Home | History | Annotate | Download | only in jni 
      1 /*
      2  * Copyright (C) 2013 The Android Open Source Project
      3  *
      4  * Licensed under the Apache License, Version 2.0 (the "License");
      5  * you may not use this file except in compliance with the License.
      6  * You may obtain a copy of the License at
      7  *
      8  *      http://www.apache.org/licenses/LICENSE-2.0
      9  *
     10  * Unless required by applicable law or agreed to in writing, software
     11  * distributed under the License is distributed on an "AS IS" BASIS,
     12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
     13  * See the License for the specific language governing permissions and
     14  * limitations under the License.
     15  */
     16 
     17 #include <jni.h>
     18 #include <selinux/selinux.h>
     19 #include <JNIHelp.h>
     20 #include <ScopedUtfChars.h>
     21 
     22 /*
     23  * Function: checkSELinuxAccess
     24  * Purpose: Check permissions between two security contexts.
     25  * Parameters: subjectContextStr: subject security context as a string
     26  *             objectContextStr: object security context as a string
     27  *             objectClassStr: object's security class name as a string
     28  *             permissionStr: permission name as a string
     29  * Returns: boolean: (true) if permission was granted, (false) otherwise
     30  * Exceptions: NullPointerException if any argument is NULL
     31  */
     32 static jboolean android_security_cts_SELinuxTest_checkSELinuxAccess(JNIEnv *env, jobject, jstring subjectContextStr,
     33         jstring objectContextStr, jstring objectClassStr, jstring permissionStr, jstring auxStr) {
     34     if (subjectContextStr == NULL || objectContextStr == NULL || objectClassStr == NULL
     35             || permissionStr == NULL || auxStr == NULL) {
     36         jniThrowNullPointerException(env, NULL);
     37         return false;
     38     }
     39 
     40     ScopedUtfChars subjectContext(env, subjectContextStr);
     41     ScopedUtfChars objectContext(env, objectContextStr);
     42     ScopedUtfChars objectClass(env, objectClassStr);
     43     ScopedUtfChars permission(env, permissionStr);
     44     ScopedUtfChars aux(env, auxStr);
     45 
     46     char *tmp1 = const_cast<char *>(subjectContext.c_str());
     47     char *tmp2 = const_cast<char *>(objectContext.c_str());
     48     char *tmp3 = const_cast<char *>(aux.c_str());
     49     int accessGranted = selinux_check_access(tmp1, tmp2, objectClass.c_str(), permission.c_str(), tmp3);
     50     return (accessGranted == 0) ? true : false;
     51 }
     52 
     53 static jboolean android_security_cts_SELinuxTest_checkSELinuxContext(JNIEnv *env, jobject, jstring contextStr) {
     54     if (contextStr == NULL) {
     55         jniThrowNullPointerException(env, NULL);
     56         return false;
     57     }
     58 
     59     ScopedUtfChars context(env, contextStr);
     60 
     61     char *tmp = const_cast<char *>(context.c_str());
     62     int validContext = security_check_context(tmp);
     63     return (validContext == 0) ? true : false;
     64 }
     65 
     66 
     67 static JNINativeMethod gMethods[] = {
     68     {  "checkSELinuxAccess", "(Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;)Z",
     69             (void *) android_security_cts_SELinuxTest_checkSELinuxAccess },
     70     {  "checkSELinuxContext", "(Ljava/lang/String;)Z",
     71             (void *) android_security_cts_SELinuxTest_checkSELinuxContext },
     72 };
     73 
     74 int register_android_security_cts_SELinuxTest(JNIEnv* env)
     75 {
     76     jclass clazz = env->FindClass("android/security/cts/SELinuxTest");
     77     return env->RegisterNatives(clazz, gMethods,
     78             sizeof(gMethods) / sizeof(JNINativeMethod));
     79 }
     80