mls_types.h source code [linux/security/selinux/ss/mls_types.h]

1	/ SPDX-License-Identifier: GPL-2.0 /
2	/*
3	* Type definitions for the multi-level security (MLS) policy.
4	*
5	* Author : Stephen Smalley, <stephen.smalley.work@gmail.com>
6	*/
7	/*
8	* Updated: Trusted Computer Solutions, Inc. <dgoeddel@trustedcs.com>
9	*
10	* Support for enhanced MLS infrastructure.
11	*
12	* Copyright (C) 2004-2005 Trusted Computer Solutions, Inc.
13	*/
14
15	#ifndef _SS_MLS_TYPES_H_
16	#define _SS_MLS_TYPES_H_
17
18	#include "security.h"
19	#include "ebitmap.h"
20
21	struct mls_level {
22	u32 sens; / sensitivity /
23	struct ebitmap cat; / category set /
24	};
25
26	struct mls_range {
27	struct mls_level level[`2`]; / low == level[0], high == level[1] /
28	};
29
30	static inline int mls_level_eq(const struct mls_level l1, const* struct mls_level *l2)
31	{
32	return ((l1->sens == l2->sens) &&
33	ebitmap_cmp(e1: &l1->cat, e2: &l2->cat));
34	}
35
36	static inline int mls_level_dom(const struct mls_level l1, const* struct mls_level *l2)
37	{
38	return ((l1->sens >= l2->sens) &&
39	ebitmap_contains(e1: &l1->cat, e2: &l2->cat, last_e2bit: `0`));
40	}
41
42	#define mls_level_incomp(l1, l2) \
43	(!mls_level_dom((l1), (l2)) && !mls_level_dom((l2), (l1)))
44
45	#define mls_level_between(l1, l2, l3) \
46	(mls_level_dom((l1), (l2)) && mls_level_dom((l3), (l1)))
47
48	#define mls_range_contains(r1, r2) \
49	(mls_level_dom(&(r2).level[0], &(r1).level[0]) && \
50	mls_level_dom(&(r1).level[1], &(r2).level[1]))
51
52	#endif /* _SS_MLS_TYPES_H_ */
53

source code of linux/security/selinux/ss/mls_types.h