-/*
- * Remove any permissions from `allowed' that are
- * denied by the MLS policy.
- */
-void mls_compute_av(struct context *scontext,
- struct context *tcontext,
- struct class_datum *tclass,
- u32 *allowed)
-{
- unsigned int rel[2];
- int l;
-
- for (l = 0; l < 2; l++)
- rel[l] = mls_level_relation(scontext->range.level[l],
- tcontext->range.level[l]);
-
- if (rel[1] != MLS_RELATION_EQ) {
- if (rel[1] != MLS_RELATION_DOM &&
- !ebitmap_get_bit(&policydb.trustedreaders, scontext->type - 1) &&
- !ebitmap_get_bit(&policydb.trustedobjects, tcontext->type - 1)) {
- /* read(s,t) = (s.high >= t.high) = False */
- *allowed = (*allowed) & ~(tclass->mlsperms.read);
- }
- if (rel[1] != MLS_RELATION_DOMBY &&
- !ebitmap_get_bit(&policydb.trustedreaders, tcontext->type - 1) &&
- !ebitmap_get_bit(&policydb.trustedobjects, scontext->type - 1)) {
- /* readby(s,t) = read(t,s) = False */
- *allowed = (*allowed) & ~(tclass->mlsperms.readby);
- }
- }
- if (((rel[0] != MLS_RELATION_DOMBY && rel[0] != MLS_RELATION_EQ) ||
- ((!mls_level_eq(tcontext->range.level[0],
- tcontext->range.level[1])) &&
- (rel[1] != MLS_RELATION_DOM && rel[1] != MLS_RELATION_EQ))) &&
- !ebitmap_get_bit(&policydb.trustedwriters, scontext->type - 1) &&
- !ebitmap_get_bit(&policydb.trustedobjects, tcontext->type - 1)) {
- /*
- * write(s,t) = ((s.low <= t.low = t.high) or (s.low
- * <= t.low <= t.high <= s.high)) = False
- */
- *allowed = (*allowed) & ~(tclass->mlsperms.write);
- }
-
- if (((rel[0] != MLS_RELATION_DOM && rel[0] != MLS_RELATION_EQ) ||
- ((!mls_level_eq(scontext->range.level[0],
- scontext->range.level[1])) &&
- (rel[1] != MLS_RELATION_DOMBY && rel[1] != MLS_RELATION_EQ))) &&
- !ebitmap_get_bit(&policydb.trustedwriters, tcontext->type - 1) &&
- !ebitmap_get_bit(&policydb.trustedobjects, scontext->type - 1)) {
- /* writeby(s,t) = write(t,s) = False */
- *allowed = (*allowed) & ~(tclass->mlsperms.writeby);
- }
-}
-