tmp / linux-rsbac-1.2 / include / rsbac

syscalls.h File Reference

#include <linux/unistd.h>
#include <rsbac/types.h>
#include <rsbac/getname.h>
#include <rsbac/helpers.h>
#include <rsbac/error.h>

Enumeration Type Documentation

enum rsbac_syscall_t

Enumeration values:

RSYS_stats

RSYS_check

RSYS_get_attr

RSYS_get_attr_n

RSYS_set_attr

RSYS_set_attr_n

RSYS_remove_target

RSYS_remove_target_n

RSYS_net_list_all_netdev

RSYS_net_template

RSYS_net_list_all_template

RSYS_switch

RSYS_adf_log_switch

RSYS_get_adf_log

RSYS_write

RSYS_log

RSYS_mac_set_curr_level

RSYS_mac_get_curr_level

RSYS_mac_get_max_level

RSYS_mac_get_min_level

RSYS_mac_add_p_tru

RSYS_mac_remove_p_tru

RSYS_mac_add_f_tru

RSYS_mac_remove_f_tru

RSYS_mac_get_f_trulist

RSYS_mac_get_p_trulist

RSYS_stats_pm

RSYS_pm

RSYS_pm_change_current_task

RSYS_pm_create_file

RSYS_daz_flush_cache

RSYS_rc_copy_role

RSYS_rc_copy_type

RSYS_rc_get_item

RSYS_rc_set_item

RSYS_rc_change_role

RSYS_rc_get_eff_rights_n

RSYS_rc_get_list

RSYS_auth_add_p_cap

RSYS_auth_remove_p_cap

RSYS_auth_add_f_cap

RSYS_auth_remove_f_cap

RSYS_auth_get_f_caplist

RSYS_auth_get_p_caplist

RSYS_acl

RSYS_acl_n

RSYS_acl_get_rights

RSYS_acl_get_rights_n

RSYS_acl_get_tlist

RSYS_acl_get_tlist_n

RSYS_acl_get_mask

RSYS_acl_get_mask_n

RSYS_acl_group

RSYS_reg

RSYS_jail

RSYS_init

RSYS_rc_get_current_role

RSYS_um_auth_name

RSYS_um_auth_uid

RSYS_um_add_user

RSYS_um_add_group

RSYS_um_add_gm

RSYS_um_mod_user

RSYS_um_mod_group

RSYS_um_get_user_item

RSYS_um_get_group_item

RSYS_um_remove_user

RSYS_um_remove_group

RSYS_um_remove_gm

RSYS_um_user_exists

RSYS_um_group_exists

RSYS_um_get_next_user

RSYS_um_get_user_list

RSYS_um_get_gm_list

RSYS_um_get_gm_user_list

RSYS_um_get_group_list

RSYS_um_get_uid

RSYS_um_get_gid

RSYS_um_set_pass

RSYS_um_set_pass_name

RSYS_um_set_group_pass

RSYS_um_check_account

RSYS_um_check_account_name

RSYS_list_ta_begin

RSYS_list_ta_refresh

RSYS_list_ta_commit

RSYS_list_ta_forget

RSYS_list_all_dev

RSYS_acl_list_all_dev

RSYS_list_all_user

RSYS_acl_list_all_user

RSYS_list_all_group

RSYS_acl_list_all_group

RSYS_none

Definition at line 19 of file syscalls.h.
00020 { 00021 RSYS_stats, 00022 RSYS_check, 00023 RSYS_get_attr, 00024 RSYS_get_attr_n, 00025 RSYS_set_attr, 00026 RSYS_set_attr_n, 00027 RSYS_remove_target, 00028 RSYS_remove_target_n, 00029 RSYS_net_list_all_netdev, 00030 RSYS_net_template, 00031 RSYS_net_list_all_template, 00032 RSYS_switch, 00033 RSYS_adf_log_switch, 00034 RSYS_get_adf_log, 00035 RSYS_write, 00036 RSYS_log, 00037 RSYS_mac_set_curr_level, 00038 RSYS_mac_get_curr_level, 00039 RSYS_mac_get_max_level, 00040 RSYS_mac_get_min_level, 00041 RSYS_mac_add_p_tru, 00042 RSYS_mac_remove_p_tru, 00043 RSYS_mac_add_f_tru, 00044 RSYS_mac_remove_f_tru, 00045 RSYS_mac_get_f_trulist, 00046 RSYS_mac_get_p_trulist, 00047 RSYS_stats_pm, 00048 RSYS_pm, 00049 RSYS_pm_change_current_task, 00050 RSYS_pm_create_file, 00051 RSYS_daz_flush_cache, 00052 RSYS_rc_copy_role, 00053 RSYS_rc_copy_type, 00054 RSYS_rc_get_item, 00055 RSYS_rc_set_item, 00056 RSYS_rc_change_role, 00057 RSYS_rc_get_eff_rights_n, 00058 RSYS_rc_get_list, 00059 RSYS_auth_add_p_cap, 00060 RSYS_auth_remove_p_cap, 00061 RSYS_auth_add_f_cap, 00062 RSYS_auth_remove_f_cap, 00063 RSYS_auth_get_f_caplist, 00064 RSYS_auth_get_p_caplist, 00065 RSYS_acl, 00066 RSYS_acl_n, 00067 RSYS_acl_get_rights, 00068 RSYS_acl_get_rights_n, 00069 RSYS_acl_get_tlist, 00070 RSYS_acl_get_tlist_n, 00071 RSYS_acl_get_mask, 00072 RSYS_acl_get_mask_n, 00073 RSYS_acl_group, 00074 RSYS_reg, 00075 RSYS_jail, 00076 RSYS_init, 00077 RSYS_rc_get_current_role, 00078 RSYS_um_auth_name, 00079 RSYS_um_auth_uid, 00080 RSYS_um_add_user, 00081 RSYS_um_add_group, 00082 RSYS_um_add_gm, 00083 RSYS_um_mod_user, 00084 RSYS_um_mod_group, 00085 RSYS_um_get_user_item, 00086 RSYS_um_get_group_item, 00087 RSYS_um_remove_user, 00088 RSYS_um_remove_group, 00089 RSYS_um_remove_gm, 00090 RSYS_um_user_exists, 00091 RSYS_um_group_exists, 00092 RSYS_um_get_next_user, 00093 RSYS_um_get_user_list, 00094 RSYS_um_get_gm_list, 00095 RSYS_um_get_gm_user_list, 00096 RSYS_um_get_group_list, 00097 RSYS_um_get_uid, 00098 RSYS_um_get_gid, 00099 RSYS_um_set_pass, 00100 RSYS_um_set_pass_name, 00101 RSYS_um_set_group_pass, 00102 RSYS_um_check_account, 00103 RSYS_um_check_account_name, 00104 RSYS_list_ta_begin, 00105 RSYS_list_ta_refresh, 00106 RSYS_list_ta_commit, 00107 RSYS_list_ta_forget, 00108 RSYS_list_all_dev, 00109 RSYS_acl_list_all_dev, 00110 RSYS_list_all_user, 00111 RSYS_acl_list_all_user, 00112 RSYS_list_all_group, 00113 RSYS_acl_list_all_group, 00114 RSYS_none 00115 };

