[thirdparty/systemd.git] / src / basic / selinux-util.h

/* SPDX-License-Identifier: LGPL-2.1+ */
#pragma once

#include <stdbool.h>
#include <sys/socket.h>
#include <sys/types.h>

#include "macro.h"
#include "label.h"

#if HAVE_SELINUX
#include <selinux/selinux.h>

DEFINE_TRIVIAL_CLEANUP_FUNC(char*, freecon);
#define _cleanup_freecon_ _cleanup_(freeconp)
#endif

bool mac_selinux_use(void);
void mac_selinux_retest(void);
bool mac_selinux_enforcing(void);

int mac_selinux_init(void);
void mac_selinux_maybe_reload(void);
void mac_selinux_finish(void);

int mac_selinux_fix_container(const char *path, const char *inside_path, LabelFixFlags flags);
static inline int mac_selinux_fix(const char *path, LabelFixFlags flags) {
        return mac_selinux_fix_container(path, path, flags);
}

int mac_selinux_apply(const char *path, const char *label);

int mac_selinux_get_create_label_from_exe(const char *exe, char **label);
int mac_selinux_get_our_label(char **label);
int mac_selinux_get_child_mls_label(int socket_fd, const char *exe, const char *exec_label, char **label);
char* mac_selinux_free(char *label);

int mac_selinux_create_file_prepare(const char *path, mode_t mode);
int mac_selinux_create_file_prepare_at(int dirfd, const char *path, mode_t mode);
void mac_selinux_create_file_clear(void);

int mac_selinux_create_socket_prepare(const char *label);
void mac_selinux_create_socket_clear(void);

int mac_selinux_bind(int fd, const struct sockaddr *addr, socklen_t addrlen);

DEFINE_TRIVIAL_CLEANUP_FUNC(char*, mac_selinux_free);
Commit	Line	Data
53e1b683	1	/* SPDX-License-Identifier: LGPL-2.1+ */
cad45ba1 LP	2	#pragma once
cad45ba1 LP	3
cad45ba1	4	#include <stdbool.h>
71d35b6b	5	#include <sys/socket.h>
11c3a366	6	#include <sys/types.h>
cad45ba1	7
710a6b50	8	#include "macro.h"
08c84981	9	#include "label.h"
710a6b50	10
d7887449 ZJS	11	#if HAVE_SELINUX
	12	#include <selinux/selinux.h>
	13
	14	DEFINE_TRIVIAL_CLEANUP_FUNC(char*, freecon);
	15	#define _cleanup_freecon_ _cleanup_(freeconp)
	16	#endif
	17
6baa7db0 LP	18	bool mac_selinux_use(void);
6baa7db0 LP	19	void mac_selinux_retest(void);
fd5e402f	20	bool mac_selinux_enforcing(void);
66b6d9d5	21
c3dacc8b	22	int mac_selinux_init(void);
fd5e402f	23	void mac_selinux_maybe_reload(void);
cc56fafe	24	void mac_selinux_finish(void);
66b6d9d5	25
c3151977 TM	26	int mac_selinux_fix_container(const char path, const char inside_path, LabelFixFlags flags);
	27	static inline int mac_selinux_fix(const char *path, LabelFixFlags flags) {
	28	return mac_selinux_fix_container(path, path, flags);
	29	}
	30
ecabcf8b	31	int mac_selinux_apply(const char path, const char label);
66b6d9d5	32
cc56fafe WC	33	int mac_selinux_get_create_label_from_exe(const char exe, char *label);
cc56fafe WC	34	int mac_selinux_get_our_label(char **label);
9008e1ac	35	int mac_selinux_get_child_mls_label(int socket_fd, const char exe, const char exec_label, char **label);
710a6b50	36	char* mac_selinux_free(char *label);
66b6d9d5	37
ecabcf8b	38	int mac_selinux_create_file_prepare(const char *path, mode_t mode);
7e531a52	39	int mac_selinux_create_file_prepare_at(int dirfd, const char *path, mode_t mode);
ecabcf8b	40	void mac_selinux_create_file_clear(void);
66b6d9d5	41
ecabcf8b LP	42	int mac_selinux_create_socket_prepare(const char *label);
	43	void mac_selinux_create_socket_clear(void);
	44
ecabcf8b	45	int mac_selinux_bind(int fd, const struct sockaddr *addr, socklen_t addrlen);
710a6b50 LP	46
710a6b50 LP	47	DEFINE_TRIVIAL_CLEANUP_FUNC(char*, mac_selinux_free);