1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
|
/**
* @file
* Defines the public interface for searching and iterating over types.
*
* @author Kevin Carr kcarr@tresys.com
* @author Jeremy A. Mowery jmowery@tresys.com
* @author Jason Tang jtang@tresys.com
*
* Copyright (C) 2006-2008 Tresys Technology, LLC
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; either
* version 2.1 of the License, or (at your option) any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library; if not, write to the Free Software
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
*/
#ifndef QPOL_TYPE_QUERY_H
#define QPOL_TYPE_QUERY_H
#ifdef __cplusplus
extern "C"
{
#endif
#include <stddef.h>
#include <stdint.h>
#include <qpol/iterator.h>
#include <qpol/policy.h>
typedef struct qpol_type qpol_type_t;
/**
* Get the datum for a type by name.
* @param policy The policy from which to get the type.
* @param name The name of the type; searching is case sensitive.
* @param datum Pointer in which to store the type datum; the caller
* should not free this pointer.
* @return Returns 0 on success and < 0 on failure; if the call fails,
* errno will be set and *datum will be NULL.
*/
extern int qpol_policy_get_type_by_name(const qpol_policy_t * policy, const char *name, const qpol_type_t ** datum);
/**
* Get an iterator for types (including attributes and aliases)
* declared in the policy.
* @param policy The policy from which to create the iterator.
* @param iter Iterator of type qpol_type_t* returned;
* the caller is responsible for calling qpol_iterator_destroy to
* free memory used; it is important to note that the iterator is
* valid only as long as the policy is unchanged.
* @return Returns 0 on success and < 0 on failure; if the call fails,
* errno will be set and *iter will be NULL.
*/
extern int qpol_policy_get_type_iter(const qpol_policy_t * policy, qpol_iterator_t ** iter);
/**
* Get the integer value associated with a type. Values range from 1
* to the number of types declared in the policy.
* @param policy The policy associated with the type.
* @param datum The type from which to get the value.
* @param value Pointer to the integer in which to store value.
* @return Returns 0 on success and < 0 on failure; if the call fails,
* errno will be set and value will be 0.
*/
extern int qpol_type_get_value(const qpol_policy_t * policy, const qpol_type_t * datum, uint32_t * value);
/**
* Determine whether a given type is an alias for another type.
* @param policy The policy associated with the type.
* @param datum The type to check.
* @param isalias Pointer to be set to 1 (true) if the type is an alias
* and 0 (false) otherwise.
* @return Returns 0 on success and < 0 on failure; if the call fails,
* errno will be set and *isalias will be 0 (false).
*/
extern int qpol_type_get_isalias(const qpol_policy_t * policy, const qpol_type_t * datum, unsigned char *isalias);
/**
* Determine whether a given type is an attribute.
* @param policy The policy associated with the type.
* @param datum The type to check.
* @param isattr Pointer to be set to 1 (true) if the type is an
* attribute and 0 (false) otherwise.
* @return Returns 0 on success and < 0 on failure; if the call fails,
* errno will be set and *isattr will be 0 (false).
*/
extern int qpol_type_get_isattr(const qpol_policy_t * policy, const qpol_type_t * datum, unsigned char *isattr);
/**
* Determine whether a given type has been marked as enforcing
* (default) or as permissive. If the policy does not support
* permissive types, then all types are enforcing. Attributes are
* always enforcing.
*
* @param policy The policy associated with the type.
* @param datum The type to check.
* @param ispermissive Pointer to be set to 1 (true) if the type is
* permissive and 0 (false) otherwise.
* @return Returns 0 on success and < 0 on failure; if the call fails,
* errno will be set and *ispermissive will be 0 (false).
*/
extern int qpol_type_get_ispermissive(const qpol_policy_t * policy, const qpol_type_t * datum, unsigned char *ispermissive);
/**
* Get an iterator for the list of types in an attribute.
* @param policy The policy associated with the attribute.
* @param datum The attribute from which to get the types.
* @param types Iterator of type qpol_type_t* returned;
* the caller is responsible for calling qpol_iterator_destroy to
* free memory used; it is important to note that the iterator is
* valid only as long as the policy is unchanged.
* @return Returns 0 on success, > 0 if the type is not an attribute
* and < 0 on failure; if the call fails, errno will be set and
* *types will be NULL. If the type is not an attribute *types will
* be NULL.
*/
extern int qpol_type_get_type_iter(const qpol_policy_t * policy, const qpol_type_t * datum, qpol_iterator_t ** types);
/**
* Get an iterator for the list of attributes given to a type.
* @param policy The policy associated with the type.
* @param datum The type for which to get the attributes.
* @param attrs Iterator of type qpol_type_t* returned;
* the caller is responsible for calling qpol_iterator_destroy to
* free memory used; it is important to note that the iterator is
* valid only as long as the policy is unchanged.
* @return Returns 0 on success, > 0 if the type is an attribute
* and < 0 on failure; if the call fails, errno will be set and
* *types will be NULL. If the type is an attribute *types will
* be NULL.
*/
extern int qpol_type_get_attr_iter(const qpol_policy_t * policy, const qpol_type_t * datum, qpol_iterator_t ** attrs);
/**
* Get the name by which a type is identified from its datum.
* @param policy The policy associated with the type.
* @param datum The type for which to get the name.
* @param name Pointer in which to store the name; the caller
* should not free the string. If the type is an alias then the
* primary name will be returned.
* @return Returns 0 on success and < 0 on failure; if the call fails,
* errno will be set and *name will be NULL.
*/
extern int qpol_type_get_name(const qpol_policy_t * policy, const qpol_type_t * datum, const char **name);
/**
* Get an iterator for the list of aliases for a type. If the given
* type is an alias, this returns an iterator of its primary type's
* aliases.
* @param policy The policy associated with the type.
* @param datum The type for which to get aliases.
* @param aliases Iterator of type char* returned; the caller is
* responsible for calling qpol_iterator_destroy to free
* memory used; it is important to note that the iterator is valid
* only as long as the policy is unchanged. If a type has no aliases,
* the iterator will be at end and have size 0.
* @return Returns 0 on success and < 0 on failure; if the call fails,
* errno will be set and *aliases will be NULL.
*/
extern int qpol_type_get_alias_iter(const qpol_policy_t * policy, const qpol_type_t * datum, qpol_iterator_t ** aliases);
#ifdef __cplusplus
}
#endif
#endif /* QPOL_TYPE_QUERY_H */
|
