pub const SELINUX_AVD_FLAGS_PERMISSIVE: i32 = 1;
pub const SELINUX_CB_LOG: i32 = 0;
pub const SELINUX_CB_AUDIT: i32 = 1;
pub const SELINUX_CB_VALIDATE: i32 = 2;
pub const SELINUX_CB_SETENFORCE: i32 = 3;
pub const SELINUX_CB_POLICYLOAD: i32 = 4;
pub const SELINUX_ERROR: i32 = 0;
pub const SELINUX_WARNING: i32 = 1;
pub const SELINUX_INFO: i32 = 2;
pub const SELINUX_AVC: i32 = 3;
pub const SELINUX_TRANS_DIR: &'static [u8; 17usize] = b"/var/run/setrans\0";
pub const MATCHPATHCON_BASEONLY: i32 = 1;
pub const MATCHPATHCON_NOTRANS: i32 = 2;
pub const MATCHPATHCON_VALIDATE: i32 = 4;
pub const AVC_OPT_UNUSED: i32 = 0;
pub const AVC_OPT_SETENFORCE: i32 = 1;
pub const AVC_CALLBACK_GRANT: i32 = 1;
pub const AVC_CALLBACK_TRY_REVOKE: i32 = 2;
pub const AVC_CALLBACK_REVOKE: i32 = 4;
pub const AVC_CALLBACK_RESET: i32 = 8;
pub const AVC_CALLBACK_AUDITALLOW_ENABLE: i32 = 16;
pub const AVC_CALLBACK_AUDITALLOW_DISABLE: i32 = 32;
pub const AVC_CALLBACK_AUDITDENY_ENABLE: i32 = 64;
pub const AVC_CALLBACK_AUDITDENY_DISABLE: i32 = 128;
pub const AVC_CACHE_STATS: i32 = 1;
pub const SELABEL_CTX_FILE: i32 = 0;
pub const SELABEL_CTX_MEDIA: i32 = 1;
pub const SELABEL_CTX_X: i32 = 2;
pub const SELABEL_CTX_DB: i32 = 3;
pub const SELABEL_CTX_ANDROID_PROP: i32 = 4;
pub const SELABEL_CTX_ANDROID_SERVICE: i32 = 5;
pub const SELABEL_OPT_UNUSED: i32 = 0;
pub const SELABEL_OPT_VALIDATE: i32 = 1;
pub const SELABEL_OPT_BASEONLY: i32 = 2;
pub const SELABEL_OPT_PATH: i32 = 3;
pub const SELABEL_OPT_SUBSET: i32 = 4;
pub const SELABEL_OPT_DIGEST: i32 = 5;
pub const SELABEL_NOPT: i32 = 6;
pub const SELABEL_X_PROP: i32 = 1;
pub const SELABEL_X_EXT: i32 = 2;
pub const SELABEL_X_CLIENT: i32 = 3;
pub const SELABEL_X_EVENT: i32 = 4;
pub const SELABEL_X_SELN: i32 = 5;
pub const SELABEL_X_POLYPROP: i32 = 6;
pub const SELABEL_X_POLYSELN: i32 = 7;
pub const SELABEL_DB_DATABASE: i32 = 1;
pub const SELABEL_DB_SCHEMA: i32 = 2;
pub const SELABEL_DB_TABLE: i32 = 3;
pub const SELABEL_DB_COLUMN: i32 = 4;
pub const SELABEL_DB_SEQUENCE: i32 = 5;
pub const SELABEL_DB_VIEW: i32 = 6;
pub const SELABEL_DB_PROCEDURE: i32 = 7;
pub const SELABEL_DB_BLOB: i32 = 8;
pub const SELABEL_DB_TUPLE: i32 = 9;
pub const SELABEL_DB_LANGUAGE: i32 = 10;
pub const SELABEL_DB_EXCEPTION: i32 = 11;
pub const SELABEL_DB_DATATYPE: i32 = 12;
pub const SELINUX_RESTORECON_IGNORE_DIGEST: i32 = 1;
pub const SELINUX_RESTORECON_NOCHANGE: i32 = 2;
pub const SELINUX_RESTORECON_SET_SPECFILE_CTX: i32 = 4;
pub const SELINUX_RESTORECON_RECURSE: i32 = 8;
pub const SELINUX_RESTORECON_VERBOSE: i32 = 16;
pub const SELINUX_RESTORECON_PROGRESS: i32 = 32;
pub const SELINUX_RESTORECON_REALPATH: i32 = 64;
pub const SELINUX_RESTORECON_XDEV: i32 = 128;
pub const SELINUX_RESTORECON_ADD_ASSOC: i32 = 256;
pub const SELINUX_RESTORECON_ABORT_ON_ERROR: i32 = 512;
pub const SELINUX_RESTORECON_SYSLOG_CHANGES: i32 = 1024;
pub const SELINUX_RESTORECON_LOG_MATCHES: i32 = 2048;
pub const SELINUX_RESTORECON_IGNORE_NOENTRY: i32 = 4096;
pub const SELINUX_RESTORECON_IGNORE_MOUNTS: i32 = 8192;
pub const SELINUX_RESTORECON_MASS_RELABEL: i32 = 16384;
pub const SELINUX_RESTORECON_SKIP_DIGEST: i32 = 32768;
pub const SELINUX_RESTORECON_XATTR_RECURSE: i32 = 1;
pub const SELINUX_RESTORECON_XATTR_DELETE_NONMATCH_DIGESTS: i32 = 2;
pub const SELINUX_RESTORECON_XATTR_DELETE_ALL_DIGESTS: i32 = 4;
pub const SELINUX_RESTORECON_XATTR_IGNORE_MOUNTS: i32 = 8;
pub const SELINUX_DEFAULTUSER: &'static [u8; 7usize] = b"user_u\0";
pub type __uint8_t = ::std::os::raw::c_uchar;
pub type __uint32_t = ::std::os::raw::c_uint;
pub type __ino_t = ::std::os::raw::c_ulong;
pub type __mode_t = ::std::os::raw::c_uint;
pub type __pid_t = ::std::os::raw::c_int;
pub type ino_t = __ino_t;
pub type mode_t = __mode_t;
pub type pid_t = __pid_t;
extern "C" {
pub fn is_selinux_enabled() -> ::std::os::raw::c_int;
}
extern "C" {
pub fn is_selinux_mls_enabled() -> ::std::os::raw::c_int;
}
extern "C" {
pub fn freecon(con: *mut ::std::os::raw::c_char);
}
extern "C" {
pub fn freeconary(con: *mut *mut ::std::os::raw::c_char);
}
extern "C" {
pub fn getcon(con: *mut *mut ::std::os::raw::c_char) -> ::std::os::raw::c_int;
}
extern "C" {
pub fn getcon_raw(con: *mut *mut ::std::os::raw::c_char) -> ::std::os::raw::c_int;
}
extern "C" {
pub fn setcon(con: *const ::std::os::raw::c_char) -> ::std::os::raw::c_int;
}
extern "C" {
pub fn setcon_raw(con: *const ::std::os::raw::c_char) -> ::std::os::raw::c_int;
}
extern "C" {
pub fn getpidcon(pid: pid_t, con: *mut *mut ::std::os::raw::c_char) -> ::std::os::raw::c_int;
}
extern "C" {
pub fn getpidcon_raw(
pid: pid_t,
con: *mut *mut ::std::os::raw::c_char,
) -> ::std::os::raw::c_int;
}
extern "C" {
pub fn getprevcon(con: *mut *mut ::std::os::raw::c_char) -> ::std::os::raw::c_int;
}
extern "C" {
pub fn getprevcon_raw(con: *mut *mut ::std::os::raw::c_char) -> ::std::os::raw::c_int;
}
extern "C" {
pub fn getexeccon(con: *mut *mut ::std::os::raw::c_char) -> ::std::os::raw::c_int;
}
extern "C" {
pub fn getexeccon_raw(con: *mut *mut ::std::os::raw::c_char) -> ::std::os::raw::c_int;
}
extern "C" {
pub fn setexeccon(con: *const ::std::os::raw::c_char) -> ::std::os::raw::c_int;
}
extern "C" {
pub fn setexeccon_raw(con: *const ::std::os::raw::c_char) -> ::std::os::raw::c_int;
}
extern "C" {
pub fn getfscreatecon(con: *mut *mut ::std::os::raw::c_char) -> ::std::os::raw::c_int;
}
extern "C" {
pub fn getfscreatecon_raw(con: *mut *mut ::std::os::raw::c_char) -> ::std::os::raw::c_int;
}
extern "C" {
pub fn setfscreatecon(context: *const ::std::os::raw::c_char) -> ::std::os::raw::c_int;
}
extern "C" {
pub fn setfscreatecon_raw(context: *const ::std::os::raw::c_char) -> ::std::os::raw::c_int;
}
extern "C" {
pub fn getkeycreatecon(con: *mut *mut ::std::os::raw::c_char) -> ::std::os::raw::c_int;
}
extern "C" {
pub fn getkeycreatecon_raw(con: *mut *mut ::std::os::raw::c_char) -> ::std::os::raw::c_int;
}
extern "C" {
pub fn setkeycreatecon(context: *const ::std::os::raw::c_char) -> ::std::os::raw::c_int;
}
extern "C" {
pub fn setkeycreatecon_raw(context: *const ::std::os::raw::c_char) -> ::std::os::raw::c_int;
}
extern "C" {
pub fn getsockcreatecon(con: *mut *mut ::std::os::raw::c_char) -> ::std::os::raw::c_int;
}
extern "C" {
pub fn getsockcreatecon_raw(con: *mut *mut ::std::os::raw::c_char) -> ::std::os::raw::c_int;
}
extern "C" {
pub fn setsockcreatecon(context: *const ::std::os::raw::c_char) -> ::std::os::raw::c_int;
}
extern "C" {
pub fn setsockcreatecon_raw(context: *const ::std::os::raw::c_char) -> ::std::os::raw::c_int;
}
extern "C" {
pub fn getfilecon(
path: *const ::std::os::raw::c_char,
con: *mut *mut ::std::os::raw::c_char,
) -> ::std::os::raw::c_int;
}
extern "C" {
pub fn getfilecon_raw(
path: *const ::std::os::raw::c_char,
con: *mut *mut ::std::os::raw::c_char,
) -> ::std::os::raw::c_int;
}
extern "C" {
pub fn lgetfilecon(
path: *const ::std::os::raw::c_char,
con: *mut *mut ::std::os::raw::c_char,
) -> ::std::os::raw::c_int;
}
extern "C" {
pub fn lgetfilecon_raw(
path: *const ::std::os::raw::c_char,
con: *mut *mut ::std::os::raw::c_char,
) -> ::std::os::raw::c_int;
}
extern "C" {
pub fn fgetfilecon(
fd: ::std::os::raw::c_int,
con: *mut *mut ::std::os::raw::c_char,
) -> ::std::os::raw::c_int;
}
extern "C" {
pub fn fgetfilecon_raw(
fd: ::std::os::raw::c_int,
con: *mut *mut ::std::os::raw::c_char,
) -> ::std::os::raw::c_int;
}
