JavaScript is required to for searching.
Skip Navigation Links
Exit Print View
Solaris Trusted Extensions Reference Manual
Oracle Technology Network
Library
PDF
Print View
Feedback
search filter icon
search icon

Document Information

Preface

Introduction

User Commands

System Administration Commands

System Calls

Trusted Extensions Library

bcleartoh(3TSOL)

bcleartoh_r(3TSOL)

bcleartos(3TSOL)

blcompare(3TSOL)

bldominates(3TSOL)

blequal(3TSOL)

blinrange(3TSOL)

blmaximum(3TSOL)

blminimum(3TSOL)

blminmax(3TSOL)

blstrictdom(3TSOL)

bltocolor(3TSOL)

bltocolor_r(3TSOL)

bltos(3TSOL)

bsltoh(3TSOL)

bsltoh_r(3TSOL)

bsltos(3TSOL)

btohex(3TSOL)

getdevicerange(3TSOL)

getpathbylabel(3TSOL)

getplabel(3TSOL)

getuserrange(3TSOL)

getzoneidbylabel(3TSOL)

getzonelabelbyid(3TSOL)

getzonelabelbyname(3TSOL)

getzonerootbyid(3TSOL)

getzonerootbylabel(3TSOL)

getzonerootbyname(3TSOL)

h_alloc(3TSOL)

hextob(3TSOL)

h_free(3TSOL)

htobclear(3TSOL)

htobsl(3TSOL)

labelbuilder(3TSOL)

labelclipping(3TSOL)

label_to_str(3TSOL)

m_label(3TSOL)

m_label_alloc(3TSOL)

m_label_dup(3TSOL)

m_label_free(3TSOL)

sbcleartos(3TSOL)

sbltos(3TSOL)

sbsltos(3TSOL)

setflabel(3TSOL)

stobclear(3TSOL)

stobl(3TSOL)

stobsl(3TSOL)

str_to_label(3TSOL)

tsol_getrhtype(3TSOL)

tsol_lbuild_create(3TSOL)

tsol_lbuild_destroy(3TSOL)

tsol_lbuild_get(3TSOL)

tsol_lbuild_set(3TSOL)

Xbcleartos(3TSOL)

Xbsltos(3TSOL)

X Library Extensions

File Formats

Standards, Environments, and Macros

Index

bltos

, bsltos

, bcleartos

- translate binary labels to character coded labels

Synopsis

cc [flag...] file... -ltsol [library...]
#include <tsol/label.h>

int bsltos(const m_label_t *label, char **string, const int str_len, const int flags);
int bcleartos(const m_label_t *label, char **string, const int str_len, const int flags);

Interface Level

The bsltos() and bcleartos() functions are obsolete. Use the label_to_str(3TSOL) function instead.

Description

The calling process must have PRIV_SYS_TRANS_LABEL in its set of effective privileges to perform label translation on labels that dominate the current process' sensitivity label.

These routines translate binary labels into strings controlled by the value of the flags parameter.

The generic form of an output character-coded label is:

CLASSIFICATION WORD1 WORD2 WORD3/WORD4 SUFFIX PREFIX WORD5/WORD6

Capital letters are used to display all CLASSIFICATION names and WORDs. The ` ' (space) character separates classifications and words from other words in all character-coded labels except where multiple words that require the same PREFIX or SUFFIX are present, in which case the multiple words are separated from each other by the `/' (slash) character.

string can point to either a pointer to pre-allocated memory, or the value (char *)0. If string points to a pointer to pre-allocated memory, then str_len indicates the size of that memory. If string points to the value (char *)0, memory is allocated using malloc() to contain the translated character-coded labels. The translated label is copied into allocated or pre-allocated memory.

flags is 0 (zero), or the logical sum of the following:

LONG_WORDS

Translate using long names of words defined in label.

SHORT_WORDS

Translate using short names of words defined in label. If no short name is defined in the label_encodings file for a word, the long name is used.

LONG_CLASSIFICATION

Translate using long name of classification defined in label.

SHORT_CLASSIFICATION

Translate using short name of classification defined in label.

ACCESS_RELATED

Translate only access-related entries defined in information label label.

VIEW_EXTERNAL

Translate ADMIN_LOW and ADMIN_HIGH labels to the lowest and highest labels defined in the label_encodings file.

VIEW_INTERNAL

Translate ADMIN_LOW and ADMIN_HIGH labels to the admin low name and admin high name strings specified in the label_encodings file. If no strings are specified, the strings “ADMIN_LOW” and “ADMIN_HIGH” are used.

NO_CLASSIFICATION

Do not translate classification defined in label.

bsltos() translates a binary sensitivity label into a string. The applicable flags are LONG_CLASSIFICATION or SHORT_CLASSIFICATION, LONG_WORDS or SHORT_WORDS, VIEW_EXTERNAL or VIEW_INTERNAL, and NO_CLASSIFICATION. A flags value 0 is equivalent to (SHORT_CLASSIFICATION | LONG_WORDS).

bcleartos() translates a binary clearance into a string. The applicable flags are LONG_CLASSIFICATION or SHORT_CLASSIFICATION, LONG_WORDS or SHORT_WORDS, VIEW_EXTERNAL or VIEW_INTERNAL, and NO_CLASSIFICATION. A flags value 0 is equivalent to (SHORT_CLASSIFICATION | LONG_WORDS). The translation of a clearance might not be the same as the translation of a sensitivity label. These functions use different label_encodings file tables that might contain different words and constraints.

Return Values

These routines return:

-1

If the label is not of the valid defined required type, if the label is not dominated by the process sensitivity label and the process does not have PRIV_SYS_TRANS_LABEL in its set of effective privileges, or the label_encodings file is inaccessible.

0

If memory cannot be allocated for the return string, or the pre-allocated return string memory is insufficient to hold the string. The value of the pre-allocated string is set to the NULL string (*string[0]='\\00';).

>0

If successful, the length of the character-coded label including the NULL terminator.

PROCESS ATTRIBUTES

If the VIEW_EXTERNAL or VIEW_INTERNAL flags are not specified, translation of ADMIN_LOW and ADMIN_HIGH labels is controlled by the label view process attribute flags. If no label view process attribute flags are defined, their translation is controlled by the label view configured in the label_encodings file. A value of External specifies that ADMIN_LOW and ADMIN_HIGH labels are mapped to the lowest and highest labels defined in the label_encodings file. A value of Internal specifies that the ADMIN_LOW and ADMIN_HIGH labels are translated to the admin low and admin high name strings specified in the label_encodings file. If no such names are specified, the strings “ADMIN_LOW” and “ADMIN_HIGH” are used.

Files

/etc/security/tsol/label_encodings

The label encodings file contains the classification names, words, constraints, and values for the defined labels of this system.

Attributes

See attributes(5) for descriptions of the following attributes:

ATTRIBUTE TYPE
ATTRIBUTE VALUE
Availability
SUNWtsu
Stability
Obsolete
MT-Level
MT-Safe with exceptions

See Also

free(3C), malloc(3C), label_to_str(3TSOL), label_encodings(4), attributes(5)

Notes

These functions are obsolete and retained for ease of porting. They might be removed in a future Solaris Trusted Extensions release.

If memory is allocated by these routines, the caller must free the memory with free() when the memory is no longer in use.

Copyright © 2007, Oracle and/or its affiliates. All rights reserved. Legal Notices
Previous Next