selinux.h revision f074036424618c130dacb3464465a8b40bffef58 
1#ifndef _SELINUX_H_
2#define _SELINUX_H_
3
4#include <sys/types.h>
5#include <stdarg.h>
6
7#ifdef __cplusplus
8extern "C" {
9#endif
10
11/* Return 1 if we are running on a SELinux kernel, or 0 if not or -1 if we get an error. */
12extern int is_selinux_enabled(void);
13/* Return 1 if we are running on a SELinux MLS kernel, or 0 otherwise. */
14extern int is_selinux_mls_enabled(void);
15
16typedef char *security_context_t;
17
18/* Free the memory allocated for a context by any of the below get* calls. */
19extern void freecon(security_context_t con);
20
21/* Free the memory allocated for a context array by security_compute_user. */
22extern void freeconary(security_context_t * con);
23
24/* Wrappers for the /proc/pid/attr API. */
25
26/* Get current context, and set *con to refer to it.
27   Caller must free via freecon. */
28extern int getcon(security_context_t * con);
29
30/* Set the current security context to con.
31   Note that use of this function requires that the entire application
32   be trusted to maintain any desired separation between the old and new
33   security contexts, unlike exec-based transitions performed via setexeccon.
34   When possible, decompose your application and use setexeccon()+execve()
35   instead. Note that the application may lose access to its open descriptors
36   as a result of a setcon() unless policy allows it to use descriptors opened
37   by the old context. */
38extern int setcon(const security_context_t con);
39
40/* Get context of process identified by pid, and
41   set *con to refer to it.  Caller must free via freecon. */
42extern int getpidcon(pid_t pid, security_context_t * con);
43
44/* Get previous context (prior to last exec), and set *con to refer to it.
45   Caller must free via freecon. */
46extern int getprevcon(security_context_t * con);
47
48/* Get exec context, and set *con to refer to it.
49   Sets *con to NULL if no exec context has been set, i.e. using default.
50   If non-NULL, caller must free via freecon. */
51extern int getexeccon(security_context_t * con);
52
53/* Set exec security context for the next execve.
54   Call with NULL if you want to reset to the default. */
55extern int setexeccon(const security_context_t con);
56
57/* Get fscreate context, and set *con to refer to it.
58   Sets *con to NULL if no fs create context has been set, i.e. using default.
59   If non-NULL, caller must free via freecon. */
60extern int getfscreatecon(security_context_t * con);
61
62/* Set the fscreate security context for subsequent file creations.
63   Call with NULL if you want to reset to the default. */
64extern int setfscreatecon(const security_context_t context);
65
66/* Get keycreate context, and set *con to refer to it.
67   Sets *con to NULL if no key create context has been set, i.e. using default.
68   If non-NULL, caller must free via freecon. */
69extern int getkeycreatecon(security_context_t * con);
70
71/* Set the keycreate security context for subsequent key creations.
72   Call with NULL if you want to reset to the default. */
73extern int setkeycreatecon(const security_context_t context);
74
75/* Get sockcreate context, and set *con to refer to it.
76   Sets *con to NULL if no socket create context has been set, i.e. using default.
77   If non-NULL, caller must free via freecon. */
78extern int getsockcreatecon(security_context_t * con);
79
80/* Set the sockcreate security context for subsequent socket creations.
81   Call with NULL if you want to reset to the default. */
82extern int setsockcreatecon(const security_context_t context);
83
84/* Wrappers for the xattr API. */
85
86/* Get file context, and set *con to refer to it.
87   Caller must free via freecon. */
88extern int getfilecon(const char *path, security_context_t * con);
89extern int lgetfilecon(const char *path, security_context_t * con);
90extern int fgetfilecon(int fd, security_context_t * con);
91
92/* Set file context */
93extern int setfilecon(const char *path, security_context_t con);
94extern int lsetfilecon(const char *path, security_context_t con);
95extern int fsetfilecon(int fd, security_context_t con);
96
97/* Wrappers for the socket API */
98
99/* Get context of peer socket, and set *con to refer to it.
100   Caller must free via freecon. */
101extern int getpeercon(int fd, security_context_t * con);
102
103/* Wrappers for the selinuxfs (policy) API. */
104
105typedef unsigned int access_vector_t;
106typedef unsigned short security_class_t;
107
108struct av_decision {
109	access_vector_t allowed;
110	access_vector_t decided;
111	access_vector_t auditallow;
112	access_vector_t auditdeny;
113	unsigned int seqno;
114	unsigned int flags;
115};
116
117/* Definitions of av_decision.flags */
118#define SELINUX_AVD_FLAGS_PERMISSIVE	0x0001
119
120/* Structure for passing options, used by AVC and label subsystems */
121struct selinux_opt {
122	int type;
123	const char *value;
124};
125
126/* Callback facilities */
127union selinux_callback {
128	/* log the printf-style format and arguments,
129	   with the type code indicating the type of message */
130	int
131#ifdef __GNUC__
132__attribute__ ((format(printf, 2, 3)))
133#endif
134	(*func_log) (int type, const char *fmt, ...);
135	/* store a string representation of auditdata (corresponding
136	   to the given security class) into msgbuf. */
137	int (*func_audit) (void *auditdata, security_class_t cls,
138			   char *msgbuf, size_t msgbufsize);
139	/* validate the supplied context, modifying if necessary */
140	int (*func_validate) (security_context_t *ctx);
141	/* netlink callback for setenforce message */
142	int (*func_setenforce) (int enforcing);
143	/* netlink callback for policyload message */
144	int (*func_policyload) (int seqno);
145};
146
147#define SELINUX_CB_LOG		0
148#define SELINUX_CB_AUDIT	1
149#define SELINUX_CB_VALIDATE	2
150#define SELINUX_CB_SETENFORCE	3
151#define SELINUX_CB_POLICYLOAD	4
152
153extern union selinux_callback selinux_get_callback(int type);
154extern void selinux_set_callback(int type, union selinux_callback cb);
155
156	/* Logging type codes, passed to the logging callback */
157#define SELINUX_ERROR	        0
158#define SELINUX_WARNING		1
159#define SELINUX_INFO		2
160#define SELINUX_AVC		3
161
162/* Compute an access decision. */
163extern int security_compute_av(const security_context_t scon,
164			       const security_context_t tcon,
165			       security_class_t tclass,
166			       access_vector_t requested,
167			       struct av_decision *avd);
168
169/* Compute a labeling decision and set *newcon to refer to it.
