Blame SOURCES/0179-secontext-print-context-of-Unix-socket-s-sun_path-fi.patch

b48781
From 960e78f208b4f6d48962bbc9cad45588cc8c90ad Mon Sep 17 00:00:00 2001
b48781
From: =?UTF-8?q?Renaud=20M=C3=A9trich?= <rmetrich@redhat.com>
b48781
Date: Tue, 21 Jun 2022 08:43:00 +0200
b48781
Subject: [PATCH] secontext: print context of Unix socket's sun_path field
b48781
MIME-Version: 1.0
b48781
Content-Type: text/plain; charset=UTF-8
b48781
Content-Transfer-Encoding: 8bit
b48781
b48781
Signed-off-by: Renaud Métrich <rmetrich@redhat.com>
b48781
b48781
* src/sockaddr.c: Include "secontext.h".
b48781
(print_sockaddr_data_un): Print the SELinux context of sun_path field
b48781
using selinux_printfilecon.
b48781
* NEWS: Mention this change.
b48781
* tests/secontext.c (raw_secontext_full_fd, get_secontext_field_fd,
b48781
raw_secontext_short_fd, secontext_full_fd, secontext_short_fd): New
b48781
functions.
b48781
* tests/secontext.h (secontext_full_fd, secontext_short_fd,
b48781
get_secontext_field_fd): New prototypes.
b48781
(SECONTEXT_FD): New macro.
b48781
* tests/sockname.c: Include "secontext.h".
b48781
(test_sockname_syscall): Update expected output.
b48781
* tests/gen_tests.in (getsockname--secontext,
b48781
getsockname--secontext_full, getsockname--secontext_full_mismatch,
b48781
getsockname--secontext_mismatch): New tests.
b48781
b48781
Resolves: https://github.com/strace/strace/pull/214
b48781
---
b48781
 NEWS               |  1 +
b48781
 src/sockaddr.c     |  3 +++
b48781
 tests/gen_tests.in |  4 ++++
b48781
 tests/secontext.c  | 49 +++++++++++++++++++++++++++++++++++++++++++++++++
b48781
 tests/secontext.h  | 12 ++++++++++++
b48781
 tests/sockname.c   | 54 +++++++++++++++++++++++++++++++++++-------------------
b48781
 6 files changed, 104 insertions(+), 19 deletions(-)
b48781
b48781
Index: strace-5.18/NEWS
b48781
===================================================================
b48781
--- strace-5.18.orig/NEWS	2022-07-12 18:20:18.495470531 +0200
b48781
+++ strace-5.18/NEWS	2022-07-12 18:20:44.531163262 +0200
b48781
@@ -5,6 +5,7 @@
b48781
   * Added an interface of raising des Strausses awareness.
b48781
   * Added --tips option to print strace tips, tricks, and tweaks
b48781
     at the end of the tracing session.
b48781
+  * Implemented printing of Unix socket sun_path field's SELinux context.
b48781
   * Enhanced decoding of bpf and io_uring_register syscalls.
b48781
   * Implemented decoding of COUNTER_*, RTC_PARAM_GET, and RTC_PARAM_SET ioctl
b48781
     commands.
b48781
Index: strace-5.18/src/sockaddr.c
b48781
===================================================================
b48781
--- strace-5.18.orig/src/sockaddr.c	2022-07-12 18:17:36.745379483 +0200
b48781
+++ strace-5.18/src/sockaddr.c	2022-07-12 18:20:18.495470531 +0200
b48781
@@ -63,6 +63,8 @@
b48781
 #include "xlat/mctp_addrs.h"
b48781
 #include "xlat/mctp_nets.h"
b48781
 
b48781
+#include "secontext.h"
b48781
+
b48781
 #define SIZEOF_SA_FAMILY sizeof_field(struct sockaddr, sa_family)
b48781
 
b48781
 struct sockaddr_rxrpc {
b48781
@@ -115,6 +117,7 @@
b48781
 	if (sa_un->sun_path[0]) {
b48781
 		print_quoted_string(sa_un->sun_path, path_len + 1,
b48781
 				    QUOTE_0_TERMINATED);
b48781
+		selinux_printfilecon(tcp, sa_un->sun_path);
b48781
 	} else {
b48781
 		tprints("@");
b48781
 		print_quoted_string(sa_un->sun_path + 1, path_len - 1, 0);
b48781
Index: strace-5.18/tests/gen_tests.in
b48781
===================================================================
b48781
--- strace-5.18.orig/tests/gen_tests.in	2022-07-12 18:17:36.746379471 +0200
b48781
+++ strace-5.18/tests/gen_tests.in	2022-07-12 18:20:18.496470519 +0200
b48781
@@ -225,6 +225,10 @@
b48781
 getsid	-a10
b48781
 getsid--pidns-translation	test_pidns -e trace=getsid -a10
b48781
 getsockname	-a27
b48781
+getsockname--secontext	-a27 --secontext -e trace=getsockname
b48781
+getsockname--secontext_full	-a27 --secontext=full -e trace=getsockname
b48781
+getsockname--secontext_full_mismatch	-a27 --secontext=full,mismatch -e trace=getsockname
b48781
+getsockname--secontext_mismatch	-a27 --secontext=mismatch -e trace=getsockname
b48781
 gettid	-a9
b48781
 getuid-creds	+getuid.test
b48781
 getuid32	+getuid.test
b48781
Index: strace-5.18/tests/secontext.c
b48781
===================================================================
b48781
--- strace-5.18.orig/tests/secontext.c	2022-07-12 18:17:36.747379459 +0200
b48781
+++ strace-5.18/tests/secontext.c	2022-07-12 18:20:18.496470519 +0200
b48781
@@ -141,6 +141,21 @@
b48781
 	return full_secontext;
b48781
 }
b48781
 
b48781
+static char *
b48781
+raw_secontext_full_fd(int fd)
b48781
+{
b48781
+	int saved_errno = errno;
b48781
+	char *full_secontext = NULL;
b48781
+	char *secontext;
b48781
+
b48781
+	if (fgetfilecon(fd, &secontext) >= 0) {
b48781
+		full_secontext = strip_trailing_newlines(xstrdup(secontext));
b48781
+		freecon(secontext);
b48781
+	}
b48781
+	errno = saved_errno;
b48781
+	return full_secontext;
b48781
+}
b48781
+
b48781
 char *
b48781
 get_secontext_field_file(const char *file, enum secontext_field field)
b48781
 {
b48781
@@ -151,6 +166,16 @@
b48781
 	return type;
b48781
 }
b48781
 
