On Fri, Jun 18, 2021 at 10:53 AM Petr Lautrbach <plautrba@xxxxxxxxxx> wrote:
>
> James Carter <jwcart2@xxxxxxxxx> writes:
>
> > Christian Göttsche <cgzones@xxxxxxxxxxxxxx> submitted a similar patch
> > to quote paths when generating CIL policy from a binary policy.
> >
> > Since genfscon and devicetreecon rules have paths which are allowed
> > to contain spaces, always quote the path when writing out these rules.
> >
> > Signed-off-by: James Carter <jwcart2@xxxxxxxxx>
>
> Acked-by: Petr Lautrbach <plautrba@xxxxxxxxxx>
>
This has been merged.
Jim
>
>
> > ---
> > libsepol/src/kernel_to_conf.c | 4 ++--
> > 1 file changed, 2 insertions(+), 2 deletions(-)
> >
> > diff --git a/libsepol/src/kernel_to_conf.c b/libsepol/src/kernel_to_conf.c
> > index 5db47fe4..ffdf179a 100644
> > --- a/libsepol/src/kernel_to_conf.c
> > +++ b/libsepol/src/kernel_to_conf.c
> > @@ -2527,7 +2527,7 @@ static int write_genfscon_rules_to_conf(FILE *out, struct policydb *pdb)
> > goto exit;
> > }
> >
> > - rc = strs_create_and_add(strs, "genfscon %s %s %s", 3,
> > + rc = strs_create_and_add(strs, "genfscon %s \"%s\" %s", 3,
> > fstype, name, ctx);
> > free(ctx);
> > if (rc != 0) {
> > @@ -2992,7 +2992,7 @@ static int write_xen_devicetree_rules_to_conf(FILE *out, struct policydb *pdb)
> > goto exit;
> > }
> >
> > - sepol_printf(out, "devicetreecon %s %s\n", name, ctx);
> > + sepol_printf(out, "devicetreecon \"%s\" %s\n", name, ctx);
> >
> > free(ctx);
> > }
> > --
> > 2.26.3
>
