bltos(3TSOL)
NAME | SYNOPSIS | DESCRIPTION | RETURN VALUES | PROCESS ATTRIBUTES | FILES | ATTRIBUTES | SEE ALSO | NOTES
NAME
- bltos, bcltos, bsltos, bcleartos- translate binary labels to character coded labels
SYNOPSIS
-
cc [flag...] file ... -ltsol [library...]
#include <tsol/label.h>int bltos(const blevel_t *label, char **string, const int str_len, const int flags);
int bcltos(const bclabel_t *label, char **string, const int str_len, const int flags);
int bsltos(const bslabel_t *label, char **string, const int str_len, const int flags);
int bcleartos(const bclear_t *label, char **string, const int str_len, const int flags);
DESCRIPTION
- LONG_WORDS
-
Translate using long names of words defined in label.
- SHORT_WORDS
-
Translate using short names of words defined in label. If no short name is defined in the label_encodings file for a word, the long name is used.
- LONG_CLASSIFICATION
-
Translate using long name of classification defined in label.
- SHORT_CLASSIFICATION
-
Translate using short name of classification defined in label.
- ACCESS_RELATED
-
Translate only access-related entries defined in information label label.
- VIEW_EXTERNAL
-
Translate
ADMIN_LOWandADMIN_HIGHlabels to the lowest and highest labels defined in the label_encodings file. - VIEW_INTERNAL
-
Translate
ADMIN_LOWandADMIN_HIGHlabels to the admin low name and admin high name strings specified in the label_encodings file. If no strings are specified, the strings "ADMIN_LOW" and "ADMIN_HIGH" are used. - NO_CLASSIFICATION
-
Do not translate classification defined in label.
The calling process must have PRIV_SYS_TRANS_LABEL in its set
of effective privileges to perform label translation on labels that dominate the current process' sensitivity label.
These routines translate binary labels into strings controlled by the value of the flags parameter.
The generic form of an output character-coded label is:
CLASSIFICATION WORD1 WORD2 WORD3/WORD4 SUFFIX PREFIX WORD5/WORD6 |
Capital letters are used to display all Classification names and Words. The ` ' (space) character separates classifications and words from other words in all character-coded labels except where multiple words that require the same Prefix or Suffix are present, in which case the multiple words are separated from each other by the `/' (slash) character.
string may point to either a pointer to pre-allocated memory, or the value (char *)0. If it points to a pointer to pre-allocated memory, then str_len indicates the size of that memory. If it points to the value (char *)0, memory is allocated using malloc() to contain the translated character-coded labels. The translated label is copied into allocated or pre-allocated memory.
flags is 0 (zero), or the logical sum of the following:
bcltos() translates a binary CMW label into a string of the form:
ADMIN_LOW [ sensitivity label ] |
The applicable flags are LONG_WORDS or SHORT_WORDS, and VIEW_EXTERNAL or VIEW_INTERNAL. A flags value 0 is equivalent to (LONG_WORDS).
bsltos() translates a binary sensitivity label into a string. The applicable flags are LONG_CLASSIFICATION or SHORT_CLASSIFICATION, LONG_WORDS or SHORT_WORDS, VIEW_EXTERNAL or VIEW_INTERNAL, and NO_CLASSIFICATION. A flags value 0 is equivalent to (SHORT_CLASSIFICATION | LONG_WORDS).
bcleartos() translates a binary clearance into a string. The applicable flags are LONG_CLASSIFICATION or SHORT_CLASSIFICATION, LONG_WORDS or SHORT_WORDS, VIEW_EXTERNAL or VIEW_INTERNAL, and NO_CLASSIFICATION. A flags value 0 is equivalent to (SHORT_CLASSIFICATION | LONG_WORDS). The translation of a clearance may not be the same as the translation of a sensitivity label. These functions use different label_encodings file tables that may contain different words and constraints.
RETURN VALUES
- -1
-
If the label is not of the valid defined required type, if the label is not dominated by the process sensitivity label and the process does not have
PRIV_SYS_TRANS_LABELin its set of effective privileges, or the label_encodings file is inaccessible. - 0
-
If memory cannot be allocated for the return string, or the pre-allocated return string memory is insufficient to hold the string. The value of the pre-allocated string is set to the NULL string (*string[0]='\\00';).
- >0
-
If successful, the length of the character-coded label including the NULL terminator.
These routines return:
PROCESS ATTRIBUTES
If the VIEW_EXTERNAL or VIEW_INTERNAL flags are not specified, translation of ADMIN_LOW and ADMIN_HIGH labels is controlled by the
label view process attribute flags. If no label view process attribute flags are defined, their translation is controlled by the label view configured in the label_encodings file. A value of External specifies that ADMIN_LOW
and ADMIN_HIGH labels are mapped to the lowest and highest labels defined in the label_encodings file. A value of Internal specifies that the ADMIN_LOW and ADMIN_HIGH labels are translated to the admin low and admin high name strings specified in the label_encodings file. If no such names are specified, the strings "ADMIN_LOW" and "ADMIN_HIGH" are used.
FILES
- /etc/security/tsol/label_encodings
-
The label encodings file contains the classification names, words, constraints, and values for the defined labels of this system.
ATTRIBUTES
See attributes(5) for descriptions of the following attributes:
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
|---|---|
| Availability | SUNWtsu |
| MT-Level | MT-Safe |
SEE ALSO
Trusted Solaris 8 4/01 Reference Manual
bcltobanner(3TSOL), blcompare(3TSOL), bltocolor(3TSOL), labelinfo(3TSOL)
Trusted Solaris Developer's Guide, Trusted Solaris administrator's document set
SunOS 5.8 Reference Manual
NOTES
If memory is allocated by these routines, the caller must free the memory with free() when the memory is no longer in use.
NAME | SYNOPSIS | DESCRIPTION | RETURN VALUES | PROCESS ATTRIBUTES | FILES | ATTRIBUTES | SEE ALSO | NOTES
- © 2010, Oracle Corporation and/or its affiliates