xref: /illumos-gate/usr/src/common/tsol/blabel.c (revision d362b749) 
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 /*
22  * Copyright 2006 Sun Microsystems, Inc.  All rights reserved.
23  * Use is subject to license terms.
24  */
25 
26 #pragma ident	"%Z%%M%	%I%	%E% SMI"
27 
28 /*
29  *	bl.c - Binary label operations for kernel and user.
30  *
31  *		These routines initialize, compare, set and extract portions
32  *	of binary labels.
33  */
34 
35 #include <sys/tsol/label.h>
36 #include <sys/tsol/label_macro.h>
37 
38 
39 /*
40  *	bltype - Check the type of a label structure.
41  *
42  *	Entry	label = Address of the label to check.
43  *		type = Label type to check:
44  *			SUN_SL_ID = Sensitivity Label,
45  *			SUN_SL_UN = Undefined Sensitivity Label structure,
46  *			SUN_IL_ID = Information Label,
47  *			SUN_IL_UN = Undefined Information Label structure,
48  *			SUN_CLR_ID = Clearance, or
49  *			SUN_CLR_UN = Undefined Clearance structure.
50  *
51  *	Exit	None.
52  *
53  *	Returns	True if the label is the type requested,
54  *			otherwise false.
55  *
56  *	Calls	BLTYPE.
57  */
58 
59 int
60 bltype(const void *label, uint8_t type)
61 {
62 
63 	return (BLTYPE(label, type));
64 }
65 
66 
67 /*
68  *	blequal - Compare two labels for Classification and Compartments set
69  *			equality.
70  *
71  *	Entry	label1, label2 = label levels to compare.
72  *
73  *	Exit	None.
74  *
75  *	Returns	True if labels equal,
76  *			otherwise false.
77  *
78  *	Calls	BLEQUAL.
79  */
80 
81 int
82 blequal(const m_label_t *label1, const m_label_t *label2)
83 {
84 
85 	return (BLEQUAL(label1, label2));
86 }
87 
88 
89 /*
90  *	bldominates - Compare two labels for Classification and Compartments
91  *			sets dominance.
92  *
93  *	Entry	label1, label2 = labels levels to compare.
94  *
95  *	Exit	None.
96  *
97  *	Returns	True if label1 dominates label2,
98  *			otherwise false.
99  *
100  *	Calls	BLDOMINATES.
101  */
102 
103 int
104 bldominates(const m_label_t *label1, const m_label_t *label2)
105 {
106 
107 	return (BLDOMINATES(label1, label2));
108 }
109 
110 
111 /*
112  *	blstrictdom - Compare two labels for Classification and Compartments
113  *			sets strict dominance.
114  *
115  *	Entry	label1, label2 = labels levels to compare.
116  *
117  *	Exit	None.
118  *
119  *	Returns	True if label1 dominates and is not equal to label2,
120  *			otherwise false.
121  *
122  *	Calls	BLSTRICTDOM.
123  */
124 
125 int
126 blstrictdom(const m_label_t *label1, const m_label_t *label2)
127 {
128 
129 	return (BLSTRICTDOM(label1, label2));
130 }
131 
132 
133 /*
134  *	blinrange - Compare a label's classification and compartments set to
135  *		    be within a lower and upper bound (range).
136  *
137  *	Entry	label = label level to compare.
138  *		range = level range to compare against.
139  *
140  *	Exit	None.
141  *
142  *	Returns	True if label is within the range,
143  *			otherwise false.
144  *
145  *	Calls BLINRANGE.
146  */
147 
148 int
149 blinrange(const m_label_t *label, const m_range_t *range)
150 {
151 	return (BLDOMINATES((label), ((range)->lower_bound)) &&
152 	    BLDOMINATES(((range)->upper_bound), (label)));
153 }
154 
155 /*
156  * This is the TS8 version which is used in the kernel
157  */
158 
159 int
160 _blinrange(const m_label_t *label, const brange_t *range)
161 {
162 	return (BLINRANGE(label, range));
163 }
164 
165 #ifdef _KERNEL
166 /*
167  *	blinlset - Check if the label belongs to the set
168  *
169  *	Entry	label = label level to compare.
170  *		lset = label set to compare against.
171  *
172  *	Exit	None.
173  *
174  *	Returns	True if label is an element of the set,
175  *			otherwise false.
176  *
177  */
178 
179 int
180 blinlset(const m_label_t *label, const blset_t lset)
181 {
182 	int i;
183 
184 	for (i = 0; i < NSLS_MAX; i++)
185 		if (BLEQUAL(label, &lset[i]))
186 			return (B_TRUE);
187 	return (B_FALSE);
188 }
189 #endif /* _KERNEL */
190 
191 
192 /*
193  *	blmaximum - Least Upper Bound of two levels.
194  *
195  *	Entry	label1, label2 = levels to bound.
