Archive-Team
/
zfs
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 103 Wiki Activity

Remove libspl support for mlslabels 

The ZFS update to onnv_141 brought with it support for a
security label attribute called mlslabel.  This feature
depends on zones to work correctly and while I originally
added minimal support for this in libspl that was a mistake.

Supporting this under Linux is not required and this is
just additional troublesome code to support.  Long term
something like this could be supported under Linux but it
will need to be clearly thought through them an implemented.
This commit is contained in:
Brian Behlendorf 2010-07-22 12:58:43 -07:00
parent 6067ed4272
commit f39d7d2ca2
10 changed files with 0 additions and 2038 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
lib/libspl/Makefile.am
View File

@ -17,9 +17,7 @@ libspl_la_SOURCES = \
${top_srcdir}/lib/libspl/gethrestime.c \
${top_srcdir}/lib/libspl/getmntany.c \
${top_srcdir}/lib/libspl/list.c \
${top_srcdir}/lib/libspl/ltos.c \
${top_srcdir}/lib/libspl/mkdirp.c \
${top_srcdir}/lib/libspl/stol.c \
${top_srcdir}/lib/libspl/strlcat.c \
${top_srcdir}/lib/libspl/strlcpy.c \
${top_srcdir}/lib/libspl/strnlen.c \

2
lib/libspl/include/Makefile.am
View File

@ -4,6 +4,4 @@ nobase_pkginclude_HEADERS += rpc/*.h
nobase_pkginclude_HEADERS += sys/*.h
nobase_pkginclude_HEADERS += sys/dktp/*.h
nobase_pkginclude_HEADERS += sys/sysevent/*.h
nobase_pkginclude_HEADERS += sys/tsol/*.h
nobase_pkginclude_HEADERS += tsol/*.h
nobase_pkginclude_HEADERS += util/*.h

240
lib/libspl/include/label.h
View File

@ -1,240 +0,0 @@
/*
* CDDL HEADER START
*
* The contents of this file are subject to the terms of the
* Common Development and Distribution License (the "License").
* You may not use this file except in compliance with the License.
*
* You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
* or http://www.opensolaris.org/os/licensing.
* See the License for the specific language governing permissions
* and limitations under the License.
*
* When distributing Covered Code, include this CDDL HEADER in each
* file and include the License file at usr/src/OPENSOLARIS.LICENSE.
* If applicable, add the following below this CDDL HEADER, with the
* fields enclosed by brackets "[]" replaced with your own identifying
* information: Portions Copyright [yyyy] [name of copyright owner]
*
* CDDL HEADER END
*/
/*
* Copyright 2009 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
*/
#ifndef _TSOL_LABEL_H
#define _TSOL_LABEL_H
#include <sys/types32.h>
#include <sys/tsol/label.h>
#include <priv.h>
/* Procedural Interface Structure Definitions */
struct label_info { /* structure returned by label_info */
short ilabel_len; /* max Information Label length */
short slabel_len; /* max Sensitivity Label length */
short clabel_len; /* max CMW Label length */
short clear_len; /* max Clearance Label length */
short vers_len; /* version string length */
short header_len; /* max len of banner page header */
short protect_as_len; /* max len of banner page protect as */
short caveats_len; /* max len of banner page caveats */
short channels_len; /* max len of banner page channels */
};
typedef struct label_set_identifier { /* valid label set identifier */
int type; /* type of the set */
char *name; /* name of the set if needed */
} set_id;
struct name_fields { /* names for label builder fields */
char *class_name; /* Classifications field name */
char *comps_name; /* Compartments field name */
char *marks_name; /* Markings field name */
};
/* Label Set Identifier Types */
/*
* The accreditation ranges as specified in the label encodings file.
* The name parameter is ignored.
*
* System Accreditation Range is all valid labels plus Admin High and Low.
*
* User Accreditation Range is valid user labels as defined in the
* ACCREDITATION RANGE: section of the label encodings file.
*/
#define SYSTEM_ACCREDITATION_RANGE 1
#define USER_ACCREDITATION_RANGE 2
/* System Call Interface Definitions */
extern int getlabel(const char *, m_label_t *);
extern int fgetlabel(int, m_label_t *);
extern int getplabel(m_label_t *);
extern int setflabel(const char *, m_label_t *);
extern char *getpathbylabel(const char *, char *, size_t,
const m_label_t *sl);
extern m_label_t *getzonelabelbyid(zoneid_t);
extern m_label_t *getzonelabelbyname(const char *);
extern zoneid_t getzoneidbylabel(const m_label_t *);
extern char *getzonenamebylabel(const m_label_t *);
extern char *getzonerootbyid(zoneid_t);
extern char *getzonerootbyname(const char *);
extern char *getzonerootbylabel(const m_label_t *);
extern m_label_t *getlabelbypath(const char *);
/* Flag word values */
#define ALL_ENTRIES 0x00000000
#define ACCESS_RELATED 0x00000001
#define ACCESS_MASK 0x0000FFFF
#define ACCESS_SHIFT 0
#define LONG_WORDS 0x00010000 /* use long names */
#define SHORT_WORDS 0x00020000 /* use short names if present */
#define LONG_CLASSIFICATION 0x00040000 /* use long classification */
#define SHORT_CLASSIFICATION 0x00080000 /* use short classification */
#define NO_CLASSIFICATION 0x00100000 /* don't translate the class */
#define VIEW_INTERNAL 0x00200000 /* don't promote/demote */
#define VIEW_EXTERNAL 0x00400000 /* promote/demote label */
#define NEW_LABEL 0x00000001 /* create a full new label */
#define NO_CORRECTION 0x00000002 /* don't correct label errors */
/* implies NEW_LABEL */
#define CVT_DIM 0x01 /* display word dimmed */
#define CVT_SET 0x02 /* display word currently set */
/* Procedure Interface Definitions available to user */
/* APIs shared with the kernel are in <sys/tsol/label.h */
extern m_label_t *blabel_alloc(void);
extern void blabel_free(m_label_t *);
extern size32_t blabel_size(void);
extern char *bsltoh(const m_label_t *);
extern char *bcleartoh(const m_label_t *);
extern char *bsltoh_r(const m_label_t *, char *);
extern char *bcleartoh_r(const m_label_t *, char *);
extern char *h_alloc(uint8_t);
extern void h_free(char *);
extern int htobsl(const char *, m_label_t *);
extern int htobclear(const char *, m_label_t *);
extern m_range_t *getuserrange(const char *);
extern m_range_t *getdevicerange(const char *);
extern int set_effective_priv(priv_op_t, int, ...);
extern int set_inheritable_priv(priv_op_t, int, ...);
extern int set_permitted_priv(priv_op_t, int, ...);
extern int is_system_labeled(void);
/* Procedures needed for multi-level printing */
extern int tsol_check_admin_auth(uid_t uid);
/* APIs implemented via labeld */
extern int blinset(const m_label_t *, const set_id *);
extern int labelinfo(struct label_info *);
extern ssize_t labelvers(char **, size_t);
extern char *bltocolor(const m_label_t *);
extern char *bltocolor_r(const m_label_t *, size_t, char *);
extern ssize_t bsltos(const m_label_t *, char **, size_t, int);
extern ssize_t bcleartos(const m_label_t *, char **, size_t, int);
extern char *sbsltos(const m_label_t *, size_t);
extern char *sbcleartos(const m_label_t *, size_t);
extern int stobsl(const char *, m_label_t *, int, int *);
extern int stobclear(const char *, m_label_t *, int, int *);
extern int bslvalid(const m_label_t *);
extern int bclearvalid(const m_label_t *);
/* DIA label conversion and parsing */
/* Conversion types */
typedef enum _m_label_str {
M_LABEL = 1, /* process or user clearance */
M_INTERNAL = 2, /* internal form for use in public databases */
M_COLOR = 3, /* process label color */
PRINTER_TOP_BOTTOM = 4, /* DIA banner page top/bottom */
PRINTER_LABEL = 5, /* DIA banner page label */
PRINTER_CAVEATS = 6, /* DIA banner page caveats */
PRINTER_CHANNELS = 7 /* DIA banner page handling channels */
} m_label_str_t;
/* Flags for conversion, not all flags apply to all types */
#define DEF_NAMES 0x1
#define SHORT_NAMES 0x3 /* short names are prefered where defined */
#define LONG_NAMES 0x4 /* long names are prefered where defined */
extern int label_to_str(const m_label_t *, char **, const m_label_str_t,
uint_t);
extern int l_to_str_internal(const m_label_t *, char **);
/* Parsing types */
typedef enum _m_label_type {
MAC_LABEL = 1, /* process or object label */
USER_CLEAR = 2 /* user's clearance (LUB) */
} m_label_type_t;
/* Flags for parsing */
#define L_DEFAULT 0x0
#define L_MODIFY_EXISTING 0x1 /* start parsing with existing label */
#define L_NO_CORRECTION 0x2 /* must be correct by l_e rules */
#define L_CHECK_AR 0x10 /* must be in l_e AR */
/* EINVAL sub codes */
#define M_OUTSIDE_AR -4 /* not in l_e AR */
#define M_BAD_STRING -3 /* DIA L_BAD_LABEL */
/* bad requested label type, bad previous label type */
#define M_BAD_LABEL -2 /* DIA L_BAD_CLASSIFICATION, */
extern int str_to_label(const char *, m_label_t **, const m_label_type_t,
uint_t, int *);
extern int hexstr_to_label(const char *, m_label_t *);
extern m_label_t *m_label_alloc(const m_label_type_t);
extern int m_label_dup(m_label_t **, const m_label_t *);
extern void m_label_free(m_label_t *);
/* Contract Private interfaces with the label builder GUIs */
extern int bslcvtfull(const m_label_t *, const m_range_t *, int,
char **, char **[], char **[], char *[], int *, int *);
extern int bslcvt(const m_label_t *, int, char **, char *[]);
extern int bclearcvtfull(const m_label_t *, const m_range_t *, int,
char **, char **[], char **[], char *[], int *, int *);
extern int bclearcvt(const m_label_t *, int, char **, char *[]);
extern int labelfields(struct name_fields *);
extern int userdefs(m_label_t *, m_label_t *);
extern int zonecopy(m_label_t *, char *, char *, char *, int);
#ifdef DEBUG
/* testing hook: see devfsadm.c, mkdevalloc.c and allocate.c */
#define is_system_labeled_debug(statbufp) \
((stat("/ALLOCATE_FORCE_LABEL", (statbufp)) == 0) ? 1 : 0)
#else /* DEBUG */
#define is_system_labeled_debug(statbufp) 0
#endif /* DEBUG */
#endif /* !_TSOL_LABEL_H */

