libsemanage: add default priority to semanage_handle_t

For backwards compatiblity purposes we need to provide a default priority that the current set of module install/upgrade/remove functions can use. The default priority is 400. Adds semanage_module_validate_priority so that it can be used to verify the given priority. See next patch for other validation functions. Signed-off-by: Chad Sellers <csellers@tresys.com>
2009-12-23 18:25:53 -05:00 · 2009-12-23 18:25:53 -05:00 · 73430e5542
commit 73430e5542
parent e57389343a
4 changed files with 47 additions and 0 deletions
--- a/libsemanage/src/handle.c
+++ b/libsemanage/src/handle.c
@ -59,6 +59,9 @@ semanage_handle_t *semanage_handle_create(void)
 		goto err;
 	sepol_msg_set_callback(sh->sepolh, semanage_msg_relay_handler, sh);

+	/* Default priority is 400 */
+	sh->priority = 400;
+
 	/* By default do not rebuild the policy on commit
 	 * If any changes are made, this flag is ignored */
 	sh->do_rebuild = 0;
@ -150,6 +153,26 @@ void semanage_set_check_contexts(semanage_handle_t * sh, int do_check_contexts)
 	return;
 }

+uint16_t semanage_get_default_priority(semanage_handle_t *sh)
+{
+	assert(sh != NULL);
+	return sh->priority;
+}
+
+int semanage_set_default_priority(semanage_handle_t *sh, uint16_t priority)
+{
+	assert(sh != NULL);
+
+	/* Verify priority */
+	if (semanage_module_validate_priority(priority) < 0) {
+		ERR(sh, "Priority %d is invalid.", priority);
+		return -1;
+	}
+
+	sh->priority = priority;
+	return 0;
+}
+
 int semanage_is_connected(semanage_handle_t * sh)
 {
 	assert(sh != NULL);
--- a/libsemanage/src/handle.h
+++ b/libsemanage/src/handle.h
@ -23,6 +23,7 @@
 #ifndef _SEMANAGE_INTERNAL_HANDLE_H_
 #define _SEMANAGE_INTERNAL_HANDLE_H_

+#include <stdint.h>
 #include <stddef.h>
 #include "handle_internal.h"
 #include <sepol/handle.h>
@ -55,6 +56,8 @@ struct semanage_handle {
 	sepol_handle_t *sepolh;

 	semanage_conf_t *conf;
+
+	uint16_t priority;
 	int is_connected;
 	int is_in_transaction;
 	int do_reload;		/* whether to reload policy after commit */
--- a/libsemanage/src/modules.c
+++ b/libsemanage/src/modules.c
@ -215,3 +215,20 @@ const char *semanage_module_get_version(semanage_module_info_t * modinfo)
 }

 hidden_def(semanage_module_get_version)
+
+#define PRIORITY_MIN 1
+#define PRIORITY_MAX 999
+
+/* Validates priority.
+ *
+ * returns -1 if priority is not in the valid range, returns 0 otherwise
+ */
+int semanage_module_validate_priority(uint16_t priority)
+{
+	if (priority >= PRIORITY_MIN && priority <= PRIORITY_MAX) {
+		return 0;
+	}
+
+	return -1;
+}
+
--- a/libsemanage/src/modules.h
+++ b/libsemanage/src/modules.h
@ -21,6 +21,8 @@
 #ifndef _SEMANAGE_INTERNAL_MODULES_H_
 #define _SEMANAGE_INTERNAL_MODULES_H_

+#include <stdint.h>
+
 #include "module_internal.h"

 struct semanage_module_info {
@ -28,4 +30,6 @@ struct semanage_module_info {
 	char *version;
 };

+int semanage_module_validate_priority(uint16_t priority);
+
 #endif