b48781
+char *
b48781
+get_secontext_field_fd(int fd, enum secontext_field field)
b48781
+{
b48781
+	char *ctx = raw_secontext_full_fd(fd);
b48781
+	char *type =  get_secontext_field(ctx, field);
b48781
+	free(ctx);
b48781
+
b48781
+	return type;
b48781
+}
b48781
+
b48781
 static char *
b48781
 raw_secontext_short_file(const char *filename)
b48781
 {
b48781
@@ -158,6 +183,12 @@
b48781
 }
b48781
 
b48781
 static char *
b48781
+raw_secontext_short_fd(int fd)
b48781
+{
b48781
+	return get_secontext_field_fd(fd, SECONTEXT_TYPE);
b48781
+}
b48781
+
b48781
+static char *
b48781
 raw_secontext_full_pid(pid_t pid)
b48781
 {
b48781
 	int saved_errno = errno;
b48781
@@ -205,6 +236,15 @@
b48781
 }
b48781
 
b48781
 char *
b48781
+secontext_full_fd(int fd)
b48781
+{
b48781
+	int saved_errno = errno;
b48781
+	char *context = raw_secontext_full_fd(fd);
b48781
+	errno = saved_errno;
b48781
+	return FORMAT_SPACE_BEFORE(context);
b48781
+}
b48781
+
b48781
+char *
b48781
 secontext_full_pid(pid_t pid)
b48781
 {
b48781
 	return FORMAT_SPACE_AFTER(raw_secontext_full_pid(pid));
b48781
@@ -228,6 +268,15 @@
b48781
 	errno = saved_errno;
b48781
 	return FORMAT_SPACE_BEFORE(context);
b48781
 }
b48781
+
b48781
+char *
b48781
+secontext_short_fd(int fd)
b48781
+{
b48781
+	int saved_errno = errno;
b48781
+	char *context = raw_secontext_short_fd(fd);
b48781
+	errno = saved_errno;
b48781
+	return FORMAT_SPACE_BEFORE(context);
b48781
+}
b48781
 
b48781
 char *
b48781
 secontext_short_pid(pid_t pid)
b48781
Index: strace-5.18/tests/secontext.h
b48781
===================================================================
b48781
--- strace-5.18.orig/tests/secontext.h	2022-07-12 18:17:36.747379459 +0200
b48781
+++ strace-5.18/tests/secontext.h	2022-07-12 18:20:18.496470519 +0200
b48781
@@ -9,9 +9,11 @@
b48781
 #include "xmalloc.h"
b48781
 #include <unistd.h>
b48781
 
b48781
+char *secontext_full_fd(int) ATTRIBUTE_MALLOC;
b48781
 char *secontext_full_file(const char *, bool) ATTRIBUTE_MALLOC;
b48781
 char *secontext_full_pid(pid_t) ATTRIBUTE_MALLOC;
b48781
 
b48781
+char *secontext_short_fd(int) ATTRIBUTE_MALLOC;
b48781
 char *secontext_short_file(const char *, bool) ATTRIBUTE_MALLOC;
b48781
 char *secontext_short_pid(pid_t) ATTRIBUTE_MALLOC;
b48781
 
b48781
@@ -30,6 +32,7 @@
b48781
  */
b48781
 char *get_secontext_field(const char *full_context, enum secontext_field field);
b48781
 
b48781
+char *get_secontext_field_fd(int fd, enum secontext_field field);
b48781
 char *get_secontext_field_file(const char *file, enum secontext_field field);
b48781
 
b48781
 void reset_secontext_file(const char *file);
b48781
@@ -44,6 +47,7 @@
b48781
 #  else
b48781
 #   define SECONTEXT_FILE(filename)	secontext_full_file(filename, false)
b48781
 #  endif
b48781
+#  define SECONTEXT_FD(fd)		secontext_full_fd(fd)
b48781
 #  define SECONTEXT_PID(pid)		secontext_full_pid(pid)
b48781
 
b48781
 # else
b48781
@@ -53,6 +57,7 @@
b48781
 #  else
b48781
 #   define SECONTEXT_FILE(filename)	secontext_short_file(filename, false)
b48781
 #  endif
b48781
+#  define SECONTEXT_FD(fd)		secontext_short_fd(fd)
b48781
 #  define SECONTEXT_PID(pid)		secontext_short_pid(pid)
b48781
 
b48781
 # endif
b48781
@@ -65,6 +70,12 @@
b48781
 	return NULL;
b48781
 }
b48781
 static inline char *
b48781
+get_secontext_field_fd(int fd, enum secontext_field field)
b48781
+{
b48781
+	return NULL;
b48781
+}
b48781
+
b48781
+static inline char *
b48781
 get_secontext_field_file(const char *file, enum secontext_field field)
b48781
 {
b48781
 	return NULL;
b48781
@@ -81,6 +92,7 @@
b48781
 {
b48781
 }
b48781
 
b48781
+# define SECONTEXT_FD(fd)			xstrdup("")
b48781
 # define SECONTEXT_FILE(filename)		xstrdup("")
b48781
 # define SECONTEXT_PID(pid)			xstrdup("")
b48781
 
b48781
Index: strace-5.18/tests/sockname.c
b48781
===================================================================
b48781
--- strace-5.18.orig/tests/sockname.c	2022-07-12 18:17:36.748379448 +0200
b48781
+++ strace-5.18/tests/sockname.c	2022-07-12 18:20:18.496470519 +0200
b48781
@@ -18,6 +18,8 @@
b48781
 #include <sys/socket.h>
b48781
 #include <sys/un.h>
b48781
 
b48781
+#include "secontext.h"
b48781
+
b48781
 #ifndef TEST_SYSCALL_NAME
b48781
 # error TEST_SYSCALL_NAME must be defined
b48781
 #endif
b48781
@@ -59,14 +61,19 @@
b48781
 	*plen = sizeof(struct sockaddr_un);
b48781
 	struct sockaddr_un *addr = tail_alloc(*plen);
b48781
 