467
lib/libspl/include/labeld.h
View File

@ -1,467 +0,0 @@
/*
* CDDL HEADER START
*
* The contents of this file are subject to the terms of the
* Common Development and Distribution License (the "License").
* You may not use this file except in compliance with the License.
*
* You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
* or http://www.opensolaris.org/os/licensing.
* See the License for the specific language governing permissions
* and limitations under the License.
*
* When distributing Covered Code, include this CDDL HEADER in each
* file and include the License file at usr/src/OPENSOLARIS.LICENSE.
* If applicable, add the following below this CDDL HEADER, with the
* fields enclosed by brackets "[]" replaced with your own identifying
* information: Portions Copyright [yyyy] [name of copyright owner]
*
* CDDL HEADER END
*/
/*
* Copyright 2008 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
*/
#ifndef _LABELD_H
#define _LABELD_H
#include <sys/types.h>
#include <tsol/label.h>
#include <sys/tsol/label_macro.h>
/*
* Definitions for the call parameters for the door-based label
* translation service.
*/
#define BUFSIZE 4096
#define DOOR_PATH "/var/tsol/doors/"
#define DOOR_NAME "labeld"
#define COOKIE (void *)0x6c616264 /* "labd" */
/* Op codes */
/* Labeld Commands */
#define LABELDNULL 1
/* Miscellaneous */
#define BLINSET 10
#define BSLVALID 11
#define BILVALID 12
#define BCLEARVALID 13
#define LABELINFO 14
#define LABELVERS 15
#define BLTOCOLOR 16
/* Binary to String Label Translation */
#define BSLTOS 23
#define BCLEARTOS 25
/* String to Binary Label Translation */
#define STOBSL 31
#define STOBCLEAR 33
/*
* Dimming List Routines
* Contract private for label builders
*/
#define BSLCVT 40
#define BCLEARCVT 42
#define LABELFIELDS 43
#define UDEFS 44
#define GETFLABEL 45
#define SETFLABEL 46
#define ZCOPY 47
/* NEW LABELS */
/* DIA printer banner labels */
#define PR_CAVEATS 101
#define PR_CHANNELS 102
#define PR_LABEL 103
#define PR_TOP 104
/* DIA label to string */
#define LTOS 105
/* DIA string to label */
#define STOL 106
/* Structures */
typedef uint_t bufp_t; /* offset into buf[] in/out string buffer */
/* Null call */
typedef struct {
int null;
} null_call_t;
typedef struct {
int null;
} null_ret_t;
/* Miscellaneous interfaces */
typedef struct {
bslabel_t label;
int type;
} inset_call_t;
typedef struct {
int inset;
} inset_ret_t;
typedef struct {
bslabel_t label;
} slvalid_call_t;
typedef struct {
int valid;
} slvalid_ret_t;
typedef struct {
bclear_t clear;
} clrvalid_call_t;
typedef struct {
int valid;
} clrvalid_ret_t;
typedef struct {
int null;
} info_call_t;
typedef struct {
struct label_info info;
} info_ret_t;
typedef struct {
int null;
} vers_call_t;
typedef struct {
char vers[BUFSIZE];
} vers_ret_t;
typedef struct {
blevel_t label;
} color_call_t;
typedef struct {
char color[BUFSIZE];
} color_ret_t;
/* Binary Label to String interfaces */
typedef struct {
bslabel_t label;
uint_t flags;
} bsltos_call_t;
typedef struct {
char slabel[BUFSIZE];
} bsltos_ret_t;
typedef struct {
bclear_t clear;
uint_t flags;
} bcleartos_call_t;
typedef struct {
char cslabel[BUFSIZE];
} bcleartos_ret_t;
/* String to Binary Label interfaces */
typedef struct {
bslabel_t label;
uint_t flags;
char string[BUFSIZE];
} stobsl_call_t;
typedef struct {
bslabel_t label;
} stobsl_ret_t;
typedef struct {
bclear_t clear;
uint_t flags;
char string[BUFSIZE];
} stobclear_call_t;
typedef struct {
bclear_t clear;
} stobclear_ret_t;
/*
* The following Dimming List and Miscellaneous interfaces
* implement contract private interfaces for the label builder
* interfaces.
*/
/* Dimming List interfaces */
typedef struct {
bslabel_t label;
brange_t bounds;
uint_t flags;
} bslcvt_call_t;
typedef struct {
bufp_t string;
bufp_t dim;
bufp_t lwords;
bufp_t swords;
size_t d_len;
size_t l_len;
size_t s_len;
int first_comp;
int first_mark;
char buf[BUFSIZE];
} cvt_ret_t;
typedef cvt_ret_t bslcvt_ret_t;
typedef struct {
bclear_t clear;
brange_t bounds;
uint_t flags;
} bclearcvt_call_t;
typedef cvt_ret_t bclearcvt_ret_t;
/* Miscellaneous interfaces */
typedef struct {
int null;
} fields_call_t;
typedef struct {
bufp_t classi;
bufp_t compsi;
bufp_t marksi;
char buf[BUFSIZE];
} fields_ret_t;
typedef struct {
int null;
} udefs_call_t;
typedef struct {
bslabel_t sl;
bclear_t clear;
} udefs_ret_t;
typedef struct {
bslabel_t sl;
char pathname[BUFSIZE];
} setfbcl_call_t;
typedef struct {
int status;
} setfbcl_ret_t;
typedef struct {
bslabel_t src_win_sl;
int transfer_mode;
bufp_t remote_dir;
bufp_t filename;
bufp_t local_dir;
bufp_t display;
char buf[BUFSIZE];
} zcopy_call_t;
typedef struct {
int status;
} zcopy_ret_t;
typedef struct {
m_label_t label;
uint_t flags;
} pr_call_t;
typedef struct {
char buf[BUFSIZE];
} pr_ret_t;
typedef struct {
m_label_t label;
uint_t flags;
} ls_call_t;
typedef struct {
char buf[BUFSIZE];
} ls_ret_t;
typedef struct {
m_label_t label;
uint_t flags;
char string[BUFSIZE];
} sl_call_t;
typedef struct {
m_label_t label;
} sl_ret_t;
/* Labeld operation call structure */
typedef struct {
uint_t op;
union {
null_call_t null_arg;
inset_call_t inset_arg;
slvalid_call_t slvalid_arg;
clrvalid_call_t clrvalid_arg;
info_call_t info_arg;
vers_call_t vers_arg;
color_call_t color_arg;
bsltos_call_t bsltos_arg;
bcleartos_call_t bcleartos_arg;
stobsl_call_t stobsl_arg;
stobclear_call_t stobclear_arg;
bslcvt_call_t bslcvt_arg;
bclearcvt_call_t bclearcvt_arg;
fields_call_t fields_arg;
udefs_call_t udefs_arg;
setfbcl_call_t setfbcl_arg;
zcopy_call_t zcopy_arg;
pr_call_t pr_arg;
ls_call_t ls_arg;
sl_call_t sl_arg;
} cargs;
} labeld_call_t;
/* Labeld operation return structure */
typedef struct {
int ret; /* labeld return codes */
int err; /* function error codes */
union {
null_ret_t null_ret;
inset_ret_t inset_ret;
slvalid_ret_t slvalid_ret;
clrvalid_ret_t clrvalid_ret;
info_ret_t info_ret;
vers_ret_t vers_ret;
color_ret_t color_ret;
bsltos_ret_t bsltos_ret;
bcleartos_ret_t bcleartos_ret;
stobsl_ret_t stobsl_ret;
stobclear_ret_t stobclear_ret;
bslcvt_ret_t bslcvt_ret;
bclearcvt_ret_t bclearcvt_ret;
fields_ret_t fields_ret;
udefs_ret_t udefs_ret;
setfbcl_ret_t setfbcl_ret;
zcopy_ret_t zcopy_ret;
pr_ret_t pr_ret;
ls_ret_t ls_ret;
sl_ret_t sl_ret;
} rvals;
} labeld_ret_t;
/* Labeld call/return structure */
typedef struct {
union {
labeld_call_t acall;
labeld_ret_t aret;
} param;
} labeld_data_t;
#define callop param.acall.op
#define retret param.aret.ret
#define reterr param.aret.err
#define CALL_SIZE(type, buf) (size_t)(sizeof (type) + sizeof (int) + (buf))
#define RET_SIZE(type, buf) (size_t)(sizeof (type) + 2*sizeof (int) + (buf))
#define CALL_SIZE_STR(type, buf) CALL_SIZE(type, (-BUFSIZE +(buf)))
/* Return Codes */
#define SUCCESS 1 /* Call OK */
#define NOTFOUND -1 /* Function not found */
#define SERVERFAULT -2 /* Internal labeld error */
#define NOSERVER -3 /* No server thread available, try later */
/* Labeld common client call function */
static inline int
__call_labeld(labeld_data_t **dptr, size_t *ndata, size_t *adata)
{
return NOSERVER;
}
/* Flag Translation Values */
#define L_NEW_LABEL 0x10000000
/* GFI FLAGS */
#define GFI_FLAG_MASK 0x0000FFFF
#define GFI_ACCESS_RELATED 0x00000001
/* binary to ASCII */
#define LABELS_NO_CLASS 0x00010000
#define LABELS_SHORT_CLASS 0x00020000
#define LABELS_SHORT_WORDS 0x00040000
/* Label view */
#define LABELS_VIEW_INTERNAL 0x00100000
#define LABELS_VIEW_EXTERNAL 0x00200000
/* Dimming list (convert -- b*cvt* ) */
#define LABELS_FULL_CONVERT 0x00010000
/* ASCII to binary */
#define LABELS_NEW_LABEL 0x00010000
#define LABELS_FULL_PARSE 0x00020000
#define LABELS_ONLY_INFO_LABEL 0x00040000
#define MOVE_FILE 0
#define COPY_FILE 1
#define LINK_FILE 2
#define PIPEMSG_FILEOP_ERROR 1
#define PIPEMSG_EXIST_ERROR 2
#define PIPEMSG_DONE 7
#define PIPEMSG_PATH_ERROR 20
#define PIPEMSG_ZONE_ERROR 21
#define PIPEMSG_LABEL_ERROR 22
#define PIPEMSG_READ_ERROR 23
#define PIPEMSG_READONLY_ERROR 24
#define PIPEMSG_WRITE_ERROR 25
#define PIPEMSG_CREATE_ERROR 26
#define PIPEMSG_DELETE_ERROR 27
#define PIPEMSG_CANCEL 101
#define PIPEMSG_PROCEED 102
#define PIPEMSG_MERGE 103
#define PIPEMSG_REPLACE_BUFFER 104
#define PIPEMSG_RENAME_BUFFER 105
#define PIPEMSG_MULTI_PROCEED 106
#define PIPEMSG_RENAME_FILE 107
#endif /* _LABELD_H */

