From 22b768d127fbd4b5d87f6017e2afb07febca72f8 Mon Sep 17 00:00:00 2001
From: =?utf8?q?Christian=20G=C3=B6ttsche?= <cgzones@googlemail.com>
Date: Sat, 27 Apr 2024 21:22:02 +0200
Subject: [PATCH] basic: add mknodat_label()

Add helper for mknodat(2) which creates the destination with the correct
security label.
---
 src/shared/label-util.c | 9 +++++----
 src/shared/label-util.h | 6 +++++-
 2 files changed, 10 insertions(+), 5 deletions(-)

diff --git a/src/shared/label-util.c b/src/shared/label-util.c
index 308fbff7611..2c482daaf6c 100644
--- a/src/shared/label-util.c
+++ b/src/shared/label-util.c
@@ -81,22 +81,23 @@ int symlink_atomic_full_label(const char *from, const char *to, bool make_relati
         return mac_smack_fix(to, 0);
 }
 
-int mknod_label(const char *pathname, mode_t mode, dev_t dev) {
+int mknodat_label(int dirfd, const char *pathname, mode_t mode, dev_t dev) {
         int r;
 
+        assert(dirfd >= 0 || dirfd == AT_FDCWD);
         assert(pathname);
 
-        r = mac_selinux_create_file_prepare(pathname, mode);
+        r = mac_selinux_create_file_prepare_at(dirfd, pathname, mode);
         if (r < 0)
                 return r;
 
-        r = RET_NERRNO(mknod(pathname, mode, dev));
+        r = RET_NERRNO(mknodat(dirfd, pathname, mode, dev));
         mac_selinux_create_file_clear();
 
         if (r < 0)
                 return r;
 
-        return mac_smack_fix(pathname, 0);
+        return mac_smack_fix_full(dirfd, pathname, NULL, 0);
 }
 
 int btrfs_subvol_make_label(const char *path) {
diff --git a/src/shared/label-util.h b/src/shared/label-util.h
index 7fb98c76563..5a19a4cd433 100644
--- a/src/shared/label-util.h
+++ b/src/shared/label-util.h
@@ -21,7 +21,11 @@ int symlink_atomic_full_label(const char *from, const char *to, bool make_relati
 static inline int symlink_atomic_label(const char *from, const char *to) {
         return symlink_atomic_full_label(from, to, false);
 }
-int mknod_label(const char *pathname, mode_t mode, dev_t dev);
+
+int mknodat_label(int dirfd, const char *pathname, mode_t mode, dev_t dev);
+static inline int mknod_label(const char *pathname, mode_t mode, dev_t dev) {
+        return mknodat_label(AT_FDCWD, pathname, mode, dev);
+}
 
 int btrfs_subvol_make_label(const char *path);
 
-- 
2.47.3