xref: /illumos-gate/usr/src/common/tsol/blabel.c (revision d48be21240dfd051b689384ce2b23479d757f2d8)
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 /*
22  * Copyright 2008 Sun Microsystems, Inc.  All rights reserved.
23  * Use is subject to license terms.
24  */
25 
26 /*
27  *	bl.c - Binary label operations for kernel and user.
28  *
29  *		These routines initialize, compare, set and extract portions
30  *	of binary labels.
31  */
32 
33 #include <sys/tsol/label.h>
34 #include <sys/tsol/label_macro.h>
35 
36 
37 /*
38  *	bltype - Check the type of a label structure.
39  *
40  *	Entry	label = Address of the label to check.
41  *		type = Label type to check:
42  *			SUN_SL_ID = Sensitivity Label,
43  *			SUN_SL_UN = Undefined Sensitivity Label structure,
44  *			SUN_IL_ID = Information Label,
45  *			SUN_IL_UN = Undefined Information Label structure,
46  *			SUN_CLR_ID = Clearance, or
47  *			SUN_CLR_UN = Undefined Clearance structure.
48  *
49  *	Exit	None.
50  *
51  *	Returns	True if the label is the type requested,
52  *			otherwise false.
53  *
54  *	Calls	BLTYPE.
55  */
56 
57 int
58 bltype(const void *label, uint8_t type)
59 {
60 
61 	return (BLTYPE(label, type));
62 }
63 
64 
65 /*
66  *	blequal - Compare two labels for Classification and Compartments set
67  *			equality.
68  *
69  *	Entry	label1, label2 = label levels to compare.
70  *
71  *	Exit	None.
72  *
73  *	Returns	True if labels equal,
74  *			otherwise false.
75  *
76  *	Calls	BLEQUAL.
77  */
78 
79 int
80 blequal(const m_label_t *label1, const m_label_t *label2)
81 {
82 
83 	return (BLEQUAL(label1, label2));
84 }
85 
86 
87 /*
88  *	bldominates - Compare two labels for Classification and Compartments
89  *			sets dominance.
90  *
91  *	Entry	label1, label2 = labels levels to compare.
92  *
93  *	Exit	None.
94  *
95  *	Returns	True if label1 dominates label2,
96  *			otherwise false.
97  *
98  *	Calls	BLDOMINATES.
99  */
100 
101 int
102 bldominates(const m_label_t *label1, const m_label_t *label2)
103 {
104 
105 	return (BLDOMINATES(label1, label2));
106 }
107 
108 
109 /*
110  *	blstrictdom - Compare two labels for Classification and Compartments
111  *			sets strict dominance.
112  *
113  *	Entry	label1, label2 = labels levels to compare.
114  *
115  *	Exit	None.
116  *
117  *	Returns	True if label1 dominates and is not equal to label2,
118  *			otherwise false.
119  *
120  *	Calls	BLSTRICTDOM.
121  */
122 
123 int
124 blstrictdom(const m_label_t *label1, const m_label_t *label2)
125 {
126 
127 	return (BLSTRICTDOM(label1, label2));
128 }
129 
130 
131 /*
132  *	blinrange - Compare a label's classification and compartments set to
133  *		    be within a lower and upper bound (range).
134  *
135  *	Entry	label = label level to compare.
136  *		range = level range to compare against.
137  *
138  *	Exit	None.
139  *
140  *	Returns	True if label is within the range,
141  *			otherwise false.
142  *
143  *	Calls BLINRANGE.
144  */
145 
146 int
147 blinrange(const m_label_t *label, const m_range_t *range)
148 {
149 	return (BLDOMINATES((label), ((range)->lower_bound)) &&
150 	    BLDOMINATES(((range)->upper_bound), (label)));
151 }
152 
153 /*
154  * This is the TS8 version which is used in the kernel
155  */
156 
157 int
158 _blinrange(const m_label_t *label, const brange_t *range)
159 {
160 	return (BLINRANGE(label, range));
161 }
162 
163 #ifdef _KERNEL
164 /*
165  *	blinlset - Check if the label belongs to the set
166  *
167  *	Entry	label = label level to compare.
168  *		lset = label set to compare against.
169  *
170  *	Exit	None.
171  *
172  *	Returns	True if label is an element of the set,
173  *			otherwise false.
174  *
175  */
176 
177 int
178 blinlset(const m_label_t *label, const blset_t lset)
179 {
180 	int i;
181 
182 	for (i = 0; i < NSLS_MAX; i++) {
183 		if (!BLTYPE(&lset[i], SUN_SL_ID))
184 			return (B_FALSE);
185 		if (BLEQUAL(label, &lset[i]))
186 			return (B_TRUE);
187 	}
188 	return (B_FALSE);
189 }
190 #endif /* _KERNEL */
191 
192 
193 /*
194  *	blmaximum - Least Upper Bound of two levels.
