mls.h 2.5 KB
Newer Older
L
Linus Torvalds 已提交
1 2 3 4 5 6 7 8 9 10
/*
 * Multi-level security (MLS) policy operations.
 *
 * Author : Stephen Smalley, <sds@epoch.ncsc.mil>
 */
/*
 * Updated: Trusted Computer Solutions, Inc. <dgoeddel@trustedcs.com>
 *
 *	Support for enhanced MLS infrastructure.
 *
11
 * Copyright (C) 2004-2006 Trusted Computer Solutions, Inc.
L
Linus Torvalds 已提交
12
 */
V
Venkat Yekkirala 已提交
13
/*
14
 * Updated: Hewlett-Packard <paul@paul-moore.com>
V
Venkat Yekkirala 已提交
15
 *
16
 *	Added support to import/export the MLS label from NetLabel
V
Venkat Yekkirala 已提交
17 18 19
 *
 * (c) Copyright Hewlett-Packard Development Company, L.P., 2006
 */
L
Linus Torvalds 已提交
20 21 22 23 24 25 26 27 28 29

#ifndef _SS_MLS_H_
#define _SS_MLS_H_

#include "context.h"
#include "policydb.h"

int mls_compute_context_len(struct context *context);
void mls_sid_to_context(struct context *context, char **scontext);
int mls_context_isvalid(struct policydb *p, struct context *c);
30 31
int mls_range_isvalid(struct policydb *p, struct mls_range *r);
int mls_level_isvalid(struct policydb *p, struct mls_level *l);
L
Linus Torvalds 已提交
32

33 34
int mls_context_to_sid(struct policydb *p,
		       char oldc,
35
		       char **scontext,
36 37 38
		       struct context *context,
		       struct sidtab *s,
		       u32 def_sid);
L
Linus Torvalds 已提交
39

40 41
int mls_from_string(char *str, struct context *context, gfp_t gfp_mask);

42 43
int mls_range_set(struct context *context, struct mls_range *range);

L
Linus Torvalds 已提交
44 45 46 47 48 49 50 51
int mls_convert_context(struct policydb *oldp,
			struct policydb *newp,
			struct context *context);

int mls_compute_sid(struct context *scontext,
		    struct context *tcontext,
		    u16 tclass,
		    u32 specified,
52 53
		    struct context *newcontext,
		    bool sock);
L
Linus Torvalds 已提交
54 55

int mls_setup_user_range(struct context *fromcon, struct user_datum *user,
56
			 struct context *usercon);
L
Linus Torvalds 已提交
57

58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88
#ifdef CONFIG_NETLABEL
void mls_export_netlbl_lvl(struct context *context,
			   struct netlbl_lsm_secattr *secattr);
void mls_import_netlbl_lvl(struct context *context,
			   struct netlbl_lsm_secattr *secattr);
int mls_export_netlbl_cat(struct context *context,
			  struct netlbl_lsm_secattr *secattr);
int mls_import_netlbl_cat(struct context *context,
			  struct netlbl_lsm_secattr *secattr);
#else
static inline void mls_export_netlbl_lvl(struct context *context,
					 struct netlbl_lsm_secattr *secattr)
{
	return;
}
static inline void mls_import_netlbl_lvl(struct context *context,
					 struct netlbl_lsm_secattr *secattr)
{
	return;
}
static inline int mls_export_netlbl_cat(struct context *context,
					struct netlbl_lsm_secattr *secattr)
{
	return -ENOMEM;
}
static inline int mls_import_netlbl_cat(struct context *context,
					struct netlbl_lsm_secattr *secattr)
{
	return -ENOMEM;
}
#endif
V
Venkat Yekkirala 已提交
89

L
Linus Torvalds 已提交
90 91
#endif	/* _SS_MLS_H */