initial import from svn trunk revision 2950
diff --git a/libselinux/src/Makefile b/libselinux/src/Makefile
new file mode 100644
index 0000000..f5fd630
--- /dev/null
+++ b/libselinux/src/Makefile
@@ -0,0 +1,134 @@
+# Installation directories.
+PREFIX ?= $(DESTDIR)/usr
+LIBDIR ?= $(PREFIX)/lib
+SHLIBDIR ?= $(DESTDIR)/lib
+INCLUDEDIR ?= $(PREFIX)/include
+PYLIBVER ?= $(shell python -c 'import sys;print "python%d.%d" % sys.version_info[0:2]')
+PYINC ?= /usr/include/$(PYLIBVER)
+PYLIB ?= /usr/lib/$(PYLIBVER)
+PYTHONLIBDIR ?= $(LIBDIR)/$(PYLIBVER)
+RUBYLIBVER ?= $(shell ruby -e 'print RUBY_VERSION.split(".")[0..1].join(".")')
+RUBYPLATFORM ?= $(shell ruby -e 'print RUBY_PLATFORM')
+RUBYINC ?= $(LIBDIR)/ruby/$(RUBYLIBVER)/$(RUBYPLATFORM)
+RUBYINSTALL ?= $(LIBDIR)/ruby/site_ruby/$(RUBYLIBVER)/$(RUBYPLATFORM)
+
+LIBVERSION = 1
+
+LIBA=libselinux.a
+TARGET=libselinux.so
+SWIGIF= selinuxswig_python.i
+SWIGRUBYIF= selinuxswig_ruby.i
+SWIGCOUT= selinuxswig_wrap.c
+SWIGRUBYCOUT= selinuxswig_ruby_wrap.c
+SWIGLOBJ:= $(patsubst %.c,%.lo,$(SWIGCOUT))
+SWIGRUBYLOBJ:= $(patsubst %.c,%.lo,$(SWIGRUBYCOUT))
+SWIGSO=_selinux.so
+SWIGFILES=$(SWIGSO) selinux.py
+SWIGRUBYSO=_rubyselinux.so
+LIBSO=$(TARGET).$(LIBVERSION)
+AUDIT2WHYSO=audit2why.so
+
+ifeq ($(DISABLE_AVC),y)
+ UNUSED_SRCS+=avc.c avc_internal.c avc_sidtab.c mapping.c stringrep.c checkAccess.c
+endif
+ifeq ($(DISABLE_BOOL),y)
+ UNUSED_SRCS+=booleans.c
+endif
+ifeq ($(DISABLE_RPM),y)
+ UNUSED_SRCS+=rpm.c
+endif
+
+GENERATED=$(SWIGCOUT) $(SWIGRUBYCOUT)
+SRCS= $(filter-out $(UNUSED_SRCS), $(filter-out audit2why.c $(GENERATED),$(wildcard *.c)))
+
+OBJS= $(patsubst %.c,%.o,$(SRCS))
+LOBJS= $(patsubst %.c,%.lo,$(SRCS))
+CFLAGS ?= -Werror -Wall -W -Wundef -Wshadow -Wmissing-noreturn -Wmissing-format-attribute
+override CFLAGS += -I../include -I$(INCLUDEDIR) -D_GNU_SOURCE -D_FILE_OFFSET_BITS=64 $(EMFLAGS)
+RANLIB=ranlib
+
+ARCH := $(patsubst i%86,i386,$(shell uname -m))
+ifneq (,$(filter i386,$(ARCH)))
+TLSFLAGS += -mno-tls-direct-seg-refs
+endif
+
+SWIG = swig -Wall -python -o $(SWIGCOUT) -outdir ./
+
+SWIGRUBY = swig -Wall -ruby -o $(SWIGRUBYCOUT) -outdir ./
+
+all: $(LIBA) $(LIBSO)
+
+pywrap: all $(SWIGSO) $(AUDIT2WHYSO)
+
+rubywrap: all $(SWIGRUBYSO)
+
+$(LIBA): $(OBJS)
+ $(AR) rcs $@ $^
+ $(RANLIB) $@
+
+$(SWIGLOBJ): $(SWIGCOUT)
+ $(CC) $(filter-out -Werror,$(CFLAGS)) -I$(PYINC) -fPIC -DSHARED -c -o $@ $<
+
+$(SWIGRUBYLOBJ): $(SWIGRUBYCOUT)
+ $(CC) $(filter-out -Werror,$(CFLAGS)) -I$(RUBYINC) -fPIC -DSHARED -c -o $@ $<
+
+$(SWIGSO): $(SWIGLOBJ)
+ $(CC) $(CFLAGS) $(LDFLAGS) -shared -o $@ $< -L. -lselinux -L$(LIBDIR) -Wl,-soname,$@
+
+$(SWIGRUBYSO): $(SWIGRUBYLOBJ)
+ $(CC) $(CFLAGS) $(LDFLAGS) -shared -o $@ $^ -L. -lselinux -L$(LIBDIR) -Wl,-soname,$@
+
+$(LIBSO): $(LOBJS)
+ $(CC) $(CFLAGS) $(LDFLAGS) -shared -o $@ $^ -ldl -L$(LIBDIR) -Wl,-soname,$(LIBSO),-z,defs,-z,relro
+ ln -sf $@ $(TARGET)
+
+audit2why.lo: audit2why.c
+ $(CC) $(CFLAGS) -I$(PYINC) -fPIC -DSHARED -c -o $@ $<
+
+$(AUDIT2WHYSO): audit2why.lo
+ $(CC) $(CFLAGS) $(LDFLAGS) -shared -o $@ $^ -L. -lselinux ${LIBDIR}/libsepol.a -L$(LIBDIR) -Wl,-soname,$@
+
+%.o: %.c policy.h
+ $(CC) $(CFLAGS) $(TLSFLAGS) -c -o $@ $<
+
+%.lo: %.c policy.h
+ $(CC) $(CFLAGS) -fPIC -DSHARED -c -o $@ $<
+
+$(SWIGCOUT): $(SWIGIF)
+ $(SWIG) $^
+
+$(SWIGRUBYCOUT): $(SWIGRUBYIF)
+ $(SWIGRUBY) $^
+
+swigify: $(SWIGIF)
+ $(SWIG) $^
+
+install: all
+ test -d $(LIBDIR) || install -m 755 -d $(LIBDIR)
+ install -m 644 $(LIBA) $(LIBDIR)
+ test -d $(SHLIBDIR) || install -m 755 -d $(SHLIBDIR)
+ install -m 755 $(LIBSO) $(SHLIBDIR)
+ cd $(LIBDIR) && ln -sf ../../`basename $(SHLIBDIR)`/$(LIBSO) $(TARGET)
+
+install-pywrap: pywrap
+ test -d $(PYTHONLIBDIR)/site-packages/selinux || install -m 755 -d $(PYTHONLIBDIR)/site-packages/selinux
+ install -m 755 $(SWIGSO) $(PYTHONLIBDIR)/site-packages/selinux
+ install -m 755 $(AUDIT2WHYSO) $(PYTHONLIBDIR)/site-packages/selinux
+ install -m 644 selinux.py $(PYTHONLIBDIR)/site-packages/selinux/__init__.py
+
+install-rubywrap: rubywrap
+ test -d $(RUBYINSTALL) || install -m 755 -d $(RUBYINSTALL)
+ install -m 755 $(SWIGRUBYSO) $(RUBYINSTALL)/selinux.so
+
+relabel:
+ /sbin/restorecon $(SHLIBDIR)/$(LIBSO)
+
+clean:
+ -rm -f $(OBJS) $(LOBJS) $(LIBA) $(LIBSO) $(SWIGLOBJ) $(SWIGSO) $(TARGET) $(AUDIT2WHYSO) *.o *.lo *~
+
+distclean: clean
+ rm -f $(GENERATED) $(SWIGFILES)
+
+indent:
+ ../../scripts/Lindent $(filter-out $(GENERATED),$(wildcard *.[ch]))
+
diff --git a/libselinux/src/audit2why.c b/libselinux/src/audit2why.c
new file mode 100644
index 0000000..691bc67
--- /dev/null
+++ b/libselinux/src/audit2why.c
@@ -0,0 +1,443 @@
+#include <Python.h>
+#include <unistd.h>
+#include <stdlib.h>
+#include <ctype.h>
+#include <errno.h>
+#include <getopt.h>
+#include <limits.h>
+#include <sepol/sepol.h>
+#include <sepol/policydb.h>
+#include <sepol/policydb/services.h>
+#include <selinux/selinux.h>
+
+#define UNKNOWN -1
+#define BADSCON -2
+#define BADTCON -3
+#define BADTCLASS -4
+#define BADPERM -5
+#define BADCOMPUTE -6
+#define NOPOLICY -7
+#define ALLOW 0
+#define DONTAUDIT 1
+#define TERULE 2
+#define BOOLEAN 3
+#define CONSTRAINT 4
+#define RBAC 5
+
+struct boolean_t {
+ char *name;
+ int active;
+};
+
+static struct boolean_t **boollist = NULL;
+static int boolcnt = 0;
+
+struct avc_t {
+ sepol_handle_t *handle;
+ sepol_policydb_t *policydb;
+ sepol_security_id_t ssid;
+ sepol_security_id_t tsid;
+ sepol_security_class_t tclass;
+ sepol_access_vector_t av;
+};
+
+static struct avc_t *avc = NULL;
+
+static sidtab_t sidtab;
+
+static int load_booleans(const sepol_bool_t * boolean,
+ void *arg __attribute__ ((__unused__)))
+{
+ boollist[boolcnt] = malloc(sizeof(struct boolean_t));
+ boollist[boolcnt]->name = strdup(sepol_bool_get_name(boolean));
+ boollist[boolcnt]->active = sepol_bool_get_value(boolean);
+ boolcnt++;
+ return 0;
+}
+
+static int check_booleans(struct boolean_t **bools)
+{
+ char errormsg[PATH_MAX];
+ struct sepol_av_decision avd;
+ unsigned int reason;
+ int rc;
+ int i;
+ sepol_bool_key_t *key = NULL;
+ sepol_bool_t *boolean = NULL;
+ int fcnt = 0;
+ int *foundlist = calloc(boolcnt, sizeof(int));
+ if (!foundlist) {
+ PyErr_SetString( PyExc_MemoryError, "Out of memory\n");
+ return fcnt;
+ }
+ for (i = 0; i < boolcnt; i++) {
+ char *name = boollist[i]->name;
+ int active = boollist[i]->active;
+ rc = sepol_bool_key_create(avc->handle, name, &key);
+ if (rc < 0) {
+ PyErr_SetString( PyExc_RuntimeError,
+ "Could not create boolean key.\n");
+ break;
+ }
+ rc = sepol_bool_query(avc->handle,
+ avc->policydb,
+ key, &boolean);
+
+ if (rc < 0) {
+ snprintf(errormsg, sizeof(errormsg),
+ "Could not find boolean %s.\n", name);
+ PyErr_SetString( PyExc_RuntimeError, errormsg);
+ break;
+ }
+
+ sepol_bool_set_value(boolean, !active);
+
+ rc = sepol_bool_set(avc->handle,
+ avc->policydb,
+ key, boolean);
+ if (rc < 0) {
+ snprintf(errormsg, sizeof(errormsg),
+ "Could not set boolean data %s.\n", name);
+ PyErr_SetString( PyExc_RuntimeError, errormsg);
+ break;
+ }
+
+ /* Reproduce the computation. */
+ rc = sepol_compute_av_reason(avc->ssid, avc->tsid, avc->tclass,
+ avc->av, &avd, &reason);
+ if (rc < 0) {
+ snprintf(errormsg, sizeof(errormsg),
+ "Error during access vector computation, skipping...");
+ PyErr_SetString( PyExc_RuntimeError, errormsg);
+
+ sepol_bool_free(boolean);
+ break;
+ } else {
+ if (!reason) {
+ foundlist[fcnt] = i;
+ fcnt++;
+ }
+ sepol_bool_set_value(boolean, active);
+ rc = sepol_bool_set(avc->handle,
+ avc->policydb, key,
+ boolean);
+ if (rc < 0) {
+ snprintf(errormsg, sizeof(errormsg),
+ "Could not set boolean data %s.\n",
+ name);
+
+ PyErr_SetString( PyExc_RuntimeError, errormsg);
+ break;
+ }
+ }
+ sepol_bool_free(boolean);
+ sepol_bool_key_free(key);
+ key = NULL;
+ boolean = NULL;
+ }
+ if (key)
+ sepol_bool_key_free(key);
+
+ if (boolean)
+ sepol_bool_free(boolean);
+
+ if (fcnt > 0) {
+ *bools = calloc(sizeof(struct boolean_t), fcnt + 1);
+ struct boolean_t *b = *bools;
+ for (i = 0; i < fcnt; i++) {
+ int ctr = foundlist[i];
+ b[i].name = strdup(boollist[ctr]->name);
+ b[i].active = !boollist[ctr]->active;
+ }
+ }
+ free(foundlist);
+ return fcnt;
+}
+
+static PyObject *finish(PyObject *self __attribute__((unused)), PyObject *args) {
+ PyObject *result = 0;
+
+ if (PyArg_ParseTuple(args,(char *)":finish")) {
+ int i = 0;
+ for (i = 0; i < boolcnt; i++) {
+ free(boollist[i]->name);
+ free(boollist[i]);
+ }
+ free(boollist);
+ sepol_sidtab_shutdown(&sidtab);
+ sepol_sidtab_destroy(&sidtab);
+ sepol_policydb_free(avc->policydb);
+ sepol_handle_destroy(avc->handle);
+ free(avc);
+ avc = NULL;
+ boollist = NULL;
+ boolcnt = 0;
+
+ /* Boilerplate to return "None" */
+ Py_RETURN_NONE;
+ }
+ return result;
+}
+
+
+static int __policy_init(const char *init_path)
+{
+ FILE *fp;
+ int vers = 0;
+ char path[PATH_MAX];
+ char errormsg[PATH_MAX];
+ struct sepol_policy_file *pf = NULL;
+ int rc;
+ unsigned int cnt;
+
+ if (init_path) {
+ strncpy(path, init_path, PATH_MAX);
+ fp = fopen(path, "r");
+ if (!fp) {
+ snprintf(errormsg, sizeof(errormsg),
+ "unable to open %s: %s\n",
+ path, strerror(errno));
+ PyErr_SetString( PyExc_ValueError, errormsg);
+ return 1;
+ }
+ } else {
+ vers = sepol_policy_kern_vers_max();
+ if (vers < 0) {
+ snprintf(errormsg, sizeof(errormsg),
+ "Could not get policy version: %s\n",
+ strerror(errno));
+ PyErr_SetString( PyExc_ValueError, errormsg);
+ return 1;
+ }
+ snprintf(path, PATH_MAX, "%s.%d",
+ selinux_binary_policy_path(), vers);
+ fp = fopen(path, "r");
+ while (!fp && errno == ENOENT && --vers) {
+ snprintf(path, PATH_MAX, "%s.%d",
+ selinux_binary_policy_path(), vers);
+ fp = fopen(path, "r");
+ }
+ if (!fp) {
+ snprintf(errormsg, sizeof(errormsg),
+ "unable to open %s.%d: %s\n",
+ selinux_binary_policy_path(),
+ security_policyvers(), strerror(errno));
+ PyErr_SetString( PyExc_ValueError, errormsg);
+ return 1;
+ }
+ }
+
+ avc = calloc(sizeof(struct avc_t), 1);
+ if (!avc) {
+ PyErr_SetString( PyExc_MemoryError, "Out of memory\n");
+ return 1;
+ }
+
+ /* Set up a policydb directly so that we can mutate it later
+ for testing what booleans might have allowed the access.
+ Otherwise, we'd just use sepol_set_policydb_from_file() here. */
+ if (sepol_policy_file_create(&pf) ||
+ sepol_policydb_create(&avc->policydb)) {
+ snprintf(errormsg, sizeof(errormsg),
+ "policydb_init failed: %s\n", strerror(errno));
+ PyErr_SetString( PyExc_RuntimeError, errormsg);
+ fclose(fp);
+ return 1;
+ }
+ sepol_policy_file_set_fp(pf, fp);
+ if (sepol_policydb_read(avc->policydb, pf)) {
+ snprintf(errormsg, sizeof(errormsg),
+ "invalid binary policy %s\n", path);
+ PyErr_SetString( PyExc_ValueError, errormsg);
+ fclose(fp);
+ return 1;
+ }
+ fclose(fp);
+ sepol_set_policydb(&avc->policydb->p);
+ avc->handle = sepol_handle_create();
+
+ rc = sepol_bool_count(avc->handle,
+ avc->policydb, &cnt);
+ if (rc < 0) {
+ PyErr_SetString( PyExc_RuntimeError, "unable to get bool count\n");
+ return 1;
+ }
+
+ boollist = calloc(cnt, sizeof(struct boolean_t));
+ if (!boollist) {
+ PyErr_SetString( PyExc_MemoryError, "Out of memory\n");
+ return 1;
+ }
+
+ sepol_bool_iterate(avc->handle, avc->policydb,
+ load_booleans, (void *)NULL);
+
+ /* Initialize the sidtab for subsequent use by sepol_context_to_sid
+ and sepol_compute_av_reason. */
+ rc = sepol_sidtab_init(&sidtab);
+ if (rc < 0) {
+ PyErr_SetString( PyExc_RuntimeError, "unable to init sidtab\n");
+ free(boollist);
+ return 1;
+ }
+ sepol_set_sidtab(&sidtab);
+ return 0;
+}
+
+static PyObject *init(PyObject *self __attribute__((unused)), PyObject *args) {
+ int result;
+ char *init_path=NULL;
+ if (PyArg_ParseTuple(args,(char *)"|s:policy_init",&init_path))
+ result = __policy_init(init_path);
+ return Py_BuildValue("i", result);
+}
+
+#define RETURN(X) \
+ PyTuple_SetItem(result, 0, Py_BuildValue("i", X)); \
+ return result;
+
+static PyObject *analyze(PyObject *self __attribute__((unused)) , PyObject *args) {
+ security_context_t scon;
+ security_context_t tcon;
+ char *tclassstr;
+ PyObject *listObj;
+ PyObject *strObj;
+ int numlines;
+ struct boolean_t *bools;
+ unsigned int reason;
+ sepol_security_id_t ssid, tsid;
+ sepol_security_class_t tclass;
+ sepol_access_vector_t perm, av;
+ struct sepol_av_decision avd;
+ int rc;
+ int i=0;
+ PyObject *result = PyTuple_New(2);
+ if (!result) return NULL;
+ Py_INCREF(Py_None);
+ PyTuple_SetItem(result, 1, Py_None);
+
+ if (!PyArg_ParseTuple(args,(char *)"sssO!:audit2why",&scon,&tcon,&tclassstr,&PyList_Type, &listObj))
+ return NULL;
+
+ /* get the number of lines passed to us */
+ numlines = PyList_Size(listObj);
+
+ /* should raise an error here. */
+ if (numlines < 0) return NULL; /* Not a list */
+
+ if (!avc) {
+ RETURN(NOPOLICY)
+ }
+
+ rc = sepol_context_to_sid(scon, strlen(scon) + 1, &ssid);
+ if (rc < 0) {
+ RETURN(BADSCON)
+ }
+ rc = sepol_context_to_sid(tcon, strlen(tcon) + 1, &tsid);
+ if (rc < 0) {
+ RETURN(BADTCON)
+ }
+ tclass = string_to_security_class(tclassstr);
+ if (!tclass) {
+ RETURN(BADTCLASS)
+ }
+ /* Convert the permission list to an AV. */
+ av = 0;
+
+ /* iterate over items of the list, grabbing strings, and parsing
+ for numbers */
+ for (i=0; i<numlines; i++){
+ char *permstr;
+
+ /* grab the string object from the next element of the list */
+ strObj = PyList_GetItem(listObj, i); /* Can't fail */
+
+ /* make it a string */
+ permstr = PyString_AsString( strObj );
+
+ perm = string_to_av_perm(tclass, permstr);
+ if (!perm) {
+ RETURN(BADPERM)
+ }
+ av |= perm;
+ }
+
+ /* Reproduce the computation. */
+ rc = sepol_compute_av_reason(ssid, tsid, tclass, av, &avd, &reason);
+ if (rc < 0) {
+ RETURN(BADCOMPUTE)
+ }
+
+ if (!reason) {
+ RETURN(ALLOW)
+ }
+ if (reason & SEPOL_COMPUTEAV_TE) {
+ avc->ssid = ssid;
+ avc->tsid = tsid;
+ avc->tclass = tclass;
+ avc->av = av;
+ if (check_booleans(&bools) == 0) {
+ if (av & ~avd.auditdeny) {
+ RETURN(DONTAUDIT)
+ } else {
+ RETURN(TERULE)
+ }
+ } else {
+ PyTuple_SetItem(result, 0, Py_BuildValue("i", BOOLEAN));
+ struct boolean_t *b = bools;
+ int len=0;
+ while (b->name) {
+ len++; b++;
+ }
+ b = bools;
+ PyObject *outboollist = PyTuple_New(len);
+ len=0;
+ while(b->name) {
+ PyObject *bool = Py_BuildValue("(si)", b->name, b->active);
+ PyTuple_SetItem(outboollist, len++, bool);
+ b++;
+ }
+ free(bools);
+ PyTuple_SetItem(result, 1, outboollist);
+ return result;
+ }
+ }
+
+ if (reason & SEPOL_COMPUTEAV_CONS) {
+ RETURN(CONSTRAINT);
+ }
+
+ if (reason & SEPOL_COMPUTEAV_RBAC) {
+ RETURN(RBAC)
+ }
+ RETURN(BADCOMPUTE)
+}
+
+static PyMethodDef audit2whyMethods[] = {
+ {"init", init, METH_VARARGS,
+ "Initialize policy database."},
+ {"analyze", analyze, METH_VARARGS,
+ "Analyze AVC."},
+ {"finish", finish, METH_VARARGS,
+ "Finish using policy, free memory."},
+ {NULL, NULL, 0, NULL} /* Sentinel */
+};
+
+PyMODINIT_FUNC
+initaudit2why(void)
+{
+ PyObject *m = Py_InitModule("audit2why", audit2whyMethods);
+ PyModule_AddIntConstant(m,"UNKNOWN", UNKNOWN);
+ PyModule_AddIntConstant(m,"BADSCON", BADSCON);
+ PyModule_AddIntConstant(m,"BADTCON", BADTCON);
+ PyModule_AddIntConstant(m,"BADTCLASS", BADTCLASS);
+ PyModule_AddIntConstant(m,"BADPERM", BADPERM);
+ PyModule_AddIntConstant(m,"BADCOMPUTE", BADCOMPUTE);
+ PyModule_AddIntConstant(m,"NOPOLICY", NOPOLICY);
+ PyModule_AddIntConstant(m,"ALLOW", ALLOW);
+ PyModule_AddIntConstant(m,"DONTAUDIT", DONTAUDIT);
+ PyModule_AddIntConstant(m,"TERULE", TERULE);
+ PyModule_AddIntConstant(m,"BOOLEAN", BOOLEAN);
+ PyModule_AddIntConstant(m,"CONSTRAINT", CONSTRAINT);
+ PyModule_AddIntConstant(m,"RBAC", RBAC);
+}
diff --git a/libselinux/src/av_inherit.h b/libselinux/src/av_inherit.h
new file mode 100644
index 0000000..21effa7
--- /dev/null
+++ b/libselinux/src/av_inherit.h
@@ -0,0 +1,38 @@
+/* This file is automatically generated. Do not edit. */
+ S_(SECCLASS_DIR, file, 0x00020000UL)
+ S_(SECCLASS_FILE, file, 0x00020000UL)
+ S_(SECCLASS_LNK_FILE, file, 0x00020000UL)
+ S_(SECCLASS_CHR_FILE, file, 0x00020000UL)
+ S_(SECCLASS_BLK_FILE, file, 0x00020000UL)
+ S_(SECCLASS_SOCK_FILE, file, 0x00020000UL)
+ S_(SECCLASS_FIFO_FILE, file, 0x00020000UL)
+ S_(SECCLASS_SOCKET, socket, 0x00400000UL)
+ S_(SECCLASS_TCP_SOCKET, socket, 0x00400000UL)
+ S_(SECCLASS_UDP_SOCKET, socket, 0x00400000UL)
+ S_(SECCLASS_RAWIP_SOCKET, socket, 0x00400000UL)
+ S_(SECCLASS_NETLINK_SOCKET, socket, 0x00400000UL)
+ S_(SECCLASS_PACKET_SOCKET, socket, 0x00400000UL)
+ S_(SECCLASS_KEY_SOCKET, socket, 0x00400000UL)
+ S_(SECCLASS_UNIX_STREAM_SOCKET, socket, 0x00400000UL)
+ S_(SECCLASS_UNIX_DGRAM_SOCKET, socket, 0x00400000UL)
+ S_(SECCLASS_IPC, ipc, 0x00000200UL)
+ S_(SECCLASS_SEM, ipc, 0x00000200UL)
+ S_(SECCLASS_MSGQ, ipc, 0x00000200UL)
+ S_(SECCLASS_SHM, ipc, 0x00000200UL)
+ S_(SECCLASS_NETLINK_ROUTE_SOCKET, socket, 0x00400000UL)
+ S_(SECCLASS_NETLINK_FIREWALL_SOCKET, socket, 0x00400000UL)
+ S_(SECCLASS_NETLINK_TCPDIAG_SOCKET, socket, 0x00400000UL)
+ S_(SECCLASS_NETLINK_NFLOG_SOCKET, socket, 0x00400000UL)
+ S_(SECCLASS_NETLINK_XFRM_SOCKET, socket, 0x00400000UL)
+ S_(SECCLASS_NETLINK_SELINUX_SOCKET, socket, 0x00400000UL)
+ S_(SECCLASS_NETLINK_AUDIT_SOCKET, socket, 0x00400000UL)
+ S_(SECCLASS_NETLINK_IP6FW_SOCKET, socket, 0x00400000UL)
+ S_(SECCLASS_NETLINK_DNRT_SOCKET, socket, 0x00400000UL)
+ S_(SECCLASS_NETLINK_KOBJECT_UEVENT_SOCKET, socket, 0x00400000UL)
+ S_(SECCLASS_APPLETALK_SOCKET, socket, 0x00400000UL)
+ S_(SECCLASS_DCCP_SOCKET, socket, 0x00400000UL)
+ S_(SECCLASS_DB_DATABASE, database, 0x00000040UL)
+ S_(SECCLASS_DB_TABLE, database, 0x00000040UL)
+ S_(SECCLASS_DB_PROCEDURE, database, 0x00000040UL)
+ S_(SECCLASS_DB_COLUMN, database, 0x00000040UL)
+ S_(SECCLASS_DB_BLOB, database, 0x00000040UL)
diff --git a/libselinux/src/av_perm_to_string.h b/libselinux/src/av_perm_to_string.h
new file mode 100644
index 0000000..85028b3
--- /dev/null
+++ b/libselinux/src/av_perm_to_string.h
@@ -0,0 +1,305 @@
+/* This file is automatically generated. Do not edit. */
+ S_(SECCLASS_FILESYSTEM, FILESYSTEM__MOUNT, "mount")
+ S_(SECCLASS_FILESYSTEM, FILESYSTEM__REMOUNT, "remount")
+ S_(SECCLASS_FILESYSTEM, FILESYSTEM__UNMOUNT, "unmount")
+ S_(SECCLASS_FILESYSTEM, FILESYSTEM__GETATTR, "getattr")
+ S_(SECCLASS_FILESYSTEM, FILESYSTEM__RELABELFROM, "relabelfrom")
+ S_(SECCLASS_FILESYSTEM, FILESYSTEM__RELABELTO, "relabelto")
+ S_(SECCLASS_FILESYSTEM, FILESYSTEM__TRANSITION, "transition")
+ S_(SECCLASS_FILESYSTEM, FILESYSTEM__ASSOCIATE, "associate")
+ S_(SECCLASS_FILESYSTEM, FILESYSTEM__QUOTAMOD, "quotamod")
+ S_(SECCLASS_FILESYSTEM, FILESYSTEM__QUOTAGET, "quotaget")
+ S_(SECCLASS_DIR, DIR__ADD_NAME, "add_name")
+ S_(SECCLASS_DIR, DIR__REMOVE_NAME, "remove_name")
+ S_(SECCLASS_DIR, DIR__REPARENT, "reparent")
+ S_(SECCLASS_DIR, DIR__SEARCH, "search")
+ S_(SECCLASS_DIR, DIR__RMDIR, "rmdir")
+ S_(SECCLASS_FILE, FILE__EXECUTE_NO_TRANS, "execute_no_trans")
+ S_(SECCLASS_FILE, FILE__ENTRYPOINT, "entrypoint")
+ S_(SECCLASS_FILE, FILE__EXECMOD, "execmod")
+ S_(SECCLASS_CHR_FILE, CHR_FILE__EXECUTE_NO_TRANS, "execute_no_trans")
+ S_(SECCLASS_CHR_FILE, CHR_FILE__ENTRYPOINT, "entrypoint")
+ S_(SECCLASS_CHR_FILE, CHR_FILE__EXECMOD, "execmod")
+ S_(SECCLASS_FD, FD__USE, "use")
+ S_(SECCLASS_TCP_SOCKET, TCP_SOCKET__CONNECTTO, "connectto")
+ S_(SECCLASS_TCP_SOCKET, TCP_SOCKET__NEWCONN, "newconn")
+ S_(SECCLASS_TCP_SOCKET, TCP_SOCKET__ACCEPTFROM, "acceptfrom")
+ S_(SECCLASS_TCP_SOCKET, TCP_SOCKET__NODE_BIND, "node_bind")
+ S_(SECCLASS_TCP_SOCKET, TCP_SOCKET__NAME_CONNECT, "name_connect")
+ S_(SECCLASS_UDP_SOCKET, UDP_SOCKET__NODE_BIND, "node_bind")
+ S_(SECCLASS_RAWIP_SOCKET, RAWIP_SOCKET__NODE_BIND, "node_bind")
+ S_(SECCLASS_NODE, NODE__TCP_RECV, "tcp_recv")
+ S_(SECCLASS_NODE, NODE__TCP_SEND, "tcp_send")
+ S_(SECCLASS_NODE, NODE__UDP_RECV, "udp_recv")
+ S_(SECCLASS_NODE, NODE__UDP_SEND, "udp_send")
+ S_(SECCLASS_NODE, NODE__RAWIP_RECV, "rawip_recv")
+ S_(SECCLASS_NODE, NODE__RAWIP_SEND, "rawip_send")
+ S_(SECCLASS_NODE, NODE__ENFORCE_DEST, "enforce_dest")
+ S_(SECCLASS_NODE, NODE__DCCP_RECV, "dccp_recv")
+ S_(SECCLASS_NODE, NODE__DCCP_SEND, "dccp_send")
+ S_(SECCLASS_NODE, NODE__RECVFROM, "recvfrom")
+ S_(SECCLASS_NODE, NODE__SENDTO, "sendto")
+ S_(SECCLASS_NETIF, NETIF__TCP_RECV, "tcp_recv")
+ S_(SECCLASS_NETIF, NETIF__TCP_SEND, "tcp_send")
+ S_(SECCLASS_NETIF, NETIF__UDP_RECV, "udp_recv")
+ S_(SECCLASS_NETIF, NETIF__UDP_SEND, "udp_send")
+ S_(SECCLASS_NETIF, NETIF__RAWIP_RECV, "rawip_recv")
+ S_(SECCLASS_NETIF, NETIF__RAWIP_SEND, "rawip_send")
+ S_(SECCLASS_NETIF, NETIF__DCCP_RECV, "dccp_recv")
+ S_(SECCLASS_NETIF, NETIF__DCCP_SEND, "dccp_send")
+ S_(SECCLASS_NETIF, NETIF__INGRESS, "ingress")
+ S_(SECCLASS_NETIF, NETIF__EGRESS, "egress")
+ S_(SECCLASS_UNIX_STREAM_SOCKET, UNIX_STREAM_SOCKET__CONNECTTO, "connectto")
+ S_(SECCLASS_UNIX_STREAM_SOCKET, UNIX_STREAM_SOCKET__NEWCONN, "newconn")
+ S_(SECCLASS_UNIX_STREAM_SOCKET, UNIX_STREAM_SOCKET__ACCEPTFROM, "acceptfrom")
+ S_(SECCLASS_PROCESS, PROCESS__FORK, "fork")
+ S_(SECCLASS_PROCESS, PROCESS__TRANSITION, "transition")
+ S_(SECCLASS_PROCESS, PROCESS__SIGCHLD, "sigchld")
+ S_(SECCLASS_PROCESS, PROCESS__SIGKILL, "sigkill")
+ S_(SECCLASS_PROCESS, PROCESS__SIGSTOP, "sigstop")
+ S_(SECCLASS_PROCESS, PROCESS__SIGNULL, "signull")
+ S_(SECCLASS_PROCESS, PROCESS__SIGNAL, "signal")
+ S_(SECCLASS_PROCESS, PROCESS__PTRACE, "ptrace")
+ S_(SECCLASS_PROCESS, PROCESS__GETSCHED, "getsched")
+ S_(SECCLASS_PROCESS, PROCESS__SETSCHED, "setsched")
+ S_(SECCLASS_PROCESS, PROCESS__GETSESSION, "getsession")
+ S_(SECCLASS_PROCESS, PROCESS__GETPGID, "getpgid")
+ S_(SECCLASS_PROCESS, PROCESS__SETPGID, "setpgid")
+ S_(SECCLASS_PROCESS, PROCESS__GETCAP, "getcap")
+ S_(SECCLASS_PROCESS, PROCESS__SETCAP, "setcap")
+ S_(SECCLASS_PROCESS, PROCESS__SHARE, "share")
+ S_(SECCLASS_PROCESS, PROCESS__GETATTR, "getattr")
+ S_(SECCLASS_PROCESS, PROCESS__SETEXEC, "setexec")
+ S_(SECCLASS_PROCESS, PROCESS__SETFSCREATE, "setfscreate")
+ S_(SECCLASS_PROCESS, PROCESS__NOATSECURE, "noatsecure")
+ S_(SECCLASS_PROCESS, PROCESS__SIGINH, "siginh")
+ S_(SECCLASS_PROCESS, PROCESS__SETRLIMIT, "setrlimit")
+ S_(SECCLASS_PROCESS, PROCESS__RLIMITINH, "rlimitinh")
+ S_(SECCLASS_PROCESS, PROCESS__DYNTRANSITION, "dyntransition")
+ S_(SECCLASS_PROCESS, PROCESS__SETCURRENT, "setcurrent")
+ S_(SECCLASS_PROCESS, PROCESS__EXECMEM, "execmem")
+ S_(SECCLASS_PROCESS, PROCESS__EXECSTACK, "execstack")
+ S_(SECCLASS_PROCESS, PROCESS__EXECHEAP, "execheap")
+ S_(SECCLASS_PROCESS, PROCESS__SETKEYCREATE, "setkeycreate")
+ S_(SECCLASS_PROCESS, PROCESS__SETSOCKCREATE, "setsockcreate")
+ S_(SECCLASS_MSGQ, MSGQ__ENQUEUE, "enqueue")
+ S_(SECCLASS_MSG, MSG__SEND, "send")
+ S_(SECCLASS_MSG, MSG__RECEIVE, "receive")
+ S_(SECCLASS_SHM, SHM__LOCK, "lock")
+ S_(SECCLASS_SECURITY, SECURITY__COMPUTE_AV, "compute_av")
+ S_(SECCLASS_SECURITY, SECURITY__COMPUTE_CREATE, "compute_create")
+ S_(SECCLASS_SECURITY, SECURITY__COMPUTE_MEMBER, "compute_member")
+ S_(SECCLASS_SECURITY, SECURITY__CHECK_CONTEXT, "check_context")
+ S_(SECCLASS_SECURITY, SECURITY__LOAD_POLICY, "load_policy")
+ S_(SECCLASS_SECURITY, SECURITY__COMPUTE_RELABEL, "compute_relabel")
+ S_(SECCLASS_SECURITY, SECURITY__COMPUTE_USER, "compute_user")
+ S_(SECCLASS_SECURITY, SECURITY__SETENFORCE, "setenforce")
+ S_(SECCLASS_SECURITY, SECURITY__SETBOOL, "setbool")
+ S_(SECCLASS_SECURITY, SECURITY__SETSECPARAM, "setsecparam")
+ S_(SECCLASS_SECURITY, SECURITY__SETCHECKREQPROT, "setcheckreqprot")
+ S_(SECCLASS_SYSTEM, SYSTEM__IPC_INFO, "ipc_info")
+ S_(SECCLASS_SYSTEM, SYSTEM__SYSLOG_READ, "syslog_read")
+ S_(SECCLASS_SYSTEM, SYSTEM__SYSLOG_MOD, "syslog_mod")
+ S_(SECCLASS_SYSTEM, SYSTEM__SYSLOG_CONSOLE, "syslog_console")
+ S_(SECCLASS_CAPABILITY, CAPABILITY__CHOWN, "chown")
+ S_(SECCLASS_CAPABILITY, CAPABILITY__DAC_OVERRIDE, "dac_override")
+ S_(SECCLASS_CAPABILITY, CAPABILITY__DAC_READ_SEARCH, "dac_read_search")
+ S_(SECCLASS_CAPABILITY, CAPABILITY__FOWNER, "fowner")
+ S_(SECCLASS_CAPABILITY, CAPABILITY__FSETID, "fsetid")
+ S_(SECCLASS_CAPABILITY, CAPABILITY__KILL, "kill")
+ S_(SECCLASS_CAPABILITY, CAPABILITY__SETGID, "setgid")
+ S_(SECCLASS_CAPABILITY, CAPABILITY__SETUID, "setuid")
+ S_(SECCLASS_CAPABILITY, CAPABILITY__SETPCAP, "setpcap")
+ S_(SECCLASS_CAPABILITY, CAPABILITY__LINUX_IMMUTABLE, "linux_immutable")
+ S_(SECCLASS_CAPABILITY, CAPABILITY__NET_BIND_SERVICE, "net_bind_service")
+ S_(SECCLASS_CAPABILITY, CAPABILITY__NET_BROADCAST, "net_broadcast")
+ S_(SECCLASS_CAPABILITY, CAPABILITY__NET_ADMIN, "net_admin")
+ S_(SECCLASS_CAPABILITY, CAPABILITY__NET_RAW, "net_raw")
+ S_(SECCLASS_CAPABILITY, CAPABILITY__IPC_LOCK, "ipc_lock")
+ S_(SECCLASS_CAPABILITY, CAPABILITY__IPC_OWNER, "ipc_owner")
+ S_(SECCLASS_CAPABILITY, CAPABILITY__SYS_MODULE, "sys_module")
+ S_(SECCLASS_CAPABILITY, CAPABILITY__SYS_RAWIO, "sys_rawio")
+ S_(SECCLASS_CAPABILITY, CAPABILITY__SYS_CHROOT, "sys_chroot")
+ S_(SECCLASS_CAPABILITY, CAPABILITY__SYS_PTRACE, "sys_ptrace")
+ S_(SECCLASS_CAPABILITY, CAPABILITY__SYS_PACCT, "sys_pacct")
+ S_(SECCLASS_CAPABILITY, CAPABILITY__SYS_ADMIN, "sys_admin")
+ S_(SECCLASS_CAPABILITY, CAPABILITY__SYS_BOOT, "sys_boot")
+ S_(SECCLASS_CAPABILITY, CAPABILITY__SYS_NICE, "sys_nice")
+ S_(SECCLASS_CAPABILITY, CAPABILITY__SYS_RESOURCE, "sys_resource")
+ S_(SECCLASS_CAPABILITY, CAPABILITY__SYS_TIME, "sys_time")
+ S_(SECCLASS_CAPABILITY, CAPABILITY__SYS_TTY_CONFIG, "sys_tty_config")
+ S_(SECCLASS_CAPABILITY, CAPABILITY__MKNOD, "mknod")
+ S_(SECCLASS_CAPABILITY, CAPABILITY__LEASE, "lease")
+ S_(SECCLASS_CAPABILITY, CAPABILITY__AUDIT_WRITE, "audit_write")
+ S_(SECCLASS_CAPABILITY, CAPABILITY__AUDIT_CONTROL, "audit_control")
+ S_(SECCLASS_CAPABILITY, CAPABILITY__SETFCAP, "setfcap")
+ S_(SECCLASS_CAPABILITY2, CAPABILITY2__MAC_OVERRIDE, "mac_override")
+ S_(SECCLASS_CAPABILITY2, CAPABILITY2__MAC_ADMIN, "mac_admin")
+ S_(SECCLASS_PASSWD, PASSWD__PASSWD, "passwd")
+ S_(SECCLASS_PASSWD, PASSWD__CHFN, "chfn")
+ S_(SECCLASS_PASSWD, PASSWD__CHSH, "chsh")
+ S_(SECCLASS_PASSWD, PASSWD__ROOTOK, "rootok")
+ S_(SECCLASS_PASSWD, PASSWD__CRONTAB, "crontab")
+ S_(SECCLASS_DRAWABLE, DRAWABLE__CREATE, "create")
+ S_(SECCLASS_DRAWABLE, DRAWABLE__DESTROY, "destroy")
+ S_(SECCLASS_DRAWABLE, DRAWABLE__DRAW, "draw")
+ S_(SECCLASS_DRAWABLE, DRAWABLE__COPY, "copy")
+ S_(SECCLASS_DRAWABLE, DRAWABLE__GETATTR, "getattr")
+ S_(SECCLASS_GC, GC__CREATE, "create")
+ S_(SECCLASS_GC, GC__FREE, "free")
+ S_(SECCLASS_GC, GC__GETATTR, "getattr")
+ S_(SECCLASS_GC, GC__SETATTR, "setattr")
+ S_(SECCLASS_WINDOW, WINDOW__ADDCHILD, "addchild")
+ S_(SECCLASS_WINDOW, WINDOW__CREATE, "create")
+ S_(SECCLASS_WINDOW, WINDOW__DESTROY, "destroy")
+ S_(SECCLASS_WINDOW, WINDOW__MAP, "map")
+ S_(SECCLASS_WINDOW, WINDOW__UNMAP, "unmap")
+ S_(SECCLASS_WINDOW, WINDOW__CHSTACK, "chstack")
+ S_(SECCLASS_WINDOW, WINDOW__CHPROPLIST, "chproplist")
+ S_(SECCLASS_WINDOW, WINDOW__CHPROP, "chprop")
+ S_(SECCLASS_WINDOW, WINDOW__LISTPROP, "listprop")
+ S_(SECCLASS_WINDOW, WINDOW__GETATTR, "getattr")
+ S_(SECCLASS_WINDOW, WINDOW__SETATTR, "setattr")
+ S_(SECCLASS_WINDOW, WINDOW__SETFOCUS, "setfocus")
+ S_(SECCLASS_WINDOW, WINDOW__MOVE, "move")
+ S_(SECCLASS_WINDOW, WINDOW__CHSELECTION, "chselection")
+ S_(SECCLASS_WINDOW, WINDOW__CHPARENT, "chparent")
+ S_(SECCLASS_WINDOW, WINDOW__CTRLLIFE, "ctrllife")
+ S_(SECCLASS_WINDOW, WINDOW__ENUMERATE, "enumerate")
+ S_(SECCLASS_WINDOW, WINDOW__TRANSPARENT, "transparent")
+ S_(SECCLASS_WINDOW, WINDOW__MOUSEMOTION, "mousemotion")
+ S_(SECCLASS_WINDOW, WINDOW__CLIENTCOMEVENT, "clientcomevent")
+ S_(SECCLASS_WINDOW, WINDOW__INPUTEVENT, "inputevent")
+ S_(SECCLASS_WINDOW, WINDOW__DRAWEVENT, "drawevent")
+ S_(SECCLASS_WINDOW, WINDOW__WINDOWCHANGEEVENT, "windowchangeevent")
+ S_(SECCLASS_WINDOW, WINDOW__WINDOWCHANGEREQUEST, "windowchangerequest")
+ S_(SECCLASS_WINDOW, WINDOW__SERVERCHANGEEVENT, "serverchangeevent")
+ S_(SECCLASS_WINDOW, WINDOW__EXTENSIONEVENT, "extensionevent")
+ S_(SECCLASS_FONT, FONT__LOAD, "load")
+ S_(SECCLASS_FONT, FONT__FREE, "free")
+ S_(SECCLASS_FONT, FONT__GETATTR, "getattr")
+ S_(SECCLASS_FONT, FONT__USE, "use")
+ S_(SECCLASS_COLORMAP, COLORMAP__CREATE, "create")
+ S_(SECCLASS_COLORMAP, COLORMAP__FREE, "free")
+ S_(SECCLASS_COLORMAP, COLORMAP__INSTALL, "install")
+ S_(SECCLASS_COLORMAP, COLORMAP__UNINSTALL, "uninstall")
+ S_(SECCLASS_COLORMAP, COLORMAP__LIST, "list")
+ S_(SECCLASS_COLORMAP, COLORMAP__READ, "read")
+ S_(SECCLASS_COLORMAP, COLORMAP__STORE, "store")
+ S_(SECCLASS_COLORMAP, COLORMAP__GETATTR, "getattr")
+ S_(SECCLASS_COLORMAP, COLORMAP__SETATTR, "setattr")
+ S_(SECCLASS_PROPERTY, PROPERTY__CREATE, "create")
+ S_(SECCLASS_PROPERTY, PROPERTY__FREE, "free")
+ S_(SECCLASS_PROPERTY, PROPERTY__READ, "read")
+ S_(SECCLASS_PROPERTY, PROPERTY__WRITE, "write")
+ S_(SECCLASS_CURSOR, CURSOR__CREATE, "create")
+ S_(SECCLASS_CURSOR, CURSOR__CREATEGLYPH, "createglyph")
+ S_(SECCLASS_CURSOR, CURSOR__FREE, "free")
+ S_(SECCLASS_CURSOR, CURSOR__ASSIGN, "assign")
+ S_(SECCLASS_CURSOR, CURSOR__SETATTR, "setattr")
+ S_(SECCLASS_XCLIENT, XCLIENT__KILL, "kill")
+ S_(SECCLASS_XINPUT, XINPUT__LOOKUP, "lookup")
+ S_(SECCLASS_XINPUT, XINPUT__GETATTR, "getattr")
+ S_(SECCLASS_XINPUT, XINPUT__SETATTR, "setattr")
+ S_(SECCLASS_XINPUT, XINPUT__SETFOCUS, "setfocus")
+ S_(SECCLASS_XINPUT, XINPUT__WARPPOINTER, "warppointer")
+ S_(SECCLASS_XINPUT, XINPUT__ACTIVEGRAB, "activegrab")
+ S_(SECCLASS_XINPUT, XINPUT__PASSIVEGRAB, "passivegrab")
+ S_(SECCLASS_XINPUT, XINPUT__UNGRAB, "ungrab")
+ S_(SECCLASS_XINPUT, XINPUT__BELL, "bell")
+ S_(SECCLASS_XINPUT, XINPUT__MOUSEMOTION, "mousemotion")
+ S_(SECCLASS_XINPUT, XINPUT__RELABELINPUT, "relabelinput")
+ S_(SECCLASS_XSERVER, XSERVER__SCREENSAVER, "screensaver")
+ S_(SECCLASS_XSERVER, XSERVER__GETHOSTLIST, "gethostlist")
+ S_(SECCLASS_XSERVER, XSERVER__SETHOSTLIST, "sethostlist")
+ S_(SECCLASS_XSERVER, XSERVER__GETFONTPATH, "getfontpath")
+ S_(SECCLASS_XSERVER, XSERVER__SETFONTPATH, "setfontpath")
+ S_(SECCLASS_XSERVER, XSERVER__GETATTR, "getattr")
+ S_(SECCLASS_XSERVER, XSERVER__GRAB, "grab")
+ S_(SECCLASS_XSERVER, XSERVER__UNGRAB, "ungrab")
+ S_(SECCLASS_XEXTENSION, XEXTENSION__QUERY, "query")
+ S_(SECCLASS_XEXTENSION, XEXTENSION__USE, "use")
+ S_(SECCLASS_PAX, PAX__PAGEEXEC, "pageexec")
+ S_(SECCLASS_PAX, PAX__EMUTRAMP, "emutramp")
+ S_(SECCLASS_PAX, PAX__MPROTECT, "mprotect")
+ S_(SECCLASS_PAX, PAX__RANDMMAP, "randmmap")
+ S_(SECCLASS_PAX, PAX__RANDEXEC, "randexec")
+ S_(SECCLASS_PAX, PAX__SEGMEXEC, "segmexec")
+ S_(SECCLASS_NETLINK_ROUTE_SOCKET, NETLINK_ROUTE_SOCKET__NLMSG_READ, "nlmsg_read")
+ S_(SECCLASS_NETLINK_ROUTE_SOCKET, NETLINK_ROUTE_SOCKET__NLMSG_WRITE, "nlmsg_write")
+ S_(SECCLASS_NETLINK_FIREWALL_SOCKET, NETLINK_FIREWALL_SOCKET__NLMSG_READ, "nlmsg_read")
+ S_(SECCLASS_NETLINK_FIREWALL_SOCKET, NETLINK_FIREWALL_SOCKET__NLMSG_WRITE, "nlmsg_write")
+ S_(SECCLASS_NETLINK_TCPDIAG_SOCKET, NETLINK_TCPDIAG_SOCKET__NLMSG_READ, "nlmsg_read")
+ S_(SECCLASS_NETLINK_TCPDIAG_SOCKET, NETLINK_TCPDIAG_SOCKET__NLMSG_WRITE, "nlmsg_write")
+ S_(SECCLASS_NETLINK_XFRM_SOCKET, NETLINK_XFRM_SOCKET__NLMSG_READ, "nlmsg_read")
+ S_(SECCLASS_NETLINK_XFRM_SOCKET, NETLINK_XFRM_SOCKET__NLMSG_WRITE, "nlmsg_write")
+ S_(SECCLASS_NETLINK_AUDIT_SOCKET, NETLINK_AUDIT_SOCKET__NLMSG_READ, "nlmsg_read")
+ S_(SECCLASS_NETLINK_AUDIT_SOCKET, NETLINK_AUDIT_SOCKET__NLMSG_WRITE, "nlmsg_write")
+ S_(SECCLASS_NETLINK_AUDIT_SOCKET, NETLINK_AUDIT_SOCKET__NLMSG_RELAY, "nlmsg_relay")
+ S_(SECCLASS_NETLINK_AUDIT_SOCKET, NETLINK_AUDIT_SOCKET__NLMSG_READPRIV, "nlmsg_readpriv")
+ S_(SECCLASS_NETLINK_IP6FW_SOCKET, NETLINK_IP6FW_SOCKET__NLMSG_READ, "nlmsg_read")
+ S_(SECCLASS_NETLINK_IP6FW_SOCKET, NETLINK_IP6FW_SOCKET__NLMSG_WRITE, "nlmsg_write")
+ S_(SECCLASS_DBUS, DBUS__ACQUIRE_SVC, "acquire_svc")
+ S_(SECCLASS_DBUS, DBUS__SEND_MSG, "send_msg")
+ S_(SECCLASS_NSCD, NSCD__GETPWD, "getpwd")
+ S_(SECCLASS_NSCD, NSCD__GETGRP, "getgrp")
+ S_(SECCLASS_NSCD, NSCD__GETHOST, "gethost")
+ S_(SECCLASS_NSCD, NSCD__GETSTAT, "getstat")
+ S_(SECCLASS_NSCD, NSCD__ADMIN, "admin")
+ S_(SECCLASS_NSCD, NSCD__SHMEMPWD, "shmempwd")
+ S_(SECCLASS_NSCD, NSCD__SHMEMGRP, "shmemgrp")
+ S_(SECCLASS_NSCD, NSCD__SHMEMHOST, "shmemhost")
+ S_(SECCLASS_NSCD, NSCD__GETSERV, "getserv")
+ S_(SECCLASS_NSCD, NSCD__SHMEMSERV, "shmemserv")
+ S_(SECCLASS_ASSOCIATION, ASSOCIATION__SENDTO, "sendto")
+ S_(SECCLASS_ASSOCIATION, ASSOCIATION__RECVFROM, "recvfrom")
+ S_(SECCLASS_ASSOCIATION, ASSOCIATION__SETCONTEXT, "setcontext")
+ S_(SECCLASS_ASSOCIATION, ASSOCIATION__POLMATCH, "polmatch")
+ S_(SECCLASS_PACKET, PACKET__SEND, "send")
+ S_(SECCLASS_PACKET, PACKET__RECV, "recv")
+ S_(SECCLASS_PACKET, PACKET__RELABELTO, "relabelto")
+ S_(SECCLASS_PACKET, PACKET__FLOW_IN, "flow_in")
+ S_(SECCLASS_PACKET, PACKET__FLOW_OUT, "flow_out")
+ S_(SECCLASS_PACKET, PACKET__FORWARD_IN, "forward_in")
+ S_(SECCLASS_PACKET, PACKET__FORWARD_OUT, "forward_out")
+ S_(SECCLASS_KEY, KEY__VIEW, "view")
+ S_(SECCLASS_KEY, KEY__READ, "read")
+ S_(SECCLASS_KEY, KEY__WRITE, "write")
+ S_(SECCLASS_KEY, KEY__SEARCH, "search")
+ S_(SECCLASS_KEY, KEY__LINK, "link")
+ S_(SECCLASS_KEY, KEY__SETATTR, "setattr")
+ S_(SECCLASS_KEY, KEY__CREATE, "create")
+ S_(SECCLASS_CONTEXT, CONTEXT__TRANSLATE, "translate")
+ S_(SECCLASS_CONTEXT, CONTEXT__CONTAINS, "contains")
+ S_(SECCLASS_DCCP_SOCKET, DCCP_SOCKET__NODE_BIND, "node_bind")
+ S_(SECCLASS_DCCP_SOCKET, DCCP_SOCKET__NAME_CONNECT, "name_connect")
+ S_(SECCLASS_MEMPROTECT, MEMPROTECT__MMAP_ZERO, "mmap_zero")
+ S_(SECCLASS_DB_DATABASE, DB_DATABASE__ACCESS, "access")
+ S_(SECCLASS_DB_DATABASE, DB_DATABASE__INSTALL_MODULE, "install_module")
+ S_(SECCLASS_DB_DATABASE, DB_DATABASE__LOAD_MODULE, "load_module")
+ S_(SECCLASS_DB_DATABASE, DB_DATABASE__GET_PARAM, "get_param")
+ S_(SECCLASS_DB_DATABASE, DB_DATABASE__SET_PARAM, "set_param")
+ S_(SECCLASS_DB_TABLE, DB_TABLE__USE, "use")
+ S_(SECCLASS_DB_TABLE, DB_TABLE__SELECT, "select")
+ S_(SECCLASS_DB_TABLE, DB_TABLE__UPDATE, "update")
+ S_(SECCLASS_DB_TABLE, DB_TABLE__INSERT, "insert")
+ S_(SECCLASS_DB_TABLE, DB_TABLE__DELETE, "delete")
+ S_(SECCLASS_DB_TABLE, DB_TABLE__LOCK, "lock")
+ S_(SECCLASS_DB_PROCEDURE, DB_PROCEDURE__EXECUTE, "execute")
+ S_(SECCLASS_DB_PROCEDURE, DB_PROCEDURE__ENTRYPOINT, "entrypoint")
+ S_(SECCLASS_DB_COLUMN, DB_COLUMN__USE, "use")
+ S_(SECCLASS_DB_COLUMN, DB_COLUMN__SELECT, "select")
+ S_(SECCLASS_DB_COLUMN, DB_COLUMN__UPDATE, "update")
+ S_(SECCLASS_DB_COLUMN, DB_COLUMN__INSERT, "insert")
+ S_(SECCLASS_DB_TUPLE, DB_TUPLE__RELABELFROM, "relabelfrom")
+ S_(SECCLASS_DB_TUPLE, DB_TUPLE__RELABELTO, "relabelto")
+ S_(SECCLASS_DB_TUPLE, DB_TUPLE__USE, "use")
+ S_(SECCLASS_DB_TUPLE, DB_TUPLE__SELECT, "select")
+ S_(SECCLASS_DB_TUPLE, DB_TUPLE__UPDATE, "update")
+ S_(SECCLASS_DB_TUPLE, DB_TUPLE__INSERT, "insert")
+ S_(SECCLASS_DB_TUPLE, DB_TUPLE__DELETE, "delete")
+ S_(SECCLASS_DB_BLOB, DB_BLOB__READ, "read")
+ S_(SECCLASS_DB_BLOB, DB_BLOB__WRITE, "write")
+ S_(SECCLASS_DB_BLOB, DB_BLOB__IMPORT, "import")
+ S_(SECCLASS_DB_BLOB, DB_BLOB__EXPORT, "export")
+ S_(SECCLASS_PEER, PEER__RECV, "recv")
diff --git a/libselinux/src/avc.c b/libselinux/src/avc.c
new file mode 100644
index 0000000..ddc367c
--- /dev/null
+++ b/libselinux/src/avc.c
@@ -0,0 +1,1202 @@
+/*
+ * Implementation of the userspace access vector cache (AVC).
+ *
+ * Author : Eamon Walsh <ewalsh@epoch.ncsc.mil>
+ *
+ * Derived from the kernel AVC implementation by
+ * Stephen Smalley <sds@epoch.ncsc.mil> and
+ * James Morris <jmorris@redhat.com>.
+ */
+#include <selinux/avc.h>
+#include "selinux_internal.h"
+#include "avc_sidtab.h"
+#include "avc_internal.h"
+
+#define AVC_CACHE_SLOTS 512
+#define AVC_CACHE_MAXNODES 410
+
+struct avc_entry {
+ security_id_t ssid;
+ security_id_t tsid;
+ security_class_t tclass;
+ struct av_decision avd;
+ int used; /* used recently */
+};
+
+struct avc_node {
+ struct avc_entry ae;
+ struct avc_node *next;
+};
+
+struct avc_cache {
+ struct avc_node *slots[AVC_CACHE_SLOTS];
+ uint32_t lru_hint; /* LRU hint for reclaim scan */
+ uint32_t active_nodes;
+ uint32_t latest_notif; /* latest revocation notification */
+};
+
+struct avc_callback_node {
+ int (*callback) (uint32_t event, security_id_t ssid,
+ security_id_t tsid,
+ security_class_t tclass, access_vector_t perms,
+ access_vector_t * out_retained);
+ uint32_t events;
+ security_id_t ssid;
+ security_id_t tsid;
+ security_class_t tclass;
+ access_vector_t perms;
+ struct avc_callback_node *next;
+};
+
+static void *avc_netlink_thread = NULL;
+static void *avc_lock = NULL;
+static void *avc_log_lock = NULL;
+static struct avc_node *avc_node_freelist = NULL;
+static struct avc_cache avc_cache;
+static char *avc_audit_buf = NULL;
+static struct avc_cache_stats cache_stats;
+static struct avc_callback_node *avc_callbacks = NULL;
+static struct sidtab avc_sidtab;
+
+static inline int avc_hash(security_id_t ssid,
+ security_id_t tsid, security_class_t tclass)
+{
+ return ((uintptr_t) ssid ^ ((uintptr_t) tsid << 2) ^ tclass)
+ & (AVC_CACHE_SLOTS - 1);
+}
+
+int avc_context_to_sid_raw(security_context_t ctx, security_id_t * sid)
+{
+ int rc;
+ avc_get_lock(avc_lock);
+ rc = sidtab_context_to_sid(&avc_sidtab, ctx, sid);
+ if (!rc)
+ (*sid)->refcnt++;
+ avc_release_lock(avc_lock);
+ return rc;
+}
+
+int avc_context_to_sid(security_context_t ctx, security_id_t * sid)
+{
+ int ret;
+ security_context_t rctx;
+
+ if (selinux_trans_to_raw_context(ctx, &rctx))
+ return -1;
+
+ ret = avc_context_to_sid_raw(rctx, sid);
+
+ freecon(rctx);
+
+ return ret;
+}
+
+int avc_sid_to_context_raw(security_id_t sid, security_context_t * ctx)
+{
+ int rc;
+ *ctx = NULL;
+ avc_get_lock(avc_lock);
+ if (sid->refcnt > 0) {
+ *ctx = strdup(sid->ctx); /* caller must free via freecon */
+ rc = *ctx ? 0 : -1;
+ } else {
+ errno = EINVAL; /* bad reference count */
+ rc = -1;
+ }
+ avc_release_lock(avc_lock);
+ return rc;
+}
+
+int avc_sid_to_context(security_id_t sid, security_context_t * ctx)
+{
+ int ret;
+ security_context_t rctx;
+
+ ret = avc_sid_to_context_raw(sid, &rctx);
+
+ if (ret == 0) {
+ ret = selinux_raw_to_trans_context(rctx, ctx);
+ freecon(rctx);
+ }
+
+ return ret;
+}
+
+int sidget(security_id_t sid)
+{
+ int rc;
+ avc_get_lock(avc_lock);
+ rc = sid_inc_refcnt(sid);
+ avc_release_lock(avc_lock);
+ return rc;
+}
+
+int sidput(security_id_t sid)
+{
+ int rc;
+ if (!sid)
+ return 0;
+ avc_get_lock(avc_lock);
+ rc = sid_dec_refcnt(sid);
+ avc_release_lock(avc_lock);
+ return rc;
+}
+
+int avc_get_initial_sid(const char * name, security_id_t * sid)
+{
+ int rc;
+ security_context_t con;
+
+ rc = security_get_initial_context_raw(name, &con);
+ if (rc < 0)
+ return rc;
+ rc = avc_context_to_sid_raw(con, sid);
+
+ freecon(con);
+
+ return rc;
+}
+
+int avc_open(struct selinux_opt *opts, unsigned nopts)
+{
+ avc_setenforce = 0;
+
+ while (nopts--)
+ switch(opts[nopts].type) {
+ case AVC_OPT_SETENFORCE:
+ avc_setenforce = 1;
+ avc_enforcing = !!opts[nopts].value;
+ break;
+ }
+
+ return avc_init("avc", NULL, NULL, NULL, NULL);
+}
+
+int avc_init(const char *prefix,
+ const struct avc_memory_callback *mem_cb,
+ const struct avc_log_callback *log_cb,
+ const struct avc_thread_callback *thread_cb,
+ const struct avc_lock_callback *lock_cb)
+{
+ struct avc_node *new;
+ int i, rc = 0;
+
+ if (prefix)
+ strncpy(avc_prefix, prefix, AVC_PREFIX_SIZE - 1);
+
+ set_callbacks(mem_cb, log_cb, thread_cb, lock_cb);
+
+ avc_lock = avc_alloc_lock();
+ avc_log_lock = avc_alloc_lock();
+
+ memset(&cache_stats, 0, sizeof(cache_stats));
+
+ for (i = 0; i < AVC_CACHE_SLOTS; i++)
+ avc_cache.slots[i] = 0;
+ avc_cache.lru_hint = 0;
+ avc_cache.active_nodes = 0;
+ avc_cache.latest_notif = 0;
+
+ rc = sidtab_init(&avc_sidtab);
+ if (rc) {
+ avc_log("%s: unable to initialize SID table\n", avc_prefix);
+ goto out;
+ }
+
+ avc_audit_buf = (char *)avc_malloc(AVC_AUDIT_BUFSIZE);
+ if (!avc_audit_buf) {
+ avc_log("%s: unable to allocate audit buffer\n", avc_prefix);
+ rc = -1;
+ goto out;
+ }
+
+ for (i = 0; i < AVC_CACHE_MAXNODES; i++) {
+ new = avc_malloc(sizeof(*new));
+ if (!new) {
+ avc_log("%s: warning: only got %d av entries\n",
+ avc_prefix, i);
+ break;
+ }
+ memset(new, 0, sizeof(*new));
+ new->next = avc_node_freelist;
+ avc_node_freelist = new;
+ }
+
+ if (!avc_setenforce) {
+ rc = security_getenforce();
+ if (rc < 0) {
+ avc_log("%s: could not determine enforcing mode\n",
+ avc_prefix);
+ goto out;
+ }
+ avc_enforcing = rc;
+ }
+
+ rc = avc_netlink_open(avc_using_threads);
+ if (rc < 0) {
+ avc_log("%s: can't open netlink socket: %d (%s)\n", avc_prefix,
+ errno, strerror(errno));
+ goto out;
+ }
+ if (avc_using_threads) {
+ avc_netlink_thread = avc_create_thread(&avc_netlink_loop);
+ avc_netlink_trouble = 0;
+ }
+ avc_running = 1;
+ out:
+ return rc;
+}
+
+void avc_cache_stats(struct avc_cache_stats *p)
+{
+ memcpy(p, &cache_stats, sizeof(cache_stats));
+}
+
+void avc_sid_stats(void)
+{
+ avc_get_lock(avc_log_lock);
+ avc_get_lock(avc_lock);
+ sidtab_sid_stats(&avc_sidtab, avc_audit_buf, AVC_AUDIT_BUFSIZE);
+ avc_release_lock(avc_lock);
+ avc_log("%s", avc_audit_buf);
+ avc_release_lock(avc_log_lock);
+}
+
+void avc_av_stats(void)
+{
+ int i, chain_len, max_chain_len, slots_used;
+ struct avc_node *node;
+
+ avc_get_lock(avc_lock);
+
+ slots_used = 0;
+ max_chain_len = 0;
+ for (i = 0; i < AVC_CACHE_SLOTS; i++) {
+ node = avc_cache.slots[i];
+ if (node) {
+ slots_used++;
+ chain_len = 0;
+ while (node) {
+ chain_len++;
+ node = node->next;
+ }
+ if (chain_len > max_chain_len)
+ max_chain_len = chain_len;
+ }
+ }
+
+ avc_release_lock(avc_lock);
+
+ avc_log("%s: %d AV entries and %d/%d buckets used, "
+ "longest chain length %d\n", avc_prefix,
+ avc_cache.active_nodes,
+ slots_used, AVC_CACHE_SLOTS, max_chain_len);
+}
+
+hidden_def(avc_av_stats)
+
+static inline struct avc_node *avc_reclaim_node(void)
+{
+ struct avc_node *prev, *cur;
+ int try;
+ uint32_t hvalue;
+
+ hvalue = avc_cache.lru_hint;
+ for (try = 0; try < 2; try++) {
+ do {
+ prev = NULL;
+ cur = avc_cache.slots[hvalue];
+ while (cur) {
+ if (!cur->ae.used)
+ goto found;
+
+ cur->ae.used = 0;
+
+ prev = cur;
+ cur = cur->next;
+ }
+ hvalue = (hvalue + 1) & (AVC_CACHE_SLOTS - 1);
+ } while (hvalue != avc_cache.lru_hint);
+ }
+
+ errno = ENOMEM; /* this was a panic in the kernel... */
+ return NULL;
+
+ found:
+ avc_cache.lru_hint = hvalue;
+
+ if (prev == NULL)
+ avc_cache.slots[hvalue] = cur->next;
+ else
+ prev->next = cur->next;
+
+ return cur;
+}
+
+static inline struct avc_node *avc_claim_node(security_id_t ssid,
+ security_id_t tsid,
+ security_class_t tclass)
+{
+ struct avc_node *new;
+ int hvalue;
+
+ if (!avc_node_freelist)
+ avc_cleanup();
+
+ if (avc_node_freelist) {
+ new = avc_node_freelist;
+ avc_node_freelist = avc_node_freelist->next;
+ avc_cache.active_nodes++;
+ } else {
+ new = avc_reclaim_node();
+ if (!new)
+ goto out;
+ }
+
+ hvalue = avc_hash(ssid, tsid, tclass);
+ new->ae.used = 1;
+ new->ae.ssid = ssid;
+ new->ae.tsid = tsid;
+ new->ae.tclass = tclass;
+ new->next = avc_cache.slots[hvalue];
+ avc_cache.slots[hvalue] = new;
+
+ out:
+ return new;
+}
+
+static inline struct avc_node *avc_search_node(security_id_t ssid,
+ security_id_t tsid,
+ security_class_t tclass,
+ int *probes)
+{
+ struct avc_node *cur;
+ int hvalue;
+ int tprobes = 1;
+
+ hvalue = avc_hash(ssid, tsid, tclass);
+ cur = avc_cache.slots[hvalue];
+ while (cur != NULL &&
+ (ssid != cur->ae.ssid ||
+ tclass != cur->ae.tclass || tsid != cur->ae.tsid)) {
+ tprobes++;
+ cur = cur->next;
+ }
+
+ if (cur == NULL) {
+ /* cache miss */
+ goto out;
+ }
+
+ /* cache hit */
+ if (probes)
+ *probes = tprobes;
+
+ cur->ae.used = 1;
+
+ out:
+ return cur;
+}
+
+/**
+ * avc_lookup - Look up an AVC entry.
+ * @ssid: source security identifier
+ * @tsid: target security identifier
+ * @tclass: target security class
+ * @requested: requested permissions, interpreted based on @tclass
+ * @aeref: AVC entry reference
+ *
+ * Look up an AVC entry that is valid for the
+ * @requested permissions between the SID pair
+ * (@ssid, @tsid), interpreting the permissions
+ * based on @tclass. If a valid AVC entry exists,
+ * then this function updates @aeref to refer to the
+ * entry and returns %0. Otherwise, -1 is returned.
+ */
+static int avc_lookup(security_id_t ssid, security_id_t tsid,
+ security_class_t tclass,
+ access_vector_t requested, struct avc_entry_ref *aeref)
+{
+ struct avc_node *node;
+ int probes, rc = 0;
+
+ avc_cache_stats_incr(cav_lookups);
+ node = avc_search_node(ssid, tsid, tclass, &probes);
+
+ if (node && ((node->ae.avd.decided & requested) == requested)) {
+ avc_cache_stats_incr(cav_hits);
+ avc_cache_stats_add(cav_probes, probes);
+ aeref->ae = &node->ae;
+ goto out;
+ }
+
+ avc_cache_stats_incr(cav_misses);
+ rc = -1;
+ out:
+ return rc;
+}
+
+/**
+ * avc_insert - Insert an AVC entry.
+ * @ssid: source security identifier
+ * @tsid: target security identifier
+ * @tclass: target security class
+ * @ae: AVC entry
+ * @aeref: AVC entry reference
+ *
+ * Insert an AVC entry for the SID pair
+ * (@ssid, @tsid) and class @tclass.
+ * The access vectors and the sequence number are
+ * normally provided by the security server in
+ * response to a security_compute_av() call. If the
+ * sequence number @ae->avd.seqno is not less than the latest
+ * revocation notification, then the function copies
+ * the access vectors into a cache entry, updates
+ * @aeref to refer to the entry, and returns %0.
+ * Otherwise, this function returns -%1 with @errno set to %EAGAIN.
+ */
+static int avc_insert(security_id_t ssid, security_id_t tsid,
+ security_class_t tclass,
+ struct avc_entry *ae, struct avc_entry_ref *aeref)
+{
+ struct avc_node *node;
+ int rc = 0;
+
+ if (ae->avd.seqno < avc_cache.latest_notif) {
+ avc_log("%s: seqno %d < latest_notif %d\n", avc_prefix,
+ ae->avd.seqno, avc_cache.latest_notif);
+ errno = EAGAIN;
+ rc = -1;
+ goto out;
+ }
+
+ node = avc_claim_node(ssid, tsid, tclass);
+ if (!node) {
+ rc = -1;
+ goto out;
+ }
+
+ node->ae.avd.allowed = ae->avd.allowed;
+ node->ae.avd.decided = ae->avd.decided;
+ node->ae.avd.auditallow = ae->avd.auditallow;
+ node->ae.avd.auditdeny = ae->avd.auditdeny;
+ node->ae.avd.seqno = ae->avd.seqno;
+ aeref->ae = &node->ae;
+ out:
+ return rc;
+}
+
+/**
+ * avc_remove - Remove AVC and sidtab entries for SID.
+ * @sid: security identifier to be removed
+ *
+ * Remove all AVC entries containing @sid as source
+ * or target, and remove @sid from the SID table.
+ * Free the memory allocated for the structure corresponding
+ * to @sid. After this function has been called, @sid must
+ * not be used until another call to avc_context_to_sid() has
+ * been made for this SID.
+ */
+static void avc_remove(security_id_t sid)
+{
+ struct avc_node *prev, *cur, *tmp;
+ int i;
+
+ for (i = 0; i < AVC_CACHE_SLOTS; i++) {
+ cur = avc_cache.slots[i];
+ prev = NULL;
+ while (cur) {
+ if (sid == cur->ae.ssid || sid == cur->ae.tsid) {
+ if (prev)
+ prev->next = cur->next;
+ else
+ avc_cache.slots[i] = cur->next;
+ tmp = cur;
+ cur = cur->next;
+ tmp->ae.ssid = tmp->ae.tsid = NULL;
+ tmp->ae.tclass = 0;
+ tmp->ae.avd.allowed = tmp->ae.avd.decided = 0;
+ tmp->ae.avd.auditallow = tmp->ae.avd.auditdeny =
+ 0;
+ tmp->ae.used = 0;
+ tmp->next = avc_node_freelist;
+ avc_node_freelist = tmp;
+ avc_cache.active_nodes--;
+ } else {
+ prev = cur;
+ cur = cur->next;
+ }
+ }
+ }
+ sidtab_remove(&avc_sidtab, sid);
+}
+
+void avc_cleanup(void)
+{
+ security_id_t sid;
+
+ avc_get_lock(avc_lock);
+
+ while (NULL != (sid = sidtab_claim_sid(&avc_sidtab)))
+ avc_remove(sid);
+
+ avc_release_lock(avc_lock);
+}
+
+hidden_def(avc_cleanup)
+
+int avc_reset(void)
+{
+ struct avc_callback_node *c;
+ int i, ret, rc = 0, errsave = 0;
+ struct avc_node *node, *tmp;
+ errno = 0;
+
+ if (!avc_running)
+ return 0;
+
+ avc_get_lock(avc_lock);
+
+ for (i = 0; i < AVC_CACHE_SLOTS; i++) {
+ node = avc_cache.slots[i];
+ while (node) {
+ tmp = node;
+ node = node->next;
+ tmp->ae.ssid = tmp->ae.tsid = NULL;
+ tmp->ae.tclass = 0;
+ tmp->ae.avd.allowed = tmp->ae.avd.decided = 0;
+ tmp->ae.avd.auditallow = tmp->ae.avd.auditdeny = 0;
+ tmp->ae.used = 0;
+ tmp->next = avc_node_freelist;
+ avc_node_freelist = tmp;
+ avc_cache.active_nodes--;
+ }
+ avc_cache.slots[i] = 0;
+ }
+ avc_cache.lru_hint = 0;
+
+ avc_release_lock(avc_lock);
+
+ memset(&cache_stats, 0, sizeof(cache_stats));
+
+ for (c = avc_callbacks; c; c = c->next) {
+ if (c->events & AVC_CALLBACK_RESET) {
+ ret = c->callback(AVC_CALLBACK_RESET, 0, 0, 0, 0, 0);
+ if (ret && !rc) {
+ rc = ret;
+ errsave = errno;
+ }
+ }
+ }
+ errno = errsave;
+ return rc;
+}
+
+hidden_def(avc_reset)
+
+void avc_destroy(void)
+{
+ struct avc_callback_node *c;
+ struct avc_node *node, *tmp;
+ int i;
+
+ avc_get_lock(avc_lock);
+
+ if (avc_using_threads)
+ avc_stop_thread(avc_netlink_thread);
+ avc_netlink_close();
+
+ for (i = 0; i < AVC_CACHE_SLOTS; i++) {
+ node = avc_cache.slots[i];
+ while (node) {
+ tmp = node;
+ node = node->next;
+ avc_free(tmp);
+ }
+ }
+ while (avc_node_freelist) {
+ tmp = avc_node_freelist;
+ avc_node_freelist = tmp->next;
+ avc_free(tmp);
+ }
+ avc_release_lock(avc_lock);
+
+ while (avc_callbacks) {
+ c = avc_callbacks;
+ avc_callbacks = c->next;
+ avc_free(c);
+ }
+ sidtab_destroy(&avc_sidtab);
+ avc_free_lock(avc_lock);
+ avc_free_lock(avc_log_lock);
+ avc_free(avc_audit_buf);
+ avc_running = 0;
+}
+
+/* ratelimit stuff put aside for now --EFW */
+#if 0
+/*
+ * Copied from net/core/utils.c:net_ratelimit and modified for
+ * use by the AVC audit facility.
+ */
+#define AVC_MSG_COST 5*HZ
+#define AVC_MSG_BURST 10*5*HZ
+
+/*
+ * This enforces a rate limit: not more than one kernel message
+ * every 5secs to make a denial-of-service attack impossible.
+ */
+static int avc_ratelimit(void)
+{
+ static unsigned long toks = 10 * 5 * HZ;
+ static unsigned long last_msg;
+ static int missed, rc = 0;
+ unsigned long now = jiffies;
+ void *ratelimit_lock = avc_alloc_lock();
+
+ avc_get_lock(ratelimit_lock);
+ toks += now - last_msg;
+ last_msg = now;
+ if (toks > AVC_MSG_BURST)
+ toks = AVC_MSG_BURST;
+ if (toks >= AVC_MSG_COST) {
+ int lost = missed;
+ missed = 0;
+ toks -= AVC_MSG_COST;
+ avc_release_lock(ratelimit_lock);
+ if (lost) {
+ avc_log("%s: %d messages suppressed.\n", avc_prefix,
+ lost);
+ }
+ rc = 1;
+ goto out;
+ }
+ missed++;
+ avc_release_lock(ratelimit_lock);
+ out:
+ avc_free_lock(ratelimit_lock);
+ return rc;
+}
+
+static inline int check_avc_ratelimit(void)
+{
+ if (avc_enforcing)
+ return avc_ratelimit();
+ else {
+ /* If permissive, then never suppress messages. */
+ return 1;
+ }
+}
+#endif /* ratelimit stuff */
+
+/**
+ * avc_dump_av - Display an access vector in human-readable form.
+ * @tclass: target security class
+ * @av: access vector
+ */
+static void avc_dump_av(security_class_t tclass, access_vector_t av)
+{
+ const char *permstr;
+ access_vector_t bit = 1;
+
+ if (av == 0) {
+ log_append(avc_audit_buf, " null");
+ return;
+ }
+
+ log_append(avc_audit_buf, " {");
+
+ while (av) {
+ if (av & bit) {
+ permstr = security_av_perm_to_string(tclass, bit);
+ if (!permstr)
+ break;
+ log_append(avc_audit_buf, " %s", permstr);
+ av &= ~bit;
+ }
+ bit <<= 1;
+ }
+
+ if (av)
+ log_append(avc_audit_buf, " 0x%x", av);
+ log_append(avc_audit_buf, " }");
+}
+
+/**
+ * avc_dump_query - Display a SID pair and a class in human-readable form.
+ * @ssid: source security identifier
+ * @tsid: target security identifier
+ * @tclass: target security class
+ */
+static void avc_dump_query(security_id_t ssid, security_id_t tsid,
+ security_class_t tclass)
+{
+ avc_get_lock(avc_lock);
+
+ if (ssid->refcnt > 0)
+ log_append(avc_audit_buf, "scontext=%s", ssid->ctx);
+ else
+ log_append(avc_audit_buf, "ssid=%p", ssid);
+
+ if (tsid->refcnt > 0)
+ log_append(avc_audit_buf, " tcontext=%s", tsid->ctx);
+ else
+ log_append(avc_audit_buf, " tsid=%p", tsid);
+
+ avc_release_lock(avc_lock);
+ log_append(avc_audit_buf, " tclass=%s",
+ security_class_to_string(tclass));
+}
+
+void avc_audit(security_id_t ssid, security_id_t tsid,
+ security_class_t tclass, access_vector_t requested,
+ struct av_decision *avd, int result, void *a)
+{
+ access_vector_t denied, audited;
+
+ denied = requested & ~avd->allowed;
+ if (denied) {
+ audited = denied;
+ if (!(audited & avd->auditdeny))
+ return;
+ } else if (!requested || result) {
+ audited = denied = requested;
+ } else {
+ audited = requested;
+ if (!(audited & avd->auditallow))
+ return;
+ }
+#if 0
+ if (!check_avc_ratelimit())
+ return;
+#endif
+ /* prevent overlapping buffer writes */
+ avc_get_lock(avc_log_lock);
+ snprintf(avc_audit_buf, AVC_AUDIT_BUFSIZE,
+ "%s: %s ", avc_prefix, (denied || !requested) ? "denied" : "granted");
+ avc_dump_av(tclass, audited);
+ log_append(avc_audit_buf, " for ");
+
+ /* get any extra information printed by the callback */
+ avc_suppl_audit(a, tclass, avc_audit_buf + strlen(avc_audit_buf),
+ AVC_AUDIT_BUFSIZE - strlen(avc_audit_buf));
+
+ log_append(avc_audit_buf, " ");
+ avc_dump_query(ssid, tsid, tclass);
+ log_append(avc_audit_buf, "\n");
+ avc_log("%s", avc_audit_buf);
+
+ avc_release_lock(avc_log_lock);
+}
+
+hidden_def(avc_audit)
+
+int avc_has_perm_noaudit(security_id_t ssid,
+ security_id_t tsid,
+ security_class_t tclass,
+ access_vector_t requested,
+ struct avc_entry_ref *aeref, struct av_decision *avd)
+{
+ struct avc_entry *ae;
+ int rc = 0;
+ struct avc_entry entry;
+ access_vector_t denied;
+ struct avc_entry_ref ref;
+
+ if (!avc_using_threads) {
+ (void)avc_netlink_check_nb();
+ }
+
+ if (!aeref) {
+ avc_entry_ref_init(&ref);
+ aeref = &ref;
+ }
+
+ avc_get_lock(avc_lock);
+ avc_cache_stats_incr(entry_lookups);
+ ae = aeref->ae;
+ if (ae) {
+ if (ae->ssid == ssid &&
+ ae->tsid == tsid &&
+ ae->tclass == tclass &&
+ ((ae->avd.decided & requested) == requested)) {
+ avc_cache_stats_incr(entry_hits);
+ ae->used = 1;
+ } else {
+ avc_cache_stats_incr(entry_discards);
+ ae = 0;
+ }
+ }
+
+ if (!ae) {
+ avc_cache_stats_incr(entry_misses);
+ rc = avc_lookup(ssid, tsid, tclass, requested, aeref);
+ if (rc) {
+ if ((ssid->refcnt <= 0) || (tsid->refcnt <= 0)) {
+ errno = EINVAL;
+ rc = -1;
+ goto out;
+ }
+ rc = security_compute_av_raw(ssid->ctx, tsid->ctx,
+ tclass, requested,
+ &entry.avd);
+ if (rc)
+ goto out;
+ rc = avc_insert(ssid, tsid, tclass, &entry, aeref);
+ if (rc)
+ goto out;
+ }
+ ae = aeref->ae;
+ }
+
+ if (avd)
+ memcpy(avd, &ae->avd, sizeof(*avd));
+
+ denied = requested & ~(ae->avd.allowed);
+
+ if (!requested || denied) {
+ if (avc_enforcing) {
+ errno = EACCES;
+ rc = -1;
+ } else
+ ae->avd.allowed |= requested;
+ }
+
+ out:
+ avc_release_lock(avc_lock);
+ return rc;
+}
+
+hidden_def(avc_has_perm_noaudit)
+
+int avc_has_perm(security_id_t ssid, security_id_t tsid,
+ security_class_t tclass, access_vector_t requested,
+ struct avc_entry_ref *aeref, void *auditdata)
+{
+ struct av_decision avd = { 0, 0, 0, 0, 0 };
+ int errsave, rc;
+
+ rc = avc_has_perm_noaudit(ssid, tsid, tclass, requested, aeref, &avd);
+ errsave = errno;
+ avc_audit(ssid, tsid, tclass, requested, &avd, rc, auditdata);
+ errno = errsave;
+ return rc;
+}
+
+int avc_compute_create(security_id_t ssid, security_id_t tsid,
+ security_class_t tclass, security_id_t *newsid)
+{
+ int rc;
+ *newsid = NULL;
+ avc_get_lock(avc_lock);
+ if (ssid->refcnt > 0 && tsid->refcnt > 0) {
+ security_context_t ctx = NULL;
+ rc = security_compute_create_raw(ssid->ctx, tsid->ctx, tclass,
+ &ctx);
+ if (rc)
+ goto out;
+ rc = sidtab_context_to_sid(&avc_sidtab, ctx, newsid);
+ if (!rc)
+ (*newsid)->refcnt++;
+ freecon(ctx);
+ } else {
+ errno = EINVAL; /* bad reference count */
+ rc = -1;
+ }
+out:
+ avc_release_lock(avc_lock);
+ return rc;
+}
+
+int avc_compute_member(security_id_t ssid, security_id_t tsid,
+ security_class_t tclass, security_id_t *newsid)
+{
+ int rc;
+ *newsid = NULL;
+ avc_get_lock(avc_lock);
+ if (ssid->refcnt > 0 && tsid->refcnt > 0) {
+ security_context_t ctx = NULL;
+ rc = security_compute_member_raw(ssid->ctx, tsid->ctx, tclass,
+ &ctx);
+ if (rc)
+ goto out;
+ rc = sidtab_context_to_sid(&avc_sidtab, ctx, newsid);
+ if (!rc)
+ (*newsid)->refcnt++;
+ freecon(ctx);
+ } else {
+ errno = EINVAL; /* bad reference count */
+ rc = -1;
+ }
+out:
+ avc_release_lock(avc_lock);
+ return rc;
+}
+
+int avc_add_callback(int (*callback) (uint32_t event, security_id_t ssid,
+ security_id_t tsid,
+ security_class_t tclass,
+ access_vector_t perms,
+ access_vector_t * out_retained),
+ uint32_t events, security_id_t ssid,
+ security_id_t tsid,
+ security_class_t tclass, access_vector_t perms)
+{
+ struct avc_callback_node *c;
+ int rc = 0;
+
+ c = avc_malloc(sizeof(*c));
+ if (!c) {
+ rc = -1;
+ goto out;
+ }
+
+ c->callback = callback;
+ c->events = events;
+ c->ssid = ssid;
+ c->tsid = tsid;
+ c->tclass = tclass;
+ c->perms = perms;
+ c->next = avc_callbacks;
+ avc_callbacks = c;
+ out:
+ return rc;
+}
+
+static inline int avc_sidcmp(security_id_t x, security_id_t y)
+{
+ return (x == y || x == SECSID_WILD || y == SECSID_WILD);
+}
+
+static inline void avc_update_node(uint32_t event, struct avc_node *node,
+ access_vector_t perms)
+{
+ switch (event) {
+ case AVC_CALLBACK_GRANT:
+ node->ae.avd.allowed |= perms;
+ break;
+ case AVC_CALLBACK_TRY_REVOKE:
+ case AVC_CALLBACK_REVOKE:
+ node->ae.avd.allowed &= ~perms;
+ break;
+ case AVC_CALLBACK_AUDITALLOW_ENABLE:
+ node->ae.avd.auditallow |= perms;
+ break;
+ case AVC_CALLBACK_AUDITALLOW_DISABLE:
+ node->ae.avd.auditallow &= ~perms;
+ break;
+ case AVC_CALLBACK_AUDITDENY_ENABLE:
+ node->ae.avd.auditdeny |= perms;
+ break;
+ case AVC_CALLBACK_AUDITDENY_DISABLE:
+ node->ae.avd.auditdeny &= ~perms;
+ break;
+ }
+}
+
+static int avc_update_cache(uint32_t event, security_id_t ssid,
+ security_id_t tsid, security_class_t tclass,
+ access_vector_t perms)
+{
+ struct avc_node *node;
+ int i;
+
+ avc_get_lock(avc_lock);
+
+ if (ssid == SECSID_WILD || tsid == SECSID_WILD) {
+ /* apply to all matching nodes */
+ for (i = 0; i < AVC_CACHE_SLOTS; i++) {
+ for (node = avc_cache.slots[i]; node; node = node->next) {
+ if (avc_sidcmp(ssid, node->ae.ssid) &&
+ avc_sidcmp(tsid, node->ae.tsid) &&
+ tclass == node->ae.tclass) {
+ avc_update_node(event, node, perms);
+ }
+ }
+ }
+ } else {
+ /* apply to one node */
+ node = avc_search_node(ssid, tsid, tclass, 0);
+ if (node) {
+ avc_update_node(event, node, perms);
+ }
+ }
+
+ avc_release_lock(avc_lock);
+
+ return 0;
+}
+
+/* avc_control - update cache and call callbacks
+ *
+ * This should not be called directly; use the individual event
+ * functions instead.
+ */
+static int avc_control(uint32_t event, security_id_t ssid,
+ security_id_t tsid, security_class_t tclass,
+ access_vector_t perms,
+ uint32_t seqno, access_vector_t * out_retained)
+{
+ struct avc_callback_node *c;
+ access_vector_t tretained = 0, cretained = 0;
+ int ret, rc = 0, errsave = 0;
+ errno = 0;
+
+ /*
+ * try_revoke only removes permissions from the cache
+ * state if they are not retained by the object manager.
+ * Hence, try_revoke must wait until after the callbacks have
+ * been invoked to update the cache state.
+ */
+ if (event != AVC_CALLBACK_TRY_REVOKE)
+ avc_update_cache(event, ssid, tsid, tclass, perms);
+
+ for (c = avc_callbacks; c; c = c->next) {
+ if ((c->events & event) &&
+ avc_sidcmp(c->ssid, ssid) &&
+ avc_sidcmp(c->tsid, tsid) &&
+ c->tclass == tclass && (c->perms & perms)) {
+ cretained = 0;
+ ret = c->callback(event, ssid, tsid, tclass,
+ (c->perms & perms), &cretained);
+ if (ret && !rc) {
+ rc = ret;
+ errsave = errno;
+ }
+ if (!ret)
+ tretained |= cretained;
+ }
+ }
+
+ if (event == AVC_CALLBACK_TRY_REVOKE) {
+ /* revoke any unretained permissions */
+ perms &= ~tretained;
+ avc_update_cache(event, ssid, tsid, tclass, perms);
+ *out_retained = tretained;
+ }
+
+ avc_get_lock(avc_lock);
+ if (seqno > avc_cache.latest_notif)
+ avc_cache.latest_notif = seqno;
+ avc_release_lock(avc_lock);
+
+ errno = errsave;
+ return rc;
+}
+
+/**
+ * avc_ss_grant - Grant previously denied permissions.
+ * @ssid: source security identifier or %SECSID_WILD
+ * @tsid: target security identifier or %SECSID_WILD
+ * @tclass: target security class
+ * @perms: permissions to grant
+ * @seqno: policy sequence number
+ */
+int avc_ss_grant(security_id_t ssid, security_id_t tsid,
+ security_class_t tclass, access_vector_t perms,
+ uint32_t seqno)
+{
+ return avc_control(AVC_CALLBACK_GRANT,
+ ssid, tsid, tclass, perms, seqno, 0);
+}
+
+/**
+ * avc_ss_try_revoke - Try to revoke previously granted permissions.
+ * @ssid: source security identifier or %SECSID_WILD
+ * @tsid: target security identifier or %SECSID_WILD
+ * @tclass: target security class
+ * @perms: permissions to grant
+ * @seqno: policy sequence number
+ * @out_retained: subset of @perms that are retained
+ *
+ * Try to revoke previously granted permissions, but
+ * only if they are not retained as migrated permissions.
+ * Return the subset of permissions that are retained via @out_retained.
+ */
+int avc_ss_try_revoke(security_id_t ssid, security_id_t tsid,
+ security_class_t tclass,
+ access_vector_t perms, uint32_t seqno,
+ access_vector_t * out_retained)
+{
+ return avc_control(AVC_CALLBACK_TRY_REVOKE,
+ ssid, tsid, tclass, perms, seqno, out_retained);
+}
+
+/**
+ * avc_ss_revoke - Revoke previously granted permissions.
+ * @ssid: source security identifier or %SECSID_WILD
+ * @tsid: target security identifier or %SECSID_WILD
+ * @tclass: target security class
+ * @perms: permissions to grant
+ * @seqno: policy sequence number
+ *
+ * Revoke previously granted permissions, even if
+ * they are retained as migrated permissions.
+ */
+int avc_ss_revoke(security_id_t ssid, security_id_t tsid,
+ security_class_t tclass, access_vector_t perms,
+ uint32_t seqno)
+{
+ return avc_control(AVC_CALLBACK_REVOKE,
+ ssid, tsid, tclass, perms, seqno, 0);
+}
+
+/**
+ * avc_ss_reset - Flush the cache and revalidate migrated permissions.
+ * @seqno: policy sequence number
+ */
+int avc_ss_reset(uint32_t seqno)
+{
+ int rc;
+
+ rc = avc_reset();
+
+ avc_get_lock(avc_lock);
+ if (seqno > avc_cache.latest_notif)
+ avc_cache.latest_notif = seqno;
+ avc_release_lock(avc_lock);
+
+ return rc;
+}
+
+/**
+ * avc_ss_set_auditallow - Enable or disable auditing of granted permissions.
+ * @ssid: source security identifier or %SECSID_WILD
+ * @tsid: target security identifier or %SECSID_WILD
+ * @tclass: target security class
+ * @perms: permissions to grant
+ * @seqno: policy sequence number
+ * @enable: enable flag.
+ */
+int avc_ss_set_auditallow(security_id_t ssid, security_id_t tsid,
+ security_class_t tclass, access_vector_t perms,
+ uint32_t seqno, uint32_t enable)
+{
+ if (enable)
+ return avc_control(AVC_CALLBACK_AUDITALLOW_ENABLE,
+ ssid, tsid, tclass, perms, seqno, 0);
+ else
+ return avc_control(AVC_CALLBACK_AUDITALLOW_DISABLE,
+ ssid, tsid, tclass, perms, seqno, 0);
+}
+
+/**
+ * avc_ss_set_auditdeny - Enable or disable auditing of denied permissions.
+ * @ssid: source security identifier or %SECSID_WILD
+ * @tsid: target security identifier or %SECSID_WILD
+ * @tclass: target security class
+ * @perms: permissions to grant
+ * @seqno: policy sequence number
+ * @enable: enable flag.
+ */
+int avc_ss_set_auditdeny(security_id_t ssid, security_id_t tsid,
+ security_class_t tclass, access_vector_t perms,
+ uint32_t seqno, uint32_t enable)
+{
+ if (enable)
+ return avc_control(AVC_CALLBACK_AUDITDENY_ENABLE,
+ ssid, tsid, tclass, perms, seqno, 0);
+ else
+ return avc_control(AVC_CALLBACK_AUDITDENY_DISABLE,
+ ssid, tsid, tclass, perms, seqno, 0);
+}
diff --git a/libselinux/src/avc_internal.c b/libselinux/src/avc_internal.c
new file mode 100644
index 0000000..b9e9db2
--- /dev/null
+++ b/libselinux/src/avc_internal.c
@@ -0,0 +1,239 @@
+/*
+ * Callbacks for user-supplied memory allocation, supplemental
+ * auditing, and locking routines.
+ *
+ * Author : Eamon Walsh <ewalsh@epoch.ncsc.mil>
+ *
+ * Netlink code derived in part from sample code by
+ * James Morris <jmorris@redhat.com>.
+ */
+
+#include <errno.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <stdint.h>
+#include <unistd.h>
+#include <fcntl.h>
+#include <string.h>
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <linux/types.h>
+#include <linux/netlink.h>
+#include "selinux_netlink.h"
+#include "avc_internal.h"
+
+#ifndef NETLINK_SELINUX
+#define NETLINK_SELINUX 7
+#endif
+
+/* callback pointers */
+void *(*avc_func_malloc) (size_t) = NULL;
+void (*avc_func_free) (void *) = NULL;
+
+void (*avc_func_log) (const char *, ...) = NULL;
+void (*avc_func_audit) (void *, security_class_t, char *, size_t) = NULL;
+
+int avc_using_threads = 0;
+void *(*avc_func_create_thread) (void (*)(void)) = NULL;
+void (*avc_func_stop_thread) (void *) = NULL;
+
+void *(*avc_func_alloc_lock) (void) = NULL;
+void (*avc_func_get_lock) (void *) = NULL;
+void (*avc_func_release_lock) (void *) = NULL;
+void (*avc_func_free_lock) (void *) = NULL;
+
+/* message prefix string and avc enforcing mode */
+char avc_prefix[AVC_PREFIX_SIZE] = "uavc";
+int avc_running = 0;
+int avc_enforcing = 1;
+int avc_setenforce = 0;
+int avc_netlink_trouble = 0;
+
+/* netlink socket code */
+static int fd;
+
+int avc_netlink_open(int blocking)
+{
+ int len, rc = 0;
+ struct sockaddr_nl addr;
+
+ fd = socket(PF_NETLINK, SOCK_RAW, NETLINK_SELINUX);
+ if (fd < 0) {
+ rc = fd;
+ goto out;
+ }
+
+ fcntl(fd, F_SETFD, FD_CLOEXEC);
+ if (!blocking && fcntl(fd, F_SETFL, O_NONBLOCK)) {
+ close(fd);
+ rc = -1;
+ goto out;
+ }
+
+ len = sizeof(addr);
+
+ memset(&addr, 0, len);
+ addr.nl_family = AF_NETLINK;
+ addr.nl_groups = SELNL_GRP_AVC;
+
+ if (bind(fd, (struct sockaddr *)&addr, len) < 0) {
+ close(fd);
+ rc = -1;
+ goto out;
+ }
+ out:
+ return rc;
+}
+
+void avc_netlink_close(void)
+{
+ close(fd);
+}
+
+static int avc_netlink_receive(char *buf, unsigned buflen)
+{
+ int rc;
+ struct sockaddr_nl nladdr;
+ socklen_t nladdrlen = sizeof nladdr;
+ struct nlmsghdr *nlh = (struct nlmsghdr *)buf;
+
+ rc = recvfrom(fd, buf, buflen, 0, (struct sockaddr *)&nladdr,
+ &nladdrlen);
+ if (rc < 0)
+ return rc;
+
+ if (nladdrlen != sizeof nladdr) {
+ avc_log("%s: warning: netlink address truncated, len %d?\n",
+ avc_prefix, nladdrlen);
+ return -1;
+ }
+
+ if (nladdr.nl_pid) {
+ avc_log("%s: warning: received spoofed netlink packet from: %d\n",
+ avc_prefix, nladdr.nl_pid);
+ return -1;
+ }
+
+ if (rc == 0) {
+ avc_log("%s: warning: received EOF on netlink socket\n",
+ avc_prefix);
+ errno = EBADFD;
+ return -1;
+ }
+
+ if (nlh->nlmsg_flags & MSG_TRUNC || nlh->nlmsg_len > (unsigned)rc) {
+ avc_log("%s: warning: incomplete netlink message\n",
+ avc_prefix);
+ return -1;
+ }
+
+ return 0;
+}
+
+static int avc_netlink_process(char *buf)
+{
+ int rc;
+ struct nlmsghdr *nlh = (struct nlmsghdr *)buf;
+
+ switch (nlh->nlmsg_type) {
+ case NLMSG_ERROR:{
+ struct nlmsgerr *err = NLMSG_DATA(nlh);
+
+ /* Netlink ack */
+ if (err->error == 0)
+ break;
+
+ errno = -err->error;
+ avc_log("%s: netlink error: %d\n", avc_prefix, errno);
+ return -1;
+ }
+
+ case SELNL_MSG_SETENFORCE:{
+ struct selnl_msg_setenforce *msg = NLMSG_DATA(nlh);
+ avc_log("%s: received setenforce notice (enforcing=%d)\n",
+ avc_prefix, msg->val);
+ if (avc_setenforce)
+ break;
+ avc_enforcing = msg->val;
+ if (avc_enforcing && (rc = avc_ss_reset(0)) < 0) {
+ avc_log("%s: cache reset returned %d (errno %d)\n",
+ avc_prefix, rc, errno);
+ return rc;
+ }
+ break;
+ }
+
+ case SELNL_MSG_POLICYLOAD:{
+ struct selnl_msg_policyload *msg = NLMSG_DATA(nlh);
+ avc_log("%s: received policyload notice (seqno=%d)\n",
+ avc_prefix, msg->seqno);
+ rc = avc_ss_reset(msg->seqno);
+ if (rc < 0) {
+ avc_log("%s: cache reset returned %d (errno %d)\n",
+ avc_prefix, rc, errno);
+ return rc;
+ }
+ break;
+ }
+
+ default:
+ avc_log("%s: warning: unknown netlink message %d\n",
+ avc_prefix, nlh->nlmsg_type);
+ }
+ return 0;
+}
+
+int avc_netlink_check_nb(void)
+{
+ int rc;
+ char buf[1024] __attribute__ ((aligned));
+
+ while (1) {
+ errno = 0;
+ rc = avc_netlink_receive(buf, sizeof(buf));
+ if (rc < 0) {
+ if (errno == EWOULDBLOCK)
+ return 0;
+ if (errno == 0 || errno == EINTR)
+ continue;
+ else {
+ avc_log("%s: netlink recvfrom: error %d\n",
+ avc_prefix, errno);
+ return rc;
+ }
+ }
+
+ (void)avc_netlink_process(buf);
+ }
+ return 0;
+}
+
+/* run routine for the netlink listening thread */
+void avc_netlink_loop(void)
+{
+ int rc;
+ char buf[1024] __attribute__ ((aligned));
+
+ while (1) {
+ errno = 0;
+ rc = avc_netlink_receive(buf, sizeof(buf));
+ if (rc < 0) {
+ if (errno == 0 || errno == EINTR)
+ continue;
+ else {
+ avc_log("%s: netlink recvfrom: error %d\n",
+ avc_prefix, errno);
+ break;
+ }
+ }
+
+ rc = avc_netlink_process(buf);
+ if (rc < 0)
+ break;
+ }
+
+ close(fd);
+ avc_netlink_trouble = 1;
+ avc_log("%s: netlink thread: errors encountered, terminating\n",
+ avc_prefix);
+}
diff --git a/libselinux/src/avc_internal.h b/libselinux/src/avc_internal.h
new file mode 100644
index 0000000..cd50dc8
--- /dev/null
+++ b/libselinux/src/avc_internal.h
@@ -0,0 +1,196 @@
+/*
+ * This file describes the internal interface used by the AVC
+ * for calling the user-supplied memory allocation, supplemental
+ * auditing, and locking routine, as well as incrementing the
+ * statistics fields.
