1 /* 2 * User-supplied callbacks and default implementations. 3 * Class and permission mappings. 4 */ 5 6 #include <stdio.h> 7 #include <stdlib.h> 8 #include <stdarg.h> 9 #include <errno.h> 10 #include <selinux/selinux.h> 11 #include "callbacks.h" 12 13 /* default implementations */ 14 static int __attribute__ ((format(printf, 2, 3))) 15 default_selinux_log(int type __attribute__((unused)), const char *fmt, ...) 16 { 17 int rc; 18 va_list ap; 19 va_start(ap, fmt); 20 rc = vfprintf(stderr, fmt, ap); 21 va_end(ap); 22 return rc; 23 } 24 25 static int 26 default_selinux_audit(void *ptr __attribute__((unused)), 27 security_class_t cls __attribute__((unused)), 28 char *buf __attribute__((unused)), 29 size_t len __attribute__((unused))) 30 { 31 return 0; 32 } 33 34 static int 35 default_selinux_validate(security_context_t *ctx) 36 { 37 return security_check_context(*ctx); 38 } 39 40 static int 41 default_selinux_setenforce(int enforcing __attribute__((unused))) 42 { 43 return 0; 44 } 45 46 static int 47 default_selinux_policyload(int seqno __attribute__((unused))) 48 { 49 return 0; 50 } 51 52 /* callback pointers */ 53 int __attribute__ ((format(printf, 2, 3))) 54 (*selinux_log)(int, const char *, ...) = 55 default_selinux_log; 56 57 int 58 (*selinux_audit) (void *, security_class_t, char *, size_t) = 59 default_selinux_audit; 60 61 int 62 (*selinux_validate)(security_context_t *ctx) = 63 default_selinux_validate; 64 65 int 66 (*selinux_netlink_setenforce) (int enforcing) = 67 default_selinux_setenforce; 68 69 int 70 (*selinux_netlink_policyload) (int seqno) = 71 default_selinux_policyload; 72 73 /* callback setting function */ 74 void 75 selinux_set_callback(int type, union selinux_callback cb) 76 { 77 switch (type) { 78 case SELINUX_CB_LOG: 79 selinux_log = cb.func_log; 80 break; 81 case SELINUX_CB_AUDIT: 82 selinux_audit = cb.func_audit; 83 break; 84 case SELINUX_CB_VALIDATE: 85 selinux_validate = cb.func_validate; 86 break; 87 case SELINUX_CB_SETENFORCE: 88 selinux_netlink_setenforce = cb.func_setenforce; 89 break; 90 case SELINUX_CB_POLICYLOAD: 91 selinux_netlink_policyload = cb.func_policyload; 92 break; 93 } 94 } 95 96 /* callback getting function */ 97 union selinux_callback 98 selinux_get_callback(int type) 99 { 100 union selinux_callback cb; 101 102 switch (type) { 103 case SELINUX_CB_LOG: 104 cb.func_log = selinux_log; 105 break; 106 case SELINUX_CB_AUDIT: 107 cb.func_audit = selinux_audit; 108 break; 109 case SELINUX_CB_VALIDATE: 110 cb.func_validate = selinux_validate; 111 break; 112 case SELINUX_CB_SETENFORCE: 113 cb.func_setenforce = selinux_netlink_setenforce; 114 break; 115 case SELINUX_CB_POLICYLOAD: 116 cb.func_policyload = selinux_netlink_policyload; 117 break; 118 default: 119 memset(&cb, 0, sizeof(cb)); 120 errno = EINVAL; 121 break; 122 } 123 return cb; 124 } 125