168
lib/libspl/include/sys/tsol/label.h
View File

@ -1,168 +0,0 @@
/*
* CDDL HEADER START
*
* The contents of this file are subject to the terms of the
* Common Development and Distribution License (the "License").
* You may not use this file except in compliance with the License.
*
* You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
* or http://www.opensolaris.org/os/licensing.
* See the License for the specific language governing permissions
* and limitations under the License.
*
* When distributing Covered Code, include this CDDL HEADER in each
* file and include the License file at usr/src/OPENSOLARIS.LICENSE.
* If applicable, add the following below this CDDL HEADER, with the
* fields enclosed by brackets "[]" replaced with your own identifying
* information: Portions Copyright [yyyy] [name of copyright owner]
*
* CDDL HEADER END
*/
/*
* Copyright 2009 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
*/
#ifndef _SYS_TSOL_LABEL_H
#define _SYS_TSOL_LABEL_H
#include <sys/types.h>
#ifdef _KERNEL
#include <sys/cred.h>
#include <sys/vnode.h>
#include <sys/tsol/label_macro.h>
#endif /* _KERNEL */
#ifdef __cplusplus
extern "C" {
#endif
/*
* types of label comparison
*/
#define EQUALITY_CHECK 0
#define DOMINANCE_CHECK 1
/* Manifest human readable label names */
#define ADMIN_LOW "ADMIN_LOW"
#define ADMIN_HIGH "ADMIN_HIGH"
/* Binary Label Structure Definitions */
typedef struct _mac_label_impl m_label_t;
typedef m_label_t blevel_t, /* compatibility */
bslabel_t, /* Sensitivity Label */
bclear_t; /* Clearance */
typedef struct _tsol_binary_level_lrange { /* Level Range */
m_label_t *lower_bound;
m_label_t *upper_bound;
} m_range_t;
typedef m_range_t blrange_t;
typedef struct tsol_mlp_s {
uchar_t mlp_ipp;
uint16_t mlp_port;
uint16_t mlp_port_upper;
} tsol_mlp_t;
/* Procedure Interface Definitions available to user and kernel */
extern int bltype(const void *, uint8_t);
extern int blequal(const m_label_t *, const m_label_t *);
extern int bldominates(const m_label_t *, const m_label_t *);
extern int blstrictdom(const m_label_t *, const m_label_t *);
extern int blinrange(const m_label_t *, const m_range_t *);
extern void blmaximum(m_label_t *, const m_label_t *);
extern void blminimum(m_label_t *, const m_label_t *);
extern void bsllow(m_label_t *);
extern void bslhigh(m_label_t *);
extern void bclearlow(m_label_t *);
extern void bclearhigh(m_label_t *);
extern void bslundef(m_label_t *);
extern void bclearundef(m_label_t *);
extern void setbltype(void *, uint8_t);
extern boolean_t bisinvalid(const void *);
#ifdef _KERNEL
typedef struct tsol_mlp_entry_s {
struct tsol_mlp_entry_s *mlpe_next, *mlpe_prev;
zoneid_t mlpe_zoneid;
tsol_mlp_t mlpe_mlp;
} tsol_mlp_entry_t;
typedef struct tsol_mlp_list_s {
krwlock_t mlpl_rwlock;
tsol_mlp_entry_t *mlpl_first, *mlpl_last;
} tsol_mlp_list_t;
typedef struct ts_label_s {
uint_t tsl_ref; /* Reference count */
uint32_t tsl_doi; /* Domain of Interpretation */
uint32_t tsl_flags; /* TSLF_* below */
m_label_t tsl_label; /* Actual label */
} ts_label_t;
#define DEFAULT_DOI 1
/*
* TSLF_UNLABELED is set in tsl_flags for packets with no explicit label
* when the peer is unlabeled.
*
* TSLF_IMPLICIT_IN is set when a packet is received with no explicit label
* from a peer which is flagged in the tnrhdb as label-aware.
*
* TSLF_IMPLICIT_OUT is set when the packet should be sent without an
* explict label even if the peer or next-hop router is flagged in the
* tnrhdb as label-aware.
*/
#define TSLF_UNLABELED 0x00000001 /* peer is unlabeled */
#define TSLF_IMPLICIT_IN 0x00000002 /* inbound implicit */
#define TSLF_IMPLICIT_OUT 0x00000004 /* outbound implicit */
#define CR_SL(cr) (label2bslabel(crgetlabel(cr)))
extern ts_label_t *l_admin_low;
extern ts_label_t *l_admin_high;
extern uint32_t default_doi;
extern int sys_labeling;
extern void label_init(void);
extern ts_label_t *labelalloc(const m_label_t *, uint32_t, int);
extern ts_label_t *labeldup(const ts_label_t *, int);
extern void label_hold(ts_label_t *);
extern void label_rele(ts_label_t *);
extern m_label_t *label2bslabel(ts_label_t *);
extern uint32_t label2doi(ts_label_t *);
extern boolean_t label_equal(const ts_label_t *, const ts_label_t *);
extern cred_t *newcred_from_bslabel(m_label_t *, uint32_t, int);
extern cred_t *copycred_from_bslabel(const cred_t *, m_label_t *,
uint32_t, int);
extern cred_t *copycred_from_tslabel(const cred_t *, ts_label_t *,
int);
extern ts_label_t *getflabel(vnode_t *);
extern int getlabel(const char *, m_label_t *);
extern int fgetlabel(int, m_label_t *);
extern int _blinrange(const m_label_t *, const brange_t *);
extern int blinlset(const m_label_t *, const blset_t);
extern int l_to_str_internal(const m_label_t *, char **);
extern int hexstr_to_label(const char *, m_label_t *);
/*
* The use of '!!' here prevents users from referencing this function-like
* macro as though it were an l-value, and in normal use is optimized away
* by the compiler.
*/
#define is_system_labeled() (!!(sys_labeling > 0))
#endif /* _KERNEL */
#ifdef __cplusplus
}
#endif
#endif /* !_SYS_TSOL_LABEL_H */

