1bltos(3TSOL) Trusted Extensions Library Functions bltos(3TSOL)
2
3
4
6 bltos, bsltos, bcleartos - translate binary labels to character coded
7 labels
8
10 cc [flag...] file... -ltsol [library...]
11
12
13 #include <tsol/label.h>
14
15 int bsltos(const m_label_t *label, char **string,
16 const int str_len, const int flags);
17
18
19 int bcleartos(const m_label_t *label, char **string,
20 const int str_len, const int flags);
21
22
24 These functions translate binary labels into strings controlled by the
25 value of the flags parameter.
26
27
28 The bsltos() function translates a binary sensitivity label into a
29 string. The applicable flags are LONG_CLASSIFICATION or SHORT_CLASSIFI‐
30 CATION, LONG_WORDS or SHORT_WORDS, VIEW_EXTERNAL or VIEW_INTERNAL, and
31 NO_CLASSIFICATION. A flags value 0 is equivalent to (SHORT_CLASSIFICA‐
32 TION | LONG_WORDS).
33
34
35 The bcleartos() function translates a binary clearance into a string.
36 The applicable flags are LONG_CLASSIFICATION or SHORT_CLASSIFICATION,
37 LONG_WORDS or SHORT_WORDS, VIEW_EXTERNAL or VIEW_INTERNAL, and NO_CLAS‐
38 SIFICATION. A flags value 0 is equivalent to (SHORT_CLASSIFICATION |
39 LONG_WORDS). The translation of a clearance might not be the same as
40 the translation of a sensitivity label. These functions use different
41 label_encodings file tables that might contain different words and con‐
42 straints.
43
44
45 The calling process must have PRIV_SYS_TRANS_LABEL in its set of effec‐
46 tive privileges to perform label translation on labels that dominate
47 the current process's sensitivity label.
48
49
50 The generic form of an output character-coded label is:
51
52 CLASSIFICATION WORD1 WORD2 WORD3/WORD4 SUFFIX PREFIX WORD5/WORD6
53
54
55
56
57 Capital letters are used to display all CLASSIFICATION names and WORDs.
58 The ` ' (space) character separates classifications and words from
59 other words in all character-coded labels except where multiple words
60 that require the same PREFIX or SUFFIX are present, in which case the
61 multiple words are separated from each other by the `/' (slash) charac‐
62 ter.
63
64
65 The string argument can point to either a pointer to pre-allocated mem‐
66 ory, or the value (char *)0. If string points to a pointer to pre-allo‐
67 cated memory, then str_len indicates the size of that memory. If string
68 points to the value (char *)0, memory is allocated using malloc() to
69 contain the translated character-coded labels. The translated label is
70 copied into allocated or pre-allocated memory.
71
72
73 The flags argument is 0 or the logical sum of the following:
74
75 LONG_WORDS Translate using long names of words defined in
76 label.
77
78
79 SHORT_WORDS Translate using short names of words defined in
80 label. If no short name is defined in the
81 label_encodings file for a word, the long name
82 is used.
83
84
85 LONG_CLASSIFICATION Translate using long name of classification
86 defined in label.
87
88
89 SHORT_CLASSIFICATION Translate using short name of classification
90 defined in label.
91
92
93 ACCESS_RELATED Translate only access-related entries defined
94 in information label label.
95
96
97 VIEW_EXTERNAL Translate ADMIN_LOW and ADMIN_HIGH labels to
98 the lowest and highest labels defined in the
99 label_encodings file.
100
101
102 VIEW_INTERNAL Translate ADMIN_LOW and ADMIN_HIGH labels to
103 the admin low name and admin high name strings
104 specified in the label_encodings file. If no
105 strings are specified, the strings "ADMIN_LOW"
106 and "ADMIN_HIGH" are used.
107
108
109 NO_CLASSIFICATION Do not translate classification defined in
110 label.
111
112
113 Process Attributes
114 If the VIEW_EXTERNAL or VIEW_INTERNAL flags are not specified, transla‐
115 tion of ADMIN_LOW and ADMIN_HIGH labels is controlled by the label view
116 process attribute flags. If no label view process attribute flags are
117 defined, their translation is controlled by the label view configured
118 in the label_encodings file. A value of External specifies that
119 ADMIN_LOW and ADMIN_HIGH labels are mapped to the lowest and highest
120 labels defined in the label_encodings file. A value of Internal speci‐
121 fies that the ADMIN_LOW and ADMIN_HIGH labels are translated to the
122 admin low and admin high name strings specified in the label_encodings
123 file. If no such names are specified, the strings "ADMIN_LOW" and
124 "ADMIN_HIGH" are used.
125
127 Upon successful completion, the bsltos() and bcleartos() functions
128 return the length of the character-coded label, including the NULL ter‐
129 minator.
130
131
132 If the label is not of the valid defined required type, if the label is
133 not dominated by the process sensitivity label and the process does not
134 have PRIV_SYS_TRANS_LABEL in its set of effective privileges, or if the
135 label_encodings file is inaccessible, these functions return −1.
136
137
138 If memory cannot be allocated for the return string or if the pre-allo‐
139 cated return string memory is insufficient to hold the string, these
140 functions return 0. The value of the pre-allocated string is set to the
141 NULL string (*string[0]=' 0';).
142
144 /etc/security/tsol/label_encodings
145
146 The label encodings file contains the classification names, words,
147 constraints, and values for the defined labels of this system.
148
149
151 See attributes(5) for descriptions of the following attributes:
152
153
154
155
156 ┌─────────────────────────────┬─────────────────────────────┐
157 │ ATTRIBUTE TYPE │ ATTRIBUTE VALUE │
158 ├─────────────────────────────┼─────────────────────────────┤
159 │Interface Stability │Obsolete │
160 ├─────────────────────────────┼─────────────────────────────┤
161 │MT-Level │MT-Safe with exceptions │
162 └─────────────────────────────┴─────────────────────────────┘
163
164
165 The bsltos() and bcleartos() functions are Obsolete. Use the
166 label_to_str(3TSOL) function instead.
167
169 free(3C), label_to_str(3TSOL), libtsol(3LIB), malloc(3C), label_encod‐
170 ings(4), attributes(5)
171
173 The functionality described on this manual page is available only if
174 the system is configured with Trusted Extensions.
175
176
177 If memory is allocated by these functions, the caller must free the
178 memory with free(3C) when the memory is no longer in use.
179
180
181
182SunOS 5.11 20 Jul 2007 bltos(3TSOL)