1avc_compute_create(3)      SELinux API documentation     avc_compute_create(3)
2
3
4

NAME

6       avc_compute_create,  avc_compute_member  - obtain SELinux label for new
7       object.
8

SYNOPSIS

10       #include <selinux/selinux.h>
11
12       #include <selinux/avc.h>
13
14       int avc_compute_create(security_id_t ssid, security_id_t tsid,
15                              security_class_t tclass, security_id_t *newsid);
16
17       int avc_compute_member(security_id_t ssid, security_id_t tsid,
18                              security_class_t tclass, security_id_t *newsid);
19

DESCRIPTION

21       avc_compute_create is used to compute a SID to use for labeling  a  new
22       object in a particular class based on a SID pair.  This call is identiā€
23       cal to security_compute_create, but does not  require  converting  from
24       userspace SID's to contexts and back again.
25
26       avc_compute_member  is  used  to  compute  a  SID to use for labeling a
27       polyinstantiated object instance of a particular class based on  a  SID
28       pair.   This call is identical to security_compute_member, but does not
29       require converting from userspace SID's to contexts and back again.
30
31       These functions return a SID for the computed  context  in  the  memory
32       referenced by sid.
33
34

RETURN VALUE

36       On  success,  zero  is returned.  On error, -1 is returned and errno is
37       set appropriately.
38
39

ERRORS

41       EINVAL The tclass and/or the security contexts referenced by  ssid  and
42              tsid are not recognized by the currently loaded policy.
43
44
45       ENOMEM An attempt to allocate memory failed.
46
47

AUTHOR

49       Eamon Walsh <ewalsh@tycho.nsa.gov>
50
51

SEE ALSO

53       avc_init(3),     avc_context_to_sid(3),     security_compute_create(3),
54       selinux(8)
55
56
57
58                                  30 Mar 2007            avc_compute_create(3)
Impressum