351
lib/libspl/include/sys/tsol/label_macro.h
View File

@ -1,351 +0,0 @@
/*
* CDDL HEADER START
*
* The contents of this file are subject to the terms of the
* Common Development and Distribution License (the "License").
* You may not use this file except in compliance with the License.
*
* You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
* or http://www.opensolaris.org/os/licensing.
* See the License for the specific language governing permissions
* and limitations under the License.
*
* When distributing Covered Code, include this CDDL HEADER in each
* file and include the License file at usr/src/OPENSOLARIS.LICENSE.
* If applicable, add the following below this CDDL HEADER, with the
* fields enclosed by brackets "[]" replaced with your own identifying
* information: Portions Copyright [yyyy] [name of copyright owner]
*
* CDDL HEADER END
*/
/*
* Copyright 2006 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
*/
#ifndef _LABEL_MACRO_H
#define _LABEL_MACRO_H
#include <sys/types.h>
/* PRIVATE ONLY TO THE LABEL LIBRARY. DO NOT USE ELSEWHERE */
/* Actual Binary Label Structure Definitions */
typedef int16_t _Classification;
typedef struct {
union {
uint8_t class_ar[2];
_Classification class_chunk;
} class_u;
} Classification_t;
typedef struct {
uint32_t c1;
uint32_t c2;
uint32_t c3;
uint32_t c4;
uint32_t c5;
uint32_t c6;
uint32_t c7;
uint32_t c8;
} Compartments_t;
typedef struct {
uint32_t m1;
uint32_t m2;
uint32_t m3;
uint32_t m4;
uint32_t m5;
uint32_t m6;
uint32_t m7;
uint32_t m8;
} Markings_t;
typedef struct _mac_label_impl {
uint8_t id; /* Magic to say label type */
uint8_t _c_len; /* Number of Compartment words */
Classification_t classification;
Compartments_t compartments;
} _mac_label_impl_t;
typedef _mac_label_impl_t _blevel_impl_t, /* compatibility */
_bslabel_impl_t, /* Sensitivity Label */
_bclear_impl_t; /* Clearance */
typedef struct _binary_information_label_impl { /* Information Label */
_mac_label_impl_t binformation_level;
Markings_t markings;
} _bilabel_impl_t;
typedef struct _binary_cmw_label_impl { /* CMW Label */
_bslabel_impl_t bcl_sensitivity_label;
_bilabel_impl_t bcl_information_label;
} _bclabel_impl_t;
typedef struct _binary_level_range_impl { /* Level Range */
_mac_label_impl_t lower_bound;
_mac_label_impl_t upper_bound;
} _brange_impl_t, brange_t;
#define NMLP_MAX 0x10
#define NSLS_MAX 0x4
typedef _mac_label_impl_t blset_t[NSLS_MAX];
/* Label Identifier Types */
#define SUN_MAC_ID 0x41 /* MAC label, legacy SUN_SL_ID */
#define SUN_UCLR_ID 0x49 /* User Clearance, legacy SUN_CLR_ID */
#define _C_LEN 8 /* number of compartments words */
/* m_label_t macros */
#define _MTYPE(l, t) \
(((_mac_label_impl_t *)(l))->id == (t))
#define _MSETTYPE(l, t) \
(((_mac_label_impl_t *)(l))->id = (t))
#define _MGETTYPE(l) (((_mac_label_impl_t *)(l))->id)
#define _MEQUAL(l1, l2) \
(LCLASS(l1) == LCLASS(l2) && \
(l1)->_comps.c1 == (l2)->_comps.c1 && \
(l1)->_comps.c2 == (l2)->_comps.c2 && \
(l1)->_comps.c3 == (l2)->_comps.c3 && \
(l1)->_comps.c4 == (l2)->_comps.c4 && \
(l1)->_comps.c5 == (l2)->_comps.c5 && \
(l1)->_comps.c6 == (l2)->_comps.c6 && \
(l1)->_comps.c7 == (l2)->_comps.c7 && \
(l1)->_comps.c8 == (l2)->_comps.c8)
#define SUN_INVALID_ID 0 /* uninitialized label */
#define SUN_CMW_ID 0x83 /* 104 - total bytes in CMW Label */
#define SUN_SL_ID 0x41 /* 36 - total bytes in Sensitivity Label */
#define SUN_SL_UN 0xF1 /* undefined Sensitivity Label */
#define SUN_IL_ID 0x42 /* 68 - total bytes in Information Label */
#define SUN_IL_UN 0x73 /* undefined Information Label */
#define SUN_CLR_ID 0x49 /* 36 - total bytes in Clearance */
#define SUN_CLR_UN 0xF9 /* undefined Clearance */
#define _bcl_sl bcl_sensitivity_label
#define _bcl_il bcl_information_label
#define _bslev_il binformation_level
#define _lclass classification
#ifdef _BIG_ENDIAN
#define LCLASS(slp) ((slp)->_lclass.class_u.class_chunk)
#define LCLASS_SET(slp, l) ((slp)->_lclass.class_u.class_chunk = (l))
#else
#define LCLASS(slp) \
((_Classification)(((slp)->_lclass.class_u.class_ar[0] << 8) | \
(slp)->_lclass.class_u.class_ar[1]))
#define LCLASS_SET(slp, l) \
((slp)->_lclass.class_u.class_ar[0] = (uint8_t)((l)>> 8), \
(slp)->_lclass.class_u.class_ar[1] = (uint8_t)(l))
#endif /* _BIG_ENDIAN */
#define _comps compartments
#define _iid _bslev_il.id
#define _i_c_len _bslev_il._c_len
#define _iclass _bslev_il._lclass
#ifdef _BIG_ENDIAN
#define ICLASS(ilp) ((ilp)->_iclass.class_u.class_chunk)
#define ICLASS_SET(ilp, l) ((ilp)->_iclass.class_u.class_chunk = (l))
#else
#define ICLASS(ilp) \
((_Classification)(((ilp)->_iclass.class_u.class_ar[0] << 8) | \
(ilp)->_iclass.class_u.class_ar[1]))
#define ICLASS_SET(ilp, l) \
((ilp)->_iclass.class_u.class_ar[0] = (uint8_t)((l)>> 8), \
(ilp)->_iclass.class_u.class_ar[1] = (uint8_t)(l))
#endif /* _BIG_ENDIAN */
#define _icomps _bslev_il._comps
#define _imarks markings
/* Manifest Constant Values */
#define LOW_CLASS 0 /* Admin_Low classification value */
#define HIGH_CLASS 0x7FFF /* Admin_High classification value */
#define EMPTY_SET 0 /* Empty compartments and markings set */
#define UNIVERSAL_SET 0xFFFFFFFFU /* Universal compartments and */
/* markings set */
/* Construct initial labels */
#define _LOW_LABEL(l, t) \
((l)->id = t, (l)->_c_len = _C_LEN, LCLASS_SET(l, LOW_CLASS), \
(l)->_comps.c1 = (l)->_comps.c2 = (l)->_comps.c3 = (l)->_comps.c4 = \
(l)->_comps.c5 = (l)->_comps.c6 = (l)->_comps.c7 = (l)->_comps.c8 = \
EMPTY_SET)
#define _HIGH_LABEL(l, t) \
((l)->id = t, (l)->_c_len = _C_LEN, LCLASS_SET(l, HIGH_CLASS), \
(l)->_comps.c1 = (l)->_comps.c2 = (l)->_comps.c3 = (l)->_comps.c4 = \
(l)->_comps.c5 = (l)->_comps.c6 = (l)->_comps.c7 = (l)->_comps.c8 = \
UNIVERSAL_SET)
/* Macro equivalents */
/* Is this memory a properly formatted label of type t? */
#define BLTYPE(l, t) \
((t) == SUN_CMW_ID ? \
(((_bclabel_impl_t *)(l))->_bcl_sl.id == SUN_SL_ID || \
((_bclabel_impl_t *)(l))->_bcl_sl.id == SUN_SL_UN) && \