Function Documentation

int rsbac_acl ( rsbac_list_ta_number_t ta_number,

enum rsbac_acl_syscall_type_t call,

struct rsbac_acl_syscall_arg_t * arg

)

int rsbac_acl_get_mask ( rsbac_list_ta_number_t ta_number,

enum rsbac_target_t target,

union rsbac_target_id_t * tid,

rsbac_acl_rights_vector_t * mask_p

)

int rsbac_acl_get_mask_n ( rsbac_list_ta_number_t ta_number,

enum rsbac_target_t target,

char * t_name,

rsbac_acl_rights_vector_t * mask_p

)

int rsbac_acl_get_rights ( rsbac_list_ta_number_t ta_number,

struct rsbac_acl_syscall_arg_t * arg,

rsbac_acl_rights_vector_t * rights_p,

u_int effective

)

int rsbac_acl_get_rights_n ( rsbac_list_ta_number_t ta_number,

struct rsbac_acl_syscall_n_arg_t * arg,

rsbac_acl_rights_vector_t * rights_p,

u_int effective

)

int rsbac_acl_get_tlist ( rsbac_list_ta_number_t ta_number,

enum rsbac_target_t target,

union rsbac_target_id_t * tid,

struct rsbac_acl_entry_t entry_array[],

rsbac_time_t ttl_array[],

u_int maxnum

)

int rsbac_acl_get_tlist_n ( rsbac_list_ta_number_t ta_number,

enum rsbac_target_t target,

char * t_name,

struct rsbac_acl_entry_t entry_array[],

rsbac_time_t ttl_array[],

u_int maxnum

)

int rsbac_acl_group ( rsbac_list_ta_number_t ta_number,

enum rsbac_acl_group_syscall_type_t call,

union rsbac_acl_group_syscall_arg_t * arg_p

)

int rsbac_acl_list_all_dev ( rsbac_list_ta_number_t ta_number,

struct rsbac_dev_desc_t * id_p,

u_long maxnum

)

int rsbac_acl_list_all_group ( rsbac_list_ta_number_t ta_number,

rsbac_gid_t * id_p,

u_long maxnum

)

int rsbac_acl_list_all_user ( rsbac_list_ta_number_t ta_number,

rsbac_uid_t * id_p,

u_long maxnum

)

int rsbac_acl_n ( rsbac_list_ta_number_t ta_number,

enum rsbac_acl_syscall_type_t call,

struct rsbac_acl_syscall_n_arg_t * arg

)

int rsbac_adf_log_switch ( enum rsbac_adf_request_t request,

enum rsbac_target_t target,

u_int value

)

int rsbac_auth_add_f_cap ( rsbac_list_ta_number_t ta_number,

char * filename,

enum rsbac_auth_cap_type_t cap_type,

struct rsbac_auth_cap_range_t cap_range,

rsbac_time_t ttl

)

int rsbac_auth_add_p_cap ( rsbac_list_ta_number_t ta_number,

rsbac_pid_t pid,

enum rsbac_auth_cap_type_t cap_type,

struct rsbac_auth_cap_range_t cap_range,

rsbac_time_t ttl

)

Definition at line 35 of file auth_syscalls.c.
References A_auth_may_set_cap, AUTH, rsbac_attribute_value_t::auth_may_set_cap, FALSE, rsbac_auth_cap_range_t::first, rsbac_auth_cap_range_t::last, rsbac_target_id_t::process, rsbac_auth_add_to_p_capset(), RSBAC_EREADFAILED, RSBAC_EWRITEFAILED, rsbac_get_attr, rsbac_printk(), and T_PROCESS.
Referenced by sys_rsbac_auth_add_p_cap().
00041 { 00042 /* check only in non-maint mode */ 00043 #if !defined(CONFIG_RSBAC_MAINT) 00044 #ifdef CONFIG_RSBAC_SWITCH_AUTH 00045 if(rsbac_switch_auth) 00046 #endif 00047 { 00048 union rsbac_target_id_t i_tid; 00049 union rsbac_attribute_value_t i_attr_val1; 00050 00051 /* check auth_may_set_cap of calling process */ 00052 i_tid.process = current->pid; 00053 if (rsbac_get_attr(AUTH, 00054 T_PROCESS, 00055 i_tid, 00056 A_auth_may_set_cap, 00057 &i_attr_val1, 00058 FALSE)) 00059 { 00060 rsbac_ds_get_error("rsbac_auth_add_p_cap()", A_auth_may_set_cap); 00061 return(-RSBAC_EREADFAILED); 00062 } 00063 /* if auth_may_set_cap is not set, then reject */ 00064 if (!i_attr_val1.auth_may_set_cap) 00065 { 00066 rsbac_printk(KERN_INFO 00067 "rsbac_auth_add_p_cap(): adding AUTH cap %u:%u to process %u denied for process %u!\n", 00068 cap_range.first, 00069 cap_range.last, 00070 pid, 00071 current->pid); 00072 #ifdef CONFIG_RSBAC_SOFTMODE 00073 if( !rsbac_softmode 00074 #ifdef CONFIG_RSBAC_SOFTMODE_IND 00075 && !rsbac_ind_softmode[AUTH] 00076 #endif 00077 ) 00078 #endif 00079 return(-EPERM); 00080 } 00081 } 00082 #endif 00083 00084 /* OK, check passed. Add the capability. */ 00085 if(rsbac_auth_add_to_p_capset(ta_number, pid, cap_type, cap_range, ttl)) 00086 { 00087 rsbac_printk(KERN_WARNING 00088 "rsbac_auth_add_p_cap(): rsbac_auth_add_to_p_capset() returned error!\n"); 00089 return(-RSBAC_EWRITEFAILED); 00090 } 00091 return 0; 00092 }

