test

Trusted Solaris Developer's Guide

Finding Binary Level Bounds

The next two examples find the greatest and lowest values between two variables of type blevel_t. These interfaces let you compare two levels to find the level that represents the greatest lower bound (blminimum(3TSOL) routine) or least upper bound (blmaximum(3TSOL) routine) bounded by the two levels. A level can be a sensitivity label or a clearance.

In the example, senslabel is ADMIN_LOW and plabel is Confidential. The code finds the greatest lower bound and least upper bound of the range created by these two levels. The first example finds the greater of the classifications and the greater of all the compartments of the two variables passed to the blmaximum() routine and puts that value into the first parameter. This operation is called finding the least upper bound because it finds the lowest level that dominates both the original parameter values passed to the routine. 

#include <tsol/label.h>

main()
{
	int retval, length = 0;
	char *string = (char *)0, *string1 = (char *)0;
	bslabel_t senslabel, plabel;
	bclabel_t pCMWlabel;

/* Initialize a label to ADMIN_LOW */
	bsllow(&senslabel);

/* Get process sensitivity label */
	retval = getcmwplabel(&pCMWlabel);
	getcsl(&plabel, &pCMWlabel);

	blmaximum(&senslabel, &plabel);
	retval = bsltos(&senslabel, &string, length, LONG_WORDS);
	printf("Maximum = %s\n", string);

The printf statements print the following where Confidential is the lowest level that dominates Confidential and ADMIN_LOW.

Maximum = CONFIDENTIAL

This part of the example finds the lower of the classifications and the lower of only those compartments contained in both parameters passed to the blminimum() routine, and puts that value into the first parameter. This operation is called finding greatest lower bound because it finds the greatest level dominated by both of the original parameter values passed to the routine. 

	bsllow(&senslabel);

	blminimum(&senslabel, &plabel);
	retval = bsltos(&senslabel, &string1, length, LONG_WORDS);
	printf("Minimum = %s\n", string1);
}

The printf statements print the following where ADMIN_LOW is the highest level dominated by ADMIN_LOW and Confidential.


Minimum = ADMIN_LOW