+ *
+ * Author : Eamon Walsh <ewalsh@epoch.ncsc.mil>
+ */
+#ifndef _SELINUX_AVC_INTERNAL_H_
+#define _SELINUX_AVC_INTERNAL_H_
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <selinux/avc.h>
+#include "callbacks.h"
+#include "dso.h"
+
+/* SID reference counter manipulation */
+static inline int sid_inc_refcnt(security_id_t sid)
+{
+ return sid->refcnt = (sid->refcnt > 0) ? sid->refcnt + 1 : 0;
+}
+
+static inline int sid_dec_refcnt(security_id_t sid)
+{
+ return sid->refcnt = (sid->refcnt > 0) ? sid->refcnt - 1 : 0;
+}
+
+/* callback pointers */
+extern void *(*avc_func_malloc) (size_t) hidden;
+extern void (*avc_func_free) (void *)hidden;
+
+extern void (*avc_func_log) (const char *, ...)hidden;
+extern void (*avc_func_audit) (void *, security_class_t, char *, size_t)hidden;
+
+extern int avc_using_threads hidden;
+extern void *(*avc_func_create_thread) (void (*)(void))hidden;
+extern void (*avc_func_stop_thread) (void *)hidden;
+
+extern void *(*avc_func_alloc_lock) (void)hidden;
+extern void (*avc_func_get_lock) (void *)hidden;
+extern void (*avc_func_release_lock) (void *)hidden;
+extern void (*avc_func_free_lock) (void *)hidden;
+
+static inline void set_callbacks(const struct avc_memory_callback *mem_cb,
+ const struct avc_log_callback *log_cb,
+ const struct avc_thread_callback *thread_cb,
+ const struct avc_lock_callback *lock_cb)
+{
+ if (mem_cb) {
+ avc_func_malloc = mem_cb->func_malloc;
+ avc_func_free = mem_cb->func_free;
+ }
+ if (log_cb) {
+ avc_func_log = log_cb->func_log;
+ avc_func_audit = log_cb->func_audit;
+ }
+ if (thread_cb) {
+ avc_using_threads = 1;
+ avc_func_create_thread = thread_cb->func_create_thread;
+ avc_func_stop_thread = thread_cb->func_stop_thread;
+ }
+ if (lock_cb) {
+ avc_func_alloc_lock = lock_cb->func_alloc_lock;
+ avc_func_get_lock = lock_cb->func_get_lock;
+ avc_func_release_lock = lock_cb->func_release_lock;
+ avc_func_free_lock = lock_cb->func_free_lock;
+ }
+}
+
+/* message prefix and enforcing mode*/
+#define AVC_PREFIX_SIZE 16
+extern char avc_prefix[AVC_PREFIX_SIZE] hidden;
+extern int avc_running hidden;
+extern int avc_enforcing hidden;
+extern int avc_setenforce hidden;
+
+/* user-supplied callback interface for avc */
+static inline void *avc_malloc(size_t size)
+{
+ return avc_func_malloc ? avc_func_malloc(size) : malloc(size);
+}
+
+static inline void avc_free(void *ptr)
+{
+ if (avc_func_free)
+ avc_func_free(ptr);
+ else
+ free(ptr);
+}
+
+/* this is a macro in order to use the variadic capability. */
+#define avc_log(format...) \
+ if (avc_func_log) \
+ avc_func_log(format); \
+ else \
+ selinux_log(SELINUX_ERROR, format);
+
+static inline void avc_suppl_audit(void *ptr, security_class_t class,
+ char *buf, size_t len)
+{
+ if (avc_func_audit)
+ avc_func_audit(ptr, class, buf, len);
+ else
+ selinux_audit(ptr, class, buf, len);
+}
+
+static inline void *avc_create_thread(void (*run) (void))
+{
+ return avc_func_create_thread ? avc_func_create_thread(run) : NULL;
+}
+
+static inline void avc_stop_thread(void *thread)
+{
+ if (avc_func_stop_thread)
+ avc_func_stop_thread(thread);
+}
+
+static inline void *avc_alloc_lock(void)
+{
+ return avc_func_alloc_lock ? avc_func_alloc_lock() : NULL;
+}
+
+static inline void avc_get_lock(void *lock)
+{
+ if (avc_func_get_lock)
+ avc_func_get_lock(lock);
+}
+
+static inline void avc_release_lock(void *lock)
+{
+ if (avc_func_release_lock)
+ avc_func_release_lock(lock);
+}
+
+static inline void avc_free_lock(void *lock)
+{
+ if (avc_func_free_lock)
+ avc_func_free_lock(lock);
+}
+
+/* statistics helper routines */
+#ifdef AVC_CACHE_STATS
+
+#define avc_cache_stats_incr(field) \
+ cache_stats.field ++;
+#define avc_cache_stats_add(field, num) \
+ cache_stats.field += num;
+
+#else
+
+#define avc_cache_stats_incr(field)
+#define avc_cache_stats_add(field, num)
+
+#endif
+
+/* logging helper routines */
+#define AVC_AUDIT_BUFSIZE 1024
+
+/* again, we need the variadic capability here */
+#define log_append(buf,format...) \
+ snprintf(buf+strlen(buf), AVC_AUDIT_BUFSIZE-strlen(buf), format)
+
+/* internal callbacks */
+int avc_ss_grant(security_id_t ssid, security_id_t tsid,
+ security_class_t tclass, access_vector_t perms,
+ uint32_t seqno) hidden;
+int avc_ss_try_revoke(security_id_t ssid, security_id_t tsid,
+ security_class_t tclass,
+ access_vector_t perms, uint32_t seqno,
+ access_vector_t * out_retained) hidden;
+int avc_ss_revoke(security_id_t ssid, security_id_t tsid,
+ security_class_t tclass, access_vector_t perms,
+ uint32_t seqno) hidden;
+int avc_ss_reset(uint32_t seqno) hidden;
+int avc_ss_set_auditallow(security_id_t ssid, security_id_t tsid,
+ security_class_t tclass, access_vector_t perms,
+ uint32_t seqno, uint32_t enable) hidden;
+int avc_ss_set_auditdeny(security_id_t ssid, security_id_t tsid,
+ security_class_t tclass, access_vector_t perms,
+ uint32_t seqno, uint32_t enable) hidden;
+
+/* netlink kernel message code */
+extern int avc_netlink_trouble hidden;
+int avc_netlink_open(int blocking) hidden;
+int avc_netlink_check_nb(void) hidden;
+void avc_netlink_loop(void) hidden;
+void avc_netlink_close(void) hidden;
+
+hidden_proto(avc_av_stats)
+ hidden_proto(avc_cleanup)
+ hidden_proto(avc_reset)
+ hidden_proto(avc_audit)
+ hidden_proto(avc_has_perm_noaudit)
+#endif /* _SELINUX_AVC_INTERNAL_H_ */
diff --git a/libselinux/src/avc_sidtab.c b/libselinux/src/avc_sidtab.c
new file mode 100644
index 0000000..dab5c4e
--- /dev/null
+++ b/libselinux/src/avc_sidtab.c
@@ -0,0 +1,192 @@
+/*
+ * Implementation of the userspace SID hashtable.
+ *
+ * Author : Eamon Walsh, <ewalsh@epoch.ncsc.mil>
+ */
+#include <errno.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <stdint.h>
+#include <string.h>
+#include "selinux_internal.h"
+#include <selinux/avc.h>
+#include "avc_sidtab.h"
+#include "avc_internal.h"
+
+static inline unsigned sidtab_hash(security_context_t key)
+{
+ char *p, *keyp;
+ unsigned int size;
+ unsigned int val;
+
+ val = 0;
+ keyp = (char *)key;
+ size = strlen(keyp);
+ for (p = keyp; (unsigned int)(p - keyp) < size; p++)
+ val =
+ (val << 4 | (val >> (8 * sizeof(unsigned int) - 4))) ^ (*p);
+ return val & (SIDTAB_SIZE - 1);
+}
+
+int sidtab_init(struct sidtab *s)
+{
+ int i, rc = 0;
+
+ s->htable = (struct sidtab_node **)avc_malloc
+ (sizeof(struct sidtab_node *) * SIDTAB_SIZE);
+
+ if (!s->htable) {
+ rc = -1;
+ goto out;
+ }
+ for (i = 0; i < SIDTAB_SIZE; i++)
+ s->htable[i] = NULL;
+ s->nel = 0;
+ out:
+ return rc;
+}
+
+int sidtab_insert(struct sidtab *s, security_context_t ctx)
+{
+ int hvalue, rc = 0;
+ struct sidtab_node *newnode;
+ security_context_t newctx;
+
+ newnode = (struct sidtab_node *)avc_malloc(sizeof(*newnode));
+ if (!newnode) {
+ rc = -1;
+ goto out;
+ }
+ newctx = (security_context_t) strdup(ctx);
+ if (!newctx) {
+ rc = -1;
+ avc_free(newnode);
+ goto out;
+ }
+
+ hvalue = sidtab_hash(newctx);
+ newnode->next = s->htable[hvalue];
+ newnode->sid_s.ctx = newctx;
+ newnode->sid_s.refcnt = 0; /* caller should increment */
+ s->htable[hvalue] = newnode;
+ s->nel++;
+ out:
+ return rc;
+}
+
+void sidtab_remove(struct sidtab *s, security_id_t sid)
+{
+ int hvalue;
+ struct sidtab_node *cur, *prev;
+
+ hvalue = sidtab_hash(sid->ctx);
+ cur = s->htable[hvalue];
+ prev = NULL;
+ while (cur) {
+ if (sid == &cur->sid_s) {
+ if (prev)
+ prev->next = cur->next;
+ else
+ s->htable[hvalue] = cur->next;
+ avc_free(cur);
+ s->nel--;
+ return;
+ } else {
+ prev = cur;
+ cur = cur->next;
+ }
+ }
+}
+
+security_id_t sidtab_claim_sid(struct sidtab *s)
+{
+ int i;
+ struct sidtab_node *cur;
+
+ for (i = 0; i < SIDTAB_SIZE; i++) {
+ cur = s->htable[i];
+ while (cur) {
+ if (!cur->sid_s.refcnt)
+ return &cur->sid_s;
+ cur = cur->next;
+ }
+ }
+ return NULL;
+}
+
+int
+sidtab_context_to_sid(struct sidtab *s,
+ security_context_t ctx, security_id_t * sid)
+{
+ int hvalue, rc = 0;
+ struct sidtab_node *cur;
+
+ *sid = NULL;
+ hvalue = sidtab_hash(ctx);
+
+ loop:
+ cur = s->htable[hvalue];
+ while (cur != NULL && strcmp(cur->sid_s.ctx, ctx))
+ cur = cur->next;
+
+ if (cur == NULL) { /* need to make a new entry */
+ rc = sidtab_insert(s, ctx);
+ if (rc)
+ goto out;
+ goto loop; /* find the newly inserted node */
+ }
+
+ *sid = &cur->sid_s;
+ out:
+ return rc;
+}
+
+void sidtab_sid_stats(struct sidtab *h, char *buf, int buflen)
+{
+ int i, chain_len, slots_used, max_chain_len;
+ struct sidtab_node *cur;
+
+ slots_used = 0;
+ max_chain_len = 0;
+ for (i = 0; i < SIDTAB_SIZE; i++) {
+ cur = h->htable[i];
+ if (cur) {
+ slots_used++;
+ chain_len = 0;
+ while (cur) {
+ chain_len++;
+ cur = cur->next;
+ }
+
+ if (chain_len > max_chain_len)
+ max_chain_len = chain_len;
+ }
+ }
+
+ snprintf(buf, buflen,
+ "%s: %d SID entries and %d/%d buckets used, longest "
+ "chain length %d\n", avc_prefix, h->nel, slots_used,
+ SIDTAB_SIZE, max_chain_len);
+}
+
+void sidtab_destroy(struct sidtab *s)
+{
+ int i;
+ struct sidtab_node *cur, *temp;
+
+ if (!s)
+ return;
+
+ for (i = 0; i < SIDTAB_SIZE; i++) {
+ cur = s->htable[i];
+ while (cur != NULL) {
+ temp = cur;
+ cur = cur->next;
+ freecon(temp->sid_s.ctx);
+ avc_free(temp);
+ }
+ s->htable[i] = NULL;
+ }
+ avc_free(s->htable);
+ s->htable = NULL;
+}
diff --git a/libselinux/src/avc_sidtab.h b/libselinux/src/avc_sidtab.h
new file mode 100644
index 0000000..620a335
--- /dev/null
+++ b/libselinux/src/avc_sidtab.h
@@ -0,0 +1,38 @@
+/*
+ * A security identifier table (sidtab) is a hash table
+ * of security context structures indexed by SID value.
+ */
+#ifndef _SELINUX_AVC_SIDTAB_H_
+#define _SELINUX_AVC_SIDTAB_H_
+
+#include <selinux/selinux.h>
+#include <selinux/avc.h>
+#include "dso.h"
+
+struct sidtab_node {
+ struct security_id sid_s;
+ struct sidtab_node *next;
+};
+
+#define SIDTAB_HASH_BITS 7
+#define SIDTAB_HASH_BUCKETS (1 << SIDTAB_HASH_BITS)
+#define SIDTAB_HASH_MASK (SIDTAB_HASH_BUCKETS-1)
+#define SIDTAB_SIZE SIDTAB_HASH_BUCKETS
+
+struct sidtab {
+ struct sidtab_node **htable;
+ unsigned nel;
+};
+
+int sidtab_init(struct sidtab *s) hidden;
+int sidtab_insert(struct sidtab *s, security_context_t ctx) hidden;
+void sidtab_remove(struct sidtab *s, security_id_t sid) hidden;
+security_id_t sidtab_claim_sid(struct sidtab *s) hidden;
+
+int sidtab_context_to_sid(struct sidtab *s,
+ security_context_t ctx, security_id_t * sid) hidden;
+
+void sidtab_sid_stats(struct sidtab *s, char *buf, int buflen) hidden;
+void sidtab_destroy(struct sidtab *s) hidden;
+
+#endif /* _SELINUX_AVC_SIDTAB_H_ */
diff --git a/libselinux/src/booleans.c b/libselinux/src/booleans.c
new file mode 100644
index 0000000..bbf8324
--- /dev/null
+++ b/libselinux/src/booleans.c
@@ -0,0 +1,474 @@
+/*
+ * Author: Karl MacMillan <kmacmillan@tresys.com>
+ *
+ * Modified:
+ * Dan Walsh <dwalsh@redhat.com> - Added security_load_booleans().
+ */
+
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <fcntl.h>
+#include <assert.h>
+#include <stdlib.h>
+#include <dirent.h>
+#include <string.h>
+#include <stdio.h>
+#include <stdio_ext.h>
+#include <unistd.h>
+#include <fnmatch.h>
+#include <limits.h>
+#include <ctype.h>
+#include <errno.h>
+
+#include "selinux_internal.h"
+#include "policy.h"
+
+#define SELINUX_BOOL_DIR "/booleans/"
+
+static int filename_select(const struct dirent *d)
+{
+ if (d->d_name[0] == '.'
+ && (d->d_name[1] == '\0'
+ || (d->d_name[1] == '.' && d->d_name[2] == '\0')))
+ return 0;
+ return 1;
+}
+
+int security_get_boolean_names(char ***names, int *len)
+{
+ char path[PATH_MAX];
+ int i, rc;
+ struct dirent **namelist;
+ char **n;
+
+ assert(len);
+ if (!selinux_mnt) {
+ errno = ENOENT;
+ return -1;
+ }
+
+ snprintf(path, sizeof path, "%s%s", selinux_mnt, SELINUX_BOOL_DIR);
+ *len = scandir(path, &namelist, &filename_select, alphasort);
+ if (*len <= 0) {
+ return -1;
+ }
+
+ n = (char **)malloc(sizeof(char *) * *len);
+ if (!n) {
+ rc = -1;
+ goto bad;
+ }
+
+ for (i = 0; i < *len; i++) {
+ n[i] = (char *)malloc(_D_ALLOC_NAMLEN(namelist[i]));
+ if (!n[i]) {
+ rc = -1;
+ goto bad_freen;
+ }
+ strcpy(n[i], namelist[i]->d_name);
+ }
+ rc = 0;
+ *names = n;
+ out:
+ for (i = 0; i < *len; i++) {
+ free(namelist[i]);
+ }
+ free(namelist);
+ return rc;
+ bad_freen:
+ for (--i; i >= 0; --i)
+ free(n[i]);
+ free(n);
+ bad:
+ goto out;
+}
+
+hidden_def(security_get_boolean_names)
+#define STRBUF_SIZE 3
+static int get_bool_value(const char *name, char **buf)
+{
+ int fd, len;
+ char *fname = NULL;
+
+ if (!selinux_mnt) {
+ errno = ENOENT;
+ return -1;
+ }
+
+ *buf = (char *)malloc(sizeof(char) * (STRBUF_SIZE + 1));
+ if (!*buf)
+ goto out;
+ (*buf)[STRBUF_SIZE] = 0;
+
+ len = strlen(name) + strlen(selinux_mnt) + sizeof(SELINUX_BOOL_DIR);
+ fname = (char *)malloc(sizeof(char) * len);
+ if (!fname)
+ goto out;
+ snprintf(fname, len, "%s%s%s", selinux_mnt, SELINUX_BOOL_DIR, name);
+
+ fd = open(fname, O_RDONLY);
+ if (fd < 0)
+ goto out;
+
+ len = read(fd, *buf, STRBUF_SIZE);
+ close(fd);
+ if (len != STRBUF_SIZE)
+ goto out;
+
+ free(fname);
+ return 0;
+ out:
+ if (*buf)
+ free(*buf);
+ if (fname)
+ free(fname);
+ return -1;
+}
+
+int security_get_boolean_pending(const char *name)
+{
+ char *buf;
+ int val;
+
+ if (get_bool_value(name, &buf))
+ return -1;
+
+ if (atoi(&buf[1]))
+ val = 1;
+ else
+ val = 0;
+ free(buf);
+ return val;
+}
+
+int security_get_boolean_active(const char *name)
+{
+ char *buf;
+ int val;
+
+ if (get_bool_value(name, &buf))
+ return -1;
+
+ buf[1] = '\0';
+ if (atoi(buf))
+ val = 1;
+ else
+ val = 0;
+ free(buf);
+ return val;
+}
+
+hidden_def(security_get_boolean_active)
+
+int security_set_boolean(const char *name, int value)
+{
+ int fd, ret, len;
+ char buf[2], *fname;
+
+ if (!selinux_mnt) {
+ errno = ENOENT;
+ return -1;
+ }
+ if (value < 0 || value > 1) {
+ errno = EINVAL;
+ return -1;
+ }
+
+ len = strlen(name) + strlen(selinux_mnt) + sizeof(SELINUX_BOOL_DIR);
+ fname = (char *)malloc(sizeof(char) * len);
+ if (!fname)
+ return -1;
+ snprintf(fname, len, "%s%s%s", selinux_mnt, SELINUX_BOOL_DIR, name);
+
+ fd = open(fname, O_WRONLY);
+ if (fd < 0) {
+ ret = -1;
+ goto out;
+ }
+
+ if (value)
+ buf[0] = '1';
+ else
+ buf[0] = '0';
+ buf[1] = '\0';
+
+ ret = write(fd, buf, 2);
+ close(fd);
+ out:
+ free(fname);
+ if (ret > 0)
+ return 0;
+ else
+ return -1;
+}
+
+hidden_def(security_set_boolean)
+
+int security_commit_booleans(void)
+{
+ int fd, ret;
+ char buf[2];
+ char path[PATH_MAX];
+
+ if (!selinux_mnt) {
+ errno = ENOENT;
+ return -1;
+ }
+
+ snprintf(path, sizeof path, "%s/commit_pending_bools", selinux_mnt);
+ fd = open(path, O_WRONLY);
+ if (fd < 0)
+ return -1;
+
+ buf[0] = '1';
+ buf[1] = '\0';
+
+ ret = write(fd, buf, 2);
+ close(fd);
+
+ if (ret > 0)
+ return 0;
+ else
+ return -1;
+}
+
+hidden_def(security_commit_booleans)
+
+static char *strtrim(char *dest, char *source, int size)
+{
+ int i = 0;
+ char *ptr = source;
+ i = 0;
+ while (isspace(*ptr) && i < size) {
+ ptr++;
+ i++;
+ }
+ strncpy(dest, ptr, size);
+ for (i = strlen(dest) - 1; i > 0; i--) {
+ if (!isspace(dest[i]))
+ break;
+ }
+ dest[i + 1] = '\0';
+ return dest;
+}
+static int process_boolean(char *buffer, char *name, int namesize, int *val)
+{
+ char name1[BUFSIZ];
+ char *ptr;
+ char *tok = strtok_r(buffer, "=", &ptr);
+ if (tok) {
+ strncpy(name1, tok, BUFSIZ - 1);
+ strtrim(name, name1, namesize - 1);
+ if (name[0] == '#')
+ return 0;
+ tok = strtok_r(NULL, "\0", &ptr);
+ if (tok) {
+ while (isspace(*tok))
+ tok++;
+ *val = -1;
+ if (isdigit(tok[0]))
+ *val = atoi(tok);
+ else if (!strncasecmp(tok, "true", sizeof("true") - 1))
+ *val = 1;
+ else if (!strncasecmp
+ (tok, "false", sizeof("false") - 1))
+ *val = 0;
+ if (*val != 0 && *val != 1) {
+ errno = EINVAL;
+ return -1;
+ }
+
+ }
+ }
+ return 1;
+}
+static int save_booleans(size_t boolcnt, SELboolean * boollist)
+{
+ ssize_t len;
+ size_t i;
+ char outbuf[BUFSIZ];
+ char *inbuf = NULL;
+
+ /* Open file */
+ const char *bool_file = selinux_booleans_path();
+ char local_bool_file[PATH_MAX];
+ char tmp_bool_file[PATH_MAX];
+ FILE *boolf;
+ int fd;
+ int *used = (int *)malloc(sizeof(int) * boolcnt);
+ if (!used) {
+ return -1;
+ }
+ /* zero out used field */
+ for (i = 0; i < boolcnt; i++)
+ used[i] = 0;
+
+ snprintf(tmp_bool_file, sizeof(tmp_bool_file), "%s.XXXXXX", bool_file);
+ fd = mkstemp(tmp_bool_file);
+ if (fd < 0) {
+ free(used);
+ return -1;
+ }
+
+ snprintf(local_bool_file, sizeof(local_bool_file), "%s.local",
+ bool_file);
+ boolf = fopen(local_bool_file, "r");
+ if (boolf != NULL) {
+ ssize_t ret;
+ size_t size = 0;
+ int val;
+ char boolname[BUFSIZ];
+ char *buffer;
+ inbuf = NULL;
+ __fsetlocking(boolf, FSETLOCKING_BYCALLER);
+ while ((len = getline(&inbuf, &size, boolf)) > 0) {
+ buffer = strdup(inbuf);
+ if (!buffer)
+ goto close_remove_fail;
+ ret =
+ process_boolean(inbuf, boolname, sizeof(boolname),
+ &val);
+ if (ret != 1) {
+ ret = write(fd, buffer, len);
+ free(buffer);
+ if (ret != len)
+ goto close_remove_fail;
+ } else {
+ free(buffer);
+ for (i = 0; i < boolcnt; i++) {
+ if (strcmp(boollist[i].name, boolname)
+ == 0) {
+ snprintf(outbuf, sizeof(outbuf),
+ "%s=%d\n", boolname,
+ boollist[i].value);
+ len = strlen(outbuf);
+ used[i] = 1;
+ if (write(fd, outbuf, len) !=
+ len)
+ goto close_remove_fail;
+ else
+ break;
+ }
+ }
+ if (i == boolcnt) {
+ snprintf(outbuf, sizeof(outbuf),
+ "%s=%d\n", boolname, val);
+ len = strlen(outbuf);
+ if (write(fd, outbuf, len) != len)
+ goto close_remove_fail;
+ }
+ }
+ free(inbuf);
+ inbuf = NULL;
+ }
+ fclose(boolf);
+ }
+
+ for (i = 0; i < boolcnt; i++) {
+ if (used[i] == 0) {
+ snprintf(outbuf, sizeof(outbuf), "%s=%d\n",
+ boollist[i].name, boollist[i].value);
+ len = strlen(outbuf);
+ if (write(fd, outbuf, len) != len) {
+ close_remove_fail:
+ free(inbuf);
+ close(fd);
+ remove_fail:
+ unlink(tmp_bool_file);
+ free(used);
+ return -1;
+ }
+ }
+
+ }
+ if (fchmod(fd, S_IRUSR | S_IWUSR) != 0)
+ goto close_remove_fail;
+ close(fd);
+ if (rename(tmp_bool_file, local_bool_file) != 0)
+ goto remove_fail;
+
+ free(used);
+ return 0;
+}
+static void rollback(SELboolean * boollist, int end)
+{
+ int i;
+
+ for (i = 0; i < end; i++)
+ security_set_boolean(boollist[i].name,
+ security_get_boolean_active(boollist[i].
+ name));
+}
+
+int security_set_boolean_list(size_t boolcnt, SELboolean * boollist,
+ int permanent)
+{
+
+ size_t i;
+ for (i = 0; i < boolcnt; i++) {
+ if (security_set_boolean(boollist[i].name, boollist[i].value)) {
+ rollback(boollist, i);
+ return -1;
+ }
+ }
+
+ /* OK, let's do the commit */
+ if (security_commit_booleans()) {
+ return -1;
+ }
+
+ if (permanent)
+ return save_booleans(boolcnt, boollist);
+
+ return 0;
+}
+int security_load_booleans(char *path)
+{
+ FILE *boolf;
+ char *inbuf;
+ char localbools[BUFSIZ];
+ size_t len = 0, errors = 0;
+ int val;
+ char name[BUFSIZ];
+
+ boolf = fopen(path ? path : selinux_booleans_path(), "r");
+ if (boolf == NULL)
+ goto localbool;
+
+ __fsetlocking(boolf, FSETLOCKING_BYCALLER);
+ while (getline(&inbuf, &len, boolf) > 0) {
+ int ret = process_boolean(inbuf, name, sizeof(name), &val);
+ if (ret == -1)
+ errors++;
+ if (ret == 1)
+ if (security_set_boolean(name, val) < 0) {
+ errors++;
+ }
+ }
+ fclose(boolf);
+ localbool:
+ snprintf(localbools, sizeof(localbools), "%s.local",
+ (path ? path : selinux_booleans_path()));
+ boolf = fopen(localbools, "r");
+
+ if (boolf != NULL) {
+ int ret;
+ __fsetlocking(boolf, FSETLOCKING_BYCALLER);
+ while (getline(&inbuf, &len, boolf) > 0) {
+ ret = process_boolean(inbuf, name, sizeof(name), &val);
+ if (ret == -1)
+ errors++;
+ if (ret == 1)
+ if (security_set_boolean(name, val) < 0) {
+ errors++;
+ }
+ }
+ fclose(boolf);
+ }
+ if (security_commit_booleans() < 0)
+ return -1;
+
+ if (errors)
+ errno = EINVAL;
+ return errors ? -1 : 0;
+}
diff --git a/libselinux/src/callbacks.c b/libselinux/src/callbacks.c
new file mode 100644
index 0000000..5acfd3d
--- /dev/null
+++ b/libselinux/src/callbacks.c
@@ -0,0 +1,92 @@
+/*
+ * User-supplied callbacks and default implementations.
+ * Class and permission mappings.
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <stdarg.h>
+#include <errno.h>
+#include <selinux/selinux.h>
+#include "callbacks.h"
+
+/* default implementations */
+static int __attribute__ ((format(printf, 2, 3)))
+default_selinux_log(int type __attribute__((unused)), const char *fmt, ...)
+{
+ int rc;
+ va_list ap;
+ va_start(ap, fmt);
+ rc = vfprintf(stderr, fmt, ap);
+ va_end(ap);
+ return rc;
+}
+
+static int
+default_selinux_audit(void *ptr __attribute__((unused)),
+ security_class_t cls __attribute__((unused)),
+ char *buf __attribute__((unused)),
+ size_t len __attribute__((unused)))
+{
+ return 0;
+}
+
+static int
+default_selinux_validate(security_context_t *ctx)
+{
+ return security_check_context(*ctx);
+}
+
+/* callback pointers */
+int __attribute__ ((format(printf, 2, 3)))
+(*selinux_log)(int, const char *, ...) =
+ default_selinux_log;
+
+int
+(*selinux_audit) (void *, security_class_t, char *, size_t) =
+ default_selinux_audit;
+
+int
+(*selinux_validate)(security_context_t *ctx) =
+ default_selinux_validate;
+
+/* callback setting function */
+void
+selinux_set_callback(int type, union selinux_callback cb)
+{
+ switch (type) {
+ case SELINUX_CB_LOG:
+ selinux_log = cb.func_log;
+ break;
+ case SELINUX_CB_AUDIT:
+ selinux_audit = cb.func_audit;
+ break;
+ case SELINUX_CB_VALIDATE:
+ selinux_validate = cb.func_validate;
+ break;
+ }
+}
+
+/* callback getting function */
+union selinux_callback
+selinux_get_callback(int type)
+{
+ union selinux_callback cb;
+
+ switch (type) {
+ case SELINUX_CB_LOG:
+ cb.func_log = selinux_log;
+ break;
+ case SELINUX_CB_AUDIT:
+ cb.func_audit = selinux_audit;
+ break;
+ case SELINUX_CB_VALIDATE:
+ cb.func_validate = selinux_validate;
+ break;
+ default:
+ memset(&cb, 0, sizeof(cb));
+ errno = EINVAL;
+ break;
+ }
+ return cb;
+}
diff --git a/libselinux/src/callbacks.h b/libselinux/src/callbacks.h
new file mode 100644
index 0000000..068fa9d
--- /dev/null
+++ b/libselinux/src/callbacks.h
@@ -0,0 +1,24 @@
+/*
+ * This file describes the callbacks passed to selinux_init() and available
+ * for use from the library code. They all have default implementations.
+ */
+#ifndef _SELINUX_CALLBACKS_H_
+#define _SELINUX_CALLBACKS_H_
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <selinux/selinux.h>
+#include "dso.h"
+
+/* callback pointers */
+extern int __attribute__ ((format(printf, 2, 3)))
+(*selinux_log) (int type, const char *, ...) hidden;
+
+extern int
+(*selinux_audit) (void *, security_class_t, char *, size_t) hidden;
+
+extern int
+(*selinux_validate)(security_context_t *ctx) hidden;
+
+#endif /* _SELINUX_CALLBACKS_H_ */
diff --git a/libselinux/src/canonicalize_context.c b/libselinux/src/canonicalize_context.c
new file mode 100644
index 0000000..85bbbfa
--- /dev/null
+++ b/libselinux/src/canonicalize_context.c
@@ -0,0 +1,86 @@
+#include <unistd.h>
+#include <sys/types.h>
+#include <fcntl.h>
+#include <stdlib.h>
+#include <stdio.h>
+#include <errno.h>
+#include <string.h>
+#include "selinux_internal.h"
+#include "policy.h"
+#include <limits.h>
+
+int security_canonicalize_context_raw(security_context_t con,
+ security_context_t * canoncon)
+{
+ char path[PATH_MAX];
+ char *buf;
+ size_t size;
+ int fd, ret;
+
+ if (!selinux_mnt) {
+ errno = ENOENT;
+ return -1;
+ }
+
+ snprintf(path, sizeof path, "%s/context", selinux_mnt);
+ fd = open(path, O_RDWR);
+ if (fd < 0)
+ return -1;
+
+ size = selinux_page_size;
+ buf = malloc(size);
+ if (!buf) {
+ ret = -1;
+ goto out;
+ }
+ strncpy(buf, con, size);
+
+ ret = write(fd, buf, strlen(buf) + 1);
+ if (ret < 0)
+ goto out2;
+
+ memset(buf, 0, size);
+ ret = read(fd, buf, size - 1);
+ if (ret < 0 && errno == EINVAL) {
+ /* Fall back to the original context for kernels
+ that do not support the extended interface. */
+ strncpy(buf, con, size);
+ }
+
+ *canoncon = strdup(buf);
+ if (!(*canoncon)) {
+ ret = -1;
+ goto out2;
+ }
+ ret = 0;
+ out2:
+ free(buf);
+ out:
+ close(fd);
+ return ret;
+}
+
+hidden_def(security_canonicalize_context_raw)
+
+int security_canonicalize_context(security_context_t con,
+ security_context_t * canoncon)
+{
+ int ret;
+ security_context_t rcon = con;
+ security_context_t rcanoncon;
+
+ if (selinux_trans_to_raw_context(con, &rcon))
+ return -1;
+
+ ret = security_canonicalize_context_raw(rcon, &rcanoncon);
+
+ freecon(rcon);
+ if (!ret) {
+ ret = selinux_raw_to_trans_context(rcanoncon, canoncon);
+ freecon(rcanoncon);
+ }
+
+ return ret;
+}
+
+hidden_def(security_canonicalize_context)
diff --git a/libselinux/src/checkAccess.c b/libselinux/src/checkAccess.c
new file mode 100644
index 0000000..c1982c7
--- /dev/null
+++ b/libselinux/src/checkAccess.c
@@ -0,0 +1,47 @@
+#include <unistd.h>
+#include <sys/types.h>
+#include <stdlib.h>
+#include <errno.h>
+#include "selinux_internal.h"
+#include <selinux/flask.h>
+#include <selinux/av_permissions.h>
+
+int selinux_check_passwd_access(access_vector_t requested)
+{
+ int status = -1;
+ security_context_t user_context;
+ if (is_selinux_enabled() == 0)
+ return 0;
+ if (getprevcon_raw(&user_context) == 0) {
+ security_class_t passwd_class;
+ struct av_decision avd;
+ int retval;
+
+ passwd_class = string_to_security_class("passwd");
+ if (passwd_class == 0)
+ return 0;
+
+ retval = security_compute_av_raw(user_context,
+ user_context,
+ passwd_class,
+ requested,
+ &avd);
+
+ if ((retval == 0) && ((requested & avd.allowed) == requested)) {
+ status = 0;
+ }
+ freecon(user_context);
+ }
+
+ if (status != 0 && security_getenforce() == 0)
+ status = 0;
+
+ return status;
+}
+
+hidden_def(selinux_check_passwd_access)
+
+int checkPasswdAccess(access_vector_t requested)
+{
+ return selinux_check_passwd_access(requested);
+}
diff --git a/libselinux/src/check_context.c b/libselinux/src/check_context.c
new file mode 100644
index 0000000..0e8fb86
--- /dev/null
+++ b/libselinux/src/check_context.c
@@ -0,0 +1,51 @@
+#include <unistd.h>
+#include <sys/types.h>
+#include <fcntl.h>
+#include <stdlib.h>
+#include <errno.h>
+#include <string.h>
+#include <stdio.h>
+#include "selinux_internal.h"
+#include "policy.h"
+#include <limits.h>
+
+int security_check_context_raw(security_context_t con)
+{
+ char path[PATH_MAX];
+ int fd, ret;
+
+ if (!selinux_mnt) {
+ errno = ENOENT;
+ return -1;
+ }
+
+ snprintf(path, sizeof path, "%s/context", selinux_mnt);
+ fd = open(path, O_RDWR);
+ if (fd < 0)
+ return -1;
+
+ ret = write(fd, con, strlen(con) + 1);
+ close(fd);
+ if (ret < 0)
+ return -1;
+ return 0;
+}
+
+hidden_def(security_check_context_raw)
+
+int security_check_context(security_context_t con)
+{
+ int ret;
+ security_context_t rcon = con;
+
+ if (selinux_trans_to_raw_context(con, &rcon))
+ return -1;
+
+ ret = security_check_context_raw(rcon);
+
+ freecon(rcon);
+
+ return ret;
+}
+
+hidden_def(security_check_context)
diff --git a/libselinux/src/class_to_string.h b/libselinux/src/class_to_string.h
new file mode 100644
index 0000000..60327cb
--- /dev/null
+++ b/libselinux/src/class_to_string.h
@@ -0,0 +1,74 @@
+/* This file is automatically generated. Do not edit. */
+/*
+ * Security object class definitions
+ */
+ S_("null")
+ S_("security")
+ S_("process")
+ S_("system")
+ S_("capability")
+ S_("filesystem")
+ S_("file")
+ S_("dir")
+ S_("fd")
+ S_("lnk_file")
+ S_("chr_file")
+ S_("blk_file")
+ S_("sock_file")
+ S_("fifo_file")
+ S_("socket")
+ S_("tcp_socket")
+ S_("udp_socket")
+ S_("rawip_socket")
+ S_("node")
+ S_("netif")
+ S_("netlink_socket")
+ S_("packet_socket")
+ S_("key_socket")
+ S_("unix_stream_socket")
+ S_("unix_dgram_socket")
+ S_("sem")
+ S_("msg")
+ S_("msgq")
+ S_("shm")
+ S_("ipc")
+ S_("passwd")
+ S_("drawable")
+ S_("window")
+ S_("gc")
+ S_("font")
+ S_("colormap")
+ S_("property")
+ S_("cursor")
+ S_("xclient")
+ S_("xinput")
+ S_("xserver")
+ S_("xextension")
+ S_("pax")
+ S_("netlink_route_socket")
+ S_("netlink_firewall_socket")
+ S_("netlink_tcpdiag_socket")
+ S_("netlink_nflog_socket")
+ S_("netlink_xfrm_socket")
+ S_("netlink_selinux_socket")
+ S_("netlink_audit_socket")
+ S_("netlink_ip6fw_socket")
+ S_("netlink_dnrt_socket")
+ S_("dbus")
+ S_("nscd")
+ S_("association")
+ S_("netlink_kobject_uevent_socket")
+ S_("appletalk_socket")
+ S_("packet")
+ S_("key")
+ S_("context")
+ S_("dccp_socket")
+ S_("memprotect")
+ S_("db_database")
+ S_("db_table")
+ S_("db_procedure")
+ S_("db_column")
+ S_("db_tuple")
+ S_("db_blob")
+ S_("peer")
+ S_("capability2")
diff --git a/libselinux/src/common_perm_to_string.h b/libselinux/src/common_perm_to_string.h
new file mode 100644
index 0000000..f52d1f5
--- /dev/null
+++ b/libselinux/src/common_perm_to_string.h
@@ -0,0 +1,67 @@
+/* This file is automatically generated. Do not edit. */
+TB_(common_file_perm_to_string)
+ S_("ioctl")
+ S_("read")
+ S_("write")
+ S_("create")
+ S_("getattr")
+ S_("setattr")
+ S_("lock")
+ S_("relabelfrom")
+ S_("relabelto")
+ S_("append")
+ S_("unlink")
+ S_("link")
+ S_("rename")
+ S_("execute")
+ S_("swapon")
+ S_("quotaon")
+ S_("mounton")
+TE_(common_file_perm_to_string)
+
+TB_(common_socket_perm_to_string)
+ S_("ioctl")
+ S_("read")
+ S_("write")
+ S_("create")
+ S_("getattr")
+ S_("setattr")
+ S_("lock")
+ S_("relabelfrom")
+ S_("relabelto")
+ S_("append")
+ S_("bind")
+ S_("connect")
+ S_("listen")
+ S_("accept")
+ S_("getopt")
+ S_("setopt")
+ S_("shutdown")
+ S_("recvfrom")
+ S_("sendto")
+ S_("recv_msg")
+ S_("send_msg")
+ S_("name_bind")
+TE_(common_socket_perm_to_string)
+
+TB_(common_ipc_perm_to_string)
+ S_("create")
+ S_("destroy")
+ S_("getattr")
+ S_("setattr")
+ S_("read")
+ S_("write")
+ S_("associate")
+ S_("unix_read")
+ S_("unix_write")
+TE_(common_ipc_perm_to_string)
+
+TB_(common_database_perm_to_string)
+ S_("create")
+ S_("drop")
+ S_("getattr")
+ S_("setattr")
+ S_("relabelfrom")
+ S_("relabelto")
+TE_(common_database_perm_to_string)
+
diff --git a/libselinux/src/compute_av.c b/libselinux/src/compute_av.c
new file mode 100644
index 0000000..45cd0db
--- /dev/null
+++ b/libselinux/src/compute_av.c
@@ -0,0 +1,95 @@
+#include <unistd.h>
+#include <sys/types.h>
+#include <fcntl.h>
+#include <stdlib.h>
+#include <stdio.h>
+#include <errno.h>
+#include <string.h>
+#include <limits.h>
+#include "selinux_internal.h"
+#include "policy.h"
+#include "mapping.h"
+
+int security_compute_av_raw(security_context_t scon,
+ security_context_t tcon,
+ security_class_t tclass,
+ access_vector_t requested, struct av_decision *avd)
+{
+ char path[PATH_MAX];
+ char *buf;
+ size_t len;
+ int fd, ret;
+
+ if (!selinux_mnt) {
+ errno = ENOENT;
+ return -1;
+ }
+
+ snprintf(path, sizeof path, "%s/access", selinux_mnt);
+ fd = open(path, O_RDWR);
+ if (fd < 0)
+ return -1;
+
+ len = selinux_page_size;
+ buf = malloc(len);
+ if (!buf) {
+ ret = -1;
+ goto out;
+ }
+
+ snprintf(buf, len, "%s %s %hu %x", scon, tcon,
+ unmap_class(tclass), unmap_perm(tclass, requested));
+
+ ret = write(fd, buf, strlen(buf));
+ if (ret < 0)
+ goto out2;
+
+ memset(buf, 0, len);
+ ret = read(fd, buf, len - 1);
+ if (ret < 0)
+ goto out2;
+
+ if (sscanf(buf, "%x %x %x %x %u", &avd->allowed,
+ &avd->decided, &avd->auditallow, &avd->auditdeny,
+ &avd->seqno) != 5) {
+ ret = -1;
+ goto out2;
+ }
+
+ map_decision(tclass, avd);
+
+ ret = 0;
+ out2:
+ free(buf);
+ out:
+ close(fd);
+ return ret;
+}
+
+hidden_def(security_compute_av_raw)
+
+int security_compute_av(security_context_t scon,
+ security_context_t tcon,
+ security_class_t tclass,
+ access_vector_t requested, struct av_decision *avd)
+{
+ int ret;
+ security_context_t rscon = scon;
+ security_context_t rtcon = tcon;
+
+ if (selinux_trans_to_raw_context(scon, &rscon))
+ return -1;
+ if (selinux_trans_to_raw_context(tcon, &rtcon)) {
+ freecon(rscon);
+ return -1;
+ }
+
+ ret = security_compute_av_raw(rscon, rtcon, tclass, requested, avd);
+
+ freecon(rscon);
+ freecon(rtcon);
+
+ return ret;
+}
+
+hidden_def(security_compute_av)
diff --git a/libselinux/src/compute_create.c b/libselinux/src/compute_create.c
new file mode 100644
index 0000000..1c56f0f
--- /dev/null
+++ b/libselinux/src/compute_create.c
@@ -0,0 +1,94 @@
+#include <unistd.h>
+#include <sys/types.h>
+#include <fcntl.h>
+#include <stdlib.h>
+#include <stdio.h>
+#include <errno.h>
+#include <string.h>
+#include <limits.h>
+#include "selinux_internal.h"
+#include "policy.h"
+#include "mapping.h"
+
+int security_compute_create_raw(security_context_t scon,
+ security_context_t tcon,
+ security_class_t tclass,
+ security_context_t * newcon)
+{
+ char path[PATH_MAX];
+ char *buf;
+ size_t size;
+ int fd, ret;
+
+ if (!selinux_mnt) {
+ errno = ENOENT;
+ return -1;
+ }
+
+ snprintf(path, sizeof path, "%s/create", selinux_mnt);
+ fd = open(path, O_RDWR);
+ if (fd < 0)
+ return -1;
+
+ size = selinux_page_size;
+ buf = malloc(size);
+ if (!buf) {
+ ret = -1;
+ goto out;
+ }
+ snprintf(buf, size, "%s %s %hu", scon, tcon, unmap_class(tclass));
+
+ ret = write(fd, buf, strlen(buf));
+ if (ret < 0)
+ goto out2;
+
+ memset(buf, 0, size);
+ ret = read(fd, buf, size - 1);
+ if (ret < 0)
+ goto out2;
+
+ *newcon = strdup(buf);
+ if (!(*newcon)) {
+ ret = -1;
+ goto out2;
+ }
+ ret = 0;
+ out2:
+ free(buf);
+ out:
+ close(fd);
+ return ret;
+}
+
+hidden_def(security_compute_create_raw)
+
+int security_compute_create(security_context_t scon,
+ security_context_t tcon,
+ security_class_t tclass,
+ security_context_t * newcon)
+{
+ int ret;
+ security_context_t rscon = scon;
+ security_context_t rtcon = tcon;
+ security_context_t rnewcon;
+
+ if (selinux_trans_to_raw_context(scon, &rscon))
+ return -1;
+ if (selinux_trans_to_raw_context(tcon, &rtcon)) {
+ freecon(rscon);
+ return -1;
+ }
+
+ ret = security_compute_create_raw(rscon, rtcon, tclass, &rnewcon);
+
+ freecon(rscon);
+ freecon(rtcon);
+ if (!ret) {
+ ret = selinux_raw_to_trans_context(rnewcon, newcon);
+ freecon(rnewcon);
+ }
+
+ return ret;
+}
+
+hidden_def(security_compute_create)
diff --git a/libselinux/src/compute_member.c b/libselinux/src/compute_member.c
new file mode 100644
index 0000000..e5495e4
--- /dev/null
+++ b/libselinux/src/compute_member.c
@@ -0,0 +1,95 @@
+#include <unistd.h>
+#include <sys/types.h>
+#include <fcntl.h>
+#include <stdlib.h>
+#include <stdio.h>
+#include <errno.h>
+#include <string.h>
+#include <limits.h>
+#include "selinux_internal.h"
+#include "policy.h"
+#include "mapping.h"
+
+int security_compute_member_raw(security_context_t scon,
+ security_context_t tcon,
+ security_class_t tclass,
+ security_context_t * newcon)
+{
+ char path[PATH_MAX];
+ char *buf;
+ size_t size;
+ int fd, ret;
+
+ if (!selinux_mnt) {
+ errno = ENOENT;
+ return -1;
+ }
+
+ snprintf(path, sizeof path, "%s/member", selinux_mnt);
+ fd = open(path, O_RDWR);
+ if (fd < 0)
+ return -1;
+
+ size = selinux_page_size;
+ buf = malloc(size);
+ if (!buf) {
+ ret = -1;
+ goto out;
+ }
+ snprintf(buf, size, "%s %s %hu", scon, tcon, unmap_class(tclass));
+
+ ret = write(fd, buf, strlen(buf));
+ if (ret < 0)
+ goto out2;
+
+ memset(buf, 0, size);
+ ret = read(fd, buf, size - 1);
+ if (ret < 0)
+ goto out2;
+
+ *newcon = strdup(buf);
+ if (!(*newcon)) {
+ ret = -1;
+ goto out2;
+ }
+ ret = 0;
+ out2:
+ free(buf);
+ out:
+ close(fd);
+ return ret;
+}
+
+hidden_def(security_compute_member_raw)
+
+int security_compute_member(security_context_t scon,
+ security_context_t tcon,
+ security_class_t tclass,
+ security_context_t * newcon)
+{
+ int ret;
+ security_context_t rscon = scon;
+ security_context_t rtcon = tcon;
+ security_context_t rnewcon;
+
+ if (selinux_trans_to_raw_context(scon, &rscon))
+ return -1;
+ if (selinux_trans_to_raw_context(tcon, &rtcon)) {
+ freecon(rscon);
+ return -1;
+ }
+
+ ret = security_compute_member_raw(rscon, rtcon, tclass, &rnewcon);
+
+ freecon(rscon);
+ freecon(rtcon);
+ if (!ret) {
+ if (selinux_raw_to_trans_context(rnewcon, newcon)) {
+ *newcon = NULL;
+ ret = -1;
+ }
+ freecon(rnewcon);
+ }
+
+ return ret;
+}
diff --git a/libselinux/src/compute_relabel.c b/libselinux/src/compute_relabel.c
new file mode 100644
index 0000000..ae9c648
--- /dev/null
+++ b/libselinux/src/compute_relabel.c
@@ -0,0 +1,92 @@
+#include <unistd.h>
+#include <sys/types.h>
+#include <fcntl.h>
+#include <stdlib.h>
+#include <stdio.h>
+#include <errno.h>
+#include <string.h>
+#include <limits.h>
+#include "selinux_internal.h"
+#include "policy.h"
+#include "mapping.h"
+
+int security_compute_relabel_raw(security_context_t scon,
+ security_context_t tcon,
+ security_class_t tclass,
+ security_context_t * newcon)
+{
+ char path[PATH_MAX];
+ char *buf;
+ size_t size;
+ int fd, ret;
+
+ if (!selinux_mnt) {
+ errno = ENOENT;
+ return -1;
+ }
+
+ snprintf(path, sizeof path, "%s/relabel", selinux_mnt);
+ fd = open(path, O_RDWR);
+ if (fd < 0)
+ return -1;
+
+ size = selinux_page_size;
+ buf = malloc(size);
+ if (!buf) {
+ ret = -1;
+ goto out;
+ }
+ snprintf(buf, size, "%s %s %hu", scon, tcon, unmap_class(tclass));
+
+ ret = write(fd, buf, strlen(buf));
+ if (ret < 0)
+ goto out2;
+
+ memset(buf, 0, size);
+ ret = read(fd, buf, size - 1);
+ if (ret < 0)
+ goto out2;
+
+ *newcon = strdup(buf);
+ if (!*newcon) {
+ ret = -1;
+ goto out2;
+ }
+ ret = 0;
+ out2:
+ free(buf);
+ out:
+ close(fd);
+ return ret;
+}
+
+hidden_def(security_compute_relabel_raw)
+
+int security_compute_relabel(security_context_t scon,
+ security_context_t tcon,
+ security_class_t tclass,
+ security_context_t * newcon)
+{
+ int ret;
+ security_context_t rscon = scon;
+ security_context_t rtcon = tcon;
+ security_context_t rnewcon;
+
+ if (selinux_trans_to_raw_context(scon, &rscon))
+ return -1;
+ if (selinux_trans_to_raw_context(tcon, &rtcon)) {
+ freecon(rscon);
+ return -1;
+ }
+
+ ret = security_compute_relabel_raw(rscon, rtcon, tclass, &rnewcon);
+
+ freecon(rscon);
+ freecon(rtcon);
+ if (!ret) {
+ ret = selinux_raw_to_trans_context(rnewcon, newcon);
+ freecon(rnewcon);
+ }
+
+ return ret;
+}
diff --git a/libselinux/src/compute_user.c b/libselinux/src/compute_user.c
new file mode 100644
index 0000000..fa6f650
--- /dev/null
+++ b/libselinux/src/compute_user.c
@@ -0,0 +1,110 @@
+#include <unistd.h>
+#include <sys/types.h>
+#include <fcntl.h>
+#include <stdlib.h>
+#include <stdio.h>
+#include <errno.h>
+#include <string.h>
+#include "selinux_internal.h"
+#include "policy.h"
+#include <limits.h>
+
+int security_compute_user_raw(security_context_t scon,
+ const char *user, security_context_t ** con)
+{
+ char path[PATH_MAX];
+ char **ary;
+ char *buf, *ptr;
+ size_t size;
+ int fd, ret;
+ unsigned int i, nel;
+
+ if (!selinux_mnt) {
+ errno = ENOENT;
+ return -1;
+ }
+
+ snprintf(path, sizeof path, "%s/user", selinux_mnt);
+ fd = open(path, O_RDWR);
+ if (fd < 0)
+ return -1;
+
+ size = selinux_page_size;
+ buf = malloc(size);
+ if (!buf) {
+ ret = -1;
+ goto out;
+ }
+ snprintf(buf, size, "%s %s", scon, user);
+
+ ret = write(fd, buf, strlen(buf));
+ if (ret < 0)
+ goto out2;
+
+ memset(buf, 0, size);
+ ret = read(fd, buf, size - 1);
+ if (ret < 0)
+ goto out2;
+
+ if (sscanf(buf, "%u", &nel) != 1) {
+ ret = -1;
+ goto out2;
+ }
+
+ ary = malloc((nel + 1) * sizeof(char *));
+ if (!ary) {
+ ret = -1;
+ goto out2;
+ }
+
+ ptr = buf + strlen(buf) + 1;
+ for (i = 0; i < nel; i++) {
+ ary[i] = strdup(ptr);
+ if (!ary[i]) {
+ freeconary(ary);
+ ret = -1;
+ goto out2;
+ }
+ ptr += strlen(ptr) + 1;
+ }
+ ary[nel] = NULL;
+ *con = ary;
+ ret = 0;
+ out2:
+ free(buf);
+ out:
+ close(fd);
+ return ret;
+}
+
+hidden_def(security_compute_user_raw)
+
+int security_compute_user(security_context_t scon,
+ const char *user, security_context_t ** con)
+{
+ int ret;
+ security_context_t rscon = scon;
+
+ if (selinux_trans_to_raw_context(scon, &rscon))
+ return -1;
+
+ ret = security_compute_user_raw(rscon, user, con);
+
+ freecon(rscon);
+ if (!ret) {
+ security_context_t *ptr, tmpcon;
+ for (ptr = *con; *ptr; ptr++) {
+ if (selinux_raw_to_trans_context(*ptr, &tmpcon)) {
+ freeconary(*con);
+ *con = NULL;
+ return -1;
+ }
+ freecon(*ptr);
+ *ptr = tmpcon;
+ }
+ }
+
+ return ret;
+}
+
+hidden_def(security_compute_user)
diff --git a/libselinux/src/context.c b/libselinux/src/context.c
new file mode 100644
index 0000000..8164104
--- /dev/null
+++ b/libselinux/src/context.c
@@ -0,0 +1,193 @@
+#include "context_internal.h"
+#include <string.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <errno.h>
+
+#define COMP_USER 0
+#define COMP_ROLE 1
+#define COMP_TYPE 2
+#define COMP_RANGE 3
+
+typedef struct {
+ char *current_str; /* This is made up-to-date only when needed */
+ char *(component[4]);
+} context_private_t;
+
+/*
+ * Allocate a new context, initialized from str. There must be 3 or
+ * 4 colon-separated components and no whitespace in any component other
+ * than the MLS component.
+ */
+context_t context_new(const char *str)
+{
+ int i, count;
+ context_private_t *n =
+ (context_private_t *) malloc(sizeof(context_private_t));
+ context_t result = (context_t) malloc(sizeof(context_s_t));
+ const char *p, *tok;
+
+ if (result)
+ result->ptr = n;
+ else
+ free(n);
+ if (n == 0 || result == 0) {
+ goto err;
+ }
+ n->current_str = n->component[0] = n->component[1] = n->component[2] =
+ n->component[3] = 0;
+ for (i = count = 0, p = str; *p; p++) {
+ switch (*p) {
+ case ':':
+ count++;
+ break;
+ case '\n':
+ case '\t':
+ case '\r':
+ goto err; /* sanity check */
+ case ' ':
+ if (count < 3)
+ goto err; /* sanity check */
+ }
+ }
+ /*
+ * Could be anywhere from 2 - 5
+ * e.g user:role:type to user:role:type:sens1:cata-sens2:catb
+ */
+ if (count < 2 || count > 5) { /* might not have a range */
+ goto err;
+ }
+
+ n->component[3] = 0;
+ for (i = 0, tok = str; *tok; i++) {
+ if (i < 3)
+ for (p = tok; *p && *p != ':'; p++) { /* empty */
+ } else {
+ /* MLS range is one component */
+ for (p = tok; *p; p++) { /* empty */
+ }
+ }
+ n->component[i] = (char *)malloc(p - tok + 1);
+ if (n->component[i] == 0)
+ goto err;
+ strncpy(n->component[i], tok, p - tok);
+ n->component[i][p - tok] = '\0';
+ tok = *p ? p + 1 : p;
+ }
+ return result;
+ err:
+ context_free(result);
+ return 0;
+}
+
+hidden_def(context_new)
+
+static void conditional_free(char **v)
+{
+ if (*v) {
+ free(*v);
+ }
+ *v = 0;
+}
+
+/*
+ * free all storage used by a context. Safe to call with
+ * null pointer.
+ */
+void context_free(context_t context)
+{
+ context_private_t *n;
+ int i;
+ if (context) {
+ n = context->ptr;
+ if (n) {
+ conditional_free(&n->current_str);
+ for (i = 0; i < 4; i++) {
+ conditional_free(&n->component[i]);
+ }
+ free(n);
+ }
+ free(context);
+ }
+}
+
+hidden_def(context_free)
+
+/*
+ * Return a pointer to the string value of the context.
+ */
+char *context_str(context_t context)
+{
+ context_private_t *n = context->ptr;
+ int i;
+ size_t total = 0;
+ conditional_free(&n->current_str);
+ for (i = 0; i < 4; i++) {
+ if (n->component[i]) {
+ total += strlen(n->component[i]) + 1;
+ }
+ }
+ n->current_str = malloc(total);
+ if (n->current_str != 0) {
+ char *cp = n->current_str;
+
+ cp = stpcpy(cp, n->component[0]);
+ for (i = 1; i < 4; i++) {
+ if (n->component[i]) {
+ *cp++ = ':';
+ cp = stpcpy(cp, n->component[i]);
+ }
+ }
+ }
+ return n->current_str;
+}
+
+hidden_def(context_str)
+
+/* Returns nonzero iff failed */
+static int set_comp(context_private_t * n, int idx, const char *str)
+{
+ char *t = NULL;
+ const char *p;
+ if (str) {
+ t = (char *)malloc(strlen(str) + 1);
+ if (!t) {
+ return 1;
+ }
+ for (p = str; *p; p++) {
+ if (*p == '\t' || *p == '\n' || *p == '\r' ||
+ ((*p == ':' || *p == ' ') && idx != COMP_RANGE)) {
+ free(t);
+ errno = EINVAL;
+ return 1;
+ }
+ }
+ strcpy(t, str);
+ }
+ conditional_free(&n->component[idx]);
+ n->component[idx] = t;
+ return 0;
+}
+
+#define def_get(name,tag) \
+const char * context_ ## name ## _get(context_t context) \
+{ \
+ context_private_t *n = context->ptr; \
+ return n->component[tag]; \
+} \
+hidden_def(context_ ## name ## _get)
+
+def_get(type, COMP_TYPE)
+ def_get(user, COMP_USER)
+ def_get(range, COMP_RANGE)
+ def_get(role, COMP_ROLE)
+#define def_set(name,tag) \
+int context_ ## name ## _set(context_t context, const char* str) \
+{ \
+ return set_comp(context->ptr,tag,str);\
+} \
+hidden_def(context_ ## name ## _set)
+ def_set(type, COMP_TYPE)
+ def_set(role, COMP_ROLE)
+ def_set(user, COMP_USER)
+ def_set(range, COMP_RANGE)
diff --git a/libselinux/src/context_internal.h b/libselinux/src/context_internal.h
new file mode 100644
index 0000000..3c71e80
--- /dev/null
+++ b/libselinux/src/context_internal.h
@@ -0,0 +1,14 @@
+#include <selinux/context.h>
+#include "dso.h"
+
+hidden_proto(context_new)
+ hidden_proto(context_free)
+ hidden_proto(context_str)
+ hidden_proto(context_type_set)
+ hidden_proto(context_type_get)
+ hidden_proto(context_role_set)
+ hidden_proto(context_role_get)
+ hidden_proto(context_user_set)
+ hidden_proto(context_user_get)
+ hidden_proto(context_range_set)
+ hidden_proto(context_range_get)
diff --git a/libselinux/src/disable.c b/libselinux/src/disable.c
new file mode 100644
index 0000000..dac0f5b
--- /dev/null
+++ b/libselinux/src/disable.c
@@ -0,0 +1,38 @@
+#include <unistd.h>
+#include <sys/types.h>
+#include <fcntl.h>
+#include <stdlib.h>
+#include <errno.h>
+#include <string.h>
+#include "selinux_internal.h"
+#include "policy.h"
+#include <stdio.h>
+#include <limits.h>
+
+int security_disable(void)
+{
+ int fd, ret;
+ char path[PATH_MAX];
+ char buf[20];
+
+ if (!selinux_mnt) {
+ errno = ENOENT;
+ return -1;
+ }
+
+ snprintf(path, sizeof path, "%s/disable", selinux_mnt);
+ fd = open(path, O_WRONLY);
+ if (fd < 0)
+ return -1;
+
+ buf[0] = '1';
+ buf[1] = '\0';
+ ret = write(fd, buf, strlen(buf));
+ close(fd);
+ if (ret < 0)
+ return -1;
+
+ return 0;
+}
+
+hidden_def(security_disable)
diff --git a/libselinux/src/dso.h b/libselinux/src/dso.h
new file mode 100644
index 0000000..12c3d11
--- /dev/null
+++ b/libselinux/src/dso.h
@@ -0,0 +1,23 @@
+#ifndef _SELINUX_DSO_H
+#define _SELINUX_DSO_H 1
+
+#ifdef SHARED
+# define hidden __attribute__ ((visibility ("hidden")))
+# define hidden_proto(fct) __hidden_proto (fct, fct##_internal)
+# define __hidden_proto(fct, internal) \
+ extern __typeof (fct) internal; \
+ extern __typeof (fct) fct __asm (#internal) hidden;
+# if defined(__alpha__) || defined(__mips__)
+# define hidden_def(fct) \
+ asm (".globl " #fct "\n" #fct " = " #fct "_internal");
+# else
+# define hidden_def(fct) \
+ asm (".globl " #fct "\n.set " #fct ", " #fct "_internal");
+#endif
+#else
+# define hidden
+# define hidden_proto(fct)
+# define hidden_def(fct)
+#endif
+
+#endif
diff --git a/libselinux/src/enabled.c b/libselinux/src/enabled.c
new file mode 100644
index 0000000..b3c8c47
--- /dev/null
+++ b/libselinux/src/enabled.c
@@ -0,0 +1,104 @@
+#include <unistd.h>
+#include <fcntl.h>
+#include <string.h>
+#include "selinux_internal.h"
+#include <stdlib.h>
+#include <errno.h>
+#include <limits.h>
+#include <stdio.h>
+#include <stdio_ext.h>
+#include "policy.h"
+
+int is_selinux_enabled(void)
+{
+ char *buf=NULL;
+ FILE *fp;
+ ssize_t num;
+ size_t len;
+ int enabled = 0;
+ security_context_t con;
+
+ /* init_selinuxmnt() gets called before this function. We
+ * will assume that if a selinux file system is mounted, then
+ * selinux is enabled. */
+ if (selinux_mnt) {
+
+ /* Since a file system is mounted, we consider selinux
+ * enabled. If getcon_raw fails, selinux is still enabled.
+ * We only consider it disabled if no policy is loaded. */
+ enabled = 1;
+ if (getcon_raw(&con) == 0) {
+ if (!strcmp(con, "kernel"))
+ enabled = 0;
+ freecon(con);
+ }
+ return enabled;
+ }
+
+ /* Drop back to detecting it the long way. */
+ fp = fopen("/proc/filesystems", "r");
+ if (!fp)
+ return -1;
+
+ __fsetlocking(fp, FSETLOCKING_BYCALLER);
+ while ((num = getline(&buf, &len, fp)) != -1) {
+ if (strstr(buf, "selinuxfs")) {
+ enabled = 1;
+ break;
+ }
+ }
+
+ if (num < 0)
+ goto out;
+
+ /* Since an selinux file system is available, we consider
+ * selinux enabled. If getcon_raw fails, selinux is still
+ * enabled. We only consider it disabled if no policy is loaded. */
+ if (getcon_raw(&con) == 0) {
+ if (!strcmp(con, "kernel"))
+ enabled = 0;
+ freecon(con);
+ }
+
+ out:
+ free(buf);
+ fclose(fp);
+ return enabled;
+}
+
+hidden_def(is_selinux_enabled)
+
+/*
+ * Function: is_selinux_mls_enabled()
+ * Return: 1 on success
+ * 0 on failure
+ */
+int is_selinux_mls_enabled(void)
+{
+ char buf[20], path[PATH_MAX];
+ int fd, ret, enabled = 0;
+
+ if (!selinux_mnt)
+ return enabled;
+
+ snprintf(path, sizeof path, "%s/mls", selinux_mnt);
+ fd = open(path, O_RDONLY);
+ if (fd < 0)
+ return enabled;
+
+ memset(buf, 0, sizeof buf);
+
+ do {
+ ret = read(fd, buf, sizeof buf - 1);
+ } while (ret < 0 && errno == EINTR);
+ close(fd);
+ if (ret < 0)
+ return enabled;
+
+ if (!strcmp(buf, "1"))
+ enabled = 1;
+
+ return enabled;
+}
+
+hidden_def(is_selinux_mls_enabled)
diff --git a/libselinux/src/fgetfilecon.c b/libselinux/src/fgetfilecon.c
new file mode 100644
index 0000000..c88d515
--- /dev/null
+++ b/libselinux/src/fgetfilecon.c
@@ -0,0 +1,72 @@
+#include <unistd.h>
+#include <fcntl.h>
+#include <string.h>
+#include <stdlib.h>
+#include <errno.h>
+#include <sys/xattr.h>
+#include "selinux_internal.h"
+#include "policy.h"
+
+int fgetfilecon_raw(int fd, security_context_t * context)
+{
+ char *buf;
+ ssize_t size;
+ ssize_t ret;
+
+ size = INITCONTEXTLEN + 1;
+ buf = malloc(size);
+ if (!buf)
+ return -1;
+ memset(buf, 0, size);
+
+ ret = fgetxattr(fd, XATTR_NAME_SELINUX, buf, size - 1);
+ if (ret < 0 && errno == ERANGE) {
+ char *newbuf;
+
+ size = fgetxattr(fd, XATTR_NAME_SELINUX, NULL, 0);
+ if (size < 0)
+ goto out;
+
+ size++;
+ newbuf = realloc(buf, size);
+ if (!newbuf)
+ goto out;
+
+ buf = newbuf;
+ memset(buf, 0, size);
+ ret = fgetxattr(fd, XATTR_NAME_SELINUX, buf, size - 1);
+ }
+ out:
+ if (ret == 0) {
+ /* Re-map empty attribute values to errors. */
+ errno = EOPNOTSUPP;
+ ret = -1;
+ }
+ if (ret < 0)
+ free(buf);
+ else
+ *context = buf;
+ return ret;
+}
+
+hidden_def(fgetfilecon_raw)
+
+int fgetfilecon(int fd, security_context_t * context)
+{
+ security_context_t rcontext;
+ int ret;
+
+ *context = NULL;
+
+ ret = fgetfilecon_raw(fd, &rcontext);
+
+ if (ret > 0) {
+ ret = selinux_raw_to_trans_context(rcontext, context);
+ freecon(rcontext);
+ }
+
+ if (ret >= 0 && *context)
+ return strlen(*context) + 1;
+
+ return ret;
+}
diff --git a/libselinux/src/file_path_suffixes.h b/libselinux/src/file_path_suffixes.h
new file mode 100644
index 0000000..bea5c40
--- /dev/null
+++ b/libselinux/src/file_path_suffixes.h
@@ -0,0 +1,21 @@
+/* File name suffixes. */
+S_(BINPOLICY, "/policy/policy")
+ S_(CONTEXTS_DIR, "/contexts")
+ S_(FILE_CONTEXTS, "/contexts/files/file_contexts")
+ S_(HOMEDIR_CONTEXTS, "/contexts/files/homedir_template")
+ S_(DEFAULT_CONTEXTS, "/contexts/default_contexts")
+ S_(USER_CONTEXTS, "/contexts/users/")
+ S_(FAILSAFE_CONTEXT, "/contexts/failsafe_context")
+ S_(DEFAULT_TYPE, "/contexts/default_type")
+ S_(SECURETTY_TYPES, "/contexts/securetty_types")
+ S_(BOOLEANS, "/booleans")
+ S_(MEDIA_CONTEXTS, "/contexts/files/media")
+ S_(REMOVABLE_CONTEXT, "/contexts/removable_context")
+ S_(CUSTOMIZABLE_TYPES, "/contexts/customizable_types")
+ S_(USERS_DIR, "/users/")
+ S_(SEUSERS, "/seusers")
+ S_(TRANSLATIONS, "/setrans.conf")
+ S_(NETFILTER_CONTEXTS, "/contexts/netfilter_contexts")
+ S_(FILE_CONTEXTS_HOMEDIR, "/contexts/files/file_contexts.homedirs")
+ S_(FILE_CONTEXTS_LOCAL, "/contexts/files/file_contexts.local")
+ S_(X_CONTEXTS, "/contexts/x_contexts")
diff --git a/libselinux/src/freecon.c b/libselinux/src/freecon.c
new file mode 100644
index 0000000..3ec4fe2
--- /dev/null
+++ b/libselinux/src/freecon.c
@@ -0,0 +1,11 @@
+#include <unistd.h>
+#include "selinux_internal.h"
+#include <stdlib.h>
+#include <errno.h>
+
+void freecon(security_context_t con)
+{
+ free(con);
+}
+
+hidden_def(freecon)
diff --git a/libselinux/src/freeconary.c b/libselinux/src/freeconary.c
new file mode 100644
index 0000000..835f5bc
--- /dev/null
+++ b/libselinux/src/freeconary.c
@@ -0,0 +1,19 @@
+#include <unistd.h>
+#include "selinux_internal.h"
+#include <stdlib.h>
+#include <errno.h>
+
+void freeconary(security_context_t * con)
+{
+ char **ptr;
+
+ if (!con)
+ return;
+
+ for (ptr = con; *ptr; ptr++) {
+ free(*ptr);
+ }
+ free(con);
+}
+
+hidden_def(freeconary)
diff --git a/libselinux/src/fsetfilecon.c b/libselinux/src/fsetfilecon.c
new file mode 100644
index 0000000..6cad4d7
--- /dev/null
+++ b/libselinux/src/fsetfilecon.c
@@ -0,0 +1,31 @@
+#include <unistd.h>
+#include <fcntl.h>
+#include <string.h>
+#include <stdlib.h>
+#include <errno.h>
+#include <sys/xattr.h>
+#include "selinux_internal.h"
+#include "policy.h"
+
+int fsetfilecon_raw(int fd, security_context_t context)
+{
+ return fsetxattr(fd, XATTR_NAME_SELINUX, context, strlen(context) + 1,
+ 0);
+}
+
+hidden_def(fsetfilecon_raw)
+
+int fsetfilecon(int fd, security_context_t context)
+{
+ int ret;
+ security_context_t rcontext = context;
+
+ if (selinux_trans_to_raw_context(context, &rcontext))
+ return -1;
+
+ ret = fsetfilecon_raw(fd, rcontext);
+
+ freecon(rcontext);
+
+ return ret;
+}
diff --git a/libselinux/src/get_context_list.c b/libselinux/src/get_context_list.c
new file mode 100644
index 0000000..a50fca8
--- /dev/null
+++ b/libselinux/src/get_context_list.c
@@ -0,0 +1,541 @@
+#include <unistd.h>
+#include <errno.h>
+#include <stdio.h>
+#include <stdio_ext.h>
+#include <stdlib.h>
+#include <string.h>
+#include <ctype.h>
+#include <pwd.h>
+#include "selinux_internal.h"
+#include "context_internal.h"
+#include "get_context_list_internal.h"
+
+int get_default_context_with_role(const char *user,
+ const char *role,
+ security_context_t fromcon,
+ security_context_t * newcon)
+{
+ security_context_t *conary;
+ char **ptr;
+ context_t con;
+ const char *role2;
+ int rc;
+
+ rc = get_ordered_context_list(user, fromcon, &conary);
+ if (rc <= 0)
+ return -1;
+
+ for (ptr = conary; *ptr; ptr++) {
+ con = context_new(*ptr);
+ if (!con)
+ continue;
+ role2 = context_role_get(con);
+ if (role2 && !strcmp(role, role2)) {
+ context_free(con);
+ break;
+ }
+ context_free(con);
+ }
+
+ rc = -1;
+ if (!(*ptr))
+ goto out;
+ *newcon = strdup(*ptr);
+ if (!(*newcon))
+ goto out;
+ rc = 0;
+ out:
+ freeconary(conary);
+ return rc;
+}
+
+hidden_def(get_default_context_with_role)
+
+int get_default_context_with_rolelevel(const char *user,
+ const char *role,
+ const char *level,
+ security_context_t fromcon,
+ security_context_t * newcon)
+{
+
+ int rc = 0;
+ int freefrom = 0;
+ context_t con;
+ char *newfromcon;
+ if (!level)
+ return get_default_context_with_role(user, role, fromcon,
+ newcon);
+
+ if (!fromcon) {
+ rc = getcon(&fromcon);
+ if (rc < 0)
+ return rc;
+ freefrom = 1;
+ }
+
+ rc = -1;
+ con = context_new(fromcon);
+ if (!con)
+ goto out;
+
+ if (context_range_set(con, level))
+ goto out;
+
+ newfromcon = context_str(con);
+ if (!newfromcon)
+ goto out;
+
+ rc = get_default_context_with_role(user, role, newfromcon, newcon);
+
+ out:
+ context_free(con);
+ if (freefrom)
+ freecon(fromcon);
+ return rc;
+
+}
+
+int get_default_context(const char *user,
+ security_context_t fromcon, security_context_t * newcon)
+{
+ security_context_t *conary;
+ int rc;
+
+ rc = get_ordered_context_list(user, fromcon, &conary);
+ if (rc <= 0)
+ return -1;
+
+ *newcon = strdup(conary[0]);
+ freeconary(conary);
+ if (!(*newcon))
+ return -1;
+ return 0;
+}
+
+static int find_partialcon(security_context_t * list,
+ unsigned int nreach, char *part)
+{
+ const char *conrole, *contype;
+ char *partrole, *parttype, *ptr;
+ context_t con;
+ unsigned int i;
+
+ partrole = part;
+ ptr = part;
+ while (*ptr && !isspace(*ptr) && *ptr != ':')
+ ptr++;
+ if (*ptr != ':')
+ return -1;
+ *ptr++ = 0;
+ parttype = ptr;
+ while (*ptr && !isspace(*ptr) && *ptr != ':')
+ ptr++;
+ *ptr = 0;
+
+ for (i = 0; i < nreach; i++) {
+ con = context_new(list[i]);
+ if (!con)
+ return -1;
+ conrole = context_role_get(con);
+ contype = context_type_get(con);
+ if (!conrole || !contype) {
+ context_free(con);
+ return -1;
+ }
+ if (!strcmp(conrole, partrole) && !strcmp(contype, parttype)) {
+ context_free(con);
+ return i;
+ }
+ context_free(con);
+ }
+
+ return -1;
+}
+
+static int get_context_order(FILE * fp,
+ security_context_t fromcon,
+ security_context_t * reachable,
+ unsigned int nreach,
+ unsigned int *ordering, unsigned int *nordered)
+{
+ char *start, *end = NULL;
+ char *line = NULL;
+ size_t line_len = 0;
+ ssize_t len;
+ int found = 0;
+ const char *fromrole, *fromtype;
+ char *linerole, *linetype;
+ unsigned int i;
+ context_t con;
+ int rc;
+
+ errno = -EINVAL;
+
+ /* Extract the role and type of the fromcon for matching.
+ User identity and MLS range can be variable. */
+ con = context_new(fromcon);
+ if (!con)
+ return -1;
+ fromrole = context_role_get(con);
+ fromtype = context_type_get(con);
+ if (!fromrole || !fromtype) {
+ context_free(con);
+ return -1;
+ }
+
+ while ((len = getline(&line, &line_len, fp)) > 0) {
+ if (line[len - 1] == '\n')
+ line[len - 1] = 0;
+
+ /* Skip leading whitespace. */
+ start = line;
+ while (*start && isspace(*start))
+ start++;
+ if (!(*start))
+ continue;
+
+ /* Find the end of the (partial) fromcon in the line. */
+ end = start;
+ while (*end && !isspace(*end))
+ end++;
+ if (!(*end))
+ continue;
+
+ /* Check for a match. */
+ linerole = start;
+ while (*start && !isspace(*start) && *start != ':')
+ start++;
+ if (*start != ':')
+ continue;
+ *start = 0;
+ linetype = ++start;
+ while (*start && !isspace(*start) && *start != ':')
+ start++;
+ if (!(*start))
+ continue;
+ *start = 0;
+ if (!strcmp(fromrole, linerole) && !strcmp(fromtype, linetype)) {
+ found = 1;
+ break;
+ }
+ }
+
+ if (!found) {
+ errno = ENOENT;
+ rc = -1;
+ goto out;
+ }
+
+ start = ++end;
+ while (*start) {
+ /* Skip leading whitespace */
+ while (*start && isspace(*start))
+ start++;
+ if (!(*start))
+ break;
+
+ /* Find the end of this partial context. */
+ end = start;
+ while (*end && !isspace(*end))
+ end++;
+ if (*end)
+ *end++ = 0;
+
+ /* Check for a match in the reachable list. */
+ rc = find_partialcon(reachable, nreach, start);
+ if (rc < 0) {
+ /* No match, skip it. */
+ start = end;
+ continue;
+ }
+
+ /* If a match is found and the entry is not already ordered
+ (e.g. due to prior match in prior config file), then set
+ the ordering for it. */
+ i = rc;
+ if (ordering[i] == nreach)
+ ordering[i] = (*nordered)++;
+ start = end;
+ }
+
+ rc = 0;
+
+ out:
+ context_free(con);
+ free(line);
+ return rc;
+}
+
+static int get_failsafe_context(const char *user, security_context_t * newcon)
+{
+ FILE *fp;
+ char buf[255], *ptr;
+ size_t plen, nlen;
+ int rc;
+
+ fp = fopen(selinux_failsafe_context_path(), "r");
+ if (!fp)
+ return -1;
+
+ ptr = fgets_unlocked(buf, sizeof buf, fp);
+ fclose(fp);
+
+ if (!ptr)
+ return -1;
+ plen = strlen(ptr);
+ if (buf[plen - 1] == '\n')
+ buf[plen - 1] = 0;
+
+ retry:
+ nlen = strlen(user) + 1 + plen + 1;
+ *newcon = malloc(nlen);
+ if (!(*newcon))
+ return -1;
+ rc = snprintf(*newcon, nlen, "%s:%s", user, ptr);
+ if (rc < 0 || (size_t) rc >= nlen) {
+ free(*newcon);
+ *newcon = 0;
+ return -1;
+ }
+
+ /* If possible, check the context to catch
+ errors early rather than waiting until the
+ caller tries to use setexeccon on the context.
+ But this may not always be possible, e.g. if
+ selinuxfs isn't mounted. */
+ if (security_check_context(*newcon) && errno != ENOENT) {
+ free(*newcon);
+ *newcon = 0;
+ if (strcmp(user, SELINUX_DEFAULTUSER)) {
+ user = SELINUX_DEFAULTUSER;
+ goto retry;
+ }
+ return -1;
+ }
+
+ return 0;
+}
+
+struct context_order {
+ security_context_t con;
+ unsigned int order;
+};
+
+static int order_compare(const void *A, const void *B)
+{
+ const struct context_order *c1 = A, *c2 = B;
+ if (c1->order < c2->order)
+ return -1;
+ else if (c1->order > c2->order)
+ return 1;
+ return strcmp(c1->con, c2->con);
+}
+
+int get_ordered_context_list_with_level(const char *user,
+ const char *level,
+ security_context_t fromcon,
+ security_context_t ** list)
+{
+ int rc;
+ int freefrom = 0;
+ context_t con;
+ char *newfromcon;
+
+ if (!level)
+ return get_ordered_context_list(user, fromcon, list);
+
+ if (!fromcon) {
+ rc = getcon(&fromcon);
+ if (rc < 0)
+ return rc;
+ freefrom = 1;
+ }
+
+ rc = -1;
+ con = context_new(fromcon);
+ if (!con)
+ goto out;
+
+ if (context_range_set(con, level))
+ goto out;
+
+ newfromcon = context_str(con);
+ if (!newfromcon)
+ goto out;
+
+ rc = get_ordered_context_list(user, newfromcon, list);
+
+ out:
+ context_free(con);
+ if (freefrom)
+ freecon(fromcon);
+ return rc;
+}
+
+hidden_def(get_ordered_context_list_with_level)
+
+int get_default_context_with_level(const char *user,
+ const char *level,
+ security_context_t fromcon,
+ security_context_t * newcon)
+{
+ security_context_t *conary;
+ int rc;
+
+ rc = get_ordered_context_list_with_level(user, level, fromcon, &conary);
+ if (rc <= 0)
+ return -1;
+
+ *newcon = strdup(conary[0]);
+ freeconary(conary);
+ if (!(*newcon))
+ return -1;
+ return 0;
+}
+
+int get_ordered_context_list(const char *user,
+ security_context_t fromcon,
+ security_context_t ** list)
+{
+ security_context_t *reachable = NULL;
+ unsigned int *ordering = NULL;
+ struct context_order *co = NULL;
+ char **ptr;
+ int rc = 0;
+ unsigned int nreach = 0, nordered = 0, freefrom = 0, i;
+ FILE *fp;
+ char *fname = NULL;
+ size_t fname_len;
+ const char *user_contexts_path = selinux_user_contexts_path();
+
+ if (!fromcon) {
+ /* Get the current context and use it for the starting context */
+ rc = getcon(&fromcon);
+ if (rc < 0)
+ return rc;
+ freefrom = 1;
+ }
+
+ /* Determine the set of reachable contexts for the user. */
+ rc = security_compute_user(fromcon, user, &reachable);
+ if (rc < 0) {
+ /* Retry with the default SELinux user identity. */
+ user = SELINUX_DEFAULTUSER;
+ rc = security_compute_user(fromcon, user, &reachable);
+ if (rc < 0)
+ goto failsafe;
+ }
+ nreach = 0;
+ for (ptr = reachable; *ptr; ptr++)
+ nreach++;
+ if (!nreach)
+ goto failsafe;
+
+ /* Initialize ordering array. */
+ ordering = malloc(nreach * sizeof(unsigned int));
+ if (!ordering)
+ goto oom_order;
+ for (i = 0; i < nreach; i++)
+ ordering[i] = nreach;
+
+ /* Determine the ordering to apply from the optional per-user config
+ and from the global config. */
+ fname_len = strlen(user_contexts_path) + strlen(user) + 2;
+ fname = malloc(fname_len);
+ if (!fname)
+ goto oom_order;
+ snprintf(fname, fname_len, "%s%s", user_contexts_path, user);
+ fp = fopen(fname, "r");
+ if (fp) {
+ __fsetlocking(fp, FSETLOCKING_BYCALLER);
+ rc = get_context_order(fp, fromcon, reachable, nreach, ordering,
+ &nordered);
+ fclose(fp);
+ if (rc < 0 && errno != ENOENT) {
+ fprintf(stderr,
+ "%s: error in processing configuration file %s\n",
+ __FUNCTION__, fname);
+ /* Fall through, try global config */
+ }
+ }
+ free(fname);
+ fp = fopen(selinux_default_context_path(), "r");
+ if (fp) {
+ __fsetlocking(fp, FSETLOCKING_BYCALLER);
+ rc = get_context_order(fp, fromcon, reachable, nreach, ordering,
+ &nordered);
+ fclose(fp);
+ if (rc < 0 && errno != ENOENT) {
+ fprintf(stderr,
+ "%s: error in processing configuration file %s\n",
+ __FUNCTION__, selinux_default_context_path());
+ /* Fall through */
+ }
+ }
+
+ /* Apply the ordering. */
+ if (nordered) {
+ co = malloc(nreach * sizeof(struct context_order));
+ if (!co)
+ goto oom_order;
+ for (i = 0; i < nreach; i++) {
+ co[i].con = reachable[i];
+ co[i].order = ordering[i];
+ }
+ qsort(co, nreach, sizeof(struct context_order), order_compare);
+ for (i = 0; i < nreach; i++)
+ reachable[i] = co[i].con;
+ free(co);
+ }
+
+ /* Return the ordered list.
+ If we successfully ordered it, then only report the ordered entries
+ to the caller. Otherwise, fall back to the entire reachable list. */
+ if (nordered && nordered < nreach) {
+ for (i = nordered; i < nreach; i++)
+ free(reachable[i]);
+ reachable[nordered] = NULL;
+ rc = nordered;
+ } else {
+ rc = nreach;
+ }
+
+ out:
+ *list = reachable;
+
+ free(ordering);
+ if (freefrom)
+ freecon(fromcon);
+
+ return rc;
+
+ failsafe:
+ /* Unable to determine a reachable context list, try to fall back to
+ the "failsafe" context to at least permit root login
+ for emergency recovery if possible. */
+ freeconary(reachable);
+ reachable = malloc(2 * sizeof(security_context_t));
+ if (!reachable) {
+ rc = -1;
+ goto out;
+ }
+ reachable[0] = reachable[1] = 0;
+ rc = get_failsafe_context(user, &reachable[0]);
+ if (rc < 0) {
+ freeconary(reachable);
+ reachable = NULL;
+ goto out;
+ }
+ rc = 1; /* one context in the list */
+ goto out;
+
+ oom_order:
+ /* Unable to order context list due to OOM condition.
+ Fall back to unordered reachable context list. */
+ fprintf(stderr, "%s: out of memory, unable to order list\n",
+ __FUNCTION__);
+ rc = nreach;
+ goto out;
+}
+
+hidden_def(get_ordered_context_list)
diff --git a/libselinux/src/get_context_list_internal.h b/libselinux/src/get_context_list_internal.h
new file mode 100644
index 0000000..c224834
--- /dev/null
+++ b/libselinux/src/get_context_list_internal.h
@@ -0,0 +1,6 @@
+#include <selinux/get_context_list.h>
+#include "dso.h"
+
+hidden_proto(get_ordered_context_list)
+ hidden_proto(get_ordered_context_list_with_level)
+ hidden_proto(get_default_context_with_role)
diff --git a/libselinux/src/get_default_type.c b/libselinux/src/get_default_type.c
new file mode 100644
index 0000000..6fd1681
--- /dev/null
+++ b/libselinux/src/get_default_type.c
@@ -0,0 +1,65 @@
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <ctype.h>
+#include "get_default_type_internal.h"
+
+static int find_default_type(FILE * fp, const char *role, char **type);
+
+int get_default_type(const char *role, char **type)
+{
+ FILE *fp = NULL;
+
+ fp = fopen(selinux_default_type_path(), "r");
+ if (!fp)
+ return -1;
+
+ if (find_default_type(fp, role, type) < 0) {
+ fclose(fp);
+ return -1;
+ }
+
+ fclose(fp);
+ return 0;
+}
+
+static int find_default_type(FILE * fp, const char *role, char **type)
+{
+ char buf[250];
+ char *ptr = "", *end, *t;
+ size_t len;
+ int found = 0;
+
+ len = strlen(role);
+ while (!feof_unlocked(fp)) {
+ if (!fgets_unlocked(buf, sizeof buf, fp))
+ return -1;
+ if (buf[strlen(buf) - 1])
+ buf[strlen(buf) - 1] = 0;
+
+ ptr = buf;
+ while (*ptr && isspace(*ptr))
+ ptr++;
+ if (!(*ptr))
+ continue;
+
+ if (!strncmp(role, ptr, len)) {
+ end = ptr + len;
+ if (*end == ':') {
+ found = 1;
+ ptr = ++end;
+ break;
+ }
+ }
+ }
+
+ if (!found)
+ return -1;
+
+ t = malloc(strlen(buf) - len);
+ if (!t)
+ return -1;
+ strcpy(t, ptr);
+ *type = t;
+ return 0;
+}
diff --git a/libselinux/src/get_default_type_internal.h b/libselinux/src/get_default_type_internal.h
new file mode 100644
index 0000000..0da3c51
--- /dev/null
+++ b/libselinux/src/get_default_type_internal.h
@@ -0,0 +1,4 @@
+#include <selinux/get_default_type.h>
+#include "dso.h"
+
+hidden_proto(selinux_default_type_path)
diff --git a/libselinux/src/get_initial_context.c b/libselinux/src/get_initial_context.c
new file mode 100644
index 0000000..1676435
--- /dev/null
+++ b/libselinux/src/get_initial_context.c
@@ -0,0 +1,72 @@
+#include <unistd.h>
+#include <sys/types.h>
+#include <fcntl.h>
+#include <stdlib.h>
+#include <stdio.h>
+#include <errno.h>
+#include <string.h>
+#include "selinux_internal.h"
+#include "policy.h"
+#include <limits.h>
+
+#define SELINUX_INITCON_DIR "/initial_contexts/"
+
+int security_get_initial_context_raw(const char * name, security_context_t * con)
+{
+ char path[PATH_MAX];
+ char *buf;
+ size_t size;
+ int fd, ret;
+
+ if (!selinux_mnt) {
+ errno = ENOENT;
+ return -1;
+ }
+
+ snprintf(path, sizeof path, "%s%s%s",
+ selinux_mnt, SELINUX_INITCON_DIR, name);
+ fd = open(path, O_RDONLY);
+ if (fd < 0)
+ return -1;
+
+ size = selinux_page_size;
+ buf = malloc(size);
+ if (!buf) {
+ ret = -1;
+ goto out;
+ }
+ memset(buf, 0, size);
+ ret = read(fd, buf, size - 1);
+ if (ret < 0)
+ goto out2;
+
+ *con = strdup(buf);
+ if (!(*con)) {
+ ret = -1;
+ goto out2;
+ }
+ ret = 0;
+ out2:
+ free(buf);
+ out:
+ close(fd);
+ return ret;
+}
+
+hidden_def(security_get_initial_context_raw)
+
+int security_get_initial_context(const char * name, security_context_t * con)
+{
+ int ret;
+ security_context_t rcon;
+
+ ret = security_get_initial_context_raw(name, &rcon);
+ if (!ret) {
+ ret = selinux_raw_to_trans_context(rcon, con);
+ freecon(rcon);
+ }
+
+ return ret;
+}
+
+hidden_def(security_get_initial_context)
diff --git a/libselinux/src/getenforce.c b/libselinux/src/getenforce.c
new file mode 100644
index 0000000..4fb516a
--- /dev/null
+++ b/libselinux/src/getenforce.c
@@ -0,0 +1,40 @@
+#include <unistd.h>
+#include <sys/types.h>
+#include <fcntl.h>
+#include <stdlib.h>
+#include <errno.h>
+#include <string.h>
+#include "selinux_internal.h"
+#include "policy.h"
+#include <stdio.h>
+#include <limits.h>
+
+int security_getenforce(void)
+{
+ int fd, ret, enforce = 0;
+ char path[PATH_MAX];
+ char buf[20];
+
+ if (!selinux_mnt) {
+ errno = ENOENT;
+ return -1;
+ }
+
+ snprintf(path, sizeof path, "%s/enforce", selinux_mnt);
+ fd = open(path, O_RDONLY);
+ if (fd < 0)
+ return -1;
+
+ memset(buf, 0, sizeof buf);
+ ret = read(fd, buf, sizeof buf - 1);
+ close(fd);
+ if (ret < 0)
+ return -1;
+
+ if (sscanf(buf, "%d", &enforce) != 1)
+ return -1;
+
+ return enforce;
+}
+
+hidden_def(security_getenforce)
diff --git a/libselinux/src/getfilecon.c b/libselinux/src/getfilecon.c
new file mode 100644
index 0000000..67e4463
--- /dev/null
+++ b/libselinux/src/getfilecon.c
@@ -0,0 +1,73 @@
+#include <unistd.h>
+#include <fcntl.h>
+#include <string.h>
+#include "selinux_internal.h"
+#include <stdlib.h>
+#include <errno.h>
+#include <sys/xattr.h>
+#include "policy.h"
+
+int getfilecon_raw(const char *path, security_context_t * context)
+{
+ char *buf;
+ ssize_t size;
+ ssize_t ret;
+
+ size = INITCONTEXTLEN + 1;
+ buf = malloc(size);
+ if (!buf)
+ return -1;
+ memset(buf, 0, size);
+
+ ret = getxattr(path, XATTR_NAME_SELINUX, buf, size - 1);
+ if (ret < 0 && errno == ERANGE) {
+ char *newbuf;
+
+ size = getxattr(path, XATTR_NAME_SELINUX, NULL, 0);
+ if (size < 0)
+ goto out;
+
+ size++;
+ newbuf = realloc(buf, size);
+ if (!newbuf)
+ goto out;
+
+ buf = newbuf;
+ memset(buf, 0, size);
+ ret = getxattr(path, XATTR_NAME_SELINUX, buf, size - 1);
+ }
+ out:
+ if (ret == 0) {
+ /* Re-map empty attribute values to errors. */
+ errno = EOPNOTSUPP;
+ ret = -1;
+ }
+ if (ret < 0)
+ free(buf);
+ else
+ *context = buf;
+ return ret;
+}
+
+hidden_def(getfilecon_raw)
+
+int getfilecon(const char *path, security_context_t * context)
+{
+ int ret;
+ security_context_t rcontext;
+
+ *context = NULL;
+
+ ret = getfilecon_raw(path, &rcontext);
+
+ if (ret > 0) {
+ ret = selinux_raw_to_trans_context(rcontext, context);
+ freecon(rcontext);
+ }
+ if (ret >= 0 && *context)
+ return strlen(*context) + 1;
+
+ return ret;
+}
+
+hidden_def(getfilecon)
diff --git a/libselinux/src/getpeercon.c b/libselinux/src/getpeercon.c
new file mode 100644
index 0000000..5c01ed5
--- /dev/null
+++ b/libselinux/src/getpeercon.c
@@ -0,0 +1,61 @@
+#include <unistd.h>
+#include <fcntl.h>
+#include <string.h>
+#include <stdlib.h>
+#include <errno.h>
+#include <sys/socket.h>
+#include "selinux_internal.h"
+#include "policy.h"
+
+#ifndef SO_PEERSEC
+#define SO_PEERSEC 31
+#endif
+
+int getpeercon_raw(int fd, security_context_t * context)
+{
+ char *buf;
+ socklen_t size;
+ ssize_t ret;
+
+ size = INITCONTEXTLEN + 1;
+ buf = malloc(size);
+ if (!buf)
+ return -1;
+ memset(buf, 0, size);
+
+ ret = getsockopt(fd, SOL_SOCKET, SO_PEERSEC, buf, &size);
+ if (ret < 0 && errno == ERANGE) {
+ char *newbuf;
+
+ newbuf = realloc(buf, size);
+ if (!newbuf)
+ goto out;
+
+ buf = newbuf;
+ memset(buf, 0, size);
+ ret = getsockopt(fd, SOL_SOCKET, SO_PEERSEC, buf, &size);
+ }
+ out:
+ if (ret < 0)
+ free(buf);
+ else
+ *context = buf;
+ return ret;
+}
+
+hidden_def(getpeercon_raw)
+
+int getpeercon(int fd, security_context_t * context)
+{
+ int ret;
+ security_context_t rcontext;
+
+ ret = getpeercon_raw(fd, &rcontext);
+
+ if (!ret) {
+ ret = selinux_raw_to_trans_context(rcontext, context);
+ freecon(rcontext);
+ }
+
+ return ret;
+}
diff --git a/libselinux/src/init.c b/libselinux/src/init.c
new file mode 100644
index 0000000..9cdbb06
--- /dev/null
+++ b/libselinux/src/init.c
@@ -0,0 +1,128 @@
+#include <unistd.h>
+#include <fcntl.h>
+#include <string.h>
+#include <stdlib.h>
+#include <errno.h>
+#include <ctype.h>
+#include <stdio.h>
+#include <stdio_ext.h>
+#include <dlfcn.h>
+#include <sys/vfs.h>
+#include <stdint.h>
+#include <limits.h>
+
+#include "dso.h"
+#include "policy.h"
+#include "selinux_internal.h"
+#include "setrans_internal.h"
+
+char *selinux_mnt = NULL;
+int selinux_page_size = 0;
+int obj_class_compat = 1;
+
+static void init_selinuxmnt(void)
+{
+ char *buf=NULL, *p;
+ FILE *fp;
+ struct statfs sfbuf;
+ int rc;
+ size_t len;
+ ssize_t num;
+
+ if (selinux_mnt)
+ return;
+
+ /* We check to see if the preferred mount point for selinux file
+ * system has a selinuxfs. */
+ do {
+ rc = statfs(SELINUXMNT, &sfbuf);
+ } while (rc < 0 && errno == EINTR);
+ if (rc == 0) {
+ if ((uint32_t)sfbuf.f_type == (uint32_t)SELINUX_MAGIC) {
+ selinux_mnt = strdup(SELINUXMNT);
+ return;
+ }
+ }
+
+ /* At this point, the usual spot doesn't have an selinuxfs so
+ * we look around for it */
+ fp = fopen("/proc/mounts", "r");
+ if (!fp)
+ return;
+
+ __fsetlocking(fp, FSETLOCKING_BYCALLER);
+ while ((num = getline(&buf, &len, fp)) != -1) {
+ char *tmp;
+ p = strchr(buf, ' ');
+ if (!p)
+ goto out;
+ p++;
+ tmp = strchr(p, ' ');
+ if (!tmp)
+ goto out;
+ if (!strncmp(tmp + 1, "selinuxfs ", 10)) {
+ *tmp = '\0';
+ break;
+ }
+ }
+
+ /* If we found something, dup it */
+ if (num > 0)
+ selinux_mnt = strdup(p);
+
+ out:
+ free(buf);
+ fclose(fp);
+ return;
+}
+
+static void fini_selinuxmnt(void)
+{
+ free(selinux_mnt);
+ selinux_mnt = NULL;
+}
+
+void set_selinuxmnt(char *mnt)
+{
+ selinux_mnt = strdup(mnt);
+}
+
+hidden_def(set_selinuxmnt)
+
+static void init_obj_class_compat(void)
+{
+ char path[PATH_MAX];
+ struct stat s;
+
+ if (!selinux_mnt)
+ return;
+
+ snprintf(path,PATH_MAX,"%s/class",selinux_mnt);
+ if (stat(path,&s) < 0)
+ return;
+
+ if (S_ISDIR(s.st_mode))
+ obj_class_compat = 0;
+}
+
+static void fini_obj_class_compat(void)
+{
+ obj_class_compat = 1;
+}
+
+static void init_lib(void) __attribute__ ((constructor));
+static void init_lib(void)
+{
+ selinux_page_size = sysconf(_SC_PAGE_SIZE);
+ init_selinuxmnt();
+ init_obj_class_compat();
+ init_context_translations();
+}
+
+static void fini_lib(void) __attribute__ ((destructor));
+static void fini_lib(void)
+{
+ fini_selinuxmnt();
+ fini_obj_class_compat();
+ fini_context_translations();
+}
diff --git a/libselinux/src/is_customizable_type.c b/libselinux/src/is_customizable_type.c
new file mode 100644
index 0000000..6785405
--- /dev/null
+++ b/libselinux/src/is_customizable_type.c
@@ -0,0 +1,93 @@
+#include <unistd.h>
+#include <errno.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <ctype.h>
+#include <pwd.h>
+#include <limits.h>
+#include "selinux_internal.h"
+#include "context_internal.h"
+
+static int get_customizable_type_list(security_context_t ** retlist)
+{
+ FILE *fp;
+ char *buf;
+ unsigned int ctr = 0, i;
+ security_context_t *list = NULL;
+
+ fp = fopen(selinux_customizable_types_path(), "r");
+ if (!fp)
+ return -1;
+
+ buf = malloc(selinux_page_size);
+ if (!buf) {
+ fclose(fp);
+ return -1;
+ }
+ while (fgets_unlocked(buf, selinux_page_size, fp) && ctr < UINT_MAX) {
+ ctr++;
+ }
+ rewind(fp);
+ if (ctr) {
+ list =
+ (security_context_t *) calloc(sizeof(security_context_t),
+ ctr + 1);
+ if (list) {
+ i = 0;
+ while (fgets_unlocked(buf, selinux_page_size, fp)
+ && i < ctr) {
+ buf[strlen(buf) - 1] = 0;
+ list[i] = (security_context_t) strdup(buf);
+ if (!list[i]) {
+ unsigned int j;
+ for (j = 0; j < i; j++)
+ free(list[j]);
+ free(list);
+ list = NULL;
+ break;
+ }
+ i++;
+ }
+ }
+ }
+ fclose(fp);
+ free(buf);
+ if (!list)
+ return -1;
+ *retlist = list;
+ return 0;
+}
+
+static security_context_t *customizable_list = NULL;
+
+int is_context_customizable(security_context_t scontext)
+{
+ int i;
+ const char *type;
+ context_t c;
+
+ if (!customizable_list) {
+ if (get_customizable_type_list(&customizable_list) != 0)
+ return -1;
+ }
+
+ c = context_new(scontext);
+ if (!c)
+ return -1;
+
+ type = context_type_get(c);
+ if (!type) {
+ context_free(c);
+ return -1;
+ }
+
+ for (i = 0; customizable_list[i]; i++) {
+ if (strcmp(customizable_list[i], type) == 0) {
+ context_free(c);
+ return 1;
+ }
+ }
+ context_free(c);
+ return 0;
+}
diff --git a/libselinux/src/label.c b/libselinux/src/label.c
new file mode 100644
index 0000000..f7418d6
--- /dev/null
+++ b/libselinux/src/label.c
@@ -0,0 +1,140 @@
+/*
+ * Generalized labeling frontend for userspace object managers.
