next up previous contents
Next: Interfaces for the Kernel Up: Security Server Previous: Security Server   Contents

Architecture Types and Constants

The basic Flask types and constants are defined in the header file include/linux/flask/flask_types.h. The security context type (security_context_t) is defined as a string. The security identifier type (security_id_t) is defined as an unsigned 32-bit integer value. A null SID, SECSID_NULL, is defined to use when no particular SID is specified. A wildcard SID, SECSID_WILD, is defined that matches any other SID when used for certain access vector cache (AVC) operations. Certain SIDs (specified in flask/initial_sids) are predefined for system initialization. The corresponding constants are defined in the automatically generated header file include/linux/flask/flask.h.

The access vector type (access_vector_t) is defined as an unsigned 32-bit integer value. Each object class is identified by an unsigned 16-bit integer value, with the security_class_t type. The set of security classes is specified in flask/security_classes, with the corresponding constants in the automatically generated header file include/linux/flask/flask.h. The permissions for each security class are specified in flask/access_vectors, and the corresponding constants are defined in the automatically generated header file include/linux/flask/av_permissions.h.