1b886d83cSThomas Gleixner /* SPDX-License-Identifier: GPL-2.0-only */ 2121d4a91SJohn Johansen /* 3121d4a91SJohn Johansen * AppArmor security module 4121d4a91SJohn Johansen * 5121d4a91SJohn Johansen * This file contains AppArmor security identifier (secid) definitions 6121d4a91SJohn Johansen * 7c0929212SJohn Johansen * Copyright 2009-2018 Canonical Ltd. 8121d4a91SJohn Johansen */ 9121d4a91SJohn Johansen 10121d4a91SJohn Johansen #ifndef __AA_SECID_H 11121d4a91SJohn Johansen #define __AA_SECID_H 12121d4a91SJohn Johansen 13c0929212SJohn Johansen #include <linux/slab.h> 14121d4a91SJohn Johansen #include <linux/types.h> 15121d4a91SJohn Johansen 16c0929212SJohn Johansen struct aa_label; 17c0929212SJohn Johansen 18121d4a91SJohn Johansen /* secid value that will not be allocated */ 19121d4a91SJohn Johansen #define AA_SECID_INVALID 0 20121d4a91SJohn Johansen 21617a629cSMatthew Garrett /* secid value that matches any other secid */ 22617a629cSMatthew Garrett #define AA_SECID_WILDCARD 1 23617a629cSMatthew Garrett 24*524d8e14SJohn Johansen /* sysctl to enable displaying mode when converting secid to secctx */ 25*524d8e14SJohn Johansen extern int apparmor_display_secid_mode; 26*524d8e14SJohn Johansen 27c0929212SJohn Johansen struct aa_label *aa_secid_to_label(u32 secid); 28c0929212SJohn Johansen int apparmor_secid_to_secctx(u32 secid, char **secdata, u32 *seclen); 29c0929212SJohn Johansen int apparmor_secctx_to_secid(const char *secdata, u32 seclen, u32 *secid); 30c0929212SJohn Johansen void apparmor_release_secctx(char *secdata, u32 seclen); 31c0929212SJohn Johansen 32c0929212SJohn Johansen 33a4c3f89cSJohn Johansen int aa_alloc_secid(struct aa_label *label, gfp_t gfp); 34121d4a91SJohn Johansen void aa_free_secid(u32 secid); 35c0929212SJohn Johansen void aa_secid_update(u32 secid, struct aa_label *label); 36121d4a91SJohn Johansen 37121d4a91SJohn Johansen #endif /* __AA_SECID_H */ 38