b48781
+	char *my_secontext = SECONTEXT_PID_MY();
b48781
+	char *fd_secontext = SECONTEXT_FD(fd);
b48781
+
b48781
 	PREPARE_TEST_SYSCALL_INVOCATION;
b48781
 	int rc = TEST_SYSCALL_NAME(fd PREFIX_S_ARGS, (void *) addr,
b48781
 				   plen SUFFIX_ARGS);
b48781
 	if (rc < 0)
b48781
 		perror_msg_and_skip(TEST_SYSCALL_STR);
b48781
-	printf("%s(%d%s, {sa_family=AF_UNIX, sun_path=\"%s\"}"
b48781
+	printf("%s%s(%d%s%s, {sa_family=AF_UNIX, sun_path=\"%s\"%s}"
b48781
 	       ", [%d => %d]%s) = %d\n",
b48781
-	       TEST_SYSCALL_STR, fd, PREFIX_S_STR, addr->sun_path,
b48781
+	       my_secontext,
b48781
+	       TEST_SYSCALL_STR, fd, fd_secontext, PREFIX_S_STR,
b48781
+	       addr->sun_path, SECONTEXT_FILE(addr->sun_path),
b48781
 	       (int) sizeof(struct sockaddr_un), (int) *plen, SUFFIX_STR, rc);
b48781
 
b48781
 	memset(addr, 0, sizeof(*addr));
b48781
@@ -75,28 +82,34 @@
b48781
 			       plen SUFFIX_ARGS);
b48781
 	if (rc < 0)
b48781
 		perror_msg_and_skip(TEST_SYSCALL_STR);
b48781
-	printf("%s(%d%s, {sa_family=AF_UNIX, sun_path=\"%s\"}"
b48781
+	printf("%s%s(%d%s%s, {sa_family=AF_UNIX, sun_path=\"%s\"%s}"
b48781
 	       ", [%d]%s) = %d\n",
b48781
-	       TEST_SYSCALL_STR, fd, PREFIX_S_STR, addr->sun_path,
b48781
+	       my_secontext,
b48781
+	       TEST_SYSCALL_STR, fd, fd_secontext, PREFIX_S_STR,
b48781
+	       addr->sun_path, SECONTEXT_FILE(addr->sun_path),
b48781
 	       (int) *plen, SUFFIX_STR, rc);
b48781
 
b48781
 	PREPARE_TEST_SYSCALL_INVOCATION;
b48781
 	rc = TEST_SYSCALL_NAME(fd PREFIX_F_ARGS, (void *) addr, 0 SUFFIX_ARGS);
b48781
-	printf("%s(%d%s, %p, NULL%s) = %s\n",
b48781
-	       TEST_SYSCALL_STR, fd, PREFIX_F_STR, addr, SUFFIX_STR,
b48781
-	       sprintrc(rc));
b48781
+	printf("%s%s(%d%s%s, %p, NULL%s) = %s\n",
b48781
+	       my_secontext,
b48781
+	       TEST_SYSCALL_STR, fd, fd_secontext, PREFIX_F_STR,
b48781
+	       addr, SUFFIX_STR, sprintrc(rc));
b48781
 
b48781
 	PREPARE_TEST_SYSCALL_INVOCATION;
b48781
 	rc = TEST_SYSCALL_NAME(fd PREFIX_S_ARGS, 0, 0 SUFFIX_ARGS);
b48781
-	printf("%s(%d%s, NULL, NULL%s) = %s\n",
b48781
-	       TEST_SYSCALL_STR, fd, rc == -1 ? PREFIX_F_STR : PREFIX_S_STR,
b48781
+	printf("%s%s(%d%s%s, NULL, NULL%s) = %s\n",
b48781
+	       my_secontext,
b48781
+	       TEST_SYSCALL_STR, fd, fd_secontext,
b48781
+	       rc == -1 ? PREFIX_F_STR : PREFIX_S_STR,
b48781
 	       SUFFIX_STR, sprintrc(rc));
b48781
 
b48781
 	PREPARE_TEST_SYSCALL_INVOCATION;
b48781
 	rc = TEST_SYSCALL_NAME(fd PREFIX_F_ARGS, (void *) addr,
b48781
 			       plen + 1 SUFFIX_ARGS);
b48781
-	printf("%s(%d%s, %p, %p%s) = %s\n",
b48781
-	       TEST_SYSCALL_STR, fd, PREFIX_F_STR, addr,
b48781
+	printf("%s%s(%d%s%s, %p, %p%s) = %s\n",
b48781
+	       my_secontext,
b48781
+	       TEST_SYSCALL_STR, fd, fd_secontext, PREFIX_F_STR, addr,
b48781
 	       plen + 1, SUFFIX_STR, sprintrc(rc));
b48781
 
b48781
 	const size_t offsetof_sun_path = offsetof(struct sockaddr_un, sun_path);
b48781
@@ -108,8 +121,9 @@
b48781
 			       plen SUFFIX_ARGS);
b48781
 	if (rc < 0)
b48781
 		perror_msg_and_skip(TEST_SYSCALL_STR);
b48781
-	printf("%s(%d%s, {sa_family=AF_UNIX}, [%d => %d]%s) = %d\n",
b48781
-	       TEST_SYSCALL_STR, fd, PREFIX_S_STR,
b48781
+	printf("%s%s(%d%s%s, {sa_family=AF_UNIX}, [%d => %d]%s) = %d\n",
b48781
+	       my_secontext,
b48781
+	       TEST_SYSCALL_STR, fd, fd_secontext, PREFIX_S_STR,
b48781
 	       (int) offsetof_sun_path, (int) *plen, SUFFIX_STR, rc);
b48781
 