+ *
+ * Author : Eamon Walsh <ewalsh@epoch.ncsc.mil>
+ */
+
+#include <sys/types.h>
+#include <errno.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include "callbacks.h"
+#include "label_internal.h"
+
+#define ARRAY_SIZE(x) (sizeof(x) / sizeof((x)[0]))
+
+typedef int (*selabel_initfunc)(struct selabel_handle *rec,
+ struct selinux_opt *opts, unsigned nopts);
+
+static selabel_initfunc initfuncs[] = {
+ &selabel_file_init,
+ &selabel_media_init,
+ &selabel_x_init
+};
+
+/*
+ * Validation functions
+ */
+
+static inline int selabel_is_validate_set(struct selinux_opt *opts, unsigned n)
+{
+ while (n--)
+ if (opts[n].type == SELABEL_OPT_VALIDATE)
+ return !!opts[n].value;
+
+ return 0;
+}
+
+int selabel_validate(struct selabel_handle *rec,
+ struct selabel_lookup_rec *contexts)
+{
+ int rc = 0;
+
+ if (!rec->validating || contexts->validated)
+ goto out;
+
+ rc = selinux_validate(&contexts->ctx_raw);
+ if (rc < 0)
+ goto out;
+
+ contexts->validated = 1;
+out:
+ return rc;
+}
+
+/*
+ * Public API
+ */
+
+struct selabel_handle *selabel_open(unsigned int backend,
+ struct selinux_opt *opts, unsigned nopts)
+{
+ struct selabel_handle *rec = NULL;
+
+ if (backend >= ARRAY_SIZE(initfuncs)) {
+ errno = EINVAL;
+ goto out;
+ }
+
+ rec = (struct selabel_handle *)malloc(sizeof(*rec));
+ if (!rec)
+ goto out;
+
+ memset(rec, 0, sizeof(*rec));
+ rec->backend = backend;
+ rec->validating = selabel_is_validate_set(opts, nopts);
+
+ if ((*initfuncs[backend])(rec, opts, nopts)) {
+ free(rec);
+ rec = NULL;
+ }
+
+out:
+ return rec;
+}
+
+static struct selabel_lookup_rec *
+selabel_lookup_common(struct selabel_handle *rec, int translating,
+ const char *key, int type)
+{
+ struct selabel_lookup_rec *lr = rec->func_lookup(rec, key, type);
+ if (!lr)
+ return NULL;
+
+ if (compat_validate(rec, lr, "file_contexts", 0))
+ return NULL;
+
+ if (translating && !lr->ctx_trans &&
+ selinux_raw_to_trans_context(lr->ctx_raw, &lr->ctx_trans))
+ return NULL;
+
+ return lr;
+}
+
+int selabel_lookup(struct selabel_handle *rec, security_context_t *con,
+ const char *key, int type)
+{
+ struct selabel_lookup_rec *lr;
+
+ lr = selabel_lookup_common(rec, 1, key, type);
+ if (!lr)
+ return -1;
+
+ *con = strdup(lr->ctx_trans);
+ return *con ? 0 : -1;
+}
+
+int selabel_lookup_raw(struct selabel_handle *rec, security_context_t *con,
+ const char *key, int type)
+{
+ struct selabel_lookup_rec *lr;
+
+ lr = selabel_lookup_common(rec, 0, key, type);
+ if (!lr)
+ return -1;
+
+ *con = strdup(lr->ctx_raw);
+ return *con ? 0 : -1;
+}
+
+void selabel_close(struct selabel_handle *rec)
+{
+ rec->func_close(rec);
+ free(rec);
+}
+
+void selabel_stats(struct selabel_handle *rec)
+{
+ rec->func_stats(rec);
+}
diff --git a/libselinux/src/label_file.c b/libselinux/src/label_file.c
new file mode 100644
index 0000000..5043f09
--- /dev/null
+++ b/libselinux/src/label_file.c
@@ -0,0 +1,672 @@
+/*
+ * File contexts backend for labeling system
+ *
+ * Author : Eamon Walsh <ewalsh@tycho.nsa.gov>
+ * Author : Stephen Smalley <sds@tycho.nsa.gov>
+ *
+ * This library derived in part from setfiles and the setfiles.pl script
+ * developed by Secure Computing Corporation.
+ */
+
+#include <fcntl.h>
+#include <stdarg.h>
+#include <string.h>
+#include <stdio.h>
+#include <stdio_ext.h>
+#include <ctype.h>
+#include <errno.h>
+#include <limits.h>
+#include <regex.h>
+#include "callbacks.h"
+#include "label_internal.h"
+
+/*
+ * Internals, mostly moved over from matchpathcon.c
+ */
+
+/* A file security context specification. */
+typedef struct spec {
+ struct selabel_lookup_rec lr; /* holds contexts for lookup result */
+ char *regex_str; /* regular expession string for diagnostics */
+ char *type_str; /* type string for diagnostic messages */
+ regex_t regex; /* compiled regular expression */
+ char regcomp; /* regex_str has been compiled to regex */
+ mode_t mode; /* mode format value */
+ int matches; /* number of matching pathnames */
+ int hasMetaChars; /* regular expression has meta-chars */
+ int stem_id; /* indicates which stem-compression item */
+} spec_t;
+
+/* A regular expression stem */
+typedef struct stem {
+ char *buf;
+ int len;
+} stem_t;
+
+/* Our stored configuration */
+struct saved_data {
+ /*
+ * The array of specifications, initially in the same order as in
+ * the specification file. Sorting occurs based on hasMetaChars.
+ */
+ spec_t *spec_arr;
+ unsigned int nspec;
+ unsigned int ncomp;
+
+ /*
+ * The array of regular expression stems.
+ */
+ stem_t *stem_arr;
+ int num_stems;
+ int alloc_stems;
+};
+
+/* Return the length of the text that can be considered the stem, returns 0
+ * if there is no identifiable stem */
+static int get_stem_from_spec(const char *const buf)
+{
+ const char *tmp = strchr(buf + 1, '/');
+ const char *ind;
+
+ if (!tmp)
+ return 0;
+
+ for (ind = buf; ind < tmp; ind++) {
+ if (strchr(".^$?*+|[({", (int)*ind))
+ return 0;
+ }
+ return tmp - buf;
+}
+
+/* return the length of the text that is the stem of a file name */
+static int get_stem_from_file_name(const char *const buf)
+{
+ const char *tmp = strchr(buf + 1, '/');
+
+ if (!tmp)
+ return 0;
+ return tmp - buf;
+}
+
+/* find the stem of a file spec, returns the index into stem_arr for a new
+ * or existing stem, (or -1 if there is no possible stem - IE for a file in
+ * the root directory or a regex that is too complex for us). */
+static int find_stem_from_spec(struct saved_data *data, const char *buf)
+{
+ int i, num = data->num_stems;
+ int stem_len = get_stem_from_spec(buf);
+
+ if (!stem_len)
+ return -1;
+ for (i = 0; i < num; i++) {
+ if (stem_len == data->stem_arr[i].len
+ && !strncmp(buf, data->stem_arr[i].buf, stem_len))
+ return i;
+ }
+ if (data->alloc_stems == num) {
+ stem_t *tmp_arr;
+ data->alloc_stems = data->alloc_stems * 2 + 16;
+ tmp_arr = realloc(data->stem_arr,
+ sizeof(stem_t) * data->alloc_stems);
+ if (!tmp_arr)
+ return -1;
+ data->stem_arr = tmp_arr;
+ }
+ data->stem_arr[num].len = stem_len;
+ data->stem_arr[num].buf = malloc(stem_len + 1);
+ if (!data->stem_arr[num].buf)
+ return -1;
+ memcpy(data->stem_arr[num].buf, buf, stem_len);
+ data->stem_arr[num].buf[stem_len] = '\0';
+ data->num_stems++;
+ buf += stem_len;
+ return num;
+}
+
+/* find the stem of a file name, returns the index into stem_arr (or -1 if
+ * there is no match - IE for a file in the root directory or a regex that is
+ * too complex for us). Makes buf point to the text AFTER the stem. */
+static int find_stem_from_file(struct saved_data *data, const char **buf)
+{
+ int i;
+ int stem_len = get_stem_from_file_name(*buf);
+
+ if (!stem_len)
+ return -1;
+ for (i = 0; i < data->num_stems; i++) {
+ if (stem_len == data->stem_arr[i].len
+ && !strncmp(*buf, data->stem_arr[i].buf, stem_len)) {
+ *buf += stem_len;
+ return i;
+ }
+ }
+ return -1;
+}
+
+/*
+ * Warn about duplicate specifications.
+ */
+static int nodups_specs(struct saved_data *data, const char *path)
+{
+ int rc = 0;
+ unsigned int ii, jj;
+ struct spec *curr_spec, *spec_arr = data->spec_arr;
+
+ for (ii = 0; ii < data->nspec; ii++) {
+ curr_spec = &spec_arr[ii];
+ for (jj = ii + 1; jj < data->nspec; jj++) {
+ if ((!strcmp
+ (spec_arr[jj].regex_str, curr_spec->regex_str))
+ && (!spec_arr[jj].mode || !curr_spec->mode
+ || spec_arr[jj].mode == curr_spec->mode)) {
+ rc = -1;
+ errno = EINVAL;
+ if (strcmp
+ (spec_arr[jj].lr.ctx_raw,
+ curr_spec->lr.ctx_raw)) {
+ COMPAT_LOG
+ (SELINUX_ERROR,
+ "%s: Multiple different specifications for %s (%s and %s).\n",
+ path, curr_spec->regex_str,
+ spec_arr[jj].lr.ctx_raw,
+ curr_spec->lr.ctx_raw);
+ } else {
+ COMPAT_LOG
+ (SELINUX_ERROR,
+ "%s: Multiple same specifications for %s.\n",
+ path, curr_spec->regex_str);
+ }
+ }
+ }
+ }
+ return rc;
+}
+
+/* Determine if the regular expression specification has any meta characters. */
+static void spec_hasMetaChars(struct spec *spec)
+{
+ char *c;
+ int len;
+ char *end;
+
+ c = spec->regex_str;
+ len = strlen(spec->regex_str);
+ end = c + len;
+
+ spec->hasMetaChars = 0;
+
+ /* Look at each character in the RE specification string for a
+ * meta character. Return when any meta character reached. */
+ while (c != end) {
+ switch (*c) {
+ case '.':
+ case '^':
+ case '$':
+ case '?':
+ case '*':
+ case '+':
+ case '|':
+ case '[':
+ case '(':
+ case '{':
+ spec->hasMetaChars = 1;
+ return;
+ case '\\': /* skip the next character */
+ c++;
+ break;
+ default:
+ break;
+
+ }
+ c++;
+ }
+ return;
+}
+
+static int compile_regex(struct saved_data *data, spec_t *spec, char **errbuf)
+{
+ char *reg_buf, *anchored_regex, *cp;
+ stem_t *stem_arr = data->stem_arr;
+ size_t len;
+ int regerr;
+
+ if (spec->regcomp)
+ return 0; /* already done */
+
+ data->ncomp++; /* how many compiled regexes required */
+
+ /* Skip the fixed stem. */
+ reg_buf = spec->regex_str;
+ if (spec->stem_id >= 0)
+ reg_buf += stem_arr[spec->stem_id].len;
+
+ /* Anchor the regular expression. */
+ len = strlen(reg_buf);
+ cp = anchored_regex = malloc(len + 3);
+ if (!anchored_regex)
+ return -1;
+ /* Create ^...$ regexp. */
+ *cp++ = '^';
+ cp = mempcpy(cp, reg_buf, len);
+ *cp++ = '$';
+ *cp = '\0';
+
+ /* Compile the regular expression. */
+ regerr = regcomp(&spec->regex, anchored_regex,
+ REG_EXTENDED | REG_NOSUB);
+ if (regerr != 0) {
+ size_t errsz = 0;
+ errsz = regerror(regerr, &spec->regex, NULL, 0);
+ if (errsz && errbuf)
+ *errbuf = malloc(errsz);
+ if (errbuf && *errbuf)
+ (void)regerror(regerr, &spec->regex,
+ *errbuf, errsz);
+
+ free(anchored_regex);
+ return -1;
+ }
+ free(anchored_regex);
+
+ /* Done. */
+ spec->regcomp = 1;
+
+ return 0;
+}
+
+
+static int process_line(struct selabel_handle *rec,
+ const char *path, const char *prefix,
+ char *line_buf, int pass, unsigned lineno)
+{
+ int items, len;
+ char *buf_p, *regex, *type, *context;
+ struct saved_data *data = (struct saved_data *)rec->data;
+ spec_t *spec_arr = data->spec_arr;
+ unsigned int nspec = data->nspec;
+
+ len = strlen(line_buf);
+ if (line_buf[len - 1] == '\n')
+ line_buf[len - 1] = 0;
+ buf_p = line_buf;
+ while (isspace(*buf_p))
+ buf_p++;
+ /* Skip comment lines and empty lines. */
+ if (*buf_p == '#' || *buf_p == 0)
+ return 0;
+ items = sscanf(line_buf, "%as %as %as", ®ex, &type, &context);
+ if (items < 2) {
+ COMPAT_LOG(SELINUX_WARNING,
+ "%s: line %d is missing fields, skipping\n", path,
+ lineno);
+ return 0;
+ } else if (items == 2) {
+ /* The type field is optional. */
+ free(context);
+ context = type;
+ type = 0;
+ }
+
+ len = get_stem_from_spec(regex);
+ if (len && prefix && strncmp(prefix, regex, len)) {
+ /* Stem of regex does not match requested prefix, discard. */
+ free(regex);
+ free(type);
+ free(context);
+ return 0;
+ }
+
+ if (pass == 1) {
+ /* On the second pass, process and store the specification in spec. */
+ char *errbuf = NULL;
+ spec_arr[nspec].stem_id = find_stem_from_spec(data, regex);
+ spec_arr[nspec].regex_str = regex;
+ if (rec->validating && compile_regex(data, &spec_arr[nspec], &errbuf)) {
+ COMPAT_LOG(SELINUX_WARNING,
+ "%s: line %d has invalid regex %s: %s\n",
+ path, lineno, regex,
+ (errbuf ? errbuf : "out of memory"));
+ }
+
+ /* Convert the type string to a mode format */
+ spec_arr[nspec].type_str = type;
+ spec_arr[nspec].mode = 0;
+ if (!type)
+ goto skip_type;
+ len = strlen(type);
+ if (type[0] != '-' || len != 2) {
+ COMPAT_LOG(SELINUX_WARNING,
+ "%s: line %d has invalid file type %s\n",
+ path, lineno, type);
+ return 0;
+ }
+ switch (type[1]) {
+ case 'b':
+ spec_arr[nspec].mode = S_IFBLK;
+ break;
+ case 'c':
+ spec_arr[nspec].mode = S_IFCHR;
+ break;
+ case 'd':
+ spec_arr[nspec].mode = S_IFDIR;
+ break;
+ case 'p':
+ spec_arr[nspec].mode = S_IFIFO;
+ break;
+ case 'l':
+ spec_arr[nspec].mode = S_IFLNK;
+ break;
+ case 's':
+ spec_arr[nspec].mode = S_IFSOCK;
+ break;
+ case '-':
+ spec_arr[nspec].mode = S_IFREG;
+ break;
+ default:
+ COMPAT_LOG(SELINUX_WARNING,
+ "%s: line %d has invalid file type %s\n",
+ path, lineno, type);
+ return 0;
+ }
+
+ skip_type:
+ spec_arr[nspec].lr.ctx_raw = context;
+
+ /* Determine if specification has
+ * any meta characters in the RE */
+ spec_hasMetaChars(&spec_arr[nspec]);
+
+ if (strcmp(context, "<<none>>") && rec->validating)
+ compat_validate(rec, &spec_arr[nspec].lr, path, lineno);
+ }
+
+ data->nspec = ++nspec;
+ if (pass == 0) {
+ free(regex);
+ if (type)
+ free(type);
+ free(context);
+ }
+ return 0;
+}
+
+static int init(struct selabel_handle *rec, struct selinux_opt *opts,
+ unsigned n)
+{
+ struct saved_data *data = (struct saved_data *)rec->data;
+ const char *path = NULL;
+ const char *prefix = NULL;
+ FILE *fp;
+ FILE *localfp = NULL;
+ FILE *homedirfp = NULL;
+ char local_path[PATH_MAX + 1];
+ char homedir_path[PATH_MAX + 1];
+ char *line_buf = NULL;
+ size_t line_len = 0;
+ unsigned int lineno, pass, i, j, maxnspec;
+ spec_t *spec_copy = NULL;
+ int status = -1, baseonly = 0;
+ struct stat sb;
+
+ /* Process arguments */
+ while (n--)
+ switch(opts[n].type) {
+ case SELABEL_OPT_PATH:
+ path = opts[n].value;
+ break;
+ case SELABEL_OPT_SUBSET:
+ prefix = opts[n].value;
+ break;
+ case SELABEL_OPT_BASEONLY:
+ baseonly = !!opts[n].value;
+ break;
+ }
+
+ /* Open the specification file. */
+ if (!path)
+ path = selinux_file_context_path();
+ if ((fp = fopen(path, "r")) == NULL)
+ return -1;
+ __fsetlocking(fp, FSETLOCKING_BYCALLER);
+
+ if (fstat(fileno(fp), &sb) < 0)
+ return -1;
+ if (!S_ISREG(sb.st_mode)) {
+ errno = EINVAL;
+ return -1;
+ }
+
+ if (!baseonly) {
+ snprintf(homedir_path, sizeof(homedir_path), "%s.homedirs",
+ path);
+ homedirfp = fopen(homedir_path, "r");
+ if (homedirfp != NULL)
+ __fsetlocking(homedirfp, FSETLOCKING_BYCALLER);
+
+ snprintf(local_path, sizeof(local_path), "%s.local", path);
+ localfp = fopen(local_path, "r");
+ if (localfp != NULL)
+ __fsetlocking(localfp, FSETLOCKING_BYCALLER);
+ }
+
+ /*
+ * Perform two passes over the specification file.
+ * The first pass counts the number of specifications and
+ * performs simple validation of the input. At the end
+ * of the first pass, the spec array is allocated.
+ * The second pass performs detailed validation of the input
+ * and fills in the spec array.
+ */
+ maxnspec = UINT_MAX / sizeof(spec_t);
+ for (pass = 0; pass < 2; pass++) {
+ lineno = 0;
+ data->nspec = 0;
+ data->ncomp = 0;
+ while (getline(&line_buf, &line_len, fp) > 0
+ && data->nspec < maxnspec) {
+ if (process_line(rec, path, prefix, line_buf,
+ pass, ++lineno) != 0)
+ goto finish;
+ }
+ if (pass == 1) {
+ status = nodups_specs(data, path);
+ if (status)
+ goto finish;
+ }
+ lineno = 0;
+ if (homedirfp)
+ while (getline(&line_buf, &line_len, homedirfp) > 0
+ && data->nspec < maxnspec) {
+ if (process_line
+ (rec, homedir_path, prefix,
+ line_buf, pass, ++lineno) != 0)
+ goto finish;
+ }
+
+ lineno = 0;
+ if (localfp)
+ while (getline(&line_buf, &line_len, localfp) > 0
+ && data->nspec < maxnspec) {
+ if (process_line
+ (rec, local_path, prefix, line_buf,
+ pass, ++lineno) != 0)
+ goto finish;
+ }
+
+ if (pass == 0) {
+ if (data->nspec == 0) {
+ status = 0;
+ goto finish;
+ }
+ if (NULL == (data->spec_arr =
+ malloc(sizeof(spec_t) * data->nspec)))
+ goto finish;
+ memset(data->spec_arr, 0, sizeof(spec_t)*data->nspec);
+ maxnspec = data->nspec;
+ rewind(fp);
+ if (homedirfp)
+ rewind(homedirfp);
+ if (localfp)
+ rewind(localfp);
+ }
+ }
+ free(line_buf);
+
+ /* Move exact pathname specifications to the end. */
+ spec_copy = malloc(sizeof(spec_t) * data->nspec);
+ if (!spec_copy)
+ goto finish;
+ j = 0;
+ for (i = 0; i < data->nspec; i++)
+ if (data->spec_arr[i].hasMetaChars)
+ memcpy(&spec_copy[j++],
+ &data->spec_arr[i], sizeof(spec_t));
+ for (i = 0; i < data->nspec; i++)
+ if (!data->spec_arr[i].hasMetaChars)
+ memcpy(&spec_copy[j++],
+ &data->spec_arr[i], sizeof(spec_t));
+ free(data->spec_arr);
+ data->spec_arr = spec_copy;
+
+ status = 0;
+finish:
+ fclose(fp);
+ if (data->spec_arr != spec_copy)
+ free(data->spec_arr);
+ if (homedirfp)
+ fclose(homedirfp);
+ if (localfp)
+ fclose(localfp);
+ return status;
+}
+
+/*
+ * Backend interface routines
+ */
+static void close(struct selabel_handle *rec)
+{
+ struct saved_data *data = (struct saved_data *)rec->data;
+ struct spec *spec;
+ struct stem *stem;
+ unsigned int i;
+
+ for (i = 0; i < data->nspec; i++) {
+ spec = &data->spec_arr[i];
+ free(spec->regex_str);
+ free(spec->type_str);
+ free(spec->lr.ctx_raw);
+ free(spec->lr.ctx_trans);
+ regfree(&spec->regex);
+ }
+
+ for (i = 0; i < (unsigned int)data->num_stems; i++) {
+ stem = &data->stem_arr[i];
+ free(stem->buf);
+ }
+
+ if (data->spec_arr)
+ free(data->spec_arr);
+ if (data->stem_arr)
+ free(data->stem_arr);
+
+ free(data);
+}
+
+static struct selabel_lookup_rec *lookup(struct selabel_handle *rec,
+ const char *key, int type)
+{
+ struct saved_data *data = (struct saved_data *)rec->data;
+ spec_t *spec_arr = data->spec_arr;
+ int i, rc, file_stem;
+ mode_t mode = (mode_t)type;
+ const char *buf = key;
+
+ if (!data->nspec) {
+ errno = ENOENT;
+ return NULL;
+ }
+
+ file_stem = find_stem_from_file(data, &buf);
+ mode &= S_IFMT;
+
+ /*
+ * Check for matching specifications in reverse order, so that
+ * the last matching specification is used.
+ */
+ for (i = data->nspec - 1; i >= 0; i--) {
+ /* if the spec in question matches no stem or has the same
+ * stem as the file AND if the spec in question has no mode
+ * specified or if the mode matches the file mode then we do
+ * a regex check */
+ if ((spec_arr[i].stem_id == -1
+ || spec_arr[i].stem_id == file_stem)
+ && (!mode || !spec_arr[i].mode
+ || mode == spec_arr[i].mode)) {
+ if (compile_regex(data, &spec_arr[i], NULL) < 0)
+ return NULL;
+ if (spec_arr[i].stem_id == -1)
+ rc = regexec(&spec_arr[i].regex, key, 0, 0, 0);
+ else
+ rc = regexec(&spec_arr[i].regex, buf, 0, 0, 0);
+
+ if (rc == 0) {
+ spec_arr[i].matches++;
+ break;
+ }
+ if (rc == REG_NOMATCH)
+ continue;
+ /* else it's an error */
+ return NULL;
+ }
+ }
+
+ if (i < 0 || strcmp(spec_arr[i].lr.ctx_raw, "<<none>>") == 0) {
+ /* No matching specification. */
+ errno = ENOENT;
+ return NULL;
+ }
+
+ return &spec_arr[i].lr;
+}
+
+static void stats(struct selabel_handle *rec)
+{
+ struct saved_data *data = (struct saved_data *)rec->data;
+ unsigned int i, nspec = data->nspec;
+ spec_t *spec_arr = data->spec_arr;
+
+ for (i = 0; i < nspec; i++) {
+ if (spec_arr[i].matches == 0) {
+ if (spec_arr[i].type_str) {
+ COMPAT_LOG(SELINUX_WARNING,
+ "Warning! No matches for (%s, %s, %s)\n",
+ spec_arr[i].regex_str,
+ spec_arr[i].type_str,
+ spec_arr[i].lr.ctx_raw);
+ } else {
+ COMPAT_LOG(SELINUX_WARNING,
+ "Warning! No matches for (%s, %s)\n",
+ spec_arr[i].regex_str,
+ spec_arr[i].lr.ctx_raw);
+ }
+ }
+ }
+}
+
+int selabel_file_init(struct selabel_handle *rec, struct selinux_opt *opts,
+ unsigned nopts)
+{
+ struct saved_data *data;
+
+ data = (struct saved_data *)malloc(sizeof(*data));
+ if (!data)
+ return -1;
+ memset(data, 0, sizeof(*data));
+
+ rec->data = data;
+ rec->func_close = &close;
+ rec->func_stats = &stats;
+ rec->func_lookup = &lookup;
+
+ return init(rec, opts, nopts);
+}
diff --git a/libselinux/src/label_internal.h b/libselinux/src/label_internal.h
new file mode 100644
index 0000000..27a1f06
--- /dev/null
+++ b/libselinux/src/label_internal.h
@@ -0,0 +1,75 @@
+/*
+ * This file describes the internal interface used by the labeler
+ * for calling the user-supplied memory allocation, validation,
+ * and locking routine.
+ *
+ * Author : Eamon Walsh <ewalsh@epoch.ncsc.mil>
+ */
+#ifndef _SELABEL_INTERNAL_H_
+#define _SELABEL_INTERNAL_H_
+
+#include <stdlib.h>
+#include <stdarg.h>
+#include <selinux/selinux.h>
+#include <selinux/label.h>
+#include "dso.h"
+
+/*
+ * Installed backends
+ */
+int selabel_file_init(struct selabel_handle *rec, struct selinux_opt *opts,
+ unsigned nopts) hidden;
+int selabel_media_init(struct selabel_handle *rec, struct selinux_opt *opts,
+ unsigned nopts) hidden;
+int selabel_x_init(struct selabel_handle *rec, struct selinux_opt *opts,
+ unsigned nopts) hidden;
+
+/*
+ * Labeling internal structures
+ */
+struct selabel_lookup_rec {
+ security_context_t ctx_raw;
+ security_context_t ctx_trans;
+ int validated;
+};
+
+struct selabel_handle {
+ /* arguments that were passed to selabel_open */
+ unsigned int backend;
+ int validating;
+
+ /* labeling operations */
+ struct selabel_lookup_rec *(*func_lookup) (struct selabel_handle *h,
+ const char *key, int type);
+ void (*func_close) (struct selabel_handle *h);
+ void (*func_stats) (struct selabel_handle *h);
+
+ /* supports backend-specific state information */
+ void *data;
+};
+
+/*
+ * Validation function
+ */
+extern int
+selabel_validate(struct selabel_handle *rec,
+ struct selabel_lookup_rec *contexts) hidden;
+
+/*
+ * Compatibility support
+ */
+extern int myprintf_compat;
+extern void __attribute__ ((format(printf, 1, 2)))
+(*myprintf) (const char *fmt,...);
+
+#define COMPAT_LOG(type, fmt...) if (myprintf_compat) \
+ myprintf(fmt); \
+ else \
+ selinux_log(type, fmt);
+
+extern int
+compat_validate(struct selabel_handle *rec,
+ struct selabel_lookup_rec *contexts,
+ const char *path, unsigned lineno) hidden;
+
+#endif /* _SELABEL_INTERNAL_H_ */
diff --git a/libselinux/src/label_media.c b/libselinux/src/label_media.c
new file mode 100644
index 0000000..f8986e4
--- /dev/null
+++ b/libselinux/src/label_media.c
@@ -0,0 +1,219 @@
+/*
+ * Media contexts backend for labeling system
+ *
+ * Author : Eamon Walsh <ewalsh@tycho.nsa.gov>
+ */
+
+#include <sys/stat.h>
+#include <string.h>
+#include <stdio.h>
+#include <stdio_ext.h>
+#include <ctype.h>
+#include <errno.h>
+#include <limits.h>
+#include "callbacks.h"
+#include "label_internal.h"
+
+/*
+ * Internals
+ */
+
+/* A context specification. */
+typedef struct spec {
+ struct selabel_lookup_rec lr; /* holds contexts for lookup result */
+ char *key; /* key string */
+ int matches; /* number of matches made during operation */
+} spec_t;
+
+struct saved_data {
+ unsigned int nspec;
+ spec_t *spec_arr;
+};
+
+static int process_line(const char *path, char *line_buf, int pass,
+ unsigned lineno, struct selabel_handle *rec)
+{
+ struct saved_data *data = (struct saved_data *)rec->data;
+ int items;
+ char *buf_p;
+ char *key, *context;
+
+ buf_p = line_buf;
+ while (isspace(*buf_p))
+ buf_p++;
+ /* Skip comment lines and empty lines. */
+ if (*buf_p == '#' || *buf_p == 0)
+ return 0;
+ items = sscanf(line_buf, "%as %as ", &key, &context);
+ if (items < 2) {
+ selinux_log(SELINUX_WARNING,
+ "%s: line %d is missing fields, skipping\n", path,
+ lineno);
+ if (items == 1)
+ free(key);
+ return 0;
+ }
+
+ if (pass == 1) {
+ data->spec_arr[data->nspec].key = key;
+ data->spec_arr[data->nspec].lr.ctx_raw = context;
+ }
+
+ data->nspec++;
+ if (pass == 0) {
+ free(key);
+ free(context);
+ }
+ return 0;
+}
+
+static int init(struct selabel_handle *rec, struct selinux_opt *opts,
+ unsigned n)
+{
+ FILE *fp;
+ struct saved_data *data = (struct saved_data *)rec->data;
+ const char *path = NULL;
+ char *line_buf = NULL;
+ size_t line_len = 0;
+ int status = -1;
+ unsigned int lineno, pass, maxnspec;
+ struct stat sb;
+
+ /* Process arguments */
+ while (n--)
+ switch(opts[n].type) {
+ case SELABEL_OPT_PATH:
+ path = opts[n].value;
+ break;
+ }
+
+ /* Open the specification file. */
+ if (!path)
+ path = selinux_media_context_path();
+ if ((fp = fopen(path, "r")) == NULL)
+ return -1;
+ __fsetlocking(fp, FSETLOCKING_BYCALLER);
+
+ if (fstat(fileno(fp), &sb) < 0)
+ return -1;
+ if (!S_ISREG(sb.st_mode)) {
+ errno = EINVAL;
+ return -1;
+ }
+
+ /*
+ * Perform two passes over the specification file.
+ * The first pass counts the number of specifications and
+ * performs simple validation of the input. At the end
+ * of the first pass, the spec array is allocated.
+ * The second pass performs detailed validation of the input
+ * and fills in the spec array.
+ */
+ maxnspec = UINT_MAX / sizeof(spec_t);
+ for (pass = 0; pass < 2; pass++) {
+ lineno = 0;
+ data->nspec = 0;
+ while (getline(&line_buf, &line_len, fp) > 0 &&
+ data->nspec < maxnspec) {
+ if (process_line(path, line_buf, pass, ++lineno, rec))
+ goto finish;
+ }
+ lineno = 0;
+
+ if (pass == 0) {
+ if (data->nspec == 0) {
+ status = 0;
+ goto finish;
+ }
+ data->spec_arr = malloc(sizeof(spec_t)*data->nspec);
+ if (data->spec_arr == NULL)
+ goto finish;
+ memset(data->spec_arr, 0, sizeof(spec_t)*data->nspec);
+ maxnspec = data->nspec;
+ rewind(fp);
+ }
+ }
+ free(line_buf);
+
+ status = 0;
+finish:
+ fclose(fp);
+ return status;
+}
+
+/*
+ * Backend interface routines
+ */
+static void close(struct selabel_handle *rec)
+{
+ struct saved_data *data = (struct saved_data *)rec->data;
+ struct spec *spec, *spec_arr = data->spec_arr;
+ unsigned int i;
+
+ for (i = 0; i < data->nspec; i++) {
+ spec = &spec_arr[i];
+ free(spec->key);
+ free(spec->lr.ctx_raw);
+ free(spec->lr.ctx_trans);
+ }
+
+ if (spec_arr)
+ free(spec_arr);
+
+ memset(data, 0, sizeof(*data));
+}
+
+static struct selabel_lookup_rec *lookup(struct selabel_handle *rec,
+ const char *key,
+ int type __attribute__((unused)))
+{
+ struct saved_data *data = (struct saved_data *)rec->data;
+ spec_t *spec_arr = data->spec_arr;
+ unsigned int i;
+
+ for (i = 0; i < data->nspec; i++) {
+ if (!strncmp(spec_arr[i].key, key, strlen(key) + 1))
+ break;
+ if (!strncmp(spec_arr[i].key, "*", 2))
+ break;
+ }
+
+ if (i >= data->nspec) {
+ /* No matching specification. */
+ errno = ENOENT;
+ return NULL;
+ }
+
+ spec_arr[i].matches++;
+ return &spec_arr[i].lr;
+}
+
+static void stats(struct selabel_handle *rec)
+{
+ struct saved_data *data = (struct saved_data *)rec->data;
+ unsigned int i, total = 0;
+
+ for (i = 0; i < data->nspec; i++)
+ total += data->spec_arr[i].matches;
+
+ selinux_log(SELINUX_INFO, "%u entries, %u matches made\n",
+ data->nspec, total);
+}
+
+int selabel_media_init(struct selabel_handle *rec, struct selinux_opt *opts,
+ unsigned nopts)
+{
+ struct saved_data *data;
+
+ data = (struct saved_data *)malloc(sizeof(*data));
+ if (!data)
+ return -1;
+ memset(data, 0, sizeof(*data));
+
+ rec->data = data;
+ rec->func_close = &close;
+ rec->func_lookup = &lookup;
+ rec->func_stats = &stats;
+
+ return init(rec, opts, nopts);
+}
diff --git a/libselinux/src/label_x.c b/libselinux/src/label_x.c
new file mode 100644
index 0000000..6a190f5
--- /dev/null
+++ b/libselinux/src/label_x.c
@@ -0,0 +1,246 @@
+/*
+ * Media contexts backend for X contexts
+ *
+ * Author : Eamon Walsh <ewalsh@tycho.nsa.gov>
+ */
+
+#include <sys/stat.h>
+#include <string.h>
+#include <stdio.h>
+#include <stdio_ext.h>
+#include <ctype.h>
+#include <errno.h>
+#include <limits.h>
+#include "callbacks.h"
+#include "label_internal.h"
+
+/*
+ * Internals
+ */
+
+/* A context specification. */
+typedef struct spec {
+ struct selabel_lookup_rec lr; /* holds contexts for lookup result */
+ char *key; /* key string */
+ int type; /* type of record (prop, ext, client) */
+ int matches; /* number of matches made during operation */
+} spec_t;
+
+struct saved_data {
+ unsigned int nspec;
+ spec_t *spec_arr;
+};
+
+static int process_line(const char *path, char *line_buf, int pass,
+ unsigned lineno, struct selabel_handle *rec)
+{
+ struct saved_data *data = (struct saved_data *)rec->data;
+ int items;
+ char *buf_p;
+ char *type, *key, *context;
+
+ buf_p = line_buf;
+ while (isspace(*buf_p))
+ buf_p++;
+ /* Skip comment lines and empty lines. */
+ if (*buf_p == '#' || *buf_p == 0)
+ return 0;
+ items = sscanf(line_buf, "%as %as %as ", &type, &key, &context);
+ if (items < 3) {
+ selinux_log(SELINUX_WARNING,
+ "%s: line %d is missing fields, skipping\n", path,
+ lineno);
+ if (items > 0)
+ free(type);
+ if (items > 1)
+ free(key);
+ return 0;
+ }
+
+ if (pass == 1) {
+ /* Convert the type string to a mode format */
+ if (!strcmp(type, "property"))
+ data->spec_arr[data->nspec].type = SELABEL_X_PROP;
+ else if (!strcmp(type, "extension"))
+ data->spec_arr[data->nspec].type = SELABEL_X_EXT;
+ else if (!strcmp(type, "client"))
+ data->spec_arr[data->nspec].type = SELABEL_X_CLIENT;
+ else if (!strcmp(type, "event"))
+ data->spec_arr[data->nspec].type = SELABEL_X_EVENT;
+ else if (!strcmp(type, "selection"))
+ data->spec_arr[data->nspec].type = SELABEL_X_SELN;
+ else if (!strcmp(type, "poly_property"))
+ data->spec_arr[data->nspec].type = SELABEL_X_POLYPROP;
+ else if (!strcmp(type, "poly_selection"))
+ data->spec_arr[data->nspec].type = SELABEL_X_POLYSELN;
+ else {
+ selinux_log(SELINUX_WARNING,
+ "%s: line %d has invalid object type %s\n",
+ path, lineno, type);
+ return 0;
+ }
+ data->spec_arr[data->nspec].key = key;
+ data->spec_arr[data->nspec].lr.ctx_raw = context;
+ free(type);
+ }
+
+ data->nspec++;
+ if (pass == 0) {
+ free(type);
+ free(key);
+ free(context);
+ }
+ return 0;
+}
+
+static int init(struct selabel_handle *rec, struct selinux_opt *opts,
+ unsigned n)
+{
+ FILE *fp;
+ struct saved_data *data = (struct saved_data *)rec->data;
+ const char *path = NULL;
+ char *line_buf = NULL;
+ size_t line_len = 0;
+ int status = -1;
+ unsigned int lineno, pass, maxnspec;
+ struct stat sb;
+
+ /* Process arguments */
+ while (n--)
+ switch(opts[n].type) {
+ case SELABEL_OPT_PATH:
+ path = opts[n].value;
+ break;
+ }
+
+ /* Open the specification file. */
+ if (!path)
+ path = selinux_x_context_path();
+ if ((fp = fopen(path, "r")) == NULL)
+ return -1;
+ __fsetlocking(fp, FSETLOCKING_BYCALLER);
+
+ if (fstat(fileno(fp), &sb) < 0)
+ return -1;
+ if (!S_ISREG(sb.st_mode)) {
+ errno = EINVAL;
+ return -1;
+ }
+
+ /*
+ * Perform two passes over the specification file.
+ * The first pass counts the number of specifications and
+ * performs simple validation of the input. At the end
+ * of the first pass, the spec array is allocated.
+ * The second pass performs detailed validation of the input
+ * and fills in the spec array.
+ */
+ maxnspec = UINT_MAX / sizeof(spec_t);
+ for (pass = 0; pass < 2; pass++) {
+ lineno = 0;
+ data->nspec = 0;
+ while (getline(&line_buf, &line_len, fp) > 0 &&
+ data->nspec < maxnspec) {
+ if (process_line(path, line_buf, pass, ++lineno, rec))
+ goto finish;
+ }
+ lineno = 0;
+
+ if (pass == 0) {
+ if (data->nspec == 0) {
+ status = 0;
+ goto finish;
+ }
+ data->spec_arr = malloc(sizeof(spec_t)*data->nspec);
+ if (data->spec_arr == NULL)
+ goto finish;
+ memset(data->spec_arr, 0, sizeof(spec_t)*data->nspec);
+ maxnspec = data->nspec;
+ rewind(fp);
+ }
+ }
+ free(line_buf);
+
+ status = 0;
+finish:
+ fclose(fp);
+ return status;
+}
+
+/*
+ * Backend interface routines
+ */
+static void close(struct selabel_handle *rec)
+{
+ struct saved_data *data = (struct saved_data *)rec->data;
+ struct spec *spec, *spec_arr = data->spec_arr;
+ unsigned int i;
+
+ for (i = 0; i < data->nspec; i++) {
+ spec = &spec_arr[i];
+ free(spec->key);
+ free(spec->lr.ctx_raw);
+ free(spec->lr.ctx_trans);
+ }
+
+ if (spec_arr)
+ free(spec_arr);
+
+ memset(data, 0, sizeof(*data));
+}
+
+static struct selabel_lookup_rec *lookup(struct selabel_handle *rec,
+ const char *key, int type)
+{
+ struct saved_data *data = (struct saved_data *)rec->data;
+ spec_t *spec_arr = data->spec_arr;
+ unsigned int i;
+
+ for (i = 0; i < data->nspec; i++) {
+ if (spec_arr[i].type != type)
+ continue;
+ if (!strncmp(spec_arr[i].key, "*", 2))
+ break;
+ if (!strncmp(spec_arr[i].key, key, strlen(key) + 1))
+ break;
+ }
+
+ if (i >= data->nspec) {
+ /* No matching specification. */
+ errno = ENOENT;
+ return NULL;
+ }
+
+ spec_arr[i].matches++;
+ return &spec_arr[i].lr;
+}
+
+static void stats(struct selabel_handle *rec)
+{
+ struct saved_data *data = (struct saved_data *)rec->data;
+ unsigned int i, total = 0;
+
+ for (i = 0; i < data->nspec; i++)
+ total += data->spec_arr[i].matches;
+
+ selinux_log(SELINUX_INFO, "%u entries, %u matches made\n",
+ data->nspec, total);
+}
+
+int selabel_x_init(struct selabel_handle *rec, struct selinux_opt *opts,
+ unsigned nopts)
+{
+ struct saved_data *data;
+
+ data = (struct saved_data *)malloc(sizeof(*data));
+ if (!data)
+ return -1;
+ memset(data, 0, sizeof(*data));
+
+ rec->data = data;
+ rec->func_close = &close;
+ rec->func_lookup = &lookup;
+ rec->func_stats = &stats;
+
+ return init(rec, opts, nopts);
+}
diff --git a/libselinux/src/lgetfilecon.c b/libselinux/src/lgetfilecon.c
new file mode 100644
index 0000000..a53f56e
--- /dev/null
+++ b/libselinux/src/lgetfilecon.c
@@ -0,0 +1,71 @@
+#include <unistd.h>
+#include <fcntl.h>
+#include <string.h>
+#include <stdlib.h>
+#include <errno.h>
+#include <sys/xattr.h>
+#include "selinux_internal.h"
+#include "policy.h"
+
+int lgetfilecon_raw(const char *path, security_context_t * context)
+{
+ char *buf;
+ ssize_t size;
+ ssize_t ret;
+
+ size = INITCONTEXTLEN + 1;
+ buf = malloc(size);
+ if (!buf)
+ return -1;
+ memset(buf, 0, size);
+
+ ret = lgetxattr(path, XATTR_NAME_SELINUX, buf, size - 1);
+ if (ret < 0 && errno == ERANGE) {
+ char *newbuf;
+
+ size = lgetxattr(path, XATTR_NAME_SELINUX, NULL, 0);
+ if (size < 0)
+ goto out;
+
+ size++;
+ newbuf = realloc(buf, size);
+ if (!newbuf)
+ goto out;
+
+ buf = newbuf;
+ memset(buf, 0, size);
+ ret = lgetxattr(path, XATTR_NAME_SELINUX, buf, size - 1);
+ }
+ out:
+ if (ret == 0) {
+ /* Re-map empty attribute values to errors. */
+ errno = EOPNOTSUPP;
+ ret = -1;
+ }
+ if (ret < 0)
+ free(buf);
+ else
+ *context = buf;
+ return ret;
+}
+
+hidden_def(lgetfilecon_raw)
+
+int lgetfilecon(const char *path, security_context_t * context)
+{
+ int ret;
+ security_context_t rcontext;
+
+ *context = NULL;
+
+ ret = lgetfilecon_raw(path, &rcontext);
+
+ if (ret > 0) {
+ ret = selinux_raw_to_trans_context(rcontext, context);
+ freecon(rcontext);
+ }
+
+ if (ret >= 0 && *context)
+ return strlen(*context) + 1;
+ return ret;
+}
diff --git a/libselinux/src/load_policy.c b/libselinux/src/load_policy.c
new file mode 100644
index 0000000..63f6609
--- /dev/null
+++ b/libselinux/src/load_policy.c
@@ -0,0 +1,431 @@
+#include <unistd.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <sys/mman.h>
+#include <sys/mount.h>
+#include <sys/utsname.h>
+#include <fcntl.h>
+#include <stdlib.h>
+#include <stdio.h>
+#include <ctype.h>
+#include <string.h>
+#include <errno.h>
+#include "selinux_internal.h"
+#include <sepol/sepol.h>
+#include <sepol/policydb.h>
+#include <dlfcn.h>
+#include "policy.h"
+#include <limits.h>
+
+int security_load_policy(void *data, size_t len)
+{
+ char path[PATH_MAX];
+ int fd, ret;
+
+ if (!selinux_mnt) {
+ errno = ENOENT;
+ return -1;
+ }
+
+ snprintf(path, sizeof path, "%s/load", selinux_mnt);
+ fd = open(path, O_RDWR);
+ if (fd < 0)
+ return -1;
+
+ ret = write(fd, data, len);
+ close(fd);
+ if (ret < 0)
+ return -1;
+ return 0;
+}
+
+hidden_def(security_load_policy)
+
+int load_setlocaldefs hidden = 1;
+
+#undef max
+#define max(a, b) (((a) > (b)) ? (a) : (b))
+
+int selinux_mkload_policy(int preservebools)
+{
+ int kernvers = security_policyvers();
+ int maxvers = kernvers, minvers = DEFAULT_POLICY_VERSION, vers;
+ int setlocaldefs = load_setlocaldefs;
+ char path[PATH_MAX], **names;
+ struct stat sb;
+ struct utsname uts;
+ size_t size;
+ void *map, *data;
+ int fd, rc = -1, *values, len, i, prot;
+ sepol_policydb_t *policydb;
+ sepol_policy_file_t *pf;
+ int usesepol = 0;
+ int (*vers_max)(void) = NULL;
+ int (*vers_min)(void) = NULL;
+ int (*policy_file_create)(sepol_policy_file_t **) = NULL;
+ void (*policy_file_free)(sepol_policy_file_t *) = NULL;
+ void (*policy_file_set_mem)(sepol_policy_file_t *, char*, size_t) = NULL;
+ int (*policydb_create)(sepol_policydb_t **) = NULL;
+ void (*policydb_free)(sepol_policydb_t *) = NULL;
+ int (*policydb_read)(sepol_policydb_t *, sepol_policy_file_t *) = NULL;
+ int (*policydb_set_vers)(sepol_policydb_t *, unsigned int) = NULL;
+ int (*policydb_to_image)(sepol_handle_t *, sepol_policydb_t *, void **, size_t *) = NULL;
+ int (*genbools_array)(void *data, size_t len, char **names, int *values, int nel) = NULL;
+ int (*genusers)(void *data, size_t len, const char *usersdir, void **newdata, size_t * newlen) = NULL;
+ int (*genbools)(void *data, size_t len, char *boolpath) = NULL;
+
+#ifdef SHARED
+ char *errormsg = NULL;
+ void *libsepolh = NULL;
+ libsepolh = dlopen("libsepol.so.1", RTLD_NOW);
+ if (libsepolh) {
+ usesepol = 1;
+ dlerror();
+#define DLERR() if ((errormsg = dlerror())) goto dlclose;
+ vers_max = dlsym(libsepolh, "sepol_policy_kern_vers_max");
+ DLERR();
+ vers_min = dlsym(libsepolh, "sepol_policy_kern_vers_min");
+ DLERR();
+
+ policy_file_create = dlsym(libsepolh, "sepol_policy_file_create");
+ DLERR();
+ policy_file_free = dlsym(libsepolh, "sepol_policy_file_free");
+ DLERR();
+ policy_file_set_mem = dlsym(libsepolh, "sepol_policy_file_set_mem");
+ DLERR();
+ policydb_create = dlsym(libsepolh, "sepol_policydb_create");
+ DLERR();
+ policydb_free = dlsym(libsepolh, "sepol_policydb_free");
+ DLERR();
+ policydb_read = dlsym(libsepolh, "sepol_policydb_read");
+ DLERR();
+ policydb_set_vers = dlsym(libsepolh, "sepol_policydb_set_vers");
+ DLERR();
+ policydb_to_image = dlsym(libsepolh, "sepol_policydb_to_image");
+ DLERR();
+ genbools_array = dlsym(libsepolh, "sepol_genbools_array");
+ DLERR();
+ genusers = dlsym(libsepolh, "sepol_genusers");
+ DLERR();
+ genbools = dlsym(libsepolh, "sepol_genbools");
+ DLERR();
+
+#undef DLERR
+ }
+#else
+ usesepol = 1;
+ vers_max = sepol_policy_kern_vers_max;
+ vers_min = sepol_policy_kern_vers_min;
+ policy_file_create = sepol_policy_file_create;
+ policy_file_free = sepol_policy_file_free;
+ policy_file_set_mem = sepol_policy_file_set_mem;
+ policydb_create = sepol_policydb_create;
+ policydb_free = sepol_policydb_free;
+ policydb_read = sepol_policydb_read;
+ policydb_set_vers = sepol_policydb_set_vers;
+ policydb_to_image = sepol_policydb_to_image;
+ genbools_array = sepol_genbools_array;
+ genusers = sepol_genusers;
+ genbools = sepol_genbools;
+
+#endif
+
+ /*
+ * Check whether we need to support local boolean and user definitions.
+ */
+ if (setlocaldefs) {
+ if (access(selinux_booleans_path(), F_OK) == 0)
+ goto checkbool;
+ snprintf(path, sizeof path, "%s.local", selinux_booleans_path());
+ if (access(path, F_OK) == 0)
+ goto checkbool;
+ snprintf(path, sizeof path, "%s/local.users", selinux_users_path());
+ if (access(path, F_OK) == 0)
+ goto checkbool;
+ /* No local definition files, so disable setlocaldefs. */
+ setlocaldefs = 0;
+ }
+
+checkbool:
+ /*
+ * As of Linux 2.6.22, the kernel preserves boolean
+ * values across a reload, so we do not need to
+ * preserve them in userspace.
+ */
+ if (preservebools && uname(&uts) == 0 && strverscmp(uts.release, "2.6.22") >= 0)
+ preservebools = 0;
+
+ if (usesepol) {
+ maxvers = vers_max();
+ minvers = vers_min();
+ if (!setlocaldefs && !preservebools)
+ maxvers = max(kernvers, maxvers);
+ }
+
+ vers = maxvers;
+ search:
+ snprintf(path, sizeof(path), "%s.%d",
+ selinux_binary_policy_path(), vers);
+ fd = open(path, O_RDONLY);
+ while (fd < 0 && errno == ENOENT
+ && --vers >= minvers) {
+ /* Check prior versions to see if old policy is available */
+ snprintf(path, sizeof(path), "%s.%d",
+ selinux_binary_policy_path(), vers);
+ fd = open(path, O_RDONLY);
+ }
+ if (fd < 0) {
+ fprintf(stderr,
+ "SELinux: Could not open policy file <= %s.%d: %s\n",
+ selinux_binary_policy_path(), maxvers, strerror(errno));
+ goto dlclose;
+ }
+
+ if (fstat(fd, &sb) < 0) {
+ fprintf(stderr,
+ "SELinux: Could not stat policy file %s: %s\n",
+ path, strerror(errno));
+ goto close;
+ }
+
+ prot = PROT_READ;
+ if (setlocaldefs || preservebools)
+ prot |= PROT_WRITE;
+
+ size = sb.st_size;
+ data = map = mmap(NULL, size, prot, MAP_PRIVATE, fd, 0);
+ if (map == MAP_FAILED) {
+ fprintf(stderr,
+ "SELinux: Could not map policy file %s: %s\n",
+ path, strerror(errno));
+ goto close;
+ }
+
+ if (vers > kernvers && usesepol) {
+ /* Need to downgrade to kernel-supported version. */
+ if (policy_file_create(&pf))
+ goto unmap;
+ if (policydb_create(&policydb)) {
+ policy_file_free(pf);
+ goto unmap;
+ }
+ policy_file_set_mem(pf, data, size);
+ if (policydb_read(policydb, pf)) {
+ policy_file_free(pf);
+ policydb_free(policydb);
+ goto unmap;
+ }
+ if (policydb_set_vers(policydb, kernvers) ||
+ policydb_to_image(NULL, policydb, &data, &size)) {
+ /* Downgrade failed, keep searching. */
+ fprintf(stderr,
+ "SELinux: Could not downgrade policy file %s, searching for an older version.\n",
+ path);
+ policy_file_free(pf);
+ policydb_free(policydb);
+ munmap(map, sb.st_size);
+ close(fd);
+ vers--;
+ goto search;
+ }
+ policy_file_free(pf);
+ policydb_free(policydb);
+ }
+
+ if (usesepol) {
+ if (setlocaldefs) {
+ void *olddata = data;
+ size_t oldsize = size;
+ rc = genusers(olddata, oldsize, selinux_users_path(),
+ &data, &size);
+ if (rc < 0) {
+ /* Fall back to the prior image if genusers failed. */
+ data = olddata;
+ size = oldsize;
+ rc = 0;
+ } else {
+ if (olddata != map)
+ free(olddata);
+ }
+ }
+
+#ifndef DISABLE_BOOL
+ if (preservebools) {
+ rc = security_get_boolean_names(&names, &len);
+ if (!rc) {
+ values = malloc(sizeof(int) * len);
+ if (!values)
+ goto unmap;
+ for (i = 0; i < len; i++)
+ values[i] =
+ security_get_boolean_active(names[i]);
+ (void)genbools_array(data, size, names, values,
+ len);
+ free(values);
+ for (i = 0; i < len; i++)
+ free(names[i]);
+ free(names);
+ }
+ } else if (setlocaldefs) {
+ (void)genbools(data, size,
+ (char *)selinux_booleans_path());
+ }
+#endif
+ }
+
+
+ rc = security_load_policy(data, size);
+
+ if (rc)
+ fprintf(stderr,
+ "SELinux: Could not load policy file %s: %s\n",
+ path, strerror(errno));
+
+ unmap:
+ if (data != map)
+ free(data);
+ munmap(map, sb.st_size);
+ close:
+ close(fd);
+ dlclose:
+#ifdef SHARED
+ if (errormsg)
+ fprintf(stderr, "libselinux: %s\n", errormsg);
+ if (libsepolh)
+ dlclose(libsepolh);
+#endif
+ return rc;
+}
+
+hidden_def(selinux_mkload_policy)
+
+/*
+ * Mount point for selinuxfs.
+ * This definition is private to the function below.
+ * Everything else uses the location determined during
+ * libselinux startup via /proc/mounts (see init_selinuxmnt).
+ * We only need the hardcoded definition for the initial mount
+ * required for the initial policy load.
+ */
+int selinux_init_load_policy(int *enforce)
+{
+ int rc = 0, orig_enforce = 0, seconfig = -2, secmdline = -1;
+ FILE *cfg;
+ char *buf;
+
+ /*
+ * Reread the selinux configuration in case it has changed.
+ * Example: Caller has chroot'd and is now loading policy from
+ * chroot'd environment.
+ */
+ reset_selinux_config();
+
+ /*
+ * Get desired mode (disabled, permissive, enforcing) from
+ * /etc/selinux/config.
+ */
+ selinux_getenforcemode(&seconfig);
+
+ /* Check for an override of the mode via the kernel command line. */
+ rc = mount("none", "/proc", "proc", 0, 0);
+ cfg = fopen("/proc/cmdline", "r");
+ if (cfg) {
+ char *tmp;
+ buf = malloc(selinux_page_size);
+ if (!buf) {
+ fclose(cfg);
+ return -1;
+ }
+ if (fgets(buf, selinux_page_size, cfg) &&
+ (tmp = strstr(buf, "enforcing="))) {
+ if (tmp == buf || isspace(*(tmp - 1))) {
+ secmdline =
+ atoi(tmp + sizeof("enforcing=") - 1);
+ }
+ }
+ fclose(cfg);
+ free(buf);
+ }
+#define MNT_DETACH 2
+ if (rc == 0)
+ umount2("/proc", MNT_DETACH);
+
+ /*
+ * Determine the final desired mode.
+ * Command line argument takes precedence, then config file.
+ */
+ if (secmdline >= 0)
+ *enforce = secmdline;
+ else if (seconfig >= 0)
+ *enforce = seconfig;
+ else
+ *enforce = 0; /* unspecified or disabled */
+
+ /*
+ * Check for the existence of SELinux via selinuxfs, and
+ * mount it if present for use in the calls below.
+ */
+ if (mount("none", SELINUXMNT, "selinuxfs", 0, 0) < 0) {
+ if (errno == ENODEV) {
+ /*
+ * SELinux was disabled in the kernel, either
+ * omitted entirely or disabled at boot via selinux=0.
+ * This takes precedence over any config or
+ * commandline enforcing setting.
+ */
+ *enforce = 0;
+ } else {
+ /* Only emit this error if selinux was not disabled */
+ fprintf(stderr, "Mount failed for selinuxfs on %s: %s\n", SELINUXMNT, strerror(errno));
+ }
+
+ goto noload;
+ }
+ set_selinuxmnt(SELINUXMNT);
+
+ /*
+ * Note: The following code depends on having selinuxfs
+ * already mounted and selinuxmnt set above.
+ */
+
+ if (seconfig == -1) {
+ /* Runtime disable of SELinux. */
+ rc = security_disable();
+ if (rc == 0) {
+ /* Successfully disabled, so umount selinuxfs too. */
+ umount(SELINUXMNT);
+ }
+ /*
+ * If we failed to disable, SELinux will still be
+ * effectively permissive, because no policy is loaded.
+ * No need to call security_setenforce(0) here.
+ */
+ goto noload;
+ }
+
+ /*
+ * If necessary, change the kernel enforcing status to match
+ * the desired mode.
+ */
+ orig_enforce = rc = security_getenforce();
+ if (rc < 0)
+ goto noload;
+ if (orig_enforce != *enforce) {
+ rc = security_setenforce(*enforce);
+ if (rc < 0)
+ goto noload;
+ }
+
+ /* Load the policy. */
+ return selinux_mkload_policy(0);
+
+ noload:
+ /*
+ * Only return 0 on a successful completion of policy load.
+ * In any other case, we want to return an error so that init
+ * knows not to proceed with the re-exec for the domain transition.
+ * Depending on the *enforce setting, init will halt (> 0) or proceed
+ * normally (otherwise).
+ */
+ return -1;
+}
diff --git a/libselinux/src/lsetfilecon.c b/libselinux/src/lsetfilecon.c
new file mode 100644
index 0000000..844e5c7
--- /dev/null
+++ b/libselinux/src/lsetfilecon.c
@@ -0,0 +1,31 @@
+#include <unistd.h>
+#include <fcntl.h>
+#include <string.h>
+#include <stdlib.h>
+#include <errno.h>
+#include <sys/xattr.h>
+#include "selinux_internal.h"
+#include "policy.h"
+
+int lsetfilecon_raw(const char *path, security_context_t context)
+{
+ return lsetxattr(path, XATTR_NAME_SELINUX, context, strlen(context) + 1,
+ 0);
+}
+
+hidden_def(lsetfilecon_raw)
+
+int lsetfilecon(const char *path, security_context_t context)
+{
+ int ret;
+ security_context_t rcontext = context;
+
+ if (selinux_trans_to_raw_context(context, &rcontext))
+ return -1;
+
+ ret = lsetfilecon_raw(path, rcontext);
+
+ freecon(rcontext);
+
+ return ret;
+}
diff --git a/libselinux/src/mapping.c b/libselinux/src/mapping.c
new file mode 100644
index 0000000..f9858ce
--- /dev/null
+++ b/libselinux/src/mapping.c
@@ -0,0 +1,195 @@
+/*
+ * Class and permission mappings.
+ */
+
+#include <errno.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <stdarg.h>
+#include <assert.h>
+#include <selinux/selinux.h>
+#include <selinux/avc.h>
+#include "mapping.h"
+
+/*
+ * Class and permission mappings
+ */
+
+struct selinux_mapping {
+ security_class_t value; /* real, kernel value */
+ unsigned num_perms;
+ access_vector_t perms[sizeof(access_vector_t) * 8];
+};
+
+static struct selinux_mapping *current_mapping = NULL;
+static security_class_t current_mapping_size = 0;
+
+/*
+ * Mapping setting function
+ */
+
+int
+selinux_set_mapping(struct security_class_mapping *map)
+{
+ size_t size = sizeof(struct selinux_mapping);
+ security_class_t i, j;
+ unsigned k;
+
+ free(current_mapping);
+ current_mapping = NULL;
+ current_mapping_size = 0;
+
+ if (avc_reset() < 0)
+ goto err;
+
+ /* Find number of classes in the input mapping */
+ if (!map) {
+ errno = EINVAL;
+ goto err;
+ }
+ i = 0;
+ while (map[i].name)
+ i++;
+
+ /* Allocate space for the class records, plus one for class zero */
+ current_mapping = (struct selinux_mapping *)calloc(++i, size);
+ if (!current_mapping)
+ goto err;
+
+ /* Store the raw class and permission values */
+ j = 0;
+ while (map[j].name) {
+ struct security_class_mapping *p_in = map + (j++);
+ struct selinux_mapping *p_out = current_mapping + j;
+
+ p_out->value = string_to_security_class(p_in->name);
+ if (!p_out->value)
+ goto err2;
+
+ k = 0;
+ while (p_in->perms && p_in->perms[k]) {
+ /* An empty permission string skips ahead */
+ if (!*p_in->perms[k]) {
+ k++;
+ continue;
+ }
+ p_out->perms[k] = string_to_av_perm(p_out->value,
+ p_in->perms[k]);
+ if (!p_out->perms[k])
+ goto err2;
+ k++;
+ }
+ p_out->num_perms = k;
+ }
+
+ /* Set the mapping size here so the above lookups are "raw" */
+ current_mapping_size = i;
+ return 0;
+err2:
+ free(current_mapping);
+ current_mapping = NULL;
+ current_mapping_size = 0;
+err:
+ return -1;
+}
+
+/*
+ * Get real, kernel values from mapped values
+ */
+
+security_class_t
+unmap_class(security_class_t tclass)
+{
+ if (tclass < current_mapping_size)
+ return current_mapping[tclass].value;
+
+ assert(current_mapping_size == 0);
+ return tclass;
+}
+
+access_vector_t
+unmap_perm(security_class_t tclass, access_vector_t tperm)
+{
+ if (tclass < current_mapping_size) {
+ unsigned i;
+ access_vector_t kperm = 0;
+
+ for (i=0; i<current_mapping[tclass].num_perms; i++)
+ if (tperm & (1<<i)) {
+ assert(current_mapping[tclass].perms[i]);
+ kperm |= current_mapping[tclass].perms[i];
+ tperm &= ~(1<<i);
+ }
+ assert(tperm == 0);
+ return kperm;
+ }
+
+ assert(current_mapping_size == 0);
+ return tperm;
+}
+
+/*
+ * Get mapped values from real, kernel values
+ */
+
+security_class_t
+map_class(security_class_t kclass)
+{
+ security_class_t i;
+
+ for (i=0; i<current_mapping_size; i++)
+ if (current_mapping[i].value == kclass)
+ return i;
+
+ assert(current_mapping_size == 0);
+ return kclass;
+}
+
+access_vector_t
+map_perm(security_class_t tclass, access_vector_t kperm)
+{
+ if (tclass < current_mapping_size) {
+ unsigned i;
+ access_vector_t tperm = 0;
+
+ for (i=0; i<current_mapping[tclass].num_perms; i++)
+ if (kperm & current_mapping[tclass].perms[i]) {
+ tperm |= 1<<i;
+ kperm &= ~current_mapping[tclass].perms[i];
+ }
+ assert(kperm == 0);
+ return tperm;
+ }
+
+ assert(current_mapping_size == 0);
+ return kperm;
+}
+
+void
+map_decision(security_class_t tclass, struct av_decision *avd)
+{
+ if (tclass < current_mapping_size) {
+ unsigned i;
+ access_vector_t result;
+
+ for (i=0, result=0; i<current_mapping[tclass].num_perms; i++)
+ if (avd->allowed & current_mapping[tclass].perms[i])
+ result |= 1<<i;
+ avd->allowed = result;
+
+ for (i=0, result=0; i<current_mapping[tclass].num_perms; i++)
+ if (avd->decided & current_mapping[tclass].perms[i])
+ result |= 1<<i;
+ avd->decided = result;
+
+ for (i=0, result=0; i<current_mapping[tclass].num_perms; i++)
+ if (avd->auditallow & current_mapping[tclass].perms[i])
+ result |= 1<<i;
+ avd->auditallow = result;
+
+ for (i=0, result=0; i<current_mapping[tclass].num_perms; i++)
+ if (avd->auditdeny & current_mapping[tclass].perms[i])
+ result |= 1<<i;
+ avd->auditdeny = result;
+ }
+}
diff --git a/libselinux/src/mapping.h b/libselinux/src/mapping.h
new file mode 100644
index 0000000..b96756b
--- /dev/null
+++ b/libselinux/src/mapping.h
@@ -0,0 +1,41 @@
+/*
+ * This file describes the class and permission mappings used to
+ * hide the kernel numbers from userspace by allowing userspace object
+ * managers to specify a list of classes and permissions.
+ */
+#ifndef _SELINUX_MAPPING_H_
+#define _SELINUX_MAPPING_H_
+
+#include <selinux/selinux.h>
+
+/*
+ * Get real, kernel values from mapped values
+ */
+
+extern security_class_t
+unmap_class(security_class_t tclass);
+
+extern access_vector_t
+unmap_perm(security_class_t tclass, access_vector_t tperm);
+
+/*
+ * Get mapped values from real, kernel values
+ */
+
+extern security_class_t
+map_class(security_class_t kclass);
+
+extern access_vector_t
+map_perm(security_class_t tclass, access_vector_t kperm);
+
+extern void
+map_decision(security_class_t tclass, struct av_decision *avd);
+
+/*mapping is not used for embedded build*/
+#ifdef DISABLE_AVC
+#define unmap_perm(x,y) y
+#define unmap_class(x) x
+#define map_decision(x,y)
+#endif
+
+#endif /* _SELINUX_MAPPING_H_ */
diff --git a/libselinux/src/matchmediacon.c b/libselinux/src/matchmediacon.c
new file mode 100644
index 0000000..4b40942
--- /dev/null
+++ b/libselinux/src/matchmediacon.c
@@ -0,0 +1,66 @@
+#include <unistd.h>
+#include <fcntl.h>
+#include <sys/stat.h>
+#include <string.h>
+#include "selinux_internal.h"
+#include <stdio.h>
+#include <stdlib.h>
+#include <ctype.h>
+#include <errno.h>
+#include <limits.h>
+#include <regex.h>
+#include <stdarg.h>
+
+int matchmediacon(const char *media, security_context_t * con)
+{
+ const char *path = selinux_media_context_path();
+ FILE *infile;
+ char *ptr, *ptr2 = NULL;
+ int found = 0;
+ char current_line[PATH_MAX];
+ if ((infile = fopen(path, "r")) == NULL)
+ return -1;
+ while (!feof_unlocked(infile)) {
+ if (!fgets_unlocked(current_line, sizeof(current_line), infile)) {
+ return -1;
+ }
+ if (current_line[strlen(current_line) - 1])
+ current_line[strlen(current_line) - 1] = 0;
+ /* Skip leading whitespace before the partial context. */
+ ptr = current_line;
+ while (*ptr && isspace(*ptr))
+ ptr++;
+
+ if (!(*ptr))
+ continue;
+
+ /* Find the end of the media context. */
+ ptr2 = ptr;
+ while (*ptr2 && !isspace(*ptr2))
+ ptr2++;
+ if (!(*ptr2))
+ continue;
+
+ *ptr2++ = 0;
+ if (strcmp(media, ptr) == 0) {
+ found = 1;
+ break;
+ }
+ }
+ if (!found)
+ return -1;
+
+ /* Skip whitespace. */
+ while (*ptr2 && isspace(*ptr2))
+ ptr2++;
+ if (!(*ptr2)) {
+ return -1;
+ }
+
+ if (selinux_raw_to_trans_context(ptr2, con)) {
+ *con = NULL;
+ return -1;
+ }
+
+ return 0;
+}
diff --git a/libselinux/src/matchpathcon.c b/libselinux/src/matchpathcon.c
new file mode 100644
index 0000000..381aedd
--- /dev/null
+++ b/libselinux/src/matchpathcon.c
@@ -0,0 +1,436 @@
+#include <sys/stat.h>
+#include <string.h>
+#include <errno.h>
+#include <stdio.h>
+#include "selinux_internal.h"
+#include "label_internal.h"
+#include "callbacks.h"
+
+static __thread struct selabel_handle *hnd;
+
+/*
+ * An array for mapping integers to contexts
+ */
+static __thread char **con_array;
+static __thread int con_array_size;
+static __thread int con_array_used;
+
+static int add_array_elt(char *con)
+{
+ if (con_array_size) {
+ while (con_array_used >= con_array_size) {
+ con_array_size *= 2;
+ con_array = (char **)realloc(con_array, sizeof(char*) *
+ con_array_size);
+ if (!con_array) {
+ con_array_size = con_array_used = 0;
+ return -1;
+ }
+ }
+ } else {
+ con_array_size = 1000;
+ con_array = (char **)malloc(sizeof(char*) * con_array_size);
+ if (!con_array) {
+ con_array_size = con_array_used = 0;
+ return -1;
+ }
+ }
+
+ con_array[con_array_used] = strdup(con);
+ if (!con_array[con_array_used])
+ return -1;
+ return con_array_used++;
+}
+
+static void free_array_elts(void)
+{
+ con_array_size = con_array_used = 0;
+ free(con_array);
+ con_array = NULL;
+}
+
+static void
+#ifdef __GNUC__
+ __attribute__ ((format(printf, 1, 2)))
+#endif
+ default_printf(const char *fmt, ...)
+{
+ va_list ap;
+ va_start(ap, fmt);
+ vfprintf(stderr, fmt, ap);
+ va_end(ap);
+}
+
+void
+#ifdef __GNUC__
+ __attribute__ ((format(printf, 1, 2)))
+#endif
+ (*myprintf) (const char *fmt,...) = &default_printf;
+int myprintf_compat = 0;
+
+void set_matchpathcon_printf(void (*f) (const char *fmt, ...))
+{
+ myprintf = f ? f : &default_printf;
+ myprintf_compat = 1;
+}
+
+static int (*myinvalidcon) (const char *p, unsigned l, char *c) = NULL;
+
+void set_matchpathcon_invalidcon(int (*f) (const char *p, unsigned l, char *c))
+{
+ myinvalidcon = f;
+}
+
+static int default_canoncon(const char *path, unsigned lineno, char **context)
+{
+ char *tmpcon;
+ if (security_canonicalize_context_raw(*context, &tmpcon) < 0) {
+ if (errno == ENOENT)
+ return 0;
+ if (lineno)
+ myprintf("%s: line %u has invalid context %s\n", path,
+ lineno, *context);
+ else
+ myprintf("%s: invalid context %s\n", path, *context);
+ return 1;
+ }
+ free(*context);
+ *context = tmpcon;
+ return 0;
+}
+
+static int (*mycanoncon) (const char *p, unsigned l, char **c) =
+ NULL;
+
+void set_matchpathcon_canoncon(int (*f) (const char *p, unsigned l, char **c))
+{
+ if (f)
+ mycanoncon = f;
+ else
+ mycanoncon = &default_canoncon;
+}
+
+static __thread struct selinux_opt options[SELABEL_NOPT];
+static __thread int notrans;
+
+void set_matchpathcon_flags(unsigned int flags)
+{
+ int i;
+ memset(options, 0, sizeof(options));
+ i = SELABEL_OPT_BASEONLY;
+ options[i].type = i;
+ options[i].value = (flags & MATCHPATHCON_BASEONLY) ? (char*)1 : NULL;
+ i = SELABEL_OPT_VALIDATE;
+ options[i].type = i;
+ options[i].value = (flags & MATCHPATHCON_VALIDATE) ? (char*)1 : NULL;
+ notrans = flags & MATCHPATHCON_NOTRANS;
+}
+
+/*
+ * An association between an inode and a
+ * specification.
+ */
+typedef struct file_spec {
+ ino_t ino; /* inode number */
+ int specind; /* index of specification in spec */
+ char *file; /* full pathname for diagnostic messages about conflicts */
+ struct file_spec *next; /* next association in hash bucket chain */
+} file_spec_t;
+
+/*
+ * The hash table of associations, hashed by inode number.
+ * Chaining is used for collisions, with elements ordered
+ * by inode number in each bucket. Each hash bucket has a dummy
+ * header.
+ */
+#define HASH_BITS 16
+#define HASH_BUCKETS (1 << HASH_BITS)
+#define HASH_MASK (HASH_BUCKETS-1)
+static file_spec_t *fl_head;
+
+/*
+ * Try to add an association between an inode and
+ * a specification. If there is already an association
+ * for the inode and it conflicts with this specification,
+ * then use the specification that occurs later in the
+ * specification array.
+ */
+int matchpathcon_filespec_add(ino_t ino, int specind, const char *file)
+{
+ file_spec_t *prevfl, *fl;
+ int h, ret;
+ struct stat sb;
+
+ if (!fl_head) {
+ fl_head = malloc(sizeof(file_spec_t) * HASH_BUCKETS);
+ if (!fl_head)
+ goto oom;
+ memset(fl_head, 0, sizeof(file_spec_t) * HASH_BUCKETS);
+ }
+
+ h = (ino + (ino >> HASH_BITS)) & HASH_MASK;
+ for (prevfl = &fl_head[h], fl = fl_head[h].next; fl;
+ prevfl = fl, fl = fl->next) {
+ if (ino == fl->ino) {
+ ret = lstat(fl->file, &sb);
+ if (ret < 0 || sb.st_ino != ino) {
+ fl->specind = specind;
+ free(fl->file);
+ fl->file = malloc(strlen(file) + 1);
+ if (!fl->file)
+ goto oom;
+ strcpy(fl->file, file);
+ return fl->specind;
+
+ }
+
+ if (!strcmp(con_array[fl->specind],
+ con_array[specind]))
+ return fl->specind;
+
+ myprintf
+ ("%s: conflicting specifications for %s and %s, using %s.\n",
+ __FUNCTION__, file, fl->file,
+ con_array[fl->specind]);
+ free(fl->file);
+ fl->file = malloc(strlen(file) + 1);
+ if (!fl->file)
+ goto oom;
+ strcpy(fl->file, file);
+ return fl->specind;
+ }
+
+ if (ino > fl->ino)
+ break;
+ }
+
+ fl = malloc(sizeof(file_spec_t));
+ if (!fl)
+ goto oom;
+ fl->ino = ino;
+ fl->specind = specind;
+ fl->file = malloc(strlen(file) + 1);
+ if (!fl->file)
+ goto oom_freefl;
+ strcpy(fl->file, file);
+ fl->next = prevfl->next;
+ prevfl->next = fl;
+ return fl->specind;
+ oom_freefl:
+ free(fl);
+ oom:
+ myprintf("%s: insufficient memory for file label entry for %s\n",
+ __FUNCTION__, file);
+ return -1;
+}
+
+/*
+ * Evaluate the association hash table distribution.
+ */
+void matchpathcon_filespec_eval(void)
+{
+ file_spec_t *fl;
+ int h, used, nel, len, longest;
+
+ if (!fl_head)
+ return;
+
+ used = 0;
+ longest = 0;
+ nel = 0;
+ for (h = 0; h < HASH_BUCKETS; h++) {
+ len = 0;
+ for (fl = fl_head[h].next; fl; fl = fl->next) {
+ len++;
+ }
+ if (len)
+ used++;
+ if (len > longest)
+ longest = len;
+ nel += len;
+ }
+
+ myprintf
+ ("%s: hash table stats: %d elements, %d/%d buckets used, longest chain length %d\n",
+ __FUNCTION__, nel, used, HASH_BUCKETS, longest);
+}
+
+/*
+ * Destroy the association hash table.
+ */
+void matchpathcon_filespec_destroy(void)
+{
+ file_spec_t *fl, *tmp;
+ int h;
+
+ free_array_elts();
+
+ if (!fl_head)
+ return;
+
+ for (h = 0; h < HASH_BUCKETS; h++) {
+ fl = fl_head[h].next;
+ while (fl) {
+ tmp = fl;
+ fl = fl->next;
+ free(tmp->file);
+ free(tmp);
+ }
+ fl_head[h].next = NULL;
+ }
+ free(fl_head);
+ fl_head = NULL;
+}
+
+int matchpathcon_init_prefix(const char *path, const char *subset)
+{
+ if (!mycanoncon)
+ mycanoncon = default_canoncon;
+
+ options[SELABEL_OPT_SUBSET].type = SELABEL_OPT_SUBSET;
+ options[SELABEL_OPT_SUBSET].value = subset;
+ options[SELABEL_OPT_PATH].type = SELABEL_OPT_PATH;
+ options[SELABEL_OPT_PATH].value = path;
+
+ hnd = selabel_open(SELABEL_CTX_FILE, options, SELABEL_NOPT);
+ return hnd ? 0 : -1;
+}
+
+hidden_def(matchpathcon_init_prefix)
+
+int matchpathcon_init(const char *path)
+{
+ return matchpathcon_init_prefix(path, NULL);
+}
+
+void matchpathcon_fini(void)
+{
+ if (hnd) {
+ selabel_close(hnd);
+ hnd = NULL;
+ }
+}
+
+int matchpathcon(const char *name, mode_t mode, security_context_t * con)
+{
+ if (!hnd && (matchpathcon_init_prefix(NULL, NULL) < 0))
+ return -1;
+
+ return notrans ?
+ selabel_lookup_raw(hnd, con, name, mode) :
+ selabel_lookup(hnd, con, name, mode);
+}
+
+int matchpathcon_index(const char *name, mode_t mode, security_context_t * con)
+{
+ int i = matchpathcon(name, mode, con);
+
+ if (i < 0)
+ return -1;
+
+ return add_array_elt(*con);
+}
+
+void matchpathcon_checkmatches(char *str __attribute__((unused)))
+{
+ selabel_stats(hnd);
+}
+
+/* Compare two contexts to see if their differences are "significant",
+ * or whether the only difference is in the user. */
+int selinux_file_context_cmp(const security_context_t a,
+ const security_context_t b)
+{
+ char *rest_a, *rest_b; /* Rest of the context after the user */
+ if (!a && !b)
+ return 0;
+ if (!a)
+ return -1;
+ if (!b)
+ return 1;
+ rest_a = strchr((char *)a, ':');
+ rest_b = strchr((char *)b, ':');
+ if (!rest_a && !rest_b)
+ return 0;
+ if (!rest_a)
+ return -1;
+ if (!rest_b)
+ return 1;
+ return strcmp(rest_a, rest_b);
+}
+
+int selinux_file_context_verify(const char *path, mode_t mode)
+{
+ security_context_t con = NULL;
+ security_context_t fcontext = NULL;
+ int rc = 0;
+
+ rc = lgetfilecon_raw(path, &con);
+ if (rc == -1) {
+ if (errno != ENOTSUP)
+ return 1;
+ else
+ return 0;
+ }
+
+ if (!hnd && (matchpathcon_init_prefix(NULL, NULL) < 0))
+ return -1;
+
+ if (selabel_lookup_raw(hnd, &fcontext, path, mode) != 0) {
+ if (errno != ENOENT)
+ rc = 1;
+ else
+ rc = 0;
+ } else
+ rc = (selinux_file_context_cmp(fcontext, con) == 0);
+
+ freecon(con);
+ freecon(fcontext);
+ return rc;
+}
+
+int selinux_lsetfilecon_default(const char *path)
+{
+ struct stat st;
+ int rc = -1;
+ security_context_t scontext = NULL;
+ if (lstat(path, &st) != 0)
+ return rc;
+
+ if (!hnd && (matchpathcon_init_prefix(NULL, NULL) < 0))
+ return -1;
+
+ /* If there's an error determining the context, or it has none,
+ return to allow default context */
+ if (selabel_lookup_raw(hnd, &scontext, path, st.st_mode)) {
+ if (errno == ENOENT)
+ rc = 0;
+ } else {
+ rc = lsetfilecon_raw(path, scontext);
+ freecon(scontext);
+ }
+ return rc;
+}
+
+int compat_validate(struct selabel_handle *rec,
+ struct selabel_lookup_rec *contexts,
+ const char *path, unsigned lineno)
+{
+ int rc;
+ char **ctx = &contexts->ctx_raw;
+
+ if (myinvalidcon)
+ rc = myinvalidcon(path, lineno, *ctx);
+ else if (mycanoncon)
+ rc = mycanoncon(path, lineno, ctx);
+ else {
+ rc = selabel_validate(rec, contexts);
+ if (rc < 0) {
+ COMPAT_LOG(SELINUX_WARNING,
+ "%s: line %d has invalid context %s\n",
+ path, lineno, *ctx);
+ }
+ }
+
+ return rc ? -1 : 0;
+}
diff --git a/libselinux/src/policy.h b/libselinux/src/policy.h
new file mode 100644
index 0000000..10e8712
--- /dev/null
+++ b/libselinux/src/policy.h
@@ -0,0 +1,25 @@
+#ifndef _POLICY_H_
+#define _POLICY_H_
+
+/* Private definitions used internally by libselinux. */
+
+/* xattr name for SELinux attributes. */
+#define XATTR_NAME_SELINUX "security.selinux"
+
+/* Initial length guess for getting contexts. */
+#define INITCONTEXTLEN 255
+
+/* selinuxfs magic number */
+#define SELINUX_MAGIC 0xf97cff8c
+
+/* Preferred selinux mount location */
+#define SELINUXMNT "/selinux"
+
+/* selinuxfs mount point */
+extern char *selinux_mnt;
+
+#define FILECONTEXTS "/etc/security/selinux/file_contexts"
+
+#define DEFAULT_POLICY_VERSION 15
+
+#endif
diff --git a/libselinux/src/policyvers.c b/libselinux/src/policyvers.c
new file mode 100644
index 0000000..284a7f7
--- /dev/null
+++ b/libselinux/src/policyvers.c
@@ -0,0 +1,45 @@
+#include <unistd.h>
+#include <sys/types.h>
+#include <fcntl.h>
+#include <stdlib.h>
+#include <errno.h>
+#include <string.h>
+#include "selinux_internal.h"
+#include <stdio.h>
+#include "policy.h"
+#include "dso.h"
+#include <limits.h>
+
+int security_policyvers(void)
+{
+ int fd, ret;
+ char path[PATH_MAX];
+ char buf[20];
+ unsigned vers = DEFAULT_POLICY_VERSION;
+
+ if (!selinux_mnt) {
+ errno = ENOENT;
+ return -1;
+ }
+
+ snprintf(path, sizeof path, "%s/policyvers", selinux_mnt);
+ fd = open(path, O_RDONLY);
+ if (fd < 0) {
+ if (errno == ENOENT)
+ return vers;
+ else
+ return -1;
+ }
+ memset(buf, 0, sizeof buf);
+ ret = read(fd, buf, sizeof buf - 1);
+ close(fd);
+ if (ret < 0)
+ return -1;
+
+ if (sscanf(buf, "%u", &vers) != 1)
+ return -1;
+
+ return vers;
+}
+
+hidden_def(security_policyvers)
diff --git a/libselinux/src/procattr.c b/libselinux/src/procattr.c
new file mode 100644
index 0000000..8f3f401
--- /dev/null
+++ b/libselinux/src/procattr.c
@@ -0,0 +1,205 @@
+#include <sys/syscall.h>
+#include <unistd.h>
+#include <fcntl.h>
+#include <string.h>
+#include <stdlib.h>
+#include <stdio.h>
+#include <errno.h>
+#include "selinux_internal.h"
+#include "policy.h"
+
+static pid_t gettid(void)
+{
+ return syscall(__NR_gettid);
+}
+
+static int getprocattrcon_raw(security_context_t * context,
+ pid_t pid, const char *attr)
+{
+ char *path, *buf;
+ size_t size;
+ int fd, rc;
+ ssize_t ret;
+ pid_t tid;
+ int errno_hold;
+
+ if (pid > 0)
+ rc = asprintf(&path, "/proc/%d/attr/%s", pid, attr);
+ else {
+ tid = gettid();
+ rc = asprintf(&path, "/proc/self/task/%d/attr/%s", tid, attr);
+ }
+ if (rc < 0)
+ return -1;
+
+ fd = open(path, O_RDONLY);
+ free(path);
+ if (fd < 0)
+ return -1;
+
+ size = selinux_page_size;
+ buf = malloc(size);
+ if (!buf) {
+ ret = -1;
+ goto out;
+ }
+ memset(buf, 0, size);
+
+ do {
+ ret = read(fd, buf, size - 1);
+ } while (ret < 0 && errno == EINTR);
+ if (ret < 0)
+ goto out2;
+
+ if (ret == 0) {
+ *context = NULL;
+ goto out2;
+ }
+
+ *context = strdup(buf);
+ if (!(*context)) {
+ ret = -1;
+ goto out2;
+ }
+ ret = 0;
+ out2:
+ free(buf);
+ out:
+ errno_hold = errno;
+ close(fd);
+ errno = errno_hold;
+ return ret;
+}
+
+static int getprocattrcon(security_context_t * context,
+ pid_t pid, const char *attr)
+{
+ int ret;
+ security_context_t rcontext;
+
+ ret = getprocattrcon_raw(&rcontext, pid, attr);
+
+ if (!ret) {
+ ret = selinux_raw_to_trans_context(rcontext, context);
+ freecon(rcontext);
+ }
+
+ return ret;
+}
+
+static int setprocattrcon_raw(security_context_t context,
+ pid_t pid, const char *attr)
+{
+ char *path;
+ int fd, rc;
+ pid_t tid;
+ ssize_t ret;
+ int errno_hold;
+
+ if (pid > 0)
+ rc = asprintf(&path, "/proc/%d/attr/%s", pid, attr);
+ else {
+ tid = gettid();
+ rc = asprintf(&path, "/proc/self/task/%d/attr/%s", tid, attr);
+ }
+ if (rc < 0)
+ return -1;
+
+ fd = open(path, O_RDWR);
+ free(path);
+ if (fd < 0)
+ return -1;
+ if (context)
+ do {
+ ret = write(fd, context, strlen(context) + 1);
+ } while (ret < 0 && errno == EINTR);
+ else
+ do {
+ ret = write(fd, NULL, 0); /* clear */
+ } while (ret < 0 && errno == EINTR);
+ errno_hold = errno;
+ close(fd);
+ errno = errno_hold;
+ if (ret < 0)
+ return -1;
+ else
+ return 0;
+}
+
+static int setprocattrcon(security_context_t context,
+ pid_t pid, const char *attr)
+{
+ int ret;
+ security_context_t rcontext = context;
+
+ if (selinux_trans_to_raw_context(context, &rcontext))
+ return -1;
+
+ ret = setprocattrcon_raw(rcontext, pid, attr);
+
+ freecon(rcontext);
+
+ return ret;
+}
+
+#define getselfattr_def(fn, attr) \
+ int get##fn##_raw(security_context_t *c) \
+ { \
+ return getprocattrcon_raw(c, 0, #attr); \
+ } \
+ int get##fn(security_context_t *c) \
+ { \
+ return getprocattrcon(c, 0, #attr); \
+ }
+
+#define setselfattr_def(fn, attr) \
+ int set##fn##_raw(security_context_t c) \
+ { \
+ return setprocattrcon_raw(c, 0, #attr); \
+ } \
+ int set##fn(security_context_t c) \
+ { \
+ return setprocattrcon(c, 0, #attr); \
+ }
+
+#define all_selfattr_def(fn, attr) \
+ getselfattr_def(fn, attr) \
+ setselfattr_def(fn, attr)
+
+#define getpidattr_def(fn, attr) \
+ int get##fn##_raw(pid_t pid, security_context_t *c) \
+ { \
+ return getprocattrcon_raw(c, pid, #attr); \
+ } \
+ int get##fn(pid_t pid, security_context_t *c) \
+ { \
+ return getprocattrcon(c, pid, #attr); \
+ }
+
+all_selfattr_def(con, current)
+ getpidattr_def(pidcon, current)
+ getselfattr_def(prevcon, prev)
+ all_selfattr_def(execcon, exec)
+ all_selfattr_def(fscreatecon, fscreate)
+ all_selfattr_def(sockcreatecon, sockcreate)
+ all_selfattr_def(keycreatecon, keycreate)
+
+ hidden_def(getcon_raw)
+ hidden_def(getcon)
+ hidden_def(getexeccon_raw)
+ hidden_def(getfilecon_raw)
+ hidden_def(getfilecon)
+ hidden_def(getfscreatecon_raw)
+ hidden_def(getkeycreatecon_raw)
+ hidden_def(getpeercon_raw)
+ hidden_def(getpidcon_raw)
+ hidden_def(getprevcon_raw)
+ hidden_def(getprevcon)
+ hidden_def(getsockcreatecon_raw)
+ hidden_def(setcon_raw)
+ hidden_def(setexeccon_raw)
+ hidden_def(setexeccon)
+ hidden_def(setfilecon_raw)
+ hidden_def(setfscreatecon_raw)
+ hidden_def(setkeycreatecon_raw)
+ hidden_def(setsockcreatecon_raw)
diff --git a/libselinux/src/query_user_context.c b/libselinux/src/query_user_context.c
new file mode 100644
index 0000000..dcfc1b0
--- /dev/null
+++ b/libselinux/src/query_user_context.c
@@ -0,0 +1,180 @@
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include "selinux_internal.h"
+#include "context_internal.h"
+#include <selinux/get_context_list.h>
+
+/* context_menu - given a list of contexts, presents a menu of security contexts
+ * to the user. Returns the number (position in the list) of
+ * the user selected context.
+ */
+static int context_menu(security_context_t * list)
+{
+ int i; /* array index */
+ int choice = 0; /* index of the user's choice */
+ char response[10]; /* string to hold the user's response */
+
+ printf("\n\n");
+ for (i = 0; list[i]; i++)
+ printf("[%d] %s\n", i + 1, list[i]);
+
+ while ((choice < 1) || (choice > i)) {
+ printf("Enter number of choice: ");
+ fflush(stdin);
+ if (fgets(response, sizeof(response), stdin) == NULL)
+ continue;
+ fflush(stdin);
+ choice = strtol(response, NULL, 10);
+ }
+
+ return (choice - 1);
+}
+
+/* query_user_context - given a list of context, allow the user to choose one. The
+ * default is the first context in the list. Returns 0 on
+ * success, -1 on failure
+ */
+int query_user_context(security_context_t * list, security_context_t * usercon)
+{
+ char response[10]; /* The user's response */
+ int choice; /* The index in the list of the sid chosen by
+ the user */
+
+ if (!list[0])
+ return -1;
+
+ printf("\nYour default context is %s.\n", list[0]);
+ if (list[1]) {
+ printf("Do you want to choose a different one? [n]");
+ fflush(stdin);
+ if (fgets(response, sizeof(response), stdin) == NULL)
+ return -1;
+ fflush(stdin);
+
+ if ((response[0] == 'y') || (response[0] == 'Y')) {
+ choice = context_menu(list);
+ *usercon = strdup(list[choice]);
+ if (!(*usercon))
+ return -1;
+ return 0;
+ }
+
+ *usercon = strdup(list[0]);
+ if (!(*usercon))
+ return -1;
+ } else {
+ *usercon = strdup(list[0]);
+ if (!(*usercon))
+ return -1;
+ }
+
+ return 0;
+}
+
+/* get_field - given fieldstr - the "name" of a field, query the user
+ * and set the new value of the field
+ */
+static void get_field(const char *fieldstr, char *newfield, int newfieldlen)
+{
+ int done = 0; /* true if a non-empty field has been obtained */
+
+ while (!done) { /* Keep going until we get a value for the field */
+ printf("\tEnter %s ", fieldstr);
+ fflush(stdin);
+ if (fgets(newfield, newfieldlen, stdin) == NULL)
+ continue;
+ fflush(stdin);
+ if (newfield[strlen(newfield) - 1] == '\n')
+ newfield[strlen(newfield) - 1] = '\0';
+
+ if (strlen(newfield) == 0) {
+ printf("You must enter a %s\n", fieldstr);
+ } else {
+ done = 1;
+ }
+ }
+}
+
+/* manual_user_enter_context - provides a way for a user to manually enter a
+ * context in case the policy doesn't allow a list
+ * to be obtained.
+ * given the userid, queries the user and places the
+ * context chosen by the user into usercon. Returns 0
+ * on success.
+ */
+int manual_user_enter_context(const char *user, security_context_t * newcon)
+{
+ char response[10]; /* Used to get yes or no answers from user */
+ char role[100]; /* The role requested by the user */
+ int rolelen = 100;
+ char type[100]; /* The type requested by the user */
+ int typelen = 100;
+ char level[100]; /* The level requested by the user */
+ int levellen = 100;
+ int mls_enabled = is_selinux_mls_enabled();
+
+ context_t new_context; /* The new context chosen by the user */
+ char *user_context = NULL; /* String value of the user's context */
+ int done = 0; /* true if a valid sid has been obtained */
+
+ /* Initialize the context. How this is done depends on whether
+ or not MLS is enabled */
+ if (mls_enabled)
+ new_context = context_new("user:role:type:level");
+ else
+ new_context = context_new("user:role:type");
+
+ if (!new_context)
+ return -1;
+
+ while (!done) {
+ printf("Would you like to enter a security context? [y]");
+ if (fgets(response, sizeof(response), stdin) == NULL
+ || (response[0] == 'n') || (response[0] == 'N')) {
+ context_free(new_context);
+ return -1;
+ }
+
+ /* Allow the user to enter each field of the context individually */
+ if (context_user_set(new_context, user)) {
+ context_free(new_context);
+ return -1;
+ }
+ get_field("role", role, rolelen);
+ if (context_role_set(new_context, role)) {
+ context_free(new_context);
+ return -1;
+ }
+ get_field("type", type, typelen);
+ if (context_type_set(new_context, type)) {
+ context_free(new_context);
+ return -1;
+ }
+
+ if (mls_enabled) {
+ get_field("level", level, levellen);
+ if (context_range_set(new_context, level)) {
+ context_free(new_context);
+ return -1;
+ }
+ }
+
+ /* Get the string value of the context and see if it is valid. */
+ user_context = context_str(new_context);
+ if (!user_context) {
+ context_free(new_context);
+ return -1;
+ }
+ if (!security_check_context(user_context))
+ done = 1;
+ else
+ printf("Not a valid security context\n");
+ }
+
+ *newcon = strdup(user_context);
+ context_free(new_context);
+ if (!(*newcon))
+ return -1;
+ return 0;
+}
diff --git a/libselinux/src/rpm.c b/libselinux/src/rpm.c
new file mode 100644
index 0000000..b89f1bb
--- /dev/null
+++ b/libselinux/src/rpm.c
@@ -0,0 +1,58 @@
+#include <unistd.h>
+#include <fcntl.h>
+#include <string.h>
+#include <selinux/flask.h>
+#include "selinux_internal.h"
+#include "context_internal.h"
+
+int rpm_execcon(unsigned int verified __attribute__ ((unused)),
+ const char *filename, char *const argv[], char *const envp[])
+{
+ security_context_t mycon = NULL, fcon = NULL, newcon = NULL;
+ context_t con = NULL;
+ int rc = 0;
+
+ if (is_selinux_enabled() < 1)
+ return execve(filename, argv, envp);
+
+ rc = getcon(&mycon);
+ if (rc < 0)
+ goto out;
+
+ rc = getfilecon(filename, &fcon);
+ if (rc < 0)
+ goto out;
+
+ rc = security_compute_create(mycon, fcon, SECCLASS_PROCESS, &newcon);
+ if (rc < 0)
+ goto out;
+
+ if (!strcmp(mycon, newcon)) {
+ /* No default transition, use rpm_script_t for now. */
+ rc = -1;
+ con = context_new(mycon);
+ if (!con)
+ goto out;
+ if (context_type_set(con, "rpm_script_t"))
+ goto out;
+ freecon(newcon);
+ newcon = strdup(context_str(con));
+ if (!newcon)
+ goto out;
+ rc = 0;
+ }
+
+ rc = setexeccon(newcon);
+ if (rc < 0)
+ goto out;
+ out:
+
+ if (rc >= 0 || security_getenforce() < 1)
+ rc = execve(filename, argv, envp);
+
+ context_free(con);
+ freecon(newcon);
+ freecon(fcon);
+ freecon(mycon);
+ return rc < 0 ? rc : 0;
+}
diff --git a/libselinux/src/selinux.py b/libselinux/src/selinux.py
new file mode 100644
index 0000000..3989922
--- /dev/null
+++ b/libselinux/src/selinux.py
@@ -0,0 +1,513 @@
+# This file was automatically generated by SWIG (http://www.swig.org).
+# Version 1.3.33
+#
+# Don't modify this file, modify the SWIG interface instead.
+# This file is compatible with both classic and new-style classes.
+
+import _selinux
+import new
+new_instancemethod = new.instancemethod
+try:
+ _swig_property = property
+except NameError:
+ pass # Python < 2.2 doesn't have 'property'.
