1/*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21/*
22 * Copyright 2006 Sun Microsystems, Inc.  All rights reserved.
23 * Use is subject to license terms.
24 */
25
26#ifndef	_SYS_TSOL_PRIV_H
27#define	_SYS_TSOL_PRIV_H
28
29#pragma ident	"%Z%%M%	%I%	%E% SMI"
30
31#include <sys/priv.h>
32
33#ifdef	__cplusplus
34extern "C" {
35#endif
36
37typedef enum priv_ftype {
38	PRIV_ALLOWED,
39	PRIV_FORCED
40} priv_ftype_t;
41
42/*
43 * Privilege macros.
44 */
45
46/*
47 * PRIV_ASSERT(a, b) setst.privilege "b" in privilege set "a".
48 */
49#define	PRIV_ASSERT(a, b) (priv_addset(a, b))
50
51/*
52 * PRIV_CLEAR(a,b) clearst.privilege "b" in privilege set "a".
53 */
54#define	PRIV_CLEAR(a, b) (priv_delset(a, b))
55
56/*
57 * PRIV_EQUAL(set_a, set_b) is true if set_a and set_b are identical.
58 */
59#define	PRIV_EQUAL(a, b) (priv_isequalset(a, b))
60#define	PRIV_EMPTY(a) (priv_emptyset(a))
61#define	PRIV_FILL(a) (priv_fillset(a))
62
63/*
64 * PRIV_ISASSERT tests if privilege 'b' is asserted in privilege set 'a'.
65 */
66#define	PRIV_ISASSERT(a, b) (priv_ismember(a, b))
67#define	PRIV_ISEMPTY(a) (priv_isemptyset(a))
68#define	PRIV_ISFULL(a) (priv_isfullset(a))
69
70/*
71 * This macro returns 1 if all privileges asserted in privilege set "a"
72 * are also asserted in privilege set "b" (i.e. if a is a subset of b)
73 */
74#define	PRIV_ISSUBSET(a, b) (priv_issubset(a, b))
75
76/*
77 * Takes intersection of "a" and "b" and stores in "b".
78 */
79#define	PRIV_INTERSECT(a, b) (priv_intersect(a, b))
80
81/*
82 * Replaces "a" with inverse of "a".
83 */
84#define	PRIV_INVERSE(a)  (priv_inverse(a))
85
86/*
87 * Takes union of "a" and "b" and stores in "b".
88 */
89#define	PRIV_UNION(a, b) (priv_union(a, b))
90
91
92#define	PRIV_FILE_UPGRADE_SL	((const char *)"file_upgrade_sl")
93#define	PRIV_FILE_DOWNGRADE_SL	((const char *)"file_downgrade_sl")
94#
95#define	PRIV_PROC_AUDIT_TCB	((const char *)"proc_audit")
96#define	PRIV_PROC_AUDIT_APPL	((const char *)"proc_audit")
97#
98#define	PRIV_SYS_TRANS_LABEL	((const char *)"sys_trans_label")
99#define	PRIV_WIN_COLORMAP	((const char *)"win_colormap")
100#define	PRIV_WIN_CONFIG		((const char *)"win_config")
101#define	PRIV_WIN_DAC_READ	((const char *)"win_dac_read")
102#define	PRIV_WIN_DAC_WRITE	((const char *)"win_dac_write")
103#define	PRIV_WIN_DGA		((const char *)"win_dga")
104#define	PRIV_WIN_DEVICES	((const char *)"win_devices")
105#define	PRIV_WIN_DOWNGRADE_SL	((const char *)"win_downgrade_sl")
106#define	PRIV_WIN_FONTPATH	((const char *)"win_fontpath")
107#define	PRIV_WIN_MAC_READ	((const char *)"win_mac_read")
108#define	PRIV_WIN_MAC_WRITE	((const char *)"win_mac_write")
109#define	PRIV_WIN_SELECTION	((const char *)"win_selection")
110#define	PRIV_WIN_UPGRADE_SL	((const char *)"win_upgrade_sl")
111
112#ifdef	__cplusplus
113}
114#endif
115
116#endif	/* _SYS_TSOL_PRIV_H */
117