[net-next-2.6.git] / security / selinux / ss / mls_types.h

/*
 * Type definitions for the multi-level security (MLS) policy.
 *
 * Author : Stephen Smalley, <sds@epoch.ncsc.mil>
 */
/*
 * Updated: Trusted Computer Solutions, Inc. <dgoeddel@trustedcs.com>
 *
 *	Support for enhanced MLS infrastructure.
 *
 * Copyright (C) 2004-2005 Trusted Computer Solutions, Inc.
 */

#ifndef _SS_MLS_TYPES_H_
#define _SS_MLS_TYPES_H_

#include "security.h"
#include "ebitmap.h"

struct mls_level {
	u32 sens;		/* sensitivity */
	struct ebitmap cat;	/* category set */
};

struct mls_range {
	struct mls_level level[2]; /* low == level[0], high == level[1] */
};

static inline int mls_level_eq(struct mls_level *l1, struct mls_level *l2)
{
	return ((l1->sens == l2->sens) &&
		ebitmap_cmp(&l1->cat, &l2->cat));
}

static inline int mls_level_dom(struct mls_level *l1, struct mls_level *l2)
{
	return ((l1->sens >= l2->sens) &&
		ebitmap_contains(&l1->cat, &l2->cat));
}

#define mls_level_incomp(l1, l2) \
(!mls_level_dom((l1), (l2)) && !mls_level_dom((l2), (l1)))

#define mls_level_between(l1, l2, l3) \
(mls_level_dom((l1), (l2)) && mls_level_dom((l3), (l1)))

#define mls_range_contains(r1, r2) \
(mls_level_dom(&(r2).level[0], &(r1).level[0]) && \
 mls_level_dom(&(r1).level[1], &(r2).level[1]))

#endif	/* _SS_MLS_TYPES_H_ */
Commit	Line	Data
1da177e4 LT	1	/*
	2	* Type definitions for the multi-level security (MLS) policy.
	3	*
	4	* Author : Stephen Smalley, <sds@epoch.ncsc.mil>
	5	*/
	6	/*
	7	* Updated: Trusted Computer Solutions, Inc. <dgoeddel@trustedcs.com>
	8	*
	9	* Support for enhanced MLS infrastructure.
	10	*
	11	* Copyright (C) 2004-2005 Trusted Computer Solutions, Inc.
	12	*/
	13
	14	#ifndef _SS_MLS_TYPES_H_
	15	#define _SS_MLS_TYPES_H_
	16
	17	#include "security.h"
0719aaf5	18	#include "ebitmap.h"
1da177e4 LT	19
	20	struct mls_level {
	21	u32 sens; /* sensitivity */
	22	struct ebitmap cat; /* category set */
	23	};
	24
	25	struct mls_range {
	26	struct mls_level level[2]; /* low == level[0], high == level[1] */
	27	};
	28
	29	static inline int mls_level_eq(struct mls_level l1, struct mls_level l2)
	30	{
1da177e4	31	return ((l1->sens == l2->sens) &&
8bf1f3a6	32	ebitmap_cmp(&l1->cat, &l2->cat));
1da177e4 LT	33	}
	34
	35	static inline int mls_level_dom(struct mls_level l1, struct mls_level l2)
	36	{
1da177e4	37	return ((l1->sens >= l2->sens) &&
8bf1f3a6	38	ebitmap_contains(&l1->cat, &l2->cat));
1da177e4 LT	39	}
	40
	41	#define mls_level_incomp(l1, l2) \
	42	(!mls_level_dom((l1), (l2)) && !mls_level_dom((l2), (l1)))
	43
	44	#define mls_level_between(l1, l2, l3) \
	45	(mls_level_dom((l1), (l2)) && mls_level_dom((l3), (l1)))
	46
	47	#define mls_range_contains(r1, r2) \
	48	(mls_level_dom(&(r2).level[0], &(r1).level[0]) && \
	49	mls_level_dom(&(r1).level[1], &(r2).level[1]))
	50
	51	#endif /* _SS_MLS_TYPES_H_ */