xref: /illumos-gate/usr/src/common/tsol/blabel.c (revision 80feccab)
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 /*
22  * Copyright 2008 Sun Microsystems, Inc.  All rights reserved.
23  * Use is subject to license terms.
24  */
25 
26 #pragma ident	"%Z%%M%	%I%	%E% SMI"
27 
28 /*
29  *	bl.c - Binary label operations for kernel and user.
30  *
31  *		These routines initialize, compare, set and extract portions
32  *	of binary labels.
33  */
34 
35 #include <sys/tsol/label.h>
36 #include <sys/tsol/label_macro.h>
37 
38 
39 /*
40  *	bltype - Check the type of a label structure.
41  *
42  *	Entry	label = Address of the label to check.
43  *		type = Label type to check:
44  *			SUN_SL_ID = Sensitivity Label,
45  *			SUN_SL_UN = Undefined Sensitivity Label structure,
46  *			SUN_IL_ID = Information Label,
47  *			SUN_IL_UN = Undefined Information Label structure,
48  *			SUN_CLR_ID = Clearance, or
49  *			SUN_CLR_UN = Undefined Clearance structure.
50  *
51  *	Exit	None.
52  *
53  *	Returns	True if the label is the type requested,
54  *			otherwise false.
55  *
56  *	Calls	BLTYPE.
57  */
58 
59 int
bltype(const void * label,uint8_t type)60 bltype(const void *label, uint8_t type)
61 {
62 
63 	return (BLTYPE(label, type));
64 }
65 
66 
67 /*
68  *	blequal - Compare two labels for Classification and Compartments set
69  *			equality.
70  *
71  *	Entry	label1, label2 = label levels to compare.
72  *
73  *	Exit	None.
74  *
75  *	Returns	True if labels equal,
76  *			otherwise false.
77  *
78  *	Calls	BLEQUAL.
79  */
80 
81 int
blequal(const m_label_t * label1,const m_label_t * label2)82 blequal(const m_label_t *label1, const m_label_t *label2)
83 {
84 
85 	return (BLEQUAL(label1, label2));
86 }
87 
88 
89 /*
90  *	bldominates - Compare two labels for Classification and Compartments
91  *			sets dominance.
92  *
93  *	Entry	label1, label2 = labels levels to compare.
94  *
95  *	Exit	None.
96  *
97  *	Returns	True if label1 dominates label2,
98  *			otherwise false.
99  *
100  *	Calls	BLDOMINATES.
101  */
102 
103 int
bldominates(const m_label_t * label1,const m_label_t * label2)104 bldominates(const m_label_t *label1, const m_label_t *label2)
105 {
106 
107 	return (BLDOMINATES(label1, label2));
108 }
109 
110 
111 /*
112  *	blstrictdom - Compare two labels for Classification and Compartments
113  *			sets strict dominance.
114  *
115  *	Entry	label1, label2 = labels levels to compare.
116  *
117  *	Exit	None.
118  *
119  *	Returns	True if label1 dominates and is not equal to label2,
120  *			otherwise false.
121  *
122  *	Calls	BLSTRICTDOM.
123  */
124 
125 int
blstrictdom(const m_label_t * label1,const m_label_t * label2)126 blstrictdom(const m_label_t *label1, const m_label_t *label2)
127 {
128 
129 	return (BLSTRICTDOM(label1, label2));
130 }
131 
132 
133 /*
134  *	blinrange - Compare a label's classification and compartments set to
135  *		    be within a lower and upper bound (range).
136  *
137  *	Entry	label = label level to compare.
138  *		range = level range to compare against.
139  *
140  *	Exit	None.
141  *
142  *	Returns	True if label is within the range,
143  *			otherwise false.
144  *
145  *	Calls BLINRANGE.
146  */
147 
148 int
blinrange(const m_label_t * label,const m_range_t * range)149 blinrange(const m_label_t *label, const m_range_t *range)
150 {
151 	return (BLDOMINATES((label), ((range)->lower_bound)) &&
152 	    BLDOMINATES(((range)->upper_bound), (label)));
153 }
154 
155 /*
156  * This is the TS8 version which is used in the kernel
157  */
158 
159 int
_blinrange(const m_label_t * label,const brange_t * range)160 _blinrange(const m_label_t *label, const brange_t *range)
161 {
162 	return (BLINRANGE(label, range));
163 }
164 
165 #ifdef _KERNEL
166 /*
167  *	blinlset - Check if the label belongs to the set
168  *
169  *	Entry	label = label level to compare.
170  *		lset = label set to compare against.
171  *
172  *	Exit	None.
173  *
174  *	Returns	True if label is an element of the set,
175  *			otherwise false.
176  *
177  */
178 
179 int
blinlset(const m_label_t * label,const blset_t lset)180 blinlset(const m_label_t *label, const blset_t lset)
181 {
182 	int i;
183 
184 	for (i = 0; i < NSLS_MAX; i++) {
185 		if (!BLTYPE(&lset[i], SUN_SL_ID))
186 			return (B_FALSE);
187 		if (BLEQUAL(label, &lset[i]))
188 			return (B_TRUE);
189 	}
190 	return (B_FALSE);
191 }
192 #endif /* _KERNEL */
193 
194 
195 /*
196  *	blmaximum - Least Upper Bound of two levels.