(((_bclabel_impl_t *)(l))->_bcl_il._iid == SUN_IL_ID || \
((_bclabel_impl_t *)(l))->_bcl_il._iid == SUN_IL_UN) : \
((_mac_label_impl_t *)(l))->id == (t))
/* Are the levels of these labels equal? */
#define BLEQUAL(l1, l2) \
_BLEQUAL((_mac_label_impl_t *)(l1), (_mac_label_impl_t *)(l2))
#define _BLEQUAL(l1, l2) \
(LCLASS(l1) == LCLASS(l2) && \
(l1)->_comps.c1 == (l2)->_comps.c1 && \
(l1)->_comps.c2 == (l2)->_comps.c2 && \
(l1)->_comps.c3 == (l2)->_comps.c3 && \
(l1)->_comps.c4 == (l2)->_comps.c4 && \
(l1)->_comps.c5 == (l2)->_comps.c5 && \
(l1)->_comps.c6 == (l2)->_comps.c6 && \
(l1)->_comps.c7 == (l2)->_comps.c7 && \
(l1)->_comps.c8 == (l2)->_comps.c8)
/* Does the level of l1 dominate that of l2? */
#define BLDOMINATES(l1, l2) \
_BLDOMINATES((_mac_label_impl_t *)(l1), (_mac_label_impl_t *)(l2))
#define _BLDOMINATES(l1, l2) (LCLASS(l1) >= LCLASS(l2) && \
(l2)->_comps.c1 == ((l1)->_comps.c1 & (l2)->_comps.c1) && \
(l2)->_comps.c2 == ((l1)->_comps.c2 & (l2)->_comps.c2) && \
(l2)->_comps.c3 == ((l1)->_comps.c3 & (l2)->_comps.c3) && \
(l2)->_comps.c4 == ((l1)->_comps.c4 & (l2)->_comps.c4) && \
(l2)->_comps.c5 == ((l1)->_comps.c5 & (l2)->_comps.c5) && \
(l2)->_comps.c6 == ((l1)->_comps.c6 & (l2)->_comps.c6) && \
(l2)->_comps.c7 == ((l1)->_comps.c7 & (l2)->_comps.c7) && \
(l2)->_comps.c8 == ((l1)->_comps.c8 & (l2)->_comps.c8))
/* Does the level of l1 strictly dominate that of l2? */
#define BLSTRICTDOM(l1, l2) (!BLEQUAL(l1, l2) && BLDOMINATES(l1, l2))
/* Is the level of l within the range r? */
#define BLINRANGE(l, r)\
(BLDOMINATES((l), &((r)->lower_bound)) && \
BLDOMINATES(&((r)->upper_bound), (l)))
/* Least Upper Bound level l1 and l2 replacing l1 with the result. */
#define BLMAXIMUM(l1, l2) \
_BLMAXIMUM((_mac_label_impl_t *)(l1), (_mac_label_impl_t *)(l2))
#define _BLMAXIMUM(l1, l2)\
(((l1)->_lclass = (LCLASS(l1) < LCLASS(l2)) ? \
(l2)->_lclass : (l1)->_lclass), \
(l1)->_comps.c1 |= (l2)->_comps.c1, \
(l1)->_comps.c2 |= (l2)->_comps.c2, \
(l1)->_comps.c3 |= (l2)->_comps.c3, \
(l1)->_comps.c4 |= (l2)->_comps.c4, \
(l1)->_comps.c5 |= (l2)->_comps.c5, \
(l1)->_comps.c6 |= (l2)->_comps.c6, \
(l1)->_comps.c7 |= (l2)->_comps.c7, \
(l1)->_comps.c8 |= (l2)->_comps.c8)
/* Greatest Lower Bound level l1 and l2 replacing l1 with the result. */
#define BLMINIMUM(l1, l2) \
_BLMINIMUM((_mac_label_impl_t *)(l1), (_mac_label_impl_t *)(l2))
#define _BLMINIMUM(l1, l2)\
(((l1)->_lclass = (LCLASS(l1) > LCLASS(l2)) ? \
(l2)->_lclass : (l1)->_lclass), \
(l1)->_comps.c1 &= (l2)->_comps.c1, \
(l1)->_comps.c2 &= (l2)->_comps.c2, \
(l1)->_comps.c3 &= (l2)->_comps.c3, \
(l1)->_comps.c4 &= (l2)->_comps.c4, \
(l1)->_comps.c5 &= (l2)->_comps.c5, \
(l1)->_comps.c6 &= (l2)->_comps.c6, \
(l1)->_comps.c7 &= (l2)->_comps.c7, \
(l1)->_comps.c8 &= (l2)->_comps.c8)
/* Create Manifest Labels */
/* Write a System_Low CMW Label into this memory. */
#define BCLLOW(l) (BSLLOW(BCLTOSL(l)), BILLOW(BCLTOIL(l)))
/* Write a System_Low Sensitivity Label into this memory. */
#define BSLLOW(l) _BSLLOW((_bslabel_impl_t *)(l))
#define _BSLLOW(l) \
((l)->id = SUN_SL_ID, (l)->_c_len = _C_LEN, LCLASS_SET(l, LOW_CLASS), \
(l)->_comps.c1 = (l)->_comps.c2 = (l)->_comps.c3 = (l)->_comps.c4 = \
(l)->_comps.c5 = (l)->_comps.c6 = (l)->_comps.c7 = (l)->_comps.c8 = \
EMPTY_SET)
/* Write a System_High Sensitivity Label into this memory. */
#define BSLHIGH(l) _BSLHIGH((_bslabel_impl_t *)(l))
#define _BSLHIGH(l) \
((l)->id = SUN_SL_ID, (l)->_c_len = _C_LEN, LCLASS_SET(l, HIGH_CLASS), \
(l)->_comps.c1 = (l)->_comps.c2 = (l)->_comps.c3 = (l)->_comps.c4 = \
(l)->_comps.c5 = (l)->_comps.c6 = (l)->_comps.c7 = (l)->_comps.c8 = \
UNIVERSAL_SET)
/* Write a System_Low Information Label into this memory. */
#define BILLOW(l) _BILLOW((_bilabel_impl_t *)(l))
#define _BILLOW(l) \
((l)->_iid = SUN_IL_ID, (l)->_i_c_len = _C_LEN, \
ICLASS_SET(l, LOW_CLASS), \
(l)->_icomps.c1 = (l)->_icomps.c2 = (l)->_icomps.c3 = \
(l)->_icomps.c4 = (l)->_icomps.c5 = (l)->_icomps.c6 = \
(l)->_icomps.c7 = (l)->_icomps.c8 = EMPTY_SET, \
(l)->_imarks.m1 = (l)->_imarks.m2 = (l)->_imarks.m3 = \
(l)->_imarks.m4 = (l)->_imarks.m5 = (l)->_imarks.m6 = \
(l)->_imarks.m7 = (l)->_imarks.m8 = EMPTY_SET)
/* Write a System_Low Sensitivity Label into this memory. */
#define BCLEARLOW(l) _BCLEARLOW((_bclear_impl_t *)(l))
#define _BCLEARLOW(c) \
((c)->id = SUN_CLR_ID, (c)->_c_len = _C_LEN, \
LCLASS_SET(c, LOW_CLASS), \
(c)->_comps.c1 = (c)->_comps.c2 = (c)->_comps.c3 = (c)->_comps.c4 = \
(c)->_comps.c5 = (c)->_comps.c6 = (c)->_comps.c7 = (c)->_comps.c8 = \
EMPTY_SET)
/* Write a System_High Sensitivity Label into this memory. */
#define BCLEARHIGH(l) _BCLEARHIGH((_bclear_impl_t *)(l))
#define _BCLEARHIGH(c) \
((c)->id = SUN_CLR_ID, (c)->_c_len = _C_LEN, \
LCLASS_SET(c, HIGH_CLASS), \
(c)->_comps.c1 = (c)->_comps.c2 = (c)->_comps.c3 = (c)->_comps.c4 = \
(c)->_comps.c5 = (c)->_comps.c6 = (c)->_comps.c7 = (c)->_comps.c8 = \
UNIVERSAL_SET)
/* Write an undefined Sensitivity Label into this memory. */
#define BSLUNDEF(l) (((_bslabel_impl_t *)(l))->id = SUN_SL_UN)
/* Write an undefined Clearance into this memory. */
#define BCLEARUNDEF(c) (((_bclear_impl_t *)(c))->id = SUN_CLR_UN)
/* Retrieve the Sensitivity Label portion of a CMW Label */
#define BCLTOSL(l) ((bslabel_t *)&((_bclabel_impl_t *)(l))->_bcl_sl)
/* Retrieve the Information Label portion of a CMW Label */
#define BCLTOIL(l) ((_bilabel_impl_t *)&((_bclabel_impl_t *)(l))->_bcl_il)
/* Copy the Sensitivity Label portion from a CMW Label */
#define GETCSL(l1, l2) \
(*((_bslabel_impl_t *)(l1)) = ((_bclabel_impl_t *)(l2))->_bcl_sl)
/* Replace the Sensitivity Label portion of a CMW Label */
#define SETCSL(l1, l2) \
(((_bclabel_impl_t *)(l1))->_bcl_sl = *((_bslabel_impl_t *)(l2)))
/* Set type of this memory to the label type 't' */
#define SETBLTYPE(l, t) (((_bclabel_impl_t *)(l))->_bcl_sl.id = (t))
#define GETBLTYPE(l) (((const _bclabel_impl_t *)(l))->_bcl_sl.id)
#endif /* !_LABEL_MACRO_H */

