraw.c \ clone3-Xverbose.c clone3-success.c clone3-success-Xabbrev.c \ @@ -4757,25 +4911,35 @@ dup-yy.c dup2.c dup2-P.c dup2-y.c dup2-yy.c dup3.c dup3-P.c \ dup3-y.c dup3-yy.c epoll_create.c epoll_create1.c epoll_ctl.c \ epoll_pwait.c epoll_wait.c erestartsys.c eventfd.c execve.c \ - execve-v.c execveat.c execveat-v.c faccessat.c fadvise64.c \ - fadvise64_64.c fallocate.c fanotify_init.c fanotify_mark.c \ - fanotify_mark-Xabbrev.c fanotify_mark-Xraw.c \ - fanotify_mark-Xverbose.c fchdir.c fchmod.c fchmod-y.c \ - fchmodat.c fchown.c fchown32.c fchownat.c fcntl.c \ - fcntl--pidns-translation.c fcntl64.c \ - fcntl64--pidns-translation.c fdatasync.c fflush.c \ - file_handle.c file_ioctl.c filter-unavailable.c \ - filter_seccomp-flag.c filter_seccomp-perf.c finit_module.c \ - flock.c fork--pidns-translation.c fork-f.c fsconfig.c \ - fsconfig-P.c fsmount.c fsopen.c fspick.c fspick-P.c fstat.c \ - fstat-Xabbrev.c fstat-Xraw.c fstat-Xverbose.c fstat64.c \ - fstat64-Xabbrev.c fstat64-Xraw.c fstat64-Xverbose.c \ - fstatat64.c fstatfs.c fstatfs64.c fsync.c fsync-y.c \ - ftruncate.c ftruncate64.c futex.c futimesat.c get_mempolicy.c \ - get_process_reaper.c getcpu.c getcwd.c getdents.c getdents-v.c \ - getdents64.c getdents64-v.c getegid.c getegid32.c geteuid.c \ - geteuid32.c getgid.c getgid32.c getgroups.c getgroups32.c \ - getpeername.c getpgrp.c getpgrp--pidns-translation.c getpid.c \ + execve--secontext.c execve--secontext_full.c execve-v.c \ + execveat.c execveat--secontext.c execveat--secontext_full.c \ + execveat-v.c faccessat.c faccessat--secontext.c \ + faccessat--secontext_full.c faccessat-P.c faccessat-y.c \ + faccessat-y--secontext.c faccessat-y--secontext_full.c \ + faccessat-yy.c fadvise64.c fadvise64_64.c fallocate.c \ + fanotify_init.c fanotify_mark.c fanotify_mark--secontext.c \ + fanotify_mark--secontext_full.c fanotify_mark-Xabbrev.c \ + fanotify_mark-Xraw.c fanotify_mark-Xverbose.c fchdir.c \ + fchmod.c fchmod--secontext.c fchmod--secontext_full.c \ + fchmod-y.c fchmod-y--secontext.c fchmod-y--secontext_full.c \ + fchmodat.c fchmodat--secontext.c fchmodat--secontext_full.c \ + fchown.c fchown32.c fchownat.c fchownat--secontext.c \ + fchownat--secontext_full.c fcntl.c fcntl--pidns-translation.c \ + fcntl64.c fcntl64--pidns-translation.c fdatasync.c fflush.c \ + file_handle.c file_handle--secontext.c \ + file_handle--secontext_full.c file_ioctl.c \ + filter-unavailable.c filter_seccomp-flag.c \ + filter_seccomp-perf.c finit_module.c flock.c \ + fork--pidns-translation.c fork-f.c fsconfig.c fsconfig-P.c \ + fsmount.c fsopen.c fspick.c fspick-P.c fstat.c fstat-Xabbrev.c \ + fstat-Xraw.c fstat-Xverbose.c fstat64.c fstat64-Xabbrev.c \ + fstat64-Xraw.c fstat64-Xverbose.c fstatat64.c fstatfs.c \ + fstatfs64.c fsync.c fsync-y.c ftruncate.c ftruncate64.c \ + futex.c futimesat.c get_mempolicy.c get_process_reaper.c \ + getcpu.c getcwd.c getdents.c getdents-v.c getdents64.c \ + getdents64-v.c getegid.c getegid32.c geteuid.c geteuid32.c \ + getgid.c getgid32.c getgroups.c getgroups32.c getpeername.c \ + getpgrp.c getpgrp--pidns-translation.c getpid.c \ getpid--pidns-translation.c getppid.c getrandom.c getresgid.c \ getresgid32.c getresuid.c getresuid32.c getrlimit.c \ getrusage.c getsid.c getsid--pidns-translation.c getsockname.c \ @@ -4826,7 +4990,8 @@ kexec_file_load.c kexec_load.c keyctl.c keyctl-Xabbrev.c \ keyctl-Xraw.c keyctl-Xverbose.c kill.c \ kill--pidns-translation.c kill_child.c ksysent.c lchown.c \ - lchown32.c link.c linkat.c list_sigaction_signum.c llseek.c \ + lchown32.c link.c linkat.c linkat--secontext.c \ + linkat--secontext_full.c list_sigaction_signum.c llseek.c \ localtime.c lookup_dcookie.c looping_threads.c lseek.c lstat.c \ lstat64.c madvise.c maybe_switch_current_tcp.c \ maybe_switch_current_tcp--quiet-thread-execve.c mbind.c \ @@ -4877,23 +5042,25 @@ old_mmap-Xabbrev.c old_mmap-Xraw.c old_mmap-Xverbose.c \ old_mmap-v-none.c oldfstat.c oldlstat.c oldselect.c \ oldselect-P.c oldselect-efault.c oldselect-efault-P.c \ - oldstat.c open.c open_tree.c open_tree-P.c openat.c openat2.c \ - openat2-Xabbrev.c openat2-Xraw.c openat2-Xverbose.c \ - openat2-v.c openat2-v-y.c openat2-v-y-Xabbrev.c \ - openat2-v-y-Xraw.c openat2-v-y-Xverbose.c openat2-y.c \ - orphaned_process_group.c osf_utimes.c pause.c pc.c \ - perf_event_open.c perf_event_open_nonverbose.c \ - perf_event_open_unabbrev.c personality.c personality-Xabbrev.c \ - personality-Xraw.c personality-Xverbose.c pidfd_getfd.c \ - pidfd_getfd-y.c pidfd_getfd-yy.c pidfd_open.c \ - pidfd_open--decode-fd-path.c pidfd_open--decode-fd-pidfd.c \ - pidfd_open--decode-fd-socket.c pidfd_open--pidns-translation.c \ - pidfd_open-P.c pidfd_open-y.c pidfd_open-yy.c \ - pidfd_send_signal.c pidfd_send_signal--pidns-translation.c \ - pidns-cache.c pipe.c pipe2.c pkey_alloc.c pkey_free.c \ - pkey_mprotect.c poll.c poll-P.c ppoll.c ppoll-P.c ppoll-v.c \ - prctl-arg2-intptr.c prctl-dumpable.c prctl-name.c \ - prctl-no-args.c prctl-pdeathsig.c prctl-seccomp-filter-v.c \ + oldstat.c open.c open--secontext.c open--secontext_full.c \ + open_tree.c open_tree-P.c openat.c openat--secontext.c \ + openat--secontext_full.c openat2.c openat2-Xabbrev.c \ + openat2-Xraw.c openat2-Xverbose.c openat2-v.c openat2-v-y.c \ + openat2-v-y-Xabbrev.c openat2-v-y-Xraw.c \ + openat2-v-y-Xverbose.c openat2-y.c orphaned_process_group.c \ + osf_utimes.c pause.c pc.c perf_event_open.c \ + perf_event_open_nonverbose.c perf_event_open_unabbrev.c \ + personality.c personality-Xabbrev.c personality-Xraw.c \ + personality-Xverbose.c pidfd_getfd.c pidfd_getfd-y.c \ + pidfd_getfd-yy.c pidfd_open.c pidfd_open--decode-fd-path.c \ + pidfd_open--decode-fd-pidfd.c pidfd_open--decode-fd-socket.c \ + pidfd_open--pidns-translation.c pidfd_open-P.c pidfd_open-y.c \ + pidfd_open-yy.c pidfd_send_signal.c \ + pidfd_send_signal--pidns-translation.c pidns-cache.c pipe.c \ + pipe2.c pkey_alloc.c pkey_free.c pkey_mprotect.c poll.c \ + poll-P.c ppoll.c ppoll-P.c ppoll-v.c prctl-arg2-intptr.c \ + prctl-dumpable.c prctl-name.c prctl-no-args.c \ + prctl-pdeathsig.c prctl-seccomp-filter-v.c \ prctl-seccomp-strict.c prctl-securebits.c prctl-spec-inject.c \ prctl-tid_address.c prctl-tsc.c pread64-pwrite64.c preadv.c \ preadv-pwritev.c preadv2-pwritev2.c print_maxfd.c \ @@ -5194,7 +5361,7 @@ bases=`echo $$bases` RECHECK_LOGS = $(TEST_LOGS) AM_RECURSIVE_TARGETS = check recheck -@ENABLE_STACKTRACE_TRUE@am__EXEEXT_2 = strace-k.test strace-k-p.test \ +@ENABLE_STACKTRACE_TRUE@am__EXEEXT_3 = strace-k.test strace-k-p.test \ @ENABLE_STACKTRACE_TRUE@ $(am__append_1) TEST_SUITE_LOG = test-suite.log TEST_EXTENSIONS = @EXEEXT@ .test @@ -5216,7 +5383,8 @@ esac am__DIST_COMMON = $(srcdir)/../scno.am $(srcdir)/Makefile.in \ $(srcdir)/gen_tests.am $(srcdir)/pure_executables.am \ - $(top_srcdir)/depcomp $(top_srcdir)/test-driver COPYING + $(srcdir)/secontext.am $(top_srcdir)/depcomp \ + $(top_srcdir)/test-driver COPYING DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) ACLOCAL = @ACLOCAL@ AMTAR = @AMTAR@ @@ -5357,6 +5525,9 @@ libiberty_CPPFLAGS = @libiberty_CPPFLAGS@ libiberty_LDFLAGS = @libiberty_LDFLAGS@ libiberty_LIBS = @libiberty_LIBS@ +libselinux_CPPFLAGS = @libselinux_CPPFLAGS@ +libselinux_LDFLAGS = @libselinux_LDFLAGS@ +libselinux_LIBS = @libselinux_LIBS@ libunwind_CPPFLAGS = @libunwind_CPPFLAGS@ libunwind_LDFLAGS = @libunwind_LDFLAGS@ libunwind_LIBS = @libunwind_LIBS@ @@ -5400,6 +5571,8 @@ -DTESTS_SIZEOF_LONG=$(SIZEOF_LONG) AM_LDFLAGS = $(ARCH_MFLAGS) +@HAVE_SELINUX_RUNTIME_FALSE@libselinux_LDADD = +@HAVE_SELINUX_RUNTIME_TRUE@libselinux_LDADD = $(libselinux_LIBS) libtests_a_SOURCES = \ create_nl_socket.c \ create_tmpfile.c \ @@ -5426,6 +5599,8 @@ printxval-Xabbrev.c \ printxval-Xraw.c \ printxval-Xverbose.c \ + secontext.c \ + secontext.h \ signal2name.c \ skip_unavailable.c \ sprintrc.c \ @@ -5505,6 +5680,9 @@ execve \ execveat \ faccessat \ + faccessat-P \ + faccessat-y \ + faccessat-yy \ fadvise64 \ fadvise64_64 \ fallocate \ @@ -6077,6 +6255,69 @@ xettimeofday \ # +secontext_EXECUTABLES = \ + access--secontext \ + access--secontext_full \ + chmod--secontext \ + chmod--secontext_full \ + execve--secontext \ + execve--secontext_full \ + execveat--secontext \ + execveat--secontext_full \ + faccessat--secontext \ + faccessat--secontext_full \ + faccessat-y--secontext \ + faccessat-y--secontext_full \ + fanotify_mark--secontext \ + fanotify_mark--secontext_full \ + fchmod--secontext \ + fchmod--secontext_full \ + fchmod-y--secontext \ + fchmod-y--secontext_full \ + fchmodat--secontext \ + fchmodat--secontext_full \ + fchownat--secontext \ + fchownat--secontext_full \ + file_handle--secontext \ + file_handle--secontext_full \ + linkat--secontext \ + linkat--secontext_full \ + open--secontext \ + open--secontext_full \ + openat--secontext \ + openat--secontext_full \ + # + +access__secontext_LDADD = $(LDADD) $(libselinux_LDADD) +access__secontext_full_LDADD = $(LDADD) $(libselinux_LDADD) +chmod__secontext_LDADD = $(LDADD) $(libselinux_LDADD) +chmod__secontext_full_LDADD = $(LDADD) $(libselinux_LDADD) +execve__secontext_LDADD = $(LDADD) $(libselinux_LDADD) +execve__secontext_full_LDADD = $(LDADD) $(libselinux_LDADD) +execveat__secontext_LDADD = $(LDADD) $(libselinux_LDADD) +execveat__secontext_full_LDADD = $(LDADD) $(libselinux_LDADD) +faccessat__secontext_LDADD = $(LDADD) $(libselinux_LDADD) +faccessat__secontext_full_LDADD = $(LDADD) $(libselinux_LDADD) +faccessat_y__secontext_LDADD = $(LDADD) $(libselinux_LDADD) +faccessat_y__secontext_full_LDADD = $(LDADD) $(libselinux_LDADD) +fanotify_mark__secontext_LDADD = $(LDADD) $(libselinux_LDADD) +fanotify_mark__secontext_full_LDADD = $(LDADD) $(libselinux_LDADD) +fchmod__secontext_LDADD = $(LDADD) $(libselinux_LDADD) +fchmod__secontext_full_LDADD = $(LDADD) $(libselinux_LDADD) +fchmod_y__secontext_LDADD = $(LDADD) $(libselinux_LDADD) +fchmod_y__secontext_full_LDADD = $(LDADD) $(libselinux_LDADD) +fchmodat__secontext_LDADD = $(LDADD) $(libselinux_LDADD) +fchmodat__secontext_full_LDADD = $(LDADD) $(libselinux_LDADD) +fchownat__secontext_LDADD = $(LDADD) $(libselinux_LDADD) +fchownat__secontext_full_LDADD = $(LDADD) $(libselinux_LDADD) +file_handle__secontext_LDADD = $(LDADD) $(libselinux_LDADD) +file_handle__secontext_full_LDADD = $(LDADD) $(libselinux_LDADD) +linkat__secontext_LDADD = $(LDADD) $(libselinux_LDADD) +linkat__secontext_full_LDADD = $(LDADD) $(libselinux_LDADD) +open__secontext_LDADD = $(LDADD) $(libselinux_LDADD) +open__secontext_full_LDADD = $(LDADD) $(libselinux_LDADD) +openat__secontext_LDADD = $(LDADD) $(libselinux_LDADD) +openat__secontext_full_LDADD = $(LDADD) $(libselinux_LDADD) attach_f_p_LDADD = -lpthread $(LDADD) count_f_LDADD = -lpthread $(LDADD) delay_LDADD = $(clock_LIBS) $(LDADD) @@ -6129,14 +6370,15 @@ # Generated by ./tests/gen_tests.sh from ./tests/gen_tests.in; do not edit. GEN_TESTS = _newselect.gen.test _newselect-P.gen.test accept.gen.test \ - accept4.gen.test access.gen.test acct.gen.test \ - add_key.gen.test adjtimex.gen.test aio.gen.test \ - aio_pgetevents.gen.test alarm.gen.test bpf.gen.test \ - bpf-obj_get_info_by_fd.gen.test \ + accept4.gen.test access.gen.test access--secontext.gen.test \ + access--secontext_full.gen.test acct.gen.test add_key.gen.test \ + adjtimex.gen.test aio.gen.test aio_pgetevents.gen.test \ + alarm.gen.test bpf.gen.test bpf-obj_get_info_by_fd.gen.test \ bpf-obj_get_info_by_fd-prog.gen.test \ bpf-obj_get_info_by_fd-prog-v.gen.test \ bpf-obj_get_info_by_fd-v.gen.test bpf-v.gen.test \ - btrfs.gen.test chmod.gen.test chown.gen.test chown32.gen.test \ + btrfs.gen.test chmod.gen.test chmod--secontext.gen.test \ + chmod--secontext_full.gen.test chown.gen.test chown32.gen.test \ chroot.gen.test clock.gen.test clock_adjtime.gen.test \ clock_nanosleep.gen.test clock_xettime.gen.test \ clone3.gen.test clone3-Xabbrev.gen.test clone3-Xraw.gen.test \ @@ -6155,21 +6397,36 @@ dup3-P.gen.test dup3-y.gen.test dup3-yy.gen.test \ epoll_create.gen.test epoll_create1.gen.test \ epoll_ctl.gen.test epoll_pwait.gen.test epoll_wait.gen.test \ - erestartsys.gen.test execveat.gen.test execveat-v.gen.test \ - faccessat.gen.test fadvise64_64.gen.test fallocate.gen.test \ + erestartsys.gen.test execve--secontext.gen.test \ + execve--secontext_full.gen.test execveat.gen.test \ + execveat--secontext.gen.test execveat--secontext_full.gen.test \ + execveat-v.gen.test faccessat--secontext.gen.test \ + faccessat--secontext_full.gen.test faccessat-P.gen.test \ + faccessat-y.gen.test faccessat-y--secontext.gen.test \ + faccessat-y--secontext_full.gen.test faccessat-yy.gen.test \ + fadvise64_64.gen.test fallocate.gen.test \ fanotify_init.gen.test fanotify_mark.gen.test \ + fanotify_mark--secontext.gen.test \ + fanotify_mark--secontext_full.gen.test \ fanotify_mark-Xabbrev.gen.test fanotify_mark-Xraw.gen.test \ fanotify_mark-Xverbose.gen.test fchdir.gen.test \ - fchmod.gen.test fchmod-y.gen.test fchmodat.gen.test \ - fchown.gen.test fchown32.gen.test fchownat.gen.test \ + fchmod.gen.test fchmod--secontext.gen.test \ + fchmod--secontext_full.gen.test fchmod-y.gen.test \ + fchmod-y--secontext.gen.test fchmod-y--secontext_full.gen.test \ + fchmodat.gen.test fchmodat--secontext.gen.test \ + fchmodat--secontext_full.gen.test fchown.gen.test \ + fchown32.gen.test fchownat.gen.test \ + fchownat--secontext.gen.test fchownat--secontext_full.gen.test \ fcntl.gen.test fcntl--pidns-translation.gen.test \ fcntl64.gen.test fcntl64--pidns-translation.gen.test \ fdatasync.gen.test file_handle.gen.test file_ioctl.gen.test \ - filter_seccomp.gen.test filter_seccomp-flag.gen.test \ - finit_module.gen.test flock.gen.test fork-f.gen.test \ - fsconfig.gen.test fsconfig-P.gen.test fsmount.gen.test \ - fsopen.gen.test fspick.gen.test fspick-P.gen.test \ - fstat.gen.test fstat-Xabbrev.gen.test fstat-Xraw.gen.test \ + file_handle--secontext.gen.test \ + file_handle--secontext_full.gen.test filter_seccomp.gen.test \ + filter_seccomp-flag.gen.test finit_module.gen.test \ + flock.gen.test fork-f.gen.test fsconfig.gen.test \ + fsconfig-P.gen.test fsmount.gen.test fsopen.gen.test \ + fspick.gen.test fspick-P.gen.test fstat.gen.test \ + fstat-Xabbrev.gen.test fstat-Xraw.gen.test \ fstat-Xverbose.gen.test fstat64.gen.test \ fstat64-Xabbrev.gen.test fstat64-Xraw.gen.test \ fstat64-Xverbose.gen.test fstatat64.gen.test fstatfs.gen.test \ @@ -6259,8 +6516,9 @@ keyctl-Xverbose.gen.test kill.gen.test \ kill--pidns-translation.gen.test ksysent.gen.test \ lchown.gen.test lchown32.gen.test link.gen.test \ - linkat.gen.test lookup_dcookie.gen.test lstat.gen.test \ - lstat64.gen.test madvise.gen.test \ + linkat.gen.test linkat--secontext.gen.test \ + linkat--secontext_full.gen.test lookup_dcookie.gen.test \ + lstat.gen.test lstat64.gen.test madvise.gen.test \ maybe_switch_current_tcp.gen.test \ maybe_switch_current_tcp--quiet-thread-execve.gen.test \ mbind.gen.test mbind-Xabbrev.gen.test mbind-Xraw.gen.test \ @@ -6328,14 +6586,17 @@ old_mmap-v-none.gen.test oldfstat.gen.test oldlstat.gen.test \ oldselect.gen.test oldselect-P.gen.test \ oldselect-efault.gen.test oldselect-efault-P.gen.test \ - oldstat.gen.test open.gen.test open_tree.gen.test \ - open_tree-P.gen.test openat.gen.test openat2.gen.test \ - openat2-Xabbrev.gen.test openat2-Xraw.gen.test \ - openat2-Xverbose.gen.test openat2-v.gen.test \ - openat2-v-y.gen.test openat2-v-y-Xabbrev.gen.test \ - openat2-v-y-Xraw.gen.test openat2-v-y-Xverbose.gen.test \ - openat2-y.gen.test orphaned_process_group.gen.test \ - osf_utimes.gen.test pause.gen.test perf_event_open.gen.test \ + oldstat.gen.test open.gen.test open--secontext.gen.test \ + open--secontext_full.gen.test open_tree.gen.test \ + open_tree-P.gen.test openat.gen.test \ + openat--secontext.gen.test openat--secontext_full.gen.test \ + openat2.gen.test openat2-Xabbrev.gen.test \ + openat2-Xraw.gen.test openat2-Xverbose.gen.test \ + openat2-v.gen.test openat2-v-y.gen.test \ + openat2-v-y-Xabbrev.gen.test openat2-v-y-Xraw.gen.test \ + openat2-v-y-Xverbose.gen.test openat2-y.gen.test \ + orphaned_process_group.gen.test osf_utimes.gen.test \ + pause.gen.test perf_event_open.gen.test \ perf_event_open_nonverbose.gen.test \ perf_event_open_unabbrev.gen.test personality-Xabbrev.gen.test \ personality-Xraw.gen.test personality-Xverbose.gen.test \ @@ -6806,7 +7067,7 @@ .SUFFIXES: .SUFFIXES: .c .log .o .obj .test .test$(EXEEXT) .trs -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(srcdir)/pure_executables.am $(srcdir)/gen_tests.am $(srcdir)/../scno.am $(am__configure_deps) +$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(srcdir)/pure_executables.am $(srcdir)/secontext.am $(srcdir)/gen_tests.am $(srcdir)/../scno.am $(am__configure_deps) @for dep in $?; do \ case '$(am__configure_deps)' in \ *$$dep*) \ @@ -6826,7 +7087,7 @@ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles)'; \ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles);; \ esac; -$(srcdir)/pure_executables.am $(srcdir)/gen_tests.am $(srcdir)/../scno.am $(am__empty): +$(srcdir)/pure_executables.am $(srcdir)/secontext.am $(srcdir)/gen_tests.am $(srcdir)/../scno.am $(am__empty): $(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh @@ -6868,6 +7129,14 @@ @rm -f access$(EXEEXT) $(AM_V_CCLD)$(LINK) $(access_OBJECTS) $(access_LDADD) $(LIBS) +access--secontext$(EXEEXT): $(access__secontext_OBJECTS) $(access__secontext_DEPENDENCIES) $(EXTRA_access__secontext_DEPENDENCIES) + @rm -f access--secontext$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(access__secontext_OBJECTS) $(access__secontext_LDADD) $(LIBS) + +access--secontext_full$(EXEEXT): $(access__secontext_full_OBJECTS) $(access__secontext_full_DEPENDENCIES) $(EXTRA_access__secontext_full_DEPENDENCIES) + @rm -f access--secontext_full$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(access__secontext_full_OBJECTS) $(access__secontext_full_LDADD) $(LIBS) + acct$(EXEEXT): $(acct_OBJECTS) $(acct_DEPENDENCIES) $(EXTRA_acct_DEPENDENCIES) @rm -f acct$(EXEEXT) $(AM_V_CCLD)$(LINK) $(acct_OBJECTS) $(acct_LDADD) $(LIBS) @@ -6984,6 +7253,14 @@ @rm -f chmod$(EXEEXT) $(AM_V_CCLD)$(LINK) $(chmod_OBJECTS) $(chmod_LDADD) $(LIBS) +chmod--secontext$(EXEEXT): $(chmod__secontext_OBJECTS) $(chmod__secontext_DEPENDENCIES) $(EXTRA_chmod__secontext_DEPENDENCIES) + @rm -f chmod--secontext$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(chmod__secontext_OBJECTS) $(chmod__secontext_LDADD) $(LIBS) + +chmod--secontext_full$(EXEEXT): $(chmod__secontext_full_OBJECTS) $(chmod__secontext_full_DEPENDENCIES) $(EXTRA_chmod__secontext_full_DEPENDENCIES) + @rm -f chmod--secontext_full$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(chmod__secontext_full_OBJECTS) $(chmod__secontext_full_LDADD) $(LIBS) + chown$(EXEEXT): $(chown_OBJECTS) $(chown_DEPENDENCIES) $(EXTRA_chown_DEPENDENCIES) @rm -f chown$(EXEEXT) $(AM_V_CCLD)$(LINK) $(chown_OBJECTS) $(chown_LDADD) $(LIBS) @@ -7196,6 +7473,14 @@ @rm -f execve$(EXEEXT) $(AM_V_CCLD)$(LINK) $(execve_OBJECTS) $(execve_LDADD) $(LIBS) +execve--secontext$(EXEEXT): $(execve__secontext_OBJECTS) $(execve__secontext_DEPENDENCIES) $(EXTRA_execve__secontext_DEPENDENCIES) + @rm -f execve--secontext$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(execve__secontext_OBJECTS) $(execve__secontext_LDADD) $(LIBS) + +execve--secontext_full$(EXEEXT): $(execve__secontext_full_OBJECTS) $(execve__secontext_full_DEPENDENCIES) $(EXTRA_execve__secontext_full_DEPENDENCIES) + @rm -f execve--secontext_full$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(execve__secontext_full_OBJECTS) $(execve__secontext_full_LDADD) $(LIBS) + execve-v$(EXEEXT): $(execve_v_OBJECTS) $(execve_v_DEPENDENCIES) $(EXTRA_execve_v_DEPENDENCIES) @rm -f execve-v$(EXEEXT) $(AM_V_CCLD)$(LINK) $(execve_v_OBJECTS) $(execve_v_LDADD) $(LIBS) @@ -7204,6 +7489,14 @@ @rm -f execveat$(EXEEXT) $(AM_V_CCLD)$(LINK) $(execveat_OBJECTS) $(execveat_LDADD) $(LIBS) +execveat--secontext$(EXEEXT): $(execveat__secontext_OBJECTS) $(execveat__secontext_DEPENDENCIES) $(EXTRA_execveat__secontext_DEPENDENCIES) + @rm -f execveat--secontext$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(execveat__secontext_OBJECTS) $(execveat__secontext_LDADD) $(LIBS) + +execveat--secontext_full$(EXEEXT): $(execveat__secontext_full_OBJECTS) $(execveat__secontext_full_DEPENDENCIES) $(EXTRA_execveat__secontext_full_DEPENDENCIES) + @rm -f execveat--secontext_full$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(execveat__secontext_full_OBJECTS) $(execveat__secontext_full_LDADD) $(LIBS) + execveat-v$(EXEEXT): $(execveat_v_OBJECTS) $(execveat_v_DEPENDENCIES) $(EXTRA_execveat_v_DEPENDENCIES) @rm -f execveat-v$(EXEEXT) $(AM_V_CCLD)$(LINK) $(execveat_v_OBJECTS) $(execveat_v_LDADD) $(LIBS) @@ -7212,6 +7505,34 @@ @rm -f faccessat$(EXEEXT) $(AM_V_CCLD)$(LINK) $(faccessat_OBJECTS) $(faccessat_LDADD) $(LIBS) +faccessat--secontext$(EXEEXT): $(faccessat__secontext_OBJECTS) $(faccessat__secontext_DEPENDENCIES) $(EXTRA_faccessat__secontext_DEPENDENCIES) + @rm -f faccessat--secontext$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(faccessat__secontext_OBJECTS) $(faccessat__secontext_LDADD) $(LIBS) + +faccessat--secontext_full$(EXEEXT): $(faccessat__secontext_full_OBJECTS) $(faccessat__secontext_full_DEPENDENCIES) $(EXTRA_faccessat__secontext_full_DEPENDENCIES) + @rm -f faccessat--secontext_full$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(faccessat__secontext_full_OBJECTS) $(faccessat__secontext_full_LDADD) $(LIBS) + +faccessat-P$(EXEEXT): $(faccessat_P_OBJECTS) $(faccessat_P_DEPENDENCIES) $(EXTRA_faccessat_P_DEPENDENCIES) + @rm -f faccessat-P$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(faccessat_P_OBJECTS) $(faccessat_P_LDADD) $(LIBS) + +faccessat-y$(EXEEXT): $(faccessat_y_OBJECTS) $(faccessat_y_DEPENDENCIES) $(EXTRA_faccessat_y_DEPENDENCIES) + @rm -f faccessat-y$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(faccessat_y_OBJECTS) $(faccessat_y_LDADD) $(LIBS) + +faccessat-y--secontext$(EXEEXT): $(faccessat_y__secontext_OBJECTS) $(faccessat_y__secontext_DEPENDENCIES) $(EXTRA_faccessat_y__secontext_DEPENDENCIES) + @rm -f faccessat-y--secontext$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(faccessat_y__secontext_OBJECTS) $(faccessat_y__secontext_LDADD) $(LIBS) + +faccessat-y--secontext_full$(EXEEXT): $(faccessat_y__secontext_full_OBJECTS) $(faccessat_y__secontext_full_DEPENDENCIES) $(EXTRA_faccessat_y__secontext_full_DEPENDENCIES) + @rm -f faccessat-y--secontext_full$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(faccessat_y__secontext_full_OBJECTS) $(faccessat_y__secontext_full_LDADD) $(LIBS) + +faccessat-yy$(EXEEXT): $(faccessat_yy_OBJECTS) $(faccessat_yy_DEPENDENCIES) $(EXTRA_faccessat_yy_DEPENDENCIES) + @rm -f faccessat-yy$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(faccessat_yy_OBJECTS) $(faccessat_yy_LDADD) $(LIBS) + fadvise64$(EXEEXT): $(fadvise64_OBJECTS) $(fadvise64_DEPENDENCIES) $(EXTRA_fadvise64_DEPENDENCIES) @rm -f fadvise64$(EXEEXT) $(AM_V_CCLD)$(LINK) $(fadvise64_OBJECTS) $(fadvise64_LDADD) $(LIBS) @@ -7232,6 +7553,14 @@ @rm -f fanotify_mark$(EXEEXT) $(AM_V_CCLD)$(LINK) $(fanotify_mark_OBJECTS) $(fanotify_mark_LDADD) $(LIBS) +fanotify_mark--secontext$(EXEEXT): $(fanotify_mark__secontext_OBJECTS) $(fanotify_mark__secontext_DEPENDENCIES) $(EXTRA_fanotify_mark__secontext_DEPENDENCIES) + @rm -f fanotify_mark--secontext$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(fanotify_mark__secontext_OBJECTS) $(fanotify_mark__secontext_LDADD) $(LIBS) + +fanotify_mark--secontext_full$(EXEEXT): $(fanotify_mark__secontext_full_OBJECTS) $(fanotify_mark__secontext_full_DEPENDENCIES) $(EXTRA_fanotify_mark__secontext_full_DEPENDENCIES) + @rm -f fanotify_mark--secontext_full$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(fanotify_mark__secontext_full_OBJECTS) $(fanotify_mark__secontext_full_LDADD) $(LIBS) + fanotify_mark-Xabbrev$(EXEEXT): $(fanotify_mark_Xabbrev_OBJECTS) $(fanotify_mark_Xabbrev_DEPENDENCIES) $(EXTRA_fanotify_mark_Xabbrev_DEPENDENCIES) @rm -f fanotify_mark-Xabbrev$(EXEEXT) $(AM_V_CCLD)$(LINK) $(fanotify_mark_Xabbrev_OBJECTS) $(fanotify_mark_Xabbrev_LDADD) $(LIBS) @@ -7252,14 +7581,38 @@ @rm -f fchmod$(EXEEXT) $(AM_V_CCLD)$(LINK) $(fchmod_OBJECTS) $(fchmod_LDADD) $(LIBS) +fchmod--secontext$(EXEEXT): $(fchmod__secontext_OBJECTS) $(fchmod__secontext_DEPENDENCIES) $(EXTRA_fchmod__secontext_DEPENDENCIES) + @rm -f fchmod--secontext$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(fchmod__secontext_OBJECTS) $(fchmod__secontext_LDADD) $(LIBS) + +fchmod--secontext_full$(EXEEXT): $(fchmod__secontext_full_OBJECTS) $(fchmod__secontext_full_DEPENDENCIES) $(EXTRA_fchmod__secontext_full_DEPENDENCIES) + @rm -f fchmod--secontext_full$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(fchmod__secontext_full_OBJECTS) $(fchmod__secontext_full_LDADD) $(LIBS) + fchmod-y$(EXEEXT): $(fchmod_y_OBJECTS) $(fchmod_y_DEPENDENCIES) $(EXTRA_fchmod_y_DEPENDENCIES) @rm -f fchmod-y$(EXEEXT) $(AM_V_CCLD)$(LINK) $(fchmod_y_OBJECTS) $(fchmod_y_LDADD) $(LIBS) +fchmod-y--secontext$(EXEEXT): $(fchmod_y__secontext_OBJECTS) $(fchmod_y__secontext_DEPENDENCIES) $(EXTRA_fchmod_y__secontext_DEPENDENCIES) + @rm -f fchmod-y--secontext$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(fchmod_y__secontext_OBJECTS) $(fchmod_y__secontext_LDADD) $(LIBS) + +fchmod-y--secontext_full$(EXEEXT): $(fchmod_y__secontext_full_OBJECTS) $(fchmod_y__secontext_full_DEPENDENCIES) $(EXTRA_fchmod_y__secontext_full_DEPENDENCIES) + @rm -f fchmod-y--secontext_full$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(fchmod_y__secontext_full_OBJECTS) $(fchmod_y__secontext_full_LDADD) $(LIBS) + fchmodat$(EXEEXT): $(fchmodat_OBJECTS) $(fchmodat_DEPENDENCIES) $(EXTRA_fchmodat_DEPENDENCIES) @rm -f fchmodat$(EXEEXT) $(AM_V_CCLD)$(LINK) $(fchmodat_OBJECTS) $(fchmodat_LDADD) $(LIBS) +fchmodat--secontext$(EXEEXT): $(fchmodat__secontext_OBJECTS) $(fchmodat__secontext_DEPENDENCIES) $(EXTRA_fchmodat__secontext_DEPENDENCIES) + @rm -f fchmodat--secontext$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(fchmodat__secontext_OBJECTS) $(fchmodat__secontext_LDADD) $(LIBS) + +fchmodat--secontext_full$(EXEEXT): $(fchmodat__secontext_full_OBJECTS) $(fchmodat__secontext_full_DEPENDENCIES) $(EXTRA_fchmodat__secontext_full_DEPENDENCIES) + @rm -f fchmodat--secontext_full$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(fchmodat__secontext_full_OBJECTS) $(fchmodat__secontext_full_LDADD) $(LIBS) + fchown$(EXEEXT): $(fchown_OBJECTS) $(fchown_DEPENDENCIES) $(EXTRA_fchown_DEPENDENCIES) @rm -f fchown$(EXEEXT) $(AM_V_CCLD)$(LINK) $(fchown_OBJECTS) $(fchown_LDADD) $(LIBS) @@ -7272,6 +7625,14 @@ @rm -f fchownat$(EXEEXT) $(AM_V_CCLD)$(LINK) $(fchownat_OBJECTS) $(fchownat_LDADD) $(LIBS) +fchownat--secontext$(EXEEXT): $(fchownat__secontext_OBJECTS) $(fchownat__secontext_DEPENDENCIES) $(EXTRA_fchownat__secontext_DEPENDENCIES) + @rm -f fchownat--secontext$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(fchownat__secontext_OBJECTS) $(fchownat__secontext_LDADD) $(LIBS) + +fchownat--secontext_full$(EXEEXT): $(fchownat__secontext_full_OBJECTS) $(fchownat__secontext_full_DEPENDENCIES) $(EXTRA_fchownat__secontext_full_DEPENDENCIES) + @rm -f fchownat--secontext_full$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(fchownat__secontext_full_OBJECTS) $(fchownat__secontext_full_LDADD) $(LIBS) + fcntl$(EXEEXT): $(fcntl_OBJECTS) $(fcntl_DEPENDENCIES) $(EXTRA_fcntl_DEPENDENCIES) @rm -f fcntl$(EXEEXT) $(AM_V_CCLD)$(LINK) $(fcntl_OBJECTS) $(fcntl_LDADD) $(LIBS) @@ -7300,6 +7661,14 @@ @rm -f file_handle$(EXEEXT) $(AM_V_CCLD)$(LINK) $(file_handle_OBJECTS) $(file_handle_LDADD) $(LIBS) +file_handle--secontext$(EXEEXT): $(file_handle__secontext_OBJECTS) $(file_handle__secontext_DEPENDENCIES) $(EXTRA_file_handle__secontext_DEPENDENCIES) + @rm -f file_handle--secontext$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(file_handle__secontext_OBJECTS) $(file_handle__secontext_LDADD) $(LIBS) + +file_handle--secontext_full$(EXEEXT): $(file_handle__secontext_full_OBJECTS) $(file_handle__secontext_full_DEPENDENCIES) $(EXTRA_file_handle__secontext_full_DEPENDENCIES) + @rm -f file_handle--secontext_full$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(file_handle__secontext_full_OBJECTS) $(file_handle__secontext_full_LDADD) $(LIBS) + file_ioctl$(EXEEXT): $(file_ioctl_OBJECTS) $(file_ioctl_DEPENDENCIES) $(EXTRA_file_ioctl_DEPENDENCIES) @rm -f file_ioctl$(EXEEXT) $(AM_V_CCLD)$(LINK) $(file_ioctl_OBJECTS) $(file_ioctl_LDADD) $(LIBS) @@ -8124,6 +8493,14 @@ @rm -f linkat$(EXEEXT) $(AM_V_CCLD)$(LINK) $(linkat_OBJECTS) $(linkat_LDADD) $(LIBS) +linkat--secontext$(EXEEXT): $(linkat__secontext_OBJECTS) $(linkat__secontext_DEPENDENCIES) $(EXTRA_linkat__secontext_DEPENDENCIES) + @rm -f linkat--secontext$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(linkat__secontext_OBJECTS) $(linkat__secontext_LDADD) $(LIBS) + +linkat--secontext_full$(EXEEXT): $(linkat__secontext_full_OBJECTS) $(linkat__secontext_full_DEPENDENCIES) $(EXTRA_linkat__secontext_full_DEPENDENCIES) + @rm -f linkat--secontext_full$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(linkat__secontext_full_OBJECTS) $(linkat__secontext_full_LDADD) $(LIBS) + list_sigaction_signum$(EXEEXT): $(list_sigaction_signum_OBJECTS) $(list_sigaction_signum_DEPENDENCIES) $(EXTRA_list_sigaction_signum_DEPENDENCIES) @rm -f list_sigaction_signum$(EXEEXT) $(AM_V_CCLD)$(LINK) $(list_sigaction_signum_OBJECTS) $(list_sigaction_signum_LDADD) $(LIBS) @@ -8756,6 +9133,14 @@ @rm -f open$(EXEEXT) $(AM_V_CCLD)$(LINK) $(open_OBJECTS) $(open_LDADD) $(LIBS) +open--secontext$(EXEEXT): $(open__secontext_OBJECTS) $(open__secontext_DEPENDENCIES) $(EXTRA_open__secontext_DEPENDENCIES) + @rm -f open--secontext$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(open__secontext_OBJECTS) $(open__secontext_LDADD) $(LIBS) + +open--secontext_full$(EXEEXT): $(open__secontext_full_OBJECTS) $(open__secontext_full_DEPENDENCIES) $(EXTRA_open__secontext_full_DEPENDENCIES) + @rm -f open--secontext_full$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(open__secontext_full_OBJECTS) $(open__secontext_full_LDADD) $(LIBS) + open_tree$(EXEEXT): $(open_tree_OBJECTS) $(open_tree_DEPENDENCIES) $(EXTRA_open_tree_DEPENDENCIES) @rm -f open_tree$(EXEEXT) $(AM_V_CCLD)$(LINK) $(open_tree_OBJECTS) $(open_tree_LDADD) $(LIBS) @@ -8768,6 +9153,14 @@ @rm -f openat$(EXEEXT) $(AM_V_CCLD)$(LINK) $(openat_OBJECTS) $(openat_LDADD) $(LIBS) +openat--secontext$(EXEEXT): $(openat__secontext_OBJECTS) $(openat__secontext_DEPENDENCIES) $(EXTRA_openat__secontext_DEPENDENCIES) + @rm -f openat--secontext$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(openat__secontext_OBJECTS) $(openat__secontext_LDADD) $(LIBS) + +openat--secontext_full$(EXEEXT): $(openat__secontext_full_OBJECTS) $(openat__secontext_full_DEPENDENCIES) $(EXTRA_openat__secontext_full_DEPENDENCIES) + @rm -f openat--secontext_full$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(openat__secontext_full_OBJECTS) $(openat__secontext_full_LDADD) $(LIBS) + openat2$(EXEEXT): $(openat2_OBJECTS) $(openat2_DEPENDENCIES) $(EXTRA_openat2_DEPENDENCIES) @rm -f openat2$(EXEEXT) $(AM_V_CCLD)$(LINK) $(openat2_OBJECTS) $(openat2_LDADD) $(LIBS) @@ -10094,6 +10487,8 @@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/_newselect.