Process Clearance Operations
A program must get its process clearance before it can perform an operation on the clearance. This short program gets the process clearance of the calling process.
#include <tsol/label.h>
main()
{
int retval;
bclear_t pclear;
retval = getclearance(&pclear);
printf("Retval = %d\n", retval);
}
The printf statement prints the following:
Retval = 0 |
Set Process Clearance
The process needs the proc_setclr privilege to set the process clearance to another value if the new value is not equal to the sensitivity label portion of the process's own CMW label. A new process clearance is set with the setclearance(2) system call. This example initializes a clearance structure to ADMIN_HIGH and passes it to the setclearance(2) system call.
#include <tsol/label.h>
main()
{
int retval;
bclear_t hiclear, undef, loclear;
bclearhigh(&hiclear);
/* Turn proc_setclr on in the effective set */
retval = setclearance(&hiclear);
/* Turn off the proc_setclr privilege */
printf("Retval = %d\n", retval);
}
The printf(1) statement prints the following:
Retval = 0 |
Initialize Clearance Structure
A clearance can be initialized to ADMIN_LOW or ADMIN_HIGH and have its type checked. This example initializes undef to undefined (similar to NULL) and loclear to ADMIN_LOW. It then checks the type on loclear, sets the type to undefined, and checks it again. A clearance is undefined when its ID field is initialized to SUN_CLR_UN. An undefined clearance is invalid. A clearance is defined when the ID field in the label structure is initialized to SUN_CLR_ID.
#include <tsol/label.h>
main()
{
int retval;
bclear_t loclear, undef;
bclearlow(&loclear);
bclearundef(&undef);
retval = bltype(&loclear, SUN_CLR_ID);
printf("Is clearance defined? %d\n", retval);
setbltype(&loclear, SUN_CLR_UN);
retval = bltype(&loclear, SUN_CLR_ID);
printf("Is clearance defined? %d\n", retval);
}
The printf(1) statement prints the following where non-zero is True and 0 is False.
Is clearance defined? 1 Is clearance defined? 0 |
Find Relationships Between Two Levels
A level is a classification and set of compartments for a sensitivity label, information label, or clearance; and is represented by the blevel_t data type. Two levels can be equal, one can dominate the other, or one can strictly dominate the other.
-
Equal - One level is equal to another when its classification is arithmetically equal to the other's classification (by means of its place in the classifications hierarchy), and its compartments contain all the other's compartments and no additional compartments.
-
Dominates - One level dominates another when its classification is arithmetically greater than or equal to the other's (by means of its place in the classifications hierarchy), and its compartments contain all the other's compartments.
-
Strictly dominates - Level one is said to strictly dominate level two when level one dominates level two, but is not equal to level two.
This example checks the process clearance against the sensitivity label portion of a file CMW label to find their relationship (equal, dominate, or strictly dominate). The process clearance is TOP SECRET A B, the sensitivity label portion of the file CMW label is Confidential.
#include <tsol/label.h>
main()
{
int retval;
bclear_t pclear;
bclabel_t cmwlabel;
bslabel_t senslabel;
retval = getclearance(&pclear);
retval = getcmwlabel("/export/home/zelda/afile", &cmwlabel);
getcsl(&senslabel, &cmwlabel);
retval = blequal(&pclear, &senslabel);
printf("Clearance equals sensitivity label? %d\n", retval);
retval = bldominates(&pclear, &senslabel);
printf("Clearance dominates sensitivity label? %d\n", retval);
retval = blstrictdom(&pclear, &senslabel);
printf("Clearance strictly dominates sensitivity label? %d\n", retval);
}
The printf(1) statements print the following. Non-zero is True and 0 is False:
Clearance equals sensitivity label? 0 Clearance dominates sensitivity label? 1 Clearance strictly dominates sensitivity label? 1 |
Find Greatest Level and Lowest Level
The next example finds the greatest and lowest values between two variables of type blevel_t. These interfaces let you compare two levels to find the level that represents the greatest lower bound (with the blminimum(3TSOL) routine) or least upper bound (with the blmaximum(3TSOL) routine) bounded by the two levels. A level can be a sensitivity label or clearance.
The example code finds the greatest lower bound and least upper bound of the range created by a process clearance of TS A B and a sensitivity label of ADMIN_LOW. The process runs at Confidential.
The first part of the example finds the greater of the classifications and the greater of all the compartments of the two levels and puts that value into the first parameter. This operation is called finding the least upper bound because it finds the lowest level that dominates both original parameter values passed.
The process sensitivity level does not dominate the process clearance so the process needs the sys_trans_label privilege for the translation. The code comments indicate where privilege bracketing as described in Chapter 3, Privileges should take place.
#include <tsol/label.h>
#include <tsol/priv.h>
main()
{
int retval, length = 0;
char *string = (char *)0, *string1 = (char *)0;
bclear_t clear;
bslabel_t senslabel;
bsllow(&senslabel;);
retval = getclearance(&clear;);
blmaximum(&senslabel;, &clear;);
/* Turn the sys_trans_label privilege on in the effective set */
set_effective_priv(PRIV_ON, 1, PRIV_SYS_TRANS_LABEL);
retval = bsltos(&senslabel;, &string;, length, LONG_WORDS);
printf("Maximum = %s\n", string);
The printf statements print the following where TS ABLE BAKER is the lowest level that dominates TS A B and ADMIN_LOW.
