11676Sjpk /*
21676Sjpk * CDDL HEADER START
31676Sjpk *
41676Sjpk * The contents of this file are subject to the terms of the
51676Sjpk * Common Development and Distribution License (the "License").
61676Sjpk * You may not use this file except in compliance with the License.
71676Sjpk *
81676Sjpk * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
91676Sjpk * or http://www.opensolaris.org/os/licensing.
101676Sjpk * See the License for the specific language governing permissions
111676Sjpk * and limitations under the License.
121676Sjpk *
131676Sjpk * When distributing Covered Code, include this CDDL HEADER in each
141676Sjpk * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
151676Sjpk * If applicable, add the following below this CDDL HEADER, with the
161676Sjpk * fields enclosed by brackets "[]" replaced with your own identifying
171676Sjpk * information: Portions Copyright [yyyy] [name of copyright owner]
181676Sjpk *
191676Sjpk * CDDL HEADER END
201676Sjpk */
211676Sjpk /*
22*6029Sjarrett * Copyright 2008 Sun Microsystems, Inc. All rights reserved.
231676Sjpk * Use is subject to license terms.
241676Sjpk */
251676Sjpk
261676Sjpk #pragma ident "%Z%%M% %I% %E% SMI"
271676Sjpk
281676Sjpk /*
291676Sjpk * bl.c - Binary label operations for kernel and user.
301676Sjpk *
311676Sjpk * These routines initialize, compare, set and extract portions
321676Sjpk * of binary labels.
331676Sjpk */
341676Sjpk
351676Sjpk #include <sys/tsol/label.h>
361676Sjpk #include <sys/tsol/label_macro.h>
371676Sjpk
381676Sjpk
391676Sjpk /*
401676Sjpk * bltype - Check the type of a label structure.
411676Sjpk *
421676Sjpk * Entry label = Address of the label to check.
431676Sjpk * type = Label type to check:
441676Sjpk * SUN_SL_ID = Sensitivity Label,
451676Sjpk * SUN_SL_UN = Undefined Sensitivity Label structure,
461676Sjpk * SUN_IL_ID = Information Label,
471676Sjpk * SUN_IL_UN = Undefined Information Label structure,
481676Sjpk * SUN_CLR_ID = Clearance, or
491676Sjpk * SUN_CLR_UN = Undefined Clearance structure.
501676Sjpk *
511676Sjpk * Exit None.
521676Sjpk *
531676Sjpk * Returns True if the label is the type requested,
541676Sjpk * otherwise false.
551676Sjpk *
561676Sjpk * Calls BLTYPE.
571676Sjpk */
581676Sjpk
591676Sjpk int
bltype(const void * label,uint8_t type)601676Sjpk bltype(const void *label, uint8_t type)
611676Sjpk {
621676Sjpk
631676Sjpk return (BLTYPE(label, type));
641676Sjpk }
651676Sjpk
661676Sjpk
671676Sjpk /*
681676Sjpk * blequal - Compare two labels for Classification and Compartments set
691676Sjpk * equality.
701676Sjpk *
711676Sjpk * Entry label1, label2 = label levels to compare.
721676Sjpk *
731676Sjpk * Exit None.
741676Sjpk *
751676Sjpk * Returns True if labels equal,
761676Sjpk * otherwise false.
771676Sjpk *
781676Sjpk * Calls BLEQUAL.
791676Sjpk */
801676Sjpk
811676Sjpk int
blequal(const m_label_t * label1,const m_label_t * label2)821676Sjpk blequal(const m_label_t *label1, const m_label_t *label2)
831676Sjpk {
841676Sjpk
851676Sjpk return (BLEQUAL(label1, label2));
861676Sjpk }
871676Sjpk
881676Sjpk
891676Sjpk /*
901676Sjpk * bldominates - Compare two labels for Classification and Compartments
911676Sjpk * sets dominance.
921676Sjpk *
931676Sjpk * Entry label1, label2 = labels levels to compare.
941676Sjpk *
951676Sjpk * Exit None.
961676Sjpk *
971676Sjpk * Returns True if label1 dominates label2,
981676Sjpk * otherwise false.
