/*
 * The size and shape of a security label.
 * Logically this stuff belongs in param.h and types.h,
 * but it seems wise to keep it in one easily-checked
 * place, rather than diffused.
 */

#ifndef L_BITS

#define LABSIZ 60	/* just fits with di_mode in a disk inode */

#define L_UNDEF	0	/* no valid value yet */
#define L_YES	1	/* the universally permissive label */
#define L_NO	2	/* the universally restrictive label */
#define L_BITS	3	/* this one is in the lattice */

#define T_SETPRIV	1	/* may set file privs */
#define	T_SETLIC	2	/* may change licences */
#define	T_NOCHK	4	/* exempt from label checking */
#define	T_MOUNT	8	/* may change shape of label arena */
#define	T_UAREA	16	/* may write in u area */

struct labpriv {
	unsigned short	lp_flag : 2,
			lp_unused : 3,	/* used internally by kernel */
			lp_t : 5,	/* capabilities */
			lp_u : 5,	/* licences */
			lp_f : 1;	/* fixedness */
};

struct label {		/* form of label on disk */
	struct labpriv	lb_priv;
	unsigned char	lb_bits[LABSIZ];
#	define		lb_flag   lb_priv.lp_flag
#	define		lb_unused lb_priv.lp_unused
#	define		lb_t      lb_priv.lp_t
#	define		lb_u      lb_priv.lp_u
#	define		lb_f      lb_priv.lp_f
};

#ifdef KERNEL
#include "sys/jlabel.h"
#endif

#endif L_BITS