Maximum = TS A B |
The second part of the example finds the lower of the classifications and only those compartments contained in both parameters, and puts that value in the first parameter. This operation finds the greatest lower bound because it finds the greatest level dominated by both original parameter values passed.
bsllow(&senslabel;);
blminimum(&senslabel;, &clear;);
retval = bsltos(&senslabel;, &string1;, length, LONG_WORDS);
printf("Minimum = %s\n", string1);
/* Turn sys_trans_label off */
set_effective_priv(PRIV_OFF, 1, PRIV_SYS_TRANS_LABEL);
}
The printf statements print the following where ADMIN_LOW is the highest level that is dominated by TS A B and ADMIN_LOW.
Minimum = ADMIN_LOW |
Valid Clearance
A valid clearance is a clearance defined in the label_encodings(4) file. Call the bclearvalid(3TSOL) routine to check if a clearance is valid. The process running at TS A B equals the clearance and needs no privilege for this operation.
#include <tsol/label.h>
main()
{
int retval, error;
bclear_t bclear;
char *string = "TS ABLE BAKER";
retval = stobclear(string, &bclear, NEW_LABEL, &error);
retval = bclearvalid(&bclear);
printf("Return value = %d\n", retval);
}
The printf statement prints the following where 1 means the clearance is valid; -1 means the label_encodings file is inaccessible; and 0 means the label is not valid or the process sensitivity label does not dominate the clearance and the sys_trans_label privilege is not effective:
Return value = 1 |
Translating Process Clearances
Clearances (like labels) can be represented in binary, text, or hexadecimal. Within the kernel all clearances are stored in binary form, and binary is the form used for clearances passed to and received from programming interfaces.
-
Binary Clearances - Classifications are stored as an integer and compartments are stored as bit vectors using 0's and 1's.
-
Text Clearance - Human-readable clearances that display classifications, and compartments using the names defined in the label_encodings(4) file.
-
Hexadecimal Clearances - The text representation of the hexadecimal number that represents the same bit pattern as the corresponding binary clearance. The clearance has text characters but does not reveal the classification or compartment names. A process can store a clearance in text when it will be read by processes at arbitrary clearances.
Binary and Text
This example translate a binary clearance to text using long words. The process running at TS A B equals the clearance and needs no privilege.
Note -
The text input and output formats, rules, and flags are presented in "Binary and Text Label Translation".
#include <tsol/label.h>
main()
{
int retval, length = 0;
bclear_t pclear;
char *string = (char *)0;
retval = getclearance(&pclear);
retval = bcleartos(&pclear, &string, length, LONG_WORDS);
printf("Process clearance = %s\n", string);
}
The printf(1) statement prints the following:
Process clearance = TS ABLE BAKER |
This example clips the process label to five characters. The clipping occurs when the number of characters in pclear is greater than the specified length.
#include <tsol/label.h>
main()
{
int retval;
bclear_t pclear;
char *string = (char *)0;
retval = getclearance(&pclear);
string = sbcleartos(&pclear, 5);
printf("Clipped process clearance = %s\n", string);
}
The printf statement prints the following. The left arrow is a clipped indicator to show the name has been clipped. The number of characters to which the name is clipped includes two characters for the clipped indicator.
Clipped process clearance = TS<- |
This example translates a text string to a binary clearance.
#include <tsol/label.h>
main()
{
int retval, error;
bclear_t bclear;
char *labelstring = "TS ABLE BAKER";
retval = stobclear(labelstring, &bclear, NEW_LABEL, &error);
if (retval == 0)
printf("Error = %d\n", error);
else
printf("Retval = %d\n", retval);
}
The printf(1) statement prints the following:
Retval = 1 |
Binary and Hexadecimal
There are two types of binary to hexadecimal routines: regular and reentrant. Both types of routines return a pointer to a string that contains the result of the translation or NULL if the clearance passed in is not type bclear_t.
Regular
This example translates the binary process clearance to hexadecimal and back.
#include <tsol/label.h>
main()
{
int retval;
bclear_t hclear;
char *string ;
retval = getclearance(&hclear);
if((string = bcleartoh(&hclear)) != 0)
printf("Hex string = %s\n", string);
retval = htobclear(string, &hclear);
printf("Return Value = %d\n", retval);
}
The first printf statement prints the binary clearance in the following hexadecimal format:
Hex string = 0xClearance hexadecimal value |
The second printf statement prints the following where non-zero indicates a successful translation:
Return Value = 1 |
Reentrant
The reentrant (MT-SAFE) routine bcleartoh_r(3TSOL) requires the allocation and freeing of memory for the value returned. The h_alloc(3TSOL) routine is used to allocate this memory, sizing it appropriately for the type of label (in this case hexadecimal) to be converted.
type where type is a hexadecimal value that indicates that a defined clearance (SUN_CLR_ID) is translated to hexadecimal.
This example allocates memory for the translation type, translates the binary process clearance to hexadecimal, and frees the memory at the end.
#include <tsol/label.h>
main()
{
bclear_t hclear;
char *string, *hex;
getclearance(&hclear);
hex = h_alloc(SUN_CLR_ID);
if((string = bcleartoh_r(&hclear, hex)) != 0);
printf("Hex string = %s\n", string);
h_free(hex);
}
The printf statement prints the binary clearance in the following hexadecimal format:
Hex string = 0x0006cc0000000000000000000000000000000000000 000000003ffffffffffff0000 |
- © 2010, Oracle Corporation and/or its affiliates