196  *
197  *	Exit	label1 replaced by the LUB of label1 and label2.
198  *
199  *	Returns	None.
200  *
201  *	Calls	BLMAXIMUM.
202  */
203 
204 void
205 blmaximum(m_label_t *label1, const m_label_t *label2)
206 {
207 
208 	BLMAXIMUM(label1, label2);
209 }
210 
211 
212 /*
213  *	blminimum - Greatest Lower Bound of two levels.
214  *
215  *	Entry	label1, label2 = levels to bound.
216  *
217  *	Exit	label1 replaced by the GLB of label1 and label2.
218  *
219  *	Returns	None.
220  *
221  *	Calls	BLMINIMUM.
222  */
223 
224 void
225 blminimum(m_label_t *label1, const m_label_t *label2)
226 {
227 
228 	BLMINIMUM(label1, label2);
229 }
230 
231 
232 /*
233  *	bsllow - Initialize an admin_low Sensitivity Label.
234  *
235  *	Entry	label = Sensitivity Label structure to be initialized.
236  *
237  *	Exit	label = Initialized to the admin_low Sensitivity Label.
238  *
239  *	Returns	None.
240  *
241  *	Calls	BSLLOW.
242  */
243 
244 void
245 bsllow(bslabel_t *label)
246 {
247 
248 	BSLLOW(label);
249 }
250 
251 
252 /*
253  *	bslhigh - Initialize an admin_high Sensitivity Label.
254  *
255  *	Entry	label = Sensitivity Label structure to be initialized.
256  *
257  *	Exit	label = Initialized to the admin_high Sensitivity Label.
258  *
259  *	Returns	None.
260  *
261  *	Calls	BSLHIGH.
262  */
263 
264 void
265 bslhigh(bslabel_t *label)
266 {
267 
268 	BSLHIGH(label);
269 }
270 
271 /*
272  *	bclearlow - Initialize an admin_low Clearance.
273  *
274  *	Entry	clearance = Clearnace structure to be initialized.
275  *
276  *	Exit	clearance = Initialized to the admin_low Clearance.
277  *
278  *	Returns	None.
279  *
280  *	Calls	BCLEARLOW.
281  */
282 
283 void
284 bclearlow(bclear_t *clearance)
285 {
286 
287 	BCLEARLOW(clearance);
288 }
289 
290 
291 /*
292  *	bclearhigh - Initialize an admin_high Clearance.
293  *
294  *	Entry	clearance = Clearance structure to be initialized.
295  *
296  *	Exit	clearance = Initialized to the admin_high Clearance.
297  *
298  *	Returns	None.
299  *
300  *	Calls	BCLEARHIGH.
301  */
302 
303 void
304 bclearhigh(bclear_t *clearance)
305 {
306 
307 	BCLEARHIGH(clearance);
308 }
309 
310 /*
311  *	bslundef - Initialize an undefined Sensitivity Label.
312  *
313  *	Entry	label = Sensitivity Label structure to be initialized.
314  *
315  *	Exit	label = Initialized to undefined Sensitivity Label.
316  *
317  *	Returns	None.
318  *
319  *	Calls	BSLUNDEF.
320  */
321 
322 void
323 bslundef(bslabel_t *label)
324 {
325 
326 	BSLUNDEF(label);
327 }
328 
329 
330 /*
331  *	bclearundef - Initialize an undefined Clearance.
332  *
333  *	Entry	clearance = Clearance structure to be initialized.
334  *
335  *	Exit	clearance = Initialized to undefined Clearance.
336  *
337  *	Returns	None.
338  *
339  *	Calls	BCLEARUNDEF.
340  */
341 
342 void
343 bclearundef(bclear_t *clearance)
344 {
345 
346 	BCLEARUNDEF(clearance);
347 }
348 
349 
350 /*
351  *	setbltype - Set the type of a label structure.
352  *
353  *	Entry	label = Address of the label to set.
354  *		type = Label type to set:
355  *			SUN_SL_ID = Sensitivity Label,
356  *			SUN_SL_UN = Undefined Sensitivity Label structure,
357  *			SUN_IL_ID = Information Label,
358  *			SUN_IL_UN = Undefined Information Label structure,
359  *			SUN_CLR_ID = Clearance, or
360  *			SUN_CLR_UN = Undefined Clearance structure.
361  *
362  *	Exit	label = Type set to specified type.
363  *
364  *	Returns	None.
365  *
366  *	Calls	SETBLTYPE.
367  */
368 
369 void
370 setbltype(void *label, uint8_t type)
371 {
372 
373 	SETBLTYPE(label, type);
374 }
375 
376 /*
377  * Returns B_TRUE if the label is invalid (initialized to all zeros).
378  */
379 boolean_t
380 bisinvalid(const void *label)
381 {
382 	return (GETBLTYPE(label) == SUN_INVALID_ID);
383 }
384