avc_compute_create(3) — Linux manual page

NAME | SYNOPSIS | DESCRIPTION | RETURN VALUE | ERRORS | AUTHOR | SEE ALSO | COLOPHON

avc_compute_create(3)   SELinux API documentation  avc_compute_create(3)

NAME         top

       avc_compute_create, avc_compute_member - obtain SELinux label for
       new object

SYNOPSIS         top

       #include <selinux/selinux.h>
       #include <selinux/avc.h>

       int avc_compute_create(security_id_t ssid, security_id_t tsid,
                              security_class_t tclass, security_id_t
                              *newsid);

       int avc_compute_member(security_id_t ssid, security_id_t tsid,
                              security_class_t tclass, security_id_t
                              *newsid);

DESCRIPTION         top

       avc_compute_create() is used to compute a SID to use for labeling
       a new object in a particular class based on a SID pair.  This
       call is identical to security_compute_create(), but does not
       require converting from userspace SID's to contexts and back
       again.

       avc_compute_member() is used to compute a SID to use for labeling
       a polyinstantiated object instance of a particular class based on
       a SID pair.  This call is identical to security_compute_member(),
       but does not require converting from userspace SID's to contexts
       and back again.

       These functions return a SID for the computed context in the
       memory referenced by sid.

RETURN VALUE         top

       On success, zero is returned.  On error, -1 is returned and errno
       is set appropriately.

ERRORS         top

       EINVAL The tclass and/or the security contexts referenced by ssid
              and tsid are not recognized by the currently loaded
              policy.

       ENOMEM An attempt to allocate memory failed.

AUTHOR         top

       Eamon Walsh <ewalsh@tycho.nsa.gov>

SEE ALSO         top

       avc_init(3), avc_context_to_sid(3), security_compute_create(3),
       selinux(8)

COLOPHON         top

       This page is part of the selinux (Security-Enhanced Linux user-
       space libraries and tools) project.  Information about the
       project can be found at 
       ⟨https://github.com/SELinuxProject/selinux/wiki⟩.  If you have a
       bug report for this manual page, see
       ⟨https://github.com/SELinuxProject/selinux/wiki/Contributing⟩.
       This page was obtained from the project's upstream Git repository
       ⟨https://github.com/SELinuxProject/selinux⟩ on 2024-06-14.  (At
       that time, the date of the most recent commit that was found in
       the repository was 2023-05-11.)  If you discover any rendering
       problems in this HTML version of the page, or you believe there
       is a better or more up-to-date source for the page, or you have
       corrections or improvements to the information in this COLOPHON
       (which is not part of the original manual page), send a mail to
       man-pages@man7.org

                               30 Mar 2007         avc_compute_create(3)