libsepol1-dev 2.4-2 / usr / include / sepol / policydb / mls_types.h

This file is indexed.

/usr/include/sepol/policydb/mls_types.h is in libsepol1-dev 2.4-2.

This file is owned by root:root, with mode 0o644.

The actual contents of the file can be viewed below. 

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
/* Author : Stephen Smalley, <sds@epoch.ncsc.mil> */
/*
 * Updated: Trusted Computer Solutions, Inc. <dgoeddel@trustedcs.com>
 *
 *	Support for enhanced MLS infrastructure.
 *
 * Copyright (C) 2004-2005 Trusted Computer Solutions, Inc.
 *
 *  This library is free software; you can redistribute it and/or
 *  modify it under the terms of the GNU Lesser General Public
 *  License as published by the Free Software Foundation; either
 *  version 2.1 of the License, or (at your option) any later version.
 *
 *  This library is distributed in the hope that it will be useful,
 *  but WITHOUT ANY WARRANTY; without even the implied warranty of
 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 *  Lesser General Public License for more details.
 *
 *  You should have received a copy of the GNU Lesser General Public
 *  License along with this library; if not, write to the Free Software
 *  Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
 */

/* FLASK */

/*
 * Type definitions for the multi-level security (MLS) policy.
 */

#ifndef _SEPOL_POLICYDB_MLS_TYPES_H_
#define _SEPOL_POLICYDB_MLS_TYPES_H_

#include <stdint.h>
#include <stdlib.h>
#include <sepol/policydb/ebitmap.h>
#include <sepol/policydb/flask_types.h>
#include <sys/cdefs.h>

__BEGIN_DECLS

typedef struct mls_level {
	uint32_t sens;		/* sensitivity */
	ebitmap_t cat;		/* category set */
} mls_level_t;

typedef struct mls_range {
	mls_level_t level[2];	/* low == level[0], high == level[1] */
} mls_range_t;

static inline int mls_level_cpy(struct mls_level *dst, struct mls_level *src)
{

	dst->sens = src->sens;
	if (ebitmap_cpy(&dst->cat, &src->cat) < 0)
		return -1;
	return 0;
}

static inline void mls_level_init(struct mls_level *level)
{

	memset(level, 0, sizeof(mls_level_t));
}

static inline void mls_level_destroy(struct mls_level *level)
{

	if (level == NULL)
		return;

	ebitmap_destroy(&level->cat);
	mls_level_init(level);
}

static inline int mls_level_eq(const struct mls_level *l1, const struct mls_level *l2)
{
	return ((l1->sens == l2->sens) && ebitmap_cmp(&l1->cat, &l2->cat));
}

static inline int mls_level_dom(const struct mls_level *l1, const struct mls_level *l2)
{
	return ((l1->sens >= l2->sens) && ebitmap_contains(&l1->cat, &l2->cat));
}

#define mls_level_incomp(l1, l2) \
(!mls_level_dom((l1), (l2)) && !mls_level_dom((l2), (l1)))

#define mls_level_between(l1, l2, l3) \
(mls_level_dom((l1), (l2)) && mls_level_dom((l3), (l1)))

#define mls_range_contains(r1, r2) \
(mls_level_dom(&(r2).level[0], &(r1).level[0]) && \
 mls_level_dom(&(r1).level[1], &(r2).level[1]))

static inline int mls_range_cpy(mls_range_t * dst, mls_range_t * src)
{

	if (mls_level_cpy(&dst->level[0], &src->level[0]) < 0)
		goto err;

	if (mls_level_cpy(&dst->level[1], &src->level[1]) < 0)
		goto err_destroy;

	return 0;

      err_destroy:
	mls_level_destroy(&dst->level[0]);

      err:
	return -1;
}

static inline void mls_range_init(struct mls_range *r)
{
	mls_level_init(&r->level[0]);
	mls_level_init(&r->level[1]);
}

static inline void mls_range_destroy(struct mls_range *r)
{
	mls_level_destroy(&r->level[0]);
	mls_level_destroy(&r->level[1]);
}

static inline int mls_range_eq(struct mls_range *r1, struct mls_range *r2)
{
	return (mls_level_eq(&r1->level[0], &r2->level[0]) &&
	        mls_level_eq(&r1->level[1], &r2->level[1]));
}

typedef struct mls_semantic_cat {
	uint32_t low;	/* first bit this struct represents */
	uint32_t high;	/* last bit represented - equals low for a single cat */
	struct mls_semantic_cat *next;
} mls_semantic_cat_t;

typedef struct mls_semantic_level {
	uint32_t sens;
	mls_semantic_cat_t *cat;
} mls_semantic_level_t;

typedef struct mls_semantic_range {
	mls_semantic_level_t level[2];
} mls_semantic_range_t;

extern void mls_semantic_cat_init(mls_semantic_cat_t *c);
extern void mls_semantic_cat_destroy(mls_semantic_cat_t *c);
extern void mls_semantic_level_init(mls_semantic_level_t *l);
extern void mls_semantic_level_destroy(mls_semantic_level_t *l);
extern int mls_semantic_level_cpy(mls_semantic_level_t *dst, mls_semantic_level_t *src);
extern void mls_semantic_range_init(mls_semantic_range_t *r);
extern void mls_semantic_range_destroy(mls_semantic_range_t *r);
extern int mls_semantic_range_cpy(mls_semantic_range_t *dst, mls_semantic_range_t *src);

__END_DECLS
#endif

APT Browse - Built by Thomas Orozco.