mini-keyctl: support printing security label

Test: mini-keyctl security <key_id> Bug: 128607724 Change-Id: If92b41d0aa96d626933546391b964ca2a8a48703
author: Victor Hsieh <victorhsieh@google.com> 2019-03-15 11:35:45 -0700
committer: Victor Hsieh <victorhsieh@google.com> 2019-03-15 16:01:01 -0700
commit: 327037f06363532c8cff79c7e6b1f64f4de9119c (patch)
tree: 0a1c3006a2dc973fc84b9c3547b454c8a305e67f /libkeyutils/mini_keyctl_utils.cpp
parent: 0e5b74deff69312063e9f71d3b62f1f806b29526 (diff)
1 files changed, 18 insertions, 0 deletions
diff --git a/libkeyutils/mini_keyctl_utils.cpp b/libkeyutils/mini_keyctl_utils.cpp
index c4fc96cc60..3651606db3 100644
--- a/libkeyutils/mini_keyctl_utils.cpp
+++ b/libkeyutils/mini_keyctl_utils.cpp
@@ -210,3 +210,21 @@ int RestrictKeyring(const std::string& keyring) {
   }
   return 0;
 }
+
+std::string RetrieveSecurityContext(key_serial_t key) {
+  // Simply assume this size is enough in practice.
+  const int kMaxSupportedSize = 256;
+  std::string context;
+  context.resize(kMaxSupportedSize);
+  long retval = keyctl_get_security(key, context.data(), kMaxSupportedSize);
+  if (retval < 0) {
+    PLOG(ERROR) << "Cannot get security context of key 0x" << std::hex << key;
+    return std::string();
+  }
+  if (retval > kMaxSupportedSize) {
+    LOG(ERROR) << "The key has unexpectedly long security context than " << kMaxSupportedSize;
+    return std::string();
+  }
+  context.resize(retval);
+  return context;
+}
author	Victor Hsieh <victorhsieh@google.com>	2019-03-15 11:35:45 -0700
committer	Victor Hsieh <victorhsieh@google.com>	2019-03-15 16:01:01 -0700
commit	327037f06363532c8cff79c7e6b1f64f4de9119c (patch)
tree	0a1c3006a2dc973fc84b9c3547b454c8a305e67f /libkeyutils/mini_keyctl_utils.cpp
parent	0e5b74deff69312063e9f71d3b62f1f806b29526 (diff)