Local implementation of locally-defined data structures. More...

#include <stddef.h>
#include <stdlib.h>
#include <BPSecLib_Private.h>
#include <sys/types.h>
#include "SamplePolicyProvider.h"

Include dependency graph for SamplePolicyProvider.c:

Go to the source code of this file.

Functions
static bool	BSLP_PolicyProvider_IsConsistent (const BSLP_PolicyProvider_t *self)

static bool	BSLP_PolicyPredicate_IsConsistent (const BSLP_PolicyPredicate_t *self)

static bool	BSLP_PolicyRule_IsConsistent (const BSLP_PolicyRule_t *self)

static uint64_t	get_target_block_id (const BSL_BundleRef_t *bundle, uint64_t target_block_type)

int	BSLP_QueryPolicy (const void user_data, BSL_SecurityActionSet_t output_action_set, const BSL_BundleRef_t *bundle, BSL_PolicyLocation_e location)
	Note that criticality is HIGH.

void	BSLP_PolicyPredicate_Deinit (BSLP_PolicyPredicate_t *self)

void	BSLP_Deinit (void *user_data)

void	BSLP_PolicyPredicate_Init (BSLP_PolicyPredicate_t *self, BSL_PolicyLocation_e location, BSL_HostEIDPattern_t src_eid_pattern, BSL_HostEIDPattern_t secsrc_eid_pattern, BSL_HostEIDPattern_t dst_eid_pattern)
	Initialize this policy predicate.

bool	BSLP_PolicyPredicate_IsMatch (const BSLP_PolicyPredicate_t *self, BSL_PolicyLocation_e location, BSL_HostEID_t src_eid, BSL_HostEID_t dst_eid)
	Returns true if the given predicate matches the arguments.

int	BSLP_PolicyRule_Init (BSLP_PolicyRule_t self, const char desc, BSLP_PolicyPredicate_t *predicate, uint64_t context_id, BSL_SecRole_e role, BSL_SecBlockType_e sec_block_type, BSL_BundleBlockTypeCode_e target_block_type, BSL_PolicyAction_e failure_action_code)
	Initialize this policy rule.

void	BSLP_PolicyRule_Deinit (BSLP_PolicyRule_t *self)
	De-initialize, release any resources, and zero this struct.

void	BSLP_PolicyRule_AddParam (BSLP_PolicyRule_t self, const BSL_SecParam_t param)
	Include a BPSec parameter to this rule.

int	BSLP_PolicyRule_EvaluateAsSecOper (const BSLP_PolicyRule_t self, BSL_SecOper_t sec_oper, const BSL_BundleRef_t *bundle, BSL_PolicyLocation_e location)
	Critical function creating a security operation from a bundle and location.

Detailed Description

Local implementation of locally-defined data structures.

Definition in file SamplePolicyProvider.c.

Function Documentation

◆ BSLP_Deinit()

void BSLP_Deinit ( void * user_data )

Definition at line 153 of file SamplePolicyProvider.c.

◆ BSLP_PolicyPredicate_Deinit()

void BSLP_PolicyPredicate_Deinit ( BSLP_PolicyPredicate_t * self )

Definition at line 145 of file SamplePolicyProvider.c.

◆ BSLP_PolicyPredicate_Init()

void BSLP_PolicyPredicate_Init	(	BSLP_PolicyPredicate_t *	self,
		BSL_PolicyLocation_e	location,
		BSL_HostEIDPattern_t	src_eid_pattern,
		BSL_HostEIDPattern_t	secsrc_eid_pattern,
		BSL_HostEIDPattern_t	dst_eid_pattern
	)

Initialize this policy predicate.

A policy predicate represents a way to match whether a rule applies to a bundle.

Parameters

[in]	self	This predicate
[in]	location	BSL_PolicyLocation_e location in the BPA
[in]	src_eid_pattern	Host-defined EID pattern to match for
[in]	srcsrc_eid_pattern	Host-defined EID pattern for SECURITY SOURCE in security block
[in]	dst_eid_pattern	Host-defined EID pattern for DESTINATION EID

Returns: Nothing

Definition at line 170 of file SamplePolicyProvider.c.

◆ BSLP_PolicyPredicate_IsConsistent()

static bool BSLP_PolicyPredicate_IsConsistent ( const BSLP_PolicyPredicate_t * self )

static

Definition at line 44 of file SamplePolicyProvider.c.

◆ BSLP_PolicyPredicate_IsMatch()

bool BSLP_PolicyPredicate_IsMatch	(	const BSLP_PolicyPredicate_t *	self,
		BSL_PolicyLocation_e	location,
		BSL_HostEID_t	src_eid,
		BSL_HostEID_t	dst_eid
	)

Returns true if the given predicate matches the arguments.

Parameters

[in]	self	This predicate
[in]	location	Location in the BPA
[in]	src_eid	Source EID
[in]	dst_eid	Destination EID

Definition at line 186 of file SamplePolicyProvider.c.

References BSL_HostEIDPattern_IsMatch(), and BSL_LOG_DEBUG.

