1/* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21/* 22 * Copyright 2006 Sun Microsystems, Inc. All rights reserved. 23 * Use is subject to license terms. 24 */ 25 26#ifndef _SYS_TSOL_PRIV_H 27#define _SYS_TSOL_PRIV_H 28 29#pragma ident "%Z%%M% %I% %E% SMI" 30 31#include <sys/priv.h> 32 33#ifdef __cplusplus 34extern "C" { 35#endif 36 37typedef enum priv_ftype { 38 PRIV_ALLOWED, 39 PRIV_FORCED 40} priv_ftype_t; 41 42/* 43 * Privilege macros. 44 */ 45 46/* 47 * PRIV_ASSERT(a, b) setst.privilege "b" in privilege set "a". 48 */ 49#define PRIV_ASSERT(a, b) (priv_addset(a, b)) 50 51/* 52 * PRIV_CLEAR(a,b) clearst.privilege "b" in privilege set "a". 53 */ 54#define PRIV_CLEAR(a, b) (priv_delset(a, b)) 55 56/* 57 * PRIV_EQUAL(set_a, set_b) is true if set_a and set_b are identical. 58 */ 59#define PRIV_EQUAL(a, b) (priv_isequalset(a, b)) 60#define PRIV_EMPTY(a) (priv_emptyset(a)) 61#define PRIV_FILL(a) (priv_fillset(a)) 62 63/* 64 * PRIV_ISASSERT tests if privilege 'b' is asserted in privilege set 'a'. 65 */ 66#define PRIV_ISASSERT(a, b) (priv_ismember(a, b)) 67#define PRIV_ISEMPTY(a) (priv_isemptyset(a)) 68#define PRIV_ISFULL(a) (priv_isfullset(a)) 69 70/* 71 * This macro returns 1 if all privileges asserted in privilege set "a" 72 * are also asserted in privilege set "b" (i.e. if a is a subset of b) 73 */ 74#define PRIV_ISSUBSET(a, b) (priv_issubset(a, b)) 75 76/* 77 * Takes intersection of "a" and "b" and stores in "b". 78 */ 79#define PRIV_INTERSECT(a, b) (priv_intersect(a, b)) 80 81/* 82 * Replaces "a" with inverse of "a". 83 */ 84#define PRIV_INVERSE(a) (priv_inverse(a)) 85 86/* 87 * Takes union of "a" and "b" and stores in "b". 88 */ 89#define PRIV_UNION(a, b) (priv_union(a, b)) 90 91 92#define PRIV_FILE_UPGRADE_SL ((const char *)"file_upgrade_sl") 93#define PRIV_FILE_DOWNGRADE_SL ((const char *)"file_downgrade_sl") 94# 95#define PRIV_PROC_AUDIT_TCB ((const char *)"proc_audit") 96#define PRIV_PROC_AUDIT_APPL ((const char *)"proc_audit") 97# 98#define PRIV_SYS_TRANS_LABEL ((const char *)"sys_trans_label") 99#define PRIV_WIN_COLORMAP ((const char *)"win_colormap") 100#define PRIV_WIN_CONFIG ((const char *)"win_config") 101#define PRIV_WIN_DAC_READ ((const char *)"win_dac_read") 102#define PRIV_WIN_DAC_WRITE ((const char *)"win_dac_write") 103#define PRIV_WIN_DGA ((const char *)"win_dga") 104#define PRIV_WIN_DEVICES ((const char *)"win_devices") 105#define PRIV_WIN_DOWNGRADE_SL ((const char *)"win_downgrade_sl") 106#define PRIV_WIN_FONTPATH ((const char *)"win_fontpath") 107#define PRIV_WIN_MAC_READ ((const char *)"win_mac_read") 108#define PRIV_WIN_MAC_WRITE ((const char *)"win_mac_write") 109#define PRIV_WIN_SELECTION ((const char *)"win_selection") 110#define PRIV_WIN_UPGRADE_SL ((const char *)"win_upgrade_sl") 111 112#ifdef __cplusplus 113} 114#endif 115 116#endif /* _SYS_TSOL_PRIV_H */ 117