+def _swig_setattr_nondynamic(self,class_type,name,value,static=1):
+ if (name == "thisown"): return self.this.own(value)
+ if (name == "this"):
+ if type(value).__name__ == 'PySwigObject':
+ self.__dict__[name] = value
+ return
+ method = class_type.__swig_setmethods__.get(name,None)
+ if method: return method(self,value)
+ if (not static) or hasattr(self,name):
+ self.__dict__[name] = value
+ else:
+ raise AttributeError("You cannot add attributes to %s" % self)
+
+def _swig_setattr(self,class_type,name,value):
+ return _swig_setattr_nondynamic(self,class_type,name,value,0)
+
+def _swig_getattr(self,class_type,name):
+ if (name == "thisown"): return self.this.own()
+ method = class_type.__swig_getmethods__.get(name,None)
+ if method: return method(self)
+ raise AttributeError,name
+
+def _swig_repr(self):
+ try: strthis = "proxy of " + self.this.__repr__()
+ except: strthis = ""
+ return "<%s.%s; %s >" % (self.__class__.__module__, self.__class__.__name__, strthis,)
+
+import types
+try:
+ _object = types.ObjectType
+ _newclass = 1
+except AttributeError:
+ class _object : pass
+ _newclass = 0
+del types
+
+
+is_selinux_enabled = _selinux.is_selinux_enabled
+is_selinux_mls_enabled = _selinux.is_selinux_mls_enabled
+getcon = _selinux.getcon
+getcon_raw = _selinux.getcon_raw
+setcon = _selinux.setcon
+setcon_raw = _selinux.setcon_raw
+getpidcon = _selinux.getpidcon
+getpidcon_raw = _selinux.getpidcon_raw
+getprevcon = _selinux.getprevcon
+getprevcon_raw = _selinux.getprevcon_raw
+getexeccon = _selinux.getexeccon
+getexeccon_raw = _selinux.getexeccon_raw
+setexeccon = _selinux.setexeccon
+setexeccon_raw = _selinux.setexeccon_raw
+getfscreatecon = _selinux.getfscreatecon
+getfscreatecon_raw = _selinux.getfscreatecon_raw
+setfscreatecon = _selinux.setfscreatecon
+setfscreatecon_raw = _selinux.setfscreatecon_raw
+getkeycreatecon = _selinux.getkeycreatecon
+getkeycreatecon_raw = _selinux.getkeycreatecon_raw
+setkeycreatecon = _selinux.setkeycreatecon
+setkeycreatecon_raw = _selinux.setkeycreatecon_raw
+getsockcreatecon = _selinux.getsockcreatecon
+getsockcreatecon_raw = _selinux.getsockcreatecon_raw
+setsockcreatecon = _selinux.setsockcreatecon
+setsockcreatecon_raw = _selinux.setsockcreatecon_raw
+getfilecon = _selinux.getfilecon
+getfilecon_raw = _selinux.getfilecon_raw
+lgetfilecon = _selinux.lgetfilecon
+lgetfilecon_raw = _selinux.lgetfilecon_raw
+fgetfilecon = _selinux.fgetfilecon
+fgetfilecon_raw = _selinux.fgetfilecon_raw
+setfilecon = _selinux.setfilecon
+setfilecon_raw = _selinux.setfilecon_raw
+lsetfilecon = _selinux.lsetfilecon
+lsetfilecon_raw = _selinux.lsetfilecon_raw
+fsetfilecon = _selinux.fsetfilecon
+fsetfilecon_raw = _selinux.fsetfilecon_raw
+getpeercon = _selinux.getpeercon
+getpeercon_raw = _selinux.getpeercon_raw
+class av_decision(_object):
+ __swig_setmethods__ = {}
+ __setattr__ = lambda self, name, value: _swig_setattr(self, av_decision, name, value)
+ __swig_getmethods__ = {}
+ __getattr__ = lambda self, name: _swig_getattr(self, av_decision, name)
+ __repr__ = _swig_repr
+ __swig_setmethods__["allowed"] = _selinux.av_decision_allowed_set
+ __swig_getmethods__["allowed"] = _selinux.av_decision_allowed_get
+ if _newclass:allowed = _swig_property(_selinux.av_decision_allowed_get, _selinux.av_decision_allowed_set)
+ __swig_setmethods__["decided"] = _selinux.av_decision_decided_set
+ __swig_getmethods__["decided"] = _selinux.av_decision_decided_get
+ if _newclass:decided = _swig_property(_selinux.av_decision_decided_get, _selinux.av_decision_decided_set)
+ __swig_setmethods__["auditallow"] = _selinux.av_decision_auditallow_set
+ __swig_getmethods__["auditallow"] = _selinux.av_decision_auditallow_get
+ if _newclass:auditallow = _swig_property(_selinux.av_decision_auditallow_get, _selinux.av_decision_auditallow_set)
+ __swig_setmethods__["auditdeny"] = _selinux.av_decision_auditdeny_set
+ __swig_getmethods__["auditdeny"] = _selinux.av_decision_auditdeny_get
+ if _newclass:auditdeny = _swig_property(_selinux.av_decision_auditdeny_get, _selinux.av_decision_auditdeny_set)
+ __swig_setmethods__["seqno"] = _selinux.av_decision_seqno_set
+ __swig_getmethods__["seqno"] = _selinux.av_decision_seqno_get
+ if _newclass:seqno = _swig_property(_selinux.av_decision_seqno_get, _selinux.av_decision_seqno_set)
+ def __init__(self, *args):
+ this = _selinux.new_av_decision(*args)
+ try: self.this.append(this)
+ except: self.this = this
+ __swig_destroy__ = _selinux.delete_av_decision
+ __del__ = lambda self : None;
+av_decision_swigregister = _selinux.av_decision_swigregister
+av_decision_swigregister(av_decision)
+
+class selinux_opt(_object):
+ __swig_setmethods__ = {}
+ __setattr__ = lambda self, name, value: _swig_setattr(self, selinux_opt, name, value)
+ __swig_getmethods__ = {}
+ __getattr__ = lambda self, name: _swig_getattr(self, selinux_opt, name)
+ __repr__ = _swig_repr
+ __swig_setmethods__["type"] = _selinux.selinux_opt_type_set
+ __swig_getmethods__["type"] = _selinux.selinux_opt_type_get
+ if _newclass:type = _swig_property(_selinux.selinux_opt_type_get, _selinux.selinux_opt_type_set)
+ __swig_setmethods__["value"] = _selinux.selinux_opt_value_set
+ __swig_getmethods__["value"] = _selinux.selinux_opt_value_get
+ if _newclass:value = _swig_property(_selinux.selinux_opt_value_get, _selinux.selinux_opt_value_set)
+ def __init__(self, *args):
+ this = _selinux.new_selinux_opt(*args)
+ try: self.this.append(this)
+ except: self.this = this
+ __swig_destroy__ = _selinux.delete_selinux_opt
+ __del__ = lambda self : None;
+selinux_opt_swigregister = _selinux.selinux_opt_swigregister
+selinux_opt_swigregister(selinux_opt)
+
+class selinux_callback(_object):
+ __swig_setmethods__ = {}
+ __setattr__ = lambda self, name, value: _swig_setattr(self, selinux_callback, name, value)
+ __swig_getmethods__ = {}
+ __getattr__ = lambda self, name: _swig_getattr(self, selinux_callback, name)
+ __repr__ = _swig_repr
+ __swig_setmethods__["func_log"] = _selinux.selinux_callback_func_log_set
+ __swig_getmethods__["func_log"] = _selinux.selinux_callback_func_log_get
+ if _newclass:func_log = _swig_property(_selinux.selinux_callback_func_log_get, _selinux.selinux_callback_func_log_set)
+ __swig_setmethods__["func_audit"] = _selinux.selinux_callback_func_audit_set
+ __swig_getmethods__["func_audit"] = _selinux.selinux_callback_func_audit_get
+ if _newclass:func_audit = _swig_property(_selinux.selinux_callback_func_audit_get, _selinux.selinux_callback_func_audit_set)
+ __swig_setmethods__["func_validate"] = _selinux.selinux_callback_func_validate_set
+ __swig_getmethods__["func_validate"] = _selinux.selinux_callback_func_validate_get
+ if _newclass:func_validate = _swig_property(_selinux.selinux_callback_func_validate_get, _selinux.selinux_callback_func_validate_set)
+ def __init__(self, *args):
+ this = _selinux.new_selinux_callback(*args)
+ try: self.this.append(this)
+ except: self.this = this
+ __swig_destroy__ = _selinux.delete_selinux_callback
+ __del__ = lambda self : None;
+selinux_callback_swigregister = _selinux.selinux_callback_swigregister
+selinux_callback_swigregister(selinux_callback)
+
+SELINUX_CB_LOG = _selinux.SELINUX_CB_LOG
+SELINUX_CB_AUDIT = _selinux.SELINUX_CB_AUDIT
+SELINUX_CB_VALIDATE = _selinux.SELINUX_CB_VALIDATE
+selinux_get_callback = _selinux.selinux_get_callback
+selinux_set_callback = _selinux.selinux_set_callback
+SELINUX_ERROR = _selinux.SELINUX_ERROR
+SELINUX_WARNING = _selinux.SELINUX_WARNING
+SELINUX_INFO = _selinux.SELINUX_INFO
+SELINUX_AVC = _selinux.SELINUX_AVC
+security_compute_av = _selinux.security_compute_av
+security_compute_av_raw = _selinux.security_compute_av_raw
+security_compute_create = _selinux.security_compute_create
+security_compute_create_raw = _selinux.security_compute_create_raw
+security_compute_relabel = _selinux.security_compute_relabel
+security_compute_relabel_raw = _selinux.security_compute_relabel_raw
+security_compute_member = _selinux.security_compute_member
+security_compute_member_raw = _selinux.security_compute_member_raw
+security_compute_user = _selinux.security_compute_user
+security_compute_user_raw = _selinux.security_compute_user_raw
+security_load_policy = _selinux.security_load_policy
+security_get_initial_context = _selinux.security_get_initial_context
+security_get_initial_context_raw = _selinux.security_get_initial_context_raw
+selinux_mkload_policy = _selinux.selinux_mkload_policy
+selinux_init_load_policy = _selinux.selinux_init_load_policy
+class SELboolean(_object):
+ __swig_setmethods__ = {}
+ __setattr__ = lambda self, name, value: _swig_setattr(self, SELboolean, name, value)
+ __swig_getmethods__ = {}
+ __getattr__ = lambda self, name: _swig_getattr(self, SELboolean, name)
+ __repr__ = _swig_repr
+ __swig_setmethods__["name"] = _selinux.SELboolean_name_set
+ __swig_getmethods__["name"] = _selinux.SELboolean_name_get
+ if _newclass:name = _swig_property(_selinux.SELboolean_name_get, _selinux.SELboolean_name_set)
+ __swig_setmethods__["value"] = _selinux.SELboolean_value_set
+ __swig_getmethods__["value"] = _selinux.SELboolean_value_get
+ if _newclass:value = _swig_property(_selinux.SELboolean_value_get, _selinux.SELboolean_value_set)
+ def __init__(self, *args):
+ this = _selinux.new_SELboolean(*args)
+ try: self.this.append(this)
+ except: self.this = this
+ __swig_destroy__ = _selinux.delete_SELboolean
+ __del__ = lambda self : None;
+SELboolean_swigregister = _selinux.SELboolean_swigregister
+SELboolean_swigregister(SELboolean)
+
+security_set_boolean_list = _selinux.security_set_boolean_list
+security_load_booleans = _selinux.security_load_booleans
+security_check_context = _selinux.security_check_context
+security_check_context_raw = _selinux.security_check_context_raw
+security_canonicalize_context = _selinux.security_canonicalize_context
+security_canonicalize_context_raw = _selinux.security_canonicalize_context_raw
+security_getenforce = _selinux.security_getenforce
+security_setenforce = _selinux.security_setenforce
+security_disable = _selinux.security_disable
+security_policyvers = _selinux.security_policyvers
+security_get_boolean_names = _selinux.security_get_boolean_names
+security_get_boolean_pending = _selinux.security_get_boolean_pending
+security_get_boolean_active = _selinux.security_get_boolean_active
+security_set_boolean = _selinux.security_set_boolean
+security_commit_booleans = _selinux.security_commit_booleans
+class security_class_mapping(_object):
+ __swig_setmethods__ = {}
+ __setattr__ = lambda self, name, value: _swig_setattr(self, security_class_mapping, name, value)
+ __swig_getmethods__ = {}
+ __getattr__ = lambda self, name: _swig_getattr(self, security_class_mapping, name)
+ __repr__ = _swig_repr
+ __swig_setmethods__["name"] = _selinux.security_class_mapping_name_set
+ __swig_getmethods__["name"] = _selinux.security_class_mapping_name_get
+ if _newclass:name = _swig_property(_selinux.security_class_mapping_name_get, _selinux.security_class_mapping_name_set)
+ __swig_setmethods__["perms"] = _selinux.security_class_mapping_perms_set
+ __swig_getmethods__["perms"] = _selinux.security_class_mapping_perms_get
+ if _newclass:perms = _swig_property(_selinux.security_class_mapping_perms_get, _selinux.security_class_mapping_perms_set)
+ def __init__(self, *args):
+ this = _selinux.new_security_class_mapping(*args)
+ try: self.this.append(this)
+ except: self.this = this
+ __swig_destroy__ = _selinux.delete_security_class_mapping
+ __del__ = lambda self : None;
+security_class_mapping_swigregister = _selinux.security_class_mapping_swigregister
+security_class_mapping_swigregister(security_class_mapping)
+
+selinux_set_mapping = _selinux.selinux_set_mapping
+string_to_security_class = _selinux.string_to_security_class
+security_class_to_string = _selinux.security_class_to_string
+security_av_perm_to_string = _selinux.security_av_perm_to_string
+string_to_av_perm = _selinux.string_to_av_perm
+security_av_string = _selinux.security_av_string
+print_access_vector = _selinux.print_access_vector
+MATCHPATHCON_BASEONLY = _selinux.MATCHPATHCON_BASEONLY
+MATCHPATHCON_NOTRANS = _selinux.MATCHPATHCON_NOTRANS
+MATCHPATHCON_VALIDATE = _selinux.MATCHPATHCON_VALIDATE
+set_matchpathcon_flags = _selinux.set_matchpathcon_flags
+matchpathcon_init = _selinux.matchpathcon_init
+matchpathcon_init_prefix = _selinux.matchpathcon_init_prefix
+matchpathcon_fini = _selinux.matchpathcon_fini
+matchpathcon = _selinux.matchpathcon
+matchpathcon_index = _selinux.matchpathcon_index
+matchpathcon_filespec_add = _selinux.matchpathcon_filespec_add
+matchpathcon_filespec_destroy = _selinux.matchpathcon_filespec_destroy
+matchpathcon_filespec_eval = _selinux.matchpathcon_filespec_eval
+matchpathcon_checkmatches = _selinux.matchpathcon_checkmatches
+matchmediacon = _selinux.matchmediacon
+selinux_getenforcemode = _selinux.selinux_getenforcemode
+selinux_getpolicytype = _selinux.selinux_getpolicytype
+selinux_policy_root = _selinux.selinux_policy_root
+selinux_binary_policy_path = _selinux.selinux_binary_policy_path
+selinux_failsafe_context_path = _selinux.selinux_failsafe_context_path
+selinux_removable_context_path = _selinux.selinux_removable_context_path
+selinux_default_context_path = _selinux.selinux_default_context_path
+selinux_user_contexts_path = _selinux.selinux_user_contexts_path
+selinux_file_context_path = _selinux.selinux_file_context_path
+selinux_file_context_homedir_path = _selinux.selinux_file_context_homedir_path
+selinux_file_context_local_path = _selinux.selinux_file_context_local_path
+selinux_homedir_context_path = _selinux.selinux_homedir_context_path
+selinux_media_context_path = _selinux.selinux_media_context_path
+selinux_x_context_path = _selinux.selinux_x_context_path
+selinux_contexts_path = _selinux.selinux_contexts_path
+selinux_securetty_types_path = _selinux.selinux_securetty_types_path
+selinux_booleans_path = _selinux.selinux_booleans_path
+selinux_customizable_types_path = _selinux.selinux_customizable_types_path
+selinux_users_path = _selinux.selinux_users_path
+selinux_usersconf_path = _selinux.selinux_usersconf_path
+selinux_translations_path = _selinux.selinux_translations_path
+selinux_netfilter_context_path = _selinux.selinux_netfilter_context_path
+selinux_path = _selinux.selinux_path
+selinux_check_passwd_access = _selinux.selinux_check_passwd_access
+checkPasswdAccess = _selinux.checkPasswdAccess
+selinux_check_securetty_context = _selinux.selinux_check_securetty_context
+set_selinuxmnt = _selinux.set_selinuxmnt
+rpm_execcon = _selinux.rpm_execcon
+is_context_customizable = _selinux.is_context_customizable
+selinux_trans_to_raw_context = _selinux.selinux_trans_to_raw_context
+selinux_raw_to_trans_context = _selinux.selinux_raw_to_trans_context
+getseuserbyname = _selinux.getseuserbyname
+selinux_file_context_cmp = _selinux.selinux_file_context_cmp
+selinux_file_context_verify = _selinux.selinux_file_context_verify
+selinux_lsetfilecon_default = _selinux.selinux_lsetfilecon_default
+class security_id(_object):
+ __swig_setmethods__ = {}
+ __setattr__ = lambda self, name, value: _swig_setattr(self, security_id, name, value)
+ __swig_getmethods__ = {}
+ __getattr__ = lambda self, name: _swig_getattr(self, security_id, name)
+ __repr__ = _swig_repr
+ __swig_setmethods__["ctx"] = _selinux.security_id_ctx_set
+ __swig_getmethods__["ctx"] = _selinux.security_id_ctx_get
+ if _newclass:ctx = _swig_property(_selinux.security_id_ctx_get, _selinux.security_id_ctx_set)
+ __swig_setmethods__["refcnt"] = _selinux.security_id_refcnt_set
+ __swig_getmethods__["refcnt"] = _selinux.security_id_refcnt_get
+ if _newclass:refcnt = _swig_property(_selinux.security_id_refcnt_get, _selinux.security_id_refcnt_set)
+ def __init__(self, *args):
+ this = _selinux.new_security_id(*args)
+ try: self.this.append(this)
+ except: self.this = this
+ __swig_destroy__ = _selinux.delete_security_id
+ __del__ = lambda self : None;
+security_id_swigregister = _selinux.security_id_swigregister
+security_id_swigregister(security_id)
+
+avc_sid_to_context = _selinux.avc_sid_to_context
+avc_sid_to_context_raw = _selinux.avc_sid_to_context_raw
+avc_context_to_sid = _selinux.avc_context_to_sid
+avc_context_to_sid_raw = _selinux.avc_context_to_sid_raw
+sidget = _selinux.sidget
+sidput = _selinux.sidput
+avc_get_initial_sid = _selinux.avc_get_initial_sid
+class avc_entry_ref(_object):
+ __swig_setmethods__ = {}
+ __setattr__ = lambda self, name, value: _swig_setattr(self, avc_entry_ref, name, value)
+ __swig_getmethods__ = {}
+ __getattr__ = lambda self, name: _swig_getattr(self, avc_entry_ref, name)
+ __repr__ = _swig_repr
+ __swig_setmethods__["ae"] = _selinux.avc_entry_ref_ae_set
+ __swig_getmethods__["ae"] = _selinux.avc_entry_ref_ae_get
+ if _newclass:ae = _swig_property(_selinux.avc_entry_ref_ae_get, _selinux.avc_entry_ref_ae_set)
+ def __init__(self, *args):
+ this = _selinux.new_avc_entry_ref(*args)
+ try: self.this.append(this)
+ except: self.this = this
+ __swig_destroy__ = _selinux.delete_avc_entry_ref
+ __del__ = lambda self : None;
+avc_entry_ref_swigregister = _selinux.avc_entry_ref_swigregister
+avc_entry_ref_swigregister(avc_entry_ref)
+
+class avc_memory_callback(_object):
+ __swig_setmethods__ = {}
+ __setattr__ = lambda self, name, value: _swig_setattr(self, avc_memory_callback, name, value)
+ __swig_getmethods__ = {}
+ __getattr__ = lambda self, name: _swig_getattr(self, avc_memory_callback, name)
+ __repr__ = _swig_repr
+ __swig_setmethods__["func_malloc"] = _selinux.avc_memory_callback_func_malloc_set
+ __swig_getmethods__["func_malloc"] = _selinux.avc_memory_callback_func_malloc_get
+ if _newclass:func_malloc = _swig_property(_selinux.avc_memory_callback_func_malloc_get, _selinux.avc_memory_callback_func_malloc_set)
+ __swig_setmethods__["func_free"] = _selinux.avc_memory_callback_func_free_set
+ __swig_getmethods__["func_free"] = _selinux.avc_memory_callback_func_free_get
+ if _newclass:func_free = _swig_property(_selinux.avc_memory_callback_func_free_get, _selinux.avc_memory_callback_func_free_set)
+ def __init__(self, *args):
+ this = _selinux.new_avc_memory_callback(*args)
+ try: self.this.append(this)
+ except: self.this = this
+ __swig_destroy__ = _selinux.delete_avc_memory_callback
+ __del__ = lambda self : None;
+avc_memory_callback_swigregister = _selinux.avc_memory_callback_swigregister
+avc_memory_callback_swigregister(avc_memory_callback)
+
+class avc_log_callback(_object):
+ __swig_setmethods__ = {}
+ __setattr__ = lambda self, name, value: _swig_setattr(self, avc_log_callback, name, value)
+ __swig_getmethods__ = {}
+ __getattr__ = lambda self, name: _swig_getattr(self, avc_log_callback, name)
+ __repr__ = _swig_repr
+ __swig_setmethods__["func_log"] = _selinux.avc_log_callback_func_log_set
+ __swig_getmethods__["func_log"] = _selinux.avc_log_callback_func_log_get
+ if _newclass:func_log = _swig_property(_selinux.avc_log_callback_func_log_get, _selinux.avc_log_callback_func_log_set)
+ __swig_setmethods__["func_audit"] = _selinux.avc_log_callback_func_audit_set
+ __swig_getmethods__["func_audit"] = _selinux.avc_log_callback_func_audit_get
+ if _newclass:func_audit = _swig_property(_selinux.avc_log_callback_func_audit_get, _selinux.avc_log_callback_func_audit_set)
+ def __init__(self, *args):
+ this = _selinux.new_avc_log_callback(*args)
+ try: self.this.append(this)
+ except: self.this = this
+ __swig_destroy__ = _selinux.delete_avc_log_callback
+ __del__ = lambda self : None;
+avc_log_callback_swigregister = _selinux.avc_log_callback_swigregister
+avc_log_callback_swigregister(avc_log_callback)
+
+class avc_thread_callback(_object):
+ __swig_setmethods__ = {}
+ __setattr__ = lambda self, name, value: _swig_setattr(self, avc_thread_callback, name, value)
+ __swig_getmethods__ = {}
+ __getattr__ = lambda self, name: _swig_getattr(self, avc_thread_callback, name)
+ __repr__ = _swig_repr
+ __swig_setmethods__["func_create_thread"] = _selinux.avc_thread_callback_func_create_thread_set
+ __swig_getmethods__["func_create_thread"] = _selinux.avc_thread_callback_func_create_thread_get
+ if _newclass:func_create_thread = _swig_property(_selinux.avc_thread_callback_func_create_thread_get, _selinux.avc_thread_callback_func_create_thread_set)
+ __swig_setmethods__["func_stop_thread"] = _selinux.avc_thread_callback_func_stop_thread_set
+ __swig_getmethods__["func_stop_thread"] = _selinux.avc_thread_callback_func_stop_thread_get
+ if _newclass:func_stop_thread = _swig_property(_selinux.avc_thread_callback_func_stop_thread_get, _selinux.avc_thread_callback_func_stop_thread_set)
+ def __init__(self, *args):
+ this = _selinux.new_avc_thread_callback(*args)
+ try: self.this.append(this)
+ except: self.this = this
+ __swig_destroy__ = _selinux.delete_avc_thread_callback
+ __del__ = lambda self : None;
+avc_thread_callback_swigregister = _selinux.avc_thread_callback_swigregister
+avc_thread_callback_swigregister(avc_thread_callback)
+
+class avc_lock_callback(_object):
+ __swig_setmethods__ = {}
+ __setattr__ = lambda self, name, value: _swig_setattr(self, avc_lock_callback, name, value)
+ __swig_getmethods__ = {}
+ __getattr__ = lambda self, name: _swig_getattr(self, avc_lock_callback, name)
+ __repr__ = _swig_repr
+ __swig_setmethods__["func_alloc_lock"] = _selinux.avc_lock_callback_func_alloc_lock_set
+ __swig_getmethods__["func_alloc_lock"] = _selinux.avc_lock_callback_func_alloc_lock_get
+ if _newclass:func_alloc_lock = _swig_property(_selinux.avc_lock_callback_func_alloc_lock_get, _selinux.avc_lock_callback_func_alloc_lock_set)
+ __swig_setmethods__["func_get_lock"] = _selinux.avc_lock_callback_func_get_lock_set
+ __swig_getmethods__["func_get_lock"] = _selinux.avc_lock_callback_func_get_lock_get
+ if _newclass:func_get_lock = _swig_property(_selinux.avc_lock_callback_func_get_lock_get, _selinux.avc_lock_callback_func_get_lock_set)
+ __swig_setmethods__["func_release_lock"] = _selinux.avc_lock_callback_func_release_lock_set
+ __swig_getmethods__["func_release_lock"] = _selinux.avc_lock_callback_func_release_lock_get
+ if _newclass:func_release_lock = _swig_property(_selinux.avc_lock_callback_func_release_lock_get, _selinux.avc_lock_callback_func_release_lock_set)
+ __swig_setmethods__["func_free_lock"] = _selinux.avc_lock_callback_func_free_lock_set
+ __swig_getmethods__["func_free_lock"] = _selinux.avc_lock_callback_func_free_lock_get
+ if _newclass:func_free_lock = _swig_property(_selinux.avc_lock_callback_func_free_lock_get, _selinux.avc_lock_callback_func_free_lock_set)
+ def __init__(self, *args):
+ this = _selinux.new_avc_lock_callback(*args)
+ try: self.this.append(this)
+ except: self.this = this
+ __swig_destroy__ = _selinux.delete_avc_lock_callback
+ __del__ = lambda self : None;
+avc_lock_callback_swigregister = _selinux.avc_lock_callback_swigregister
+avc_lock_callback_swigregister(avc_lock_callback)
+
+AVC_OPT_UNUSED = _selinux.AVC_OPT_UNUSED
+AVC_OPT_SETENFORCE = _selinux.AVC_OPT_SETENFORCE
+avc_init = _selinux.avc_init
+avc_open = _selinux.avc_open
+avc_cleanup = _selinux.avc_cleanup
+avc_reset = _selinux.avc_reset
+avc_destroy = _selinux.avc_destroy
+avc_has_perm_noaudit = _selinux.avc_has_perm_noaudit
+avc_has_perm = _selinux.avc_has_perm
+avc_audit = _selinux.avc_audit
+avc_compute_create = _selinux.avc_compute_create
+avc_compute_member = _selinux.avc_compute_member
+AVC_CALLBACK_GRANT = _selinux.AVC_CALLBACK_GRANT
+AVC_CALLBACK_TRY_REVOKE = _selinux.AVC_CALLBACK_TRY_REVOKE
+AVC_CALLBACK_REVOKE = _selinux.AVC_CALLBACK_REVOKE
+AVC_CALLBACK_RESET = _selinux.AVC_CALLBACK_RESET
+AVC_CALLBACK_AUDITALLOW_ENABLE = _selinux.AVC_CALLBACK_AUDITALLOW_ENABLE
+AVC_CALLBACK_AUDITALLOW_DISABLE = _selinux.AVC_CALLBACK_AUDITALLOW_DISABLE
+AVC_CALLBACK_AUDITDENY_ENABLE = _selinux.AVC_CALLBACK_AUDITDENY_ENABLE
+AVC_CALLBACK_AUDITDENY_DISABLE = _selinux.AVC_CALLBACK_AUDITDENY_DISABLE
+AVC_CACHE_STATS = _selinux.AVC_CACHE_STATS
+class avc_cache_stats(_object):
+ __swig_setmethods__ = {}
+ __setattr__ = lambda self, name, value: _swig_setattr(self, avc_cache_stats, name, value)
+ __swig_getmethods__ = {}
+ __getattr__ = lambda self, name: _swig_getattr(self, avc_cache_stats, name)
+ __repr__ = _swig_repr
+ __swig_setmethods__["entry_lookups"] = _selinux.avc_cache_stats_entry_lookups_set
+ __swig_getmethods__["entry_lookups"] = _selinux.avc_cache_stats_entry_lookups_get
+ if _newclass:entry_lookups = _swig_property(_selinux.avc_cache_stats_entry_lookups_get, _selinux.avc_cache_stats_entry_lookups_set)
+ __swig_setmethods__["entry_hits"] = _selinux.avc_cache_stats_entry_hits_set
+ __swig_getmethods__["entry_hits"] = _selinux.avc_cache_stats_entry_hits_get
+ if _newclass:entry_hits = _swig_property(_selinux.avc_cache_stats_entry_hits_get, _selinux.avc_cache_stats_entry_hits_set)
+ __swig_setmethods__["entry_misses"] = _selinux.avc_cache_stats_entry_misses_set
+ __swig_getmethods__["entry_misses"] = _selinux.avc_cache_stats_entry_misses_get
+ if _newclass:entry_misses = _swig_property(_selinux.avc_cache_stats_entry_misses_get, _selinux.avc_cache_stats_entry_misses_set)
+ __swig_setmethods__["entry_discards"] = _selinux.avc_cache_stats_entry_discards_set
+ __swig_getmethods__["entry_discards"] = _selinux.avc_cache_stats_entry_discards_get
+ if _newclass:entry_discards = _swig_property(_selinux.avc_cache_stats_entry_discards_get, _selinux.avc_cache_stats_entry_discards_set)
+ __swig_setmethods__["cav_lookups"] = _selinux.avc_cache_stats_cav_lookups_set
+ __swig_getmethods__["cav_lookups"] = _selinux.avc_cache_stats_cav_lookups_get
+ if _newclass:cav_lookups = _swig_property(_selinux.avc_cache_stats_cav_lookups_get, _selinux.avc_cache_stats_cav_lookups_set)
+ __swig_setmethods__["cav_hits"] = _selinux.avc_cache_stats_cav_hits_set
+ __swig_getmethods__["cav_hits"] = _selinux.avc_cache_stats_cav_hits_get
+ if _newclass:cav_hits = _swig_property(_selinux.avc_cache_stats_cav_hits_get, _selinux.avc_cache_stats_cav_hits_set)
+ __swig_setmethods__["cav_probes"] = _selinux.avc_cache_stats_cav_probes_set
+ __swig_getmethods__["cav_probes"] = _selinux.avc_cache_stats_cav_probes_get
+ if _newclass:cav_probes = _swig_property(_selinux.avc_cache_stats_cav_probes_get, _selinux.avc_cache_stats_cav_probes_set)
+ __swig_setmethods__["cav_misses"] = _selinux.avc_cache_stats_cav_misses_set
+ __swig_getmethods__["cav_misses"] = _selinux.avc_cache_stats_cav_misses_get
+ if _newclass:cav_misses = _swig_property(_selinux.avc_cache_stats_cav_misses_get, _selinux.avc_cache_stats_cav_misses_set)
+ def __init__(self, *args):
+ this = _selinux.new_avc_cache_stats(*args)
+ try: self.this.append(this)
+ except: self.this = this
+ __swig_destroy__ = _selinux.delete_avc_cache_stats
+ __del__ = lambda self : None;
+avc_cache_stats_swigregister = _selinux.avc_cache_stats_swigregister
+avc_cache_stats_swigregister(avc_cache_stats)
+
+avc_av_stats = _selinux.avc_av_stats
+avc_sid_stats = _selinux.avc_sid_stats
+selinux_default_type_path = _selinux.selinux_default_type_path
+get_default_type = _selinux.get_default_type
+SELINUX_DEFAULTUSER = _selinux.SELINUX_DEFAULTUSER
+get_ordered_context_list = _selinux.get_ordered_context_list
+get_ordered_context_list_with_level = _selinux.get_ordered_context_list_with_level
+get_default_context = _selinux.get_default_context
+get_default_context_with_level = _selinux.get_default_context_with_level
+get_default_context_with_role = _selinux.get_default_context_with_role
+get_default_context_with_rolelevel = _selinux.get_default_context_with_rolelevel
+query_user_context = _selinux.query_user_context
+manual_user_enter_context = _selinux.manual_user_enter_context
+
+
diff --git a/libselinux/src/selinux_check_securetty_context.c b/libselinux/src/selinux_check_securetty_context.c
new file mode 100644
index 0000000..fdb5a59
--- /dev/null
+++ b/libselinux/src/selinux_check_securetty_context.c
@@ -0,0 +1,53 @@
+#include <unistd.h>
+#include <stdlib.h>
+#include <string.h>
+#include <stdio.h>
+#include <ctype.h>
+#include "selinux_internal.h"
+#include "context_internal.h"
+
+int selinux_check_securetty_context(security_context_t tty_context)
+{
+ char *line = NULL;
+ char *start, *end = NULL;
+ size_t line_len = 0;
+ ssize_t len;
+ int found = -1;
+ FILE *fp;
+ fp = fopen(selinux_securetty_types_path(), "r");
+ if (fp) {
+ context_t con = context_new(tty_context);
+ if (con) {
+ const char *type = context_type_get(con);
+ while ((len = getline(&line, &line_len, fp)) != -1) {
+
+ if (line[len - 1] == '\n')
+ line[len - 1] = 0;
+
+ /* Skip leading whitespace. */
+ start = line;
+ while (*start && isspace(*start))
+ start++;
+ if (!(*start))
+ continue;
+
+ end = start;
+ while (*end && !isspace(*end))
+ end++;
+ if (*end)
+ *end++ = 0;
+ if (!strcmp(type, start)) {
+ found = 0;
+ break;
+ }
+ }
+ free(line);
+ context_free(con);
+ }
+ fclose(fp);
+ }
+
+ return found;
+}
+
+hidden_def(selinux_check_securetty_context)
diff --git a/libselinux/src/selinux_config.c b/libselinux/src/selinux_config.c
new file mode 100644
index 0000000..7dbbb47
--- /dev/null
+++ b/libselinux/src/selinux_config.c
@@ -0,0 +1,385 @@
+#include <stdio.h>
+#include <stdio_ext.h>
+#include <string.h>
+#include <ctype.h>
+#include <stddef.h>
+#include <stdint.h>
+#include <stdlib.h>
+#include <limits.h>
+#include <unistd.h>
+#include "selinux_internal.h"
+#include "get_default_type_internal.h"
+
+#define SELINUXDIR "/etc/selinux/"
+#define SELINUXCONFIG SELINUXDIR "config"
+#define SELINUXDEFAULT "targeted"
+#define SELINUXTYPETAG "SELINUXTYPE="
+#define SELINUXTAG "SELINUX="
+#define SETLOCALDEFS "SETLOCALDEFS="
+#define REQUIRESEUSERS "REQUIRESEUSERS="
+
+/* Indices for file paths arrays. */
+#define BINPOLICY 0
+#define CONTEXTS_DIR 1
+#define FILE_CONTEXTS 2
+#define HOMEDIR_CONTEXTS 3
+#define DEFAULT_CONTEXTS 4
+#define USER_CONTEXTS 5
+#define FAILSAFE_CONTEXT 6
+#define DEFAULT_TYPE 7
+#define BOOLEANS 8
+#define MEDIA_CONTEXTS 9
+#define REMOVABLE_CONTEXT 10
+#define CUSTOMIZABLE_TYPES 11
+#define USERS_DIR 12
+#define SEUSERS 13
+#define TRANSLATIONS 14
+#define NETFILTER_CONTEXTS 15
+#define FILE_CONTEXTS_HOMEDIR 16
+#define FILE_CONTEXTS_LOCAL 17
+#define SECURETTY_TYPES 18
+#define X_CONTEXTS 19
+#define NEL 20
+
+/* New layout is relative to SELINUXDIR/policytype. */
+static char *file_paths[NEL];
+#define L1(l) L2(l)
+#define L2(l)str##l
+static const union file_path_suffixes_data {
+ struct {
+#define S_(n, s) char L1(__LINE__)[sizeof(s)];
+#include "file_path_suffixes.h"
+#undef S_
+ };
+ char str[0];
+} file_path_suffixes_data = {
+ {
+#define S_(n, s) s,
+#include "file_path_suffixes.h"
+#undef S_
+ }
+};
+static const uint16_t file_path_suffixes_idx[NEL] = {
+#define S_(n, s) [n] = offsetof(union file_path_suffixes_data, L1(__LINE__)),
+#include "file_path_suffixes.h"
+#undef S_
+};
+
+#undef L1
+#undef L2
+
+int selinux_getenforcemode(int *enforce)
+{
+ int ret = -1;
+ FILE *cfg = fopen(SELINUXCONFIG, "r");
+ if (cfg) {
+ char *buf;
+ int len = sizeof(SELINUXTAG) - 1;
+ buf = malloc(selinux_page_size);
+ if (!buf) {
+ fclose(cfg);
+ return -1;
+ }
+ while (fgets_unlocked(buf, selinux_page_size, cfg)) {
+ if (strncmp(buf, SELINUXTAG, len))
+ continue;
+ if (!strncasecmp
+ (buf + len, "enforcing", sizeof("enforcing") - 1)) {
+ *enforce = 1;
+ ret = 0;
+ break;
+ } else
+ if (!strncasecmp
+ (buf + len, "permissive",
+ sizeof("permissive") - 1)) {
+ *enforce = 0;
+ ret = 0;
+ break;
+ } else
+ if (!strncasecmp
+ (buf + len, "disabled",
+ sizeof("disabled") - 1)) {
+ *enforce = -1;
+ ret = 0;
+ break;
+ }
+ }
+ fclose(cfg);
+ free(buf);
+ }
+ return ret;
+}
+
+hidden_def(selinux_getenforcemode)
+
+static char *selinux_policytype;
+
+int selinux_getpolicytype(char **type)
+{
+ if (!selinux_policytype)
+ return -1;
+ *type = strdup(selinux_policytype);
+ return *type ? 0 : -1;
+}
+
+hidden_def(selinux_getpolicytype)
+
+static char *selinux_policyroot = NULL;
+static char *selinux_rootpath = NULL;
+
+static void init_selinux_config(void) __attribute__ ((constructor));
+
+static void init_selinux_config(void)
+{
+ int i, *intptr;
+ size_t line_len;
+ ssize_t len;
+ char *line_buf = NULL, *buf_p, *value, *type = NULL, *end;
+ FILE *fp;
+
+ if (selinux_policyroot)
+ return;
+
+ selinux_rootpath = SELINUXDIR;
+ fp = fopen(SELINUXCONFIG, "r");
+ if (fp) {
+ __fsetlocking(fp, FSETLOCKING_BYCALLER);
+ while ((len = getline(&line_buf, &line_len, fp)) > 0) {
+ if (line_buf[len - 1] == '\n')
+ line_buf[len - 1] = 0;
+ buf_p = line_buf;
+ while (isspace(*buf_p))
+ buf_p++;
+ if (*buf_p == '#' || *buf_p == 0)
+ continue;
+
+ if (!strncasecmp(buf_p, SELINUXTYPETAG,
+ sizeof(SELINUXTYPETAG) - 1)) {
+ selinux_policytype = type =
+ strdup(buf_p + sizeof(SELINUXTYPETAG) - 1);
+ if (!type)
+ return;
+ end = type + strlen(type) - 1;
+ while ((end > type) &&
+ (isspace(*end) || iscntrl(*end))) {
+ *end = 0;
+ end--;
+ }
+ continue;
+ } else if (!strncmp(buf_p, SETLOCALDEFS,
+ sizeof(SETLOCALDEFS) - 1)) {
+ value = buf_p + sizeof(SETLOCALDEFS) - 1;
+ intptr = &load_setlocaldefs;
+ } else if (!strncmp(buf_p, REQUIRESEUSERS,
+ sizeof(REQUIRESEUSERS) - 1)) {
+ value = buf_p + sizeof(REQUIRESEUSERS) - 1;
+ intptr = &require_seusers;
+ } else {
+ continue;
+ }
+
+ if (isdigit(*value))
+ *intptr = atoi(value);
+ else if (strncasecmp(value, "true", sizeof("true") - 1))
+ *intptr = 1;
+ else if (strncasecmp
+ (value, "false", sizeof("false") - 1))
+ *intptr = 0;
+ }
+ free(line_buf);
+ fclose(fp);
+ }
+
+ if (!type) {
+ selinux_policytype = type = strdup(SELINUXDEFAULT);
+ if (!type)
+ return;
+ }
+
+ if (asprintf(&selinux_policyroot, "%s%s", SELINUXDIR, type) == -1)
+ return;
+
+ for (i = 0; i < NEL; i++)
+ if (asprintf(&file_paths[i], "%s%s",
+ selinux_policyroot,
+ file_path_suffixes_data.str +
+ file_path_suffixes_idx[i])
+ == -1)
+ return;
+}
+
+static void fini_selinux_policyroot(void) __attribute__ ((destructor));
+
+static void fini_selinux_policyroot(void)
+{
+ int i;
+ free(selinux_policyroot);
+ selinux_policyroot = NULL;
+ for (i = 0; i < NEL; i++) {
+ free(file_paths[i]);
+ file_paths[i] = NULL;
+ }
+ free(selinux_policytype);
+ selinux_policytype = NULL;
+}
+
+void reset_selinux_config(void)
+{
+ fini_selinux_policyroot();
+ init_selinux_config();
+}
+
+static const char *get_path(int idx)
+{
+ return file_paths[idx];
+}
+
+const char *selinux_default_type_path()
+{
+ return get_path(DEFAULT_TYPE);
+}
+
+hidden_def(selinux_default_type_path)
+
+const char *selinux_policy_root()
+{
+ return selinux_policyroot;
+}
+
+const char *selinux_path()
+{
+ return selinux_rootpath;
+}
+
+hidden_def(selinux_path)
+
+const char *selinux_default_context_path()
+{
+ return get_path(DEFAULT_CONTEXTS);
+}
+
+hidden_def(selinux_default_context_path)
+
+const char *selinux_securetty_types_path()
+{
+ return get_path(SECURETTY_TYPES);
+}
+
+hidden_def(selinux_securetty_types_path)
+
+const char *selinux_failsafe_context_path()
+{
+ return get_path(FAILSAFE_CONTEXT);
+}
+
+hidden_def(selinux_failsafe_context_path)
+
+const char *selinux_removable_context_path()
+{
+ return get_path(REMOVABLE_CONTEXT);
+}
+
+hidden_def(selinux_removable_context_path)
+
+const char *selinux_binary_policy_path()
+{
+ return get_path(BINPOLICY);
+}
+
+hidden_def(selinux_binary_policy_path)
+
+const char *selinux_file_context_path()
+{
+ return get_path(FILE_CONTEXTS);
+}
+
+hidden_def(selinux_file_context_path)
+
+const char *selinux_homedir_context_path()
+{
+ return get_path(HOMEDIR_CONTEXTS);
+}
+
+hidden_def(selinux_homedir_context_path)
+
+const char *selinux_media_context_path()
+{
+ return get_path(MEDIA_CONTEXTS);
+}
+
+hidden_def(selinux_media_context_path)
+
+const char *selinux_customizable_types_path()
+{
+ return get_path(CUSTOMIZABLE_TYPES);
+}
+
+hidden_def(selinux_customizable_types_path)
+
+const char *selinux_contexts_path()
+{
+ return get_path(CONTEXTS_DIR);
+}
+
+const char *selinux_user_contexts_path()
+{
+ return get_path(USER_CONTEXTS);
+}
+
+hidden_def(selinux_user_contexts_path)
+
+const char *selinux_booleans_path()
+{
+ return get_path(BOOLEANS);
+}
+
+hidden_def(selinux_booleans_path)
+
+const char *selinux_users_path()
+{
+ return get_path(USERS_DIR);
+}
+
+hidden_def(selinux_users_path)
+
+const char *selinux_usersconf_path()
+{
+ return get_path(SEUSERS);
+}
+
+hidden_def(selinux_usersconf_path)
+
+const char *selinux_translations_path()
+{
+ return get_path(TRANSLATIONS);
+}
+
+hidden_def(selinux_translations_path)
+
+const char *selinux_netfilter_context_path()
+{
+ return get_path(NETFILTER_CONTEXTS);
+}
+
+hidden_def(selinux_netfilter_context_path)
+
+const char *selinux_file_context_homedir_path()
+{
+ return get_path(FILE_CONTEXTS_HOMEDIR);
+}
+
+hidden_def(selinux_file_context_homedir_path)
+
+const char *selinux_file_context_local_path()
+{
+ return get_path(FILE_CONTEXTS_LOCAL);
+}
+
+hidden_def(selinux_file_context_local_path)
+
+const char *selinux_x_context_path()
+{
+ return get_path(X_CONTEXTS);
+}
+
+hidden_def(selinux_x_context_path)
diff --git a/libselinux/src/selinux_internal.h b/libselinux/src/selinux_internal.h
new file mode 100644
index 0000000..eaf1767
--- /dev/null
+++ b/libselinux/src/selinux_internal.h
@@ -0,0 +1,86 @@
+#include <selinux/selinux.h>
+#include "dso.h"
+
+hidden_proto(selinux_mkload_policy)
+ hidden_proto(set_selinuxmnt)
+ hidden_proto(security_disable)
+ hidden_proto(security_policyvers)
+ hidden_proto(security_load_policy)
+ hidden_proto(security_get_boolean_active)
+ hidden_proto(security_get_boolean_names)
+ hidden_proto(security_set_boolean)
+ hidden_proto(security_commit_booleans)
+ hidden_proto(security_check_context)
+ hidden_proto(security_check_context_raw)
+ hidden_proto(security_canonicalize_context)
+ hidden_proto(security_canonicalize_context_raw)
+ hidden_proto(security_compute_av)
+ hidden_proto(security_compute_av_raw)
+ hidden_proto(security_compute_user)
+ hidden_proto(security_compute_user_raw)
+ hidden_proto(security_compute_create)
+ hidden_proto(security_compute_create_raw)
+ hidden_proto(security_compute_member_raw)
+ hidden_proto(security_compute_relabel_raw)
+ hidden_proto(is_selinux_enabled)
+ hidden_proto(is_selinux_mls_enabled)
+ hidden_proto(freecon)
+ hidden_proto(freeconary)
+ hidden_proto(getprevcon)
+ hidden_proto(getprevcon_raw)
+ hidden_proto(getcon)
+ hidden_proto(getcon_raw)
+ hidden_proto(setcon_raw)
+ hidden_proto(getpeercon_raw)
+ hidden_proto(getpidcon_raw)
+ hidden_proto(getexeccon_raw)
+ hidden_proto(getfilecon)
+ hidden_proto(getfilecon_raw)
+ hidden_proto(lgetfilecon_raw)
+ hidden_proto(fgetfilecon_raw)
+ hidden_proto(setfilecon_raw)
+ hidden_proto(lsetfilecon_raw)
+ hidden_proto(fsetfilecon_raw)
+ hidden_proto(setexeccon)
+ hidden_proto(setexeccon_raw)
+ hidden_proto(getfscreatecon_raw)
+ hidden_proto(getkeycreatecon_raw)
+ hidden_proto(getsockcreatecon_raw)
+ hidden_proto(setfscreatecon_raw)
+ hidden_proto(setkeycreatecon_raw)
+ hidden_proto(setsockcreatecon_raw)
+ hidden_proto(security_getenforce)
+ hidden_proto(security_setenforce)
+ hidden_proto(selinux_binary_policy_path)
+ hidden_proto(selinux_default_context_path)
+ hidden_proto(selinux_securetty_types_path)
+ hidden_proto(selinux_failsafe_context_path)
+ hidden_proto(selinux_removable_context_path)
+ hidden_proto(selinux_file_context_path)
+ hidden_proto(selinux_file_context_homedir_path)
+ hidden_proto(selinux_file_context_local_path)
+ hidden_proto(selinux_netfilter_context_path)
+ hidden_proto(selinux_homedir_context_path)
+ hidden_proto(selinux_user_contexts_path)
+ hidden_proto(selinux_booleans_path)
+ hidden_proto(selinux_customizable_types_path)
+ hidden_proto(selinux_media_context_path)
+ hidden_proto(selinux_x_context_path)
+ hidden_proto(selinux_path)
+ hidden_proto(selinux_check_passwd_access)
+ hidden_proto(selinux_check_securetty_context)
+ hidden_proto(matchpathcon_init_prefix)
+ hidden_proto(selinux_users_path)
+ hidden_proto(selinux_usersconf_path);
+hidden_proto(selinux_translations_path);
+hidden_proto(selinux_getenforcemode);
+hidden_proto(selinux_getpolicytype);
+hidden_proto(selinux_raw_to_trans_context);
+hidden_proto(selinux_trans_to_raw_context);
+hidden_proto(security_get_initial_context);
+hidden_proto(security_get_initial_context_raw);
+
+extern void reset_selinux_config(void) hidden;
+extern int load_setlocaldefs hidden;
+extern int require_seusers hidden;
+extern int selinux_page_size hidden;
diff --git a/libselinux/src/selinux_netlink.h b/libselinux/src/selinux_netlink.h
new file mode 100644
index 0000000..88ef551
--- /dev/null
+++ b/libselinux/src/selinux_netlink.h
@@ -0,0 +1,31 @@
+/*
+ * Netlink event notifications for SELinux.
+ *
+ * Author: James Morris <jmorris@redhat.com>
+ */
+#ifndef _LINUX_SELINUX_NETLINK_H
+#define _LINUX_SELINUX_NETLINK_H
+
+/* Message types. */
+#define SELNL_MSG_BASE 0x10
+enum {
+ SELNL_MSG_SETENFORCE = SELNL_MSG_BASE,
+ SELNL_MSG_POLICYLOAD,
+ SELNL_MSG_MAX
+};
+
+/* Multicast groups */
+#define SELNL_GRP_NONE 0x00000000
+#define SELNL_GRP_AVC 0x00000001 /* AVC notifications */
+#define SELNL_GRP_ALL 0xffffffff
+
+/* Message structures */
+struct selnl_msg_setenforce {
+ int32_t val;
+};
+
+struct selnl_msg_policyload {
+ uint32_t seqno;
+};
+
+#endif /* _LINUX_SELINUX_NETLINK_H */
diff --git a/libselinux/src/selinuxswig.i b/libselinux/src/selinuxswig.i
new file mode 100644
index 0000000..a74bf04
--- /dev/null
+++ b/libselinux/src/selinuxswig.i
@@ -0,0 +1,57 @@
+/* Authors: Dan Walsh
+ * James Athey
+ */
+
+%module selinux
+%{
+ #include "selinux/selinux.h"
+ #include "../include/selinux/avc.h"
+ #include "../include/selinux/selinux.h"
+ #include "../include/selinux/get_default_type.h"
+ #include "../include/selinux/get_context_list.h"
+%}
+%apply int *OUTPUT { int *enforce };
+%apply int *OUTPUT { size_t * };
+
+%typedef unsigned mode_t;
+%typedef unsigned pid_t;
+
+%typemap(in, numinputs=0) (char ***names, int *len) (char **temp1, int temp2) {
+ $1 = &temp1;
+ $2 = &temp2;
+}
+
+%typemap(freearg) (char ***names, int *len) {
+ int i;
+ if (*$1) {
+ for (i = 0; i < *$2; i++) {
+ free((*$1)[i]);
+ }
+ free(*$1);
+ }
+}
+
+%typemap(in, numinputs=0) (security_context_t **) (security_context_t *temp) {
+ $1 = &temp;
+}
+
+%typemap(freearg) (security_context_t **) {
+ if (*$1) freeconary(*$1);
+}
+
+/* Ignore functions that don't make sense when wrapped */
+%ignore freecon;
+%ignore freeconary;
+
+/* Ignore functions that take a function pointer as an argument */
+%ignore set_matchpathcon_printf;
+%ignore set_matchpathcon_invalidcon;
+%ignore set_matchpathcon_canoncon;
+
+%ignore avc_add_callback;
+
+%include "../include/selinux/selinux.h"
+%include "../include/selinux/avc.h"
+%include "../include/selinux/get_default_type.h"
+%include "../include/selinux/get_context_list.h"
+
diff --git a/libselinux/src/selinuxswig_python.i b/libselinux/src/selinuxswig_python.i
new file mode 100644
index 0000000..3f43abf
--- /dev/null
+++ b/libselinux/src/selinuxswig_python.i
@@ -0,0 +1,136 @@
+/* Author: James Athey
+ */
+
+%module selinux
+%{
+ #include "selinux/selinux.h"
+%}
+
+/* security_get_boolean_names() typemap */
+%typemap(argout) (char ***names, int *len) {
+ PyObject* list = PyList_New(*$2);
+ int i;
+ for (i = 0; i < *$2; i++) {
+ PyList_SetItem(list, i, PyString_FromString((*$1)[i]));
+ }
+ $result = SWIG_Python_AppendOutput($result, list);
+}
+
+/* return a sid along with the result */
+%typemap(argout) (security_id_t * sid) {
+ if (*$1) {
+ %append_output(SWIG_NewPointerObj(*$1, $descriptor(security_id_t), 0));
+ } else {
+ Py_INCREF(Py_None);
+ %append_output(Py_None);
+ }
+}
+
+%typemap(in,numinputs=0) security_id_t *(security_id_t temp) {
+ $1 = &temp;
+}
+
+/* Makes security_compute_user() return a Python list of contexts */
+%typemap(argout) (security_context_t **con) {
+ PyObject* plist;
+ int i, len = 0;
+
+ if (*$1) {
+ while((*$1)[len])
+ len++;
+ plist = PyList_New(len);
+ for (i = 0; i < len; i++) {
+ PyList_SetItem(plist, i, PyString_FromString((*$1)[i]));
+ }
+ } else {
+ plist = PyList_New(0);
+ }
+
+ $result = SWIG_Python_AppendOutput($result, plist);
+}
+
+/* Makes functions in get_context_list.h return a Python list of contexts */
+%typemap(argout) (security_context_t **list) {
+ PyObject* plist;
+ int i;
+
+ if (*$1) {
+ plist = PyList_New(result);
+ for (i = 0; i < result; i++) {
+ PyList_SetItem(plist, i, PyString_FromString((*$1)[i]));
+ }
+ } else {
+ plist = PyList_New(0);
+ }
+ /* Only return the Python list, don't need to return the length anymore */
+ $result = plist;
+}
+
+%typemap(in,noblock=1,numinputs=0) security_context_t * (security_context_t temp = 0) {
+ $1 = &temp;
+}
+%typemap(freearg,match="in") security_context_t * "";
+%typemap(argout,noblock=1) security_context_t * {
+ if (*$1) {
+ %append_output(SWIG_FromCharPtr(*$1));
+ freecon(*$1);
+ }
+ else {
+ Py_INCREF(Py_None);
+ %append_output(Py_None);
+ }
+}
+
+%typemap(in,noblock=1,numinputs=0) char ** (char * temp = 0) {
+ $1 = &temp;
+}
+%typemap(freearg,match="in") char ** "";
+%typemap(argout,noblock=1) char ** {
+ if (*$1) {
+ %append_output(SWIG_FromCharPtr(*$1));
+ free(*$1);
+ }
+ else {
+ Py_INCREF(Py_None);
+ %append_output(Py_None);
+ }
+}
+
+%typemap(in) char * const [] {
+ int i, size;
+ PyObject * s;
+
+ if (!PySequence_Check($input)) {
+ PyErr_SetString(PyExc_ValueError, "Expected a sequence");
+ return NULL;
+ }
+
+ size = PySequence_Size($input);
+
+ $1 = (char**) malloc(size + 1);
+
+ for(i = 0; i < size; i++) {
+ if (!PyString_Check(PySequence_GetItem($input, i))) {
+ PyErr_SetString(PyExc_ValueError, "Sequence must contain only strings");
+ return NULL;
+ }
+ }
+
+ for(i = 0; i < size; i++) {
+ s = PySequence_GetItem($input, i);
+ $1[i] = (char*) malloc(PyString_Size(s) + 1);
+ strcpy($1[i], PyString_AsString(s));
+ }
+ $1[size] = NULL;
+}
+
+%typemap(freearg,match="in") char * const [] {
+ int i = 0;
+ while($1[i]) {
+ free($1[i]);
+ i++;
+ }
+ free($1);
+}
+
+%include "selinuxswig.i"
diff --git a/libselinux/src/selinuxswig_ruby.i b/libselinux/src/selinuxswig_ruby.i
new file mode 100644
index 0000000..e46826b
--- /dev/null
+++ b/libselinux/src/selinuxswig_ruby.i
@@ -0,0 +1,52 @@
+/* Author: Dan Walsh
+ Based on selinuxswig_python.i by James Athey
+ */
+
+%module selinux
+%{
+ #include "selinux/selinux.h"
+%}
+
+/* return a sid along with the result */
+%typemap(argout) (security_id_t * sid) {
+ if (*$1) {
+ %append_output(SWIG_NewPointerObj(*$1, $descriptor(security_id_t), 0));
+ }
+}
+
+%typemap(in,numinputs=0) security_id_t *(security_id_t temp) {
+ $1 = &temp;
+}
+
+%typemap(in,noblock=1,numinputs=0) security_context_t * (security_context_t temp = 0) {
+ $1 = &temp;
+}
+%typemap(freearg,match="in") security_context_t * "";
+%typemap(argout,noblock=1) security_context_t * {
+ if (*$1) {
+ %append_output(SWIG_FromCharPtr(*$1));
+ freecon(*$1);
+ }
+}
+
+%typemap(in,noblock=1,numinputs=0) char ** (char * temp = 0) {
+ $1 = &temp;
+}
+%typemap(freearg,match="in") char ** "";
+%typemap(argout,noblock=1) char ** {
+ if (*$1) {
+ %append_output(SWIG_FromCharPtr(*$1));
+ free(*$1);
+ }
+}
+
+%typemap(freearg,match="in") char * const [] {
+ int i = 0;
+ while($1[i]) {
+ free($1[i]);
+ i++;
+ }
+ free($1);
+}
+
+%include "selinuxswig.i"
diff --git a/libselinux/src/selinuxswig_wrap.c b/libselinux/src/selinuxswig_wrap.c
new file mode 100644
index 0000000..b4cd028
--- /dev/null
+++ b/libselinux/src/selinuxswig_wrap.c
@@ -0,0 +1,10991 @@
+/* ----------------------------------------------------------------------------
+ * This file was automatically generated by SWIG (http://www.swig.org).
+ * Version 1.3.33
+ *
+ * This file is not intended to be easily readable and contains a number of
+ * coding conventions designed to improve portability and efficiency. Do not make
+ * changes to this file unless you know what you are doing--modify the SWIG
+ * interface file instead.
+ * ----------------------------------------------------------------------------- */
+
+#define SWIGPYTHON
+#define SWIG_PYTHON_DIRECTOR_NO_VTABLE
+/* -----------------------------------------------------------------------------
+ * This section contains generic SWIG labels for method/variable
+ * declarations/attributes, and other compiler dependent labels.
+ * ----------------------------------------------------------------------------- */
+
+/* template workaround for compilers that cannot correctly implement the C++ standard */
+#ifndef SWIGTEMPLATEDISAMBIGUATOR
+# if defined(__SUNPRO_CC) && (__SUNPRO_CC <= 0x560)
+# define SWIGTEMPLATEDISAMBIGUATOR template
+# elif defined(__HP_aCC)
+/* Needed even with `aCC -AA' when `aCC -V' reports HP ANSI C++ B3910B A.03.55 */
+/* If we find a maximum version that requires this, the test would be __HP_aCC <= 35500 for A.03.55 */
+# define SWIGTEMPLATEDISAMBIGUATOR template
+# else
+# define SWIGTEMPLATEDISAMBIGUATOR
+# endif
+#endif
+
+/* inline attribute */
+#ifndef SWIGINLINE
+# if defined(__cplusplus) || (defined(__GNUC__) && !defined(__STRICT_ANSI__))
+# define SWIGINLINE inline
+# else
+# define SWIGINLINE
+# endif
+#endif
+
+/* attribute recognised by some compilers to avoid 'unused' warnings */
+#ifndef SWIGUNUSED
+# if defined(__GNUC__)
+# if !(defined(__cplusplus)) || (__GNUC__ > 3 || (__GNUC__ == 3 && __GNUC_MINOR__ >= 4))
+# define SWIGUNUSED __attribute__ ((__unused__))
+# else
+# define SWIGUNUSED
+# endif
+# elif defined(__ICC)
+# define SWIGUNUSED __attribute__ ((__unused__))
+# else
+# define SWIGUNUSED
+# endif
+#endif
+
+#ifndef SWIGUNUSEDPARM
+# ifdef __cplusplus
+# define SWIGUNUSEDPARM(p)
+# else
+# define SWIGUNUSEDPARM(p) p SWIGUNUSED
+# endif
+#endif
+
+/* internal SWIG method */
+#ifndef SWIGINTERN
+# define SWIGINTERN static SWIGUNUSED
+#endif
+
+/* internal inline SWIG method */
+#ifndef SWIGINTERNINLINE
+# define SWIGINTERNINLINE SWIGINTERN SWIGINLINE
+#endif
+
+/* exporting methods */
+#if (__GNUC__ >= 4) || (__GNUC__ == 3 && __GNUC_MINOR__ >= 4)
+# ifndef GCC_HASCLASSVISIBILITY
+# define GCC_HASCLASSVISIBILITY
+# endif
+#endif
+
+#ifndef SWIGEXPORT
+# if defined(_WIN32) || defined(__WIN32__) || defined(__CYGWIN__)
+# if defined(STATIC_LINKED)
+# define SWIGEXPORT
+# else
+# define SWIGEXPORT __declspec(dllexport)
+# endif
+# else
+# if defined(__GNUC__) && defined(GCC_HASCLASSVISIBILITY)
+# define SWIGEXPORT __attribute__ ((visibility("default")))
+# else
+# define SWIGEXPORT
+# endif
+# endif
+#endif
+
+/* calling conventions for Windows */
+#ifndef SWIGSTDCALL
+# if defined(_WIN32) || defined(__WIN32__) || defined(__CYGWIN__)
+# define SWIGSTDCALL __stdcall
+# else
+# define SWIGSTDCALL
+# endif
+#endif
+
+/* Deal with Microsoft's attempt at deprecating C standard runtime functions */
+#if !defined(SWIG_NO_CRT_SECURE_NO_DEPRECATE) && defined(_MSC_VER) && !defined(_CRT_SECURE_NO_DEPRECATE)
+# define _CRT_SECURE_NO_DEPRECATE
+#endif
+
+/* Deal with Microsoft's attempt at deprecating methods in the standard C++ library */
+#if !defined(SWIG_NO_SCL_SECURE_NO_DEPRECATE) && defined(_MSC_VER) && !defined(_SCL_SECURE_NO_DEPRECATE)
+# define _SCL_SECURE_NO_DEPRECATE
+#endif
+
+
+
+/* Python.h has to appear first */
+#include <Python.h>
+
+/* -----------------------------------------------------------------------------
+ * swigrun.swg
+ *
+ * This file contains generic CAPI SWIG runtime support for pointer
+ * type checking.
+ * ----------------------------------------------------------------------------- */
+
+/* This should only be incremented when either the layout of swig_type_info changes,
+ or for whatever reason, the runtime changes incompatibly */
+#define SWIG_RUNTIME_VERSION "3"
+
+/* define SWIG_TYPE_TABLE_NAME as "SWIG_TYPE_TABLE" */
+#ifdef SWIG_TYPE_TABLE
+# define SWIG_QUOTE_STRING(x) #x
+# define SWIG_EXPAND_AND_QUOTE_STRING(x) SWIG_QUOTE_STRING(x)
+# define SWIG_TYPE_TABLE_NAME SWIG_EXPAND_AND_QUOTE_STRING(SWIG_TYPE_TABLE)
+#else
+# define SWIG_TYPE_TABLE_NAME
+#endif
+
+/*
+ You can use the SWIGRUNTIME and SWIGRUNTIMEINLINE macros for
+ creating a static or dynamic library from the swig runtime code.
+ In 99.9% of the cases, swig just needs to declare them as 'static'.
+
+ But only do this if is strictly necessary, ie, if you have problems
+ with your compiler or so.
+*/
+
+#ifndef SWIGRUNTIME
+# define SWIGRUNTIME SWIGINTERN
+#endif
+
+#ifndef SWIGRUNTIMEINLINE
+# define SWIGRUNTIMEINLINE SWIGRUNTIME SWIGINLINE
+#endif
+
+/* Generic buffer size */
+#ifndef SWIG_BUFFER_SIZE
+# define SWIG_BUFFER_SIZE 1024
+#endif
+
+/* Flags for pointer conversions */
+#define SWIG_POINTER_DISOWN 0x1
+
+/* Flags for new pointer objects */
+#define SWIG_POINTER_OWN 0x1
+
+
+/*
+ Flags/methods for returning states.
+
+ The swig conversion methods, as ConvertPtr, return and integer
+ that tells if the conversion was successful or not. And if not,
+ an error code can be returned (see swigerrors.swg for the codes).
+
+ Use the following macros/flags to set or process the returning
+ states.
+
+ In old swig versions, you usually write code as:
+
+ if (SWIG_ConvertPtr(obj,vptr,ty.flags) != -1) {
+ // success code
+ } else {
+ //fail code
+ }
+
+ Now you can be more explicit as:
+
+ int res = SWIG_ConvertPtr(obj,vptr,ty.flags);
+ if (SWIG_IsOK(res)) {
+ // success code
+ } else {
+ // fail code
+ }
+
+ that seems to be the same, but now you can also do
+
+ Type *ptr;
+ int res = SWIG_ConvertPtr(obj,(void **)(&ptr),ty.flags);
+ if (SWIG_IsOK(res)) {
+ // success code
+ if (SWIG_IsNewObj(res) {
+ ...
+ delete *ptr;
+ } else {
+ ...
+ }
+ } else {
+ // fail code
+ }
+
+ I.e., now SWIG_ConvertPtr can return new objects and you can
+ identify the case and take care of the deallocation. Of course that
+ requires also to SWIG_ConvertPtr to return new result values, as
+
+ int SWIG_ConvertPtr(obj, ptr,...) {
+ if (<obj is ok>) {
+ if (<need new object>) {
+ *ptr = <ptr to new allocated object>;
+ return SWIG_NEWOBJ;
+ } else {
+ *ptr = <ptr to old object>;
+ return SWIG_OLDOBJ;
+ }
+ } else {
+ return SWIG_BADOBJ;
+ }
+ }
+
+ Of course, returning the plain '0(success)/-1(fail)' still works, but you can be
+ more explicit by returning SWIG_BADOBJ, SWIG_ERROR or any of the
+ swig errors code.
+
+ Finally, if the SWIG_CASTRANK_MODE is enabled, the result code
+ allows to return the 'cast rank', for example, if you have this
+
+ int food(double)
+ int fooi(int);
+
+ and you call
+
+ food(1) // cast rank '1' (1 -> 1.0)
+ fooi(1) // cast rank '0'
+
+ just use the SWIG_AddCast()/SWIG_CheckState()
+
+
+ */
+#define SWIG_OK (0)
+#define SWIG_ERROR (-1)
+#define SWIG_IsOK(r) (r >= 0)
+#define SWIG_ArgError(r) ((r != SWIG_ERROR) ? r : SWIG_TypeError)
+
+/* The CastRankLimit says how many bits are used for the cast rank */
+#define SWIG_CASTRANKLIMIT (1 << 8)
+/* The NewMask denotes the object was created (using new/malloc) */
+#define SWIG_NEWOBJMASK (SWIG_CASTRANKLIMIT << 1)
+/* The TmpMask is for in/out typemaps that use temporal objects */
+#define SWIG_TMPOBJMASK (SWIG_NEWOBJMASK << 1)
+/* Simple returning values */
+#define SWIG_BADOBJ (SWIG_ERROR)
+#define SWIG_OLDOBJ (SWIG_OK)
+#define SWIG_NEWOBJ (SWIG_OK | SWIG_NEWOBJMASK)
+#define SWIG_TMPOBJ (SWIG_OK | SWIG_TMPOBJMASK)
+/* Check, add and del mask methods */
+#define SWIG_AddNewMask(r) (SWIG_IsOK(r) ? (r | SWIG_NEWOBJMASK) : r)
+#define SWIG_DelNewMask(r) (SWIG_IsOK(r) ? (r & ~SWIG_NEWOBJMASK) : r)
+#define SWIG_IsNewObj(r) (SWIG_IsOK(r) && (r & SWIG_NEWOBJMASK))
+#define SWIG_AddTmpMask(r) (SWIG_IsOK(r) ? (r | SWIG_TMPOBJMASK) : r)
+#define SWIG_DelTmpMask(r) (SWIG_IsOK(r) ? (r & ~SWIG_TMPOBJMASK) : r)
+#define SWIG_IsTmpObj(r) (SWIG_IsOK(r) && (r & SWIG_TMPOBJMASK))
+
+
+/* Cast-Rank Mode */
+#if defined(SWIG_CASTRANK_MODE)
+# ifndef SWIG_TypeRank
+# define SWIG_TypeRank unsigned long
+# endif
+# ifndef SWIG_MAXCASTRANK /* Default cast allowed */
+# define SWIG_MAXCASTRANK (2)
+# endif
+# define SWIG_CASTRANKMASK ((SWIG_CASTRANKLIMIT) -1)
+# define SWIG_CastRank(r) (r & SWIG_CASTRANKMASK)
+SWIGINTERNINLINE int SWIG_AddCast(int r) {
+ return SWIG_IsOK(r) ? ((SWIG_CastRank(r) < SWIG_MAXCASTRANK) ? (r + 1) : SWIG_ERROR) : r;
+}
+SWIGINTERNINLINE int SWIG_CheckState(int r) {
+ return SWIG_IsOK(r) ? SWIG_CastRank(r) + 1 : 0;
+}
+#else /* no cast-rank mode */
+# define SWIG_AddCast
+# define SWIG_CheckState(r) (SWIG_IsOK(r) ? 1 : 0)
+#endif
+
+
+
+
+#include <string.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+typedef void *(*swig_converter_func)(void *);
+typedef struct swig_type_info *(*swig_dycast_func)(void **);
+
+/* Structure to store inforomation on one type */
+typedef struct swig_type_info {
+ const char *name; /* mangled name of this type */
+ const char *str; /* human readable name of this type */
+ swig_dycast_func dcast; /* dynamic cast function down a hierarchy */
+ struct swig_cast_info *cast; /* linked list of types that can cast into this type */
+ void *clientdata; /* language specific type data */
+ int owndata; /* flag if the structure owns the clientdata */
+} swig_type_info;
+
+/* Structure to store a type and conversion function used for casting */
+typedef struct swig_cast_info {
+ swig_type_info *type; /* pointer to type that is equivalent to this type */
+ swig_converter_func converter; /* function to cast the void pointers */
+ struct swig_cast_info *next; /* pointer to next cast in linked list */
+ struct swig_cast_info *prev; /* pointer to the previous cast */
+} swig_cast_info;
+
+/* Structure used to store module information
+ * Each module generates one structure like this, and the runtime collects
+ * all of these structures and stores them in a circularly linked list.*/
+typedef struct swig_module_info {
+ swig_type_info **types; /* Array of pointers to swig_type_info structures that are in this module */
+ size_t size; /* Number of types in this module */
+ struct swig_module_info *next; /* Pointer to next element in circularly linked list */
+ swig_type_info **type_initial; /* Array of initially generated type structures */
+ swig_cast_info **cast_initial; /* Array of initially generated casting structures */
+ void *clientdata; /* Language specific module data */
+} swig_module_info;
+
+/*
+ Compare two type names skipping the space characters, therefore
+ "char*" == "char *" and "Class<int>" == "Class<int >", etc.
+
+ Return 0 when the two name types are equivalent, as in
+ strncmp, but skipping ' '.
+*/
+SWIGRUNTIME int
+SWIG_TypeNameComp(const char *f1, const char *l1,
+ const char *f2, const char *l2) {
+ for (;(f1 != l1) && (f2 != l2); ++f1, ++f2) {
+ while ((*f1 == ' ') && (f1 != l1)) ++f1;
+ while ((*f2 == ' ') && (f2 != l2)) ++f2;
+ if (*f1 != *f2) return (*f1 > *f2) ? 1 : -1;
+ }
+ return (int)((l1 - f1) - (l2 - f2));
+}
+
+/*
+ Check type equivalence in a name list like <name1>|<name2>|...
+ Return 0 if not equal, 1 if equal
+*/
+SWIGRUNTIME int
+SWIG_TypeEquiv(const char *nb, const char *tb) {
+ int equiv = 0;
+ const char* te = tb + strlen(tb);
+ const char* ne = nb;
+ while (!equiv && *ne) {
+ for (nb = ne; *ne; ++ne) {
+ if (*ne == '|') break;
+ }
+ equiv = (SWIG_TypeNameComp(nb, ne, tb, te) == 0) ? 1 : 0;
+ if (*ne) ++ne;
+ }
+ return equiv;
+}
+
+/*
+ Check type equivalence in a name list like <name1>|<name2>|...
+ Return 0 if equal, -1 if nb < tb, 1 if nb > tb
+*/
+SWIGRUNTIME int
+SWIG_TypeCompare(const char *nb, const char *tb) {
+ int equiv = 0;
+ const char* te = tb + strlen(tb);
+ const char* ne = nb;
+ while (!equiv && *ne) {
+ for (nb = ne; *ne; ++ne) {
+ if (*ne == '|') break;
+ }
+ equiv = (SWIG_TypeNameComp(nb, ne, tb, te) == 0) ? 1 : 0;
+ if (*ne) ++ne;
+ }
+ return equiv;
+}
+
+
+/* think of this as a c++ template<> or a scheme macro */
+#define SWIG_TypeCheck_Template(comparison, ty) \
+ if (ty) { \
+ swig_cast_info *iter = ty->cast; \
+ while (iter) { \
+ if (comparison) { \
+ if (iter == ty->cast) return iter; \
+ /* Move iter to the top of the linked list */ \
+ iter->prev->next = iter->next; \
+ if (iter->next) \
+ iter->next->prev = iter->prev; \
+ iter->next = ty->cast; \
+ iter->prev = 0; \
+ if (ty->cast) ty->cast->prev = iter; \
+ ty->cast = iter; \
+ return iter; \
+ } \
+ iter = iter->next; \
+ } \
+ } \
+ return 0
+
+/*
+ Check the typename
+*/
+SWIGRUNTIME swig_cast_info *
+SWIG_TypeCheck(const char *c, swig_type_info *ty) {
+ SWIG_TypeCheck_Template(strcmp(iter->type->name, c) == 0, ty);
+}
+
+/* Same as previous function, except strcmp is replaced with a pointer comparison */
+SWIGRUNTIME swig_cast_info *
+SWIG_TypeCheckStruct(swig_type_info *from, swig_type_info *into) {
+ SWIG_TypeCheck_Template(iter->type == from, into);
+}
+
+/*
+ Cast a pointer up an inheritance hierarchy
+*/
+SWIGRUNTIMEINLINE void *
+SWIG_TypeCast(swig_cast_info *ty, void *ptr) {
+ return ((!ty) || (!ty->converter)) ? ptr : (*ty->converter)(ptr);
+}
+
+/*
+ Dynamic pointer casting. Down an inheritance hierarchy
+*/
+SWIGRUNTIME swig_type_info *
+SWIG_TypeDynamicCast(swig_type_info *ty, void **ptr) {
+ swig_type_info *lastty = ty;
+ if (!ty || !ty->dcast) return ty;
+ while (ty && (ty->dcast)) {
+ ty = (*ty->dcast)(ptr);
+ if (ty) lastty = ty;
+ }
+ return lastty;
+}
+
+/*
+ Return the name associated with this type
+*/
+SWIGRUNTIMEINLINE const char *
+SWIG_TypeName(const swig_type_info *ty) {
+ return ty->name;
+}
+
+/*
+ Return the pretty name associated with this type,
+ that is an unmangled type name in a form presentable to the user.
+*/
+SWIGRUNTIME const char *
+SWIG_TypePrettyName(const swig_type_info *type) {
+ /* The "str" field contains the equivalent pretty names of the
+ type, separated by vertical-bar characters. We choose
+ to print the last name, as it is often (?) the most
+ specific. */
+ if (!type) return NULL;
+ if (type->str != NULL) {
+ const char *last_name = type->str;
+ const char *s;
+ for (s = type->str; *s; s++)
+ if (*s == '|') last_name = s+1;
+ return last_name;
+ }
+ else
+ return type->name;
+}
+
+/*
+ Set the clientdata field for a type
+*/
+SWIGRUNTIME void
+SWIG_TypeClientData(swig_type_info *ti, void *clientdata) {
+ swig_cast_info *cast = ti->cast;
+ /* if (ti->clientdata == clientdata) return; */
+ ti->clientdata = clientdata;
+
+ while (cast) {
+ if (!cast->converter) {
+ swig_type_info *tc = cast->type;
+ if (!tc->clientdata) {
+ SWIG_TypeClientData(tc, clientdata);
+ }
+ }
+ cast = cast->next;
+ }
+}
+SWIGRUNTIME void
+SWIG_TypeNewClientData(swig_type_info *ti, void *clientdata) {
+ SWIG_TypeClientData(ti, clientdata);
+ ti->owndata = 1;
+}
+
+/*
+ Search for a swig_type_info structure only by mangled name
+ Search is a O(log #types)
+
+ We start searching at module start, and finish searching when start == end.
+ Note: if start == end at the beginning of the function, we go all the way around
+ the circular list.
+*/
+SWIGRUNTIME swig_type_info *
+SWIG_MangledTypeQueryModule(swig_module_info *start,
+ swig_module_info *end,
+ const char *name) {
+ swig_module_info *iter = start;
+ do {
+ if (iter->size) {
+ register size_t l = 0;
+ register size_t r = iter->size - 1;
+ do {
+ /* since l+r >= 0, we can (>> 1) instead (/ 2) */
+ register size_t i = (l + r) >> 1;
+ const char *iname = iter->types[i]->name;
+ if (iname) {
+ register int compare = strcmp(name, iname);
+ if (compare == 0) {
+ return iter->types[i];
+ } else if (compare < 0) {
+ if (i) {
+ r = i - 1;
+ } else {
+ break;
+ }
+ } else if (compare > 0) {
+ l = i + 1;
+ }
+ } else {
+ break; /* should never happen */
+ }
+ } while (l <= r);
+ }
+ iter = iter->next;
+ } while (iter != end);
+ return 0;
+}
+
+/*
+ Search for a swig_type_info structure for either a mangled name or a human readable name.
+ It first searches the mangled names of the types, which is a O(log #types)
+ If a type is not found it then searches the human readable names, which is O(#types).
+
+ We start searching at module start, and finish searching when start == end.
+ Note: if start == end at the beginning of the function, we go all the way around
+ the circular list.
+*/
+SWIGRUNTIME swig_type_info *
+SWIG_TypeQueryModule(swig_module_info *start,
+ swig_module_info *end,
+ const char *name) {
+ /* STEP 1: Search the name field using binary search */
+ swig_type_info *ret = SWIG_MangledTypeQueryModule(start, end, name);
+ if (ret) {
+ return ret;
+ } else {
+ /* STEP 2: If the type hasn't been found, do a complete search
+ of the str field (the human readable name) */
+ swig_module_info *iter = start;
+ do {
+ register size_t i = 0;
+ for (; i < iter->size; ++i) {
+ if (iter->types[i]->str && (SWIG_TypeEquiv(iter->types[i]->str, name)))
+ return iter->types[i];
+ }
+ iter = iter->next;
+ } while (iter != end);
+ }
+
+ /* neither found a match */
+ return 0;
+}
+
+/*
+ Pack binary data into a string
+*/
+SWIGRUNTIME char *
+SWIG_PackData(char *c, void *ptr, size_t sz) {
+ static const char hex[17] = "0123456789abcdef";
+ register const unsigned char *u = (unsigned char *) ptr;
+ register const unsigned char *eu = u + sz;
+ for (; u != eu; ++u) {
+ register unsigned char uu = *u;
+ *(c++) = hex[(uu & 0xf0) >> 4];
+ *(c++) = hex[uu & 0xf];
+ }
+ return c;
+}
+
+/*
+ Unpack binary data from a string
+*/
+SWIGRUNTIME const char *
+SWIG_UnpackData(const char *c, void *ptr, size_t sz) {
+ register unsigned char *u = (unsigned char *) ptr;
+ register const unsigned char *eu = u + sz;
+ for (; u != eu; ++u) {
+ register char d = *(c++);
+ register unsigned char uu;
+ if ((d >= '0') && (d <= '9'))
+ uu = ((d - '0') << 4);
+ else if ((d >= 'a') && (d <= 'f'))
+ uu = ((d - ('a'-10)) << 4);
+ else
+ return (char *) 0;
+ d = *(c++);
+ if ((d >= '0') && (d <= '9'))
+ uu |= (d - '0');
+ else if ((d >= 'a') && (d <= 'f'))
+ uu |= (d - ('a'-10));
+ else
+ return (char *) 0;
+ *u = uu;
+ }
+ return c;
+}
+
+/*
+ Pack 'void *' into a string buffer.
+*/
+SWIGRUNTIME char *
+SWIG_PackVoidPtr(char *buff, void *ptr, const char *name, size_t bsz) {
+ char *r = buff;
+ if ((2*sizeof(void *) + 2) > bsz) return 0;
+ *(r++) = '_';
+ r = SWIG_PackData(r,&ptr,sizeof(void *));
+ if (strlen(name) + 1 > (bsz - (r - buff))) return 0;
+ strcpy(r,name);
+ return buff;
+}
+
+SWIGRUNTIME const char *
+SWIG_UnpackVoidPtr(const char *c, void **ptr, const char *name) {
+ if (*c != '_') {
+ if (strcmp(c,"NULL") == 0) {
+ *ptr = (void *) 0;
+ return name;
+ } else {
+ return 0;
+ }
+ }
+ return SWIG_UnpackData(++c,ptr,sizeof(void *));
+}
+
+SWIGRUNTIME char *
+SWIG_PackDataName(char *buff, void *ptr, size_t sz, const char *name, size_t bsz) {
+ char *r = buff;
+ size_t lname = (name ? strlen(name) : 0);
+ if ((2*sz + 2 + lname) > bsz) return 0;
+ *(r++) = '_';
+ r = SWIG_PackData(r,ptr,sz);
+ if (lname) {
+ strncpy(r,name,lname+1);
+ } else {
+ *r = 0;
+ }
+ return buff;
+}
+
+SWIGRUNTIME const char *
+SWIG_UnpackDataName(const char *c, void *ptr, size_t sz, const char *name) {
+ if (*c != '_') {
+ if (strcmp(c,"NULL") == 0) {
+ memset(ptr,0,sz);
+ return name;
+ } else {
+ return 0;
+ }
+ }
+ return SWIG_UnpackData(++c,ptr,sz);
+}
+
+#ifdef __cplusplus
+}
+#endif
+
+/* Errors in SWIG */
+#define SWIG_UnknownError -1
+#define SWIG_IOError -2
+#define SWIG_RuntimeError -3
+#define SWIG_IndexError -4
+#define SWIG_TypeError -5
+#define SWIG_DivisionByZero -6
+#define SWIG_OverflowError -7
+#define SWIG_SyntaxError -8
+#define SWIG_ValueError -9
+#define SWIG_SystemError -10
+#define SWIG_AttributeError -11
+#define SWIG_MemoryError -12
+#define SWIG_NullReferenceError -13
+
+
+
+
+/* Add PyOS_snprintf for old Pythons */
+#if PY_VERSION_HEX < 0x02020000
+# if defined(_MSC_VER) || defined(__BORLANDC__) || defined(_WATCOM)
+# define PyOS_snprintf _snprintf
+# else
+# define PyOS_snprintf snprintf
+# endif
+#endif
+
+/* A crude PyString_FromFormat implementation for old Pythons */
+#if PY_VERSION_HEX < 0x02020000
+
+#ifndef SWIG_PYBUFFER_SIZE
+# define SWIG_PYBUFFER_SIZE 1024
+#endif
+
+static PyObject *
+PyString_FromFormat(const char *fmt, ...) {
+ va_list ap;
+ char buf[SWIG_PYBUFFER_SIZE * 2];
+ int res;
+ va_start(ap, fmt);
+ res = vsnprintf(buf, sizeof(buf), fmt, ap);
+ va_end(ap);
+ return (res < 0 || res >= (int)sizeof(buf)) ? 0 : PyString_FromString(buf);
+}
+#endif
+
+/* Add PyObject_Del for old Pythons */
+#if PY_VERSION_HEX < 0x01060000
+# define PyObject_Del(op) PyMem_DEL((op))
+#endif
+#ifndef PyObject_DEL
+# define PyObject_DEL PyObject_Del
+#endif
+
+/* A crude PyExc_StopIteration exception for old Pythons */
+#if PY_VERSION_HEX < 0x02020000
+# ifndef PyExc_StopIteration
+# define PyExc_StopIteration PyExc_RuntimeError
+# endif
+# ifndef PyObject_GenericGetAttr
+# define PyObject_GenericGetAttr 0
+# endif
+#endif
+/* Py_NotImplemented is defined in 2.1 and up. */
+#if PY_VERSION_HEX < 0x02010000
+# ifndef Py_NotImplemented
+# define Py_NotImplemented PyExc_RuntimeError
+# endif
+#endif
+
+
+/* A crude PyString_AsStringAndSize implementation for old Pythons */
+#if PY_VERSION_HEX < 0x02010000
+# ifndef PyString_AsStringAndSize
+# define PyString_AsStringAndSize(obj, s, len) {*s = PyString_AsString(obj); *len = *s ? strlen(*s) : 0;}
+# endif
+#endif
+
+/* PySequence_Size for old Pythons */
+#if PY_VERSION_HEX < 0x02000000
+# ifndef PySequence_Size
+# define PySequence_Size PySequence_Length
+# endif
+#endif
+
+
+/* PyBool_FromLong for old Pythons */
+#if PY_VERSION_HEX < 0x02030000
+static
+PyObject *PyBool_FromLong(long ok)
+{
+ PyObject *result = ok ? Py_True : Py_False;
+ Py_INCREF(result);
+ return result;
+}
+#endif
+
+/* Py_ssize_t for old Pythons */
+/* This code is as recommended by: */
+/* http://www.python.org/dev/peps/pep-0353/#conversion-guidelines */
+#if PY_VERSION_HEX < 0x02050000 && !defined(PY_SSIZE_T_MIN)
+typedef int Py_ssize_t;
+# define PY_SSIZE_T_MAX INT_MAX
+# define PY_SSIZE_T_MIN INT_MIN
+#endif
+
+/* -----------------------------------------------------------------------------
+ * error manipulation
+ * ----------------------------------------------------------------------------- */
+
+SWIGRUNTIME PyObject*
+SWIG_Python_ErrorType(int code) {
+ PyObject* type = 0;
+ switch(code) {
+ case SWIG_MemoryError:
+ type = PyExc_MemoryError;
+ break;
+ case SWIG_IOError:
+ type = PyExc_IOError;
+ break;
+ case SWIG_RuntimeError:
+ type = PyExc_RuntimeError;
+ break;
+ case SWIG_IndexError:
+ type = PyExc_IndexError;
+ break;
+ case SWIG_TypeError:
+ type = PyExc_TypeError;
+ break;
+ case SWIG_DivisionByZero:
+ type = PyExc_ZeroDivisionError;
+ break;
+ case SWIG_OverflowError:
+ type = PyExc_OverflowError;
+ break;
+ case SWIG_SyntaxError:
+ type = PyExc_SyntaxError;
+ break;
+ case SWIG_ValueError:
+ type = PyExc_ValueError;
+ break;
+ case SWIG_SystemError:
+ type = PyExc_SystemError;
+ break;
+ case SWIG_AttributeError:
+ type = PyExc_AttributeError;
+ break;
+ default:
+ type = PyExc_RuntimeError;
+ }
+ return type;
+}
+
+
+SWIGRUNTIME void
+SWIG_Python_AddErrorMsg(const char* mesg)
+{
+ PyObject *type = 0;
+ PyObject *value = 0;
+ PyObject *traceback = 0;
+
+ if (PyErr_Occurred()) PyErr_Fetch(&type, &value, &traceback);
+ if (value) {
+ PyObject *old_str = PyObject_Str(value);
+ PyErr_Clear();
+ Py_XINCREF(type);
+ PyErr_Format(type, "%s %s", PyString_AsString(old_str), mesg);
+ Py_DECREF(old_str);
+ Py_DECREF(value);
+ } else {
+ PyErr_Format(PyExc_RuntimeError, mesg);
+ }
+}
+
+
+
+#if defined(SWIG_PYTHON_NO_THREADS)
+# if defined(SWIG_PYTHON_THREADS)
+# undef SWIG_PYTHON_THREADS
+# endif
+#endif
+#if defined(SWIG_PYTHON_THREADS) /* Threading support is enabled */
+# if !defined(SWIG_PYTHON_USE_GIL) && !defined(SWIG_PYTHON_NO_USE_GIL)
+# if (PY_VERSION_HEX >= 0x02030000) /* For 2.3 or later, use the PyGILState calls */
+# define SWIG_PYTHON_USE_GIL
+# endif
+# endif
+# if defined(SWIG_PYTHON_USE_GIL) /* Use PyGILState threads calls */
+# ifndef SWIG_PYTHON_INITIALIZE_THREADS
+# define SWIG_PYTHON_INITIALIZE_THREADS PyEval_InitThreads()
+# endif
+# ifdef __cplusplus /* C++ code */
+ class SWIG_Python_Thread_Block {
+ bool status;
+ PyGILState_STATE state;
+ public:
+ void end() { if (status) { PyGILState_Release(state); status = false;} }
+ SWIG_Python_Thread_Block() : status(true), state(PyGILState_Ensure()) {}
+ ~SWIG_Python_Thread_Block() { end(); }
+ };
+ class SWIG_Python_Thread_Allow {
+ bool status;
+ PyThreadState *save;
+ public:
+ void end() { if (status) { PyEval_RestoreThread(save); status = false; }}
+ SWIG_Python_Thread_Allow() : status(true), save(PyEval_SaveThread()) {}
+ ~SWIG_Python_Thread_Allow() { end(); }
+ };
+# define SWIG_PYTHON_THREAD_BEGIN_BLOCK SWIG_Python_Thread_Block _swig_thread_block
+# define SWIG_PYTHON_THREAD_END_BLOCK _swig_thread_block.end()
+# define SWIG_PYTHON_THREAD_BEGIN_ALLOW SWIG_Python_Thread_Allow _swig_thread_allow
+# define SWIG_PYTHON_THREAD_END_ALLOW _swig_thread_allow.end()
+# else /* C code */
+# define SWIG_PYTHON_THREAD_BEGIN_BLOCK PyGILState_STATE _swig_thread_block = PyGILState_Ensure()
+# define SWIG_PYTHON_THREAD_END_BLOCK PyGILState_Release(_swig_thread_block)
+# define SWIG_PYTHON_THREAD_BEGIN_ALLOW PyThreadState *_swig_thread_allow = PyEval_SaveThread()
+# define SWIG_PYTHON_THREAD_END_ALLOW PyEval_RestoreThread(_swig_thread_allow)
+# endif
+# else /* Old thread way, not implemented, user must provide it */
+# if !defined(SWIG_PYTHON_INITIALIZE_THREADS)
+# define SWIG_PYTHON_INITIALIZE_THREADS
+# endif
+# if !defined(SWIG_PYTHON_THREAD_BEGIN_BLOCK)
+# define SWIG_PYTHON_THREAD_BEGIN_BLOCK
+# endif
+# if !defined(SWIG_PYTHON_THREAD_END_BLOCK)
+# define SWIG_PYTHON_THREAD_END_BLOCK
+# endif
+# if !defined(SWIG_PYTHON_THREAD_BEGIN_ALLOW)
+# define SWIG_PYTHON_THREAD_BEGIN_ALLOW
+# endif
+# if !defined(SWIG_PYTHON_THREAD_END_ALLOW)
+# define SWIG_PYTHON_THREAD_END_ALLOW
+# endif
+# endif
+#else /* No thread support */
+# define SWIG_PYTHON_INITIALIZE_THREADS
+# define SWIG_PYTHON_THREAD_BEGIN_BLOCK
+# define SWIG_PYTHON_THREAD_END_BLOCK
+# define SWIG_PYTHON_THREAD_BEGIN_ALLOW
+# define SWIG_PYTHON_THREAD_END_ALLOW
+#endif
+
+/* -----------------------------------------------------------------------------
+ * Python API portion that goes into the runtime
+ * ----------------------------------------------------------------------------- */
+
+#ifdef __cplusplus
+extern "C" {
+#if 0
+} /* cc-mode */
+#endif
+#endif
+
+/* -----------------------------------------------------------------------------
+ * Constant declarations
+ * ----------------------------------------------------------------------------- */
+
+/* Constant Types */
+#define SWIG_PY_POINTER 4
+#define SWIG_PY_BINARY 5
+
+/* Constant information structure */
+typedef struct swig_const_info {
+ int type;
+ char *name;
+ long lvalue;
+ double dvalue;
+ void *pvalue;
+ swig_type_info **ptype;
+} swig_const_info;
+
+#ifdef __cplusplus
+#if 0
+{ /* cc-mode */
+#endif
+}
+#endif
+
+
+/* -----------------------------------------------------------------------------
+ * See the LICENSE file for information on copyright, usage and redistribution
+ * of SWIG, and the README file for authors - http://www.swig.org/release.html.
+ *
+ * pyrun.swg
+ *
+ * This file contains the runtime support for Python modules
+ * and includes code for managing global variables and pointer
+ * type checking.
+ *
+ * ----------------------------------------------------------------------------- */
+
+/* Common SWIG API */
+
+/* for raw pointers */
+#define SWIG_Python_ConvertPtr(obj, pptr, type, flags) SWIG_Python_ConvertPtrAndOwn(obj, pptr, type, flags, 0)
+#define SWIG_ConvertPtr(obj, pptr, type, flags) SWIG_Python_ConvertPtr(obj, pptr, type, flags)
+#define SWIG_ConvertPtrAndOwn(obj,pptr,type,flags,own) SWIG_Python_ConvertPtrAndOwn(obj, pptr, type, flags, own)
+#define SWIG_NewPointerObj(ptr, type, flags) SWIG_Python_NewPointerObj(ptr, type, flags)
+#define SWIG_CheckImplicit(ty) SWIG_Python_CheckImplicit(ty)
+#define SWIG_AcquirePtr(ptr, src) SWIG_Python_AcquirePtr(ptr, src)
+#define swig_owntype int
+
+/* for raw packed data */
+#define SWIG_ConvertPacked(obj, ptr, sz, ty) SWIG_Python_ConvertPacked(obj, ptr, sz, ty)
+#define SWIG_NewPackedObj(ptr, sz, type) SWIG_Python_NewPackedObj(ptr, sz, type)
+
+/* for class or struct pointers */
+#define SWIG_ConvertInstance(obj, pptr, type, flags) SWIG_ConvertPtr(obj, pptr, type, flags)
+#define SWIG_NewInstanceObj(ptr, type, flags) SWIG_NewPointerObj(ptr, type, flags)
+
+/* for C or C++ function pointers */
+#define SWIG_ConvertFunctionPtr(obj, pptr, type) SWIG_Python_ConvertFunctionPtr(obj, pptr, type)
+#define SWIG_NewFunctionPtrObj(ptr, type) SWIG_Python_NewPointerObj(ptr, type, 0)
+
+/* for C++ member pointers, ie, member methods */
+#define SWIG_ConvertMember(obj, ptr, sz, ty) SWIG_Python_ConvertPacked(obj, ptr, sz, ty)
+#define SWIG_NewMemberObj(ptr, sz, type) SWIG_Python_NewPackedObj(ptr, sz, type)
+
+
+/* Runtime API */
+
+#define SWIG_GetModule(clientdata) SWIG_Python_GetModule()
+#define SWIG_SetModule(clientdata, pointer) SWIG_Python_SetModule(pointer)
+#define SWIG_NewClientData(obj) PySwigClientData_New(obj)
+
+#define SWIG_SetErrorObj SWIG_Python_SetErrorObj
+#define SWIG_SetErrorMsg SWIG_Python_SetErrorMsg
+#define SWIG_ErrorType(code) SWIG_Python_ErrorType(code)
+#define SWIG_Error(code, msg) SWIG_Python_SetErrorMsg(SWIG_ErrorType(code), msg)
+#define SWIG_fail goto fail
+
+
+/* Runtime API implementation */
+
+/* Error manipulation */
+
+SWIGINTERN void
+SWIG_Python_SetErrorObj(PyObject *errtype, PyObject *obj) {
+ SWIG_PYTHON_THREAD_BEGIN_BLOCK;
+ PyErr_SetObject(errtype, obj);
+ Py_DECREF(obj);
+ SWIG_PYTHON_THREAD_END_BLOCK;
+}
+
+SWIGINTERN void
+SWIG_Python_SetErrorMsg(PyObject *errtype, const char *msg) {
+ SWIG_PYTHON_THREAD_BEGIN_BLOCK;
+ PyErr_SetString(errtype, (char *) msg);
+ SWIG_PYTHON_THREAD_END_BLOCK;
+}
+
+#define SWIG_Python_Raise(obj, type, desc) SWIG_Python_SetErrorObj(SWIG_Python_ExceptionType(desc), obj)
+
+/* Set a constant value */
+
+SWIGINTERN void
+SWIG_Python_SetConstant(PyObject *d, const char *name, PyObject *obj) {
+ PyDict_SetItemString(d, (char*) name, obj);
+ Py_DECREF(obj);
+}
+
+/* Append a value to the result obj */
+
+SWIGINTERN PyObject*
+SWIG_Python_AppendOutput(PyObject* result, PyObject* obj) {
+#if !defined(SWIG_PYTHON_OUTPUT_TUPLE)
+ if (!result) {
+ result = obj;
+ } else if (result == Py_None) {
+ Py_DECREF(result);
+ result = obj;
+ } else {
+ if (!PyList_Check(result)) {
+ PyObject *o2 = result;
+ result = PyList_New(1);
+ PyList_SetItem(result, 0, o2);
+ }
+ PyList_Append(result,obj);
+ Py_DECREF(obj);
+ }
+ return result;
+#else
+ PyObject* o2;
+ PyObject* o3;
+ if (!result) {
+ result = obj;
+ } else if (result == Py_None) {
+ Py_DECREF(result);
+ result = obj;
+ } else {
+ if (!PyTuple_Check(result)) {
+ o2 = result;
+ result = PyTuple_New(1);
+ PyTuple_SET_ITEM(result, 0, o2);
+ }
+ o3 = PyTuple_New(1);
+ PyTuple_SET_ITEM(o3, 0, obj);
+ o2 = result;
+ result = PySequence_Concat(o2, o3);
+ Py_DECREF(o2);
+ Py_DECREF(o3);
+ }
+ return result;
+#endif
+}
+
+/* Unpack the argument tuple */
+
+SWIGINTERN int
+SWIG_Python_UnpackTuple(PyObject *args, const char *name, Py_ssize_t min, Py_ssize_t max, PyObject **objs)
+{
+ if (!args) {
+ if (!min && !max) {
+ return 1;
+ } else {
+ PyErr_Format(PyExc_TypeError, "%s expected %s%d arguments, got none",
+ name, (min == max ? "" : "at least "), (int)min);
+ return 0;
+ }
+ }
+ if (!PyTuple_Check(args)) {
+ PyErr_SetString(PyExc_SystemError, "UnpackTuple() argument list is not a tuple");
+ return 0;
+ } else {
+ register Py_ssize_t l = PyTuple_GET_SIZE(args);
+ if (l < min) {
+ PyErr_Format(PyExc_TypeError, "%s expected %s%d arguments, got %d",
+ name, (min == max ? "" : "at least "), (int)min, (int)l);
+ return 0;
+ } else if (l > max) {
+ PyErr_Format(PyExc_TypeError, "%s expected %s%d arguments, got %d",
+ name, (min == max ? "" : "at most "), (int)max, (int)l);
+ return 0;
+ } else {
+ register int i;
+ for (i = 0; i < l; ++i) {
+ objs[i] = PyTuple_GET_ITEM(args, i);
+ }
+ for (; l < max; ++l) {
+ objs[l] = 0;
+ }
+ return i + 1;
+ }
+ }
+}
+
+/* A functor is a function object with one single object argument */
+#if PY_VERSION_HEX >= 0x02020000
+#define SWIG_Python_CallFunctor(functor, obj) PyObject_CallFunctionObjArgs(functor, obj, NULL);
+#else
+#define SWIG_Python_CallFunctor(functor, obj) PyObject_CallFunction(functor, "O", obj);
+#endif
+
+/*
+ Helper for static pointer initialization for both C and C++ code, for example
+ static PyObject *SWIG_STATIC_POINTER(MyVar) = NewSomething(...);
+*/
+#ifdef __cplusplus
+#define SWIG_STATIC_POINTER(var) var
+#else
+#define SWIG_STATIC_POINTER(var) var = 0; if (!var) var
+#endif
+
+/* -----------------------------------------------------------------------------
+ * Pointer declarations
+ * ----------------------------------------------------------------------------- */
+
+/* Flags for new pointer objects */
+#define SWIG_POINTER_NOSHADOW (SWIG_POINTER_OWN << 1)
+#define SWIG_POINTER_NEW (SWIG_POINTER_NOSHADOW | SWIG_POINTER_OWN)
+
+#define SWIG_POINTER_IMPLICIT_CONV (SWIG_POINTER_DISOWN << 1)
+
+#ifdef __cplusplus
+extern "C" {
+#if 0
+} /* cc-mode */
+#endif
+#endif
+
+/* How to access Py_None */
+#if defined(_WIN32) || defined(__WIN32__) || defined(__CYGWIN__)
+# ifndef SWIG_PYTHON_NO_BUILD_NONE
+# ifndef SWIG_PYTHON_BUILD_NONE
+# define SWIG_PYTHON_BUILD_NONE
+# endif
+# endif
+#endif
+
+#ifdef SWIG_PYTHON_BUILD_NONE
+# ifdef Py_None
+# undef Py_None
+# define Py_None SWIG_Py_None()
+# endif
+SWIGRUNTIMEINLINE PyObject *
+_SWIG_Py_None(void)
+{
+ PyObject *none = Py_BuildValue((char*)"");
+ Py_DECREF(none);
+ return none;
+}
+SWIGRUNTIME PyObject *
+SWIG_Py_None(void)
+{
+ static PyObject *SWIG_STATIC_POINTER(none) = _SWIG_Py_None();
+ return none;
+}
+#endif
+
+/* The python void return value */
+
+SWIGRUNTIMEINLINE PyObject *
+SWIG_Py_Void(void)
+{
+ PyObject *none = Py_None;
+ Py_INCREF(none);
+ return none;
+}
+
+/* PySwigClientData */
+
+typedef struct {
+ PyObject *klass;
+ PyObject *newraw;
+ PyObject *newargs;
+ PyObject *destroy;
+ int delargs;
+ int implicitconv;
+} PySwigClientData;
+
+SWIGRUNTIMEINLINE int
+SWIG_Python_CheckImplicit(swig_type_info *ty)
+{
+ PySwigClientData *data = (PySwigClientData *)ty->clientdata;
+ return data ? data->implicitconv : 0;
+}
+
+SWIGRUNTIMEINLINE PyObject *
+SWIG_Python_ExceptionType(swig_type_info *desc) {
+ PySwigClientData *data = desc ? (PySwigClientData *) desc->clientdata : 0;
+ PyObject *klass = data ? data->klass : 0;
+ return (klass ? klass : PyExc_RuntimeError);
+}
+
+
+SWIGRUNTIME PySwigClientData *
+PySwigClientData_New(PyObject* obj)
+{
+ if (!obj) {
+ return 0;
+ } else {
+ PySwigClientData *data = (PySwigClientData *)malloc(sizeof(PySwigClientData));
+ /* the klass element */
+ data->klass = obj;
+ Py_INCREF(data->klass);
+ /* the newraw method and newargs arguments used to create a new raw instance */
+ if (PyClass_Check(obj)) {
+ data->newraw = 0;
+ data->newargs = obj;
+ Py_INCREF(obj);
+ } else {
+#if (PY_VERSION_HEX < 0x02020000)
+ data->newraw = 0;
+#else
+ data->newraw = PyObject_GetAttrString(data->klass, (char *)"__new__");
+#endif
+ if (data->newraw) {
+ Py_INCREF(data->newraw);
+ data->newargs = PyTuple_New(1);
+ PyTuple_SetItem(data->newargs, 0, obj);
+ } else {
+ data->newargs = obj;
+ }
+ Py_INCREF(data->newargs);
+ }
+ /* the destroy method, aka as the C++ delete method */
+ data->destroy = PyObject_GetAttrString(data->klass, (char *)"__swig_destroy__");
+ if (PyErr_Occurred()) {
+ PyErr_Clear();
+ data->destroy = 0;
+ }
+ if (data->destroy) {
+ int flags;
+ Py_INCREF(data->destroy);
+ flags = PyCFunction_GET_FLAGS(data->destroy);
+#ifdef METH_O
+ data->delargs = !(flags & (METH_O));
+#else
+ data->delargs = 0;
+#endif
+ } else {
+ data->delargs = 0;
+ }
+ data->implicitconv = 0;
+ return data;
+ }
+}
+
+SWIGRUNTIME void
+PySwigClientData_Del(PySwigClientData* data)
+{
+ Py_XDECREF(data->newraw);
+ Py_XDECREF(data->newargs);
+ Py_XDECREF(data->destroy);
+}
+
+/* =============== PySwigObject =====================*/
+
+typedef struct {
+ PyObject_HEAD
+ void *ptr;
+ swig_type_info *ty;
+ int own;
+ PyObject *next;
+} PySwigObject;
+
+SWIGRUNTIME PyObject *
+PySwigObject_long(PySwigObject *v)
+{
+ return PyLong_FromVoidPtr(v->ptr);
+}
+
+SWIGRUNTIME PyObject *
+PySwigObject_format(const char* fmt, PySwigObject *v)
+{
+ PyObject *res = NULL;
+ PyObject *args = PyTuple_New(1);
+ if (args) {
+ if (PyTuple_SetItem(args, 0, PySwigObject_long(v)) == 0) {
+ PyObject *ofmt = PyString_FromString(fmt);
+ if (ofmt) {
+ res = PyString_Format(ofmt,args);
+ Py_DECREF(ofmt);
+ }
+ Py_DECREF(args);
+ }
+ }
+ return res;
+}
+
+SWIGRUNTIME PyObject *
+PySwigObject_oct(PySwigObject *v)
+{
+ return PySwigObject_format("%o",v);
+}
+
+SWIGRUNTIME PyObject *
+PySwigObject_hex(PySwigObject *v)
+{
+ return PySwigObject_format("%x",v);
+}
+
+SWIGRUNTIME PyObject *
+#ifdef METH_NOARGS
+PySwigObject_repr(PySwigObject *v)
+#else
+PySwigObject_repr(PySwigObject *v, PyObject *args)
+#endif
+{
+ const char *name = SWIG_TypePrettyName(v->ty);
+ PyObject *hex = PySwigObject_hex(v);
+ PyObject *repr = PyString_FromFormat("<Swig Object of type '%s' at 0x%s>", name, PyString_AsString(hex));
+ Py_DECREF(hex);
+ if (v->next) {
+#ifdef METH_NOARGS
+ PyObject *nrep = PySwigObject_repr((PySwigObject *)v->next);
+#else
+ PyObject *nrep = PySwigObject_repr((PySwigObject *)v->next, args);
+#endif
+ PyString_ConcatAndDel(&repr,nrep);
+ }
+ return repr;
+}
+
+SWIGRUNTIME int
+PySwigObject_print(PySwigObject *v, FILE *fp, int SWIGUNUSEDPARM(flags))
+{
+#ifdef METH_NOARGS
+ PyObject *repr = PySwigObject_repr(v);
+#else
+ PyObject *repr = PySwigObject_repr(v, NULL);
+#endif
+ if (repr) {
+ fputs(PyString_AsString(repr), fp);
+ Py_DECREF(repr);
+ return 0;
+ } else {
+ return 1;
+ }
+}
+
+SWIGRUNTIME PyObject *
+PySwigObject_str(PySwigObject *v)
+{
+ char result[SWIG_BUFFER_SIZE];
+ return SWIG_PackVoidPtr(result, v->ptr, v->ty->name, sizeof(result)) ?
