2f970f7ab8
* refact
* sort inlude
* update
* unregister execve kprobe
* update log
* don't unregister if not in kprobe
* opt for no kprobe
* opt for no kprobe
* stop debug
* don't forget to call ksu_uid_observer_exit
* rename core to core_hook
* direct call do_persistent_allow_list
* add prefix
* use getter, add warn
* add wrapper
* run clang-format
clang-format --style="{BasedOnStyle: InheritParentConfig, SortIncludes: true}" -i kernel/**/*.[ch]
* try fix wsa x64 build
47 lines
1.9 KiB
C
47 lines
1.9 KiB
C
#ifndef __KSU_H_SEPOLICY
|
|
#define __KSU_H_SEPOLICY
|
|
|
|
#include "linux/types.h"
|
|
|
|
#include "ss/policydb.h"
|
|
|
|
// Operation on types
|
|
bool ksu_type(struct policydb *db, const char *name, const char *attr);
|
|
bool ksu_attribute(struct policydb *db, const char *name);
|
|
bool ksu_permissive(struct policydb *db, const char *type);
|
|
bool ksu_enforce(struct policydb *db, const char *type);
|
|
bool ksu_typeattribute(struct policydb *db, const char *type, const char *attr);
|
|
bool ksu_exists(struct policydb *db, const char *type);
|
|
|
|
// Access vector rules
|
|
bool ksu_allow(struct policydb *db, const char *src, const char *tgt,
|
|
const char *cls, const char *perm);
|
|
bool ksu_deny(struct policydb *db, const char *src, const char *tgt,
|
|
const char *cls, const char *perm);
|
|
bool ksu_auditallow(struct policydb *db, const char *src, const char *tgt,
|
|
const char *cls, const char *perm);
|
|
bool ksu_dontaudit(struct policydb *db, const char *src, const char *tgt,
|
|
const char *cls, const char *perm);
|
|
|
|
// Extended permissions access vector rules
|
|
bool ksu_allowxperm(struct policydb *db, const char *src, const char *tgt,
|
|
const char *cls, const char *range);
|
|
bool ksu_auditallowxperm(struct policydb *db, const char *src, const char *tgt,
|
|
const char *cls, const char *range);
|
|
bool ksu_dontauditxperm(struct policydb *db, const char *src, const char *tgt,
|
|
const char *cls, const char *range);
|
|
|
|
// Type rules
|
|
bool ksu_type_transition(struct policydb *db, const char *src, const char *tgt,
|
|
const char *cls, const char *def, const char *obj);
|
|
bool ksu_type_change(struct policydb *db, const char *src, const char *tgt,
|
|
const char *cls, const char *def);
|
|
bool ksu_type_member(struct policydb *db, const char *src, const char *tgt,
|
|
const char *cls, const char *def);
|
|
|
|
// File system labeling
|
|
bool ksu_genfscon(struct policydb *db, const char *fs_name, const char *path,
|
|
const char *ctx);
|
|
|
|
#endif
|