int rsbac_auth_get_f_caplist ( rsbac_list_ta_number_t ta_number,

char * filename,

enum rsbac_auth_cap_type_t cap_type,

struct rsbac_auth_cap_range_t caplist[],

rsbac_time_t ttllist[],

u_int maxnum

)

int rsbac_auth_get_p_caplist ( rsbac_list_ta_number_t ta_number,

rsbac_pid_t pid,

enum rsbac_auth_cap_type_t cap_type,

struct rsbac_auth_cap_range_t caplist[],

rsbac_time_t ttllist[],

u_int maxnum

)

int rsbac_auth_remove_f_cap ( rsbac_list_ta_number_t ta_number,

char * filename,

enum rsbac_auth_cap_type_t cap_type,

struct rsbac_auth_cap_range_t cap_range

)

int rsbac_auth_remove_p_cap ( rsbac_list_ta_number_t ta_number,

rsbac_pid_t pid,

enum rsbac_auth_cap_type_t cap_type,

struct rsbac_auth_cap_range_t cap_range

)

Definition at line 94 of file auth_syscalls.c.
References A_auth_may_set_cap, AUTH, rsbac_attribute_value_t::auth_may_set_cap, FALSE, rsbac_auth_cap_range_t::first, rsbac_auth_cap_range_t::last, rsbac_target_id_t::process, rsbac_auth_remove_from_p_capset(), RSBAC_EREADFAILED, rsbac_get_attr, rsbac_printk(), and T_PROCESS.
Referenced by sys_rsbac_auth_remove_p_cap().
00099 { 00100 /* check only in non-maint mode */ 00101 #if !defined(CONFIG_RSBAC_MAINT) 00102 #ifdef CONFIG_RSBAC_SWITCH_AUTH 00103 if(rsbac_switch_auth) 00104 #endif 00105 { 00106 union rsbac_target_id_t i_tid; 00107 union rsbac_attribute_value_t i_attr_val1; 00108 00109 /* check auth_may_set_cap of calling process */ 00110 i_tid.process = current->pid; 00111 if (rsbac_get_attr(AUTH, 00112 T_PROCESS, 00113 i_tid, 00114 A_auth_may_set_cap, 00115 &i_attr_val1, 00116 FALSE)) 00117 { 00118 rsbac_ds_get_error("rsbac_auth_remove_p_cap()", A_auth_may_set_cap); 00119 return(-RSBAC_EREADFAILED); 00120 } 00121 /* if auth_may_set_cap is not set, then reject */ 00122 if (!i_attr_val1.auth_may_set_cap) 00123 { 00124 rsbac_printk(KERN_INFO 00125 "rsbac_auth_remove_p_cap(): removing AUTH cap %u:%u from process %u denied for process %u!\n", 00126 cap_range.first, 00127 cap_range.last, 00128 pid, 00129 current->pid); 00130 #ifdef CONFIG_RSBAC_SOFTMODE 00131 if( !rsbac_softmode 00132 #ifdef CONFIG_RSBAC_SOFTMODE_IND 00133 && !rsbac_ind_softmode[AUTH] 00134 #endif 00135 ) 00136 #endif 00137 return(-EPERM); 00138 } 00139 } 00140 #endif 00141 00142 /* OK, check passed. Try to remove the capability. */ 00143 return(rsbac_auth_remove_from_p_capset(ta_number, pid, cap_type, cap_range)); 00144 }

int rsbac_check ( int correct,

int check_inode

)

int rsbac_daz_flush_cache ( void )

int rsbac_get_adf_log ( enum rsbac_adf_request_t request,

enum rsbac_target_t target,

u_int * value_p

)

int rsbac_get_attr ( rsbac_list_ta_number_t ta_number,

enum rsbac_switch_target_t module,

enum rsbac_target_t target,

union rsbac_target_id_t * tid,

enum rsbac_attribute_t attr,

union rsbac_attribute_value_t * value,

int inherit

)

int rsbac_get_attr_n ( rsbac_list_ta_number_t ta_number,

enum rsbac_switch_target_t module,

enum rsbac_target_t target,

char * t_name,

enum rsbac_attribute_t attr,

union rsbac_attribute_value_t * value,

int inherit

)

int rsbac_init ( char * root_dev )

int rsbac_jail ( rsbac_version_t version,

char * path,

rsbac_jail_ip_t ip,

rsbac_jail_flags_t flags,

rsbac_cap_vector_t max_caps,

rsbac_jail_scd_vector_t scd_get,

rsbac_jail_scd_vector_t scd_modify

)

int rsbac_list_all_dev ( rsbac_list_ta_number_t ta_number,

struct rsbac_dev_desc_t * id_p,

u_long maxnum

)

int rsbac_list_all_group ( rsbac_list_ta_number_t ta_number,

rsbac_gid_t * id_p,

u_long maxnum

)

int rsbac_list_all_user ( rsbac_list_ta_number_t ta_number,

rsbac_uid_t * id_p,

u_long maxnum

)

int rsbac_list_ta_begin ( rsbac_time_t ttl,

rsbac_list_ta_number_t * ta_number_p,

rsbac_uid_t commit_uid,

char * password

)

int rsbac_list_ta_commit ( rsbac_list_ta_number_t ta_number,

char * password

)

int rsbac_list_ta_forget ( rsbac_list_ta_number_t ta_number,

char * password

)

int rsbac_list_ta_refresh ( rsbac_time_t ttl,

rsbac_list_ta_number_t ta_number,

char * password

)

int rsbac_log ( int type,

char * buf,

int len

)

