Blame - AccessControl.h - platform/system/hwservicemanager

blob: 63a2098d8635eea275e4a52b472d8797211ef0cd [file] [log] [blame]

Martijn Coenen	7ce83be	2017-04-07 16:19:32 -0700	[diff] [blame]	1	#include <string>
				2
				3	#include <selinux/android.h>
				4	#include <selinux/avc.h>
				5
				6	namespace android {
				7
				8	class AccessControl {
				9	public:
				10	AccessControl();
Steven Moreland	4034c1c	2017-11-03 17:42:27 -0700	[diff] [blame]	11
				12	using Context = std::unique_ptr<char, decltype(&freecon)>;
				13	Context getContext(pid_t sourcePid);
				14
				15	bool canAdd(const std::string& fqName, const Context &context, pid_t pid);
Martijn Coenen	7ce83be	2017-04-07 16:19:32 -0700	[diff] [blame]	16	bool canGet(const std::string& fqName, pid_t pid);
				17	bool canList(pid_t pid);
Steven Moreland	4034c1c	2017-11-03 17:42:27 -0700	[diff] [blame]	18
Martijn Coenen	7ce83be	2017-04-07 16:19:32 -0700	[diff] [blame]	19	private:
Steven Moreland	4034c1c	2017-11-03 17:42:27 -0700	[diff] [blame]	20
				21	bool checkPermission(const Context &context, pid_t sourceAuditPid, const char targetContext, const char perm, const char *interface);
				22	bool checkPermission(const Context &context, pid_t sourcePid, const char perm, const char interface);
Martijn Coenen	7ce83be	2017-04-07 16:19:32 -0700	[diff] [blame]	23
				24	static int auditCallback(void data, security_class_t cls, char buf, size_t len);
				25
				26	char* mSeContext;
				27	struct selabel_handle* mSeHandle;
				28	union selinux_callback mSeCallbacks;
				29	};
				30
				31	} // namespace android