1/* Author: Joshua Brindle <jbrindle@tresys.com> 2 * Jason Tang <jtang@tresys.com> 3 * Ivan Gyurdiev <ivg2@cornell.edu> 4 * 5 * Copyright (C) 2005 Tresys Technology, LLC 6 * Copyright (C) 2005 Red Hat Inc. 7 * 8 * This library is free software; you can redistribute it and/or 9 * modify it under the terms of the GNU Lesser General Public 10 * License as published by the Free Software Foundation; either 11 * version 2.1 of the License, or (at your option) any later version. 12 * 13 * This library is distributed in the hope that it will be useful, 14 * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 16 * Lesser General Public License for more details. 17 * 18 * You should have received a copy of the GNU Lesser General Public 19 * License along with this library; if not, write to the Free Software 20 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA 21 */ 22 23#ifndef _SEMANAGE_INTERNAL_HANDLE_H_ 24#define _SEMANAGE_INTERNAL_HANDLE_H_ 25 26#include <stdint.h> 27#include <stddef.h> 28#include "handle_internal.h" 29#include <sepol/handle.h> 30#include "modules.h" 31#include "semanage_conf.h" 32#include "database.h" 33#include "direct_api.h" 34#include "policy.h" 35 36struct semanage_handle { 37 int con_id; /* Connection ID */ 38 39 /* Error handling */ 40 int msg_level; 41 const char *msg_channel; 42 const char *msg_fname; 43#ifdef __GNUC__ 44 __attribute__ ((format(printf, 3, 4))) 45#endif 46 void (*msg_callback) (void *varg, 47 semanage_handle_t * handle, const char *fmt, ...); 48 void *msg_callback_arg; 49 50 /* Direct vs Server specific handle */ 51 union { 52 struct semanage_direct_handle direct; 53 } u; 54 55 /* Libsepol handle */ 56 sepol_handle_t *sepolh; 57 58 semanage_conf_t *conf; 59 60 uint16_t priority; 61 int is_connected; 62 int is_in_transaction; 63 int do_reload; /* whether to reload policy after commit */ 64 int do_rebuild; /* whether to rebuild policy if there were no changes */ 65 int modules_modified; 66 int create_store; /* whether to create the store if it does not exist 67 * this will only have an effect on direct connections */ 68 int do_check_contexts; /* whether to run setfiles check the file contexts file */ 69 70 /* This timeout is used for transactions and waiting for lock 71 -1 means wait indefinetely 72 0 means return immediately 73 >0 means wait that many seconds */ 74 int timeout; 75 76 /* these function pointers will point to the appropriate 77 * routine given the connection type. think of these as 78 * simulating polymorphism for non-OO languages. */ 79 struct semanage_policy_table *funcs; 80 81 /* Object databases */ 82#define DBASE_COUNT 19 83 84/* Local modifications */ 85#define DBASE_LOCAL_USERS_BASE 0 86#define DBASE_LOCAL_USERS_EXTRA 1 87#define DBASE_LOCAL_USERS 2 88#define DBASE_LOCAL_PORTS 3 89#define DBASE_LOCAL_INTERFACES 4 90#define DBASE_LOCAL_BOOLEANS 5 91#define DBASE_LOCAL_FCONTEXTS 6 92#define DBASE_LOCAL_SEUSERS 7 93#define DBASE_LOCAL_NODES 8 94 95/* Policy + Local modifications */ 96#define DBASE_POLICY_USERS_BASE 9 97#define DBASE_POLICY_USERS_EXTRA 10 98#define DBASE_POLICY_USERS 11 99#define DBASE_POLICY_PORTS 12 100#define DBASE_POLICY_INTERFACES 13 101#define DBASE_POLICY_BOOLEANS 14 102#define DBASE_POLICY_FCONTEXTS 15 103#define DBASE_POLICY_SEUSERS 16 