1 /*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21 /*
22 * Copyright 2006 Sun Microsystems, Inc. All rights reserved.
23 * Use is subject to license terms.
24 */
25
26 #ifndef _SYS_TSOL_PRIV_H
27 #define _SYS_TSOL_PRIV_H
28
29 #pragma ident "%Z%%M% %I% %E% SMI"
30
31 #include <sys/priv.h>
32
33 #ifdef __cplusplus
34 extern "C" {
35 #endif
36
37 typedef enum priv_ftype {
38 PRIV_ALLOWED,
39 PRIV_FORCED
40 } priv_ftype_t;
41
42 /*
43 * Privilege macros.
44 */
45
46 /*
47 * PRIV_ASSERT(a, b) setst.privilege "b" in privilege set "a".
48 */
49 #define PRIV_ASSERT(a, b) (priv_addset(a, b))
50
51 /*
52 * PRIV_CLEAR(a,b) clearst.privilege "b" in privilege set "a".
53 */
54 #define PRIV_CLEAR(a, b) (priv_delset(a, b))
55
56 /*
57 * PRIV_EQUAL(set_a, set_b) is true if set_a and set_b are identical.
58 */
59 #define PRIV_EQUAL(a, b) (priv_isequalset(a, b))
60 #define PRIV_EMPTY(a) (priv_emptyset(a))
61 #define PRIV_FILL(a) (priv_fillset(a))
62
63 /*
64 * PRIV_ISASSERT tests if privilege 'b' is asserted in privilege set 'a'.
65 */
66 #define PRIV_ISASSERT(a, b) (priv_ismember(a, b))
67 #define PRIV_ISEMPTY(a) (priv_isemptyset(a))
68 #define PRIV_ISFULL(a) (priv_isfullset(a))
69
70 /*
71 * This macro returns 1 if all privileges asserted in privilege set "a"
72 * are also asserted in privilege set "b" (i.e. if a is a subset of b)
73 */
74 #define PRIV_ISSUBSET(a, b) (priv_issubset(a, b))
75
76 /*
77 * Takes intersection of "a" and "b" and stores in "b".
78 */
79 #define PRIV_INTERSECT(a, b) (priv_intersect(a, b))
80
81 /*
82 * Replaces "a" with inverse of "a".
83 */
84 #define PRIV_INVERSE(a) (priv_inverse(a))
85
86 /*
87 * Takes union of "a" and "b" and stores in "b".
88 */
89 #define PRIV_UNION(a, b) (priv_union(a, b))
90
91
92 #define PRIV_FILE_UPGRADE_SL ((const char *)"file_upgrade_sl")
93 #define PRIV_FILE_DOWNGRADE_SL ((const char *)"file_downgrade_sl")
94 #
95 #define PRIV_PROC_AUDIT_TCB ((const char *)"proc_audit")
96 #define PRIV_PROC_AUDIT_APPL ((const char *)"proc_audit")
97 #
98 #define PRIV_SYS_TRANS_LABEL ((const char *)"sys_trans_label")
99 #define PRIV_WIN_COLORMAP ((const char *)"win_colormap")
100 #define PRIV_WIN_CONFIG ((const char *)"win_config")
101 #define PRIV_WIN_DAC_READ ((const char *)"win_dac_read")
102 #define PRIV_WIN_DAC_WRITE ((const char *)"win_dac_write")
103 #define PRIV_WIN_DGA ((const char *)"win_dga")
104 #define PRIV_WIN_DEVICES ((const char *)"win_devices")
105 #define PRIV_WIN_DOWNGRADE_SL ((const char *)"win_downgrade_sl")
106 #define PRIV_WIN_FONTPATH ((const char *)"win_fontpath")
107 #define PRIV_WIN_MAC_READ ((const char *)"win_mac_read")
108 #define PRIV_WIN_MAC_WRITE ((const char *)"win_mac_write")
109 #define PRIV_WIN_SELECTION ((const char *)"win_selection")
110 #define PRIV_WIN_UPGRADE_SL ((const char *)"win_upgrade_sl")
111
112 #ifdef __cplusplus
113 }
114 #endif
115
116 #endif /* _SYS_TSOL_PRIV_H */