AccessControl.h - platform/system/hwservicemanager - Git at Google

 #include <string>

 #include <selinux/android.h>
 #include <selinux/avc.h>

 namespace android {

 class AccessControl {
 public:
     AccessControl();

     struct CallingContext {
         bool sidPresent;
         std::string sid;
         pid_t pid;
     };
     static CallingContext getCallingContext(pid_t sourcePid);

     bool canAdd(const std::string& fqName, const CallingContext& callingContext);
     bool canGet(const std::string& fqName, const CallingContext& callingContext);
     bool canList(const CallingContext& callingContext);

 private:

     bool checkPermission(const CallingContext& source, const char *targetContext, const char *perm, const char *interface);
     bool checkPermission(const CallingContext& source, const char *perm, const char *interface);

     static int auditCallback(void *data, security_class_t cls, char *buf, size_t len);

     char*                  mSeContext;
     struct selabel_handle* mSeHandle;
     union selinux_callback mSeCallbacks;
 };

 } // namespace android
	#include <string>

	#include <selinux/android.h>
	#include <selinux/avc.h>

	namespace android {

	class AccessControl {
	public:
	AccessControl();

	struct CallingContext {
	bool sidPresent;
	std::string sid;
	pid_t pid;
	};
	static CallingContext getCallingContext(pid_t sourcePid);

	bool canAdd(const std::string& fqName, const CallingContext& callingContext);
	bool canGet(const std::string& fqName, const CallingContext& callingContext);
	bool canList(const CallingContext& callingContext);

	private:

	bool checkPermission(const CallingContext& source, const char targetContext, const char perm, const char *interface);
	bool checkPermission(const CallingContext& source, const char perm, const char interface);

	static int auditCallback(void data, security_class_t cls, char buf, size_t len);

	char* mSeContext;
	struct selabel_handle* mSeHandle;
	union selinux_callback mSeCallbacks;
	};

	} // namespace android