1 /*
2 * Copyright (C) 2013 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17 #include <jni.h>
18 #include <selinux/selinux.h>
19 #include <JNIHelp.h>
20 #include <ScopedUtfChars.h>
21
22 /*
23 * Function: checkSELinuxAccess
24 * Purpose: Check permissions between two security contexts.
25 * Parameters: subjectContextStr: subject security context as a string
26 * objectContextStr: object security context as a string
27 * objectClassStr: object's security class name as a string
28 * permissionStr: permission name as a string
29 * Returns: boolean: (true) if permission was granted, (false) otherwise
30 * Exceptions: NullPointerException if any argument is NULL
31 */
android_security_cts_SELinuxTest_checkSELinuxAccess(JNIEnv * env,jobject,jstring subjectContextStr,jstring objectContextStr,jstring objectClassStr,jstring permissionStr,jstring auxStr)32 static jboolean android_security_cts_SELinuxTest_checkSELinuxAccess(JNIEnv *env, jobject, jstring subjectContextStr,
33 jstring objectContextStr, jstring objectClassStr, jstring permissionStr, jstring auxStr) {
34 if (subjectContextStr == NULL || objectContextStr == NULL || objectClassStr == NULL
35 || permissionStr == NULL || auxStr == NULL) {
36 jniThrowNullPointerException(env, NULL);
37 return false;
38 }
39
40 ScopedUtfChars subjectContext(env, subjectContextStr);
41 ScopedUtfChars objectContext(env, objectContextStr);
42 ScopedUtfChars objectClass(env, objectClassStr);
43 ScopedUtfChars permission(env, permissionStr);
44 ScopedUtfChars aux(env, auxStr);
45
46 char *tmp1 = const_cast<char *>(subjectContext.c_str());
47 char *tmp2 = const_cast<char *>(objectContext.c_str());
48 char *tmp3 = const_cast<char *>(aux.c_str());
49 int accessGranted = selinux_check_access(tmp1, tmp2, objectClass.c_str(), permission.c_str(), tmp3);
50 return (accessGranted == 0) ? true : false;
51 }
52
android_security_cts_SELinuxTest_checkSELinuxContext(JNIEnv * env,jobject,jstring contextStr)53 static jboolean android_security_cts_SELinuxTest_checkSELinuxContext(JNIEnv *env, jobject, jstring contextStr) {
54 if (contextStr == NULL) {
55 jniThrowNullPointerException(env, NULL);
56 return false;
57 }
58
59 ScopedUtfChars context(env, contextStr);
60
61 char *tmp = const_cast<char *>(context.c_str());
62 int validContext = security_check_context(tmp);
63 return (validContext == 0) ? true : false;
64 }
65
66
67 static JNINativeMethod gMethods[] = {
68 { "checkSELinuxAccess", "(Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;)Z",
69 (void *) android_security_cts_SELinuxTest_checkSELinuxAccess },
70 { "checkSELinuxContext", "(Ljava/lang/String;)Z",
71 (void *) android_security_cts_SELinuxTest_checkSELinuxContext },
72 };
73
register_android_security_cts_SELinuxTest(JNIEnv * env)74 int register_android_security_cts_SELinuxTest(JNIEnv* env)
75 {
76 jclass clazz = env->FindClass("android/security/cts/SELinuxTest");
77 return env->RegisterNatives(clazz, gMethods,
78 sizeof(gMethods) / sizeof(JNINativeMethod));
79 }
80