Referenced by sys_rsbac_log().

int rsbac_mac_add_f_tru ( rsbac_list_ta_number_t ta_number,

char * filename,

rsbac_uid_t uid,

rsbac_time_t ttl

)

int rsbac_mac_add_p_tru ( rsbac_list_ta_number_t ta_number,

rsbac_pid_t pid,

rsbac_uid_t uid,

rsbac_time_t ttl

)

Definition at line 558 of file mac_syscalls.c.
References MAC, mac_sys_check_role(), RSBAC_EWRITEFAILED, rsbac_mac_add_to_p_truset(), rsbac_printk(), and SR_security_officer.
Referenced by sys_rsbac_mac_add_p_tru().
00563 { 00564 /* check only in non-maint mode */ 00565 #if !defined(CONFIG_RSBAC_MAINT) 00566 #ifdef CONFIG_RSBAC_SWITCH_MAC 00567 if(rsbac_switch_mac) 00568 #endif 00569 { 00570 if(mac_sys_check_role(SR_security_officer)) 00571 { 00572 rsbac_printk(KERN_INFO 00573 "rsbac_mac_add_p_tru(): adding MAC trusted user %u to process %u denied for process %u!\n", 00574 uid, 00575 pid, 00576 current->pid); 00577 #ifdef CONFIG_RSBAC_SOFTMODE 00578 if( !rsbac_softmode 00579 #ifdef CONFIG_RSBAC_SOFTMODE_IND 00580 && !rsbac_ind_softmode[MAC] 00581 #endif 00582 ) 00583 #endif 00584 return(-EPERM); 00585 } 00586 } 00587 #endif 00588 00589 /* OK, check passed. Add the truability. */ 00590 if(rsbac_mac_add_to_p_truset(ta_number, pid, uid, ttl)) 00591 { 00592 rsbac_printk(KERN_WARNING 00593 "rsbac_mac_add_p_tru(): rsbac_mac_add_to_p_truset() returned error!\n"); 00594 return(-RSBAC_EWRITEFAILED); 00595 } 00596 return 0; 00597 }

int rsbac_mac_get_curr_level ( rsbac_security_level_t * level_p,

rsbac_mac_category_vector_t * categories_p

)

Definition at line 443 of file mac_syscalls.c.
References A_current_sec_level, A_mac_curr_categories, A_none, rsbac_attribute_value_t::current_sec_level, FALSE, MAC, rsbac_attribute_value_t::mac_categories, rsbac_target_id_t::process, RSBAC_EREADFAILED, rsbac_get_attr, and T_PROCESS.
Referenced by sys_rsbac_mac_get_curr_level().
00445 { 00446 union rsbac_target_id_t tid; 00447 union rsbac_attribute_value_t attr_val; 00448 00449 tid.process = current->pid; 00450 if(level_p) 00451 { 00452 if (rsbac_get_attr(MAC, 00453 T_PROCESS, 00454 tid, 00455 A_current_sec_level, 00456 &attr_val, 00457 FALSE)) 00458 { /* failed! */ 00459 rsbac_ds_get_error("rsbac_mac_get_curr_level", A_none); 00460 return(-RSBAC_EREADFAILED); 00461 } 00462 *level_p = attr_val.current_sec_level; 00463 } 00464 if(categories_p) 00465 { 00466 if (rsbac_get_attr(MAC, 00467 T_PROCESS, 00468 tid, 00469 A_mac_curr_categories, 00470 &attr_val, 00471 FALSE)) 00472 { /* failed! */ 00473 rsbac_ds_get_error("rsbac_mac_get_curr_level", A_none); 00474 return(-RSBAC_EREADFAILED); 00475 } 00476 *categories_p = attr_val.mac_categories; 00477 } 00478 return 0; 00479 }

int rsbac_mac_get_f_trulist ( rsbac_list_ta_number_t ta_number,

char * filename,

rsbac_uid_t trulist[],

rsbac_time_t ttllist[],

u_int maxnum

)

int rsbac_mac_get_max_level ( rsbac_security_level_t * level_p,

rsbac_mac_category_vector_t * categories_p

)

Definition at line 481 of file mac_syscalls.c.
References A_mac_categories, A_none, A_security_level, FALSE, MAC, rsbac_attribute_value_t::mac_categories, rsbac_target_id_t::process, RSBAC_EREADFAILED, rsbac_get_attr, rsbac_attribute_value_t::security_level, and T_PROCESS.
Referenced by sys_rsbac_mac_get_max_level().
00483 { 00484 union rsbac_target_id_t tid; 00485 union rsbac_attribute_value_t attr_val; 00486 00487 tid.process = current->pid; 00488 if(level_p) 00489 { 00490 if (rsbac_get_attr(MAC, 00491 T_PROCESS, 00492 tid, 00493 A_security_level, 00494 &attr_val, 00495 FALSE)) 00496 { /* failed! */ 00497 rsbac_ds_get_error("rsbac_mac_get_max_level", A_none); 00498 return(-RSBAC_EREADFAILED); 00499 } 00500 *level_p = attr_val.security_level; 00501 } 00502 if(categories_p) 00503 { 00504 if (rsbac_get_attr(MAC, 00505 T_PROCESS, 00506 tid, 00507 A_mac_categories, 00508 &attr_val, 00509 FALSE)) 00510 { /* failed! */ 00511 rsbac_ds_get_error("rsbac_mac_get_max_level", A_none); 00512 return(-RSBAC_EREADFAILED); 00513 } 00514 *categories_p = attr_val.mac_categories; 00515 } 00516 return 0; 00517 }

int rsbac_mac_get_min_level ( rsbac_security_level_t * level_p,

rsbac_mac_category_vector_t * categories_p

)

