2
* Copyright (C) 2002-2005 Novell/SUSE
4
* This program is free software; you can redistribute it and/or
5
* modify it under the terms of the GNU General Public License as
6
* published by the Free Software Foundation, version 2 of the
9
* AppArmor submodule (match) prototypes
15
#include "../module_interface.h"
16
#include "../apparmor.h"
18
/* The following functions implement an interface used by the primary
19
* AppArmor module to perform name matching (n.b. "AppArmor" was previously
20
* called "SubDomain").
28
* The intent is for the primary module to export (via virtual fs entries)
29
* the features provided by the submodule (aamatch_features) so that the
30
* parser may only load policy that can be supported.
32
* The primary module will call aamatch_serialize to allow the submodule
33
* to consume submodule specific data from parser data stream and will call
34
* aamatch_match to determine if a pathname matches an aa_entry.
37
typedef int (*aamatch_serializecb)
38
(struct aa_ext *, enum aa_code, void *, const char *);
41
* aamatch_alloc: allocate extradata (if necessary)
42
* @type: type of entry being allocated
43
* Return value: NULL indicates no data was allocated (ERR_PTR(x) on error)
45
extern void* aamatch_alloc(enum entry_match_type type);
48
* aamatch_free: release data allocated by aamatch_alloc
49
* @entry_extradata: data previously allocated by aamatch_alloc
51
extern void aamatch_free(void *entry_extradata);
54
* aamatch_features: return match types supported
55
* Return value: space seperated string (of types supported - use type=value
56
* to indicate variants of a type)
58
extern const char* aamatch_features(void);
61
* aamatch_serialize: serialize extradata
62
* @entry_extradata: data previously allocated by aamatch_alloc
64
* @cb: callback fn (consume incoming data stream)
65
* Return value: 0 success, -ve error
67
extern int aamatch_serialize(void *entry_extradata, struct aa_ext *e,
68
aamatch_serializecb cb);
71
* aamatch_match: determine if pathname matches entry
72
* @pathname: pathname to verify
73
* @entry_name: entry name
74
* @type: type of entry
75
* @entry_extradata: data previously allocated by aamatch_alloc
76
* Return value: 1 match, 0 othersise
78
extern unsigned int aamatch_match(const char *pathname, const char *entry_name,
79
enum entry_match_type type,
80
void *entry_extradata);
84
* sd_getmatch_type - return string representation of entry_match_type
85
* @type: entry match type
87
static inline const char *sd_getmatch_type(enum entry_match_type type)
89
const char *names[] = {
96
if (type >= aa_entry_invalid) {
97
type = aa_entry_invalid;
104
* aamatch_match_common - helper function to check if a pathname matches
106
* @path: path requested to search for
107
* @entry_name: name from aa_entry
108
* @type: type of entry
110
static inline int aamatch_match_common(const char *path,
111
const char *entry_name,
112
enum entry_match_type type)
116
/* literal, no pattern matching characters */
117
if (type == aa_entry_literal) {
118
retval = (strcmp(entry_name, path) == 0);
119
/* trailing ** glob pattern */
120
} else if (type == aa_entry_tailglob) {
121
retval = (strncmp(entry_name, path,
122
strlen(entry_name) - 2) == 0);
124
AA_WARN("%s: Invalid entry_match_type %d\n",
132
#endif /* __MATCH_H */