commit 8b40b9cc6488082a14e985691337d1fcfaac9577
author Stephen Smalley <sds@tycho.nsa.gov> Wed Aug 05 11:35:23 2015 -0400
committer Stephen Smalley <sds@tycho.nsa.gov> Wed Aug 05 12:39:30 2015 -0400
tree b90960416e5cfc3d136b787caa67191ca6863ce5
parent 25f659aa27c0cad7b19098abd4031527dedfbdb2

libselinux: add selabel_cmp interface and label_file backend

Add a selabel_cmp() interface for comparing two label configurations,
and implement it for the file backend (i.e. for file_contexts). This
allows comparing two file_contexts configurations to see if the first
is a subset of, equal/identical to, a superset of, or incomparable to
the second.  The motivating use case is to allow comparing two
file_contexts.bin files in Android CTS to confirm that a device
file_contexts.bin file contains all of the entries in the AOSP
general file_contexts.

Change-Id: I0fe63e0c7f11ae067b5aac2f468f7842e5d76986
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>

src/label.c

diff --git a/src/label.c b/src/label.c
index dd51aa3..84cee51 100644
--- a/src/label.c
+++ b/src/label.c
@@ -149,6 +149,15 @@
 	return *con ? 0 : -1;
 }
 
+enum selabel_cmp_result selabel_cmp(struct selabel_handle *h1,
+				    struct selabel_handle *h2)
+{
+	if (!h1->func_cmp || h1->func_cmp != h2->func_cmp)
+		return SELABEL_INCOMPARABLE;
+
+	return h1->func_cmp(h1, h2);
+}
+
 void selabel_close(struct selabel_handle *rec)
 {
 	rec->func_close(rec);