b48781
 	++addr;
b48781
@@ -121,17 +135,19 @@
b48781
 			       plen SUFFIX_ARGS);
b48781
 	if (rc < 0)
b48781
 		perror_msg_and_skip(TEST_SYSCALL_STR);
b48781
-	printf("%s(%d%s, {sa_family=AF_UNIX, sun_path=\"%.*s\"}"
b48781
+	printf("%s%s(%d%s%s, {sa_family=AF_UNIX, sun_path=\"%.*s\"%s}"
b48781
 	       ", [%d => %d]%s) = %d\n",
b48781
-	       TEST_SYSCALL_STR, fd, PREFIX_S_STR,
b48781
+	       my_secontext,
b48781
+	       TEST_SYSCALL_STR, fd, fd_secontext, PREFIX_S_STR,
b48781
 	       (int) (sizeof(struct sockaddr) - offsetof_sun_path),
b48781
-	       addr->sun_path, (int) sizeof(struct sockaddr),
b48781
-	       (int) *plen, SUFFIX_STR, rc);
b48781
+	       addr->sun_path, SECONTEXT_FILE(addr->sun_path),
b48781
+	       (int) sizeof(struct sockaddr), (int) *plen, SUFFIX_STR, rc);
b48781
 
b48781
 	PREPARE_TEST_SYSCALL_INVOCATION;
b48781
 	rc = TEST_SYSCALL_NAME(fd PREFIX_F_ARGS, (void *) addr,
b48781
 			       plen SUFFIX_ARGS);
b48781
-	printf("%s(%d%s, %p, [%d]%s) = %s\n",
b48781
-	       TEST_SYSCALL_STR, fd, PREFIX_F_STR, addr,
b48781
+	printf("%s%s(%d%s%s, %p, [%d]%s) = %s\n",
b48781
+	       my_secontext,
b48781
+	       TEST_SYSCALL_STR, fd, fd_secontext, PREFIX_F_STR, addr,
b48781
 	       *plen, SUFFIX_STR, sprintrc(rc));
b48781
 }
b48781
Index: strace-5.18/tests-m32/secontext.c
b48781
===================================================================
b48781
--- strace-5.18.orig/tests-m32/secontext.c	2022-07-12 18:17:36.747379459 +0200
b48781
+++ strace-5.18/tests-m32/secontext.c	2022-07-12 18:20:18.496470519 +0200
b48781
@@ -141,6 +141,21 @@
b48781
 	return full_secontext;
b48781
 }
b48781
 
b48781
+static char *
b48781
+raw_secontext_full_fd(int fd)
b48781
+{
b48781
+	int saved_errno = errno;
b48781
+	char *full_secontext = NULL;
b48781
+	char *secontext;
b48781
+
b48781
+	if (fgetfilecon(fd, &secontext) >= 0) {
b48781
+		full_secontext = strip_trailing_newlines(xstrdup(secontext));
b48781
+		freecon(secontext);
b48781
+	}
b48781
+	errno = saved_errno;
b48781
+	return full_secontext;
b48781
+}
b48781
+
b48781
 char *
b48781
 get_secontext_field_file(const char *file, enum secontext_field field)
b48781
 {
b48781
@@ -151,6 +166,16 @@
b48781
 	return type;
b48781
 }
b48781
 
b48781
+char *
b48781
+get_secontext_field_fd(int fd, enum secontext_field field)
b48781
+{
b48781
+	char *ctx = raw_secontext_full_fd(fd);
b48781
+	char *type =  get_secontext_field(ctx, field);
b48781
+	free(ctx);
b48781
+
b48781
+	return type;
b48781
+}
b48781
+
b48781
 static char *
b48781
 raw_secontext_short_file(const char *filename)
b48781
 {
b48781
@@ -158,6 +183,12 @@
b48781
 }
b48781
 
b48781
 static char *
b48781
+raw_secontext_short_fd(int fd)
b48781
+{
b48781
+	return get_secontext_field_fd(fd, SECONTEXT_TYPE);
b48781
+}
b48781
+
b48781
+static char *
b48781
 raw_secontext_full_pid(pid_t pid)
b48781
 {
b48781
 	int saved_errno = errno;
b48781
@@ -205,6 +236,15 @@
b48781
 }
b48781
 
b48781
 char *
b48781
+secontext_full_fd(int fd)
b48781
+{
b48781
+	int saved_errno = errno;
b48781
+	char *context = raw_secontext_full_fd(fd);
b48781
+	errno = saved_errno;
b48781
+	return FORMAT_SPACE_BEFORE(context);
b48781
+}
b48781
+
b48781
+char *
b48781
 secontext_full_pid(pid_t pid)
b48781
 {
b48781
 	return FORMAT_SPACE_AFTER(raw_secontext_full_pid(pid));
b48781
@@ -228,6 +268,15 @@
b48781
 	errno = saved_errno;
b48781
 	return FORMAT_SPACE_BEFORE(context);
b48781
 }
b48781
+
b48781
+char *
b48781
+secontext_short_fd(int fd)
b48781
+{
b48781
+	int saved_errno = errno;
b48781
+	char *context = raw_secontext_short_fd(fd);
b48781
+	errno = saved_errno;
b48781
+	return FORMAT_SPACE_BEFORE(context);
b48781
+}
b48781
 
b48781
 char *
b48781
 secontext_short_pid(pid_t pid)
b48781
Index: strace-5.18/tests-m32/secontext.h
b48781
===================================================================
b48781
--- strace-5.18.orig/tests-m32/secontext.h	2022-07-12 18:17:36.747379459 +0200
b48781
+++ strace-5.18/tests-m32/secontext.h	2022-07-12 18:20:18.496470519 +0200
b48781
@@ -9,9 +9,11 @@
b48781
 #include "xmalloc.h"
b48781
 #include <unistd.h>
b48781
 
b48781
+char *secontext_full_fd(int) ATTRIBUTE_MALLOC;
b48781
 char *secontext_full_file(const char *, bool) ATTRIBUTE_MALLOC;
b48781
 char *secontext_full_pid(pid_t) ATTRIBUTE_MALLOC;
b48781
 
b48781
+char *secontext_short_fd(int) ATTRIBUTE_MALLOC;
b48781
 char *secontext_short_file(const char *, bool) ATTRIBUTE_MALLOC;
b48781
 char *secontext_short_pid(pid_t) ATTRIBUTE_MALLOC;
b48781
 
b48781
@@ -30,6 +32,7 @@
b48781
  */
b48781
 char *get_secontext_field(const char *full_context, enum secontext_field field);
b48781
 
b48781
+char *get_secontext_field_fd(int fd, enum secontext_field field);
b48781
 char *get_secontext_field_file(const char *file, enum secontext_field field);
b48781
 
