Orange Pi5 kernel

Deprecated Linux kernel 5.10.110 for OrangePi 5/5B/5+ boards

3 Commits   0 Branches   0 Tags
Index
Trunk
Branches
Tags
Trunk
Branches
Tags
Home page
Home page
orangepi/linux-orangepi-5.10.y.git/trunk/security/selinux/ss/mls.h 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   1) /* SPDX-License-Identifier: GPL-2.0 */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   2) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   3)  * Multi-level security (MLS) policy operations.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   4)  *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   5)  * Author : Stephen Smalley, <sds@tycho.nsa.gov>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   6)  */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   7) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   8)  * Updated: Trusted Computer Solutions, Inc. <dgoeddel@trustedcs.com>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   9)  *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  10)  *	Support for enhanced MLS infrastructure.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  11)  *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  12)  * Copyright (C) 2004-2006 Trusted Computer Solutions, Inc.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  13)  */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  14) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  15)  * Updated: Hewlett-Packard <paul@paul-moore.com>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  16)  *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  17)  *	Added support to import/export the MLS label from NetLabel
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  18)  *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  19)  * (c) Copyright Hewlett-Packard Development Company, L.P., 2006
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  20)  */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  21) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  22) #ifndef _SS_MLS_H_
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  23) #define _SS_MLS_H_
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  24) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  25) #include <linux/jhash.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  26) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  27) #include "context.h"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  28) #include "ebitmap.h"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  29) #include "policydb.h"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  30) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  31) int mls_compute_context_len(struct policydb *p, struct context *context);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  32) void mls_sid_to_context(struct policydb *p, struct context *context,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  33) 			char **scontext);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  34) int mls_context_isvalid(struct policydb *p, struct context *c);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  35) int mls_range_isvalid(struct policydb *p, struct mls_range *r);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  36) int mls_level_isvalid(struct policydb *p, struct mls_level *l);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  37) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  38) int mls_context_to_sid(struct policydb *p,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  39) 		       char oldc,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  40) 		       char *scontext,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  41) 		       struct context *context,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  42) 		       struct sidtab *s,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  43) 		       u32 def_sid);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  44) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  45) int mls_from_string(struct policydb *p, char *str, struct context *context,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  46) 		    gfp_t gfp_mask);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  47) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  48) int mls_range_set(struct context *context, struct mls_range *range);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  49) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  50) int mls_convert_context(struct policydb *oldp,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  51) 			struct policydb *newp,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  52) 			struct context *oldc,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  53) 			struct context *newc);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  54) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  55) int mls_compute_sid(struct policydb *p,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  56) 		    struct context *scontext,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  57) 		    struct context *tcontext,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  58) 		    u16 tclass,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  59) 		    u32 specified,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  60) 		    struct context *newcontext,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  61) 		    bool sock);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  62) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  63) int mls_setup_user_range(struct policydb *p,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  64) 			 struct context *fromcon, struct user_datum *user,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  65) 			 struct context *usercon);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  66) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  67) #ifdef CONFIG_NETLABEL
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  68) void mls_export_netlbl_lvl(struct policydb *p,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  69) 			   struct context *context,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  70) 			   struct netlbl_lsm_secattr *secattr);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  71) void mls_import_netlbl_lvl(struct policydb *p,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  72) 			   struct context *context,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  73) 			   struct netlbl_lsm_secattr *secattr);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  74) int mls_export_netlbl_cat(struct policydb *p,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  75) 			  struct context *context,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  76) 			  struct netlbl_lsm_secattr *secattr);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  77) int mls_import_netlbl_cat(struct policydb *p,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  78) 			  struct context *context,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  79) 			  struct netlbl_lsm_secattr *secattr);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  80) #else
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  81) static inline void mls_export_netlbl_lvl(struct policydb *p,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  82) 					 struct context *context,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  83) 					 struct netlbl_lsm_secattr *secattr)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  84) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  85) 	return;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  86) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  87) static inline void mls_import_netlbl_lvl(struct policydb *p,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  88) 					 struct context *context,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  89) 					 struct netlbl_lsm_secattr *secattr)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  90) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  91) 	return;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  92) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  93) static inline int mls_export_netlbl_cat(struct policydb *p,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  94) 					struct context *context,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  95) 					struct netlbl_lsm_secattr *secattr)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  96) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  97) 	return -ENOMEM;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  98) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  99) static inline int mls_import_netlbl_cat(struct policydb *p,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 100) 					struct context *context,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 101) 					struct netlbl_lsm_secattr *secattr)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 102) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 103) 	return -ENOMEM;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 104) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 105) #endif
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 106) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 107) static inline u32 mls_range_hash(const struct mls_range *r, u32 hash)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 108) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 109) 	hash = jhash_2words(r->level[0].sens, r->level[1].sens, hash);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 110) 	hash = ebitmap_hash(&r->level[0].cat, hash);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 111) 	hash = ebitmap_hash(&r->level[1].cat, hash);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 112) 	return hash;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 113) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 114) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 115) #endif	/* _SS_MLS_H */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 116)
cGit-ui 0.1.7
Git 2.40.0
Nginx 1.22.1

Where any material of this site is being reproduced, published or issued to others the reference to the source is obligatory.

© Andrey V. Kosteltsev, 2019 – 2025.