mirror of
https://github.com/SELinuxProject/selinux
synced 2025-01-01 19:22:07 +00:00
libsepol: add function to libsepol for setting target_platform
With pp modules, the target platform information comes form the base module. However, CIL modules have no concept of target platform. So it must come from somewhere else. This adds an API function that allows setting the target platform. Signed-off-by: Steve Lawrence <slawrence@tresys.com>
This commit is contained in:
parent
8da5b141e3
commit
44a65ed816
@ -90,6 +90,12 @@ extern int sepol_policydb_set_vers(sepol_policydb_t * p, unsigned int vers);
|
||||
extern int sepol_policydb_set_handle_unknown(sepol_policydb_t * p,
|
||||
unsigned int handle_unknown);
|
||||
|
||||
/* Set the target platform */
|
||||
#define SEPOL_TARGET_SELINUX 0
|
||||
#define SEPOL_TARGET_XEN 1
|
||||
extern int sepol_policydb_set_target_platform(sepol_policydb_t * p,
|
||||
int target_platform);
|
||||
|
||||
/*
|
||||
* Read a policydb from a policy file.
|
||||
* This automatically sets the type and version based on the
|
||||
|
@ -741,8 +741,6 @@ extern int policydb_set_target_platform(policydb_t *p, int platform);
|
||||
#define POLICYDB_STRING_MAX_LENGTH 32
|
||||
#define POLICYDB_MOD_MAGIC SELINUX_MOD_MAGIC
|
||||
#define POLICYDB_MOD_STRING "SE Linux Module"
|
||||
#define SEPOL_TARGET_SELINUX 0
|
||||
#define SEPOL_TARGET_XEN 1
|
||||
|
||||
|
||||
#endif /* _POLICYDB_H_ */
|
||||
|
@ -152,6 +152,23 @@ int sepol_policydb_set_handle_unknown(sepol_policydb_t * sp,
|
||||
return 0;
|
||||
}
|
||||
|
||||
int sepol_policydb_set_target_platform(sepol_policydb_t * sp,
|
||||
int target_platform)
|
||||
{
|
||||
struct policydb *p = &sp->p;
|
||||
|
||||
switch (target_platform) {
|
||||
case SEPOL_TARGET_SELINUX:
|
||||
case SEPOL_TARGET_XEN:
|
||||
break;
|
||||
default:
|
||||
return -1;
|
||||
}
|
||||
|
||||
p->target_platform = target_platform;
|
||||
return 0;
|
||||
}
|
||||
|
||||
int sepol_policydb_read(sepol_policydb_t * p, sepol_policy_file_t * pf)
|
||||
{
|
||||
return policydb_read(&p->p, &pf->pf, 0);
|
||||
|
Loading…
Reference in New Issue
Block a user