flask_types.h revision 255e72915d4cbddceb435e13d81601755714e9f3
1 2/* -*- linux-c -*- */ 3 4/* 5 * Author : Stephen Smalley, <sds@epoch.ncsc.mil> 6 */ 7 8#ifndef _SEPOL_POLICYDB_FLASK_TYPES_H_ 9#define _SEPOL_POLICYDB_FLASK_TYPES_H_ 10 11/* 12 * The basic Flask types and constants. 13 */ 14 15#include <sys/types.h> 16#include <stdint.h> 17 18/* 19 * A security context is a set of security attributes 20 * associated with each subject and object controlled 21 * by the security policy. The security context type 22 * is defined as a variable-length string that can be 23 * interpreted by any application or user with an 24 * understanding of the security policy. 25 */ 26typedef char *sepol_security_context_t; 27 28/* 29 * An access vector (AV) is a collection of related permissions 30 * for a pair of SIDs. The bits within an access vector 31 * are interpreted differently depending on the class of 32 * the object. The access vector interpretations are specified 33 * in flask/access_vectors, and the corresponding constants 34 * for permissions are defined in the automatically generated 35 * header file av_permissions.h. 36 */ 37typedef uint32_t sepol_access_vector_t; 38 39/* 40 * Each object class is identified by a fixed-size value. 41 * The set of security classes is specified in flask/security_classes, 42 * with the corresponding constants defined in the automatically 43 * generated header file flask.h. 44 */ 45typedef uint16_t sepol_security_class_t; 46#define SEPOL_SECCLASS_NULL 0x0000 /* no class */ 47 48#define SELINUX_MAGIC 0xf97cff8c 49#define SELINUX_MOD_MAGIC 0xf97cff8d 50 51typedef uint32_t sepol_security_id_t; 52#define SEPOL_SECSID_NULL 0 53 54struct sepol_av_decision { 55 sepol_access_vector_t allowed; 56 sepol_access_vector_t decided; 57 sepol_access_vector_t auditallow; 58 sepol_access_vector_t auditdeny; 59 uint32_t seqno; 60}; 61 62#endif 63