b48781
 void reset_secontext_file(const char *file);
b48781
@@ -44,6 +47,7 @@
b48781
 #  else
b48781
 #   define SECONTEXT_FILE(filename)	secontext_full_file(filename, false)
b48781
 #  endif
b48781
+#  define SECONTEXT_FD(fd)		secontext_full_fd(fd)
b48781
 #  define SECONTEXT_PID(pid)		secontext_full_pid(pid)
b48781
 
b48781
 # else
b48781
@@ -53,6 +57,7 @@
b48781
 #  else
b48781
 #   define SECONTEXT_FILE(filename)	secontext_short_file(filename, false)
b48781
 #  endif
b48781
+#  define SECONTEXT_FD(fd)		secontext_short_fd(fd)
b48781
 #  define SECONTEXT_PID(pid)		secontext_short_pid(pid)
b48781
 
b48781
 # endif
b48781
@@ -65,6 +70,12 @@
b48781
 	return NULL;
b48781
 }
b48781
 static inline char *
b48781
+get_secontext_field_fd(int fd, enum secontext_field field)
b48781
+{
b48781
+	return NULL;
b48781
+}
b48781
+
b48781
+static inline char *
b48781
 get_secontext_field_file(const char *file, enum secontext_field field)
b48781
 {
b48781
 	return NULL;
b48781
@@ -81,6 +92,7 @@
b48781
 {
b48781
 }
b48781
 
b48781
+# define SECONTEXT_FD(fd)			xstrdup("")
b48781
 # define SECONTEXT_FILE(filename)		xstrdup("")
b48781
 # define SECONTEXT_PID(pid)			xstrdup("")
b48781
 
b48781
Index: strace-5.18/tests-m32/sockname.c
b48781
===================================================================
b48781
--- strace-5.18.orig/tests-m32/sockname.c	2022-07-12 18:17:36.748379448 +0200
b48781
+++ strace-5.18/tests-m32/sockname.c	2022-07-12 18:20:18.496470519 +0200
b48781
@@ -18,6 +18,8 @@
b48781
 #include <sys/socket.h>
b48781
 #include <sys/un.h>
b48781
 
b48781
+#include "secontext.h"
b48781
+
b48781
 #ifndef TEST_SYSCALL_NAME
b48781
 # error TEST_SYSCALL_NAME must be defined
b48781
 #endif
b48781
@@ -59,14 +61,19 @@
b48781
 	*plen = sizeof(struct sockaddr_un);
b48781
 	struct sockaddr_un *addr = tail_alloc(*plen);
b48781
 
b48781
+	char *my_secontext = SECONTEXT_PID_MY();
b48781
+	char *fd_secontext = SECONTEXT_FD(fd);
b48781
+
b48781
 	PREPARE_TEST_SYSCALL_INVOCATION;
b48781
 	int rc = TEST_SYSCALL_NAME(fd PREFIX_S_ARGS, (void *) addr,
b48781
 				   plen SUFFIX_ARGS);
b48781
 	if (rc < 0)
b48781
 		perror_msg_and_skip(TEST_SYSCALL_STR);
b48781
-	printf("%s(%d%s, {sa_family=AF_UNIX, sun_path=\"%s\"}"
b48781
+	printf("%s%s(%d%s%s, {sa_family=AF_UNIX, sun_path=\"%s\"%s}"
b48781
 	       ", [%d => %d]%s) = %d\n",
b48781
-	       TEST_SYSCALL_STR, fd, PREFIX_S_STR, addr->sun_path,
b48781
+	       my_secontext,
b48781
+	       TEST_SYSCALL_STR, fd, fd_secontext, PREFIX_S_STR,
b48781
+	       addr->sun_path, SECONTEXT_FILE(addr->sun_path),
b48781
 	       (int) sizeof(struct sockaddr_un), (int) *plen, SUFFIX_STR, rc);
b48781
 
b48781
 	memset(addr, 0, sizeof(*addr));
b48781
@@ -75,28 +82,34 @@
b48781
 			       plen SUFFIX_ARGS);
b48781
 	if (rc < 0)
b48781
 		perror_msg_and_skip(TEST_SYSCALL_STR);
b48781
-	printf("%s(%d%s, {sa_family=AF_UNIX, sun_path=\"%s\"}"
b48781
+	printf("%s%s(%d%s%s, {sa_family=AF_UNIX, sun_path=\"%s\"%s}"
b48781
 	       ", [%d]%s) = %d\n",
b48781
-	       TEST_SYSCALL_STR, fd, PREFIX_S_STR, addr->sun_path,
b48781
+	       my_secontext,
b48781
+	       TEST_SYSCALL_STR, fd, fd_secontext, PREFIX_S_STR,
b48781
+	       addr->sun_path, SECONTEXT_FILE(addr->sun_path),
b48781
 	       (int) *plen, SUFFIX_STR, rc);
b48781
 
b48781
 	PREPARE_TEST_SYSCALL_INVOCATION;
b48781
 	rc = TEST_SYSCALL_NAME(fd PREFIX_F_ARGS, (void *) addr, 0 SUFFIX_ARGS);
b48781
-	printf("%s(%d%s, %p, NULL%s) = %s\n",
b48781
-	       TEST_SYSCALL_STR, fd, PREFIX_F_STR, addr, SUFFIX_STR,
b48781
-	       sprintrc(rc));
b48781
+	printf("%s%s(%d%s%s, %p, NULL%s) = %s\n",
b48781
+	       my_secontext,
b48781
+	       TEST_SYSCALL_STR, fd, fd_secontext, PREFIX_F_STR,
b48781
+	       addr, SUFFIX_STR, sprintrc(rc));
b48781
 
b48781
 	PREPARE_TEST_SYSCALL_INVOCATION;
b48781
 	rc = TEST_SYSCALL_NAME(fd PREFIX_S_ARGS, 0, 0 SUFFIX_ARGS);
b48781
-	printf("%s(%d%s, NULL, NULL%s) = %s\n",
b48781
-	       TEST_SYSCALL_STR, fd, rc == -1 ? PREFIX_F_STR : PREFIX_S_STR,
b48781
+	printf("%s%s(%d%s%s, NULL, NULL%s) = %s\n",
b48781
+	       my_secontext,
b48781
+	       TEST_SYSCALL_STR, fd, fd_secontext,
b48781
+	       rc == -1 ? PREFIX_F_STR : PREFIX_S_STR,
b48781
 	       SUFFIX_STR, sprintrc(rc));
b48781
 
