1 #include <selinux/selinux.h> 2 #include <pthread.h> 3 #include "dso.h" 4 5 hidden_proto(selinux_mkload_policy) 6 hidden_proto(fini_selinuxmnt) 7 hidden_proto(set_selinuxmnt) 8 hidden_proto(selinuxfs_exists) 9 hidden_proto(security_disable) 10 hidden_proto(security_policyvers) 11 hidden_proto(security_load_policy) 12 hidden_proto(security_get_boolean_active) 13 hidden_proto(security_get_boolean_names) 14 hidden_proto(security_set_boolean) 15 hidden_proto(security_commit_booleans) 16 hidden_proto(security_check_context) 17 hidden_proto(security_check_context_raw) 18 hidden_proto(security_canonicalize_context) 19 hidden_proto(security_canonicalize_context_raw) 20 hidden_proto(security_compute_av) 21 hidden_proto(security_compute_av_raw) 22 hidden_proto(security_compute_av_flags) 23 hidden_proto(security_compute_av_flags_raw) 24 hidden_proto(security_compute_user) 25 hidden_proto(security_compute_user_raw) 26 hidden_proto(security_compute_create) 27 hidden_proto(security_compute_create_raw) 28 hidden_proto(security_compute_create_name) 29 hidden_proto(security_compute_create_name_raw) 30 hidden_proto(security_compute_member_raw) 31 hidden_proto(security_compute_relabel_raw) 32 hidden_proto(is_selinux_enabled) 33 hidden_proto(is_selinux_mls_enabled) 34 hidden_proto(freecon) 35 hidden_proto(freeconary) 36 hidden_proto(getprevcon) 37 hidden_proto(getprevcon_raw) 38 hidden_proto(getcon) 39 hidden_proto(getcon_raw) 40 hidden_proto(setcon_raw) 41 hidden_proto(getpeercon_raw) 42 hidden_proto(getpidcon_raw) 43 hidden_proto(getexeccon_raw) 44 hidden_proto(getfilecon) 45 hidden_proto(getfilecon_raw) 46 hidden_proto(lgetfilecon_raw) 47 hidden_proto(fgetfilecon_raw) 48 hidden_proto(setfilecon_raw) 49 hidden_proto(lsetfilecon_raw) 50 hidden_proto(fsetfilecon_raw) 51 hidden_proto(setexeccon) 52 hidden_proto(setexeccon_raw) 53 hidden_proto(getfscreatecon_raw) 54 hidden_proto(getkeycreatecon_raw) 55 hidden_proto(getsockcreatecon_raw) 56 hidden_proto(setfscreatecon_raw) 57 hidden_proto(setkeycreatecon_raw) 58 hidden_proto(setsockcreatecon_raw) 59 hidden_proto(security_getenforce) 60 hidden_proto(security_setenforce) 61 hidden_proto(security_deny_unknown) 62 hidden_proto(security_reject_unknown) 63 hidden_proto(security_get_checkreqprot) 64 hidden_proto(selinux_boolean_sub) 65 hidden_proto(selinux_current_policy_path) 66 hidden_proto(selinux_binary_policy_path) 67 hidden_proto(selinux_booleans_subs_path) 68 hidden_proto(selinux_default_context_path) 69 hidden_proto(selinux_securetty_types_path) 70 hidden_proto(selinux_failsafe_context_path) 71 hidden_proto(selinux_removable_context_path) 72 hidden_proto(selinux_virtual_domain_context_path) 73 hidden_proto(selinux_virtual_image_context_path) 74 hidden_proto(selinux_lxc_contexts_path) 75 hidden_proto(selinux_file_context_path) 76 hidden_proto(selinux_file_context_homedir_path) 77 hidden_proto(selinux_file_context_local_path) 78 hidden_proto(selinux_file_context_subs_dist_path) 79 hidden_proto(selinux_file_context_subs_path) 80 hidden_proto(selinux_netfilter_context_path) 81 hidden_proto(selinux_homedir_context_path) 82 hidden_proto(selinux_user_contexts_path) 83 hidden_proto(selinux_booleans_path) 