libsepol1-dev 2.4-2 / usr / include / sepol / policydb.h

This file is indexed.

/usr/include/sepol/policydb.h is in libsepol1-dev 2.4-2.

This file is owned by root:root, with mode 0o644.

The actual contents of the file can be viewed below. 

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
#ifndef _SEPOL_POLICYDB_H_
#define _SEPOL_POLICYDB_H_

#include <stddef.h>
#include <stdio.h>

#include <sepol/handle.h>
#include <sys/cdefs.h>

__BEGIN_DECLS

struct sepol_policy_file;
typedef struct sepol_policy_file sepol_policy_file_t;

struct sepol_policydb;
typedef struct sepol_policydb sepol_policydb_t;

/* Policy file public interfaces. */

/* Create and free memory associated with a policy file. */
extern int sepol_policy_file_create(sepol_policy_file_t ** pf);
extern void sepol_policy_file_free(sepol_policy_file_t * pf);

/*
 * Set the policy file to represent a binary policy memory image.
 * Subsequent operations using the policy file will read and write
 * the image located at the specified address with the specified length.
 * If 'len' is 0, then merely compute the necessary length upon  
 * subsequent policydb write operations in order to determine the
 * necessary buffer size to allocate.
 */
extern void sepol_policy_file_set_mem(sepol_policy_file_t * pf,
				      char *data, size_t len);

/*
 * Get the size of the buffer needed to store a policydb write
 * previously done on this policy file.
 */
extern int sepol_policy_file_get_len(sepol_policy_file_t * pf, size_t * len);

/*
 * Set the policy file to represent a FILE.
 * Subsequent operations using the policy file will read and write
 * to the FILE.
 */
extern void sepol_policy_file_set_fp(sepol_policy_file_t * pf, FILE * fp);

/*
 * Associate a handle with a policy file, for use in
 * error reporting from subsequent calls that take the
 * policy file as an argument.
 */
extern void sepol_policy_file_set_handle(sepol_policy_file_t * pf,
					 sepol_handle_t * handle);

/* Policydb public interfaces. */

/* Create and free memory associated with a policydb. */
extern int sepol_policydb_create(sepol_policydb_t ** p);
extern void sepol_policydb_free(sepol_policydb_t * p);

/* Legal types of policies that the policydb can represent. */
#define SEPOL_POLICY_KERN	0
#define SEPOL_POLICY_BASE	1
#define SEPOL_POLICY_MOD	2

/*
 * Range of policy versions for the kernel policy type supported
 * by this library.
 */
extern int sepol_policy_kern_vers_min(void);
extern int sepol_policy_kern_vers_max(void);

/*
 * Set the policy type as specified, and automatically initialize the
 * policy version accordingly to the maximum version supported for the
 * policy type.  
 * Returns -1 if the policy type is not legal.
 */
extern int sepol_policydb_set_typevers(sepol_policydb_t * p, unsigned int type);

/*
 * Set the policy version to a different value.
 * Returns -1 if the policy version is not in the supported range for
 * the (previously set) policy type.
 */
extern int sepol_policydb_set_vers(sepol_policydb_t * p, unsigned int vers);

/* Set how to handle unknown class/perms. */
#define SEPOL_DENY_UNKNOWN	    0
#define SEPOL_REJECT_UNKNOWN	    2
#define SEPOL_ALLOW_UNKNOWN	    4
extern int sepol_policydb_set_handle_unknown(sepol_policydb_t * p,
					     unsigned int handle_unknown);

/* Set the target platform */
#define SEPOL_TARGET_SELINUX 0
#define SEPOL_TARGET_XEN     1
extern int sepol_policydb_set_target_platform(sepol_policydb_t * p,
					     int target_platform);

/* 
 * Read a policydb from a policy file.
 * This automatically sets the type and version based on the 
 * image contents.
 */
extern int sepol_policydb_read(sepol_policydb_t * p, sepol_policy_file_t * pf);

/*
 * Write a policydb to a policy file.
 * The generated image will be in the binary format corresponding 
 * to the policy version associated with the policydb.
 */
extern int sepol_policydb_write(sepol_policydb_t * p, sepol_policy_file_t * pf);

/*
 * Extract a policydb from a binary policy memory image.  
 * This is equivalent to sepol_policydb_read with a policy file
 * set to refer to memory.
 */
extern int sepol_policydb_from_image(sepol_handle_t * handle,
				     void *data, size_t len,
				     sepol_policydb_t * p);

/*
 * Generate a binary policy memory image from a policydb.  
 * This is equivalent to sepol_policydb_write with a policy file
 * set to refer to memory, but internally handles computing the 
 * necessary length and allocating an appropriately sized memory
 * buffer for the caller.  
 */
extern int sepol_policydb_to_image(sepol_handle_t * handle,
				   sepol_policydb_t * p,
				   void **newdata, size_t * newlen);

/* 
 * Check whether the policydb has MLS enabled.
 */
extern int sepol_policydb_mls_enabled(const sepol_policydb_t * p);

/*
 * Check whether the compatibility mode for SELinux network
 * checks should be enabled when using this policy.
 */
extern int sepol_policydb_compat_net(const sepol_policydb_t * p);

__END_DECLS
#endif

APT Browse - Built by Thomas Orozco.