30
lib/libspl/include/tsol/label.h
View File

@ -1,30 +0,0 @@
/*
* CDDL HEADER START
*
* The contents of this file are subject to the terms of the
* Common Development and Distribution License, Version 1.0 only
* (the "License"). You may not use this file except in compliance
* with the License.
*
* You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
* or http://www.opensolaris.org/os/licensing.
* See the License for the specific language governing permissions
* and limitations under the License.
*
* When distributing Covered Code, include this CDDL HEADER in each
* file and include the License file at usr/src/OPENSOLARIS.LICENSE.
* If applicable, add the following below this CDDL HEADER, with the
* fields enclosed by brackets "[]" replaced with your own identifying
* information: Portions Copyright [yyyy] [name of copyright owner]
*
* CDDL HEADER END
*/
/*
* Copyright 2006 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
*/
#ifndef _SOL_TSOL_LABEL_H
#define _SOL_TSOL_LABEL_H
#endif

33
lib/libspl/include/zone.h
View File

@ -31,7 +31,6 @@
#include <sys/types.h>
#include <sys/zone.h>
#include <sys/priv.h>
#include <tsol/label.h>
#ifdef __cplusplus
extern "C" {
@ -47,38 +46,6 @@ extern zoneid_t getzoneid(void);
extern zoneid_t getzoneidbyname(const char *);
extern ssize_t getzonenamebyid(zoneid_t, char *, size_t);
#if 0
/*
* NOTE
*
* The remaining contents of this file are private to the implementation
* of Solaris and are subject to change at any time without notice,
* Applications using these interfaces may fail to run on future releases.
*/
extern int zonept(int, zoneid_t);
extern int zone_get_id(const char *, zoneid_t *);
/* System call API */
extern zoneid_t zone_create(const char *, const char *,
const struct priv_set *, const char *, size_t, const char *, size_t, int *,
int, int, const bslabel_t *, int);
extern int zone_boot(zoneid_t);
extern int zone_destroy(zoneid_t);
extern ssize_t zone_getattr(zoneid_t, int, void *, size_t);
extern int zone_setattr(zoneid_t, int, void *, size_t);
extern int zone_enter(zoneid_t);
extern int zone_list(zoneid_t *, uint_t *);
extern int zone_shutdown(zoneid_t);
extern int zone_version(int *);
extern int zone_add_datalink(zoneid_t, char *);
extern int zone_remove_datalink(zoneid_t, char *);
extern int zone_check_datalink(zoneid_t *, char *);
extern int zone_list_datalink(zoneid_t, int *, char *);
#endif
#ifdef __cplusplus
}
#endif

