16cd6a6acSopenharmony_ci#ifndef _SEPOL_IBPKEYS_H_
26cd6a6acSopenharmony_ci#define _SEPOL_IBPKEYS_H_
36cd6a6acSopenharmony_ci
46cd6a6acSopenharmony_ci#include <sepol/handle.h>
56cd6a6acSopenharmony_ci#include <sepol/policydb.h>
66cd6a6acSopenharmony_ci#include <sepol/ibpkey_record.h>
76cd6a6acSopenharmony_ci
86cd6a6acSopenharmony_ci
96cd6a6acSopenharmony_ci#ifdef __cplusplus
106cd6a6acSopenharmony_ciextern "C" {
116cd6a6acSopenharmony_ci#endif
126cd6a6acSopenharmony_ci
136cd6a6acSopenharmony_ci/* Return the number of ibpkeys */
146cd6a6acSopenharmony_ciextern int sepol_ibpkey_count(sepol_handle_t *handle,
156cd6a6acSopenharmony_ci			      const sepol_policydb_t *p, unsigned int *response);
166cd6a6acSopenharmony_ci
176cd6a6acSopenharmony_ci/* Check if a ibpkey exists */
186cd6a6acSopenharmony_ciextern int sepol_ibpkey_exists(sepol_handle_t *handle,
196cd6a6acSopenharmony_ci			       const sepol_policydb_t *policydb,
206cd6a6acSopenharmony_ci			       const sepol_ibpkey_key_t *key, int *response);
216cd6a6acSopenharmony_ci
226cd6a6acSopenharmony_ci/* Query a ibpkey - returns the ibpkey, or NULL if not found */
236cd6a6acSopenharmony_ciextern int sepol_ibpkey_query(sepol_handle_t *handle,
246cd6a6acSopenharmony_ci			      const sepol_policydb_t *policydb,
256cd6a6acSopenharmony_ci			      const sepol_ibpkey_key_t *key,
266cd6a6acSopenharmony_ci			      sepol_ibpkey_t **response);
276cd6a6acSopenharmony_ci
286cd6a6acSopenharmony_ci/* Modify a ibpkey, or add it, if the key is not found */
296cd6a6acSopenharmony_ciextern int sepol_ibpkey_modify(sepol_handle_t *handle,
306cd6a6acSopenharmony_ci			       sepol_policydb_t *policydb,
316cd6a6acSopenharmony_ci			       const sepol_ibpkey_key_t *key,
326cd6a6acSopenharmony_ci			       const sepol_ibpkey_t *data);
336cd6a6acSopenharmony_ci
346cd6a6acSopenharmony_ci/* Iterate the ibpkeys
356cd6a6acSopenharmony_ci * The handler may return:
366cd6a6acSopenharmony_ci * -1 to signal an error condition,
376cd6a6acSopenharmony_ci * 1 to signal successful exit
386cd6a6acSopenharmony_ci * 0 to signal continue
396cd6a6acSopenharmony_ci */
406cd6a6acSopenharmony_ciextern int sepol_ibpkey_iterate(sepol_handle_t *handle,
416cd6a6acSopenharmony_ci				const sepol_policydb_t *policydb,
426cd6a6acSopenharmony_ci				int (*fn)(const sepol_ibpkey_t *ibpkey,
436cd6a6acSopenharmony_ci					  void *fn_arg), void *arg);
446cd6a6acSopenharmony_ci
456cd6a6acSopenharmony_ci
466cd6a6acSopenharmony_ci#ifdef __cplusplus
476cd6a6acSopenharmony_ci}
486cd6a6acSopenharmony_ci#endif
496cd6a6acSopenharmony_ci
506cd6a6acSopenharmony_ci#endif
51