libt6(3N)libt6(3N)NAMElibt6 - TSIX trusted IPC library (part of libc in Trusted IRIX)
SYNOPSIS
#include <sys/t6attrs.h>
DESCRIPTIONlibt6 constitutes the TSIX Application Program Interface (API). It is a
library of routines that an application uses to control attribute
transport during trusted interprocess communication. In Trusted IRIX, the
functions defined by TSIG for libt6 have been incorporated into libc.
The routines in the library are recommended over the underlying system
call interfaces for portability because they shield the application from
operating system, communication protocol, and IPC mechanism specifics.
The libt6 routines provide interfaces through which the trusted
application:
o Specifies the security attributes used to label outgoing IPC messages
(on-message attributes ) and reads the on-message attributes associated
with a received message.
o Controls the security options of the endpoint used to perform trusted
IPC.
SECURITY ATTRIBUTES
At the application level, trusted IPC can be described as a series of
messages passed between peer processes. Within the trusted kernel the
attribute transport service labels each IPC message with the security
attributes associated with the sending process to protect sensitive
information in the message and to propagate security-related information
between communicating Trusted Computing Bases (TCBs). The security
attributes associated with the sending process are called on-message
attributes because they are independent of the contents of the message.
The TCBs decide what to do with the message based on the on-message
attributes. The security attributes associated with a process, and
therefore those that are used to label IPC messages, vary with the
configuration of the system but must be a subset of the following
attributes:
Clearance
Sensitivity label
Information label (not supported by Trusted IRIX)
Integrity Label
Nationality Caveats
Page 1
libt6(3N)libt6(3N)
Effective Privileges
Login User ID
Additional Audit Information
Network Session ID
Discretionary IDs (user ID, group ID, and supplementary groups)
Process ID
NOTE: Some of these attributes imply component security policies that may
not be available on some systems.
The TSIX program interface allows trusted applications to change the on-
message attributes associated with an outgoing message and retrieve the
on-message attributes associated with an incoming message.
ON-MESSAGE ATTRIBUTE ROUTINES
The on-message attribute routines affect the security attributes
associated with outgoing messages or retrieve attributes associated with
incoming messages. The caller specifies attributes to these routines
through a t6attr_t control structure (defined in <sys/t6attrs.h>, an
opaque structure used to access sets of security attributes. The caller
specifies the attributes applied to outbound messages or retrieved from
incoming messages through TSIX routines. Specified attributes are copied
from or written to the buffers accessible through the control structure.
Any attributes not designated by the sender are supplied for outgoing
messages by the underlying trusted kernel. The routines that send and
retrieve on-message attributes operate on sockets or streams, generically
referred to as endpoints.
t6alloc_blk(3N) Allocates a t6attr_t control structure and storage
for the specified set of security attributes.
t6clear_blk(3N) Marks specified attributes in the control block as
invalid.
t6cmp_blk(3N) Compares two attribute blocks for equality.
t6copy_blk(3N) Copies a t6attr_t control structure and the
security attributes to which it points into a
second, previously allocated t6attr_t structure and
its previously allocated buffers.
t6dup_blk(3N) Given one attribute control structure, this routine
allocates enough storage to hold a duplicate
control structure and all attributes it references,
and creates a duplicate.
Page 2
libt6(3N)libt6(3N)t6free_blk(3N) Frees attribute control structure and buffers.
This interface should be used in conjunction with
t6alloc_blk(3N), which allocates the space.
t6attr_alloc(3N) Allocates space for the t6attr_t control structure
with security attributes set.
t6cmp_attr(3N) Compares the two sets of attributes.
t6copy_attr(3N) Copies a t6attr_t control structure and the
security attributes to which it points into a
second, previously allocated t6attr_t structure and
its previously allocated buffers.
t6create_attr(3N) Allocates a t6attr_t control structure and storage
for the specified set of security attributes.
t6dup_attr(3N) Given one attribute control structure, this routine
allocates enough storage to hold a duplicate
control structure and all attributes it references,
and creates a duplicate.
t6free_attr(3N) Frees attribute control structure and buffers.
This interface should be used in conjunction with
t6create_attr(3N), which allocates the space.
t6size_attr(3N) Gets the size of an attribute from the control
structure.
t6get_attr(3N) Gets an attribute handled by the control structure.
t6set_attr(3N) Sets an attribute handled by the control structure.
t6sendto(3N) Sends data and a specified set of security
attributes on a endpoint.
t6recvfrom(3N) Reads a network message and retrieves the security
attributes associated with the data.
t6peek_attr(3N) Peeks ahead and returns the attributes associated
with the next byte of data.
t6last_attr(3N) Returns the security attributes associated with the
last byte of data read from the network endpoint.
t6get_endpt_mask(3N) Gets the endpoint mask.
t6set_endpt_mask(3N) Sets the endpoint mask.
t6get_endpt_default(3N)
Gets the endpoint default security attributes.
Page 3
libt6(3N)libt6(3N)t6set_endpt_default(3N)
Sets the endpoint default security attributes.
NETWORK ENDPOINT SECURITY OPTIONS
A trusted application can manipulate a number of security options
associated with the network endpoint via the following calls:
t6mls_socket(3N) Turns on or off security policy with regard to a
network endpoint.
t6ext_attr(3N) Turns on or off the security extensions to the
network endpoint. This must be called before using
any other libt6 routines.
t6new_attr(3N) Specifies to the network endpoint that the
receiving process is only interested in receiving
attributes if they have changed since the last time
it received them. This saves the overhead created
by passing attributes unnecessarily with each
message.
MaxSIX REMOTE HOST DATABASE SECURITY OPTIONS
A trusted application can manipulate the MSIXRHDB via the following
calls:
t6rhdb_flush(3N) Remove an entry from the RHDB.
t6rhdb_get_host(3N) Query the for an entry.
t6rhdb_put_host(3N) Write and entry to the
t6rhdb_stat(3N) Retrives information on the RHDB.
INCLUDE FILES
Any programs that use routines in this library must include the header
files containing declarations pertinent to the routine. The synopsis
section of each manual page indicates the required header files. Most
routines in the library contain references to declarations defined in
<sys/t6attrs.h>. This file defines constants for attribute types to be
used by various TSIX attribute library access functions, as well as
constants used as parameters to the library functions.
SOURCE
Trusted Systems Interoperability Group
NOTES
Page 4
