45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk * CDDL HEADER START
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk * The contents of this file are subject to the terms of the
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk * Common Development and Distribution License (the "License").
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk * You may not use this file except in compliance with the License.
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk * See the License for the specific language governing permissions
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk * and limitations under the License.
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk * When distributing Covered Code, include this CDDL HEADER in each
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk * If applicable, add the following below this CDDL HEADER, with the
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk * fields enclosed by brackets "[]" replaced with your own identifying
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk * information: Portions Copyright [yyyy] [name of copyright owner]
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk * CDDL HEADER END
42096647a1cb1ee493b238f2713f001b8b039514Tony Nguyen * Copyright 2009 Sun Microsystems, Inc. All rights reserved.
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk * Use is subject to license terms.
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk * Miscellaneous user interfaces to trusted label functions.
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpkstatic bslabel_t slow, shigh; /* static Admin Low and High SLs */
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpkstatic bclear_t clow, chigh; /* static Admin Low and High CLRs */
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk * blinset - Check in a label set.
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk * Entry label = Sensitivity Label to check.
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk * id = Label set identifier of set to check.
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk * Exit None.
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk * Returns -1, If label set unavailable, or server failure.
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk * 0, If label not in label set.
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk * 1, If label is in the label set.
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk * Calls __call_labeld(BLINSET), BLTYPE, BSLLOW, BSLHIGH.
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk * Uses slow, shigh.
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk /* initialize static labels. */
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk return (1);
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk if (__call_labeld(&callp, &bufsize, &datasize) != SUCCESS) {
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk /* process error */
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk return (-1);
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk * Only System and User Accreditation Ranges presently
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk * implemented.
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk return (-1);
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk * bslvalid - Check Sensitivity Label for validity.
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk * Entry label = Sensitivity Label to check.
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk * Exit None.
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk * Returns -1, If unable to access label encodings file, or server failure.
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk * 0, If label not valid.
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk * 1, If label is valid.
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk * Calls __call_labeld(BSLVALID), BLTYPE, BSLLOW, BSLHIGH.
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk * Uses slow, shigh.
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk /* initialize static labels. */
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk return (1);
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk if (__call_labeld(&callp, &bufsize, &datasize) != SUCCESS) {
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk /* process error */
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk return (-1);
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk * bclearvalid - Check Clearance for validity.
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk * Entry clearance = Clearance to check.
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk * Exit None.
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk * Returns -1, If unable to access label encodings file, or server failure.
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk * 0, If label not valid.
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk * 1, If label is valid.
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk * Calls __call_labeld(BCLEARVALID), BLTYPE, BCLEARLOW, BCLEARHIGH.
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk * Uses clow, chigh.
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk /* initialize static labels. */
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk (BLEQUAL(clearance, &clow) || BLEQUAL(clearance, &chigh))) {
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk return (1);
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk if (__call_labeld(&callp, &bufsize, &datasize) != SUCCESS) {
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk /* process error */
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk return (-1);
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk * labelinfo - Get information about the label encodings file.
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk * Entry info = Address of label_info structure to update.
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk * Exit info = Updated.
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk * Returns -1, If unable to access label encodings file, or server failure.
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk * 1, If successful.
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk * Calls __call_labeld(LABELINFO).
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk if ((rval = __call_labeld(&callp, &bufsize, &datasize)) != SUCCESS) {
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk /* process error */
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk return (-1);
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk * labelvers - Get version string of the label encodings file.
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk * Entry version = Address of string pointer to return.
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk * len = Length of string if pre-allocated.
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk * Exit version = Updated.
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk * Returns -1, If unable to access label encodings file, or server failure.
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk * 0, If unable to allocate version string,
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk * or pre-allocated version string to short
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk * (and **version = '\0').
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk * length (including null) of version string, If successful.
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk * Calls __call_labeld(LABELVERS)
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk * malloc, strlen.
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk if (__call_labeld(&callp, &bufsize, &datasize) != SUCCESS) {
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk /* release return buffer */
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk return (-1);
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk /* unpack length */
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk /* release return buffer */
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk return (0);
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk /* release return buffer */
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk return (0);
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk /* release return buffer */
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk} /* labelvers */
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk * bltocolor - get ASCII color name of label.
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk * Entry label = Sensitivity Level of color to get.
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk * size = Size of the color_name array.
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk * color_name = Storage for ASCII color name string to be returned.
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk * Exit None.
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk * Returns NULL, If error (label encodings file not accessible,
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk * invalid label, no color for this label).
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk * Address of color_name parameter containing ASCII color name
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk * defined for the label.
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk * Calls __call_labeld(BLTOCOLOR), strlen.
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpkbltocolor_r(const blevel_t *label, size_t size, char *color_name)
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk if ((__call_labeld(&callp, &bufsize, &datasize) != SUCCESS) ||
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk /* release return buffer */
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk /* release return buffer */
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk} /* bltocolor_r */
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk * bltocolor - get ASCII color name of label.
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk * Entry label = Sensitivity Level of color to get.
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk * Exit None.
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk * Returns NULL, If error (label encodings file not accessible,
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk * invalid label, no color for this label).
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk * Address of statically allocated string containing ASCII
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk * color name defined for the classification contained
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk * in label.
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk * Uses color.
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk * Calls bltocolor_r.
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk} /* bltocolor */
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk return (sizeof (blevel_t));
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk * getuserrange - get label range for user
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk * Entry username of user
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk * Exit None.
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk * Returns NULL, If memory allocation failure or userdefs failure.
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk * otherwise returns the allocates m_range_t with the
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk * user's min and max labels set.
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk * Get some memory
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk if ((range->lower_bound = m_label_alloc(MAC_LABEL)) == NULL) {
45916cd2fec6e79bca5dee0421bd39e3c2910d1ejpk if ((range->upper_bound = m_label_alloc(USER_CLEAR)) == NULL) {
aa2e15f6ec88d9bf4f2dee6bfbb3307b2da8adb4rica /* If the user has an explicit min_label or clearance, use it. */
aa2e15f6ec88d9bf4f2dee6bfbb3307b2da8adb4rica if ((kv_str = kva_match(userp->attr, USERATTR_MINLABEL))
aa2e15f6ec88d9bf4f2dee6bfbb3307b2da8adb4rica if ((kv_str = kva_match(userp->attr, USERATTR_CLEARANCE))
aa2e15f6ec88d9bf4f2dee6bfbb3307b2da8adb4rica /* Need to use system default clearance and/or min_label */