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/accept.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/accept4.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/access--secontext.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/access--secontext_full.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/access.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/acct.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/add_key.Po@am__quote@ # am--include-marker @@ -10123,6 +10518,8 @@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/caps.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/check_sigblock.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/check_sigign.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/chmod--secontext.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/chmod--secontext_full.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/chmod.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/chown.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/chown32.Po@am__quote@ # am--include-marker @@ -10176,25 +10573,46 @@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/epoll_wait.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/erestartsys.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/eventfd.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/execve--secontext.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/execve--secontext_full.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/execve-v.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/execve.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/execveat--secontext.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/execveat--secontext_full.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/execveat-v.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/execveat.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/faccessat--secontext.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/faccessat--secontext_full.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/faccessat-P.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/faccessat-y--secontext.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/faccessat-y--secontext_full.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/faccessat-y.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/faccessat-yy.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/faccessat.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fadvise64.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fadvise64_64.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fallocate.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fanotify_init.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fanotify_mark--secontext.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fanotify_mark--secontext_full.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fanotify_mark-Xabbrev.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fanotify_mark-Xraw.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fanotify_mark-Xverbose.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fanotify_mark.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fchdir.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fchmod--secontext.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fchmod--secontext_full.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fchmod-y--secontext.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fchmod-y--secontext_full.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fchmod-y.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fchmod.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fchmodat--secontext.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fchmodat--secontext_full.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fchmodat.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fchown.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fchown32.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fchownat--secontext.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fchownat--secontext_full.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fchownat.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fcntl--pidns-translation.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fcntl.Po@am__quote@ # am--include-marker @@ -10202,6 +10620,8 @@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fcntl64.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fdatasync.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fflush.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/file_handle--secontext.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/file_handle--secontext_full.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/file_handle.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/file_ioctl.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/filter-unavailable.Po@am__quote@ # am--include-marker @@ -10431,6 +10851,7 @@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libtests_a-printxval-Xabbrev.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libtests_a-printxval-Xraw.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libtests_a-printxval-Xverbose.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libtests_a-secontext.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libtests_a-signal2name.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libtests_a-skip_unavailable.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libtests_a-sprintrc.Po@am__quote@ # am--include-marker @@ -10443,6 +10864,8 @@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libtests_a-tprintf.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libtests_a-xmalloc_for_tests.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/link.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/linkat--secontext.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/linkat--secontext_full.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/linkat.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/list_sigaction_signum.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/llseek.Po@am__quote@ # am--include-marker @@ -10601,9 +11024,13 @@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/oldselect-efault.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/oldselect.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/oldstat.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/open--secontext.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/open--secontext_full.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/open.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/open_tree-P.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/open_tree.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/openat--secontext.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/openat--secontext_full.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/openat.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/openat2-Xabbrev.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/openat2-Xraw.Po@am__quote@ # am--include-marker @@ -11300,6 +11727,20 @@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libtests_a_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libtests_a-printxval-Xverbose.obj `if test -f 'printxval-Xverbose.c'; then $(CYGPATH_W) 'printxval-Xverbose.c'; else $(CYGPATH_W) '$(srcdir)/printxval-Xverbose.c'; fi` +libtests_a-secontext.o: secontext.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libtests_a_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libtests_a-secontext.o -MD -MP -MF $(DEPDIR)/libtests_a-secontext.Tpo -c -o libtests_a-secontext.o `test -f 'secontext.c' || echo '$(srcdir)/'`secontext.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libtests_a-secontext.Tpo $(DEPDIR)/libtests_a-secontext.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='secontext.c' object='libtests_a-secontext.o' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libtests_a_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libtests_a-secontext.o `test -f 'secontext.c' || echo '$(srcdir)/'`secontext.c + +libtests_a-secontext.obj: secontext.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libtests_a_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libtests_a-secontext.obj -MD -MP -MF $(DEPDIR)/libtests_a-secontext.Tpo -c -o libtests_a-secontext.obj `if test -f 'secontext.c'; then $(CYGPATH_W) 'secontext.c'; else $(CYGPATH_W) '$(srcdir)/secontext.c'; fi` +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libtests_a-secontext.Tpo $(DEPDIR)/libtests_a-secontext.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='secontext.c' object='libtests_a-secontext.obj' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libtests_a_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libtests_a-secontext.obj `if test -f 'secontext.c'; then $(CYGPATH_W) 'secontext.c'; else $(CYGPATH_W) '$(srcdir)/secontext.c'; fi` + libtests_a-signal2name.o: signal2name.c @am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libtests_a_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libtests_a-signal2name.o -MD -MP -MF $(DEPDIR)/libtests_a-signal2name.Tpo -c -o libtests_a-signal2name.o `test -f 'signal2name.c' || echo '$(srcdir)/'`signal2name.c @am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libtests_a-signal2name.Tpo $(DEPDIR)/libtests_a-signal2name.Po @@ -13841,6 +14282,12 @@ $(srcdir)/access.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in $(AM_V_GEN) $^ $@ +$(srcdir)/access--secontext.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in + $(AM_V_GEN) $^ $@ + +$(srcdir)/access--secontext_full.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in + $(AM_V_GEN) $^ $@ + $(srcdir)/acct.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in $(AM_V_GEN) $^ $@ @@ -13883,6 +14330,12 @@ $(srcdir)/chmod.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in $(AM_V_GEN) $^ $@ +$(srcdir)/chmod--secontext.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in + $(AM_V_GEN) $^ $@ + +$(srcdir)/chmod--secontext_full.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in + $(AM_V_GEN) $^ $@ + $(srcdir)/chown.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in $(AM_V_GEN) $^ $@ @@ -14024,13 +14477,43 @@ $(srcdir)/erestartsys.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in $(AM_V_GEN) $^ $@ +$(srcdir)/execve--secontext.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in + $(AM_V_GEN) $^ $@ + +$(srcdir)/execve--secontext_full.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in + $(AM_V_GEN) $^ $@ + $(srcdir)/execveat.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in $(AM_V_GEN) $^ $@ +$(srcdir)/execveat--secontext.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in + $(AM_V_GEN) $^ $@ + +$(srcdir)/execveat--secontext_full.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in + $(AM_V_GEN) $^ $@ + $(srcdir)/execveat-v.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in $(AM_V_GEN) $^ $@ -$(srcdir)/faccessat.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in +$(srcdir)/faccessat--secontext.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in + $(AM_V_GEN) $^ $@ + +$(srcdir)/faccessat--secontext_full.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in + $(AM_V_GEN) $^ $@ + +$(srcdir)/faccessat-P.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in + $(AM_V_GEN) $^ $@ + +$(srcdir)/faccessat-y.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in + $(AM_V_GEN) $^ $@ + +$(srcdir)/faccessat-y--secontext.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in + $(AM_V_GEN) $^ $@ + +$(srcdir)/faccessat-y--secontext_full.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in + $(AM_V_GEN) $^ $@ + +$(srcdir)/faccessat-yy.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in $(AM_V_GEN) $^ $@ $(srcdir)/fadvise64_64.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in @@ -14045,6 +14528,12 @@ $(srcdir)/fanotify_mark.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in $(AM_V_GEN) $^ $@ +$(srcdir)/fanotify_mark--secontext.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in + $(AM_V_GEN) $^ $@ + +$(srcdir)/fanotify_mark--secontext_full.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in + $(AM_V_GEN) $^ $@ + $(srcdir)/fanotify_mark-Xabbrev.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in $(AM_V_GEN) $^ $@ @@ -14060,12 +14549,30 @@ $(srcdir)/fchmod.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in $(AM_V_GEN) $^ $@ +$(srcdir)/fchmod--secontext.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in + $(AM_V_GEN) $^ $@ + +$(srcdir)/fchmod--secontext_full.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in + $(AM_V_GEN) $^ $@ + $(srcdir)/fchmod-y.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in $(AM_V_GEN) $^ $@ +$(srcdir)/fchmod-y--secontext.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in + $(AM_V_GEN) $^ $@ + +$(srcdir)/fchmod-y--secontext_full.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in + $(AM_V_GEN) $^ $@ + $(srcdir)/fchmodat.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in $(AM_V_GEN) $^ $@ +$(srcdir)/fchmodat--secontext.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in + $(AM_V_GEN) $^ $@ + +$(srcdir)/fchmodat--secontext_full.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in + $(AM_V_GEN) $^ $@ + $(srcdir)/fchown.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in $(AM_V_GEN) $^ $@ @@ -14075,6 +14582,12 @@ $(srcdir)/fchownat.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in $(AM_V_GEN) $^ $@ +$(srcdir)/fchownat--secontext.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in + $(AM_V_GEN) $^ $@ + +$(srcdir)/fchownat--secontext_full.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in + $(AM_V_GEN) $^ $@ + $(srcdir)/fcntl.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in $(AM_V_GEN) $^ $@ @@ -14096,6 +14609,12 @@ $(srcdir)/file_ioctl.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in $(AM_V_GEN) $^ $@ +$(srcdir)/file_handle--secontext.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in + $(AM_V_GEN) $^ $@ + +$(srcdir)/file_handle--secontext_full.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in + $(AM_V_GEN) $^ $@ + $(srcdir)/filter_seccomp.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in $(AM_V_GEN) $^ $@ @@ -14690,6 +15209,12 @@ $(srcdir)/linkat.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in $(AM_V_GEN) $^ $@ +$(srcdir)/linkat--secontext.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in + $(AM_V_GEN) $^ $@ + +$(srcdir)/linkat--secontext_full.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in + $(AM_V_GEN) $^ $@ + $(srcdir)/lookup_dcookie.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in $(AM_V_GEN) $^ $@ @@ -15107,6 +15632,12 @@ $(srcdir)/open.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in $(AM_V_GEN) $^ $@ +$(srcdir)/open--secontext.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in + $(AM_V_GEN) $^ $@ + +$(srcdir)/open--secontext_full.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in + $(AM_V_GEN) $^ $@ + $(srcdir)/open_tree.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in $(AM_V_GEN) $^ $@ @@ -15116,6 +15647,12 @@ $(srcdir)/openat.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in $(AM_V_GEN) $^ $@ +$(srcdir)/openat--secontext.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in + $(AM_V_GEN) $^ $@ + +$(srcdir)/openat--secontext_full.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in + $(AM_V_GEN) $^ $@ + $(srcdir)/openat2.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in $(AM_V_GEN) $^ $@ Index: strace-5.7/tests-m32/Makefile.in =================================================================== --- strace-5.7.orig/tests-m32/Makefile.in 2021-08-24 21:08:35.467311943 +0200 +++ strace-5.7/tests-m32/Makefile.in 2021-08-24 21:08:43.289245739 +0200 @@ -22,6 +22,8 @@ # # SPDX-License-Identifier: GPL-2.0-or-later +# Generated by ./tests/gen_secontext.sh from ./tests/gen_tests.in; do not edit. + # scno.h make rules for strace. # # Copyright (c) 2017-2019 Dmitry V. Levin @@ -102,8 +104,8 @@ POST_UNINSTALL = : build_triplet = @build@ host_triplet = @host@ -check_PROGRAMS = $(am__EXEEXT_1) _newselect-P$(EXEEXT) answer$(EXEEXT) \ - attach-f-p$(EXEEXT) attach-f-p-cmd$(EXEEXT) \ +check_PROGRAMS = $(am__EXEEXT_1) $(am__EXEEXT_2) _newselect-P$(EXEEXT) \ + answer$(EXEEXT) attach-f-p$(EXEEXT) attach-f-p-cmd$(EXEEXT) \ attach-p-cmd-cmd$(EXEEXT) attach-p-cmd-p$(EXEEXT) \ block_reset_raise_run$(EXEEXT) block_reset_run$(EXEEXT) \ bpf-obj_get_info_by_fd$(EXEEXT) \ @@ -221,7 +223,7 @@ xetpriority--pidns-translation$(EXEEXT) \ xet_robust_list--pidns-translation$(EXEEXT) zeroargc$(EXEEXT) @ENABLE_STACKTRACE_TRUE@@USE_DEMANGLE_TRUE@am__append_1 = strace-k-demangle.test -TESTS = $(GEN_TESTS) $(DECODER_TESTS) $(MISC_TESTS) $(am__EXEEXT_2) +TESTS = $(GEN_TESTS) $(DECODER_TESTS) $(MISC_TESTS) $(am__EXEEXT_3) subdir = tests-m32 ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/xlat/btrfs_compress_types.m4 \ @@ -270,6 +272,7 @@ $(top_srcdir)/m4/st_esyscmd_s.m4 $(top_srcdir)/m4/st_libdw.m4 \ $(top_srcdir)/m4/st_libunwind.m4 \ $(top_srcdir)/m4/st_save_restore_var.m4 \ + $(top_srcdir)/m4/st_selinux.m4 \ $(top_srcdir)/m4/st_stacktrace.m4 \ $(top_srcdir)/m4/st_warn_cflags.m4 \ $(top_srcdir)/m4/warnings.m4 $(top_srcdir)/configure.ac @@ -298,7 +301,8 @@ epoll_create$(EXEEXT) epoll_create1$(EXEEXT) \ epoll_ctl$(EXEEXT) epoll_pwait$(EXEEXT) epoll_wait$(EXEEXT) \ erestartsys$(EXEEXT) eventfd$(EXEEXT) execve$(EXEEXT) \ - execveat$(EXEEXT) faccessat$(EXEEXT) fadvise64$(EXEEXT) \ + execveat$(EXEEXT) faccessat$(EXEEXT) faccessat-P$(EXEEXT) \ + faccessat-y$(EXEEXT) faccessat-yy$(EXEEXT) fadvise64$(EXEEXT) \ fadvise64_64$(EXEEXT) fallocate$(EXEEXT) \ fanotify_init$(EXEEXT) fanotify_mark$(EXEEXT) \ fanotify_mark-Xabbrev$(EXEEXT) fanotify_mark-Xraw$(EXEEXT) \ @@ -543,6 +547,26 @@ xattr-strings$(EXEEXT) xet_robust_list$(EXEEXT) \ xet_thread_area_x86$(EXEEXT) xetitimer$(EXEEXT) \ xetpgid$(EXEEXT) xetpriority$(EXEEXT) xettimeofday$(EXEEXT) +am__EXEEXT_2 = access--secontext$(EXEEXT) \ + access--secontext_full$(EXEEXT) chmod--secontext$(EXEEXT) \ + chmod--secontext_full$(EXEEXT) execve--secontext$(EXEEXT) \ + execve--secontext_full$(EXEEXT) execveat--secontext$(EXEEXT) \ + execveat--secontext_full$(EXEEXT) \ + faccessat--secontext$(EXEEXT) \ + faccessat--secontext_full$(EXEEXT) \ + faccessat-y--secontext$(EXEEXT) \ + faccessat-y--secontext_full$(EXEEXT) \ + fanotify_mark--secontext$(EXEEXT) \ + fanotify_mark--secontext_full$(EXEEXT) \ + fchmod--secontext$(EXEEXT) fchmod--secontext_full$(EXEEXT) \ + fchmod-y--secontext$(EXEEXT) fchmod-y--secontext_full$(EXEEXT) \ + fchmodat--secontext$(EXEEXT) fchmodat--secontext_full$(EXEEXT) \ + fchownat--secontext$(EXEEXT) fchownat--secontext_full$(EXEEXT) \ + file_handle--secontext$(EXEEXT) \ + file_handle--secontext_full$(EXEEXT) \ + linkat--secontext$(EXEEXT) linkat--secontext_full$(EXEEXT) \ + open--secontext$(EXEEXT) open--secontext_full$(EXEEXT) \ + openat--secontext$(EXEEXT) openat--secontext_full$(EXEEXT) ARFLAGS = cru AM_V_AR = $(am__v_AR_@AM_V@) am__v_AR_ = $(am__v_AR_@AM_DEFAULT_V@) @@ -571,6 +595,7 @@ libtests_a-printxval-Xabbrev.$(OBJEXT) \ libtests_a-printxval-Xraw.$(OBJEXT) \ libtests_a-printxval-Xverbose.$(OBJEXT) \ + libtests_a-secontext.$(OBJEXT) \ libtests_a-signal2name.$(OBJEXT) \ libtests_a-skip_unavailable.$(OBJEXT) \ libtests_a-sprintrc.$(OBJEXT) libtests_a-status.$(OBJEXT) \ @@ -600,6 +625,15 @@ access_OBJECTS = access.$(OBJEXT) access_LDADD = $(LDADD) access_DEPENDENCIES = libtests.a +access__secontext_SOURCES = access--secontext.c +access__secontext_OBJECTS = access--secontext.$(OBJEXT) +am__DEPENDENCIES_1 = +@HAVE_M32_SELINUX_RUNTIME_TRUE@am__DEPENDENCIES_2 = \ +@HAVE_M32_SELINUX_RUNTIME_TRUE@ $(am__DEPENDENCIES_1) +access__secontext_DEPENDENCIES = $(LDADD) $(am__DEPENDENCIES_2) +access__secontext_full_SOURCES = access--secontext_full.c +access__secontext_full_OBJECTS = access--secontext_full.$(OBJEXT) +access__secontext_full_DEPENDENCIES = $(LDADD) $(am__DEPENDENCIES_2) acct_SOURCES = acct.c acct_OBJECTS = acct.$(OBJEXT) acct_LDADD = $(LDADD) @@ -718,6 +752,12 @@ chmod_OBJECTS = chmod.$(OBJEXT) chmod_LDADD = $(LDADD) chmod_DEPENDENCIES = libtests.a +chmod__secontext_SOURCES = chmod--secontext.c +chmod__secontext_OBJECTS = chmod--secontext.$(OBJEXT) +chmod__secontext_DEPENDENCIES = $(LDADD) $(am__DEPENDENCIES_2) +chmod__secontext_full_SOURCES = chmod--secontext_full.c +chmod__secontext_full_OBJECTS = chmod--secontext_full.$(OBJEXT) +chmod__secontext_full_DEPENDENCIES = $(LDADD) $(am__DEPENDENCIES_2) chown_SOURCES = chown.c chown_OBJECTS = chown.$(OBJEXT) chown_LDADD = $(LDADD) @@ -828,7 +868,6 @@ creat_DEPENDENCIES = libtests.a delay_SOURCES = delay.c delay_OBJECTS = delay.$(OBJEXT) -am__DEPENDENCIES_1 = delay_DEPENDENCIES = $(am__DEPENDENCIES_1) $(LDADD) delete_module_SOURCES = delete_module.c delete_module_OBJECTS = delete_module.$(OBJEXT) @@ -930,6 +969,12 @@ execve_OBJECTS = execve.$(OBJEXT) execve_LDADD = $(LDADD) execve_DEPENDENCIES = libtests.a +execve__secontext_SOURCES = execve--secontext.c +execve__secontext_OBJECTS = execve--secontext.$(OBJEXT) +execve__secontext_DEPENDENCIES = $(LDADD) $(am__DEPENDENCIES_2) +execve__secontext_full_SOURCES = execve--secontext_full.c +execve__secontext_full_OBJECTS = execve--secontext_full.$(OBJEXT) +execve__secontext_full_DEPENDENCIES = $(LDADD) $(am__DEPENDENCIES_2) execve_v_SOURCES = execve-v.c execve_v_OBJECTS = execve-v.$(OBJEXT) execve_v_LDADD = $(LDADD) @@ -938,6 +983,12 @@ execveat_OBJECTS = execveat.$(OBJEXT) execveat_LDADD = $(LDADD) execveat_DEPENDENCIES = libtests.a +execveat__secontext_SOURCES = execveat--secontext.c +execveat__secontext_OBJECTS = execveat--secontext.$(OBJEXT) +execveat__secontext_DEPENDENCIES = $(LDADD) $(am__DEPENDENCIES_2) +execveat__secontext_full_SOURCES = execveat--secontext_full.c +execveat__secontext_full_OBJECTS = execveat--secontext_full.$(OBJEXT) +execveat__secontext_full_DEPENDENCIES = $(LDADD) $(am__DEPENDENCIES_2) execveat_v_SOURCES = execveat-v.c execveat_v_OBJECTS = execveat-v.$(OBJEXT) execveat_v_LDADD = $(LDADD) @@ -946,6 +997,34 @@ faccessat_OBJECTS = faccessat.$(OBJEXT) faccessat_LDADD = $(LDADD) faccessat_DEPENDENCIES = libtests.a +faccessat__secontext_SOURCES = faccessat--secontext.c +faccessat__secontext_OBJECTS = faccessat--secontext.$(OBJEXT) +faccessat__secontext_DEPENDENCIES = $(LDADD) $(am__DEPENDENCIES_2) +faccessat__secontext_full_SOURCES = faccessat--secontext_full.c +faccessat__secontext_full_OBJECTS = \ + faccessat--secontext_full.$(OBJEXT) +faccessat__secontext_full_DEPENDENCIES = $(LDADD) \ + $(am__DEPENDENCIES_2) +faccessat_P_SOURCES = faccessat-P.c +faccessat_P_OBJECTS = faccessat-P.$(OBJEXT) +faccessat_P_LDADD = $(LDADD) +faccessat_P_DEPENDENCIES = libtests.a +faccessat_y_SOURCES = faccessat-y.c +faccessat_y_OBJECTS = faccessat-y.$(OBJEXT) +faccessat_y_LDADD = $(LDADD) +faccessat_y_DEPENDENCIES = libtests.a +faccessat_y__secontext_SOURCES = faccessat-y--secontext.c +faccessat_y__secontext_OBJECTS = faccessat-y--secontext.$(OBJEXT) +faccessat_y__secontext_DEPENDENCIES = $(LDADD) $(am__DEPENDENCIES_2) +faccessat_y__secontext_full_SOURCES = faccessat-y--secontext_full.c +faccessat_y__secontext_full_OBJECTS = \ + faccessat-y--secontext_full.$(OBJEXT) +faccessat_y__secontext_full_DEPENDENCIES = $(LDADD) \ + $(am__DEPENDENCIES_2) +faccessat_yy_SOURCES = faccessat-yy.c +faccessat_yy_OBJECTS = faccessat-yy.$(OBJEXT) +faccessat_yy_LDADD = $(LDADD) +faccessat_yy_DEPENDENCIES = libtests.a fadvise64_SOURCES = fadvise64.c fadvise64_OBJECTS = fadvise64.$(OBJEXT) fadvise64_LDADD = $(LDADD) @@ -966,6 +1045,15 @@ fanotify_mark_OBJECTS = fanotify_mark.$(OBJEXT) fanotify_mark_LDADD = $(LDADD) fanotify_mark_DEPENDENCIES = libtests.a +fanotify_mark__secontext_SOURCES = fanotify_mark--secontext.c +fanotify_mark__secontext_OBJECTS = fanotify_mark--secontext.$(OBJEXT) +fanotify_mark__secontext_DEPENDENCIES = $(LDADD) $(am__DEPENDENCIES_2) +fanotify_mark__secontext_full_SOURCES = \ + fanotify_mark--secontext_full.c +fanotify_mark__secontext_full_OBJECTS = \ + fanotify_mark--secontext_full.$(OBJEXT) +fanotify_mark__secontext_full_DEPENDENCIES = $(LDADD) \ + $(am__DEPENDENCIES_2) fanotify_mark_Xabbrev_SOURCES = fanotify_mark-Xabbrev.c fanotify_mark_Xabbrev_OBJECTS = fanotify_mark-Xabbrev.$(OBJEXT) fanotify_mark_Xabbrev_LDADD = $(LDADD) @@ -986,14 +1074,32 @@ fchmod_OBJECTS = fchmod.$(OBJEXT) fchmod_LDADD = $(LDADD) fchmod_DEPENDENCIES = libtests.a +fchmod__secontext_SOURCES = fchmod--secontext.c +fchmod__secontext_OBJECTS = fchmod--secontext.$(OBJEXT) +fchmod__secontext_DEPENDENCIES = $(LDADD) $(am__DEPENDENCIES_2) +fchmod__secontext_full_SOURCES = fchmod--secontext_full.c +fchmod__secontext_full_OBJECTS = fchmod--secontext_full.$(OBJEXT) +fchmod__secontext_full_DEPENDENCIES = $(LDADD) $(am__DEPENDENCIES_2) fchmod_y_SOURCES = fchmod-y.c fchmod_y_OBJECTS = fchmod-y.$(OBJEXT) fchmod_y_LDADD = $(LDADD) fchmod_y_DEPENDENCIES = libtests.a +fchmod_y__secontext_SOURCES = fchmod-y--secontext.c +fchmod_y__secontext_OBJECTS = fchmod-y--secontext.$(OBJEXT) +fchmod_y__secontext_DEPENDENCIES = $(LDADD) $(am__DEPENDENCIES_2) +fchmod_y__secontext_full_SOURCES = fchmod-y--secontext_full.c +fchmod_y__secontext_full_OBJECTS = fchmod-y--secontext_full.$(OBJEXT) +fchmod_y__secontext_full_DEPENDENCIES = $(LDADD) $(am__DEPENDENCIES_2) fchmodat_SOURCES = fchmodat.c fchmodat_OBJECTS = fchmodat.$(OBJEXT) fchmodat_LDADD = $(LDADD) fchmodat_DEPENDENCIES = libtests.a +fchmodat__secontext_SOURCES = fchmodat--secontext.c +fchmodat__secontext_OBJECTS = fchmodat--secontext.$(OBJEXT) +fchmodat__secontext_DEPENDENCIES = $(LDADD) $(am__DEPENDENCIES_2) +fchmodat__secontext_full_SOURCES = fchmodat--secontext_full.c +fchmodat__secontext_full_OBJECTS = fchmodat--secontext_full.$(OBJEXT) +fchmodat__secontext_full_DEPENDENCIES = $(LDADD) $(am__DEPENDENCIES_2) fchown_SOURCES = fchown.c fchown_OBJECTS = fchown.$(OBJEXT) fchown_LDADD = $(LDADD) @@ -1006,6 +1112,12 @@ fchownat_OBJECTS = fchownat.$(OBJEXT) fchownat_LDADD = $(LDADD) fchownat_DEPENDENCIES = libtests.a +fchownat__secontext_SOURCES = fchownat--secontext.c +fchownat__secontext_OBJECTS = fchownat--secontext.$(OBJEXT) +fchownat__secontext_DEPENDENCIES = $(LDADD) $(am__DEPENDENCIES_2) +fchownat__secontext_full_SOURCES = fchownat--secontext_full.c +fchownat__secontext_full_OBJECTS = fchownat--secontext_full.