Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / system / hwservicemanager / 7ce83be458b4c070a08d14e2ac65a6bbb981016a / . / AccessControl.h
blob: e91de27bb10080ab80ef198e0e5f69016368a5c0 [file] [log] [blame]
Martijn Coenen7ce83be2017-04-07 16:19:32 -0700[diff] [blame^]1#include <string>
2
3#include <selinux/android.h>
4#include <selinux/avc.h>
5
6namespace android {
7
8class AccessControl {
9public:
10 AccessControl();
11 bool canAdd(const std::string& fqName, pid_t pid);
12 bool canGet(const std::string& fqName, pid_t pid);
13 bool canList(pid_t pid);
14private:
15 bool checkPermission(pid_t sourcePid, const char *perm, const char *interface);
16 bool checkPermission(pid_t sourcePid, const char *targetContext, const char *perm, const char *interface);
17
18 static int auditCallback(void *data, security_class_t cls, char *buf, size_t len);
19
20 char* mSeContext;
21 struct selabel_handle* mSeHandle;
22 union selinux_callback mSeCallbacks;
23};
24
25} // namespace android