195  *
196  *	Entry	label1, label2 = levels to bound.
197  *
198  *	Exit	label1 replaced by the LUB of label1 and label2.
199  *
200  *	Returns	None.
201  *
202  *	Calls	BLMAXIMUM.
203  */
204 
205 void
206 blmaximum(m_label_t *label1, const m_label_t *label2)
207 {
208 
209 	BLMAXIMUM(label1, label2);
210 }
211 
212 
213 /*
214  *	blminimum - Greatest Lower Bound of two levels.
215  *
216  *	Entry	label1, label2 = levels to bound.
217  *
218  *	Exit	label1 replaced by the GLB of label1 and label2.
219  *
220  *	Returns	None.
221  *
222  *	Calls	BLMINIMUM.
223  */
224 
225 void
226 blminimum(m_label_t *label1, const m_label_t *label2)
227 {
228 
229 	BLMINIMUM(label1, label2);
230 }
231 
232 
233 /*
234  *	bsllow - Initialize an admin_low Sensitivity Label.
235  *
236  *	Entry	label = Sensitivity Label structure to be initialized.
237  *
238  *	Exit	label = Initialized to the admin_low Sensitivity Label.
239  *
240  *	Returns	None.
241  *
242  *	Calls	BSLLOW.
243  */
244 
245 void
246 bsllow(bslabel_t *label)
247 {
248 
249 	BSLLOW(label);
250 }
251 
252 
253 /*
254  *	bslhigh - Initialize an admin_high Sensitivity Label.
255  *
256  *	Entry	label = Sensitivity Label structure to be initialized.
257  *
258  *	Exit	label = Initialized to the admin_high Sensitivity Label.
259  *
260  *	Returns	None.
261  *
262  *	Calls	BSLHIGH.
263  */
264 
265 void
266 bslhigh(bslabel_t *label)
267 {
268 
269 	BSLHIGH(label);
270 }
271 
272 /*
273  *	bclearlow - Initialize an admin_low Clearance.
274  *
275  *	Entry	clearance = Clearnace structure to be initialized.
276  *
277  *	Exit	clearance = Initialized to the admin_low Clearance.
278  *
279  *	Returns	None.
280  *
281  *	Calls	BCLEARLOW.
282  */
283 
284 void
285 bclearlow(bclear_t *clearance)
286 {
287 
288 	BCLEARLOW(clearance);
289 }
290 
291 
292 /*
293  *	bclearhigh - Initialize an admin_high Clearance.
294  *
295  *	Entry	clearance = Clearance structure to be initialized.
296  *
297  *	Exit	clearance = Initialized to the admin_high Clearance.
298  *
299  *	Returns	None.
300  *
301  *	Calls	BCLEARHIGH.
302  */
303 
304 void
305 bclearhigh(bclear_t *clearance)
306 {
307 
308 	BCLEARHIGH(clearance);
309 }
310 
311 /*
312  *	bslundef - Initialize an undefined Sensitivity Label.
313  *
314  *	Entry	label = Sensitivity Label structure to be initialized.
315  *
316  *	Exit	label = Initialized to undefined Sensitivity Label.
317  *
318  *	Returns	None.
319  *
320  *	Calls	BSLUNDEF.
321  */
322 
323 void
324 bslundef(bslabel_t *label)
325 {
326 
327 	BSLUNDEF(label);
328 }
329 
330 
331 /*
332  *	bclearundef - Initialize an undefined Clearance.
333  *
334  *	Entry	clearance = Clearance structure to be initialized.
335  *
336  *	Exit	clearance = Initialized to undefined Clearance.
337  *
338  *	Returns	None.
339  *
340  *	Calls	BCLEARUNDEF.
341  */
342 
343 void
344 bclearundef(bclear_t *clearance)
345 {
346 
347 	BCLEARUNDEF(clearance);
348 }
349 
350 
351 /*
352  *	setbltype - Set the type of a label structure.
353  *
354  *	Entry	label = Address of the label to set.
355  *		type = Label type to set:
356  *			SUN_SL_ID = Sensitivity Label,
357  *			SUN_SL_UN = Undefined Sensitivity Label structure,
358  *			SUN_IL_ID = Information Label,
359  *			SUN_IL_UN = Undefined Information Label structure,
360  *			SUN_CLR_ID = Clearance, or
361  *			SUN_CLR_UN = Undefined Clearance structure.
362  *
363  *	Exit	label = Type set to specified type.
364  *
365  *	Returns	None.
366  *
367  *	Calls	SETBLTYPE.
368  */
369 
370 void
371 setbltype(void *label, uint8_t type)
372 {
373 
374 	SETBLTYPE(label, type);
375 }
376 
377 /*
378  * Returns B_TRUE if the label is invalid (initialized to all zeros).
379  */
380 boolean_t
381 bisinvalid(const void *label)
382 {
383 	return (GETBLTYPE(label) == SUN_INVALID_ID);
384 }
385