]>
Commit | Line | Data |
---|---|---|
1da177e4 LT |
1 | /* |
2 | * Type definitions for the multi-level security (MLS) policy. | |
3 | * | |
4 | * Author : Stephen Smalley, <sds@epoch.ncsc.mil> | |
5 | */ | |
6 | /* | |
7 | * Updated: Trusted Computer Solutions, Inc. <dgoeddel@trustedcs.com> | |
8 | * | |
9 | * Support for enhanced MLS infrastructure. | |
10 | * | |
11 | * Copyright (C) 2004-2005 Trusted Computer Solutions, Inc. | |
12 | */ | |
13 | ||
14 | #ifndef _SS_MLS_TYPES_H_ | |
15 | #define _SS_MLS_TYPES_H_ | |
16 | ||
17 | #include "security.h" | |
0719aaf5 | 18 | #include "ebitmap.h" |
1da177e4 LT |
19 | |
20 | struct mls_level { | |
21 | u32 sens; /* sensitivity */ | |
22 | struct ebitmap cat; /* category set */ | |
23 | }; | |
24 | ||
25 | struct mls_range { | |
26 | struct mls_level level[2]; /* low == level[0], high == level[1] */ | |
27 | }; | |
28 | ||
29 | static inline int mls_level_eq(struct mls_level *l1, struct mls_level *l2) | |
30 | { | |
1da177e4 | 31 | return ((l1->sens == l2->sens) && |
8bf1f3a6 | 32 | ebitmap_cmp(&l1->cat, &l2->cat)); |
1da177e4 LT |
33 | } |
34 | ||
35 | static inline int mls_level_dom(struct mls_level *l1, struct mls_level *l2) | |
36 | { | |
1da177e4 | 37 | return ((l1->sens >= l2->sens) && |
8bf1f3a6 | 38 | ebitmap_contains(&l1->cat, &l2->cat)); |
1da177e4 LT |
39 | } |
40 | ||
41 | #define mls_level_incomp(l1, l2) \ | |
42 | (!mls_level_dom((l1), (l2)) && !mls_level_dom((l2), (l1))) | |
43 | ||
44 | #define mls_level_between(l1, l2, l3) \ | |
45 | (mls_level_dom((l1), (l2)) && mls_level_dom((l3), (l1))) | |
46 | ||
47 | #define mls_range_contains(r1, r2) \ | |
48 | (mls_level_dom(&(r2).level[0], &(r1).level[0]) && \ | |
49 | mls_level_dom(&(r1).level[1], &(r2).level[1])) | |
50 | ||
51 | #endif /* _SS_MLS_TYPES_H_ */ |