extern "C" {
pub fn setfilecon(
path: *const ::std::os::raw::c_char,
con: *const ::std::os::raw::c_char,
) -> ::std::os::raw::c_int;
}
extern "C" {
pub fn setfilecon_raw(
path: *const ::std::os::raw::c_char,
con: *const ::std::os::raw::c_char,
) -> ::std::os::raw::c_int;
}
extern "C" {
pub fn lsetfilecon(
path: *const ::std::os::raw::c_char,
con: *const ::std::os::raw::c_char,
) -> ::std::os::raw::c_int;
}
extern "C" {
pub fn lsetfilecon_raw(
path: *const ::std::os::raw::c_char,
con: *const ::std::os::raw::c_char,
) -> ::std::os::raw::c_int;
}
extern "C" {
pub fn fsetfilecon(
fd: ::std::os::raw::c_int,
con: *const ::std::os::raw::c_char,
) -> ::std::os::raw::c_int;
}
extern "C" {
pub fn fsetfilecon_raw(
fd: ::std::os::raw::c_int,
con: *const ::std::os::raw::c_char,
) -> ::std::os::raw::c_int;
}
extern "C" {
pub fn getpeercon(
fd: ::std::os::raw::c_int,
con: *mut *mut ::std::os::raw::c_char,
) -> ::std::os::raw::c_int;
}
extern "C" {
pub fn getpeercon_raw(
fd: ::std::os::raw::c_int,
con: *mut *mut ::std::os::raw::c_char,
) -> ::std::os::raw::c_int;
}
pub type access_vector_t = ::std::os::raw::c_uint;
pub type security_class_t = ::std::os::raw::c_ushort;
#[repr(C)]
#[derive(Debug, Copy, Clone)]
pub struct av_decision {
pub allowed: access_vector_t,
pub decided: access_vector_t,
pub auditallow: access_vector_t,
pub auditdeny: access_vector_t,
pub seqno: ::std::os::raw::c_uint,
pub flags: ::std::os::raw::c_uint,
}
#[test]
fn bindgen_test_layout_av_decision() {
assert_eq!(
::std::mem::size_of::<av_decision>(),
24usize,
concat!("Size of: ", stringify!(av_decision))
);
assert_eq!(
::std::mem::align_of::<av_decision>(),
4usize,
concat!("Alignment of ", stringify!(av_decision))
);
assert_eq!(
unsafe { &(*(::std::ptr::null::<av_decision>())).allowed as *const _ as usize },
0usize,
concat!(
"Offset of field: ",
stringify!(av_decision),
"::",
stringify!(allowed)
)
);
assert_eq!(
unsafe { &(*(::std::ptr::null::<av_decision>())).decided as *const _ as usize },
4usize,
concat!(
"Offset of field: ",
stringify!(av_decision),
"::",
stringify!(decided)
)
);
assert_eq!(
unsafe { &(*(::std::ptr::null::<av_decision>())).auditallow as *const _ as usize },
8usize,
concat!(
"Offset of field: ",
stringify!(av_decision),
"::",
stringify!(auditallow)
)
);
assert_eq!(
unsafe { &(*(::std::ptr::null::<av_decision>())).auditdeny as *const _ as usize },
12usize,
concat!(
"Offset of field: ",
stringify!(av_decision),
"::",
stringify!(auditdeny)
)
);
assert_eq!(
unsafe { &(*(::std::ptr::null::<av_decision>())).seqno as *const _ as usize },
16usize,
concat!(
"Offset of field: ",
stringify!(av_decision),
"::",
stringify!(seqno)
)
);
assert_eq!(
unsafe { &(*(::std::ptr::null::<av_decision>())).flags as *const _ as usize },
20usize,
concat!(
"Offset of field: ",
stringify!(av_decision),
"::",
stringify!(flags)
)
);
}
#[repr(C)]
#[derive(Debug, Copy, Clone)]
pub struct selinux_opt {
pub type_: ::std::os::raw::c_int,
pub value: *const ::std::os::raw::c_char,
}
#[test]
fn bindgen_test_layout_selinux_opt() {
assert_eq!(
::std::mem::size_of::<selinux_opt>(),
16usize,
concat!("Size of: ", stringify!(selinux_opt))
);
assert_eq!(
::std::mem::align_of::<selinux_opt>(),
8usize,
concat!("Alignment of ", stringify!(selinux_opt))
);
assert_eq!(
unsafe { &(*(::std::ptr::null::<selinux_opt>())).type_ as *const _ as usize },
0usize,
concat!(
"Offset of field: ",
stringify!(selinux_opt),
"::",
stringify!(type_)
)
);
assert_eq!(
unsafe { &(*(::std::ptr::null::<selinux_opt>())).value as *const _ as usize },
8usize,
concat!(
"Offset of field: ",
stringify!(selinux_opt),
"::",
stringify!(value)
)
);
}
#[repr(C)]
#[derive(Copy, Clone)]
pub union selinux_callback {
pub func_log: ::std::option::Option<
unsafe extern "C" fn(
type_: ::std::os::raw::c_int,
fmt: *const ::std::os::raw::c_char,
...
) -> ::std::os::raw::c_int,
>,
pub func_audit: ::std::option::Option<
unsafe extern "C" fn(
auditdata: *mut ::std::os::raw::c_void,
cls: security_class_t,
msgbuf: *mut ::std::os::raw::c_char,
msgbufsize: usize,
) -> ::std::os::raw::c_int,
>,
pub func_validate: ::std::option::Option<
unsafe extern "C" fn(ctx: *mut *mut ::std::os::raw::c_char) -> ::std::os::raw::c_int,
>,
pub func_setenforce: ::std::option::Option<
unsafe extern "C" fn(enforcing: ::std::os::raw::c_int) -> ::std::os::raw::c_int,
>,
pub func_policyload: ::std::option::Option<
unsafe extern "C" fn(seqno: ::std::os::raw::c_int) -> ::std::os::raw::c_int,
>,
_bindgen_union_align: u64,
}
#[test]
fn bindgen_test_layout_selinux_callback() {
assert_eq!(
::std::mem::size_of::<selinux_callback>(),
8usize,
concat!("Size of: ", stringify!(selinux_callback))
);
assert_eq!(
::std::mem::align_of::<selinux_callback>(),
8usize,
concat!("Alignment of ", stringify!(selinux_callback))
);
assert_eq!(
unsafe { &(*(::std::ptr::null::<selinux_callback>())).func_log as *const _ as usize },
0usize,
concat!(
"Offset of field: ",
stringify!(selinux_callback),
"::",
stringify!(func_log)
)
);
assert_eq!(
unsafe { &(*(::std::ptr::null::<selinux_callback>())).func_audit as *const _ as usize },
0usize,
concat!(
"Offset of field: ",
stringify!(selinux_callback),
"::",
stringify!(func_audit)
)
);
assert_eq!(
unsafe { &(*(::std::ptr::null::<selinux_callback>())).func_validate as *const _ as usize },
0usize,
concat!(
"Offset of field: ",
stringify!(selinux_callback),
"::",
stringify!(func_validate)
)
);
assert_eq!(
unsafe {
&(*(::std::ptr::null::<selinux_callback>())).func_setenforce as *const _ as usize
},
0usize,
concat!(
"Offset of field: ",
stringify!(selinux_callback),
"::",
stringify!(func_setenforce)
)
);
assert_eq!(
unsafe {
&(*(::std::ptr::null::<selinux_callback>())).func_policyload as *const _ as usize
},
0usize,
concat!(
"Offset of field: ",
stringify!(selinux_callback),
"::",
stringify!(func_policyload)
)
);
}
impl ::std::fmt::Debug for selinux_callback {
fn fmt(&self, f: &mut ::std::fmt::Formatter<'_>) -> ::std::fmt::Result {
write!(f, "selinux_callback {{ union }}")
}
}
extern "C" {
pub fn selinux_get_callback(type_: ::std::os::raw::c_int) -> selinux_callback;
}
extern "C" {
pub fn selinux_set_callback(type_: ::std::os::raw::c_int, cb: selinux_callback);
}
extern "C" {
pub fn security_compute_av(
scon: *const ::std::os::raw::c_char,
tcon: *const ::std::os::raw::c_char,
tclass: security_class_t,
requested: access_vector_t,
avd: *mut av_decision,
) -> ::std::os::raw::c_int;
}
extern "C" {
pub fn security_compute_av_raw(
scon: *const ::std::os::raw::c_char,
tcon: *const ::std::os::raw::c_char,
tclass: security_class_t,
requested: access_vector_t,
avd: *mut av_decision,
) -> ::std::os::raw::c_int;
}
extern "C" {
pub fn security_compute_av_flags(
scon: *const ::std::os::raw::c_char,
tcon: *const ::std::os::raw::c_char,
tclass: security_class_t,
requested: access_vector_t,
avd: *mut av_decision,
) -> ::std::os::raw::c_int;
}
extern "C" {
pub fn security_compute_av_flags_raw(
scon: *const ::std::os::raw::c_char,
tcon: *const ::std::os::raw::c_char,
tclass: security_class_t,
requested: access_vector_t,
avd: *mut av_decision,
) -> ::std::os::raw::c_int;
}
extern "C" {
pub fn security_compute_create(
scon: *const ::std::os::raw::c_char,
tcon: *const ::std::os::raw::c_char,
tclass: security_class_t,
newcon: *mut *mut ::std::os::raw::c_char,
) -> ::std::os::raw::c_int;
}
extern "C" {
pub fn security_compute_create_raw(