313
lib/libspl/ltos.c
View File

@ -1,313 +0,0 @@
/*
* CDDL HEADER START
*
* The contents of this file are subject to the terms of the
* Common Development and Distribution License (the "License").
* You may not use this file except in compliance with the License.
*
* You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
* or http://www.opensolaris.org/os/licensing.
* See the License for the specific language governing permissions
* and limitations under the License.
*
* When distributing Covered Code, include this CDDL HEADER in each
* file and include the License file at usr/src/OPENSOLARIS.LICENSE.
* If applicable, add the following below this CDDL HEADER, with the
* fields enclosed by brackets "[]" replaced with your own identifying
* information: Portions Copyright [yyyy] [name of copyright owner]
*
* CDDL HEADER END
*/
/*
* Copyright 2009 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
*/
#include <errno.h>
#include <sys/types.h>
#include <sys/mman.h>
#include <sys/tsol/label_macro.h>
#include <sys/tsol/label.h>
#include "label.h"
#include "labeld.h"
#include <stdlib.h>
#include <string.h>
#include <ctype.h>
static _mac_label_impl_t low;
static _mac_label_impl_t high;
static int inited = 0;
#define freeit(a, l) free(a)
/* 0x + Classification + '-' + ll + '-' + Compartments + end of string */
#define _HEX_SIZE 2+(sizeof (Classification_t)*2)+4+\
(sizeof (Compartments_t)*2)+1
/* 0x + Classification + '-' + ll + '-' + end of string */
#define _MIN_HEX (2 + (sizeof (Classification_t)*2) + 4 + 1)
static char digits[] = "0123456789abcdef";
#define HEX(h, i, l, s) \
for (; i < s; /* */) {\
h[i++] = digits[(unsigned int)(*l >> 4)];\
h[i++] = digits[(unsigned int)(*l++&0xF)]; }
static int
__hex(char **s, const m_label_t *l)
{
char *hex;
int i = 0;
uchar_t *hl;
int hex_len;
uchar_t *len;
hl = (uchar_t *)&(((_mac_label_impl_t *)l)->_c_len);
len = hl;
if (*len == 0) {
/* old binary label */
hex_len = _HEX_SIZE;
} else {
hex_len = _MIN_HEX + (*len * sizeof (uint32_t) * 2);
}
if ((hex = malloc(hex_len)) == NULL) {
return (-1);
}
/* header */
hex[i++] = '0';
hex[i++] = 'x';
/* classification */
hl++; /* start at classification */
HEX(hex, i, hl, 6);
/* Add compartments length */
hex[i++] = '-';
HEX(hex, i, len, 9);
hex[i++] = '-';
/* compartments */
HEX(hex, i, hl, hex_len-1);
hex[i] = '\0';
/* truncate trailing zeros */
while (hex[i-1] == '0' && hex[i-2] == '0') {
i -= 2;
}
hex[i] = '\0';
if ((*s = strdup(hex)) == NULL) {
freeit(hex, hex_len);
return (-1);
}
freeit(hex, hex_len);
return (0);
}
int
l_to_str_internal(const m_label_t *l, char **s)
{
if (inited == 0) {
inited = 1;
_BSLLOW(&low);
_BSLHIGH(&high);
}
if (!(_MTYPE(l, SUN_MAC_ID) || _MTYPE(l, SUN_UCLR_ID))) {
errno = EINVAL;
*s = NULL;
return (-1);
}
if (_MEQUAL(&low, (_mac_label_impl_t *)l)) {
if ((*s = strdup(ADMIN_LOW)) == NULL) {
return (-1);
}
return (0);
}
if (_MEQUAL(&high, (_mac_label_impl_t *)l)) {
if ((*s = strdup(ADMIN_HIGH)) == NULL) {
return (-1);
}
return (0);
}
return (__hex(s, l));
}
/*
* label_to_str -- convert a label to the requested type of string.
*
* Entry l = label to convert;
* t = type of conversion;
* f = flags for conversion type;
*
* Exit *s = allocated converted string;
* Caller must call free() to free.
*
* Returns 0, success.
* -1, error, errno set; *s = NULL.
*
* Calls labeld
*/
int
label_to_str(const m_label_t *l, char **s, const m_label_str_t t, uint_t f)
{
labeld_data_t call;
labeld_data_t *callp = &call;
size_t bufsize = sizeof (labeld_data_t);
size_t datasize;
int err;
int string_start = 0;
if (inited == 0) {
inited = 1;
_BSLLOW(&low);
_BSLHIGH(&high);
}
#define lscall callp->param.acall.cargs.ls_arg
#define lsret callp->param.aret.rvals.ls_ret
switch (t) {
case M_LABEL:
call.callop = LTOS;
lscall.label = *l;
lscall.flags = f;
datasize = CALL_SIZE(ls_call_t, 0);
if ((err = __call_labeld(&callp, &bufsize, &datasize)) ==
SUCCESS) {
if (callp->reterr != 0) {
errno = EINVAL;
*s = NULL;
return (-1);
}
*s = strdup(lsret.buf);
if (callp != &call) {
/* release returned buffer */
(void) munmap((void *)callp, bufsize);
}
if (*s == NULL) {
return (-1);
}
return (0);
}
switch (err) {
case NOSERVER:
/* server not present */
/* special case admin_low and admin_high */
if (_MEQUAL(&low, (_mac_label_impl_t *)l)) {
if ((*s = strdup(ADMIN_LOW)) == NULL) {
return (-1);
}
return (0);
} else if (_MEQUAL(&high, (_mac_label_impl_t *)l)) {
if ((*s = strdup(ADMIN_HIGH)) == NULL) {
return (-1);
}
return (0);
}
errno = ENOTSUP;
break;
default:
errno = EINVAL;
break;
}
*s = NULL;
return (-1);
#undef lscall
#undef lsret
case M_INTERNAL: {
return (l_to_str_internal(l, s));
}
#define ccall callp->param.acall.cargs.color_arg
#define cret callp->param.aret.rvals.color_ret
case M_COLOR:
datasize = CALL_SIZE(color_call_t, 0);
call.callop = BLTOCOLOR;
ccall.label = *l;
if (__call_labeld(&callp, &bufsize, &datasize) == SUCCESS) {
if (callp->reterr != 0) {
errno = EINVAL;
*s = NULL;
return (-1);
}
*s = strdup(cret.color);
if (callp != &call) {
/* release returned buffer */
(void) munmap((void *)callp, bufsize);
}
if (*s == NULL) {
return (-1);
}
return (0);
} else {
errno = ENOTSUP;
*s = NULL;
return (-1);
}
#undef ccall
#undef cret
#define prcall callp->param.acall.cargs.pr_arg
#define prret callp->param.aret.rvals.pr_ret
case PRINTER_TOP_BOTTOM:
call.callop = PR_TOP;
break;
case PRINTER_LABEL:
call.callop = PR_LABEL;
break;
case PRINTER_CAVEATS:
call.callop = PR_CAVEATS;
string_start = 1; /* compensate for leading space */
break;
case PRINTER_CHANNELS:
call.callop = PR_CHANNELS;
string_start = 1; /* compensate for leading space */
break;
default:
errno = EINVAL;
*s = NULL;
return (-1);
}
/* do the common printer calls */
datasize = CALL_SIZE(pr_call_t, 0);
prcall.label = *l;
prcall.flags = f;
if (__call_labeld(&callp, &bufsize, &datasize) == SUCCESS) {
if (callp->reterr != 0) {
errno = EINVAL;
*s = NULL;
return (-1);
}
*s = strdup(&prret.buf[string_start]);
if (callp != &call) {
/* release returned buffer */
(void) munmap((void *)callp, bufsize);
}
if (*s == NULL) {
return (-1);
}
return (0);
} else {
errno = ENOTSUP;
*s = NULL;
return (-1);
}
#undef prcall
#undef prret
}