Definition at line 520 of file mac_syscalls.c.
References A_mac_min_categories, A_min_security_level, A_none, FALSE, MAC, rsbac_attribute_value_t::mac_categories, rsbac_target_id_t::process, RSBAC_EREADFAILED, rsbac_get_attr, rsbac_attribute_value_t::security_level, and T_PROCESS.
Referenced by sys_rsbac_mac_get_min_level().
00522 { 00523 union rsbac_target_id_t tid; 00524 union rsbac_attribute_value_t attr_val; 00525 00526 tid.process = current->pid; 00527 if(level_p) 00528 { 00529 if (rsbac_get_attr(MAC, 00530 T_PROCESS, 00531 tid, 00532 A_min_security_level, 00533 &attr_val, 00534 FALSE)) 00535 { /* failed! */ 00536 rsbac_ds_get_error("rsbac_mac_get_min_level", A_none); 00537 return(-RSBAC_EREADFAILED); 00538 } 00539 *level_p = attr_val.security_level; 00540 } 00541 if(categories_p) 00542 { 00543 if (rsbac_get_attr(MAC, 00544 T_PROCESS, 00545 tid, 00546 A_mac_min_categories, 00547 &attr_val, 00548 FALSE)) 00549 { /* failed! */ 00550 rsbac_ds_get_error("rsbac_mac_get_min_level", A_none); 00551 return(-RSBAC_EREADFAILED); 00552 } 00553 *categories_p = attr_val.mac_categories; 00554 } 00555 return 0; 00556 }

int rsbac_mac_get_p_trulist ( rsbac_list_ta_number_t ta_number,

rsbac_pid_t pid,

rsbac_uid_t trulist[],

rsbac_time_t ttllist[],

u_int maxnum

)

int rsbac_mac_remove_f_tru ( rsbac_list_ta_number_t ta_number,

char * filename,

rsbac_uid_t uid

)

int rsbac_mac_remove_p_tru ( rsbac_list_ta_number_t ta_number,

rsbac_pid_t pid,

rsbac_uid_t uid

)

Definition at line 599 of file mac_syscalls.c.
References MAC, mac_sys_check_role(), rsbac_mac_remove_from_p_truset(), rsbac_printk(), and SR_security_officer.
Referenced by sys_rsbac_mac_remove_p_tru().
00603 { 00604 /* check only in non-maint mode */ 00605 #if !defined(CONFIG_RSBAC_MAINT) 00606 #ifdef CONFIG_RSBAC_SWITCH_MAC 00607 if(rsbac_switch_mac) 00608 #endif 00609 { 00610 if(mac_sys_check_role(SR_security_officer)) 00611 { 00612 rsbac_printk(KERN_INFO 00613 "rsbac_mac_remove_p_tru(): removing MAC trusted user %u from process %u denied for process %u!\n", 00614 uid, 00615 pid, 00616 current->pid); 00617 #ifdef CONFIG_RSBAC_SOFTMODE 00618 if( !rsbac_softmode 00619 #ifdef CONFIG_RSBAC_SOFTMODE_IND 00620 && !rsbac_ind_softmode[MAC] 00621 #endif 00622 ) 00623 #endif 00624 return(-EPERM); 00625 } 00626 } 00627 #endif 00628 /* OK, check passed. Try to remove the trusted user */ 00629 return(rsbac_mac_remove_from_p_truset(ta_number, pid, uid)); 00630 }

int rsbac_mac_set_curr_level ( rsbac_security_level_t level,

rsbac_mac_category_vector_t * categories_p

)

int rsbac_net_list_all_netdev ( rsbac_list_ta_number_t ta_number,

rsbac_netdev_id_t * id_p,

u_long maxnum

)

int rsbac_net_list_all_template ( rsbac_list_ta_number_t ta_number,

rsbac_net_temp_id_t * id_p,

u_long maxnum

)

int rsbac_net_template ( rsbac_list_ta_number_t ta_number,

enum rsbac_net_temp_syscall_t call,

rsbac_net_temp_id_t id,

union rsbac_net_temp_syscall_data_t * data_p

)

int rsbac_pm ( rsbac_list_ta_number_t ta_number,

enum rsbac_pm_function_type_t function,

union rsbac_pm_function_param_t * param_p,

rsbac_pm_tkt_id_t ticket

)

int rsbac_pm_change_current_task ( rsbac_pm_task_id_t task )

