preload-selinux.inc


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45

<?php
/** 
 * ZSTD compressor using FFI and libselinux
 * PoC, only for documentation purpose
 *
 * Copyright (c) 2019 Remi Collet
 * License: CC-BY-SA
 * http://creativecommons.org/licenses/by-sa/4.0/
 */
namespace Remi;

class SELinux {
	static private $ffi = null;

	private static function init() {
		if (self::$ffi) {
			return;
		}
		// Try if preloaded
		try {
			self::$ffi = \FFI::scope("_REMI_SELINUX_");
			echo "Using FFI::scope OK\n";
		} catch (\FFI\Exception $e) {
			// Try direct load
			self::$ffi = \FFI::load(__DIR__ . '/preload-selinux.h');
			echo "Using FFI::load OK\n";
		}
		if (!self::$ffi) {
			throw new \RuntimeException("FFI parse fails");
		}
	}

	public static function is_enabled(): bool {
		self::init();

		return (bool)self::$ffi->is_selinux_enabled();
	}

	public static function getenforce(): int {
		self::init();

		return self::$ffi->security_getenforce();
	}
}