197  *
198  *	Entry	label1, label2 = levels to bound.
199  *
200  *	Exit	label1 replaced by the LUB of label1 and label2.
201  *
202  *	Returns	None.
203  *
204  *	Calls	BLMAXIMUM.
205  */
206 
207 void
blmaximum(m_label_t * label1,const m_label_t * label2)208 blmaximum(m_label_t *label1, const m_label_t *label2)
209 {
210 
211 	BLMAXIMUM(label1, label2);
212 }
213 
214 
215 /*
216  *	blminimum - Greatest Lower Bound of two levels.
217  *
218  *	Entry	label1, label2 = levels to bound.
219  *
220  *	Exit	label1 replaced by the GLB of label1 and label2.
221  *
222  *	Returns	None.
223  *
224  *	Calls	BLMINIMUM.
225  */
226 
227 void
blminimum(m_label_t * label1,const m_label_t * label2)228 blminimum(m_label_t *label1, const m_label_t *label2)
229 {
230 
231 	BLMINIMUM(label1, label2);
232 }
233 
234 
235 /*
236  *	bsllow - Initialize an admin_low Sensitivity Label.
237  *
238  *	Entry	label = Sensitivity Label structure to be initialized.
239  *
240  *	Exit	label = Initialized to the admin_low Sensitivity Label.
241  *
242  *	Returns	None.
243  *
244  *	Calls	BSLLOW.
245  */
246 
247 void
bsllow(bslabel_t * label)248 bsllow(bslabel_t *label)
249 {
250 
251 	BSLLOW(label);
252 }
253 
254 
255 /*
256  *	bslhigh - Initialize an admin_high Sensitivity Label.
257  *
258  *	Entry	label = Sensitivity Label structure to be initialized.
259  *
260  *	Exit	label = Initialized to the admin_high Sensitivity Label.
261  *
262  *	Returns	None.
263  *
264  *	Calls	BSLHIGH.
265  */
266 
267 void
bslhigh(bslabel_t * label)268 bslhigh(bslabel_t *label)
269 {
270 
271 	BSLHIGH(label);
272 }
273 
274 /*
275  *	bclearlow - Initialize an admin_low Clearance.
276  *
277  *	Entry	clearance = Clearnace structure to be initialized.
278  *
279  *	Exit	clearance = Initialized to the admin_low Clearance.
280  *
281  *	Returns	None.
282  *
283  *	Calls	BCLEARLOW.
284  */
285 
286 void
bclearlow(bclear_t * clearance)287 bclearlow(bclear_t *clearance)
288 {
289 
290 	BCLEARLOW(clearance);
291 }
292 
293 
294 /*
295  *	bclearhigh - Initialize an admin_high Clearance.
296  *
297  *	Entry	clearance = Clearance structure to be initialized.
298  *
299  *	Exit	clearance = Initialized to the admin_high Clearance.
300  *
301  *	Returns	None.
302  *
303  *	Calls	BCLEARHIGH.
304  */
305 
306 void
bclearhigh(bclear_t * clearance)307 bclearhigh(bclear_t *clearance)
308 {
309 
310 	BCLEARHIGH(clearance);
311 }
312 
313 /*
314  *	bslundef - Initialize an undefined Sensitivity Label.
315  *
316  *	Entry	label = Sensitivity Label structure to be initialized.
317  *
318  *	Exit	label = Initialized to undefined Sensitivity Label.
319  *
320  *	Returns	None.
321  *
322  *	Calls	BSLUNDEF.
323  */
324 
325 void
bslundef(bslabel_t * label)326 bslundef(bslabel_t *label)
327 {
328 
329 	BSLUNDEF(label);
330 }
331 
332 
333 /*
334  *	bclearundef - Initialize an undefined Clearance.
335  *
336  *	Entry	clearance = Clearance structure to be initialized.
337  *
338  *	Exit	clearance = Initialized to undefined Clearance.
339  *
340  *	Returns	None.
341  *
342  *	Calls	BCLEARUNDEF.
343  */
344 
345 void
bclearundef(bclear_t * clearance)346 bclearundef(bclear_t *clearance)
347 {
348 
349 	BCLEARUNDEF(clearance);
350 }
351 
352 
353 /*
354  *	setbltype - Set the type of a label structure.
355  *
356  *	Entry	label = Address of the label to set.
357  *		type = Label type to set:
358  *			SUN_SL_ID = Sensitivity Label,
359  *			SUN_SL_UN = Undefined Sensitivity Label structure,
360  *			SUN_IL_ID = Information Label,
361  *			SUN_IL_UN = Undefined Information Label structure,
362  *			SUN_CLR_ID = Clearance, or
363  *			SUN_CLR_UN = Undefined Clearance structure.
364  *
365  *	Exit	label = Type set to specified type.
366  *
367  *	Returns	None.
368  *
369  *	Calls	SETBLTYPE.
370  */
371 
372 void
setbltype(void * label,uint8_t type)373 setbltype(void *label, uint8_t type)
374 {
375 
376 	SETBLTYPE(label, type);
377 }
378 
379 /*
380  * Returns B_TRUE if the label is invalid (initialized to all zeros).
381  */
382 boolean_t
bisinvalid(const void * label)383 bisinvalid(const void *label)
384 {
385 	return (GETBLTYPE(label) == SUN_INVALID_ID);
386 }
387