+ PyString_FromString(result) : 0;
+}
+
+SWIGRUNTIME int
+PySwigObject_compare(PySwigObject *v, PySwigObject *w)
+{
+ void *i = v->ptr;
+ void *j = w->ptr;
+ return (i < j) ? -1 : ((i > j) ? 1 : 0);
+}
+
+SWIGRUNTIME PyTypeObject* _PySwigObject_type(void);
+
+SWIGRUNTIME PyTypeObject*
+PySwigObject_type(void) {
+ static PyTypeObject *SWIG_STATIC_POINTER(type) = _PySwigObject_type();
+ return type;
+}
+
+SWIGRUNTIMEINLINE int
+PySwigObject_Check(PyObject *op) {
+ return ((op)->ob_type == PySwigObject_type())
+ || (strcmp((op)->ob_type->tp_name,"PySwigObject") == 0);
+}
+
+SWIGRUNTIME PyObject *
+PySwigObject_New(void *ptr, swig_type_info *ty, int own);
+
+SWIGRUNTIME void
+PySwigObject_dealloc(PyObject *v)
+{
+ PySwigObject *sobj = (PySwigObject *) v;
+ PyObject *next = sobj->next;
+ if (sobj->own) {
+ swig_type_info *ty = sobj->ty;
+ PySwigClientData *data = ty ? (PySwigClientData *) ty->clientdata : 0;
+ PyObject *destroy = data ? data->destroy : 0;
+ if (destroy) {
+ /* destroy is always a VARARGS method */
+ PyObject *res;
+ if (data->delargs) {
+ /* we need to create a temporal object to carry the destroy operation */
+ PyObject *tmp = PySwigObject_New(sobj->ptr, ty, 0);
+ res = SWIG_Python_CallFunctor(destroy, tmp);
+ Py_DECREF(tmp);
+ } else {
+ PyCFunction meth = PyCFunction_GET_FUNCTION(destroy);
+ PyObject *mself = PyCFunction_GET_SELF(destroy);
+ res = ((*meth)(mself, v));
+ }
+ Py_XDECREF(res);
+ } else {
+ const char *name = SWIG_TypePrettyName(ty);
+#if !defined(SWIG_PYTHON_SILENT_MEMLEAK)
+ printf("swig/python detected a memory leak of type '%s', no destructor found.\n", name);
+#endif
+ }
+ }
+ Py_XDECREF(next);
+ PyObject_DEL(v);
+}
+
+SWIGRUNTIME PyObject*
+PySwigObject_append(PyObject* v, PyObject* next)
+{
+ PySwigObject *sobj = (PySwigObject *) v;
+#ifndef METH_O
+ PyObject *tmp = 0;
+ if (!PyArg_ParseTuple(next,(char *)"O:append", &tmp)) return NULL;
+ next = tmp;
+#endif
+ if (!PySwigObject_Check(next)) {
+ return NULL;
+ }
+ sobj->next = next;
+ Py_INCREF(next);
+ return SWIG_Py_Void();
+}
+
+SWIGRUNTIME PyObject*
+#ifdef METH_NOARGS
+PySwigObject_next(PyObject* v)
+#else
+PySwigObject_next(PyObject* v, PyObject *SWIGUNUSEDPARM(args))
+#endif
+{
+ PySwigObject *sobj = (PySwigObject *) v;
+ if (sobj->next) {
+ Py_INCREF(sobj->next);
+ return sobj->next;
+ } else {
+ return SWIG_Py_Void();
+ }
+}
+
+SWIGINTERN PyObject*
+#ifdef METH_NOARGS
+PySwigObject_disown(PyObject *v)
+#else
+PySwigObject_disown(PyObject* v, PyObject *SWIGUNUSEDPARM(args))
+#endif
+{
+ PySwigObject *sobj = (PySwigObject *)v;
+ sobj->own = 0;
+ return SWIG_Py_Void();
+}
+
+SWIGINTERN PyObject*
+#ifdef METH_NOARGS
+PySwigObject_acquire(PyObject *v)
+#else
+PySwigObject_acquire(PyObject* v, PyObject *SWIGUNUSEDPARM(args))
+#endif
+{
+ PySwigObject *sobj = (PySwigObject *)v;
+ sobj->own = SWIG_POINTER_OWN;
+ return SWIG_Py_Void();
+}
+
+SWIGINTERN PyObject*
+PySwigObject_own(PyObject *v, PyObject *args)
+{
+ PyObject *val = 0;
+#if (PY_VERSION_HEX < 0x02020000)
+ if (!PyArg_ParseTuple(args,(char *)"|O:own",&val))
+#else
+ if (!PyArg_UnpackTuple(args, (char *)"own", 0, 1, &val))
+#endif
+ {
+ return NULL;
+ }
+ else
+ {
+ PySwigObject *sobj = (PySwigObject *)v;
+ PyObject *obj = PyBool_FromLong(sobj->own);
+ if (val) {
+#ifdef METH_NOARGS
+ if (PyObject_IsTrue(val)) {
+ PySwigObject_acquire(v);
+ } else {
+ PySwigObject_disown(v);
+ }
+#else
+ if (PyObject_IsTrue(val)) {
+ PySwigObject_acquire(v,args);
+ } else {
+ PySwigObject_disown(v,args);
+ }
+#endif
+ }
+ return obj;
+ }
+}
+
+#ifdef METH_O
+static PyMethodDef
+swigobject_methods[] = {
+ {(char *)"disown", (PyCFunction)PySwigObject_disown, METH_NOARGS, (char *)"releases ownership of the pointer"},
+ {(char *)"acquire", (PyCFunction)PySwigObject_acquire, METH_NOARGS, (char *)"aquires ownership of the pointer"},
+ {(char *)"own", (PyCFunction)PySwigObject_own, METH_VARARGS, (char *)"returns/sets ownership of the pointer"},
+ {(char *)"append", (PyCFunction)PySwigObject_append, METH_O, (char *)"appends another 'this' object"},
+ {(char *)"next", (PyCFunction)PySwigObject_next, METH_NOARGS, (char *)"returns the next 'this' object"},
+ {(char *)"__repr__",(PyCFunction)PySwigObject_repr, METH_NOARGS, (char *)"returns object representation"},
+ {0, 0, 0, 0}
+};
+#else
+static PyMethodDef
+swigobject_methods[] = {
+ {(char *)"disown", (PyCFunction)PySwigObject_disown, METH_VARARGS, (char *)"releases ownership of the pointer"},
+ {(char *)"acquire", (PyCFunction)PySwigObject_acquire, METH_VARARGS, (char *)"aquires ownership of the pointer"},
+ {(char *)"own", (PyCFunction)PySwigObject_own, METH_VARARGS, (char *)"returns/sets ownership of the pointer"},
+ {(char *)"append", (PyCFunction)PySwigObject_append, METH_VARARGS, (char *)"appends another 'this' object"},
+ {(char *)"next", (PyCFunction)PySwigObject_next, METH_VARARGS, (char *)"returns the next 'this' object"},
+ {(char *)"__repr__",(PyCFunction)PySwigObject_repr, METH_VARARGS, (char *)"returns object representation"},
+ {0, 0, 0, 0}
+};
+#endif
+
+#if PY_VERSION_HEX < 0x02020000
+SWIGINTERN PyObject *
+PySwigObject_getattr(PySwigObject *sobj,char *name)
+{
+ return Py_FindMethod(swigobject_methods, (PyObject *)sobj, name);
+}
+#endif
+
+SWIGRUNTIME PyTypeObject*
+_PySwigObject_type(void) {
+ static char swigobject_doc[] = "Swig object carries a C/C++ instance pointer";
+
+ static PyNumberMethods PySwigObject_as_number = {
+ (binaryfunc)0, /*nb_add*/
+ (binaryfunc)0, /*nb_subtract*/
+ (binaryfunc)0, /*nb_multiply*/
+ (binaryfunc)0, /*nb_divide*/
+ (binaryfunc)0, /*nb_remainder*/
+ (binaryfunc)0, /*nb_divmod*/
+ (ternaryfunc)0,/*nb_power*/
+ (unaryfunc)0, /*nb_negative*/
+ (unaryfunc)0, /*nb_positive*/
+ (unaryfunc)0, /*nb_absolute*/
+ (inquiry)0, /*nb_nonzero*/
+ 0, /*nb_invert*/
+ 0, /*nb_lshift*/
+ 0, /*nb_rshift*/
+ 0, /*nb_and*/
+ 0, /*nb_xor*/
+ 0, /*nb_or*/
+ (coercion)0, /*nb_coerce*/
+ (unaryfunc)PySwigObject_long, /*nb_int*/
+ (unaryfunc)PySwigObject_long, /*nb_long*/
+ (unaryfunc)0, /*nb_float*/
+ (unaryfunc)PySwigObject_oct, /*nb_oct*/
+ (unaryfunc)PySwigObject_hex, /*nb_hex*/
+#if PY_VERSION_HEX >= 0x02050000 /* 2.5.0 */
+ 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0 /* nb_inplace_add -> nb_index */
+#elif PY_VERSION_HEX >= 0x02020000 /* 2.2.0 */
+ 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0 /* nb_inplace_add -> nb_inplace_true_divide */
+#elif PY_VERSION_HEX >= 0x02000000 /* 2.0.0 */
+ 0,0,0,0,0,0,0,0,0,0,0 /* nb_inplace_add -> nb_inplace_or */
+#endif
+ };
+
+ static PyTypeObject pyswigobject_type;
+ static int type_init = 0;
+ if (!type_init) {
+ const PyTypeObject tmp
+ = {
+ PyObject_HEAD_INIT(NULL)
+ 0, /* ob_size */
+ (char *)"PySwigObject", /* tp_name */
+ sizeof(PySwigObject), /* tp_basicsize */
+ 0, /* tp_itemsize */
+ (destructor)PySwigObject_dealloc, /* tp_dealloc */
+ (printfunc)PySwigObject_print, /* tp_print */
+#if PY_VERSION_HEX < 0x02020000
+ (getattrfunc)PySwigObject_getattr, /* tp_getattr */
+#else
+ (getattrfunc)0, /* tp_getattr */
+#endif
+ (setattrfunc)0, /* tp_setattr */
+ (cmpfunc)PySwigObject_compare, /* tp_compare */
+ (reprfunc)PySwigObject_repr, /* tp_repr */
+ &PySwigObject_as_number, /* tp_as_number */
+ 0, /* tp_as_sequence */
+ 0, /* tp_as_mapping */
+ (hashfunc)0, /* tp_hash */
+ (ternaryfunc)0, /* tp_call */
+ (reprfunc)PySwigObject_str, /* tp_str */
+ PyObject_GenericGetAttr, /* tp_getattro */
+ 0, /* tp_setattro */
+ 0, /* tp_as_buffer */
+ Py_TPFLAGS_DEFAULT, /* tp_flags */
+ swigobject_doc, /* tp_doc */
+ 0, /* tp_traverse */
+ 0, /* tp_clear */
+ 0, /* tp_richcompare */
+ 0, /* tp_weaklistoffset */
+#if PY_VERSION_HEX >= 0x02020000
+ 0, /* tp_iter */
+ 0, /* tp_iternext */
+ swigobject_methods, /* tp_methods */
+ 0, /* tp_members */
+ 0, /* tp_getset */
+ 0, /* tp_base */
+ 0, /* tp_dict */
+ 0, /* tp_descr_get */
+ 0, /* tp_descr_set */
+ 0, /* tp_dictoffset */
+ 0, /* tp_init */
+ 0, /* tp_alloc */
+ 0, /* tp_new */
+ 0, /* tp_free */
+ 0, /* tp_is_gc */
+ 0, /* tp_bases */
+ 0, /* tp_mro */
+ 0, /* tp_cache */
+ 0, /* tp_subclasses */
+ 0, /* tp_weaklist */
+#endif
+#if PY_VERSION_HEX >= 0x02030000
+ 0, /* tp_del */
+#endif
+#ifdef COUNT_ALLOCS
+ 0,0,0,0 /* tp_alloc -> tp_next */
+#endif
+ };
+ pyswigobject_type = tmp;
+ pyswigobject_type.ob_type = &PyType_Type;
+ type_init = 1;
+ }
+ return &pyswigobject_type;
+}
+
+SWIGRUNTIME PyObject *
+PySwigObject_New(void *ptr, swig_type_info *ty, int own)
+{
+ PySwigObject *sobj = PyObject_NEW(PySwigObject, PySwigObject_type());
+ if (sobj) {
+ sobj->ptr = ptr;
+ sobj->ty = ty;
+ sobj->own = own;
+ sobj->next = 0;
+ }
+ return (PyObject *)sobj;
+}
+
+/* -----------------------------------------------------------------------------
+ * Implements a simple Swig Packed type, and use it instead of string
+ * ----------------------------------------------------------------------------- */
+
+typedef struct {
+ PyObject_HEAD
+ void *pack;
+ swig_type_info *ty;
+ size_t size;
+} PySwigPacked;
+
+SWIGRUNTIME int
+PySwigPacked_print(PySwigPacked *v, FILE *fp, int SWIGUNUSEDPARM(flags))
+{
+ char result[SWIG_BUFFER_SIZE];
+ fputs("<Swig Packed ", fp);
+ if (SWIG_PackDataName(result, v->pack, v->size, 0, sizeof(result))) {
+ fputs("at ", fp);
+ fputs(result, fp);
+ }
+ fputs(v->ty->name,fp);
+ fputs(">", fp);
+ return 0;
+}
+
+SWIGRUNTIME PyObject *
+PySwigPacked_repr(PySwigPacked *v)
+{
+ char result[SWIG_BUFFER_SIZE];
+ if (SWIG_PackDataName(result, v->pack, v->size, 0, sizeof(result))) {
+ return PyString_FromFormat("<Swig Packed at %s%s>", result, v->ty->name);
+ } else {
+ return PyString_FromFormat("<Swig Packed %s>", v->ty->name);
+ }
+}
+
+SWIGRUNTIME PyObject *
+PySwigPacked_str(PySwigPacked *v)
+{
+ char result[SWIG_BUFFER_SIZE];
+ if (SWIG_PackDataName(result, v->pack, v->size, 0, sizeof(result))){
+ return PyString_FromFormat("%s%s", result, v->ty->name);
+ } else {
+ return PyString_FromString(v->ty->name);
+ }
+}
+
+SWIGRUNTIME int
+PySwigPacked_compare(PySwigPacked *v, PySwigPacked *w)
+{
+ size_t i = v->size;
+ size_t j = w->size;
+ int s = (i < j) ? -1 : ((i > j) ? 1 : 0);
+ return s ? s : strncmp((char *)v->pack, (char *)w->pack, 2*v->size);
+}
+
+SWIGRUNTIME PyTypeObject* _PySwigPacked_type(void);
+
+SWIGRUNTIME PyTypeObject*
+PySwigPacked_type(void) {
+ static PyTypeObject *SWIG_STATIC_POINTER(type) = _PySwigPacked_type();
+ return type;
+}
+
+SWIGRUNTIMEINLINE int
+PySwigPacked_Check(PyObject *op) {
+ return ((op)->ob_type == _PySwigPacked_type())
+ || (strcmp((op)->ob_type->tp_name,"PySwigPacked") == 0);
+}
+
+SWIGRUNTIME void
+PySwigPacked_dealloc(PyObject *v)
+{
+ if (PySwigPacked_Check(v)) {
+ PySwigPacked *sobj = (PySwigPacked *) v;
+ free(sobj->pack);
+ }
+ PyObject_DEL(v);
+}
+
+SWIGRUNTIME PyTypeObject*
+_PySwigPacked_type(void) {
+ static char swigpacked_doc[] = "Swig object carries a C/C++ instance pointer";
+ static PyTypeObject pyswigpacked_type;
+ static int type_init = 0;
+ if (!type_init) {
+ const PyTypeObject tmp
+ = {
+ PyObject_HEAD_INIT(NULL)
+ 0, /* ob_size */
+ (char *)"PySwigPacked", /* tp_name */
+ sizeof(PySwigPacked), /* tp_basicsize */
+ 0, /* tp_itemsize */
+ (destructor)PySwigPacked_dealloc, /* tp_dealloc */
+ (printfunc)PySwigPacked_print, /* tp_print */
+ (getattrfunc)0, /* tp_getattr */
+ (setattrfunc)0, /* tp_setattr */
+ (cmpfunc)PySwigPacked_compare, /* tp_compare */
+ (reprfunc)PySwigPacked_repr, /* tp_repr */
+ 0, /* tp_as_number */
+ 0, /* tp_as_sequence */
+ 0, /* tp_as_mapping */
+ (hashfunc)0, /* tp_hash */
+ (ternaryfunc)0, /* tp_call */
+ (reprfunc)PySwigPacked_str, /* tp_str */
+ PyObject_GenericGetAttr, /* tp_getattro */
+ 0, /* tp_setattro */
+ 0, /* tp_as_buffer */
+ Py_TPFLAGS_DEFAULT, /* tp_flags */
+ swigpacked_doc, /* tp_doc */
+ 0, /* tp_traverse */
+ 0, /* tp_clear */
+ 0, /* tp_richcompare */
+ 0, /* tp_weaklistoffset */
+#if PY_VERSION_HEX >= 0x02020000
+ 0, /* tp_iter */
+ 0, /* tp_iternext */
+ 0, /* tp_methods */
+ 0, /* tp_members */
+ 0, /* tp_getset */
+ 0, /* tp_base */
+ 0, /* tp_dict */
+ 0, /* tp_descr_get */
+ 0, /* tp_descr_set */
+ 0, /* tp_dictoffset */
+ 0, /* tp_init */
+ 0, /* tp_alloc */
+ 0, /* tp_new */
+ 0, /* tp_free */
+ 0, /* tp_is_gc */
+ 0, /* tp_bases */
+ 0, /* tp_mro */
+ 0, /* tp_cache */
+ 0, /* tp_subclasses */
+ 0, /* tp_weaklist */
+#endif
+#if PY_VERSION_HEX >= 0x02030000
+ 0, /* tp_del */
+#endif
+#ifdef COUNT_ALLOCS
+ 0,0,0,0 /* tp_alloc -> tp_next */
+#endif
+ };
+ pyswigpacked_type = tmp;
+ pyswigpacked_type.ob_type = &PyType_Type;
+ type_init = 1;
+ }
+ return &pyswigpacked_type;
+}
+
+SWIGRUNTIME PyObject *
+PySwigPacked_New(void *ptr, size_t size, swig_type_info *ty)
+{
+ PySwigPacked *sobj = PyObject_NEW(PySwigPacked, PySwigPacked_type());
+ if (sobj) {
+ void *pack = malloc(size);
+ if (pack) {
+ memcpy(pack, ptr, size);
+ sobj->pack = pack;
+ sobj->ty = ty;
+ sobj->size = size;
+ } else {
+ PyObject_DEL((PyObject *) sobj);
+ sobj = 0;
+ }
+ }
+ return (PyObject *) sobj;
+}
+
+SWIGRUNTIME swig_type_info *
+PySwigPacked_UnpackData(PyObject *obj, void *ptr, size_t size)
+{
+ if (PySwigPacked_Check(obj)) {
+ PySwigPacked *sobj = (PySwigPacked *)obj;
+ if (sobj->size != size) return 0;
+ memcpy(ptr, sobj->pack, size);
+ return sobj->ty;
+ } else {
+ return 0;
+ }
+}
+
+/* -----------------------------------------------------------------------------
+ * pointers/data manipulation
+ * ----------------------------------------------------------------------------- */
+
+SWIGRUNTIMEINLINE PyObject *
+_SWIG_This(void)
+{
+ return PyString_FromString("this");
+}
+
+SWIGRUNTIME PyObject *
+SWIG_This(void)
+{
+ static PyObject *SWIG_STATIC_POINTER(swig_this) = _SWIG_This();
+ return swig_this;
+}
+
+/* #define SWIG_PYTHON_SLOW_GETSET_THIS */
+
+SWIGRUNTIME PySwigObject *
+SWIG_Python_GetSwigThis(PyObject *pyobj)
+{
+ if (PySwigObject_Check(pyobj)) {
+ return (PySwigObject *) pyobj;
+ } else {
+ PyObject *obj = 0;
+#if (!defined(SWIG_PYTHON_SLOW_GETSET_THIS) && (PY_VERSION_HEX >= 0x02030000))
+ if (PyInstance_Check(pyobj)) {
+ obj = _PyInstance_Lookup(pyobj, SWIG_This());
+ } else {
+ PyObject **dictptr = _PyObject_GetDictPtr(pyobj);
+ if (dictptr != NULL) {
+ PyObject *dict = *dictptr;
+ obj = dict ? PyDict_GetItem(dict, SWIG_This()) : 0;
+ } else {
+#ifdef PyWeakref_CheckProxy
+ if (PyWeakref_CheckProxy(pyobj)) {
+ PyObject *wobj = PyWeakref_GET_OBJECT(pyobj);
+ return wobj ? SWIG_Python_GetSwigThis(wobj) : 0;
+ }
+#endif
+ obj = PyObject_GetAttr(pyobj,SWIG_This());
+ if (obj) {
+ Py_DECREF(obj);
+ } else {
+ if (PyErr_Occurred()) PyErr_Clear();
+ return 0;
+ }
+ }
+ }
+#else
+ obj = PyObject_GetAttr(pyobj,SWIG_This());
+ if (obj) {
+ Py_DECREF(obj);
+ } else {
+ if (PyErr_Occurred()) PyErr_Clear();
+ return 0;
+ }
+#endif
+ if (obj && !PySwigObject_Check(obj)) {
+ /* a PyObject is called 'this', try to get the 'real this'
+ PySwigObject from it */
+ return SWIG_Python_GetSwigThis(obj);
+ }
+ return (PySwigObject *)obj;
+ }
+}
+
+/* Acquire a pointer value */
+
+SWIGRUNTIME int
+SWIG_Python_AcquirePtr(PyObject *obj, int own) {
+ if (own) {
+ PySwigObject *sobj = SWIG_Python_GetSwigThis(obj);
+ if (sobj) {
+ int oldown = sobj->own;
+ sobj->own = own;
+ return oldown;
+ }
+ }
+ return 0;
+}
+
+/* Convert a pointer value */
+
+SWIGRUNTIME int
+SWIG_Python_ConvertPtrAndOwn(PyObject *obj, void **ptr, swig_type_info *ty, int flags, int *own) {
+ if (!obj) return SWIG_ERROR;
+ if (obj == Py_None) {
+ if (ptr) *ptr = 0;
+ return SWIG_OK;
+ } else {
+ PySwigObject *sobj = SWIG_Python_GetSwigThis(obj);
+ while (sobj) {
+ void *vptr = sobj->ptr;
+ if (ty) {
+ swig_type_info *to = sobj->ty;
+ if (to == ty) {
+ /* no type cast needed */
+ if (ptr) *ptr = vptr;
+ break;
+ } else {
+ swig_cast_info *tc = SWIG_TypeCheck(to->name,ty);
+ if (!tc) {
+ sobj = (PySwigObject *)sobj->next;
+ } else {
+ if (ptr) *ptr = SWIG_TypeCast(tc,vptr);
+ break;
+ }
+ }
+ } else {
+ if (ptr) *ptr = vptr;
+ break;
+ }
+ }
+ if (sobj) {
+ if (own) *own = sobj->own;
+ if (flags & SWIG_POINTER_DISOWN) {
+ sobj->own = 0;
+ }
+ return SWIG_OK;
+ } else {
+ int res = SWIG_ERROR;
+ if (flags & SWIG_POINTER_IMPLICIT_CONV) {
+ PySwigClientData *data = ty ? (PySwigClientData *) ty->clientdata : 0;
+ if (data && !data->implicitconv) {
+ PyObject *klass = data->klass;
+ if (klass) {
+ PyObject *impconv;
+ data->implicitconv = 1; /* avoid recursion and call 'explicit' constructors*/
+ impconv = SWIG_Python_CallFunctor(klass, obj);
+ data->implicitconv = 0;
+ if (PyErr_Occurred()) {
+ PyErr_Clear();
+ impconv = 0;
+ }
+ if (impconv) {
+ PySwigObject *iobj = SWIG_Python_GetSwigThis(impconv);
+ if (iobj) {
+ void *vptr;
+ res = SWIG_Python_ConvertPtrAndOwn((PyObject*)iobj, &vptr, ty, 0, 0);
+ if (SWIG_IsOK(res)) {
+ if (ptr) {
+ *ptr = vptr;
+ /* transfer the ownership to 'ptr' */
+ iobj->own = 0;
+ res = SWIG_AddCast(res);
+ res = SWIG_AddNewMask(res);
+ } else {
+ res = SWIG_AddCast(res);
+ }
+ }
+ }
+ Py_DECREF(impconv);
+ }
+ }
+ }
+ }
+ return res;
+ }
+ }
+}
+
+/* Convert a function ptr value */
+
+SWIGRUNTIME int
+SWIG_Python_ConvertFunctionPtr(PyObject *obj, void **ptr, swig_type_info *ty) {
+ if (!PyCFunction_Check(obj)) {
+ return SWIG_ConvertPtr(obj, ptr, ty, 0);
+ } else {
+ void *vptr = 0;
+
+ /* here we get the method pointer for callbacks */
+ const char *doc = (((PyCFunctionObject *)obj) -> m_ml -> ml_doc);
+ const char *desc = doc ? strstr(doc, "swig_ptr: ") : 0;
+ if (desc) {
+ desc = ty ? SWIG_UnpackVoidPtr(desc + 10, &vptr, ty->name) : 0;
+ if (!desc) return SWIG_ERROR;
+ }
+ if (ty) {
+ swig_cast_info *tc = SWIG_TypeCheck(desc,ty);
+ if (!tc) return SWIG_ERROR;
+ *ptr = SWIG_TypeCast(tc,vptr);
+ } else {
+ *ptr = vptr;
+ }
+ return SWIG_OK;
+ }
+}
+
+/* Convert a packed value value */
+
+SWIGRUNTIME int
+SWIG_Python_ConvertPacked(PyObject *obj, void *ptr, size_t sz, swig_type_info *ty) {
+ swig_type_info *to = PySwigPacked_UnpackData(obj, ptr, sz);
+ if (!to) return SWIG_ERROR;
+ if (ty) {
+ if (to != ty) {
+ /* check type cast? */
+ swig_cast_info *tc = SWIG_TypeCheck(to->name,ty);
+ if (!tc) return SWIG_ERROR;
+ }
+ }
+ return SWIG_OK;
+}
+
+/* -----------------------------------------------------------------------------
+ * Create a new pointer object
+ * ----------------------------------------------------------------------------- */
+
+/*
+ Create a new instance object, whitout calling __init__, and set the
+ 'this' attribute.
+*/
+
+SWIGRUNTIME PyObject*
+SWIG_Python_NewShadowInstance(PySwigClientData *data, PyObject *swig_this)
+{
+#if (PY_VERSION_HEX >= 0x02020000)
+ PyObject *inst = 0;
+ PyObject *newraw = data->newraw;
+ if (newraw) {
+ inst = PyObject_Call(newraw, data->newargs, NULL);
+ if (inst) {
+#if !defined(SWIG_PYTHON_SLOW_GETSET_THIS)
+ PyObject **dictptr = _PyObject_GetDictPtr(inst);
+ if (dictptr != NULL) {
+ PyObject *dict = *dictptr;
+ if (dict == NULL) {
+ dict = PyDict_New();
+ *dictptr = dict;
+ PyDict_SetItem(dict, SWIG_This(), swig_this);
+ }
+ }
+#else
+ PyObject *key = SWIG_This();
+ PyObject_SetAttr(inst, key, swig_this);
+#endif
+ }
+ } else {
+ PyObject *dict = PyDict_New();
+ PyDict_SetItem(dict, SWIG_This(), swig_this);
+ inst = PyInstance_NewRaw(data->newargs, dict);
+ Py_DECREF(dict);
+ }
+ return inst;
+#else
+#if (PY_VERSION_HEX >= 0x02010000)
+ PyObject *inst;
+ PyObject *dict = PyDict_New();
+ PyDict_SetItem(dict, SWIG_This(), swig_this);
+ inst = PyInstance_NewRaw(data->newargs, dict);
+ Py_DECREF(dict);
+ return (PyObject *) inst;
+#else
+ PyInstanceObject *inst = PyObject_NEW(PyInstanceObject, &PyInstance_Type);
+ if (inst == NULL) {
+ return NULL;
+ }
+ inst->in_class = (PyClassObject *)data->newargs;
+ Py_INCREF(inst->in_class);
+ inst->in_dict = PyDict_New();
+ if (inst->in_dict == NULL) {
+ Py_DECREF(inst);
+ return NULL;
+ }
+#ifdef Py_TPFLAGS_HAVE_WEAKREFS
+ inst->in_weakreflist = NULL;
+#endif
+#ifdef Py_TPFLAGS_GC
+ PyObject_GC_Init(inst);
+#endif
+ PyDict_SetItem(inst->in_dict, SWIG_This(), swig_this);
+ return (PyObject *) inst;
+#endif
+#endif
+}
+
+SWIGRUNTIME void
+SWIG_Python_SetSwigThis(PyObject *inst, PyObject *swig_this)
+{
+ PyObject *dict;
+#if (PY_VERSION_HEX >= 0x02020000) && !defined(SWIG_PYTHON_SLOW_GETSET_THIS)
+ PyObject **dictptr = _PyObject_GetDictPtr(inst);
+ if (dictptr != NULL) {
+ dict = *dictptr;
+ if (dict == NULL) {
+ dict = PyDict_New();
+ *dictptr = dict;
+ }
+ PyDict_SetItem(dict, SWIG_This(), swig_this);
+ return;
+ }
+#endif
+ dict = PyObject_GetAttrString(inst, (char*)"__dict__");
+ PyDict_SetItem(dict, SWIG_This(), swig_this);
+ Py_DECREF(dict);
+}
+
+
+SWIGINTERN PyObject *
+SWIG_Python_InitShadowInstance(PyObject *args) {
+ PyObject *obj[2];
+ if (!SWIG_Python_UnpackTuple(args,(char*)"swiginit", 2, 2, obj)) {
+ return NULL;
+ } else {
+ PySwigObject *sthis = SWIG_Python_GetSwigThis(obj[0]);
+ if (sthis) {
+ PySwigObject_append((PyObject*) sthis, obj[1]);
+ } else {
+ SWIG_Python_SetSwigThis(obj[0], obj[1]);
+ }
+ return SWIG_Py_Void();
+ }
+}
+
+/* Create a new pointer object */
+
+SWIGRUNTIME PyObject *
+SWIG_Python_NewPointerObj(void *ptr, swig_type_info *type, int flags) {
+ if (!ptr) {
+ return SWIG_Py_Void();
+ } else {
+ int own = (flags & SWIG_POINTER_OWN) ? SWIG_POINTER_OWN : 0;
+ PyObject *robj = PySwigObject_New(ptr, type, own);
+ PySwigClientData *clientdata = type ? (PySwigClientData *)(type->clientdata) : 0;
+ if (clientdata && !(flags & SWIG_POINTER_NOSHADOW)) {
+ PyObject *inst = SWIG_Python_NewShadowInstance(clientdata, robj);
+ if (inst) {
+ Py_DECREF(robj);
+ robj = inst;
+ }
+ }
+ return robj;
+ }
+}
+
+/* Create a new packed object */
+
+SWIGRUNTIMEINLINE PyObject *
+SWIG_Python_NewPackedObj(void *ptr, size_t sz, swig_type_info *type) {
+ return ptr ? PySwigPacked_New((void *) ptr, sz, type) : SWIG_Py_Void();
+}
+
+/* -----------------------------------------------------------------------------*
+ * Get type list
+ * -----------------------------------------------------------------------------*/
+
+#ifdef SWIG_LINK_RUNTIME
+void *SWIG_ReturnGlobalTypeList(void *);
+#endif
+
+SWIGRUNTIME swig_module_info *
+SWIG_Python_GetModule(void) {
+ static void *type_pointer = (void *)0;
+ /* first check if module already created */
+ if (!type_pointer) {
+#ifdef SWIG_LINK_RUNTIME
+ type_pointer = SWIG_ReturnGlobalTypeList((void *)0);
+#else
+ type_pointer = PyCObject_Import((char*)"swig_runtime_data" SWIG_RUNTIME_VERSION,
+ (char*)"type_pointer" SWIG_TYPE_TABLE_NAME);
+ if (PyErr_Occurred()) {
+ PyErr_Clear();
+ type_pointer = (void *)0;
+ }
+#endif
+ }
+ return (swig_module_info *) type_pointer;
+}
+
+#if PY_MAJOR_VERSION < 2
+/* PyModule_AddObject function was introduced in Python 2.0. The following function
+ is copied out of Python/modsupport.c in python version 2.3.4 */
+SWIGINTERN int
+PyModule_AddObject(PyObject *m, char *name, PyObject *o)
+{
+ PyObject *dict;
+ if (!PyModule_Check(m)) {
+ PyErr_SetString(PyExc_TypeError,
+ "PyModule_AddObject() needs module as first arg");
+ return SWIG_ERROR;
+ }
+ if (!o) {
+ PyErr_SetString(PyExc_TypeError,
+ "PyModule_AddObject() needs non-NULL value");
+ return SWIG_ERROR;
+ }
+
+ dict = PyModule_GetDict(m);
+ if (dict == NULL) {
+ /* Internal error -- modules must have a dict! */
+ PyErr_Format(PyExc_SystemError, "module '%s' has no __dict__",
+ PyModule_GetName(m));
+ return SWIG_ERROR;
+ }
+ if (PyDict_SetItemString(dict, name, o))
+ return SWIG_ERROR;
+ Py_DECREF(o);
+ return SWIG_OK;
+}
+#endif
+
+SWIGRUNTIME void
+SWIG_Python_DestroyModule(void *vptr)
+{
+ swig_module_info *swig_module = (swig_module_info *) vptr;
+ swig_type_info **types = swig_module->types;
+ size_t i;
+ for (i =0; i < swig_module->size; ++i) {
+ swig_type_info *ty = types[i];
+ if (ty->owndata) {
+ PySwigClientData *data = (PySwigClientData *) ty->clientdata;
+ if (data) PySwigClientData_Del(data);
+ }
+ }
+ Py_DECREF(SWIG_This());
+}
+
+SWIGRUNTIME void
+SWIG_Python_SetModule(swig_module_info *swig_module) {
+ static PyMethodDef swig_empty_runtime_method_table[] = { {NULL, NULL, 0, NULL} };/* Sentinel */
+
+ PyObject *module = Py_InitModule((char*)"swig_runtime_data" SWIG_RUNTIME_VERSION,
+ swig_empty_runtime_method_table);
+ PyObject *pointer = PyCObject_FromVoidPtr((void *) swig_module, SWIG_Python_DestroyModule);
+ if (pointer && module) {
+ PyModule_AddObject(module, (char*)"type_pointer" SWIG_TYPE_TABLE_NAME, pointer);
+ } else {
+ Py_XDECREF(pointer);
+ }
+}
+
+/* The python cached type query */
+SWIGRUNTIME PyObject *
+SWIG_Python_TypeCache(void) {
+ static PyObject *SWIG_STATIC_POINTER(cache) = PyDict_New();
+ return cache;
+}
+
+SWIGRUNTIME swig_type_info *
+SWIG_Python_TypeQuery(const char *type)
+{
+ PyObject *cache = SWIG_Python_TypeCache();
+ PyObject *key = PyString_FromString(type);
+ PyObject *obj = PyDict_GetItem(cache, key);
+ swig_type_info *descriptor;
+ if (obj) {
+ descriptor = (swig_type_info *) PyCObject_AsVoidPtr(obj);
+ } else {
+ swig_module_info *swig_module = SWIG_Python_GetModule();
+ descriptor = SWIG_TypeQueryModule(swig_module, swig_module, type);
+ if (descriptor) {
+ obj = PyCObject_FromVoidPtr(descriptor, NULL);
+ PyDict_SetItem(cache, key, obj);
+ Py_DECREF(obj);
+ }
+ }
+ Py_DECREF(key);
+ return descriptor;
+}
+
+/*
+ For backward compatibility only
+*/
+#define SWIG_POINTER_EXCEPTION 0
+#define SWIG_arg_fail(arg) SWIG_Python_ArgFail(arg)
+#define SWIG_MustGetPtr(p, type, argnum, flags) SWIG_Python_MustGetPtr(p, type, argnum, flags)
+
+SWIGRUNTIME int
+SWIG_Python_AddErrMesg(const char* mesg, int infront)
+{
+ if (PyErr_Occurred()) {
+ PyObject *type = 0;
+ PyObject *value = 0;
+ PyObject *traceback = 0;
+ PyErr_Fetch(&type, &value, &traceback);
+ if (value) {
+ PyObject *old_str = PyObject_Str(value);
+ Py_XINCREF(type);
+ PyErr_Clear();
+ if (infront) {
+ PyErr_Format(type, "%s %s", mesg, PyString_AsString(old_str));
+ } else {
+ PyErr_Format(type, "%s %s", PyString_AsString(old_str), mesg);
+ }
+ Py_DECREF(old_str);
+ }
+ return 1;
+ } else {
+ return 0;
+ }
+}
+
+SWIGRUNTIME int
+SWIG_Python_ArgFail(int argnum)
+{
+ if (PyErr_Occurred()) {
+ /* add information about failing argument */
+ char mesg[256];
+ PyOS_snprintf(mesg, sizeof(mesg), "argument number %d:", argnum);
+ return SWIG_Python_AddErrMesg(mesg, 1);
+ } else {
+ return 0;
+ }
+}
+
+SWIGRUNTIMEINLINE const char *
+PySwigObject_GetDesc(PyObject *self)
+{
+ PySwigObject *v = (PySwigObject *)self;
+ swig_type_info *ty = v ? v->ty : 0;
+ return ty ? ty->str : (char*)"";
+}
+
+SWIGRUNTIME void
+SWIG_Python_TypeError(const char *type, PyObject *obj)
+{
+ if (type) {
+#if defined(SWIG_COBJECT_TYPES)
+ if (obj && PySwigObject_Check(obj)) {
+ const char *otype = (const char *) PySwigObject_GetDesc(obj);
+ if (otype) {
+ PyErr_Format(PyExc_TypeError, "a '%s' is expected, 'PySwigObject(%s)' is received",
+ type, otype);
+ return;
+ }
+ } else
+#endif
+ {
+ const char *otype = (obj ? obj->ob_type->tp_name : 0);
+ if (otype) {
+ PyObject *str = PyObject_Str(obj);
+ const char *cstr = str ? PyString_AsString(str) : 0;
+ if (cstr) {
+ PyErr_Format(PyExc_TypeError, "a '%s' is expected, '%s(%s)' is received",
+ type, otype, cstr);
+ } else {
+ PyErr_Format(PyExc_TypeError, "a '%s' is expected, '%s' is received",
+ type, otype);
+ }
+ Py_XDECREF(str);
+ return;
+ }
+ }
+ PyErr_Format(PyExc_TypeError, "a '%s' is expected", type);
+ } else {
+ PyErr_Format(PyExc_TypeError, "unexpected type is received");
+ }
+}
+
+
+/* Convert a pointer value, signal an exception on a type mismatch */
+SWIGRUNTIME void *
+SWIG_Python_MustGetPtr(PyObject *obj, swig_type_info *ty, int argnum, int flags) {
+ void *result;
+ if (SWIG_Python_ConvertPtr(obj, &result, ty, flags) == -1) {
+ PyErr_Clear();
+ if (flags & SWIG_POINTER_EXCEPTION) {
+ SWIG_Python_TypeError(SWIG_TypePrettyName(ty), obj);
+ SWIG_Python_ArgFail(argnum);
+ }
+ }
+ return result;
+}
+
+
+#ifdef __cplusplus
+#if 0
+{ /* cc-mode */
+#endif
+}
+#endif
+
+
+
+#define SWIG_exception_fail(code, msg) do { SWIG_Error(code, msg); SWIG_fail; } while(0)
+
+#define SWIG_contract_assert(expr, msg) if (!(expr)) { SWIG_Error(SWIG_RuntimeError, msg); SWIG_fail; } else
+
+
+
+/* -------- TYPES TABLE (BEGIN) -------- */
+
+#define SWIGTYPE_p_SELboolean swig_types[0]
+#define SWIGTYPE_p_av_decision swig_types[1]
+#define SWIGTYPE_p_avc_cache_stats swig_types[2]
+#define SWIGTYPE_p_avc_entry swig_types[3]
+#define SWIGTYPE_p_avc_entry_ref swig_types[4]
+#define SWIGTYPE_p_avc_lock_callback swig_types[5]
+#define SWIGTYPE_p_avc_log_callback swig_types[6]
+#define SWIGTYPE_p_avc_memory_callback swig_types[7]
+#define SWIGTYPE_p_avc_thread_callback swig_types[8]
+#define SWIGTYPE_p_char swig_types[9]
+#define SWIGTYPE_p_f_int_p_q_const__char_v_______int swig_types[10]
+#define SWIGTYPE_p_f_p_f_void__void__p_void swig_types[11]
+#define SWIGTYPE_p_f_p_p_char__int swig_types[12]
+#define SWIGTYPE_p_f_p_q_const__char_v_______void swig_types[13]
+#define SWIGTYPE_p_f_p_void__void swig_types[14]
+#define SWIGTYPE_p_f_p_void_unsigned_short_p_char_size_t__int swig_types[15]
+#define SWIGTYPE_p_f_p_void_unsigned_short_p_char_size_t__void swig_types[16]
+#define SWIGTYPE_p_f_size_t__p_void swig_types[17]
+#define SWIGTYPE_p_f_void__p_void swig_types[18]
+#define SWIGTYPE_p_ino_t swig_types[19]
+#define SWIGTYPE_p_int swig_types[20]
+#define SWIGTYPE_p_p_char swig_types[21]
+#define SWIGTYPE_p_p_p_char swig_types[22]
+#define SWIGTYPE_p_p_security_id swig_types[23]
+#define SWIGTYPE_p_security_class_mapping swig_types[24]
+#define SWIGTYPE_p_security_id swig_types[25]
+#define SWIGTYPE_p_selinux_callback swig_types[26]
+#define SWIGTYPE_p_selinux_opt swig_types[27]
+#define SWIGTYPE_p_unsigned_int swig_types[28]
+#define SWIGTYPE_p_unsigned_short swig_types[29]
+static swig_type_info *swig_types[31];
+static swig_module_info swig_module = {swig_types, 30, 0, 0, 0, 0};
+#define SWIG_TypeQuery(name) SWIG_TypeQueryModule(&swig_module, &swig_module, name)
+#define SWIG_MangledTypeQuery(name) SWIG_MangledTypeQueryModule(&swig_module, &swig_module, name)
+
+/* -------- TYPES TABLE (END) -------- */
+
+#if (PY_VERSION_HEX <= 0x02000000)
+# if !defined(SWIG_PYTHON_CLASSIC)
+# error "This python version requires swig to be run with the '-classic' option"
+# endif
+#endif
+
+/*-----------------------------------------------
+ @(target):= _selinux.so
+ ------------------------------------------------*/
+#define SWIG_init init_selinux
+
+#define SWIG_name "_selinux"
+
+#define SWIGVERSION 0x010333
+#define SWIG_VERSION SWIGVERSION
+
+
+#define SWIG_as_voidptr(a) (void *)((const void *)(a))
+#define SWIG_as_voidptrptr(a) ((void)SWIG_as_voidptr(*a),(void**)(a))
+
+
+ #include "selinux/selinux.h"
+
+
+ #include "selinux/selinux.h"
+ #include "../include/selinux/avc.h"
+ #include "../include/selinux/selinux.h"
+ #include "../include/selinux/get_default_type.h"
+ #include "../include/selinux/get_context_list.h"
+
+
+ #define SWIG_From_long PyInt_FromLong
+
+
+SWIGINTERNINLINE PyObject *
+SWIG_From_int (int value)
+{
+ return SWIG_From_long (value);
+}
+
+
+SWIGINTERN swig_type_info*
+SWIG_pchar_descriptor(void)
+{
+ static int init = 0;
+ static swig_type_info* info = 0;
+ if (!init) {
+ info = SWIG_TypeQuery("_p_char");
+ init = 1;
+ }
+ return info;
+}
+
+
+SWIGINTERN int
+SWIG_AsCharPtrAndSize(PyObject *obj, char** cptr, size_t* psize, int *alloc)
+{
+ if (PyString_Check(obj)) {
+ char *cstr; Py_ssize_t len;
+ PyString_AsStringAndSize(obj, &cstr, &len);
+ if (cptr) {
+ if (alloc) {
+ /*
+ In python the user should not be able to modify the inner
+ string representation. To warranty that, if you define
+ SWIG_PYTHON_SAFE_CSTRINGS, a new/copy of the python string
+ buffer is always returned.
+
+ The default behavior is just to return the pointer value,
+ so, be careful.
+ */
+#if defined(SWIG_PYTHON_SAFE_CSTRINGS)
+ if (*alloc != SWIG_OLDOBJ)
+#else
+ if (*alloc == SWIG_NEWOBJ)
+#endif
+ {
+ *cptr = (char *)memcpy((char *)malloc((len + 1)*sizeof(char)), cstr, sizeof(char)*(len + 1));
+ *alloc = SWIG_NEWOBJ;
+ }
+ else {
+ *cptr = cstr;
+ *alloc = SWIG_OLDOBJ;
+ }
+ } else {
+ *cptr = PyString_AsString(obj);
+ }
+ }
+ if (psize) *psize = len + 1;
+ return SWIG_OK;
+ } else {
+ swig_type_info* pchar_descriptor = SWIG_pchar_descriptor();
+ if (pchar_descriptor) {
+ void* vptr = 0;
+ if (SWIG_ConvertPtr(obj, &vptr, pchar_descriptor, 0) == SWIG_OK) {
+ if (cptr) *cptr = (char *) vptr;
+ if (psize) *psize = vptr ? (strlen((char *)vptr) + 1) : 0;
+ if (alloc) *alloc = SWIG_OLDOBJ;
+ return SWIG_OK;
+ }
+ }
+ }
+ return SWIG_TypeError;
+}
+
+
+
+
+
+#include <limits.h>
+#if !defined(SWIG_NO_LLONG_MAX)
+# if !defined(LLONG_MAX) && defined(__GNUC__) && defined (__LONG_LONG_MAX__)
+# define LLONG_MAX __LONG_LONG_MAX__
+# define LLONG_MIN (-LLONG_MAX - 1LL)
+# define ULLONG_MAX (LLONG_MAX * 2ULL + 1ULL)
+# endif
+#endif
+
+
+SWIGINTERN int
+SWIG_AsVal_double (PyObject *obj, double *val)
+{
+ int res = SWIG_TypeError;
+ if (PyFloat_Check(obj)) {
+ if (val) *val = PyFloat_AsDouble(obj);
+ return SWIG_OK;
+ } else if (PyInt_Check(obj)) {
+ if (val) *val = PyInt_AsLong(obj);
+ return SWIG_OK;
+ } else if (PyLong_Check(obj)) {
+ double v = PyLong_AsDouble(obj);
+ if (!PyErr_Occurred()) {
+ if (val) *val = v;
+ return SWIG_OK;
+ } else {
+ PyErr_Clear();
+ }
+ }
+#ifdef SWIG_PYTHON_CAST_MODE
+ {
+ int dispatch = 0;
+ double d = PyFloat_AsDouble(obj);
+ if (!PyErr_Occurred()) {
+ if (val) *val = d;
+ return SWIG_AddCast(SWIG_OK);
+ } else {
+ PyErr_Clear();
+ }
+ if (!dispatch) {
+ long v = PyLong_AsLong(obj);
+ if (!PyErr_Occurred()) {
+ if (val) *val = v;
+ return SWIG_AddCast(SWIG_AddCast(SWIG_OK));
+ } else {
+ PyErr_Clear();
+ }
+ }
+ }
+#endif
+ return res;
+}
+
+
+#include <float.h>
+
+
+#include <math.h>
+
+
+SWIGINTERNINLINE int
+SWIG_CanCastAsInteger(double *d, double min, double max) {
+ double x = *d;
+ if ((min <= x && x <= max)) {
+ double fx = floor(x);
+ double cx = ceil(x);
+ double rd = ((x - fx) < 0.5) ? fx : cx; /* simple rint */
+ if ((errno == EDOM) || (errno == ERANGE)) {
+ errno = 0;
+ } else {
+ double summ, reps, diff;
+ if (rd < x) {
+ diff = x - rd;
+ } else if (rd > x) {
+ diff = rd - x;
+ } else {
+ return 1;
+ }
+ summ = rd + x;
+ reps = diff/summ;
+ if (reps < 8*DBL_EPSILON) {
+ *d = rd;
+ return 1;
+ }
+ }
+ }
+ return 0;
+}
+
+
+SWIGINTERN int
+SWIG_AsVal_unsigned_SS_long (PyObject *obj, unsigned long *val)
+{
+ if (PyInt_Check(obj)) {
+ long v = PyInt_AsLong(obj);
+ if (v >= 0) {
+ if (val) *val = v;
+ return SWIG_OK;
+ } else {
+ return SWIG_OverflowError;
+ }
+ } else if (PyLong_Check(obj)) {
+ unsigned long v = PyLong_AsUnsignedLong(obj);
+ if (!PyErr_Occurred()) {
+ if (val) *val = v;
+ return SWIG_OK;
+ } else {
+ PyErr_Clear();
+ }
+ }
+#ifdef SWIG_PYTHON_CAST_MODE
+ {
+ int dispatch = 0;
+ unsigned long v = PyLong_AsUnsignedLong(obj);
+ if (!PyErr_Occurred()) {
+ if (val) *val = v;
+ return SWIG_AddCast(SWIG_OK);
+ } else {
+ PyErr_Clear();
+ }
+ if (!dispatch) {
+ double d;
+ int res = SWIG_AddCast(SWIG_AsVal_double (obj,&d));
+ if (SWIG_IsOK(res) && SWIG_CanCastAsInteger(&d, 0, ULONG_MAX)) {
+ if (val) *val = (unsigned long)(d);
+ return res;
+ }
+ }
+ }
+#endif
+ return SWIG_TypeError;
+}
+
+
+SWIGINTERN int
+SWIG_AsVal_unsigned_SS_int (PyObject * obj, unsigned int *val)
+{
+ unsigned long v;
+ int res = SWIG_AsVal_unsigned_SS_long (obj, &v);
+ if (SWIG_IsOK(res)) {
+ if ((v > UINT_MAX)) {
+ return SWIG_OverflowError;
+ } else {
+ if (val) *val = (unsigned int)(v);
+ }
+ }
+ return res;
+}
+
+
+SWIGINTERN int
+SWIG_AsVal_long (PyObject *obj, long* val)
+{
+ if (PyInt_Check(obj)) {
+ if (val) *val = PyInt_AsLong(obj);
+ return SWIG_OK;
+ } else if (PyLong_Check(obj)) {
+ long v = PyLong_AsLong(obj);
+ if (!PyErr_Occurred()) {
+ if (val) *val = v;
+ return SWIG_OK;
+ } else {
+ PyErr_Clear();
+ }
+ }
+#ifdef SWIG_PYTHON_CAST_MODE
+ {
+ int dispatch = 0;
+ long v = PyInt_AsLong(obj);
+ if (!PyErr_Occurred()) {
+ if (val) *val = v;
+ return SWIG_AddCast(SWIG_OK);
+ } else {
+ PyErr_Clear();
+ }
+ if (!dispatch) {
+ double d;
+ int res = SWIG_AddCast(SWIG_AsVal_double (obj,&d));
+ if (SWIG_IsOK(res) && SWIG_CanCastAsInteger(&d, LONG_MIN, LONG_MAX)) {
+ if (val) *val = (long)(d);
+ return res;
+ }
+ }
+ }
+#endif
+ return SWIG_TypeError;
+}
+
+
+SWIGINTERN int
+SWIG_AsVal_int (PyObject * obj, int *val)
+{
+ long v;
+ int res = SWIG_AsVal_long (obj, &v);
+ if (SWIG_IsOK(res)) {
+ if ((v < INT_MIN || v > INT_MAX)) {
+ return SWIG_OverflowError;
+ } else {
+ if (val) *val = (int)(v);
+ }
+ }
+ return res;
+}
+
+
+SWIGINTERNINLINE PyObject*
+SWIG_From_unsigned_SS_long (unsigned long value)
+{
+ return (value > LONG_MAX) ?
+ PyLong_FromUnsignedLong(value) : PyInt_FromLong((long)(value));
+}
+
+
+SWIGINTERNINLINE PyObject *
+SWIG_From_unsigned_SS_int (unsigned int value)
+{
+ return SWIG_From_unsigned_SS_long (value);
+}
+
+
+SWIGINTERNINLINE PyObject *
+SWIG_FromCharPtrAndSize(const char* carray, size_t size)
+{
+ if (carray) {
+ if (size > INT_MAX) {
+ swig_type_info* pchar_descriptor = SWIG_pchar_descriptor();
+ return pchar_descriptor ?
+ SWIG_NewPointerObj((char *)(carray), pchar_descriptor, 0) : SWIG_Py_Void();
+ } else {
+ return PyString_FromStringAndSize(carray, (int)(size));
+ }
+ } else {
+ return SWIG_Py_Void();
+ }
+}
+
+
+SWIGINTERNINLINE PyObject *
+SWIG_FromCharPtr(const char *cptr)
+{
+ return SWIG_FromCharPtrAndSize(cptr, (cptr ? strlen(cptr) : 0));
+}
+
+
+SWIGINTERN int
+SWIG_AsVal_unsigned_SS_short (PyObject * obj, unsigned short *val)
+{
+ unsigned long v;
+ int res = SWIG_AsVal_unsigned_SS_long (obj, &v);
+ if (SWIG_IsOK(res)) {
+ if ((v > USHRT_MAX)) {
+ return SWIG_OverflowError;
+ } else {
+ if (val) *val = (unsigned short)(v);
+ }
+ }
+ return res;
+}
+
+
+SWIGINTERNINLINE int
+SWIG_AsVal_size_t (PyObject * obj, size_t *val)
+{
+ unsigned long v;
+ int res = SWIG_AsVal_unsigned_SS_long (obj, val ? &v : 0);
+ if (SWIG_IsOK(res) && val) *val = (size_t)(v);
+ return res;
+}
+
+
+SWIGINTERNINLINE PyObject *
+SWIG_From_unsigned_SS_short (unsigned short value)
+{
+ return SWIG_From_unsigned_SS_long (value);
+}
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+SWIGINTERN PyObject *_wrap_is_selinux_enabled(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ int result;
+
+ if (!PyArg_ParseTuple(args,(char *)":is_selinux_enabled")) SWIG_fail;
+ result = (int)is_selinux_enabled();
+ resultobj = SWIG_From_int((int)(result));
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_is_selinux_mls_enabled(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ int result;
+
+ if (!PyArg_ParseTuple(args,(char *)":is_selinux_mls_enabled")) SWIG_fail;
+ result = (int)is_selinux_mls_enabled();
+ resultobj = SWIG_From_int((int)(result));
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_getcon(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ security_context_t *arg1 = (security_context_t *) 0 ;
+ int result;
+ security_context_t temp1 = 0 ;
+
+ arg1 = &temp1;
+ if (!PyArg_ParseTuple(args,(char *)":getcon")) SWIG_fail;
+ result = (int)getcon(arg1);
+ resultobj = SWIG_From_int((int)(result));
+ if (*arg1) {
+ resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_FromCharPtr(*arg1));
+ freecon(*arg1);
+ }
+ else {
+ Py_INCREF(Py_None);
+ resultobj = SWIG_Python_AppendOutput(resultobj, Py_None);
+ }
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_getcon_raw(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ security_context_t *arg1 = (security_context_t *) 0 ;
+ int result;
+ security_context_t temp1 = 0 ;
+
+ arg1 = &temp1;
+ if (!PyArg_ParseTuple(args,(char *)":getcon_raw")) SWIG_fail;
+ result = (int)getcon_raw(arg1);
+ resultobj = SWIG_From_int((int)(result));
+ if (*arg1) {
+ resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_FromCharPtr(*arg1));
+ freecon(*arg1);
+ }
+ else {
+ Py_INCREF(Py_None);
+ resultobj = SWIG_Python_AppendOutput(resultobj, Py_None);
+ }
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_setcon(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ security_context_t arg1 = (security_context_t) 0 ;
+ int result;
+ int res1 ;
+ char *buf1 = 0 ;
+ int alloc1 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"O:setcon",&obj0)) SWIG_fail;
+ res1 = SWIG_AsCharPtrAndSize(obj0, &buf1, NULL, &alloc1);
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "setcon" "', argument " "1"" of type '" "security_context_t""'");
+ }
+ arg1 = (security_context_t)(buf1);
+ result = (int)setcon(arg1);
+ resultobj = SWIG_From_int((int)(result));
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return resultobj;
+fail:
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_setcon_raw(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ security_context_t arg1 = (security_context_t) 0 ;
+ int result;
+ int res1 ;
+ char *buf1 = 0 ;
+ int alloc1 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"O:setcon_raw",&obj0)) SWIG_fail;
+ res1 = SWIG_AsCharPtrAndSize(obj0, &buf1, NULL, &alloc1);
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "setcon_raw" "', argument " "1"" of type '" "security_context_t""'");
+ }
+ arg1 = (security_context_t)(buf1);
+ result = (int)setcon_raw(arg1);
+ resultobj = SWIG_From_int((int)(result));
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return resultobj;
+fail:
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_getpidcon(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ pid_t arg1 ;
+ security_context_t *arg2 = (security_context_t *) 0 ;
+ int result;
+ unsigned int val1 ;
+ int ecode1 = 0 ;
+ security_context_t temp2 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ arg2 = &temp2;
+ if (!PyArg_ParseTuple(args,(char *)"O:getpidcon",&obj0)) SWIG_fail;
+ ecode1 = SWIG_AsVal_unsigned_SS_int(obj0, &val1);
+ if (!SWIG_IsOK(ecode1)) {
+ SWIG_exception_fail(SWIG_ArgError(ecode1), "in method '" "getpidcon" "', argument " "1"" of type '" "pid_t""'");
+ }
+ arg1 = (pid_t)(val1);
+ result = (int)getpidcon(arg1,arg2);
+ resultobj = SWIG_From_int((int)(result));
+ if (*arg2) {
+ resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_FromCharPtr(*arg2));
+ freecon(*arg2);
+ }
+ else {
+ Py_INCREF(Py_None);
+ resultobj = SWIG_Python_AppendOutput(resultobj, Py_None);
+ }
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_getpidcon_raw(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ pid_t arg1 ;
+ security_context_t *arg2 = (security_context_t *) 0 ;
+ int result;
+ unsigned int val1 ;
+ int ecode1 = 0 ;
+ security_context_t temp2 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ arg2 = &temp2;
+ if (!PyArg_ParseTuple(args,(char *)"O:getpidcon_raw",&obj0)) SWIG_fail;
+ ecode1 = SWIG_AsVal_unsigned_SS_int(obj0, &val1);
+ if (!SWIG_IsOK(ecode1)) {
+ SWIG_exception_fail(SWIG_ArgError(ecode1), "in method '" "getpidcon_raw" "', argument " "1"" of type '" "pid_t""'");
+ }
+ arg1 = (pid_t)(val1);
+ result = (int)getpidcon_raw(arg1,arg2);
+ resultobj = SWIG_From_int((int)(result));
+ if (*arg2) {
+ resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_FromCharPtr(*arg2));
+ freecon(*arg2);
+ }
+ else {
+ Py_INCREF(Py_None);
+ resultobj = SWIG_Python_AppendOutput(resultobj, Py_None);
+ }
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_getprevcon(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ security_context_t *arg1 = (security_context_t *) 0 ;
+ int result;
+ security_context_t temp1 = 0 ;
+
+ arg1 = &temp1;
+ if (!PyArg_ParseTuple(args,(char *)":getprevcon")) SWIG_fail;
+ result = (int)getprevcon(arg1);
+ resultobj = SWIG_From_int((int)(result));
+ if (*arg1) {
+ resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_FromCharPtr(*arg1));
+ freecon(*arg1);
+ }
+ else {
+ Py_INCREF(Py_None);
+ resultobj = SWIG_Python_AppendOutput(resultobj, Py_None);
+ }
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_getprevcon_raw(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ security_context_t *arg1 = (security_context_t *) 0 ;
+ int result;
+ security_context_t temp1 = 0 ;
+
+ arg1 = &temp1;
+ if (!PyArg_ParseTuple(args,(char *)":getprevcon_raw")) SWIG_fail;
+ result = (int)getprevcon_raw(arg1);
+ resultobj = SWIG_From_int((int)(result));
+ if (*arg1) {
+ resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_FromCharPtr(*arg1));
+ freecon(*arg1);
+ }
+ else {
+ Py_INCREF(Py_None);
+ resultobj = SWIG_Python_AppendOutput(resultobj, Py_None);
+ }
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_getexeccon(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ security_context_t *arg1 = (security_context_t *) 0 ;
+ int result;
+ security_context_t temp1 = 0 ;
+
+ arg1 = &temp1;
+ if (!PyArg_ParseTuple(args,(char *)":getexeccon")) SWIG_fail;
+ result = (int)getexeccon(arg1);
+ resultobj = SWIG_From_int((int)(result));
+ if (*arg1) {
+ resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_FromCharPtr(*arg1));
+ freecon(*arg1);
+ }
+ else {
+ Py_INCREF(Py_None);
+ resultobj = SWIG_Python_AppendOutput(resultobj, Py_None);
+ }
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_getexeccon_raw(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ security_context_t *arg1 = (security_context_t *) 0 ;
+ int result;
+ security_context_t temp1 = 0 ;
+
+ arg1 = &temp1;
+ if (!PyArg_ParseTuple(args,(char *)":getexeccon_raw")) SWIG_fail;
+ result = (int)getexeccon_raw(arg1);
+ resultobj = SWIG_From_int((int)(result));
+ if (*arg1) {
+ resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_FromCharPtr(*arg1));
+ freecon(*arg1);
+ }
+ else {
+ Py_INCREF(Py_None);
+ resultobj = SWIG_Python_AppendOutput(resultobj, Py_None);
+ }
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_setexeccon(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ security_context_t arg1 = (security_context_t) 0 ;
+ int result;
+ int res1 ;
+ char *buf1 = 0 ;
+ int alloc1 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"O:setexeccon",&obj0)) SWIG_fail;
+ res1 = SWIG_AsCharPtrAndSize(obj0, &buf1, NULL, &alloc1);
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "setexeccon" "', argument " "1"" of type '" "security_context_t""'");
+ }
+ arg1 = (security_context_t)(buf1);
+ result = (int)setexeccon(arg1);
+ resultobj = SWIG_From_int((int)(result));
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return resultobj;
+fail:
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_setexeccon_raw(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ security_context_t arg1 = (security_context_t) 0 ;
+ int result;
+ int res1 ;
+ char *buf1 = 0 ;
+ int alloc1 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"O:setexeccon_raw",&obj0)) SWIG_fail;
+ res1 = SWIG_AsCharPtrAndSize(obj0, &buf1, NULL, &alloc1);
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "setexeccon_raw" "', argument " "1"" of type '" "security_context_t""'");
+ }
+ arg1 = (security_context_t)(buf1);
+ result = (int)setexeccon_raw(arg1);
+ resultobj = SWIG_From_int((int)(result));
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return resultobj;
+fail:
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_getfscreatecon(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ security_context_t *arg1 = (security_context_t *) 0 ;
+ int result;
+ security_context_t temp1 = 0 ;
+
+ arg1 = &temp1;
+ if (!PyArg_ParseTuple(args,(char *)":getfscreatecon")) SWIG_fail;
+ result = (int)getfscreatecon(arg1);
+ resultobj = SWIG_From_int((int)(result));
+ if (*arg1) {
+ resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_FromCharPtr(*arg1));
+ freecon(*arg1);
+ }
+ else {
+ Py_INCREF(Py_None);
+ resultobj = SWIG_Python_AppendOutput(resultobj, Py_None);
+ }
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_getfscreatecon_raw(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ security_context_t *arg1 = (security_context_t *) 0 ;
+ int result;
+ security_context_t temp1 = 0 ;
+
+ arg1 = &temp1;
+ if (!PyArg_ParseTuple(args,(char *)":getfscreatecon_raw")) SWIG_fail;
+ result = (int)getfscreatecon_raw(arg1);
+ resultobj = SWIG_From_int((int)(result));
+ if (*arg1) {
+ resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_FromCharPtr(*arg1));
+ freecon(*arg1);
+ }
+ else {
+ Py_INCREF(Py_None);
+ resultobj = SWIG_Python_AppendOutput(resultobj, Py_None);
+ }
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_setfscreatecon(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ security_context_t arg1 = (security_context_t) 0 ;
+ int result;
+ int res1 ;
+ char *buf1 = 0 ;
+ int alloc1 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"O:setfscreatecon",&obj0)) SWIG_fail;
+ res1 = SWIG_AsCharPtrAndSize(obj0, &buf1, NULL, &alloc1);
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "setfscreatecon" "', argument " "1"" of type '" "security_context_t""'");
+ }
+ arg1 = (security_context_t)(buf1);
+ result = (int)setfscreatecon(arg1);
+ resultobj = SWIG_From_int((int)(result));
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return resultobj;
+fail:
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_setfscreatecon_raw(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ security_context_t arg1 = (security_context_t) 0 ;
+ int result;
+ int res1 ;
+ char *buf1 = 0 ;
+ int alloc1 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"O:setfscreatecon_raw",&obj0)) SWIG_fail;
+ res1 = SWIG_AsCharPtrAndSize(obj0, &buf1, NULL, &alloc1);
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "setfscreatecon_raw" "', argument " "1"" of type '" "security_context_t""'");
+ }
+ arg1 = (security_context_t)(buf1);
+ result = (int)setfscreatecon_raw(arg1);
+ resultobj = SWIG_From_int((int)(result));
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return resultobj;
+fail:
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_getkeycreatecon(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ security_context_t *arg1 = (security_context_t *) 0 ;
+ int result;
+ security_context_t temp1 = 0 ;
+
+ arg1 = &temp1;
+ if (!PyArg_ParseTuple(args,(char *)":getkeycreatecon")) SWIG_fail;
+ result = (int)getkeycreatecon(arg1);
+ resultobj = SWIG_From_int((int)(result));
+ if (*arg1) {
+ resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_FromCharPtr(*arg1));
+ freecon(*arg1);
+ }
+ else {
+ Py_INCREF(Py_None);
+ resultobj = SWIG_Python_AppendOutput(resultobj, Py_None);
+ }
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_getkeycreatecon_raw(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ security_context_t *arg1 = (security_context_t *) 0 ;
+ int result;
+ security_context_t temp1 = 0 ;
+
+ arg1 = &temp1;
+ if (!PyArg_ParseTuple(args,(char *)":getkeycreatecon_raw")) SWIG_fail;
+ result = (int)getkeycreatecon_raw(arg1);
+ resultobj = SWIG_From_int((int)(result));
+ if (*arg1) {
+ resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_FromCharPtr(*arg1));
+ freecon(*arg1);
+ }
+ else {
+ Py_INCREF(Py_None);
+ resultobj = SWIG_Python_AppendOutput(resultobj, Py_None);
+ }
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_setkeycreatecon(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ security_context_t arg1 = (security_context_t) 0 ;
+ int result;
+ int res1 ;
+ char *buf1 = 0 ;
+ int alloc1 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"O:setkeycreatecon",&obj0)) SWIG_fail;
+ res1 = SWIG_AsCharPtrAndSize(obj0, &buf1, NULL, &alloc1);
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "setkeycreatecon" "', argument " "1"" of type '" "security_context_t""'");
+ }
+ arg1 = (security_context_t)(buf1);
+ result = (int)setkeycreatecon(arg1);
+ resultobj = SWIG_From_int((int)(result));
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return resultobj;
+fail:
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_setkeycreatecon_raw(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ security_context_t arg1 = (security_context_t) 0 ;
+ int result;
+ int res1 ;
+ char *buf1 = 0 ;
+ int alloc1 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"O:setkeycreatecon_raw",&obj0)) SWIG_fail;
+ res1 = SWIG_AsCharPtrAndSize(obj0, &buf1, NULL, &alloc1);
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "setkeycreatecon_raw" "', argument " "1"" of type '" "security_context_t""'");
+ }
+ arg1 = (security_context_t)(buf1);
+ result = (int)setkeycreatecon_raw(arg1);
+ resultobj = SWIG_From_int((int)(result));
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return resultobj;
+fail:
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_getsockcreatecon(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ security_context_t *arg1 = (security_context_t *) 0 ;
+ int result;
+ security_context_t temp1 = 0 ;
+
+ arg1 = &temp1;
+ if (!PyArg_ParseTuple(args,(char *)":getsockcreatecon")) SWIG_fail;
+ result = (int)getsockcreatecon(arg1);
+ resultobj = SWIG_From_int((int)(result));
+ if (*arg1) {
+ resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_FromCharPtr(*arg1));
+ freecon(*arg1);
+ }
+ else {
+ Py_INCREF(Py_None);
+ resultobj = SWIG_Python_AppendOutput(resultobj, Py_None);
+ }
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_getsockcreatecon_raw(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ security_context_t *arg1 = (security_context_t *) 0 ;
+ int result;
+ security_context_t temp1 = 0 ;
+
+ arg1 = &temp1;
+ if (!PyArg_ParseTuple(args,(char *)":getsockcreatecon_raw")) SWIG_fail;
+ result = (int)getsockcreatecon_raw(arg1);
+ resultobj = SWIG_From_int((int)(result));
+ if (*arg1) {
+ resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_FromCharPtr(*arg1));
+ freecon(*arg1);
+ }
+ else {
+ Py_INCREF(Py_None);
+ resultobj = SWIG_Python_AppendOutput(resultobj, Py_None);
+ }
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_setsockcreatecon(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ security_context_t arg1 = (security_context_t) 0 ;
+ int result;
+ int res1 ;
+ char *buf1 = 0 ;
+ int alloc1 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"O:setsockcreatecon",&obj0)) SWIG_fail;
+ res1 = SWIG_AsCharPtrAndSize(obj0, &buf1, NULL, &alloc1);
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "setsockcreatecon" "', argument " "1"" of type '" "security_context_t""'");
+ }
+ arg1 = (security_context_t)(buf1);
+ result = (int)setsockcreatecon(arg1);
+ resultobj = SWIG_From_int((int)(result));
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return resultobj;
+fail:
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_setsockcreatecon_raw(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ security_context_t arg1 = (security_context_t) 0 ;
+ int result;
+ int res1 ;
+ char *buf1 = 0 ;
+ int alloc1 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"O:setsockcreatecon_raw",&obj0)) SWIG_fail;
+ res1 = SWIG_AsCharPtrAndSize(obj0, &buf1, NULL, &alloc1);
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "setsockcreatecon_raw" "', argument " "1"" of type '" "security_context_t""'");
+ }
+ arg1 = (security_context_t)(buf1);
+ result = (int)setsockcreatecon_raw(arg1);
+ resultobj = SWIG_From_int((int)(result));
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return resultobj;
+fail:
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_getfilecon(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ char *arg1 = (char *) 0 ;
+ security_context_t *arg2 = (security_context_t *) 0 ;
+ int result;
+ int res1 ;
+ char *buf1 = 0 ;
+ int alloc1 = 0 ;
+ security_context_t temp2 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ arg2 = &temp2;
+ if (!PyArg_ParseTuple(args,(char *)"O:getfilecon",&obj0)) SWIG_fail;
+ res1 = SWIG_AsCharPtrAndSize(obj0, &buf1, NULL, &alloc1);
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "getfilecon" "', argument " "1"" of type '" "char const *""'");
+ }
+ arg1 = (char *)(buf1);
+ result = (int)getfilecon((char const *)arg1,arg2);
+ resultobj = SWIG_From_int((int)(result));
+ if (*arg2) {
+ resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_FromCharPtr(*arg2));
+ freecon(*arg2);
+ }
+ else {
+ Py_INCREF(Py_None);
+ resultobj = SWIG_Python_AppendOutput(resultobj, Py_None);
+ }
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return resultobj;
+fail:
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_getfilecon_raw(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ char *arg1 = (char *) 0 ;
+ security_context_t *arg2 = (security_context_t *) 0 ;
+ int result;
+ int res1 ;
+ char *buf1 = 0 ;
+ int alloc1 = 0 ;
+ security_context_t temp2 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ arg2 = &temp2;
+ if (!PyArg_ParseTuple(args,(char *)"O:getfilecon_raw",&obj0)) SWIG_fail;
+ res1 = SWIG_AsCharPtrAndSize(obj0, &buf1, NULL, &alloc1);
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "getfilecon_raw" "', argument " "1"" of type '" "char const *""'");
+ }
+ arg1 = (char *)(buf1);
+ result = (int)getfilecon_raw((char const *)arg1,arg2);
+ resultobj = SWIG_From_int((int)(result));
+ if (*arg2) {
+ resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_FromCharPtr(*arg2));
+ freecon(*arg2);
+ }
+ else {
+ Py_INCREF(Py_None);
+ resultobj = SWIG_Python_AppendOutput(resultobj, Py_None);
+ }
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return resultobj;
+fail:
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_lgetfilecon(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ char *arg1 = (char *) 0 ;
+ security_context_t *arg2 = (security_context_t *) 0 ;
+ int result;
+ int res1 ;
+ char *buf1 = 0 ;
+ int alloc1 = 0 ;
+ security_context_t temp2 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ arg2 = &temp2;
+ if (!PyArg_ParseTuple(args,(char *)"O:lgetfilecon",&obj0)) SWIG_fail;
+ res1 = SWIG_AsCharPtrAndSize(obj0, &buf1, NULL, &alloc1);
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "lgetfilecon" "', argument " "1"" of type '" "char const *""'");
+ }
+ arg1 = (char *)(buf1);
+ result = (int)lgetfilecon((char const *)arg1,arg2);
+ resultobj = SWIG_From_int((int)(result));
+ if (*arg2) {
+ resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_FromCharPtr(*arg2));
+ freecon(*arg2);
+ }
+ else {
+ Py_INCREF(Py_None);
+ resultobj = SWIG_Python_AppendOutput(resultobj, Py_None);
+ }
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return resultobj;
+fail:
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_lgetfilecon_raw(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ char *arg1 = (char *) 0 ;
+ security_context_t *arg2 = (security_context_t *) 0 ;
+ int result;
+ int res1 ;
+ char *buf1 = 0 ;
+ int alloc1 = 0 ;
+ security_context_t temp2 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ arg2 = &temp2;
+ if (!PyArg_ParseTuple(args,(char *)"O:lgetfilecon_raw",&obj0)) SWIG_fail;
+ res1 = SWIG_AsCharPtrAndSize(obj0, &buf1, NULL, &alloc1);
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "lgetfilecon_raw" "', argument " "1"" of type '" "char const *""'");
+ }
+ arg1 = (char *)(buf1);
+ result = (int)lgetfilecon_raw((char const *)arg1,arg2);
+ resultobj = SWIG_From_int((int)(result));
+ if (*arg2) {
+ resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_FromCharPtr(*arg2));
+ freecon(*arg2);
+ }
+ else {
+ Py_INCREF(Py_None);
+ resultobj = SWIG_Python_AppendOutput(resultobj, Py_None);
+ }
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return resultobj;
+fail:
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_fgetfilecon(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ int arg1 ;
+ security_context_t *arg2 = (security_context_t *) 0 ;
+ int result;
+ int val1 ;
+ int ecode1 = 0 ;
+ security_context_t temp2 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ arg2 = &temp2;
+ if (!PyArg_ParseTuple(args,(char *)"O:fgetfilecon",&obj0)) SWIG_fail;
+ ecode1 = SWIG_AsVal_int(obj0, &val1);
+ if (!SWIG_IsOK(ecode1)) {
+ SWIG_exception_fail(SWIG_ArgError(ecode1), "in method '" "fgetfilecon" "', argument " "1"" of type '" "int""'");
+ }
+ arg1 = (int)(val1);
+ result = (int)fgetfilecon(arg1,arg2);
+ resultobj = SWIG_From_int((int)(result));
+ if (*arg2) {
+ resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_FromCharPtr(*arg2));
+ freecon(*arg2);
+ }
+ else {
+ Py_INCREF(Py_None);
+ resultobj = SWIG_Python_AppendOutput(resultobj, Py_None);
+ }
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_fgetfilecon_raw(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ int arg1 ;
+ security_context_t *arg2 = (security_context_t *) 0 ;
+ int result;
+ int val1 ;
+ int ecode1 = 0 ;
+ security_context_t temp2 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ arg2 = &temp2;
+ if (!PyArg_ParseTuple(args,(char *)"O:fgetfilecon_raw",&obj0)) SWIG_fail;
+ ecode1 = SWIG_AsVal_int(obj0, &val1);
+ if (!SWIG_IsOK(ecode1)) {
+ SWIG_exception_fail(SWIG_ArgError(ecode1), "in method '" "fgetfilecon_raw" "', argument " "1"" of type '" "int""'");
+ }
+ arg1 = (int)(val1);
+ result = (int)fgetfilecon_raw(arg1,arg2);
+ resultobj = SWIG_From_int((int)(result));
+ if (*arg2) {
+ resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_FromCharPtr(*arg2));
+ freecon(*arg2);
+ }
+ else {
+ Py_INCREF(Py_None);
+ resultobj = SWIG_Python_AppendOutput(resultobj, Py_None);
+ }
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_setfilecon(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ char *arg1 = (char *) 0 ;
+ security_context_t arg2 = (security_context_t) 0 ;
+ int result;
+ int res1 ;
+ char *buf1 = 0 ;
+ int alloc1 = 0 ;
+ int res2 ;
+ char *buf2 = 0 ;
+ int alloc2 = 0 ;
+ PyObject * obj0 = 0 ;
+ PyObject * obj1 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"OO:setfilecon",&obj0,&obj1)) SWIG_fail;
+ res1 = SWIG_AsCharPtrAndSize(obj0, &buf1, NULL, &alloc1);
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "setfilecon" "', argument " "1"" of type '" "char const *""'");
+ }
+ arg1 = (char *)(buf1);
+ res2 = SWIG_AsCharPtrAndSize(obj1, &buf2, NULL, &alloc2);
+ if (!SWIG_IsOK(res2)) {
+ SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "setfilecon" "', argument " "2"" of type '" "security_context_t""'");
+ }
+ arg2 = (security_context_t)(buf2);
+ result = (int)setfilecon((char const *)arg1,arg2);
+ resultobj = SWIG_From_int((int)(result));
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ if (alloc2 == SWIG_NEWOBJ) free((char*)buf2);
+ return resultobj;
+fail:
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ if (alloc2 == SWIG_NEWOBJ) free((char*)buf2);
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_setfilecon_raw(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ char *arg1 = (char *) 0 ;
+ security_context_t arg2 = (security_context_t) 0 ;
+ int result;
+ int res1 ;
+ char *buf1 = 0 ;
+ int alloc1 = 0 ;
+ int res2 ;
+ char *buf2 = 0 ;
+ int alloc2 = 0 ;
+ PyObject * obj0 = 0 ;
+ PyObject * obj1 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"OO:setfilecon_raw",&obj0,&obj1)) SWIG_fail;
+ res1 = SWIG_AsCharPtrAndSize(obj0, &buf1, NULL, &alloc1);
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "setfilecon_raw" "', argument " "1"" of type '" "char const *""'");
+ }
+ arg1 = (char *)(buf1);
+ res2 = SWIG_AsCharPtrAndSize(obj1, &buf2, NULL, &alloc2);
+ if (!SWIG_IsOK(res2)) {
+ SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "setfilecon_raw" "', argument " "2"" of type '" "security_context_t""'");
+ }
+ arg2 = (security_context_t)(buf2);
+ result = (int)setfilecon_raw((char const *)arg1,arg2);
+ resultobj = SWIG_From_int((int)(result));
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ if (alloc2 == SWIG_NEWOBJ) free((char*)buf2);
+ return resultobj;
+fail:
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ if (alloc2 == SWIG_NEWOBJ) free((char*)buf2);
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_lsetfilecon(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ char *arg1 = (char *) 0 ;
+ security_context_t arg2 = (security_context_t) 0 ;
+ int result;
+ int res1 ;
+ char *buf1 = 0 ;
+ int alloc1 = 0 ;
+ int res2 ;
+ char *buf2 = 0 ;
+ int alloc2 = 0 ;
+ PyObject * obj0 = 0 ;
+ PyObject * obj1 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"OO:lsetfilecon",&obj0,&obj1)) SWIG_fail;
+ res1 = SWIG_AsCharPtrAndSize(obj0, &buf1, NULL, &alloc1);
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "lsetfilecon" "', argument " "1"" of type '" "char const *""'");
+ }
+ arg1 = (char *)(buf1);
+ res2 = SWIG_AsCharPtrAndSize(obj1, &buf2, NULL, &alloc2);
+ if (!SWIG_IsOK(res2)) {
+ SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "lsetfilecon" "', argument " "2"" of type '" "security_context_t""'");
+ }
+ arg2 = (security_context_t)(buf2);
+ result = (int)lsetfilecon((char const *)arg1,arg2);
+ resultobj = SWIG_From_int((int)(result));
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ if (alloc2 == SWIG_NEWOBJ) free((char*)buf2);
+ return resultobj;
+fail:
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ if (alloc2 == SWIG_NEWOBJ) free((char*)buf2);
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_lsetfilecon_raw(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ char *arg1 = (char *) 0 ;
+ security_context_t arg2 = (security_context_t) 0 ;
+ int result;
+ int res1 ;
+ char *buf1 = 0 ;
+ int alloc1 = 0 ;
+ int res2 ;
+ char *buf2 = 0 ;
+ int alloc2 = 0 ;
+ PyObject * obj0 = 0 ;
+ PyObject * obj1 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"OO:lsetfilecon_raw",&obj0,&obj1)) SWIG_fail;
+ res1 = SWIG_AsCharPtrAndSize(obj0, &buf1, NULL, &alloc1);
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "lsetfilecon_raw" "', argument " "1"" of type '" "char const *""'");
+ }
+ arg1 = (char *)(buf1);
+ res2 = SWIG_AsCharPtrAndSize(obj1, &buf2, NULL, &alloc2);
+ if (!SWIG_IsOK(res2)) {
+ SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "lsetfilecon_raw" "', argument " "2"" of type '" "security_context_t""'");
+ }
+ arg2 = (security_context_t)(buf2);
+ result = (int)lsetfilecon_raw((char const *)arg1,arg2);
+ resultobj = SWIG_From_int((int)(result));
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ if (alloc2 == SWIG_NEWOBJ) free((char*)buf2);
+ return resultobj;
+fail:
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ if (alloc2 == SWIG_NEWOBJ) free((char*)buf2);
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_fsetfilecon(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ int arg1 ;
+ security_context_t arg2 = (security_context_t) 0 ;
+ int result;
+ int val1 ;
+ int ecode1 = 0 ;
+ int res2 ;
+ char *buf2 = 0 ;
+ int alloc2 = 0 ;
+ PyObject * obj0 = 0 ;
+ PyObject * obj1 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"OO:fsetfilecon",&obj0,&obj1)) SWIG_fail;
+ ecode1 = SWIG_AsVal_int(obj0, &val1);
+ if (!SWIG_IsOK(ecode1)) {
+ SWIG_exception_fail(SWIG_ArgError(ecode1), "in method '" "fsetfilecon" "', argument " "1"" of type '" "int""'");
+ }
+ arg1 = (int)(val1);
+ res2 = SWIG_AsCharPtrAndSize(obj1, &buf2, NULL, &alloc2);
+ if (!SWIG_IsOK(res2)) {
+ SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "fsetfilecon" "', argument " "2"" of type '" "security_context_t""'");
+ }
+ arg2 = (security_context_t)(buf2);
+ result = (int)fsetfilecon(arg1,arg2);
+ resultobj = SWIG_From_int((int)(result));
+ if (alloc2 == SWIG_NEWOBJ) free((char*)buf2);
+ return resultobj;
+fail:
+ if (alloc2 == SWIG_NEWOBJ) free((char*)buf2);
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_fsetfilecon_raw(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ int arg1 ;
+ security_context_t arg2 = (security_context_t) 0 ;
+ int result;
+ int val1 ;
+ int ecode1 = 0 ;
+ int res2 ;
+ char *buf2 = 0 ;
+ int alloc2 = 0 ;
+ PyObject * obj0 = 0 ;
+ PyObject * obj1 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"OO:fsetfilecon_raw",&obj0,&obj1)) SWIG_fail;
+ ecode1 = SWIG_AsVal_int(obj0, &val1);
+ if (!SWIG_IsOK(ecode1)) {
+ SWIG_exception_fail(SWIG_ArgError(ecode1), "in method '" "fsetfilecon_raw" "', argument " "1"" of type '" "int""'");
+ }
+ arg1 = (int)(val1);
+ res2 = SWIG_AsCharPtrAndSize(obj1, &buf2, NULL, &alloc2);
+ if (!SWIG_IsOK(res2)) {
+ SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "fsetfilecon_raw" "', argument " "2"" of type '" "security_context_t""'");
+ }
+ arg2 = (security_context_t)(buf2);
+ result = (int)fsetfilecon_raw(arg1,arg2);
+ resultobj = SWIG_From_int((int)(result));
+ if (alloc2 == SWIG_NEWOBJ) free((char*)buf2);
+ return resultobj;
+fail:
+ if (alloc2 == SWIG_NEWOBJ) free((char*)buf2);
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_getpeercon(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ int arg1 ;
+ security_context_t *arg2 = (security_context_t *) 0 ;
+ int result;
+ int val1 ;
+ int ecode1 = 0 ;
+ security_context_t temp2 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ arg2 = &temp2;
+ if (!PyArg_ParseTuple(args,(char *)"O:getpeercon",&obj0)) SWIG_fail;
+ ecode1 = SWIG_AsVal_int(obj0, &val1);
+ if (!SWIG_IsOK(ecode1)) {
+ SWIG_exception_fail(SWIG_ArgError(ecode1), "in method '" "getpeercon" "', argument " "1"" of type '" "int""'");
+ }
+ arg1 = (int)(val1);
+ result = (int)getpeercon(arg1,arg2);
+ resultobj = SWIG_From_int((int)(result));
+ if (*arg2) {
+ resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_FromCharPtr(*arg2));
+ freecon(*arg2);
+ }
+ else {
+ Py_INCREF(Py_None);
+ resultobj = SWIG_Python_AppendOutput(resultobj, Py_None);
+ }
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_getpeercon_raw(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ int arg1 ;
+ security_context_t *arg2 = (security_context_t *) 0 ;
+ int result;
+ int val1 ;
+ int ecode1 = 0 ;
+ security_context_t temp2 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ arg2 = &temp2;
+ if (!PyArg_ParseTuple(args,(char *)"O:getpeercon_raw",&obj0)) SWIG_fail;
+ ecode1 = SWIG_AsVal_int(obj0, &val1);
+ if (!SWIG_IsOK(ecode1)) {
+ SWIG_exception_fail(SWIG_ArgError(ecode1), "in method '" "getpeercon_raw" "', argument " "1"" of type '" "int""'");
+ }
+ arg1 = (int)(val1);
+ result = (int)getpeercon_raw(arg1,arg2);
+ resultobj = SWIG_From_int((int)(result));
+ if (*arg2) {
+ resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_FromCharPtr(*arg2));
+ freecon(*arg2);
+ }
+ else {
+ Py_INCREF(Py_None);
+ resultobj = SWIG_Python_AppendOutput(resultobj, Py_None);
+ }
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_av_decision_allowed_set(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ struct av_decision *arg1 = (struct av_decision *) 0 ;
+ access_vector_t arg2 ;
+ void *argp1 = 0 ;
+ int res1 = 0 ;
+ unsigned int val2 ;
+ int ecode2 = 0 ;
+ PyObject * obj0 = 0 ;
+ PyObject * obj1 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"OO:av_decision_allowed_set",&obj0,&obj1)) SWIG_fail;
+ res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_av_decision, 0 | 0 );
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "av_decision_allowed_set" "', argument " "1"" of type '" "struct av_decision *""'");
+ }
+ arg1 = (struct av_decision *)(argp1);
+ ecode2 = SWIG_AsVal_unsigned_SS_int(obj1, &val2);
+ if (!SWIG_IsOK(ecode2)) {
+ SWIG_exception_fail(SWIG_ArgError(ecode2), "in method '" "av_decision_allowed_set" "', argument " "2"" of type '" "access_vector_t""'");
+ }
+ arg2 = (access_vector_t)(val2);
+ if (arg1) (arg1)->allowed = arg2;
+
+ resultobj = SWIG_Py_Void();
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_av_decision_allowed_get(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ struct av_decision *arg1 = (struct av_decision *) 0 ;
+ access_vector_t result;
+ void *argp1 = 0 ;
+ int res1 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"O:av_decision_allowed_get",&obj0)) SWIG_fail;
+ res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_av_decision, 0 | 0 );
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "av_decision_allowed_get" "', argument " "1"" of type '" "struct av_decision *""'");
+ }
+ arg1 = (struct av_decision *)(argp1);
+ result = (access_vector_t) ((arg1)->allowed);
+ resultobj = SWIG_From_unsigned_SS_int((unsigned int)(result));
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_av_decision_decided_set(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ struct av_decision *arg1 = (struct av_decision *) 0 ;
+ access_vector_t arg2 ;
+ void *argp1 = 0 ;
+ int res1 = 0 ;
+ unsigned int val2 ;
+ int ecode2 = 0 ;
+ PyObject * obj0 = 0 ;
+ PyObject * obj1 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"OO:av_decision_decided_set",&obj0,&obj1)) SWIG_fail;
+ res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_av_decision, 0 | 0 );
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "av_decision_decided_set" "', argument " "1"" of type '" "struct av_decision *""'");
+ }
+ arg1 = (struct av_decision *)(argp1);
+ ecode2 = SWIG_AsVal_unsigned_SS_int(obj1, &val2);
+ if (!SWIG_IsOK(ecode2)) {
+ SWIG_exception_fail(SWIG_ArgError(ecode2), "in method '" "av_decision_decided_set" "', argument " "2"" of type '" "access_vector_t""'");
+ }
+ arg2 = (access_vector_t)(val2);
+ if (arg1) (arg1)->decided = arg2;
+
+ resultobj = SWIG_Py_Void();
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_av_decision_decided_get(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ struct av_decision *arg1 = (struct av_decision *) 0 ;
+ access_vector_t result;
+ void *argp1 = 0 ;
+ int res1 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"O:av_decision_decided_get",&obj0)) SWIG_fail;
+ res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_av_decision, 0 | 0 );
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "av_decision_decided_get" "', argument " "1"" of type '" "struct av_decision *""'");
+ }
+ arg1 = (struct av_decision *)(argp1);
+ result = (access_vector_t) ((arg1)->decided);
+ resultobj = SWIG_From_unsigned_SS_int((unsigned int)(result));
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_av_decision_auditallow_set(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ struct av_decision *arg1 = (struct av_decision *) 0 ;
+ access_vector_t arg2 ;
+ void *argp1 = 0 ;
+ int res1 = 0 ;
+ unsigned int val2 ;
+ int ecode2 = 0 ;
+ PyObject * obj0 = 0 ;
+ PyObject * obj1 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"OO:av_decision_auditallow_set",&obj0,&obj1)) SWIG_fail;
+ res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_av_decision, 0 | 0 );
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "av_decision_auditallow_set" "', argument " "1"" of type '" "struct av_decision *""'");
+ }
+ arg1 = (struct av_decision *)(argp1);
+ ecode2 = SWIG_AsVal_unsigned_SS_int(obj1, &val2);
+ if (!SWIG_IsOK(ecode2)) {
+ SWIG_exception_fail(SWIG_ArgError(ecode2), "in method '" "av_decision_auditallow_set" "', argument " "2"" of type '" "access_vector_t""'");
+ }
+ arg2 = (access_vector_t)(val2);
+ if (arg1) (arg1)->auditallow = arg2;
+
+ resultobj = SWIG_Py_Void();
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_av_decision_auditallow_get(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ struct av_decision *arg1 = (struct av_decision *) 0 ;
+ access_vector_t result;
+ void *argp1 = 0 ;
+ int res1 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"O:av_decision_auditallow_get",&obj0)) SWIG_fail;
+ res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_av_decision, 0 | 0 );
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "av_decision_auditallow_get" "', argument " "1"" of type '" "struct av_decision *""'");
+ }
+ arg1 = (struct av_decision *)(argp1);
+ result = (access_vector_t) ((arg1)->auditallow);
+ resultobj = SWIG_From_unsigned_SS_int((unsigned int)(result));
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_av_decision_auditdeny_set(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ struct av_decision *arg1 = (struct av_decision *) 0 ;
+ access_vector_t arg2 ;
+ void *argp1 = 0 ;
+ int res1 = 0 ;
+ unsigned int val2 ;
+ int ecode2 = 0 ;
+ PyObject * obj0 = 0 ;
+ PyObject * obj1 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"OO:av_decision_auditdeny_set",&obj0,&obj1)) SWIG_fail;
+ res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_av_decision, 0 | 0 );
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "av_decision_auditdeny_set" "', argument " "1"" of type '" "struct av_decision *""'");
+ }
+ arg1 = (struct av_decision *)(argp1);
+ ecode2 = SWIG_AsVal_unsigned_SS_int(obj1, &val2);
+ if (!SWIG_IsOK(ecode2)) {
+ SWIG_exception_fail(SWIG_ArgError(ecode2), "in method '" "av_decision_auditdeny_set" "', argument " "2"" of type '" "access_vector_t""'");
+ }
+ arg2 = (access_vector_t)(val2);
+ if (arg1) (arg1)->auditdeny = arg2;
+
+ resultobj = SWIG_Py_Void();
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_av_decision_auditdeny_get(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ struct av_decision *arg1 = (struct av_decision *) 0 ;
+ access_vector_t result;
+ void *argp1 = 0 ;
+ int res1 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"O:av_decision_auditdeny_get",&obj0)) SWIG_fail;
+ res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_av_decision, 0 | 0 );
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "av_decision_auditdeny_get" "', argument " "1"" of type '" "struct av_decision *""'");
+ }
+ arg1 = (struct av_decision *)(argp1);
+ result = (access_vector_t) ((arg1)->auditdeny);
+ resultobj = SWIG_From_unsigned_SS_int((unsigned int)(result));
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_av_decision_seqno_set(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ struct av_decision *arg1 = (struct av_decision *) 0 ;
+ unsigned int arg2 ;
+ void *argp1 = 0 ;
+ int res1 = 0 ;
+ unsigned int val2 ;
+ int ecode2 = 0 ;
+ PyObject * obj0 = 0 ;
+ PyObject * obj1 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"OO:av_decision_seqno_set",&obj0,&obj1)) SWIG_fail;
+ res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_av_decision, 0 | 0 );
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "av_decision_seqno_set" "', argument " "1"" of type '" "struct av_decision *""'");
+ }
+ arg1 = (struct av_decision *)(argp1);
+ ecode2 = SWIG_AsVal_unsigned_SS_int(obj1, &val2);
+ if (!SWIG_IsOK(ecode2)) {
+ SWIG_exception_fail(SWIG_ArgError(ecode2), "in method '" "av_decision_seqno_set" "', argument " "2"" of type '" "unsigned int""'");
+ }
+ arg2 = (unsigned int)(val2);
+ if (arg1) (arg1)->seqno = arg2;
+
+ resultobj = SWIG_Py_Void();
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_av_decision_seqno_get(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ struct av_decision *arg1 = (struct av_decision *) 0 ;
+ unsigned int result;
+ void *argp1 = 0 ;
+ int res1 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"O:av_decision_seqno_get",&obj0)) SWIG_fail;
+ res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_av_decision, 0 | 0 );
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "av_decision_seqno_get" "', argument " "1"" of type '" "struct av_decision *""'");
+ }
+ arg1 = (struct av_decision *)(argp1);
+ result = (unsigned int) ((arg1)->seqno);
+ resultobj = SWIG_From_unsigned_SS_int((unsigned int)(result));
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_new_av_decision(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ struct av_decision *result = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)":new_av_decision")) SWIG_fail;
+ result = (struct av_decision *)(struct av_decision *) calloc(1, sizeof(struct av_decision));
+ resultobj = SWIG_NewPointerObj(SWIG_as_voidptr(result), SWIGTYPE_p_av_decision, SWIG_POINTER_NEW | 0 );
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_delete_av_decision(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ struct av_decision *arg1 = (struct av_decision *) 0 ;
+ void *argp1 = 0 ;
+ int res1 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"O:delete_av_decision",&obj0)) SWIG_fail;
+ res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_av_decision, SWIG_POINTER_DISOWN | 0 );
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "delete_av_decision" "', argument " "1"" of type '" "struct av_decision *""'");
+ }
+ arg1 = (struct av_decision *)(argp1);
+ free((char *) arg1);
+
+ resultobj = SWIG_Py_Void();
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *av_decision_swigregister(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *obj;
+ if (!PyArg_ParseTuple(args,(char*)"O|swigregister", &obj)) return NULL;
+ SWIG_TypeNewClientData(SWIGTYPE_p_av_decision, SWIG_NewClientData(obj));
+ return SWIG_Py_Void();
+}
+
+SWIGINTERN PyObject *_wrap_selinux_opt_type_set(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ struct selinux_opt *arg1 = (struct selinux_opt *) 0 ;
+ int arg2 ;
+ void *argp1 = 0 ;
+ int res1 = 0 ;
+ int val2 ;
+ int ecode2 = 0 ;
+ PyObject * obj0 = 0 ;
+ PyObject * obj1 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"OO:selinux_opt_type_set",&obj0,&obj1)) SWIG_fail;
+ res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_selinux_opt, 0 | 0 );
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "selinux_opt_type_set" "', argument " "1"" of type '" "struct selinux_opt *""'");
+ }
+ arg1 = (struct selinux_opt *)(argp1);
+ ecode2 = SWIG_AsVal_int(obj1, &val2);
+ if (!SWIG_IsOK(ecode2)) {
+ SWIG_exception_fail(SWIG_ArgError(ecode2), "in method '" "selinux_opt_type_set" "', argument " "2"" of type '" "int""'");
+ }
+ arg2 = (int)(val2);
+ if (arg1) (arg1)->type = arg2;
+
+ resultobj = SWIG_Py_Void();
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_selinux_opt_type_get(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ struct selinux_opt *arg1 = (struct selinux_opt *) 0 ;
+ int result;
+ void *argp1 = 0 ;
+ int res1 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"O:selinux_opt_type_get",&obj0)) SWIG_fail;
+ res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_selinux_opt, 0 | 0 );
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "selinux_opt_type_get" "', argument " "1"" of type '" "struct selinux_opt *""'");
+ }
+ arg1 = (struct selinux_opt *)(argp1);
+ result = (int) ((arg1)->type);
+ resultobj = SWIG_From_int((int)(result));
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_selinux_opt_value_set(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ struct selinux_opt *arg1 = (struct selinux_opt *) 0 ;
+ char *arg2 = (char *) 0 ;
+ void *argp1 = 0 ;
+ int res1 = 0 ;
+ int res2 ;
+ char *buf2 = 0 ;
+ int alloc2 = 0 ;
+ PyObject * obj0 = 0 ;
+ PyObject * obj1 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"OO:selinux_opt_value_set",&obj0,&obj1)) SWIG_fail;
+ res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_selinux_opt, 0 | 0 );
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "selinux_opt_value_set" "', argument " "1"" of type '" "struct selinux_opt *""'");
+ }
+ arg1 = (struct selinux_opt *)(argp1);
+ res2 = SWIG_AsCharPtrAndSize(obj1, &buf2, NULL, &alloc2);
+ if (!SWIG_IsOK(res2)) {
+ SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "selinux_opt_value_set" "', argument " "2"" of type '" "char const *""'");
+ }
+ arg2 = (char *)(buf2);
+ if (arg2) {
+ size_t size = strlen((const char *)((const char *)(arg2))) + 1;
+ arg1->value = (char const *)(char *)memcpy((char *)malloc((size)*sizeof(char)), arg2, sizeof(char)*(size));
+ } else {
+ arg1->value = 0;
+ }
+ resultobj = SWIG_Py_Void();
+ if (alloc2 == SWIG_NEWOBJ) free((char*)buf2);
+ return resultobj;
+fail:
+ if (alloc2 == SWIG_NEWOBJ) free((char*)buf2);
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_selinux_opt_value_get(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ struct selinux_opt *arg1 = (struct selinux_opt *) 0 ;
+ char *result = 0 ;
+ void *argp1 = 0 ;
+ int res1 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"O:selinux_opt_value_get",&obj0)) SWIG_fail;
+ res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_selinux_opt, 0 | 0 );
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "selinux_opt_value_get" "', argument " "1"" of type '" "struct selinux_opt *""'");
+ }
+ arg1 = (struct selinux_opt *)(argp1);
+ result = (char *) ((arg1)->value);
+ resultobj = SWIG_FromCharPtr((const char *)result);
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_new_selinux_opt(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ struct selinux_opt *result = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)":new_selinux_opt")) SWIG_fail;
+ result = (struct selinux_opt *)(struct selinux_opt *) calloc(1, sizeof(struct selinux_opt));
+ resultobj = SWIG_NewPointerObj(SWIG_as_voidptr(result), SWIGTYPE_p_selinux_opt, SWIG_POINTER_NEW | 0 );
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_delete_selinux_opt(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ struct selinux_opt *arg1 = (struct selinux_opt *) 0 ;
+ void *argp1 = 0 ;
+ int res1 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"O:delete_selinux_opt",&obj0)) SWIG_fail;
+ res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_selinux_opt, SWIG_POINTER_DISOWN | 0 );
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "delete_selinux_opt" "', argument " "1"" of type '" "struct selinux_opt *""'");
+ }
+ arg1 = (struct selinux_opt *)(argp1);
+ free((char *) arg1);
+
+ resultobj = SWIG_Py_Void();
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *selinux_opt_swigregister(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *obj;
+ if (!PyArg_ParseTuple(args,(char*)"O|swigregister", &obj)) return NULL;
+ SWIG_TypeNewClientData(SWIGTYPE_p_selinux_opt, SWIG_NewClientData(obj));
+ return SWIG_Py_Void();
+}
+
+SWIGINTERN PyObject *_wrap_selinux_callback_func_log_set(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ union selinux_callback *arg1 = (union selinux_callback *) 0 ;
+ int (*arg2)(int,char const *,...) = (int (*)(int,char const *,...)) 0 ;
+ void *argp1 = 0 ;
+ int res1 = 0 ;
+ PyObject * obj0 = 0 ;
+ PyObject * obj1 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"OO:selinux_callback_func_log_set",&obj0,&obj1)) SWIG_fail;
+ res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_selinux_callback, 0 | 0 );
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "selinux_callback_func_log_set" "', argument " "1"" of type '" "union selinux_callback *""'");
+ }
+ arg1 = (union selinux_callback *)(argp1);
+ {
+ int res = SWIG_ConvertFunctionPtr(obj1, (void**)(&arg2), SWIGTYPE_p_f_int_p_q_const__char_v_______int);
+ if (!SWIG_IsOK(res)) {
+ SWIG_exception_fail(SWIG_ArgError(res), "in method '" "selinux_callback_func_log_set" "', argument " "2"" of type '" "int (*)(int,char const *,...)""'");