b48781
 	PREPARE_TEST_SYSCALL_INVOCATION;
b48781
 	rc = TEST_SYSCALL_NAME(fd PREFIX_F_ARGS, (void *) addr,
b48781
 			       plen + 1 SUFFIX_ARGS);
b48781
-	printf("%s(%d%s, %p, %p%s) = %s\n",
b48781
-	       TEST_SYSCALL_STR, fd, PREFIX_F_STR, addr,
b48781
+	printf("%s%s(%d%s%s, %p, %p%s) = %s\n",
b48781
+	       my_secontext,
b48781
+	       TEST_SYSCALL_STR, fd, fd_secontext, PREFIX_F_STR, addr,
b48781
 	       plen + 1, SUFFIX_STR, sprintrc(rc));
b48781
 
b48781
 	const size_t offsetof_sun_path = offsetof(struct sockaddr_un, sun_path);
b48781
@@ -108,8 +121,9 @@
b48781
 			       plen SUFFIX_ARGS);
b48781
 	if (rc < 0)
b48781
 		perror_msg_and_skip(TEST_SYSCALL_STR);
b48781
-	printf("%s(%d%s, {sa_family=AF_UNIX}, [%d => %d]%s) = %d\n",
b48781
-	       TEST_SYSCALL_STR, fd, PREFIX_S_STR,
b48781
+	printf("%s%s(%d%s%s, {sa_family=AF_UNIX}, [%d => %d]%s) = %d\n",
b48781
+	       my_secontext,
b48781
+	       TEST_SYSCALL_STR, fd, fd_secontext, PREFIX_S_STR,
b48781
 	       (int) offsetof_sun_path, (int) *plen, SUFFIX_STR, rc);
b48781
 
b48781
 	++addr;
b48781
@@ -121,17 +135,19 @@
b48781
 			       plen SUFFIX_ARGS);
b48781
 	if (rc < 0)
b48781
 		perror_msg_and_skip(TEST_SYSCALL_STR);
b48781
-	printf("%s(%d%s, {sa_family=AF_UNIX, sun_path=\"%.*s\"}"
b48781
+	printf("%s%s(%d%s%s, {sa_family=AF_UNIX, sun_path=\"%.*s\"%s}"
b48781
 	       ", [%d => %d]%s) = %d\n",
b48781
-	       TEST_SYSCALL_STR, fd, PREFIX_S_STR,
b48781
+	       my_secontext,
b48781
+	       TEST_SYSCALL_STR, fd, fd_secontext, PREFIX_S_STR,
b48781
 	       (int) (sizeof(struct sockaddr) - offsetof_sun_path),
b48781
-	       addr->sun_path, (int) sizeof(struct sockaddr),
b48781
-	       (int) *plen, SUFFIX_STR, rc);
b48781
+	       addr->sun_path, SECONTEXT_FILE(addr->sun_path),
b48781
+	       (int) sizeof(struct sockaddr), (int) *plen, SUFFIX_STR, rc);
b48781
 
b48781
 	PREPARE_TEST_SYSCALL_INVOCATION;
b48781
 	rc = TEST_SYSCALL_NAME(fd PREFIX_F_ARGS, (void *) addr,
b48781
 			       plen SUFFIX_ARGS);
b48781
-	printf("%s(%d%s, %p, [%d]%s) = %s\n",
b48781
-	       TEST_SYSCALL_STR, fd, PREFIX_F_STR, addr,
b48781
+	printf("%s%s(%d%s%s, %p, [%d]%s) = %s\n",
b48781
+	       my_secontext,
b48781
+	       TEST_SYSCALL_STR, fd, fd_secontext, PREFIX_F_STR, addr,
b48781
 	       *plen, SUFFIX_STR, sprintrc(rc));
b48781
 }
b48781
Index: strace-5.18/tests-mx32/secontext.c
b48781
===================================================================
b48781
--- strace-5.18.orig/tests-mx32/secontext.c	2022-07-12 18:17:36.747379459 +0200
b48781
+++ strace-5.18/tests-mx32/secontext.c	2022-07-12 18:20:18.496470519 +0200
b48781
@@ -141,6 +141,21 @@
b48781
 	return full_secontext;
b48781
 }
b48781
 
b48781
+static char *
b48781
+raw_secontext_full_fd(int fd)
b48781
+{
b48781
+	int saved_errno = errno;
b48781
+	char *full_secontext = NULL;
b48781
+	char *secontext;
b48781
+
b48781
+	if (fgetfilecon(fd, &secontext) >= 0) {
b48781
+		full_secontext = strip_trailing_newlines(xstrdup(secontext));
b48781
+		freecon(secontext);
b48781
+	}
b48781
+	errno = saved_errno;
b48781
+	return full_secontext;
b48781
+}
b48781
+
b48781
 char *
b48781
 get_secontext_field_file(const char *file, enum secontext_field field)
b48781
 {
b48781
@@ -151,6 +166,16 @@
b48781
 	return type;
b48781
 }
b48781
 
b48781
+char *
b48781
+get_secontext_field_fd(int fd, enum secontext_field field)
b48781
+{
b48781
+	char *ctx = raw_secontext_full_fd(fd);
b48781
+	char *type =  get_secontext_field(ctx, field);
b48781
+	free(ctx);
b48781
+
b48781
+	return type;
b48781
+}
b48781
+
b48781
 static char *
b48781
 raw_secontext_short_file(const char *filename)
b48781
 {
b48781
@@ -158,6 +183,12 @@
b48781
 }
b48781
 
b48781
 static char *
b48781
+raw_secontext_short_fd(int fd)
b48781
+{
b48781
+	return get_secontext_field_fd(fd, SECONTEXT_TYPE);
b48781
+}
b48781
+
b48781
+static char *
b48781
 raw_secontext_full_pid(pid_t pid)
b48781
 {
b48781
 	int saved_errno = errno;
b48781
@@ -205,6 +236,15 @@
b48781
 }
b48781
 
