1 | /* SPDX-License-Identifier: GPL-2.0 */ |
2 | /* |
3 | * Type definitions for the multi-level security (MLS) policy. |
4 | * |
5 | * Author : Stephen Smalley, <stephen.smalley.work@gmail.com> |
6 | */ |
7 | /* |
8 | * Updated: Trusted Computer Solutions, Inc. <dgoeddel@trustedcs.com> |
9 | * |
10 | * Support for enhanced MLS infrastructure. |
11 | * |
12 | * Copyright (C) 2004-2005 Trusted Computer Solutions, Inc. |
13 | */ |
14 | |
15 | #ifndef _SS_MLS_TYPES_H_ |
16 | #define _SS_MLS_TYPES_H_ |
17 | |
18 | #include "security.h" |
19 | #include "ebitmap.h" |
20 | |
21 | struct mls_level { |
22 | u32 sens; /* sensitivity */ |
23 | struct ebitmap cat; /* category set */ |
24 | }; |
25 | |
26 | struct mls_range { |
27 | struct mls_level level[2]; /* low == level[0], high == level[1] */ |
28 | }; |
29 | |
30 | static inline int mls_level_eq(const struct mls_level *l1, const struct mls_level *l2) |
31 | { |
32 | return ((l1->sens == l2->sens) && |
33 | ebitmap_cmp(e1: &l1->cat, e2: &l2->cat)); |
34 | } |
35 | |
36 | static inline int mls_level_dom(const struct mls_level *l1, const struct mls_level *l2) |
37 | { |
38 | return ((l1->sens >= l2->sens) && |
39 | ebitmap_contains(e1: &l1->cat, e2: &l2->cat, last_e2bit: 0)); |
40 | } |
41 | |
42 | #define mls_level_incomp(l1, l2) \ |
43 | (!mls_level_dom((l1), (l2)) && !mls_level_dom((l2), (l1))) |
44 | |
45 | #define mls_level_between(l1, l2, l3) \ |
46 | (mls_level_dom((l1), (l2)) && mls_level_dom((l3), (l1))) |
47 | |
48 | #define mls_range_contains(r1, r2) \ |
49 | (mls_level_dom(&(r2).level[0], &(r1).level[0]) && \ |
50 | mls_level_dom(&(r1).level[1], &(r2).level[1])) |
51 | |
52 | #endif /* _SS_MLS_TYPES_H_ */ |
53 | |