Referenced by BSLP_PolicyRule_EvaluateAsSecOper(), and BSLP_QueryPolicy().

◆ BSLP_PolicyProvider_IsConsistent()

static bool BSLP_PolicyProvider_IsConsistent ( const BSLP_PolicyProvider_t * self )

static

Definition at line 36 of file SamplePolicyProvider.c.

◆ BSLP_PolicyRule_AddParam()

void BSLP_PolicyRule_AddParam	(	BSLP_PolicyRule_t *	self,
		const BSL_SecParam_t *	param
	)

Include a BPSec parameter to this rule.

Used immediately after Init.

Parameters

[in]	self	This rule
[in]	param	Pointer to the Parameter.

Definition at line 239 of file SamplePolicyProvider.c.

References BSL_SecParam_IsConsistent(), and BSL_SecParam_Sizeof().

◆ BSLP_PolicyRule_Deinit()

void BSLP_PolicyRule_Deinit ( BSLP_PolicyRule_t * self )

De-initialize, release any resources, and zero this struct.

Parameters

[in] self This rule

Definition at line 231 of file SamplePolicyProvider.c.

References BSL_LOG_INFO.

◆ BSLP_PolicyRule_EvaluateAsSecOper()

int BSLP_PolicyRule_EvaluateAsSecOper	(	const BSLP_PolicyRule_t *	self,
		BSL_SecOper_t *	sec_oper,
		const BSL_BundleRef_t *	bundle,
		BSL_PolicyLocation_e	location
	)

Critical function creating a security operation from a bundle and location.

Parameters

[in]	self	This policy rule
[in]	sec_oper	[Zeroed, pre-allocated and memory owned by caller] Caller-allocated space for the output security action.
[in]	bundle	Bundle to test match against
[in]	location	Location in the BPA

Returns: Zero on success, negative on failure.

Definition at line 254 of file SamplePolicyProvider.c.

References BSL_BLOCK_TYPE_PRIMARY, BSL_BundleCtx_GetBundleMetadata(), BSL_ERR_SECURITY_CONTEXT_FAILED, BSL_LOG_INFO, BSL_LOG_WARNING, BSL_SecOper_AppendParam(), BSL_SecOper_Init(), BSL_SecParam_Sizeof(), BSL_SUCCESS, BSLP_PolicyPredicate_IsMatch(), BSL_PrimaryBlock_s::field_dest_eid, and BSL_PrimaryBlock_s::field_src_node_id.

Referenced by BSLP_QueryPolicy().

◆ BSLP_PolicyRule_Init()

int BSLP_PolicyRule_Init	(	BSLP_PolicyRule_t *	self,
		const char *	desc,
		BSLP_PolicyPredicate_t *	predicate,
		uint64_t	context_id,
		BSL_SecRole_e	role,
		BSL_SecBlockType_e	sec_block_type,
		BSL_BundleBlockTypeCode_e	target_block_type,
		BSL_PolicyAction_e	failure_action_code
	)

Initialize this policy rule.

Parameters

[in]	self	This policy rule
[in]	dest	Description of this rule (C-string)
[in]	predicate	Predicate used to identify which bundles apply
[in]	context_id	Security context ID
[in]	role	Such as source, acceptor, etc
[in]	sec_block_type	Block type (BIB or BCB)
[in]	target_block_type	Target block type (anything, such as primary or payload)

Returns: Zero on success

Definition at line 211 of file SamplePolicyProvider.c.

References BSL_SecParam_Sizeof(), and BSL_SUCCESS.

◆ BSLP_PolicyRule_IsConsistent()

static bool BSLP_PolicyRule_IsConsistent ( const BSLP_PolicyRule_t * self )

static

Definition at line 54 of file SamplePolicyProvider.c.

◆ BSLP_QueryPolicy()

int BSLP_QueryPolicy	(	const void *	user_data,
		BSL_SecurityActionSet_t *	output_action_set,
		const BSL_BundleRef_t *	bundle,
		BSL_PolicyLocation_e	location
	)

◆ get_target_block_id()

static uint64_t get_target_block_id	(	const BSL_BundleRef_t *	bundle,
		uint64_t	target_block_type
	)

static

Definition at line 68 of file SamplePolicyProvider.c.

Functions

Detailed Description

Function Documentation

◆ BSLP_Deinit()

◆ BSLP_PolicyPredicate_Deinit()

◆ BSLP_PolicyPredicate_Init()

◆ BSLP_PolicyPredicate_IsConsistent()

◆ BSLP_PolicyPredicate_IsMatch()

◆ BSLP_PolicyProvider_IsConsistent()

◆ BSLP_PolicyRule_AddParam()

◆ BSLP_PolicyRule_Deinit()

◆ BSLP_PolicyRule_EvaluateAsSecOper()

◆ BSLP_PolicyRule_Init()

◆ BSLP_PolicyRule_IsConsistent()

◆ BSLP_QueryPolicy()

◆ get_target_block_id()