Definition at line 2993 of file pm_syscalls.c.
References A_pm_current_task, A_pm_task_set, A_pm_tp, FALSE, rsbac_attribute_value_t::owner, PM, rsbac_attribute_value_t::pm_current_task, rsbac_attribute_value_t::pm_task_set, rsbac_attribute_value_t::pm_tp, rsbac_target_id_t::process, RSBAC_EINVALIDVALUE, RSBAC_ENOTINITIALIZED, RSBAC_EPERM, RSBAC_EREADFAILED, RSBAC_EWRITEFAILED, rsbac_get_attr, rsbac_is_initialized(), rsbac_pm_set_member(), rsbac_set_attr, T_PROCESS, T_USER, and rsbac_target_id_t::user.
Referenced by sys_rsbac_pm_change_current_task().
02994 { 02995 union rsbac_target_id_t tid; 02996 union rsbac_attribute_value_t attr_val; 02997 int error = 0; 02998 rsbac_uid_t owner; 02999 union rsbac_pm_set_id_t pm_set_id; 03000 union rsbac_pm_set_member_t pm_set_member; 03001 03002 /* No processing possible before init (called at boot time) */ 03003 if (!rsbac_is_initialized()) 03004 return(-RSBAC_ENOTINITIALIZED); 03005 03006 if(!task) 03007 return(-RSBAC_EINVALIDVALUE); 03008 #ifdef CONFIG_RSBAC_DEBUG 03009 if (rsbac_debug_aef_pm) 03010 printk(KERN_DEBUG 03011 "rsbac_pm_change_current_task(): called for task %i!\n", 03012 task); 03013 #endif 03014 /* getting current_tp of calling process from rsbac system */ 03015 tid.process = current->pid; 03016 if((error = rsbac_get_attr(PM,T_PROCESS, 03017 tid, 03018 A_pm_tp, 03019 &attr_val, 03020 FALSE))) 03021 { 03022 printk(KERN_WARNING 03023 "rsbac_pm_change_current_task(): rsbac_get_attr() for pm_tp returned error %i", 03024 error); 03025 return(-RSBAC_EREADFAILED); /* something weird happened */ 03026 } 03027 /* changing current_task for a tp is forbidden -> error */ 03028 if(attr_val.pm_tp) 03029 { 03030 #ifdef CONFIG_RSBAC_DEBUG 03031 if(rsbac_debug_adf_pm) 03032 printk(KERN_DEBUG 03033 "rsbac_pm_change_current_task(): tried to change current_task for tp-process\n"); 03034 #endif 03035 return(-RSBAC_EPERM); 03036 } 03037 03038 /* Getting basic information about caller */ 03039 /* only useful for real process, not idle or init */ 03040 if (current->pid > 1) 03041 owner = current->uid; 03042 else /* caller_pid <= 1 -> kernel or init are always owned by root */ 03043 owner = 0; 03044 03045 /* getting owner's task_set_id (authorized tasks) from rsbac system */ 03046 tid.user = owner; 03047 if((error = rsbac_get_attr(PM,T_USER, 03048 tid, 03049 A_pm_task_set, 03050 &attr_val, 03051 FALSE))) 03052 { 03053 printk(KERN_WARNING 03054 "rsbac_pm_change_current_task(): rsbac_get_attr() for pm_task_set returned error %i", 03055 error); 03056 return(-RSBAC_EREADFAILED); /* something weird happened */ 03057 } 03058 03059 /* if there is no set of authorized tasks for owner: deny */ 03060 if(!attr_val.pm_task_set) 03061 { 03062 #ifdef CONFIG_RSBAC_DEBUG 03063 if(rsbac_debug_adf_pm) 03064 printk(KERN_DEBUG 03065 "rsbac_pm_change_current_task(): process owner has no authorized task\n"); 03066 #endif 03067 return(-RSBAC_EPERM); 03068 } 03069 03070 /* check, whether owner is authorized for this task */ 03071 pm_set_id.task_set = attr_val.pm_task_set; 03072 pm_set_member.task = task; 03073 if(!rsbac_pm_set_member(0,PS_TASK,pm_set_id,pm_set_member)) 03074 { 03075 #ifdef CONFIG_RSBAC_DEBUG 03076 if(rsbac_debug_adf_pm) 03077 printk(KERN_DEBUG 03078 "rsbac_pm_change_current_task(): process owner is not authorized for task\n"); 03079 #endif 03080 return(-RSBAC_EPERM); 03081 } 03082 03083 /* OK, checks are passed. Change current_task for process. */ 03084 tid.process = current->pid; 03085 attr_val.pm_current_task = task; 03086 if((error = rsbac_set_attr(PM,T_PROCESS, 03087 tid, 03088 A_pm_current_task, 03089 attr_val))) 03090 { 03091 printk(KERN_WARNING 03092 "rsbac_pm_change_current_task(): rsbac_set_attr() for pm_current_task returned error %i", 03093 error); 03094 return(-RSBAC_EWRITEFAILED); /* something weird happened */ 03095 } 03096 return(0); 03097 }

int rsbac_pm_create_file ( const char * filename,

int mode,

rsbac_pm_object_class_id_t object_class

)

