1 /*
2 * Policy capability support functions
3 */
4
5 #include <string.h>
6 #include <sepol/policydb/polcaps.h>
7
8 static const char * const polcap_names[POLICYDB_CAP_MAX + 1] = {
9 [POLICYDB_CAP_NETPEER] = "network_peer_controls",
10 [POLICYDB_CAP_OPENPERM] = "open_perms",
11 [POLICYDB_CAP_EXTSOCKCLASS] = "extended_socket_class",
12 [POLICYDB_CAP_ALWAYSNETWORK] = "always_check_network",
13 [POLICYDB_CAP_CGROUPSECLABEL] = "cgroup_seclabel",
14 [POLICYDB_CAP_NNP_NOSUID_TRANSITION] = "nnp_nosuid_transition",
15 [POLICYDB_CAP_GENFS_SECLABEL_SYMLINKS] = "genfs_seclabel_symlinks",
16 [POLICYDB_CAP_IOCTL_SKIP_CLOEXEC] = "ioctl_skip_cloexec",
17 [POLICYDB_CAP_USERSPACE_INITIAL_CONTEXT] = "userspace_initial_context",
18 [POLICYDB_CAP_NETLINK_XPERM] = "netlink_xperm",
19 };
20
sepol_polcap_getnum(const char * name)21 int sepol_polcap_getnum(const char *name)
22 {
23 int capnum;
24
25 for (capnum = 0; capnum <= POLICYDB_CAP_MAX; capnum++) {
26 if (polcap_names[capnum] == NULL)
27 continue;
28 if (strcasecmp(polcap_names[capnum], name) == 0)
29 return capnum;
30 }
31 return -1;
32 }
33
sepol_polcap_getname(unsigned int capnum)34 const char *sepol_polcap_getname(unsigned int capnum)
35 {
36 if (capnum > POLICYDB_CAP_MAX)
37 return NULL;
38
39 return polcap_names[capnum];
40 }
41