+
+/**
+ * On a policy reload we need to reparse the SELinux configuration file, since
+ * this could have changed. Send a SIGHUP to reload all configs.
+ */
+static int
+policy_reload_callback (u_int32_t event, security_id_t ssid,
+ security_id_t tsid, security_class_t tclass,
+ access_vector_t perms, access_vector_t *out_retained)
+{
+ if (event == AVC_CALLBACK_RESET)
+ return raise (SIGHUP);
+
+ return 0;
+}
+
+/**
+ * Log any auxiliary data
+ */
+static void
+log_audit_callback (void *data, security_class_t class, char *buf, size_t bufleft)
+{
+ DBusString *audmsg = data;
+
+ if (bufleft > (size_t) _dbus_string_get_length(audmsg))
+ {
+ _dbus_string_copy_to_buffer_with_nul (audmsg, buf, bufleft);
+ }
+ else
+ {
+ DBusString s;
+
+ _dbus_string_init_const(&s, "Buffer too small for audit message");
+
+ if (bufleft > (size_t) _dbus_string_get_length(&s))
+ _dbus_string_copy_to_buffer_with_nul (&s, buf, bufleft);
+ }
+}
+
+/**
+ * Create thread to notify the AVC of enforcing and policy reload
+ * changes via netlink.
+ *
+ * @param run the thread run function
+ * @return pointer to the thread
+ */
+static void *
+avc_create_thread (void (*run) (void))
+{
+ int rc;
+
+ rc = pthread_create (&avc_notify_thread, NULL, (void *(*) (void *)) run, NULL);
+ if (rc != 0)
+ {
+ _dbus_warn ("Failed to start AVC thread: %s\n", _dbus_strerror (rc));
+ exit (1);
+ }
+ return &avc_notify_thread;
+}
+
+/* Stop AVC netlink thread. */
+static void
+avc_stop_thread (void *thread)
+{
+ pthread_cancel (*(pthread_t *) thread);
+}
+
+/* Allocate a new AVC lock. */
+static void *
+avc_alloc_lock (void)
+{
+ pthread_mutex_t *avc_mutex;
+
+ avc_mutex = dbus_new (pthread_mutex_t, 1);
+ if (avc_mutex == NULL)
+ {
+ _dbus_warn ("Could not create mutex: %s\n", _dbus_strerror (errno));
+ exit (1);
+ }
+ pthread_mutex_init (avc_mutex, NULL);
+
+ return avc_mutex;
+}
+
+/* Acquire an AVC lock. */
+static void
+avc_get_lock (void *lock)
+{
+ pthread_mutex_lock (lock);
+}
+
+/* Release an AVC lock. */
+static void
+avc_release_lock (void *lock)
+{
+ pthread_mutex_unlock (lock);
+}
+
+/* Free an AVC lock. */
+static void
+avc_free_lock (void *lock)
+{
+ pthread_mutex_destroy (lock);
+ dbus_free (lock);
+}