| 1 | /* SPDX-License-Identifier: GPL-2.0 */ |
|---|---|
| 2 | /* |
| 3 | * Type definitions for the multi-level security (MLS) policy. |
| 4 | * |
| 5 | * Author : Stephen Smalley, <stephen.smalley.work@gmail.com> |
| 6 | */ |
| 7 | |
| 8 | /* |
| 9 | * Updated: Trusted Computer Solutions, Inc. <dgoeddel@trustedcs.com> |
| 10 | * Support for enhanced MLS infrastructure. |
| 11 | * Copyright (C) 2004-2005 Trusted Computer Solutions, Inc. |
| 12 | */ |
| 13 | |
| 14 | #ifndef _SS_MLS_TYPES_H_ |
| 15 | #define _SS_MLS_TYPES_H_ |
| 16 | |
| 17 | #include "security.h" |
| 18 | #include "ebitmap.h" |
| 19 | |
| 20 | struct mls_level { |
| 21 | u32 sens; /* sensitivity */ |
| 22 | struct ebitmap cat; /* category set */ |
| 23 | }; |
| 24 | |
| 25 | struct mls_range { |
| 26 | struct mls_level level[2]; /* low == level[0], high == level[1] */ |
| 27 | }; |
| 28 | |
| 29 | static inline int mls_level_eq(const struct mls_level *l1, |
| 30 | const struct mls_level *l2) |
| 31 | { |
| 32 | return ((l1->sens == l2->sens) && ebitmap_equal(e1: &l1->cat, e2: &l2->cat)); |
| 33 | } |
| 34 | |
| 35 | static inline int mls_level_dom(const struct mls_level *l1, |
| 36 | const struct mls_level *l2) |
| 37 | { |
| 38 | return ((l1->sens >= l2->sens) && |
| 39 | ebitmap_contains(e1: &l1->cat, e2: &l2->cat, last_e2bit: 0)); |
| 40 | } |
| 41 | |
| 42 | #define mls_level_incomp(l1, l2) \ |
| 43 | (!mls_level_dom((l1), (l2)) && !mls_level_dom((l2), (l1))) |
| 44 | |
| 45 | #define mls_level_between(l1, l2, l3) \ |
| 46 | (mls_level_dom((l1), (l2)) && mls_level_dom((l3), (l1))) |
| 47 | |
| 48 | #define mls_range_contains(r1, r2) \ |
| 49 | (mls_level_dom(&(r2).level[0], &(r1).level[0]) && \ |
| 50 | mls_level_dom(&(r1).level[1], &(r2).level[1])) |
| 51 | |
| 52 | #endif /* _SS_MLS_TYPES_H_ */ |
| 53 |
Generated while processing Linux/security/selinux/ss/avtab.c
Generated on 2025-Oct-12 from project Linux revision 6.17.0 (67029a49db6c)
Powered by 
Code Browser 2.1
Generator usage only permitted with license.