Merge "mini-keyctl: support printing security label"

author: Treehugger Robot <treehugger-gerrit@google.com> 2019-03-18 15:52:28 +0000
committer: Gerrit Code Review <noreply-gerritcodereview@google.com> 2019-03-18 15:52:28 +0000
commit: 9555bd40cec95e94ea5152f4191c0bf6c4e1f75a (patch)
tree: 118023e634cf02795bff80a571f5e48b0c1a8fe2 /libkeyutils/mini_keyctl_utils.cpp
parent: fc0f79f8a842b777281899eaac9a7dffaadbae44 (diff)
parent: 327037f06363532c8cff79c7e6b1f64f4de9119c (diff)
1 files changed, 18 insertions, 0 deletions
diff --git a/libkeyutils/mini_keyctl_utils.cpp b/libkeyutils/mini_keyctl_utils.cpp
index c4fc96cc60..3651606db3 100644
--- a/libkeyutils/mini_keyctl_utils.cpp
+++ b/libkeyutils/mini_keyctl_utils.cpp
@@ -210,3 +210,21 @@ int RestrictKeyring(const std::string& keyring) {
   }
   return 0;
 }
+
+std::string RetrieveSecurityContext(key_serial_t key) {
+  // Simply assume this size is enough in practice.
+  const int kMaxSupportedSize = 256;
+  std::string context;
+  context.resize(kMaxSupportedSize);
+  long retval = keyctl_get_security(key, context.data(), kMaxSupportedSize);
+  if (retval < 0) {
+    PLOG(ERROR) << "Cannot get security context of key 0x" << std::hex << key;
+    return std::string();
+  }
+  if (retval > kMaxSupportedSize) {
+    LOG(ERROR) << "The key has unexpectedly long security context than " << kMaxSupportedSize;
+    return std::string();
+  }
+  context.resize(retval);
+  return context;
+}
author	Treehugger Robot <treehugger-gerrit@google.com>	2019-03-18 15:52:28 +0000
committer	Gerrit Code Review <noreply-gerritcodereview@google.com>	2019-03-18 15:52:28 +0000
commit	9555bd40cec95e94ea5152f4191c0bf6c4e1f75a (patch)
tree	118023e634cf02795bff80a571f5e48b0c1a8fe2 /libkeyutils/mini_keyctl_utils.cpp
parent	fc0f79f8a842b777281899eaac9a7dffaadbae44 (diff)
parent	327037f06363532c8cff79c7e6b1f64f4de9119c (diff)