00001 /** 00002 * @file 00003 * Defines the public interface for searching and iterating over genfscon statements. 00004 * 00005 * @author Kevin Carr kcarr@tresys.com 00006 * @author Jeremy A. Mowery jmowery@tresys.com 00007 * @author Jason Tang jtang@tresys.com 00008 * 00009 * Copyright (C) 20062007 Tresys Technology, LLC 00010 * 00011 * This library is free software; you can redistribute it and/or 00012 * modify it under the terms of the GNU Lesser General Public 00013 * License as published by the Free Software Foundation; either 00014 * version 2.1 of the License, or (at your option) any later version. 00015 * 00016 * This library is distributed in the hope that it will be useful, 00017 * but WITHOUT ANY WARRANTY; without even the implied warranty of 00018 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 00019 * Lesser General Public License for more details. 00020 * 00021 * You should have received a copy of the GNU Lesser General Public 00022 * License along with this library; if not, write to the Free Software 00023 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA 00024 */ 00025 00026 #ifndef QPOL_OCON_QUERY_H 00027 #define QPOL_OCON_QUERY_H 00028 00029 #ifdef __cplusplus 00030 extern "C" 00031 { 00032 #endif 00033 00034 #include <stddef.h> 00035 #include <stdint.h> 00036 #include <qpol/iterator.h> 00037 #include <qpol/policy.h> 00038 00039 typedef struct qpol_genfscon qpol_genfscon_t; 00040 00041 /** 00042 * Get a genfscon statement by file system name and path. 00043 * @param policy The policy from which to get the genfscon statement. 00044 * @param name The name of the file system. 00045 * @param path The path relative to the filesystem mount point. 00046 * @param genfscon Pointer in which to store the genfscon statement. 00047 * The caller should call free() on this pointer. 00048 * @return 0 on success and < 0 on failure; if the call fails, 00049 * errno will be set and *genfscon will be NULL. 00050 */ 00051 extern int qpol_policy_get_genfscon_by_name(const qpol_policy_t * policy, const char *name, const char *path, 00052 qpol_genfscon_t ** genfscon); 00053 00054 /** 00055 * Get an iterator for the genfscon statements in a policy. 00056 * @param policy The policy from which to create the iterator. 00057 * @param iter Iterator over items of type qpol_genfscon_t returned. 00058 * The caller is responsible for calling qpol_iterator_destroy() 00059 * to free memory used by this iterator. The caller must also call free() 00060 * on items returned by qpol_iterator_get_item() when using this iterator. 00061 * It is important to note that this iterator is only valid as long 00062 * as the policy is unmodified. 00063 * @return 0 on success and < 0 on failure; if the call fails, 00064 * errno will be set and *iter will be NULL. 00065 */ 00066 extern int qpol_policy_get_genfscon_iter(const qpol_policy_t * policy, qpol_iterator_t ** iter); 00067 00068 /** 00069 * Get the file system name from a gefscon statement. 00070 * @param policy The policy associated with the genfscon statement. 00071 * @param genfs The genfscon statement from which to get the name. 00072 * @param name Pointer to th string in which to store the name. 00073 * The caller should not free this string. 00074 * @return 0 on success and < 0 on failure; if the call fails, 00075 * errno will be set and *name will be NULL. 00076 */ 00077 extern int qpol_genfscon_get_name(const qpol_policy_t * policy, const qpol_genfscon_t * genfs, const char **name); 00078 00079 /** 00080 * Get the relative path from a gefscon statement. 00081 * @param policy The policy associated with the genfscon statement. 00082 * @param genfs The genfscon statement from which to get the path. 00083 * @param path Pointer to the string in which to store the path. 00084 * The caller should not free this string. 00085 * @return 0 on success and < 0 on failure; if the call fails, 00086 * errno will be set and *path will be NULL. 00087 */ 00088 extern int qpol_genfscon_get_path(const qpol_policy_t * policy, const qpol_genfscon_t * genfs, const char **path); 00089 00090 /* values from flask do not change */ 00091 #define QPOL_CLASS_ALL 0U 00092 #define QPOL_CLASS_BLK_FILE 11U 00093 #define QPOL_CLASS_CHR_FILE 10U 00094 #define QPOL_CLASS_DIR 7U 00095 #define QPOL_CLASS_FIFO_FILE 13U 00096 #define QPOL_CLASS_FILE 6U 00097 #define QPOL_CLASS_LNK_FILE 9U 00098 #define QPOL_CLASS_SOCK_FILE 12U 00099 00100 /** 00101 * Get the object class from a genfscon statement. 00102 * @param policy The policy associated with the genfscon statement. 00103 * @param genfs The genfscon statement from which to get the path. 00104 * @param obj_class Pointer in which to store the integer code for the 00105 * object class. See QPOL_CLASS_* defines above for values. 00106 * @return 0 on success and < 0 on failure; if the call fails, 00107 * errno will be set and *class will be 0. 00108 */ 00109 extern int qpol_genfscon_get_class(const qpol_policy_t * policy, const qpol_genfscon_t * genfs, uint32_t * obj_class); 00110 00111 /** 00112 * Get the context from a path component of a genfscon statement. 00113 * @param policy The policy associated with the genfscon statement. 00114 * @param genfscon The genfscon statement from which to get 00115 * the context. 00116 * @param context Pointer in which to store the context. 00117 * The caller should not free this pointer. 00118 * @return 0 on success and < 0 on failure; if the call fails, 00119 * errno will be set and *context will be NULL. 00120 */ 00121 extern int qpol_genfscon_get_context(const qpol_policy_t * policy, const qpol_genfscon_t * genfscon, 00122 const qpol_context_t ** context); 00123 00124 #ifdef __cplusplus 00125 } 00126 #endif 00127 00128 #endif /* QPOL_OCON_QUERY_H */
