1f074036424618c130dacb3464465a8b40bffef5Stephen Smalley/* 2f074036424618c130dacb3464465a8b40bffef5Stephen Smalley * User-supplied callbacks and default implementations. 3f074036424618c130dacb3464465a8b40bffef5Stephen Smalley * Class and permission mappings. 4f074036424618c130dacb3464465a8b40bffef5Stephen Smalley */ 5f074036424618c130dacb3464465a8b40bffef5Stephen Smalley 6f074036424618c130dacb3464465a8b40bffef5Stephen Smalley#include <stdio.h> 7f074036424618c130dacb3464465a8b40bffef5Stephen Smalley#include <stdlib.h> 8f074036424618c130dacb3464465a8b40bffef5Stephen Smalley#include <stdarg.h> 9f074036424618c130dacb3464465a8b40bffef5Stephen Smalley#include <errno.h> 10f074036424618c130dacb3464465a8b40bffef5Stephen Smalley#include <selinux/selinux.h> 11f074036424618c130dacb3464465a8b40bffef5Stephen Smalley#include "callbacks.h" 12f074036424618c130dacb3464465a8b40bffef5Stephen Smalley 13f074036424618c130dacb3464465a8b40bffef5Stephen Smalley/* default implementations */ 14f074036424618c130dacb3464465a8b40bffef5Stephen Smalleystatic int __attribute__ ((format(printf, 2, 3))) 15f074036424618c130dacb3464465a8b40bffef5Stephen Smalleydefault_selinux_log(int type __attribute__((unused)), const char *fmt, ...) 16f074036424618c130dacb3464465a8b40bffef5Stephen Smalley{ 17f074036424618c130dacb3464465a8b40bffef5Stephen Smalley int rc; 18f074036424618c130dacb3464465a8b40bffef5Stephen Smalley va_list ap; 19f074036424618c130dacb3464465a8b40bffef5Stephen Smalley va_start(ap, fmt); 20f074036424618c130dacb3464465a8b40bffef5Stephen Smalley rc = vfprintf(stderr, fmt, ap); 21f074036424618c130dacb3464465a8b40bffef5Stephen Smalley va_end(ap); 22f074036424618c130dacb3464465a8b40bffef5Stephen Smalley return rc; 23f074036424618c130dacb3464465a8b40bffef5Stephen Smalley} 24f074036424618c130dacb3464465a8b40bffef5Stephen Smalley 25f074036424618c130dacb3464465a8b40bffef5Stephen Smalleystatic int 26f074036424618c130dacb3464465a8b40bffef5Stephen Smalleydefault_selinux_audit(void *ptr __attribute__((unused)), 27f074036424618c130dacb3464465a8b40bffef5Stephen Smalley security_class_t cls __attribute__((unused)), 28f074036424618c130dacb3464465a8b40bffef5Stephen Smalley char *buf __attribute__((unused)), 29f074036424618c130dacb3464465a8b40bffef5Stephen Smalley size_t len __attribute__((unused))) 30f074036424618c130dacb3464465a8b40bffef5Stephen Smalley{ 31f074036424618c130dacb3464465a8b40bffef5Stephen Smalley return 0; 32f074036424618c130dacb3464465a8b40bffef5Stephen Smalley} 33f074036424618c130dacb3464465a8b40bffef5Stephen Smalley 34f074036424618c130dacb3464465a8b40bffef5Stephen Smalleystatic int 35ab40ea9bfd71b50138f1482c4764a65ac17d8cafStephen Smalleydefault_selinux_validate(char **ctx) 36f074036424618c130dacb3464465a8b40bffef5Stephen Smalley{ 37f074036424618c130dacb3464465a8b40bffef5Stephen Smalley return security_check_context(*ctx); 38f074036424618c130dacb3464465a8b40bffef5Stephen Smalley} 39f074036424618c130dacb3464465a8b40bffef5Stephen Smalley 40f074036424618c130dacb3464465a8b40bffef5Stephen Smalleystatic int 41f074036424618c130dacb3464465a8b40bffef5Stephen Smalleydefault_selinux_setenforce(int enforcing __attribute__((unused))) 