170   Caller must free via freecon. */
171extern int security_compute_create(const security_context_t scon,
172				   const security_context_t tcon,
173				   security_class_t tclass,
174				   security_context_t * newcon);
175
176/* Compute a relabeling decision and set *newcon to refer to it.
177   Caller must free via freecon. */
178extern int security_compute_relabel(const security_context_t scon,
179				    const security_context_t tcon,
180				    security_class_t tclass,
181				    security_context_t * newcon);
182
183/* Compute a polyinstantiation member decision and set *newcon to refer to it.
184   Caller must free via freecon. */
185extern int security_compute_member(const security_context_t scon,
186				   const security_context_t tcon,
187				   security_class_t tclass,
188				   security_context_t * newcon);
189
190/* Compute the set of reachable user contexts and set *con to refer to
191   the NULL-terminated array of contexts.  Caller must free via freeconary. */
192extern int security_compute_user(const security_context_t scon,
193				 const char *username,
194				 security_context_t ** con);
195
196/* Load a policy configuration. */
197extern int security_load_policy(void *data, size_t len);
198
199/* Get the context of an initial kernel security identifier by name.
200   Caller must free via freecon */
201extern int security_get_initial_context(const char *name,
202					security_context_t * con);
203
204/* Translate boolean strict to name value pair. */
205typedef struct {
206	char *name;
207	int value;
208} SELboolean;
209/* save a list of booleans in a single transaction.  */
210extern int security_set_boolean_list(size_t boolcnt,
211				     SELboolean * boollist, int permanent);
212
213/* Check the validity of a security context. */
214extern int security_check_context(const security_context_t con);
215
216/* Canonicalize a security context. */
217extern int security_canonicalize_context(const security_context_t con,
218					 security_context_t * canoncon);
219
220/* Get the enforce flag value. */
221extern int security_getenforce(void);
222
223/* Set the enforce flag value. */
224extern int security_setenforce(int value);
225
226/* Get the behavior for undefined classes/permissions */
227extern int security_deny_unknown(void);
228
229/* Disable SELinux at runtime (must be done prior to initial policy load). */
230extern int security_disable(void);
231
232/* Get the policy version number. */
233extern int security_policyvers(void);
234
235/* Get the boolean names */
236extern int security_get_boolean_names(char ***names, int *len);
237
238/* Get the pending value for the boolean */
239extern int security_get_boolean_pending(const char *name);
240
241/* Get the active value for the boolean */
242extern int security_get_boolean_active(const char *name);
243
244/* Set the pending value for the boolean */
245extern int security_set_boolean(const char *name, int value);
246
247/* Commit the pending values for the booleans */
248extern int security_commit_booleans(void);
249
250/* Userspace class mapping support */
251struct security_class_mapping {
252	const char *name;
253	const char *perms[sizeof(access_vector_t) * 8 + 1];
254};
255
256extern int selinux_set_mapping(struct security_class_mapping *map);
257
258/* Common helpers */
259
260/* Convert between security class values and string names */
261extern security_class_t string_to_security_class(const char *name);
262extern const char *security_class_to_string(security_class_t cls);
263
264/* Convert between individual access vector permissions and string names */
265extern const char *security_av_perm_to_string(security_class_t tclass,
266					      access_vector_t perm);
267extern access_vector_t string_to_av_perm(security_class_t tclass,
268					 const char *name);
269
270/* Returns an access vector in a string representation.  User must free the
271 * returned string via free(). */
272extern int security_av_string(security_class_t tclass,
273			      access_vector_t av, char **result);
274
275/* Check permissions and perform appropriate auditing. */
276extern int selinux_check_access(const security_context_t scon,
277				const security_context_t tcon,
278				const char *tclass,
279				const char *perm, void *aux);
280
281/* Set the path to the selinuxfs mount point explicitly.
282   Normally, this is determined automatically during libselinux
283   initialization, but this is not always possible, e.g. for /sbin/init
284   which performs the initial mount of selinuxfs. */
285void set_selinuxmnt(char *mnt);
286
287#ifdef __cplusplus
288}
289#endif
290#endif
291