scon: *const ::std::os::raw::c_char,
tcon: *const ::std::os::raw::c_char,
tclass: security_class_t,
newcon: *mut *mut ::std::os::raw::c_char,
) -> ::std::os::raw::c_int;
}
extern "C" {
pub fn security_compute_create_name(
scon: *const ::std::os::raw::c_char,
tcon: *const ::std::os::raw::c_char,
tclass: security_class_t,
objname: *const ::std::os::raw::c_char,
newcon: *mut *mut ::std::os::raw::c_char,
) -> ::std::os::raw::c_int;
}
extern "C" {
pub fn security_compute_create_name_raw(
scon: *const ::std::os::raw::c_char,
tcon: *const ::std::os::raw::c_char,
tclass: security_class_t,
objname: *const ::std::os::raw::c_char,
newcon: *mut *mut ::std::os::raw::c_char,
) -> ::std::os::raw::c_int;
}
extern "C" {
pub fn security_compute_relabel(
scon: *const ::std::os::raw::c_char,
tcon: *const ::std::os::raw::c_char,
tclass: security_class_t,
newcon: *mut *mut ::std::os::raw::c_char,
) -> ::std::os::raw::c_int;
}
extern "C" {
pub fn security_compute_relabel_raw(
scon: *const ::std::os::raw::c_char,
tcon: *const ::std::os::raw::c_char,
tclass: security_class_t,
newcon: *mut *mut ::std::os::raw::c_char,
) -> ::std::os::raw::c_int;
}
extern "C" {
pub fn security_compute_member(
scon: *const ::std::os::raw::c_char,
tcon: *const ::std::os::raw::c_char,
tclass: security_class_t,
newcon: *mut *mut ::std::os::raw::c_char,
) -> ::std::os::raw::c_int;
}
extern "C" {
pub fn security_compute_member_raw(
scon: *const ::std::os::raw::c_char,
tcon: *const ::std::os::raw::c_char,
tclass: security_class_t,
newcon: *mut *mut ::std::os::raw::c_char,
) -> ::std::os::raw::c_int;
}
extern "C" {
pub fn security_validatetrans(
scon: *const ::std::os::raw::c_char,
tcon: *const ::std::os::raw::c_char,
tclass: security_class_t,
newcon: *const ::std::os::raw::c_char,
) -> ::std::os::raw::c_int;
}
extern "C" {
pub fn security_validatetrans_raw(
scon: *const ::std::os::raw::c_char,
tcon: *const ::std::os::raw::c_char,
tclass: security_class_t,
newcon: *const ::std::os::raw::c_char,
) -> ::std::os::raw::c_int;
}
extern "C" {
pub fn security_load_policy(
data: *mut ::std::os::raw::c_void,
len: usize,
) -> ::std::os::raw::c_int;
}
extern "C" {
pub fn security_get_initial_context(
name: *const ::std::os::raw::c_char,
con: *mut *mut ::std::os::raw::c_char,
) -> ::std::os::raw::c_int;
}
extern "C" {
pub fn security_get_initial_context_raw(
name: *const ::std::os::raw::c_char,
con: *mut *mut ::std::os::raw::c_char,
) -> ::std::os::raw::c_int;
}
extern "C" {
pub fn selinux_mkload_policy(preservebools: ::std::os::raw::c_int) -> ::std::os::raw::c_int;
}
extern "C" {
pub fn selinux_init_load_policy(enforce: *mut ::std::os::raw::c_int) -> ::std::os::raw::c_int;
}
#[repr(C)]
#[derive(Debug, Copy, Clone)]
pub struct SELboolean {
pub name: *mut ::std::os::raw::c_char,
pub value: ::std::os::raw::c_int,
}
#[test]
fn bindgen_test_layout_SELboolean() {
assert_eq!(
::std::mem::size_of::<SELboolean>(),
16usize,
concat!("Size of: ", stringify!(SELboolean))
);
assert_eq!(
::std::mem::align_of::<SELboolean>(),
8usize,
concat!("Alignment of ", stringify!(SELboolean))
);
assert_eq!(
unsafe { &(*(::std::ptr::null::<SELboolean>())).name as *const _ as usize },
0usize,
concat!(
"Offset of field: ",
stringify!(SELboolean),
"::",
stringify!(name)
)
);
assert_eq!(
unsafe { &(*(::std::ptr::null::<SELboolean>())).value as *const _ as usize },
8usize,
concat!(
"Offset of field: ",
stringify!(SELboolean),
"::",
stringify!(value)
)
);
}
extern "C" {
pub fn security_set_boolean_list(
boolcnt: usize,
boollist: *mut SELboolean,
permanent: ::std::os::raw::c_int,
) -> ::std::os::raw::c_int;
}
extern "C" {
pub fn security_check_context(con: *const ::std::os::raw::c_char) -> ::std::os::raw::c_int;
}
extern "C" {
pub fn security_check_context_raw(con: *const ::std::os::raw::c_char) -> ::std::os::raw::c_int;
}
extern "C" {
pub fn security_canonicalize_context(
con: *const ::std::os::raw::c_char,
canoncon: *mut *mut ::std::os::raw::c_char,
) -> ::std::os::raw::c_int;
}
extern "C" {
pub fn security_canonicalize_context_raw(
con: *const ::std::os::raw::c_char,
canoncon: *mut *mut ::std::os::raw::c_char,
) -> ::std::os::raw::c_int;
}
extern "C" {
pub fn security_getenforce() -> ::std::os::raw::c_int;
}
extern "C" {
pub fn security_setenforce(value: ::std::os::raw::c_int) -> ::std::os::raw::c_int;
}
extern "C" {
pub fn security_reject_unknown() -> ::std::os::raw::c_int;
}
extern "C" {
pub fn security_deny_unknown() -> ::std::os::raw::c_int;
}
extern "C" {
pub fn security_get_checkreqprot() -> ::std::os::raw::c_int;
}
extern "C" {
pub fn security_disable() -> ::std::os::raw::c_int;
}
extern "C" {
pub fn security_policyvers() -> ::std::os::raw::c_int;
}
extern "C" {
pub fn security_get_boolean_names(
names: *mut *mut *mut ::std::os::raw::c_char,
len: *mut ::std::os::raw::c_int,
) -> ::std::os::raw::c_int;
}
extern "C" {
pub fn security_get_boolean_pending(
name: *const ::std::os::raw::c_char,
) -> ::std::os::raw::c_int;
}
extern "C" {
pub fn security_get_boolean_active(
name: *const ::std::os::raw::c_char,
) -> ::std::os::raw::c_int;
}
extern "C" {
pub fn security_set_boolean(
name: *const ::std::os::raw::c_char,
value: ::std::os::raw::c_int,
) -> ::std::os::raw::c_int;
}
extern "C" {
pub fn security_commit_booleans() -> ::std::os::raw::c_int;
}
#[repr(C)]
#[derive(Copy, Clone)]
pub struct security_class_mapping {
pub name: *const ::std::os::raw::c_char,
pub perms: [*const ::std::os::raw::c_char; 33usize],
}
#[test]
fn bindgen_test_layout_security_class_mapping() {
assert_eq!(
::std::mem::size_of::<security_class_mapping>(),
272usize,
concat!("Size of: ", stringify!(security_class_mapping))
);
assert_eq!(
::std::mem::align_of::<security_class_mapping>(),
8usize,
concat!("Alignment of ", stringify!(security_class_mapping))
);
assert_eq!(
unsafe { &(*(::std::ptr::null::<security_class_mapping>())).name as *const _ as usize },
0usize,
concat!(
"Offset of field: ",
stringify!(security_class_mapping),
"::",
stringify!(name)
)
);
assert_eq!(
unsafe { &(*(::std::ptr::null::<security_class_mapping>())).perms as *const _ as usize },
8usize,
concat!(
"Offset of field: ",
stringify!(security_class_mapping),
"::",
stringify!(perms)
)
);
}
impl ::std::fmt::Debug for security_class_mapping {
fn fmt(&self, f: &mut ::std::fmt::Formatter<'_>) -> ::std::fmt::Result {
write!(
f,
"security_class_mapping {{ name: {:?}, perms: [{}] }}",
self.name,
self.perms
.iter()
.enumerate()
.map(|(i, v)| format!("{}{:?}", if i > 0 { ", " } else { "" }, v))
.collect::<String>()
)
}
}
extern "C" {
#[doc = " selinux_set_mapping - Enable dynamic mapping between integer offsets and security class names"]
#[doc = " @map: array of security_class_mapping structures"]
#[doc = ""]
#[doc = " The core avc_has_perm() API uses integers to represent security"]
#[doc = " classes; previous to the introduction of this function, it was"]
#[doc = " common for userspace object managers to be compiled using generated"]
#[doc = " offsets for a particular policy. However, that strongly ties the build of the userspace components to a particular policy."]
#[doc = ""]
#[doc = " By using this function to map between integer offsets and security"]
#[doc = " class names, it's possible to replace a system policies that have"]
#[doc = " at least the same set of security class names as used by the"]
#[doc = " userspace object managers."]
