bsltos(3tsol)

1bltos(3TSOL)         Trusted Extensions Library Functions         bltos(3TSOL)
2
3
4

NAME

6       bltos,  bsltos,  bcleartos - translate binary labels to character coded
7       labels
8

SYNOPSIS

10       cc [flag...] file... -ltsol [library...]
11
12
13       #include <tsol/label.h>
14
15       int bsltos(const m_label_t *label, char **string,
16            const int str_len, const int flags);
17
18
19       int bcleartos(const m_label_t *label, char **string,
20            const int str_len, const int flags);
21
22

DESCRIPTION

24       These functions translate binary labels into strings controlled by  the
25       value of the flags parameter.
26
27
28       The  bsltos()  function  translates  a  binary sensitivity label into a
29       string. The applicable flags are LONG_CLASSIFICATION or SHORT_CLASSIFI‐
30       CATION,  LONG_WORDS or SHORT_WORDS, VIEW_EXTERNAL or VIEW_INTERNAL, and
31       NO_CLASSIFICATION. A flags value 0 is equivalent to  (SHORT_CLASSIFICA‐
32       TION | LONG_WORDS).
33
34
35       The  bcleartos()  function translates a binary clearance into a string.
36       The applicable flags are LONG_CLASSIFICATION  or  SHORT_CLASSIFICATION,
37       LONG_WORDS or SHORT_WORDS, VIEW_EXTERNAL or VIEW_INTERNAL, and NO_CLAS‐
38       SIFICATION. A flags value 0 is equivalent  to  (SHORT_CLASSIFICATION  |
39       LONG_WORDS).  The  translation  of a clearance might not be the same as
40       the translation of a sensitivity label. These functions  use  different
41       label_encodings file tables that might contain different words and con‐
42       straints.
43
44
45       The calling process must have PRIV_SYS_TRANS_LABEL in its set of effec‐
46       tive  privileges  to  perform label translation on labels that dominate
47       the current process's sensitivity label.
48
49
50       The generic form of an output character-coded label is:
51
52         CLASSIFICATION WORD1 WORD2 WORD3/WORD4 SUFFIX PREFIX WORD5/WORD6
53
54
55
56
57       Capital letters are used to display all CLASSIFICATION names and WORDs.
58       The  `  '  (space)  character  separates classifications and words from
59       other words in all character-coded labels except where  multiple  words
60       that  require  the same PREFIX or SUFFIX are present, in which case the
61       multiple words are separated from each other by the `/' (slash) charac‐
62       ter.
63
64
65       The string argument can point to either a pointer to pre-allocated mem‐
66       ory, or the value (char *)0. If string points to a pointer to pre-allo‐
67       cated memory, then str_len indicates the size of that memory. If string
68       points to the value (char *)0, memory is allocated  using  malloc()  to
69       contain  the translated character-coded labels. The translated label is
70       copied into allocated or pre-allocated memory.
71
72
73       The flags argument is 0 or the logical sum of the following:
74
75       LONG_WORDS              Translate using long names of words defined  in
76                               label.
77
78
79       SHORT_WORDS             Translate using short names of words defined in
80                               label. If no  short  name  is  defined  in  the
81                               label_encodings  file for a word, the long name
82                               is used.
83
84
85       LONG_CLASSIFICATION     Translate using  long  name  of  classification
86                               defined in label.
87
88
89       SHORT_CLASSIFICATION    Translate  using  short  name of classification
90                               defined in label.
91
92
93       ACCESS_RELATED          Translate only access-related  entries  defined
94                               in information label label.
95
96
97       VIEW_EXTERNAL           Translate  ADMIN_LOW  and  ADMIN_HIGH labels to
98                               the lowest and highest labels  defined  in  the
99                               label_encodings file.
100
101
102       VIEW_INTERNAL           Translate  ADMIN_LOW  and  ADMIN_HIGH labels to
103                               the admin low name and admin high name  strings
104                               specified  in  the  label_encodings file. If no
105                               strings are specified, the strings  "ADMIN_LOW"
106                               and "ADMIN_HIGH" are used.
107
108
109       NO_CLASSIFICATION       Do  not  translate  classification  defined  in
110                               label.
111
112
113   Process Attributes
114       If the VIEW_EXTERNAL or VIEW_INTERNAL flags are not specified, transla‐
115       tion of ADMIN_LOW and ADMIN_HIGH labels is controlled by the label view
116       process attribute flags. If no label view process attribute  flags  are
117       defined,  their  translation is controlled by the label view configured
118       in the  label_encodings  file.  A  value  of  External  specifies  that
119       ADMIN_LOW  and  ADMIN_HIGH  labels are mapped to the lowest and highest
120       labels defined in the label_encodings file. A value of Internal  speci‐
121       fies  that  the  ADMIN_LOW  and ADMIN_HIGH labels are translated to the
122       admin low and admin high name strings specified in the  label_encodings
123       file.  If  no  such  names  are  specified, the strings "ADMIN_LOW" and
124       "ADMIN_HIGH" are used.
125

RETURN VALUES

127       Upon successful completion,  the  bsltos()  and  bcleartos()  functions
128       return the length of the character-coded label, including the NULL ter‐
129       minator.
130
131
132       If the label is not of the valid defined required type, if the label is
133       not dominated by the process sensitivity label and the process does not
134       have PRIV_SYS_TRANS_LABEL in its set of effective privileges, or if the
135       label_encodings file is inaccessible, these functions return −1.
136
137
138       If memory cannot be allocated for the return string or if the pre-allo‐
139       cated return string memory is insufficient to hold  the  string,  these
140       functions return 0. The value of the pre-allocated string is set to the
141       NULL string (*string[0]=' 0';).
142

FILES

144       /etc/security/tsol/label_encodings
145
146           The label encodings file contains the classification names,  words,
147           constraints, and values for the defined labels of this system.
148
149

ATTRIBUTES

151       See attributes(5) for descriptions of the following attributes:
152
153
154
155
156       ┌─────────────────────────────┬─────────────────────────────┐
157       │      ATTRIBUTE TYPE         │      ATTRIBUTE VALUE        │
158       ├─────────────────────────────┼─────────────────────────────┤
159       │Interface Stability          │Obsolete                     │
160       ├─────────────────────────────┼─────────────────────────────┤
161       │MT-Level                     │MT-Safe with exceptions      │
162       └─────────────────────────────┴─────────────────────────────┘
163
164
165       The   bsltos()   and   bcleartos()  functions  are  Obsolete.  Use  the
166       label_to_str(3TSOL) function instead.
167

NOTES

173       The  functionality  described  on this manual page is available only if
174       the system is configured with Trusted Extensions.
175
176
177       If memory is allocated by these functions, the  caller  must  free  the
178       memory with free(3C) when the memory is no longer in use.
179
180
181
182SunOS 5.11                        20 Jul 2007                     bltos(3TSOL)