diff options
Diffstat (limited to 'libselinux/src/callbacks.c')
-rw-r--r-- | libselinux/src/callbacks.c | 92 |
1 files changed, 92 insertions, 0 deletions
diff --git a/libselinux/src/callbacks.c b/libselinux/src/callbacks.c new file mode 100644 index 00000000..5acfd3d1 --- /dev/null +++ b/libselinux/src/callbacks.c @@ -0,0 +1,92 @@ +/* + * User-supplied callbacks and default implementations. + * Class and permission mappings. + */ + +#include <stdio.h> +#include <stdlib.h> +#include <stdarg.h> +#include <errno.h> +#include <selinux/selinux.h> +#include "callbacks.h" + +/* default implementations */ +static int __attribute__ ((format(printf, 2, 3))) +default_selinux_log(int type __attribute__((unused)), const char *fmt, ...) +{ + int rc; + va_list ap; + va_start(ap, fmt); + rc = vfprintf(stderr, fmt, ap); + va_end(ap); + return rc; +} + +static int +default_selinux_audit(void *ptr __attribute__((unused)), + security_class_t cls __attribute__((unused)), + char *buf __attribute__((unused)), + size_t len __attribute__((unused))) +{ + return 0; +} + +static int +default_selinux_validate(security_context_t *ctx) +{ + return security_check_context(*ctx); +} + +/* callback pointers */ +int __attribute__ ((format(printf, 2, 3))) +(*selinux_log)(int, const char *, ...) = + default_selinux_log; + +int +(*selinux_audit) (void *, security_class_t, char *, size_t) = + default_selinux_audit; + +int +(*selinux_validate)(security_context_t *ctx) = + default_selinux_validate; + +/* callback setting function */ +void +selinux_set_callback(int type, union selinux_callback cb) +{ + switch (type) { + case SELINUX_CB_LOG: + selinux_log = cb.func_log; + break; + case SELINUX_CB_AUDIT: + selinux_audit = cb.func_audit; + break; + case SELINUX_CB_VALIDATE: + selinux_validate = cb.func_validate; + break; + } +} + +/* callback getting function */ +union selinux_callback +selinux_get_callback(int type) +{ + union selinux_callback cb; + + switch (type) { + case SELINUX_CB_LOG: + cb.func_log = selinux_log; + break; + case SELINUX_CB_AUDIT: + cb.func_audit = selinux_audit; + break; + case SELINUX_CB_VALIDATE: + cb.func_validate = selinux_validate; + break; + default: + memset(&cb, 0, sizeof(cb)); + errno = EINVAL; + break; + } + return cb; +} |