avc_compute_create(3) - Linux manual page

man7.org > Linux > man-pages

Linux/UNIX system programming training

NAME | SYNOPSIS | DESCRIPTION | RETURN VALUE | ERRORS | AUTHOR | SEE ALSO | COLOPHON 

avc_compute_create(3)     SELinux API documentation    avc_compute_create(3)

NAME         top

       avc_compute_create, avc_compute_member - obtain SELinux label for new
       object

SYNOPSIS         top

       #include <selinux/selinux.h>
       #include <selinux/avc.h>

       int avc_compute_create(security_id_t ssid, security_id_t tsid,
                              security_class_t tclass, security_id_t
                              *newsid);

       int avc_compute_member(security_id_t ssid, security_id_t tsid,
                              security_class_t tclass, security_id_t
                              *newsid);

DESCRIPTION         top

       avc_compute_create() is used to compute a SID to use for labeling a
       new object in a particular class based on a SID pair.  This call is
       identical to security_compute_create(), but does not require
       converting from userspace SID's to contexts and back again.

       avc_compute_member() is used to compute a SID to use for labeling a
       polyinstantiated object instance of a particular class based on a SID
       pair.  This call is identical to security_compute_member(), but does
       not require converting from userspace SID's to contexts and back
       again.

       These functions return a SID for the computed context in the memory
       referenced by sid.

RETURN VALUE         top

       On success, zero is returned.  On error, -1 is returned and errno is
       set appropriately.

ERRORS         top

       EINVAL The tclass and/or the security contexts referenced by ssid and
              tsid are not recognized by the currently loaded policy.

       ENOMEM An attempt to allocate memory failed.

AUTHOR         top

       Eamon Walsh <ewalsh@tycho.nsa.gov>

SEE ALSO         top

       avc_init(3), avc_context_to_sid(3), security_compute_create(3),
       selinux(8)

COLOPHON         top

       This page is part of the selinux (Security-Enhanced Linux user-space
       libraries and tools) project.  Information about the project can be
       found at ⟨https://github.com/SELinuxProject/selinux/wiki⟩.  If you
       have a bug report for this manual page, see
       ⟨https://github.com/SELinuxProject/selinux/wiki/Contributing⟩.  This
       page was obtained from the project's upstream Git repository
       ⟨https://github.com/SELinuxProject/selinux⟩ on 2018-02-02.  (At that
       time, the date of the most recent commit that was found in the repos‐
       itory was 2018-01-25.)  If you discover any rendering problems in
       this HTML version of the page, or you believe there is a better or
       more up-to-date source for the page, or you have corrections or
       improvements to the information in this COLOPHON (which is not part
       of the original manual page), send a mail to man-pages@man7.org

                                 30 Mar 2007           avc_compute_create(3)

HTML rendering created 2018-02-02 by Michael Kerrisk, author of The Linux Programming Interface, maintainer of the Linux man-pages project.

For details of in-depth Linux/UNIX system programming training courses that I teach, look here.

Hosting by jambit GmbH.

Valid XHTML 1.1

Cover of TLPI