1/* Author: Joshua Brindle <jbrindle@tresys.com> 2 * Jason Tang <jtang@tresys.com> 3 * Ivan Gyurdiev <ivg2@cornell.edu> 4 * 5 * Copyright (C) 2005 Tresys Technology, LLC 6 * Copyright (C) 2005 Red Hat Inc. 7 * 8 * This library is free software; you can redistribute it and/or 9 * modify it under the terms of the GNU Lesser General Public 10 * License as published by the Free Software Foundation; either 11 * version 2.1 of the License, or (at your option) any later version. 12 * 13 * This library is distributed in the hope that it will be useful, 14 * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 16 * Lesser General Public License for more details. 17 * 18 * You should have received a copy of the GNU Lesser General Public 19 * License along with this library; if not, write to the Free Software 20 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA 21 */ 22 23#ifndef _SEMANAGE_INTERNAL_HANDLE_H_ 24#define _SEMANAGE_INTERNAL_HANDLE_H_ 25 26#include <stdint.h> 27#include <stddef.h> 28#include "handle_internal.h" 29#include <sepol/handle.h> 30#include "modules.h" 31#include "semanage_conf.h" 32#include "database.h" 33#include "direct_api.h" 34#include "policy.h" 35 36struct semanage_handle { 37 int con_id; /* Connection ID */ 38 39 /* Error handling */ 40 int msg_level; 41 const char *msg_channel; 42 const char *msg_fname; 43#ifdef __GNUC__ 44 __attribute__ ((format(printf, 3, 4))) 45#endif 46 void (*msg_callback) (void *varg, 47 semanage_handle_t * handle, const char *fmt, ...); 48 void *msg_callback_arg; 49 50 /* Direct vs Server specific handle */ 51 union { 52 struct semanage_direct_handle direct; 53 } u; 54 55 /* Libsepol handle */ 56 sepol_handle_t *sepolh; 57 58 semanage_conf_t *conf; 59 60 uint16_t priority; 61 int is_connected; 62 int is_in_transaction; 63 int do_reload; /* whether to reload policy after commit */ 64 int do_rebuild; /* whether to rebuild policy if there were no changes */ 65 int modules_modified; 66 int create_store; /* whether to create the store if it does not exist 67 * this will only have an effect on direct connections */ 68 int do_check_contexts; /* whether to run setfiles check the file contexts file */ 69 70 /* This timeout is used for transactions and waiting for lock 71 -1 means wait indefinetely 72 0 means return immediately 73 >0 means wait that many seconds */ 74 int timeout; 75 76 /* these function pointers will point to the appropriate 77 * routine given the connection type. think of these as 78 * simulating polymorphism for non-OO languages. */ 79 struct semanage_policy_table *funcs; 80 81 /* Object databases */ 82#define DBASE_COUNT 24 83 84/* Local modifications */ 85#define DBASE_LOCAL_USERS_BASE 0 86#define DBASE_LOCAL_USERS_EXTRA 1 87#define DBASE_LOCAL_USERS 2 88#define DBASE_LOCAL_PORTS 3 89#define DBASE_LOCAL_INTERFACES 4 90#define DBASE_LOCAL_BOOLEANS 5 91#define DBASE_LOCAL_FCONTEXTS 6 92#define DBASE_LOCAL_SEUSERS 7 93#define DBASE_LOCAL_NODES 8 94#define DBASE_LOCAL_IBPKEYS 9 95#define DBASE_LOCAL_IBENDPORTS 10 96 97/* Policy + Local modifications */ 98#define DBASE_POLICY_USERS_BASE 11 99#define DBASE_POLICY_USERS_EXTRA 12 100#define DBASE_POLICY_USERS 13 101#define DBASE_POLICY_PORTS 14 102#define DBASE_POLICY_INTERFACES 15 103#define DBASE_POLICY_BOOLEANS 16 104#define DBASE_POLICY_FCONTEXTS 17 105#define DBASE_POLICY_FCONTEXTS_H 18 106#define DBASE_POLICY_SEUSERS 19 107#define DBASE_POLICY_NODES 20 108#define DBASE_POLICY_IBPKEYS 21 109#define DBASE_POLICY_IBENDPORTS 22 110 111/* Active kernel policy */ 112#define DBASE_ACTIVE_BOOLEANS 23 113 dbase_config_t dbase[DBASE_COUNT]; 114}; 115 116/* === Local modifications === */ 117static inline 118 dbase_config_t * semanage_user_base_dbase_local(semanage_handle_t * handle) 119{ 120 return &handle->dbase[DBASE_LOCAL_USERS_BASE]; 121} 122 123static inline 124 dbase_config_t * semanage_user_extra_dbase_local(semanage_handle_t * handle) 125{ 126 return &handle->dbase[DBASE_LOCAL_USERS_EXTRA]; 127} 128 129static inline 130 dbase_config_t * semanage_user_dbase_local(semanage_handle_t * handle) 131{ 132 return &handle->dbase[DBASE_LOCAL_USERS]; 133} 134 135static inline 136 dbase_config_t * semanage_port_dbase_local(semanage_handle_t * handle) 137{ 138 return &handle->dbase[DBASE_LOCAL_PORTS]; 139} 140 141static inline 142 dbase_config_t * semanage_ibpkey_dbase_local(semanage_handle_t * handle) 143{ 144 return &handle->dbase[DBASE_LOCAL_IBPKEYS]; 145} 146 147static inline 148 dbase_config_t * semanage_ibendport_dbase_local(semanage_handle_t * handle) 149{ 150 return &handle->dbase[DBASE_LOCAL_IBENDPORTS]; 151} 152 153static inline 154 dbase_config_t * semanage_iface_dbase_local(semanage_handle_t * handle) 155{ 156 return &handle->dbase[DBASE_LOCAL_INTERFACES]; 157} 158 159static inline 160 dbase_config_t * semanage_bool_dbase_local(semanage_handle_t * handle) 161{ 162 return &handle->dbase[DBASE_LOCAL_BOOLEANS]; 163} 164 165static inline 166 dbase_config_t * semanage_fcontext_dbase_local(semanage_handle_t * handle) 167{ 168 return &handle->dbase[DBASE_LOCAL_FCONTEXTS]; 169} 170 171static inline 172 dbase_config_t * semanage_seuser_dbase_local(semanage_handle_t * handle) 173{ 174 return &handle->dbase[DBASE_LOCAL_SEUSERS]; 175} 176 177static inline 178 dbase_config_t * semanage_node_dbase_local(semanage_handle_t * handle) 179{ 180 return &handle->dbase[DBASE_LOCAL_NODES]; 181} 182 183/* === Policy + Local modifications === */ 184static inline 185 dbase_config_t * semanage_user_base_dbase_policy(semanage_handle_t * handle) 186{ 187 return &handle->dbase[DBASE_POLICY_USERS_BASE]; 188} 189 190static inline 191 dbase_config_t * semanage_user_extra_dbase_policy(semanage_handle_t * 192 handle) 193{ 194 return &handle->dbase[DBASE_POLICY_USERS_EXTRA]; 195} 196 197static inline 198 dbase_config_t * semanage_user_dbase_policy(semanage_handle_t * handle) 199{ 200 return &handle->dbase[DBASE_POLICY_USERS]; 201} 202 203static inline 204 dbase_config_t * semanage_port_dbase_policy(semanage_handle_t * handle) 205{ 206 return &handle->dbase[DBASE_POLICY_PORTS]; 207} 208 209static inline 210 dbase_config_t * semanage_ibpkey_dbase_policy(semanage_handle_t * handle) 211{ 212 return &handle->dbase[DBASE_POLICY_IBPKEYS]; 213} 214 215static inline 216 dbase_config_t * semanage_ibendport_dbase_policy(semanage_handle_t * handle) 217{ 218 return &handle->dbase[DBASE_POLICY_IBENDPORTS]; 219} 220 221static inline 222 dbase_config_t * semanage_iface_dbase_policy(semanage_handle_t * handle) 223{ 224 return &handle->dbase[DBASE_POLICY_INTERFACES]; 225} 226 227static inline 228 dbase_config_t * semanage_bool_dbase_policy(semanage_handle_t * handle) 229{ 230 return &handle->dbase[DBASE_POLICY_BOOLEANS]; 231} 232 233static inline 234 dbase_config_t * semanage_fcontext_dbase_policy(semanage_handle_t * handle) 235{ 236 return &handle->dbase[DBASE_POLICY_FCONTEXTS]; 237} 238 239static inline 240 dbase_config_t * semanage_fcontext_dbase_homedirs(semanage_handle_t * handle) 241{ 242 return &handle->dbase[DBASE_POLICY_FCONTEXTS_H]; 243} 244 245static inline 246 dbase_config_t * semanage_seuser_dbase_policy(semanage_handle_t * handle) 247{ 248 return &handle->dbase[DBASE_POLICY_SEUSERS]; 249} 250 251static inline 252 dbase_config_t * semanage_node_dbase_policy(semanage_handle_t * handle) 253{ 254 return &handle->dbase[DBASE_POLICY_NODES]; 255} 256 257/* === Active kernel policy === */ 258static inline 259 dbase_config_t * semanage_bool_dbase_active(semanage_handle_t * handle) 260{ 261 return &handle->dbase[DBASE_ACTIVE_BOOLEANS]; 262} 263 264#endif 265