b48781
 char *
b48781
+secontext_full_fd(int fd)
b48781
+{
b48781
+	int saved_errno = errno;
b48781
+	char *context = raw_secontext_full_fd(fd);
b48781
+	errno = saved_errno;
b48781
+	return FORMAT_SPACE_BEFORE(context);
b48781
+}
b48781
+
b48781
+char *
b48781
 secontext_full_pid(pid_t pid)
b48781
 {
b48781
 	return FORMAT_SPACE_AFTER(raw_secontext_full_pid(pid));
b48781
@@ -228,6 +268,15 @@
b48781
 	errno = saved_errno;
b48781
 	return FORMAT_SPACE_BEFORE(context);
b48781
 }
b48781
+
b48781
+char *
b48781
+secontext_short_fd(int fd)
b48781
+{
b48781
+	int saved_errno = errno;
b48781
+	char *context = raw_secontext_short_fd(fd);
b48781
+	errno = saved_errno;
b48781
+	return FORMAT_SPACE_BEFORE(context);
b48781
+}
b48781
 
b48781
 char *
b48781
 secontext_short_pid(pid_t pid)
b48781
Index: strace-5.18/tests-mx32/secontext.h
b48781
===================================================================
b48781
--- strace-5.18.orig/tests-mx32/secontext.h	2022-07-12 18:17:36.747379459 +0200
b48781
+++ strace-5.18/tests-mx32/secontext.h	2022-07-12 18:20:18.496470519 +0200
b48781
@@ -9,9 +9,11 @@
b48781
 #include "xmalloc.h"
b48781
 #include <unistd.h>
b48781
 
b48781
+char *secontext_full_fd(int) ATTRIBUTE_MALLOC;
b48781
 char *secontext_full_file(const char *, bool) ATTRIBUTE_MALLOC;
b48781
 char *secontext_full_pid(pid_t) ATTRIBUTE_MALLOC;
b48781
 
b48781
+char *secontext_short_fd(int) ATTRIBUTE_MALLOC;
b48781
 char *secontext_short_file(const char *, bool) ATTRIBUTE_MALLOC;
b48781
 char *secontext_short_pid(pid_t) ATTRIBUTE_MALLOC;
b48781
 
b48781
@@ -30,6 +32,7 @@
b48781
  */
b48781
 char *get_secontext_field(const char *full_context, enum secontext_field field);
b48781
 
b48781
+char *get_secontext_field_fd(int fd, enum secontext_field field);
b48781
 char *get_secontext_field_file(const char *file, enum secontext_field field);
b48781
 
b48781
 void reset_secontext_file(const char *file);
b48781
@@ -44,6 +47,7 @@
b48781
 #  else
b48781
 #   define SECONTEXT_FILE(filename)	secontext_full_file(filename, false)
b48781
 #  endif
b48781
+#  define SECONTEXT_FD(fd)		secontext_full_fd(fd)
b48781
 #  define SECONTEXT_PID(pid)		secontext_full_pid(pid)
b48781
 
b48781
 # else
b48781
@@ -53,6 +57,7 @@
b48781
 #  else
b48781
 #   define SECONTEXT_FILE(filename)	secontext_short_file(filename, false)
b48781
 #  endif
b48781
+#  define SECONTEXT_FD(fd)		secontext_short_fd(fd)
b48781
 #  define SECONTEXT_PID(pid)		secontext_short_pid(pid)
b48781
 
b48781
 # endif
b48781
@@ -65,6 +70,12 @@
b48781
 	return NULL;
b48781
 }
b48781
 static inline char *
b48781
+get_secontext_field_fd(int fd, enum secontext_field field)
b48781
+{
b48781
+	return NULL;
b48781
+}
b48781
+
b48781
+static inline char *
b48781
 get_secontext_field_file(const char *file, enum secontext_field field)
b48781
 {
b48781
 	return NULL;
b48781
@@ -81,6 +92,7 @@
b48781
 {
b48781
 }
b48781
 
b48781
+# define SECONTEXT_FD(fd)			xstrdup("")
b48781
 # define SECONTEXT_FILE(filename)		xstrdup("")
b48781
 # define SECONTEXT_PID(pid)			xstrdup("")
b48781
 
b48781
Index: strace-5.18/tests-mx32/sockname.c
b48781
===================================================================
b48781
--- strace-5.18.orig/tests-mx32/sockname.c	2022-07-12 18:17:36.748379448 +0200
b48781
+++ strace-5.18/tests-mx32/sockname.c	2022-07-12 18:20:18.496470519 +0200
b48781
@@ -18,6 +18,8 @@
b48781
 #include <sys/socket.h>
b48781
 #include <sys/un.h>
b48781
 
b48781
+#include "secontext.h"
b48781
+
b48781
 #ifndef TEST_SYSCALL_NAME
b48781
 # error TEST_SYSCALL_NAME must be defined
b48781
 #endif
b48781
@@ -59,14 +61,19 @@
b48781
 	*plen = sizeof(struct sockaddr_un);
b48781
 	struct sockaddr_un *addr = tail_alloc(*plen);
b48781
 
b48781
+	char *my_secontext = SECONTEXT_PID_MY();
b48781
+	char *fd_secontext = SECONTEXT_FD(fd);
b48781
+
b48781
 	PREPARE_TEST_SYSCALL_INVOCATION;
b48781
 	int rc = TEST_SYSCALL_NAME(fd PREFIX_S_ARGS, (void *) addr,
b48781
 				   plen SUFFIX_ARGS);
b48781
 	if (rc < 0)
b48781
 		perror_msg_and_skip(TEST_SYSCALL_STR);
b48781
-	printf("%s(%d%s, {sa_family=AF_UNIX, sun_path=\"%s\"}"
b48781
+	printf("%s%s(%d%s%s, {sa_family=AF_UNIX, sun_path=\"%s\"%s}"
b48781
 	       ", [%d => %d]%s) = %d\n",
b48781
-	       TEST_SYSCALL_STR, fd, PREFIX_S_STR, addr->sun_path,
b48781
+	       my_secontext,
b48781
+	       TEST_SYSCALL_STR, fd, fd_secontext, PREFIX_S_STR,
b48781
+	       addr->sun_path, SECONTEXT_FILE(addr->sun_path),
b48781
 	       (int) sizeof(struct sockaddr_un), (int) *plen, SUFFIX_STR, rc);
b48781
 