$(OBJEXT) +fchownat__secontext_full_DEPENDENCIES = $(LDADD) $(am__DEPENDENCIES_2) fcntl_SOURCES = fcntl.c fcntl_OBJECTS = fcntl.$(OBJEXT) fcntl_LDADD = $(LDADD) @@ -1035,6 +1147,14 @@ file_handle_OBJECTS = file_handle.$(OBJEXT) file_handle_LDADD = $(LDADD) file_handle_DEPENDENCIES = libtests.a +file_handle__secontext_SOURCES = file_handle--secontext.c +file_handle__secontext_OBJECTS = file_handle--secontext.$(OBJEXT) +file_handle__secontext_DEPENDENCIES = $(LDADD) $(am__DEPENDENCIES_2) +file_handle__secontext_full_SOURCES = file_handle--secontext_full.c +file_handle__secontext_full_OBJECTS = \ + file_handle--secontext_full.$(OBJEXT) +file_handle__secontext_full_DEPENDENCIES = $(LDADD) \ + $(am__DEPENDENCIES_2) file_ioctl_SOURCES = file_ioctl.c file_ioctl_OBJECTS = file_ioctl.$(OBJEXT) file_ioctl_LDADD = $(LDADD) @@ -1886,6 +2006,12 @@ linkat_OBJECTS = linkat.$(OBJEXT) linkat_LDADD = $(LDADD) linkat_DEPENDENCIES = libtests.a +linkat__secontext_SOURCES = linkat--secontext.c +linkat__secontext_OBJECTS = linkat--secontext.$(OBJEXT) +linkat__secontext_DEPENDENCIES = $(LDADD) $(am__DEPENDENCIES_2) +linkat__secontext_full_SOURCES = linkat--secontext_full.c +linkat__secontext_full_OBJECTS = linkat--secontext_full.$(OBJEXT) +linkat__secontext_full_DEPENDENCIES = $(LDADD) $(am__DEPENDENCIES_2) list_sigaction_signum_SOURCES = list_sigaction_signum.c list_sigaction_signum_OBJECTS = list_sigaction_signum.$(OBJEXT) list_sigaction_signum_LDADD = $(LDADD) @@ -2530,6 +2656,12 @@ open_OBJECTS = open.$(OBJEXT) open_LDADD = $(LDADD) open_DEPENDENCIES = libtests.a +open__secontext_SOURCES = open--secontext.c +open__secontext_OBJECTS = open--secontext.$(OBJEXT) +open__secontext_DEPENDENCIES = $(LDADD) $(am__DEPENDENCIES_2) +open__secontext_full_SOURCES = open--secontext_full.c +open__secontext_full_OBJECTS = open--secontext_full.$(OBJEXT) +open__secontext_full_DEPENDENCIES = $(LDADD) $(am__DEPENDENCIES_2) open_tree_SOURCES = open_tree.c open_tree_OBJECTS = open_tree.$(OBJEXT) open_tree_LDADD = $(LDADD) @@ -2542,6 +2674,12 @@ openat_OBJECTS = openat.$(OBJEXT) openat_LDADD = $(LDADD) openat_DEPENDENCIES = libtests.a +openat__secontext_SOURCES = openat--secontext.c +openat__secontext_OBJECTS = openat--secontext.$(OBJEXT) +openat__secontext_DEPENDENCIES = $(LDADD) $(am__DEPENDENCIES_2) +openat__secontext_full_SOURCES = openat--secontext_full.c +openat__secontext_full_OBJECTS = openat--secontext_full.$(OBJEXT) +openat__secontext_full_DEPENDENCIES = $(LDADD) $(am__DEPENDENCIES_2) openat2_SOURCES = openat2.c openat2_OBJECTS = openat2.$(OBJEXT) openat2_LDADD = $(LDADD) @@ -4487,7 +4625,8 @@ am__v_CCLD_0 = @echo " CCLD " $@; am__v_CCLD_1 = SOURCES = $(libtests_a_SOURCES) _newselect.c _newselect-P.c accept.c \ - accept4.c access.c acct.c add_key.c adjtimex.c aio.c \ + accept4.c access.c access--secontext.c \ + access--secontext_full.c acct.c add_key.c adjtimex.c aio.c \ aio_pgetevents.c alarm.c answer.c attach-f-p.c \ attach-f-p-cmd.c attach-p-cmd-cmd.c attach-p-cmd-p.c \ block_reset_raise_run.c block_reset_run.c bpf.c \ @@ -4495,7 +4634,8 @@ bpf-obj_get_info_by_fd-prog-v.c bpf-obj_get_info_by_fd-v.c \ bpf-success.c bpf-success-long-y.c bpf-success-v.c bpf-v.c \ brk.c btrfs.c caps.c caps-abbrev.c check_sigblock.c \ - check_sigign.c chmod.c chown.c chown32.c chroot.c \ + check_sigign.c chmod.c chmod--secontext.c \ + chmod--secontext_full.c chown.c chown32.c chroot.c \ clock_adjtime.c clock_nanosleep.c clock_xettime.c \ clone-flags.c clone3.c clone3-Xabbrev.c clone3-Xraw.c \ clone3-Xverbose.c clone3-success.c clone3-success-Xabbrev.c \ @@ -4509,25 +4649,35 @@ dup-yy.c dup2.c dup2-P.c dup2-y.c dup2-yy.c dup3.c dup3-P.c \ dup3-y.c dup3-yy.c epoll_create.c epoll_create1.c epoll_ctl.c \ epoll_pwait.c epoll_wait.c erestartsys.c eventfd.c execve.c \ - execve-v.c execveat.c execveat-v.c faccessat.c fadvise64.c \ - fadvise64_64.c fallocate.c fanotify_init.c fanotify_mark.c \ - fanotify_mark-Xabbrev.c fanotify_mark-Xraw.c \ - fanotify_mark-Xverbose.c fchdir.c fchmod.c fchmod-y.c \ - fchmodat.c fchown.c fchown32.c fchownat.c fcntl.c \ - fcntl--pidns-translation.c fcntl64.c \ - fcntl64--pidns-translation.c fdatasync.c fflush.c \ - file_handle.c file_ioctl.c filter-unavailable.c \ - filter_seccomp-flag.c filter_seccomp-perf.c finit_module.c \ - flock.c fork--pidns-translation.c fork-f.c fsconfig.c \ - fsconfig-P.c fsmount.c fsopen.c fspick.c fspick-P.c fstat.c \ - fstat-Xabbrev.c fstat-Xraw.c fstat-Xverbose.c fstat64.c \ - fstat64-Xabbrev.c fstat64-Xraw.c fstat64-Xverbose.c \ - fstatat64.c fstatfs.c fstatfs64.c fsync.c fsync-y.c \ - ftruncate.c ftruncate64.c futex.c futimesat.c get_mempolicy.c \ - get_process_reaper.c getcpu.c getcwd.c getdents.c getdents-v.c \ - getdents64.c getdents64-v.c getegid.c getegid32.c geteuid.c \ - geteuid32.c getgid.c getgid32.c getgroups.c getgroups32.c \ - getpeername.c getpgrp.c getpgrp--pidns-translation.c getpid.c \ + execve--secontext.c execve--secontext_full.c execve-v.c \ + execveat.c execveat--secontext.c execveat--secontext_full.c \ + execveat-v.c faccessat.c faccessat--secontext.c \ + faccessat--secontext_full.c faccessat-P.c faccessat-y.c \ + faccessat-y--secontext.c faccessat-y--secontext_full.c \ + faccessat-yy.c fadvise64.c fadvise64_64.c fallocate.c \ + fanotify_init.c fanotify_mark.c fanotify_mark--secontext.c \ + fanotify_mark--secontext_full.c fanotify_mark-Xabbrev.c \ + fanotify_mark-Xraw.c fanotify_mark-Xverbose.c fchdir.c \ + fchmod.c fchmod--secontext.c fchmod--secontext_full.c \ + fchmod-y.c fchmod-y--secontext.c fchmod-y--secontext_full.c \ + fchmodat.c fchmodat--secontext.c fchmodat--secontext_full.c \ + fchown.c fchown32.c fchownat.c fchownat--secontext.c \ + fchownat--secontext_full.c fcntl.c fcntl--pidns-translation.c \ + fcntl64.c fcntl64--pidns-translation.c fdatasync.c fflush.c \ + file_handle.c file_handle--secontext.c \ + file_handle--secontext_full.c file_ioctl.c \ + filter-unavailable.c filter_seccomp-flag.c \ + filter_seccomp-perf.c finit_module.c flock.c \ + fork--pidns-translation.c fork-f.c fsconfig.c fsconfig-P.c \ + fsmount.c fsopen.c fspick.c fspick-P.c fstat.c fstat-Xabbrev.c \ + fstat-Xraw.c fstat-Xverbose.c fstat64.c fstat64-Xabbrev.c \ + fstat64-Xraw.c fstat64-Xverbose.c fstatat64.c fstatfs.c \ + fstatfs64.c fsync.c fsync-y.c ftruncate.c ftruncate64.c \ + futex.c futimesat.c get_mempolicy.c get_process_reaper.c \ + getcpu.c getcwd.c getdents.c getdents-v.c getdents64.c \ + getdents64-v.c getegid.c getegid32.c geteuid.c geteuid32.c \ + getgid.c getgid32.c getgroups.c getgroups32.c getpeername.c \ + getpgrp.c getpgrp--pidns-translation.c getpid.c \ getpid--pidns-translation.c getppid.c getrandom.c getresgid.c \ getresgid32.c getresuid.c getresuid32.c getrlimit.c \ getrusage.c getsid.c getsid--pidns-translation.c getsockname.c \ @@ -4578,7 +4728,8 @@ kexec_file_load.c kexec_load.c keyctl.c keyctl-Xabbrev.c \ keyctl-Xraw.c keyctl-Xverbose.c kill.c \ kill--pidns-translation.c kill_child.c ksysent.c lchown.c \ - lchown32.c link.c linkat.c list_sigaction_signum.c llseek.c \ + lchown32.c link.c linkat.c linkat--secontext.c \ + linkat--secontext_full.c list_sigaction_signum.c llseek.c \ localtime.c lookup_dcookie.c looping_threads.c lseek.c lstat.c \ lstat64.c madvise.c maybe_switch_current_tcp.c \ maybe_switch_current_tcp--quiet-thread-execve.c mbind.c \ @@ -4629,23 +4780,25 @@ old_mmap-Xabbrev.c old_mmap-Xraw.c old_mmap-Xverbose.c \ old_mmap-v-none.c oldfstat.c oldlstat.c oldselect.c \ oldselect-P.c oldselect-efault.c oldselect-efault-P.c \ - oldstat.c open.c open_tree.c open_tree-P.c openat.c openat2.c \ - openat2-Xabbrev.c openat2-Xraw.c openat2-Xverbose.c \ - openat2-v.c openat2-v-y.c openat2-v-y-Xabbrev.c \ - openat2-v-y-Xraw.c openat2-v-y-Xverbose.c openat2-y.c \ - orphaned_process_group.c osf_utimes.c pause.c pc.c \ - perf_event_open.c perf_event_open_nonverbose.c \ - perf_event_open_unabbrev.c personality.c personality-Xabbrev.c \ - personality-Xraw.c personality-Xverbose.c pidfd_getfd.c \ - pidfd_getfd-y.c pidfd_getfd-yy.c pidfd_open.c \ - pidfd_open--decode-fd-path.c pidfd_open--decode-fd-pidfd.c \ - pidfd_open--decode-fd-socket.c pidfd_open--pidns-translation.c \ - pidfd_open-P.c pidfd_open-y.c pidfd_open-yy.c \ - pidfd_send_signal.c pidfd_send_signal--pidns-translation.c \ - pidns-cache.c pipe.c pipe2.c pkey_alloc.c pkey_free.c \ - pkey_mprotect.c poll.c poll-P.c ppoll.c ppoll-P.c ppoll-v.c \ - prctl-arg2-intptr.c prctl-dumpable.c prctl-name.c \ - prctl-no-args.c prctl-pdeathsig.c prctl-seccomp-filter-v.c \ + oldstat.c open.c open--secontext.c open--secontext_full.c \ + open_tree.c open_tree-P.c openat.c openat--secontext.c \ + openat--secontext_full.c openat2.c openat2-Xabbrev.c \ + openat2-Xraw.c openat2-Xverbose.c openat2-v.c openat2-v-y.c \ + openat2-v-y-Xabbrev.c openat2-v-y-Xraw.c \ + openat2-v-y-Xverbose.c openat2-y.c orphaned_process_group.c \ + osf_utimes.c pause.c pc.c perf_event_open.c \ + perf_event_open_nonverbose.c perf_event_open_unabbrev.c \ + personality.c personality-Xabbrev.c personality-Xraw.c \ + personality-Xverbose.c pidfd_getfd.c pidfd_getfd-y.c \ + pidfd_getfd-yy.c pidfd_open.c pidfd_open--decode-fd-path.c \ + pidfd_open--decode-fd-pidfd.c pidfd_open--decode-fd-socket.c \ + pidfd_open--pidns-translation.c pidfd_open-P.c pidfd_open-y.c \ + pidfd_open-yy.c pidfd_send_signal.c \ + pidfd_send_signal--pidns-translation.c pidns-cache.c pipe.c \ + pipe2.c pkey_alloc.c pkey_free.c pkey_mprotect.c poll.c \ + poll-P.c ppoll.c ppoll-P.c ppoll-v.c prctl-arg2-intptr.c \ + prctl-dumpable.c prctl-name.c prctl-no-args.c \ + prctl-pdeathsig.c prctl-seccomp-filter-v.c \ prctl-seccomp-strict.c prctl-securebits.c prctl-spec-inject.c \ prctl-tid_address.c prctl-tsc.c pread64-pwrite64.c preadv.c \ preadv-pwritev.c preadv2-pwritev2.c print_maxfd.c \ @@ -4735,7 +4888,8 @@ xetpriority.c xetpriority--pidns-translation.c xettimeofday.c \ zeroargc.c DIST_SOURCES = $(libtests_a_SOURCES) _newselect.c _newselect-P.c \ - accept.c accept4.c access.c acct.c add_key.c adjtimex.c aio.c \ + accept.c accept4.c access.c access--secontext.c \ + access--secontext_full.c acct.c add_key.c adjtimex.c aio.c \ aio_pgetevents.c alarm.c answer.c attach-f-p.c \ attach-f-p-cmd.c attach-p-cmd-cmd.c attach-p-cmd-p.c \ block_reset_raise_run.c block_reset_run.c bpf.c \ @@ -4743,7 +4897,8 @@ bpf-obj_get_info_by_fd-prog-v.c bpf-obj_get_info_by_fd-v.c \ bpf-success.c bpf-success-long-y.c bpf-success-v.c bpf-v.c \ brk.c btrfs.c caps.c caps-abbrev.c check_sigblock.c \ - check_sigign.c chmod.c chown.c chown32.c chroot.c \ + check_sigign.c chmod.c chmod--secontext.c \ + chmod--secontext_full.c chown.c chown32.c chroot.c \ clock_adjtime.c clock_nanosleep.c clock_xettime.c \ clone-flags.c clone3.c clone3-Xabbrev.c clone3-Xraw.c \ clone3-Xverbose.c clone3-success.c clone3-success-Xabbrev.c \ @@ -4757,25 +4912,35 @@ dup-yy.c dup2.c dup2-P.c dup2-y.c dup2-yy.c dup3.c dup3-P.c \ dup3-y.c dup3-yy.c epoll_create.c epoll_create1.c epoll_ctl.c \ epoll_pwait.c epoll_wait.c erestartsys.c eventfd.c execve.c \ - execve-v.c execveat.c execveat-v.c faccessat.c fadvise64.c \ - fadvise64_64.c fallocate.c fanotify_init.c fanotify_mark.c \ - fanotify_mark-Xabbrev.c fanotify_mark-Xraw.c \ - fanotify_mark-Xverbose.c fchdir.c fchmod.c fchmod-y.c \ - fchmodat.c fchown.c fchown32.c fchownat.c fcntl.c \ - fcntl--pidns-translation.c fcntl64.c \ - fcntl64--pidns-translation.c fdatasync.c fflush.c \ - file_handle.c file_ioctl.c filter-unavailable.c \ - filter_seccomp-flag.c filter_seccomp-perf.c finit_module.c \ - flock.c fork--pidns-translation.c fork-f.c fsconfig.c \ - fsconfig-P.c fsmount.c fsopen.c fspick.c fspick-P.c fstat.c \ - fstat-Xabbrev.c fstat-Xraw.c fstat-Xverbose.c fstat64.c \ - fstat64-Xabbrev.c fstat64-Xraw.c fstat64-Xverbose.c \ - fstatat64.c fstatfs.c fstatfs64.c fsync.c fsync-y.c \ - ftruncate.c ftruncate64.c futex.c futimesat.c get_mempolicy.c \ - get_process_reaper.c getcpu.c getcwd.c getdents.c getdents-v.c \ - getdents64.c getdents64-v.c getegid.c getegid32.c geteuid.c \ - geteuid32.c getgid.c getgid32.c getgroups.c getgroups32.c \ - getpeername.c getpgrp.c getpgrp--pidns-translation.c getpid.c \ + execve--secontext.c execve--secontext_full.c execve-v.c \ + execveat.c execveat--secontext.c execveat--secontext_full.c \ + execveat-v.c faccessat.c faccessat--secontext.c \ + faccessat--secontext_full.c faccessat-P.c faccessat-y.c \ + faccessat-y--secontext.c faccessat-y--secontext_full.c \ + faccessat-yy.c fadvise64.c fadvise64_64.c fallocate.c \ + fanotify_init.c fanotify_mark.c fanotify_mark--secontext.c \ + fanotify_mark--secontext_full.c fanotify_mark-Xabbrev.c \ + fanotify_mark-Xraw.c fanotify_mark-Xverbose.c fchdir.c \ + fchmod.c fchmod--secontext.c fchmod--secontext_full.c \ + fchmod-y.c fchmod-y--secontext.c fchmod-y--secontext_full.c \ + fchmodat.c fchmodat--secontext.c fchmodat--secontext_full.c \ + fchown.c fchown32.c fchownat.c fchownat--secontext.c \ + fchownat--secontext_full.c fcntl.c fcntl--pidns-translation.c \ + fcntl64.c fcntl64--pidns-translation.c fdatasync.c fflush.c \ + file_handle.c file_handle--secontext.c \ + file_handle--secontext_full.c file_ioctl.c \ + filter-unavailable.c filter_seccomp-flag.c \ + filter_seccomp-perf.c finit_module.c flock.c \ + fork--pidns-translation.c fork-f.c fsconfig.c fsconfig-P.c \ + fsmount.c fsopen.c fspick.c fspick-P.c fstat.c fstat-Xabbrev.c \ + fstat-Xraw.c fstat-Xverbose.c fstat64.c fstat64-Xabbrev.c \ + fstat64-Xraw.c fstat64-Xverbose.c fstatat64.c fstatfs.c \ + fstatfs64.c fsync.c fsync-y.c ftruncate.c ftruncate64.c \ + futex.c futimesat.c get_mempolicy.c get_process_reaper.c \ + getcpu.c getcwd.c getdents.c getdents-v.c getdents64.c \ + getdents64-v.c getegid.c getegid32.c geteuid.c geteuid32.c \ + getgid.c getgid32.c getgroups.c getgroups32.c getpeername.c \ + getpgrp.c getpgrp--pidns-translation.c getpid.c \ getpid--pidns-translation.c getppid.c getrandom.c getresgid.c \ getresgid32.c getresuid.c getresuid32.c getrlimit.c \ getrusage.c getsid.c getsid--pidns-translation.c getsockname.c \ @@ -4826,7 +4991,8 @@ kexec_file_load.c kexec_load.c keyctl.c keyctl-Xabbrev.c \ keyctl-Xraw.c keyctl-Xverbose.c kill.c \ kill--pidns-translation.c kill_child.c ksysent.c lchown.c \ - lchown32.c link.c linkat.c list_sigaction_signum.c llseek.c \ + lchown32.c link.c linkat.c linkat--secontext.c \ + linkat--secontext_full.c list_sigaction_signum.c llseek.c \ localtime.c lookup_dcookie.c looping_threads.c lseek.c lstat.c \ lstat64.c madvise.c maybe_switch_current_tcp.c \ maybe_switch_current_tcp--quiet-thread-execve.c mbind.c \ @@ -4877,23 +5043,25 @@ old_mmap-Xabbrev.c old_mmap-Xraw.c old_mmap-Xverbose.c \ old_mmap-v-none.c oldfstat.c oldlstat.c oldselect.c \ oldselect-P.c oldselect-efault.c oldselect-efault-P.c \ - oldstat.c open.c open_tree.c open_tree-P.c openat.c openat2.c \ - openat2-Xabbrev.c openat2-Xraw.c openat2-Xverbose.c \ - openat2-v.c openat2-v-y.c openat2-v-y-Xabbrev.c \ - openat2-v-y-Xraw.c openat2-v-y-Xverbose.c openat2-y.c \ - orphaned_process_group.c osf_utimes.c pause.c pc.c \ - perf_event_open.c perf_event_open_nonverbose.c \ - perf_event_open_unabbrev.c personality.c personality-Xabbrev.c \ - personality-Xraw.c personality-Xverbose.c pidfd_getfd.c \ - pidfd_getfd-y.c pidfd_getfd-yy.c pidfd_open.c \ - pidfd_open--decode-fd-path.c pidfd_open--decode-fd-pidfd.c \ - pidfd_open--decode-fd-socket.c pidfd_open--pidns-translation.c \ - pidfd_open-P.c pidfd_open-y.c pidfd_open-yy.c \ - pidfd_send_signal.c pidfd_send_signal--pidns-translation.c \ - pidns-cache.c pipe.c pipe2.c pkey_alloc.c pkey_free.c \ - pkey_mprotect.c poll.c poll-P.c ppoll.c ppoll-P.c ppoll-v.c \ - prctl-arg2-intptr.c prctl-dumpable.c prctl-name.c \ - prctl-no-args.c prctl-pdeathsig.c prctl-seccomp-filter-v.c \ + oldstat.c open.c open--secontext.c open--secontext_full.c \ + open_tree.c open_tree-P.c openat.c openat--secontext.c \ + openat--secontext_full.c openat2.c openat2-Xabbrev.c \ + openat2-Xraw.c openat2-Xverbose.c openat2-v.c openat2-v-y.c \ + openat2-v-y-Xabbrev.c openat2-v-y-Xraw.c \ + openat2-v-y-Xverbose.c openat2-y.c orphaned_process_group.c \ + osf_utimes.c pause.c pc.c perf_event_open.c \ + perf_event_open_nonverbose.c perf_event_open_unabbrev.c \ + personality.c personality-Xabbrev.c personality-Xraw.c \ + personality-Xverbose.c pidfd_getfd.c pidfd_getfd-y.c \ + pidfd_getfd-yy.c pidfd_open.c pidfd_open--decode-fd-path.c \ + pidfd_open--decode-fd-pidfd.c pidfd_open--decode-fd-socket.c \ + pidfd_open--pidns-translation.c pidfd_open-P.c pidfd_open-y.c \ + pidfd_open-yy.c pidfd_send_signal.c \ + pidfd_send_signal--pidns-translation.c pidns-cache.c pipe.c \ + pipe2.c pkey_alloc.c pkey_free.c pkey_mprotect.c poll.c \ + poll-P.c ppoll.c ppoll-P.c ppoll-v.c prctl-arg2-intptr.c \ + prctl-dumpable.c prctl-name.c prctl-no-args.c \ + prctl-pdeathsig.c prctl-seccomp-filter-v.c \ prctl-seccomp-strict.c prctl-securebits.c prctl-spec-inject.c \ prctl-tid_address.c prctl-tsc.c pread64-pwrite64.c preadv.c \ preadv-pwritev.c preadv2-pwritev2.c print_maxfd.c \ @@ -5194,7 +5362,7 @@ bases=`echo $$bases` RECHECK_LOGS = $(TEST_LOGS) AM_RECURSIVE_TARGETS = check recheck -@ENABLE_STACKTRACE_TRUE@am__EXEEXT_2 = strace-k.test strace-k-p.test \ +@ENABLE_STACKTRACE_TRUE@am__EXEEXT_3 = strace-k.test strace-k-p.test \ @ENABLE_STACKTRACE_TRUE@ $(am__append_1) TEST_SUITE_LOG = test-suite.log TEST_EXTENSIONS = @EXEEXT@ .test @@ -5216,7 +5384,8 @@ esac am__DIST_COMMON = $(srcdir)/../scno.am $(srcdir)/Makefile.in \ $(srcdir)/gen_tests.am $(srcdir)/pure_executables.am \ - $(top_srcdir)/depcomp $(top_srcdir)/test-driver COPYING + $(srcdir)/secontext.am $(top_srcdir)/depcomp \ + $(top_srcdir)/test-driver COPYING DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) ACLOCAL = @ACLOCAL@ AMTAR = @AMTAR@ @@ -5357,6 +5526,9 @@ libiberty_CPPFLAGS = @libiberty_CPPFLAGS@ libiberty_LDFLAGS = @libiberty_LDFLAGS@ libiberty_LIBS = @libiberty_LIBS@ +libselinux_CPPFLAGS = @libselinux_CPPFLAGS@ +libselinux_LDFLAGS = @libselinux_LDFLAGS@ +libselinux_LIBS = @libselinux_LIBS@ libunwind_CPPFLAGS = @libunwind_CPPFLAGS@ libunwind_LDFLAGS = @libunwind_LDFLAGS@ libunwind_LIBS = @libunwind_LIBS@ @@ -5400,6 +5572,8 @@ -DTESTS_SIZEOF_LONG=$(SIZEOF_LONG) AM_LDFLAGS = $(ARCH_MFLAGS) +@HAVE_M32_SELINUX_RUNTIME_FALSE@libselinux_LDADD = +@HAVE_M32_SELINUX_RUNTIME_TRUE@libselinux_LDADD = $(libselinux_LIBS) libtests_a_SOURCES = \ create_nl_socket.c \ create_tmpfile.c \ @@ -5426,6 +5600,8 @@ printxval-Xabbrev.c \ printxval-Xraw.c \ printxval-Xverbose.c \ + secontext.c \ + secontext.h \ signal2name.c \ skip_unavailable.c \ sprintrc.c \ @@ -5505,6 +5681,9 @@ execve \ execveat \ faccessat \ + faccessat-P \ + faccessat-y \ + faccessat-yy \ fadvise64 \ fadvise64_64 \ fallocate \ @@ -6077,6 +6256,69 @@ xettimeofday \ # +secontext_EXECUTABLES = \ + access--secontext \ + access--secontext_full \ + chmod--secontext \ + chmod--secontext_full \ + execve--secontext \ + execve--secontext_full \ + execveat--secontext \ + execveat--secontext_full \ + faccessat--secontext \ + faccessat--secontext_full \ + faccessat-y--secontext \ + faccessat-y--secontext_full \ + fanotify_mark--secontext \ + fanotify_mark--secontext_full \ + fchmod--secontext \ + fchmod--secontext_full \ + fchmod-y--secontext \ + fchmod-y--secontext_full \ + fchmodat--secontext \ + fchmodat--secontext_full \ + fchownat--secontext \ + fchownat--secontext_full \ + file_handle--secontext \ + file_handle--secontext_full \ + linkat--secontext \ + linkat--secontext_full \ + open--secontext \ + open--secontext_full \ + openat--secontext \ + openat--secontext_full \ + # + +access__secontext_LDADD = $(LDADD) $(libselinux_LDADD) +access__secontext_full_LDADD = $(LDADD) $(libselinux_LDADD) +chmod__secontext_LDADD = $(LDADD) $(libselinux_LDADD) +chmod__secontext_full_LDADD = $(LDADD) $(libselinux_LDADD) +execve__secontext_LDADD = $(LDADD) $(libselinux_LDADD) +execve__secontext_full_LDADD = $(LDADD) $(libselinux_LDADD) +execveat__secontext_LDADD = $(LDADD) $(libselinux_LDADD) +execveat__secontext_full_LDADD = $(LDADD) $(libselinux_LDADD) +faccessat__secontext_LDADD = $(LDADD) $(libselinux_LDADD) +faccessat__secontext_full_LDADD = $(LDADD) $(libselinux_LDADD) +faccessat_y__secontext_LDADD = $(LDADD) $(libselinux_LDADD) +faccessat_y__secontext_full_LDADD = $(LDADD) $(libselinux_LDADD) +fanotify_mark__secontext_LDADD = $(LDADD) $(libselinux_LDADD) +fanotify_mark__secontext_full_LDADD = $(LDADD) $(libselinux_LDADD) +fchmod__secontext_LDADD = $(LDADD) $(libselinux_LDADD) +fchmod__secontext_full_LDADD = $(LDADD) $(libselinux_LDADD) +fchmod_y__secontext_LDADD = $(LDADD) $(libselinux_LDADD) +fchmod_y__secontext_full_LDADD = $(LDADD) $(libselinux_LDADD) +fchmodat__secontext_LDADD = $(LDADD) $(libselinux_LDADD) +fchmodat__secontext_full_LDADD = $(LDADD) $(libselinux_LDADD) +fchownat__secontext_LDADD = $(LDADD) $(libselinux_LDADD) +fchownat__secontext_full_LDADD = $(LDADD) $(libselinux_LDADD) +file_handle__secontext_LDADD = $(LDADD) $(libselinux_LDADD) +file_handle__secontext_full_LDADD = $(LDADD) $(libselinux_LDADD) +linkat__secontext_LDADD = $(LDADD) $(libselinux_LDADD) +linkat__secontext_full_LDADD = $(LDADD) $(libselinux_LDADD) +open__secontext_LDADD = $(LDADD) $(libselinux_LDADD) +open__secontext_full_LDADD = $(LDADD) $(libselinux_LDADD) +openat__secontext_LDADD = $(LDADD) $(libselinux_LDADD) +openat__secontext_full_LDADD = $(LDADD) $(libselinux_LDADD) attach_f_p_LDADD = -lpthread $(LDADD) count_f_LDADD = -lpthread $(LDADD) delay_LDADD = $(clock_LIBS) $(LDADD) @@ -6129,14 +6371,15 @@ # Generated by ./tests/gen_tests.sh from ./tests/gen_tests.in; do not edit. GEN_TESTS = _newselect.gen.test _newselect-P.gen.test accept.gen.test \ - accept4.gen.test access.gen.test acct.gen.test \ - add_key.gen.test adjtimex.gen.test aio.gen.test \ - aio_pgetevents.gen.test alarm.gen.test bpf.gen.test \ - bpf-obj_get_info_by_fd.gen.test \ + accept4.gen.test access.gen.test access--secontext.gen.test \ + access--secontext_full.gen.test acct.gen.test add_key.gen.test \ + adjtimex.gen.test aio.gen.test aio_pgetevents.gen.test \ + alarm.gen.test bpf.gen.test bpf-obj_get_info_by_fd.gen.test \ bpf-obj_get_info_by_fd-prog.gen.test \ bpf-obj_get_info_by_fd-prog-v.gen.test \ bpf-obj_get_info_by_fd-v.gen.test bpf-v.gen.test \ - btrfs.gen.test chmod.gen.test chown.gen.test chown32.gen.test \ + btrfs.gen.test chmod.gen.test chmod--secontext.gen.test \ + chmod--secontext_full.gen.test chown.gen.test chown32.gen.test \ chroot.gen.test clock.gen.test clock_adjtime.gen.test \ clock_nanosleep.gen.test clock_xettime.gen.test \ clone3.gen.test clone3-Xabbrev.gen.test clone3-Xraw.gen.test \ @@ -6155,21 +6398,36 @@ dup3-P.gen.test dup3-y.gen.test dup3-yy.gen.test \ epoll_create.gen.test epoll_create1.gen.test \ epoll_ctl.gen.test epoll_pwait.gen.test epoll_wait.gen.test \ - erestartsys.gen.test execveat.gen.test execveat-v.gen.test \ - faccessat.gen.test fadvise64_64.gen.test fallocate.gen.test \ + erestartsys.gen.test execve--secontext.gen.test \ + execve--secontext_full.gen.test execveat.gen.test \ + execveat--secontext.gen.test execveat--secontext_full.gen.test \ + execveat-v.gen.test faccessat--secontext.gen.test \ + faccessat--secontext_full.gen.test faccessat-P.gen.test \ + faccessat-y.gen.test faccessat-y--secontext.gen.test \ + faccessat-y--secontext_full.gen.test faccessat-yy.gen.test \ + fadvise64_64.gen.test fallocate.gen.test \ fanotify_init.gen.test fanotify_mark.gen.test \ + fanotify_mark--secontext.gen.test \ + fanotify_mark--secontext_full.gen.test \ fanotify_mark-Xabbrev.gen.test fanotify_mark-Xraw.gen.test \ fanotify_mark-Xverbose.gen.test fchdir.gen.test \ - fchmod.gen.test fchmod-y.gen.test fchmodat.gen.test \ - fchown.gen.test fchown32.gen.test fchownat.gen.test \ + fchmod.gen.test fchmod--secontext.gen.test \ + fchmod--secontext_full.gen.test fchmod-y.gen.test \ + fchmod-y--secontext.gen.test fchmod-y--secontext_full.gen.test \ + fchmodat.gen.test fchmodat--secontext.gen.test \ + fchmodat--secontext_full.gen.test fchown.gen.test \ + fchown32.gen.test fchownat.gen.test \ + fchownat--secontext.gen.test fchownat--secontext_full.gen.test \ fcntl.gen.test fcntl--pidns-translation.gen.test \ fcntl64.gen.test fcntl64--pidns-translation.gen.test \ fdatasync.gen.test file_handle.gen.test file_ioctl.gen.test \ - filter_seccomp.gen.test filter_seccomp-flag.gen.test \ - finit_module.gen.test flock.gen.test fork-f.gen.test \ - fsconfig.gen.test fsconfig-P.gen.test fsmount.gen.test \ - fsopen.gen.test fspick.gen.test fspick-P.gen.test \ - fstat.gen.test fstat-Xabbrev.gen.test fstat-Xraw.gen.test \ + file_handle--secontext.gen.test \ + file_handle--secontext_full.gen.test filter_seccomp.gen.test \ + filter_seccomp-flag.gen.test finit_module.gen.test \ + flock.gen.test fork-f.gen.test fsconfig.gen.test \ + fsconfig-P.gen.test fsmount.gen.test fsopen.gen.test \ + fspick.gen.test fspick-P.gen.test fstat.gen.test \ + fstat-Xabbrev.gen.test fstat-Xraw.gen.test \ fstat-Xverbose.gen.test fstat64.gen.test \ fstat64-Xabbrev.gen.test fstat64-Xraw.gen.test \ fstat64-Xverbose.gen.test fstatat64.gen.test fstatfs.gen.test \ @@ -6259,8 +6517,9 @@ keyctl-Xverbose.gen.test kill.gen.test \ kill--pidns-translation.gen.test ksysent.gen.test \ lchown.gen.test lchown32.gen.test link.gen.test \ - linkat.gen.test lookup_dcookie.gen.test lstat.gen.test \ - lstat64.gen.test madvise.gen.test \ + linkat.gen.test linkat--secontext.gen.test \ + linkat--secontext_full.gen.test lookup_dcookie.gen.test \ + lstat.gen.test lstat64.gen.test madvise.gen.test \ maybe_switch_current_tcp.gen.test \ maybe_switch_current_tcp--quiet-thread-execve.gen.test \ mbind.gen.test mbind-Xabbrev.gen.test mbind-Xraw.gen.test \ @@ -6328,14 +6587,17 @@ old_mmap-v-none.gen.test oldfstat.gen.test oldlstat.gen.test \ oldselect.gen.test oldselect-P.gen.test \ oldselect-efault.gen.test oldselect-efault-P.gen.test \ - oldstat.gen.test open.gen.test open_tree.gen.test \ - open_tree-P.gen.test openat.gen.test openat2.gen.test \ - openat2-Xabbrev.gen.test openat2-Xraw.gen.test \ - openat2-Xverbose.gen.test openat2-v.gen.test \ - openat2-v-y.gen.test openat2-v-y-Xabbrev.gen.test \ - openat2-v-y-Xraw.gen.test openat2-v-y-Xverbose.gen.test \ - openat2-y.gen.test orphaned_process_group.gen.test \ - osf_utimes.gen.test pause.gen.test perf_event_open.gen.test \ + oldstat.gen.test open.gen.test open--secontext.gen.test \ + open--secontext_full.gen.test open_tree.gen.test \ + open_tree-P.gen.test openat.gen.test \ + openat--secontext.gen.test openat--secontext_full.gen.test \ + openat2.gen.test openat2-Xabbrev.gen.test \ + openat2-Xraw.gen.test openat2-Xverbose.gen.test \ + openat2-v.gen.test openat2-v-y.gen.test \ + openat2-v-y-Xabbrev.gen.test openat2-v-y-Xraw.gen.test \ + openat2-v-y-Xverbose.gen.test openat2-y.gen.test \ + orphaned_process_group.gen.test osf_utimes.gen.test \ + pause.gen.test perf_event_open.gen.test \ perf_event_open_nonverbose.gen.test \ perf_event_open_unabbrev.gen.test personality-Xabbrev.gen.test \ personality-Xraw.gen.test personality-Xverbose.gen.test \ @@ -6806,7 +7068,7 @@ .SUFFIXES: .SUFFIXES: .c .log .o .obj .test .test$(EXEEXT) .trs -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(srcdir)/pure_executables.am $(srcdir)/gen_tests.am $(srcdir)/../scno.am $(am__configure_deps) +$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(srcdir)/pure_executables.am $(srcdir)/secontext.am $(srcdir)/gen_tests.am $(srcdir)/../scno.am $(am__configure_deps) @for dep in $?; do \ case '$(am__configure_deps)' in \ *$$dep*) \ @@ -6826,7 +7088,7 @@ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles)'; \ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles);; \ esac; -$(srcdir)/pure_executables.am $(srcdir)/gen_tests.am $(srcdir)/../scno.am $(am__empty): +$(srcdir)/pure_executables.am $(srcdir)/secontext.am $(srcdir)/gen_tests.am $(srcdir)/../scno.am $(am__empty): $(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh @@ -6868,6 +7130,14 @@ @rm -f access$(EXEEXT) $(AM_V_CCLD)$(LINK) $(access_OBJECTS) $(access_LDADD) $(LIBS) +access--secontext$(EXEEXT): $(access__secontext_OBJECTS) $(access__secontext_DEPENDENCIES) $(EXTRA_access__secontext_DEPENDENCIES) + @rm -f access--secontext$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(access__secontext_OBJECTS) $(access__secontext_LDADD) $(LIBS) + +access--secontext_full$(EXEEXT): $(access__secontext_full_OBJECTS) $(access__secontext_full_DEPENDENCIES) $(EXTRA_access__secontext_full_DEPENDENCIES) + @rm -f access--secontext_full$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(access__secontext_full_OBJECTS) $(access__secontext_full_LDADD) $(LIBS) + acct$(EXEEXT): $(acct_OBJECTS) $(acct_DEPENDENCIES) $(EXTRA_acct_DEPENDENCIES) @rm -f acct$(EXEEXT) $(AM_V_CCLD)$(LINK) $(acct_OBJECTS) $(acct_LDADD) $(LIBS) @@ -6984,6 +7254,14 @@ @rm -f chmod$(EXEEXT) $(AM_V_CCLD)$(LINK) $(chmod_OBJECTS) $(chmod_LDADD) $(LIBS) +chmod--secontext$(EXEEXT): $(chmod__secontext_OBJECTS) $(chmod__secontext_DEPENDENCIES) $(EXTRA_chmod__secontext_DEPENDENCIES) + @rm -f chmod--secontext$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(chmod__secontext_OBJECTS) $(chmod__secontext_LDADD) $(LIBS) + +chmod--secontext_full$(EXEEXT): $(chmod__secontext_full_OBJECTS) $(chmod__secontext_full_DEPENDENCIES) $(EXTRA_chmod__secontext_full_DEPENDENCIES) + @rm -f chmod--secontext_full$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(chmod__secontext_full_OBJECTS) $(chmod__secontext_full_LDADD) $(LIBS) + chown$(EXEEXT): $(chown_OBJECTS) $(chown_DEPENDENCIES) $(EXTRA_chown_DEPENDENCIES) @rm -f chown$(EXEEXT) $(AM_V_CCLD)$(LINK) $(chown_OBJECTS) $(chown_LDADD) $(LIBS) @@ -7196,6 +7474,14 @@ @rm -f execve$(EXEEXT) $(AM_V_CCLD)$(LINK) $(execve_OBJECTS) $(execve_LDADD) $(LIBS) +execve--secontext$(EXEEXT): $(execve__secontext_OBJECTS) $(execve__secontext_DEPENDENCIES) $(EXTRA_execve__secontext_DEPENDENCIES) + @rm -f execve--secontext$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(execve__secontext_OBJECTS) $(execve__secontext_LDADD) $(LIBS) + +execve--secontext_full$(EXEEXT): $(execve__secontext_full_OBJECTS) $(execve__secontext_full_DEPENDENCIES) $(EXTRA_execve__secontext_full_DEPENDENCIES) + @rm -f execve--secontext_full$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(execve__secontext_full_OBJECTS) $(execve__secontext_full_LDADD) $(LIBS) + execve-v$(EXEEXT): $(execve_v_OBJECTS) $(execve_v_DEPENDENCIES) $(EXTRA_execve_v_DEPENDENCIES) @rm -f execve-v$(EXEEXT) $(AM_V_CCLD)$(LINK) $(execve_v_OBJECTS) $(execve_v_LDADD) $(LIBS) @@ -7204,6 +7490,14 @@ @rm -f execveat$(EXEEXT) $(AM_V_CCLD)$(LINK) $(execveat_OBJECTS) $(execveat_LDADD) $(LIBS) +execveat--secontext$(EXEEXT): $(execveat__secontext_OBJECTS) $(execveat__secontext_DEPENDENCIES) $(EXTRA_execveat__secontext_DEPENDENCIES) + @rm -f execveat--secontext$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(execveat__secontext_OBJECTS) $(execveat__secontext_LDADD) $(LIBS) + +execveat--secontext_full$(EXEEXT): $(execveat__secontext_full_OBJECTS) $(execveat__secontext_full_DEPENDENCIES) $(EXTRA_execveat__secontext_full_DEPENDENCIES) + @rm -f execveat--secontext_full$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(execveat__secontext_full_OBJECTS) $(execveat__secontext_full_LDADD) $(LIBS) + execveat-v$(EXEEXT): $(execveat_v_OBJECTS) $(execveat_v_DEPENDENCIES) $(EXTRA_execveat_v_DEPENDENCIES) @rm -f execveat-v$(EXEEXT) $(AM_V_CCLD)$(LINK) $(execveat_v_OBJECTS) $(execveat_v_LDADD) $(LIBS) @@ -7212,6 +7506,34 @@ @rm -f faccessat$(EXEEXT) $(AM_V_CCLD)$(LINK) $(faccessat_OBJECTS) $(faccessat_LDADD) $(LIBS) +faccessat--secontext$(EXEEXT): $(faccessat__secontext_OBJECTS) $(faccessat__secontext_DEPENDENCIES) $(EXTRA_faccessat__secontext_DEPENDENCIES) + @rm -f faccessat--secontext$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(faccessat__secontext_OBJECTS) $(faccessat__secontext_LDADD) $(LIBS) + +faccessat--secontext_full$(EXEEXT): $(faccessat__secontext_full_OBJECTS) $(faccessat__secontext_full_DEPENDENCIES) $(EXTRA_faccessat__secontext_full_DEPENDENCIES) + @rm -f faccessat--secontext_full$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(faccessat__secontext_full_OBJECTS) $(faccessat__secontext_full_LDADD) $(LIBS) + +faccessat-P$(EXEEXT): $(faccessat_P_OBJECTS) $(faccessat_P_DEPENDENCIES) $(EXTRA_faccessat_P_DEPENDENCIES) + @rm -f faccessat-P$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(faccessat_P_OBJECTS) $(faccessat_P_LDADD) $(LIBS) + +faccessat-y$(EXEEXT): $(faccessat_y_OBJECTS) $(faccessat_y_DEPENDENCIES) $(EXTRA_faccessat_y_DEPENDENCIES) + @rm -f faccessat-y$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(faccessat_y_OBJECTS) $(faccessat_y_LDADD) $(LIBS) + +faccessat-y--secontext$(EXEEXT): $(faccessat_y__secontext_OBJECTS) $(faccessat_y__secontext_DEPENDENCIES) $(EXTRA_faccessat_y__secontext_DEPENDENCIES) + @rm -f faccessat-y--secontext$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(faccessat_y__secontext_OBJECTS) $(faccessat_y__secontext_LDADD) $(LIBS) + +faccessat-y--secontext_full$(EXEEXT): $(faccessat_y__secontext_full_OBJECTS) $(faccessat_y__secontext_full_DEPENDENCIES) $(EXTRA_faccessat_y__secontext_full_DEPENDENCIES) + @rm -f faccessat-y--secontext_full$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(faccessat_y__secontext_full_OBJECTS) $(faccessat_y__secontext_full_LDADD) $(LIBS) + +faccessat-yy$(EXEEXT): $(faccessat_yy_OBJECTS) $(faccessat_yy_DEPENDENCIES) $(EXTRA_faccessat_yy_DEPENDENCIES) + @rm -f faccessat-yy$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(faccessat_yy_OBJECTS) $(faccessat_yy_LDADD) $(LIBS) + fadvise64$(EXEEXT): $(fadvise64_OBJECTS) $(fadvise64_DEPENDENCIES) $(EXTRA_fadvise64_DEPENDENCIES) @rm -f fadvise64$(EXEEXT) $(AM_V_CCLD)$(LINK) $(fadvise64_OBJECTS) $(fadvise64_LDADD) $(LIBS) @@ -7232,6 +7554,14 @@ @rm -f fanotify_mark$(EXEEXT) $(AM_V_CCLD)$(LINK) $(fanotify_mark_OBJECTS) $(fanotify_mark_LDADD) $(LIBS) +fanotify_mark--secontext$(EXEEXT): $(fanotify_mark__secontext_OBJECTS) $(fanotify_mark__secontext_DEPENDENCIES) $(EXTRA_fanotify_mark__secontext_DEPENDENCIES) + @rm -f fanotify_mark--secontext$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(fanotify_mark__secontext_OBJECTS) $(fanotify_mark__secontext_LDADD) $(LIBS) + +fanotify_mark--secontext_full$(EXEEXT): $(fanotify_mark__secontext_full_OBJECTS) $(fanotify_mark__secontext_full_DEPENDENCIES) $(EXTRA_fanotify_mark__secontext_full_DEPENDENCIES) + @rm -f fanotify_mark--secontext_full$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(fanotify_mark__secontext_full_OBJECTS) $(fanotify_mark__secontext_full_LDADD) $(LIBS) + fanotify_mark-Xabbrev$(EXEEXT): $(fanotify_mark_Xabbrev_OBJECTS) $(fanotify_mark_Xabbrev_DEPENDENCIES) $(EXTRA_fanotify_mark_Xabbrev_DEPENDENCIES) @rm -f fanotify_mark-Xabbrev$(EXEEXT) $(AM_V_CCLD)$(LINK) $(fanotify_mark_Xabbrev_OBJECTS) $(fanotify_mark_Xabbrev_LDADD) $(LIBS) @@ -7252,14 +7582,38 @@ @rm -f fchmod$(EXEEXT) $(AM_V_CCLD)$(LINK) $(fchmod_OBJECTS) $(fchmod_LDADD) $(LIBS) +fchmod--secontext$(EXEEXT): $(fchmod__secontext_OBJECTS) $(fchmod__secontext_DEPENDENCIES) $(EXTRA_fchmod__secontext_DEPENDENCIES) + @rm -f fchmod--secontext$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(fchmod__secontext_OBJECTS) $(fchmod__secontext_LDADD) $(LIBS) + +fchmod--secontext_full$(EXEEXT): $(fchmod__secontext_full_OBJECTS) $(fchmod__secontext_full_DEPENDENCIES) $(EXTRA_fchmod__secontext_full_DEPENDENCIES) + @rm -f fchmod--secontext_full$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(fchmod__secontext_full_OBJECTS) $(fchmod__secontext_full_LDADD) $(LIBS) + fchmod-y$(EXEEXT): $(fchmod_y_OBJECTS) $(fchmod_y_DEPENDENCIES) $(EXTRA_fchmod_y_DEPENDENCIES) @rm -f fchmod-y$(EXEEXT) $(AM_V_CCLD)$(LINK) $(fchmod_y_OBJECTS) $(fchmod_y_LDADD) $(LIBS) +fchmod-y--secontext$(EXEEXT): $(fchmod_y__secontext_OBJECTS) $(fchmod_y__secontext_DEPENDENCIES) $(EXTRA_fchmod_y__secontext_DEPENDENCIES) + @rm -f fchmod-y--secontext$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(fchmod_y__secontext_OBJECTS) $(fchmod_y__secontext_LDADD) $(LIBS) + +fchmod-y--secontext_full$(EXEEXT): $(fchmod_y__secontext_full_OBJECTS) $(fchmod_y__secontext_full_DEPENDENCIES) $(EXTRA_fchmod_y__secontext_full_DEPENDENCIES) + @rm -f fchmod-y--secontext_full$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(fchmod_y__secontext_full_OBJECTS) $(fchmod_y__secontext_full_LDADD) $(LIBS) + fchmodat$(EXEEXT): $(fchmodat_OBJECTS) $(fchmodat_DEPENDENCIES) $(EXTRA_fchmodat_DEPENDENCIES) @rm -f fchmodat$(EXEEXT) $(AM_V_CCLD)$(LINK) $(fchmodat_OBJECTS) $(fchmodat_LDADD) $(LIBS) +fchmodat--secontext$(EXEEXT): $(fchmodat__secontext_OBJECTS) $(fchmodat__secontext_DEPENDENCIES) $(EXTRA_fchmodat__secontext_DEPENDENCIES) + @rm -f fchmodat--secontext$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(fchmodat__secontext_OBJECTS) $(fchmodat__secontext_LDADD) $(LIBS) + +fchmodat--secontext_full$(EXEEXT): $(fchmodat__secontext_full_OBJECTS) $(fchmodat__secontext_full_DEPENDENCIES) $(EXTRA_fchmodat__secontext_full_DEPENDENCIES) + @rm -f fchmodat--secontext_full$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(fchmodat__secontext_full_OBJECTS) $(fchmodat__secontext_full_LDADD) $(LIBS) + fchown$(EXEEXT): $(fchown_OBJECTS) $(fchown_DEPENDENCIES) $(EXTRA_fchown_DEPENDENCIES) @rm -f fchown$(EXEEXT) $(AM_V_CCLD)$(LINK) $(fchown_OBJECTS) $(fchown_LDADD) $(LIBS) @@ -7272,6 +7626,14 @@ @rm -f fchownat$(EXEEXT) $(AM_V_CCLD)$(LINK) $(fchownat_OBJECTS) $(fchownat_LDADD) $(LIBS) +fchownat--secontext$(EXEEXT): $(fchownat__secontext_OBJECTS) $(fchownat__secontext_DEPENDENCIES) $(EXTRA_fchownat__secontext_DEPENDENCIES) + @rm -f fchownat--secontext$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(fchownat__secontext_OBJECTS) $(fchownat__secontext_LDADD) $(LIBS) + +fchownat--secontext_full$(EXEEXT): $(fchownat__secontext_full_OBJECTS) $(fchownat__secontext_full_DEPENDENCIES) $(EXTRA_fchownat__secontext_full_DEPENDENCIES) + @rm -f fchownat--secontext_full$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(fchownat__secontext_full_OBJECTS) $(fchownat__secontext_full_LDADD) $(LIBS) + fcntl$(EXEEXT): $(fcntl_OBJECTS) $(fcntl_DEPENDENCIES) $(EXTRA_fcntl_DEPENDENCIES) @rm -f fcntl$(EXEEXT) $(AM_V_CCLD)$(LINK) $(fcntl_OBJECTS) $(fcntl_LDADD) $(LIBS) @@ -7300,6 +7662,14 @@ @rm -f file_handle$(EXEEXT) $(AM_V_CCLD)$(LINK) $(file_handle_OBJECTS) $(file_handle_LDADD) $(LIBS) +file_handle--secontext$(EXEEXT): $(file_handle__secontext_OBJECTS) $(file_handle__secontext_DEPENDENCIES) $(EXTRA_file_handle__secontext_DEPENDENCIES) + @rm -f file_handle--secontext$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(file_handle__secontext_OBJECTS) $(file_handle__secontext_LDADD) $(LIBS) + +file_handle--secontext_full$(EXEEXT): $(file_handle__secontext_full_OBJECTS) $(file_handle__secontext_full_DEPENDENCIES) $(EXTRA_file_handle__secontext_full_DEPENDENCIES) + @rm -f file_handle--secontext_full$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(file_handle__secontext_full_OBJECTS) $(file_handle__secontext_full_LDADD) $(LIBS) + file_ioctl$(EXEEXT): $(file_ioctl_OBJECTS) $(file_ioctl_DEPENDENCIES) $(EXTRA_file_ioctl_DEPENDENCIES) @rm -f file_ioctl$(EXEEXT) $(AM_V_CCLD)$(LINK) $(file_ioctl_OBJECTS) $(file_ioctl_LDADD) $(LIBS) @@ -8124,6 +8494,14 @@ @rm -f linkat$(EXEEXT) $(AM_V_CCLD)$(LINK) $(linkat_OBJECTS) $(linkat_LDADD) $(LIBS) +linkat--secontext$(EXEEXT): $(linkat__secontext_OBJECTS) $(linkat__secontext_DEPENDENCIES) $(EXTRA_linkat__secontext_DEPENDENCIES) + @rm -f linkat--secontext$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(linkat__secontext_OBJECTS) $(linkat__secontext_LDADD) $(LIBS) + +linkat--secontext_full$(EXEEXT): $(linkat__secontext_full_OBJECTS) $(linkat__secontext_full_DEPENDENCIES) $(EXTRA_linkat__secontext_full_DEPENDENCIES) + @rm -f linkat--secontext_full$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(linkat__secontext_full_OBJECTS) $(linkat__secontext_full_LDADD) $(LIBS) + list_sigaction_signum$(EXEEXT): $(list_sigaction_signum_OBJECTS) $(list_sigaction_signum_DEPENDENCIES) $(EXTRA_list_sigaction_signum_DEPENDENCIES) @rm -f list_sigaction_signum$(EXEEXT) $(AM_V_CCLD)$(LINK) $(list_sigaction_signum_OBJECTS) $(list_sigaction_signum_LDADD) $(LIBS) @@ -8756,6 +9134,14 @@ @rm -f open$(EXEEXT) $(AM_V_CCLD)$(LINK) $(open_OBJECTS) $(open_LDADD) $(LIBS) +open--secontext$(EXEEXT): $(open__secontext_OBJECTS) $(open__secontext_DEPENDENCIES) $(EXTRA_open__secontext_DEPENDENCIES) + @rm -f open--secontext$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(open__secontext_OBJECTS) $(open__secontext_LDADD) $(LIBS) + +open--secontext_full$(EXEEXT): $(open__secontext_full_OBJECTS) $(open__secontext_full_DEPENDENCIES) $(EXTRA_open__secontext_full_DEPENDENCIES) + @rm -f open--secontext_full$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(open__secontext_full_OBJECTS) $(open__secontext_full_LDADD) $(LIBS) + open_tree$(EXEEXT): $(open_tree_OBJECTS) $(open_tree_DEPENDENCIES) $(EXTRA_open_tree_DEPENDENCIES) @rm -f open_tree$(EXEEXT) $(AM_V_CCLD)$(LINK) $(open_tree_OBJECTS) $(open_tree_LDADD) $(LIBS) @@ -8768,6 +9154,14 @@ @rm -f openat$(EXEEXT) $(AM_V_CCLD)$(LINK) $(openat_OBJECTS) $(openat_LDADD) $(LIBS) +openat--secontext$(EXEEXT): $(openat__secontext_OBJECTS) $(openat__secontext_DEPENDENCIES) $(EXTRA_openat__secontext_DEPENDENCIES) + @rm -f openat--secontext$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(openat__secontext_OBJECTS) $(openat__secontext_LDADD) $(LIBS) + +openat--secontext_full$(EXEEXT): $(openat__secontext_full_OBJECTS) $(openat__secontext_full_DEPENDENCIES) $(EXTRA_openat__secontext_full_DEPENDENCIES) + @rm -f openat--secontext_full$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(openat__secontext_full_OBJECTS) $(openat__secontext_full_LDADD) $(LIBS) + openat2$(EXEEXT): $(openat2_OBJECTS) $(openat2_DEPENDENCIES) $(EXTRA_openat2_DEPENDENCIES) @rm -f openat2$(EXEEXT) $(AM_V_CCLD)$(LINK) $(openat2_OBJECTS) $(openat2_LDADD) $(LIBS) @@ -10094,6 +10488,8 @@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/_newselect.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/accept.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/accept4.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/access--secontext.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/access--secontext_full.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/access.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/acct.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/add_key.Po@am__quote@ # am--include-marker @@ -10123,6 +10519,8 @@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/caps.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/check_sigblock.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/check_sigign.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/chmod--secontext.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/chmod--secontext_full.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/chmod.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/chown.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/chown32.Po@am__quote@ # am--include-marker @@ -10176,25 +10574,46 @@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/epoll_wait.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/erestartsys.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/eventfd.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/execve--secontext.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/execve--secontext_full.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/execve-v.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/execve.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/execveat--secontext.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/execveat--secontext_full.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/execveat-v.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/execveat.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/faccessat--secontext.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/faccessat--secontext_full.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/faccessat-P.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/faccessat-y--secontext.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/faccessat-y--secontext_full.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/faccessat-y.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/faccessat-yy.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/faccessat.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fadvise64.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fadvise64_64.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fallocate.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fanotify_init.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fanotify_mark--secontext.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fanotify_mark--secontext_full.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fanotify_mark-Xabbrev.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fanotify_mark-Xraw.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fanotify_mark-Xverbose.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fanotify_mark.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fchdir.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fchmod--secontext.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fchmod--secontext_full.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fchmod-y--secontext.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fchmod-y--secontext_full.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fchmod-y.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fchmod.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fchmodat--secontext.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fchmodat--secontext_full.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fchmodat.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fchown.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fchown32.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fchownat--secontext.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fchownat--secontext_full.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fchownat.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fcntl--pidns-translation.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fcntl.Po@am__quote@ # am--include-marker @@ -10202,6 +10621,8 @@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fcntl64.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fdatasync.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fflush.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/file_handle--secontext.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/file_handle--secontext_full.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/file_handle.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/file_ioctl.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/filter-unavailable.Po@am__quote@ # am--include-marker @@ -10431,6 +10852,7 @@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libtests_a-printxval-Xabbrev.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libtests_a-printxval-Xraw.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libtests_a-printxval-Xverbose.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libtests_a-secontext.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libtests_a-signal2name.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libtests_a-skip_unavailable.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libtests_a-sprintrc.Po@am__quote@ # am--include-marker @@ -10443,6 +10865,8 @@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libtests_a-tprintf.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libtests_a-xmalloc_for_tests.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/link.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/linkat--secontext.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/linkat--secontext_full.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/linkat.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/list_sigaction_signum.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/llseek.Po@am__quote@ # am--include-marker @@ -10601,9 +11025,13 @@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/oldselect-efault.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/oldselect.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/oldstat.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/open--secontext.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/open--secontext_full.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/open.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/open_tree-P.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/open_tree.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/openat--secontext.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/openat--secontext_full.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/openat.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/openat2-Xabbrev.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/openat2-Xraw.Po@am__quote@ # am--include-marker @@ -11300,6 +11728,20 @@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libtests_a_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libtests_a-printxval-Xverbose.obj `if test -f 'printxval-Xverbose.c'; then $(CYGPATH_W) 'printxval-Xverbose.c'; else $(CYGPATH_W) '$(srcdir)/printxval-Xverbose.c'; fi` +libtests_a-secontext.o: secontext.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libtests_a_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libtests_a-secontext.o -MD -MP -MF $(DEPDIR)/libtests_a-secontext.Tpo -c -o libtests_a-secontext.o `test -f 'secontext.c' || echo '$(srcdir)/'`secontext.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libtests_a-secontext.Tpo $(DEPDIR)/libtests_a-secontext.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='secontext.c' object='libtests_a-secontext.o' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libtests_a_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libtests_a-secontext.o `test -f 'secontext.c' || echo '$(srcdir)/'`secontext.c + +libtests_a-secontext.obj: secontext.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libtests_a_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libtests_a-secontext.obj -MD -MP -MF $(DEPDIR)/libtests_a-secontext.Tpo -c -o libtests_a-secontext.obj `if test -f 'secontext.c'; then $(CYGPATH_W) 'secontext.c'; else $(CYGPATH_W) '$(srcdir)/secontext.c'; fi` +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libtests_a-secontext.Tpo $(DEPDIR)/libtests_a-secontext.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='secontext.c' object='libtests_a-secontext.obj' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libtests_a_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libtests_a-secontext.obj `if test -f 'secontext.c'; then $(CYGPATH_W) 'secontext.c'; else $(CYGPATH_W) '$(srcdir)/secontext.c'; fi` + libtests_a-signal2name.o: signal2name.c @am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libtests_a_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libtests_a-signal2name.o -MD -MP -MF $(DEPDIR)/libtests_a-signal2name.Tpo -c -o libtests_a-signal2name.o `test -f 'signal2name.c' || echo '$(srcdir)/'`signal2name.c @am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libtests_a-signal2name.Tpo $(DEPDIR)/libtests_a-signal2name.Po @@ -13841,6 +14283,12 @@ $(srcdir)/access.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in $(AM_V_GEN) $^ $@ +$(srcdir)/access--secontext.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in + $(AM_V_GEN) $^ $@ + +$(srcdir)/access--secontext_full.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in + $(AM_V_GEN) $^ $@ + $(srcdir)/acct.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in $(AM_V_GEN) $^ $@ @@ -13883,6 +14331,12 @@ $(srcdir)/chmod.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in $(AM_V_GEN) $^ $@ +$(srcdir)/chmod--secontext.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in + $(AM_V_GEN) $^ $@ + +$(srcdir)/chmod--secontext_full.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in + $(AM_V_GEN) $^ $@ + $(srcdir)/chown.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in $(AM_V_GEN) $^ $@ @@ -14024,13 +14478,43 @@ $(srcdir)/erestartsys.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in $(AM_V_GEN) $^ $@ +$(srcdir)/execve--secontext.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in + $(AM_V_GEN) $^ $@ + +$(srcdir)/execve--secontext_full.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in + $(AM_V_GEN) $^ $@ + $(srcdir)/execveat.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in $(AM_V_GEN) $^ $@ +$(srcdir)/execveat--secontext.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in + $(AM_V_GEN) $^ $@ + +$(srcdir)/execveat--secontext_full.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in + $(AM_V_GEN) $^ $@ + $(srcdir)/execveat-v.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in $(AM_V_GEN) $^ $@ -$(srcdir)/faccessat.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in +$(srcdir)/faccessat--secontext.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in + $(AM_V_GEN) $^ $@ + +$(srcdir)/faccessat--secontext_full.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in + $(AM_V_GEN) $^ $@ + +$(srcdir)/faccessat-P.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in + $(AM_V_GEN) $^ $@ + +$(srcdir)/faccessat-y.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in + $(AM_V_GEN) $^ $@ + +$(srcdir)/faccessat-y--secontext.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in + $(AM_V_GEN) $^ $@ + +$(srcdir)/faccessat-y--secontext_full.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in + $(AM_V_GEN) $^ $@ + +$(srcdir)/faccessat-yy.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in $(AM_V_GEN) $^ $@ $(srcdir)/fadvise64_64.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in @@ -14045,6 +14529,12 @@ $(srcdir)/fanotify_mark.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in $(AM_V_GEN) $^ $@ +$(srcdir)/fanotify_mark--secontext.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in + $(AM_V_GEN) $^ $@ + +$(srcdir)/fanotify_mark--secontext_full.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in + $(AM_V_GEN) $^ $@ + $(srcdir)/fanotify_mark-Xabbrev.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in $(AM_V_GEN) $^ $@ @@ -14060,12 +14550,30 @@ $(srcdir)/fchmod.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in $(AM_V_GEN) $^ $@ +$(srcdir)/fchmod--secontext.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in + $(AM_V_GEN) $^ $@ + +$(srcdir)/fchmod--secontext_full.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in + $(AM_V_GEN) $^ $@ + $(srcdir)/fchmod-y.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in $(AM_V_GEN) $^ $@ +$(srcdir)/fchmod-y--secontext.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in + $(AM_V_GEN) $^ $@ + +$(srcdir)/fchmod-y--secontext_full.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in + $(AM_V_GEN) $^ $@ + $(srcdir)/fchmodat.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in $(AM_V_GEN) $^ $@ +$(srcdir)/fchmodat--secontext.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in + $(AM_V_GEN) $^ $@ + +$(srcdir)/fchmodat--secontext_full.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in + $(AM_V_GEN) $^ $@ + $(srcdir)/fchown.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in $(AM_V_GEN) $^ $@ @@ -14075,6 +14583,12 @@ $(srcdir)/fchownat.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in $(AM_V_GEN) $^ $@ +$(srcdir)/fchownat--secontext.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in + $(AM_V_GEN) $^ $@ + +$(srcdir)/fchownat--secontext_full.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in + $(AM_V_GEN) $^ $@ + $(srcdir)/fcntl.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in $(AM_V_GEN) $^ $@ @@ -14096,6 +14610,12 @@ $(srcdir)/file_ioctl.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in $(AM_V_GEN) $^ $@ +$(srcdir)/file_handle--secontext.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in + $(AM_V_GEN) $^ $@ + +$(srcdir)/file_handle--secontext_full.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in + $(AM_V_GEN) $^ $@ + $(srcdir)/filter_seccomp.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in $(AM_V_GEN) $^ $@ @@ -14690,6 +15210,12 @@ $(srcdir)/linkat.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in $(AM_V_GEN) $^ $@ +$(srcdir)/linkat--secontext.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in + $(AM_V_GEN) $^ $@ + +$(srcdir)/linkat--secontext_full.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in + $(AM_V_GEN) $^ $@ + $(srcdir)/lookup_dcookie.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in $(AM_V_GEN) $^ $@ @@ -15107,6 +15633,12 @@ $(srcdir)/open.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in $(AM_V_GEN) $^ $@ +$(srcdir)/open--secontext.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in + $(AM_V_GEN) $^ $@ + +$(srcdir)/open--secontext_full.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in + $(AM_V_GEN) $^ $@ + $(srcdir)/open_tree.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in $(AM_V_GEN) $^ $@ @@ -15116,6 +15648,12 @@ $(srcdir)/openat.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in $(AM_V_GEN) $^ $@ +$(srcdir)/openat--secontext.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in + $(AM_V_GEN) $^ $@ + +$(srcdir)/openat--secontext_full.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in + $(AM_V_GEN) $^ $@ + $(srcdir)/openat2.