int selinux_raw_to_trans_context(const security_context_t raw,
security_context_t * transp)
{
if (!raw) {
*transp = NULL;
return 0;
}
__selinux_once(once, init_context_translations);
if (!mls_enabled) {
*transp = strdup(raw);
goto out;
}
if (prev_r2t_raw && strcmp(prev_r2t_raw, raw) == 0) {
*transp = strdup(prev_r2t_trans);
} else {
free(prev_r2t_raw);
prev_r2t_raw = NULL;
free(prev_r2t_trans);
prev_r2t_trans = NULL;
if (raw_to_trans_context(raw, transp))
*transp = strdup(raw);
if (*transp) {
prev_r2t_raw = strdup(raw);
if (!prev_r2t_raw)
goto out;
prev_r2t_trans = strdup(*transp);
if (!prev_r2t_trans) {
free(prev_r2t_raw);
prev_r2t_raw = NULL;
}
}
}
out:
return *transp ? 0 : -1;
}
int security_compute_relabel(security_context_t scon,
security_context_t tcon,
security_class_t tclass,
security_context_t *newcon)
{
int ret;
security_context_t rscon = scon;
security_context_t rtcon = tcon;
security_context_t rnewcon;
if (context_translations) {
if (trans_to_raw_context(scon, &rscon))
return -1;
if (trans_to_raw_context(tcon, &rtcon)) {
freecon(rscon);
return -1;
}
}
ret = security_compute_relabel_raw(rscon, rtcon, tclass, &rnewcon);
if (context_translations) {
freecon(rscon);
freecon(rtcon);
if (!ret) {
if (raw_to_trans_context(rnewcon, newcon)) {
*newcon = NULL;
ret = -1;
}
freecon(rnewcon);
}
} else if (!ret)
*newcon = rnewcon;
return ret;
}
