[linux.git] / security / selinux / ss / context.h

/* SPDX-License-Identifier: GPL-2.0 */
/*
 * A security context is a set of security attributes
 * associated with each subject and object controlled
 * by the security policy.  Security contexts are
  * externally represented as variable-length strings
 * that can be interpreted by a user or application
 * with an understanding of the security policy.
 * Internally, the security server uses a simple
 * structure.  This structure is private to the
 * security server and can be changed without affecting
 * clients of the security server.
 *
 * Author : Stephen Smalley, <[email protected]>
 */

#ifndef _SS_CONTEXT_H_
#define _SS_CONTEXT_H_

#include "ebitmap.h"
#include "mls_types.h"
#include "security.h"

/*
 * A security context consists of an authenticated user
 * identity, a role, a type and a MLS range.
 */
struct context {
	u32 user;
	u32 role;
	u32 type;
	u32 len; /* length of string in bytes */
	struct mls_range range;
	char *str; /* string representation if context cannot be mapped. */
};

static inline void mls_context_init(struct context *c)
{
	memset(&c->range, 0, sizeof(c->range));
}

static inline int mls_context_cpy(struct context *dst,
				  const struct context *src)
{
	int rc;

	dst->range.level[0].sens = src->range.level[0].sens;
	rc = ebitmap_cpy(&dst->range.level[0].cat, &src->range.level[0].cat);
	if (rc)
		goto out;

	dst->range.level[1].sens = src->range.level[1].sens;
	rc = ebitmap_cpy(&dst->range.level[1].cat, &src->range.level[1].cat);
	if (rc)
		ebitmap_destroy(&dst->range.level[0].cat);
out:
	return rc;
}

/*
 * Sets both levels in the MLS range of 'dst' to the low level of 'src'.
 */
static inline int mls_context_cpy_low(struct context *dst,
				      const struct context *src)
{
	int rc;

	dst->range.level[0].sens = src->range.level[0].sens;
	rc = ebitmap_cpy(&dst->range.level[0].cat, &src->range.level[0].cat);
	if (rc)
		goto out;

	dst->range.level[1].sens = src->range.level[0].sens;
	rc = ebitmap_cpy(&dst->range.level[1].cat, &src->range.level[0].cat);
	if (rc)
		ebitmap_destroy(&dst->range.level[0].cat);
out:
	return rc;
}

/*
 * Sets both levels in the MLS range of 'dst' to the high level of 'src'.
 */
static inline int mls_context_cpy_high(struct context *dst,
				       const struct context *src)
{
	int rc;

	dst->range.level[0].sens = src->range.level[1].sens;
	rc = ebitmap_cpy(&dst->range.level[0].cat, &src->range.level[1].cat);
	if (rc)
		goto out;

	dst->range.level[1].sens = src->range.level[1].sens;
	rc = ebitmap_cpy(&dst->range.level[1].cat, &src->range.level[1].cat);
	if (rc)
		ebitmap_destroy(&dst->range.level[0].cat);
out:
	return rc;
}

static inline int mls_context_glblub(struct context *dst,
				     const struct context *c1,
				     const struct context *c2)
{
	struct mls_range *dr = &dst->range;
	const struct mls_range *r1 = &c1->range, *r2 = &c2->range;
	int rc = 0;

	if (r1->level[1].sens < r2->level[0].sens ||
	    r2->level[1].sens < r1->level[0].sens)
		/* These ranges have no common sensitivities */
		return -EINVAL;

	/* Take the greatest of the low */
	dr->level[0].sens = max(r1->level[0].sens, r2->level[0].sens);

	/* Take the least of the high */
	dr->level[1].sens = min(r1->level[1].sens, r2->level[1].sens);

	rc = ebitmap_and(&dr->level[0].cat, &r1->level[0].cat,
			 &r2->level[0].cat);
	if (rc)
		goto out;

	rc = ebitmap_and(&dr->level[1].cat, &r1->level[1].cat,
			 &r2->level[1].cat);
	if (rc)
		goto out;

out:
	return rc;
}

static inline bool mls_context_equal(const struct context *c1,
				     const struct context *c2)
{
	return ((c1->range.level[0].sens == c2->range.level[0].sens) &&
		ebitmap_equal(&c1->range.level[0].cat, &c2->range.level[0].cat) &&
		(c1->range.level[1].sens == c2->range.level[1].sens) &&
		ebitmap_equal(&c1->range.level[1].cat, &c2->range.level[1].cat));
}

static inline void mls_context_destroy(struct context *c)
{
	ebitmap_destroy(&c->range.level[0].cat);
	ebitmap_destroy(&c->range.level[1].cat);
	mls_context_init(c);
}

static inline void context_init(struct context *c)
{
	memset(c, 0, sizeof(*c));
}

static inline int context_cpy(struct context *dst, const struct context *src)
{
	int rc;