Definition at line 3099 of file pm_syscalls.c.
References A_pm_current_task, A_pm_object_class, A_pm_tp, FALSE, PM, rsbac_attribute_value_t::pm_current_task, rsbac_attribute_value_t::pm_object_class, rsbac_attribute_value_t::pm_tp, rsbac_target_id_t::process, RSBAC_EINVALIDTARGET, RSBAC_EINVALIDVALUE, RSBAC_ENOTFOUND, RSBAC_EPERM, RSBAC_EREADFAILED, rsbac_get_attr, RSBAC_PM_A_CREATE, RSBAC_PM_DEV_OBJECT_CLASS_ID, rsbac_pm_exists(), rsbac_pm_get_data(), RSBAC_PM_IPC_OBJECT_CLASS_ID, rsbac_pm_set_member(), rsbac_set_attr, T_FILE, and T_PROCESS.
Referenced by sys_rsbac_pm_create_file().
03102 { 03103 union rsbac_target_id_t tid; 03104 union rsbac_attribute_value_t attr_val; 03105 union rsbac_attribute_value_t attr_val2; 03106 union rsbac_pm_target_id_t pm_tid; 03107 union rsbac_pm_data_value_t data_val; 03108 union rsbac_pm_data_value_t data_val2; 03109 int error = 0; 03110 union rsbac_pm_set_id_t pm_set_id; 03111 union rsbac_pm_set_member_t pm_set_member; 03112 03113 #ifdef CONFIG_RSBAC_DEBUG 03114 if (rsbac_debug_aef_pm) 03115 printk(KERN_DEBUG 03116 "sys_rsbac_pm_create_file(): called with class %i, mode %o!\n", 03117 object_class, mode); 03118 #endif 03119 /* do not allow IPC or DEV class */ 03120 if( (object_class == RSBAC_PM_IPC_OBJECT_CLASS_ID) 03121 || (object_class == RSBAC_PM_DEV_OBJECT_CLASS_ID)) 03122 { 03123 #ifdef CONFIG_RSBAC_DEBUG 03124 if(rsbac_debug_adf_pm) 03125 printk(KERN_DEBUG 03126 "rsbac_pm_create_file(): Class-ID is IPC or DEV\n"); 03127 #endif 03128 return(-RSBAC_EINVALIDVALUE); 03129 } 03130 03131 /* is mode for regular file? */ 03132 if(mode & ~S_IRWXUGO) 03133 { 03134 #ifdef CONFIG_RSBAC_DEBUG 03135 if(rsbac_debug_adf_pm) 03136 printk(KERN_DEBUG 03137 "rsbac_pm_create_file(): illegal creation mode\n"); 03138 #endif 03139 return(-RSBAC_EINVALIDVALUE); 03140 } 03141 03142 /* does class exist (NIL always exists)? */ 03143 if(object_class) 03144 { 03145 pm_tid.object_class = object_class; 03146 if(!rsbac_pm_exists(0, 03147 PMT_CLASS, 03148 pm_tid)) 03149 { 03150 #ifdef CONFIG_RSBAC_DEBUG 03151 if(rsbac_debug_adf_pm) 03152 printk(KERN_DEBUG 03153 "rsbac_pm_create_file(): non-existent class\n"); 03154 #endif 03155 return(-RSBAC_EINVALIDVALUE); 03156 } 03157 } 03158 03159 /* getting current_task of calling process from rsbac system */ 03160 tid.process = current->pid; 03161 if((error = rsbac_get_attr(PM,T_PROCESS, 03162 tid, 03163 A_pm_current_task, 03164 &attr_val, 03165 FALSE))) 03166 { 03167 printk(KERN_WARNING 03168 "rsbac_pm_create_file(): rsbac_get_attr() for pm_current_task returned error %i", 03169 error); 03170 return(-RSBAC_EREADFAILED); /* something weird happened */ 03171 } 03172 03173 /* getting current_tp of calling process from rsbac system */ 03174 if((error = rsbac_get_attr(PM,T_PROCESS, 03175 tid, 03176 A_pm_tp, 03177 &attr_val2, 03178 FALSE))) 03179 { 03180 printk(KERN_WARNING 03181 "rsbac_pm_create_file(): rsbac_get_attr() for pm_tp returned error %i", 03182 error); 03183 return(-RSBAC_EREADFAILED); /* something weird happened */ 03184 } 03185 03186 /* getting neccessary accesses for task, class, tp from PM-data */ 03187 pm_tid.na.task = attr_val.pm_current_task; 03188 pm_tid.na.object_class = object_class; 03189 pm_tid.na.tp = attr_val2.pm_tp; 03190 if((error = rsbac_pm_get_data(0, 03191 PMT_NA, 03192 pm_tid, 03193 PD_accesses, 03194 &data_val))) 03195 { 03196 if( (error != -RSBAC_EINVALIDTARGET) 03197 && (error != -RSBAC_ENOTFOUND) 03198 ) 03199 printk(KERN_WARNING 03200 "rsbac_pm_create_file(): rsbac_pm_get_data() for NA/accesses returned error %i", 03201 error); 03202 #ifdef CONFIG_RSBAC_DEBUG 03203 else if(rsbac_debug_adf_pm) 03204 printk(KERN_DEBUG 03205 "rsbac_pm_create_file(): NA/accesses (%i,%i,%i) not found\n", 03206 pm_tid.na.task, object_class, pm_tid.na.tp); 03207 #endif 03208 return(-RSBAC_EPERM); /* deny */ 03209 } 03210 03211 /* is create necessary? if not -> error */ 03212 if(!(data_val.accesses & RSBAC_PM_A_CREATE)) 03213 { 03214 #ifdef CONFIG_RSBAC_DEBUG 03215 if(rsbac_debug_adf_pm) 03216 printk(KERN_DEBUG 03217 "rsbac_pm_create_file(): create is not necessary\n"); 03218 #endif 03219 return(-RSBAC_EPERM); 03220 } 03221 03222 /* get purpose for current_task */ 03223 pm_tid.task = attr_val.pm_current_task; 03224 if((error = rsbac_pm_get_data(0, 03225 PMT_TASK, 03226 pm_tid, 03227 PD_purpose, 03228 &data_val))) 03229 { 03230 if( (error != -RSBAC_EINVALIDTARGET) 03231 && (error != -RSBAC_ENOTFOUND) 03232 ) 03233 printk(KERN_WARNING 03234 "rsbac_pm_create_file(): rsbac_get_data() for TASK/purpose returned error %i", 03235 error); 03236 return(-RSBAC_EPERM); /* deny */ 03237 } 03238 03239 /* further checks only, if there is a purpose defined */ 03240 if(data_val.purpose) 03241 { 03242 /* get purpose_set_id for class */ 03243 pm_tid.object_class = object_class; 03244 if((error = rsbac_pm_get_data(0, 03245 PMT_CLASS, 03246 pm_tid, 03247 PD_pp_set, 03248 &data_val2))) 03249 { 03250 if( (error == -RSBAC_EINVALIDTARGET) 03251 || (error == -RSBAC_ENOTFOUND) 03252 ) 03253 { 03254 #ifdef CONFIG_RSBAC_DEBUG 03255 if(rsbac_debug_adf_pm) 03256 printk(KERN_DEBUG 03257 "rsbac_pm_create_file(): non-existent class\n"); 03258 #endif 03259 return(-RSBAC_EINVALIDVALUE); 03260 } 03261 printk(KERN_WARNING 03262 "rsbac_pm_create_file(): rsbac_get_data() for TASK/purpose returned error %i", 03263 error); 03264 return(-RSBAC_EREADFAILED); /* deny */ 03265 } 03266 /* if there is no purpose set for this class, deny */ 03267 if(!data_val2.pp_set) 03268 { 03269 #ifdef CONFIG_RSBAC_DEBUG 03270 if(rsbac_debug_adf_pm) 03271 printk(KERN_DEBUG 03272 "rsbac_pm_create_file(): current_task has purpose, class not\n"); 03273 #endif 03274 return(-RSBAC_EPERM); 03275 } 03276 03277 /* last check: is our task's purpose in the set of purposes for our class? */ 03278 pm_set_id.pp_set = data_val2.pp_set; 03279 pm_set_member.pp = data_val.purpose; 03280 if(!rsbac_pm_set_member(0,PS_PP,pm_set_id,pm_set_member)) 03281 /* our task's purpose does not match with class purposes -> deny */ 03282 { 03283 #ifdef CONFIG_RSBAC_DEBUG 03284 if(rsbac_debug_adf_pm) 03285 printk(KERN_DEBUG 03286 "rsbac_pm_create_file(): purpose of current_task is not in purpose set of class\n"); 03287 #endif 03288 return(-RSBAC_EPERM); 03289 } 03290 } 03291 03292 /* try to create object using standard syscalls, leading to general rsbac */ 03293 /* checks via ADF-Request */ 03294 /* we are not using sys_creat(), because alpha kernels don't know it */ 03295 lock_kernel(); 03296 error = sys_open(filename, O_CREAT | O_WRONLY | O_TRUNC, mode); 03297 unlock_kernel(); 03298 if (error < 0) 03299 return(error); 03300 03301 /* setting class for new object */ 03302 #if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,0) 03303 tid.file.device = current->files->fd[error]->f_vfsmnt->mnt_sb->s_dev; 03304 tid.file.inode = current->files->fd[error]->f_dentry->d_inode->i_ino; 03305 tid.file.dentry_p = current->files->fd[error]->f_dentry; 03306 #else 03307 tid.file.device = current->files->fd[error]->f_dentry->d_inode->i_dev; 03308 tid.file.inode = current->files->fd[error]->f_dentry->d_inode->i_ino; 03309 tid.file.dentry_p = current->files->fd[error]->f_dentry; 03310 #endif 03311 attr_val.pm_object_class = object_class; 03312 if(rsbac_set_attr(PM,T_FILE, 03313 tid, 03314 A_pm_object_class, 03315 attr_val)) 03316 { 03317 printk(KERN_WARNING 03318 "rsbac_pm_create_file(): rsbac_set_attr() for pm_object_class returned error"); 03319 } 03320 return(error); 03321 }

