1 /* 2 * A security context is a set of security attributes 3 * associated with each subject and object controlled 4 * by the security policy. Security contexts are 5 * externally represented as variable-length strings 6 * that can be interpreted by a user or application 7 * with an understanding of the security policy. 8 * Internally, the security server uses a simple 9 * structure. This structure is private to the 10 * security server and can be changed without affecting 11 * clients of the security server. 12 * 13 * Author : Stephen Smalley, <sds@epoch.ncsc.mil> 14 */ 15 #ifndef _SS_CONTEXT_H_ 16 #define _SS_CONTEXT_H_ 17 18 #include "ebitmap.h" 19 #include "mls_types.h" 20 #include "security.h" 21 22 /* 23 * A security context consists of an authenticated user 24 * identity, a role, a type and a MLS range. 25 */ 26 struct context { 27 u32 user; 28 u32 role; 29 u32 type; 30 u32 len; /* length of string in bytes */ 31 struct mls_range range; 32 char *str; /* string representation if context cannot be mapped. */ 33 }; 34 35 static inline void mls_context_init(struct context *c) 36 { 37 memset(&c->range, 0, sizeof(c->range)); 38 } 39 40 static inline int mls_context_cpy(struct context *dst, struct context *src) 41 { 42 int rc; 43 44 dst->range.level[0].sens = src->range.level[0].sens; 45 rc = ebitmap_cpy(&dst->range.level[0].cat, &src->range.level[0].cat); 46 if (rc) 47 goto out; 48 49 dst->range.level[1].sens = src->range.level[1].sens; 50 rc = ebitmap_cpy(&dst->range.level[1].cat, &src->range.level[1].cat); 51 if (rc) 52 ebitmap_destroy(&dst->range.level[0].cat); 53 out: 54 return rc; 55 } 56 57 /* 58 * Sets both levels in the MLS range of 'dst' to the low level of 'src'. 59 */ 60 static inline int mls_context_cpy_low(struct context *dst, struct context *src) 61 { 62 int rc; 63 64 dst->range.level[0].sens = src->range.level[0].sens; 65 rc = ebitmap_cpy(&dst->range.level[0].cat, &src->range.level[0].cat); 66 if (rc) 67 goto out; 68 69 dst->range.level[1].sens = src->range.level[0].sens; 70 rc = ebitmap_cpy(&dst->range.level[1].cat, &src->range.level[0].cat); 71 if (rc) 72 ebitmap_destroy(&dst->range.level[0].cat); 73 out: 74 return rc; 75 } 76 77 /* 78 * Sets both levels in the MLS range of 'dst' to the high level of 'src'. 79 */ 80 static inline int mls_context_cpy_high(struct context *dst, struct context *src) 81 { 82 int rc; 83 84 dst->range.level[0].sens = src->range.level[1].sens; 85 rc = ebitmap_cpy(&dst->range.level[0].cat, &src->range.level[1].cat); 86 if (rc) 87 goto out; 88 89 dst->range.level[1].sens = src->range.level[1].sens; 90 rc = ebitmap_cpy(&dst->range.level[1].cat, &src->range.level[1].cat); 91 if (rc) 92 ebitmap_destroy(&dst->range.level[0].cat); 93 out: 94 return rc; 95 } 96 97 static inline int mls_context_cmp(struct context *c1, struct context *c2) 98 { 99 return ((c1->range.level[0].sens == c2->range.level[0].sens) && 100 ebitmap_cmp(&c1->range.level[0].cat, &c2->range.level[0].cat) && 101 (c1->range.level[1].sens == c2->range.level[1].sens) && 102 ebitmap_cmp(&c1->range.level[1].cat, &c2->range.level[1].cat)); 103 } 104 105 static inline void mls_context_destroy(struct context *c) 106 { 107 ebitmap_destroy(&c->range.level[0].cat); 108 ebitmap_destroy(&c->range.level[1].cat); 109 mls_context_init(c); 110 } 111 112 static inline void context_init(struct context *c) 113 { 114 memset(c, 0, sizeof(*c)); 115 } 116 117 static inline int context_cpy(struct context *dst, struct context *src) 118 { 119 int rc; 120 121 dst->user = src->user; 122 dst->role = src->role; 123 dst->type = src->type; 124 if (src->str) { 125 dst->str = kstrdup(src->str, GFP_ATOMIC); 126 if (!dst->str) 127 return -ENOMEM; 128 dst->len = src->len; 129 } else { 130 dst->str = NULL; 131 dst->len = 0; 132 } 133 rc = mls_context_cpy(dst, src); 134 if (rc) { 135 kfree(dst->str); 136 return rc; 137 } 138 return 0; 139 } 140 141 static inline void context_destroy(struct context *c) 142 { 143 c->user = c->role = c->type = 0; 144 kfree(c->str); 145 c->str = NULL; 146 c->len = 0; 147 mls_context_destroy(c); 148 } 149 150 static inline int context_cmp(struct context *c1, struct context *c2) 151 { 152 if (c1->len && c2->len) 153 return (c1->len == c2->len && !strcmp(c1->str, c2->str)); 154 if (c1->len || c2->len) 155 return 0; 156 return ((c1->user == c2->user) && 157 (c1->role == c2->role) && 158 (c1->type == c2->type) && 159 mls_context_cmp(c1, c2)); 160 } 161 162 #endif /* _SS_CONTEXT_H_ */ 163 164