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in $(AM_V_GEN) $^ $@ Index: strace-5.7/tests-mx32/Makefile.in =================================================================== --- strace-5.7.orig/tests-mx32/Makefile.in 2021-08-24 21:08:35.498311681 +0200 +++ strace-5.7/tests-mx32/Makefile.in 2021-08-24 21:08:43.292245714 +0200 @@ -22,6 +22,8 @@ # # SPDX-License-Identifier: GPL-2.0-or-later +# Generated by ./tests/gen_secontext.sh from ./tests/gen_tests.in; do not edit. + # scno.h make rules for strace. # # Copyright (c) 2017-2019 Dmitry V. Levin @@ -102,8 +104,8 @@ POST_UNINSTALL = : build_triplet = @build@ host_triplet = @host@ -check_PROGRAMS = $(am__EXEEXT_1) _newselect-P$(EXEEXT) answer$(EXEEXT) \ - attach-f-p$(EXEEXT) attach-f-p-cmd$(EXEEXT) \ +check_PROGRAMS = $(am__EXEEXT_1) $(am__EXEEXT_2) _newselect-P$(EXEEXT) \ + answer$(EXEEXT) attach-f-p$(EXEEXT) attach-f-p-cmd$(EXEEXT) \ attach-p-cmd-cmd$(EXEEXT) attach-p-cmd-p$(EXEEXT) \ block_reset_raise_run$(EXEEXT) block_reset_run$(EXEEXT) \ bpf-obj_get_info_by_fd$(EXEEXT) \ @@ -221,7 +223,7 @@ xetpriority--pidns-translation$(EXEEXT) \ xet_robust_list--pidns-translation$(EXEEXT) zeroargc$(EXEEXT) @ENABLE_STACKTRACE_TRUE@@USE_DEMANGLE_TRUE@am__append_1 = strace-k-demangle.test -TESTS = $(GEN_TESTS) $(DECODER_TESTS) $(MISC_TESTS) $(am__EXEEXT_2) +TESTS = $(GEN_TESTS) $(DECODER_TESTS) $(MISC_TESTS) $(am__EXEEXT_3) subdir = tests-mx32 ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 am__aclocal_m4_deps = $(top_srcdir)/xlat/btrfs_compress_types.m4 \ @@ -270,6 +272,7 @@ $(top_srcdir)/m4/st_esyscmd_s.m4 $(top_srcdir)/m4/st_libdw.m4 \ $(top_srcdir)/m4/st_libunwind.m4 \ $(top_srcdir)/m4/st_save_restore_var.m4 \ + $(top_srcdir)/m4/st_selinux.m4 \ $(top_srcdir)/m4/st_stacktrace.m4 \ $(top_srcdir)/m4/st_warn_cflags.m4 \ $(top_srcdir)/m4/warnings.m4 $(top_srcdir)/configure.ac @@ -298,7 +301,8 @@ epoll_create$(EXEEXT) epoll_create1$(EXEEXT) \ epoll_ctl$(EXEEXT) epoll_pwait$(EXEEXT) epoll_wait$(EXEEXT) \ erestartsys$(EXEEXT) eventfd$(EXEEXT) execve$(EXEEXT) \ - execveat$(EXEEXT) faccessat$(EXEEXT) fadvise64$(EXEEXT) \ + execveat$(EXEEXT) faccessat$(EXEEXT) faccessat-P$(EXEEXT) \ + faccessat-y$(EXEEXT) faccessat-yy$(EXEEXT) fadvise64$(EXEEXT) \ fadvise64_64$(EXEEXT) fallocate$(EXEEXT) \ fanotify_init$(EXEEXT) fanotify_mark$(EXEEXT) \ fanotify_mark-Xabbrev$(EXEEXT) fanotify_mark-Xraw$(EXEEXT) \ @@ -543,6 +547,26 @@ xattr-strings$(EXEEXT) xet_robust_list$(EXEEXT) \ xet_thread_area_x86$(EXEEXT) xetitimer$(EXEEXT) \ xetpgid$(EXEEXT) xetpriority$(EXEEXT) xettimeofday$(EXEEXT) +am__EXEEXT_2 = access--secontext$(EXEEXT) \ + access--secontext_full$(EXEEXT) chmod--secontext$(EXEEXT) \ + chmod--secontext_full$(EXEEXT) execve--secontext$(EXEEXT) \ + execve--secontext_full$(EXEEXT) execveat--secontext$(EXEEXT) \ + execveat--secontext_full$(EXEEXT) \ + faccessat--secontext$(EXEEXT) \ + faccessat--secontext_full$(EXEEXT) \ + faccessat-y--secontext$(EXEEXT) \ + faccessat-y--secontext_full$(EXEEXT) \ + fanotify_mark--secontext$(EXEEXT) \ + fanotify_mark--secontext_full$(EXEEXT) \ + fchmod--secontext$(EXEEXT) fchmod--secontext_full$(EXEEXT) \ + fchmod-y--secontext$(EXEEXT) fchmod-y--secontext_full$(EXEEXT) \ + fchmodat--secontext$(EXEEXT) fchmodat--secontext_full$(EXEEXT) \ + fchownat--secontext$(EXEEXT) fchownat--secontext_full$(EXEEXT) \ + file_handle--secontext$(EXEEXT) \ + file_handle--secontext_full$(EXEEXT) \ + linkat--secontext$(EXEEXT) linkat--secontext_full$(EXEEXT) \ + open--secontext$(EXEEXT) open--secontext_full$(EXEEXT) \ + openat--secontext$(EXEEXT) openat--secontext_full$(EXEEXT) ARFLAGS = cru AM_V_AR = $(am__v_AR_@AM_V@) am__v_AR_ = $(am__v_AR_@AM_DEFAULT_V@) @@ -571,6 +595,7 @@ libtests_a-printxval-Xabbrev.$(OBJEXT) \ libtests_a-printxval-Xraw.$(OBJEXT) \ libtests_a-printxval-Xverbose.$(OBJEXT) \ + libtests_a-secontext.$(OBJEXT) \ libtests_a-signal2name.$(OBJEXT) \ libtests_a-skip_unavailable.$(OBJEXT) \ libtests_a-sprintrc.$(OBJEXT) libtests_a-status.$(OBJEXT) \ @@ -600,6 +625,15 @@ access_OBJECTS = access.$(OBJEXT) access_LDADD = $(LDADD) access_DEPENDENCIES = libtests.a +access__secontext_SOURCES = access--secontext.c +access__secontext_OBJECTS = access--secontext.$(OBJEXT) +am__DEPENDENCIES_1 = +@HAVE_MX32_SELINUX_RUNTIME_TRUE@am__DEPENDENCIES_2 = \ +@HAVE_MX32_SELINUX_RUNTIME_TRUE@ $(am__DEPENDENCIES_1) +access__secontext_DEPENDENCIES = $(LDADD) $(am__DEPENDENCIES_2) +access__secontext_full_SOURCES = access--secontext_full.c +access__secontext_full_OBJECTS = access--secontext_full.$(OBJEXT) +access__secontext_full_DEPENDENCIES = $(LDADD) $(am__DEPENDENCIES_2) acct_SOURCES = acct.c acct_OBJECTS = acct.$(OBJEXT) acct_LDADD = $(LDADD) @@ -718,6 +752,12 @@ chmod_OBJECTS = chmod.$(OBJEXT) chmod_LDADD = $(LDADD) chmod_DEPENDENCIES = libtests.a +chmod__secontext_SOURCES = chmod--secontext.c +chmod__secontext_OBJECTS = chmod--secontext.$(OBJEXT) +chmod__secontext_DEPENDENCIES = $(LDADD) $(am__DEPENDENCIES_2) +chmod__secontext_full_SOURCES = chmod--secontext_full.c +chmod__secontext_full_OBJECTS = chmod--secontext_full.$(OBJEXT) +chmod__secontext_full_DEPENDENCIES = $(LDADD) $(am__DEPENDENCIES_2) chown_SOURCES = chown.c chown_OBJECTS = chown.$(OBJEXT) chown_LDADD = $(LDADD) @@ -828,7 +868,6 @@ creat_DEPENDENCIES = libtests.a delay_SOURCES = delay.c delay_OBJECTS = delay.$(OBJEXT) -am__DEPENDENCIES_1 = delay_DEPENDENCIES = $(am__DEPENDENCIES_1) $(LDADD) delete_module_SOURCES = delete_module.c delete_module_OBJECTS = delete_module.$(OBJEXT) @@ -930,6 +969,12 @@ execve_OBJECTS = execve.$(OBJEXT) execve_LDADD = $(LDADD) execve_DEPENDENCIES = libtests.a +execve__secontext_SOURCES = execve--secontext.c +execve__secontext_OBJECTS = execve--secontext.$(OBJEXT) +execve__secontext_DEPENDENCIES = $(LDADD) $(am__DEPENDENCIES_2) +execve__secontext_full_SOURCES = execve--secontext_full.c +execve__secontext_full_OBJECTS = execve--secontext_full.$(OBJEXT) +execve__secontext_full_DEPENDENCIES = $(LDADD) $(am__DEPENDENCIES_2) execve_v_SOURCES = execve-v.c execve_v_OBJECTS = execve-v.$(OBJEXT) execve_v_LDADD = $(LDADD) @@ -938,6 +983,12 @@ execveat_OBJECTS = execveat.$(OBJEXT) execveat_LDADD = $(LDADD) execveat_DEPENDENCIES = libtests.a +execveat__secontext_SOURCES = execveat--secontext.c +execveat__secontext_OBJECTS = execveat--secontext.$(OBJEXT) +execveat__secontext_DEPENDENCIES = $(LDADD) $(am__DEPENDENCIES_2) +execveat__secontext_full_SOURCES = execveat--secontext_full.c +execveat__secontext_full_OBJECTS = execveat--secontext_full.$(OBJEXT) +execveat__secontext_full_DEPENDENCIES = $(LDADD) $(am__DEPENDENCIES_2) execveat_v_SOURCES = execveat-v.c execveat_v_OBJECTS = execveat-v.$(OBJEXT) execveat_v_LDADD = $(LDADD) @@ -946,6 +997,34 @@ faccessat_OBJECTS = faccessat.$(OBJEXT) faccessat_LDADD = $(LDADD) faccessat_DEPENDENCIES = libtests.a +faccessat__secontext_SOURCES = faccessat--secontext.c +faccessat__secontext_OBJECTS = faccessat--secontext.$(OBJEXT) +faccessat__secontext_DEPENDENCIES = $(LDADD) $(am__DEPENDENCIES_2) +faccessat__secontext_full_SOURCES = faccessat--secontext_full.c +faccessat__secontext_full_OBJECTS = \ + faccessat--secontext_full.$(OBJEXT) +faccessat__secontext_full_DEPENDENCIES = $(LDADD) \ + $(am__DEPENDENCIES_2) +faccessat_P_SOURCES = faccessat-P.c +faccessat_P_OBJECTS = faccessat-P.$(OBJEXT) +faccessat_P_LDADD = $(LDADD) +faccessat_P_DEPENDENCIES = libtests.a +faccessat_y_SOURCES = faccessat-y.c +faccessat_y_OBJECTS = faccessat-y.$(OBJEXT) +faccessat_y_LDADD = $(LDADD) +faccessat_y_DEPENDENCIES = libtests.a +faccessat_y__secontext_SOURCES = faccessat-y--secontext.c +faccessat_y__secontext_OBJECTS = faccessat-y--secontext.$(OBJEXT) +faccessat_y__secontext_DEPENDENCIES = $(LDADD) $(am__DEPENDENCIES_2) +faccessat_y__secontext_full_SOURCES = faccessat-y--secontext_full.c +faccessat_y__secontext_full_OBJECTS = \ + faccessat-y--secontext_full.$(OBJEXT) +faccessat_y__secontext_full_DEPENDENCIES = $(LDADD) \ + $(am__DEPENDENCIES_2) +faccessat_yy_SOURCES = faccessat-yy.c +faccessat_yy_OBJECTS = faccessat-yy.$(OBJEXT) +faccessat_yy_LDADD = $(LDADD) +faccessat_yy_DEPENDENCIES = libtests.a fadvise64_SOURCES = fadvise64.c fadvise64_OBJECTS = fadvise64.$(OBJEXT) fadvise64_LDADD = $(LDADD) @@ -966,6 +1045,15 @@ fanotify_mark_OBJECTS = fanotify_mark.$(OBJEXT) fanotify_mark_LDADD = $(LDADD) fanotify_mark_DEPENDENCIES = libtests.a +fanotify_mark__secontext_SOURCES = fanotify_mark--secontext.c +fanotify_mark__secontext_OBJECTS = fanotify_mark--secontext.$(OBJEXT) +fanotify_mark__secontext_DEPENDENCIES = $(LDADD) $(am__DEPENDENCIES_2) +fanotify_mark__secontext_full_SOURCES = \ + fanotify_mark--secontext_full.c +fanotify_mark__secontext_full_OBJECTS = \ + fanotify_mark--secontext_full.$(OBJEXT) +fanotify_mark__secontext_full_DEPENDENCIES = $(LDADD) \ + $(am__DEPENDENCIES_2) fanotify_mark_Xabbrev_SOURCES = fanotify_mark-Xabbrev.c fanotify_mark_Xabbrev_OBJECTS = fanotify_mark-Xabbrev.$(OBJEXT) fanotify_mark_Xabbrev_LDADD = $(LDADD) @@ -986,14 +1074,32 @@ fchmod_OBJECTS = fchmod.$(OBJEXT) fchmod_LDADD = $(LDADD) fchmod_DEPENDENCIES = libtests.a +fchmod__secontext_SOURCES = fchmod--secontext.c +fchmod__secontext_OBJECTS = fchmod--secontext.$(OBJEXT) +fchmod__secontext_DEPENDENCIES = $(LDADD) $(am__DEPENDENCIES_2) +fchmod__secontext_full_SOURCES = fchmod--secontext_full.c +fchmod__secontext_full_OBJECTS = fchmod--secontext_full.$(OBJEXT) +fchmod__secontext_full_DEPENDENCIES = $(LDADD) $(am__DEPENDENCIES_2) fchmod_y_SOURCES = fchmod-y.c fchmod_y_OBJECTS = fchmod-y.$(OBJEXT) fchmod_y_LDADD = $(LDADD) fchmod_y_DEPENDENCIES = libtests.a +fchmod_y__secontext_SOURCES = fchmod-y--secontext.c +fchmod_y__secontext_OBJECTS = fchmod-y--secontext.$(OBJEXT) +fchmod_y__secontext_DEPENDENCIES = $(LDADD) $(am__DEPENDENCIES_2) +fchmod_y__secontext_full_SOURCES = fchmod-y--secontext_full.c +fchmod_y__secontext_full_OBJECTS = fchmod-y--secontext_full.$(OBJEXT) +fchmod_y__secontext_full_DEPENDENCIES = $(LDADD) $(am__DEPENDENCIES_2) fchmodat_SOURCES = fchmodat.c fchmodat_OBJECTS = fchmodat.$(OBJEXT) fchmodat_LDADD = $(LDADD) fchmodat_DEPENDENCIES = libtests.a +fchmodat__secontext_SOURCES = fchmodat--secontext.c +fchmodat__secontext_OBJECTS = fchmodat--secontext.$(OBJEXT) +fchmodat__secontext_DEPENDENCIES = $(LDADD) $(am__DEPENDENCIES_2) +fchmodat__secontext_full_SOURCES = fchmodat--secontext_full.c +fchmodat__secontext_full_OBJECTS = fchmodat--secontext_full.$(OBJEXT) +fchmodat__secontext_full_DEPENDENCIES = $(LDADD) $(am__DEPENDENCIES_2) fchown_SOURCES = fchown.c fchown_OBJECTS = fchown.$(OBJEXT) fchown_LDADD = $(LDADD) @@ -1006,6 +1112,12 @@ fchownat_OBJECTS = fchownat.$(OBJEXT) fchownat_LDADD = $(LDADD) fchownat_DEPENDENCIES = libtests.a +fchownat__secontext_SOURCES = fchownat--secontext.c +fchownat__secontext_OBJECTS = fchownat--secontext.$(OBJEXT) +fchownat__secontext_DEPENDENCIES = $(LDADD) $(am__DEPENDENCIES_2) +fchownat__secontext_full_SOURCES = fchownat--secontext_full.c +fchownat__secontext_full_OBJECTS = fchownat--secontext_full.$(OBJEXT) +fchownat__secontext_full_DEPENDENCIES = $(LDADD) $(am__DEPENDENCIES_2) fcntl_SOURCES = fcntl.c fcntl_OBJECTS = fcntl.$(OBJEXT) fcntl_LDADD = $(LDADD) @@ -1035,6 +1147,14 @@ file_handle_OBJECTS = file_handle.$(OBJEXT) file_handle_LDADD = $(LDADD) file_handle_DEPENDENCIES = libtests.a +file_handle__secontext_SOURCES = file_handle--secontext.c +file_handle__secontext_OBJECTS = file_handle--secontext.$(OBJEXT) +file_handle__secontext_DEPENDENCIES = $(LDADD) $(am__DEPENDENCIES_2) +file_handle__secontext_full_SOURCES = file_handle--secontext_full.c +file_handle__secontext_full_OBJECTS = \ + file_handle--secontext_full.$(OBJEXT) +file_handle__secontext_full_DEPENDENCIES = $(LDADD) \ + $(am__DEPENDENCIES_2) file_ioctl_SOURCES = file_ioctl.c file_ioctl_OBJECTS = file_ioctl.$(OBJEXT) file_ioctl_LDADD = $(LDADD) @@ -1886,6 +2006,12 @@ linkat_OBJECTS = linkat.$(OBJEXT) linkat_LDADD = $(LDADD) linkat_DEPENDENCIES = libtests.a +linkat__secontext_SOURCES = linkat--secontext.c +linkat__secontext_OBJECTS = linkat--secontext.$(OBJEXT) +linkat__secontext_DEPENDENCIES = $(LDADD) $(am__DEPENDENCIES_2) +linkat__secontext_full_SOURCES = linkat--secontext_full.c +linkat__secontext_full_OBJECTS = linkat--secontext_full.$(OBJEXT) +linkat__secontext_full_DEPENDENCIES = $(LDADD) $(am__DEPENDENCIES_2) list_sigaction_signum_SOURCES = list_sigaction_signum.c list_sigaction_signum_OBJECTS = list_sigaction_signum.$(OBJEXT) list_sigaction_signum_LDADD = $(LDADD) @@ -2530,6 +2656,12 @@ open_OBJECTS = open.$(OBJEXT) open_LDADD = $(LDADD) open_DEPENDENCIES = libtests.a +open__secontext_SOURCES = open--secontext.c +open__secontext_OBJECTS = open--secontext.$(OBJEXT) +open__secontext_DEPENDENCIES = $(LDADD) $(am__DEPENDENCIES_2) +open__secontext_full_SOURCES = open--secontext_full.c +open__secontext_full_OBJECTS = open--secontext_full.$(OBJEXT) +open__secontext_full_DEPENDENCIES = $(LDADD) $(am__DEPENDENCIES_2) open_tree_SOURCES = open_tree.c open_tree_OBJECTS = open_tree.$(OBJEXT) open_tree_LDADD = $(LDADD) @@ -2542,6 +2674,12 @@ openat_OBJECTS = openat.$(OBJEXT) openat_LDADD = $(LDADD) openat_DEPENDENCIES = libtests.a +openat__secontext_SOURCES = openat--secontext.c +openat__secontext_OBJECTS = openat--secontext.$(OBJEXT) +openat__secontext_DEPENDENCIES = $(LDADD) $(am__DEPENDENCIES_2) +openat__secontext_full_SOURCES = openat--secontext_full.c +openat__secontext_full_OBJECTS = openat--secontext_full.$(OBJEXT) +openat__secontext_full_DEPENDENCIES = $(LDADD) $(am__DEPENDENCIES_2) openat2_SOURCES = openat2.c openat2_OBJECTS = openat2.$(OBJEXT) openat2_LDADD = $(LDADD) @@ -4487,7 +4625,8 @@ am__v_CCLD_0 = @echo " CCLD " $@; am__v_CCLD_1 = SOURCES = $(libtests_a_SOURCES) _newselect.c _newselect-P.c accept.c \ - accept4.c access.c acct.c add_key.c adjtimex.c aio.c \ + accept4.c access.c access--secontext.c \ + access--secontext_full.c acct.c add_key.c adjtimex.c aio.c \ aio_pgetevents.c alarm.c answer.c attach-f-p.c \ attach-f-p-cmd.c attach-p-cmd-cmd.c attach-p-cmd-p.c \ block_reset_raise_run.c block_reset_run.c bpf.c \ @@ -4495,7 +4634,8 @@ bpf-obj_get_info_by_fd-prog-v.c bpf-obj_get_info_by_fd-v.c \ bpf-success.c bpf-success-long-y.c bpf-success-v.c bpf-v.c \ brk.c btrfs.c caps.c caps-abbrev.c check_sigblock.c \ - check_sigign.c chmod.c chown.c chown32.c chroot.c \ + check_sigign.c chmod.c chmod--secontext.c \ + chmod--secontext_full.c chown.c chown32.c chroot.c \ clock_adjtime.c clock_nanosleep.c clock_xettime.c \ clone-flags.c clone3.c clone3-Xabbrev.c clone3-Xraw.c \ clone3-Xverbose.c clone3-success.c clone3-success-Xabbrev.c \ @@ -4509,25 +4649,35 @@ dup-yy.c dup2.c dup2-P.c dup2-y.c dup2-yy.c dup3.c dup3-P.c \ dup3-y.c dup3-yy.c epoll_create.c epoll_create1.c epoll_ctl.c \ epoll_pwait.c epoll_wait.c erestartsys.c eventfd.c execve.c \ - execve-v.c execveat.c execveat-v.c faccessat.c fadvise64.c \ - fadvise64_64.c fallocate.c fanotify_init.c fanotify_mark.c \ - fanotify_mark-Xabbrev.c fanotify_mark-Xraw.c \ - fanotify_mark-Xverbose.c fchdir.c fchmod.c fchmod-y.c \ - fchmodat.c fchown.c fchown32.c fchownat.c fcntl.c \ - fcntl--pidns-translation.c fcntl64.c \ - fcntl64--pidns-translation.c fdatasync.c fflush.c \ - file_handle.c file_ioctl.c filter-unavailable.c \ - filter_seccomp-flag.c filter_seccomp-perf.c finit_module.c \ - flock.c fork--pidns-translation.c fork-f.c fsconfig.c \ - fsconfig-P.c fsmount.c fsopen.c fspick.c fspick-P.c fstat.c \ - fstat-Xabbrev.c fstat-Xraw.c fstat-Xverbose.c fstat64.c \ - fstat64-Xabbrev.c fstat64-Xraw.c fstat64-Xverbose.c \ - fstatat64.c fstatfs.c fstatfs64.c fsync.c fsync-y.c \ - ftruncate.c ftruncate64.c futex.c futimesat.c get_mempolicy.c \ - get_process_reaper.c getcpu.c getcwd.c getdents.c getdents-v.c \ - getdents64.c getdents64-v.c getegid.c getegid32.c geteuid.c \ - geteuid32.c getgid.c getgid32.c getgroups.c getgroups32.c \ - getpeername.c getpgrp.c getpgrp--pidns-translation.c getpid.c \ + execve--secontext.c execve--secontext_full.c execve-v.c \ + execveat.c execveat--secontext.c execveat--secontext_full.c \ + execveat-v.c faccessat.c faccessat--secontext.c \ + faccessat--secontext_full.c faccessat-P.c faccessat-y.c \ + faccessat-y--secontext.c faccessat-y--secontext_full.c \ + faccessat-yy.c fadvise64.c fadvise64_64.c fallocate.c \ + fanotify_init.c fanotify_mark.c fanotify_mark--secontext.c \ + fanotify_mark--secontext_full.c fanotify_mark-Xabbrev.c \ + fanotify_mark-Xraw.c fanotify_mark-Xverbose.c fchdir.c \ + fchmod.c fchmod--secontext.c fchmod--secontext_full.c \ + fchmod-y.c fchmod-y--secontext.c fchmod-y--secontext_full.c \ + fchmodat.c fchmodat--secontext.c fchmodat--secontext_full.c \ + fchown.c fchown32.c fchownat.c fchownat--secontext.c \ + fchownat--secontext_full.c fcntl.c fcntl--pidns-translation.c \ + fcntl64.c fcntl64--pidns-translation.c fdatasync.c fflush.c \ + file_handle.c file_handle--secontext.c \ + file_handle--secontext_full.c file_ioctl.c \ + filter-unavailable.c filter_seccomp-flag.c \ + filter_seccomp-perf.c finit_module.c flock.c \ + fork--pidns-translation.c fork-f.c fsconfig.c fsconfig-P.c \ + fsmount.c fsopen.c fspick.c fspick-P.c fstat.c fstat-Xabbrev.c \ + fstat-Xraw.c fstat-Xverbose.c fstat64.c fstat64-Xabbrev.c \ + fstat64-Xraw.c fstat64-Xverbose.c fstatat64.c fstatfs.c \ + fstatfs64.c fsync.c fsync-y.c ftruncate.c ftruncate64.c \ + futex.c futimesat.c get_mempolicy.c get_process_reaper.c \ + getcpu.c getcwd.c getdents.c getdents-v.c getdents64.c \ + getdents64-v.c getegid.c getegid32.c geteuid.c geteuid32.c \ + getgid.c getgid32.c getgroups.c getgroups32.c getpeername.c \ + getpgrp.c getpgrp--pidns-translation.c getpid.c \ getpid--pidns-translation.c getppid.c getrandom.c getresgid.c \ getresgid32.c getresuid.c getresuid32.c getrlimit.c \ getrusage.c getsid.c getsid--pidns-translation.c getsockname.c \ @@ -4578,7 +4728,8 @@ kexec_file_load.c kexec_load.c keyctl.c keyctl-Xabbrev.c \ keyctl-Xraw.c keyctl-Xverbose.c kill.c \ kill--pidns-translation.c kill_child.c ksysent.c lchown.c \ - lchown32.c link.c linkat.c list_sigaction_signum.c llseek.c \ + lchown32.c link.c linkat.c linkat--secontext.c \ + linkat--secontext_full.c list_sigaction_signum.c llseek.c \ localtime.c lookup_dcookie.c looping_threads.c lseek.c lstat.c \ lstat64.c madvise.c maybe_switch_current_tcp.c \ maybe_switch_current_tcp--quiet-thread-execve.c mbind.c \ @@ -4629,23 +4780,25 @@ old_mmap-Xabbrev.c old_mmap-Xraw.c old_mmap-Xverbose.c \ old_mmap-v-none.c oldfstat.c oldlstat.c oldselect.c \ oldselect-P.c oldselect-efault.c oldselect-efault-P.c \ - oldstat.c open.c open_tree.c open_tree-P.c openat.c openat2.c \ - openat2-Xabbrev.c openat2-Xraw.c openat2-Xverbose.c \ - openat2-v.c openat2-v-y.c openat2-v-y-Xabbrev.c \ - openat2-v-y-Xraw.c openat2-v-y-Xverbose.c openat2-y.c \ - orphaned_process_group.c osf_utimes.c pause.c pc.c \ - perf_event_open.c perf_event_open_nonverbose.c \ - perf_event_open_unabbrev.c personality.c personality-Xabbrev.c \ - personality-Xraw.c personality-Xverbose.c pidfd_getfd.c \ - pidfd_getfd-y.c pidfd_getfd-yy.c pidfd_open.c \ - pidfd_open--decode-fd-path.c pidfd_open--decode-fd-pidfd.c \ - pidfd_open--decode-fd-socket.c pidfd_open--pidns-translation.c \ - pidfd_open-P.c pidfd_open-y.c pidfd_open-yy.c \ - pidfd_send_signal.c pidfd_send_signal--pidns-translation.c \ - pidns-cache.c pipe.c pipe2.c pkey_alloc.c pkey_free.c \ - pkey_mprotect.c poll.c poll-P.c ppoll.c ppoll-P.c ppoll-v.c \ - prctl-arg2-intptr.c prctl-dumpable.c prctl-name.c \ - prctl-no-args.c prctl-pdeathsig.c prctl-seccomp-filter-v.c \ + oldstat.c open.c open--secontext.c open--secontext_full.c \ + open_tree.c open_tree-P.c openat.c openat--secontext.c \ + openat--secontext_full.c openat2.c openat2-Xabbrev.c \ + openat2-Xraw.c openat2-Xverbose.c openat2-v.c openat2-v-y.c \ + openat2-v-y-Xabbrev.c openat2-v-y-Xraw.c \ + openat2-v-y-Xverbose.c openat2-y.c orphaned_process_group.c \ + osf_utimes.c pause.c pc.c perf_event_open.c \ + perf_event_open_nonverbose.c perf_event_open_unabbrev.c \ + personality.c personality-Xabbrev.c personality-Xraw.c \ + personality-Xverbose.c pidfd_getfd.c pidfd_getfd-y.c \ + pidfd_getfd-yy.c pidfd_open.c pidfd_open--decode-fd-path.c \ + pidfd_open--decode-fd-pidfd.c pidfd_open--decode-fd-socket.c \ + pidfd_open--pidns-translation.c pidfd_open-P.c pidfd_open-y.c \ + pidfd_open-yy.c pidfd_send_signal.c \ + pidfd_send_signal--pidns-translation.c pidns-cache.c pipe.c \ + pipe2.c pkey_alloc.c pkey_free.c pkey_mprotect.c poll.c \ + poll-P.c ppoll.c ppoll-P.c ppoll-v.c prctl-arg2-intptr.c \ + prctl-dumpable.c prctl-name.c prctl-no-args.c \ + prctl-pdeathsig.c prctl-seccomp-filter-v.c \ prctl-seccomp-strict.c prctl-securebits.c prctl-spec-inject.c \ prctl-tid_address.c prctl-tsc.c pread64-pwrite64.c preadv.c \ preadv-pwritev.c preadv2-pwritev2.c print_maxfd.c \ @@ -4735,7 +4888,8 @@ xetpriority.c xetpriority--pidns-translation.c xettimeofday.c \ zeroargc.c DIST_SOURCES = $(libtests_a_SOURCES) _newselect.c _newselect-P.c \ - accept.c accept4.c access.c acct.c add_key.c adjtimex.c aio.c \ + accept.c accept4.c access.c access--secontext.c \ + access--secontext_full.c acct.c add_key.c adjtimex.c aio.c \ aio_pgetevents.c alarm.c answer.c attach-f-p.c \ attach-f-p-cmd.c attach-p-cmd-cmd.c attach-p-cmd-p.c \ block_reset_raise_run.c block_reset_run.c bpf.c \ @@ -4743,7 +4897,8 @@ bpf-obj_get_info_by_fd-prog-v.c bpf-obj_get_info_by_fd-v.c \ bpf-success.c bpf-success-long-y.c bpf-success-v.c bpf-v.c \ brk.c btrfs.c caps.c caps-abbrev.c check_sigblock.c \ - check_sigign.c chmod.c chown.c chown32.c chroot.c \ + check_sigign.c chmod.c chmod--secontext.c \ + chmod--secontext_full.c chown.c chown32.c chroot.c \ clock_adjtime.c clock_nanosleep.c clock_xettime.c \ clone-flags.c clone3.c clone3-Xabbrev.c clone3-Xraw.c \ clone3-Xverbose.c clone3-success.c clone3-success-Xabbrev.c \ @@ -4757,25 +4912,35 @@ dup-yy.c dup2.c dup2-P.c dup2-y.c dup2-yy.c dup3.c dup3-P.c \ dup3-y.c dup3-yy.c epoll_create.c epoll_create1.c epoll_ctl.c \ epoll_pwait.c epoll_wait.c erestartsys.c eventfd.c execve.c \ - execve-v.c execveat.c execveat-v.c faccessat.c fadvise64.c \ - fadvise64_64.c fallocate.c fanotify_init.c fanotify_mark.c \ - fanotify_mark-Xabbrev.c fanotify_mark-Xraw.c \ - fanotify_mark-Xverbose.c fchdir.c fchmod.c fchmod-y.c \ - fchmodat.c fchown.c fchown32.c fchownat.c fcntl.c \ - fcntl--pidns-translation.c fcntl64.c \ - fcntl64--pidns-translation.c fdatasync.c fflush.c \ - file_handle.c file_ioctl.c filter-unavailable.c \ - filter_seccomp-flag.c filter_seccomp-perf.c finit_module.c \ - flock.c fork--pidns-translation.c fork-f.c fsconfig.c \ - fsconfig-P.c fsmount.c fsopen.c fspick.c fspick-P.c fstat.c \ - fstat-Xabbrev.c fstat-Xraw.c fstat-Xverbose.c fstat64.c \ - fstat64-Xabbrev.c fstat64-Xraw.c fstat64-Xverbose.c \ - fstatat64.c fstatfs.c fstatfs64.c fsync.c fsync-y.c \ - ftruncate.c ftruncate64.c futex.c futimesat.c get_mempolicy.c \ - get_process_reaper.c getcpu.c getcwd.c getdents.c getdents-v.c \ - getdents64.c getdents64-v.c getegid.c getegid32.c geteuid.c \ - geteuid32.c getgid.c getgid32.c getgroups.c getgroups32.c \ - getpeername.c getpgrp.c getpgrp--pidns-translation.c getpid.c \ + execve--secontext.c execve--secontext_full.c execve-v.c \ + execveat.c execveat--secontext.c execveat--secontext_full.c \ + execveat-v.c faccessat.c faccessat--secontext.c \ + faccessat--secontext_full.c faccessat-P.c faccessat-y.c \ + faccessat-y--secontext.c faccessat-y--secontext_full.c \ + faccessat-yy.c fadvise64.c fadvise64_64.c fallocate.c \ + fanotify_init.c fanotify_mark.c fanotify_mark--secontext.c \ + fanotify_mark--secontext_full.c fanotify_mark-Xabbrev.c \ + fanotify_mark-Xraw.c fanotify_mark-Xverbose.c fchdir.c \ + fchmod.c fchmod--secontext.c fchmod--secontext_full.c \ + fchmod-y.c fchmod-y--secontext.c fchmod-y--secontext_full.c \ + fchmodat.c fchmodat--secontext.c fchmodat--secontext_full.c \ + fchown.c fchown32.c fchownat.c fchownat--secontext.c \ + fchownat--secontext_full.c fcntl.c fcntl--pidns-translation.c \ + fcntl64.c fcntl64--pidns-translation.c fdatasync.c fflush.c \ + file_handle.c file_handle--secontext.c \ + file_handle--secontext_full.c file_ioctl.c \ + filter-unavailable.c filter_seccomp-flag.c \ + filter_seccomp-perf.c finit_module.c flock.c \ + fork--pidns-translation.c fork-f.c fsconfig.c fsconfig-P.c \ + fsmount.c fsopen.c fspick.c fspick-P.c fstat.c fstat-Xabbrev.c \ + fstat-Xraw.c fstat-Xverbose.c fstat64.c fstat64-Xabbrev.c \ + fstat64-Xraw.c fstat64-Xverbose.c fstatat64.c fstatfs.c \ + fstatfs64.c fsync.c fsync-y.c ftruncate.c ftruncate64.c \ + futex.c futimesat.c get_mempolicy.c get_process_reaper.c \ + getcpu.c getcwd.c getdents.c getdents-v.c getdents64.c \ + getdents64-v.c getegid.c getegid32.c geteuid.c geteuid32.c \ + getgid.c getgid32.c getgroups.c getgroups32.c getpeername.c \ + getpgrp.c getpgrp--pidns-translation.c getpid.c \ getpid--pidns-translation.c getppid.c getrandom.c getresgid.c \ getresgid32.c getresuid.c getresuid32.c getrlimit.c \ getrusage.c getsid.c getsid--pidns-translation.c getsockname.c \ @@ -4826,7 +4991,8 @@ kexec_file_load.c kexec_load.c keyctl.c keyctl-Xabbrev.c \ keyctl-Xraw.c keyctl-Xverbose.c kill.c \ kill--pidns-translation.c kill_child.c ksysent.c lchown.c \ - lchown32.c link.c linkat.c list_sigaction_signum.c llseek.c \ + lchown32.c link.c linkat.c linkat--secontext.c \ + linkat--secontext_full.c list_sigaction_signum.c llseek.c \ localtime.c lookup_dcookie.c looping_threads.c lseek.c lstat.c \ lstat64.c madvise.c maybe_switch_current_tcp.c \ maybe_switch_current_tcp--quiet-thread-execve.c mbind.c \ @@ -4877,23 +5043,25 @@ old_mmap-Xabbrev.c old_mmap-Xraw.c old_mmap-Xverbose.c \ old_mmap-v-none.c oldfstat.c oldlstat.c oldselect.c \ oldselect-P.c oldselect-efault.c oldselect-efault-P.c \ - oldstat.c open.c open_tree.c open_tree-P.c openat.c openat2.c \ - openat2-Xabbrev.c openat2-Xraw.c openat2-Xverbose.c \ - openat2-v.c openat2-v-y.c openat2-v-y-Xabbrev.c \ - openat2-v-y-Xraw.c openat2-v-y-Xverbose.c openat2-y.c \ - orphaned_process_group.c osf_utimes.c pause.c pc.c \ - perf_event_open.c perf_event_open_nonverbose.c \ - perf_event_open_unabbrev.c personality.c personality-Xabbrev.c \ - personality-Xraw.c personality-Xverbose.c pidfd_getfd.c \ - pidfd_getfd-y.c pidfd_getfd-yy.c pidfd_open.c \ - pidfd_open--decode-fd-path.c pidfd_open--decode-fd-pidfd.c \ - pidfd_open--decode-fd-socket.c pidfd_open--pidns-translation.c \ - pidfd_open-P.c pidfd_open-y.c pidfd_open-yy.c \ - pidfd_send_signal.c pidfd_send_signal--pidns-translation.c \ - pidns-cache.c pipe.c pipe2.c pkey_alloc.c pkey_free.c \ - pkey_mprotect.c poll.c poll-P.c ppoll.c ppoll-P.c ppoll-v.c \ - prctl-arg2-intptr.c prctl-dumpable.c prctl-name.c \ - prctl-no-args.c prctl-pdeathsig.c prctl-seccomp-filter-v.c \ + oldstat.c open.c open--secontext.c open--secontext_full.c \ + open_tree.c open_tree-P.c openat.c openat--secontext.c \ + openat--secontext_full.c openat2.c openat2-Xabbrev.c \ + openat2-Xraw.c openat2-Xverbose.c openat2-v.c openat2-v-y.c \ + openat2-v-y-Xabbrev.c openat2-v-y-Xraw.c \ + openat2-v-y-Xverbose.c openat2-y.c orphaned_process_group.c \ + osf_utimes.c pause.c pc.c perf_event_open.c \ + perf_event_open_nonverbose.c perf_event_open_unabbrev.c \ + personality.c personality-Xabbrev.c personality-Xraw.c \ + personality-Xverbose.c pidfd_getfd.c pidfd_getfd-y.c \ + pidfd_getfd-yy.c pidfd_open.c pidfd_open--decode-fd-path.c \ + pidfd_open--decode-fd-pidfd.c pidfd_open--decode-fd-socket.c \ + pidfd_open--pidns-translation.c pidfd_open-P.c pidfd_open-y.c \ + pidfd_open-yy.c pidfd_send_signal.c \ + pidfd_send_signal--pidns-translation.c pidns-cache.c pipe.c \ + pipe2.c pkey_alloc.c pkey_free.c pkey_mprotect.c poll.c \ + poll-P.c ppoll.c ppoll-P.c ppoll-v.c prctl-arg2-intptr.c \ + prctl-dumpable.c prctl-name.c prctl-no-args.c \ + prctl-pdeathsig.c prctl-seccomp-filter-v.c \ prctl-seccomp-strict.c prctl-securebits.c prctl-spec-inject.c \ prctl-tid_address.c prctl-tsc.c pread64-pwrite64.c preadv.c \ preadv-pwritev.c preadv2-pwritev2.c print_maxfd.c \ @@ -5194,7 +5362,7 @@ bases=`echo $$bases` RECHECK_LOGS = $(TEST_LOGS) AM_RECURSIVE_TARGETS = check recheck -@ENABLE_STACKTRACE_TRUE@am__EXEEXT_2 = strace-k.test strace-k-p.test \ +@ENABLE_STACKTRACE_TRUE@am__EXEEXT_3 = strace-k.test strace-k-p.test \ @ENABLE_STACKTRACE_TRUE@ $(am__append_1) TEST_SUITE_LOG = test-suite.log TEST_EXTENSIONS = @EXEEXT@ .test @@ -5216,7 +5384,8 @@ esac am__DIST_COMMON = $(srcdir)/../scno.am $(srcdir)/Makefile.in \ $(srcdir)/gen_tests.am $(srcdir)/pure_executables.am \ - $(top_srcdir)/depcomp $(top_srcdir)/test-driver COPYING + $(srcdir)/secontext.am $(top_srcdir)/depcomp \ + $(top_srcdir)/test-driver COPYING DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) ACLOCAL = @ACLOCAL@ AMTAR = @AMTAR@ @@ -5357,6 +5526,9 @@ libiberty_CPPFLAGS = @libiberty_CPPFLAGS@ libiberty_LDFLAGS = @libiberty_LDFLAGS@ libiberty_LIBS = @libiberty_LIBS@ +libselinux_CPPFLAGS = @libselinux_CPPFLAGS@ +libselinux_LDFLAGS = @libselinux_LDFLAGS@ +libselinux_LIBS = @libselinux_LIBS@ libunwind_CPPFLAGS = @libunwind_CPPFLAGS@ libunwind_LDFLAGS = @libunwind_LDFLAGS@ libunwind_LIBS = @libunwind_LIBS@ @@ -5400,6 +5572,8 @@ -DTESTS_SIZEOF_LONG=$(SIZEOF_LONG) AM_LDFLAGS = $(ARCH_MFLAGS) +@HAVE_MX32_SELINUX_RUNTIME_FALSE@libselinux_LDADD = +@HAVE_MX32_SELINUX_RUNTIME_TRUE@libselinux_LDADD = $(libselinux_LIBS) libtests_a_SOURCES = \ create_nl_socket.c \ create_tmpfile.c \ @@ -5426,6 +5600,8 @@ printxval-Xabbrev.c \ printxval-Xraw.c \ printxval-Xverbose.c \ + secontext.c \ + secontext.h \ signal2name.c \ skip_unavailable.c \ sprintrc.c \ @@ -5505,6 +5681,9 @@ execve \ execveat \ faccessat \ + faccessat-P \ + faccessat-y \ + faccessat-yy \ fadvise64 \ fadvise64_64 \ fallocate \ @@ -6077,6 +6256,69 @@ xettimeofday \ # +secontext_EXECUTABLES = \ + access--secontext \ + access--secontext_full \ + chmod--secontext \ + chmod--secontext_full \ + execve--secontext \ + execve--secontext_full \ + execveat--secontext \ + execveat--secontext_full \ + faccessat--secontext \ + faccessat--secontext_full \ + faccessat-y--secontext \ + faccessat-y--secontext_full \ + fanotify_mark--secontext \ + fanotify_mark--secontext_full \ + fchmod--secontext \ + fchmod--secontext_full \ + fchmod-y--secontext \ + fchmod-y--secontext_full \ + fchmodat--secontext \ + fchmodat--secontext_full \ + fchownat--secontext \ + fchownat--secontext_full \ + file_handle--secontext \ + file_handle--secontext_full \ + linkat--secontext \ + linkat--secontext_full \ + open--secontext \ + open--secontext_full \ + openat--secontext \ + openat--secontext_full \ + # + +access__secontext_LDADD = $(LDADD) $(libselinux_LDADD) +access__secontext_full_LDADD = $(LDADD) $(libselinux_LDADD) +chmod__secontext_LDADD = $(LDADD) $(libselinux_LDADD) +chmod__secontext_full_LDADD = $(LDADD) $(libselinux_LDADD) +execve__secontext_LDADD = $(LDADD) $(libselinux_LDADD) +execve__secontext_full_LDADD = $(LDADD) $(libselinux_LDADD) +execveat__secontext_LDADD = $(LDADD) $(libselinux_LDADD) +execveat__secontext_full_LDADD = $(LDADD) $(libselinux_LDADD) +faccessat__secontext_LDADD = $(LDADD) $(libselinux_LDADD) +faccessat__secontext_full_LDADD = $(LDADD) $(libselinux_LDADD) +faccessat_y__secontext_LDADD = $(LDADD) $(libselinux_LDADD) +faccessat_y__secontext_full_LDADD = $(LDADD) $(libselinux_LDADD) +fanotify_mark__secontext_LDADD = $(LDADD) $(libselinux_LDADD) +fanotify_mark__secontext_full_LDADD = $(LDADD) $(libselinux_LDADD) +fchmod__secontext_LDADD = $(LDADD) $(libselinux_LDADD) +fchmod__secontext_full_LDADD = $(LDADD) $(libselinux_LDADD) +fchmod_y__secontext_LDADD = $(LDADD) $(libselinux_LDADD) +fchmod_y__secontext_full_LDADD = $(LDADD) $(libselinux_LDADD) +fchmodat__secontext_LDADD = $(LDADD) $(libselinux_LDADD) +fchmodat__secontext_full_LDADD = $(LDADD) $(libselinux_LDADD) +fchownat__secontext_LDADD = $(LDADD) $(libselinux_LDADD) +fchownat__secontext_full_LDADD = $(LDADD) $(libselinux_LDADD) +file_handle__secontext_LDADD = $(LDADD) $(libselinux_LDADD) +file_handle__secontext_full_LDADD = $(LDADD) $(libselinux_LDADD) +linkat__secontext_LDADD = $(LDADD) $(libselinux_LDADD) +linkat__secontext_full_LDADD = $(LDADD) $(libselinux_LDADD) +open__secontext_LDADD = $(LDADD) $(libselinux_LDADD) +open__secontext_full_LDADD = $(LDADD) $(libselinux_LDADD) +openat__secontext_LDADD = $(LDADD) $(libselinux_LDADD) +openat__secontext_full_LDADD = $(LDADD) $(libselinux_LDADD) attach_f_p_LDADD = -lpthread $(LDADD) count_f_LDADD = -lpthread $(LDADD) delay_LDADD = $(clock_LIBS) $(LDADD) @@ -6129,14 +6371,15 @@ # Generated by ./tests/gen_tests.sh from ./tests/gen_tests.in; do not edit. GEN_TESTS = _newselect.gen.test _newselect-P.gen.test accept.gen.test \ - accept4.gen.test access.gen.test acct.gen.test \ - add_key.gen.test adjtimex.gen.test aio.gen.test \ - aio_pgetevents.gen.test alarm.gen.test bpf.gen.test \ - bpf-obj_get_info_by_fd.gen.test \ + accept4.gen.test access.gen.test access--secontext.gen.test \ + access--secontext_full.gen.test acct.gen.test add_key.gen.test \ + adjtimex.gen.test aio.gen.test aio_pgetevents.gen.test \ + alarm.gen.test bpf.gen.test bpf-obj_get_info_by_fd.gen.test \ bpf-obj_get_info_by_fd-prog.gen.test \ bpf-obj_get_info_by_fd-prog-v.gen.test \ bpf-obj_get_info_by_fd-v.gen.test bpf-v.gen.test \ - btrfs.gen.test chmod.gen.test chown.gen.test chown32.gen.test \ + btrfs.gen.test chmod.gen.test chmod--secontext.gen.test \ + chmod--secontext_full.gen.test chown.gen.test chown32.gen.test \ chroot.gen.test clock.gen.test clock_adjtime.gen.test \ clock_nanosleep.gen.test clock_xettime.gen.test \ clone3.gen.test clone3-Xabbrev.gen.test clone3-Xraw.gen.test \ @@ -6155,21 +6398,36 @@ dup3-P.gen.test dup3-y.gen.test dup3-yy.gen.test \ epoll_create.gen.test epoll_create1.gen.test \ epoll_ctl.gen.test epoll_pwait.gen.test epoll_wait.gen.test \ - erestartsys.gen.test execveat.gen.test execveat-v.gen.test \ - faccessat.gen.test fadvise64_64.gen.test fallocate.gen.test \ + erestartsys.gen.test execve--secontext.gen.test \ + execve--secontext_full.gen.test execveat.gen.test \ + execveat--secontext.gen.test execveat--secontext_full.gen.test \ + execveat-v.gen.test faccessat--secontext.gen.test \ + faccessat--secontext_full.gen.test faccessat-P.gen.test \ + faccessat-y.gen.test faccessat-y--secontext.gen.test \ + faccessat-y--secontext_full.gen.test faccessat-yy.gen.test \ + fadvise64_64.gen.test fallocate.gen.test \ fanotify_init.gen.test fanotify_mark.gen.test \ + fanotify_mark--secontext.gen.test \ + fanotify_mark--secontext_full.gen.test \ fanotify_mark-Xabbrev.gen.test fanotify_mark-Xraw.gen.test \ fanotify_mark-Xverbose.gen.test fchdir.gen.test \ - fchmod.gen.test fchmod-y.gen.test fchmodat.gen.test \ - fchown.gen.test fchown32.gen.test fchownat.gen.test \ + fchmod.gen.test fchmod--secontext.gen.test \ + fchmod--secontext_full.gen.test fchmod-y.gen.test \ + fchmod-y--secontext.gen.test fchmod-y--secontext_full.gen.test \ + fchmodat.gen.test fchmodat--secontext.gen.test \ + fchmodat--secontext_full.gen.test fchown.gen.test \ + fchown32.gen.test fchownat.gen.test \ + fchownat--secontext.gen.test fchownat--secontext_full.gen.test \ fcntl.gen.test fcntl--pidns-translation.gen.test \ fcntl64.gen.test fcntl64--pidns-translation.gen.test \ fdatasync.gen.test file_handle.gen.test file_ioctl.gen.test \ - filter_seccomp.gen.test filter_seccomp-flag.gen.test \ - finit_module.gen.test flock.gen.test fork-f.gen.test \ - fsconfig.gen.test fsconfig-P.gen.test fsmount.gen.test \ - fsopen.gen.test fspick.gen.test fspick-P.gen.test \ - fstat.gen.test fstat-Xabbrev.gen.test fstat-Xraw.gen.test \ + file_handle--secontext.gen.test \ + file_handle--secontext_full.gen.test filter_seccomp.gen.test \ + filter_seccomp-flag.gen.test finit_module.gen.test \ + flock.gen.test fork-f.gen.test fsconfig.gen.test \ + fsconfig-P.gen.test fsmount.gen.test fsopen.gen.test \ + fspick.gen.test fspick-P.gen.test fstat.gen.test \ + fstat-Xabbrev.gen.test fstat-Xraw.gen.test \ fstat-Xverbose.gen.test fstat64.gen.test \ fstat64-Xabbrev.gen.test fstat64-Xraw.gen.test \ fstat64-Xverbose.gen.test fstatat64.gen.test fstatfs.gen.test \ @@ -6259,8 +6517,9 @@ keyctl-Xverbose.gen.test kill.gen.test \ kill--pidns-translation.gen.test ksysent.gen.test \ lchown.gen.test lchown32.gen.test link.gen.test \ - linkat.gen.test lookup_dcookie.gen.test lstat.gen.test \ - lstat64.gen.test madvise.gen.test \ + linkat.gen.test linkat--secontext.gen.test \ + linkat--secontext_full.gen.test lookup_dcookie.gen.test \ + lstat.gen.test lstat64.gen.test madvise.gen.test \ maybe_switch_current_tcp.gen.test \ maybe_switch_current_tcp--quiet-thread-execve.gen.test \ mbind.gen.test mbind-Xabbrev.gen.test mbind-Xraw.gen.test \ @@ -6328,14 +6587,17 @@ old_mmap-v-none.gen.test oldfstat.gen.test oldlstat.gen.test \ oldselect.gen.test oldselect-P.gen.test \ oldselect-efault.gen.test oldselect-efault-P.gen.test \ - oldstat.gen.test open.gen.test open_tree.gen.test \ - open_tree-P.gen.test openat.gen.test openat2.gen.test \ - openat2-Xabbrev.gen.test openat2-Xraw.gen.test \ - openat2-Xverbose.gen.test openat2-v.gen.test \ - openat2-v-y.gen.test openat2-v-y-Xabbrev.gen.test \ - openat2-v-y-Xraw.gen.test openat2-v-y-Xverbose.gen.test \ - openat2-y.gen.test orphaned_process_group.gen.test \ - osf_utimes.gen.test pause.gen.test perf_event_open.gen.test \ + oldstat.gen.test open.gen.test open--secontext.gen.test \ + open--secontext_full.gen.test open_tree.gen.test \ + open_tree-P.gen.test openat.gen.test \ + openat--secontext.gen.test openat--secontext_full.gen.test \ + openat2.gen.test openat2-Xabbrev.gen.test \ + openat2-Xraw.gen.test openat2-Xverbose.gen.test \ + openat2-v.gen.test openat2-v-y.gen.test \ + openat2-v-y-Xabbrev.gen.test openat2-v-y-Xraw.gen.test \ + openat2-v-y-Xverbose.gen.test openat2-y.gen.test \ + orphaned_process_group.gen.test osf_utimes.gen.test \ + pause.gen.test perf_event_open.gen.test \ perf_event_open_nonverbose.gen.test \ perf_event_open_unabbrev.gen.test personality-Xabbrev.gen.test \ personality-Xraw.gen.test personality-Xverbose.gen.test \ @@ -6806,7 +7068,7 @@ .SUFFIXES: .SUFFIXES: .c .log .o .obj .test .test$(EXEEXT) .trs -$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(srcdir)/pure_executables.am $(srcdir)/gen_tests.am $(srcdir)/../scno.am $(am__configure_deps) +$(srcdir)/Makefile.in: @MAINTAINER_MODE_TRUE@ $(srcdir)/Makefile.am $(srcdir)/pure_executables.am $(srcdir)/secontext.am $(srcdir)/gen_tests.am $(srcdir)/../scno.am $(am__configure_deps) @for dep in $?; do \ case '$(am__configure_deps)' in \ *$$dep*) \ @@ -6826,7 +7088,7 @@ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles)'; \ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__maybe_remake_depfiles);; \ esac; -$(srcdir)/pure_executables.am $(srcdir)/gen_tests.am $(srcdir)/../scno.am $(am__empty): +$(srcdir)/pure_executables.am $(srcdir)/secontext.am $(srcdir)/gen_tests.am $(srcdir)/../scno.am $(am__empty): $(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh @@ -6868,6 +7130,14 @@ @rm -f access$(EXEEXT) $(AM_V_CCLD)$(LINK) $(access_OBJECTS) $(access_LDADD) $(LIBS) +access--secontext$(EXEEXT): $(access__secontext_OBJECTS) $(access__secontext_DEPENDENCIES) $(EXTRA_access__secontext_DEPENDENCIES) + @rm -f access--secontext$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(access__secontext_OBJECTS) $(access__secontext_LDADD) $(LIBS) + +access--secontext_full$(EXEEXT): $(access__secontext_full_OBJECTS) $(access__secontext_full_DEPENDENCIES) $(EXTRA_access__secontext_full_DEPENDENCIES) + @rm -f access--secontext_full$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(access__secontext_full_OBJECTS) $(access__secontext_full_LDADD) $(LIBS) + acct$(EXEEXT): $(acct_OBJECTS) $(acct_DEPENDENCIES) $(EXTRA_acct_DEPENDENCIES) @rm -f acct$(EXEEXT) $(AM_V_CCLD)$(LINK) $(acct_OBJECTS) $(acct_LDADD) $(LIBS) @@ -6984,6 +7254,14 @@ @rm -f chmod$(EXEEXT) $(AM_V_CCLD)$(LINK) $(chmod_OBJECTS) $(chmod_LDADD) $(LIBS) +chmod--secontext$(EXEEXT): $(chmod__secontext_OBJECTS) $(chmod__secontext_DEPENDENCIES) $(EXTRA_chmod__secontext_DEPENDENCIES) + @rm -f chmod--secontext$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(chmod__secontext_OBJECTS) $(chmod__secontext_LDADD) $(LIBS) + +chmod--secontext_full$(EXEEXT): $(chmod__secontext_full_OBJECTS) $(chmod__secontext_full_DEPENDENCIES) $(EXTRA_chmod__secontext_full_DEPENDENCIES) + @rm -f chmod--secontext_full$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(chmod__secontext_full_OBJECTS) $(chmod__secontext_full_LDADD) $(LIBS) + chown$(EXEEXT): $(chown_OBJECTS) $(chown_DEPENDENCIES) $(EXTRA_chown_DEPENDENCIES) @rm -f chown$(EXEEXT) $(AM_V_CCLD)$(LINK) $(chown_OBJECTS) $(chown_LDADD) $(LIBS) @@ -7196,6 +7474,14 @@ @rm -f execve$(EXEEXT) $(AM_V_CCLD)$(LINK) $(execve_OBJECTS) $(execve_LDADD) $(LIBS) +execve--secontext$(EXEEXT): $(execve__secontext_OBJECTS) $(execve__secontext_DEPENDENCIES) $(EXTRA_execve__secontext_DEPENDENCIES) + @rm -f execve--secontext$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(execve__secontext_OBJECTS) $(execve__secontext_LDADD) $(LIBS) + +execve--secontext_full$(EXEEXT): $(execve__secontext_full_OBJECTS) $(execve__secontext_full_DEPENDENCIES) $(EXTRA_execve__secontext_full_DEPENDENCIES) + @rm -f execve--secontext_full$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(execve__secontext_full_OBJECTS) $(execve__secontext_full_LDADD) $(LIBS) + execve-v$(EXEEXT): $(execve_v_OBJECTS) $(execve_v_DEPENDENCIES) $(EXTRA_execve_v_DEPENDENCIES) @rm -f execve-v$(EXEEXT) $(AM_V_CCLD)$(LINK) $(execve_v_OBJECTS) $(execve_v_LDADD) $(LIBS) @@ -7204,6 +7490,14 @@ @rm -f execveat$(EXEEXT) $(AM_V_CCLD)$(LINK) $(execveat_OBJECTS) $(execveat_LDADD) $(LIBS) +execveat--secontext$(EXEEXT): $(execveat__secontext_OBJECTS) $(execveat__secontext_DEPENDENCIES) $(EXTRA_execveat__secontext_DEPENDENCIES) + @rm -f execveat--secontext$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(execveat__secontext_OBJECTS) $(execveat__secontext_LDADD) $(LIBS) + +execveat--secontext_full$(EXEEXT): $(execveat__secontext_full_OBJECTS) $(execveat__secontext_full_DEPENDENCIES) $(EXTRA_execveat__secontext_full_DEPENDENCIES) + @rm -f execveat--secontext_full$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(execveat__secontext_full_OBJECTS) $(execveat__secontext_full_LDADD) $(LIBS) + execveat-v$(EXEEXT): $(execveat_v_OBJECTS) $(execveat_v_DEPENDENCIES) $(EXTRA_execveat_v_DEPENDENCIES) @rm -f execveat-v$(EXEEXT) $(AM_V_CCLD)$(LINK) $(execveat_v_OBJECTS) $(execveat_v_LDADD) $(LIBS) @@ -7212,6 +7506,34 @@ @rm -f faccessat$(EXEEXT) $(AM_V_CCLD)$(LINK) $(faccessat_OBJECTS) $(faccessat_LDADD) $(LIBS) +faccessat--secontext$(EXEEXT): $(faccessat__secontext_OBJECTS) $(faccessat__secontext_DEPENDENCIES) $(EXTRA_faccessat__secontext_DEPENDENCIES) + @rm -f faccessat--secontext$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(faccessat__secontext_OBJECTS) $(faccessat__secontext_LDADD) $(LIBS) + +faccessat--secontext_full$(EXEEXT): $(faccessat__secontext_full_OBJECTS) $(faccessat__secontext_full_DEPENDENCIES) $(EXTRA_faccessat__secontext_full_DEPENDENCIES) + @rm -f faccessat--secontext_full$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(faccessat__secontext_full_OBJECTS) $(faccessat__secontext_full_LDADD) $(LIBS) + +faccessat-P$(EXEEXT): $(faccessat_P_OBJECTS) $(faccessat_P_DEPENDENCIES) $(EXTRA_faccessat_P_DEPENDENCIES) + @rm -f faccessat-P$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(faccessat_P_OBJECTS) $(faccessat_P_LDADD) $(LIBS) + +faccessat-y$(EXEEXT): $(faccessat_y_OBJECTS) $(faccessat_y_DEPENDENCIES) $(EXTRA_faccessat_y_DEPENDENCIES) + @rm -f faccessat-y$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(faccessat_y_OBJECTS) $(faccessat_y_LDADD) $(LIBS) + +faccessat-y--secontext$(EXEEXT): $(faccessat_y__secontext_OBJECTS) $(faccessat_y__secontext_DEPENDENCIES) $(EXTRA_faccessat_y__secontext_DEPENDENCIES) + @rm -f faccessat-y--secontext$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(faccessat_y__secontext_OBJECTS) $(faccessat_y__secontext_LDADD) $(LIBS) + +faccessat-y--secontext_full$(EXEEXT): $(faccessat_y__secontext_full_OBJECTS) $(faccessat_y__secontext_full_DEPENDENCIES) $(EXTRA_faccessat_y__secontext_full_DEPENDENCIES) + @rm -f faccessat-y--secontext_full$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(faccessat_y__secontext_full_OBJECTS) $(faccessat_y__secontext_full_LDADD) $(LIBS) + +faccessat-yy$(EXEEXT): $(faccessat_yy_OBJECTS) $(faccessat_yy_DEPENDENCIES) $(EXTRA_faccessat_yy_DEPENDENCIES) + @rm -f faccessat-yy$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(faccessat_yy_OBJECTS) $(faccessat_yy_LDADD) $(LIBS) + fadvise64$(EXEEXT): $(fadvise64_OBJECTS) $(fadvise64_DEPENDENCIES) $(EXTRA_fadvise64_DEPENDENCIES) @rm -f fadvise64$(EXEEXT) $(AM_V_CCLD)$(LINK) $(fadvise64_OBJECTS) $(fadvise64_LDADD) $(LIBS) @@ -7232,6 +7554,14 @@ @rm -f fanotify_mark$(EXEEXT) $(AM_V_CCLD)$(LINK) $(fanotify_mark_OBJECTS) $(fanotify_mark_LDADD) $(LIBS) +fanotify_mark--secontext$(EXEEXT): $(fanotify_mark__secontext_OBJECTS) $(fanotify_mark__secontext_DEPENDENCIES) $(EXTRA_fanotify_mark__secontext_DEPENDENCIES) + @rm -f fanotify_mark--secontext$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(fanotify_mark__secontext_OBJECTS) $(fanotify_mark__secontext_LDADD) $(LIBS) + +fanotify_mark--secontext_full$(EXEEXT): $(fanotify_mark__secontext_full_OBJECTS) $(fanotify_mark__secontext_full_DEPENDENCIES) $(EXTRA_fanotify_mark__secontext_full_DEPENDENCIES) + @rm -f fanotify_mark--secontext_full$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(fanotify_mark__secontext_full_OBJECTS) $(fanotify_mark__secontext_full_LDADD) $(LIBS) + fanotify_mark-Xabbrev$(EXEEXT): $(fanotify_mark_Xabbrev_OBJECTS) $(fanotify_mark_Xabbrev_DEPENDENCIES) $(EXTRA_fanotify_mark_Xabbrev_DEPENDENCIES) @rm -f fanotify_mark-Xabbrev$(EXEEXT) $(AM_V_CCLD)$(LINK) $(fanotify_mark_Xabbrev_OBJECTS) $(fanotify_mark_Xabbrev_LDADD) $(LIBS) @@ -7252,14 +7582,38 @@ @rm -f fchmod$(EXEEXT) $(AM_V_CCLD)$(LINK) $(fchmod_OBJECTS) $(fchmod_LDADD) $(LIBS) +fchmod--secontext$(EXEEXT): $(fchmod__secontext_OBJECTS) $(fchmod__secontext_DEPENDENCIES) $(EXTRA_fchmod__secontext_DEPENDENCIES) + @rm -f fchmod--secontext$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(fchmod__secontext_OBJECTS) $(fchmod__secontext_LDADD) $(LIBS) + +fchmod--secontext_full$(EXEEXT): $(fchmod__secontext_full_OBJECTS) $(fchmod__secontext_full_DEPENDENCIES) $(EXTRA_fchmod__secontext_full_DEPENDENCIES) + @rm -f fchmod--secontext_full$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(fchmod__secontext_full_OBJECTS) $(fchmod__secontext_full_LDADD) $(LIBS) + fchmod-y$(EXEEXT): $(fchmod_y_OBJECTS) $(fchmod_y_DEPENDENCIES) $(EXTRA_fchmod_y_DEPENDENCIES) @rm -f fchmod-y$(EXEEXT) $(AM_V_CCLD)$(LINK) $(fchmod_y_OBJECTS) $(fchmod_y_LDADD) $(LIBS) +fchmod-y--secontext$(EXEEXT): $(fchmod_y__secontext_OBJECTS) $(fchmod_y__secontext_DEPENDENCIES) $(EXTRA_fchmod_y__secontext_DEPENDENCIES) + @rm -f fchmod-y--secontext$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(fchmod_y__secontext_OBJECTS) $(fchmod_y__secontext_LDADD) $(LIBS) + +fchmod-y--secontext_full$(EXEEXT): $(fchmod_y__secontext_full_OBJECTS) $(fchmod_y__secontext_full_DEPENDENCIES) $(EXTRA_fchmod_y__secontext_full_DEPENDENCIES) + @rm -f fchmod-y--secontext_full$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(fchmod_y__secontext_full_OBJECTS) $(fchmod_y__secontext_full_LDADD) $(LIBS) + fchmodat$(EXEEXT): $(fchmodat_OBJECTS) $(fchmodat_DEPENDENCIES) $(EXTRA_fchmodat_DEPENDENCIES) @rm -f fchmodat$(EXEEXT) $(AM_V_CCLD)$(LINK) $(fchmodat_OBJECTS) $(fchmodat_LDADD) $(LIBS) +fchmodat--secontext$(EXEEXT): $(fchmodat__secontext_OBJECTS) $(fchmodat__secontext_DEPENDENCIES) $(EXTRA_fchmodat__secontext_DEPENDENCIES) + @rm -f fchmodat--secontext$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(fchmodat__secontext_OBJECTS) $(fchmodat__secontext_LDADD) $(LIBS) + +fchmodat--secontext_full$(EXEEXT): $(fchmodat__secontext_full_OBJECTS) $(fchmodat__secontext_full_DEPENDENCIES) $(EXTRA_fchmodat__secontext_full_DEPENDENCIES) + @rm -f fchmodat--secontext_full$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(fchmodat__secontext_full_OBJECTS) $(fchmodat__secontext_full_LDADD) $(LIBS) + fchown$(EXEEXT): $(fchown_OBJECTS) $(fchown_DEPENDENCIES) $(EXTRA_fchown_DEPENDENCIES) @rm -f fchown$(EXEEXT) $(AM_V_CCLD)$(LINK) $(fchown_OBJECTS) $(fchown_LDADD) $(LIBS) @@ -7272,6 +7626,14 @@ @rm -f fchownat$(EXEEXT) $(AM_V_CCLD)$(LINK) $(fchownat_OBJECTS) $(fchownat_LDADD) $(LIBS) +fchownat--secontext$(EXEEXT): $(fchownat__secontext_OBJECTS) $(fchownat__secontext_DEPENDENCIES) $(EXTRA_fchownat__secontext_DEPENDENCIES) + @rm -f fchownat--secontext$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(fchownat__secontext_OBJECTS) $(fchownat__secontext_LDADD) $(LIBS) + +fchownat--secontext_full$(EXEEXT): $(fchownat__secontext_full_OBJECTS) $(fchownat__secontext_full_DEPENDENCIES) $(EXTRA_fchownat__secontext_full_DEPENDENCIES) + @rm -f fchownat--secontext_full$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(fchownat__secontext_full_OBJECTS) $(fchownat__secontext_full_LDADD) $(LIBS) + fcntl$(EXEEXT): $(fcntl_OBJECTS) $(fcntl_DEPENDENCIES) $(EXTRA_fcntl_DEPENDENCIES) @rm -f fcntl$(EXEEXT) $(AM_V_CCLD)$(LINK) $(fcntl_OBJECTS) $(fcntl_LDADD) $(LIBS) @@ -7300,6 +7662,14 @@ @rm -f file_handle$(EXEEXT) $(AM_V_CCLD)$(LINK) $(file_handle_OBJECTS) $(file_handle_LDADD) $(LIBS) +file_handle--secontext$(EXEEXT): $(file_handle__secontext_OBJECTS) $(file_handle__secontext_DEPENDENCIES) $(EXTRA_file_handle__secontext_DEPENDENCIES) + @rm -f file_handle--secontext$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(file_handle__secontext_OBJECTS) $(file_handle__secontext_LDADD) $(LIBS) + +file_handle--secontext_full$(EXEEXT): $(file_handle__secontext_full_OBJECTS) $(file_handle__secontext_full_DEPENDENCIES) $(EXTRA_file_handle__secontext_full_DEPENDENCIES) + @rm -f file_handle--secontext_full$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(file_handle__secontext_full_OBJECTS) $(file_handle__secontext_full_LDADD) $(LIBS) + file_ioctl$(EXEEXT): $(file_ioctl_OBJECTS) $(file_ioctl_DEPENDENCIES) $(EXTRA_file_ioctl_DEPENDENCIES) @rm -f file_ioctl$(EXEEXT) $(AM_V_CCLD)$(LINK) $(file_ioctl_OBJECTS) $(file_ioctl_LDADD) $(LIBS) @@ -8124,6 +8494,14 @@ @rm -f linkat$(EXEEXT) $(AM_V_CCLD)$(LINK) $(linkat_OBJECTS) $(linkat_LDADD) $(LIBS) +linkat--secontext$(EXEEXT): $(linkat__secontext_OBJECTS) $(linkat__secontext_DEPENDENCIES) $(EXTRA_linkat__secontext_DEPENDENCIES) + @rm -f linkat--secontext$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(linkat__secontext_OBJECTS) $(linkat__secontext_LDADD) $(LIBS) + +linkat--secontext_full$(EXEEXT): $(linkat__secontext_full_OBJECTS) $(linkat__secontext_full_DEPENDENCIES) $(EXTRA_linkat__secontext_full_DEPENDENCIES) + @rm -f linkat--secontext_full$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(linkat__secontext_full_OBJECTS) $(linkat__secontext_full_LDADD) $(LIBS) + list_sigaction_signum$(EXEEXT): $(list_sigaction_signum_OBJECTS) $(list_sigaction_signum_DEPENDENCIES) $(EXTRA_list_sigaction_signum_DEPENDENCIES) @rm -f list_sigaction_signum$(EXEEXT) $(AM_V_CCLD)$(LINK) $(list_sigaction_signum_OBJECTS) $(list_sigaction_signum_LDADD) $(LIBS) @@ -8756,6 +9134,14 @@ @rm -f open$(EXEEXT) $(AM_V_CCLD)$(LINK) $(open_OBJECTS) $(open_LDADD) $(LIBS) +open--secontext$(EXEEXT): $(open__secontext_OBJECTS) $(open__secontext_DEPENDENCIES) $(EXTRA_open__secontext_DEPENDENCIES) + @rm -f open--secontext$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(open__secontext_OBJECTS) $(open__secontext_LDADD) $(LIBS) + +open--secontext_full$(EXEEXT): $(open__secontext_full_OBJECTS) $(open__secontext_full_DEPENDENCIES) $(EXTRA_open__secontext_full_DEPENDENCIES) + @rm -f open--secontext_full$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(open__secontext_full_OBJECTS) $(open__secontext_full_LDADD) $(LIBS) + open_tree$(EXEEXT): $(open_tree_OBJECTS) $(open_tree_DEPENDENCIES) $(EXTRA_open_tree_DEPENDENCIES) @rm -f open_tree$(EXEEXT) $(AM_V_CCLD)$(LINK) $(open_tree_OBJECTS) $(open_tree_LDADD) $(LIBS) @@ -8768,6 +9154,14 @@ @rm -f openat$(EXEEXT) $(AM_V_CCLD)$(LINK) $(openat_OBJECTS) $(openat_LDADD) $(LIBS) +openat--secontext$(EXEEXT): $(openat__secontext_OBJECTS) $(openat__secontext_DEPENDENCIES) $(EXTRA_openat__secontext_DEPENDENCIES) + @rm -f openat--secontext$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(openat__secontext_OBJECTS) $(openat__secontext_LDADD) $(LIBS) + +openat--secontext_full$(EXEEXT): $(openat__secontext_full_OBJECTS) $(openat__secontext_full_DEPENDENCIES) $(EXTRA_openat__secontext_full_DEPENDENCIES) + @rm -f openat--secontext_full$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(openat__secontext_full_OBJECTS) $(openat__secontext_full_LDADD) $(LIBS) + openat2$(EXEEXT): $(openat2_OBJECTS) $(openat2_DEPENDENCIES) $(EXTRA_openat2_DEPENDENCIES) @rm -f openat2$(EXEEXT) $(AM_V_CCLD)$(LINK) $(openat2_OBJECTS) $(openat2_LDADD) $(LIBS) @@ -10094,6 +10488,8 @@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/_newselect.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/accept.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/accept4.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/access--secontext.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/access--secontext_full.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/access.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/acct.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/add_key.Po@am__quote@ # am--include-marker @@ -10123,6 +10519,8 @@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/caps.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/check_sigblock.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/check_sigign.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/chmod--secontext.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/chmod--secontext_full.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/chmod.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/chown.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/chown32.Po@am__quote@ # am--include-marker @@ -10176,25 +10574,46 @@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/epoll_wait.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/erestartsys.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/eventfd.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/execve--secontext.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/execve--secontext_full.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/execve-v.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/execve.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/execveat--secontext.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/execveat--secontext_full.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/execveat-v.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/execveat.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/faccessat--secontext.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/faccessat--secontext_full.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/faccessat-P.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/faccessat-y--secontext.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/faccessat-y--secontext_full.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/faccessat-y.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/faccessat-yy.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/faccessat.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fadvise64.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fadvise64_64.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fallocate.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fanotify_init.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fanotify_mark--secontext.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fanotify_mark--secontext_full.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fanotify_mark-Xabbrev.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fanotify_mark-Xraw.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fanotify_mark-Xverbose.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fanotify_mark.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fchdir.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fchmod--secontext.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fchmod--secontext_full.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fchmod-y--secontext.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fchmod-y--secontext_full.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fchmod-y.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fchmod.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fchmodat--secontext.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fchmodat--secontext_full.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fchmodat.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fchown.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fchown32.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fchownat--secontext.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fchownat--secontext_full.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fchownat.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fcntl--pidns-translation.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fcntl.Po@am__quote@ # am--include-marker @@ -10202,6 +10621,8 @@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fcntl64.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fdatasync.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fflush.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/file_handle--secontext.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/file_handle--secontext_full.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/file_handle.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/file_ioctl.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/filter-unavailable.Po@am__quote@ # am--include-marker @@ -10431,6 +10852,7 @@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libtests_a-printxval-Xabbrev.