next up previous contents index
Next: 11.2.2 notify_perm: Notify of Up: 11.2 oskit_security: Security Server Previous: 11.2 oskit_security: Security Server

11.2.1 compute_av: Compute access vectors

 

SYNOPSIS

#include <oskit/flask/security.h>

OSKIT_COMDECL oskit_security_compute_av(oskit_security_t *security, oskit_security_id_t ssid, oskit_security_id_t tsid, oskit_security_class_t tclass, oskit_access_vector_t requested, [out] oskit_access_vector_t *allowed, [out] oskit_access_vector_t *decided, [out] oskit_access_vector_t *auditallow, [out] oskit_access_vector_t *auditdeny, [out] oskit_access_vector_t *notify, [out] oskit_u32_t *seqno);

DESCRIPTION

The oskit_security_compute_av function computes access vectors based on a SID pair for the permissions in a particular class. An access vector cache (AVC) component calls this function when no valid entry exists for the requested permissions in the cache. The first SID parameter, ssid, is referred to as the source SID and the second SID parameter, tsid, is referred to as the target SID. The returned access vectors must contain decisions for every permission specified in the requested access vector.

The security server may optionally return decisions for other permissions in the same class. The decided access vector contains the set of permissions for which a decision was returned. The other returned access vectors may only be used for permissions in this set. The security server may choose to defer computation of permissions until they are explicitly requested.

The allowed access vector contains the set of granted permissions. The seqno parameter contains a sequence number associated with the access granting. If the sequence number provided by the latest policy change is greater than this value, then the access granting may be invalid and must be discarded. The sequence number addresses the issue of an interleaving of an access granting and a policy change.

The auditallow and auditdeny access vectors contain the set of permissions that should be audited when granted or when denied, respectively. These vectors enable the security server to precisely control the auditing of permission checks. The AVC component ensures that auditing is performed in accordance with these vectors.

The notify access vector contains the set of permissions for which the oskit_security_notify_perm function should be called when the operation associated with the permission has successfully completed. This vector permits the security server to request that the AVC component notify the security server of the successful completion of operations so that the security server may base its decisions on the history of operations in the system. This differs from merely basing decisions on the history of granted permissions, since an operation may still fail due to other conditions even if permission is granted for that operation.

PARAMETERS

security
The security server.
ssid
The source SID.
tsid
The target SID.
tclass
The target object security class.
requested
The permissions to be checked.
allowed
The set of granted permissions.
decided
The set of decided permissions.
auditallow
The set of permissions to audit when granted.
auditdeny
The set of permissions to audit when denied.
notify
The set of permissions to notify when used.
seqno
The sequence number for the granting.

RETURNS

Returns 0 on success, or an error code specified in <oskit/error.h>, on error.


next up previous contents index
Next: 11.2.2 notify_perm: Notify of Up: 11.2 oskit_security: Security Server Previous: 11.2 oskit_security: Security Server

Utah Flux Research Group