1 #include <selinux/selinux.h>
2 #include <pthread.h>
3 #include "dso.h"
4 
5 hidden_proto(selinux_mkload_policy)
6     hidden_proto(fini_selinuxmnt)
7     hidden_proto(set_selinuxmnt)
8     hidden_proto(selinuxfs_exists)
9     hidden_proto(security_disable)
10     hidden_proto(security_policyvers)
11     hidden_proto(security_load_policy)
12     hidden_proto(security_get_boolean_active)
13     hidden_proto(security_get_boolean_names)
14     hidden_proto(security_set_boolean)
15     hidden_proto(security_commit_booleans)
16     hidden_proto(security_check_context)
17     hidden_proto(security_check_context_raw)
18     hidden_proto(security_canonicalize_context)
19     hidden_proto(security_canonicalize_context_raw)
20     hidden_proto(security_compute_av)
21     hidden_proto(security_compute_av_raw)
22     hidden_proto(security_compute_av_flags)
23     hidden_proto(security_compute_av_flags_raw)
24     hidden_proto(security_compute_user)
25     hidden_proto(security_compute_user_raw)
26     hidden_proto(security_compute_create)
27     hidden_proto(security_compute_create_raw)
28     hidden_proto(security_compute_create_name)
29     hidden_proto(security_compute_create_name_raw)
30     hidden_proto(security_compute_member_raw)
31     hidden_proto(security_compute_relabel_raw)
32     hidden_proto(security_validatetrans)
33     hidden_proto(security_validatetrans_raw)
34     hidden_proto(is_selinux_enabled)
35     hidden_proto(is_selinux_mls_enabled)
36     hidden_proto(freecon)
37     hidden_proto(freeconary)
38     hidden_proto(getprevcon)
39     hidden_proto(getprevcon_raw)
40     hidden_proto(getcon)
41     hidden_proto(getcon_raw)
42     hidden_proto(setcon_raw)
43     hidden_proto(getpeercon_raw)
44     hidden_proto(getpidcon_raw)
45     hidden_proto(getexeccon_raw)
46     hidden_proto(getfilecon)
47     hidden_proto(getfilecon_raw)
48     hidden_proto(lgetfilecon_raw)
49     hidden_proto(fgetfilecon_raw)
50     hidden_proto(setfilecon_raw)
51     hidden_proto(lsetfilecon_raw)
52     hidden_proto(fsetfilecon_raw)
53     hidden_proto(setexeccon)
54     hidden_proto(setexeccon_raw)
55     hidden_proto(getfscreatecon_raw)
56     hidden_proto(getkeycreatecon_raw)
57     hidden_proto(getsockcreatecon_raw)
58     hidden_proto(setfscreatecon_raw)
59     hidden_proto(setkeycreatecon_raw)
60     hidden_proto(setsockcreatecon_raw)
61     hidden_proto(security_getenforce)
62     hidden_proto(security_setenforce)
63     hidden_proto(security_deny_unknown)
64     hidden_proto(security_reject_unknown)
65     hidden_proto(security_get_checkreqprot)
66     hidden_proto(selinux_boolean_sub)
67     hidden_proto(selinux_current_policy_path)
68     hidden_proto(selinux_binary_policy_path)
69     hidden_proto(selinux_booleans_subs_path)
70     hidden_proto(selinux_default_context_path)
71     hidden_proto(selinux_securetty_types_path)
72     hidden_proto(selinux_failsafe_context_path)
73     hidden_proto(selinux_removable_context_path)
74     hidden_proto(selinux_virtual_domain_context_path)
75     hidden_proto(selinux_virtual_image_context_path)
76     hidden_proto(selinux_lxc_contexts_path)
77     hidden_proto(selinux_file_context_path)
78     hidden_proto(selinux_file_context_homedir_path)
79     hidden_proto(selinux_file_context_local_path)
80     hidden_proto(selinux_file_context_subs_dist_path)
81     hidden_proto(selinux_file_context_subs_path)
82     hidden_proto(selinux_netfilter_context_path)