104#define DBASE_POLICY_NODES 17 105 106/* Active kernel policy */ 107#define DBASE_ACTIVE_BOOLEANS 18 108 dbase_config_t dbase[DBASE_COUNT]; 109}; 110 111/* === Local modifications === */ 112static inline 113 dbase_config_t * semanage_user_base_dbase_local(semanage_handle_t * handle) 114{ 115 return &handle->dbase[DBASE_LOCAL_USERS_BASE]; 116} 117 118static inline 119 dbase_config_t * semanage_user_extra_dbase_local(semanage_handle_t * handle) 120{ 121 return &handle->dbase[DBASE_LOCAL_USERS_EXTRA]; 122} 123 124static inline 125 dbase_config_t * semanage_user_dbase_local(semanage_handle_t * handle) 126{ 127 return &handle->dbase[DBASE_LOCAL_USERS]; 128} 129 130static inline 131 dbase_config_t * semanage_port_dbase_local(semanage_handle_t * handle) 132{ 133 return &handle->dbase[DBASE_LOCAL_PORTS]; 134} 135 136static inline 137 dbase_config_t * semanage_iface_dbase_local(semanage_handle_t * handle) 138{ 139 return &handle->dbase[DBASE_LOCAL_INTERFACES]; 140} 141 142static inline 143 dbase_config_t * semanage_bool_dbase_local(semanage_handle_t * handle) 144{ 145 return &handle->dbase[DBASE_LOCAL_BOOLEANS]; 146} 147 148static inline 149 dbase_config_t * semanage_fcontext_dbase_local(semanage_handle_t * handle) 150{ 151 return &handle->dbase[DBASE_LOCAL_FCONTEXTS]; 152} 153 154static inline 155 dbase_config_t * semanage_seuser_dbase_local(semanage_handle_t * handle) 156{ 157 return &handle->dbase[DBASE_LOCAL_SEUSERS]; 158} 159 160static inline 161 dbase_config_t * semanage_node_dbase_local(semanage_handle_t * handle) 162{ 163 return &handle->dbase[DBASE_LOCAL_NODES]; 164} 165 166/* === Policy + Local modifications === */ 167static inline 168 dbase_config_t * semanage_user_base_dbase_policy(semanage_handle_t * handle) 169{ 170 return &handle->dbase[DBASE_POLICY_USERS_BASE]; 171} 172 173static inline 174 dbase_config_t * semanage_user_extra_dbase_policy(semanage_handle_t * 175 handle) 176{ 177 return &handle->dbase[DBASE_POLICY_USERS_EXTRA]; 178} 179 180static inline 181 dbase_config_t * semanage_user_dbase_policy(semanage_handle_t * handle) 182{ 183 return &handle->dbase[DBASE_POLICY_USERS]; 184} 185 186static inline 187 dbase_config_t * semanage_port_dbase_policy(semanage_handle_t * handle) 188{ 189 return &handle->dbase[DBASE_POLICY_PORTS]; 190} 191 192static inline 193 dbase_config_t * semanage_iface_dbase_policy(semanage_handle_t * handle) 194{ 195 return &handle->dbase[DBASE_POLICY_INTERFACES]; 196} 197 198static inline 199 dbase_config_t * semanage_bool_dbase_policy(semanage_handle_t * handle) 200{ 201 return &handle->dbase[DBASE_POLICY_BOOLEANS]; 202} 203 204static inline 205 dbase_config_t * semanage_fcontext_dbase_policy(semanage_handle_t * handle) 206{ 207 return &handle->dbase[DBASE_POLICY_FCONTEXTS]; 208} 209 210static inline 211 dbase_config_t * semanage_seuser_dbase_policy(semanage_handle_t * handle) 212{ 213 return &handle->dbase[DBASE_POLICY_SEUSERS]; 214} 215 216static inline 217 dbase_config_t * semanage_node_dbase_policy(semanage_handle_t * handle) 218{ 219 return &handle->dbase[DBASE_POLICY_NODES]; 220} 221 222/* === Active kernel policy === */ 223static inline 224 dbase_config_t * semanage_bool_dbase_active(semanage_handle_t * handle) 225{ 226 return &handle->dbase[DBASE_ACTIVE_BOOLEANS]; 227} 228 229#endif 230