#[doc = ""]
#[doc = " To correctly use this function, you should override the generated"]
#[doc = " security class defines from the system policy in a local header,"]
#[doc = " starting at 1, and have one security_class_mapping structure entry"]
#[doc = " per define."]
pub fn selinux_set_mapping(map: *mut security_class_mapping) -> ::std::os::raw::c_int;
}
extern "C" {
pub fn mode_to_security_class(mode: mode_t) -> security_class_t;
}
extern "C" {
pub fn string_to_security_class(name: *const ::std::os::raw::c_char) -> security_class_t;
}
extern "C" {
pub fn security_class_to_string(cls: security_class_t) -> *const ::std::os::raw::c_char;
}
extern "C" {
pub fn security_av_perm_to_string(
tclass: security_class_t,
perm: access_vector_t,
) -> *const ::std::os::raw::c_char;
}
extern "C" {
pub fn string_to_av_perm(
tclass: security_class_t,
name: *const ::std::os::raw::c_char,
) -> access_vector_t;
}
extern "C" {
pub fn security_av_string(
tclass: security_class_t,
av: access_vector_t,
result: *mut *mut ::std::os::raw::c_char,
) -> ::std::os::raw::c_int;
}
extern "C" {
pub fn print_access_vector(tclass: security_class_t, av: access_vector_t);
}
extern "C" {
pub fn set_matchpathcon_printf(
f: ::std::option::Option<unsafe extern "C" fn(fmt: *const ::std::os::raw::c_char, ...)>,
);
}
extern "C" {
pub fn set_matchpathcon_invalidcon(
f: ::std::option::Option<
unsafe extern "C" fn(
path: *const ::std::os::raw::c_char,
lineno: ::std::os::raw::c_uint,
context: *mut ::std::os::raw::c_char,
) -> ::std::os::raw::c_int,
>,
);
}
extern "C" {
pub fn set_matchpathcon_canoncon(
f: ::std::option::Option<
unsafe extern "C" fn(
path: *const ::std::os::raw::c_char,
lineno: ::std::os::raw::c_uint,
context: *mut *mut ::std::os::raw::c_char,
) -> ::std::os::raw::c_int,
>,
);
}
extern "C" {
pub fn set_matchpathcon_flags(flags: ::std::os::raw::c_uint);
}
extern "C" {
pub fn matchpathcon_filespec_add(
ino: ino_t,
specind: ::std::os::raw::c_int,
file: *const ::std::os::raw::c_char,
) -> ::std::os::raw::c_int;
}
extern "C" {
pub fn matchpathcon_filespec_destroy();
}
extern "C" {
pub fn matchpathcon_filespec_eval();
}
extern "C" {
pub fn matchpathcon_checkmatches(str_: *mut ::std::os::raw::c_char);
}
extern "C" {
pub fn matchmediacon(
media: *const ::std::os::raw::c_char,
con: *mut *mut ::std::os::raw::c_char,
) -> ::std::os::raw::c_int;
}
extern "C" {
pub fn selinux_getenforcemode(enforce: *mut ::std::os::raw::c_int) -> ::std::os::raw::c_int;
}
extern "C" {
pub fn selinux_boolean_sub(
boolean_name: *const ::std::os::raw::c_char,
) -> *mut ::std::os::raw::c_char;
}
extern "C" {
pub fn selinux_getpolicytype(
policytype: *mut *mut ::std::os::raw::c_char,
) -> ::std::os::raw::c_int;
}
extern "C" {
pub fn selinux_policy_root() -> *const ::std::os::raw::c_char;
}
extern "C" {
pub fn selinux_set_policy_root(
rootpath: *const ::std::os::raw::c_char,
) -> ::std::os::raw::c_int;
}
extern "C" {
pub fn selinux_current_policy_path() -> *const ::std::os::raw::c_char;
}
extern "C" {
pub fn selinux_binary_policy_path() -> *const ::std::os::raw::c_char;
}
extern "C" {
pub fn selinux_failsafe_context_path() -> *const ::std::os::raw::c_char;
}
extern "C" {
pub fn selinux_removable_context_path() -> *const ::std::os::raw::c_char;
}
extern "C" {
pub fn selinux_default_context_path() -> *const ::std::os::raw::c_char;
}
extern "C" {
pub fn selinux_user_contexts_path() -> *const ::std::os::raw::c_char;
}
extern "C" {
pub fn selinux_file_context_path() -> *const ::std::os::raw::c_char;
}
extern "C" {
pub fn selinux_file_context_homedir_path() -> *const ::std::os::raw::c_char;
}
extern "C" {
pub fn selinux_file_context_local_path() -> *const ::std::os::raw::c_char;
}
extern "C" {
pub fn selinux_file_context_subs_path() -> *const ::std::os::raw::c_char;
}
extern "C" {
pub fn selinux_file_context_subs_dist_path() -> *const ::std::os::raw::c_char;
}
extern "C" {
pub fn selinux_homedir_context_path() -> *const ::std::os::raw::c_char;
}
extern "C" {
pub fn selinux_media_context_path() -> *const ::std::os::raw::c_char;
}
extern "C" {
pub fn selinux_virtual_domain_context_path() -> *const ::std::os::raw::c_char;
}
extern "C" {
pub fn selinux_virtual_image_context_path() -> *const ::std::os::raw::c_char;
}
extern "C" {
pub fn selinux_lxc_contexts_path() -> *const ::std::os::raw::c_char;
}
extern "C" {
pub fn selinux_x_context_path() -> *const ::std::os::raw::c_char;
}
extern "C" {
pub fn selinux_sepgsql_context_path() -> *const ::std::os::raw::c_char;
}
extern "C" {
pub fn selinux_openrc_contexts_path() -> *const ::std::os::raw::c_char;
}
extern "C" {
pub fn selinux_openssh_contexts_path() -> *const ::std::os::raw::c_char;
}
extern "C" {
pub fn selinux_snapperd_contexts_path() -> *const ::std::os::raw::c_char;
}
extern "C" {
pub fn selinux_systemd_contexts_path() -> *const ::std::os::raw::c_char;
}
extern "C" {
pub fn selinux_contexts_path() -> *const ::std::os::raw::c_char;
}
extern "C" {
pub fn selinux_securetty_types_path() -> *const ::std::os::raw::c_char;
}
extern "C" {
pub fn selinux_booleans_subs_path() -> *const ::std::os::raw::c_char;
}
extern "C" {
pub fn selinux_customizable_types_path() -> *const ::std::os::raw::c_char;
}
extern "C" {
pub fn selinux_usersconf_path() -> *const ::std::os::raw::c_char;
}
extern "C" {
pub fn selinux_translations_path() -> *const ::std::os::raw::c_char;
}
extern "C" {
pub fn selinux_colors_path() -> *const ::std::os::raw::c_char;
}
extern "C" {
pub fn selinux_netfilter_context_path() -> *const ::std::os::raw::c_char;
}
extern "C" {
pub fn selinux_path() -> *const ::std::os::raw::c_char;
}
extern "C" {
#[doc = " selinux_check_access - Check permissions and perform appropriate auditing."]
#[doc = " @scon: source security context"]
#[doc = " @tcon: target security context"]
#[doc = " @tclass: target security class string"]
#[doc = " @perm: requested permissions string, interpreted based on @tclass"]
#[doc = " @auditdata: auxiliary audit data"]
#[doc = ""]
#[doc = " Check the AVC to determine whether the @perm permissions are granted"]
#[doc = " for the SID pair (@scon, @tcon), interpreting the permissions"]
#[doc = " based on @tclass."]
#[doc = " Return %0 if all @perm permissions are granted, -%1 with"]
#[doc = " @errno set to %EACCES if any permissions are denied or to another"]
#[doc = " value upon other errors."]
#[doc = " If auditing or logging is configured the appropriate callbacks will be called"]
#[doc = " and passed the auditdata field"]
pub fn selinux_check_access(
scon: *const ::std::os::raw::c_char,
tcon: *const ::std::os::raw::c_char,
tclass: *const ::std::os::raw::c_char,
perm: *const ::std::os::raw::c_char,
auditdata: *mut ::std::os::raw::c_void,
) -> ::std::os::raw::c_int;
}
extern "C" {
pub fn selinux_check_securetty_context(
tty_context: *const ::std::os::raw::c_char,
) -> ::std::os::raw::c_int;
}
extern "C" {
pub fn set_selinuxmnt(mnt: *const ::std::os::raw::c_char);
}
extern "C" {
pub fn fini_selinuxmnt();
}
extern "C" {
pub fn is_context_customizable(
scontext: *const ::std::os::raw::c_char,
) -> ::std::os::raw::c_int;
}
extern "C" {
pub fn selinux_trans_to_raw_context(
trans: *const ::std::os::raw::c_char,
rawp: *mut *mut ::std::os::raw::c_char,
) -> ::std::os::raw::c_int;
}
extern "C" {
pub fn selinux_raw_to_trans_context(
raw: *const ::std::os::raw::c_char,
transp: *mut *mut ::std::os::raw::c_char,
) -> ::std::os::raw::c_int;
}
extern "C" {
pub fn selinux_raw_context_to_color(
raw: *const ::std::os::raw::c_char,
color_str: *mut *mut ::std::os::raw::c_char,
) -> ::std::os::raw::c_int;
}
extern "C" {
pub fn getseuserbyname(
linuxuser: *const ::std::os::raw::c_char,
seuser: *mut *mut ::std::os::raw::c_char,
level: *mut *mut ::std::os::raw::c_char,
) -> ::std::os::raw::c_int;
}
extern "C" {
pub fn selinux_file_context_cmp(
a: *const ::std::os::raw::c_char,
b: *const ::std::os::raw::c_char,
) -> ::std::os::raw::c_int;
}
extern "C" {
pub fn selinux_file_context_verify(
path: *const ::std::os::raw::c_char,
mode: mode_t,
) -> ::std::os::raw::c_int;
}
extern "C" {
pub fn selinux_lsetfilecon_default(
path: *const ::std::os::raw::c_char,
) -> ::std::os::raw::c_int;
}
extern "C" {
pub fn selinux_reset_config();
}
#[repr(C)]
#[derive(Debug, Copy, Clone)]
pub struct context_s_t {
pub ptr: *mut ::std::os::raw::c_void,
}
#[test]
fn bindgen_test_layout_context_s_t() {
assert_eq!(
::std::mem::size_of::<context_s_t>(),
8usize,
concat!("Size of: ", stringify!(context_s_t))
);
assert_eq!(
::std::mem::align_of::<context_s_t>(),
8usize,
concat!("Alignment of ", stringify!(context_s_t))
);
assert_eq!(
unsafe { &(*(::std::ptr::null::<context_s_t>())).ptr as *const _ as usize },
0usize,
concat!(
"Offset of field: ",
stringify!(context_s_t),
"::",
stringify!(ptr)
)
);
}
pub type context_t = *mut context_s_t;
extern "C" {
pub fn context_new(arg1: *const ::std::os::raw::c_char) -> context_t;
}
extern "C" {
pub fn context_str(arg1: context_t) -> *mut ::std::os::raw::c_char;
}
extern "C" {
pub fn context_free(arg1: context_t);
}
extern "C" {
pub fn context_type_get(arg1: context_t) -> *const ::std::os::raw::c_char;
}
extern "C" {
pub fn context_range_get(arg1: context_t) -> *const ::std::os::raw::c_char;
}
extern "C" {
pub fn context_role_get(arg1: context_t) -> *const ::std::os::raw::c_char;
}
extern "C" {
pub fn context_user_get(arg1: context_t) -> *const ::std::os::raw::c_char;
}
extern "C" {
pub fn context_type_set(
arg1: context_t,
arg2: *const ::std::os::raw::c_char,
) -> ::std::os::raw::c_int;
}
extern "C" {
pub fn context_range_set(
arg1: context_t,
arg2: *const ::std::os::raw::c_char,
) -> ::std::os::raw::c_int;
}
extern "C" {
pub fn context_role_set(
arg1: context_t,
arg2: *const ::std::os::raw::c_char,
) -> ::std::os::raw::c_int;
}
extern "C" {
pub fn context_user_set(
arg1: context_t,
arg2: *const ::std::os::raw::c_char,
) -> ::std::os::raw::c_int;
}
#[repr(C)]
#[derive(Debug, Copy, Clone)]
pub struct security_id {
pub ctx: *mut ::std::os::raw::c_char,
pub refcnt: ::std::os::raw::c_uint,
}
#[test]
fn bindgen_test_layout_security_id() {
assert_eq!(
::std::mem::size_of::<security_id>(),
16usize,
concat!("Size of: ", stringify!(security_id))
);
assert_eq!(
::std::mem::align_of::<security_id>(),
8usize,
concat!("Alignment of ", stringify!(security_id))
);
assert_eq!(
unsafe { &(*(::std::ptr::null::<security_id>())).ctx as *const _ as usize },
0usize,
concat!(
"Offset of field: ",
stringify!(security_id),
"::",
stringify!(ctx)
)
);
assert_eq!(
unsafe { &(*(::std::ptr::null::<security_id>())).refcnt as *const _ as usize },
8usize,
concat!(
"Offset of field: ",
stringify!(security_id),
"::",
stringify!(refcnt)
)
);
}
pub type security_id_t = *mut security_id;
extern "C" {
#[doc = " avc_sid_to_context - get copy of context corresponding to SID."]