+ }
+ }
+ if (arg1) (arg1)->func_log = arg2;
+
+ resultobj = SWIG_Py_Void();
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_selinux_callback_func_log_get(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ union selinux_callback *arg1 = (union selinux_callback *) 0 ;
+ int (*result)(int,char const *,...) = 0 ;
+ void *argp1 = 0 ;
+ int res1 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"O:selinux_callback_func_log_get",&obj0)) SWIG_fail;
+ res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_selinux_callback, 0 | 0 );
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "selinux_callback_func_log_get" "', argument " "1"" of type '" "union selinux_callback *""'");
+ }
+ arg1 = (union selinux_callback *)(argp1);
+ result = (int (*)(int,char const *,...)) ((arg1)->func_log);
+ resultobj = SWIG_NewFunctionPtrObj((void *)(result), SWIGTYPE_p_f_int_p_q_const__char_v_______int);
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_selinux_callback_func_audit_set(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ union selinux_callback *arg1 = (union selinux_callback *) 0 ;
+ int (*arg2)(void *,security_class_t,char *,size_t) = (int (*)(void *,security_class_t,char *,size_t)) 0 ;
+ void *argp1 = 0 ;
+ int res1 = 0 ;
+ PyObject * obj0 = 0 ;
+ PyObject * obj1 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"OO:selinux_callback_func_audit_set",&obj0,&obj1)) SWIG_fail;
+ res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_selinux_callback, 0 | 0 );
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "selinux_callback_func_audit_set" "', argument " "1"" of type '" "union selinux_callback *""'");
+ }
+ arg1 = (union selinux_callback *)(argp1);
+ {
+ int res = SWIG_ConvertFunctionPtr(obj1, (void**)(&arg2), SWIGTYPE_p_f_p_void_unsigned_short_p_char_size_t__int);
+ if (!SWIG_IsOK(res)) {
+ SWIG_exception_fail(SWIG_ArgError(res), "in method '" "selinux_callback_func_audit_set" "', argument " "2"" of type '" "int (*)(void *,security_class_t,char *,size_t)""'");
+ }
+ }
+ if (arg1) (arg1)->func_audit = arg2;
+
+ resultobj = SWIG_Py_Void();
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_selinux_callback_func_audit_get(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ union selinux_callback *arg1 = (union selinux_callback *) 0 ;
+ int (*result)(void *,security_class_t,char *,size_t) = 0 ;
+ void *argp1 = 0 ;
+ int res1 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"O:selinux_callback_func_audit_get",&obj0)) SWIG_fail;
+ res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_selinux_callback, 0 | 0 );
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "selinux_callback_func_audit_get" "', argument " "1"" of type '" "union selinux_callback *""'");
+ }
+ arg1 = (union selinux_callback *)(argp1);
+ result = (int (*)(void *,security_class_t,char *,size_t)) ((arg1)->func_audit);
+ resultobj = SWIG_NewFunctionPtrObj((void *)(result), SWIGTYPE_p_f_p_void_unsigned_short_p_char_size_t__int);
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_selinux_callback_func_validate_set(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ union selinux_callback *arg1 = (union selinux_callback *) 0 ;
+ int (*arg2)(security_context_t *) = (int (*)(security_context_t *)) 0 ;
+ void *argp1 = 0 ;
+ int res1 = 0 ;
+ PyObject * obj0 = 0 ;
+ PyObject * obj1 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"OO:selinux_callback_func_validate_set",&obj0,&obj1)) SWIG_fail;
+ res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_selinux_callback, 0 | 0 );
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "selinux_callback_func_validate_set" "', argument " "1"" of type '" "union selinux_callback *""'");
+ }
+ arg1 = (union selinux_callback *)(argp1);
+ {
+ int res = SWIG_ConvertFunctionPtr(obj1, (void**)(&arg2), SWIGTYPE_p_f_p_p_char__int);
+ if (!SWIG_IsOK(res)) {
+ SWIG_exception_fail(SWIG_ArgError(res), "in method '" "selinux_callback_func_validate_set" "', argument " "2"" of type '" "int (*)(security_context_t *)""'");
+ }
+ }
+ if (arg1) (arg1)->func_validate = arg2;
+
+ resultobj = SWIG_Py_Void();
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_selinux_callback_func_validate_get(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ union selinux_callback *arg1 = (union selinux_callback *) 0 ;
+ int (*result)(security_context_t *) = 0 ;
+ void *argp1 = 0 ;
+ int res1 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"O:selinux_callback_func_validate_get",&obj0)) SWIG_fail;
+ res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_selinux_callback, 0 | 0 );
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "selinux_callback_func_validate_get" "', argument " "1"" of type '" "union selinux_callback *""'");
+ }
+ arg1 = (union selinux_callback *)(argp1);
+ result = (int (*)(security_context_t *)) ((arg1)->func_validate);
+ resultobj = SWIG_NewFunctionPtrObj((void *)(result), SWIGTYPE_p_f_p_p_char__int);
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_new_selinux_callback(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ union selinux_callback *result = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)":new_selinux_callback")) SWIG_fail;
+ result = (union selinux_callback *)(union selinux_callback *) calloc(1, sizeof(union selinux_callback));
+ resultobj = SWIG_NewPointerObj(SWIG_as_voidptr(result), SWIGTYPE_p_selinux_callback, SWIG_POINTER_NEW | 0 );
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_delete_selinux_callback(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ union selinux_callback *arg1 = (union selinux_callback *) 0 ;
+ void *argp1 = 0 ;
+ int res1 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"O:delete_selinux_callback",&obj0)) SWIG_fail;
+ res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_selinux_callback, SWIG_POINTER_DISOWN | 0 );
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "delete_selinux_callback" "', argument " "1"" of type '" "union selinux_callback *""'");
+ }
+ arg1 = (union selinux_callback *)(argp1);
+ free((char *) arg1);
+
+ resultobj = SWIG_Py_Void();
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *selinux_callback_swigregister(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *obj;
+ if (!PyArg_ParseTuple(args,(char*)"O|swigregister", &obj)) return NULL;
+ SWIG_TypeNewClientData(SWIGTYPE_p_selinux_callback, SWIG_NewClientData(obj));
+ return SWIG_Py_Void();
+}
+
+SWIGINTERN PyObject *_wrap_selinux_get_callback(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ int arg1 ;
+ union selinux_callback result;
+ int val1 ;
+ int ecode1 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"O:selinux_get_callback",&obj0)) SWIG_fail;
+ ecode1 = SWIG_AsVal_int(obj0, &val1);
+ if (!SWIG_IsOK(ecode1)) {
+ SWIG_exception_fail(SWIG_ArgError(ecode1), "in method '" "selinux_get_callback" "', argument " "1"" of type '" "int""'");
+ }
+ arg1 = (int)(val1);
+ result = selinux_get_callback(arg1);
+ resultobj = SWIG_NewPointerObj((union selinux_callback *)memcpy((union selinux_callback *)malloc(sizeof(union selinux_callback)),&result,sizeof(union selinux_callback)), SWIGTYPE_p_selinux_callback, SWIG_POINTER_OWN | 0 );
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_selinux_set_callback(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ int arg1 ;
+ union selinux_callback arg2 ;
+ int val1 ;
+ int ecode1 = 0 ;
+ void *argp2 ;
+ int res2 = 0 ;
+ PyObject * obj0 = 0 ;
+ PyObject * obj1 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"OO:selinux_set_callback",&obj0,&obj1)) SWIG_fail;
+ ecode1 = SWIG_AsVal_int(obj0, &val1);
+ if (!SWIG_IsOK(ecode1)) {
+ SWIG_exception_fail(SWIG_ArgError(ecode1), "in method '" "selinux_set_callback" "', argument " "1"" of type '" "int""'");
+ }
+ arg1 = (int)(val1);
+ {
+ res2 = SWIG_ConvertPtr(obj1, &argp2, SWIGTYPE_p_selinux_callback, 0 );
+ if (!SWIG_IsOK(res2)) {
+ SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "selinux_set_callback" "', argument " "2"" of type '" "union selinux_callback""'");
+ }
+ if (!argp2) {
+ SWIG_exception_fail(SWIG_ValueError, "invalid null reference " "in method '" "selinux_set_callback" "', argument " "2"" of type '" "union selinux_callback""'");
+ } else {
+ arg2 = *((union selinux_callback *)(argp2));
+ }
+ }
+ selinux_set_callback(arg1,arg2);
+ resultobj = SWIG_Py_Void();
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_security_compute_av(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ security_context_t arg1 = (security_context_t) 0 ;
+ security_context_t arg2 = (security_context_t) 0 ;
+ security_class_t arg3 ;
+ access_vector_t arg4 ;
+ struct av_decision *arg5 = (struct av_decision *) 0 ;
+ int result;
+ int res1 ;
+ char *buf1 = 0 ;
+ int alloc1 = 0 ;
+ int res2 ;
+ char *buf2 = 0 ;
+ int alloc2 = 0 ;
+ unsigned short val3 ;
+ int ecode3 = 0 ;
+ unsigned int val4 ;
+ int ecode4 = 0 ;
+ void *argp5 = 0 ;
+ int res5 = 0 ;
+ PyObject * obj0 = 0 ;
+ PyObject * obj1 = 0 ;
+ PyObject * obj2 = 0 ;
+ PyObject * obj3 = 0 ;
+ PyObject * obj4 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"OOOOO:security_compute_av",&obj0,&obj1,&obj2,&obj3,&obj4)) SWIG_fail;
+ res1 = SWIG_AsCharPtrAndSize(obj0, &buf1, NULL, &alloc1);
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "security_compute_av" "', argument " "1"" of type '" "security_context_t""'");
+ }
+ arg1 = (security_context_t)(buf1);
+ res2 = SWIG_AsCharPtrAndSize(obj1, &buf2, NULL, &alloc2);
+ if (!SWIG_IsOK(res2)) {
+ SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "security_compute_av" "', argument " "2"" of type '" "security_context_t""'");
+ }
+ arg2 = (security_context_t)(buf2);
+ ecode3 = SWIG_AsVal_unsigned_SS_short(obj2, &val3);
+ if (!SWIG_IsOK(ecode3)) {
+ SWIG_exception_fail(SWIG_ArgError(ecode3), "in method '" "security_compute_av" "', argument " "3"" of type '" "security_class_t""'");
+ }
+ arg3 = (security_class_t)(val3);
+ ecode4 = SWIG_AsVal_unsigned_SS_int(obj3, &val4);
+ if (!SWIG_IsOK(ecode4)) {
+ SWIG_exception_fail(SWIG_ArgError(ecode4), "in method '" "security_compute_av" "', argument " "4"" of type '" "access_vector_t""'");
+ }
+ arg4 = (access_vector_t)(val4);
+ res5 = SWIG_ConvertPtr(obj4, &argp5,SWIGTYPE_p_av_decision, 0 | 0 );
+ if (!SWIG_IsOK(res5)) {
+ SWIG_exception_fail(SWIG_ArgError(res5), "in method '" "security_compute_av" "', argument " "5"" of type '" "struct av_decision *""'");
+ }
+ arg5 = (struct av_decision *)(argp5);
+ result = (int)security_compute_av(arg1,arg2,arg3,arg4,arg5);
+ resultobj = SWIG_From_int((int)(result));
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ if (alloc2 == SWIG_NEWOBJ) free((char*)buf2);
+ return resultobj;
+fail:
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ if (alloc2 == SWIG_NEWOBJ) free((char*)buf2);
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_security_compute_av_raw(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ security_context_t arg1 = (security_context_t) 0 ;
+ security_context_t arg2 = (security_context_t) 0 ;
+ security_class_t arg3 ;
+ access_vector_t arg4 ;
+ struct av_decision *arg5 = (struct av_decision *) 0 ;
+ int result;
+ int res1 ;
+ char *buf1 = 0 ;
+ int alloc1 = 0 ;
+ int res2 ;
+ char *buf2 = 0 ;
+ int alloc2 = 0 ;
+ unsigned short val3 ;
+ int ecode3 = 0 ;
+ unsigned int val4 ;
+ int ecode4 = 0 ;
+ void *argp5 = 0 ;
+ int res5 = 0 ;
+ PyObject * obj0 = 0 ;
+ PyObject * obj1 = 0 ;
+ PyObject * obj2 = 0 ;
+ PyObject * obj3 = 0 ;
+ PyObject * obj4 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"OOOOO:security_compute_av_raw",&obj0,&obj1,&obj2,&obj3,&obj4)) SWIG_fail;
+ res1 = SWIG_AsCharPtrAndSize(obj0, &buf1, NULL, &alloc1);
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "security_compute_av_raw" "', argument " "1"" of type '" "security_context_t""'");
+ }
+ arg1 = (security_context_t)(buf1);
+ res2 = SWIG_AsCharPtrAndSize(obj1, &buf2, NULL, &alloc2);
+ if (!SWIG_IsOK(res2)) {
+ SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "security_compute_av_raw" "', argument " "2"" of type '" "security_context_t""'");
+ }
+ arg2 = (security_context_t)(buf2);
+ ecode3 = SWIG_AsVal_unsigned_SS_short(obj2, &val3);
+ if (!SWIG_IsOK(ecode3)) {
+ SWIG_exception_fail(SWIG_ArgError(ecode3), "in method '" "security_compute_av_raw" "', argument " "3"" of type '" "security_class_t""'");
+ }
+ arg3 = (security_class_t)(val3);
+ ecode4 = SWIG_AsVal_unsigned_SS_int(obj3, &val4);
+ if (!SWIG_IsOK(ecode4)) {
+ SWIG_exception_fail(SWIG_ArgError(ecode4), "in method '" "security_compute_av_raw" "', argument " "4"" of type '" "access_vector_t""'");
+ }
+ arg4 = (access_vector_t)(val4);
+ res5 = SWIG_ConvertPtr(obj4, &argp5,SWIGTYPE_p_av_decision, 0 | 0 );
+ if (!SWIG_IsOK(res5)) {
+ SWIG_exception_fail(SWIG_ArgError(res5), "in method '" "security_compute_av_raw" "', argument " "5"" of type '" "struct av_decision *""'");
+ }
+ arg5 = (struct av_decision *)(argp5);
+ result = (int)security_compute_av_raw(arg1,arg2,arg3,arg4,arg5);
+ resultobj = SWIG_From_int((int)(result));
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ if (alloc2 == SWIG_NEWOBJ) free((char*)buf2);
+ return resultobj;
+fail:
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ if (alloc2 == SWIG_NEWOBJ) free((char*)buf2);
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_security_compute_create(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ security_context_t arg1 = (security_context_t) 0 ;
+ security_context_t arg2 = (security_context_t) 0 ;
+ security_class_t arg3 ;
+ security_context_t *arg4 = (security_context_t *) 0 ;
+ int result;
+ int res1 ;
+ char *buf1 = 0 ;
+ int alloc1 = 0 ;
+ int res2 ;
+ char *buf2 = 0 ;
+ int alloc2 = 0 ;
+ unsigned short val3 ;
+ int ecode3 = 0 ;
+ security_context_t temp4 = 0 ;
+ PyObject * obj0 = 0 ;
+ PyObject * obj1 = 0 ;
+ PyObject * obj2 = 0 ;
+
+ arg4 = &temp4;
+ if (!PyArg_ParseTuple(args,(char *)"OOO:security_compute_create",&obj0,&obj1,&obj2)) SWIG_fail;
+ res1 = SWIG_AsCharPtrAndSize(obj0, &buf1, NULL, &alloc1);
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "security_compute_create" "', argument " "1"" of type '" "security_context_t""'");
+ }
+ arg1 = (security_context_t)(buf1);
+ res2 = SWIG_AsCharPtrAndSize(obj1, &buf2, NULL, &alloc2);
+ if (!SWIG_IsOK(res2)) {
+ SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "security_compute_create" "', argument " "2"" of type '" "security_context_t""'");
+ }
+ arg2 = (security_context_t)(buf2);
+ ecode3 = SWIG_AsVal_unsigned_SS_short(obj2, &val3);
+ if (!SWIG_IsOK(ecode3)) {
+ SWIG_exception_fail(SWIG_ArgError(ecode3), "in method '" "security_compute_create" "', argument " "3"" of type '" "security_class_t""'");
+ }
+ arg3 = (security_class_t)(val3);
+ result = (int)security_compute_create(arg1,arg2,arg3,arg4);
+ resultobj = SWIG_From_int((int)(result));
+ if (*arg4) {
+ resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_FromCharPtr(*arg4));
+ freecon(*arg4);
+ }
+ else {
+ Py_INCREF(Py_None);
+ resultobj = SWIG_Python_AppendOutput(resultobj, Py_None);
+ }
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ if (alloc2 == SWIG_NEWOBJ) free((char*)buf2);
+ return resultobj;
+fail:
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ if (alloc2 == SWIG_NEWOBJ) free((char*)buf2);
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_security_compute_create_raw(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ security_context_t arg1 = (security_context_t) 0 ;
+ security_context_t arg2 = (security_context_t) 0 ;
+ security_class_t arg3 ;
+ security_context_t *arg4 = (security_context_t *) 0 ;
+ int result;
+ int res1 ;
+ char *buf1 = 0 ;
+ int alloc1 = 0 ;
+ int res2 ;
+ char *buf2 = 0 ;
+ int alloc2 = 0 ;
+ unsigned short val3 ;
+ int ecode3 = 0 ;
+ security_context_t temp4 = 0 ;
+ PyObject * obj0 = 0 ;
+ PyObject * obj1 = 0 ;
+ PyObject * obj2 = 0 ;
+
+ arg4 = &temp4;
+ if (!PyArg_ParseTuple(args,(char *)"OOO:security_compute_create_raw",&obj0,&obj1,&obj2)) SWIG_fail;
+ res1 = SWIG_AsCharPtrAndSize(obj0, &buf1, NULL, &alloc1);
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "security_compute_create_raw" "', argument " "1"" of type '" "security_context_t""'");
+ }
+ arg1 = (security_context_t)(buf1);
+ res2 = SWIG_AsCharPtrAndSize(obj1, &buf2, NULL, &alloc2);
+ if (!SWIG_IsOK(res2)) {
+ SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "security_compute_create_raw" "', argument " "2"" of type '" "security_context_t""'");
+ }
+ arg2 = (security_context_t)(buf2);
+ ecode3 = SWIG_AsVal_unsigned_SS_short(obj2, &val3);
+ if (!SWIG_IsOK(ecode3)) {
+ SWIG_exception_fail(SWIG_ArgError(ecode3), "in method '" "security_compute_create_raw" "', argument " "3"" of type '" "security_class_t""'");
+ }
+ arg3 = (security_class_t)(val3);
+ result = (int)security_compute_create_raw(arg1,arg2,arg3,arg4);
+ resultobj = SWIG_From_int((int)(result));
+ if (*arg4) {
+ resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_FromCharPtr(*arg4));
+ freecon(*arg4);
+ }
+ else {
+ Py_INCREF(Py_None);
+ resultobj = SWIG_Python_AppendOutput(resultobj, Py_None);
+ }
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ if (alloc2 == SWIG_NEWOBJ) free((char*)buf2);
+ return resultobj;
+fail:
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ if (alloc2 == SWIG_NEWOBJ) free((char*)buf2);
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_security_compute_relabel(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ security_context_t arg1 = (security_context_t) 0 ;
+ security_context_t arg2 = (security_context_t) 0 ;
+ security_class_t arg3 ;
+ security_context_t *arg4 = (security_context_t *) 0 ;
+ int result;
+ int res1 ;
+ char *buf1 = 0 ;
+ int alloc1 = 0 ;
+ int res2 ;
+ char *buf2 = 0 ;
+ int alloc2 = 0 ;
+ unsigned short val3 ;
+ int ecode3 = 0 ;
+ security_context_t temp4 = 0 ;
+ PyObject * obj0 = 0 ;
+ PyObject * obj1 = 0 ;
+ PyObject * obj2 = 0 ;
+
+ arg4 = &temp4;
+ if (!PyArg_ParseTuple(args,(char *)"OOO:security_compute_relabel",&obj0,&obj1,&obj2)) SWIG_fail;
+ res1 = SWIG_AsCharPtrAndSize(obj0, &buf1, NULL, &alloc1);
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "security_compute_relabel" "', argument " "1"" of type '" "security_context_t""'");
+ }
+ arg1 = (security_context_t)(buf1);
+ res2 = SWIG_AsCharPtrAndSize(obj1, &buf2, NULL, &alloc2);
+ if (!SWIG_IsOK(res2)) {
+ SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "security_compute_relabel" "', argument " "2"" of type '" "security_context_t""'");
+ }
+ arg2 = (security_context_t)(buf2);
+ ecode3 = SWIG_AsVal_unsigned_SS_short(obj2, &val3);
+ if (!SWIG_IsOK(ecode3)) {
+ SWIG_exception_fail(SWIG_ArgError(ecode3), "in method '" "security_compute_relabel" "', argument " "3"" of type '" "security_class_t""'");
+ }
+ arg3 = (security_class_t)(val3);
+ result = (int)security_compute_relabel(arg1,arg2,arg3,arg4);
+ resultobj = SWIG_From_int((int)(result));
+ if (*arg4) {
+ resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_FromCharPtr(*arg4));
+ freecon(*arg4);
+ }
+ else {
+ Py_INCREF(Py_None);
+ resultobj = SWIG_Python_AppendOutput(resultobj, Py_None);
+ }
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ if (alloc2 == SWIG_NEWOBJ) free((char*)buf2);
+ return resultobj;
+fail:
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ if (alloc2 == SWIG_NEWOBJ) free((char*)buf2);
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_security_compute_relabel_raw(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ security_context_t arg1 = (security_context_t) 0 ;
+ security_context_t arg2 = (security_context_t) 0 ;
+ security_class_t arg3 ;
+ security_context_t *arg4 = (security_context_t *) 0 ;
+ int result;
+ int res1 ;
+ char *buf1 = 0 ;
+ int alloc1 = 0 ;
+ int res2 ;
+ char *buf2 = 0 ;
+ int alloc2 = 0 ;
+ unsigned short val3 ;
+ int ecode3 = 0 ;
+ security_context_t temp4 = 0 ;
+ PyObject * obj0 = 0 ;
+ PyObject * obj1 = 0 ;
+ PyObject * obj2 = 0 ;
+
+ arg4 = &temp4;
+ if (!PyArg_ParseTuple(args,(char *)"OOO:security_compute_relabel_raw",&obj0,&obj1,&obj2)) SWIG_fail;
+ res1 = SWIG_AsCharPtrAndSize(obj0, &buf1, NULL, &alloc1);
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "security_compute_relabel_raw" "', argument " "1"" of type '" "security_context_t""'");
+ }
+ arg1 = (security_context_t)(buf1);
+ res2 = SWIG_AsCharPtrAndSize(obj1, &buf2, NULL, &alloc2);
+ if (!SWIG_IsOK(res2)) {
+ SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "security_compute_relabel_raw" "', argument " "2"" of type '" "security_context_t""'");
+ }
+ arg2 = (security_context_t)(buf2);
+ ecode3 = SWIG_AsVal_unsigned_SS_short(obj2, &val3);
+ if (!SWIG_IsOK(ecode3)) {
+ SWIG_exception_fail(SWIG_ArgError(ecode3), "in method '" "security_compute_relabel_raw" "', argument " "3"" of type '" "security_class_t""'");
+ }
+ arg3 = (security_class_t)(val3);
+ result = (int)security_compute_relabel_raw(arg1,arg2,arg3,arg4);
+ resultobj = SWIG_From_int((int)(result));
+ if (*arg4) {
+ resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_FromCharPtr(*arg4));
+ freecon(*arg4);
+ }
+ else {
+ Py_INCREF(Py_None);
+ resultobj = SWIG_Python_AppendOutput(resultobj, Py_None);
+ }
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ if (alloc2 == SWIG_NEWOBJ) free((char*)buf2);
+ return resultobj;
+fail:
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ if (alloc2 == SWIG_NEWOBJ) free((char*)buf2);
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_security_compute_member(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ security_context_t arg1 = (security_context_t) 0 ;
+ security_context_t arg2 = (security_context_t) 0 ;
+ security_class_t arg3 ;
+ security_context_t *arg4 = (security_context_t *) 0 ;
+ int result;
+ int res1 ;
+ char *buf1 = 0 ;
+ int alloc1 = 0 ;
+ int res2 ;
+ char *buf2 = 0 ;
+ int alloc2 = 0 ;
+ unsigned short val3 ;
+ int ecode3 = 0 ;
+ security_context_t temp4 = 0 ;
+ PyObject * obj0 = 0 ;
+ PyObject * obj1 = 0 ;
+ PyObject * obj2 = 0 ;
+
+ arg4 = &temp4;
+ if (!PyArg_ParseTuple(args,(char *)"OOO:security_compute_member",&obj0,&obj1,&obj2)) SWIG_fail;
+ res1 = SWIG_AsCharPtrAndSize(obj0, &buf1, NULL, &alloc1);
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "security_compute_member" "', argument " "1"" of type '" "security_context_t""'");
+ }
+ arg1 = (security_context_t)(buf1);
+ res2 = SWIG_AsCharPtrAndSize(obj1, &buf2, NULL, &alloc2);
+ if (!SWIG_IsOK(res2)) {
+ SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "security_compute_member" "', argument " "2"" of type '" "security_context_t""'");
+ }
+ arg2 = (security_context_t)(buf2);
+ ecode3 = SWIG_AsVal_unsigned_SS_short(obj2, &val3);
+ if (!SWIG_IsOK(ecode3)) {
+ SWIG_exception_fail(SWIG_ArgError(ecode3), "in method '" "security_compute_member" "', argument " "3"" of type '" "security_class_t""'");
+ }
+ arg3 = (security_class_t)(val3);
+ result = (int)security_compute_member(arg1,arg2,arg3,arg4);
+ resultobj = SWIG_From_int((int)(result));
+ if (*arg4) {
+ resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_FromCharPtr(*arg4));
+ freecon(*arg4);
+ }
+ else {
+ Py_INCREF(Py_None);
+ resultobj = SWIG_Python_AppendOutput(resultobj, Py_None);
+ }
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ if (alloc2 == SWIG_NEWOBJ) free((char*)buf2);
+ return resultobj;
+fail:
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ if (alloc2 == SWIG_NEWOBJ) free((char*)buf2);
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_security_compute_member_raw(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ security_context_t arg1 = (security_context_t) 0 ;
+ security_context_t arg2 = (security_context_t) 0 ;
+ security_class_t arg3 ;
+ security_context_t *arg4 = (security_context_t *) 0 ;
+ int result;
+ int res1 ;
+ char *buf1 = 0 ;
+ int alloc1 = 0 ;
+ int res2 ;
+ char *buf2 = 0 ;
+ int alloc2 = 0 ;
+ unsigned short val3 ;
+ int ecode3 = 0 ;
+ security_context_t temp4 = 0 ;
+ PyObject * obj0 = 0 ;
+ PyObject * obj1 = 0 ;
+ PyObject * obj2 = 0 ;
+
+ arg4 = &temp4;
+ if (!PyArg_ParseTuple(args,(char *)"OOO:security_compute_member_raw",&obj0,&obj1,&obj2)) SWIG_fail;
+ res1 = SWIG_AsCharPtrAndSize(obj0, &buf1, NULL, &alloc1);
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "security_compute_member_raw" "', argument " "1"" of type '" "security_context_t""'");
+ }
+ arg1 = (security_context_t)(buf1);
+ res2 = SWIG_AsCharPtrAndSize(obj1, &buf2, NULL, &alloc2);
+ if (!SWIG_IsOK(res2)) {
+ SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "security_compute_member_raw" "', argument " "2"" of type '" "security_context_t""'");
+ }
+ arg2 = (security_context_t)(buf2);
+ ecode3 = SWIG_AsVal_unsigned_SS_short(obj2, &val3);
+ if (!SWIG_IsOK(ecode3)) {
+ SWIG_exception_fail(SWIG_ArgError(ecode3), "in method '" "security_compute_member_raw" "', argument " "3"" of type '" "security_class_t""'");
+ }
+ arg3 = (security_class_t)(val3);
+ result = (int)security_compute_member_raw(arg1,arg2,arg3,arg4);
+ resultobj = SWIG_From_int((int)(result));
+ if (*arg4) {
+ resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_FromCharPtr(*arg4));
+ freecon(*arg4);
+ }
+ else {
+ Py_INCREF(Py_None);
+ resultobj = SWIG_Python_AppendOutput(resultobj, Py_None);
+ }
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ if (alloc2 == SWIG_NEWOBJ) free((char*)buf2);
+ return resultobj;
+fail:
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ if (alloc2 == SWIG_NEWOBJ) free((char*)buf2);
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_security_compute_user(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ security_context_t arg1 = (security_context_t) 0 ;
+ char *arg2 = (char *) 0 ;
+ security_context_t **arg3 = (security_context_t **) 0 ;
+ int result;
+ int res1 ;
+ char *buf1 = 0 ;
+ int alloc1 = 0 ;
+ int res2 ;
+ char *buf2 = 0 ;
+ int alloc2 = 0 ;
+ security_context_t *temp3 ;
+ PyObject * obj0 = 0 ;
+ PyObject * obj1 = 0 ;
+
+ {
+ arg3 = &temp3;
+ }
+ if (!PyArg_ParseTuple(args,(char *)"OO:security_compute_user",&obj0,&obj1)) SWIG_fail;
+ res1 = SWIG_AsCharPtrAndSize(obj0, &buf1, NULL, &alloc1);
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "security_compute_user" "', argument " "1"" of type '" "security_context_t""'");
+ }
+ arg1 = (security_context_t)(buf1);
+ res2 = SWIG_AsCharPtrAndSize(obj1, &buf2, NULL, &alloc2);
+ if (!SWIG_IsOK(res2)) {
+ SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "security_compute_user" "', argument " "2"" of type '" "char const *""'");
+ }
+ arg2 = (char *)(buf2);
+ result = (int)security_compute_user(arg1,(char const *)arg2,arg3);
+ resultobj = SWIG_From_int((int)(result));
+ {
+ PyObject* plist;
+ int i, len = 0;
+
+ if (*arg3) {
+ while((*arg3)[len])
+ len++;
+ plist = PyList_New(len);
+ for (i = 0; i < len; i++) {
+ PyList_SetItem(plist, i, PyString_FromString((*arg3)[i]));
+ }
+ } else {
+ plist = PyList_New(0);
+ }
+
+ resultobj = SWIG_Python_AppendOutput(resultobj, plist);
+ }
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ if (alloc2 == SWIG_NEWOBJ) free((char*)buf2);
+ {
+ if (*arg3) freeconary(*arg3);
+ }
+ return resultobj;
+fail:
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ if (alloc2 == SWIG_NEWOBJ) free((char*)buf2);
+ {
+ if (*arg3) freeconary(*arg3);
+ }
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_security_compute_user_raw(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ security_context_t arg1 = (security_context_t) 0 ;
+ char *arg2 = (char *) 0 ;
+ security_context_t **arg3 = (security_context_t **) 0 ;
+ int result;
+ int res1 ;
+ char *buf1 = 0 ;
+ int alloc1 = 0 ;
+ int res2 ;
+ char *buf2 = 0 ;
+ int alloc2 = 0 ;
+ security_context_t *temp3 ;
+ PyObject * obj0 = 0 ;
+ PyObject * obj1 = 0 ;
+
+ {
+ arg3 = &temp3;
+ }
+ if (!PyArg_ParseTuple(args,(char *)"OO:security_compute_user_raw",&obj0,&obj1)) SWIG_fail;
+ res1 = SWIG_AsCharPtrAndSize(obj0, &buf1, NULL, &alloc1);
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "security_compute_user_raw" "', argument " "1"" of type '" "security_context_t""'");
+ }
+ arg1 = (security_context_t)(buf1);
+ res2 = SWIG_AsCharPtrAndSize(obj1, &buf2, NULL, &alloc2);
+ if (!SWIG_IsOK(res2)) {
+ SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "security_compute_user_raw" "', argument " "2"" of type '" "char const *""'");
+ }
+ arg2 = (char *)(buf2);
+ result = (int)security_compute_user_raw(arg1,(char const *)arg2,arg3);
+ resultobj = SWIG_From_int((int)(result));
+ {
+ PyObject* plist;
+ int i, len = 0;
+
+ if (*arg3) {
+ while((*arg3)[len])
+ len++;
+ plist = PyList_New(len);
+ for (i = 0; i < len; i++) {
+ PyList_SetItem(plist, i, PyString_FromString((*arg3)[i]));
+ }
+ } else {
+ plist = PyList_New(0);
+ }
+
+ resultobj = SWIG_Python_AppendOutput(resultobj, plist);
+ }
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ if (alloc2 == SWIG_NEWOBJ) free((char*)buf2);
+ {
+ if (*arg3) freeconary(*arg3);
+ }
+ return resultobj;
+fail:
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ if (alloc2 == SWIG_NEWOBJ) free((char*)buf2);
+ {
+ if (*arg3) freeconary(*arg3);
+ }
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_security_load_policy(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ void *arg1 = (void *) 0 ;
+ size_t arg2 ;
+ int result;
+ int res1 ;
+ size_t val2 ;
+ int ecode2 = 0 ;
+ PyObject * obj0 = 0 ;
+ PyObject * obj1 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"OO:security_load_policy",&obj0,&obj1)) SWIG_fail;
+ res1 = SWIG_ConvertPtr(obj0,SWIG_as_voidptrptr(&arg1), 0, 0);
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "security_load_policy" "', argument " "1"" of type '" "void *""'");
+ }
+ ecode2 = SWIG_AsVal_size_t(obj1, &val2);
+ if (!SWIG_IsOK(ecode2)) {
+ SWIG_exception_fail(SWIG_ArgError(ecode2), "in method '" "security_load_policy" "', argument " "2"" of type '" "size_t""'");
+ }
+ arg2 = (size_t)(val2);
+ result = (int)security_load_policy(arg1,arg2);
+ resultobj = SWIG_From_int((int)(result));
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_security_get_initial_context(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ char *arg1 = (char *) 0 ;
+ security_context_t *arg2 = (security_context_t *) 0 ;
+ int result;
+ int res1 ;
+ char *buf1 = 0 ;
+ int alloc1 = 0 ;
+ security_context_t temp2 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ arg2 = &temp2;
+ if (!PyArg_ParseTuple(args,(char *)"O:security_get_initial_context",&obj0)) SWIG_fail;
+ res1 = SWIG_AsCharPtrAndSize(obj0, &buf1, NULL, &alloc1);
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "security_get_initial_context" "', argument " "1"" of type '" "char const *""'");
+ }
+ arg1 = (char *)(buf1);
+ result = (int)security_get_initial_context((char const *)arg1,arg2);
+ resultobj = SWIG_From_int((int)(result));
+ if (*arg2) {
+ resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_FromCharPtr(*arg2));
+ freecon(*arg2);
+ }
+ else {
+ Py_INCREF(Py_None);
+ resultobj = SWIG_Python_AppendOutput(resultobj, Py_None);
+ }
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return resultobj;
+fail:
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_security_get_initial_context_raw(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ char *arg1 = (char *) 0 ;
+ security_context_t *arg2 = (security_context_t *) 0 ;
+ int result;
+ int res1 ;
+ char *buf1 = 0 ;
+ int alloc1 = 0 ;
+ security_context_t temp2 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ arg2 = &temp2;
+ if (!PyArg_ParseTuple(args,(char *)"O:security_get_initial_context_raw",&obj0)) SWIG_fail;
+ res1 = SWIG_AsCharPtrAndSize(obj0, &buf1, NULL, &alloc1);
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "security_get_initial_context_raw" "', argument " "1"" of type '" "char const *""'");
+ }
+ arg1 = (char *)(buf1);
+ result = (int)security_get_initial_context_raw((char const *)arg1,arg2);
+ resultobj = SWIG_From_int((int)(result));
+ if (*arg2) {
+ resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_FromCharPtr(*arg2));
+ freecon(*arg2);
+ }
+ else {
+ Py_INCREF(Py_None);
+ resultobj = SWIG_Python_AppendOutput(resultobj, Py_None);
+ }
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return resultobj;
+fail:
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_selinux_mkload_policy(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ int arg1 ;
+ int result;
+ int val1 ;
+ int ecode1 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"O:selinux_mkload_policy",&obj0)) SWIG_fail;
+ ecode1 = SWIG_AsVal_int(obj0, &val1);
+ if (!SWIG_IsOK(ecode1)) {
+ SWIG_exception_fail(SWIG_ArgError(ecode1), "in method '" "selinux_mkload_policy" "', argument " "1"" of type '" "int""'");
+ }
+ arg1 = (int)(val1);
+ result = (int)selinux_mkload_policy(arg1);
+ resultobj = SWIG_From_int((int)(result));
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_selinux_init_load_policy(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ int *arg1 = (int *) 0 ;
+ int result;
+ int temp1 ;
+ int res1 = SWIG_TMPOBJ ;
+
+ arg1 = &temp1;
+ if (!PyArg_ParseTuple(args,(char *)":selinux_init_load_policy")) SWIG_fail;
+ result = (int)selinux_init_load_policy(arg1);
+ resultobj = SWIG_From_int((int)(result));
+ if (SWIG_IsTmpObj(res1)) {
+ resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_From_int((*arg1)));
+ } else {
+ int new_flags = SWIG_IsNewObj(res1) ? (SWIG_POINTER_OWN | 0 ) : 0 ;
+ resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_NewPointerObj((void*)(arg1), SWIGTYPE_p_int, new_flags));
+ }
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_SELboolean_name_set(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ SELboolean *arg1 = (SELboolean *) 0 ;
+ char *arg2 = (char *) 0 ;
+ void *argp1 = 0 ;
+ int res1 = 0 ;
+ int res2 ;
+ char *buf2 = 0 ;
+ int alloc2 = 0 ;
+ PyObject * obj0 = 0 ;
+ PyObject * obj1 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"OO:SELboolean_name_set",&obj0,&obj1)) SWIG_fail;
+ res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_SELboolean, 0 | 0 );
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "SELboolean_name_set" "', argument " "1"" of type '" "SELboolean *""'");
+ }
+ arg1 = (SELboolean *)(argp1);
+ res2 = SWIG_AsCharPtrAndSize(obj1, &buf2, NULL, &alloc2);
+ if (!SWIG_IsOK(res2)) {
+ SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "SELboolean_name_set" "', argument " "2"" of type '" "char *""'");
+ }
+ arg2 = (char *)(buf2);
+ if (arg1->name) free((char*)arg1->name);
+ if (arg2) {
+ size_t size = strlen((const char *)(arg2)) + 1;
+ arg1->name = (char *)(char *)memcpy((char *)malloc((size)*sizeof(char)), (const char *)(arg2), sizeof(char)*(size));
+ } else {
+ arg1->name = 0;
+ }
+ resultobj = SWIG_Py_Void();
+ if (alloc2 == SWIG_NEWOBJ) free((char*)buf2);
+ return resultobj;
+fail:
+ if (alloc2 == SWIG_NEWOBJ) free((char*)buf2);
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_SELboolean_name_get(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ SELboolean *arg1 = (SELboolean *) 0 ;
+ char *result = 0 ;
+ void *argp1 = 0 ;
+ int res1 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"O:SELboolean_name_get",&obj0)) SWIG_fail;
+ res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_SELboolean, 0 | 0 );
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "SELboolean_name_get" "', argument " "1"" of type '" "SELboolean *""'");
+ }
+ arg1 = (SELboolean *)(argp1);
+ result = (char *) ((arg1)->name);
+ resultobj = SWIG_FromCharPtr((const char *)result);
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_SELboolean_value_set(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ SELboolean *arg1 = (SELboolean *) 0 ;
+ int arg2 ;
+ void *argp1 = 0 ;
+ int res1 = 0 ;
+ int val2 ;
+ int ecode2 = 0 ;
+ PyObject * obj0 = 0 ;
+ PyObject * obj1 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"OO:SELboolean_value_set",&obj0,&obj1)) SWIG_fail;
+ res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_SELboolean, 0 | 0 );
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "SELboolean_value_set" "', argument " "1"" of type '" "SELboolean *""'");
+ }
+ arg1 = (SELboolean *)(argp1);
+ ecode2 = SWIG_AsVal_int(obj1, &val2);
+ if (!SWIG_IsOK(ecode2)) {
+ SWIG_exception_fail(SWIG_ArgError(ecode2), "in method '" "SELboolean_value_set" "', argument " "2"" of type '" "int""'");
+ }
+ arg2 = (int)(val2);
+ if (arg1) (arg1)->value = arg2;
+
+ resultobj = SWIG_Py_Void();
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_SELboolean_value_get(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ SELboolean *arg1 = (SELboolean *) 0 ;
+ int result;
+ void *argp1 = 0 ;
+ int res1 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"O:SELboolean_value_get",&obj0)) SWIG_fail;
+ res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_SELboolean, 0 | 0 );
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "SELboolean_value_get" "', argument " "1"" of type '" "SELboolean *""'");
+ }
+ arg1 = (SELboolean *)(argp1);
+ result = (int) ((arg1)->value);
+ resultobj = SWIG_From_int((int)(result));
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_new_SELboolean(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ SELboolean *result = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)":new_SELboolean")) SWIG_fail;
+ result = (SELboolean *)(SELboolean *) calloc(1, sizeof(SELboolean));
+ resultobj = SWIG_NewPointerObj(SWIG_as_voidptr(result), SWIGTYPE_p_SELboolean, SWIG_POINTER_NEW | 0 );
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_delete_SELboolean(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ SELboolean *arg1 = (SELboolean *) 0 ;
+ void *argp1 = 0 ;
+ int res1 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"O:delete_SELboolean",&obj0)) SWIG_fail;
+ res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_SELboolean, SWIG_POINTER_DISOWN | 0 );
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "delete_SELboolean" "', argument " "1"" of type '" "SELboolean *""'");
+ }
+ arg1 = (SELboolean *)(argp1);
+ free((char *) arg1);
+
+ resultobj = SWIG_Py_Void();
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *SELboolean_swigregister(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *obj;
+ if (!PyArg_ParseTuple(args,(char*)"O|swigregister", &obj)) return NULL;
+ SWIG_TypeNewClientData(SWIGTYPE_p_SELboolean, SWIG_NewClientData(obj));
+ return SWIG_Py_Void();
+}
+
+SWIGINTERN PyObject *_wrap_security_set_boolean_list(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ size_t arg1 ;
+ SELboolean *arg2 = (SELboolean *) 0 ;
+ int arg3 ;
+ int result;
+ size_t val1 ;
+ int ecode1 = 0 ;
+ void *argp2 = 0 ;
+ int res2 = 0 ;
+ int val3 ;
+ int ecode3 = 0 ;
+ PyObject * obj0 = 0 ;
+ PyObject * obj1 = 0 ;
+ PyObject * obj2 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"OOO:security_set_boolean_list",&obj0,&obj1,&obj2)) SWIG_fail;
+ ecode1 = SWIG_AsVal_size_t(obj0, &val1);
+ if (!SWIG_IsOK(ecode1)) {
+ SWIG_exception_fail(SWIG_ArgError(ecode1), "in method '" "security_set_boolean_list" "', argument " "1"" of type '" "size_t""'");
+ }
+ arg1 = (size_t)(val1);
+ res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_SELboolean, 0 | 0 );
+ if (!SWIG_IsOK(res2)) {
+ SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "security_set_boolean_list" "', argument " "2"" of type '" "SELboolean *""'");
+ }
+ arg2 = (SELboolean *)(argp2);
+ ecode3 = SWIG_AsVal_int(obj2, &val3);
+ if (!SWIG_IsOK(ecode3)) {
+ SWIG_exception_fail(SWIG_ArgError(ecode3), "in method '" "security_set_boolean_list" "', argument " "3"" of type '" "int""'");
+ }
+ arg3 = (int)(val3);
+ result = (int)security_set_boolean_list(arg1,arg2,arg3);
+ resultobj = SWIG_From_int((int)(result));
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_security_load_booleans(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ char *arg1 = (char *) 0 ;
+ int result;
+ int res1 ;
+ char *buf1 = 0 ;
+ int alloc1 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"O:security_load_booleans",&obj0)) SWIG_fail;
+ res1 = SWIG_AsCharPtrAndSize(obj0, &buf1, NULL, &alloc1);
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "security_load_booleans" "', argument " "1"" of type '" "char *""'");
+ }
+ arg1 = (char *)(buf1);
+ result = (int)security_load_booleans(arg1);
+ resultobj = SWIG_From_int((int)(result));
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return resultobj;
+fail:
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_security_check_context(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ security_context_t arg1 = (security_context_t) 0 ;
+ int result;
+ int res1 ;
+ char *buf1 = 0 ;
+ int alloc1 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"O:security_check_context",&obj0)) SWIG_fail;
+ res1 = SWIG_AsCharPtrAndSize(obj0, &buf1, NULL, &alloc1);
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "security_check_context" "', argument " "1"" of type '" "security_context_t""'");
+ }
+ arg1 = (security_context_t)(buf1);
+ result = (int)security_check_context(arg1);
+ resultobj = SWIG_From_int((int)(result));
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return resultobj;
+fail:
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_security_check_context_raw(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ security_context_t arg1 = (security_context_t) 0 ;
+ int result;
+ int res1 ;
+ char *buf1 = 0 ;
+ int alloc1 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"O:security_check_context_raw",&obj0)) SWIG_fail;
+ res1 = SWIG_AsCharPtrAndSize(obj0, &buf1, NULL, &alloc1);
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "security_check_context_raw" "', argument " "1"" of type '" "security_context_t""'");
+ }
+ arg1 = (security_context_t)(buf1);
+ result = (int)security_check_context_raw(arg1);
+ resultobj = SWIG_From_int((int)(result));
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return resultobj;
+fail:
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_security_canonicalize_context(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ security_context_t arg1 = (security_context_t) 0 ;
+ security_context_t *arg2 = (security_context_t *) 0 ;
+ int result;
+ int res1 ;
+ char *buf1 = 0 ;
+ int alloc1 = 0 ;
+ security_context_t temp2 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ arg2 = &temp2;
+ if (!PyArg_ParseTuple(args,(char *)"O:security_canonicalize_context",&obj0)) SWIG_fail;
+ res1 = SWIG_AsCharPtrAndSize(obj0, &buf1, NULL, &alloc1);
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "security_canonicalize_context" "', argument " "1"" of type '" "security_context_t""'");
+ }
+ arg1 = (security_context_t)(buf1);
+ result = (int)security_canonicalize_context(arg1,arg2);
+ resultobj = SWIG_From_int((int)(result));
+ if (*arg2) {
+ resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_FromCharPtr(*arg2));
+ freecon(*arg2);
+ }
+ else {
+ Py_INCREF(Py_None);
+ resultobj = SWIG_Python_AppendOutput(resultobj, Py_None);
+ }
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return resultobj;
+fail:
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_security_canonicalize_context_raw(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ security_context_t arg1 = (security_context_t) 0 ;
+ security_context_t *arg2 = (security_context_t *) 0 ;
+ int result;
+ int res1 ;
+ char *buf1 = 0 ;
+ int alloc1 = 0 ;
+ security_context_t temp2 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ arg2 = &temp2;
+ if (!PyArg_ParseTuple(args,(char *)"O:security_canonicalize_context_raw",&obj0)) SWIG_fail;
+ res1 = SWIG_AsCharPtrAndSize(obj0, &buf1, NULL, &alloc1);
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "security_canonicalize_context_raw" "', argument " "1"" of type '" "security_context_t""'");
+ }
+ arg1 = (security_context_t)(buf1);
+ result = (int)security_canonicalize_context_raw(arg1,arg2);
+ resultobj = SWIG_From_int((int)(result));
+ if (*arg2) {
+ resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_FromCharPtr(*arg2));
+ freecon(*arg2);
+ }
+ else {
+ Py_INCREF(Py_None);
+ resultobj = SWIG_Python_AppendOutput(resultobj, Py_None);
+ }
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return resultobj;
+fail:
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_security_getenforce(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ int result;
+
+ if (!PyArg_ParseTuple(args,(char *)":security_getenforce")) SWIG_fail;
+ result = (int)security_getenforce();
+ resultobj = SWIG_From_int((int)(result));
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_security_setenforce(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ int arg1 ;
+ int result;
+ int val1 ;
+ int ecode1 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"O:security_setenforce",&obj0)) SWIG_fail;
+ ecode1 = SWIG_AsVal_int(obj0, &val1);
+ if (!SWIG_IsOK(ecode1)) {
+ SWIG_exception_fail(SWIG_ArgError(ecode1), "in method '" "security_setenforce" "', argument " "1"" of type '" "int""'");
+ }
+ arg1 = (int)(val1);
+ result = (int)security_setenforce(arg1);
+ resultobj = SWIG_From_int((int)(result));
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_security_disable(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ int result;
+
+ if (!PyArg_ParseTuple(args,(char *)":security_disable")) SWIG_fail;
+ result = (int)security_disable();
+ resultobj = SWIG_From_int((int)(result));
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_security_policyvers(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ int result;
+
+ if (!PyArg_ParseTuple(args,(char *)":security_policyvers")) SWIG_fail;
+ result = (int)security_policyvers();
+ resultobj = SWIG_From_int((int)(result));
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_security_get_boolean_names(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ char ***arg1 = (char ***) 0 ;
+ int *arg2 = (int *) 0 ;
+ int result;
+ char **temp11 ;
+ int temp21 ;
+
+ {
+ arg1 = &temp11;
+ arg2 = &temp21;
+ }
+ if (!PyArg_ParseTuple(args,(char *)":security_get_boolean_names")) SWIG_fail;
+ result = (int)security_get_boolean_names(arg1,arg2);
+ resultobj = SWIG_From_int((int)(result));
+ {
+ PyObject* list = PyList_New(*arg2);
+ int i;
+ for (i = 0; i < *arg2; i++) {
+ PyList_SetItem(list, i, PyString_FromString((*arg1)[i]));
+ }
+ resultobj = SWIG_Python_AppendOutput(resultobj, list);
+ }
+ {
+ int i;
+ if (*arg1) {
+ for (i = 0; i < *arg2; i++) {
+ free((*arg1)[i]);
+ }
+ free(*arg1);
+ }
+ }
+ return resultobj;
+fail:
+ {
+ int i;
+ if (*arg1) {
+ for (i = 0; i < *arg2; i++) {
+ free((*arg1)[i]);
+ }
+ free(*arg1);
+ }
+ }
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_security_get_boolean_pending(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ char *arg1 = (char *) 0 ;
+ int result;
+ int res1 ;
+ char *buf1 = 0 ;
+ int alloc1 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"O:security_get_boolean_pending",&obj0)) SWIG_fail;
+ res1 = SWIG_AsCharPtrAndSize(obj0, &buf1, NULL, &alloc1);
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "security_get_boolean_pending" "', argument " "1"" of type '" "char const *""'");
+ }
+ arg1 = (char *)(buf1);
+ result = (int)security_get_boolean_pending((char const *)arg1);
+ resultobj = SWIG_From_int((int)(result));
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return resultobj;
+fail:
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_security_get_boolean_active(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ char *arg1 = (char *) 0 ;
+ int result;
+ int res1 ;
+ char *buf1 = 0 ;
+ int alloc1 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"O:security_get_boolean_active",&obj0)) SWIG_fail;
+ res1 = SWIG_AsCharPtrAndSize(obj0, &buf1, NULL, &alloc1);
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "security_get_boolean_active" "', argument " "1"" of type '" "char const *""'");
+ }
+ arg1 = (char *)(buf1);
+ result = (int)security_get_boolean_active((char const *)arg1);
+ resultobj = SWIG_From_int((int)(result));
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return resultobj;
+fail:
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_security_set_boolean(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ char *arg1 = (char *) 0 ;
+ int arg2 ;
+ int result;
+ int res1 ;
+ char *buf1 = 0 ;
+ int alloc1 = 0 ;
+ int val2 ;
+ int ecode2 = 0 ;
+ PyObject * obj0 = 0 ;
+ PyObject * obj1 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"OO:security_set_boolean",&obj0,&obj1)) SWIG_fail;
+ res1 = SWIG_AsCharPtrAndSize(obj0, &buf1, NULL, &alloc1);
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "security_set_boolean" "', argument " "1"" of type '" "char const *""'");
+ }
+ arg1 = (char *)(buf1);
+ ecode2 = SWIG_AsVal_int(obj1, &val2);
+ if (!SWIG_IsOK(ecode2)) {
+ SWIG_exception_fail(SWIG_ArgError(ecode2), "in method '" "security_set_boolean" "', argument " "2"" of type '" "int""'");
+ }
+ arg2 = (int)(val2);
+ result = (int)security_set_boolean((char const *)arg1,arg2);
+ resultobj = SWIG_From_int((int)(result));
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return resultobj;
+fail:
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_security_commit_booleans(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ int result;
+
+ if (!PyArg_ParseTuple(args,(char *)":security_commit_booleans")) SWIG_fail;
+ result = (int)security_commit_booleans();
+ resultobj = SWIG_From_int((int)(result));
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_security_class_mapping_name_set(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ struct security_class_mapping *arg1 = (struct security_class_mapping *) 0 ;
+ char *arg2 = (char *) 0 ;
+ void *argp1 = 0 ;
+ int res1 = 0 ;
+ int res2 ;
+ char *buf2 = 0 ;
+ int alloc2 = 0 ;
+ PyObject * obj0 = 0 ;
+ PyObject * obj1 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"OO:security_class_mapping_name_set",&obj0,&obj1)) SWIG_fail;
+ res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_security_class_mapping, 0 | 0 );
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "security_class_mapping_name_set" "', argument " "1"" of type '" "struct security_class_mapping *""'");
+ }
+ arg1 = (struct security_class_mapping *)(argp1);
+ res2 = SWIG_AsCharPtrAndSize(obj1, &buf2, NULL, &alloc2);
+ if (!SWIG_IsOK(res2)) {
+ SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "security_class_mapping_name_set" "', argument " "2"" of type '" "char const *""'");
+ }
+ arg2 = (char *)(buf2);
+ if (arg2) {
+ size_t size = strlen((const char *)((const char *)(arg2))) + 1;
+ arg1->name = (char const *)(char *)memcpy((char *)malloc((size)*sizeof(char)), arg2, sizeof(char)*(size));
+ } else {
+ arg1->name = 0;
+ }
+ resultobj = SWIG_Py_Void();
+ if (alloc2 == SWIG_NEWOBJ) free((char*)buf2);
+ return resultobj;
+fail:
+ if (alloc2 == SWIG_NEWOBJ) free((char*)buf2);
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_security_class_mapping_name_get(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ struct security_class_mapping *arg1 = (struct security_class_mapping *) 0 ;
+ char *result = 0 ;
+ void *argp1 = 0 ;
+ int res1 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"O:security_class_mapping_name_get",&obj0)) SWIG_fail;
+ res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_security_class_mapping, 0 | 0 );
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "security_class_mapping_name_get" "', argument " "1"" of type '" "struct security_class_mapping *""'");
+ }
+ arg1 = (struct security_class_mapping *)(argp1);
+ result = (char *) ((arg1)->name);
+ resultobj = SWIG_FromCharPtr((const char *)result);
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_security_class_mapping_perms_set(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ struct security_class_mapping *arg1 = (struct security_class_mapping *) 0 ;
+ char **arg2 ;
+ void *argp1 = 0 ;
+ int res1 = 0 ;
+ void *argp2 = 0 ;
+ int res2 = 0 ;
+ PyObject * obj0 = 0 ;
+ PyObject * obj1 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"OO:security_class_mapping_perms_set",&obj0,&obj1)) SWIG_fail;
+ res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_security_class_mapping, 0 | 0 );
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "security_class_mapping_perms_set" "', argument " "1"" of type '" "struct security_class_mapping *""'");
+ }
+ arg1 = (struct security_class_mapping *)(argp1);
+ res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_p_char, 0 | 0 );
+ if (!SWIG_IsOK(res2)) {
+ SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "security_class_mapping_perms_set" "', argument " "2"" of type '" "char const *[sizeof(access_vector_t)*8+1]""'");
+ }
+ arg2 = (char **)(argp2);
+ {
+ if (arg2) {
+ size_t ii = 0;
+ for (; ii < (size_t)sizeof(access_vector_t)*8+1; ++ii) arg1->perms[ii] = arg2[ii];
+ } else {
+ SWIG_exception_fail(SWIG_ValueError, "invalid null reference " "in variable '""perms""' of type '""char const *[sizeof(access_vector_t)*8+1]""'");
+ }
+ }
+ resultobj = SWIG_Py_Void();
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_security_class_mapping_perms_get(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ struct security_class_mapping *arg1 = (struct security_class_mapping *) 0 ;
+ char **result = 0 ;
+ void *argp1 = 0 ;
+ int res1 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"O:security_class_mapping_perms_get",&obj0)) SWIG_fail;
+ res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_security_class_mapping, 0 | 0 );
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "security_class_mapping_perms_get" "', argument " "1"" of type '" "struct security_class_mapping *""'");
+ }
+ arg1 = (struct security_class_mapping *)(argp1);
+ result = (char **)(char **) ((arg1)->perms);
+ resultobj = SWIG_NewPointerObj(SWIG_as_voidptr(result), SWIGTYPE_p_p_char, 0 | 0 );
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_new_security_class_mapping(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ struct security_class_mapping *result = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)":new_security_class_mapping")) SWIG_fail;
+ result = (struct security_class_mapping *)(struct security_class_mapping *) calloc(1, sizeof(struct security_class_mapping));
+ resultobj = SWIG_NewPointerObj(SWIG_as_voidptr(result), SWIGTYPE_p_security_class_mapping, SWIG_POINTER_NEW | 0 );
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_delete_security_class_mapping(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ struct security_class_mapping *arg1 = (struct security_class_mapping *) 0 ;
+ void *argp1 = 0 ;
+ int res1 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"O:delete_security_class_mapping",&obj0)) SWIG_fail;
+ res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_security_class_mapping, SWIG_POINTER_DISOWN | 0 );
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "delete_security_class_mapping" "', argument " "1"" of type '" "struct security_class_mapping *""'");
+ }
+ arg1 = (struct security_class_mapping *)(argp1);
+ free((char *) arg1);
+
+ resultobj = SWIG_Py_Void();
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *security_class_mapping_swigregister(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *obj;
+ if (!PyArg_ParseTuple(args,(char*)"O|swigregister", &obj)) return NULL;
+ SWIG_TypeNewClientData(SWIGTYPE_p_security_class_mapping, SWIG_NewClientData(obj));
+ return SWIG_Py_Void();
+}
+
+SWIGINTERN PyObject *_wrap_selinux_set_mapping(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ struct security_class_mapping *arg1 = (struct security_class_mapping *) 0 ;
+ int result;
+ void *argp1 = 0 ;
+ int res1 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"O:selinux_set_mapping",&obj0)) SWIG_fail;
+ res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_security_class_mapping, 0 | 0 );
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "selinux_set_mapping" "', argument " "1"" of type '" "struct security_class_mapping *""'");
+ }
+ arg1 = (struct security_class_mapping *)(argp1);
+ result = (int)selinux_set_mapping(arg1);
+ resultobj = SWIG_From_int((int)(result));
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_string_to_security_class(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ char *arg1 = (char *) 0 ;
+ security_class_t result;
+ int res1 ;
+ char *buf1 = 0 ;
+ int alloc1 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"O:string_to_security_class",&obj0)) SWIG_fail;
+ res1 = SWIG_AsCharPtrAndSize(obj0, &buf1, NULL, &alloc1);
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "string_to_security_class" "', argument " "1"" of type '" "char const *""'");
+ }
+ arg1 = (char *)(buf1);
+ result = (security_class_t)string_to_security_class((char const *)arg1);
+ resultobj = SWIG_From_unsigned_SS_short((unsigned short)(result));
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return resultobj;
+fail:
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_security_class_to_string(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ security_class_t arg1 ;
+ char *result = 0 ;
+ unsigned short val1 ;
+ int ecode1 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"O:security_class_to_string",&obj0)) SWIG_fail;
+ ecode1 = SWIG_AsVal_unsigned_SS_short(obj0, &val1);
+ if (!SWIG_IsOK(ecode1)) {
+ SWIG_exception_fail(SWIG_ArgError(ecode1), "in method '" "security_class_to_string" "', argument " "1"" of type '" "security_class_t""'");
+ }
+ arg1 = (security_class_t)(val1);
+ result = (char *)security_class_to_string(arg1);
+ resultobj = SWIG_FromCharPtr((const char *)result);
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_security_av_perm_to_string(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ security_class_t arg1 ;
+ access_vector_t arg2 ;
+ char *result = 0 ;
+ unsigned short val1 ;
+ int ecode1 = 0 ;
+ unsigned int val2 ;
+ int ecode2 = 0 ;
+ PyObject * obj0 = 0 ;
+ PyObject * obj1 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"OO:security_av_perm_to_string",&obj0,&obj1)) SWIG_fail;
+ ecode1 = SWIG_AsVal_unsigned_SS_short(obj0, &val1);
+ if (!SWIG_IsOK(ecode1)) {
+ SWIG_exception_fail(SWIG_ArgError(ecode1), "in method '" "security_av_perm_to_string" "', argument " "1"" of type '" "security_class_t""'");
+ }
+ arg1 = (security_class_t)(val1);
+ ecode2 = SWIG_AsVal_unsigned_SS_int(obj1, &val2);
+ if (!SWIG_IsOK(ecode2)) {
+ SWIG_exception_fail(SWIG_ArgError(ecode2), "in method '" "security_av_perm_to_string" "', argument " "2"" of type '" "access_vector_t""'");
+ }
+ arg2 = (access_vector_t)(val2);
+ result = (char *)security_av_perm_to_string(arg1,arg2);
+ resultobj = SWIG_FromCharPtr((const char *)result);
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_string_to_av_perm(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ security_class_t arg1 ;
+ char *arg2 = (char *) 0 ;
+ access_vector_t result;
+ unsigned short val1 ;
+ int ecode1 = 0 ;
+ int res2 ;
+ char *buf2 = 0 ;
+ int alloc2 = 0 ;
+ PyObject * obj0 = 0 ;
+ PyObject * obj1 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"OO:string_to_av_perm",&obj0,&obj1)) SWIG_fail;
+ ecode1 = SWIG_AsVal_unsigned_SS_short(obj0, &val1);
+ if (!SWIG_IsOK(ecode1)) {
+ SWIG_exception_fail(SWIG_ArgError(ecode1), "in method '" "string_to_av_perm" "', argument " "1"" of type '" "security_class_t""'");
+ }
+ arg1 = (security_class_t)(val1);
+ res2 = SWIG_AsCharPtrAndSize(obj1, &buf2, NULL, &alloc2);
+ if (!SWIG_IsOK(res2)) {
+ SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "string_to_av_perm" "', argument " "2"" of type '" "char const *""'");
+ }
+ arg2 = (char *)(buf2);
+ result = (access_vector_t)string_to_av_perm(arg1,(char const *)arg2);
+ resultobj = SWIG_From_unsigned_SS_int((unsigned int)(result));
+ if (alloc2 == SWIG_NEWOBJ) free((char*)buf2);
+ return resultobj;
+fail:
+ if (alloc2 == SWIG_NEWOBJ) free((char*)buf2);
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_security_av_string(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ security_class_t arg1 ;
+ access_vector_t arg2 ;
+ char **arg3 = (char **) 0 ;
+ int result;
+ unsigned short val1 ;
+ int ecode1 = 0 ;
+ unsigned int val2 ;
+ int ecode2 = 0 ;
+ char *temp3 = 0 ;
+ PyObject * obj0 = 0 ;
+ PyObject * obj1 = 0 ;
+
+ arg3 = &temp3;
+ if (!PyArg_ParseTuple(args,(char *)"OO:security_av_string",&obj0,&obj1)) SWIG_fail;
+ ecode1 = SWIG_AsVal_unsigned_SS_short(obj0, &val1);
+ if (!SWIG_IsOK(ecode1)) {
+ SWIG_exception_fail(SWIG_ArgError(ecode1), "in method '" "security_av_string" "', argument " "1"" of type '" "security_class_t""'");
+ }
+ arg1 = (security_class_t)(val1);
+ ecode2 = SWIG_AsVal_unsigned_SS_int(obj1, &val2);
+ if (!SWIG_IsOK(ecode2)) {
+ SWIG_exception_fail(SWIG_ArgError(ecode2), "in method '" "security_av_string" "', argument " "2"" of type '" "access_vector_t""'");
+ }
+ arg2 = (access_vector_t)(val2);
+ result = (int)security_av_string(arg1,arg2,arg3);
+ resultobj = SWIG_From_int((int)(result));
+ if (*arg3) {
+ resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_FromCharPtr(*arg3));
+ free(*arg3);
+ }
+ else {
+ Py_INCREF(Py_None);
+ resultobj = SWIG_Python_AppendOutput(resultobj, Py_None);
+ }
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_print_access_vector(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ security_class_t arg1 ;
+ access_vector_t arg2 ;
+ unsigned short val1 ;
+ int ecode1 = 0 ;
+ unsigned int val2 ;
+ int ecode2 = 0 ;
+ PyObject * obj0 = 0 ;
+ PyObject * obj1 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"OO:print_access_vector",&obj0,&obj1)) SWIG_fail;
+ ecode1 = SWIG_AsVal_unsigned_SS_short(obj0, &val1);
+ if (!SWIG_IsOK(ecode1)) {
+ SWIG_exception_fail(SWIG_ArgError(ecode1), "in method '" "print_access_vector" "', argument " "1"" of type '" "security_class_t""'");
+ }
+ arg1 = (security_class_t)(val1);
+ ecode2 = SWIG_AsVal_unsigned_SS_int(obj1, &val2);
+ if (!SWIG_IsOK(ecode2)) {
+ SWIG_exception_fail(SWIG_ArgError(ecode2), "in method '" "print_access_vector" "', argument " "2"" of type '" "access_vector_t""'");
+ }
+ arg2 = (access_vector_t)(val2);
+ print_access_vector(arg1,arg2);
+ resultobj = SWIG_Py_Void();
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_set_matchpathcon_flags(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ unsigned int arg1 ;
+ unsigned int val1 ;
+ int ecode1 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"O:set_matchpathcon_flags",&obj0)) SWIG_fail;
+ ecode1 = SWIG_AsVal_unsigned_SS_int(obj0, &val1);
+ if (!SWIG_IsOK(ecode1)) {
+ SWIG_exception_fail(SWIG_ArgError(ecode1), "in method '" "set_matchpathcon_flags" "', argument " "1"" of type '" "unsigned int""'");
+ }
+ arg1 = (unsigned int)(val1);
+ set_matchpathcon_flags(arg1);
+ resultobj = SWIG_Py_Void();
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_matchpathcon_init(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ char *arg1 = (char *) 0 ;
+ int result;
+ int res1 ;
+ char *buf1 = 0 ;
+ int alloc1 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"O:matchpathcon_init",&obj0)) SWIG_fail;
+ res1 = SWIG_AsCharPtrAndSize(obj0, &buf1, NULL, &alloc1);
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "matchpathcon_init" "', argument " "1"" of type '" "char const *""'");
+ }
+ arg1 = (char *)(buf1);
+ result = (int)matchpathcon_init((char const *)arg1);
+ resultobj = SWIG_From_int((int)(result));
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return resultobj;
+fail:
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_matchpathcon_init_prefix(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ char *arg1 = (char *) 0 ;
+ char *arg2 = (char *) 0 ;
+ int result;
+ int res1 ;
+ char *buf1 = 0 ;
+ int alloc1 = 0 ;
+ int res2 ;
+ char *buf2 = 0 ;
+ int alloc2 = 0 ;
+ PyObject * obj0 = 0 ;
+ PyObject * obj1 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"OO:matchpathcon_init_prefix",&obj0,&obj1)) SWIG_fail;
+ res1 = SWIG_AsCharPtrAndSize(obj0, &buf1, NULL, &alloc1);
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "matchpathcon_init_prefix" "', argument " "1"" of type '" "char const *""'");
+ }
+ arg1 = (char *)(buf1);
+ res2 = SWIG_AsCharPtrAndSize(obj1, &buf2, NULL, &alloc2);
+ if (!SWIG_IsOK(res2)) {
+ SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "matchpathcon_init_prefix" "', argument " "2"" of type '" "char const *""'");
+ }
+ arg2 = (char *)(buf2);
+ result = (int)matchpathcon_init_prefix((char const *)arg1,(char const *)arg2);
+ resultobj = SWIG_From_int((int)(result));
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ if (alloc2 == SWIG_NEWOBJ) free((char*)buf2);
+ return resultobj;
+fail:
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ if (alloc2 == SWIG_NEWOBJ) free((char*)buf2);
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_matchpathcon_fini(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+
+ if (!PyArg_ParseTuple(args,(char *)":matchpathcon_fini")) SWIG_fail;
+ matchpathcon_fini();
+ resultobj = SWIG_Py_Void();
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_matchpathcon(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ char *arg1 = (char *) 0 ;
+ mode_t arg2 ;
+ security_context_t *arg3 = (security_context_t *) 0 ;
+ int result;
+ int res1 ;
+ char *buf1 = 0 ;
+ int alloc1 = 0 ;
+ unsigned int val2 ;
+ int ecode2 = 0 ;
+ security_context_t temp3 = 0 ;
+ PyObject * obj0 = 0 ;
+ PyObject * obj1 = 0 ;
+
+ arg3 = &temp3;
+ if (!PyArg_ParseTuple(args,(char *)"OO:matchpathcon",&obj0,&obj1)) SWIG_fail;
+ res1 = SWIG_AsCharPtrAndSize(obj0, &buf1, NULL, &alloc1);
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "matchpathcon" "', argument " "1"" of type '" "char const *""'");
+ }
+ arg1 = (char *)(buf1);
+ ecode2 = SWIG_AsVal_unsigned_SS_int(obj1, &val2);
+ if (!SWIG_IsOK(ecode2)) {
+ SWIG_exception_fail(SWIG_ArgError(ecode2), "in method '" "matchpathcon" "', argument " "2"" of type '" "mode_t""'");
+ }
+ arg2 = (mode_t)(val2);
+ result = (int)matchpathcon((char const *)arg1,arg2,arg3);
+ resultobj = SWIG_From_int((int)(result));
+ if (*arg3) {
+ resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_FromCharPtr(*arg3));
+ freecon(*arg3);
+ }
+ else {
+ Py_INCREF(Py_None);
+ resultobj = SWIG_Python_AppendOutput(resultobj, Py_None);
+ }
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return resultobj;
+fail:
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_matchpathcon_index(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ char *arg1 = (char *) 0 ;
+ mode_t arg2 ;
+ security_context_t *arg3 = (security_context_t *) 0 ;
+ int result;
+ int res1 ;
+ char *buf1 = 0 ;
+ int alloc1 = 0 ;
+ unsigned int val2 ;
+ int ecode2 = 0 ;
+ security_context_t temp3 = 0 ;
+ PyObject * obj0 = 0 ;
+ PyObject * obj1 = 0 ;
+
+ arg3 = &temp3;
+ if (!PyArg_ParseTuple(args,(char *)"OO:matchpathcon_index",&obj0,&obj1)) SWIG_fail;
+ res1 = SWIG_AsCharPtrAndSize(obj0, &buf1, NULL, &alloc1);
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "matchpathcon_index" "', argument " "1"" of type '" "char const *""'");
+ }
+ arg1 = (char *)(buf1);
+ ecode2 = SWIG_AsVal_unsigned_SS_int(obj1, &val2);
+ if (!SWIG_IsOK(ecode2)) {
+ SWIG_exception_fail(SWIG_ArgError(ecode2), "in method '" "matchpathcon_index" "', argument " "2"" of type '" "mode_t""'");
+ }
+ arg2 = (mode_t)(val2);
+ result = (int)matchpathcon_index((char const *)arg1,arg2,arg3);
+ resultobj = SWIG_From_int((int)(result));
+ if (*arg3) {
+ resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_FromCharPtr(*arg3));
+ freecon(*arg3);
+ }
+ else {
+ Py_INCREF(Py_None);
+ resultobj = SWIG_Python_AppendOutput(resultobj, Py_None);
+ }
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return resultobj;
+fail:
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_matchpathcon_filespec_add(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ ino_t arg1 ;
+ int arg2 ;
+ char *arg3 = (char *) 0 ;
+ int result;
+ void *argp1 ;
+ int res1 = 0 ;
+ int val2 ;
+ int ecode2 = 0 ;
+ int res3 ;
+ char *buf3 = 0 ;
+ int alloc3 = 0 ;
+ PyObject * obj0 = 0 ;
+ PyObject * obj1 = 0 ;
+ PyObject * obj2 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"OOO:matchpathcon_filespec_add",&obj0,&obj1,&obj2)) SWIG_fail;
+ {
+ res1 = SWIG_ConvertPtr(obj0, &argp1, SWIGTYPE_p_ino_t, 0 );
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "matchpathcon_filespec_add" "', argument " "1"" of type '" "ino_t""'");
+ }
+ if (!argp1) {
+ SWIG_exception_fail(SWIG_ValueError, "invalid null reference " "in method '" "matchpathcon_filespec_add" "', argument " "1"" of type '" "ino_t""'");
+ } else {
+ arg1 = *((ino_t *)(argp1));
+ }
+ }
+ ecode2 = SWIG_AsVal_int(obj1, &val2);
+ if (!SWIG_IsOK(ecode2)) {
+ SWIG_exception_fail(SWIG_ArgError(ecode2), "in method '" "matchpathcon_filespec_add" "', argument " "2"" of type '" "int""'");
+ }
+ arg2 = (int)(val2);
+ res3 = SWIG_AsCharPtrAndSize(obj2, &buf3, NULL, &alloc3);
+ if (!SWIG_IsOK(res3)) {
+ SWIG_exception_fail(SWIG_ArgError(res3), "in method '" "matchpathcon_filespec_add" "', argument " "3"" of type '" "char const *""'");
+ }
+ arg3 = (char *)(buf3);
+ result = (int)matchpathcon_filespec_add(arg1,arg2,(char const *)arg3);
+ resultobj = SWIG_From_int((int)(result));
+ if (alloc3 == SWIG_NEWOBJ) free((char*)buf3);
+ return resultobj;
+fail:
+ if (alloc3 == SWIG_NEWOBJ) free((char*)buf3);
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_matchpathcon_filespec_destroy(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+
+ if (!PyArg_ParseTuple(args,(char *)":matchpathcon_filespec_destroy")) SWIG_fail;
+ matchpathcon_filespec_destroy();
+ resultobj = SWIG_Py_Void();
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_matchpathcon_filespec_eval(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+
+ if (!PyArg_ParseTuple(args,(char *)":matchpathcon_filespec_eval")) SWIG_fail;
+ matchpathcon_filespec_eval();
+ resultobj = SWIG_Py_Void();
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_matchpathcon_checkmatches(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ char *arg1 = (char *) 0 ;
+ int res1 ;
+ char *buf1 = 0 ;
+ int alloc1 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"O:matchpathcon_checkmatches",&obj0)) SWIG_fail;
+ res1 = SWIG_AsCharPtrAndSize(obj0, &buf1, NULL, &alloc1);
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "matchpathcon_checkmatches" "', argument " "1"" of type '" "char *""'");
+ }
+ arg1 = (char *)(buf1);
+ matchpathcon_checkmatches(arg1);
+ resultobj = SWIG_Py_Void();
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return resultobj;
+fail:
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_matchmediacon(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ char *arg1 = (char *) 0 ;
+ security_context_t *arg2 = (security_context_t *) 0 ;
+ int result;
+ int res1 ;
+ char *buf1 = 0 ;
+ int alloc1 = 0 ;
+ security_context_t temp2 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ arg2 = &temp2;
+ if (!PyArg_ParseTuple(args,(char *)"O:matchmediacon",&obj0)) SWIG_fail;
+ res1 = SWIG_AsCharPtrAndSize(obj0, &buf1, NULL, &alloc1);
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "matchmediacon" "', argument " "1"" of type '" "char const *""'");
+ }
+ arg1 = (char *)(buf1);
+ result = (int)matchmediacon((char const *)arg1,arg2);
+ resultobj = SWIG_From_int((int)(result));
+ if (*arg2) {
+ resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_FromCharPtr(*arg2));
+ freecon(*arg2);
+ }
+ else {
+ Py_INCREF(Py_None);
+ resultobj = SWIG_Python_AppendOutput(resultobj, Py_None);
+ }
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return resultobj;
+fail:
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_selinux_getenforcemode(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ int *arg1 = (int *) 0 ;
+ int result;
+ int temp1 ;
+ int res1 = SWIG_TMPOBJ ;
+
+ arg1 = &temp1;
+ if (!PyArg_ParseTuple(args,(char *)":selinux_getenforcemode")) SWIG_fail;
+ result = (int)selinux_getenforcemode(arg1);
+ resultobj = SWIG_From_int((int)(result));
+ if (SWIG_IsTmpObj(res1)) {
+ resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_From_int((*arg1)));
+ } else {
+ int new_flags = SWIG_IsNewObj(res1) ? (SWIG_POINTER_OWN | 0 ) : 0 ;
+ resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_NewPointerObj((void*)(arg1), SWIGTYPE_p_int, new_flags));
+ }
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_selinux_getpolicytype(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ char **arg1 = (char **) 0 ;
+ int result;
+ char *temp1 = 0 ;
+
+ arg1 = &temp1;
+ if (!PyArg_ParseTuple(args,(char *)":selinux_getpolicytype")) SWIG_fail;
+ result = (int)selinux_getpolicytype(arg1);
+ resultobj = SWIG_From_int((int)(result));
+ if (*arg1) {
+ resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_FromCharPtr(*arg1));
+ free(*arg1);
+ }
+ else {
+ Py_INCREF(Py_None);
+ resultobj = SWIG_Python_AppendOutput(resultobj, Py_None);
+ }
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_selinux_policy_root(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ char *result = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)":selinux_policy_root")) SWIG_fail;
+ result = (char *)selinux_policy_root();
+ resultobj = SWIG_FromCharPtr((const char *)result);
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_selinux_binary_policy_path(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ char *result = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)":selinux_binary_policy_path")) SWIG_fail;
+ result = (char *)selinux_binary_policy_path();
+ resultobj = SWIG_FromCharPtr((const char *)result);
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_selinux_failsafe_context_path(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ char *result = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)":selinux_failsafe_context_path")) SWIG_fail;
+ result = (char *)selinux_failsafe_context_path();
+ resultobj = SWIG_FromCharPtr((const char *)result);
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_selinux_removable_context_path(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ char *result = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)":selinux_removable_context_path")) SWIG_fail;
+ result = (char *)selinux_removable_context_path();
+ resultobj = SWIG_FromCharPtr((const char *)result);
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_selinux_default_context_path(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ char *result = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)":selinux_default_context_path")) SWIG_fail;
+ result = (char *)selinux_default_context_path();
+ resultobj = SWIG_FromCharPtr((const char *)result);
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_selinux_user_contexts_path(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ char *result = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)":selinux_user_contexts_path")) SWIG_fail;
+ result = (char *)selinux_user_contexts_path();
+ resultobj = SWIG_FromCharPtr((const char *)result);
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_selinux_file_context_path(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ char *result = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)":selinux_file_context_path")) SWIG_fail;
+ result = (char *)selinux_file_context_path();
+ resultobj = SWIG_FromCharPtr((const char *)result);
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_selinux_file_context_homedir_path(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ char *result = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)":selinux_file_context_homedir_path")) SWIG_fail;
+ result = (char *)selinux_file_context_homedir_path();
+ resultobj = SWIG_FromCharPtr((const char *)result);
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_selinux_file_context_local_path(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ char *result = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)":selinux_file_context_local_path")) SWIG_fail;
+ result = (char *)selinux_file_context_local_path();
+ resultobj = SWIG_FromCharPtr((const char *)result);
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_selinux_homedir_context_path(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ char *result = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)":selinux_homedir_context_path")) SWIG_fail;
+ result = (char *)selinux_homedir_context_path();
+ resultobj = SWIG_FromCharPtr((const char *)result);
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_selinux_media_context_path(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ char *result = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)":selinux_media_context_path")) SWIG_fail;
+ result = (char *)selinux_media_context_path();
+ resultobj = SWIG_FromCharPtr((const char *)result);
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_selinux_x_context_path(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ char *result = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)":selinux_x_context_path")) SWIG_fail;
+ result = (char *)selinux_x_context_path();
+ resultobj = SWIG_FromCharPtr((const char *)result);
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_selinux_contexts_path(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ char *result = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)":selinux_contexts_path")) SWIG_fail;
+ result = (char *)selinux_contexts_path();
+ resultobj = SWIG_FromCharPtr((const char *)result);
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_selinux_securetty_types_path(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ char *result = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)":selinux_securetty_types_path")) SWIG_fail;
+ result = (char *)selinux_securetty_types_path();
+ resultobj = SWIG_FromCharPtr((const char *)result);
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_selinux_booleans_path(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ char *result = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)":selinux_booleans_path")) SWIG_fail;
+ result = (char *)selinux_booleans_path();
+ resultobj = SWIG_FromCharPtr((const char *)result);
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_selinux_customizable_types_path(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ char *result = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)":selinux_customizable_types_path")) SWIG_fail;
+ result = (char *)selinux_customizable_types_path();
+ resultobj = SWIG_FromCharPtr((const char *)result);
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_selinux_users_path(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ char *result = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)":selinux_users_path")) SWIG_fail;
+ result = (char *)selinux_users_path();
+ resultobj = SWIG_FromCharPtr((const char *)result);
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_selinux_usersconf_path(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ char *result = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)":selinux_usersconf_path")) SWIG_fail;
+ result = (char *)selinux_usersconf_path();
+ resultobj = SWIG_FromCharPtr((const char *)result);
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_selinux_translations_path(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ char *result = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)":selinux_translations_path")) SWIG_fail;
+ result = (char *)selinux_translations_path();
+ resultobj = SWIG_FromCharPtr((const char *)result);
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_selinux_netfilter_context_path(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ char *result = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)":selinux_netfilter_context_path")) SWIG_fail;
+ result = (char *)selinux_netfilter_context_path();
+ resultobj = SWIG_FromCharPtr((const char *)result);
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_selinux_path(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ char *result = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)":selinux_path")) SWIG_fail;
+ result = (char *)selinux_path();
+ resultobj = SWIG_FromCharPtr((const char *)result);
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_selinux_check_passwd_access(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ access_vector_t arg1 ;
+ int result;
+ unsigned int val1 ;
+ int ecode1 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"O:selinux_check_passwd_access",&obj0)) SWIG_fail;
+ ecode1 = SWIG_AsVal_unsigned_SS_int(obj0, &val1);
+ if (!SWIG_IsOK(ecode1)) {
+ SWIG_exception_fail(SWIG_ArgError(ecode1), "in method '" "selinux_check_passwd_access" "', argument " "1"" of type '" "access_vector_t""'");
+ }
+ arg1 = (access_vector_t)(val1);
+ result = (int)selinux_check_passwd_access(arg1);
+ resultobj = SWIG_From_int((int)(result));
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_checkPasswdAccess(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ access_vector_t arg1 ;
+ int result;
+ unsigned int val1 ;
+ int ecode1 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"O:checkPasswdAccess",&obj0)) SWIG_fail;
+ ecode1 = SWIG_AsVal_unsigned_SS_int(obj0, &val1);
+ if (!SWIG_IsOK(ecode1)) {
+ SWIG_exception_fail(SWIG_ArgError(ecode1), "in method '" "checkPasswdAccess" "', argument " "1"" of type '" "access_vector_t""'");
+ }
+ arg1 = (access_vector_t)(val1);
+ result = (int)checkPasswdAccess(arg1);
+ resultobj = SWIG_From_int((int)(result));
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_selinux_check_securetty_context(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ security_context_t arg1 = (security_context_t) 0 ;
+ int result;
+ int res1 ;
+ char *buf1 = 0 ;
+ int alloc1 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"O:selinux_check_securetty_context",&obj0)) SWIG_fail;
+ res1 = SWIG_AsCharPtrAndSize(obj0, &buf1, NULL, &alloc1);
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "selinux_check_securetty_context" "', argument " "1"" of type '" "security_context_t""'");
+ }
+ arg1 = (security_context_t)(buf1);
+ result = (int)selinux_check_securetty_context(arg1);
+ resultobj = SWIG_From_int((int)(result));
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return resultobj;
+fail:
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_set_selinuxmnt(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ char *arg1 = (char *) 0 ;
+ int res1 ;
+ char *buf1 = 0 ;
+ int alloc1 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"O:set_selinuxmnt",&obj0)) SWIG_fail;
+ res1 = SWIG_AsCharPtrAndSize(obj0, &buf1, NULL, &alloc1);
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "set_selinuxmnt" "', argument " "1"" of type '" "char *""'");
+ }
+ arg1 = (char *)(buf1);
+ set_selinuxmnt(arg1);
+ resultobj = SWIG_Py_Void();
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return resultobj;
+fail:
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_rpm_execcon(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ unsigned int arg1 ;
+ char *arg2 = (char *) 0 ;
+ char **arg3 ;
+ char **arg4 ;
+ int result;
+ unsigned int val1 ;
+ int ecode1 = 0 ;
+ int res2 ;
+ char *buf2 = 0 ;
+ int alloc2 = 0 ;
+ PyObject * obj0 = 0 ;
+ PyObject * obj1 = 0 ;
+ PyObject * obj2 = 0 ;
+ PyObject * obj3 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"OOOO:rpm_execcon",&obj0,&obj1,&obj2,&obj3)) SWIG_fail;
+ ecode1 = SWIG_AsVal_unsigned_SS_int(obj0, &val1);
+ if (!SWIG_IsOK(ecode1)) {
+ SWIG_exception_fail(SWIG_ArgError(ecode1), "in method '" "rpm_execcon" "', argument " "1"" of type '" "unsigned int""'");
+ }
+ arg1 = (unsigned int)(val1);
+ res2 = SWIG_AsCharPtrAndSize(obj1, &buf2, NULL, &alloc2);
+ if (!SWIG_IsOK(res2)) {
+ SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "rpm_execcon" "', argument " "2"" of type '" "char const *""'");
+ }
+ arg2 = (char *)(buf2);
+ {
+ int i, size;
+ PyObject * s;
+
+ if (!PySequence_Check(obj2)) {
+ PyErr_SetString(PyExc_ValueError, "Expected a sequence");
+ return NULL;
+ }
+
+ size = PySequence_Size(obj2);
+
+ arg3 = (char**) malloc(size + 1);
+
+ for(i = 0; i < size; i++) {
+ if (!PyString_Check(PySequence_GetItem(obj2, i))) {
+ PyErr_SetString(PyExc_ValueError, "Sequence must contain only strings");
+ return NULL;
+ }
+ }
+
+ for(i = 0; i < size; i++) {
+ s = PySequence_GetItem(obj2, i);
+ arg3[i] = (char*) malloc(PyString_Size(s) + 1);
+ strcpy(arg3[i], PyString_AsString(s));
+ }
+ arg3[size] = NULL;
+ }
+ {
+ int i, size;
+ PyObject * s;
+
+ if (!PySequence_Check(obj3)) {
+ PyErr_SetString(PyExc_ValueError, "Expected a sequence");
+ return NULL;
+ }
+
+ size = PySequence_Size(obj3);
+
+ arg4 = (char**) malloc(size + 1);
+
+ for(i = 0; i < size; i++) {
+ if (!PyString_Check(PySequence_GetItem(obj3, i))) {
+ PyErr_SetString(PyExc_ValueError, "Sequence must contain only strings");
+ return NULL;
+ }
+ }
+
+ for(i = 0; i < size; i++) {
+ s = PySequence_GetItem(obj3, i);
+ arg4[i] = (char*) malloc(PyString_Size(s) + 1);
+ strcpy(arg4[i], PyString_AsString(s));
+ }
+ arg4[size] = NULL;
+ }
+ result = (int)rpm_execcon(arg1,(char const *)arg2,(char *const (*))arg3,(char *const (*))arg4);
+ resultobj = SWIG_From_int((int)(result));
+ if (alloc2 == SWIG_NEWOBJ) free((char*)buf2);
+ {
+ int i = 0;
+ while(arg3[i]) {
+ free(arg3[i]);
+ i++;
+ }
+ free(arg3);
+ }
+ {
+ int i = 0;
+ while(arg4[i]) {
+ free(arg4[i]);
+ i++;
+ }
+ free(arg4);
+ }
+ return resultobj;
+fail:
+ if (alloc2 == SWIG_NEWOBJ) free((char*)buf2);
+ {
+ int i = 0;
+ while(arg3[i]) {
+ free(arg3[i]);
+ i++;
+ }
+ free(arg3);
+ }
+ {
+ int i = 0;
+ while(arg4[i]) {
+ free(arg4[i]);
+ i++;
+ }
+ free(arg4);
+ }
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_is_context_customizable(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ security_context_t arg1 = (security_context_t) 0 ;
+ int result;
+ int res1 ;
+ char *buf1 = 0 ;
+ int alloc1 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"O:is_context_customizable",&obj0)) SWIG_fail;
+ res1 = SWIG_AsCharPtrAndSize(obj0, &buf1, NULL, &alloc1);
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "is_context_customizable" "', argument " "1"" of type '" "security_context_t""'");
+ }
+ arg1 = (security_context_t)(buf1);
+ result = (int)is_context_customizable(arg1);
