1/* 2 * SELinux services exported to the rest of the kernel. 3 * 4 * Author: James Morris <jmorris@redhat.com> 5 * 6 * Copyright (C) 2005 Red Hat, Inc., James Morris <jmorris@redhat.com> 7 * Copyright (C) 2006 Trusted Computer Solutions, Inc. <dgoeddel@trustedcs.com> 8 * Copyright (C) 2006 IBM Corporation, Timothy R. Chavez <tinytim@us.ibm.com> 9 * 10 * This program is free software; you can redistribute it and/or modify 11 * it under the terms of the GNU General Public License version 2, 12 * as published by the Free Software Foundation. 13 */ 14#include <linux/types.h> 15#include <linux/kernel.h> 16#include <linux/module.h> 17#include <linux/selinux.h> 18#include <linux/fs.h> 19#include <linux/ipc.h> 20#include <asm/atomic.h> 21 22#include "security.h" 23#include "objsec.h" 24 25/* SECMARK reference count */ 26extern atomic_t selinux_secmark_refcount; 27 28int selinux_string_to_sid(char *str, u32 *sid) 29{ 30 if (selinux_enabled) 31 return security_context_to_sid(str, strlen(str), sid); 32 else { 33 *sid = 0; 34 return 0; 35 } 36} 37EXPORT_SYMBOL_GPL(selinux_string_to_sid); 38 39int selinux_secmark_relabel_packet_permission(u32 sid) 40{ 41 if (selinux_enabled) { 42 const struct task_security_struct *__tsec; 43 u32 tsid; 44 45 __tsec = current_security(); 46 tsid = __tsec->sid; 47 48 return avc_has_perm(tsid, sid, SECCLASS_PACKET, 49 PACKET__RELABELTO, NULL); 50 } 51 return 0; 52} 53EXPORT_SYMBOL_GPL(selinux_secmark_relabel_packet_permission); 54 55void selinux_secmark_refcount_inc(void) 56{ 57 atomic_inc(&selinux_secmark_refcount); 58} 59EXPORT_SYMBOL_GPL(selinux_secmark_refcount_inc); 60 61void selinux_secmark_refcount_dec(void) 62{ 63 atomic_dec(&selinux_secmark_refcount); 64} 65EXPORT_SYMBOL_GPL(selinux_secmark_refcount_dec); 66 67bool selinux_is_enabled(void) 68{ 69 return selinux_enabled; 70} 71EXPORT_SYMBOL_GPL(selinux_is_enabled); 72