⚠️ VeridianOS Kernel Documentation - This is low-level kernel code. All functions are unsafe unless explicitly marked otherwise. no_std

PolicyRule

veridian_kernel::security::mac

Struct PolicyRule 

Source 
pub struct PolicyRule {
    pub source_type: &'static str,
    pub target_type: &'static str,
    pub permissions: [Permission; 3],
    pub perm_count: u8,
    pub action: PolicyAction,
    pub enabled: bool,
}
Expand description

Security policy rule.

Uses fixed-size arrays and &'static str to avoid heap allocations.

Fields§

§source_type: &'static str

Source domain/type

§target_type: &'static str

Target domain/type

§permissions: [Permission; 3]

Allowed/denied permission set (fixed-size array)

§perm_count: u8

Number of active permissions in the array

§action: PolicyAction

Whether this rule allows or denies

§enabled: bool

Rule enabled

Implementations§

Source§

impl PolicyRule

Source

pub const fn new( source_type: &'static str, target_type: &'static str, permissions: [Permission; 3], perm_count: u8, action: PolicyAction, ) -> Self

Create a new policy rule with the given action.

Source

pub fn from_perms( source_type: &'static str, target_type: &'static str, perms: &[Permission], action: PolicyAction, ) -> Self

Create a policy rule from a slice of permissions.

Copies up to MAX_PERMISSIONS permissions into the fixed-size array.

Source

pub fn from_legacy( source: &'static str, target: &'static str, allowed: u8, ) -> Self

Create an Allow rule from a legacy bitmask for backward compatibility.

Source

pub fn allows(&self, access: AccessType) -> bool

Check if this rule matches and allows the given access.

Source

pub fn denies(&self, access: AccessType) -> bool

Check if this rule explicitly denies the given access.

Trait Implementations§

Source§

impl Clone for PolicyRule

Source§

fn clone(&self) -> PolicyRule

Returns a duplicate of the value. Read more
1.0.0§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
Source§

impl Debug for PolicyRule

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
Source§

impl Copy for PolicyRule

Auto Trait Implementations§

§

impl Freeze for PolicyRule

§

impl RefUnwindSafe for PolicyRule

§

impl Send for PolicyRule

§

impl Sync for PolicyRule

§

impl Unpin for PolicyRule

§

impl UnwindSafe for PolicyRule

Blanket Implementations§

§

impl<T> Any for T
where T: 'static + ?Sized,

§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
§

impl<T> Borrow<T> for T
where T: ?Sized,

§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
§

impl<T> BorrowMut<T> for T
where T: ?Sized,

§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
§

impl<T> CloneToUninit for T
where T: Clone,

§

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dest. Read more
§

impl<T> From<T> for T

§

fn from(t: T) -> T

Returns the argument unchanged.

§

impl<T, U> Into<U> for T
where U: From<T>,

§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of [From]<T> for U chooses to do.

§

impl<T> ToOwned for T
where T: Clone,

§

type Owned = T

The resulting type after obtaining ownership.
§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

§

type Error = Infallible

The type returned in the event of a conversion error.
§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.