#[doc = " @sid: input SID"]
#[doc = " @ctx: pointer to context reference"]
#[doc = ""]
#[doc = " Return a copy of the security context corresponding to the input"]
#[doc = " @sid in the memory referenced by @ctx. The caller is expected to"]
#[doc = " free the context with freecon(). Return %0 on success, -%1 on"]
#[doc = " failure, with @errno set to %ENOMEM if insufficient memory was"]
#[doc = " available to make the copy, or %EINVAL if the input SID is invalid."]
pub fn avc_sid_to_context(
sid: security_id_t,
ctx: *mut *mut ::std::os::raw::c_char,
) -> ::std::os::raw::c_int;
}
extern "C" {
pub fn avc_sid_to_context_raw(
sid: security_id_t,
ctx: *mut *mut ::std::os::raw::c_char,
) -> ::std::os::raw::c_int;
}
extern "C" {
#[doc = " avc_context_to_sid - get SID for context."]
#[doc = " @ctx: input security context"]
#[doc = " @sid: pointer to SID reference"]
#[doc = ""]
#[doc = " Look up security context @ctx in SID table, making"]
#[doc = " a new entry if @ctx is not found. Increment the"]
#[doc = " reference counter for the SID. Store a pointer"]
#[doc = " to the SID structure into the memory referenced by @sid,"]
#[doc = " returning %0 on success or -%1 on error with @errno set."]
pub fn avc_context_to_sid(
ctx: *const ::std::os::raw::c_char,
sid: *mut security_id_t,
) -> ::std::os::raw::c_int;
}
extern "C" {
pub fn avc_context_to_sid_raw(
ctx: *const ::std::os::raw::c_char,
sid: *mut security_id_t,
) -> ::std::os::raw::c_int;
}
extern "C" {
#[doc = " avc_get_initial_sid - get SID for an initial kernel security identifier"]
#[doc = " @name: input name of initial kernel security identifier"]
#[doc = " @sid: pointer to a SID reference"]
#[doc = ""]
#[doc = " Get the context for an initial kernel security identifier specified by"]
#[doc = " @name using security_get_initial_context() and then call"]
#[doc = " avc_context_to_sid() to get the corresponding SID."]
pub fn avc_get_initial_sid(
name: *const ::std::os::raw::c_char,
sid: *mut security_id_t,
) -> ::std::os::raw::c_int;
}
#[repr(C)]
#[derive(Debug, Copy, Clone)]
pub struct avc_entry {
_unused: [u8; 0],
}
#[repr(C)]
#[derive(Debug, Copy, Clone)]
pub struct avc_entry_ref {
pub ae: *mut avc_entry,
}
#[test]
fn bindgen_test_layout_avc_entry_ref() {
assert_eq!(
::std::mem::size_of::<avc_entry_ref>(),
8usize,
concat!("Size of: ", stringify!(avc_entry_ref))
);
assert_eq!(
::std::mem::align_of::<avc_entry_ref>(),
8usize,
concat!("Alignment of ", stringify!(avc_entry_ref))
);
assert_eq!(
unsafe { &(*(::std::ptr::null::<avc_entry_ref>())).ae as *const _ as usize },
0usize,
concat!(
"Offset of field: ",
stringify!(avc_entry_ref),
"::",
stringify!(ae)
)
);
}
#[repr(C)]
#[derive(Debug, Copy, Clone)]
pub struct avc_memory_callback {
pub func_malloc:
::std::option::Option<unsafe extern "C" fn(size: usize) -> *mut ::std::os::raw::c_void>,
pub func_free: ::std::option::Option<unsafe extern "C" fn(ptr: *mut ::std::os::raw::c_void)>,
}
#[test]
fn bindgen_test_layout_avc_memory_callback() {
assert_eq!(
::std::mem::size_of::<avc_memory_callback>(),
16usize,
concat!("Size of: ", stringify!(avc_memory_callback))
);
assert_eq!(
::std::mem::align_of::<avc_memory_callback>(),
8usize,
concat!("Alignment of ", stringify!(avc_memory_callback))
);
assert_eq!(
unsafe { &(*(::std::ptr::null::<avc_memory_callback>())).func_malloc as *const _ as usize },
0usize,
concat!(
"Offset of field: ",
stringify!(avc_memory_callback),
"::",
stringify!(func_malloc)
)
);
assert_eq!(
unsafe { &(*(::std::ptr::null::<avc_memory_callback>())).func_free as *const _ as usize },
8usize,
concat!(
"Offset of field: ",
stringify!(avc_memory_callback),
"::",
stringify!(func_free)
)
);
}
#[repr(C)]
#[derive(Debug, Copy, Clone)]
pub struct avc_log_callback {
pub func_log:
::std::option::Option<unsafe extern "C" fn(fmt: *const ::std::os::raw::c_char, ...)>,
pub func_audit: ::std::option::Option<
unsafe extern "C" fn(
auditdata: *mut ::std::os::raw::c_void,
cls: security_class_t,
msgbuf: *mut ::std::os::raw::c_char,
msgbufsize: usize,
),
>,
}
#[test]
fn bindgen_test_layout_avc_log_callback() {
assert_eq!(
::std::mem::size_of::<avc_log_callback>(),
16usize,
concat!("Size of: ", stringify!(avc_log_callback))
);
assert_eq!(
::std::mem::align_of::<avc_log_callback>(),
8usize,
concat!("Alignment of ", stringify!(avc_log_callback))
);
assert_eq!(
unsafe { &(*(::std::ptr::null::<avc_log_callback>())).func_log as *const _ as usize },
0usize,
concat!(
"Offset of field: ",
stringify!(avc_log_callback),
"::",
stringify!(func_log)
)
);
assert_eq!(
unsafe { &(*(::std::ptr::null::<avc_log_callback>())).func_audit as *const _ as usize },
8usize,
concat!(
"Offset of field: ",
stringify!(avc_log_callback),
"::",
stringify!(func_audit)
)
);
}
#[repr(C)]
#[derive(Debug, Copy, Clone)]
pub struct avc_thread_callback {
pub func_create_thread: ::std::option::Option<
unsafe extern "C" fn(
run: ::std::option::Option<unsafe extern "C" fn()>,
) -> *mut ::std::os::raw::c_void,
>,
pub func_stop_thread:
::std::option::Option<unsafe extern "C" fn(thread: *mut ::std::os::raw::c_void)>,
}
#[test]
fn bindgen_test_layout_avc_thread_callback() {
assert_eq!(
::std::mem::size_of::<avc_thread_callback>(),
16usize,
concat!("Size of: ", stringify!(avc_thread_callback))
);
assert_eq!(
::std::mem::align_of::<avc_thread_callback>(),
8usize,
concat!("Alignment of ", stringify!(avc_thread_callback))
);
assert_eq!(
unsafe {
&(*(::std::ptr::null::<avc_thread_callback>())).func_create_thread as *const _ as usize
},
0usize,
concat!(
"Offset of field: ",
stringify!(avc_thread_callback),
"::",
stringify!(func_create_thread)
)
);
assert_eq!(
unsafe {
&(*(::std::ptr::null::<avc_thread_callback>())).func_stop_thread as *const _ as usize
},
8usize,
concat!(
"Offset of field: ",
stringify!(avc_thread_callback),
"::",
stringify!(func_stop_thread)
)
);
}
#[repr(C)]
#[derive(Debug, Copy, Clone)]
pub struct avc_lock_callback {
pub func_alloc_lock:
::std::option::Option<unsafe extern "C" fn() -> *mut ::std::os::raw::c_void>,
pub func_get_lock:
::std::option::Option<unsafe extern "C" fn(lock: *mut ::std::os::raw::c_void)>,
pub func_release_lock:
::std::option::Option<unsafe extern "C" fn(lock: *mut ::std::os::raw::c_void)>,
pub func_free_lock:
::std::option::Option<unsafe extern "C" fn(lock: *mut ::std::os::raw::c_void)>,
}
#[test]
fn bindgen_test_layout_avc_lock_callback() {
assert_eq!(
::std::mem::size_of::<avc_lock_callback>(),
32usize,
concat!("Size of: ", stringify!(avc_lock_callback))
);
assert_eq!(
::std::mem::align_of::<avc_lock_callback>(),
8usize,
concat!("Alignment of ", stringify!(avc_lock_callback))
);
assert_eq!(
unsafe {
&(*(::std::ptr::null::<avc_lock_callback>())).func_alloc_lock as *const _ as usize
},
0usize,
concat!(
"Offset of field: ",
stringify!(avc_lock_callback),
"::",
stringify!(func_alloc_lock)
)
);
assert_eq!(
unsafe { &(*(::std::ptr::null::<avc_lock_callback>())).func_get_lock as *const _ as usize },
8usize,
concat!(
"Offset of field: ",
stringify!(avc_lock_callback),
"::",
stringify!(func_get_lock)
)
);
assert_eq!(
unsafe {
&(*(::std::ptr::null::<avc_lock_callback>())).func_release_lock as *const _ as usize
},
16usize,
concat!(
"Offset of field: ",
stringify!(avc_lock_callback),
"::",
stringify!(func_release_lock)
)
);
assert_eq!(
unsafe {
&(*(::std::ptr::null::<avc_lock_callback>())).func_free_lock as *const _ as usize
},
24usize,
concat!(
"Offset of field: ",
stringify!(avc_lock_callback),
"::",
stringify!(func_free_lock)
)
);
}
extern "C" {
#[doc = " avc_open - Initialize the AVC."]