+ resultobj = SWIG_From_int((int)(result));
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return resultobj;
+fail:
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_selinux_trans_to_raw_context(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ security_context_t arg1 = (security_context_t) 0 ;
+ security_context_t *arg2 = (security_context_t *) 0 ;
+ int result;
+ int res1 ;
+ char *buf1 = 0 ;
+ int alloc1 = 0 ;
+ security_context_t temp2 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ arg2 = &temp2;
+ if (!PyArg_ParseTuple(args,(char *)"O:selinux_trans_to_raw_context",&obj0)) SWIG_fail;
+ res1 = SWIG_AsCharPtrAndSize(obj0, &buf1, NULL, &alloc1);
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "selinux_trans_to_raw_context" "', argument " "1"" of type '" "security_context_t""'");
+ }
+ arg1 = (security_context_t)(buf1);
+ result = (int)selinux_trans_to_raw_context(arg1,arg2);
+ resultobj = SWIG_From_int((int)(result));
+ if (*arg2) {
+ resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_FromCharPtr(*arg2));
+ freecon(*arg2);
+ }
+ else {
+ Py_INCREF(Py_None);
+ resultobj = SWIG_Python_AppendOutput(resultobj, Py_None);
+ }
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return resultobj;
+fail:
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_selinux_raw_to_trans_context(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ security_context_t arg1 = (security_context_t) 0 ;
+ security_context_t *arg2 = (security_context_t *) 0 ;
+ int result;
+ int res1 ;
+ char *buf1 = 0 ;
+ int alloc1 = 0 ;
+ security_context_t temp2 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ arg2 = &temp2;
+ if (!PyArg_ParseTuple(args,(char *)"O:selinux_raw_to_trans_context",&obj0)) SWIG_fail;
+ res1 = SWIG_AsCharPtrAndSize(obj0, &buf1, NULL, &alloc1);
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "selinux_raw_to_trans_context" "', argument " "1"" of type '" "security_context_t""'");
+ }
+ arg1 = (security_context_t)(buf1);
+ result = (int)selinux_raw_to_trans_context(arg1,arg2);
+ resultobj = SWIG_From_int((int)(result));
+ if (*arg2) {
+ resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_FromCharPtr(*arg2));
+ freecon(*arg2);
+ }
+ else {
+ Py_INCREF(Py_None);
+ resultobj = SWIG_Python_AppendOutput(resultobj, Py_None);
+ }
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return resultobj;
+fail:
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_getseuserbyname(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ char *arg1 = (char *) 0 ;
+ char **arg2 = (char **) 0 ;
+ char **arg3 = (char **) 0 ;
+ int result;
+ int res1 ;
+ char *buf1 = 0 ;
+ int alloc1 = 0 ;
+ char *temp2 = 0 ;
+ char *temp3 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ arg2 = &temp2;
+ arg3 = &temp3;
+ if (!PyArg_ParseTuple(args,(char *)"O:getseuserbyname",&obj0)) SWIG_fail;
+ res1 = SWIG_AsCharPtrAndSize(obj0, &buf1, NULL, &alloc1);
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "getseuserbyname" "', argument " "1"" of type '" "char const *""'");
+ }
+ arg1 = (char *)(buf1);
+ result = (int)getseuserbyname((char const *)arg1,arg2,arg3);
+ resultobj = SWIG_From_int((int)(result));
+ if (*arg2) {
+ resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_FromCharPtr(*arg2));
+ free(*arg2);
+ }
+ else {
+ Py_INCREF(Py_None);
+ resultobj = SWIG_Python_AppendOutput(resultobj, Py_None);
+ }
+ if (*arg3) {
+ resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_FromCharPtr(*arg3));
+ free(*arg3);
+ }
+ else {
+ Py_INCREF(Py_None);
+ resultobj = SWIG_Python_AppendOutput(resultobj, Py_None);
+ }
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return resultobj;
+fail:
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_selinux_file_context_cmp(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ security_context_t arg1 = (security_context_t) (security_context_t)0 ;
+ security_context_t arg2 = (security_context_t) (security_context_t)0 ;
+ int result;
+ int res1 ;
+ char *buf1 = 0 ;
+ int alloc1 = 0 ;
+ int res2 ;
+ char *buf2 = 0 ;
+ int alloc2 = 0 ;
+ PyObject * obj0 = 0 ;
+ PyObject * obj1 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"OO:selinux_file_context_cmp",&obj0,&obj1)) SWIG_fail;
+ res1 = SWIG_AsCharPtrAndSize(obj0, &buf1, NULL, &alloc1);
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "selinux_file_context_cmp" "', argument " "1"" of type '" "security_context_t const""'");
+ }
+ arg1 = (security_context_t)(buf1);
+ res2 = SWIG_AsCharPtrAndSize(obj1, &buf2, NULL, &alloc2);
+ if (!SWIG_IsOK(res2)) {
+ SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "selinux_file_context_cmp" "', argument " "2"" of type '" "security_context_t const""'");
+ }
+ arg2 = (security_context_t)(buf2);
+ result = (int)selinux_file_context_cmp(arg1,arg2);
+ resultobj = SWIG_From_int((int)(result));
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ if (alloc2 == SWIG_NEWOBJ) free((char*)buf2);
+ return resultobj;
+fail:
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ if (alloc2 == SWIG_NEWOBJ) free((char*)buf2);
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_selinux_file_context_verify(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ char *arg1 = (char *) 0 ;
+ mode_t arg2 ;
+ int result;
+ int res1 ;
+ char *buf1 = 0 ;
+ int alloc1 = 0 ;
+ unsigned int val2 ;
+ int ecode2 = 0 ;
+ PyObject * obj0 = 0 ;
+ PyObject * obj1 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"OO:selinux_file_context_verify",&obj0,&obj1)) SWIG_fail;
+ res1 = SWIG_AsCharPtrAndSize(obj0, &buf1, NULL, &alloc1);
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "selinux_file_context_verify" "', argument " "1"" of type '" "char const *""'");
+ }
+ arg1 = (char *)(buf1);
+ ecode2 = SWIG_AsVal_unsigned_SS_int(obj1, &val2);
+ if (!SWIG_IsOK(ecode2)) {
+ SWIG_exception_fail(SWIG_ArgError(ecode2), "in method '" "selinux_file_context_verify" "', argument " "2"" of type '" "mode_t""'");
+ }
+ arg2 = (mode_t)(val2);
+ result = (int)selinux_file_context_verify((char const *)arg1,arg2);
+ resultobj = SWIG_From_int((int)(result));
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return resultobj;
+fail:
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_selinux_lsetfilecon_default(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ char *arg1 = (char *) 0 ;
+ int result;
+ int res1 ;
+ char *buf1 = 0 ;
+ int alloc1 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"O:selinux_lsetfilecon_default",&obj0)) SWIG_fail;
+ res1 = SWIG_AsCharPtrAndSize(obj0, &buf1, NULL, &alloc1);
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "selinux_lsetfilecon_default" "', argument " "1"" of type '" "char const *""'");
+ }
+ arg1 = (char *)(buf1);
+ result = (int)selinux_lsetfilecon_default((char const *)arg1);
+ resultobj = SWIG_From_int((int)(result));
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return resultobj;
+fail:
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_security_id_ctx_set(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ struct security_id *arg1 = (struct security_id *) 0 ;
+ security_context_t arg2 = (security_context_t) 0 ;
+ void *argp1 = 0 ;
+ int res1 = 0 ;
+ int res2 ;
+ char *buf2 = 0 ;
+ int alloc2 = 0 ;
+ PyObject * obj0 = 0 ;
+ PyObject * obj1 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"OO:security_id_ctx_set",&obj0,&obj1)) SWIG_fail;
+ res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_security_id, 0 | 0 );
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "security_id_ctx_set" "', argument " "1"" of type '" "struct security_id *""'");
+ }
+ arg1 = (struct security_id *)(argp1);
+ res2 = SWIG_AsCharPtrAndSize(obj1, &buf2, NULL, &alloc2);
+ if (!SWIG_IsOK(res2)) {
+ SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "security_id_ctx_set" "', argument " "2"" of type '" "security_context_t""'");
+ }
+ arg2 = (security_context_t)(buf2);
+ if (arg1->ctx) free((char*)arg1->ctx);
+ if (arg2) {
+ size_t size = strlen((const char *)(arg2)) + 1;
+ arg1->ctx = (security_context_t)(char *)memcpy((char *)malloc((size)*sizeof(char)), (const char *)(arg2), sizeof(char)*(size));
+ } else {
+ arg1->ctx = 0;
+ }
+ resultobj = SWIG_Py_Void();
+ if (alloc2 == SWIG_NEWOBJ) free((char*)buf2);
+ return resultobj;
+fail:
+ if (alloc2 == SWIG_NEWOBJ) free((char*)buf2);
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_security_id_ctx_get(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ struct security_id *arg1 = (struct security_id *) 0 ;
+ security_context_t result;
+ void *argp1 = 0 ;
+ int res1 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"O:security_id_ctx_get",&obj0)) SWIG_fail;
+ res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_security_id, 0 | 0 );
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "security_id_ctx_get" "', argument " "1"" of type '" "struct security_id *""'");
+ }
+ arg1 = (struct security_id *)(argp1);
+ result = (security_context_t) ((arg1)->ctx);
+ resultobj = SWIG_FromCharPtr((const char *)result);
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_security_id_refcnt_set(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ struct security_id *arg1 = (struct security_id *) 0 ;
+ unsigned int arg2 ;
+ void *argp1 = 0 ;
+ int res1 = 0 ;
+ unsigned int val2 ;
+ int ecode2 = 0 ;
+ PyObject * obj0 = 0 ;
+ PyObject * obj1 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"OO:security_id_refcnt_set",&obj0,&obj1)) SWIG_fail;
+ res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_security_id, 0 | 0 );
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "security_id_refcnt_set" "', argument " "1"" of type '" "struct security_id *""'");
+ }
+ arg1 = (struct security_id *)(argp1);
+ ecode2 = SWIG_AsVal_unsigned_SS_int(obj1, &val2);
+ if (!SWIG_IsOK(ecode2)) {
+ SWIG_exception_fail(SWIG_ArgError(ecode2), "in method '" "security_id_refcnt_set" "', argument " "2"" of type '" "unsigned int""'");
+ }
+ arg2 = (unsigned int)(val2);
+ if (arg1) (arg1)->refcnt = arg2;
+
+ resultobj = SWIG_Py_Void();
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_security_id_refcnt_get(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ struct security_id *arg1 = (struct security_id *) 0 ;
+ unsigned int result;
+ void *argp1 = 0 ;
+ int res1 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"O:security_id_refcnt_get",&obj0)) SWIG_fail;
+ res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_security_id, 0 | 0 );
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "security_id_refcnt_get" "', argument " "1"" of type '" "struct security_id *""'");
+ }
+ arg1 = (struct security_id *)(argp1);
+ result = (unsigned int) ((arg1)->refcnt);
+ resultobj = SWIG_From_unsigned_SS_int((unsigned int)(result));
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_new_security_id(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ struct security_id *result = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)":new_security_id")) SWIG_fail;
+ result = (struct security_id *)(struct security_id *) calloc(1, sizeof(struct security_id));
+ resultobj = SWIG_NewPointerObj(SWIG_as_voidptr(result), SWIGTYPE_p_security_id, SWIG_POINTER_NEW | 0 );
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_delete_security_id(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ struct security_id *arg1 = (struct security_id *) 0 ;
+ void *argp1 = 0 ;
+ int res1 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"O:delete_security_id",&obj0)) SWIG_fail;
+ res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_security_id, SWIG_POINTER_DISOWN | 0 );
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "delete_security_id" "', argument " "1"" of type '" "struct security_id *""'");
+ }
+ arg1 = (struct security_id *)(argp1);
+ free((char *) arg1);
+
+ resultobj = SWIG_Py_Void();
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *security_id_swigregister(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *obj;
+ if (!PyArg_ParseTuple(args,(char*)"O|swigregister", &obj)) return NULL;
+ SWIG_TypeNewClientData(SWIGTYPE_p_security_id, SWIG_NewClientData(obj));
+ return SWIG_Py_Void();
+}
+
+SWIGINTERN PyObject *_wrap_avc_sid_to_context(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ security_id_t arg1 = (security_id_t) 0 ;
+ security_context_t *arg2 = (security_context_t *) 0 ;
+ int result;
+ void *argp1 = 0 ;
+ int res1 = 0 ;
+ security_context_t temp2 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ arg2 = &temp2;
+ if (!PyArg_ParseTuple(args,(char *)"O:avc_sid_to_context",&obj0)) SWIG_fail;
+ res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_security_id, 0 | 0 );
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "avc_sid_to_context" "', argument " "1"" of type '" "security_id_t""'");
+ }
+ arg1 = (security_id_t)(argp1);
+ result = (int)avc_sid_to_context(arg1,arg2);
+ resultobj = SWIG_From_int((int)(result));
+ if (*arg2) {
+ resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_FromCharPtr(*arg2));
+ freecon(*arg2);
+ }
+ else {
+ Py_INCREF(Py_None);
+ resultobj = SWIG_Python_AppendOutput(resultobj, Py_None);
+ }
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_avc_sid_to_context_raw(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ security_id_t arg1 = (security_id_t) 0 ;
+ security_context_t *arg2 = (security_context_t *) 0 ;
+ int result;
+ void *argp1 = 0 ;
+ int res1 = 0 ;
+ security_context_t temp2 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ arg2 = &temp2;
+ if (!PyArg_ParseTuple(args,(char *)"O:avc_sid_to_context_raw",&obj0)) SWIG_fail;
+ res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_security_id, 0 | 0 );
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "avc_sid_to_context_raw" "', argument " "1"" of type '" "security_id_t""'");
+ }
+ arg1 = (security_id_t)(argp1);
+ result = (int)avc_sid_to_context_raw(arg1,arg2);
+ resultobj = SWIG_From_int((int)(result));
+ if (*arg2) {
+ resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_FromCharPtr(*arg2));
+ freecon(*arg2);
+ }
+ else {
+ Py_INCREF(Py_None);
+ resultobj = SWIG_Python_AppendOutput(resultobj, Py_None);
+ }
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_avc_context_to_sid(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ security_context_t arg1 = (security_context_t) 0 ;
+ security_id_t *arg2 = (security_id_t *) 0 ;
+ int result;
+ int res1 ;
+ char *buf1 = 0 ;
+ int alloc1 = 0 ;
+ security_id_t temp2 ;
+ PyObject * obj0 = 0 ;
+
+ {
+ arg2 = &temp2;
+ }
+ if (!PyArg_ParseTuple(args,(char *)"O:avc_context_to_sid",&obj0)) SWIG_fail;
+ res1 = SWIG_AsCharPtrAndSize(obj0, &buf1, NULL, &alloc1);
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "avc_context_to_sid" "', argument " "1"" of type '" "security_context_t""'");
+ }
+ arg1 = (security_context_t)(buf1);
+ result = (int)avc_context_to_sid(arg1,arg2);
+ resultobj = SWIG_From_int((int)(result));
+ {
+ if (*arg2) {
+ resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_NewPointerObj(*arg2, SWIGTYPE_p_security_id, 0));
+ } else {
+ Py_INCREF(Py_None);
+ resultobj = SWIG_Python_AppendOutput(resultobj, Py_None);
+ }
+ }
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return resultobj;
+fail:
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_avc_context_to_sid_raw(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ security_context_t arg1 = (security_context_t) 0 ;
+ security_id_t *arg2 = (security_id_t *) 0 ;
+ int result;
+ int res1 ;
+ char *buf1 = 0 ;
+ int alloc1 = 0 ;
+ security_id_t temp2 ;
+ PyObject * obj0 = 0 ;
+
+ {
+ arg2 = &temp2;
+ }
+ if (!PyArg_ParseTuple(args,(char *)"O:avc_context_to_sid_raw",&obj0)) SWIG_fail;
+ res1 = SWIG_AsCharPtrAndSize(obj0, &buf1, NULL, &alloc1);
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "avc_context_to_sid_raw" "', argument " "1"" of type '" "security_context_t""'");
+ }
+ arg1 = (security_context_t)(buf1);
+ result = (int)avc_context_to_sid_raw(arg1,arg2);
+ resultobj = SWIG_From_int((int)(result));
+ {
+ if (*arg2) {
+ resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_NewPointerObj(*arg2, SWIGTYPE_p_security_id, 0));
+ } else {
+ Py_INCREF(Py_None);
+ resultobj = SWIG_Python_AppendOutput(resultobj, Py_None);
+ }
+ }
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return resultobj;
+fail:
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_sidget(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ security_id_t arg1 = (security_id_t) 0 ;
+ int result;
+ void *argp1 = 0 ;
+ int res1 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"O:sidget",&obj0)) SWIG_fail;
+ res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_security_id, 0 | 0 );
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "sidget" "', argument " "1"" of type '" "security_id_t""'");
+ }
+ arg1 = (security_id_t)(argp1);
+ result = (int)sidget(arg1);
+ resultobj = SWIG_From_int((int)(result));
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_sidput(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ security_id_t arg1 = (security_id_t) 0 ;
+ int result;
+ void *argp1 = 0 ;
+ int res1 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"O:sidput",&obj0)) SWIG_fail;
+ res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_security_id, 0 | 0 );
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "sidput" "', argument " "1"" of type '" "security_id_t""'");
+ }
+ arg1 = (security_id_t)(argp1);
+ result = (int)sidput(arg1);
+ resultobj = SWIG_From_int((int)(result));
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_avc_get_initial_sid(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ char *arg1 = (char *) 0 ;
+ security_id_t *arg2 = (security_id_t *) 0 ;
+ int result;
+ int res1 ;
+ char *buf1 = 0 ;
+ int alloc1 = 0 ;
+ security_id_t temp2 ;
+ PyObject * obj0 = 0 ;
+
+ {
+ arg2 = &temp2;
+ }
+ if (!PyArg_ParseTuple(args,(char *)"O:avc_get_initial_sid",&obj0)) SWIG_fail;
+ res1 = SWIG_AsCharPtrAndSize(obj0, &buf1, NULL, &alloc1);
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "avc_get_initial_sid" "', argument " "1"" of type '" "char const *""'");
+ }
+ arg1 = (char *)(buf1);
+ result = (int)avc_get_initial_sid((char const *)arg1,arg2);
+ resultobj = SWIG_From_int((int)(result));
+ {
+ if (*arg2) {
+ resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_NewPointerObj(*arg2, SWIGTYPE_p_security_id, 0));
+ } else {
+ Py_INCREF(Py_None);
+ resultobj = SWIG_Python_AppendOutput(resultobj, Py_None);
+ }
+ }
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return resultobj;
+fail:
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_avc_entry_ref_ae_set(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ struct avc_entry_ref *arg1 = (struct avc_entry_ref *) 0 ;
+ struct avc_entry *arg2 = (struct avc_entry *) 0 ;
+ void *argp1 = 0 ;
+ int res1 = 0 ;
+ void *argp2 = 0 ;
+ int res2 = 0 ;
+ PyObject * obj0 = 0 ;
+ PyObject * obj1 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"OO:avc_entry_ref_ae_set",&obj0,&obj1)) SWIG_fail;
+ res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_avc_entry_ref, 0 | 0 );
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "avc_entry_ref_ae_set" "', argument " "1"" of type '" "struct avc_entry_ref *""'");
+ }
+ arg1 = (struct avc_entry_ref *)(argp1);
+ res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_avc_entry, SWIG_POINTER_DISOWN | 0 );
+ if (!SWIG_IsOK(res2)) {
+ SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "avc_entry_ref_ae_set" "', argument " "2"" of type '" "struct avc_entry *""'");
+ }
+ arg2 = (struct avc_entry *)(argp2);
+ if (arg1) (arg1)->ae = arg2;
+
+ resultobj = SWIG_Py_Void();
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_avc_entry_ref_ae_get(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ struct avc_entry_ref *arg1 = (struct avc_entry_ref *) 0 ;
+ struct avc_entry *result = 0 ;
+ void *argp1 = 0 ;
+ int res1 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"O:avc_entry_ref_ae_get",&obj0)) SWIG_fail;
+ res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_avc_entry_ref, 0 | 0 );
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "avc_entry_ref_ae_get" "', argument " "1"" of type '" "struct avc_entry_ref *""'");
+ }
+ arg1 = (struct avc_entry_ref *)(argp1);
+ result = (struct avc_entry *) ((arg1)->ae);
+ resultobj = SWIG_NewPointerObj(SWIG_as_voidptr(result), SWIGTYPE_p_avc_entry, 0 | 0 );
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_new_avc_entry_ref(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ struct avc_entry_ref *result = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)":new_avc_entry_ref")) SWIG_fail;
+ result = (struct avc_entry_ref *)(struct avc_entry_ref *) calloc(1, sizeof(struct avc_entry_ref));
+ resultobj = SWIG_NewPointerObj(SWIG_as_voidptr(result), SWIGTYPE_p_avc_entry_ref, SWIG_POINTER_NEW | 0 );
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_delete_avc_entry_ref(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ struct avc_entry_ref *arg1 = (struct avc_entry_ref *) 0 ;
+ void *argp1 = 0 ;
+ int res1 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"O:delete_avc_entry_ref",&obj0)) SWIG_fail;
+ res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_avc_entry_ref, SWIG_POINTER_DISOWN | 0 );
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "delete_avc_entry_ref" "', argument " "1"" of type '" "struct avc_entry_ref *""'");
+ }
+ arg1 = (struct avc_entry_ref *)(argp1);
+ free((char *) arg1);
+
+ resultobj = SWIG_Py_Void();
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *avc_entry_ref_swigregister(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *obj;
+ if (!PyArg_ParseTuple(args,(char*)"O|swigregister", &obj)) return NULL;
+ SWIG_TypeNewClientData(SWIGTYPE_p_avc_entry_ref, SWIG_NewClientData(obj));
+ return SWIG_Py_Void();
+}
+
+SWIGINTERN PyObject *_wrap_avc_memory_callback_func_malloc_set(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ struct avc_memory_callback *arg1 = (struct avc_memory_callback *) 0 ;
+ void *(*arg2)(size_t) = (void *(*)(size_t)) 0 ;
+ void *argp1 = 0 ;
+ int res1 = 0 ;
+ PyObject * obj0 = 0 ;
+ PyObject * obj1 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"OO:avc_memory_callback_func_malloc_set",&obj0,&obj1)) SWIG_fail;
+ res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_avc_memory_callback, 0 | 0 );
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "avc_memory_callback_func_malloc_set" "', argument " "1"" of type '" "struct avc_memory_callback *""'");
+ }
+ arg1 = (struct avc_memory_callback *)(argp1);
+ {
+ int res = SWIG_ConvertFunctionPtr(obj1, (void**)(&arg2), SWIGTYPE_p_f_size_t__p_void);
+ if (!SWIG_IsOK(res)) {
+ SWIG_exception_fail(SWIG_ArgError(res), "in method '" "avc_memory_callback_func_malloc_set" "', argument " "2"" of type '" "void *(*)(size_t)""'");
+ }
+ }
+ if (arg1) (arg1)->func_malloc = arg2;
+
+ resultobj = SWIG_Py_Void();
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_avc_memory_callback_func_malloc_get(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ struct avc_memory_callback *arg1 = (struct avc_memory_callback *) 0 ;
+ void *(*result)(size_t) = 0 ;
+ void *argp1 = 0 ;
+ int res1 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"O:avc_memory_callback_func_malloc_get",&obj0)) SWIG_fail;
+ res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_avc_memory_callback, 0 | 0 );
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "avc_memory_callback_func_malloc_get" "', argument " "1"" of type '" "struct avc_memory_callback *""'");
+ }
+ arg1 = (struct avc_memory_callback *)(argp1);
+ result = (void *(*)(size_t)) ((arg1)->func_malloc);
+ resultobj = SWIG_NewFunctionPtrObj((void *)(result), SWIGTYPE_p_f_size_t__p_void);
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_avc_memory_callback_func_free_set(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ struct avc_memory_callback *arg1 = (struct avc_memory_callback *) 0 ;
+ void (*arg2)(void *) = (void (*)(void *)) 0 ;
+ void *argp1 = 0 ;
+ int res1 = 0 ;
+ PyObject * obj0 = 0 ;
+ PyObject * obj1 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"OO:avc_memory_callback_func_free_set",&obj0,&obj1)) SWIG_fail;
+ res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_avc_memory_callback, 0 | 0 );
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "avc_memory_callback_func_free_set" "', argument " "1"" of type '" "struct avc_memory_callback *""'");
+ }
+ arg1 = (struct avc_memory_callback *)(argp1);
+ {
+ int res = SWIG_ConvertFunctionPtr(obj1, (void**)(&arg2), SWIGTYPE_p_f_p_void__void);
+ if (!SWIG_IsOK(res)) {
+ SWIG_exception_fail(SWIG_ArgError(res), "in method '" "avc_memory_callback_func_free_set" "', argument " "2"" of type '" "void (*)(void *)""'");
+ }
+ }
+ if (arg1) (arg1)->func_free = arg2;
+
+ resultobj = SWIG_Py_Void();
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_avc_memory_callback_func_free_get(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ struct avc_memory_callback *arg1 = (struct avc_memory_callback *) 0 ;
+ void (*result)(void *) = 0 ;
+ void *argp1 = 0 ;
+ int res1 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"O:avc_memory_callback_func_free_get",&obj0)) SWIG_fail;
+ res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_avc_memory_callback, 0 | 0 );
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "avc_memory_callback_func_free_get" "', argument " "1"" of type '" "struct avc_memory_callback *""'");
+ }
+ arg1 = (struct avc_memory_callback *)(argp1);
+ result = (void (*)(void *)) ((arg1)->func_free);
+ resultobj = SWIG_NewFunctionPtrObj((void *)(result), SWIGTYPE_p_f_p_void__void);
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_new_avc_memory_callback(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ struct avc_memory_callback *result = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)":new_avc_memory_callback")) SWIG_fail;
+ result = (struct avc_memory_callback *)(struct avc_memory_callback *) calloc(1, sizeof(struct avc_memory_callback));
+ resultobj = SWIG_NewPointerObj(SWIG_as_voidptr(result), SWIGTYPE_p_avc_memory_callback, SWIG_POINTER_NEW | 0 );
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_delete_avc_memory_callback(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ struct avc_memory_callback *arg1 = (struct avc_memory_callback *) 0 ;
+ void *argp1 = 0 ;
+ int res1 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"O:delete_avc_memory_callback",&obj0)) SWIG_fail;
+ res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_avc_memory_callback, SWIG_POINTER_DISOWN | 0 );
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "delete_avc_memory_callback" "', argument " "1"" of type '" "struct avc_memory_callback *""'");
+ }
+ arg1 = (struct avc_memory_callback *)(argp1);
+ free((char *) arg1);
+
+ resultobj = SWIG_Py_Void();
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *avc_memory_callback_swigregister(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *obj;
+ if (!PyArg_ParseTuple(args,(char*)"O|swigregister", &obj)) return NULL;
+ SWIG_TypeNewClientData(SWIGTYPE_p_avc_memory_callback, SWIG_NewClientData(obj));
+ return SWIG_Py_Void();
+}
+
+SWIGINTERN PyObject *_wrap_avc_log_callback_func_log_set(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ struct avc_log_callback *arg1 = (struct avc_log_callback *) 0 ;
+ void (*arg2)(char const *,...) = (void (*)(char const *,...)) 0 ;
+ void *argp1 = 0 ;
+ int res1 = 0 ;
+ PyObject * obj0 = 0 ;
+ PyObject * obj1 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"OO:avc_log_callback_func_log_set",&obj0,&obj1)) SWIG_fail;
+ res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_avc_log_callback, 0 | 0 );
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "avc_log_callback_func_log_set" "', argument " "1"" of type '" "struct avc_log_callback *""'");
+ }
+ arg1 = (struct avc_log_callback *)(argp1);
+ {
+ int res = SWIG_ConvertFunctionPtr(obj1, (void**)(&arg2), SWIGTYPE_p_f_p_q_const__char_v_______void);
+ if (!SWIG_IsOK(res)) {
+ SWIG_exception_fail(SWIG_ArgError(res), "in method '" "avc_log_callback_func_log_set" "', argument " "2"" of type '" "void (*)(char const *,...)""'");
+ }
+ }
+ if (arg1) (arg1)->func_log = arg2;
+
+ resultobj = SWIG_Py_Void();
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_avc_log_callback_func_log_get(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ struct avc_log_callback *arg1 = (struct avc_log_callback *) 0 ;
+ void (*result)(char const *,...) = 0 ;
+ void *argp1 = 0 ;
+ int res1 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"O:avc_log_callback_func_log_get",&obj0)) SWIG_fail;
+ res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_avc_log_callback, 0 | 0 );
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "avc_log_callback_func_log_get" "', argument " "1"" of type '" "struct avc_log_callback *""'");
+ }
+ arg1 = (struct avc_log_callback *)(argp1);
+ result = (void (*)(char const *,...)) ((arg1)->func_log);
+ resultobj = SWIG_NewFunctionPtrObj((void *)(result), SWIGTYPE_p_f_p_q_const__char_v_______void);
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_avc_log_callback_func_audit_set(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ struct avc_log_callback *arg1 = (struct avc_log_callback *) 0 ;
+ void (*arg2)(void *,security_class_t,char *,size_t) = (void (*)(void *,security_class_t,char *,size_t)) 0 ;
+ void *argp1 = 0 ;
+ int res1 = 0 ;
+ PyObject * obj0 = 0 ;
+ PyObject * obj1 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"OO:avc_log_callback_func_audit_set",&obj0,&obj1)) SWIG_fail;
+ res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_avc_log_callback, 0 | 0 );
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "avc_log_callback_func_audit_set" "', argument " "1"" of type '" "struct avc_log_callback *""'");
+ }
+ arg1 = (struct avc_log_callback *)(argp1);
+ {
+ int res = SWIG_ConvertFunctionPtr(obj1, (void**)(&arg2), SWIGTYPE_p_f_p_void_unsigned_short_p_char_size_t__void);
+ if (!SWIG_IsOK(res)) {
+ SWIG_exception_fail(SWIG_ArgError(res), "in method '" "avc_log_callback_func_audit_set" "', argument " "2"" of type '" "void (*)(void *,security_class_t,char *,size_t)""'");
+ }
+ }
+ if (arg1) (arg1)->func_audit = arg2;
+
+ resultobj = SWIG_Py_Void();
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_avc_log_callback_func_audit_get(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ struct avc_log_callback *arg1 = (struct avc_log_callback *) 0 ;
+ void (*result)(void *,security_class_t,char *,size_t) = 0 ;
+ void *argp1 = 0 ;
+ int res1 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"O:avc_log_callback_func_audit_get",&obj0)) SWIG_fail;
+ res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_avc_log_callback, 0 | 0 );
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "avc_log_callback_func_audit_get" "', argument " "1"" of type '" "struct avc_log_callback *""'");
+ }
+ arg1 = (struct avc_log_callback *)(argp1);
+ result = (void (*)(void *,security_class_t,char *,size_t)) ((arg1)->func_audit);
+ resultobj = SWIG_NewFunctionPtrObj((void *)(result), SWIGTYPE_p_f_p_void_unsigned_short_p_char_size_t__void);
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_new_avc_log_callback(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ struct avc_log_callback *result = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)":new_avc_log_callback")) SWIG_fail;
+ result = (struct avc_log_callback *)(struct avc_log_callback *) calloc(1, sizeof(struct avc_log_callback));
+ resultobj = SWIG_NewPointerObj(SWIG_as_voidptr(result), SWIGTYPE_p_avc_log_callback, SWIG_POINTER_NEW | 0 );
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_delete_avc_log_callback(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ struct avc_log_callback *arg1 = (struct avc_log_callback *) 0 ;
+ void *argp1 = 0 ;
+ int res1 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"O:delete_avc_log_callback",&obj0)) SWIG_fail;
+ res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_avc_log_callback, SWIG_POINTER_DISOWN | 0 );
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "delete_avc_log_callback" "', argument " "1"" of type '" "struct avc_log_callback *""'");
+ }
+ arg1 = (struct avc_log_callback *)(argp1);
+ free((char *) arg1);
+
+ resultobj = SWIG_Py_Void();
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *avc_log_callback_swigregister(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *obj;
+ if (!PyArg_ParseTuple(args,(char*)"O|swigregister", &obj)) return NULL;
+ SWIG_TypeNewClientData(SWIGTYPE_p_avc_log_callback, SWIG_NewClientData(obj));
+ return SWIG_Py_Void();
+}
+
+SWIGINTERN PyObject *_wrap_avc_thread_callback_func_create_thread_set(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ struct avc_thread_callback *arg1 = (struct avc_thread_callback *) 0 ;
+ void *(*arg2)(void (*)(void)) = (void *(*)(void (*)(void))) 0 ;
+ void *argp1 = 0 ;
+ int res1 = 0 ;
+ PyObject * obj0 = 0 ;
+ PyObject * obj1 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"OO:avc_thread_callback_func_create_thread_set",&obj0,&obj1)) SWIG_fail;
+ res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_avc_thread_callback, 0 | 0 );
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "avc_thread_callback_func_create_thread_set" "', argument " "1"" of type '" "struct avc_thread_callback *""'");
+ }
+ arg1 = (struct avc_thread_callback *)(argp1);
+ {
+ int res = SWIG_ConvertFunctionPtr(obj1, (void**)(&arg2), SWIGTYPE_p_f_p_f_void__void__p_void);
+ if (!SWIG_IsOK(res)) {
+ SWIG_exception_fail(SWIG_ArgError(res), "in method '" "avc_thread_callback_func_create_thread_set" "', argument " "2"" of type '" "void *(*)(void (*)(void))""'");
+ }
+ }
+ if (arg1) (arg1)->func_create_thread = arg2;
+
+ resultobj = SWIG_Py_Void();
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_avc_thread_callback_func_create_thread_get(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ struct avc_thread_callback *arg1 = (struct avc_thread_callback *) 0 ;
+ void *(*result)(void (*)(void)) = 0 ;
+ void *argp1 = 0 ;
+ int res1 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"O:avc_thread_callback_func_create_thread_get",&obj0)) SWIG_fail;
+ res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_avc_thread_callback, 0 | 0 );
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "avc_thread_callback_func_create_thread_get" "', argument " "1"" of type '" "struct avc_thread_callback *""'");
+ }
+ arg1 = (struct avc_thread_callback *)(argp1);
+ result = (void *(*)(void (*)(void))) ((arg1)->func_create_thread);
+ resultobj = SWIG_NewFunctionPtrObj((void *)(result), SWIGTYPE_p_f_p_f_void__void__p_void);
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_avc_thread_callback_func_stop_thread_set(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ struct avc_thread_callback *arg1 = (struct avc_thread_callback *) 0 ;
+ void (*arg2)(void *) = (void (*)(void *)) 0 ;
+ void *argp1 = 0 ;
+ int res1 = 0 ;
+ PyObject * obj0 = 0 ;
+ PyObject * obj1 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"OO:avc_thread_callback_func_stop_thread_set",&obj0,&obj1)) SWIG_fail;
+ res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_avc_thread_callback, 0 | 0 );
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "avc_thread_callback_func_stop_thread_set" "', argument " "1"" of type '" "struct avc_thread_callback *""'");
+ }
+ arg1 = (struct avc_thread_callback *)(argp1);
+ {
+ int res = SWIG_ConvertFunctionPtr(obj1, (void**)(&arg2), SWIGTYPE_p_f_p_void__void);
+ if (!SWIG_IsOK(res)) {
+ SWIG_exception_fail(SWIG_ArgError(res), "in method '" "avc_thread_callback_func_stop_thread_set" "', argument " "2"" of type '" "void (*)(void *)""'");
+ }
+ }
+ if (arg1) (arg1)->func_stop_thread = arg2;
+
+ resultobj = SWIG_Py_Void();
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_avc_thread_callback_func_stop_thread_get(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ struct avc_thread_callback *arg1 = (struct avc_thread_callback *) 0 ;
+ void (*result)(void *) = 0 ;
+ void *argp1 = 0 ;
+ int res1 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"O:avc_thread_callback_func_stop_thread_get",&obj0)) SWIG_fail;
+ res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_avc_thread_callback, 0 | 0 );
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "avc_thread_callback_func_stop_thread_get" "', argument " "1"" of type '" "struct avc_thread_callback *""'");
+ }
+ arg1 = (struct avc_thread_callback *)(argp1);
+ result = (void (*)(void *)) ((arg1)->func_stop_thread);
+ resultobj = SWIG_NewFunctionPtrObj((void *)(result), SWIGTYPE_p_f_p_void__void);
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_new_avc_thread_callback(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ struct avc_thread_callback *result = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)":new_avc_thread_callback")) SWIG_fail;
+ result = (struct avc_thread_callback *)(struct avc_thread_callback *) calloc(1, sizeof(struct avc_thread_callback));
+ resultobj = SWIG_NewPointerObj(SWIG_as_voidptr(result), SWIGTYPE_p_avc_thread_callback, SWIG_POINTER_NEW | 0 );
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_delete_avc_thread_callback(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ struct avc_thread_callback *arg1 = (struct avc_thread_callback *) 0 ;
+ void *argp1 = 0 ;
+ int res1 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"O:delete_avc_thread_callback",&obj0)) SWIG_fail;
+ res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_avc_thread_callback, SWIG_POINTER_DISOWN | 0 );
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "delete_avc_thread_callback" "', argument " "1"" of type '" "struct avc_thread_callback *""'");
+ }
+ arg1 = (struct avc_thread_callback *)(argp1);
+ free((char *) arg1);
+
+ resultobj = SWIG_Py_Void();
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *avc_thread_callback_swigregister(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *obj;
+ if (!PyArg_ParseTuple(args,(char*)"O|swigregister", &obj)) return NULL;
+ SWIG_TypeNewClientData(SWIGTYPE_p_avc_thread_callback, SWIG_NewClientData(obj));
+ return SWIG_Py_Void();
+}
+
+SWIGINTERN PyObject *_wrap_avc_lock_callback_func_alloc_lock_set(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ struct avc_lock_callback *arg1 = (struct avc_lock_callback *) 0 ;
+ void *(*arg2)(void) = (void *(*)(void)) 0 ;
+ void *argp1 = 0 ;
+ int res1 = 0 ;
+ PyObject * obj0 = 0 ;
+ PyObject * obj1 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"OO:avc_lock_callback_func_alloc_lock_set",&obj0,&obj1)) SWIG_fail;
+ res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_avc_lock_callback, 0 | 0 );
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "avc_lock_callback_func_alloc_lock_set" "', argument " "1"" of type '" "struct avc_lock_callback *""'");
+ }
+ arg1 = (struct avc_lock_callback *)(argp1);
+ {
+ int res = SWIG_ConvertFunctionPtr(obj1, (void**)(&arg2), SWIGTYPE_p_f_void__p_void);
+ if (!SWIG_IsOK(res)) {
+ SWIG_exception_fail(SWIG_ArgError(res), "in method '" "avc_lock_callback_func_alloc_lock_set" "', argument " "2"" of type '" "void *(*)(void)""'");
+ }
+ }
+ if (arg1) (arg1)->func_alloc_lock = arg2;
+
+ resultobj = SWIG_Py_Void();
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_avc_lock_callback_func_alloc_lock_get(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ struct avc_lock_callback *arg1 = (struct avc_lock_callback *) 0 ;
+ void *(*result)(void) = 0 ;
+ void *argp1 = 0 ;
+ int res1 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"O:avc_lock_callback_func_alloc_lock_get",&obj0)) SWIG_fail;
+ res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_avc_lock_callback, 0 | 0 );
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "avc_lock_callback_func_alloc_lock_get" "', argument " "1"" of type '" "struct avc_lock_callback *""'");
+ }
+ arg1 = (struct avc_lock_callback *)(argp1);
+ result = (void *(*)(void)) ((arg1)->func_alloc_lock);
+ resultobj = SWIG_NewFunctionPtrObj((void *)(result), SWIGTYPE_p_f_void__p_void);
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_avc_lock_callback_func_get_lock_set(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ struct avc_lock_callback *arg1 = (struct avc_lock_callback *) 0 ;
+ void (*arg2)(void *) = (void (*)(void *)) 0 ;
+ void *argp1 = 0 ;
+ int res1 = 0 ;
+ PyObject * obj0 = 0 ;
+ PyObject * obj1 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"OO:avc_lock_callback_func_get_lock_set",&obj0,&obj1)) SWIG_fail;
+ res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_avc_lock_callback, 0 | 0 );
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "avc_lock_callback_func_get_lock_set" "', argument " "1"" of type '" "struct avc_lock_callback *""'");
+ }
+ arg1 = (struct avc_lock_callback *)(argp1);
+ {
+ int res = SWIG_ConvertFunctionPtr(obj1, (void**)(&arg2), SWIGTYPE_p_f_p_void__void);
+ if (!SWIG_IsOK(res)) {
+ SWIG_exception_fail(SWIG_ArgError(res), "in method '" "avc_lock_callback_func_get_lock_set" "', argument " "2"" of type '" "void (*)(void *)""'");
+ }
+ }
+ if (arg1) (arg1)->func_get_lock = arg2;
+
+ resultobj = SWIG_Py_Void();
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_avc_lock_callback_func_get_lock_get(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ struct avc_lock_callback *arg1 = (struct avc_lock_callback *) 0 ;
+ void (*result)(void *) = 0 ;
+ void *argp1 = 0 ;
+ int res1 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"O:avc_lock_callback_func_get_lock_get",&obj0)) SWIG_fail;
+ res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_avc_lock_callback, 0 | 0 );
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "avc_lock_callback_func_get_lock_get" "', argument " "1"" of type '" "struct avc_lock_callback *""'");
+ }
+ arg1 = (struct avc_lock_callback *)(argp1);
+ result = (void (*)(void *)) ((arg1)->func_get_lock);
+ resultobj = SWIG_NewFunctionPtrObj((void *)(result), SWIGTYPE_p_f_p_void__void);
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_avc_lock_callback_func_release_lock_set(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ struct avc_lock_callback *arg1 = (struct avc_lock_callback *) 0 ;
+ void (*arg2)(void *) = (void (*)(void *)) 0 ;
+ void *argp1 = 0 ;
+ int res1 = 0 ;
+ PyObject * obj0 = 0 ;
+ PyObject * obj1 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"OO:avc_lock_callback_func_release_lock_set",&obj0,&obj1)) SWIG_fail;
+ res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_avc_lock_callback, 0 | 0 );
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "avc_lock_callback_func_release_lock_set" "', argument " "1"" of type '" "struct avc_lock_callback *""'");
+ }
+ arg1 = (struct avc_lock_callback *)(argp1);
+ {
+ int res = SWIG_ConvertFunctionPtr(obj1, (void**)(&arg2), SWIGTYPE_p_f_p_void__void);
+ if (!SWIG_IsOK(res)) {
+ SWIG_exception_fail(SWIG_ArgError(res), "in method '" "avc_lock_callback_func_release_lock_set" "', argument " "2"" of type '" "void (*)(void *)""'");
+ }
+ }
+ if (arg1) (arg1)->func_release_lock = arg2;
+
+ resultobj = SWIG_Py_Void();
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_avc_lock_callback_func_release_lock_get(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ struct avc_lock_callback *arg1 = (struct avc_lock_callback *) 0 ;
+ void (*result)(void *) = 0 ;
+ void *argp1 = 0 ;
+ int res1 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"O:avc_lock_callback_func_release_lock_get",&obj0)) SWIG_fail;
+ res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_avc_lock_callback, 0 | 0 );
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "avc_lock_callback_func_release_lock_get" "', argument " "1"" of type '" "struct avc_lock_callback *""'");
+ }
+ arg1 = (struct avc_lock_callback *)(argp1);
+ result = (void (*)(void *)) ((arg1)->func_release_lock);
+ resultobj = SWIG_NewFunctionPtrObj((void *)(result), SWIGTYPE_p_f_p_void__void);
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_avc_lock_callback_func_free_lock_set(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ struct avc_lock_callback *arg1 = (struct avc_lock_callback *) 0 ;
+ void (*arg2)(void *) = (void (*)(void *)) 0 ;
+ void *argp1 = 0 ;
+ int res1 = 0 ;
+ PyObject * obj0 = 0 ;
+ PyObject * obj1 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"OO:avc_lock_callback_func_free_lock_set",&obj0,&obj1)) SWIG_fail;
+ res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_avc_lock_callback, 0 | 0 );
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "avc_lock_callback_func_free_lock_set" "', argument " "1"" of type '" "struct avc_lock_callback *""'");
+ }
+ arg1 = (struct avc_lock_callback *)(argp1);
+ {
+ int res = SWIG_ConvertFunctionPtr(obj1, (void**)(&arg2), SWIGTYPE_p_f_p_void__void);
+ if (!SWIG_IsOK(res)) {
+ SWIG_exception_fail(SWIG_ArgError(res), "in method '" "avc_lock_callback_func_free_lock_set" "', argument " "2"" of type '" "void (*)(void *)""'");
+ }
+ }
+ if (arg1) (arg1)->func_free_lock = arg2;
+
+ resultobj = SWIG_Py_Void();
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_avc_lock_callback_func_free_lock_get(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ struct avc_lock_callback *arg1 = (struct avc_lock_callback *) 0 ;
+ void (*result)(void *) = 0 ;
+ void *argp1 = 0 ;
+ int res1 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"O:avc_lock_callback_func_free_lock_get",&obj0)) SWIG_fail;
+ res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_avc_lock_callback, 0 | 0 );
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "avc_lock_callback_func_free_lock_get" "', argument " "1"" of type '" "struct avc_lock_callback *""'");
+ }
+ arg1 = (struct avc_lock_callback *)(argp1);
+ result = (void (*)(void *)) ((arg1)->func_free_lock);
+ resultobj = SWIG_NewFunctionPtrObj((void *)(result), SWIGTYPE_p_f_p_void__void);
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_new_avc_lock_callback(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ struct avc_lock_callback *result = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)":new_avc_lock_callback")) SWIG_fail;
+ result = (struct avc_lock_callback *)(struct avc_lock_callback *) calloc(1, sizeof(struct avc_lock_callback));
+ resultobj = SWIG_NewPointerObj(SWIG_as_voidptr(result), SWIGTYPE_p_avc_lock_callback, SWIG_POINTER_NEW | 0 );
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_delete_avc_lock_callback(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ struct avc_lock_callback *arg1 = (struct avc_lock_callback *) 0 ;
+ void *argp1 = 0 ;
+ int res1 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"O:delete_avc_lock_callback",&obj0)) SWIG_fail;
+ res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_avc_lock_callback, SWIG_POINTER_DISOWN | 0 );
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "delete_avc_lock_callback" "', argument " "1"" of type '" "struct avc_lock_callback *""'");
+ }
+ arg1 = (struct avc_lock_callback *)(argp1);
+ free((char *) arg1);
+
+ resultobj = SWIG_Py_Void();
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *avc_lock_callback_swigregister(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *obj;
+ if (!PyArg_ParseTuple(args,(char*)"O|swigregister", &obj)) return NULL;
+ SWIG_TypeNewClientData(SWIGTYPE_p_avc_lock_callback, SWIG_NewClientData(obj));
+ return SWIG_Py_Void();
+}
+
+SWIGINTERN PyObject *_wrap_avc_init(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ char *arg1 = (char *) 0 ;
+ struct avc_memory_callback *arg2 = (struct avc_memory_callback *) 0 ;
+ struct avc_log_callback *arg3 = (struct avc_log_callback *) 0 ;
+ struct avc_thread_callback *arg4 = (struct avc_thread_callback *) 0 ;
+ struct avc_lock_callback *arg5 = (struct avc_lock_callback *) 0 ;
+ int result;
+ int res1 ;
+ char *buf1 = 0 ;
+ int alloc1 = 0 ;
+ void *argp2 = 0 ;
+ int res2 = 0 ;
+ void *argp3 = 0 ;
+ int res3 = 0 ;
+ void *argp4 = 0 ;
+ int res4 = 0 ;
+ void *argp5 = 0 ;
+ int res5 = 0 ;
+ PyObject * obj0 = 0 ;
+ PyObject * obj1 = 0 ;
+ PyObject * obj2 = 0 ;
+ PyObject * obj3 = 0 ;
+ PyObject * obj4 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"OOOOO:avc_init",&obj0,&obj1,&obj2,&obj3,&obj4)) SWIG_fail;
+ res1 = SWIG_AsCharPtrAndSize(obj0, &buf1, NULL, &alloc1);
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "avc_init" "', argument " "1"" of type '" "char const *""'");
+ }
+ arg1 = (char *)(buf1);
+ res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_avc_memory_callback, 0 | 0 );
+ if (!SWIG_IsOK(res2)) {
+ SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "avc_init" "', argument " "2"" of type '" "struct avc_memory_callback const *""'");
+ }
+ arg2 = (struct avc_memory_callback *)(argp2);
+ res3 = SWIG_ConvertPtr(obj2, &argp3,SWIGTYPE_p_avc_log_callback, 0 | 0 );
+ if (!SWIG_IsOK(res3)) {
+ SWIG_exception_fail(SWIG_ArgError(res3), "in method '" "avc_init" "', argument " "3"" of type '" "struct avc_log_callback const *""'");
+ }
+ arg3 = (struct avc_log_callback *)(argp3);
+ res4 = SWIG_ConvertPtr(obj3, &argp4,SWIGTYPE_p_avc_thread_callback, 0 | 0 );
+ if (!SWIG_IsOK(res4)) {
+ SWIG_exception_fail(SWIG_ArgError(res4), "in method '" "avc_init" "', argument " "4"" of type '" "struct avc_thread_callback const *""'");
+ }
+ arg4 = (struct avc_thread_callback *)(argp4);
+ res5 = SWIG_ConvertPtr(obj4, &argp5,SWIGTYPE_p_avc_lock_callback, 0 | 0 );
+ if (!SWIG_IsOK(res5)) {
+ SWIG_exception_fail(SWIG_ArgError(res5), "in method '" "avc_init" "', argument " "5"" of type '" "struct avc_lock_callback const *""'");
+ }
+ arg5 = (struct avc_lock_callback *)(argp5);
+ result = (int)avc_init((char const *)arg1,(struct avc_memory_callback const *)arg2,(struct avc_log_callback const *)arg3,(struct avc_thread_callback const *)arg4,(struct avc_lock_callback const *)arg5);
+ resultobj = SWIG_From_int((int)(result));
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return resultobj;
+fail:
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_avc_open(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ struct selinux_opt *arg1 = (struct selinux_opt *) 0 ;
+ unsigned int arg2 ;
+ int result;
+ void *argp1 = 0 ;
+ int res1 = 0 ;
+ unsigned int val2 ;
+ int ecode2 = 0 ;
+ PyObject * obj0 = 0 ;
+ PyObject * obj1 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"OO:avc_open",&obj0,&obj1)) SWIG_fail;
+ res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_selinux_opt, 0 | 0 );
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "avc_open" "', argument " "1"" of type '" "struct selinux_opt *""'");
+ }
+ arg1 = (struct selinux_opt *)(argp1);
+ ecode2 = SWIG_AsVal_unsigned_SS_int(obj1, &val2);
+ if (!SWIG_IsOK(ecode2)) {
+ SWIG_exception_fail(SWIG_ArgError(ecode2), "in method '" "avc_open" "', argument " "2"" of type '" "unsigned int""'");
+ }
+ arg2 = (unsigned int)(val2);
+ result = (int)avc_open(arg1,arg2);
+ resultobj = SWIG_From_int((int)(result));
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_avc_cleanup(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+
+ if (!PyArg_ParseTuple(args,(char *)":avc_cleanup")) SWIG_fail;
+ avc_cleanup();
+ resultobj = SWIG_Py_Void();
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_avc_reset(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ int result;
+
+ if (!PyArg_ParseTuple(args,(char *)":avc_reset")) SWIG_fail;
+ result = (int)avc_reset();
+ resultobj = SWIG_From_int((int)(result));
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_avc_destroy(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+
+ if (!PyArg_ParseTuple(args,(char *)":avc_destroy")) SWIG_fail;
+ avc_destroy();
+ resultobj = SWIG_Py_Void();
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_avc_has_perm_noaudit(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ security_id_t arg1 = (security_id_t) 0 ;
+ security_id_t arg2 = (security_id_t) 0 ;
+ security_class_t arg3 ;
+ access_vector_t arg4 ;
+ struct avc_entry_ref *arg5 = (struct avc_entry_ref *) 0 ;
+ struct av_decision *arg6 = (struct av_decision *) 0 ;
+ int result;
+ void *argp1 = 0 ;
+ int res1 = 0 ;
+ void *argp2 = 0 ;
+ int res2 = 0 ;
+ unsigned short val3 ;
+ int ecode3 = 0 ;
+ unsigned int val4 ;
+ int ecode4 = 0 ;
+ void *argp5 = 0 ;
+ int res5 = 0 ;
+ void *argp6 = 0 ;
+ int res6 = 0 ;
+ PyObject * obj0 = 0 ;
+ PyObject * obj1 = 0 ;
+ PyObject * obj2 = 0 ;
+ PyObject * obj3 = 0 ;
+ PyObject * obj4 = 0 ;
+ PyObject * obj5 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"OOOOOO:avc_has_perm_noaudit",&obj0,&obj1,&obj2,&obj3,&obj4,&obj5)) SWIG_fail;
+ res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_security_id, 0 | 0 );
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "avc_has_perm_noaudit" "', argument " "1"" of type '" "security_id_t""'");
+ }
+ arg1 = (security_id_t)(argp1);
+ res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_security_id, 0 | 0 );
+ if (!SWIG_IsOK(res2)) {
+ SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "avc_has_perm_noaudit" "', argument " "2"" of type '" "security_id_t""'");
+ }
+ arg2 = (security_id_t)(argp2);
+ ecode3 = SWIG_AsVal_unsigned_SS_short(obj2, &val3);
+ if (!SWIG_IsOK(ecode3)) {
+ SWIG_exception_fail(SWIG_ArgError(ecode3), "in method '" "avc_has_perm_noaudit" "', argument " "3"" of type '" "security_class_t""'");
+ }
+ arg3 = (security_class_t)(val3);
+ ecode4 = SWIG_AsVal_unsigned_SS_int(obj3, &val4);
+ if (!SWIG_IsOK(ecode4)) {
+ SWIG_exception_fail(SWIG_ArgError(ecode4), "in method '" "avc_has_perm_noaudit" "', argument " "4"" of type '" "access_vector_t""'");
+ }
+ arg4 = (access_vector_t)(val4);
+ res5 = SWIG_ConvertPtr(obj4, &argp5,SWIGTYPE_p_avc_entry_ref, 0 | 0 );
+ if (!SWIG_IsOK(res5)) {
+ SWIG_exception_fail(SWIG_ArgError(res5), "in method '" "avc_has_perm_noaudit" "', argument " "5"" of type '" "struct avc_entry_ref *""'");
+ }
+ arg5 = (struct avc_entry_ref *)(argp5);
+ res6 = SWIG_ConvertPtr(obj5, &argp6,SWIGTYPE_p_av_decision, 0 | 0 );
+ if (!SWIG_IsOK(res6)) {
+ SWIG_exception_fail(SWIG_ArgError(res6), "in method '" "avc_has_perm_noaudit" "', argument " "6"" of type '" "struct av_decision *""'");
+ }
+ arg6 = (struct av_decision *)(argp6);
+ result = (int)avc_has_perm_noaudit(arg1,arg2,arg3,arg4,arg5,arg6);
+ resultobj = SWIG_From_int((int)(result));
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_avc_has_perm(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ security_id_t arg1 = (security_id_t) 0 ;
+ security_id_t arg2 = (security_id_t) 0 ;
+ security_class_t arg3 ;
+ access_vector_t arg4 ;
+ struct avc_entry_ref *arg5 = (struct avc_entry_ref *) 0 ;
+ void *arg6 = (void *) 0 ;
+ int result;
+ void *argp1 = 0 ;
+ int res1 = 0 ;
+ void *argp2 = 0 ;
+ int res2 = 0 ;
+ unsigned short val3 ;
+ int ecode3 = 0 ;
+ unsigned int val4 ;
+ int ecode4 = 0 ;
+ void *argp5 = 0 ;
+ int res5 = 0 ;
+ int res6 ;
+ PyObject * obj0 = 0 ;
+ PyObject * obj1 = 0 ;
+ PyObject * obj2 = 0 ;
+ PyObject * obj3 = 0 ;
+ PyObject * obj4 = 0 ;
+ PyObject * obj5 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"OOOOOO:avc_has_perm",&obj0,&obj1,&obj2,&obj3,&obj4,&obj5)) SWIG_fail;
+ res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_security_id, 0 | 0 );
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "avc_has_perm" "', argument " "1"" of type '" "security_id_t""'");
+ }
+ arg1 = (security_id_t)(argp1);
+ res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_security_id, 0 | 0 );
+ if (!SWIG_IsOK(res2)) {
+ SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "avc_has_perm" "', argument " "2"" of type '" "security_id_t""'");
+ }
+ arg2 = (security_id_t)(argp2);
+ ecode3 = SWIG_AsVal_unsigned_SS_short(obj2, &val3);
+ if (!SWIG_IsOK(ecode3)) {
+ SWIG_exception_fail(SWIG_ArgError(ecode3), "in method '" "avc_has_perm" "', argument " "3"" of type '" "security_class_t""'");
+ }
+ arg3 = (security_class_t)(val3);
+ ecode4 = SWIG_AsVal_unsigned_SS_int(obj3, &val4);
+ if (!SWIG_IsOK(ecode4)) {
+ SWIG_exception_fail(SWIG_ArgError(ecode4), "in method '" "avc_has_perm" "', argument " "4"" of type '" "access_vector_t""'");
+ }
+ arg4 = (access_vector_t)(val4);
+ res5 = SWIG_ConvertPtr(obj4, &argp5,SWIGTYPE_p_avc_entry_ref, 0 | 0 );
+ if (!SWIG_IsOK(res5)) {
+ SWIG_exception_fail(SWIG_ArgError(res5), "in method '" "avc_has_perm" "', argument " "5"" of type '" "struct avc_entry_ref *""'");
+ }
+ arg5 = (struct avc_entry_ref *)(argp5);
+ res6 = SWIG_ConvertPtr(obj5,SWIG_as_voidptrptr(&arg6), 0, 0);
+ if (!SWIG_IsOK(res6)) {
+ SWIG_exception_fail(SWIG_ArgError(res6), "in method '" "avc_has_perm" "', argument " "6"" of type '" "void *""'");
+ }
+ result = (int)avc_has_perm(arg1,arg2,arg3,arg4,arg5,arg6);
+ resultobj = SWIG_From_int((int)(result));
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_avc_audit(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ security_id_t arg1 = (security_id_t) 0 ;
+ security_id_t arg2 = (security_id_t) 0 ;
+ security_class_t arg3 ;
+ access_vector_t arg4 ;
+ struct av_decision *arg5 = (struct av_decision *) 0 ;
+ int arg6 ;
+ void *arg7 = (void *) 0 ;
+ void *argp1 = 0 ;
+ int res1 = 0 ;
+ void *argp2 = 0 ;
+ int res2 = 0 ;
+ unsigned short val3 ;
+ int ecode3 = 0 ;
+ unsigned int val4 ;
+ int ecode4 = 0 ;
+ void *argp5 = 0 ;
+ int res5 = 0 ;
+ int val6 ;
+ int ecode6 = 0 ;
+ int res7 ;
+ PyObject * obj0 = 0 ;
+ PyObject * obj1 = 0 ;
+ PyObject * obj2 = 0 ;
+ PyObject * obj3 = 0 ;
+ PyObject * obj4 = 0 ;
+ PyObject * obj5 = 0 ;
+ PyObject * obj6 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"OOOOOOO:avc_audit",&obj0,&obj1,&obj2,&obj3,&obj4,&obj5,&obj6)) SWIG_fail;
+ res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_security_id, 0 | 0 );
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "avc_audit" "', argument " "1"" of type '" "security_id_t""'");
+ }
+ arg1 = (security_id_t)(argp1);
+ res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_security_id, 0 | 0 );
+ if (!SWIG_IsOK(res2)) {
+ SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "avc_audit" "', argument " "2"" of type '" "security_id_t""'");
+ }
+ arg2 = (security_id_t)(argp2);
+ ecode3 = SWIG_AsVal_unsigned_SS_short(obj2, &val3);
+ if (!SWIG_IsOK(ecode3)) {
+ SWIG_exception_fail(SWIG_ArgError(ecode3), "in method '" "avc_audit" "', argument " "3"" of type '" "security_class_t""'");
+ }
+ arg3 = (security_class_t)(val3);
+ ecode4 = SWIG_AsVal_unsigned_SS_int(obj3, &val4);
+ if (!SWIG_IsOK(ecode4)) {
+ SWIG_exception_fail(SWIG_ArgError(ecode4), "in method '" "avc_audit" "', argument " "4"" of type '" "access_vector_t""'");
+ }
+ arg4 = (access_vector_t)(val4);
+ res5 = SWIG_ConvertPtr(obj4, &argp5,SWIGTYPE_p_av_decision, 0 | 0 );
+ if (!SWIG_IsOK(res5)) {
+ SWIG_exception_fail(SWIG_ArgError(res5), "in method '" "avc_audit" "', argument " "5"" of type '" "struct av_decision *""'");
+ }
+ arg5 = (struct av_decision *)(argp5);
+ ecode6 = SWIG_AsVal_int(obj5, &val6);
+ if (!SWIG_IsOK(ecode6)) {
+ SWIG_exception_fail(SWIG_ArgError(ecode6), "in method '" "avc_audit" "', argument " "6"" of type '" "int""'");
+ }
+ arg6 = (int)(val6);
+ res7 = SWIG_ConvertPtr(obj6,SWIG_as_voidptrptr(&arg7), 0, 0);
+ if (!SWIG_IsOK(res7)) {
+ SWIG_exception_fail(SWIG_ArgError(res7), "in method '" "avc_audit" "', argument " "7"" of type '" "void *""'");
+ }
+ avc_audit(arg1,arg2,arg3,arg4,arg5,arg6,arg7);
+ resultobj = SWIG_Py_Void();
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_avc_compute_create(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ security_id_t arg1 = (security_id_t) 0 ;
+ security_id_t arg2 = (security_id_t) 0 ;
+ security_class_t arg3 ;
+ security_id_t *arg4 = (security_id_t *) 0 ;
+ int result;
+ void *argp1 = 0 ;
+ int res1 = 0 ;
+ void *argp2 = 0 ;
+ int res2 = 0 ;
+ unsigned short val3 ;
+ int ecode3 = 0 ;
+ security_id_t temp4 ;
+ PyObject * obj0 = 0 ;
+ PyObject * obj1 = 0 ;
+ PyObject * obj2 = 0 ;
+
+ {
+ arg4 = &temp4;
+ }
+ if (!PyArg_ParseTuple(args,(char *)"OOO:avc_compute_create",&obj0,&obj1,&obj2)) SWIG_fail;
+ res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_security_id, 0 | 0 );
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "avc_compute_create" "', argument " "1"" of type '" "security_id_t""'");
+ }
+ arg1 = (security_id_t)(argp1);
+ res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_security_id, 0 | 0 );
+ if (!SWIG_IsOK(res2)) {
+ SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "avc_compute_create" "', argument " "2"" of type '" "security_id_t""'");
+ }
+ arg2 = (security_id_t)(argp2);
+ ecode3 = SWIG_AsVal_unsigned_SS_short(obj2, &val3);
+ if (!SWIG_IsOK(ecode3)) {
+ SWIG_exception_fail(SWIG_ArgError(ecode3), "in method '" "avc_compute_create" "', argument " "3"" of type '" "security_class_t""'");
+ }
+ arg3 = (security_class_t)(val3);
+ result = (int)avc_compute_create(arg1,arg2,arg3,arg4);
+ resultobj = SWIG_From_int((int)(result));
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_avc_compute_member(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ security_id_t arg1 = (security_id_t) 0 ;
+ security_id_t arg2 = (security_id_t) 0 ;
+ security_class_t arg3 ;
+ security_id_t *arg4 = (security_id_t *) 0 ;
+ int result;
+ void *argp1 = 0 ;
+ int res1 = 0 ;
+ void *argp2 = 0 ;
+ int res2 = 0 ;
+ unsigned short val3 ;
+ int ecode3 = 0 ;
+ security_id_t temp4 ;
+ PyObject * obj0 = 0 ;
+ PyObject * obj1 = 0 ;
+ PyObject * obj2 = 0 ;
+
+ {
+ arg4 = &temp4;
+ }
+ if (!PyArg_ParseTuple(args,(char *)"OOO:avc_compute_member",&obj0,&obj1,&obj2)) SWIG_fail;
+ res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_security_id, 0 | 0 );
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "avc_compute_member" "', argument " "1"" of type '" "security_id_t""'");
+ }
+ arg1 = (security_id_t)(argp1);
+ res2 = SWIG_ConvertPtr(obj1, &argp2,SWIGTYPE_p_security_id, 0 | 0 );
+ if (!SWIG_IsOK(res2)) {
+ SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "avc_compute_member" "', argument " "2"" of type '" "security_id_t""'");
+ }
+ arg2 = (security_id_t)(argp2);
+ ecode3 = SWIG_AsVal_unsigned_SS_short(obj2, &val3);
+ if (!SWIG_IsOK(ecode3)) {
+ SWIG_exception_fail(SWIG_ArgError(ecode3), "in method '" "avc_compute_member" "', argument " "3"" of type '" "security_class_t""'");
+ }
+ arg3 = (security_class_t)(val3);
+ result = (int)avc_compute_member(arg1,arg2,arg3,arg4);
+ resultobj = SWIG_From_int((int)(result));
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_avc_cache_stats_entry_lookups_set(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ struct avc_cache_stats *arg1 = (struct avc_cache_stats *) 0 ;
+ unsigned int arg2 ;
+ void *argp1 = 0 ;
+ int res1 = 0 ;
+ unsigned int val2 ;
+ int ecode2 = 0 ;
+ PyObject * obj0 = 0 ;
+ PyObject * obj1 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"OO:avc_cache_stats_entry_lookups_set",&obj0,&obj1)) SWIG_fail;
+ res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_avc_cache_stats, 0 | 0 );
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "avc_cache_stats_entry_lookups_set" "', argument " "1"" of type '" "struct avc_cache_stats *""'");
+ }
+ arg1 = (struct avc_cache_stats *)(argp1);
+ ecode2 = SWIG_AsVal_unsigned_SS_int(obj1, &val2);
+ if (!SWIG_IsOK(ecode2)) {
+ SWIG_exception_fail(SWIG_ArgError(ecode2), "in method '" "avc_cache_stats_entry_lookups_set" "', argument " "2"" of type '" "unsigned int""'");
+ }
+ arg2 = (unsigned int)(val2);
+ if (arg1) (arg1)->entry_lookups = arg2;
+
+ resultobj = SWIG_Py_Void();
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_avc_cache_stats_entry_lookups_get(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ struct avc_cache_stats *arg1 = (struct avc_cache_stats *) 0 ;
+ unsigned int result;
+ void *argp1 = 0 ;
+ int res1 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"O:avc_cache_stats_entry_lookups_get",&obj0)) SWIG_fail;
+ res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_avc_cache_stats, 0 | 0 );
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "avc_cache_stats_entry_lookups_get" "', argument " "1"" of type '" "struct avc_cache_stats *""'");
+ }
+ arg1 = (struct avc_cache_stats *)(argp1);
+ result = (unsigned int) ((arg1)->entry_lookups);
+ resultobj = SWIG_From_unsigned_SS_int((unsigned int)(result));
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_avc_cache_stats_entry_hits_set(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ struct avc_cache_stats *arg1 = (struct avc_cache_stats *) 0 ;
+ unsigned int arg2 ;
+ void *argp1 = 0 ;
+ int res1 = 0 ;
+ unsigned int val2 ;
+ int ecode2 = 0 ;
+ PyObject * obj0 = 0 ;
+ PyObject * obj1 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"OO:avc_cache_stats_entry_hits_set",&obj0,&obj1)) SWIG_fail;
+ res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_avc_cache_stats, 0 | 0 );
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "avc_cache_stats_entry_hits_set" "', argument " "1"" of type '" "struct avc_cache_stats *""'");
+ }
+ arg1 = (struct avc_cache_stats *)(argp1);
+ ecode2 = SWIG_AsVal_unsigned_SS_int(obj1, &val2);
+ if (!SWIG_IsOK(ecode2)) {
+ SWIG_exception_fail(SWIG_ArgError(ecode2), "in method '" "avc_cache_stats_entry_hits_set" "', argument " "2"" of type '" "unsigned int""'");
+ }
+ arg2 = (unsigned int)(val2);
+ if (arg1) (arg1)->entry_hits = arg2;
+
+ resultobj = SWIG_Py_Void();
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_avc_cache_stats_entry_hits_get(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ struct avc_cache_stats *arg1 = (struct avc_cache_stats *) 0 ;
+ unsigned int result;
+ void *argp1 = 0 ;
+ int res1 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"O:avc_cache_stats_entry_hits_get",&obj0)) SWIG_fail;
+ res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_avc_cache_stats, 0 | 0 );
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "avc_cache_stats_entry_hits_get" "', argument " "1"" of type '" "struct avc_cache_stats *""'");
+ }
+ arg1 = (struct avc_cache_stats *)(argp1);
+ result = (unsigned int) ((arg1)->entry_hits);
+ resultobj = SWIG_From_unsigned_SS_int((unsigned int)(result));
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_avc_cache_stats_entry_misses_set(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ struct avc_cache_stats *arg1 = (struct avc_cache_stats *) 0 ;
+ unsigned int arg2 ;
+ void *argp1 = 0 ;
+ int res1 = 0 ;
+ unsigned int val2 ;
+ int ecode2 = 0 ;
+ PyObject * obj0 = 0 ;
+ PyObject * obj1 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"OO:avc_cache_stats_entry_misses_set",&obj0,&obj1)) SWIG_fail;
+ res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_avc_cache_stats, 0 | 0 );
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "avc_cache_stats_entry_misses_set" "', argument " "1"" of type '" "struct avc_cache_stats *""'");
+ }
+ arg1 = (struct avc_cache_stats *)(argp1);
+ ecode2 = SWIG_AsVal_unsigned_SS_int(obj1, &val2);
+ if (!SWIG_IsOK(ecode2)) {
+ SWIG_exception_fail(SWIG_ArgError(ecode2), "in method '" "avc_cache_stats_entry_misses_set" "', argument " "2"" of type '" "unsigned int""'");
+ }
+ arg2 = (unsigned int)(val2);
+ if (arg1) (arg1)->entry_misses = arg2;
+
+ resultobj = SWIG_Py_Void();
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_avc_cache_stats_entry_misses_get(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ struct avc_cache_stats *arg1 = (struct avc_cache_stats *) 0 ;
+ unsigned int result;
+ void *argp1 = 0 ;
+ int res1 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"O:avc_cache_stats_entry_misses_get",&obj0)) SWIG_fail;
+ res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_avc_cache_stats, 0 | 0 );
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "avc_cache_stats_entry_misses_get" "', argument " "1"" of type '" "struct avc_cache_stats *""'");
+ }
+ arg1 = (struct avc_cache_stats *)(argp1);
+ result = (unsigned int) ((arg1)->entry_misses);
+ resultobj = SWIG_From_unsigned_SS_int((unsigned int)(result));
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_avc_cache_stats_entry_discards_set(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ struct avc_cache_stats *arg1 = (struct avc_cache_stats *) 0 ;
+ unsigned int arg2 ;
+ void *argp1 = 0 ;
+ int res1 = 0 ;
+ unsigned int val2 ;
+ int ecode2 = 0 ;
+ PyObject * obj0 = 0 ;
+ PyObject * obj1 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"OO:avc_cache_stats_entry_discards_set",&obj0,&obj1)) SWIG_fail;
+ res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_avc_cache_stats, 0 | 0 );
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "avc_cache_stats_entry_discards_set" "', argument " "1"" of type '" "struct avc_cache_stats *""'");
+ }
+ arg1 = (struct avc_cache_stats *)(argp1);
+ ecode2 = SWIG_AsVal_unsigned_SS_int(obj1, &val2);
+ if (!SWIG_IsOK(ecode2)) {
+ SWIG_exception_fail(SWIG_ArgError(ecode2), "in method '" "avc_cache_stats_entry_discards_set" "', argument " "2"" of type '" "unsigned int""'");
+ }
+ arg2 = (unsigned int)(val2);
+ if (arg1) (arg1)->entry_discards = arg2;
+
+ resultobj = SWIG_Py_Void();
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_avc_cache_stats_entry_discards_get(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ struct avc_cache_stats *arg1 = (struct avc_cache_stats *) 0 ;
+ unsigned int result;
+ void *argp1 = 0 ;
+ int res1 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"O:avc_cache_stats_entry_discards_get",&obj0)) SWIG_fail;
+ res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_avc_cache_stats, 0 | 0 );
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "avc_cache_stats_entry_discards_get" "', argument " "1"" of type '" "struct avc_cache_stats *""'");
+ }
+ arg1 = (struct avc_cache_stats *)(argp1);
+ result = (unsigned int) ((arg1)->entry_discards);
+ resultobj = SWIG_From_unsigned_SS_int((unsigned int)(result));
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_avc_cache_stats_cav_lookups_set(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ struct avc_cache_stats *arg1 = (struct avc_cache_stats *) 0 ;
+ unsigned int arg2 ;
+ void *argp1 = 0 ;
+ int res1 = 0 ;
+ unsigned int val2 ;
+ int ecode2 = 0 ;
+ PyObject * obj0 = 0 ;
+ PyObject * obj1 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"OO:avc_cache_stats_cav_lookups_set",&obj0,&obj1)) SWIG_fail;
+ res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_avc_cache_stats, 0 | 0 );
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "avc_cache_stats_cav_lookups_set" "', argument " "1"" of type '" "struct avc_cache_stats *""'");
+ }
+ arg1 = (struct avc_cache_stats *)(argp1);
+ ecode2 = SWIG_AsVal_unsigned_SS_int(obj1, &val2);
+ if (!SWIG_IsOK(ecode2)) {
+ SWIG_exception_fail(SWIG_ArgError(ecode2), "in method '" "avc_cache_stats_cav_lookups_set" "', argument " "2"" of type '" "unsigned int""'");
+ }
+ arg2 = (unsigned int)(val2);
+ if (arg1) (arg1)->cav_lookups = arg2;
+
+ resultobj = SWIG_Py_Void();
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_avc_cache_stats_cav_lookups_get(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ struct avc_cache_stats *arg1 = (struct avc_cache_stats *) 0 ;
+ unsigned int result;
+ void *argp1 = 0 ;
+ int res1 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"O:avc_cache_stats_cav_lookups_get",&obj0)) SWIG_fail;
+ res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_avc_cache_stats, 0 | 0 );
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "avc_cache_stats_cav_lookups_get" "', argument " "1"" of type '" "struct avc_cache_stats *""'");
+ }
+ arg1 = (struct avc_cache_stats *)(argp1);
+ result = (unsigned int) ((arg1)->cav_lookups);
+ resultobj = SWIG_From_unsigned_SS_int((unsigned int)(result));
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_avc_cache_stats_cav_hits_set(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ struct avc_cache_stats *arg1 = (struct avc_cache_stats *) 0 ;
+ unsigned int arg2 ;
+ void *argp1 = 0 ;
+ int res1 = 0 ;
+ unsigned int val2 ;
+ int ecode2 = 0 ;
+ PyObject * obj0 = 0 ;
+ PyObject * obj1 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"OO:avc_cache_stats_cav_hits_set",&obj0,&obj1)) SWIG_fail;
+ res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_avc_cache_stats, 0 | 0 );
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "avc_cache_stats_cav_hits_set" "', argument " "1"" of type '" "struct avc_cache_stats *""'");
+ }
+ arg1 = (struct avc_cache_stats *)(argp1);
+ ecode2 = SWIG_AsVal_unsigned_SS_int(obj1, &val2);
+ if (!SWIG_IsOK(ecode2)) {
+ SWIG_exception_fail(SWIG_ArgError(ecode2), "in method '" "avc_cache_stats_cav_hits_set" "', argument " "2"" of type '" "unsigned int""'");
+ }
+ arg2 = (unsigned int)(val2);
+ if (arg1) (arg1)->cav_hits = arg2;
+
+ resultobj = SWIG_Py_Void();
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_avc_cache_stats_cav_hits_get(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ struct avc_cache_stats *arg1 = (struct avc_cache_stats *) 0 ;
+ unsigned int result;
+ void *argp1 = 0 ;
+ int res1 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"O:avc_cache_stats_cav_hits_get",&obj0)) SWIG_fail;
+ res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_avc_cache_stats, 0 | 0 );
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "avc_cache_stats_cav_hits_get" "', argument " "1"" of type '" "struct avc_cache_stats *""'");
+ }
+ arg1 = (struct avc_cache_stats *)(argp1);
+ result = (unsigned int) ((arg1)->cav_hits);
+ resultobj = SWIG_From_unsigned_SS_int((unsigned int)(result));
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_avc_cache_stats_cav_probes_set(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ struct avc_cache_stats *arg1 = (struct avc_cache_stats *) 0 ;
+ unsigned int arg2 ;
+ void *argp1 = 0 ;
+ int res1 = 0 ;
+ unsigned int val2 ;
+ int ecode2 = 0 ;
+ PyObject * obj0 = 0 ;
+ PyObject * obj1 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"OO:avc_cache_stats_cav_probes_set",&obj0,&obj1)) SWIG_fail;
+ res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_avc_cache_stats, 0 | 0 );
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "avc_cache_stats_cav_probes_set" "', argument " "1"" of type '" "struct avc_cache_stats *""'");
+ }
+ arg1 = (struct avc_cache_stats *)(argp1);
+ ecode2 = SWIG_AsVal_unsigned_SS_int(obj1, &val2);
+ if (!SWIG_IsOK(ecode2)) {
+ SWIG_exception_fail(SWIG_ArgError(ecode2), "in method '" "avc_cache_stats_cav_probes_set" "', argument " "2"" of type '" "unsigned int""'");
+ }
+ arg2 = (unsigned int)(val2);
+ if (arg1) (arg1)->cav_probes = arg2;
+
+ resultobj = SWIG_Py_Void();
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_avc_cache_stats_cav_probes_get(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ struct avc_cache_stats *arg1 = (struct avc_cache_stats *) 0 ;
+ unsigned int result;
+ void *argp1 = 0 ;
+ int res1 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"O:avc_cache_stats_cav_probes_get",&obj0)) SWIG_fail;
+ res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_avc_cache_stats, 0 | 0 );
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "avc_cache_stats_cav_probes_get" "', argument " "1"" of type '" "struct avc_cache_stats *""'");
+ }
+ arg1 = (struct avc_cache_stats *)(argp1);
+ result = (unsigned int) ((arg1)->cav_probes);
+ resultobj = SWIG_From_unsigned_SS_int((unsigned int)(result));
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_avc_cache_stats_cav_misses_set(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ struct avc_cache_stats *arg1 = (struct avc_cache_stats *) 0 ;
+ unsigned int arg2 ;
+ void *argp1 = 0 ;
+ int res1 = 0 ;
+ unsigned int val2 ;
+ int ecode2 = 0 ;
+ PyObject * obj0 = 0 ;
+ PyObject * obj1 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"OO:avc_cache_stats_cav_misses_set",&obj0,&obj1)) SWIG_fail;
+ res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_avc_cache_stats, 0 | 0 );
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "avc_cache_stats_cav_misses_set" "', argument " "1"" of type '" "struct avc_cache_stats *""'");
+ }
+ arg1 = (struct avc_cache_stats *)(argp1);
+ ecode2 = SWIG_AsVal_unsigned_SS_int(obj1, &val2);
+ if (!SWIG_IsOK(ecode2)) {
+ SWIG_exception_fail(SWIG_ArgError(ecode2), "in method '" "avc_cache_stats_cav_misses_set" "', argument " "2"" of type '" "unsigned int""'");
+ }
+ arg2 = (unsigned int)(val2);
+ if (arg1) (arg1)->cav_misses = arg2;
+
+ resultobj = SWIG_Py_Void();
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_avc_cache_stats_cav_misses_get(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ struct avc_cache_stats *arg1 = (struct avc_cache_stats *) 0 ;
+ unsigned int result;
+ void *argp1 = 0 ;
+ int res1 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"O:avc_cache_stats_cav_misses_get",&obj0)) SWIG_fail;
+ res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_avc_cache_stats, 0 | 0 );
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "avc_cache_stats_cav_misses_get" "', argument " "1"" of type '" "struct avc_cache_stats *""'");
+ }
+ arg1 = (struct avc_cache_stats *)(argp1);
+ result = (unsigned int) ((arg1)->cav_misses);
+ resultobj = SWIG_From_unsigned_SS_int((unsigned int)(result));
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_new_avc_cache_stats(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ struct avc_cache_stats *result = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)":new_avc_cache_stats")) SWIG_fail;
+ result = (struct avc_cache_stats *)(struct avc_cache_stats *) calloc(1, sizeof(struct avc_cache_stats));
+ resultobj = SWIG_NewPointerObj(SWIG_as_voidptr(result), SWIGTYPE_p_avc_cache_stats, SWIG_POINTER_NEW | 0 );
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_delete_avc_cache_stats(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ struct avc_cache_stats *arg1 = (struct avc_cache_stats *) 0 ;
+ void *argp1 = 0 ;
+ int res1 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)"O:delete_avc_cache_stats",&obj0)) SWIG_fail;
+ res1 = SWIG_ConvertPtr(obj0, &argp1,SWIGTYPE_p_avc_cache_stats, SWIG_POINTER_DISOWN | 0 );
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "delete_avc_cache_stats" "', argument " "1"" of type '" "struct avc_cache_stats *""'");
+ }
+ arg1 = (struct avc_cache_stats *)(argp1);
+ free((char *) arg1);
+
+ resultobj = SWIG_Py_Void();
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *avc_cache_stats_swigregister(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *obj;
+ if (!PyArg_ParseTuple(args,(char*)"O|swigregister", &obj)) return NULL;
+ SWIG_TypeNewClientData(SWIGTYPE_p_avc_cache_stats, SWIG_NewClientData(obj));
+ return SWIG_Py_Void();
+}
+
+SWIGINTERN PyObject *_wrap_avc_av_stats(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+
+ if (!PyArg_ParseTuple(args,(char *)":avc_av_stats")) SWIG_fail;
+ avc_av_stats();
+ resultobj = SWIG_Py_Void();
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_avc_sid_stats(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+
+ if (!PyArg_ParseTuple(args,(char *)":avc_sid_stats")) SWIG_fail;
+ avc_sid_stats();
+ resultobj = SWIG_Py_Void();
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_selinux_default_type_path(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ char *result = 0 ;
+
+ if (!PyArg_ParseTuple(args,(char *)":selinux_default_type_path")) SWIG_fail;
+ result = (char *)selinux_default_type_path();
+ resultobj = SWIG_FromCharPtr((const char *)result);
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_get_default_type(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ char *arg1 = (char *) 0 ;
+ char **arg2 = (char **) 0 ;
+ int result;
+ int res1 ;
+ char *buf1 = 0 ;
+ int alloc1 = 0 ;
+ char *temp2 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ arg2 = &temp2;
+ if (!PyArg_ParseTuple(args,(char *)"O:get_default_type",&obj0)) SWIG_fail;
+ res1 = SWIG_AsCharPtrAndSize(obj0, &buf1, NULL, &alloc1);
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "get_default_type" "', argument " "1"" of type '" "char const *""'");
+ }
+ arg1 = (char *)(buf1);
+ result = (int)get_default_type((char const *)arg1,arg2);
+ resultobj = SWIG_From_int((int)(result));
+ if (*arg2) {
+ resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_FromCharPtr(*arg2));
+ free(*arg2);
+ }
+ else {
+ Py_INCREF(Py_None);
+ resultobj = SWIG_Python_AppendOutput(resultobj, Py_None);
+ }
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return resultobj;
+fail:
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_get_ordered_context_list(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ char *arg1 = (char *) 0 ;
+ security_context_t arg2 = (security_context_t) 0 ;
+ security_context_t **arg3 = (security_context_t **) 0 ;
+ int result;
+ int res1 ;
+ char *buf1 = 0 ;
+ int alloc1 = 0 ;
+ int res2 ;
+ char *buf2 = 0 ;
+ int alloc2 = 0 ;
+ security_context_t *temp3 ;
+ PyObject * obj0 = 0 ;
+ PyObject * obj1 = 0 ;
+
+ {
+ arg3 = &temp3;
+ }
+ if (!PyArg_ParseTuple(args,(char *)"OO:get_ordered_context_list",&obj0,&obj1)) SWIG_fail;
+ res1 = SWIG_AsCharPtrAndSize(obj0, &buf1, NULL, &alloc1);
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "get_ordered_context_list" "', argument " "1"" of type '" "char const *""'");
+ }
+ arg1 = (char *)(buf1);
+ res2 = SWIG_AsCharPtrAndSize(obj1, &buf2, NULL, &alloc2);
+ if (!SWIG_IsOK(res2)) {
+ SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "get_ordered_context_list" "', argument " "2"" of type '" "security_context_t""'");
+ }
+ arg2 = (security_context_t)(buf2);
+ result = (int)get_ordered_context_list((char const *)arg1,arg2,arg3);
+ resultobj = SWIG_From_int((int)(result));
+ {
+ PyObject* plist;
+ int i;
+
+ if (*arg3) {
+ plist = PyList_New(result);
+ for (i = 0; i < result; i++) {
+ PyList_SetItem(plist, i, PyString_FromString((*arg3)[i]));
+ }
+ } else {
+ plist = PyList_New(0);
+ }
+ /* Only return the Python list, don't need to return the length anymore */
+ resultobj = plist;
+ }
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ if (alloc2 == SWIG_NEWOBJ) free((char*)buf2);
+ {
+ if (*arg3) freeconary(*arg3);
+ }
+ return resultobj;
+fail:
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ if (alloc2 == SWIG_NEWOBJ) free((char*)buf2);
+ {
+ if (*arg3) freeconary(*arg3);
+ }
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_get_ordered_context_list_with_level(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ char *arg1 = (char *) 0 ;
+ char *arg2 = (char *) 0 ;
+ security_context_t arg3 = (security_context_t) 0 ;
+ security_context_t **arg4 = (security_context_t **) 0 ;
+ int result;
+ int res1 ;
+ char *buf1 = 0 ;
+ int alloc1 = 0 ;
+ int res2 ;
+ char *buf2 = 0 ;
+ int alloc2 = 0 ;
+ int res3 ;
+ char *buf3 = 0 ;
+ int alloc3 = 0 ;
+ security_context_t *temp4 ;
+ PyObject * obj0 = 0 ;
+ PyObject * obj1 = 0 ;
+ PyObject * obj2 = 0 ;
+
+ {
+ arg4 = &temp4;
+ }
+ if (!PyArg_ParseTuple(args,(char *)"OOO:get_ordered_context_list_with_level",&obj0,&obj1,&obj2)) SWIG_fail;
+ res1 = SWIG_AsCharPtrAndSize(obj0, &buf1, NULL, &alloc1);
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "get_ordered_context_list_with_level" "', argument " "1"" of type '" "char const *""'");
+ }
+ arg1 = (char *)(buf1);
+ res2 = SWIG_AsCharPtrAndSize(obj1, &buf2, NULL, &alloc2);
+ if (!SWIG_IsOK(res2)) {
+ SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "get_ordered_context_list_with_level" "', argument " "2"" of type '" "char const *""'");
+ }
+ arg2 = (char *)(buf2);
+ res3 = SWIG_AsCharPtrAndSize(obj2, &buf3, NULL, &alloc3);
+ if (!SWIG_IsOK(res3)) {
+ SWIG_exception_fail(SWIG_ArgError(res3), "in method '" "get_ordered_context_list_with_level" "', argument " "3"" of type '" "security_context_t""'");
+ }
+ arg3 = (security_context_t)(buf3);
+ result = (int)get_ordered_context_list_with_level((char const *)arg1,(char const *)arg2,arg3,arg4);
+ resultobj = SWIG_From_int((int)(result));
+ {
+ PyObject* plist;
+ int i;
+
+ if (*arg4) {
+ plist = PyList_New(result);
+ for (i = 0; i < result; i++) {
+ PyList_SetItem(plist, i, PyString_FromString((*arg4)[i]));
+ }
+ } else {
+ plist = PyList_New(0);
+ }
+ /* Only return the Python list, don't need to return the length anymore */
+ resultobj = plist;
+ }
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ if (alloc2 == SWIG_NEWOBJ) free((char*)buf2);
+ if (alloc3 == SWIG_NEWOBJ) free((char*)buf3);
+ {
+ if (*arg4) freeconary(*arg4);
+ }
+ return resultobj;
+fail:
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ if (alloc2 == SWIG_NEWOBJ) free((char*)buf2);
+ if (alloc3 == SWIG_NEWOBJ) free((char*)buf3);
+ {
+ if (*arg4) freeconary(*arg4);
+ }
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_get_default_context(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ char *arg1 = (char *) 0 ;
+ security_context_t arg2 = (security_context_t) 0 ;
+ security_context_t *arg3 = (security_context_t *) 0 ;
+ int result;
+ int res1 ;
+ char *buf1 = 0 ;
+ int alloc1 = 0 ;
+ int res2 ;
+ char *buf2 = 0 ;
+ int alloc2 = 0 ;
+ security_context_t temp3 = 0 ;
+ PyObject * obj0 = 0 ;
+ PyObject * obj1 = 0 ;
+
+ arg3 = &temp3;
+ if (!PyArg_ParseTuple(args,(char *)"OO:get_default_context",&obj0,&obj1)) SWIG_fail;
+ res1 = SWIG_AsCharPtrAndSize(obj0, &buf1, NULL, &alloc1);
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "get_default_context" "', argument " "1"" of type '" "char const *""'");
+ }
+ arg1 = (char *)(buf1);
+ res2 = SWIG_AsCharPtrAndSize(obj1, &buf2, NULL, &alloc2);
+ if (!SWIG_IsOK(res2)) {
+ SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "get_default_context" "', argument " "2"" of type '" "security_context_t""'");
+ }
+ arg2 = (security_context_t)(buf2);
+ result = (int)get_default_context((char const *)arg1,arg2,arg3);
+ resultobj = SWIG_From_int((int)(result));
+ if (*arg3) {
+ resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_FromCharPtr(*arg3));
+ freecon(*arg3);
+ }
+ else {
+ Py_INCREF(Py_None);
+ resultobj = SWIG_Python_AppendOutput(resultobj, Py_None);
+ }
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ if (alloc2 == SWIG_NEWOBJ) free((char*)buf2);
+ return resultobj;
+fail:
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ if (alloc2 == SWIG_NEWOBJ) free((char*)buf2);
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_get_default_context_with_level(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ char *arg1 = (char *) 0 ;
+ char *arg2 = (char *) 0 ;
+ security_context_t arg3 = (security_context_t) 0 ;
+ security_context_t *arg4 = (security_context_t *) 0 ;
+ int result;
+ int res1 ;
+ char *buf1 = 0 ;
+ int alloc1 = 0 ;
+ int res2 ;
+ char *buf2 = 0 ;
+ int alloc2 = 0 ;
+ int res3 ;
+ char *buf3 = 0 ;
+ int alloc3 = 0 ;
+ security_context_t temp4 = 0 ;
+ PyObject * obj0 = 0 ;
+ PyObject * obj1 = 0 ;
+ PyObject * obj2 = 0 ;
+
+ arg4 = &temp4;
+ if (!PyArg_ParseTuple(args,(char *)"OOO:get_default_context_with_level",&obj0,&obj1,&obj2)) SWIG_fail;
+ res1 = SWIG_AsCharPtrAndSize(obj0, &buf1, NULL, &alloc1);
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "get_default_context_with_level" "', argument " "1"" of type '" "char const *""'");
+ }
+ arg1 = (char *)(buf1);
+ res2 = SWIG_AsCharPtrAndSize(obj1, &buf2, NULL, &alloc2);
+ if (!SWIG_IsOK(res2)) {
+ SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "get_default_context_with_level" "', argument " "2"" of type '" "char const *""'");
+ }
+ arg2 = (char *)(buf2);
+ res3 = SWIG_AsCharPtrAndSize(obj2, &buf3, NULL, &alloc3);
+ if (!SWIG_IsOK(res3)) {
+ SWIG_exception_fail(SWIG_ArgError(res3), "in method '" "get_default_context_with_level" "', argument " "3"" of type '" "security_context_t""'");
+ }
+ arg3 = (security_context_t)(buf3);
+ result = (int)get_default_context_with_level((char const *)arg1,(char const *)arg2,arg3,arg4);
+ resultobj = SWIG_From_int((int)(result));
+ if (*arg4) {
+ resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_FromCharPtr(*arg4));
+ freecon(*arg4);
+ }
+ else {
+ Py_INCREF(Py_None);
+ resultobj = SWIG_Python_AppendOutput(resultobj, Py_None);
+ }
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ if (alloc2 == SWIG_NEWOBJ) free((char*)buf2);
+ if (alloc3 == SWIG_NEWOBJ) free((char*)buf3);
+ return resultobj;
+fail:
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ if (alloc2 == SWIG_NEWOBJ) free((char*)buf2);
+ if (alloc3 == SWIG_NEWOBJ) free((char*)buf3);
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_get_default_context_with_role(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ char *arg1 = (char *) 0 ;
+ char *arg2 = (char *) 0 ;
+ security_context_t arg3 = (security_context_t) 0 ;
+ security_context_t *arg4 = (security_context_t *) 0 ;
+ int result;
+ int res1 ;
+ char *buf1 = 0 ;
+ int alloc1 = 0 ;
+ int res2 ;
+ char *buf2 = 0 ;
+ int alloc2 = 0 ;
+ int res3 ;
+ char *buf3 = 0 ;
+ int alloc3 = 0 ;
+ security_context_t temp4 = 0 ;
+ PyObject * obj0 = 0 ;
+ PyObject * obj1 = 0 ;
+ PyObject * obj2 = 0 ;
+
+ arg4 = &temp4;
+ if (!PyArg_ParseTuple(args,(char *)"OOO:get_default_context_with_role",&obj0,&obj1,&obj2)) SWIG_fail;
+ res1 = SWIG_AsCharPtrAndSize(obj0, &buf1, NULL, &alloc1);
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "get_default_context_with_role" "', argument " "1"" of type '" "char const *""'");
+ }
+ arg1 = (char *)(buf1);
+ res2 = SWIG_AsCharPtrAndSize(obj1, &buf2, NULL, &alloc2);
+ if (!SWIG_IsOK(res2)) {
+ SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "get_default_context_with_role" "', argument " "2"" of type '" "char const *""'");
+ }
+ arg2 = (char *)(buf2);
+ res3 = SWIG_AsCharPtrAndSize(obj2, &buf3, NULL, &alloc3);
+ if (!SWIG_IsOK(res3)) {
+ SWIG_exception_fail(SWIG_ArgError(res3), "in method '" "get_default_context_with_role" "', argument " "3"" of type '" "security_context_t""'");
+ }
+ arg3 = (security_context_t)(buf3);
+ result = (int)get_default_context_with_role((char const *)arg1,(char const *)arg2,arg3,arg4);
+ resultobj = SWIG_From_int((int)(result));
+ if (*arg4) {
+ resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_FromCharPtr(*arg4));
+ freecon(*arg4);
+ }
+ else {
+ Py_INCREF(Py_None);
+ resultobj = SWIG_Python_AppendOutput(resultobj, Py_None);
+ }
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ if (alloc2 == SWIG_NEWOBJ) free((char*)buf2);
+ if (alloc3 == SWIG_NEWOBJ) free((char*)buf3);
+ return resultobj;
+fail:
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ if (alloc2 == SWIG_NEWOBJ) free((char*)buf2);
+ if (alloc3 == SWIG_NEWOBJ) free((char*)buf3);
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_get_default_context_with_rolelevel(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ char *arg1 = (char *) 0 ;
+ char *arg2 = (char *) 0 ;
+ char *arg3 = (char *) 0 ;
+ security_context_t arg4 = (security_context_t) 0 ;
+ security_context_t *arg5 = (security_context_t *) 0 ;
+ int result;
+ int res1 ;
+ char *buf1 = 0 ;
+ int alloc1 = 0 ;
+ int res2 ;
+ char *buf2 = 0 ;
+ int alloc2 = 0 ;
+ int res3 ;
+ char *buf3 = 0 ;
+ int alloc3 = 0 ;
+ int res4 ;
+ char *buf4 = 0 ;
+ int alloc4 = 0 ;
+ security_context_t temp5 = 0 ;
+ PyObject * obj0 = 0 ;
+ PyObject * obj1 = 0 ;
+ PyObject * obj2 = 0 ;
+ PyObject * obj3 = 0 ;
+
+ arg5 = &temp5;
+ if (!PyArg_ParseTuple(args,(char *)"OOOO:get_default_context_with_rolelevel",&obj0,&obj1,&obj2,&obj3)) SWIG_fail;
+ res1 = SWIG_AsCharPtrAndSize(obj0, &buf1, NULL, &alloc1);
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "get_default_context_with_rolelevel" "', argument " "1"" of type '" "char const *""'");
+ }
+ arg1 = (char *)(buf1);
+ res2 = SWIG_AsCharPtrAndSize(obj1, &buf2, NULL, &alloc2);
+ if (!SWIG_IsOK(res2)) {
+ SWIG_exception_fail(SWIG_ArgError(res2), "in method '" "get_default_context_with_rolelevel" "', argument " "2"" of type '" "char const *""'");
+ }
+ arg2 = (char *)(buf2);
+ res3 = SWIG_AsCharPtrAndSize(obj2, &buf3, NULL, &alloc3);
+ if (!SWIG_IsOK(res3)) {
+ SWIG_exception_fail(SWIG_ArgError(res3), "in method '" "get_default_context_with_rolelevel" "', argument " "3"" of type '" "char const *""'");
+ }
+ arg3 = (char *)(buf3);
+ res4 = SWIG_AsCharPtrAndSize(obj3, &buf4, NULL, &alloc4);
+ if (!SWIG_IsOK(res4)) {
+ SWIG_exception_fail(SWIG_ArgError(res4), "in method '" "get_default_context_with_rolelevel" "', argument " "4"" of type '" "security_context_t""'");
+ }
+ arg4 = (security_context_t)(buf4);
+ result = (int)get_default_context_with_rolelevel((char const *)arg1,(char const *)arg2,(char const *)arg3,arg4,arg5);
+ resultobj = SWIG_From_int((int)(result));
+ if (*arg5) {
+ resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_FromCharPtr(*arg5));
+ freecon(*arg5);
+ }
+ else {
+ Py_INCREF(Py_None);
+ resultobj = SWIG_Python_AppendOutput(resultobj, Py_None);
+ }
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ if (alloc2 == SWIG_NEWOBJ) free((char*)buf2);
+ if (alloc3 == SWIG_NEWOBJ) free((char*)buf3);
+ if (alloc4 == SWIG_NEWOBJ) free((char*)buf4);
+ return resultobj;
+fail:
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ if (alloc2 == SWIG_NEWOBJ) free((char*)buf2);
+ if (alloc3 == SWIG_NEWOBJ) free((char*)buf3);
+ if (alloc4 == SWIG_NEWOBJ) free((char*)buf4);
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_query_user_context(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ security_context_t *arg1 = (security_context_t *) 0 ;
+ security_context_t *arg2 = (security_context_t *) 0 ;
+ int result;
+ security_context_t temp1 = 0 ;
+ security_context_t temp2 = 0 ;
+
+ arg1 = &temp1;
+ arg2 = &temp2;
+ if (!PyArg_ParseTuple(args,(char *)":query_user_context")) SWIG_fail;
+ result = (int)query_user_context(arg1,arg2);
+ resultobj = SWIG_From_int((int)(result));
+ if (*arg1) {
+ resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_FromCharPtr(*arg1));
+ freecon(*arg1);
+ }
+ else {
+ Py_INCREF(Py_None);
+ resultobj = SWIG_Python_AppendOutput(resultobj, Py_None);
+ }
+ if (*arg2) {
+ resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_FromCharPtr(*arg2));
+ freecon(*arg2);
+ }
+ else {
+ Py_INCREF(Py_None);
+ resultobj = SWIG_Python_AppendOutput(resultobj, Py_None);
+ }
+ return resultobj;
+fail:
+ return NULL;
+}
+
+
+SWIGINTERN PyObject *_wrap_manual_user_enter_context(PyObject *SWIGUNUSEDPARM(self), PyObject *args) {
+ PyObject *resultobj = 0;
+ char *arg1 = (char *) 0 ;
+ security_context_t *arg2 = (security_context_t *) 0 ;
+ int result;
+ int res1 ;
+ char *buf1 = 0 ;
+ int alloc1 = 0 ;
+ security_context_t temp2 = 0 ;
+ PyObject * obj0 = 0 ;
+
+ arg2 = &temp2;
+ if (!PyArg_ParseTuple(args,(char *)"O:manual_user_enter_context",&obj0)) SWIG_fail;
+ res1 = SWIG_AsCharPtrAndSize(obj0, &buf1, NULL, &alloc1);
+ if (!SWIG_IsOK(res1)) {
+ SWIG_exception_fail(SWIG_ArgError(res1), "in method '" "manual_user_enter_context" "', argument " "1"" of type '" "char const *""'");
+ }
+ arg1 = (char *)(buf1);
+ result = (int)manual_user_enter_context((char const *)arg1,arg2);
+ resultobj = SWIG_From_int((int)(result));
+ if (*arg2) {
+ resultobj = SWIG_Python_AppendOutput(resultobj, SWIG_FromCharPtr(*arg2));
+ freecon(*arg2);
+ }
+ else {
+ Py_INCREF(Py_None);
+ resultobj = SWIG_Python_AppendOutput(resultobj, Py_None);
+ }
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return resultobj;
+fail:
+ if (alloc1 == SWIG_NEWOBJ) free((char*)buf1);
+ return NULL;
+}
+
+
+static PyMethodDef SwigMethods[] = {
+ { (char *)"is_selinux_enabled", _wrap_is_selinux_enabled, METH_VARARGS, NULL},
+ { (char *)"is_selinux_mls_enabled", _wrap_is_selinux_mls_enabled, METH_VARARGS, NULL},
+ { (char *)"getcon", _wrap_getcon, METH_VARARGS, NULL},
+ { (char *)"getcon_raw", _wrap_getcon_raw, METH_VARARGS, NULL},
+ { (char *)"setcon", _wrap_setcon, METH_VARARGS, NULL},
+ { (char *)"setcon_raw", _wrap_setcon_raw, METH_VARARGS, NULL},
+ { (char *)"getpidcon", _wrap_getpidcon, METH_VARARGS, NULL},
+ { (char *)"getpidcon_raw", _wrap_getpidcon_raw, METH_VARARGS, NULL},
+ { (char *)"getprevcon", _wrap_getprevcon, METH_VARARGS, NULL},
+ { (char *)"getprevcon_raw", _wrap_getprevcon_raw, METH_VARARGS, NULL},
+ { (char *)"getexeccon", _wrap_getexeccon, METH_VARARGS, NULL},
+ { (char *)"getexeccon_raw", _wrap_getexeccon_raw, METH_VARARGS, NULL},
+ { (char *)"setexeccon", _wrap_setexeccon, METH_VARARGS, NULL},
+ { (char *)"setexeccon_raw", _wrap_setexeccon_raw, METH_VARARGS, NULL},
+ { (char *)"getfscreatecon", _wrap_getfscreatecon, METH_VARARGS, NULL},
+ { (char *)"getfscreatecon_raw", _wrap_getfscreatecon_raw, METH_VARARGS, NULL},
+ { (char *)"setfscreatecon", _wrap_setfscreatecon, METH_VARARGS, NULL},
+ { (char *)"setfscreatecon_raw", _wrap_setfscreatecon_raw, METH_VARARGS, NULL},
+ { (char *)"getkeycreatecon", _wrap_getkeycreatecon, METH_VARARGS, NULL},
+ { (char *)"getkeycreatecon_raw", _wrap_getkeycreatecon_raw, METH_VARARGS, NULL},
+ { (char *)"setkeycreatecon", _wrap_setkeycreatecon, METH_VARARGS, NULL},
+ { (char *)"setkeycreatecon_raw", _wrap_setkeycreatecon_raw, METH_VARARGS, NULL},
+ { (char *)"getsockcreatecon", _wrap_getsockcreatecon, METH_VARARGS, NULL},
+ { (char *)"getsockcreatecon_raw", _wrap_getsockcreatecon_raw, METH_VARARGS, NULL},
+ { (char *)"setsockcreatecon", _wrap_setsockcreatecon, METH_VARARGS, NULL},
+ { (char *)"setsockcreatecon_raw", _wrap_setsockcreatecon_raw, METH_VARARGS, NULL},
+ { (char *)"getfilecon", _wrap_getfilecon, METH_VARARGS, NULL},
+ { (char *)"getfilecon_raw", _wrap_getfilecon_raw, METH_VARARGS, NULL},
+ { (char *)"lgetfilecon", _wrap_lgetfilecon, METH_VARARGS, NULL},
+ { (char *)"lgetfilecon_raw", _wrap_lgetfilecon_raw, METH_VARARGS, NULL},
+ { (char *)"fgetfilecon", _wrap_fgetfilecon, METH_VARARGS, NULL},
+ { (char *)"fgetfilecon_raw", _wrap_fgetfilecon_raw, METH_VARARGS, NULL},
+ { (char *)"setfilecon", _wrap_setfilecon, METH_VARARGS, NULL},
+ { (char *)"setfilecon_raw", _wrap_setfilecon_raw, METH_VARARGS, NULL},
+ { (char *)"lsetfilecon", _wrap_lsetfilecon, METH_VARARGS, NULL},
+ { (char *)"lsetfilecon_raw", _wrap_lsetfilecon_raw, METH_VARARGS, NULL},
+ { (char *)"fsetfilecon", _wrap_fsetfilecon, METH_VARARGS, NULL},
+ { (char *)"fsetfilecon_raw", _wrap_fsetfilecon_raw, METH_VARARGS, NULL},
+ { (char *)"getpeercon", _wrap_getpeercon, METH_VARARGS, NULL},
+ { (char *)"getpeercon_raw", _wrap_getpeercon_raw, METH_VARARGS, NULL},
+ { (char *)"av_decision_allowed_set", _wrap_av_decision_allowed_set, METH_VARARGS, NULL},
+ { (char *)"av_decision_allowed_get", _wrap_av_decision_allowed_get, METH_VARARGS, NULL},
+ { (char *)"av_decision_decided_set", _wrap_av_decision_decided_set, METH_VARARGS, NULL},
+ { (char *)"av_decision_decided_get", _wrap_av_decision_decided_get, METH_VARARGS, NULL},
+ { (char *)"av_decision_auditallow_set", _wrap_av_decision_auditallow_set, METH_VARARGS, NULL},
+ { (char *)"av_decision_auditallow_get", _wrap_av_decision_auditallow_get, METH_VARARGS, NULL},
+ { (char *)"av_decision_auditdeny_set", _wrap_av_decision_auditdeny_set, METH_VARARGS, NULL},
+ { (char *)"av_decision_auditdeny_get", _wrap_av_decision_auditdeny_get, METH_VARARGS, NULL},
+ { (char *)"av_decision_seqno_set", _wrap_av_decision_seqno_set, METH_VARARGS, NULL},
+ { (char *)"av_decision_seqno_get", _wrap_av_decision_seqno_get, METH_VARARGS, NULL},
+ { (char *)"new_av_decision", _wrap_new_av_decision, METH_VARARGS, NULL},
+ { (char *)"delete_av_decision", _wrap_delete_av_decision, METH_VARARGS, NULL},
+ { (char *)"av_decision_swigregister", av_decision_swigregister, METH_VARARGS, NULL},
+ { (char *)"selinux_opt_type_set", _wrap_selinux_opt_type_set, METH_VARARGS, NULL},
+ { (char *)"selinux_opt_type_get", _wrap_selinux_opt_type_get, METH_VARARGS, NULL},
+ { (char *)"selinux_opt_value_set", _wrap_selinux_opt_value_set, METH_VARARGS, NULL},
+ { (char *)"selinux_opt_value_get", _wrap_selinux_opt_value_get, METH_VARARGS, NULL},
+ { (char *)"new_selinux_opt", _wrap_new_selinux_opt, METH_VARARGS, NULL},
+ { (char *)"delete_selinux_opt", _wrap_delete_selinux_opt, METH_VARARGS, NULL},
+ { (char *)"selinux_opt_swigregister", selinux_opt_swigregister, METH_VARARGS, NULL},
+ { (char *)"selinux_callback_func_log_set", _wrap_selinux_callback_func_log_set, METH_VARARGS, NULL},
+ { (char *)"selinux_callback_func_log_get", _wrap_selinux_callback_func_log_get, METH_VARARGS, NULL},
+ { (char *)"selinux_callback_func_audit_set", _wrap_selinux_callback_func_audit_set, METH_VARARGS, NULL},
+ { (char *)"selinux_callback_func_audit_get", _wrap_selinux_callback_func_audit_get, METH_VARARGS, NULL},
+ { (char *)"selinux_callback_func_validate_set", _wrap_selinux_callback_func_validate_set, METH_VARARGS, NULL},
+ { (char *)"selinux_callback_func_validate_get", _wrap_selinux_callback_func_validate_get, METH_VARARGS, NULL},
+ { (char *)"new_selinux_callback", _wrap_new_selinux_callback, METH_VARARGS, NULL},
+ { (char *)"delete_selinux_callback", _wrap_delete_selinux_callback, METH_VARARGS, NULL},
+ { (char *)"selinux_callback_swigregister", selinux_callback_swigregister, METH_VARARGS, NULL},
+ { (char *)"selinux_get_callback", _wrap_selinux_get_callback, METH_VARARGS, NULL},
+ { (char *)"selinux_set_callback", _wrap_selinux_set_callback, METH_VARARGS, NULL},
+ { (char *)"security_compute_av", _wrap_security_compute_av, METH_VARARGS, NULL},
+ { (char *)"security_compute_av_raw", _wrap_security_compute_av_raw, METH_VARARGS, NULL},
+ { (char *)"security_compute_create", _wrap_security_compute_create, METH_VARARGS, NULL},
+ { (char *)"security_compute_create_raw", _wrap_security_compute_create_raw, METH_VARARGS, NULL},
+ { (char *)"security_compute_relabel", _wrap_security_compute_relabel, METH_VARARGS, NULL},
+ { (char *)"security_compute_relabel_raw", _wrap_security_compute_relabel_raw, METH_VARARGS, NULL},
+ { (char *)"security_compute_member", _wrap_security_compute_member, METH_VARARGS, NULL},
+ { (char *)"security_compute_member_raw", _wrap_security_compute_member_raw, METH_VARARGS, NULL},
+ { (char *)"security_compute_user", _wrap_security_compute_user, METH_VARARGS, NULL},
+ { (char *)"security_compute_user_raw", _wrap_security_compute_user_raw, METH_VARARGS, NULL},
+ { (char *)"security_load_policy", _wrap_security_load_policy, METH_VARARGS, NULL},
+ { (char *)"security_get_initial_context", _wrap_security_get_initial_context, METH_VARARGS, NULL},
+ { (char *)"security_get_initial_context_raw", _wrap_security_get_initial_context_raw, METH_VARARGS, NULL},
+ { (char *)"selinux_mkload_policy", _wrap_selinux_mkload_policy, METH_VARARGS, NULL},
+ { (char *)"selinux_init_load_policy", _wrap_selinux_init_load_policy, METH_VARARGS, NULL},
+ { (char *)"SELboolean_name_set", _wrap_SELboolean_name_set, METH_VARARGS, NULL},
+ { (char *)"SELboolean_name_get", _wrap_SELboolean_name_get, METH_VARARGS, NULL},
+ { (char *)"SELboolean_value_set", _wrap_SELboolean_value_set, METH_VARARGS, NULL},
+ { (char *)"SELboolean_value_get", _wrap_SELboolean_value_get, METH_VARARGS, NULL},
+ { (char *)"new_SELboolean", _wrap_new_SELboolean, METH_VARARGS, NULL},
+ { (char *)"delete_SELboolean", _wrap_delete_SELboolean, METH_VARARGS, NULL},
+ { (char *)"SELboolean_swigregister", SELboolean_swigregister, METH_VARARGS, NULL},
+ { (char *)"security_set_boolean_list", _wrap_security_set_boolean_list, METH_VARARGS, NULL},
+ { (char *)"security_load_booleans", _wrap_security_load_booleans, METH_VARARGS, NULL},
+ { (char *)"security_check_context", _wrap_security_check_context, METH_VARARGS, NULL},
+ { (char *)"security_check_context_raw", _wrap_security_check_context_raw, METH_VARARGS, NULL},
+ { (char *)"security_canonicalize_context", _wrap_security_canonicalize_context, METH_VARARGS, NULL},
+ { (char *)"security_canonicalize_context_raw", _wrap_security_canonicalize_context_raw, METH_VARARGS, NULL},
+ { (char *)"security_getenforce", _wrap_security_getenforce, METH_VARARGS, NULL},
+ { (char *)"security_setenforce", _wrap_security_setenforce, METH_VARARGS, NULL},
+ { (char *)"security_disable", _wrap_security_disable, METH_VARARGS, NULL},
+ { (char *)"security_policyvers", _wrap_security_policyvers, METH_VARARGS, NULL},
+ { (char *)"security_get_boolean_names", _wrap_security_get_boolean_names, METH_VARARGS, NULL},
+ { (char *)"security_get_boolean_pending", _wrap_security_get_boolean_pending, METH_VARARGS, NULL},
+ { (char *)"security_get_boolean_active", _wrap_security_get_boolean_active, METH_VARARGS, NULL},
+ { (char *)"security_set_boolean", _wrap_security_set_boolean, METH_VARARGS, NULL},
+ { (char *)"security_commit_booleans", _wrap_security_commit_booleans, METH_VARARGS, NULL},
+ { (char *)"security_class_mapping_name_set", _wrap_security_class_mapping_name_set, METH_VARARGS, NULL},
+ { (char *)"security_class_mapping_name_get", _wrap_security_class_mapping_name_get, METH_VARARGS, NULL},
+ { (char *)"security_class_mapping_perms_set", _wrap_security_class_mapping_perms_set, METH_VARARGS, NULL},
+ { (char *)"security_class_mapping_perms_get", _wrap_security_class_mapping_perms_get, METH_VARARGS, NULL},
+ { (char *)"new_security_class_mapping", _wrap_new_security_class_mapping, METH_VARARGS, NULL},
+ { (char *)"delete_security_class_mapping", _wrap_delete_security_class_mapping, METH_VARARGS, NULL},
+ { (char *)"security_class_mapping_swigregister", security_class_mapping_swigregister, METH_VARARGS, NULL},
+ { (char *)"selinux_set_mapping", _wrap_selinux_set_mapping, METH_VARARGS, NULL},
+ { (char *)"string_to_security_class", _wrap_string_to_security_class, METH_VARARGS, NULL},
+ { (char *)"security_class_to_string", _wrap_security_class_to_string, METH_VARARGS, NULL},
+ { (char *)"security_av_perm_to_string", _wrap_security_av_perm_to_string, METH_VARARGS, NULL},
+ { (char *)"string_to_av_perm", _wrap_string_to_av_perm, METH_VARARGS, NULL},
+ { (char *)"security_av_string", _wrap_security_av_string, METH_VARARGS, NULL},
+ { (char *)"print_access_vector", _wrap_print_access_vector, METH_VARARGS, NULL},
+ { (char *)"set_matchpathcon_flags", _wrap_set_matchpathcon_flags, METH_VARARGS, NULL},
+ { (char *)"matchpathcon_init", _wrap_matchpathcon_init, METH_VARARGS, NULL},
+ { (char *)"matchpathcon_init_prefix", _wrap_matchpathcon_init_prefix, METH_VARARGS, NULL},
+ { (char *)"matchpathcon_fini", _wrap_matchpathcon_fini, METH_VARARGS, NULL},
+ { (char *)"matchpathcon", _wrap_matchpathcon, METH_VARARGS, NULL},
+ { (char *)"matchpathcon_index", _wrap_matchpathcon_index, METH_VARARGS, NULL},
+ { (char *)"matchpathcon_filespec_add", _wrap_matchpathcon_filespec_add, METH_VARARGS, NULL},
+ { (char *)"matchpathcon_filespec_destroy", _wrap_matchpathcon_filespec_destroy, METH_VARARGS, NULL},
+ { (char *)"matchpathcon_filespec_eval", _wrap_matchpathcon_filespec_eval, METH_VARARGS, NULL},
+ { (char *)"matchpathcon_checkmatches", _wrap_matchpathcon_checkmatches, METH_VARARGS, NULL},
+ { (char *)"matchmediacon", _wrap_matchmediacon, METH_VARARGS, NULL},
+ { (char *)"selinux_getenforcemode", _wrap_selinux_getenforcemode, METH_VARARGS, NULL},
+ { (char *)"selinux_getpolicytype", _wrap_selinux_getpolicytype, METH_VARARGS, NULL},
+ { (char *)"selinux_policy_root", _wrap_selinux_policy_root, METH_VARARGS, NULL},
+ { (char *)"selinux_binary_policy_path", _wrap_selinux_binary_policy_path, METH_VARARGS, NULL},
+ { (char *)"selinux_failsafe_context_path", _wrap_selinux_failsafe_context_path, METH_VARARGS, NULL},
+ { (char *)"selinux_removable_context_path", _wrap_selinux_removable_context_path, METH_VARARGS, NULL},
+ { (char *)"selinux_default_context_path", _wrap_selinux_default_context_path, METH_VARARGS, NULL},
+ { (char *)"selinux_user_contexts_path", _wrap_selinux_user_contexts_path, METH_VARARGS, NULL},
+ { (char *)"selinux_file_context_path", _wrap_selinux_file_context_path, METH_VARARGS, NULL},
+ { (char *)"selinux_file_context_homedir_path", _wrap_selinux_file_context_homedir_path, METH_VARARGS, NULL},
+ { (char *)"selinux_file_context_local_path", _wrap_selinux_file_context_local_path, METH_VARARGS, NULL},
+ { (char *)"selinux_homedir_context_path", _wrap_selinux_homedir_context_path, METH_VARARGS, NULL},
+ { (char *)"selinux_media_context_path", _wrap_selinux_media_context_path, METH_VARARGS, NULL},
+ { (char *)"selinux_x_context_path", _wrap_selinux_x_context_path, METH_VARARGS, NULL},
+ { (char *)"selinux_contexts_path", _wrap_selinux_contexts_path, METH_VARARGS, NULL},
+ { (char *)"selinux_securetty_types_path", _wrap_selinux_securetty_types_path, METH_VARARGS, NULL},
+ { (char *)"selinux_booleans_path", _wrap_selinux_booleans_path, METH_VARARGS, NULL},
+ { (char *)"selinux_customizable_types_path", _wrap_selinux_customizable_types_path, METH_VARARGS, NULL},
+ { (char *)"selinux_users_path", _wrap_selinux_users_path, METH_VARARGS, NULL},
+ { (char *)"selinux_usersconf_path", _wrap_selinux_usersconf_path, METH_VARARGS, NULL},
+ { (char *)"selinux_translations_path", _wrap_selinux_translations_path, METH_VARARGS, NULL},
+ { (char *)"selinux_netfilter_context_path", _wrap_selinux_netfilter_context_path, METH_VARARGS, NULL},
+ { (char *)"selinux_path", _wrap_selinux_path, METH_VARARGS, NULL},
+ { (char *)"selinux_check_passwd_access", _wrap_selinux_check_passwd_access, METH_VARARGS, NULL},
+ { (char *)"checkPasswdAccess", _wrap_checkPasswdAccess, METH_VARARGS, NULL},
+ { (char *)"selinux_check_securetty_context", _wrap_selinux_check_securetty_context, METH_VARARGS, NULL},
+ { (char *)"set_selinuxmnt", _wrap_set_selinuxmnt, METH_VARARGS, NULL},
+ { (char *)"rpm_execcon", _wrap_rpm_execcon, METH_VARARGS, NULL},
+ { (char *)"is_context_customizable", _wrap_is_context_customizable, METH_VARARGS, NULL},
+ { (char *)"selinux_trans_to_raw_context", _wrap_selinux_trans_to_raw_context, METH_VARARGS, NULL},
+ { (char *)"selinux_raw_to_trans_context", _wrap_selinux_raw_to_trans_context, METH_VARARGS, NULL},
+ { (char *)"getseuserbyname", _wrap_getseuserbyname, METH_VARARGS, NULL},
+ { (char *)"selinux_file_context_cmp", _wrap_selinux_file_context_cmp, METH_VARARGS, NULL},
+ { (char *)"selinux_file_context_verify", _wrap_selinux_file_context_verify, METH_VARARGS, NULL},
+ { (char *)"selinux_lsetfilecon_default", _wrap_selinux_lsetfilecon_default, METH_VARARGS, NULL},
+ { (char *)"security_id_ctx_set", _wrap_security_id_ctx_set, METH_VARARGS, NULL},
+ { (char *)"security_id_ctx_get", _wrap_security_id_ctx_get, METH_VARARGS, NULL},
+ { (char *)"security_id_refcnt_set", _wrap_security_id_refcnt_set, METH_VARARGS, NULL},
+ { (char *)"security_id_refcnt_get", _wrap_security_id_refcnt_get, METH_VARARGS, NULL},
+ { (char *)"new_security_id", _wrap_new_security_id, METH_VARARGS, NULL},
+ { (char *)"delete_security_id", _wrap_delete_security_id, METH_VARARGS, NULL},
+ { (char *)"security_id_swigregister", security_id_swigregister, METH_VARARGS, NULL},
+ { (char *)"avc_sid_to_context", _wrap_avc_sid_to_context, METH_VARARGS, NULL},
+ { (char *)"avc_sid_to_context_raw", _wrap_avc_sid_to_context_raw, METH_VARARGS, NULL},
+ { (char *)"avc_context_to_sid", _wrap_avc_context_to_sid, METH_VARARGS, NULL},
+ { (char *)"avc_context_to_sid_raw", _wrap_avc_context_to_sid_raw, METH_VARARGS, NULL},
+ { (char *)"sidget", _wrap_sidget, METH_VARARGS, NULL},
+ { (char *)"sidput", _wrap_sidput, METH_VARARGS, NULL},
+ { (char *)"avc_get_initial_sid", _wrap_avc_get_initial_sid, METH_VARARGS, NULL},
+ { (char *)"avc_entry_ref_ae_set", _wrap_avc_entry_ref_ae_set, METH_VARARGS, NULL},
+ { (char *)"avc_entry_ref_ae_get", _wrap_avc_entry_ref_ae_get, METH_VARARGS, NULL},
+ { (char *)"new_avc_entry_ref", _wrap_new_avc_entry_ref, METH_VARARGS, NULL},
+ { (char *)"delete_avc_entry_ref", _wrap_delete_avc_entry_ref, METH_VARARGS, NULL},
+ { (char *)"avc_entry_ref_swigregister", avc_entry_ref_swigregister, METH_VARARGS, NULL},
+ { (char *)"avc_memory_callback_func_malloc_set", _wrap_avc_memory_callback_func_malloc_set, METH_VARARGS, NULL},
+ { (char *)"avc_memory_callback_func_malloc_get", _wrap_avc_memory_callback_func_malloc_get, METH_VARARGS, NULL},
+ { (char *)"avc_memory_callback_func_free_set", _wrap_avc_memory_callback_func_free_set, METH_VARARGS, NULL},
+ { (char *)"avc_memory_callback_func_free_get", _wrap_avc_memory_callback_func_free_get, METH_VARARGS, NULL},
+ { (char *)"new_avc_memory_callback", _wrap_new_avc_memory_callback, METH_VARARGS, NULL},
+ { (char *)"delete_avc_memory_callback", _wrap_delete_avc_memory_callback, METH_VARARGS, NULL},
+ { (char *)"avc_memory_callback_swigregister", avc_memory_callback_swigregister, METH_VARARGS, NULL},
+ { (char *)"avc_log_callback_func_log_set", _wrap_avc_log_callback_func_log_set, METH_VARARGS, NULL},
+ { (char *)"avc_log_callback_func_log_get", _wrap_avc_log_callback_func_log_get, METH_VARARGS, NULL},
+ { (char *)"avc_log_callback_func_audit_set", _wrap_avc_log_callback_func_audit_set, METH_VARARGS, NULL},
+ { (char *)"avc_log_callback_func_audit_get", _wrap_avc_log_callback_func_audit_get, METH_VARARGS, NULL},
+ { (char *)"new_avc_log_callback", _wrap_new_avc_log_callback, METH_VARARGS, NULL},
+ { (char *)"delete_avc_log_callback", _wrap_delete_avc_log_callback, METH_VARARGS, NULL},
+ { (char *)"avc_log_callback_swigregister", avc_log_callback_swigregister, METH_VARARGS, NULL},
+ { (char *)"avc_thread_callback_func_create_thread_set", _wrap_avc_thread_callback_func_create_thread_set, METH_VARARGS, NULL},
+ { (char *)"avc_thread_callback_func_create_thread_get", _wrap_avc_thread_callback_func_create_thread_get, METH_VARARGS, NULL},
+ { (char *)"avc_thread_callback_func_stop_thread_set", _wrap_avc_thread_callback_func_stop_thread_set, METH_VARARGS, NULL},
+ { (char *)"avc_thread_callback_func_stop_thread_get", _wrap_avc_thread_callback_func_stop_thread_get, METH_VARARGS, NULL},
+ { (char *)"new_avc_thread_callback", _wrap_new_avc_thread_callback, METH_VARARGS, NULL},
+ { (char *)"delete_avc_thread_callback", _wrap_delete_avc_thread_callback, METH_VARARGS, NULL},
+ { (char *)"avc_thread_callback_swigregister", avc_thread_callback_swigregister, METH_VARARGS, NULL},
+ { (char *)"avc_lock_callback_func_alloc_lock_set", _wrap_avc_lock_callback_func_alloc_lock_set, METH_VARARGS, NULL},
+ { (char *)"avc_lock_callback_func_alloc_lock_get", _wrap_avc_lock_callback_func_alloc_lock_get, METH_VARARGS, NULL},
+ { (char *)"avc_lock_callback_func_get_lock_set", _wrap_avc_lock_callback_func_get_lock_set, METH_VARARGS, NULL},
+ { (char *)"avc_lock_callback_func_get_lock_get", _wrap_avc_lock_callback_func_get_lock_get, METH_VARARGS, NULL},
+ { (char *)"avc_lock_callback_func_release_lock_set", _wrap_avc_lock_callback_func_release_lock_set, METH_VARARGS, NULL},
+ { (char *)"avc_lock_callback_func_release_lock_get", _wrap_avc_lock_callback_func_release_lock_get, METH_VARARGS, NULL},
+ { (char *)"avc_lock_callback_func_free_lock_set", _wrap_avc_lock_callback_func_free_lock_set, METH_VARARGS, NULL},
+ { (char *)"avc_lock_callback_func_free_lock_get", _wrap_avc_lock_callback_func_free_lock_get, METH_VARARGS, NULL},
+ { (char *)"new_avc_lock_callback", _wrap_new_avc_lock_callback, METH_VARARGS, NULL},
+ { (char *)"delete_avc_lock_callback", _wrap_delete_avc_lock_callback, METH_VARARGS, NULL},
+ { (char *)"avc_lock_callback_swigregister", avc_lock_callback_swigregister, METH_VARARGS, NULL},
+ { (char *)"avc_init", _wrap_avc_init, METH_VARARGS, NULL},
+ { (char *)"avc_open", _wrap_avc_open, METH_VARARGS, NULL},
+ { (char *)"avc_cleanup", _wrap_avc_cleanup, METH_VARARGS, NULL},
+ { (char *)"avc_reset", _wrap_avc_reset, METH_VARARGS, NULL},
+ { (char *)"avc_destroy", _wrap_avc_destroy, METH_VARARGS, NULL},
+ { (char *)"avc_has_perm_noaudit", _wrap_avc_has_perm_noaudit, METH_VARARGS, NULL},
+ { (char *)"avc_has_perm", _wrap_avc_has_perm, METH_VARARGS, NULL},
+ { (char *)"avc_audit", _wrap_avc_audit, METH_VARARGS, NULL},
+ { (char *)"avc_compute_create", _wrap_avc_compute_create, METH_VARARGS, NULL},
+ { (char *)"avc_compute_member", _wrap_avc_compute_member, METH_VARARGS, NULL},
+ { (char *)"avc_cache_stats_entry_lookups_set", _wrap_avc_cache_stats_entry_lookups_set, METH_VARARGS, NULL},
+ { (char *)"avc_cache_stats_entry_lookups_get", _wrap_avc_cache_stats_entry_lookups_get, METH_VARARGS, NULL},
+ { (char *)"avc_cache_stats_entry_hits_set", _wrap_avc_cache_stats_entry_hits_set, METH_VARARGS, NULL},
+ { (char *)"avc_cache_stats_entry_hits_get", _wrap_avc_cache_stats_entry_hits_get, METH_VARARGS, NULL},
+ { (char *)"avc_cache_stats_entry_misses_set", _wrap_avc_cache_stats_entry_misses_set, METH_VARARGS, NULL},
+ { (char *)"avc_cache_stats_entry_misses_get", _wrap_avc_cache_stats_entry_misses_get, METH_VARARGS, NULL},
+ { (char *)"avc_cache_stats_entry_discards_set", _wrap_avc_cache_stats_entry_discards_set, METH_VARARGS, NULL},
+ { (char *)"avc_cache_stats_entry_discards_get", _wrap_avc_cache_stats_entry_discards_get, METH_VARARGS, NULL},
+ { (char *)"avc_cache_stats_cav_lookups_set", _wrap_avc_cache_stats_cav_lookups_set, METH_VARARGS, NULL},
+ { (char *)"avc_cache_stats_cav_lookups_get", _wrap_avc_cache_stats_cav_lookups_get, METH_VARARGS, NULL},
+ { (char *)"avc_cache_stats_cav_hits_set", _wrap_avc_cache_stats_cav_hits_set, METH_VARARGS, NULL},
+ { (char *)"avc_cache_stats_cav_hits_get", _wrap_avc_cache_stats_cav_hits_get, METH_VARARGS, NULL},
+ { (char *)"avc_cache_stats_cav_probes_set", _wrap_avc_cache_stats_cav_probes_set, METH_VARARGS, NULL},
+ { (char *)"avc_cache_stats_cav_probes_get", _wrap_avc_cache_stats_cav_probes_get, METH_VARARGS, NULL},
+ { (char *)"avc_cache_stats_cav_misses_set", _wrap_avc_cache_stats_cav_misses_set, METH_VARARGS, NULL},
+ { (char *)"avc_cache_stats_cav_misses_get", _wrap_avc_cache_stats_cav_misses_get, METH_VARARGS, NULL},
+ { (char *)"new_avc_cache_stats", _wrap_new_avc_cache_stats, METH_VARARGS, NULL},
+ { (char *)"delete_avc_cache_stats", _wrap_delete_avc_cache_stats, METH_VARARGS, NULL},
+ { (char *)"avc_cache_stats_swigregister", avc_cache_stats_swigregister, METH_VARARGS, NULL},
+ { (char *)"avc_av_stats", _wrap_avc_av_stats, METH_VARARGS, NULL},
+ { (char *)"avc_sid_stats", _wrap_avc_sid_stats, METH_VARARGS, NULL},
+ { (char *)"selinux_default_type_path", _wrap_selinux_default_type_path, METH_VARARGS, NULL},
+ { (char *)"get_default_type", _wrap_get_default_type, METH_VARARGS, NULL},
+ { (char *)"get_ordered_context_list", _wrap_get_ordered_context_list, METH_VARARGS, NULL},
+ { (char *)"get_ordered_context_list_with_level", _wrap_get_ordered_context_list_with_level, METH_VARARGS, NULL},
+ { (char *)"get_default_context", _wrap_get_default_context, METH_VARARGS, NULL},
+ { (char *)"get_default_context_with_level", _wrap_get_default_context_with_level, METH_VARARGS, NULL},
+ { (char *)"get_default_context_with_role", _wrap_get_default_context_with_role, METH_VARARGS, NULL},
+ { (char *)"get_default_context_with_rolelevel", _wrap_get_default_context_with_rolelevel, METH_VARARGS, NULL},
+ { (char *)"query_user_context", _wrap_query_user_context, METH_VARARGS, NULL},
+ { (char *)"manual_user_enter_context", _wrap_manual_user_enter_context, METH_VARARGS, NULL},
+ { NULL, NULL, 0, NULL }
+};
+
+
+/* -------- TYPE CONVERSION AND EQUIVALENCE RULES (BEGIN) -------- */
+
+static swig_type_info _swigt__p_SELboolean = {"_p_SELboolean", "SELboolean *", 0, 0, (void*)0, 0};
+static swig_type_info _swigt__p_av_decision = {"_p_av_decision", "struct av_decision *|av_decision *", 0, 0, (void*)0, 0};
+static swig_type_info _swigt__p_avc_cache_stats = {"_p_avc_cache_stats", "struct avc_cache_stats *|avc_cache_stats *", 0, 0, (void*)0, 0};
+static swig_type_info _swigt__p_avc_entry = {"_p_avc_entry", "struct avc_entry *", 0, 0, (void*)0, 0};
+static swig_type_info _swigt__p_avc_entry_ref = {"_p_avc_entry_ref", "struct avc_entry_ref *|avc_entry_ref *", 0, 0, (void*)0, 0};
+static swig_type_info _swigt__p_avc_lock_callback = {"_p_avc_lock_callback", "struct avc_lock_callback *|avc_lock_callback *", 0, 0, (void*)0, 0};
+static swig_type_info _swigt__p_avc_log_callback = {"_p_avc_log_callback", "struct avc_log_callback *|avc_log_callback *", 0, 0, (void*)0, 0};
+static swig_type_info _swigt__p_avc_memory_callback = {"_p_avc_memory_callback", "struct avc_memory_callback *|avc_memory_callback *", 0, 0, (void*)0, 0};
+static swig_type_info _swigt__p_avc_thread_callback = {"_p_avc_thread_callback", "struct avc_thread_callback *|avc_thread_callback *", 0, 0, (void*)0, 0};
+static swig_type_info _swigt__p_char = {"_p_char", "char *", 0, 0, (void*)0, 0};
+static swig_type_info _swigt__p_f_int_p_q_const__char_v_______int = {"_p_f_int_p_q_const__char_v_______int", "int (*)(int,char const *,...)", 0, 0, (void*)0, 0};
+static swig_type_info _swigt__p_f_p_f_void__void__p_void = {"_p_f_p_f_void__void__p_void", "void *(*)(void (*)(void))", 0, 0, (void*)0, 0};
+static swig_type_info _swigt__p_f_p_p_char__int = {"_p_f_p_p_char__int", "int (*)(char **)|int (*)(security_context_t *)", 0, 0, (void*)0, 0};
+static swig_type_info _swigt__p_f_p_q_const__char_v_______void = {"_p_f_p_q_const__char_v_______void", "void (*)(char const *,...)", 0, 0, (void*)0, 0};
+static swig_type_info _swigt__p_f_p_void__void = {"_p_f_p_void__void", "void (*)(void *)", 0, 0, (void*)0, 0};
+static swig_type_info _swigt__p_f_p_void_unsigned_short_p_char_size_t__int = {"_p_f_p_void_unsigned_short_p_char_size_t__int", "int (*)(void *,unsigned short,char *,size_t)|int (*)(void *,security_class_t,char *,size_t)", 0, 0, (void*)0, 0};
+static swig_type_info _swigt__p_f_p_void_unsigned_short_p_char_size_t__void = {"_p_f_p_void_unsigned_short_p_char_size_t__void", "void (*)(void *,unsigned short,char *,size_t)|void (*)(void *,security_class_t,char *,size_t)", 0, 0, (void*)0, 0};
+static swig_type_info _swigt__p_f_size_t__p_void = {"_p_f_size_t__p_void", "void *(*)(size_t)", 0, 0, (void*)0, 0};
+static swig_type_info _swigt__p_f_void__p_void = {"_p_f_void__p_void", "void *(*)(void)", 0, 0, (void*)0, 0};
+static swig_type_info _swigt__p_ino_t = {"_p_ino_t", "ino_t *", 0, 0, (void*)0, 0};
+static swig_type_info _swigt__p_int = {"_p_int", "int *", 0, 0, (void*)0, 0};
+static swig_type_info _swigt__p_p_char = {"_p_p_char", "char **|security_context_t *", 0, 0, (void*)0, 0};
+static swig_type_info _swigt__p_p_p_char = {"_p_p_p_char", "char ***|security_context_t **", 0, 0, (void*)0, 0};
+static swig_type_info _swigt__p_p_security_id = {"_p_p_security_id", "struct security_id **|security_id_t *", 0, 0, (void*)0, 0};
+static swig_type_info _swigt__p_security_class_mapping = {"_p_security_class_mapping", "struct security_class_mapping *|security_class_mapping *", 0, 0, (void*)0, 0};
+static swig_type_info _swigt__p_security_id = {"_p_security_id", "security_id_t|struct security_id *|security_id *", 0, 0, (void*)0, 0};
+static swig_type_info _swigt__p_selinux_callback = {"_p_selinux_callback", "union selinux_callback *|selinux_callback *", 0, 0, (void*)0, 0};
+static swig_type_info _swigt__p_selinux_opt = {"_p_selinux_opt", "struct selinux_opt *|selinux_opt *", 0, 0, (void*)0, 0};
+static swig_type_info _swigt__p_unsigned_int = {"_p_unsigned_int", "unsigned int *|access_vector_t *|mode_t *|pid_t *", 0, 0, (void*)0, 0};
+static swig_type_info _swigt__p_unsigned_short = {"_p_unsigned_short", "security_class_t *|unsigned short *", 0, 0, (void*)0, 0};
+
+static swig_type_info *swig_type_initial[] = {
+ &_swigt__p_SELboolean,
+ &_swigt__p_av_decision,
+ &_swigt__p_avc_cache_stats,
+ &_swigt__p_avc_entry,
+ &_swigt__p_avc_entry_ref,
+ &_swigt__p_avc_lock_callback,
+ &_swigt__p_avc_log_callback,
+ &_swigt__p_avc_memory_callback,
+ &_swigt__p_avc_thread_callback,
+ &_swigt__p_char,
+ &_swigt__p_f_int_p_q_const__char_v_______int,
+ &_swigt__p_f_p_f_void__void__p_void,
+ &_swigt__p_f_p_p_char__int,
+ &_swigt__p_f_p_q_const__char_v_______void,
+ &_swigt__p_f_p_void__void,
+ &_swigt__p_f_p_void_unsigned_short_p_char_size_t__int,
+ &_swigt__p_f_p_void_unsigned_short_p_char_size_t__void,
+ &_swigt__p_f_size_t__p_void,
+ &_swigt__p_f_void__p_void,
+ &_swigt__p_ino_t,
+ &_swigt__p_int,
+ &_swigt__p_p_char,
+ &_swigt__p_p_p_char,
+ &_swigt__p_p_security_id,
+ &_swigt__p_security_class_mapping,
+ &_swigt__p_security_id,
+ &_swigt__p_selinux_callback,
+ &_swigt__p_selinux_opt,
+ &_swigt__p_unsigned_int,
+ &_swigt__p_unsigned_short,
+};
+
+static swig_cast_info _swigc__p_SELboolean[] = { {&_swigt__p_SELboolean, 0, 0, 0},{0, 0, 0, 0}};
+static swig_cast_info _swigc__p_av_decision[] = { {&_swigt__p_av_decision, 0, 0, 0},{0, 0, 0, 0}};
+static swig_cast_info _swigc__p_avc_cache_stats[] = { {&_swigt__p_avc_cache_stats, 0, 0, 0},{0, 0, 0, 0}};
+static swig_cast_info _swigc__p_avc_entry[] = { {&_swigt__p_avc_entry, 0, 0, 0},{0, 0, 0, 0}};
+static swig_cast_info _swigc__p_avc_entry_ref[] = { {&_swigt__p_avc_entry_ref, 0, 0, 0},{0, 0, 0, 0}};
+static swig_cast_info _swigc__p_avc_lock_callback[] = { {&_swigt__p_avc_lock_callback, 0, 0, 0},{0, 0, 0, 0}};
+static swig_cast_info _swigc__p_avc_log_callback[] = { {&_swigt__p_avc_log_callback, 0, 0, 0},{0, 0, 0, 0}};
+static swig_cast_info _swigc__p_avc_memory_callback[] = { {&_swigt__p_avc_memory_callback, 0, 0, 0},{0, 0, 0, 0}};
+static swig_cast_info _swigc__p_avc_thread_callback[] = { {&_swigt__p_avc_thread_callback, 0, 0, 0},{0, 0, 0, 0}};
+static swig_cast_info _swigc__p_char[] = { {&_swigt__p_char, 0, 0, 0},{0, 0, 0, 0}};
+static swig_cast_info _swigc__p_f_int_p_q_const__char_v_______int[] = { {&_swigt__p_f_int_p_q_const__char_v_______int, 0, 0, 0},{0, 0, 0, 0}};
+static swig_cast_info _swigc__p_f_p_f_void__void__p_void[] = { {&_swigt__p_f_p_f_void__void__p_void, 0, 0, 0},{0, 0, 0, 0}};
+static swig_cast_info _swigc__p_f_p_p_char__int[] = { {&_swigt__p_f_p_p_char__int, 0, 0, 0},{0, 0, 0, 0}};
+static swig_cast_info _swigc__p_f_p_q_const__char_v_______void[] = { {&_swigt__p_f_p_q_const__char_v_______void, 0, 0, 0},{0, 0, 0, 0}};
+static swig_cast_info _swigc__p_f_p_void__void[] = { {&_swigt__p_f_p_void__void, 0, 0, 0},{0, 0, 0, 0}};
+static swig_cast_info _swigc__p_f_p_void_unsigned_short_p_char_size_t__int[] = { {&_swigt__p_f_p_void_unsigned_short_p_char_size_t__int, 0, 0, 0},{0, 0, 0, 0}};
+static swig_cast_info _swigc__p_f_p_void_unsigned_short_p_char_size_t__void[] = { {&_swigt__p_f_p_void_unsigned_short_p_char_size_t__void, 0, 0, 0},{0, 0, 0, 0}};
+static swig_cast_info _swigc__p_f_size_t__p_void[] = { {&_swigt__p_f_size_t__p_void, 0, 0, 0},{0, 0, 0, 0}};
+static swig_cast_info _swigc__p_f_void__p_void[] = { {&_swigt__p_f_void__p_void, 0, 0, 0},{0, 0, 0, 0}};
+static swig_cast_info _swigc__p_ino_t[] = { {&_swigt__p_ino_t, 0, 0, 0},{0, 0, 0, 0}};
+static swig_cast_info _swigc__p_int[] = { {&_swigt__p_int, 0, 0, 0},{0, 0, 0, 0}};
+static swig_cast_info _swigc__p_p_char[] = { {&_swigt__p_p_char, 0, 0, 0},{0, 0, 0, 0}};
+static swig_cast_info _swigc__p_p_p_char[] = { {&_swigt__p_p_p_char, 0, 0, 0},{0, 0, 0, 0}};
+static swig_cast_info _swigc__p_p_security_id[] = { {&_swigt__p_p_security_id, 0, 0, 0},{0, 0, 0, 0}};
+static swig_cast_info _swigc__p_security_class_mapping[] = { {&_swigt__p_security_class_mapping, 0, 0, 0},{0, 0, 0, 0}};
+static swig_cast_info _swigc__p_security_id[] = { {&_swigt__p_security_id, 0, 0, 0},{0, 0, 0, 0}};
+static swig_cast_info _swigc__p_selinux_callback[] = { {&_swigt__p_selinux_callback, 0, 0, 0},{0, 0, 0, 0}};
+static swig_cast_info _swigc__p_selinux_opt[] = { {&_swigt__p_selinux_opt, 0, 0, 0},{0, 0, 0, 0}};
+static swig_cast_info _swigc__p_unsigned_int[] = { {&_swigt__p_unsigned_int, 0, 0, 0},{0, 0, 0, 0}};
+static swig_cast_info _swigc__p_unsigned_short[] = { {&_swigt__p_unsigned_short, 0, 0, 0},{0, 0, 0, 0}};
+
+static swig_cast_info *swig_cast_initial[] = {
+ _swigc__p_SELboolean,
+ _swigc__p_av_decision,
+ _swigc__p_avc_cache_stats,
+ _swigc__p_avc_entry,
+ _swigc__p_avc_entry_ref,
+ _swigc__p_avc_lock_callback,
+ _swigc__p_avc_log_callback,
+ _swigc__p_avc_memory_callback,
+ _swigc__p_avc_thread_callback,
+ _swigc__p_char,
+ _swigc__p_f_int_p_q_const__char_v_______int,
+ _swigc__p_f_p_f_void__void__p_void,
+ _swigc__p_f_p_p_char__int,
+ _swigc__p_f_p_q_const__char_v_______void,
+ _swigc__p_f_p_void__void,
+ _swigc__p_f_p_void_unsigned_short_p_char_size_t__int,
+ _swigc__p_f_p_void_unsigned_short_p_char_size_t__void,
+ _swigc__p_f_size_t__p_void,
+ _swigc__p_f_void__p_void,
+ _swigc__p_ino_t,
+ _swigc__p_int,
+ _swigc__p_p_char,
+ _swigc__p_p_p_char,
+ _swigc__p_p_security_id,
+ _swigc__p_security_class_mapping,
+ _swigc__p_security_id,
+ _swigc__p_selinux_callback,
+ _swigc__p_selinux_opt,
+ _swigc__p_unsigned_int,
+ _swigc__p_unsigned_short,
+};
+
+
+/* -------- TYPE CONVERSION AND EQUIVALENCE RULES (END) -------- */
+
+static swig_const_info swig_const_table[] = {
+{0, 0, 0, 0.0, 0, 0}};
+
+#ifdef __cplusplus
+}
+#endif
+/* -----------------------------------------------------------------------------
+ * Type initialization:
+ * This problem is tough by the requirement that no dynamic
+ * memory is used. Also, since swig_type_info structures store pointers to
+ * swig_cast_info structures and swig_cast_info structures store pointers back
+ * to swig_type_info structures, we need some lookup code at initialization.
+ * The idea is that swig generates all the structures that are needed.
+ * The runtime then collects these partially filled structures.
+ * The SWIG_InitializeModule function takes these initial arrays out of
+ * swig_module, and does all the lookup, filling in the swig_module.types
+ * array with the correct data and linking the correct swig_cast_info
+ * structures together.
+ *
+ * The generated swig_type_info structures are assigned staticly to an initial
+ * array. We just loop through that array, and handle each type individually.
+ * First we lookup if this type has been already loaded, and if so, use the
+ * loaded structure instead of the generated one. Then we have to fill in the
+ * cast linked list. The cast data is initially stored in something like a
+ * two-dimensional array. Each row corresponds to a type (there are the same
+ * number of rows as there are in the swig_type_initial array). Each entry in
+ * a column is one of the swig_cast_info structures for that type.
+ * The cast_initial array is actually an array of arrays, because each row has
+ * a variable number of columns. So to actually build the cast linked list,
+ * we find the array of casts associated with the type, and loop through it
+ * adding the casts to the list. The one last trick we need to do is making
+ * sure the type pointer in the swig_cast_info struct is correct.
+ *
+ * First off, we lookup the cast->type name to see if it is already loaded.
+ * There are three cases to handle:
+ * 1) If the cast->type has already been loaded AND the type we are adding
+ * casting info to has not been loaded (it is in this module), THEN we
+ * replace the cast->type pointer with the type pointer that has already
+ * been loaded.
+ * 2) If BOTH types (the one we are adding casting info to, and the
+ * cast->type) are loaded, THEN the cast info has already been loaded by
+ * the previous module so we just ignore it.
+ * 3) Finally, if cast->type has not already been loaded, then we add that
+ * swig_cast_info to the linked list (because the cast->type) pointer will
+ * be correct.
+ * ----------------------------------------------------------------------------- */
+
+#ifdef __cplusplus
+extern "C" {
+#if 0
+} /* c-mode */
+#endif
+#endif
+
+#if 0
+#define SWIGRUNTIME_DEBUG
+#endif
+
+
+SWIGRUNTIME void
+SWIG_InitializeModule(void *clientdata) {
+ size_t i;
+ swig_module_info *module_head, *iter;
+ int found;
+
+ clientdata = clientdata;
+
+ /* check to see if the circular list has been setup, if not, set it up */
+ if (swig_module.next==0) {
+ /* Initialize the swig_module */
+ swig_module.type_initial = swig_type_initial;
+ swig_module.cast_initial = swig_cast_initial;
+ swig_module.next = &swig_module;
+ }
+
+ /* Try and load any already created modules */
+ module_head = SWIG_GetModule(clientdata);
+ if (!module_head) {
+ /* This is the first module loaded for this interpreter */
+ /* so set the swig module into the interpreter */
+ SWIG_SetModule(clientdata, &swig_module);
+ module_head = &swig_module;
+ } else {
+ /* the interpreter has loaded a SWIG module, but has it loaded this one? */
+ found=0;
+ iter=module_head;
+ do {
+ if (iter==&swig_module) {
+ found=1;
+ break;
+ }
+ iter=iter->next;
+ } while (iter!= module_head);
+
+ /* if the is found in the list, then all is done and we may leave */
+ if (found) return;
+ /* otherwise we must add out module into the list */
+ swig_module.next = module_head->next;
+ module_head->next = &swig_module;
+ }
+
+ /* Now work on filling in swig_module.types */
+#ifdef SWIGRUNTIME_DEBUG
+ printf("SWIG_InitializeModule: size %d\n", swig_module.size);
+#endif
+ for (i = 0; i < swig_module.size; ++i) {
+ swig_type_info *type = 0;
+ swig_type_info *ret;
+ swig_cast_info *cast;
+
+#ifdef SWIGRUNTIME_DEBUG
+ printf("SWIG_InitializeModule: type %d %s\n", i, swig_module.type_initial[i]->name);
+#endif
+
+ /* if there is another module already loaded */
+ if (swig_module.next != &swig_module) {
+ type = SWIG_MangledTypeQueryModule(swig_module.next, &swig_module, swig_module.type_initial[i]->name);
+ }
+ if (type) {
+ /* Overwrite clientdata field */
+#ifdef SWIGRUNTIME_DEBUG
+ printf("SWIG_InitializeModule: found type %s\n", type->name);
+#endif
+ if (swig_module.type_initial[i]->clientdata) {
+ type->clientdata = swig_module.type_initial[i]->clientdata;
+#ifdef SWIGRUNTIME_DEBUG
+ printf("SWIG_InitializeModule: found and overwrite type %s \n", type->name);
+#endif
+ }
+ } else {
+ type = swig_module.type_initial[i];
+ }
+
+ /* Insert casting types */
+ cast = swig_module.cast_initial[i];
+ while (cast->type) {
+ /* Don't need to add information already in the list */
+ ret = 0;
+#ifdef SWIGRUNTIME_DEBUG
+ printf("SWIG_InitializeModule: look cast %s\n", cast->type->name);
+#endif
+ if (swig_module.next != &swig_module) {
+ ret = SWIG_MangledTypeQueryModule(swig_module.next, &swig_module, cast->type->name);
+#ifdef SWIGRUNTIME_DEBUG
+ if (ret) printf("SWIG_InitializeModule: found cast %s\n", ret->name);
+#endif
+ }
+ if (ret) {
+ if (type == swig_module.type_initial[i]) {
+#ifdef SWIGRUNTIME_DEBUG
+ printf("SWIG_InitializeModule: skip old type %s\n", ret->name);
+#endif
+ cast->type = ret;
+ ret = 0;
+ } else {
+ /* Check for casting already in the list */
+ swig_cast_info *ocast = SWIG_TypeCheck(ret->name, type);
+#ifdef SWIGRUNTIME_DEBUG
+ if (ocast) printf("SWIG_InitializeModule: skip old cast %s\n", ret->name);
+#endif
+ if (!ocast) ret = 0;
+ }
+ }
+
+ if (!ret) {
+#ifdef SWIGRUNTIME_DEBUG
+ printf("SWIG_InitializeModule: adding cast %s\n", cast->type->name);
+#endif
+ if (type->cast) {
+ type->cast->prev = cast;
+ cast->next = type->cast;
+ }
+ type->cast = cast;
+ }
+ cast++;
+ }
+ /* Set entry in modules->types array equal to the type */
+ swig_module.types[i] = type;
+ }
+ swig_module.types[i] = 0;
+
+#ifdef SWIGRUNTIME_DEBUG
+ printf("**** SWIG_InitializeModule: Cast List ******\n");
+ for (i = 0; i < swig_module.size; ++i) {
+ int j = 0;
+ swig_cast_info *cast = swig_module.cast_initial[i];
+ printf("SWIG_InitializeModule: type %d %s\n", i, swig_module.type_initial[i]->name);
+ while (cast->type) {
+ printf("SWIG_InitializeModule: cast type %s\n", cast->type->name);
+ cast++;
+ ++j;
+ }
+ printf("---- Total casts: %d\n",j);
+ }
+ printf("**** SWIG_InitializeModule: Cast List ******\n");
+#endif
+}
+
+/* This function will propagate the clientdata field of type to
+* any new swig_type_info structures that have been added into the list
+* of equivalent types. It is like calling
+* SWIG_TypeClientData(type, clientdata) a second time.
+*/
+SWIGRUNTIME void
+SWIG_PropagateClientData(void) {
+ size_t i;
+ swig_cast_info *equiv;
+ static int init_run = 0;
+
+ if (init_run) return;
+ init_run = 1;
+
+ for (i = 0; i < swig_module.size; i++) {
+ if (swig_module.types[i]->clientdata) {
+ equiv = swig_module.types[i]->cast;
+ while (equiv) {
+ if (!equiv->converter) {
+ if (equiv->type && !equiv->type->clientdata)
+ SWIG_TypeClientData(equiv->type, swig_module.types[i]->clientdata);
+ }
+ equiv = equiv->next;
+ }
+ }
+ }
+}
+
+#ifdef __cplusplus
+#if 0
+{
+ /* c-mode */
+#endif
+}
+#endif
+
+
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+ /* Python-specific SWIG API */
+#define SWIG_newvarlink() SWIG_Python_newvarlink()
+#define SWIG_addvarlink(p, name, get_attr, set_attr) SWIG_Python_addvarlink(p, name, get_attr, set_attr)
+#define SWIG_InstallConstants(d, constants) SWIG_Python_InstallConstants(d, constants)
+
+ /* -----------------------------------------------------------------------------
+ * global variable support code.
+ * ----------------------------------------------------------------------------- */
+
+ typedef struct swig_globalvar {
+ char *name; /* Name of global variable */
+ PyObject *(*get_attr)(void); /* Return the current value */
+ int (*set_attr)(PyObject *); /* Set the value */
+ struct swig_globalvar *next;
+ } swig_globalvar;
+
+ typedef struct swig_varlinkobject {
+ PyObject_HEAD
+ swig_globalvar *vars;
+ } swig_varlinkobject;
+
+ SWIGINTERN PyObject *
+ swig_varlink_repr(swig_varlinkobject *SWIGUNUSEDPARM(v)) {
+ return PyString_FromString("<Swig global variables>");
+ }
+
+ SWIGINTERN PyObject *
+ swig_varlink_str(swig_varlinkobject *v) {
+ PyObject *str = PyString_FromString("(");
+ swig_globalvar *var;
+ for (var = v->vars; var; var=var->next) {
+ PyString_ConcatAndDel(&str,PyString_FromString(var->name));
+ if (var->next) PyString_ConcatAndDel(&str,PyString_FromString(", "));
+ }
+ PyString_ConcatAndDel(&str,PyString_FromString(")"));
+ return str;
+ }
+
+ SWIGINTERN int
+ swig_varlink_print(swig_varlinkobject *v, FILE *fp, int SWIGUNUSEDPARM(flags)) {
+ PyObject *str = swig_varlink_str(v);
+ fprintf(fp,"Swig global variables ");
+ fprintf(fp,"%s\n", PyString_AsString(str));
+ Py_DECREF(str);
+ return 0;
+ }
+
+ SWIGINTERN void
+ swig_varlink_dealloc(swig_varlinkobject *v) {
+ swig_globalvar *var = v->vars;
+ while (var) {
+ swig_globalvar *n = var->next;
+ free(var->name);
+ free(var);
+ var = n;
+ }
+ }
+
+ SWIGINTERN PyObject *
+ swig_varlink_getattr(swig_varlinkobject *v, char *n) {
+ PyObject *res = NULL;
+ swig_globalvar *var = v->vars;
+ while (var) {
+ if (strcmp(var->name,n) == 0) {
+ res = (*var->get_attr)();
+ break;
+ }
+ var = var->next;
+ }
+ if (res == NULL && !PyErr_Occurred()) {
+ PyErr_SetString(PyExc_NameError,"Unknown C global variable");
+ }
+ return res;
+ }
+
+ SWIGINTERN int
+ swig_varlink_setattr(swig_varlinkobject *v, char *n, PyObject *p) {
+ int res = 1;
+ swig_globalvar *var = v->vars;
+ while (var) {
+ if (strcmp(var->name,n) == 0) {
+ res = (*var->set_attr)(p);
+ break;
+ }
+ var = var->next;
+ }
+ if (res == 1 && !PyErr_Occurred()) {
+ PyErr_SetString(PyExc_NameError,"Unknown C global variable");
+ }
+ return res;
+ }
+
+ SWIGINTERN PyTypeObject*
+ swig_varlink_type(void) {
+ static char varlink__doc__[] = "Swig var link object";
+ static PyTypeObject varlink_type;
+ static int type_init = 0;
+ if (!type_init) {
+ const PyTypeObject tmp
+ = {
+ PyObject_HEAD_INIT(NULL)
+ 0, /* Number of items in variable part (ob_size) */
+ (char *)"swigvarlink", /* Type name (tp_name) */
+ sizeof(swig_varlinkobject), /* Basic size (tp_basicsize) */
+ 0, /* Itemsize (tp_itemsize) */
+ (destructor) swig_varlink_dealloc, /* Deallocator (tp_dealloc) */
+ (printfunc) swig_varlink_print, /* Print (tp_print) */
+ (getattrfunc) swig_varlink_getattr, /* get attr (tp_getattr) */
+ (setattrfunc) swig_varlink_setattr, /* Set attr (tp_setattr) */
+ 0, /* tp_compare */
+ (reprfunc) swig_varlink_repr, /* tp_repr */
+ 0, /* tp_as_number */
+ 0, /* tp_as_sequence */
+ 0, /* tp_as_mapping */
+ 0, /* tp_hash */
+ 0, /* tp_call */
+ (reprfunc)swig_varlink_str, /* tp_str */
+ 0, /* tp_getattro */
+ 0, /* tp_setattro */
+ 0, /* tp_as_buffer */
+ 0, /* tp_flags */
+ varlink__doc__, /* tp_doc */
+ 0, /* tp_traverse */
+ 0, /* tp_clear */
+ 0, /* tp_richcompare */
+ 0, /* tp_weaklistoffset */
+#if PY_VERSION_HEX >= 0x02020000
+ 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0, /* tp_iter -> tp_weaklist */
+#endif
+#if PY_VERSION_HEX >= 0x02030000
+ 0, /* tp_del */
+#endif
+#ifdef COUNT_ALLOCS
+ 0,0,0,0 /* tp_alloc -> tp_next */
+#endif
+ };
+ varlink_type = tmp;
+ varlink_type.ob_type = &PyType_Type;
+ type_init = 1;
+ }
+ return &varlink_type;
+ }
+
+ /* Create a variable linking object for use later */
+ SWIGINTERN PyObject *
+ SWIG_Python_newvarlink(void) {
+ swig_varlinkobject *result = PyObject_NEW(swig_varlinkobject, swig_varlink_type());
+ if (result) {
+ result->vars = 0;
+ }
+ return ((PyObject*) result);
+ }
+
+ SWIGINTERN void
+ SWIG_Python_addvarlink(PyObject *p, char *name, PyObject *(*get_attr)(void), int (*set_attr)(PyObject *p)) {
+ swig_varlinkobject *v = (swig_varlinkobject *) p;
+ swig_globalvar *gv = (swig_globalvar *) malloc(sizeof(swig_globalvar));
+ if (gv) {
+ size_t size = strlen(name)+1;
+ gv->name = (char *)malloc(size);
+ if (gv->name) {
+ strncpy(gv->name,name,size);
+ gv->get_attr = get_attr;
+ gv->set_attr = set_attr;
+ gv->next = v->vars;
+ }
+ }
+ v->vars = gv;
+ }
+
+ SWIGINTERN PyObject *
+ SWIG_globals(void) {
+ static PyObject *_SWIG_globals = 0;
+ if (!_SWIG_globals) _SWIG_globals = SWIG_newvarlink();
+ return _SWIG_globals;
+ }
+
+ /* -----------------------------------------------------------------------------
+ * constants/methods manipulation
+ * ----------------------------------------------------------------------------- */
+
+ /* Install Constants */
+ SWIGINTERN void
+ SWIG_Python_InstallConstants(PyObject *d, swig_const_info constants[]) {
+ PyObject *obj = 0;
+ size_t i;
+ for (i = 0; constants[i].type; ++i) {
+ switch(constants[i].type) {
+ case SWIG_PY_POINTER:
+ obj = SWIG_NewPointerObj(constants[i].pvalue, *(constants[i]).ptype,0);
+ break;
+ case SWIG_PY_BINARY:
+ obj = SWIG_NewPackedObj(constants[i].pvalue, constants[i].lvalue, *(constants[i].ptype));
+ break;
+ default:
+ obj = 0;
+ break;
+ }
+ if (obj) {
+ PyDict_SetItemString(d, constants[i].name, obj);
+ Py_DECREF(obj);
+ }
+ }
+ }
+
+ /* -----------------------------------------------------------------------------*/
+ /* Fix SwigMethods to carry the callback ptrs when needed */
+ /* -----------------------------------------------------------------------------*/
+
+ SWIGINTERN void
+ SWIG_Python_FixMethods(PyMethodDef *methods,
+ swig_const_info *const_table,
+ swig_type_info **types,
+ swig_type_info **types_initial) {
+ size_t i;
+ for (i = 0; methods[i].ml_name; ++i) {
+ const char *c = methods[i].ml_doc;
+ if (c && (c = strstr(c, "swig_ptr: "))) {
+ int j;
+ swig_const_info *ci = 0;
+ const char *name = c + 10;
+ for (j = 0; const_table[j].type; ++j) {
+ if (strncmp(const_table[j].name, name,
+ strlen(const_table[j].name)) == 0) {
+ ci = &(const_table[j]);
+ break;
+ }
+ }
+ if (ci) {
+ size_t shift = (ci->ptype) - types;
+ swig_type_info *ty = types_initial[shift];
+ size_t ldoc = (c - methods[i].ml_doc);
+ size_t lptr = strlen(ty->name)+2*sizeof(void*)+2;
+ char *ndoc = (char*)malloc(ldoc + lptr + 10);
+ if (ndoc) {
+ char *buff = ndoc;
+ void *ptr = (ci->type == SWIG_PY_POINTER) ? ci->pvalue : 0;
+ if (ptr) {
+ strncpy(buff, methods[i].ml_doc, ldoc);
+ buff += ldoc;
+ strncpy(buff, "swig_ptr: ", 10);
+ buff += 10;
+ SWIG_PackVoidPtr(buff, ptr, ty->name, lptr);
+ methods[i].ml_doc = ndoc;
+ }
+ }
+ }
+ }
+ }
+ }
+
+#ifdef __cplusplus
+}
+#endif
+
+/* -----------------------------------------------------------------------------*
+ * Partial Init method
+ * -----------------------------------------------------------------------------*/
+
+#ifdef __cplusplus
+extern "C"
+#endif
+SWIGEXPORT void SWIG_init(void) {
+ PyObject *m, *d;
+
+ /* Fix SwigMethods to carry the callback ptrs when needed */
+ SWIG_Python_FixMethods(SwigMethods, swig_const_table, swig_types, swig_type_initial);
+
+ m = Py_InitModule((char *) SWIG_name, SwigMethods);
+ d = PyModule_GetDict(m);
+
+ SWIG_InitializeModule(0);
+ SWIG_InstallConstants(d,swig_const_table);
+
+
+ SWIG_Python_SetConstant(d, "SELINUX_CB_LOG",SWIG_From_int((int)(0)));
+ SWIG_Python_SetConstant(d, "SELINUX_CB_AUDIT",SWIG_From_int((int)(1)));
+ SWIG_Python_SetConstant(d, "SELINUX_CB_VALIDATE",SWIG_From_int((int)(2)));
+ SWIG_Python_SetConstant(d, "SELINUX_ERROR",SWIG_From_int((int)(0)));
+ SWIG_Python_SetConstant(d, "SELINUX_WARNING",SWIG_From_int((int)(1)));
+ SWIG_Python_SetConstant(d, "SELINUX_INFO",SWIG_From_int((int)(2)));
+ SWIG_Python_SetConstant(d, "SELINUX_AVC",SWIG_From_int((int)(3)));
+ SWIG_Python_SetConstant(d, "MATCHPATHCON_BASEONLY",SWIG_From_int((int)(1)));
+ SWIG_Python_SetConstant(d, "MATCHPATHCON_NOTRANS",SWIG_From_int((int)(2)));
+ SWIG_Python_SetConstant(d, "MATCHPATHCON_VALIDATE",SWIG_From_int((int)(4)));
+ SWIG_Python_SetConstant(d, "AVC_OPT_UNUSED",SWIG_From_int((int)(0)));
+ SWIG_Python_SetConstant(d, "AVC_OPT_SETENFORCE",SWIG_From_int((int)(1)));
+ SWIG_Python_SetConstant(d, "AVC_CALLBACK_GRANT",SWIG_From_int((int)(1)));
+ SWIG_Python_SetConstant(d, "AVC_CALLBACK_TRY_REVOKE",SWIG_From_int((int)(2)));
+ SWIG_Python_SetConstant(d, "AVC_CALLBACK_REVOKE",SWIG_From_int((int)(4)));
+ SWIG_Python_SetConstant(d, "AVC_CALLBACK_RESET",SWIG_From_int((int)(8)));
+ SWIG_Python_SetConstant(d, "AVC_CALLBACK_AUDITALLOW_ENABLE",SWIG_From_int((int)(16)));
+ SWIG_Python_SetConstant(d, "AVC_CALLBACK_AUDITALLOW_DISABLE",SWIG_From_int((int)(32)));
+ SWIG_Python_SetConstant(d, "AVC_CALLBACK_AUDITDENY_ENABLE",SWIG_From_int((int)(64)));
+ SWIG_Python_SetConstant(d, "AVC_CALLBACK_AUDITDENY_DISABLE",SWIG_From_int((int)(128)));
+ SWIG_Python_SetConstant(d, "AVC_CACHE_STATS",SWIG_From_int((int)(1)));
+ SWIG_Python_SetConstant(d, "SELINUX_DEFAULTUSER",SWIG_FromCharPtr("user_u"));
+}
+
diff --git a/libselinux/src/setenforce.c b/libselinux/src/setenforce.c
new file mode 100644
index 0000000..e5e7612
--- /dev/null
+++ b/libselinux/src/setenforce.c
@@ -0,0 +1,37 @@
+#include <unistd.h>
+#include <sys/types.h>
+#include <fcntl.h>
+#include <stdlib.h>
+#include <errno.h>
+#include <string.h>
+#include "selinux_internal.h"
+#include "policy.h"
+#include <stdio.h>
+#include <limits.h>
+
+int security_setenforce(int value)
+{
+ int fd, ret;
+ char path[PATH_MAX];
+ char buf[20];
+
+ if (!selinux_mnt) {
+ errno = ENOENT;
+ return -1;
+ }
+
+ snprintf(path, sizeof path, "%s/enforce", selinux_mnt);
+ fd = open(path, O_RDWR);
+ if (fd < 0)
+ return -1;
+
+ snprintf(buf, sizeof buf, "%d", value);
+ ret = write(fd, buf, strlen(buf));
+ close(fd);
+ if (ret < 0)
+ return -1;
+
+ return 0;
+}
+
+hidden_def(security_setenforce)
diff --git a/libselinux/src/setfilecon.c b/libselinux/src/setfilecon.c
new file mode 100644
index 0000000..8c633ef
--- /dev/null
+++ b/libselinux/src/setfilecon.c
@@ -0,0 +1,31 @@
+#include <unistd.h>
+#include <fcntl.h>
+#include <string.h>
+#include <stdlib.h>
+#include <errno.h>
+#include <sys/xattr.h>
+#include "selinux_internal.h"
+#include "policy.h"
+
+int setfilecon_raw(const char *path, security_context_t context)
+{
+ return setxattr(path, XATTR_NAME_SELINUX, context, strlen(context) + 1,
+ 0);
+}
+
+hidden_def(setfilecon_raw)
+
+int setfilecon(const char *path, security_context_t context)
+{
+ int ret;
+ security_context_t rcontext = context;
+
+ if (selinux_trans_to_raw_context(context, &rcontext))
+ return -1;
+
+ ret = setfilecon_raw(path, rcontext);
+
+ freecon(rcontext);
+
+ return ret;
+}
diff --git a/libselinux/src/setrans_client.c b/libselinux/src/setrans_client.c
new file mode 100644
index 0000000..a02f407
--- /dev/null
+++ b/libselinux/src/setrans_client.c
@@ -0,0 +1,345 @@
+/* Author: Trusted Computer Solutions, Inc.
+ *
+ * Modified:
+ * Yuichi Nakamura <ynakam@hitachisoft.jp>
+ - Stubs are used when DISABLE_SETRANS is defined,
+ it is to reduce size for such as embedded devices.
+*/
+
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <sys/un.h>
+
+#include <errno.h>
+#include <stdlib.h>
+#include <netdb.h>
+#include <fcntl.h>
+#include <stdio.h>
+#include <string.h>
+#include <ctype.h>
+#include <unistd.h>
+#include "dso.h"
+#include "selinux_internal.h"
+#include "setrans_internal.h"
+
+#ifndef DISABLE_SETRANS
+static int mls_enabled = -1;
+
+// Simple cache
+static __thread security_context_t prev_t2r_trans = NULL;
+static __thread security_context_t prev_t2r_raw = NULL;
+static __thread security_context_t prev_r2t_trans = NULL;
+static __thread security_context_t prev_r2t_raw = NULL;
+
+/*
+ * setransd_open
+ *
+ * This function opens a socket to the setransd.
+ * Returns: on success, a file descriptor ( >= 0 ) to the socket
+ * on error, a negative value
+ */
+static int setransd_open(void)
+{
+ struct sockaddr_un addr;
+ int fd;
+#ifdef SOCK_CLOEXEC
+ fd = socket(PF_UNIX, SOCK_STREAM|SOCK_CLOEXEC, 0);
+ if (fd < 0 && errno == EINVAL)
+#endif
+ {
+ fd = socket(PF_UNIX, SOCK_STREAM, 0);
+ if (fd >= 0)
+ fcntl(fd, F_SETFD, FD_CLOEXEC);
+ }
+ if (fd < 0)
+ return -1;
+
+ memset(&addr, 0, sizeof(addr));
+ addr.sun_family = AF_UNIX;
+ strncpy(addr.sun_path, SETRANS_UNIX_SOCKET, sizeof(addr.sun_path));
+ if (connect(fd, (struct sockaddr *)&addr, sizeof(addr)) < 0) {
+ close(fd);
+ return -1;
+ }
+
+ return fd;
+}
+
+/* Returns: 0 on success, <0 on failure */
+static int
+send_request(int fd, uint32_t function, const char *data1, const char *data2)
+{
+ struct msghdr msgh;
+ struct iovec iov[5];
+ uint32_t data1_size;
+ uint32_t data2_size;
+ ssize_t count, expected;
+ unsigned int i;
+
+ if (fd < 0)
+ return -1;
+
+ if (!data1)
+ data1 = "";
+ if (!data2)
+ data2 = "";
+
+ data1_size = strlen(data1) + 1;
+ data2_size = strlen(data2) + 1;
+
+ iov[0].iov_base = &function;
+ iov[0].iov_len = sizeof(function);
+ iov[1].iov_base = &data1_size;
+ iov[1].iov_len = sizeof(data1_size);
+ iov[2].iov_base = &data2_size;
+ iov[2].iov_len = sizeof(data2_size);
+ iov[3].iov_base = (char *)data1;
+ iov[3].iov_len = data1_size;
+ iov[4].iov_base = (char *)data2;
+ iov[4].iov_len = data2_size;
+ memset(&msgh, 0, sizeof(msgh));
+ msgh.msg_iov = iov;
+ msgh.msg_iovlen = sizeof(iov) / sizeof(iov[0]);
+
+ expected = 0;
+ for (i = 0; i < sizeof(iov) / sizeof(iov[0]); i++)
+ expected += iov[i].iov_len;
+
+ while (((count = sendmsg(fd, &msgh, MSG_NOSIGNAL)) < 0)
+ && (errno == EINTR)) ;
+ if (count < 0 || count != expected)
+ return -1;
+
+ return 0;
+}
+
+/* Returns: 0 on success, <0 on failure */
+static int
+receive_response(int fd, uint32_t function, char **outdata, int32_t * ret_val)
+{
+ struct iovec resp_hdr[3];
+ uint32_t func;
+ uint32_t data_size;
+ char *data;
+ struct iovec resp_data;
+ ssize_t count;
+
+ if (fd < 0)
+ return -1;
+
+ resp_hdr[0].iov_base = &func;
+ resp_hdr[0].iov_len = sizeof(func);
+ resp_hdr[1].iov_base = &data_size;
+ resp_hdr[1].iov_len = sizeof(data_size);
+ resp_hdr[2].iov_base = ret_val;
+ resp_hdr[2].iov_len = sizeof(*ret_val);
+
+ while (((count = readv(fd, resp_hdr, 3)) < 0) && (errno == EINTR)) ;
+ if (count != (sizeof(func) + sizeof(data_size) + sizeof(*ret_val))) {
+ return -1;
+ }
+
+ if (func != function || !data_size || data_size > MAX_DATA_BUF) {
+ return -1;
+ }
+
+ data = malloc(data_size);
+ if (!data) {
+ return -1;
+ }
+
+ resp_data.iov_base = data;
+ resp_data.iov_len = data_size;
+
+ while (((count = readv(fd, &resp_data, 1))) < 0 && (errno == EINTR)) ;
+ if (count < 0 || (uint32_t) count != data_size ||
+ data[data_size - 1] != '\0') {
+ free(data);
+ return -1;
+ }
+ *outdata = data;
+ return 0;
+}
+
+static int raw_to_trans_context(char *raw, char **transp)
+{
+ int ret;
+ int32_t ret_val;
+ int fd;
+
+ *transp = NULL;
+
+ fd = setransd_open();
+ if (fd < 0)
+ return fd;
+
+ ret = send_request(fd, RAW_TO_TRANS_CONTEXT, raw, NULL);
+ if (ret)
+ goto out;
+
+ ret = receive_response(fd, RAW_TO_TRANS_CONTEXT, transp, &ret_val);
+ if (ret)
+ goto out;
+
+ ret = ret_val;
+ out:
+ close(fd);
+ return ret;
+}
+
+static int trans_to_raw_context(char *trans, char **rawp)
+{
+ int ret;
+ int32_t ret_val;
+ int fd;
+
+ *rawp = NULL;
+
+ fd = setransd_open();
+ if (fd < 0)
+ return fd;
+ ret = send_request(fd, TRANS_TO_RAW_CONTEXT, trans, NULL);
+ if (ret)
+ goto out;
+
+ ret = receive_response(fd, TRANS_TO_RAW_CONTEXT, rawp, &ret_val);
+ if (ret)
+ goto out;
+
+ ret = ret_val;
+ out:
+ close(fd);
+ return ret;
+}
+
+hidden void fini_context_translations(void)
+{
+ free(prev_r2t_trans);
+ free(prev_r2t_raw);
+ free(prev_t2r_trans);
+ free(prev_t2r_raw);
+}
+
+hidden int init_context_translations(void)
+{
+ mls_enabled = is_selinux_mls_enabled();
+ return 0;
+}
+
+int selinux_trans_to_raw_context(security_context_t trans,
+ security_context_t * rawp)
+{
+ if (!trans) {
+ *rawp = NULL;
+ return 0;
+ }
+
+ if (!mls_enabled) {
+ *rawp = strdup(trans);
+ goto out;
+ }
+
+ if (prev_t2r_trans && strcmp(prev_t2r_trans, trans) == 0) {
+ *rawp = strdup(prev_t2r_raw);
+ } else {
+ free(prev_t2r_trans);
+ prev_t2r_trans = NULL;
+ free(prev_t2r_raw);
+ prev_t2r_raw = NULL;
+ if (trans_to_raw_context(trans, rawp))
+ *rawp = strdup(trans);
+ if (*rawp) {
+ prev_t2r_trans = strdup(trans);
+ if (!prev_t2r_trans)
+ goto out;
+ prev_t2r_raw = strdup(*rawp);
+ if (!prev_t2r_raw) {
+ free(prev_t2r_trans);
+ prev_t2r_trans = NULL;
+ }
+ }
+ }
+ out:
+ return *rawp ? 0 : -1;
+}
+
+hidden_def(selinux_trans_to_raw_context)
+
+int selinux_raw_to_trans_context(security_context_t raw,
+ security_context_t * transp)
+{
+ if (!raw) {
+ *transp = NULL;
+ return 0;
+ }
+
+ if (!mls_enabled) {
+ *transp = strdup(raw);
+ goto out;
+ }
+
+ if (prev_r2t_raw && strcmp(prev_r2t_raw, raw) == 0) {
+ *transp = strdup(prev_r2t_trans);
+ } else {
+ free(prev_r2t_raw);
+ prev_r2t_raw = NULL;
+ free(prev_r2t_trans);
+ prev_r2t_trans = NULL;
+ if (raw_to_trans_context(raw, transp))
+ *transp = strdup(raw);
+ if (*transp) {
+ prev_r2t_raw = strdup(raw);
+ if (!prev_r2t_raw)
+ goto out;
+ prev_r2t_trans = strdup(*transp);
+ if (!prev_r2t_trans) {
+ free(prev_r2t_raw);
+ prev_r2t_raw = NULL;
+ }
+ }
+ }
+ out:
+ return *transp ? 0 : -1;
+}
+
+hidden_def(selinux_raw_to_trans_context)
+#else /*DISABLE_SETRANS*/
+
+hidden void fini_context_translations(void)
+{
+}
+
+hidden int init_context_translations(void)
+{
+ return 0;
+}
+
+int selinux_trans_to_raw_context(security_context_t trans,
+ security_context_t * rawp)
+{
+ if (!trans) {
+ *rawp = NULL;
+ return 0;
+ }
+
+ *rawp = strdup(trans);
+
+ return *rawp ? 0 : -1;
+}
+
+hidden_def(selinux_trans_to_raw_context)
+
+int selinux_raw_to_trans_context(security_context_t raw,
+ security_context_t * transp)
+{
+ if (!raw) {
+ *transp = NULL;
+ return 0;
+ }
+ *transp = strdup(raw);
+
+ return *transp ? 0 : -1;
+}
+
+hidden_def(selinux_raw_to_trans_context)
+#endif /*DISABLE_SETRANS*/
diff --git a/libselinux/src/setrans_internal.h b/libselinux/src/setrans_internal.h
new file mode 100644
index 0000000..4e04b54
--- /dev/null
+++ b/libselinux/src/setrans_internal.h
@@ -0,0 +1,10 @@
+/* Author: Trusted Computer Solutions, Inc. */
+
+#define SETRANS_UNIX_SOCKET "/var/run/setrans/.setrans-unix"
+
+#define RAW_TO_TRANS_CONTEXT 2
+#define TRANS_TO_RAW_CONTEXT 3
+#define MAX_DATA_BUF 8192
+
+extern int init_context_translations(void);
+extern void fini_context_translations(void);
diff --git a/libselinux/src/seusers.c b/libselinux/src/seusers.c
new file mode 100644
index 0000000..d6fb29b
--- /dev/null
+++ b/libselinux/src/seusers.c
@@ -0,0 +1,245 @@
+#include <unistd.h>
+#include <fcntl.h>
+#include <stdlib.h>
+#include <string.h>
+#include <stdio.h>
+#include <stdio_ext.h>
+#include <ctype.h>
+#include <selinux/selinux.h>
+#include <selinux/context.h>
+#include "selinux_internal.h"
+
+/* Process line from seusers.conf and split into its fields.
+ Returns 0 on success, -1 on comments, and -2 on error. */
+static int process_seusers(const char *buffer,
+ char **luserp,
+ char **seuserp, char **levelp, int mls_enabled)
+{
+ char *newbuf = strdup(buffer);
+ char *luser = NULL, *seuser = NULL, *level = NULL;
+ char *start, *end;
+ int mls_found = 1;
+
+ if (!newbuf)
+ goto err;
+
+ start = newbuf;
+ while (isspace(*start))
+ start++;
+ if (*start == '#' || *start == 0) {
+ free(newbuf);
+ return -1; /* Comment or empty line, skip over */
+ }
+ end = strchr(start, ':');
+ if (!end)
+ goto err;
+ *end = 0;
+
+ luser = strdup(start);
+ if (!luser)
+ goto err;
+
+ start = end + 1;
+ end = strchr(start, ':');
+ if (!end) {
+ mls_found = 0;
+
+ end = start;
+ while (*end && !isspace(*end))
+ end++;
+ }
+ *end = 0;
+
+ seuser = strdup(start);
+ if (!seuser)
+ goto err;
+
+ if (!strcmp(seuser, ""))
+ goto err;
+
+ /* Skip MLS if disabled, or missing. */
+ if (!mls_enabled || !mls_found)
+ goto out;
+
+ start = ++end;
+ while (*end && !isspace(*end))
+ end++;
+ *end = 0;
+
+ level = strdup(start);
+ if (!level)
+ goto err;
+
+ if (!strcmp(level, ""))
+ goto err;
+
+ out:
+ free(newbuf);
+ *luserp = luser;
+ *seuserp = seuser;
+ *levelp = level;
+ return 0;
+ err:
+ free(newbuf);
+ free(luser);
+ free(seuser);
+ free(level);
+ return -2; /* error */
+}
+
+int require_seusers hidden = 0;
+
+#include <pwd.h>
+#include <grp.h>
+
+static gid_t get_default_gid(const char *name) {
+ struct passwd pwstorage, *pwent = NULL;
+ gid_t gid = -1;
+ /* Allocate space for the getpwnam_r buffer */
+ long rbuflen = sysconf(_SC_GETPW_R_SIZE_MAX);
+ if (rbuflen <= 0) return -1;
+ char *rbuf = malloc(rbuflen);
+ if (rbuf == NULL) return -1;
+
+ int retval = getpwnam_r(name, &pwstorage, rbuf, rbuflen, &pwent);
+ if (retval == 0 && pwent) {
+ gid = pwent->pw_gid;
+ }
+ free(rbuf);
+ return gid;
+}
+
+static int check_group(const char *group, const char *name, const gid_t gid) {
+ int match = 0;
+ int i, ng = 0;
+ gid_t *groups = NULL;
+ struct group gbuf, *grent = NULL;
+
+ long rbuflen = sysconf(_SC_GETGR_R_SIZE_MAX);
+ if (rbuflen <= 0)
+ return 0;
+ char *rbuf = malloc(rbuflen);
+ if (rbuf == NULL)
+ return 0;
+
+ if (getgrnam_r(group, &gbuf, rbuf, rbuflen,
+ &grent) != 0)
+ goto done;
+
+ if (getgrouplist(name, gid, NULL, &ng) < 0) {
+ groups = (gid_t *) malloc(sizeof (gid_t) * ng);
+ if (!groups) goto done;
+ if (getgrouplist(name, gid, groups, &ng) < 0) goto done;
+ }
+
+ for (i = 0; i < ng; i++) {
+ if (grent->gr_gid == groups[i]) {
+ match = 1;
+ goto done;
+ }
+ }
+
+ done:
+ free(groups);
+ free(rbuf);
+ return match;
+}
+
+int getseuserbyname(const char *name, char **r_seuser, char **r_level)
+{
+ FILE *cfg = NULL;
+ size_t size = 0;
+ char *buffer = NULL;
+ int rc;
+ unsigned long lineno = 0;
+ int mls_enabled = is_selinux_mls_enabled();
+
+ char *username = NULL;
+ char *seuser = NULL;
+ char *level = NULL;
+ char *groupseuser = NULL;
+ char *grouplevel = NULL;
+ char *defaultseuser = NULL;
+ char *defaultlevel = NULL;
+
+ gid_t gid = get_default_gid(name);
+
+ cfg = fopen(selinux_usersconf_path(), "r");
+ if (!cfg)
+ goto nomatch;
+
+ __fsetlocking(cfg, FSETLOCKING_BYCALLER);
+ while (getline(&buffer, &size, cfg) > 0) {
+ ++lineno;
+ rc = process_seusers(buffer, &username, &seuser, &level,
+ mls_enabled);
+ if (rc == -1)
+ continue; /* comment, skip */
+ if (rc == -2) {
+ fprintf(stderr, "%s: error on line %lu, skipping...\n",
+ selinux_usersconf_path(), lineno);
+ continue;
+ }
+
+ if (!strcmp(username, name))
+ break;
+
+ if (username[0] == '%' &&
+ !groupseuser &&
+ check_group(&username[1], name, gid)) {
+ groupseuser = seuser;
+ grouplevel = level;
+ } else {
+ if (!defaultseuser &&
+ !strcmp(username, "__default__")) {
+ defaultseuser = seuser;
+ defaultlevel = level;
+ } else {
+ free(seuser);
+ free(level);
+ }
+ }
+ free(username);
+ username = NULL;
+ seuser = NULL;
+ }
+
+ free(buffer);
+ fclose(cfg);
+
+ if (seuser) {
+ free(username);
+ free(defaultseuser);
+ free(defaultlevel);
+ free(groupseuser);
+ free(grouplevel);
+ *r_seuser = seuser;
+ *r_level = level;
+ return 0;
+ }
+
+ if (groupseuser) {
+ free(defaultseuser);
+ free(defaultlevel);
+ *r_seuser = groupseuser;
+ *r_level = grouplevel;
+ return 0;
+ }
+
+ if (defaultseuser) {
+ *r_seuser = defaultseuser;
+ *r_level = defaultlevel;
+ return 0;
+ }
+
+ nomatch:
+ if (require_seusers)
+ return -1;
+
+ /* Fall back to the Linux username and no level. */
+ *r_seuser = strdup(name);
+ if (!(*r_seuser))
+ return -1;
+ *r_level = NULL;
+ return 0;
+}
diff --git a/libselinux/src/stringrep.c b/libselinux/src/stringrep.c
new file mode 100644
index 0000000..19c5bb6
--- /dev/null
+++ b/libselinux/src/stringrep.c
@@ -0,0 +1,576 @@
+/*
+ * String representation support for classes and permissions.
+ */
+#include <sys/stat.h>
+#include <dirent.h>
+#include <fcntl.h>
+#include <limits.h>
+#include <unistd.h>
+#include <errno.h>
+#include <stddef.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <stdint.h>
+#include <ctype.h>
+#include <selinux/flask.h>
+#include <selinux/av_permissions.h>
+#include "selinux_internal.h"
+#include "policy.h"
+#include "mapping.h"
+
+#define ARRAY_SIZE(x) (sizeof(x) / sizeof((x)[0]))
+
+/* The following code looks complicated, but it really is not. What it
+ does is to generate two variables. The first is basically a struct
+ of arrays. The second is the real array of structures which would
+ have used string pointers. But instead it now uses an offset value
+ into the first structure. Strings are accessed indirectly by an
+ explicit addition of the string index and the base address of the
+ structure with the strings (all type safe). The advantage is that
+ there are no relocations necessary in the array with the data as it
+ would be the case with string pointers. This has advantages at
+ load time, the data section is smaller, and it is read-only. */
+#define L1(line) L2(line)
+#define L2(line) str##line
+static const union av_perm_to_string_data {
+ struct {
+#define S_(c, v, s) char L1(__LINE__)[sizeof(s)];
+#include "av_perm_to_string.h"
+#undef S_
+ };
+ char str[0];
+} av_perm_to_string_data = {
+ {
+#define S_(c, v, s) s,
+#include "av_perm_to_string.h"
+#undef S_
+ }
+};
+static const struct av_perm_to_string {
+ uint16_t tclass;
+ uint16_t nameidx;
+ uint32_t value;
+} av_perm_to_string[] = {
+#define S_(c, v, s) { c, offsetof(union av_perm_to_string_data, L1(__LINE__)), v },
+#include "av_perm_to_string.h"
+#undef S_
+};
+
+#undef L1
+#undef L2
+
+#define L1(line) L2(line)
+#define L2(line) str##line
+static const union class_to_string_data {
+ struct {
+#define S_(s) char L1(__LINE__)[sizeof(s)];
+#include "class_to_string.h"
+#undef S_
+ };
+ char str[0];
+} class_to_string_data = {
+ {
+#define S_(s) s,
+#include "class_to_string.h"
+#undef S_
+ }
+};
+static const uint16_t class_to_string[] = {
+#define S_(s) offsetof(union class_to_string_data, L1(__LINE__)),
+#include "class_to_string.h"
+#undef S_
+};
+
+#undef L1
+#undef L2
+
+static const union common_perm_to_string_data {
+ struct {
+#define L1(line) L2(line)
+#define L2(line) str##line
+#define S_(s) char L1(__LINE__)[sizeof(s)];
+#define TB_(s)
+#define TE_(s)
+#include "common_perm_to_string.h"
+#undef S_
+#undef L1
+#undef L2
+ };
+ char str[0];
+} common_perm_to_string_data = {
+ {
+#define S_(s) s,
+#include "common_perm_to_string.h"
+#undef S_
+#undef TB_
+#undef TE_
+ }
+};
+static const union common_perm_to_string {
+ struct {
+#define TB_(s) struct {
+#define TE_(s) } s##_part;
+#define S_(s) uint16_t L1(__LINE__)
+#define L1(l) L2(l)
+#define L2(l) field_##l;
+#include "common_perm_to_string.h"
+#undef TB_
+#undef TE_
+#undef S_
+#undef L1
+#undef L2
+ };
+ uint16_t data[0];
+} common_perm_to_string = {
+ {
+#define TB_(s) {
+#define TE_(s) },
+#define S_(s) offsetof(union common_perm_to_string_data, L1(__LINE__)),
+#define L1(line) L2(line)
+#define L2(line) str##line
+#include "common_perm_to_string.h"
+#undef TB_
+#undef TE_
+#undef S_
+#undef L1
+#undef L2
+ }
+};
+
+static const struct av_inherit {
+ uint16_t tclass;
+ uint16_t common_pts_idx;
+ uint32_t common_base;
+} av_inherit[] = {
+#define S_(c, i, b) { c, offsetof(union common_perm_to_string, common_##i##_perm_to_string_part)/sizeof(uint16_t), b },
+#include "av_inherit.h"
+#undef S_
+};
+
+#define NCLASSES ARRAY_SIZE(class_to_string)
+#define NVECTORS ARRAY_SIZE(av_perm_to_string)
+#define MAXVECTORS 8*sizeof(access_vector_t)
+
+extern int obj_class_compat;
+
+struct discover_class_node {
+ char *name;
+ security_class_t value;
+ char **perms;
+
+ struct discover_class_node *next;
+};
+
+static struct discover_class_node *discover_class_cache = NULL;
+
+static struct discover_class_node * get_class_cache_entry_name(const char *s)
+{
+ struct discover_class_node *node = discover_class_cache;
+
+ for (; node != NULL && strcmp(s,node->name) != 0; node = node->next);
+
+ return node;
+}
+
+static struct discover_class_node * get_class_cache_entry_value(security_class_t c)
+{
+ struct discover_class_node *node = discover_class_cache;
+
+ for (; node != NULL && c != node->value; node = node->next);
+
+ return node;
+}
+
+static struct discover_class_node * discover_class(const char *s)
+{
+ int fd, ret;
+ char path[PATH_MAX];
+ char buf[20];
+ DIR *dir;
+ struct dirent *dentry;
+ size_t i;
+
+ struct discover_class_node *node;
+
+ if (!selinux_mnt) {
+ errno = ENOENT;
+ return NULL;
+ }
+
+ /* allocate a node */
+ node = malloc(sizeof(struct discover_class_node));
+ if (node == NULL)
+ return NULL;
+
+ /* allocate array for perms */
+ node->perms = calloc(NVECTORS,sizeof(char*));
+ if (node->perms == NULL)
+ goto err1;
+
+ /* load up the name */
+ node->name = strdup(s);
+ if (node->name == NULL)
+ goto err2;
+
+ /* load up class index */
+ snprintf(path, sizeof path, "%s/class/%s/index", selinux_mnt,s);
+ fd = open(path, O_RDONLY);
+ if (fd < 0)
+ goto err3;
+
+ memset(buf, 0, sizeof(buf));
+ ret = read(fd, buf, sizeof(buf) - 1);
+ close(fd);
+ if (ret < 0)
+ goto err3;
+
+ if (sscanf(buf, "%u", (unsigned int*)&node->value) != 1)
+ goto err3;
+
+ /* load up permission indicies */
+ snprintf(path, sizeof path, "%s/class/%s/perms",selinux_mnt,s);
+ dir = opendir(path);
+ if (dir == NULL)
+ goto err3;
+
+ dentry = readdir(dir);
+ while (dentry != NULL) {
+ unsigned int value;
+ struct stat m;
+
+ snprintf(path, sizeof path, "%s/class/%s/perms/%s", selinux_mnt,s,dentry->d_name);
+ if (stat(path,&m) < 0)
+ goto err4;
+
+ if (m.st_mode & S_IFDIR) {
+ dentry = readdir(dir);
+ continue;
+ }
+
+ fd = open(path, O_RDONLY);
+ if (fd < 0)
+ goto err4;
+
+ memset(buf, 0, sizeof(buf));
+ ret = read(fd, buf, sizeof(buf) - 1);
+ close(fd);
+ if (ret < 0)
+ goto err4;
+
+ if (sscanf(buf, "%u", &value) != 1)
+ goto err4;
+
+ node->perms[value-1] = strdup(dentry->d_name);
+ if (node->perms[value-1] == NULL)
+ goto err4;
+
+ dentry = readdir(dir);
+ }
+ closedir(dir);
+
+ node->next = discover_class_cache;
+ discover_class_cache = node;
+
+ return node;
+
+err4:
+ closedir(dir);
+ for (i=0; i<NVECTORS; i++)
+ free(node->perms[i]);
+err3:
+ free(node->name);
+err2:
+ free(node->perms);
+err1:
+ free(node);
+ return NULL;
+}
+
+void flush_class_cache(void)
+{
+ struct discover_class_node *cur = discover_class_cache, *prev = NULL;
+ size_t i;
+
+ while (cur != NULL) {
+ free(cur->name);
+
+ for (i=0 ; i<MAXVECTORS ; i++)
+ free(cur->perms[i]);
+
+ free(cur->perms);
+
+ prev = cur;
+ cur = cur->next;
+
+ free(prev);
+ }
+
+ discover_class_cache = NULL;
+}
+
+static security_class_t string_to_security_class_compat(const char *s)
+{
+ unsigned int val;
+
+ if (isdigit(s[0])) {
+ val = atoi(s);
+ if (val > 0 && val < NCLASSES)
+ return map_class(val);
+ } else {
+ for (val = 0; val < NCLASSES; val++) {
+ if (strcmp(s, (class_to_string_data.str
+ + class_to_string[val])) == 0)
+ return map_class(val);
+ }
+ }
+
+ errno = EINVAL;
+ return 0;
+}
+
+static access_vector_t string_to_av_perm_compat(security_class_t kclass, const char *s)
+{
+ const uint16_t *common_pts_idx = 0;
+ access_vector_t perm, common_base = 0;
+ unsigned int i;
+
+ for (i = 0; i < ARRAY_SIZE(av_inherit); i++) {
+ if (av_inherit[i].tclass == kclass) {
+ common_pts_idx =
+ &common_perm_to_string.data[av_inherit[i].
+ common_pts_idx];
+ common_base = av_inherit[i].common_base;
+ break;
+ }
+ }
+
+ i = 0;
+ perm = 1;
+ while (perm < common_base) {
+ if (strcmp
+ (s,
+ common_perm_to_string_data.str + common_pts_idx[i]) == 0)
+ return perm;
+ perm <<= 1;
+ i++;
+ }
+
+ for (i = 0; i < NVECTORS; i++) {
+ if ((av_perm_to_string[i].tclass == kclass) &&
+ (strcmp(s, (av_perm_to_string_data.str
+ + av_perm_to_string[i].nameidx)) == 0))
+ return av_perm_to_string[i].value;
+ }
+
+ errno = EINVAL;
+ return 0;
+}
+
+static const char *security_class_to_string_compat(security_class_t tclass)
+{
+ if (tclass > 0 && tclass < NCLASSES)
+ return class_to_string_data.str + class_to_string[tclass];
+
+ errno = EINVAL;
+ return NULL;
+}
+
+static const char *security_av_perm_to_string_compat(security_class_t tclass,
+ access_vector_t av)
+{
+ const uint16_t *common_pts_idx = 0;
+ access_vector_t common_base = 0;
+ unsigned int i;
+
+ if (!av)
+ return NULL;
+
+ for (i = 0; i < ARRAY_SIZE(av_inherit); i++) {
+ if (av_inherit[i].tclass == tclass) {
+ common_pts_idx =
+ &common_perm_to_string.data[av_inherit[i].
+ common_pts_idx];
+ common_base = av_inherit[i].common_base;
+ break;
+ }
+ }
+
+ if (av < common_base) {
+ i = 0;
+ while (!(av & 1)) {
+ av >>= 1;
+ i++;
+ }
+ return common_perm_to_string_data.str + common_pts_idx[i];
+ }
+
+ for (i = 0; i < NVECTORS; i++) {
+ if (av_perm_to_string[i].tclass == tclass &&
+ av_perm_to_string[i].value == av)
+ return av_perm_to_string_data.str
+ + av_perm_to_string[i].nameidx;
+ }
+
+ errno = EINVAL;
+ return NULL;
+}
+
+security_class_t string_to_security_class(const char *s)
+{
+ struct discover_class_node *node;
+
+ if (obj_class_compat)
+ return string_to_security_class_compat(s);
+
+ node = get_class_cache_entry_name(s);
+ if (node == NULL) {
+ node = discover_class(s);
+
+ if (node == NULL) {
+ errno = EINVAL;
+ return 0;
+ }
+ }
+
+ return map_class(node->value);
+}
+
+access_vector_t string_to_av_perm(security_class_t tclass, const char *s)
+{
+ struct discover_class_node *node;
+ security_class_t kclass = unmap_class(tclass);
+
+ if (obj_class_compat)
+ return map_perm(tclass, string_to_av_perm_compat(kclass, s));
+
+ node = get_class_cache_entry_value(kclass);
+ if (node != NULL) {
+ size_t i;
+ for (i=0; i<MAXVECTORS && node->perms[i] != NULL; i++)
+ if (strcmp(node->perms[i],s) == 0)
+ return map_perm(tclass, 1<<i);
+ }
+
+ errno = EINVAL;
+ return 0;
+}
+
+const char *security_class_to_string(security_class_t tclass)
+{
+ struct discover_class_node *node;
+
+ tclass = unmap_class(tclass);
+
+ if (obj_class_compat)
+ return security_class_to_string_compat(tclass);
+
+ node = get_class_cache_entry_value(tclass);
+ if (node == NULL)
+ return security_class_to_string_compat(tclass);
+ else
+ return node->name;
+}
+
+const char *security_av_perm_to_string(security_class_t tclass,
+ access_vector_t av)
+{
+ struct discover_class_node *node;
+ size_t i;
+
+ av = unmap_perm(tclass, av);
+ tclass = unmap_class(tclass);
+
+ if (obj_class_compat)
+ return security_av_perm_to_string_compat(tclass,av);
+
+ node = get_class_cache_entry_value(tclass);
+ if (av && node)
+ for (i = 0; i<MAXVECTORS; i++)
+ if ((1<<i) & av)
+ return node->perms[i];
+
+ return security_av_perm_to_string_compat(tclass,av);
+}
+
+int security_av_string(security_class_t tclass, access_vector_t av, char **res)
+{
+ unsigned int i = 0;
+ size_t len = 5;
+ access_vector_t tmp = av;
+ int rc = 0;
+ const char *str;
+ char *ptr;
+
+ /* first pass computes the required length */
+ while (tmp) {
+ if (tmp & 1) {
+ str = security_av_perm_to_string(tclass, av & (1<<i));
+ if (str)
+ len += strlen(str) + 1;
+ else {
+ rc = -1;
+ errno = EINVAL;
+ goto out;
+ }
+ }
+ tmp >>= 1;
+ i++;
+ }
+
+ *res = malloc(len);
+ if (!*res) {
+ rc = -1;
+ goto out;
+ }
+
+ /* second pass constructs the string */
+ i = 0;
+ tmp = av;
+ ptr = *res;
+
+ if (!av) {
+ sprintf(ptr, "null");
+ goto out;
+ }
+
+ ptr += sprintf(ptr, "{ ");
+ while (tmp) {
+ if (tmp & 1)
+ ptr += sprintf(ptr, "%s ", security_av_perm_to_string(
+ tclass, av & (1<<i)));
+ tmp >>= 1;
+ i++;
+ }
+ sprintf(ptr, "}");
+out:
+ return rc;
+}
+
+void print_access_vector(security_class_t tclass, access_vector_t av)
+{
+ const char *permstr;
+ access_vector_t bit = 1;
+
+ if (av == 0) {
+ printf(" null");
+ return;
+ }
+
+ printf(" {");
+
+ while (av) {
+ if (av & bit) {
+ permstr = security_av_perm_to_string(tclass, bit);
+ if (!permstr)
+ break;
+ printf(" %s", permstr);
+ av &= ~bit;
+ }
+ bit <<= 1;
+ }
+
+ if (av)
+ printf(" 0x%x", av);
+ printf(" }");
+}