1 /* 2 * This file describes the class and permission mappings used to 3 * hide the kernel numbers from userspace by allowing userspace object 4 * managers to specify a list of classes and permissions. 5 */ 6 #ifndef _SELINUX_MAPPING_H_ 7 #define _SELINUX_MAPPING_H_ 8 9 #include <selinux/selinux.h> 10 11 /* 12 * Get real, kernel values from mapped values 13 */ 14 15 extern security_class_t 16 unmap_class(security_class_t tclass); 17 18 extern access_vector_t 19 unmap_perm(security_class_t tclass, access_vector_t tperm); 20 21 /* 22 * Get mapped values from real, kernel values 23 */ 24 25 extern security_class_t 26 map_class(security_class_t kclass); 27 28 extern access_vector_t 29 map_perm(security_class_t tclass, access_vector_t kperm); 30 31 extern void 32 map_decision(security_class_t tclass, struct av_decision *avd); 33 34 /*mapping is not used for embedded build*/ 35 #ifdef DISABLE_AVC 36 #define unmap_perm(x,y) y 37 #define unmap_class(x) x 38 #define map_decision(x,y) 39 #endif 40 41 #endif /* _SELINUX_MAPPING_H_ */ 42