#[doc = " @opts: array of selabel_opt structures specifying AVC options or NULL."]
#[doc = " @nopts: number of elements in opts array or zero for no options."]
#[doc = ""]
#[doc = " This function is identical to avc_init(), except the message prefix"]
#[doc = " is set to \"avc\" and any callbacks desired should be specified via"]
#[doc = " selinux_set_callback(). Available options are listed above."]
pub fn avc_open(opts: *mut selinux_opt, nopts: ::std::os::raw::c_uint)
-> ::std::os::raw::c_int;
}
extern "C" {
#[doc = " avc_cleanup - Remove unused SIDs and AVC entries."]
#[doc = ""]
#[doc = " Search the SID table for SID structures with zero"]
#[doc = " reference counts, and remove them along with all"]
#[doc = " AVC entries that reference them. This can be used"]
#[doc = " to return memory to the system."]
pub fn avc_cleanup();
}
extern "C" {
#[doc = " avc_reset - Flush the cache and reset statistics."]
#[doc = ""]
#[doc = " Remove all entries from the cache and reset all access"]
#[doc = " statistics (as returned by avc_cache_stats()) to zero."]
#[doc = " The SID mapping is not affected. Return %0 on success,"]
#[doc = " -%1 with @errno set on error."]
pub fn avc_reset() -> ::std::os::raw::c_int;
}
extern "C" {
#[doc = " avc_destroy - Free all AVC structures."]
#[doc = ""]
#[doc = " Destroy all AVC structures and free all allocated"]
#[doc = " memory. User-supplied locking, memory, and audit"]
#[doc = " callbacks will be retained, but security-event"]
#[doc = " callbacks will not. All SID's will be invalidated."]
#[doc = " User must call avc_init() if further use of AVC is desired."]
pub fn avc_destroy();
}
extern "C" {
#[doc = " avc_has_perm_noaudit - Check permissions but perform no auditing."]
#[doc = " @ssid: source security identifier"]
#[doc = " @tsid: target security identifier"]
#[doc = " @tclass: target security class"]
#[doc = " @requested: requested permissions, interpreted based on @tclass"]
#[doc = " @aeref: AVC entry reference"]
#[doc = " @avd: access vector decisions"]
#[doc = ""]
#[doc = " Check the AVC to determine whether the @requested permissions are granted"]
#[doc = " for the SID pair (@ssid, @tsid), interpreting the permissions"]
#[doc = " based on @tclass, and call the security server on a cache miss to obtain"]
#[doc = " a new decision and add it to the cache. Update @aeref to refer to an AVC"]
#[doc = " entry with the resulting decisions, and return a copy of the decisions"]
#[doc = " in @avd. Return %0 if all @requested permissions are granted, -%1 with"]
#[doc = " @errno set to %EACCES if any permissions are denied, or to another value"]
#[doc = " upon other errors. This function is typically called by avc_has_perm(),"]
#[doc = " but may also be called directly to separate permission checking from"]
#[doc = " auditing, e.g. in cases where a lock must be held for the check but"]
#[doc = " should be released for the auditing."]
pub fn avc_has_perm_noaudit(
ssid: security_id_t,
tsid: security_id_t,
tclass: security_class_t,
requested: access_vector_t,
aeref: *mut avc_entry_ref,
avd: *mut av_decision,
) -> ::std::os::raw::c_int;
}
extern "C" {
#[doc = " avc_has_perm - Check permissions and perform any appropriate auditing."]
#[doc = " @ssid: source security identifier"]
#[doc = " @tsid: target security identifier"]
#[doc = " @tclass: target security class"]
#[doc = " @requested: requested permissions, interpreted based on @tclass"]
#[doc = " @aeref: AVC entry reference"]
#[doc = " @auditdata: auxiliary audit data"]
#[doc = ""]
#[doc = " Check the AVC to determine whether the @requested permissions are granted"]
#[doc = " for the SID pair (@ssid, @tsid), interpreting the permissions"]
#[doc = " based on @tclass, and call the security server on a cache miss to obtain"]
#[doc = " a new decision and add it to the cache. Update @aeref to refer to an AVC"]
#[doc = " entry with the resulting decisions. Audit the granting or denial of"]
#[doc = " permissions in accordance with the policy. Return %0 if all @requested"]
#[doc = " permissions are granted, -%1 with @errno set to %EACCES if any permissions"]
#[doc = " are denied or to another value upon other errors."]
pub fn avc_has_perm(
ssid: security_id_t,
tsid: security_id_t,
tclass: security_class_t,
requested: access_vector_t,
aeref: *mut avc_entry_ref,
auditdata: *mut ::std::os::raw::c_void,
) -> ::std::os::raw::c_int;
}
extern "C" {
#[doc = " avc_audit - Audit the granting or denial of permissions."]
#[doc = " @ssid: source security identifier"]
#[doc = " @tsid: target security identifier"]
#[doc = " @tclass: target security class"]
#[doc = " @requested: requested permissions"]
#[doc = " @avd: access vector decisions"]
#[doc = " @result: result from avc_has_perm_noaudit"]
#[doc = " @auditdata: auxiliary audit data"]
#[doc = ""]
#[doc = " Audit the granting or denial of permissions in accordance"]
#[doc = " with the policy. This function is typically called by"]
#[doc = " avc_has_perm() after a permission check, but can also be"]
#[doc = " called directly by callers who use avc_has_perm_noaudit()"]
#[doc = " in order to separate the permission check from the auditing."]
#[doc = " For example, this separation is useful when the permission check must"]
#[doc = " be performed under a lock, to allow the lock to be released"]
#[doc = " before calling the auditing code."]
pub fn avc_audit(
ssid: security_id_t,
tsid: security_id_t,
tclass: security_class_t,
requested: access_vector_t,
avd: *mut av_decision,
result: ::std::os::raw::c_int,
auditdata: *mut ::std::os::raw::c_void,
);
}
extern "C" {
#[doc = " avc_compute_create - Compute SID for labeling a new object."]
#[doc = " @ssid: source security identifier"]
#[doc = " @tsid: target security identifier"]
#[doc = " @tclass: target security class"]
#[doc = " @newsid: pointer to SID reference"]
#[doc = ""]
#[doc = " Call the security server to obtain a context for labeling a"]
#[doc = " new object. Look up the context in the SID table, making"]
#[doc = " a new entry if not found. Increment the reference counter"]
#[doc = " for the SID. Store a pointer to the SID structure into the"]
#[doc = " memory referenced by @newsid, returning %0 on success or -%1 on"]
#[doc = " error with @errno set."]
pub fn avc_compute_create(
ssid: security_id_t,
tsid: security_id_t,
tclass: security_class_t,
newsid: *mut security_id_t,
) -> ::std::os::raw::c_int;
}
extern "C" {
#[doc = " avc_compute_member - Compute SID for polyinstantation."]
#[doc = " @ssid: source security identifier"]
#[doc = " @tsid: target security identifier"]
#[doc = " @tclass: target security class"]
#[doc = " @newsid: pointer to SID reference"]
#[doc = ""]
#[doc = " Call the security server to obtain a context for labeling an"]
#[doc = " object instance. Look up the context in the SID table, making"]
#[doc = " a new entry if not found. Increment the reference counter"]
#[doc = " for the SID. Store a pointer to the SID structure into the"]
#[doc = " memory referenced by @newsid, returning %0 on success or -%1 on"]
#[doc = " error with @errno set."]
pub fn avc_compute_member(
ssid: security_id_t,
tsid: security_id_t,
tclass: security_class_t,
newsid: *mut security_id_t,
) -> ::std::os::raw::c_int;
}
extern "C" {
#[doc = " avc_add_callback - Register a callback for security events."]
#[doc = " @callback: callback function"]
#[doc = " @events: bitwise OR of desired security events"]
#[doc = " @ssid: source security identifier or %SECSID_WILD"]
#[doc = " @tsid: target security identifier or %SECSID_WILD"]
#[doc = " @tclass: target security class"]
#[doc = " @perms: permissions"]
#[doc = ""]
#[doc = " Register a callback function for events in the set @events"]
#[doc = " related to the SID pair (@ssid, @tsid) and"]
#[doc = " and the permissions @perms, interpreting"]
#[doc = " @perms based on @tclass. Returns %0 on success or"]
#[doc = " -%1 if insufficient memory exists to add the callback."]
