2 * This file is part of buxton.
4 * Copyright (C) 2013 Intel Corporation
6 * buxton is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU Lesser General Public License as
8 * published by the Free Software Foundation; either version 2.1
9 * of the License, or (at your option) any later version.
22 * Maximum length for a Smack label
24 #define SMACK_LABEL_LEN 255
27 * Smack label xattr key
29 #define SMACK_ATTR_NAME "security.SMACK64"
32 * Smackfs mount directory
34 #define SMACK_MOUNT_DIR "/sys/fs/smackfs"
37 * Maximum length of a Smack rule access string
42 * Represents client access to a given resource
44 typedef enum BuxtonKeyAccessType {
45 ACCESS_NONE = 0, /**<No access permitted */
46 ACCESS_READ = 1 << 0, /**<Read access permitted */
47 ACCESS_WRITE = 1 << 1, /**<Write access permitted */
48 ACCESS_MAXACCESSTYPES = 1 << 2
49 } BuxtonKeyAccessType;
52 * Check whether Smack is enabled in buxtond
53 * @return a boolean value, indicating whether Smack is enabled
55 bool buxton_smack_enabled(void)
56 __attribute__((warn_unused_result));
59 * Load Smack rules from the kernel
60 * @return a boolean value, indicating success of the operation
62 bool buxton_cache_smack_rules(void)
63 __attribute__((warn_unused_result));
66 * Check whether the smack access matches the buxton client access
67 * @param subject Smack subject label
68 * @param object Smack object label
69 * @param request The buxton access type being queried
70 * @return true if the smack access matches the given request, otherwise false
72 bool buxton_check_smack_access(BuxtonString *subject,
74 BuxtonKeyAccessType request)
75 __attribute__((warn_unused_result));
78 * Set up inotify to track Smack rule file for changes
79 * @return an exit code for the operation
81 int buxton_watch_smack_rules(void)
82 __attribute__((warn_unused_result));
85 * Editor modelines - http://www.wireshark.org/tools/modelines.html
93 * vi: set shiftwidth=8 tabstop=8 noexpandtab:
94 * :indentSize=8:tabSize=8:noTabs=false: