Reference Policy Linkage

The CDS Framework Toolkit policy is built on top of Reference Policy. As such, it defines many interfaces for use by other modules found in Reference Policy. The SELinux policy that is generated by CDS Framework is placed in its own module within Reference Policy and can be found within the cds layer named 'cdsframework-' followed by the name of the system. There are times when an interface into an existing Reference Policy module is needed to be accessed by the system's module. This is accomplished by using Base Domains and Base Resources.

Base domains and base resources are defined in linkage (.flnk) files. There are some shipped with the CDS Framework plugin, these files can be found in framework plug-in within the resources/link directory. Additional Base Resources and Base Domains are custom additions that the user can add.

Base Resource Definition Syntax

The basic structure for defining a base resource is as follows:

The keyword, base resource
The specific name of the base resource
One or more of the verbs available to the base resource. Verbs that can be defined here are read, write, and readwrite. The information for each verb that is defined is contained within curly braces.
Within each verb that is defined, a default access definition must be given. The proper syntax for this is the keyword, default, followed by curly braces that contain the actual default access definition.
Access definitions along with their associated behaviors. Each access definition given must contain the appropriate Reference Policy macros that will define their behavior. These macros are contained within curly braces following each access definition name. There must be at least one access definition associated with each verb that is defined for the base resource. In other words, the default access definition must be defined.

Below is an example of the linkage file for the base resource, eth2. As shown, eth2 defines behavior for the verbs, read, write, and readwrite:

 1.  baseresource eth2 {
 2.  	read {
 3.  		default  { udp_read }
 4.  		udp_read {
 5.  			corenet_udp_receive_eth2_if($)
 6.  		}
 7.  	}
 8.  	write {
 9.  		default  { udp_write }
10.  		udp_write {
11.  			corenet_udp_send_eth2_if($)
12.  		}
13.  	}
14.  	readwrite {
15.  		default  { udp_readwrite }
16.  	
17.  		tcp_readwrite {
18.  			corenet_tcp_sendrecv_eth2_if($)
19.  		}
20.  		udp_readwrite {
21.  			corenet_udp_sendrecv_eth2_if($)
22.   		}
23.  	}
24.  }

In the example above, the verb, read is given the default access definition, udp_read. This access definition is further defined starting on line 4. Specifically, the Reference Policy macro, corenet_udp_receive_eth2_if($) will be called when a domain reads the base resource, eth2. The '$' parameter for the macro will be filled with the domain type that is reading this base resource. In addition to the default behavior that is given to every verb, other access definitions can be given as well. The verb, readwrite in the example above (starting on line 14) defines the default behavior, udp_readwrite as well as the additional access definition, tcp_readwrite.

Base Domain Definition Syntax

Base domains define types and are much simpler. Base domain definitions contain the following:

The keyword, base domain
The specific name of the base domain
Definition of the types for this base domain
Definition of the roles for this base domain

Below is an example of a base domain that is defined in the linkage file:

basedomain root_d {
	type sysadm_t;
	role system_r;
}