991676Sjpk *
1001676Sjpk * Calls BLDOMINATES.
1011676Sjpk */
1021676Sjpk
1031676Sjpk int
bldominates(const m_label_t * label1,const m_label_t * label2)1041676Sjpk bldominates(const m_label_t *label1, const m_label_t *label2)
1051676Sjpk {
1061676Sjpk
1071676Sjpk return (BLDOMINATES(label1, label2));
1081676Sjpk }
1091676Sjpk
1101676Sjpk
1111676Sjpk /*
1121676Sjpk * blstrictdom - Compare two labels for Classification and Compartments
1131676Sjpk * sets strict dominance.
1141676Sjpk *
1151676Sjpk * Entry label1, label2 = labels levels to compare.
1161676Sjpk *
1171676Sjpk * Exit None.
1181676Sjpk *
1191676Sjpk * Returns True if label1 dominates and is not equal to label2,
1201676Sjpk * otherwise false.
1211676Sjpk *
1221676Sjpk * Calls BLSTRICTDOM.
1231676Sjpk */
1241676Sjpk
1251676Sjpk int
blstrictdom(const m_label_t * label1,const m_label_t * label2)1261676Sjpk blstrictdom(const m_label_t *label1, const m_label_t *label2)
1271676Sjpk {
1281676Sjpk
1291676Sjpk return (BLSTRICTDOM(label1, label2));
1301676Sjpk }
1311676Sjpk
1321676Sjpk
1331676Sjpk /*
1341676Sjpk * blinrange - Compare a label's classification and compartments set to
1351676Sjpk * be within a lower and upper bound (range).
1361676Sjpk *
1371676Sjpk * Entry label = label level to compare.
1381676Sjpk * range = level range to compare against.
1391676Sjpk *
1401676Sjpk * Exit None.
1411676Sjpk *
1421676Sjpk * Returns True if label is within the range,
1431676Sjpk * otherwise false.
1441676Sjpk *
1451676Sjpk * Calls BLINRANGE.
1461676Sjpk */
1471676Sjpk
1481676Sjpk int
blinrange(const m_label_t * label,const m_range_t * range)1491676Sjpk blinrange(const m_label_t *label, const m_range_t *range)
1501676Sjpk {
1511676Sjpk return (BLDOMINATES((label), ((range)->lower_bound)) &&
1521676Sjpk BLDOMINATES(((range)->upper_bound), (label)));
1531676Sjpk }
1541676Sjpk
1551676Sjpk /*
1561676Sjpk * This is the TS8 version which is used in the kernel
1571676Sjpk */
1581676Sjpk
1591676Sjpk int
_blinrange(const m_label_t * label,const brange_t * range)1601676Sjpk _blinrange(const m_label_t *label, const brange_t *range)
1611676Sjpk {
1621676Sjpk return (BLINRANGE(label, range));
1631676Sjpk }
1641676Sjpk
1651676Sjpk #ifdef _KERNEL
1661676Sjpk /*
1671676Sjpk * blinlset - Check if the label belongs to the set
1681676Sjpk *
1691676Sjpk * Entry label = label level to compare.
1701676Sjpk * lset = label set to compare against.
1711676Sjpk *
1721676Sjpk * Exit None.
1731676Sjpk *
1741676Sjpk * Returns True if label is an element of the set,
1751676Sjpk * otherwise false.
1761676Sjpk *
1771676Sjpk */
1781676Sjpk
1791676Sjpk int
blinlset(const m_label_t * label,const blset_t lset)1801676Sjpk blinlset(const m_label_t *label, const blset_t lset)
1811676Sjpk {
1821676Sjpk int i;
1831676Sjpk
184*6029Sjarrett for (i = 0; i < NSLS_MAX; i++) {
185*6029Sjarrett if (!BLTYPE(&lset[i], SUN_SL_ID))
186*6029Sjarrett return (B_FALSE);
1871676Sjpk if (BLEQUAL(label, &lset[i]))
1881676Sjpk return (B_TRUE);
189*6029Sjarrett }
1901676Sjpk return (B_FALSE);
1911676Sjpk }
1921676Sjpk #endif /* _KERNEL */
1931676Sjpk
1941676Sjpk
1951676Sjpk /*
1961676Sjpk * blmaximum - Least Upper Bound of two levels.