pub fn avc_add_callback(
callback: ::std::option::Option<
unsafe extern "C" fn(
event: u32,
ssid: security_id_t,
tsid: security_id_t,
tclass: security_class_t,
perms: access_vector_t,
out_retained: *mut access_vector_t,
) -> ::std::os::raw::c_int,
>,
events: u32,
ssid: security_id_t,
tsid: security_id_t,
tclass: security_class_t,
perms: access_vector_t,
) -> ::std::os::raw::c_int;
}
#[repr(C)]
#[derive(Debug, Copy, Clone)]
pub struct avc_cache_stats {
pub entry_lookups: ::std::os::raw::c_uint,
pub entry_hits: ::std::os::raw::c_uint,
pub entry_misses: ::std::os::raw::c_uint,
pub entry_discards: ::std::os::raw::c_uint,
pub cav_lookups: ::std::os::raw::c_uint,
pub cav_hits: ::std::os::raw::c_uint,
pub cav_probes: ::std::os::raw::c_uint,
pub cav_misses: ::std::os::raw::c_uint,
}
#[test]
fn bindgen_test_layout_avc_cache_stats() {
assert_eq!(
::std::mem::size_of::<avc_cache_stats>(),
32usize,
concat!("Size of: ", stringify!(avc_cache_stats))
);
assert_eq!(
::std::mem::align_of::<avc_cache_stats>(),
4usize,
concat!("Alignment of ", stringify!(avc_cache_stats))
);
assert_eq!(
unsafe { &(*(::std::ptr::null::<avc_cache_stats>())).entry_lookups as *const _ as usize },
0usize,
concat!(
"Offset of field: ",
stringify!(avc_cache_stats),
"::",
stringify!(entry_lookups)
)
);
assert_eq!(
unsafe { &(*(::std::ptr::null::<avc_cache_stats>())).entry_hits as *const _ as usize },
4usize,
concat!(
"Offset of field: ",
stringify!(avc_cache_stats),
"::",
stringify!(entry_hits)
)
);
assert_eq!(
unsafe { &(*(::std::ptr::null::<avc_cache_stats>())).entry_misses as *const _ as usize },
8usize,
concat!(
"Offset of field: ",
stringify!(avc_cache_stats),
"::",
stringify!(entry_misses)
)
);
assert_eq!(
unsafe { &(*(::std::ptr::null::<avc_cache_stats>())).entry_discards as *const _ as usize },
12usize,
concat!(
"Offset of field: ",
stringify!(avc_cache_stats),
"::",
stringify!(entry_discards)
)
);
assert_eq!(
unsafe { &(*(::std::ptr::null::<avc_cache_stats>())).cav_lookups as *const _ as usize },
16usize,
concat!(
"Offset of field: ",
stringify!(avc_cache_stats),
"::",
stringify!(cav_lookups)
)
);
assert_eq!(
unsafe { &(*(::std::ptr::null::<avc_cache_stats>())).cav_hits as *const _ as usize },
20usize,
concat!(
"Offset of field: ",
stringify!(avc_cache_stats),
"::",
stringify!(cav_hits)
)
);
assert_eq!(
unsafe { &(*(::std::ptr::null::<avc_cache_stats>())).cav_probes as *const _ as usize },
24usize,
concat!(
"Offset of field: ",
stringify!(avc_cache_stats),
"::",
stringify!(cav_probes)
)
);
assert_eq!(
unsafe { &(*(::std::ptr::null::<avc_cache_stats>())).cav_misses as *const _ as usize },
28usize,
concat!(
"Offset of field: ",
stringify!(avc_cache_stats),
"::",
stringify!(cav_misses)
)
);
}
extern "C" {
#[doc = " avc_cache_stats - get cache access statistics."]
#[doc = " @stats: reference to statistics structure"]
#[doc = ""]
#[doc = " Fill the supplied structure with information about AVC"]
#[doc = " activity since the last call to avc_init() or"]
#[doc = " avc_reset(). See the structure definition for"]
#[doc = " details."]
pub fn avc_cache_stats(stats: *mut avc_cache_stats);
}
extern "C" {
#[doc = " avc_av_stats - log av table statistics."]
#[doc = ""]
#[doc = " Log a message with information about the size and"]
#[doc = " distribution of the access vector table. The audit"]
#[doc = " callback is used to print the message."]
pub fn avc_av_stats();
}
extern "C" {
#[doc = " avc_sid_stats - log SID table statistics."]
#[doc = ""]
#[doc = " Log a message with information about the size and"]
#[doc = " distribution of the SID table. The audit callback"]
#[doc = " is used to print the message."]
pub fn avc_sid_stats();
}
extern "C" {
#[doc = " avc_netlink_open - Create a netlink socket and connect to the kernel."]
pub fn avc_netlink_open(blocking: ::std::os::raw::c_int) -> ::std::os::raw::c_int;
}
extern "C" {
#[doc = " avc_netlink_loop - Wait for netlink messages from the kernel"]
pub fn avc_netlink_loop();
}
extern "C" {
#[doc = " avc_netlink_close - Close the netlink socket"]
pub fn avc_netlink_close();
}
extern "C" {
#[doc = " avc_netlink_acquire_fd - Acquire netlink socket fd."]
#[doc = ""]
#[doc = " Allows the application to manage messages from the netlink socket in"]
#[doc = " its own main loop."]
pub fn avc_netlink_acquire_fd() -> ::std::os::raw::c_int;
}
extern "C" {
#[doc = " avc_netlink_release_fd - Release netlink socket fd."]
#[doc = ""]
#[doc = " Returns ownership of the netlink socket to the library."]
pub fn avc_netlink_release_fd();
}
extern "C" {
#[doc = " avc_netlink_check_nb - Check netlink socket for new messages."]
#[doc = ""]
#[doc = " Called by the application when using avc_netlink_acquire_fd() to"]
#[doc = " process kernel netlink events."]
pub fn avc_netlink_check_nb() -> ::std::os::raw::c_int;
}
extern "C" {
#[doc = " selinux_status_open - Open and map SELinux kernel status page"]
#[doc = ""]
pub fn selinux_status_open(fallback: ::std::os::raw::c_int) -> ::std::os::raw::c_int;
}
extern "C" {
#[doc = " selinux_status_close - Unmap and close SELinux kernel status page"]
#[doc = ""]
pub fn selinux_status_close();
}
extern "C" {
#[doc = " selinux_status_updated - Inform us whether the kernel status has been updated"]
#[doc = ""]
pub fn selinux_status_updated() -> ::std::os::raw::c_int;
}
extern "C" {
#[doc = " selinux_status_getenforce - Get the enforce flag value"]
#[doc = ""]
pub fn selinux_status_getenforce() -> ::std::os::raw::c_int;
}
extern "C" {
#[doc = " selinux_status_policyload - Get the number of policy reloaded"]
#[doc = ""]
pub fn selinux_status_policyload() -> ::std::os::raw::c_int;
}
extern "C" {
#[doc = " selinux_status_deny_unknown - Get the behavior for undefined classes/permissions"]
#[doc = ""]
pub fn selinux_status_deny_unknown() -> ::std::os::raw::c_int;
}
#[repr(C)]
#[derive(Debug, Copy, Clone)]
pub struct selabel_handle {
_unused: [u8; 0],
}
extern "C" {
#[doc = " selabel_open - Create a labeling handle."]
#[doc = " @backend: one of the constants specifying a supported labeling backend."]
#[doc = " @opts: array of selabel_opt structures specifying label options or NULL."]
#[doc = " @nopts: number of elements in opts array or zero for no options."]
#[doc = ""]
#[doc = " Open a labeling backend for use. The available backend identifiers are"]
#[doc = " listed above. Options may be provided via the opts parameter; available"]
#[doc = " options are listed above. Not all options may be supported by every"]
#[doc = " backend. Return value is the created handle on success or NULL with"]
#[doc = " @errno set on failure."]
pub fn selabel_open(
backend: ::std::os::raw::c_uint,
opts: *const selinux_opt,
nopts: ::std::os::raw::c_uint,
) -> *mut selabel_handle;
}
extern "C" {
#[doc = " selabel_close - Close a labeling handle."]
#[doc = " @handle: specifies handle to close"]
#[doc = ""]
#[doc = " Destroy the specified handle, closing files, freeing allocated memory,"]
#[doc = " etc. The handle may not be further used after it has been closed."]
pub fn selabel_close(handle: *mut selabel_handle);
}
extern "C" {
#[doc = " selabel_lookup - Perform labeling lookup operation."]
#[doc = " @handle: specifies backend instance to query"]
#[doc = " @con: returns the appropriate context with which to label the object"]
#[doc = " @key: string input to lookup operation"]
#[doc = " @type: numeric input to the lookup operation"]
#[doc = ""]
#[doc = " Perform a labeling lookup operation. Return %0 on success, -%1 with"]
#[doc = " @errno set on failure. The key and type arguments are the inputs to the"]
#[doc = " lookup operation; appropriate values are dictated by the backend in use."]
#[doc = " The result is returned in the memory pointed to by @con and must be freed"]
#[doc = " by the user with freecon()."]
pub fn selabel_lookup(
handle: *mut selabel_handle,
con: *mut *mut ::std::os::raw::c_char,
key: *const ::std::os::raw::c_char,
type_: ::std::os::raw::c_int,
) -> ::std::os::raw::c_int;
}
extern "C" {
pub fn selabel_lookup_raw(
handle: *mut selabel_handle,
con: *mut *mut ::std::os::raw::c_char,
key: *const ::std::os::raw::c_char,
type_: ::std::os::raw::c_int,
) -> ::std::os::raw::c_int;
}
extern "C" {
pub fn selabel_partial_match(
handle: *mut selabel_handle,
key: *const ::std::os::raw::c_char,
) -> bool;
}
extern "C" {
pub fn selabel_get_digests_all_partial_matches(
rec: *mut selabel_handle,
key: *const ::std::os::raw::c_char,
calculated_digest: *mut *mut u8,
xattr_digest: *mut *mut u8,
digest_len: *mut usize,
) -> bool;
}
extern "C" {
pub fn selabel_hash_all_partial_matches(
rec: *mut selabel_handle,
key: *const ::std::os::raw::c_char,
digest: *mut u8,
) -> bool;
}
extern "C" {
pub fn selabel_lookup_best_match(
rec: *mut selabel_handle,
con: *mut *mut ::std::os::raw::c_char,
key: *const ::std::os::raw::c_char,
aliases: *mut *const ::std::os::raw::c_char,
type_: ::std::os::raw::c_int,
) -> ::std::os::raw::c_int;
}
extern "C" {
pub fn selabel_lookup_best_match_raw(
rec: *mut selabel_handle,
con: *mut *mut ::std::os::raw::c_char,
key: *const ::std::os::raw::c_char,
aliases: *mut *const ::std::os::raw::c_char,
type_: ::std::os::raw::c_int,
) -> ::std::os::raw::c_int;
}
extern "C" {
#[doc = " selabel_digest - Retrieve the SHA1 digest and the list of specfiles used to"]
#[doc = "\t\t generate the digest. The SELABEL_OPT_DIGEST option must"]
#[doc = "\t\t be set in selabel_open() to initiate the digest generation."]
#[doc = " @handle: specifies backend instance to query"]
#[doc = " @digest: returns a pointer to the SHA1 digest."]
#[doc = " @digest_len: returns length of digest in bytes."]
#[doc = " @specfiles: a list of specfiles used in the SHA1 digest generation."]
