Release 4.11 security/selinux/ss/context.h

/*
 * A security context is a set of security attributes
 * associated with each subject and object controlled
 * by the security policy.  Security contexts are
  * externally represented as variable-length strings
 * that can be interpreted by a user or application
 * with an understanding of the security policy.
 * Internally, the security server uses a simple
 * structure.  This structure is private to the
 * security server and can be changed without affecting
 * clients of the security server.
 *
 * Author : Stephen Smalley, <sds@epoch.ncsc.mil>
 */
#ifndef _SS_CONTEXT_H_

#define _SS_CONTEXT_H_

#include "ebitmap.h"
#include "mls_types.h"
#include "security.h"

/*
 * A security context consists of an authenticated user
 * identity, a role, a type and a MLS range.
 */

struct context {
	
u32 user;
	
u32 role;
	
u32 type;
	
u32 len;        /* length of string in bytes */
	
struct mls_range range;
	
char *str;	/* string representation if context cannot be mapped. */
};



static inline void mls_context_init(struct context *c)
{
	memset(&c->range, 0, sizeof(c->range));
}

Contributors
Person
Tokens
Prop
Commits
CommitProp
Andrew Morton
29
100.00%
1
100.00%
Total
29
100.00%
1
100.00%



static inline int mls_context_cpy(struct context *dst, struct context *src)
{
	int rc;

	dst->range.level[0].sens = src->range.level[0].sens;
	rc = ebitmap_cpy(&dst->range.level[0].cat, &src->range.level[0].cat);
	if (rc)
		goto out;

	dst->range.level[1].sens = src->range.level[1].sens;
	rc = ebitmap_cpy(&dst->range.level[1].cat, &src->range.level[1].cat);
	if (rc)
		ebitmap_destroy(&dst->range.level[0].cat);
out:
	return rc;
}

Contributors
Person
Tokens
Prop
Commits
CommitProp
Andrew Morton
153
100.00%
1
100.00%
Total
153
100.00%
1
100.00%

/*
 * Sets both levels in the MLS range of 'dst' to the low level of 'src'.
 */


static inline int mls_context_cpy_low(struct context *dst, struct context *src)
{
	int rc;

	dst->range.level[0].sens = src->range.level[0].sens;
	rc = ebitmap_cpy(&dst->range.level[0].cat, &src->range.level[0].cat);
	if (rc)
		goto out;

	dst->range.level[1].sens = src->range.level[0].sens;
	rc = ebitmap_cpy(&dst->range.level[1].cat, &src->range.level[0].cat);
	if (rc)
		ebitmap_destroy(&dst->range.level[0].cat);
out:
	return rc;
}

Contributors
Person
Tokens
Prop
Commits
CommitProp
Venkat Yekkirala
127
83.01%
1
50.00%
Eric Paris
26
16.99%
1
50.00%
Total
153
100.00%
2
100.00%

/*
 * Sets both levels in the MLS range of 'dst' to the high level of 'src'.
 */


static inline int mls_context_cpy_high(struct context *dst, struct context *src)
{
	int rc;

	dst->range.level[0].sens = src->range.level[1].sens;
	rc = ebitmap_cpy(&dst->range.level[0].cat, &src->range.level[1].cat);
	if (rc)
		goto out;

	dst->range.level[1].sens = src->range.level[1].sens;
	rc = ebitmap_cpy(&dst->range.level[1].cat, &src->range.level[1].cat);
	if (rc)
		ebitmap_destroy(&dst->range.level[0].cat);
out:
	return rc;
}

Contributors
Person
Tokens
Prop
Commits
CommitProp
Eric Paris
127
83.01%
1
50.00%
Venkat Yekkirala
26
16.99%
1
50.00%
Total
153
100.00%
2
100.00%



static inline int mls_context_cmp(struct context *c1, struct context *c2)
{
	return ((c1->range.level[0].sens == c2->range.level[0].sens) &&
		ebitmap_cmp(&c1->range.level[0].cat, &c2->range.level[0].cat) &&
		(c1->range.level[1].sens == c2->range.level[1].sens) &&
		ebitmap_cmp(&c1->range.level[1].cat, &c2->range.level[1].cat));
}

Contributors
Person
Tokens
Prop
Commits
CommitProp
Andrew Morton
122
100.00%
1
100.00%
Total
122
100.00%
1
100.00%



static inline void mls_context_destroy(struct context *c)
{
	ebitmap_destroy(&c->range.level[0].cat);
	ebitmap_destroy(&c->range.level[1].cat);
	mls_context_init(c);
}

Contributors
Person
Tokens
Prop
Commits
CommitProp
Andrew Morton
47
100.00%
1
100.00%
Total
47
100.00%
1
100.00%



static inline void context_init(struct context *c)
{
	memset(c, 0, sizeof(*c));
}

Contributors
Person
Tokens
Prop
Commits
CommitProp
Andrew Morton
25
100.00%
1
100.00%
Total
25
100.00%
1
100.00%



static inline int context_cpy(struct context *dst, struct context *src)
{
	int rc;

	dst->user = src->user;
	dst->role = src->role;
	dst->type = src->type;
	if (src->str) {
		dst->str = kstrdup(src->str, GFP_ATOMIC);
		if (!dst->str)
			return -ENOMEM;
		dst->len = src->len;
	} else {
		dst->str = NULL;
		dst->len = 0;
	}
	rc = mls_context_cpy(dst, src);
	if (rc) {
		kfree(dst->str);
		return rc;
	}
	return 0;
}

Contributors
Person
Tokens
Prop
Commits
CommitProp
Stephen D. Smalley
78
61.42%
1
50.00%
Andrew Morton
49
38.58%
1
50.00%
Total
127
100.00%
2
100.00%



static inline void context_destroy(struct context *c)
{
	c->user = c->role = c->type = 0;
	kfree(c->str);
	c->str = NULL;
	c->len = 0;
	mls_context_destroy(c);
}

Contributors
Person
Tokens
Prop
Commits
CommitProp
Andrew Morton
31
62.00%
1
50.00%
Stephen D. Smalley
19
38.00%
1
50.00%
Total
50
100.00%
2
100.00%



static inline int context_cmp(struct context *c1, struct context *c2)
{
	if (c1->len && c2->len)
		return (c1->len == c2->len && !strcmp(c1->str, c2->str));
	if (c1->len || c2->len)
		return 0;
	return ((c1->user == c2->user) &&
		(c1->role == c2->role) &&
		(c1->type == c2->type) &&
		mls_context_cmp(c1, c2));
}

Contributors
Person
Tokens
Prop
Commits
CommitProp
Andrew Morton
57
55.34%
1
50.00%
Stephen D. Smalley
46
44.66%
1
50.00%
Total
103
100.00%
2
100.00%

#endif	/* _SS_CONTEXT_H_ */

Overall Contributors
Person
Tokens
Prop
Commits
CommitProp
Andrew Morton
548
54.20%
1
16.67%
Eric Paris
158
15.63%
2
33.33%
Venkat Yekkirala
154
15.23%
1
16.67%
Stephen D. Smalley
148
14.64%
1
16.67%
Darrel Goeddel
3
0.30%
1
16.67%
Total
1011
100.00%
6
100.00%
Directory: security/selinux/ss

Information contained on this website is for historical information purposes only and does not indicate or represent copyright ownership.