1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 /* 22 * Copyright 2009 Sun Microsystems, Inc. All rights reserved. 23 * Use is subject to license terms. 24 */ 25 26 #ifndef _TSOL_LABEL_H 27 #define _TSOL_LABEL_H 28 29 #include <sys/types32.h> 30 #include <sys/tsol/label.h> 31 #include <priv.h> 32 33 #ifdef __cplusplus 34 extern "C" { 35 #endif 36 37 /* Procedural Interface Structure Definitions */ 38 39 struct label_info { /* structure returned by label_info */ 40 short ilabel_len; /* max Information Label length */ 41 short slabel_len; /* max Sensitivity Label length */ 42 short clabel_len; /* max CMW Label length */ 43 short clear_len; /* max Clearance Label length */ 44 short vers_len; /* version string length */ 45 short header_len; /* max len of banner page header */ 46 short protect_as_len; /* max len of banner page protect as */ 47 short caveats_len; /* max len of banner page caveats */ 48 short channels_len; /* max len of banner page channels */ 49 }; 50 51 typedef struct label_set_identifier { /* valid label set identifier */ 52 int type; /* type of the set */ 53 char *name; /* name of the set if needed */ 54 } set_id; 55 56 struct name_fields { /* names for label builder fields */ 57 char *class_name; /* Classifications field name */ 58 char *comps_name; /* Compartments field name */ 59 char *marks_name; /* Markings field name */ 60 }; 61 62 /* Label Set Identifier Types */ 63 64 /* 65 * The accreditation ranges as specified in the label encodings file. 66 * The name parameter is ignored. 67 * 68 * System Accreditation Range is all valid labels plus Admin High and Low. 69 * 70 * User Accreditation Range is valid user labels as defined in the 71 * ACCREDITATION RANGE: section of the label encodings file. 72 */ 73 74 #define SYSTEM_ACCREDITATION_RANGE 1 75 #define USER_ACCREDITATION_RANGE 2 76 77 78 /* System Call Interface Definitions */ 79 80 extern int getlabel(const char *, m_label_t *); 81 extern int fgetlabel(int, m_label_t *); 82 83 extern int getplabel(m_label_t *); 84 extern int setflabel(const char *, m_label_t *); 85 extern char *getpathbylabel(const char *, char *, size_t, 86 const m_label_t *sl); 87 extern m_label_t *getzonelabelbyid(zoneid_t); 88 extern m_label_t *getzonelabelbyname(const char *); 89 extern zoneid_t getzoneidbylabel(const m_label_t *); 90 extern char *getzonenamebylabel(const m_label_t *); 91 extern char *getzonerootbyid(zoneid_t); 92 extern char *getzonerootbyname(const char *); 93 extern char *getzonerootbylabel(const m_label_t *); 94 extern m_label_t *getlabelbypath(const char *); 95 96 97 /* Flag word values */ 98 99 #define ALL_ENTRIES 0x00000000 100 #define ACCESS_RELATED 0x00000001 101 #define ACCESS_MASK 0x0000FFFF 102 #define ACCESS_SHIFT 0 103 104 #define LONG_WORDS 0x00010000 /* use long names */ 105 #define SHORT_WORDS 0x00020000 /* use short names if present */ 106 #define LONG_CLASSIFICATION 0x00040000 /* use long classification */ 107 #define SHORT_CLASSIFICATION 0x00080000 /* use short classification */ 108 #define NO_CLASSIFICATION 0x00100000 /* don't translate the class */ 109 #define VIEW_INTERNAL 0x00200000 /* don't promote/demote */ 110 #define VIEW_EXTERNAL 0x00400000 /* promote/demote label */ 111 112 #define NEW_LABEL 0x00000001 /* create a full new label */ 113 #define NO_CORRECTION 0x00000002 /* don't correct label errors */ 114 /* implies NEW_LABEL */ 115 116 #define CVT_DIM 0x01 /* display word dimmed */ 117 #define CVT_SET 0x02 /* display word currently set */ 118 119 /* Procedure Interface Definitions available to user */ 120 121 /* APIs shared with the kernel are in <sys/tsol/label.h */ 122 123 extern m_label_t *blabel_alloc(void); 124 extern void blabel_free(m_label_t *); 125 extern size32_t blabel_size(void); 126 extern char *bsltoh(const m_label_t *); 127 extern char *bcleartoh(const m_label_t *); 128 129 extern char *bsltoh_r(const m_label_t *, char *); 130 extern char *bcleartoh_r(const m_label_t *, char *); 131 extern char *h_alloc(uint8_t); 132 extern void h_free(char *); 133 134 extern int htobsl(const char *, m_label_t *); 135 extern int htobclear(const char *, m_label_t *); 136 137 extern m_range_t *getuserrange(const char *); 138 extern m_range_t *getdevicerange(const char *); 139 140 extern int set_effective_priv(priv_op_t, int, ...); 141 