On Fri, Jun 18, 2021 at 10:53 AM Petr Lautrbach <plautrba@xxxxxxxxxx> wrote: > > James Carter <jwcart2@xxxxxxxxx> writes: > > > Christian Göttsche <cgzones@xxxxxxxxxxxxxx> submitted a similar patch > > to quote paths when generating CIL policy from a binary policy. > > > > Since genfscon and devicetreecon rules have paths which are allowed > > to contain spaces, always quote the path when writing out these rules. > > > > Signed-off-by: James Carter <jwcart2@xxxxxxxxx> > > Acked-by: Petr Lautrbach <plautrba@xxxxxxxxxx> > This has been merged. Jim > > > > --- > > libsepol/src/kernel_to_conf.c | 4 ++-- > > 1 file changed, 2 insertions(+), 2 deletions(-) > > > > diff --git a/libsepol/src/kernel_to_conf.c b/libsepol/src/kernel_to_conf.c > > index 5db47fe4..ffdf179a 100644 > > --- a/libsepol/src/kernel_to_conf.c > > +++ b/libsepol/src/kernel_to_conf.c > > @@ -2527,7 +2527,7 @@ static int write_genfscon_rules_to_conf(FILE *out, struct policydb *pdb) > > goto exit; > > } > > > > - rc = strs_create_and_add(strs, "genfscon %s %s %s", 3, > > + rc = strs_create_and_add(strs, "genfscon %s \"%s\" %s", 3, > > fstype, name, ctx); > > free(ctx); > > if (rc != 0) { > > @@ -2992,7 +2992,7 @@ static int write_xen_devicetree_rules_to_conf(FILE *out, struct policydb *pdb) > > goto exit; > > } > > > > - sepol_printf(out, "devicetreecon %s %s\n", name, ctx); > > + sepol_printf(out, "devicetreecon \"%s\" %s\n", name, ctx); > > > > free(ctx); > > } > > -- > > 2.26.3 >