libsepol: add sepol_av_perm_to_string
Add a wrapper around the utility function sepol_av_to_string() on the service internal policy. This allows callers to convert a permission bit set into a string representation without access to the internal policy structure. Acked-by: James Carter <jwcart2@gmail.com> Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
This commit is contained in:
parent
73562de8fc
commit
f0e085f684
2 changed files with 15 additions and 0 deletions
|
@ -103,6 +103,15 @@ extern int sepol_string_to_av_perm(sepol_security_class_t tclass,
|
||||||
const char *perm_name,
|
const char *perm_name,
|
||||||
sepol_access_vector_t *av);
|
sepol_access_vector_t *av);
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Return a string representation of the permission av bit associated with
|
||||||
|
* tclass.
|
||||||
|
* Returns a pointer to an internal buffer, overridden by the next call to
|
||||||
|
* this function or sepol_av_to_string().
|
||||||
|
*/
|
||||||
|
extern const char *sepol_av_perm_to_string(sepol_security_class_t tclass,
|
||||||
|
sepol_access_vector_t av);
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Compute a SID to use for labeling a new object in the
|
* Compute a SID to use for labeling a new object in the
|
||||||
* class `tclass' based on a SID pair.
|
* class `tclass' based on a SID pair.
|
||||||
|
|
|
@ -1233,6 +1233,12 @@ out:
|
||||||
return STATUS_ERR;
|
return STATUS_ERR;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
const char *sepol_av_perm_to_string(sepol_security_class_t tclass,
|
||||||
|
sepol_access_vector_t av)
|
||||||
|
{
|
||||||
|
return sepol_av_to_string(policydb, tclass, av);
|
||||||
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Write the security context string representation of
|
* Write the security context string representation of
|
||||||
* the context associated with `sid' into a dynamically
|
* the context associated with `sid' into a dynamically
|
||||||
|
|
Loading…
Reference in a new issue