432
lib/libspl/stol.c
View File

@ -1,432 +0,0 @@
/*
* CDDL HEADER START
*
* The contents of this file are subject to the terms of the
* Common Development and Distribution License (the "License").
* You may not use this file except in compliance with the License.
*
* You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
* or http://www.opensolaris.org/os/licensing.
* See the License for the specific language governing permissions
* and limitations under the License.
*
* When distributing Covered Code, include this CDDL HEADER in each
* file and include the License file at usr/src/OPENSOLARIS.LICENSE.
* If applicable, add the following below this CDDL HEADER, with the
* fields enclosed by brackets "[]" replaced with your own identifying
* information: Portions Copyright [yyyy] [name of copyright owner]
*
* CDDL HEADER END
*/
/*
* Copyright 2009 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
*/
#include <errno.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <ctype.h>
#include <strings.h>
#include <sys/mman.h>
#include <sys/tsol/label_macro.h>
#include <sys/tsol/label.h>
#include <label.h>
#include <labeld.h>
#define IS_LOW(s) \
((strncasecmp(s, ADMIN_LOW, (sizeof (ADMIN_LOW) - 1)) == 0) && \
(s[sizeof (ADMIN_LOW) - 1] == '\0'))
#define IS_HIGH(s) \
((strncasecmp(s, ADMIN_HIGH, (sizeof (ADMIN_HIGH) - 1)) == 0) && \
(s[sizeof (ADMIN_HIGH) - 1] == '\0'))
#define IS_HEX(f, s) \
(((((f) == L_NO_CORRECTION)) || ((f) == L_DEFAULT)) && \
(((s)[0] == '0') && (((s)[1] == 'x') || ((s)[1] == 'X'))))
static boolean_t
unhex(const char **h, uchar_t *l, int len)
{
const char *hx = *h;
char ch;
uchar_t byte;
for (; len--; ) {
ch = *hx++;
if (!isxdigit(ch))
return (B_FALSE);
if (isdigit(ch))
byte = ch - '0';
else
byte = ch - (isupper(ch) ? 'A' - 10 : 'a' - 10);
byte <<= 4;
ch = *hx++;
if (!isxdigit(ch))
return (B_FALSE);
if (isdigit(ch))
byte |= ch - '0';
else
byte |= ch - (isupper(ch) ? 'A' - 10 : 'a' - 10);
*l++ = byte;
}
*h = hx;
return (B_TRUE);
}
/*
* Formats accepted:
* 0x + 4 class + 64 comps + end of string
* 0x + 4 class + '-' + ll + '-' + comps + end of string
* ll = number of words to fill out the entire comps field
* presumes trailing zero for comps
*
* So in the case of 256 comps (i.e., 8 compartment words):
* 0x0006-08-7ff3f
* 0x + Classification + Compartments + end of string
* 0[xX]hhh...
*/
static int
htol(const char *s, m_label_t *l)
{
const char *h = &s[2]; /* skip 0[xX] */
uchar_t *lp = (uchar_t *)&(((_mac_label_impl_t *)l)->_lclass);
size_t len = sizeof (_mac_label_impl_t) - 4;
int bytes;
/* unpack 16 bit signed classification */
if (!unhex(&h, lp, 2) || (LCLASS(l) < 0)) {
return (-1);
}
lp = (uchar_t *)&(((_mac_label_impl_t *)l)->_comps);
if (h[0] == '-' && h[3] == '-') {
uchar_t size;
/* length specified of internal text label */
h++; /* skip '-' */
if (!unhex(&h, &size, 1)) {
return (-1);
}
/* convert size from words to bytes */
if ((size * sizeof (uint32_t)) > len) {
/*
* internal label greater than will fit in current
* binary.
*/
return (-1);
}
bzero(lp, len);
h++; /* skip '-' */
}
bytes = strlen(h)/2;
if ((bytes > len) ||
(bytes*2 != strlen(h)) ||
!unhex(&h, lp, bytes)) {
return (-1);
}
return (0);
}
/*
* hexstr_to_label -- parse a string representing a hex label into a
* binary label. Only admin high/low and hex are
* accepted.
*
* Returns 0, success.
* -1, failure
*/
int
hexstr_to_label(const char *s, m_label_t *l)
{
uint_t f = L_DEFAULT;
/* translate hex, admin_low and admin_high */
if (IS_LOW(s)) {
_LOW_LABEL(l, SUN_MAC_ID);
return (0);
} else if (IS_HIGH(s)) {
_HIGH_LABEL(l, SUN_MAC_ID);
return (0);
} else if (IS_HEX(f, s)) {
_LOW_LABEL(l, SUN_MAC_ID);
if (htol(s, l) == 0)
return (0);
}
return (-1);
}
static int
convert_id(m_label_type_t t)
{
switch (t) {
case MAC_LABEL:
return (SUN_MAC_ID);
case USER_CLEAR:
return (SUN_UCLR_ID);
default:
return (-1);
}
}
/*
* str_to_label -- parse a string into the requested label type.
*
* Entry s = string to parse.
* l = label to create or modify.
* t = label type (MAC_LABEL, USER_CLEAR).
* f = flags
* L_DEFAULT,
* L_MODIFY_EXISTING, use the existing label as a basis for
* the parse string.
* L_NO_CORRECTION, s must be correct and full by the
* label_encoding rules.
* L_CHECK_AR, for non-hex s, MAC_LABEL, check the l_e AR
*
* Exit l = parsed label value.
* e = index into string of error.
* = M_BAD_STRING (-3 L_BAD_LABEL) or could be zero,
* indicates entire string,
* e = M_BAD_LABEL (-2 L_BAD_CLASSIFICATION), problems with l
* e = M_OUTSIDE_AR (-4 unrelated to L_BAD_* return values)
*
* Returns 0, success.
* -1, failure
* errno = ENOTSUP, the underlying label mechanism
* does not support label parsing.
* ENOMEM, unable to allocate memory for l.
* EINVAL, invalid argument, l != NULL or
* invalid label type for the underlying
* label mechanism.
*/
#define _M_GOOD_LABEL -1 /* gfi L_GOOD_LABEL */
int
str_to_label(const char *str, m_label_t **l, const m_label_type_t t, uint_t f,
int *e)
{
char *s = strdup(str);
char *st = s;
char *p;
labeld_data_t call;
labeld_data_t *callp = &call;
size_t bufsize = sizeof (labeld_data_t);
size_t datasize;
int err = M_BAD_LABEL;
int id = convert_id(t);
boolean_t new = B_FALSE;
uint_t lf = (f & ~L_CHECK_AR); /* because L_DEFAULT == 0 */
if (st == NULL) {
errno = ENOMEM;
return (-1);
}
if (*l == NULL) {
if ((*l = m_label_alloc(t)) == NULL) {
free(st);
return (-1);
}
if (id == -1) {
goto badlabel;
}
_LOW_LABEL(*l, id);
new = B_TRUE;
} else if (_MTYPE(*l, SUN_INVALID_ID) &&
((lf == L_NO_CORRECTION) || (lf == L_DEFAULT))) {
_LOW_LABEL(*l, id);
new = B_TRUE;
} else if (!(_MTYPE(*l, SUN_MAC_ID) || _MTYPE(*l, SUN_CLR_ID))) {
goto badlabel;
}
if (new == B_FALSE && id == -1) {
goto badlabel;
}
/* get to the beginning of the string to parse */
while (isspace(*s)) {
s++;
}
/* accept a leading '[' and trailing ']' for old times sake */
if (*s == '[') {
*s = ' ';
s++;
while (isspace(*s)) {
s++;
}
}
p = s;
while (*p != '\0' && *p != ']') {
p++;
}
/* strip trailing spaces */
while (p != s && isspace(*(p-1))) {
--p;
}
*p = '\0'; /* end of string */
/* translate hex, admin_low and admin_high */
id = _MGETTYPE(*l);
if (IS_LOW(s)) {
_LOW_LABEL(*l, id);
goto goodlabel;
} else if (IS_HIGH(s)) {
_HIGH_LABEL(*l, id);
goto goodlabel;
} else if (IS_HEX(lf, s)) {
if (htol(s, *l) != 0) {
/* whole string in error */
err = 0;
goto badlabel;
}
goto goodlabel;
}
#define slcall callp->param.acall.cargs.sl_arg
#define slret callp->param.aret.rvals.sl_ret
/* now try label server */
datasize = CALL_SIZE_STR(sl_call_t, strlen(st) + 1);
if (datasize > bufsize) {
if ((callp = malloc(datasize)) == NULL) {
free(st);
return (-1);
}
bufsize = datasize;
}
callp->callop = STOL;
slcall.label = **l;
slcall.flags = f;
if (new)
slcall.flags |= L_NEW_LABEL;
(void) strcpy(slcall.string, st);
/*
* callp->reterr = L_GOOD_LABEL (-1) == OK;
* L_BAD_CLASSIFICATION (-2) == bad input
* classification: class
* L_BAD_LABEL (-3) == either string or input label bad
* M_OUTSIDE_AR (-4) == resultant MAC_LABEL is out
* l_e accreditation range
* O'E == offset in string 0 == entire string.
*/
if (__call_labeld(&callp, &bufsize, &datasize) == SUCCESS) {
err = callp->reterr;
if (callp != &call) {
/* free allocated buffer */
free(callp);
}
switch (err) {
case _M_GOOD_LABEL: /* L_GOOD_LABEL */
**l = slret.label;
goto goodlabel;
case M_BAD_LABEL: /* L_BAD_CLASSIFICATION */
case M_BAD_STRING: /* L_BAD_LABEL */
default:
goto badlabel;
}
}
switch (callp->reterr) {
case NOSERVER:
errno = ENOTSUP;
break;
default:
errno = EINVAL;
break;
}
free(st);
return (-1);
badlabel:
errno = EINVAL;
free(st);
if (e != NULL)
*e = err;
return (-1);
goodlabel:
free(st);
return (0);
}
#undef slcall
#undef slret
/*
* m_label_alloc -- allocate a label structure
*
* Entry t = label type (MAC_LABEL, USER_CLEAR).
*
* Exit If error, NULL, errno set to ENOMEM
* Otherwise, pointer to m_label_t memory
*/
/* ARGUSED */
m_label_t *
m_label_alloc(const m_label_type_t t)
{
m_label_t *l;
switch (t) {
case MAC_LABEL:
case USER_CLEAR:
if ((l = malloc(sizeof (_mac_label_impl_t))) == NULL) {
return (NULL);
}
_MSETTYPE(l, SUN_INVALID_ID);
break;
default:
errno = EINVAL;
return (NULL);
}
return (l);
}
/*
* m_label_dup -- make a duplicate copy of the given label.
*
* Entry l = label to duplicate.
*
* Exit d = duplicate copy of l.
*
* Returns 0, success
* -1, if error.
* errno = ENOTSUP, the underlying label mechanism
* does not support label duplication.
* ENOMEM, unable to allocate memory for d.
* EINVAL, invalid argument, l == NULL or
* invalid label type for the underlying
* label mechanism.
*/
int
m_label_dup(m_label_t **d, const m_label_t *l)
{
if (d == NULL || *d != NULL) {
errno = EINVAL;
return (-1);
}
if ((*d = malloc(sizeof (_mac_label_impl_t))) == NULL) {
errno = ENOMEM;
return (-1);
}
(void) memcpy(*d, l, sizeof (_mac_label_impl_t));
return (0);
}
/*
* m_label_free -- free label structure
*
* Entry l = label to free.
*
* Exit memory freed.
*
*/
void
m_label_free(m_label_t *l)
{
if (l)
free(l);
}