1avc_compute_create(3)      SELinux API documentation     avc_compute_create(3)
2
3
4

NAME

6       avc_compute_create,  avc_compute_member  - obtain SELinux label for new
7       object
8

SYNOPSIS

10       #include <selinux/selinux.h>
11       #include <selinux/avc.h>
12
13       int avc_compute_create(security_id_t ssid, security_id_t tsid,
14                              security_class_t tclass, security_id_t *newsid);
15
16       int avc_compute_member(security_id_t ssid, security_id_t tsid,
17                              security_class_t tclass, security_id_t *newsid);
18

DESCRIPTION

20       avc_compute_create() is used to compute a SID to use for labeling a new
21       object in a particular class based on a SID pair.  This call is identiā€
22       cal to security_compute_create(), but does not require converting  from
23       userspace SID's to contexts and back again.
24
25       avc_compute_member()  is  used  to  compute a SID to use for labeling a
26       polyinstantiated object instance of a particular class based on  a  SID
27       pair.   This  call  is identical to security_compute_member(), but does
28       not require converting from userspace SID's to contexts and back again.
29
30       These functions return a SID for the computed  context  in  the  memory
31       referenced by sid.
32

RETURN VALUE

34       On  success,  zero  is returned.  On error, -1 is returned and errno is
35       set appropriately.
36

ERRORS

38       EINVAL The tclass and/or the security contexts referenced by  ssid  and
39              tsid are not recognized by the currently loaded policy.
40
41       ENOMEM An attempt to allocate memory failed.
42

AUTHOR

44       Eamon Walsh <ewalsh@tycho.nsa.gov>
45

SEE ALSO

47       avc_init(3),     avc_context_to_sid(3),     security_compute_create(3),
48       selinux(8)
49
50
51
52                                  30 Mar 2007            avc_compute_create(3)
Impressum