42f074036424618c130dacb3464465a8b40bffef5Stephen Smalley{ 43f074036424618c130dacb3464465a8b40bffef5Stephen Smalley return 0; 44f074036424618c130dacb3464465a8b40bffef5Stephen Smalley} 45f074036424618c130dacb3464465a8b40bffef5Stephen Smalley 46f074036424618c130dacb3464465a8b40bffef5Stephen Smalleystatic int 47f074036424618c130dacb3464465a8b40bffef5Stephen Smalleydefault_selinux_policyload(int seqno __attribute__((unused))) 48f074036424618c130dacb3464465a8b40bffef5Stephen Smalley{ 49f074036424618c130dacb3464465a8b40bffef5Stephen Smalley return 0; 50f074036424618c130dacb3464465a8b40bffef5Stephen Smalley} 51f074036424618c130dacb3464465a8b40bffef5Stephen Smalley 52f074036424618c130dacb3464465a8b40bffef5Stephen Smalley/* callback pointers */ 53f074036424618c130dacb3464465a8b40bffef5Stephen Smalleyint __attribute__ ((format(printf, 2, 3))) 54f074036424618c130dacb3464465a8b40bffef5Stephen Smalley(*selinux_log)(int, const char *, ...) = 55f074036424618c130dacb3464465a8b40bffef5Stephen Smalley default_selinux_log; 56f074036424618c130dacb3464465a8b40bffef5Stephen Smalley 57f074036424618c130dacb3464465a8b40bffef5Stephen Smalleyint 58f074036424618c130dacb3464465a8b40bffef5Stephen Smalley(*selinux_audit) (void *, security_class_t, char *, size_t) = 59f074036424618c130dacb3464465a8b40bffef5Stephen Smalley default_selinux_audit; 60f074036424618c130dacb3464465a8b40bffef5Stephen Smalley 61f074036424618c130dacb3464465a8b40bffef5Stephen Smalleyint 62ab40ea9bfd71b50138f1482c4764a65ac17d8cafStephen Smalley(*selinux_validate)(char **ctx) = 63f074036424618c130dacb3464465a8b40bffef5Stephen Smalley default_selinux_validate; 64f074036424618c130dacb3464465a8b40bffef5Stephen Smalley 65f074036424618c130dacb3464465a8b40bffef5Stephen Smalleyint 66f074036424618c130dacb3464465a8b40bffef5Stephen Smalley(*selinux_netlink_setenforce) (int enforcing) = 67f074036424618c130dacb3464465a8b40bffef5Stephen Smalley default_selinux_setenforce; 68f074036424618c130dacb3464465a8b40bffef5Stephen Smalley 69f074036424618c130dacb3464465a8b40bffef5Stephen Smalleyint 70f074036424618c130dacb3464465a8b40bffef5Stephen Smalley(*selinux_netlink_policyload) (int seqno) = 71f074036424618c130dacb3464465a8b40bffef5Stephen Smalley default_selinux_policyload; 72f074036424618c130dacb3464465a8b40bffef5Stephen Smalley 73f074036424618c130dacb3464465a8b40bffef5Stephen Smalley/* callback setting function */ 74f074036424618c130dacb3464465a8b40bffef5Stephen Smalleyvoid 75f074036424618c130dacb3464465a8b40bffef5Stephen Smalleyselinux_set_callback(int type, union selinux_callback cb) 76f074036424618c130dacb3464465a8b40bffef5Stephen Smalley{ 77f074036424618c130dacb3464465a8b40bffef5Stephen Smalley switch (type) { 78f074036424618c130dacb3464465a8b40bffef5Stephen Smalley case SELINUX_CB_LOG: 79f074036424618c130dacb3464465a8b40bffef5Stephen Smalley selinux_log = cb.func_log; 80f074036424618c130dacb3464465a8b40bffef5Stephen Smalley break; 81f074036424618c130dacb3464465a8b40bffef5Stephen Smalley case SELINUX_CB_AUDIT: 82f074036424618c130dacb3464465a8b40bffef5Stephen Smalley selinux_audit = cb.func_audit; 83f074036424618c130dacb3464465a8b40bffef5Stephen Smalley break; 