⚠️ VeridianOS Kernel Documentation - This is low-level kernel code. All functions are unsafe unless explicitly marked otherwise. no_std

Module mac

veridian_kernel::security

Module mac 

Source
Expand description

Mandatory Access Control (MAC) system

Provides a policy-based access control system similar to SELinux. Enforces security policies for all system operations.

§Policy Language

The MAC system supports a simple text-based policy language:

allow source_type target_type { read write execute };
deny source_type target_type { write };
type_transition source_type target_type : process new_type;
role admin_r types { system_t init_t };
user root roles { admin_r };
sensitivity s0-s3;
category c0-c63;

§Multi-Level Security (MLS)

MLS uses sensitivity levels (0..=65535) and category bitmasks (64 bits). A security level dominates another if its sensitivity is greater or equal AND its category set is a superset of the other’s.

§RBAC Layer

Users are mapped to roles, and roles are mapped to types. A process running with a particular user identity can only transition into types allowed by that user’s assigned roles.

§Zero-Allocation Design

All data structures use fixed-size arrays and &'static str references to avoid heap allocations. This is critical for boot-time initialization on architectures (RISC-V, AArch64) where the bump allocator cannot handle many small allocations without corruption.

Structs§

DomainTransition
Domain transition rule.
MlsLevel
MLS security level with sensitivity and category bitmask.
PolicyRule
Security policy rule.
Role
Role definition mapping a role name to allowed types.
SecurityLabel
Full security label combining type, role, and MLS level.

Enums§

Permission
Permission types for policy rules.
PolicyAction
Action to take when a policy rule matches.

Functions§

add_policy_rule
Add a policy rule (new API with structured rule).
add_role
Add a role definition.
add_rule
Add a legacy policy rule (backward compatible with old PolicyRule::new).
add_transition
Add a domain transition rule.
assign_user_roles_static
Map a user to a set of roles (zero-allocation version).
check_access
Check if access is allowed by MAC policy.
check_access_full
Check access with full security label (MAC + MLS + RBAC).
check_file_access
Check file access using both MAC policy and capability system.
check_ipc_access
Check IPC access using both MAC policy and capability system.
disable
Disable MAC enforcement (for debugging).
enable
Enable MAC enforcement.
get_policy_count
Return the number of policy rules currently loaded.
get_process_label
Get the security label for a process.
init
Initialize MAC system.
is_enabled
Check whether MAC enforcement is currently enabled.
load_policy
Load a policy from text.
lookup_transition
Look up a domain transition.
role_allows_type
Check if a role allows a given type.
set_process_label
Set the security label for a process.
user_has_role
Check if a user is allowed to use a given role.