	dst->user = src->user;
	dst->role = src->role;
	dst->type = src->type;
	if (src->str) {
		dst->str = kstrdup(src->str, GFP_ATOMIC);
		if (!dst->str)
			return -ENOMEM;
		dst->len = src->len;
	} else {
		dst->str = NULL;
		dst->len = 0;
	}
	rc = mls_context_cpy(dst, src);
	if (rc) {
		kfree(dst->str);
		dst->str = NULL;
		dst->len = 0;
		return rc;
	}
	return 0;
}

static inline void context_destroy(struct context *c)
{
	c->user = c->role = c->type = 0;
	kfree(c->str);
	c->str = NULL;
	c->len = 0;
	mls_context_destroy(c);
}

static inline bool context_equal(const struct context *c1,
				 const struct context *c2)
{
	if (c1->len && c2->len)
		return (c1->len == c2->len && !strcmp(c1->str, c2->str));
	if (c1->len || c2->len)
		return 0;
	return ((c1->user == c2->user) && (c1->role == c2->role) &&
		(c1->type == c2->type) && mls_context_equal(c1, c2));
}

u32 context_compute_hash(const struct context *c);

#endif /* _SS_CONTEXT_H_ */
Commit	Line	Data
b2441318	1	/* SPDX-License-Identifier: GPL-2.0 */
1da177e4 LT	2	/*
	3	* A security context is a set of security attributes
	4	* associated with each subject and object controlled
	5	* by the security policy. Security contexts are
	6	* externally represented as variable-length strings
	7	* that can be interpreted by a user or application
	8	* with an understanding of the security policy.
	9	* Internally, the security server uses a simple
	10	* structure. This structure is private to the
	11	* security server and can be changed without affecting
	12	* clients of the security server.
	13	*
0fe53224	14	* Author : Stephen Smalley, <[email protected]>
1da177e4	15	*/
b27e564c	16
1da177e4 LT	17	#ifndef _SS_CONTEXT_H_
	18	#define _SS_CONTEXT_H_
	19
	20	#include "ebitmap.h"
	21	#include "mls_types.h"
	22	#include "security.h"
	23
	24	/*
	25	* A security context consists of an authenticated user
	26	* identity, a role, a type and a MLS range.
	27	*/
	28	struct context {
	29	u32 user;
	30	u32 role;
	31	u32 type;
b27e564c	32	u32 len; /* length of string in bytes */
1da177e4	33	struct mls_range range;
b27e564c	34	char str; / string representation if context cannot be mapped. */
1da177e4 LT	35	};
	36
	37	static inline void mls_context_init(struct context *c)
	38	{
	39	memset(&c->range, 0, sizeof(c->range));
	40	}
	41
b27e564c PM	42	static inline int mls_context_cpy(struct context *dst,
b27e564c PM	43	const struct context *src)
1da177e4 LT	44	{
	45	int rc;
	46
1da177e4 LT	47	dst->range.level[0].sens = src->range.level[0].sens;
	48	rc = ebitmap_cpy(&dst->range.level[0].cat, &src->range.level[0].cat);
	49	if (rc)
	50	goto out;
	51
	52	dst->range.level[1].sens = src->range.level[1].sens;
	53	rc = ebitmap_cpy(&dst->range.level[1].cat, &src->range.level[1].cat);
	54	if (rc)
	55	ebitmap_destroy(&dst->range.level[0].cat);
	56	out:
	57	return rc;
	58	}
	59
0efc61ea VY	60	/*
	61	* Sets both levels in the MLS range of 'dst' to the low level of 'src'.
	62	*/
b27e564c PM	63	static inline int mls_context_cpy_low(struct context *dst,
b27e564c PM	64	const struct context *src)
0efc61ea VY	65	{
	66	int rc;
	67
0efc61ea VY	68	dst->range.level[0].sens = src->range.level[0].sens;
	69	rc = ebitmap_cpy(&dst->range.level[0].cat, &src->range.level[0].cat);
	70	if (rc)
	71	goto out;
	72
	73	dst->range.level[1].sens = src->range.level[0].sens;
	74	rc = ebitmap_cpy(&dst->range.level[1].cat, &src->range.level[0].cat);
	75	if (rc)
	76	ebitmap_destroy(&dst->range.level[0].cat);
	77	out:
	78	return rc;
	79	}
	80
aa893269 EP	81	/*
	82	* Sets both levels in the MLS range of 'dst' to the high level of 'src'.
	83	*/
b27e564c PM	84	static inline int mls_context_cpy_high(struct context *dst,
b27e564c PM	85	const struct context *src)
aa893269 EP	86	{
