Home | History | Annotate | Download | only in src 
      1 /*
      2  * User-supplied callbacks and default implementations.
      3  * Class and permission mappings.
      4  */
      5 
      6 #include <stdio.h>
      7 #include <stdlib.h>
      8 #include <stdarg.h>
      9 #include <errno.h>
     10 #include <selinux/selinux.h>
     11 #include "callbacks.h"
     12 
     13 /* default implementations */
     14 static int __attribute__ ((format(printf, 2, 3)))
     15 default_selinux_log(int type __attribute__((unused)), const char *fmt, ...)
     16 {
     17 	int rc;
     18 	va_list ap;
     19 	va_start(ap, fmt);
     20 	rc = vfprintf(stderr, fmt, ap);
     21 	va_end(ap);
     22 	return rc;
     23 }
     24 
     25 static int
     26 default_selinux_audit(void *ptr __attribute__((unused)),
     27 		      security_class_t cls __attribute__((unused)),
     28 		      char *buf __attribute__((unused)),
     29 		      size_t len __attribute__((unused)))
     30 {
     31 	return 0;
     32 }
     33 
     34 static int
     35 default_selinux_validate(security_context_t *ctx)
     36 {
     37 	return security_check_context(*ctx);
     38 }
     39 
     40 static int
     41 default_selinux_setenforce(int enforcing __attribute__((unused)))
     42 {
     43 	return 0;
     44 }
     45 
     46 static int
     47 default_selinux_policyload(int seqno __attribute__((unused)))
     48 {
     49 	return 0;
     50 }
     51 
     52 /* callback pointers */
     53 int __attribute__ ((format(printf, 2, 3)))
     54 (*selinux_log)(int, const char *, ...) =
     55 	default_selinux_log;
     56 
     57 int
     58 (*selinux_audit) (void *, security_class_t, char *, size_t) =
     59 	default_selinux_audit;
     60 
     61 int
     62 (*selinux_validate)(security_context_t *ctx) =
     63 	default_selinux_validate;
     64 
     65 int
     66 (*selinux_netlink_setenforce) (int enforcing) =
     67 	default_selinux_setenforce;
     68 
     69 int
     70 (*selinux_netlink_policyload) (int seqno) =
     71 	default_selinux_policyload;
     72 
     73 /* callback setting function */
     74 void
     75 selinux_set_callback(int type, union selinux_callback cb)
     76 {
     77 	switch (type) {
     78 	case SELINUX_CB_LOG:
     79 		selinux_log = cb.func_log;
     80 		break;
     81 	case SELINUX_CB_AUDIT:
     82 		selinux_audit = cb.func_audit;
     83 		break;
     84 	case SELINUX_CB_VALIDATE:
     85 		selinux_validate = cb.func_validate;
     86 		break;
     87 	case SELINUX_CB_SETENFORCE:
     88 		selinux_netlink_setenforce = cb.func_setenforce;
     89 		break;
     90 	case SELINUX_CB_POLICYLOAD:
     91 		selinux_netlink_policyload = cb.func_policyload;
     92 		break;
     93 	}
     94 }
     95 
     96 /* callback getting function */
     97 union selinux_callback
     98 selinux_get_callback(int type)
     99 {
    100 	union selinux_callback cb;
    101 
    102 	switch (type) {
    103 	case SELINUX_CB_LOG:
    104 		cb.func_log = selinux_log;
    105 		break;
    106 	case SELINUX_CB_AUDIT:
    107 		cb.func_audit = selinux_audit;
    108 		break;
    109 	case SELINUX_CB_VALIDATE:
    110 		cb.func_validate = selinux_validate;
    111 		break;
    112 	case SELINUX_CB_SETENFORCE:
    113 		cb.func_setenforce = selinux_netlink_setenforce;
    114 		break;
    115 	case SELINUX_CB_POLICYLOAD:
    116 		cb.func_policyload = selinux_netlink_policyload;
    117 		break;
    118 	default:
    119 		memset(&cb, 0, sizeof(cb));
    120 		errno = EINVAL;
    121 		break;
    122 	}
    123 	return cb;
    124 }
    125