1/* 2 * This file describes the internal interface used by the labeler 3 * for calling the user-supplied memory allocation, validation, 4 * and locking routine. 5 * 6 * Author : Eamon Walsh <ewalsh@epoch.ncsc.mil> 7 */ 8#ifndef _SELABEL_INTERNAL_H_ 9#define _SELABEL_INTERNAL_H_ 10 11#include <stdlib.h> 12#include <stdarg.h> 13#include <selinux/selinux.h> 14#include <selinux/label.h> 15#include "dso.h" 16 17/* 18 * Installed backends 19 */ 20int selabel_file_init(struct selabel_handle *rec, const struct selinux_opt *opts, 21 unsigned nopts) hidden; 22int selabel_media_init(struct selabel_handle *rec, const struct selinux_opt *opts, 23 unsigned nopts) hidden; 24int selabel_x_init(struct selabel_handle *rec, const struct selinux_opt *opts, 25 unsigned nopts) hidden; 26int selabel_db_init(struct selabel_handle *rec, 27 const struct selinux_opt *opts, unsigned nopts) hidden; 28int selabel_property_init(struct selabel_handle *rec, 29 const struct selinux_opt *opts, unsigned nopts) hidden; 30 31/* 32 * Labeling internal structures 33 */ 34struct selabel_sub { 35 char *src; 36 int slen; 37 char *dst; 38 struct selabel_sub *next; 39}; 40 41struct selabel_lookup_rec { 42 char * ctx_raw; 43 char * ctx_trans; 44 int validated; 45}; 46 47struct selabel_handle { 48 /* arguments that were passed to selabel_open */ 49 unsigned int backend; 50 int validating; 51 52 /* labeling operations */ 53 struct selabel_lookup_rec *(*func_lookup) (struct selabel_handle *h, 54 const char *key, int type); 55 void (*func_close) (struct selabel_handle *h); 56 void (*func_stats) (struct selabel_handle *h); 57 bool (*func_partial_match) (struct selabel_handle *h, const char *key); 58 struct selabel_lookup_rec *(*func_lookup_best_match) 59 (struct selabel_handle *h, 60 const char *key, 61 const char **aliases, 62 int type); 63 enum selabel_cmp_result (*func_cmp)(struct selabel_handle *h1, 64 struct selabel_handle *h2); 65 66 /* supports backend-specific state information */ 67 void *data; 68 69 /* 70 * The main spec file used. Note for file contexts the local and/or 71 * homedirs could also have been used to resolve a context. 72 */ 73 char *spec_file; 74 75 /* substitution support */ 76 struct selabel_sub *dist_subs; 77 struct selabel_sub *subs; 78}; 79 80/* 81 * Validation function 82 */ 83extern int 84selabel_validate(struct selabel_handle *rec, 85 struct selabel_lookup_rec *contexts) hidden; 86 87/* 88 * The read_spec_entries function may be used to 89 * replace sscanf to read entries from spec files. 90 */ 91extern int read_spec_entries(char *line_buf, const char **errbuf, int num_args, ...); 92 93#endif /* _SELABEL_INTERNAL_H_ */ 94