[Selinux-commits] SF.net SVN: selinux: [2315] trunk/libselinux

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Revision: 2315
          http://svn.sourceforge.net/selinux/?rev=2315&view=rev
Author:   ssmalley
Date:     2007-03-30 11:48:41 -0700 (Fri, 30 Mar 2007)

Log Message:
-----------
Author: Eamon Walsh
Email: ew...@ty...
Subject: libselinux: string and compute_create functions
Date: Fri, 30 Mar 2007 13:48:52 -0400

avc_compute_create function, same as security_compute_create but
takes userspace AVC SID's.

[sds:  make it compile]

Modified Paths:
--------------
    trunk/libselinux/include/selinux/avc.h
    trunk/libselinux/src/avc.c

Modified: trunk/libselinux/include/selinux/avc.h
===================================================================

--- trunk/libselinux/include/selinux/avc.h	2007-03-30 18:44:39 UTC (rev 2314)
+++ trunk/libselinux/include/selinux/avc.h	2007-03-30 18:48:41 UTC (rev 2315)
@@ -274,6 +274,25 @@
 		       security_class_t tclass, access_vector_t requested,
 		       struct av_decision *avd, int result, void *auditdata);
 
+/**
+ * avc_compute_create - Compute SID for labeling a new object.
+ * @ssid: source security identifier
+ * @tsid: target security identifier
+ * @tclass: target security class
+ * @newsid: pointer to SID reference
+ *
+ * Call the security server to obtain a context for labeling a
+ * new object.  Look up the context in the SID table, making
+ * a new entry if not found.  Increment the reference counter
+ * for the SID.  Store a pointer to the SID structure into the
+ * memory referenced by @newsid, returning %0 on success or -%1 on
+ * error with @errno set.  
+ */
+	int avc_compute_create(security_id_t ssid,
+			       security_id_t tsid,
+			       security_class_t tclass,
+			       security_id_t *newsid);
+
 /* 
  * security event callback facility
  */

Modified: trunk/libselinux/src/avc.c
===================================================================
--- trunk/libselinux/src/avc.c	2007-03-30 18:44:39 UTC (rev 2314)
+++ trunk/libselinux/src/avc.c	2007-03-30 18:48:41 UTC (rev 2315)
@@ -1006,6 +1006,31 @@
 	return rc;
 }
 
+int avc_compute_create(security_id_t ssid,  security_id_t tsid,
+		       security_class_t tclass, security_id_t *newsid)
+{
+	int rc;
+	*newsid = NULL;
+	avc_get_lock(avc_lock);
+	if (ssid->refcnt > 0 && tsid->refcnt > 0) {
+		security_context_t ctx = NULL;
+		rc = security_compute_create_raw(ssid->ctx, tsid->ctx, tclass,
+						 &ctx);
+		if (rc)
+			goto out;
+		rc = sidtab_context_to_sid(&avc_sidtab, ctx, newsid);
+		if (!rc)
+			(*newsid)->refcnt++;
+		freecon(ctx);
+	} else {
+		errno = EINVAL;	/* bad reference count */
+		rc = -1;
+	}
+out:
+	avc_release_lock(avc_lock);
+	return rc;
+}
+
 int avc_add_callback(int (*callback) (uint32_t event, security_id_t ssid,
 				      security_id_t tsid,
 				      security_class_t tclass,


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.