#[doc = "\t The list is NULL terminated and will hold @num_specfiles entries."]
#[doc = " @num_specfiles: number of specfiles in the list."]
#[doc = ""]
#[doc = " Return %0 on success, -%1 with @errno set on failure."]
pub fn selabel_digest(
rec: *mut selabel_handle,
digest: *mut *mut ::std::os::raw::c_uchar,
digest_len: *mut usize,
specfiles: *mut *mut *mut ::std::os::raw::c_char,
num_specfiles: *mut usize,
) -> ::std::os::raw::c_int;
}
pub mod selabel_cmp_result {
pub type Type = ::std::os::raw::c_uint;
pub const SELABEL_SUBSET: Type = 0;
pub const SELABEL_EQUAL: Type = 1;
pub const SELABEL_SUPERSET: Type = 2;
pub const SELABEL_INCOMPARABLE: Type = 3;
}
extern "C" {
#[doc = " selabel_cmp - Compare two label configurations."]
#[doc = " @h1: handle for the first label configuration"]
#[doc = " @h2: handle for the first label configuration"]
#[doc = ""]
#[doc = " Compare two label configurations."]
#[doc = " Return %SELABEL_SUBSET if @h1 is a subset of @h2, %SELABEL_EQUAL"]
#[doc = " if @h1 is identical to @h2, %SELABEL_SUPERSET if @h1 is a superset"]
#[doc = " of @h2, and %SELABEL_INCOMPARABLE if @h1 and @h2 are incomparable."]
pub fn selabel_cmp(
h1: *mut selabel_handle,
h2: *mut selabel_handle,
) -> selabel_cmp_result::Type;
}
extern "C" {
#[doc = " selabel_stats - log labeling operation statistics."]
#[doc = " @handle: specifies backend instance to query"]
#[doc = ""]
#[doc = " Log a message with information about the number of queries performed,"]
#[doc = " number of unused matching entries, or other operational statistics."]
#[doc = " Message is backend-specific, some backends may not output a message."]
pub fn selabel_stats(handle: *mut selabel_handle);
}
extern "C" {
#[doc = " selinux_restorecon - Relabel files."]
#[doc = " @pathname: specifies file/directory to relabel."]
#[doc = " @restorecon_flags: specifies the actions to be performed when relabeling."]
#[doc = ""]
#[doc = " selinux_restorecon(3) will automatically call"]
#[doc = " selinux_restorecon_default_handle(3) and selinux_restorecon_set_sehandle(3)"]
#[doc = " first time through to set the selabel_open(3) parameters to use the"]
#[doc = " currently loaded policy file_contexts and request their computed digest."]
#[doc = ""]
#[doc = " Should other selabel_open(3) parameters be required see"]
#[doc = " selinux_restorecon_set_sehandle(3)."]
pub fn selinux_restorecon(
pathname: *const ::std::os::raw::c_char,
restorecon_flags: ::std::os::raw::c_uint,
) -> ::std::os::raw::c_int;
}
extern "C" {
#[doc = " selinux_restorecon_set_sehandle - Set the global fc handle."]
#[doc = " @hndl: specifies handle to set as the global fc handle."]
#[doc = ""]
#[doc = " Called by a process that has already called selabel_open(3) with its"]
#[doc = " required parameters, or if selinux_restorecon_default_handle(3) has been"]
#[doc = " called to set the default selabel_open(3) parameters."]
pub fn selinux_restorecon_set_sehandle(hndl: *mut selabel_handle);
}
extern "C" {
#[doc = " selinux_restorecon_default_handle - Sets default selabel_open(3) parameters"]
#[doc = "\t\t\t\t to use the currently loaded policy and"]
#[doc = "\t\t\t\t file_contexts."]
#[doc = ""]
#[doc = " Return value is the created handle on success or NULL with @errno set on"]
#[doc = " failure."]
pub fn selinux_restorecon_default_handle() -> *mut selabel_handle;
}
extern "C" {
#[doc = " selinux_restorecon_set_exclude_list - Add a list of directories that are"]
#[doc = "\t\t\t\t\t to be excluded from relabeling."]
#[doc = " @exclude_list: containing a NULL terminated list of one or more"]
#[doc = "\t\t directories not to be relabeled."]
pub fn selinux_restorecon_set_exclude_list(exclude_list: *mut *const ::std::os::raw::c_char);
}
extern "C" {
#[doc = " selinux_restorecon_set_alt_rootpath - Use alternate rootpath."]
#[doc = " @alt_rootpath: containing the alternate rootpath to be used."]
#[doc = ""]
#[doc = " Return %0 on success, -%1 with @errno set on failure."]
pub fn selinux_restorecon_set_alt_rootpath(
alt_rootpath: *const ::std::os::raw::c_char,
) -> ::std::os::raw::c_int;
}
pub mod digest_result {
#[doc = " selinux_restorecon_xattr - Read/remove security.sehash xattr entries."]
#[doc = " @pathname: specifies directory path to check."]
#[doc = " @xattr_flags: specifies the actions to be performed."]
#[doc = " @xattr_list: a linked list of struct dir_xattr structures containing"]
#[doc = " the directory, digest and result of the action on the"]
#[doc = " security.sehash entry."]
#[doc = ""]
#[doc = " selinux_restorecon_xattr(3) will automatically call"]
#[doc = " selinux_restorecon_default_handle(3) and selinux_restorecon_set_sehandle(3)"]
#[doc = " first time through to set the selabel_open(3) parameters to use the"]
#[doc = " currently loaded policy file_contexts and request their computed digest."]
#[doc = ""]
#[doc = " Should other selabel_open(3) parameters be required see"]
#[doc = " selinux_restorecon_set_sehandle(3), however note that a file_contexts"]
#[doc = " computed digest is required for selinux_restorecon_xattr()."]
pub type Type = ::std::os::raw::c_uint;
pub const MATCH: Type = 0;
pub const NOMATCH: Type = 1;
pub const DELETED_MATCH: Type = 2;
pub const DELETED_NOMATCH: Type = 3;
pub const ERROR: Type = 4;
}
#[repr(C)]
#[derive(Debug, Copy, Clone)]
pub struct dir_xattr {
pub directory: *mut ::std::os::raw::c_char,
pub digest: *mut ::std::os::raw::c_char,
pub result: digest_result::Type,
pub next: *mut dir_xattr,
}
#[test]
fn bindgen_test_layout_dir_xattr() {
assert_eq!(
::std::mem::size_of::<dir_xattr>(),
32usize,
concat!("Size of: ", stringify!(dir_xattr))
);
assert_eq!(
::std::mem::align_of::<dir_xattr>(),
8usize,
concat!("Alignment of ", stringify!(dir_xattr))
);
assert_eq!(
unsafe { &(*(::std::ptr::null::<dir_xattr>())).directory as *const _ as usize },
0usize,
concat!(
"Offset of field: ",
stringify!(dir_xattr),
"::",
stringify!(directory)
)
);
assert_eq!(
unsafe { &(*(::std::ptr::null::<dir_xattr>())).digest as *const _ as usize },
8usize,
concat!(
"Offset of field: ",
stringify!(dir_xattr),
"::",
stringify!(digest)
)
);
assert_eq!(
unsafe { &(*(::std::ptr::null::<dir_xattr>())).result as *const _ as usize },
16usize,
concat!(
"Offset of field: ",
stringify!(dir_xattr),
"::",
stringify!(result)
)
);
assert_eq!(
unsafe { &(*(::std::ptr::null::<dir_xattr>())).next as *const _ as usize },
24usize,
concat!(
"Offset of field: ",
stringify!(dir_xattr),
"::",
stringify!(next)
)
);
}
extern "C" {
pub fn selinux_restorecon_xattr(
pathname: *const ::std::os::raw::c_char,
xattr_flags: ::std::os::raw::c_uint,
xattr_list: *mut *mut *mut dir_xattr,
) -> ::std::os::raw::c_int;
}
extern "C" {
pub fn get_ordered_context_list(
user: *const ::std::os::raw::c_char,
fromcon: *mut ::std::os::raw::c_char,
list: *mut *mut *mut ::std::os::raw::c_char,
) -> ::std::os::raw::c_int;
}
extern "C" {
pub fn get_ordered_context_list_with_level(
user: *const ::std::os::raw::c_char,
level: *const ::std::os::raw::c_char,
fromcon: *mut ::std::os::raw::c_char,
list: *mut *mut *mut ::std::os::raw::c_char,
) -> ::std::os::raw::c_int;
}
extern "C" {
pub fn get_default_context(
user: *const ::std::os::raw::c_char,
fromcon: *mut ::std::os::raw::c_char,
newcon: *mut *mut ::std::os::raw::c_char,
) -> ::std::os::raw::c_int;
}
extern "C" {
pub fn get_default_context_with_level(
user: *const ::std::os::raw::c_char,
level: *const ::std::os::raw::c_char,
fromcon: *mut ::std::os::raw::c_char,
newcon: *mut *mut ::std::os::raw::c_char,
) -> ::std::os::raw::c_int;
}
extern "C" {
pub fn get_default_context_with_role(
user: *const ::std::os::raw::c_char,
role: *const ::std::os::raw::c_char,
fromcon: *mut ::std::os::raw::c_char,
newcon: *mut *mut ::std::os::raw::c_char,
) -> ::std::os::raw::c_int;
}
extern "C" {
pub fn get_default_context_with_rolelevel(
user: *const ::std::os::raw::c_char,
role: *const ::std::os::raw::c_char,
level: *const ::std::os::raw::c_char,
fromcon: *mut ::std::os::raw::c_char,
newcon: *mut *mut ::std::os::raw::c_char,
) -> ::std::os::raw::c_int;
}
extern "C" {
pub fn query_user_context(
list: *mut *mut ::std::os::raw::c_char,
newcon: *mut *mut ::std::os::raw::c_char,
) -> ::std::os::raw::c_int;
}
extern "C" {
pub fn manual_user_enter_context(
user: *const ::std::os::raw::c_char,
newcon: *mut *mut ::std::os::raw::c_char,
) -> ::std::os::raw::c_int;
}
extern "C" {
pub fn selinux_default_type_path() -> *const ::std::os::raw::c_char;
}
extern "C" {
pub fn get_default_type(
role: *const ::std::os::raw::c_char,
type_: *mut *mut ::std::os::raw::c_char,
) -> ::std::os::raw::c_int;
}