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libtests_a-printxval-Xraw.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libtests_a-printxval-Xverbose.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libtests_a-secontext.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libtests_a-signal2name.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libtests_a-skip_unavailable.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libtests_a-sprintrc.Po@am__quote@ # am--include-marker @@ -10443,6 +10865,8 @@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libtests_a-tprintf.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/libtests_a-xmalloc_for_tests.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/link.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/linkat--secontext.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/linkat--secontext_full.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/linkat.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/list_sigaction_signum.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/llseek.Po@am__quote@ # am--include-marker @@ -10601,9 +11025,13 @@ @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/oldselect-efault.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/oldselect.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/oldstat.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/open--secontext.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/open--secontext_full.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/open.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/open_tree-P.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/open_tree.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/openat--secontext.Po@am__quote@ # am--include-marker +@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/openat--secontext_full.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/openat.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/openat2-Xabbrev.Po@am__quote@ # am--include-marker @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/openat2-Xraw.Po@am__quote@ # am--include-marker @@ -11300,6 +11728,20 @@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libtests_a_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libtests_a-printxval-Xverbose.obj `if test -f 'printxval-Xverbose.c'; then $(CYGPATH_W) 'printxval-Xverbose.c'; else $(CYGPATH_W) '$(srcdir)/printxval-Xverbose.c'; fi` +libtests_a-secontext.o: secontext.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libtests_a_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libtests_a-secontext.o -MD -MP -MF $(DEPDIR)/libtests_a-secontext.Tpo -c -o libtests_a-secontext.o `test -f 'secontext.c' || echo '$(srcdir)/'`secontext.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libtests_a-secontext.Tpo $(DEPDIR)/libtests_a-secontext.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='secontext.c' object='libtests_a-secontext.o' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libtests_a_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libtests_a-secontext.o `test -f 'secontext.c' || echo '$(srcdir)/'`secontext.c + +libtests_a-secontext.obj: secontext.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libtests_a_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libtests_a-secontext.obj -MD -MP -MF $(DEPDIR)/libtests_a-secontext.Tpo -c -o libtests_a-secontext.obj `if test -f 'secontext.c'; then $(CYGPATH_W) 'secontext.c'; else $(CYGPATH_W) '$(srcdir)/secontext.c'; fi` +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libtests_a-secontext.Tpo $(DEPDIR)/libtests_a-secontext.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='secontext.c' object='libtests_a-secontext.obj' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libtests_a_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o libtests_a-secontext.obj `if test -f 'secontext.c'; then $(CYGPATH_W) 'secontext.c'; else $(CYGPATH_W) '$(srcdir)/secontext.c'; fi` + libtests_a-signal2name.o: signal2name.c @am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libtests_a_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT libtests_a-signal2name.o -MD -MP -MF $(DEPDIR)/libtests_a-signal2name.Tpo -c -o libtests_a-signal2name.o `test -f 'signal2name.c' || echo '$(srcdir)/'`signal2name.c @am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) $(DEPDIR)/libtests_a-signal2name.Tpo $(DEPDIR)/libtests_a-signal2name.Po @@ -13841,6 +14283,12 @@ $(srcdir)/access.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in $(AM_V_GEN) $^ $@ +$(srcdir)/access--secontext.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in + $(AM_V_GEN) $^ $@ + +$(srcdir)/access--secontext_full.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in + $(AM_V_GEN) $^ $@ + $(srcdir)/acct.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in $(AM_V_GEN) $^ $@ @@ -13883,6 +14331,12 @@ $(srcdir)/chmod.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in $(AM_V_GEN) $^ $@ +$(srcdir)/chmod--secontext.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in + $(AM_V_GEN) $^ $@ + +$(srcdir)/chmod--secontext_full.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in + $(AM_V_GEN) $^ $@ + $(srcdir)/chown.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in $(AM_V_GEN) $^ $@ @@ -14024,13 +14478,43 @@ $(srcdir)/erestartsys.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in $(AM_V_GEN) $^ $@ +$(srcdir)/execve--secontext.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in + $(AM_V_GEN) $^ $@ + +$(srcdir)/execve--secontext_full.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in + $(AM_V_GEN) $^ $@ + $(srcdir)/execveat.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in $(AM_V_GEN) $^ $@ +$(srcdir)/execveat--secontext.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in + $(AM_V_GEN) $^ $@ + +$(srcdir)/execveat--secontext_full.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in + $(AM_V_GEN) $^ $@ + $(srcdir)/execveat-v.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in $(AM_V_GEN) $^ $@ -$(srcdir)/faccessat.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in +$(srcdir)/faccessat--secontext.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in + $(AM_V_GEN) $^ $@ + +$(srcdir)/faccessat--secontext_full.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in + $(AM_V_GEN) $^ $@ + +$(srcdir)/faccessat-P.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in + $(AM_V_GEN) $^ $@ + +$(srcdir)/faccessat-y.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in + $(AM_V_GEN) $^ $@ + +$(srcdir)/faccessat-y--secontext.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in + $(AM_V_GEN) $^ $@ + +$(srcdir)/faccessat-y--secontext_full.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in + $(AM_V_GEN) $^ $@ + +$(srcdir)/faccessat-yy.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in $(AM_V_GEN) $^ $@ $(srcdir)/fadvise64_64.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in @@ -14045,6 +14529,12 @@ $(srcdir)/fanotify_mark.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in $(AM_V_GEN) $^ $@ +$(srcdir)/fanotify_mark--secontext.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in + $(AM_V_GEN) $^ $@ + +$(srcdir)/fanotify_mark--secontext_full.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in + $(AM_V_GEN) $^ $@ + $(srcdir)/fanotify_mark-Xabbrev.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in $(AM_V_GEN) $^ $@ @@ -14060,12 +14550,30 @@ $(srcdir)/fchmod.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in $(AM_V_GEN) $^ $@ +$(srcdir)/fchmod--secontext.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in + $(AM_V_GEN) $^ $@ + +$(srcdir)/fchmod--secontext_full.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in + $(AM_V_GEN) $^ $@ + $(srcdir)/fchmod-y.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in $(AM_V_GEN) $^ $@ +$(srcdir)/fchmod-y--secontext.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in + $(AM_V_GEN) $^ $@ + +$(srcdir)/fchmod-y--secontext_full.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in + $(AM_V_GEN) $^ $@ + $(srcdir)/fchmodat.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in $(AM_V_GEN) $^ $@ +$(srcdir)/fchmodat--secontext.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in + $(AM_V_GEN) $^ $@ + +$(srcdir)/fchmodat--secontext_full.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in + $(AM_V_GEN) $^ $@ + $(srcdir)/fchown.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in $(AM_V_GEN) $^ $@ @@ -14075,6 +14583,12 @@ $(srcdir)/fchownat.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in $(AM_V_GEN) $^ $@ +$(srcdir)/fchownat--secontext.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in + $(AM_V_GEN) $^ $@ + +$(srcdir)/fchownat--secontext_full.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in + $(AM_V_GEN) $^ $@ + $(srcdir)/fcntl.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in $(AM_V_GEN) $^ $@ @@ -14096,6 +14610,12 @@ $(srcdir)/file_ioctl.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in $(AM_V_GEN) $^ $@ +$(srcdir)/file_handle--secontext.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in + $(AM_V_GEN) $^ $@ + +$(srcdir)/file_handle--secontext_full.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in + $(AM_V_GEN) $^ $@ + $(srcdir)/filter_seccomp.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in $(AM_V_GEN) $^ $@ @@ -14690,6 +15210,12 @@ $(srcdir)/linkat.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in $(AM_V_GEN) $^ $@ +$(srcdir)/linkat--secontext.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in + $(AM_V_GEN) $^ $@ + +$(srcdir)/linkat--secontext_full.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in + $(AM_V_GEN) $^ $@ + $(srcdir)/lookup_dcookie.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in $(AM_V_GEN) $^ $@ @@ -15107,6 +15633,12 @@ $(srcdir)/open.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in $(AM_V_GEN) $^ $@ +$(srcdir)/open--secontext.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in + $(AM_V_GEN) $^ $@ + +$(srcdir)/open--secontext_full.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in + $(AM_V_GEN) $^ $@ + $(srcdir)/open_tree.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in $(AM_V_GEN) $^ $@ @@ -15116,6 +15648,12 @@ $(srcdir)/openat.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in $(AM_V_GEN) $^ $@ +$(srcdir)/openat--secontext.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in + $(AM_V_GEN) $^ $@ + +$(srcdir)/openat--secontext_full.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in + $(AM_V_GEN) $^ $@ + $(srcdir)/openat2.gen.test: $(abs_srcdir)/gen_tests.sh $(srcdir)/gen_tests.in $(AM_V_GEN) $^ $@ Index: strace-5.7/tests-m32/access--secontext.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ strace-5.7/tests-m32/access--secontext.c 2021-08-24 21:08:43.293245705 +0200 @@ -0,0 +1,19 @@ +/* + * Copyright (c) 2021 The strace developers. + * All rights reserved. + * + * SPDX-License-Identifier: GPL-2.0-or-later + */ + +#include "tests.h" + +#ifdef HAVE_M32_SELINUX_RUNTIME + +# define TEST_SECONTEXT +# include "access.c" + +#else + +SKIP_MAIN_UNDEFINED("HAVE_M32_SELINUX_RUNTIME") + +#endif Index: strace-5.7/tests-m32/chmod--secontext.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ strace-5.7/tests-m32/chmod--secontext.c 2021-08-24 21:08:43.293245705 +0200 @@ -0,0 +1,19 @@ +/* + * Copyright (c) 2021 The strace developers. + * All rights reserved. + * + * SPDX-License-Identifier: GPL-2.0-or-later + */ + +#include "tests.h" + +#ifdef HAVE_M32_SELINUX_RUNTIME + +# define TEST_SECONTEXT +# include "chmod.c" + +#else + +SKIP_MAIN_UNDEFINED("HAVE_M32_SELINUX_RUNTIME") + +#endif Index: strace-5.7/tests-m32/execve--secontext.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ strace-5.7/tests-m32/execve--secontext.c 2021-08-24 21:08:43.293245705 +0200 @@ -0,0 +1,19 @@ +/* + * Copyright (c) 2021 The strace developers. + * All rights reserved. + * + * SPDX-License-Identifier: GPL-2.0-or-later + */ + +#include "tests.h" + +#ifdef HAVE_M32_SELINUX_RUNTIME + +# define TEST_SECONTEXT +# include "execve.c" + +#else + +SKIP_MAIN_UNDEFINED("HAVE_M32_SELINUX_RUNTIME") + +#endif Index: strace-5.7/tests-m32/execveat--secontext.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ strace-5.7/tests-m32/execveat--secontext.c 2021-08-24 21:08:43.293245705 +0200 @@ -0,0 +1,19 @@ +/* + * Copyright (c) 2021 The strace developers. + * All rights reserved. + * + * SPDX-License-Identifier: GPL-2.0-or-later + */ + +#include "tests.h" + +#ifdef HAVE_M32_SELINUX_RUNTIME + +# define TEST_SECONTEXT +# include "execveat.c" + +#else + +SKIP_MAIN_UNDEFINED("HAVE_M32_SELINUX_RUNTIME") + +#endif Index: strace-5.7/tests-m32/faccessat--secontext.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ strace-5.7/tests-m32/faccessat--secontext.c 2021-08-24 21:08:43.293245705 +0200 @@ -0,0 +1,19 @@ +/* + * Copyright (c) 2021 The strace developers. + * All rights reserved. + * + * SPDX-License-Identifier: GPL-2.0-or-later + */ + +#include "tests.h" + +#ifdef HAVE_M32_SELINUX_RUNTIME + +# define TEST_SECONTEXT +# include "faccessat.c" + +#else + +SKIP_MAIN_UNDEFINED("HAVE_M32_SELINUX_RUNTIME") + +#endif Index: strace-5.7/tests-m32/faccessat-y--secontext.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ strace-5.7/tests-m32/faccessat-y--secontext.c 2021-08-24 21:08:43.294245697 +0200 @@ -0,0 +1,19 @@ +/* + * Copyright (c) 2021 The strace developers. + * All rights reserved. + * + * SPDX-License-Identifier: GPL-2.0-or-later + */ + +#include "tests.h" + +#ifdef HAVE_M32_SELINUX_RUNTIME + +# define TEST_SECONTEXT +# include "faccessat-y.c" + +#else + +SKIP_MAIN_UNDEFINED("HAVE_M32_SELINUX_RUNTIME") + +#endif Index: strace-5.7/tests-m32/fanotify_mark--secontext.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ strace-5.7/tests-m32/fanotify_mark--secontext.c 2021-08-24 21:08:43.294245697 +0200 @@ -0,0 +1,19 @@ +/* + * Copyright (c) 2021 The strace developers. + * All rights reserved. + * + * SPDX-License-Identifier: GPL-2.0-or-later + */ + +#include "tests.h" + +#ifdef HAVE_M32_SELINUX_RUNTIME + +# define TEST_SECONTEXT +# include "fanotify_mark.c" + +#else + +SKIP_MAIN_UNDEFINED("HAVE_M32_SELINUX_RUNTIME") + +#endif Index: strace-5.7/tests-m32/fchmod--secontext.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ strace-5.7/tests-m32/fchmod--secontext.c 2021-08-24 21:08:43.294245697 +0200 @@ -0,0 +1,19 @@ +/* + * Copyright (c) 2021 The strace developers. + * All rights reserved. + * + * SPDX-License-Identifier: GPL-2.0-or-later + */ + +#include "tests.h" + +#ifdef HAVE_M32_SELINUX_RUNTIME + +# define TEST_SECONTEXT +# include "fchmod.c" + +#else + +SKIP_MAIN_UNDEFINED("HAVE_M32_SELINUX_RUNTIME") + +#endif Index: strace-5.7/tests-m32/fchmod-y--secontext.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ strace-5.7/tests-m32/fchmod-y--secontext.c 2021-08-24 21:08:43.294245697 +0200 @@ -0,0 +1,19 @@ +/* + * Copyright (c) 2021 The strace developers. + * All rights reserved. + * + * SPDX-License-Identifier: GPL-2.0-or-later + */ + +#include "tests.h" + +#ifdef HAVE_M32_SELINUX_RUNTIME + +# define TEST_SECONTEXT +# include "fchmod-y.c" + +#else + +SKIP_MAIN_UNDEFINED("HAVE_M32_SELINUX_RUNTIME") + +#endif Index: strace-5.7/tests-m32/fchmodat--secontext.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ strace-5.7/tests-m32/fchmodat--secontext.c 2021-08-24 21:08:43.294245697 +0200 @@ -0,0 +1,19 @@ +/* + * Copyright (c) 2021 The strace developers. + * All rights reserved. + * + * SPDX-License-Identifier: GPL-2.0-or-later + */ + +#include "tests.h" + +#ifdef HAVE_M32_SELINUX_RUNTIME + +# define TEST_SECONTEXT +# include "fchmodat.c" + +#else + +SKIP_MAIN_UNDEFINED("HAVE_M32_SELINUX_RUNTIME") + +#endif Index: strace-5.7/tests-m32/fchownat--secontext.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ strace-5.7/tests-m32/fchownat--secontext.c 2021-08-24 21:08:43.294245697 +0200 @@ -0,0 +1,19 @@ +/* + * Copyright (c) 2021 The strace developers. + * All rights reserved. + * + * SPDX-License-Identifier: GPL-2.0-or-later + */ + +#include "tests.h" + +#ifdef HAVE_M32_SELINUX_RUNTIME + +# define TEST_SECONTEXT +# include "fchownat.c" + +#else + +SKIP_MAIN_UNDEFINED("HAVE_M32_SELINUX_RUNTIME") + +#endif Index: strace-5.7/tests-m32/file_handle--secontext.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ strace-5.7/tests-m32/file_handle--secontext.c 2021-08-24 21:08:43.294245697 +0200 @@ -0,0 +1,19 @@ +/* + * Copyright (c) 2021 The strace developers. + * All rights reserved. + * + * SPDX-License-Identifier: GPL-2.0-or-later + */ + +#include "tests.h" + +#ifdef HAVE_M32_SELINUX_RUNTIME + +# define TEST_SECONTEXT +# include "file_handle.c" + +#else + +SKIP_MAIN_UNDEFINED("HAVE_M32_SELINUX_RUNTIME") + +#endif Index: strace-5.7/tests-m32/linkat--secontext.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ strace-5.7/tests-m32/linkat--secontext.c 2021-08-24 21:08:43.294245697 +0200 @@ -0,0 +1,19 @@ +/* + * Copyright (c) 2021 The strace developers. + * All rights reserved. + * + * SPDX-License-Identifier: GPL-2.0-or-later + */ + +#include "tests.h" + +#ifdef HAVE_M32_SELINUX_RUNTIME + +# define TEST_SECONTEXT +# include "linkat.c" + +#else + +SKIP_MAIN_UNDEFINED("HAVE_M32_SELINUX_RUNTIME") + +#endif Index: strace-5.7/tests-m32/open--secontext.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ strace-5.7/tests-m32/open--secontext.c 2021-08-24 21:08:43.294245697 +0200 @@ -0,0 +1,19 @@ +/* + * Copyright (c) 2021 The strace developers. + * All rights reserved. + * + * SPDX-License-Identifier: GPL-2.0-or-later + */ + +#include "tests.h" + +#ifdef HAVE_M32_SELINUX_RUNTIME + +# define TEST_SECONTEXT +# include "open.c" + +#else + +SKIP_MAIN_UNDEFINED("HAVE_M32_SELINUX_RUNTIME") + +#endif Index: strace-5.7/tests-m32/openat--secontext.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ strace-5.7/tests-m32/openat--secontext.c 2021-08-24 21:08:43.294245697 +0200 @@ -0,0 +1,19 @@ +/* + * Copyright (c) 2021 The strace developers. + * All rights reserved. + * + * SPDX-License-Identifier: GPL-2.0-or-later + */ + +#include "tests.h" + +#ifdef HAVE_M32_SELINUX_RUNTIME + +# define TEST_SECONTEXT +# include "openat.c" + +#else + +SKIP_MAIN_UNDEFINED("HAVE_M32_SELINUX_RUNTIME") + +#endif Index: strace-5.7/tests-mx32/access--secontext.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ strace-5.7/tests-mx32/access--secontext.c 2021-08-24 21:08:43.295245688 +0200 @@ -0,0 +1,19 @@ +/* + * Copyright (c) 2021 The strace developers. + * All rights reserved. + * + * SPDX-License-Identifier: GPL-2.0-or-later + */ + +#include "tests.h" + +#ifdef HAVE_MX32_SELINUX_RUNTIME + +# define TEST_SECONTEXT +# include "access.c" + +#else + +SKIP_MAIN_UNDEFINED("HAVE_MX32_SELINUX_RUNTIME") + +#endif Index: strace-5.7/tests-mx32/chmod--secontext.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ strace-5.7/tests-mx32/chmod--secontext.c 2021-08-24 21:08:43.295245688 +0200 @@ -0,0 +1,19 @@ +/* + * Copyright (c) 2021 The strace developers. + * All rights reserved. + * + * SPDX-License-Identifier: GPL-2.0-or-later + */ + +#include "tests.h" + +#ifdef HAVE_MX32_SELINUX_RUNTIME + +# define TEST_SECONTEXT +# include "chmod.c" + +#else + +SKIP_MAIN_UNDEFINED("HAVE_MX32_SELINUX_RUNTIME") + +#endif Index: strace-5.7/tests-mx32/execve--secontext.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ strace-5.7/tests-mx32/execve--secontext.c 2021-08-24 21:08:43.295245688 +0200 @@ -0,0 +1,19 @@ +/* + * Copyright (c) 2021 The strace developers. + * All rights reserved. + * + * SPDX-License-Identifier: GPL-2.0-or-later + */ + +#include "tests.h" + +#ifdef HAVE_MX32_SELINUX_RUNTIME + +# define TEST_SECONTEXT +# include "execve.c" + +#else + +SKIP_MAIN_UNDEFINED("HAVE_MX32_SELINUX_RUNTIME") + +#endif Index: strace-5.7/tests-mx32/execveat--secontext.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ strace-5.7/tests-mx32/execveat--secontext.c 2021-08-24 21:08:43.295245688 +0200 @@ -0,0 +1,19 @@ +/* + * Copyright (c) 2021 The strace developers. + * All rights reserved. + * + * SPDX-License-Identifier: GPL-2.0-or-later + */ + +#include "tests.h" + +#ifdef HAVE_MX32_SELINUX_RUNTIME + +# define TEST_SECONTEXT +# include "execveat.c" + +#else + +SKIP_MAIN_UNDEFINED("HAVE_MX32_SELINUX_RUNTIME") + +#endif Index: strace-5.7/tests-mx32/faccessat--secontext.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ strace-5.7/tests-mx32/faccessat--secontext.c 2021-08-24 21:08:43.295245688 +0200 @@ -0,0 +1,19 @@ +/* + * Copyright (c) 2021 The strace developers. + * All rights reserved. + * + * SPDX-License-Identifier: GPL-2.0-or-later + */ + +#include "tests.h" + +#ifdef HAVE_MX32_SELINUX_RUNTIME + +# define TEST_SECONTEXT +# include "faccessat.c" + +#else + +SKIP_MAIN_UNDEFINED("HAVE_MX32_SELINUX_RUNTIME") + +#endif Index: strace-5.7/tests-mx32/faccessat-y--secontext.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ strace-5.7/tests-mx32/faccessat-y--secontext.c 2021-08-24 21:08:43.295245688 +0200 @@ -0,0 +1,19 @@ +/* + * Copyright (c) 2021 The strace developers. + * All rights reserved. + * + * SPDX-License-Identifier: GPL-2.0-or-later + */ + +#include "tests.h" + +#ifdef HAVE_MX32_SELINUX_RUNTIME + +# define TEST_SECONTEXT +# include "faccessat-y.c" + +#else + +SKIP_MAIN_UNDEFINED("HAVE_MX32_SELINUX_RUNTIME") + +#endif Index: strace-5.7/tests-mx32/fanotify_mark--secontext.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ strace-5.7/tests-mx32/fanotify_mark--secontext.c 2021-08-24 21:08:43.295245688 +0200 @@ -0,0 +1,19 @@ +/* + * Copyright (c) 2021 The strace developers. + * All rights reserved. + * + * SPDX-License-Identifier: GPL-2.0-or-later + */ + +#include "tests.h" + +#ifdef HAVE_MX32_SELINUX_RUNTIME + +# define TEST_SECONTEXT +# include "fanotify_mark.c" + +#else + +SKIP_MAIN_UNDEFINED("HAVE_MX32_SELINUX_RUNTIME") + +#endif Index: strace-5.7/tests-mx32/fchmod--secontext.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ strace-5.7/tests-mx32/fchmod--secontext.c 2021-08-24 21:08:43.295245688 +0200 @@ -0,0 +1,19 @@ +/* + * Copyright (c) 2021 The strace developers. + * All rights reserved. + * + * SPDX-License-Identifier: GPL-2.0-or-later + */ + +#include "tests.h" + +#ifdef HAVE_MX32_SELINUX_RUNTIME + +# define TEST_SECONTEXT +# include "fchmod.c" + +#else + +SKIP_MAIN_UNDEFINED("HAVE_MX32_SELINUX_RUNTIME") + +#endif Index: strace-5.7/tests-mx32/fchmod-y--secontext.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ strace-5.7/tests-mx32/fchmod-y--secontext.c 2021-08-24 21:08:43.295245688 +0200 @@ -0,0 +1,19 @@ +/* + * Copyright (c) 2021 The strace developers. + * All rights reserved. + * + * SPDX-License-Identifier: GPL-2.0-or-later + */ + +#include "tests.h" + +#ifdef HAVE_MX32_SELINUX_RUNTIME + +# define TEST_SECONTEXT +# include "fchmod-y.c" + +#else + +SKIP_MAIN_UNDEFINED("HAVE_MX32_SELINUX_RUNTIME") + +#endif Index: strace-5.7/tests-mx32/fchmodat--secontext.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ strace-5.7/tests-mx32/fchmodat--secontext.c 2021-08-24 21:08:43.296245680 +0200 @@ -0,0 +1,19 @@ +/* + * Copyright (c) 2021 The strace developers. + * All rights reserved. + * + * SPDX-License-Identifier: GPL-2.0-or-later + */ + +#include "tests.h" + +#ifdef HAVE_MX32_SELINUX_RUNTIME + +# define TEST_SECONTEXT +# include "fchmodat.c" + +#else + +SKIP_MAIN_UNDEFINED("HAVE_MX32_SELINUX_RUNTIME") + +#endif Index: strace-5.7/tests-mx32/fchownat--secontext.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ strace-5.7/tests-mx32/fchownat--secontext.c 2021-08-24 21:08:43.296245680 +0200 @@ -0,0 +1,19 @@ +/* + * Copyright (c) 2021 The strace developers. + * All rights reserved. + * + * SPDX-License-Identifier: GPL-2.0-or-later + */ + +#include "tests.h" + +#ifdef HAVE_MX32_SELINUX_RUNTIME + +# define TEST_SECONTEXT +# include "fchownat.c" + +#else + +SKIP_MAIN_UNDEFINED("HAVE_MX32_SELINUX_RUNTIME") + +#endif Index: strace-5.7/tests-mx32/file_handle--secontext.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ strace-5.7/tests-mx32/file_handle--secontext.c 2021-08-24 21:08:43.296245680 +0200 @@ -0,0 +1,19 @@ +/* + * Copyright (c) 2021 The strace developers. + * All rights reserved. + * + * SPDX-License-Identifier: GPL-2.0-or-later + */ + +#include "tests.h" + +#ifdef HAVE_MX32_SELINUX_RUNTIME + +# define TEST_SECONTEXT +# include "file_handle.c" + +#else + +SKIP_MAIN_UNDEFINED("HAVE_MX32_SELINUX_RUNTIME") + +#endif Index: strace-5.7/tests-mx32/linkat--secontext.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ strace-5.7/tests-mx32/linkat--secontext.c 2021-08-24 21:08:43.296245680 +0200 @@ -0,0 +1,19 @@ +/* + * Copyright (c) 2021 The strace developers. + * All rights reserved. + * + * SPDX-License-Identifier: GPL-2.0-or-later + */ + +#include "tests.h" + +#ifdef HAVE_MX32_SELINUX_RUNTIME + +# define TEST_SECONTEXT +# include "linkat.c" + +#else + +SKIP_MAIN_UNDEFINED("HAVE_MX32_SELINUX_RUNTIME") + +#endif Index: strace-5.7/tests-mx32/open--secontext.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ strace-5.7/tests-mx32/open--secontext.c 2021-08-24 21:08:43.296245680 +0200 @@ -0,0 +1,19 @@ +/* + * Copyright (c) 2021 The strace developers. + * All rights reserved. + * + * SPDX-License-Identifier: GPL-2.0-or-later + */ + +#include "tests.h" + +#ifdef HAVE_MX32_SELINUX_RUNTIME + +# define TEST_SECONTEXT +# include "open.c" + +#else + +SKIP_MAIN_UNDEFINED("HAVE_MX32_SELINUX_RUNTIME") + +#endif Index: strace-5.7/tests-mx32/openat--secontext.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ strace-5.7/tests-mx32/openat--secontext.c 2021-08-24 21:08:43.296245680 +0200 @@ -0,0 +1,19 @@ +/* + * Copyright (c) 2021 The strace developers. + * All rights reserved. + * + * SPDX-License-Identifier: GPL-2.0-or-later + */ + +#include "tests.h" + +#ifdef HAVE_MX32_SELINUX_RUNTIME + +# define TEST_SECONTEXT +# include "openat.c" + +#else + +SKIP_MAIN_UNDEFINED("HAVE_MX32_SELINUX_RUNTIME") + +#endif Index: strace-5.7/tests/access--secontext.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ strace-5.7/tests/access--secontext.c 2021-08-24 21:08:43.296245680 +0200 @@ -0,0 +1,19 @@ +/* + * Copyright (c) 2021 The strace developers. + * All rights reserved. + * + * SPDX-License-Identifier: GPL-2.0-or-later + */ + +#include "tests.h" + +#ifdef HAVE_SELINUX_RUNTIME + +# define TEST_SECONTEXT +# include "access.c" + +#else + +SKIP_MAIN_UNDEFINED("HAVE_SELINUX_RUNTIME") + +#endif Index: strace-5.7/tests/chmod--secontext.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ strace-5.7/tests/chmod--secontext.c 2021-08-24 21:08:43.296245680 +0200 @@ -0,0 +1,19 @@ +/* + * Copyright (c) 2021 The strace developers. + * All rights reserved. + * + * SPDX-License-Identifier: GPL-2.0-or-later + */ + +#include "tests.h" + +#ifdef HAVE_SELINUX_RUNTIME + +# define TEST_SECONTEXT +# include "chmod.c" + +#else + +SKIP_MAIN_UNDEFINED("HAVE_SELINUX_RUNTIME") + +#endif Index: strace-5.7/tests/execve--secontext.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ strace-5.7/tests/execve--secontext.c 2021-08-24 21:08:43.296245680 +0200 @@ -0,0 +1,19 @@ +/* + * Copyright (c) 2021 The strace developers. + * All rights reserved. + * + * SPDX-License-Identifier: GPL-2.0-or-later + */ + +#include "tests.h" + +#ifdef HAVE_SELINUX_RUNTIME + +# define TEST_SECONTEXT +# include "execve.c" + +#else + +SKIP_MAIN_UNDEFINED("HAVE_SELINUX_RUNTIME") + +#endif Index: strace-5.7/tests/execveat--secontext.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ strace-5.7/tests/execveat--secontext.c 2021-08-24 21:08:43.297245671 +0200 @@ -0,0 +1,19 @@ +/* + * Copyright (c) 2021 The strace developers. + * All rights reserved. + * + * SPDX-License-Identifier: GPL-2.0-or-later + */ + +#include "tests.h" + +#ifdef HAVE_SELINUX_RUNTIME + +# define TEST_SECONTEXT +# include "execveat.c" + +#else + +SKIP_MAIN_UNDEFINED("HAVE_SELINUX_RUNTIME") + +#endif Index: strace-5.7/tests/faccessat--secontext.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ strace-5.7/tests/faccessat--secontext.c 2021-08-24 21:08:43.297245671 +0200 @@ -0,0 +1,19 @@ +/* + * Copyright (c) 2021 The strace developers. + * All rights reserved. + * + * SPDX-License-Identifier: GPL-2.0-or-later + */ + +#include "tests.h" + +#ifdef HAVE_SELINUX_RUNTIME + +# define TEST_SECONTEXT +# include "faccessat.c" + +#else + +SKIP_MAIN_UNDEFINED("HAVE_SELINUX_RUNTIME") + +#endif Index: strace-5.7/tests/faccessat-y--secontext.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ strace-5.7/tests/faccessat-y--secontext.c 2021-08-24 21:08:43.297245671 +0200 @@ -0,0 +1,19 @@ +/* + * Copyright (c) 2021 The strace developers. + * All rights reserved. + * + * SPDX-License-Identifier: GPL-2.0-or-later + */ + +#include "tests.h" + +#ifdef HAVE_SELINUX_RUNTIME + +# define TEST_SECONTEXT +# include "faccessat-y.c" + +#else + +SKIP_MAIN_UNDEFINED("HAVE_SELINUX_RUNTIME") + +#endif Index: strace-5.7/tests/fanotify_mark--secontext.