extern int set_inheritable_priv(priv_op_t, int, ...); 142 extern int set_permitted_priv(priv_op_t, int, ...); 143 extern int is_system_labeled(void); 144 145 /* Procedures needed for multi-level printing */ 146 147 extern int tsol_check_admin_auth(uid_t uid); 148 149 /* APIs implemented via labeld */ 150 151 extern int blinset(const m_label_t *, const set_id *); 152 extern int labelinfo(struct label_info *); 153 extern ssize_t labelvers(char **, size_t); 154 extern char *bltocolor(const m_label_t *); 155 extern char *bltocolor_r(const m_label_t *, size_t, char *); 156 157 extern ssize_t bsltos(const m_label_t *, char **, size_t, int); 158 extern ssize_t bcleartos(const m_label_t *, char **, size_t, int); 159 160 161 extern char *sbsltos(const m_label_t *, size_t); 162 extern char *sbcleartos(const m_label_t *, size_t); 163 164 165 extern int stobsl(const char *, m_label_t *, int, int *); 166 extern int stobclear(const char *, m_label_t *, int, int *); 167 extern int bslvalid(const m_label_t *); 168 extern int bclearvalid(const m_label_t *); 169 170 /* DIA label conversion and parsing */ 171 172 /* Conversion types */ 173 174 typedef enum _m_label_str { 175 M_LABEL = 1, /* process or user clearance */ 176 M_INTERNAL = 2, /* internal form for use in public databases */ 177 M_COLOR = 3, /* process label color */ 178 PRINTER_TOP_BOTTOM = 4, /* DIA banner page top/bottom */ 179 PRINTER_LABEL = 5, /* DIA banner page label */ 180 PRINTER_CAVEATS = 6, /* DIA banner page caveats */ 181 PRINTER_CHANNELS = 7 /* DIA banner page handling channels */ 182 } m_label_str_t; 183 184 /* Flags for conversion, not all flags apply to all types */ 185 #define DEF_NAMES 0x1 186 #define SHORT_NAMES 0x3 /* short names are prefered where defined */ 187 #define LONG_NAMES 0x4 /* long names are prefered where defined */ 188 189 extern int label_to_str(const m_label_t *, char **, const m_label_str_t, 190 uint_t); 191 extern int l_to_str_internal(const m_label_t *, char **); 192 193 /* Parsing types */ 194 typedef enum _m_label_type { 195 MAC_LABEL = 1, /* process or object label */ 196 USER_CLEAR = 2 /* user's clearance (LUB) */ 197 } m_label_type_t; 198 199 /* Flags for parsing */ 200 201 #define L_DEFAULT 0x0 202 #define L_MODIFY_EXISTING 0x1 /* start parsing with existing label */ 203 #define L_NO_CORRECTION 0x2 /* must be correct by l_e rules */ 204 #define L_CHECK_AR 0x10 /* must be in l_e AR */ 205 206 /* EINVAL sub codes */ 207 208 #define M_OUTSIDE_AR -4 /* not in l_e AR */ 209 #define M_BAD_STRING -3 /* DIA L_BAD_LABEL */ 210 /* bad requested label type, bad previous label type */ 211 #define M_BAD_LABEL -2 /* DIA L_BAD_CLASSIFICATION, */ 212 213 extern int str_to_label(const char *, m_label_t **, const m_label_type_t, 214 uint_t, int *); 215 extern int hexstr_to_label(const char *, m_label_t *); 216 217 extern m_label_t *m_label_alloc(const m_label_type_t); 218 219 extern int m_label_dup(m_label_t **, const m_label_t *); 220 221 extern void m_label_free(m_label_t *); 222 223 /* Contract Private interfaces with the label builder GUIs */ 224 225 extern int bslcvtfull(const m_label_t *, const m_range_t *, int, 226 char **, char **[], char **[], char *[], int *, int *); 227 extern int bslcvt(const m_label_t *, int, char **, char *[]); 228 extern int bclearcvtfull(const m_label_t *, const m_range_t *, int, 229 char **, char **[], char **[], char *[], int *, int *); 230 extern int bclearcvt(const m_label_t *, int, char **, char *[]); 231 232 extern int labelfields(struct name_fields *); 233 extern int userdefs(m_label_t *, m_label_t *); 234 extern int zonecopy(m_label_t *, char *, char *, char *, int); 235 236 #ifdef DEBUG 237 /* testing hook: see devfsadm.c, mkdevalloc.c and allocate.c */ 238 #define is_system_labeled_debug(statbufp) \ 239 ((stat("/ALLOCATE_FORCE_LABEL", (statbufp)) == 0) ? 1 : 0) 240 #else /* DEBUG */ 241 #define is_system_labeled_debug(statbufp) 0 242 #endif /* DEBUG */ 243 244 #ifdef __cplusplus 245 } 246 #endif 247 248 #endif /* !_TSOL_LABEL_H */ 249
Indexes created Wed Nov 25 00:25:59 UTC 2009
Terms of Use |
Privacy |
Trademarks |
Copyright Policy |
Site Guidelines |
Help
Your use of this web site or any of its content or software indicates your agreement to be bound by these Terms of Use.
Copyright © 1995-2008 Sun Microsystems, Inc.