	87	int rc;
	88
	89	dst->range.level[0].sens = src->range.level[1].sens;
	90	rc = ebitmap_cpy(&dst->range.level[0].cat, &src->range.level[1].cat);
	91	if (rc)
	92	goto out;
	93
	94	dst->range.level[1].sens = src->range.level[1].sens;
	95	rc = ebitmap_cpy(&dst->range.level[1].cat, &src->range.level[1].cat);
	96	if (rc)
	97	ebitmap_destroy(&dst->range.level[0].cat);
	98	out:
	99	return rc;
	100	}
	101
42345b68	102	static inline int mls_context_glblub(struct context *dst,
b27e564c PM	103	const struct context *c1,
b27e564c PM	104	const struct context *c2)
42345b68	105	{
6354324d CG	106	struct mls_range *dr = &dst->range;
6354324d CG	107	const struct mls_range r1 = &c1->range, r2 = &c2->range;
42345b68 JB	108	int rc = 0;
	109
	110	if (r1->level[1].sens < r2->level[0].sens \|\|
	111	r2->level[1].sens < r1->level[0].sens)
	112	/* These ranges have no common sensitivities */
	113	return -EINVAL;
	114
	115	/* Take the greatest of the low */
	116	dr->level[0].sens = max(r1->level[0].sens, r2->level[0].sens);
	117
	118	/* Take the least of the high */
	119	dr->level[1].sens = min(r1->level[1].sens, r2->level[1].sens);
	120
b27e564c PM	121	rc = ebitmap_and(&dr->level[0].cat, &r1->level[0].cat,
b27e564c PM	122	&r2->level[0].cat);
42345b68 JB	123	if (rc)
	124	goto out;
	125
b27e564c PM	126	rc = ebitmap_and(&dr->level[1].cat, &r1->level[1].cat,
b27e564c PM	127	&r2->level[1].cat);
42345b68 JB	128	if (rc)
	129	goto out;
	130
	131	out:
	132	return rc;
	133	}
	134
83e7e18e CG	135	static inline bool mls_context_equal(const struct context *c1,
83e7e18e CG	136	const struct context *c2)
1da177e4	137	{
1da177e4	138	return ((c1->range.level[0].sens == c2->range.level[0].sens) &&
83e7e18e	139	ebitmap_equal(&c1->range.level[0].cat, &c2->range.level[0].cat) &&
1da177e4	140	(c1->range.level[1].sens == c2->range.level[1].sens) &&
83e7e18e	141	ebitmap_equal(&c1->range.level[1].cat, &c2->range.level[1].cat));
1da177e4 LT	142	}
	143
	144	static inline void mls_context_destroy(struct context *c)
	145	{
1da177e4 LT	146	ebitmap_destroy(&c->range.level[0].cat);
	147	ebitmap_destroy(&c->range.level[1].cat);
	148	mls_context_init(c);
	149	}
	150
	151	static inline void context_init(struct context *c)
	152	{
	153	memset(c, 0, sizeof(*c));
	154	}
	155
6354324d	156	static inline int context_cpy(struct context dst, const struct context src)
1da177e4	157	{
12b29f34 SS	158	int rc;
12b29f34 SS	159
1da177e4 LT	160	dst->user = src->user;
	161	dst->role = src->role;
	162	dst->type = src->type;
12b29f34 SS	163	if (src->str) {
	164	dst->str = kstrdup(src->str, GFP_ATOMIC);
	165	if (!dst->str)
	166	return -ENOMEM;
	167	dst->len = src->len;
	168	} else {
	169	dst->str = NULL;
	170	dst->len = 0;
	171	}
	172	rc = mls_context_cpy(dst, src);
	173	if (rc) {
	174	kfree(dst->str);
53f3517a	175	dst->str = NULL;
ed99135f	176	dst->len = 0;
12b29f34 SS	177	return rc;
	178	}
	179	return 0;
1da177e4 LT	180	}
	181
	182	static inline void context_destroy(struct context *c)
	183	{
225621c9	184	c->user = c->role = c->type = 0;
12b29f34 SS	185	kfree(c->str);
	186	c->str = NULL;
	187	c->len = 0;
1da177e4 LT	188	mls_context_destroy(c);
	189	}
	190
83e7e18e CG	191	static inline bool context_equal(const struct context *c1,
83e7e18e CG	192	const struct context *c2)
1da177e4	193	{
12b29f34 SS	194	if (c1->len && c2->len)
	195	return (c1->len == c2->len && !strcmp(c1->str, c2->str));
	196	if (c1->len \|\| c2->len)
	197	return 0;
b27e564c	198	return ((c1->user == c2->user) && (c1->role == c2->role) &&
83e7e18e	199	(c1->type == c2->type) && mls_context_equal(c1, c2));
1da177e4 LT	200	}
1da177e4 LT	201
50077289 OM	202	u32 context_compute_hash(const struct context *c);
50077289 OM	203
b27e564c	204	#endif /* _SS_CONTEXT_H_ */