83     hidden_proto(selinux_homedir_context_path)
84     hidden_proto(selinux_user_contexts_path)
85     hidden_proto(selinux_booleans_path)
86     hidden_proto(selinux_customizable_types_path)
87     hidden_proto(selinux_media_context_path)
88     hidden_proto(selinux_x_context_path)
89     hidden_proto(selinux_sepgsql_context_path)
90     hidden_proto(selinux_openrc_contexts_path)
91     hidden_proto(selinux_openssh_contexts_path)
92     hidden_proto(selinux_snapperd_contexts_path)
93     hidden_proto(selinux_systemd_contexts_path)
94     hidden_proto(selinux_path)
95     hidden_proto(selinux_check_passwd_access)
96     hidden_proto(selinux_check_securetty_context)
97     hidden_proto(matchpathcon_init_prefix)
98     hidden_proto(selinux_users_path)
99     hidden_proto(selinux_usersconf_path);
100 hidden_proto(selinux_translations_path);
101 hidden_proto(selinux_colors_path);
102 hidden_proto(selinux_getenforcemode);
103 hidden_proto(selinux_getpolicytype);
104 hidden_proto(selinux_raw_to_trans_context);
105 hidden_proto(selinux_trans_to_raw_context);
106     hidden_proto(selinux_raw_context_to_color);
107 hidden_proto(security_get_initial_context);
108 hidden_proto(security_get_initial_context_raw);
109 hidden_proto(selinux_reset_config);
110 hidden_proto(selinux_flush_class_cache);
111 
112 extern int require_seusers hidden;
113 extern int selinux_page_size hidden;
114 
115 /* Make pthread_once optional */
116 #pragma weak pthread_once
117 #pragma weak pthread_key_create
118 #pragma weak pthread_key_delete
119 #pragma weak pthread_setspecific
120 
121 /* Call handler iff the first call.  */
122 #define __selinux_once(ONCE_CONTROL, INIT_FUNCTION)	\
123 	do {						\
124 		if (pthread_once != NULL)		\
125 			pthread_once (&(ONCE_CONTROL), (INIT_FUNCTION));  \
126 		else if ((ONCE_CONTROL) == PTHREAD_ONCE_INIT) {		  \
127 			INIT_FUNCTION ();		\
128 			(ONCE_CONTROL) = 2;		\
129 		}					\
130 	} while (0)
131 
132 /* Pthread key macros */
133 #define __selinux_key_create(KEY, DESTRUCTOR)			\
134 	(pthread_key_create != NULL ? pthread_key_create(KEY, DESTRUCTOR) : -1)
135 
136 #define __selinux_key_delete(KEY)				\
137 	do {							\
138 		if (pthread_key_delete != NULL)			\
139 			pthread_key_delete(KEY);		\
140 	} while (0)
141 
142 #define __selinux_setspecific(KEY, VALUE)			\
143 	do {							\
144 		if (pthread_setspecific != NULL)		\
145 			pthread_setspecific(KEY, VALUE);	\
146 	} while (0)
147 
148 /* selabel_lookup() is only thread safe if we're compiled with pthreads */
149 
150 #pragma weak pthread_mutex_init
151 #pragma weak pthread_mutex_destroy
152 #pragma weak pthread_mutex_lock
153 #pragma weak pthread_mutex_unlock
154 
155 #define __pthread_mutex_init(LOCK, ATTR) 			\
156 	do {							\
157 		if (pthread_mutex_init != NULL)			\
158 			pthread_mutex_init(LOCK, ATTR);		\
159 	} while (0)
160 
161 #define __pthread_mutex_destroy(LOCK) 				\
162 	do {							\
163 		if (pthread_mutex_destroy != NULL)		\
164 			pthread_mutex_destroy(LOCK);		\
165 	} while (0)
166 
167 #define __pthread_mutex_lock(LOCK) 				\
168 	do {							\
169 		if (pthread_mutex_lock != NULL)			\
170 			pthread_mutex_lock(LOCK);		\
171 	} while (0)
172 
173 #define __pthread_mutex_unlock(LOCK) 				\
174 	do {							\
175 		if (pthread_mutex_unlock != NULL)		\
176 			pthread_mutex_unlock(LOCK);		\
177 	} while (0)
178 
179 
180 #define SELINUXDIR "/etc/selinux/"
181 #define SELINUXCONFIG SELINUXDIR "config"
182 
183 extern int has_selinux_config hidden;
184