AccessControl.h - platform/system/hwservicemanager - Git at Google

 #include <string>

 #include <selinux/android.h>
 #include <selinux/avc.h>

 namespace android {

 class AccessControl {
 public:
     AccessControl();

     using Context = std::unique_ptr<char, decltype(&freecon)>;
     Context getContext(pid_t sourcePid);

     bool canAdd(const std::string& fqName, const Context &context, pid_t pid);
     bool canGet(const std::string& fqName, pid_t pid);
     bool canList(pid_t pid);

 private:

     bool checkPermission(const Context &context, pid_t sourceAuditPid, const char *targetContext, const char *perm, const char *interface);
     bool checkPermission(const Context &context, pid_t sourcePid, const char *perm, const char *interface);

     static int auditCallback(void *data, security_class_t cls, char *buf, size_t len);

     char*                  mSeContext;
     struct selabel_handle* mSeHandle;
     union selinux_callback mSeCallbacks;
 };

 } // namespace android
	#include <string>

	#include <selinux/android.h>
	#include <selinux/avc.h>

	namespace android {

	class AccessControl {
	public:
	AccessControl();

	using Context = std::unique_ptr<char, decltype(&freecon)>;
	Context getContext(pid_t sourcePid);

	bool canAdd(const std::string& fqName, const Context &context, pid_t pid);
	bool canGet(const std::string& fqName, pid_t pid);
	bool canList(pid_t pid);

	private:

	bool checkPermission(const Context &context, pid_t sourceAuditPid, const char targetContext, const char perm, const char *interface);
	bool checkPermission(const Context &context, pid_t sourcePid, const char perm, const char interface);

	static int auditCallback(void data, security_class_t cls, char buf, size_t len);

	char* mSeContext;
	struct selabel_handle* mSeHandle;
	union selinux_callback mSeCallbacks;
	};

	} // namespace android