xref: /openbmc/linux/security/selinux/ss/context.h (revision 12eb4683)
1 /*
2  * A security context is a set of security attributes
3  * associated with each subject and object controlled
4  * by the security policy.  Security contexts are
5   * externally represented as variable-length strings
6  * that can be interpreted by a user or application
7  * with an understanding of the security policy.
8  * Internally, the security server uses a simple
9  * structure.  This structure is private to the
10  * security server and can be changed without affecting
11  * clients of the security server.
12  *
13  * Author : Stephen Smalley, <sds@epoch.ncsc.mil>
14  */
15 #ifndef _SS_CONTEXT_H_
16 #define _SS_CONTEXT_H_
17 
18 #include "ebitmap.h"
19 #include "mls_types.h"
20 #include "security.h"
21 
22 /*
23  * A security context consists of an authenticated user
24  * identity, a role, a type and a MLS range.
25  */
26 struct context {
27 	u32 user;
28 	u32 role;
29 	u32 type;
30 	u32 len;        /* length of string in bytes */
31 	struct mls_range range;
32 	char *str;	/* string representation if context cannot be mapped. */
33 };
34 
35 static inline void mls_context_init(struct context *c)
36 {
37 	memset(&c->range, 0, sizeof(c->range));
38 }
39 
40 static inline int mls_context_cpy(struct context *dst, struct context *src)
41 {
42 	int rc;
43 
44 	dst->range.level[0].sens = src->range.level[0].sens;
45 	rc = ebitmap_cpy(&dst->range.level[0].cat, &src->range.level[0].cat);
46 	if (rc)
47 		goto out;
48 
49 	dst->range.level[1].sens = src->range.level[1].sens;
50 	rc = ebitmap_cpy(&dst->range.level[1].cat, &src->range.level[1].cat);
51 	if (rc)
52 		ebitmap_destroy(&dst->range.level[0].cat);
53 out:
54 	return rc;
55 }
56 
57 /*
58  * Sets both levels in the MLS range of 'dst' to the low level of 'src'.
59  */
60 static inline int mls_context_cpy_low(struct context *dst, struct context *src)
61 {
62 	int rc;
63 
64 	dst->range.level[0].sens = src->range.level[0].sens;
65 	rc = ebitmap_cpy(&dst->range.level[0].cat, &src->range.level[0].cat);
66 	if (rc)
67 		goto out;
68 
69 	dst->range.level[1].sens = src->range.level[0].sens;
70 	rc = ebitmap_cpy(&dst->range.level[1].cat, &src->range.level[0].cat);
71 	if (rc)
72 		ebitmap_destroy(&dst->range.level[0].cat);
73 out:
74 	return rc;
75 }
76 
77 /*
78  * Sets both levels in the MLS range of 'dst' to the high level of 'src'.
79  */
80 static inline int mls_context_cpy_high(struct context *dst, struct context *src)
81 {
82 	int rc;
83 
84 	dst->range.level[0].sens = src->range.level[1].sens;
85 	rc = ebitmap_cpy(&dst->range.level[0].cat, &src->range.level[1].cat);
86 	if (rc)
87 		goto out;
88 
89 	dst->range.level[1].sens = src->range.level[1].sens;
90 	rc = ebitmap_cpy(&dst->range.level[1].cat, &src->range.level[1].cat);
91 	if (rc)
92 		ebitmap_destroy(&dst->range.level[0].cat);
93 out:
94 	return rc;
95 }
96 
97 static inline int mls_context_cmp(struct context *c1, struct context *c2)
98 {
99 	return ((c1->range.level[0].sens == c2->range.level[0].sens) &&
100 		ebitmap_cmp(&c1->range.level[0].cat, &c2->range.level[0].cat) &&
101 		(c1->range.level[1].sens == c2->range.level[1].sens) &&
102 		ebitmap_cmp(&c1->range.level[1].cat, &c2->range.level[1].cat));
103 }
104 
105 static inline void mls_context_destroy(struct context *c)
106 {
107 	ebitmap_destroy(&c->range.level[0].cat);
108 	ebitmap_destroy(&c->range.level[1].cat);
109 	mls_context_init(c);
110 }
111 
112 static inline void context_init(struct context *c)
113 {
114 	memset(c, 0, sizeof(*c));
115 }
116 
117 static inline int context_cpy(struct context *dst, struct context *src)
118 {
119 	int rc;
120 
121 	dst->user = src->user;
122 	dst->role = src->role;
123 	dst->type = src->type;
124 	if (src->str) {
125 		dst->str = kstrdup(src->str, GFP_ATOMIC);
126 		if (!dst->str)
127 			return -ENOMEM;
128 		dst->len = src->len;
129 	} else {
130 		dst->str = NULL;
131 		dst->len = 0;
132 	}
133 	rc = mls_context_cpy(dst, src);
134 	if (rc) {
135 		kfree(dst->str);
136 		return rc;
137 	}
138 	return 0;
139 }
140 
141 static inline void context_destroy(struct context *c)
142 {
143 	c->user = c->role = c->type = 0;
144 	kfree(c->str);
145 	c->str = NULL;
146 	c->len = 0;
147 	mls_context_destroy(c);
148 }
149 
150 static inline int context_cmp(struct context *c1, struct context *c2)
151 {
152 	if (c1->len && c2->len)
153 		return (c1->len == c2->len && !strcmp(c1->str, c2->str));
154 	if (c1->len || c2->len)
155 		return 0;
156 	return ((c1->user == c2->user) &&
157 		(c1->role == c2->role) &&
158 		(c1->type == c2->type) &&
159 		mls_context_cmp(c1, c2));
160 }
161 
162 #endif	/* _SS_CONTEXT_H_ */
163 
164