1 /*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21 /*
22 * Copyright 2008 Sun Microsystems, Inc. All rights reserved.
23 * Use is subject to license terms.
24 */
25
26 #pragma ident "%Z%%M% %I% %E% SMI"
27
28 /*
29 * bl.c - Binary label operations for kernel and user.
30 *
31 * These routines initialize, compare, set and extract portions
32 * of binary labels.
33 */
34
35 #include <sys/tsol/label.h>
36 #include <sys/tsol/label_macro.h>
37
38
39 /*
40 * bltype - Check the type of a label structure.
41 *
42 * Entry label = Address of the label to check.
43 * type = Label type to check:
44 * SUN_SL_ID = Sensitivity Label,
45 * SUN_SL_UN = Undefined Sensitivity Label structure,
46 * SUN_IL_ID = Information Label,
47 * SUN_IL_UN = Undefined Information Label structure,
48 * SUN_CLR_ID = Clearance, or
49 * SUN_CLR_UN = Undefined Clearance structure.
50 *
51 * Exit None.
52 *
53 * Returns True if the label is the type requested,
54 * otherwise false.
55 *
56 * Calls BLTYPE.
57 */
58
59 int
bltype(const void * label,uint8_t type)60 bltype(const void *label, uint8_t type)
61 {
62
63 return (BLTYPE(label, type));
64 }
65
66
67 /*
68 * blequal - Compare two labels for Classification and Compartments set
69 * equality.
70 *
71 * Entry label1, label2 = label levels to compare.
72 *
73 * Exit None.
74 *
75 * Returns True if labels equal,
76 * otherwise false.
77 *
78 * Calls BLEQUAL.
79 */
80
81 int
blequal(const m_label_t * label1,const m_label_t * label2)82 blequal(const m_label_t *label1, const m_label_t *label2)
83 {
84
85 return (BLEQUAL(label1, label2));
86 }
87
88
89 /*
90 * bldominates - Compare two labels for Classification and Compartments
91 * sets dominance.
92 *
93 * Entry label1, label2 = labels levels to compare.
94 *
95 * Exit None.
96 *
97 * Returns True if label1 dominates label2,
98 * otherwise false.
99 *
100 * Calls BLDOMINATES.
101 */
102
103 int
bldominates(const m_label_t * label1,const m_label_t * label2)104 bldominates(const m_label_t *label1, const m_label_t *label2)
105 {
106
107 return (BLDOMINATES(label1, label2));
108 }
109
110
111 /*
112 * blstrictdom - Compare two labels for Classification and Compartments
113 * sets strict dominance.
114 *
115 * Entry label1, label2 = labels levels to compare.
116 *
117 * Exit None.
118 *
119 * Returns True if label1 dominates and is not equal to label2,
120 * otherwise false.
121 *
122 * Calls BLSTRICTDOM.
123 */
124
125 int
blstrictdom(const m_label_t * label1,const m_label_t * label2)126 blstrictdom(const m_label_t *label1, const m_label_t *label2)
127 {
128
129 return (BLSTRICTDOM(label1, label2));
130 }
131
132
133 /*
134 * blinrange - Compare a label's classification and compartments set to
135 * be within a lower and upper bound (range).
136 *
137 * Entry label = label level to compare.
138 * range = level range to compare against.
139 *
140 * Exit None.
141 *
142 * Returns True if label is within the range,
143 * otherwise false.
144 *
145 * Calls BLINRANGE.
146 */
147
148 int
blinrange(const m_label_t * label,const m_range_t * range)149 blinrange(const m_label_t *label, const m_range_t *range)
150 {
151 return (BLDOMINATES((label), ((range)->lower_bound)) &&
152 BLDOMINATES(((range)->upper_bound), (label)));
153 }
154
155 /*
156 * This is the TS8 version which is used in the kernel
157 */
158
159 int
_blinrange(const m_label_t * label,const brange_t * range)160 _blinrange(const m_label_t *label, const brange_t *range)
161 {
162 return (BLINRANGE(label, range));
163 }
164
165 #ifdef _KERNEL
166 /*
167 * blinlset - Check if the label belongs to the set
168 *
169 * Entry label = label level to compare.
170 * lset = label set to compare against.
171 *
172 * Exit None.
173 *
174 * Returns True if label is an element of the set,
175 * otherwise false.
176 *
177 */
178
179 int
blinlset(const m_label_t * label,const blset_t lset)180 blinlset(const m_label_t *label, const blset_t lset)
181 {
182 int i;
183
184 for (i = 0; i < NSLS_MAX; i++) {
185 if (!BLTYPE(&lset[i], SUN_SL_ID))
186 return (B_FALSE);
187 if (BLEQUAL(label, &lset[i]))
188 return (B_TRUE);
189 }
190 return (B_FALSE);
191 }
192 #endif /* _KERNEL */
193
194
195 /*
196 * blmaximum - Least Upper Bound of two levels.
197 *
198 * Entry label1, label2 = levels to bound.
