404

/* Author : Stephen Smalley, <sds@epoch.ncsc.mil> */
/*
 * Updated: Trusted Computer Solutions, Inc. <dgoeddel@trustedcs.com>
 *
 *	Support for enhanced MLS infrastructure.
 *
 * Copyright (C) 2004-2005 Trusted Computer Solutions, Inc.
 *
 *  This library is free software; you can redistribute it and/or
 *  modify it under the terms of the GNU Lesser General Public
 *  License as published by the Free Software Foundation; either
 *  version 2.1 of the License, or (at your option) any later version.
 *
 *  This library is distributed in the hope that it will be useful,
 *  but WITHOUT ANY WARRANTY; without even the implied warranty of
 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 *  Lesser General Public License for more details.
 *
 *  You should have received a copy of the GNU Lesser General Public
 *  License along with this library; if not, write to the Free Software
 *  Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
 */

/* FLASK */

/*
 * Type definitions for the multi-level security (MLS) policy.
 */

#ifndef _SEPOL_POLICYDB_MLS_TYPES_H_
#define _SEPOL_POLICYDB_MLS_TYPES_H_

#include <stdint.h>
#include <stdlib.h>
#include <sepol/policydb/ebitmap.h>
#include <sepol/policydb/flask_types.h>
#include <sys/cdefs.h>

__BEGIN_DECLS

typedef struct mls_level {
	uint32_t sens;		/* sensitivity */
	ebitmap_t cat;		/* category set */
} mls_level_t;

typedef struct mls_range {
	mls_level_t level[2];	/* low == level[0], high == level[1] */
} mls_range_t;

static inline int mls_level_cpy(struct mls_level *dst, struct mls_level *src)
{

	dst->sens = src->sens;
	if (ebitmap_cpy(&dst->cat, &src->cat) < 0)
		return -1;
	return 0;
}

static inline void mls_level_init(struct mls_level *level)
{

	memset(level, 0, sizeof(mls_level_t));
}

static inline void mls_level_destroy(struct mls_level *level)
{

	if (level == NULL)
		return;

	ebitmap_destroy(&level->cat);
	mls_level_init(level);
}

static inline int mls_level_eq(const struct mls_level *l1, const struct mls_level *l2)
{
	return ((l1->sens == l2->sens) && ebitmap_cmp(&l1->cat, &l2->cat));
}

static inline int mls_level_dom(const struct mls_level *l1, const struct mls_level *l2)
{
	return ((l1->sens >= l2->sens) && ebitmap_contains(&l1->cat, &l2->cat));
}

#define mls_level_incomp(l1, l2) \
(!mls_level_dom((l1), (l2)) && !mls_level_dom((l2), (l1)))

#define mls_level_between(l1, l2, l3) \
(mls_level_dom((l1), (l2)) && mls_level_dom((l3), (l1)))

#define mls_range_contains(r1, r2) \
(mls_level_dom(&(r2).level[0], &(r1).level[0]) && \
 mls_level_dom(&(r1).level[1], &(r2).level[1]))

static inline int mls_range_cpy(mls_range_t * dst, mls_range_t * src)
{

	if (mls_level_cpy(&dst->level[0], &src->level[0]) < 0)
		goto err;

	if (mls_level_cpy(&dst->level[1], &src->level[1]) < 0)
		goto err_destroy;

	return 0;

      err_destroy:
	mls_level_destroy(&dst->level[0]);

      err:
	return -1;
}

static inline void mls_range_init(struct mls_range *r)
{
	mls_level_init(&r->level[0]);
	mls_level_init(&r->level[1]);
}

static inline void mls_range_destroy(struct mls_range *r)
{
	mls_level_destroy(&r->level[0]);
	mls_level_destroy(&r->level[1]);
}

static inline int mls_range_eq(struct mls_range *r1, struct mls_range *r2)
{
	return (mls_level_eq(&r1->level[0], &r2->level[0]) &&
	        mls_level_eq(&r1->level[1], &r2->level[1]));
}

typedef struct mls_semantic_cat {
	uint32_t low;	/* first bit this struct represents */
	uint32_t high;	/* last bit represented - equals low for a single cat */
	struct mls_semantic_cat *next;
} mls_semantic_cat_t;

typedef struct mls_semantic_level {
	uint32_t sens;
	mls_semantic_cat_t *cat;
} mls_semantic_level_t;

typedef struct mls_semantic_range {
	mls_semantic_level_t level[2];
} mls_semantic_range_t;

extern void mls_semantic_cat_init(mls_semantic_cat_t *c);
extern void mls_semantic_cat_destroy(mls_semantic_cat_t *c);
extern void mls_semantic_level_init(mls_semantic_level_t *l);
extern void mls_semantic_level_destroy(mls_semantic_level_t *l);
extern int mls_semantic_level_cpy(mls_semantic_level_t *dst, mls_semantic_level_t *src);
extern void mls_semantic_range_init(mls_semantic_range_t *r);
extern void mls_semantic_range_destroy(mls_semantic_range_t *r);
extern int mls_semantic_range_cpy(mls_semantic_range_t *dst, mls_semantic_range_t *src);

__END_DECLS
#endif

Name	Type	Size	Permission
avrule_block.h	File	1.58 KB	0644
avtab.h	File	4.61 KB	0644
conditional.h	File	4.6 KB	0644
constraint.h	File	2.47 KB	0644
context.h	File	2.19 KB	0644
ebitmap.h	File	3.08 KB	0644
expand.h	File	3.55 KB	0644
flask.h	File	4.88 KB	0644
flask_types.h	File	1.72 KB	0644
hashtab.h	File	4.18 KB	0644
hierarchy.h	File	1.76 KB	0644
link.h	File	498 B	0644
mls_types.h	File	4.26 KB	0644
module.h	File	1.48 KB	0644
polcaps.h	File	694 B	0644
policydb.h	File	24.91 KB	0644
services.h	File	8.32 KB	0644
sidtab.h	File	1.91 KB	0644
symtab.h	File	1.06 KB	0644
util.h	File	1.41 KB	0644

[ Avaa Bypassed ]

Upload:

Command:

Filemanager

Server Info

System Info