b48781
 	memset(addr, 0, sizeof(*addr));
b48781
@@ -75,28 +82,34 @@
b48781
 			       plen SUFFIX_ARGS);
b48781
 	if (rc < 0)
b48781
 		perror_msg_and_skip(TEST_SYSCALL_STR);
b48781
-	printf("%s(%d%s, {sa_family=AF_UNIX, sun_path=\"%s\"}"
b48781
+	printf("%s%s(%d%s%s, {sa_family=AF_UNIX, sun_path=\"%s\"%s}"
b48781
 	       ", [%d]%s) = %d\n",
b48781
-	       TEST_SYSCALL_STR, fd, PREFIX_S_STR, addr->sun_path,
b48781
+	       my_secontext,
b48781
+	       TEST_SYSCALL_STR, fd, fd_secontext, PREFIX_S_STR,
b48781
+	       addr->sun_path, SECONTEXT_FILE(addr->sun_path),
b48781
 	       (int) *plen, SUFFIX_STR, rc);
b48781
 
b48781
 	PREPARE_TEST_SYSCALL_INVOCATION;
b48781
 	rc = TEST_SYSCALL_NAME(fd PREFIX_F_ARGS, (void *) addr, 0 SUFFIX_ARGS);
b48781
-	printf("%s(%d%s, %p, NULL%s) = %s\n",
b48781
-	       TEST_SYSCALL_STR, fd, PREFIX_F_STR, addr, SUFFIX_STR,
b48781
-	       sprintrc(rc));
b48781
+	printf("%s%s(%d%s%s, %p, NULL%s) = %s\n",
b48781
+	       my_secontext,
b48781
+	       TEST_SYSCALL_STR, fd, fd_secontext, PREFIX_F_STR,
b48781
+	       addr, SUFFIX_STR, sprintrc(rc));
b48781
 
b48781
 	PREPARE_TEST_SYSCALL_INVOCATION;
b48781
 	rc = TEST_SYSCALL_NAME(fd PREFIX_S_ARGS, 0, 0 SUFFIX_ARGS);
b48781
-	printf("%s(%d%s, NULL, NULL%s) = %s\n",
b48781
-	       TEST_SYSCALL_STR, fd, rc == -1 ? PREFIX_F_STR : PREFIX_S_STR,
b48781
+	printf("%s%s(%d%s%s, NULL, NULL%s) = %s\n",
b48781
+	       my_secontext,
b48781
+	       TEST_SYSCALL_STR, fd, fd_secontext,
b48781
+	       rc == -1 ? PREFIX_F_STR : PREFIX_S_STR,
b48781
 	       SUFFIX_STR, sprintrc(rc));
b48781
 
b48781
 	PREPARE_TEST_SYSCALL_INVOCATION;
b48781
 	rc = TEST_SYSCALL_NAME(fd PREFIX_F_ARGS, (void *) addr,
b48781
 			       plen + 1 SUFFIX_ARGS);
b48781
-	printf("%s(%d%s, %p, %p%s) = %s\n",
b48781
-	       TEST_SYSCALL_STR, fd, PREFIX_F_STR, addr,
b48781
+	printf("%s%s(%d%s%s, %p, %p%s) = %s\n",
b48781
+	       my_secontext,
b48781
+	       TEST_SYSCALL_STR, fd, fd_secontext, PREFIX_F_STR, addr,
b48781
 	       plen + 1, SUFFIX_STR, sprintrc(rc));
b48781
 
b48781
 	const size_t offsetof_sun_path = offsetof(struct sockaddr_un, sun_path);
b48781
@@ -108,8 +121,9 @@
b48781
 			       plen SUFFIX_ARGS);
b48781
 	if (rc < 0)
b48781
 		perror_msg_and_skip(TEST_SYSCALL_STR);
b48781
-	printf("%s(%d%s, {sa_family=AF_UNIX}, [%d => %d]%s) = %d\n",
b48781
-	       TEST_SYSCALL_STR, fd, PREFIX_S_STR,
b48781
+	printf("%s%s(%d%s%s, {sa_family=AF_UNIX}, [%d => %d]%s) = %d\n",
b48781
+	       my_secontext,
b48781
+	       TEST_SYSCALL_STR, fd, fd_secontext, PREFIX_S_STR,
b48781
 	       (int) offsetof_sun_path, (int) *plen, SUFFIX_STR, rc);
b48781
 
b48781
 	++addr;
b48781
@@ -121,17 +135,19 @@
b48781
 			       plen SUFFIX_ARGS);
b48781
 	if (rc < 0)
b48781
 		perror_msg_and_skip(TEST_SYSCALL_STR);
b48781
-	printf("%s(%d%s, {sa_family=AF_UNIX, sun_path=\"%.*s\"}"
b48781
+	printf("%s%s(%d%s%s, {sa_family=AF_UNIX, sun_path=\"%.*s\"%s}"
b48781
 	       ", [%d => %d]%s) = %d\n",
b48781
-	       TEST_SYSCALL_STR, fd, PREFIX_S_STR,
b48781
+	       my_secontext,
b48781
+	       TEST_SYSCALL_STR, fd, fd_secontext, PREFIX_S_STR,
b48781
 	       (int) (sizeof(struct sockaddr) - offsetof_sun_path),
b48781
-	       addr->sun_path, (int) sizeof(struct sockaddr),
b48781
-	       (int) *plen, SUFFIX_STR, rc);
b48781
+	       addr->sun_path, SECONTEXT_FILE(addr->sun_path),
b48781
+	       (int) sizeof(struct sockaddr), (int) *plen, SUFFIX_STR, rc);
b48781
 
b48781
 	PREPARE_TEST_SYSCALL_INVOCATION;
b48781
 	rc = TEST_SYSCALL_NAME(fd PREFIX_F_ARGS, (void *) addr,
b48781
 			       plen SUFFIX_ARGS);
b48781
-	printf("%s(%d%s, %p, [%d]%s) = %s\n",
b48781
-	       TEST_SYSCALL_STR, fd, PREFIX_F_STR, addr,
b48781
+	printf("%s%s(%d%s%s, %p, [%d]%s) = %s\n",
b48781
+	       my_secontext,
b48781
+	       TEST_SYSCALL_STR, fd, fd_secontext, PREFIX_F_STR, addr,
b48781
 	       *plen, SUFFIX_STR, sprintrc(rc));
b48781
 }