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ strace-5.7/tests/fanotify_mark--secontext.c 2021-08-24 21:08:43.297245671 +0200 @@ -0,0 +1,19 @@ +/* + * Copyright (c) 2021 The strace developers. + * All rights reserved. + * + * SPDX-License-Identifier: GPL-2.0-or-later + */ + +#include "tests.h" + +#ifdef HAVE_SELINUX_RUNTIME + +# define TEST_SECONTEXT +# include "fanotify_mark.c" + +#else + +SKIP_MAIN_UNDEFINED("HAVE_SELINUX_RUNTIME") + +#endif Index: strace-5.7/tests/fchmod--secontext.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ strace-5.7/tests/fchmod--secontext.c 2021-08-24 21:08:43.297245671 +0200 @@ -0,0 +1,19 @@ +/* + * Copyright (c) 2021 The strace developers. + * All rights reserved. + * + * SPDX-License-Identifier: GPL-2.0-or-later + */ + +#include "tests.h" + +#ifdef HAVE_SELINUX_RUNTIME + +# define TEST_SECONTEXT +# include "fchmod.c" + +#else + +SKIP_MAIN_UNDEFINED("HAVE_SELINUX_RUNTIME") + +#endif Index: strace-5.7/tests/fchmod-y--secontext.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ strace-5.7/tests/fchmod-y--secontext.c 2021-08-24 21:08:43.297245671 +0200 @@ -0,0 +1,19 @@ +/* + * Copyright (c) 2021 The strace developers. + * All rights reserved. + * + * SPDX-License-Identifier: GPL-2.0-or-later + */ + +#include "tests.h" + +#ifdef HAVE_SELINUX_RUNTIME + +# define TEST_SECONTEXT +# include "fchmod-y.c" + +#else + +SKIP_MAIN_UNDEFINED("HAVE_SELINUX_RUNTIME") + +#endif Index: strace-5.7/tests/fchmodat--secontext.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ strace-5.7/tests/fchmodat--secontext.c 2021-08-24 21:08:43.297245671 +0200 @@ -0,0 +1,19 @@ +/* + * Copyright (c) 2021 The strace developers. + * All rights reserved. + * + * SPDX-License-Identifier: GPL-2.0-or-later + */ + +#include "tests.h" + +#ifdef HAVE_SELINUX_RUNTIME + +# define TEST_SECONTEXT +# include "fchmodat.c" + +#else + +SKIP_MAIN_UNDEFINED("HAVE_SELINUX_RUNTIME") + +#endif Index: strace-5.7/tests/fchownat--secontext.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ strace-5.7/tests/fchownat--secontext.c 2021-08-24 21:08:43.297245671 +0200 @@ -0,0 +1,19 @@ +/* + * Copyright (c) 2021 The strace developers. + * All rights reserved. + * + * SPDX-License-Identifier: GPL-2.0-or-later + */ + +#include "tests.h" + +#ifdef HAVE_SELINUX_RUNTIME + +# define TEST_SECONTEXT +# include "fchownat.c" + +#else + +SKIP_MAIN_UNDEFINED("HAVE_SELINUX_RUNTIME") + +#endif Index: strace-5.7/tests/file_handle--secontext.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ strace-5.7/tests/file_handle--secontext.c 2021-08-24 21:08:43.297245671 +0200 @@ -0,0 +1,19 @@ +/* + * Copyright (c) 2021 The strace developers. + * All rights reserved. + * + * SPDX-License-Identifier: GPL-2.0-or-later + */ + +#include "tests.h" + +#ifdef HAVE_SELINUX_RUNTIME + +# define TEST_SECONTEXT +# include "file_handle.c" + +#else + +SKIP_MAIN_UNDEFINED("HAVE_SELINUX_RUNTIME") + +#endif Index: strace-5.7/tests/linkat--secontext.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ strace-5.7/tests/linkat--secontext.c 2021-08-24 21:08:43.298245663 +0200 @@ -0,0 +1,19 @@ +/* + * Copyright (c) 2021 The strace developers. + * All rights reserved. + * + * SPDX-License-Identifier: GPL-2.0-or-later + */ + +#include "tests.h" + +#ifdef HAVE_SELINUX_RUNTIME + +# define TEST_SECONTEXT +# include "linkat.c" + +#else + +SKIP_MAIN_UNDEFINED("HAVE_SELINUX_RUNTIME") + +#endif Index: strace-5.7/tests/open--secontext.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ strace-5.7/tests/open--secontext.c 2021-08-24 21:08:43.298245663 +0200 @@ -0,0 +1,19 @@ +/* + * Copyright (c) 2021 The strace developers. + * All rights reserved. + * + * SPDX-License-Identifier: GPL-2.0-or-later + */ + +#include "tests.h" + +#ifdef HAVE_SELINUX_RUNTIME + +# define TEST_SECONTEXT +# include "open.c" + +#else + +SKIP_MAIN_UNDEFINED("HAVE_SELINUX_RUNTIME") + +#endif Index: strace-5.7/tests/openat--secontext.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ strace-5.7/tests/openat--secontext.c 2021-08-24 21:08:43.298245663 +0200 @@ -0,0 +1,19 @@ +/* + * Copyright (c) 2021 The strace developers. + * All rights reserved. + * + * SPDX-License-Identifier: GPL-2.0-or-later + */ + +#include "tests.h" + +#ifdef HAVE_SELINUX_RUNTIME + +# define TEST_SECONTEXT +# include "openat.c" + +#else + +SKIP_MAIN_UNDEFINED("HAVE_SELINUX_RUNTIME") + +#endif Index: strace-5.7/tests-m32/access--secontext_full.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ strace-5.7/tests-m32/access--secontext_full.c 2021-08-24 21:08:43.298245663 +0200 @@ -0,0 +1,2 @@ +#define PRINT_SECONTEXT_FULL +#include "access--secontext.c" Index: strace-5.7/tests-m32/chmod--secontext_full.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ strace-5.7/tests-m32/chmod--secontext_full.c 2021-08-24 21:08:43.298245663 +0200 @@ -0,0 +1,2 @@ +#define PRINT_SECONTEXT_FULL +#include "chmod--secontext.c" Index: strace-5.7/tests-m32/execve--secontext_full.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ strace-5.7/tests-m32/execve--secontext_full.c 2021-08-24 21:08:43.298245663 +0200 @@ -0,0 +1,2 @@ +#define PRINT_SECONTEXT_FULL +#include "execve--secontext.c" Index: strace-5.7/tests-m32/execveat--secontext_full.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ strace-5.7/tests-m32/execveat--secontext_full.c 2021-08-24 21:08:43.298245663 +0200 @@ -0,0 +1,2 @@ +#define PRINT_SECONTEXT_FULL +#include "execveat--secontext.c" Index: strace-5.7/tests-m32/faccessat--secontext_full.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ strace-5.7/tests-m32/faccessat--secontext_full.c 2021-08-24 21:08:43.298245663 +0200 @@ -0,0 +1,2 @@ +#define PRINT_SECONTEXT_FULL +#include "faccessat--secontext.c" Index: strace-5.7/tests-m32/faccessat-y--secontext_full.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ strace-5.7/tests-m32/faccessat-y--secontext_full.c 2021-08-24 21:08:43.298245663 +0200 @@ -0,0 +1,2 @@ +#define PRINT_SECONTEXT_FULL +#include "faccessat-y--secontext.c" Index: strace-5.7/tests-m32/fanotify_mark--secontext_full.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ strace-5.7/tests-m32/fanotify_mark--secontext_full.c 2021-08-24 21:08:43.298245663 +0200 @@ -0,0 +1,2 @@ +#define PRINT_SECONTEXT_FULL +#include "fanotify_mark--secontext.c" Index: strace-5.7/tests-m32/fchmod--secontext_full.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ strace-5.7/tests-m32/fchmod--secontext_full.c 2021-08-24 21:08:43.299245654 +0200 @@ -0,0 +1,2 @@ +#define PRINT_SECONTEXT_FULL +#include "fchmod--secontext.c" Index: strace-5.7/tests-m32/fchmod-y--secontext_full.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ strace-5.7/tests-m32/fchmod-y--secontext_full.c 2021-08-24 21:08:43.299245654 +0200 @@ -0,0 +1,2 @@ +#define PRINT_SECONTEXT_FULL +#include "fchmod-y--secontext.c" Index: strace-5.7/tests-m32/fchmodat--secontext_full.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ strace-5.7/tests-m32/fchmodat--secontext_full.c 2021-08-24 21:08:43.299245654 +0200 @@ -0,0 +1,2 @@ +#define PRINT_SECONTEXT_FULL +#include "fchmodat--secontext.c" Index: strace-5.7/tests-m32/fchownat--secontext_full.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ strace-5.7/tests-m32/fchownat--secontext_full.c 2021-08-24 21:08:43.299245654 +0200 @@ -0,0 +1,2 @@ +#define PRINT_SECONTEXT_FULL +#include "fchownat--secontext.c" Index: strace-5.7/tests-m32/file_handle--secontext_full.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ strace-5.7/tests-m32/file_handle--secontext_full.c 2021-08-24 21:08:43.299245654 +0200 @@ -0,0 +1,2 @@ +#define PRINT_SECONTEXT_FULL +#include "file_handle--secontext.c" Index: strace-5.7/tests-m32/linkat--secontext_full.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ strace-5.7/tests-m32/linkat--secontext_full.c 2021-08-24 21:08:43.299245654 +0200 @@ -0,0 +1,2 @@ +#define PRINT_SECONTEXT_FULL +#include "linkat--secontext.c" Index: strace-5.7/tests-m32/open--secontext_full.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ strace-5.7/tests-m32/open--secontext_full.c 2021-08-24 21:08:43.299245654 +0200 @@ -0,0 +1,2 @@ +#define PRINT_SECONTEXT_FULL +#include "open--secontext.c" Index: strace-5.7/tests-m32/openat--secontext_full.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ strace-5.7/tests-m32/openat--secontext_full.c 2021-08-24 21:08:43.299245654 +0200 @@ -0,0 +1,2 @@ +#define PRINT_SECONTEXT_FULL +#include "openat--secontext.c" Index: strace-5.7/tests-mx32/access--secontext_full.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ strace-5.7/tests-mx32/access--secontext_full.c 2021-08-24 21:08:43.299245654 +0200 @@ -0,0 +1,2 @@ +#define PRINT_SECONTEXT_FULL +#include "access--secontext.c" Index: strace-5.7/tests-mx32/chmod--secontext_full.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ strace-5.7/tests-mx32/chmod--secontext_full.c 2021-08-24 21:08:43.299245654 +0200 @@ -0,0 +1,2 @@ +#define PRINT_SECONTEXT_FULL +#include "chmod--secontext.c" Index: strace-5.7/tests-mx32/execve--secontext_full.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ strace-5.7/tests-mx32/execve--secontext_full.c 2021-08-24 21:08:43.300245646 +0200 @@ -0,0 +1,2 @@ +#define PRINT_SECONTEXT_FULL +#include "execve--secontext.c" Index: strace-5.7/tests-mx32/execveat--secontext_full.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ strace-5.7/tests-mx32/execveat--secontext_full.c 2021-08-24 21:08:43.300245646 +0200 @@ -0,0 +1,2 @@ +#define PRINT_SECONTEXT_FULL +#include "execveat--secontext.c" Index: strace-5.7/tests-mx32/faccessat--secontext_full.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ strace-5.7/tests-mx32/faccessat--secontext_full.c 2021-08-24 21:08:43.300245646 +0200 @@ -0,0 +1,2 @@ +#define PRINT_SECONTEXT_FULL +#include "faccessat--secontext.c" Index: strace-5.7/tests-mx32/faccessat-y--secontext_full.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ strace-5.7/tests-mx32/faccessat-y--secontext_full.c 2021-08-24 21:08:43.300245646 +0200 @@ -0,0 +1,2 @@ +#define PRINT_SECONTEXT_FULL +#include "faccessat-y--secontext.c" Index: strace-5.7/tests-mx32/fanotify_mark--secontext_full.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ strace-5.7/tests-mx32/fanotify_mark--secontext_full.c 2021-08-24 21:08:43.300245646 +0200 @@ -0,0 +1,2 @@ +#define PRINT_SECONTEXT_FULL +#include "fanotify_mark--secontext.c" Index: strace-5.7/tests-mx32/fchmod--secontext_full.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ strace-5.7/tests-mx32/fchmod--secontext_full.c 2021-08-24 21:08:43.300245646 +0200 @@ -0,0 +1,2 @@ +#define PRINT_SECONTEXT_FULL +#include "fchmod--secontext.c" Index: strace-5.7/tests-mx32/fchmod-y--secontext_full.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ strace-5.7/tests-mx32/fchmod-y--secontext_full.c 2021-08-24 21:08:43.300245646 +0200 @@ -0,0 +1,2 @@ +#define PRINT_SECONTEXT_FULL +#include "fchmod-y--secontext.c" Index: strace-5.7/tests-mx32/fchmodat--secontext_full.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ strace-5.7/tests-mx32/fchmodat--secontext_full.c 2021-08-24 21:08:43.301245637 +0200 @@ -0,0 +1,2 @@ +#define PRINT_SECONTEXT_FULL +#include "fchmodat--secontext.c" Index: strace-5.7/tests-mx32/fchownat--secontext_full.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ strace-5.7/tests-mx32/fchownat--secontext_full.c 2021-08-24 21:08:43.301245637 +0200 @@ -0,0 +1,2 @@ +#define PRINT_SECONTEXT_FULL +#include "fchownat--secontext.c" Index: strace-5.7/tests-mx32/file_handle--secontext_full.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ strace-5.7/tests-mx32/file_handle--secontext_full.c 2021-08-24 21:08:43.301245637 +0200 @@ -0,0 +1,2 @@ +#define PRINT_SECONTEXT_FULL +#include "file_handle--secontext.c" Index: strace-5.7/tests-mx32/linkat--secontext_full.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ strace-5.7/tests-mx32/linkat--secontext_full.c 2021-08-24 21:08:43.301245637 +0200 @@ -0,0 +1,2 @@ +#define PRINT_SECONTEXT_FULL +#include "linkat--secontext.c" Index: strace-5.7/tests-mx32/open--secontext_full.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ strace-5.7/tests-mx32/open--secontext_full.c 2021-08-24 21:08:43.301245637 +0200 @@ -0,0 +1,2 @@ +#define PRINT_SECONTEXT_FULL +#include "open--secontext.c" Index: strace-5.7/tests-mx32/openat--secontext_full.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ strace-5.7/tests-mx32/openat--secontext_full.c 2021-08-24 21:08:43.301245637 +0200 @@ -0,0 +1,2 @@ +#define PRINT_SECONTEXT_FULL +#include "openat--secontext.c" Index: strace-5.7/tests/access--secontext_full.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ strace-5.7/tests/access--secontext_full.c 2021-08-24 21:08:43.301245637 +0200 @@ -0,0 +1,2 @@ +#define PRINT_SECONTEXT_FULL +#include "access--secontext.c" Index: strace-5.7/tests/chmod--secontext_full.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ strace-5.7/tests/chmod--secontext_full.c 2021-08-24 21:08:43.302245629 +0200 @@ -0,0 +1,2 @@ +#define PRINT_SECONTEXT_FULL +#include "chmod--secontext.c" Index: strace-5.7/tests/execve--secontext_full.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ strace-5.7/tests/execve--secontext_full.c 2021-08-24 21:08:43.302245629 +0200 @@ -0,0 +1,2 @@ +#define PRINT_SECONTEXT_FULL +#include "execve--secontext.c" Index: strace-5.7/tests/execveat--secontext_full.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ strace-5.7/tests/execveat--secontext_full.c 2021-08-24 21:08:43.302245629 +0200 @@ -0,0 +1,2 @@ +#define PRINT_SECONTEXT_FULL +#include "execveat--secontext.c" Index: strace-5.7/tests/faccessat--secontext_full.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ strace-5.7/tests/faccessat--secontext_full.c 2021-08-24 21:08:43.302245629 +0200 @@ -0,0 +1,2 @@ +#define PRINT_SECONTEXT_FULL +#include "faccessat--secontext.c" Index: strace-5.7/tests/faccessat-y--secontext_full.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ strace-5.7/tests/faccessat-y--secontext_full.c 2021-08-24 21:08:43.302245629 +0200 @@ -0,0 +1,2 @@ +#define PRINT_SECONTEXT_FULL +#include "faccessat-y--secontext.c" Index: strace-5.7/tests/fanotify_mark--secontext_full.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ strace-5.7/tests/fanotify_mark--secontext_full.c 2021-08-24 21:08:43.302245629 +0200 @@ -0,0 +1,2 @@ +#define PRINT_SECONTEXT_FULL +#include "fanotify_mark--secontext.c" Index: strace-5.7/tests/fchmod--secontext_full.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ strace-5.7/tests/fchmod--secontext_full.c 2021-08-24 21:08:43.302245629 +0200 @@ -0,0 +1,2 @@ +#define PRINT_SECONTEXT_FULL +#include "fchmod--secontext.c" Index: strace-5.7/tests/fchmod-y--secontext_full.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ strace-5.7/tests/fchmod-y--secontext_full.c 2021-08-24 21:08:43.303245621 +0200 @@ -0,0 +1,2 @@ +#define PRINT_SECONTEXT_FULL +#include "fchmod-y--secontext.c" Index: strace-5.7/tests/fchmodat--secontext_full.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ strace-5.7/tests/fchmodat--secontext_full.c 2021-08-24 21:08:43.303245621 +0200 @@ -0,0 +1,2 @@ +#define PRINT_SECONTEXT_FULL +#include "fchmodat--secontext.c" Index: strace-5.7/tests/fchownat--secontext_full.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ strace-5.7/tests/fchownat--secontext_full.c 2021-08-24 21:08:43.303245621 +0200 @@ -0,0 +1,2 @@ +#define PRINT_SECONTEXT_FULL +#include "fchownat--secontext.c" Index: strace-5.7/tests/file_handle--secontext_full.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ strace-5.7/tests/file_handle--secontext_full.c 2021-08-24 21:08:43.303245621 +0200 @@ -0,0 +1,2 @@ +#define PRINT_SECONTEXT_FULL +#include "file_handle--secontext.c" Index: strace-5.7/tests/linkat--secontext_full.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ strace-5.7/tests/linkat--secontext_full.c 2021-08-24 21:08:43.303245621 +0200 @@ -0,0 +1,2 @@ +#define PRINT_SECONTEXT_FULL +#include "linkat--secontext.c" Index: strace-5.7/tests/open--secontext_full.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ strace-5.7/tests/open--secontext_full.c 2021-08-24 21:08:43.303245621 +0200 @@ -0,0 +1,2 @@ +#define PRINT_SECONTEXT_FULL +#include "open--secontext.c" Index: strace-5.7/tests/openat--secontext_full.c =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ strace-5.7/tests/openat--secontext_full.c 2021-08-24 21:08:43.303245621 +0200 @@ -0,0 +1,2 @@ +#define PRINT_SECONTEXT_FULL +#include "openat--secontext.c" Index: strace-5.7/config.h.in =================================================================== --- strace-5.7.orig/config.h.in 2021-08-24 21:08:35.510311579 +0200 +++ strace-5.7/config.h.in 2021-08-24 21:08:43.304245612 +0200 @@ -36,6 +36,9 @@ /* Define to 1 if you want OABI support on ARM EABI. */ #undef ENABLE_ARM_OABI +/* Define to enable SELinux security contexts support */ +#undef ENABLE_SECONTEXT + /* Define to enable stack tracing support */ #undef ENABLE_STACKTRACE @@ -2253,6 +2256,12 @@ /* Define to 1 if you have the header file. */ #undef HAVE_SCSI_SG_H +/* Define to enable SELinux security contexts testing */ +#undef HAVE_SELINUX_RUNTIME + +/* Define to 1 if you have the header file. */ +#undef HAVE_SELINUX_SELINUX_H + /* Define to 1 if `si_overrun' is a member of `siginfo_t'. */ #undef HAVE_SIGINFO_T_SI_OVERRUN Index: strace-5.7/configure =================================================================== --- strace-5.7.orig/configure 2021-08-24 17:01:46.714990240 +0200 +++ strace-5.7/configure 2021-08-24 21:08:43.315245519 +0200 @@ -641,10 +641,14 @@ VALGRIND HAVE_MX32_MPERS_FALSE HAVE_MX32_MPERS_TRUE +HAVE_MX32_SELINUX_RUNTIME_FALSE +HAVE_MX32_SELINUX_RUNTIME_TRUE HAVE_MX32_RUNTIME_FALSE HAVE_MX32_RUNTIME_TRUE HAVE_M32_MPERS_FALSE HAVE_M32_MPERS_TRUE +HAVE_M32_SELINUX_RUNTIME_FALSE +HAVE_M32_SELINUX_RUNTIME_TRUE HAVE_M32_RUNTIME_FALSE HAVE_M32_RUNTIME_TRUE CFLAGS_FOR_MX32 @@ -655,6 +659,13 @@ CPPFLAGS_FOR_M32 CPP_FOR_M32 CC_FOR_M32 +HAVE_SELINUX_RUNTIME_FALSE +HAVE_SELINUX_RUNTIME_TRUE +ENABLE_SECONTEXT_FALSE +ENABLE_SECONTEXT_TRUE +libselinux_CPPFLAGS +libselinux_LDFLAGS +libselinux_LIBS USE_DEMANGLE_FALSE USE_DEMANGLE_TRUE libiberty_CPPFLAGS @@ -827,6 +838,7 @@ with_libdw with_libunwind with_libiberty +with_libselinux enable_mpers enable_valgrind enable_valgrind_memcheck @@ -1498,6 +1510,7 @@ --with-libunwind use libunwind to implement stack tracing support --with-libiberty use libiberty to demangle symbols in stack trace + --with-libselinux use libselinux to collect security contexts Some influential environment variables: CC C compiler command @@ -22728,6 +22741,203 @@ + +libselinux_CPPFLAGS= +libselinux_LDFLAGS= +libselinux_LIBS= +enable_secontext=no + + +# Check whether --with-libselinux was given. +if test "${with_libselinux+set}" = set; then : + withval=$with_libselinux; case "${withval}" in + yes|no|check) ;; + *) with_libselinux=yes + libselinux_CPPFLAGS="-I${withval}/include" + libselinux_LDFLAGS="-L${withval}/lib" ;; + esac +else + with_libselinux=check + +fi + + +if test "x$with_libselinux" != xno; then : + saved_CPPFLAGS="$CPPFLAGS" + CPPFLAGS="$CPPFLAGS $libselinux_CPPFLAGS" + found_selinux_h=no + for ac_header in selinux/selinux.h +do : + ac_fn_c_check_header_mongrel "$LINENO" "selinux/selinux.h" "ac_cv_header_selinux_selinux_h" "$ac_includes_default" +if test "x$ac_cv_header_selinux_selinux_h" = xyes; then : + cat >>confdefs.h <<_ACEOF +#define HAVE_SELINUX_SELINUX_H 1 +_ACEOF + found_selinux_h=yes +fi + +done + + CPPFLAGS="$saved_CPPFLAGS" + if test "x$found_selinux_h" = xyes; then : + saved_LDFLAGS="$LDFLAGS" + LDFLAGS="$LDFLAGS $libselinux_LDFLAGS" + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for getpidcon in -lselinux" >&5 +$as_echo_n "checking for getpidcon in -lselinux... " >&6; } +if ${ac_cv_lib_selinux_getpidcon+:} false; then : + $as_echo_n "(cached) " >&6 +else + ac_check_lib_save_LIBS=$LIBS +LIBS="-lselinux $LIBS" +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +#ifdef __cplusplus +extern "C" +#endif +char getpidcon (); +int +main () +{ +return getpidcon (); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + ac_cv_lib_selinux_getpidcon=yes +else + ac_cv_lib_selinux_getpidcon=no +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext +LIBS=$ac_check_lib_save_LIBS +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_selinux_getpidcon" >&5 +$as_echo "$ac_cv_lib_selinux_getpidcon" >&6; } +if test "x$ac_cv_lib_selinux_getpidcon" = xyes; then : + libselinux_LIBS="-lselinux" + enable_secontext=yes + +else + if test "x$with_libselinux" != xcheck; then + { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} +as_fn_error $? "failed to find getpidcon in libselinux +See \`config.log' for more details" "$LINENO" 5; } + fi + + +fi + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for getfilecon in -lselinux" >&5 +$as_echo_n "checking for getfilecon in -lselinux... " >&6; } +if ${ac_cv_lib_selinux_getfilecon+:} false; then : + $as_echo_n "(cached) " >&6 +else + ac_check_lib_save_LIBS=$LIBS +LIBS="-lselinux $LIBS" +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +#ifdef __cplusplus +extern "C" +#endif +char getfilecon (); +int +main () +{ +return getfilecon (); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + ac_cv_lib_selinux_getfilecon=yes +else + ac_cv_lib_selinux_getfilecon=no +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext +LIBS=$ac_check_lib_save_LIBS +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_selinux_getfilecon" >&5 +$as_echo "$ac_cv_lib_selinux_getfilecon" >&6; } +if test "x$ac_cv_lib_selinux_getfilecon" = xyes; then : + libselinux_LIBS="-lselinux" + enable_secontext=yes + +else + if test "x$with_libselinux" != xcheck; then + { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} +as_fn_error $? "failed to find getfilecon in libselinux +See \`config.log' for more details" "$LINENO" 5; } + fi + + +fi + + LDFLAGS="$saved_LDFLAGS" + +else + if test "x$with_libselinux" != xcheck; then + { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} +as_fn_error $? "failed to find selinux.h +See \`config.log' for more details" "$LINENO" 5; } + fi + + +fi + + +fi + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether to enable security contexts support" >&5 +$as_echo_n "checking whether to enable security contexts support... " >&6; } +if test "x$enable_secontext" = xyes; then : + +$as_echo "#define ENABLE_SECONTEXT 1" >>confdefs.h + + +$as_echo "#define HAVE_SELINUX_RUNTIME 1" >>confdefs.h + + + + + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + if test "x$enable_secontext" = xyes; then + ENABLE_SECONTEXT_TRUE= + ENABLE_SECONTEXT_FALSE='#' +else + ENABLE_SECONTEXT_TRUE='#' + ENABLE_SECONTEXT_FALSE= +fi + + if test "x$enable_secontext" = xyes; then + HAVE_SELINUX_RUNTIME_TRUE= + HAVE_SELINUX_RUNTIME_FALSE='#' +else + HAVE_SELINUX_RUNTIME_TRUE='#' + HAVE_SELINUX_RUNTIME_FALSE= +fi + + + + if test "$arch" = mips && test "$no_create" != yes; then mkdir -p linux/mips if $srcdir/linux/mips/genstub.sh \ @@ -22839,6 +23049,8 @@ + + if test -n "${CC+set}"; then : st_saved_CC="${CC}"; unset CC fi @@ -22964,6 +23176,47 @@ fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $st_cv_m32_mpers" >&5 $as_echo "$st_cv_m32_mpers" >&6; } + if test "x$enable_secontext$st_cv_m32_mpers$st_cv_m32_runtime" = xyesyesyes; then : + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether selinux runtime works with m32 personality" >&5 +$as_echo_n "checking whether selinux runtime works with m32 personality... " >&6; } +if ${st_cv_m32_selinux_runtime+:} false; then : + $as_echo_n "(cached) " >&6 +else + saved_CPPFLAGS="$CPPFLAGS" + saved_LDFLAGS="$LDFLAGS_FOR_M32" + saved_LIBS="$LIBS" + CPPFLAGS="$CPPFLAGS $libselinux_CPPFLAGS" + LDFLAGS_FOR_M32="$LDFLAGS_FOR_M32 $libselinux_LDFLAGS" + LIBS="$LIBS $libselinux_LIBS" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include +int +main () +{ +return 0 + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + st_cv_m32_selinux_runtime=yes +else + st_cv_m32_selinux_runtime=no +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext + LIBS="$saved_LIBS" + LDFLAGS_FOR_M32="$saved_LDFLAGS" + CPPFLAGS="$saved_CPPFLAGS" + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $st_cv_m32_selinux_runtime" >&5 +$as_echo "$st_cv_m32_selinux_runtime" >&6; } + +else + st_cv_m32_selinux_runtime=no +fi if test $st_cv_m32_mpers = yes; then $as_echo "#define HAVE_M32_MPERS 1" >>confdefs.h @@ -23387,6 +23640,7 @@ *) # case "$enable_mpers" st_cv_m32_runtime=no st_cv_m32_mpers=no + st_cv_m32_selinux_runtime=no ;; esac @@ -23418,6 +23672,14 @@ HAVE_M32_RUNTIME_FALSE= fi + if test "$st_cv_m32_mpers$st_cv_m32_selinux_runtime" = yesyes; then + HAVE_M32_SELINUX_RUNTIME_TRUE= + HAVE_M32_SELINUX_RUNTIME_FALSE='#' +else + HAVE_M32_SELINUX_RUNTIME_TRUE='#' + HAVE_M32_SELINUX_RUNTIME_FALSE= +fi + if test "$st_cv_m32_mpers" = yes; then HAVE_M32_MPERS_TRUE= HAVE_M32_MPERS_FALSE='#' @@ -23467,6 +23729,10 @@ + + + + if test -n "${CC+set}"; then : st_saved_CC="${CC}"; unset CC fi @@ -23592,6 +23858,47 @@ fi { $as_echo "$as_me:${as_lineno-$LINENO}: result: $st_cv_mx32_mpers" >&5 $as_echo "$st_cv_mx32_mpers" >&6; } + if test "x$enable_secontext$st_cv_mx32_mpers$st_cv_mx32_runtime" = xyesyesyes; then : + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether selinux runtime works with mx32 personality" >&5 +$as_echo_n "checking whether selinux runtime works with mx32 personality... " >&6; } +if ${st_cv_mx32_selinux_runtime+:} false; then : + $as_echo_n "(cached) " >&6 +else + saved_CPPFLAGS="$CPPFLAGS" + saved_LDFLAGS="$LDFLAGS_FOR_MX32" + saved_LIBS="$LIBS" + CPPFLAGS="$CPPFLAGS $libselinux_CPPFLAGS" + LDFLAGS_FOR_MX32="$LDFLAGS_FOR_MX32 $libselinux_LDFLAGS" + LIBS="$LIBS $libselinux_LIBS" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include +int +main () +{ +return 0 + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + st_cv_mx32_selinux_runtime=yes +else + st_cv_mx32_selinux_runtime=no +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext + LIBS="$saved_LIBS" + LDFLAGS_FOR_MX32="$saved_LDFLAGS" + CPPFLAGS="$saved_CPPFLAGS" + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $st_cv_mx32_selinux_runtime" >&5 +$as_echo "$st_cv_mx32_selinux_runtime" >&6; } + +else + st_cv_mx32_selinux_runtime=no +fi if test $st_cv_mx32_mpers = yes; then $as_echo "#define HAVE_MX32_MPERS 1" >>confdefs.h @@ -24015,6 +24322,7 @@ *) # case "$enable_mpers" st_cv_mx32_runtime=no st_cv_mx32_mpers=no + st_cv_mx32_selinux_runtime=no ;; esac @@ -24046,6 +24354,14 @@ HAVE_MX32_RUNTIME_FALSE= fi + if test "$st_cv_mx32_mpers$st_cv_mx32_selinux_runtime" = yesyes; then + HAVE_MX32_SELINUX_RUNTIME_TRUE= + HAVE_MX32_SELINUX_RUNTIME_FALSE='#' +else + HAVE_MX32_SELINUX_RUNTIME_TRUE='#' + HAVE_MX32_SELINUX_RUNTIME_FALSE= +fi + if test "$st_cv_mx32_mpers" = yes; then HAVE_MX32_MPERS_TRUE= HAVE_MX32_MPERS_FALSE='#' @@ -24088,6 +24404,8 @@ + + # Check whether --enable-valgrind was given. if test "${enable_valgrind+set}" = set; then : enableval=$enable_valgrind; enable_valgrind=$enableval @@ -24659,10 +24977,22 @@ as_fn_error $? "conditional \"USE_DEMANGLE\" was never defined. Usually this means the macro was only invoked conditionally." "$LINENO" 5 fi +if test -z "${ENABLE_SECONTEXT_TRUE}" && test -z "${ENABLE_SECONTEXT_FALSE}"; then + as_fn_error $? "conditional \"ENABLE_SECONTEXT\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi +if test -z "${HAVE_SELINUX_RUNTIME_TRUE}" && test -z "${HAVE_SELINUX_RUNTIME_FALSE}"; then + as_fn_error $? "conditional \"HAVE_SELINUX_RUNTIME\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi if test -z "${HAVE_M32_RUNTIME_TRUE}" && test -z "${HAVE_M32_RUNTIME_FALSE}"; then as_fn_error $? "conditional \"HAVE_M32_RUNTIME\" was never defined. Usually this means the macro was only invoked conditionally." "$LINENO" 5 fi +if test -z "${HAVE_M32_SELINUX_RUNTIME_TRUE}" && test -z "${HAVE_M32_SELINUX_RUNTIME_FALSE}"; then + as_fn_error $? "conditional \"HAVE_M32_SELINUX_RUNTIME\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi if test -z "${HAVE_M32_MPERS_TRUE}" && test -z "${HAVE_M32_MPERS_FALSE}"; then as_fn_error $? "conditional \"HAVE_M32_MPERS\" was never defined. Usually this means the macro was only invoked conditionally." "$LINENO" 5 @@ -24671,6 +25001,10 @@ as_fn_error $? "conditional \"HAVE_MX32_RUNTIME\" was never defined. Usually this means the macro was only invoked conditionally." "$LINENO" 5 fi +if test -z "${HAVE_MX32_SELINUX_RUNTIME_TRUE}" && test -z "${HAVE_MX32_SELINUX_RUNTIME_FALSE}"; then + as_fn_error $? "conditional \"HAVE_MX32_SELINUX_RUNTIME\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi if test -z "${HAVE_MX32_MPERS_TRUE}" && test -z "${HAVE_MX32_MPERS_FALSE}"; then as_fn_error $? "conditional \"HAVE_MX32_MPERS\" was never defined. Usually this means the macro was only invoked conditionally." "$LINENO" 5