199 *
200 * Exit label1 replaced by the LUB of label1 and label2.
201 *
202 * Returns None.
203 *
204 * Calls BLMAXIMUM.
205 */
206
207 void
blmaximum(m_label_t * label1,const m_label_t * label2)208 blmaximum(m_label_t *label1, const m_label_t *label2)
209 {
210
211 BLMAXIMUM(label1, label2);
212 }
213
214
215 /*
216 * blminimum - Greatest Lower Bound of two levels.
217 *
218 * Entry label1, label2 = levels to bound.
219 *
220 * Exit label1 replaced by the GLB of label1 and label2.
221 *
222 * Returns None.
223 *
224 * Calls BLMINIMUM.
225 */
226
227 void
blminimum(m_label_t * label1,const m_label_t * label2)228 blminimum(m_label_t *label1, const m_label_t *label2)
229 {
230
231 BLMINIMUM(label1, label2);
232 }
233
234
235 /*
236 * bsllow - Initialize an admin_low Sensitivity Label.
237 *
238 * Entry label = Sensitivity Label structure to be initialized.
239 *
240 * Exit label = Initialized to the admin_low Sensitivity Label.
241 *
242 * Returns None.
243 *
244 * Calls BSLLOW.
245 */
246
247 void
bsllow(bslabel_t * label)248 bsllow(bslabel_t *label)
249 {
250
251 BSLLOW(label);
252 }
253
254
255 /*
256 * bslhigh - Initialize an admin_high Sensitivity Label.
257 *
258 * Entry label = Sensitivity Label structure to be initialized.
259 *
260 * Exit label = Initialized to the admin_high Sensitivity Label.
261 *
262 * Returns None.
263 *
264 * Calls BSLHIGH.
265 */
266
267 void
bslhigh(bslabel_t * label)268 bslhigh(bslabel_t *label)
269 {
270
271 BSLHIGH(label);
272 }
273
274 /*
275 * bclearlow - Initialize an admin_low Clearance.
276 *
277 * Entry clearance = Clearnace structure to be initialized.
278 *
279 * Exit clearance = Initialized to the admin_low Clearance.
280 *
281 * Returns None.
282 *
283 * Calls BCLEARLOW.
284 */
285
286 void
bclearlow(bclear_t * clearance)287 bclearlow(bclear_t *clearance)
288 {
289
290 BCLEARLOW(clearance);
291 }
292
293
294 /*
295 * bclearhigh - Initialize an admin_high Clearance.
296 *
297 * Entry clearance = Clearance structure to be initialized.
298 *
299 * Exit clearance = Initialized to the admin_high Clearance.
300 *
301 * Returns None.
302 *
303 * Calls BCLEARHIGH.
304 */
305
306 void
bclearhigh(bclear_t * clearance)307 bclearhigh(bclear_t *clearance)
308 {
309
310 BCLEARHIGH(clearance);
311 }
312
313 /*
314 * bslundef - Initialize an undefined Sensitivity Label.
315 *
316 * Entry label = Sensitivity Label structure to be initialized.
317 *
318 * Exit label = Initialized to undefined Sensitivity Label.
319 *
320 * Returns None.
321 *
322 * Calls BSLUNDEF.
323 */
324
325 void
bslundef(bslabel_t * label)326 bslundef(bslabel_t *label)
327 {
328
329 BSLUNDEF(label);
330 }
331
332
333 /*
334 * bclearundef - Initialize an undefined Clearance.
335 *
336 * Entry clearance = Clearance structure to be initialized.
337 *
338 * Exit clearance = Initialized to undefined Clearance.
339 *
340 * Returns None.
341 *
342 * Calls BCLEARUNDEF.
343 */
344
345 void
bclearundef(bclear_t * clearance)346 bclearundef(bclear_t *clearance)
347 {
348
349 BCLEARUNDEF(clearance);
350 }
351
352
353 /*
354 * setbltype - Set the type of a label structure.
355 *
356 * Entry label = Address of the label to set.
357 * type = Label type to set:
358 * SUN_SL_ID = Sensitivity Label,
359 * SUN_SL_UN = Undefined Sensitivity Label structure,
360 * SUN_IL_ID = Information Label,
361 * SUN_IL_UN = Undefined Information Label structure,
362 * SUN_CLR_ID = Clearance, or
363 * SUN_CLR_UN = Undefined Clearance structure.
364 *
365 * Exit label = Type set to specified type.
366 *
367 * Returns None.
368 *
369 * Calls SETBLTYPE.
370 */
371
372 void
setbltype(void * label,uint8_t type)373 setbltype(void *label, uint8_t type)
374 {
375
376 SETBLTYPE(label, type);
377 }
378
379 /*
380 * Returns B_TRUE if the label is invalid (initialized to all zeros).
381 */
382 boolean_t
bisinvalid(const void * label)383 bisinvalid(const void *label)
384 {
385 return (GETBLTYPE(label) == SUN_INVALID_ID);
386 }
387