1 /* 2 * This file describes the internal interface used by the labeler 3 * for calling the user-supplied memory allocation, validation, 4 * and locking routine. 5 * 6 * Author : Eamon Walsh <ewalsh@epoch.ncsc.mil> 7 */ 8 #ifndef _SELABEL_INTERNAL_H_ 9 #define _SELABEL_INTERNAL_H_ 10 11 #include <stdlib.h> 12 #include <stdarg.h> 13 #include <selinux/selinux.h> 14 #include <selinux/label.h> 15 #include "dso.h" 16 17 /* 18 * Installed backends 19 */ 20 int selabel_file_init(struct selabel_handle *rec, const struct selinux_opt *opts, 21 unsigned nopts) hidden; 22 int selabel_media_init(struct selabel_handle *rec, const struct selinux_opt *opts, 23 unsigned nopts) hidden; 24 int selabel_x_init(struct selabel_handle *rec, const struct selinux_opt *opts, 25 unsigned nopts) hidden; 26 int selabel_db_init(struct selabel_handle *rec, 27 const struct selinux_opt *opts, unsigned nopts) hidden; 28 int selabel_property_init(struct selabel_handle *rec, 29 const struct selinux_opt *opts, unsigned nopts) hidden; 30 31 /* 32 * Labeling internal structures 33 */ 34 struct selabel_sub { 35 char *src; 36 int slen; 37 char *dst; 38 struct selabel_sub *next; 39 }; 40 41 struct selabel_lookup_rec { 42 char * ctx_raw; 43 char * ctx_trans; 44 int validated; 45 }; 46 47 struct selabel_handle { 48 /* arguments that were passed to selabel_open */ 49 unsigned int backend; 50 int validating; 51 52 /* labeling operations */ 53 struct selabel_lookup_rec *(*func_lookup) (struct selabel_handle *h, 54 const char *key, int type); 55 void (*func_close) (struct selabel_handle *h); 56 void (*func_stats) (struct selabel_handle *h); 57 bool (*func_partial_match) (struct selabel_handle *h, const char *key); 58 struct selabel_lookup_rec *(*func_lookup_best_match) 59 (struct selabel_handle *h, 60 const char *key, 61 const char **aliases, 62 int type); 63 enum selabel_cmp_result (*func_cmp)(struct selabel_handle *h1, 64 struct selabel_handle *h2); 65 66 /* supports backend-specific state information */ 67 void *data; 68 69 /* 70 * The main spec file used. Note for file contexts the local and/or 71 * homedirs could also have been used to resolve a context. 72 */ 73 char *spec_file; 74 75 /* substitution support */ 76 struct selabel_sub *dist_subs; 77 struct selabel_sub *subs; 78 }; 79 80 /* 81 * Validation function 82 */ 83 extern int 84 selabel_validate(struct selabel_handle *rec, 85 struct selabel_lookup_rec *contexts) hidden; 86 87 /* 88 * The read_spec_entries function may be used to 89 * replace sscanf to read entries from spec files. 90 */ 91 extern int read_spec_entries(char *line_buf, const char **errbuf, int num_args, ...); 92 93 #endif /* _SELABEL_INTERNAL_H_ */ 94