1971676Sjpk *
1981676Sjpk * Entry label1, label2 = levels to bound.
1991676Sjpk *
2001676Sjpk * Exit label1 replaced by the LUB of label1 and label2.
2011676Sjpk *
2021676Sjpk * Returns None.
2031676Sjpk *
2041676Sjpk * Calls BLMAXIMUM.
2051676Sjpk */
2061676Sjpk
2071676Sjpk void
blmaximum(m_label_t * label1,const m_label_t * label2)2081676Sjpk blmaximum(m_label_t *label1, const m_label_t *label2)
2091676Sjpk {
2101676Sjpk
2111676Sjpk BLMAXIMUM(label1, label2);
2121676Sjpk }
2131676Sjpk
2141676Sjpk
2151676Sjpk /*
2161676Sjpk * blminimum - Greatest Lower Bound of two levels.
2171676Sjpk *
2181676Sjpk * Entry label1, label2 = levels to bound.
2191676Sjpk *
2201676Sjpk * Exit label1 replaced by the GLB of label1 and label2.
2211676Sjpk *
2221676Sjpk * Returns None.
2231676Sjpk *
2241676Sjpk * Calls BLMINIMUM.
2251676Sjpk */
2261676Sjpk
2271676Sjpk void
blminimum(m_label_t * label1,const m_label_t * label2)2281676Sjpk blminimum(m_label_t *label1, const m_label_t *label2)
2291676Sjpk {
2301676Sjpk
2311676Sjpk BLMINIMUM(label1, label2);
2321676Sjpk }
2331676Sjpk
2341676Sjpk
2351676Sjpk /*
2361676Sjpk * bsllow - Initialize an admin_low Sensitivity Label.
2371676Sjpk *
2381676Sjpk * Entry label = Sensitivity Label structure to be initialized.
2391676Sjpk *
2401676Sjpk * Exit label = Initialized to the admin_low Sensitivity Label.
2411676Sjpk *
2421676Sjpk * Returns None.
2431676Sjpk *
2441676Sjpk * Calls BSLLOW.
2451676Sjpk */
2461676Sjpk
2471676Sjpk void
bsllow(bslabel_t * label)2481676Sjpk bsllow(bslabel_t *label)
2491676Sjpk {
2501676Sjpk
2511676Sjpk BSLLOW(label);
2521676Sjpk }
2531676Sjpk
2541676Sjpk
2551676Sjpk /*
2561676Sjpk * bslhigh - Initialize an admin_high Sensitivity Label.
2571676Sjpk *
2581676Sjpk * Entry label = Sensitivity Label structure to be initialized.
2591676Sjpk *
2601676Sjpk * Exit label = Initialized to the admin_high Sensitivity Label.
2611676Sjpk *
2621676Sjpk * Returns None.
2631676Sjpk *
2641676Sjpk * Calls BSLHIGH.
2651676Sjpk */
2661676Sjpk
2671676Sjpk void
bslhigh(bslabel_t * label)2681676Sjpk bslhigh(bslabel_t *label)
2691676Sjpk {
2701676Sjpk
2711676Sjpk BSLHIGH(label);
2721676Sjpk }
2731676Sjpk
2741676Sjpk /*
2751676Sjpk * bclearlow - Initialize an admin_low Clearance.
2761676Sjpk *
2771676Sjpk * Entry clearance = Clearnace structure to be initialized.
2781676Sjpk *
2791676Sjpk * Exit clearance = Initialized to the admin_low Clearance.
2801676Sjpk *
2811676Sjpk * Returns None.
2821676Sjpk *
2831676Sjpk * Calls BCLEARLOW.
2841676Sjpk */
2851676Sjpk
2861676Sjpk void
bclearlow(bclear_t * clearance)2871676Sjpk bclearlow(bclear_t *clearance)
2881676Sjpk {
2891676Sjpk
2901676Sjpk BCLEARLOW(clearance);
2911676Sjpk }
2921676Sjpk
2931676Sjpk
2941676Sjpk /*
2951676Sjpk * bclearhigh - Initialize an admin_high Clearance.