84f074036424618c130dacb3464465a8b40bffef5Stephen Smalley case SELINUX_CB_VALIDATE: 85f074036424618c130dacb3464465a8b40bffef5Stephen Smalley selinux_validate = cb.func_validate; 86f074036424618c130dacb3464465a8b40bffef5Stephen Smalley break; 87f074036424618c130dacb3464465a8b40bffef5Stephen Smalley case SELINUX_CB_SETENFORCE: 88f074036424618c130dacb3464465a8b40bffef5Stephen Smalley selinux_netlink_setenforce = cb.func_setenforce; 89f074036424618c130dacb3464465a8b40bffef5Stephen Smalley break; 90f074036424618c130dacb3464465a8b40bffef5Stephen Smalley case SELINUX_CB_POLICYLOAD: 91f074036424618c130dacb3464465a8b40bffef5Stephen Smalley selinux_netlink_policyload = cb.func_policyload; 92f074036424618c130dacb3464465a8b40bffef5Stephen Smalley break; 93f074036424618c130dacb3464465a8b40bffef5Stephen Smalley } 94f074036424618c130dacb3464465a8b40bffef5Stephen Smalley} 95f074036424618c130dacb3464465a8b40bffef5Stephen Smalley 96f074036424618c130dacb3464465a8b40bffef5Stephen Smalley/* callback getting function */ 97f074036424618c130dacb3464465a8b40bffef5Stephen Smalleyunion selinux_callback 98f074036424618c130dacb3464465a8b40bffef5Stephen Smalleyselinux_get_callback(int type) 99f074036424618c130dacb3464465a8b40bffef5Stephen Smalley{ 100f074036424618c130dacb3464465a8b40bffef5Stephen Smalley union selinux_callback cb; 101f074036424618c130dacb3464465a8b40bffef5Stephen Smalley 102f074036424618c130dacb3464465a8b40bffef5Stephen Smalley switch (type) { 103f074036424618c130dacb3464465a8b40bffef5Stephen Smalley case SELINUX_CB_LOG: 104f074036424618c130dacb3464465a8b40bffef5Stephen Smalley cb.func_log = selinux_log; 105f074036424618c130dacb3464465a8b40bffef5Stephen Smalley break; 106f074036424618c130dacb3464465a8b40bffef5Stephen Smalley case SELINUX_CB_AUDIT: 107f074036424618c130dacb3464465a8b40bffef5Stephen Smalley cb.func_audit = selinux_audit; 108f074036424618c130dacb3464465a8b40bffef5Stephen Smalley break; 109f074036424618c130dacb3464465a8b40bffef5Stephen Smalley case SELINUX_CB_VALIDATE: 110f074036424618c130dacb3464465a8b40bffef5Stephen Smalley cb.func_validate = selinux_validate; 111f074036424618c130dacb3464465a8b40bffef5Stephen Smalley break; 112f074036424618c130dacb3464465a8b40bffef5Stephen Smalley case SELINUX_CB_SETENFORCE: 113f074036424618c130dacb3464465a8b40bffef5Stephen Smalley cb.func_setenforce = selinux_netlink_setenforce; 114f074036424618c130dacb3464465a8b40bffef5Stephen Smalley break; 115f074036424618c130dacb3464465a8b40bffef5Stephen Smalley case SELINUX_CB_POLICYLOAD: 116f074036424618c130dacb3464465a8b40bffef5Stephen Smalley cb.func_policyload = selinux_netlink_policyload; 117f074036424618c130dacb3464465a8b40bffef5Stephen Smalley break; 118f074036424618c130dacb3464465a8b40bffef5Stephen Smalley default: 119f074036424618c130dacb3464465a8b40bffef5Stephen Smalley memset(&cb, 0, sizeof(cb)); 120f074036424618c130dacb3464465a8b40bffef5Stephen Smalley errno = EINVAL; 121f074036424618c130dacb3464465a8b40bffef5Stephen Smalley break; 122f074036424618c130dacb3464465a8b40bffef5Stephen Smalley } 123f074036424618c130dacb3464465a8b40bffef5Stephen Smalley return cb; 124f074036424618c130dacb3464465a8b40bffef5Stephen Smalley} 125