84 hidden_proto(selinux_customizable_types_path) 85 hidden_proto(selinux_media_context_path) 86 hidden_proto(selinux_x_context_path) 87 hidden_proto(selinux_sepgsql_context_path) 88 hidden_proto(selinux_openrc_contexts_path) 89 hidden_proto(selinux_openssh_contexts_path) 90 hidden_proto(selinux_snapperd_contexts_path) 91 hidden_proto(selinux_systemd_contexts_path) 92 hidden_proto(selinux_path) 93 hidden_proto(selinux_check_passwd_access) 94 hidden_proto(selinux_check_securetty_context) 95 hidden_proto(matchpathcon_init_prefix) 96 hidden_proto(selinux_users_path) 97 hidden_proto(selinux_usersconf_path); 98 hidden_proto(selinux_translations_path); 99 hidden_proto(selinux_colors_path); 100 hidden_proto(selinux_getenforcemode); 101 hidden_proto(selinux_getpolicytype); 102 hidden_proto(selinux_raw_to_trans_context); 103 hidden_proto(selinux_trans_to_raw_context); 104 hidden_proto(selinux_raw_context_to_color); 105 hidden_proto(security_get_initial_context); 106 hidden_proto(security_get_initial_context_raw); 107 hidden_proto(selinux_reset_config); 108 109 hidden void flush_class_cache(void); 110 111 extern int load_setlocaldefs hidden; 112 extern int require_seusers hidden; 113 extern int selinux_page_size hidden; 114 115 /* Make pthread_once optional */ 116 #pragma weak pthread_once 117 #pragma weak pthread_key_create 118 #pragma weak pthread_key_delete 119 #pragma weak pthread_setspecific 120 121 /* Call handler iff the first call. */ 122 #define __selinux_once(ONCE_CONTROL, INIT_FUNCTION) \ 123 do { \ 124 if (pthread_once != NULL) \ 125 pthread_once (&(ONCE_CONTROL), (INIT_FUNCTION)); \ 126 else if ((ONCE_CONTROL) == PTHREAD_ONCE_INIT) { \ 127 INIT_FUNCTION (); \ 128 (ONCE_CONTROL) = 2; \ 129 } \ 130 } while (0) 131 132 /* Pthread key macros */ 133 #define __selinux_key_create(KEY, DESTRUCTOR) \ 134 (pthread_key_create != NULL ? pthread_key_create(KEY, DESTRUCTOR) : -1) 135 136 #define __selinux_key_delete(KEY) \ 137 do { \ 138 if (pthread_key_delete != NULL) \ 139 pthread_key_delete(KEY); \ 140 } while (0) 141 142 #define __selinux_setspecific(KEY, VALUE) \ 143 do { \ 144 if (pthread_setspecific != NULL) \ 145 pthread_setspecific(KEY, VALUE); \ 146 } while (0) 147 148 /* selabel_lookup() is only thread safe if we're compiled with pthreads */ 149 150 #pragma weak pthread_mutex_init 151 #pragma weak pthread_mutex_destroy 152 #pragma weak pthread_mutex_lock 153 #pragma weak pthread_mutex_unlock 154 155 #define __pthread_mutex_init(LOCK, ATTR) \ 156 do { \ 157 if (pthread_mutex_init != NULL) \ 158 pthread_mutex_init(LOCK, ATTR); \ 159 } while (0) 160 161 #define __pthread_mutex_destroy(LOCK) \ 162 do { \ 163 if (pthread_mutex_destroy != NULL) \ 164 pthread_mutex_destroy(LOCK); \ 165 } while (0) 166 167 #define __pthread_mutex_lock(LOCK) \ 168 do { \ 169 if (pthread_mutex_lock != NULL) \ 170 pthread_mutex_lock(LOCK); \ 171 } while (0) 172 173 #define __pthread_mutex_unlock(LOCK) \ 174 do { \ 175 if (pthread_mutex_unlock != NULL) \ 176 pthread_mutex_unlock(LOCK); \ 177 } while (0) 178 179 180 #define SELINUXDIR "/etc/selinux/" 181 #define SELINUXCONFIG SELINUXDIR "config" 182 183 extern int has_selinux_config hidden; 184