2961676Sjpk *
2971676Sjpk * Entry clearance = Clearance structure to be initialized.
2981676Sjpk *
2991676Sjpk * Exit clearance = Initialized to the admin_high Clearance.
3001676Sjpk *
3011676Sjpk * Returns None.
3021676Sjpk *
3031676Sjpk * Calls BCLEARHIGH.
3041676Sjpk */
3051676Sjpk
3061676Sjpk void
bclearhigh(bclear_t * clearance)3071676Sjpk bclearhigh(bclear_t *clearance)
3081676Sjpk {
3091676Sjpk
3101676Sjpk BCLEARHIGH(clearance);
3111676Sjpk }
3121676Sjpk
3131676Sjpk /*
3141676Sjpk * bslundef - Initialize an undefined Sensitivity Label.
3151676Sjpk *
3161676Sjpk * Entry label = Sensitivity Label structure to be initialized.
3171676Sjpk *
3181676Sjpk * Exit label = Initialized to undefined Sensitivity Label.
3191676Sjpk *
3201676Sjpk * Returns None.
3211676Sjpk *
3221676Sjpk * Calls BSLUNDEF.
3231676Sjpk */
3241676Sjpk
3251676Sjpk void
bslundef(bslabel_t * label)3261676Sjpk bslundef(bslabel_t *label)
3271676Sjpk {
3281676Sjpk
3291676Sjpk BSLUNDEF(label);
3301676Sjpk }
3311676Sjpk
3321676Sjpk
3331676Sjpk /*
3341676Sjpk * bclearundef - Initialize an undefined Clearance.
3351676Sjpk *
3361676Sjpk * Entry clearance = Clearance structure to be initialized.
3371676Sjpk *
3381676Sjpk * Exit clearance = Initialized to undefined Clearance.
3391676Sjpk *
3401676Sjpk * Returns None.
3411676Sjpk *
3421676Sjpk * Calls BCLEARUNDEF.
3431676Sjpk */
3441676Sjpk
3451676Sjpk void
bclearundef(bclear_t * clearance)3461676Sjpk bclearundef(bclear_t *clearance)
3471676Sjpk {
3481676Sjpk
3491676Sjpk BCLEARUNDEF(clearance);
3501676Sjpk }
3511676Sjpk
3521676Sjpk
3531676Sjpk /*
3541676Sjpk * setbltype - Set the type of a label structure.
3551676Sjpk *
3561676Sjpk * Entry label = Address of the label to set.
3571676Sjpk * type = Label type to set:
3581676Sjpk * SUN_SL_ID = Sensitivity Label,
3591676Sjpk * SUN_SL_UN = Undefined Sensitivity Label structure,
3601676Sjpk * SUN_IL_ID = Information Label,
3611676Sjpk * SUN_IL_UN = Undefined Information Label structure,
3621676Sjpk * SUN_CLR_ID = Clearance, or
3631676Sjpk * SUN_CLR_UN = Undefined Clearance structure.
3641676Sjpk *
3651676Sjpk * Exit label = Type set to specified type.
3661676Sjpk *
3671676Sjpk * Returns None.
3681676Sjpk *
3691676Sjpk * Calls SETBLTYPE.
3701676Sjpk */
3711676Sjpk
3721676Sjpk void
setbltype(void * label,uint8_t type)3731676Sjpk setbltype(void *label, uint8_t type)
3741676Sjpk {
3751676Sjpk
3761676Sjpk SETBLTYPE(label, type);
3771676Sjpk }
3781676Sjpk
3791676Sjpk /*
3801676Sjpk * Returns B_TRUE if the label is invalid (initialized to all zeros).
3811676Sjpk */
3821676Sjpk boolean_t
bisinvalid(const void * label)3831676Sjpk bisinvalid(const void *label)
3841676Sjpk {
3851676Sjpk return (GETBLTYPE(label) == SUN_INVALID_ID);
3861676Sjpk }
387