int rsbac_rc_change_role ( rsbac_rc_role_id_t role )

int rsbac_rc_copy_role ( rsbac_list_ta_number_t ta_number,

rsbac_rc_role_id_t from_role,

rsbac_rc_role_id_t to_role

)

Definition at line 1788 of file rc_data_structures.c.
References NULL, RC_role_max_value, role_adr_handle, role_asr_handle, role_dfdc_handle, role_handle, role_rc_handle, role_tcdv_handle, role_tcfd_handle, role_tcgr_handle, role_tcip_handle, role_tcnd_handle, role_tcno_handle, role_tcnt_handle, role_tcpr_handle, role_tcsc_handle, role_tcus_handle, RSBAC_EINVALIDTARGET, RSBAC_ENOTINITIALIZED, rsbac_is_initialized(), rsbac_list_lol_get_subitem_size(), rsbac_printk(), rsbac_ta_list_add_ttl(), rsbac_ta_list_get_data_ttl(), rsbac_ta_list_lol_get_all_subdesc_ttl(), rsbac_ta_list_lol_get_all_subitems_ttl(), rsbac_ta_list_lol_remove(), rsbac_ta_list_lol_subadd_ttl(), and rsbac_vfree.
Referenced by rsbac_rc_sys_copy_role().
01792 { 01793 struct rsbac_rc_role_entry_t entry; 01794 rsbac_rc_role_id_t * role_array; 01795 char * item_array; 01796 long count; 01797 u_long i; 01798 int err; 01799 01800 if (!rsbac_is_initialized()) 01801 { 01802 rsbac_printk(KERN_WARNING "rsbac_rc_copy_role(): RSBAC not initialized\n"); 01803 return(-RSBAC_ENOTINITIALIZED); 01804 } 01805 if( (from_role > RC_role_max_value) 01806 || (to_role > RC_role_max_value) 01807 || (to_role == from_role) 01808 ) 01809 return(-RSBAC_EINVALIDTARGET); 01810 01811 /* copy */ 01812 err = rsbac_ta_list_get_data_ttl(ta_number, role_handle, NULL, &from_role, &entry); 01813 if(err) 01814 return err; 01815 err = rsbac_ta_list_add_ttl(ta_number, role_handle, 0, &to_role, &entry); 01816 if(err) 01817 return err; 01818 01819 rsbac_ta_list_lol_remove(ta_number, role_rc_handle, &to_role); 01820 count = rsbac_ta_list_lol_get_all_subdesc_ttl(ta_number, role_rc_handle, 01821 &from_role, (void **) &role_array, NULL); 01822 if(count > 0) 01823 { 01824 for(i=0; i<count ; i++) 01825 rsbac_ta_list_lol_subadd_ttl(ta_number, role_rc_handle, 0, &to_role, &role_array[i], 0); 01826 rsbac_vfree(role_array); 01827 } 01828 rsbac_ta_list_lol_remove(ta_number, role_adr_handle, &to_role); 01829 count = rsbac_ta_list_lol_get_all_subdesc_ttl(ta_number, role_adr_handle, &from_role, (void **) &role_array, NULL); 01830 if(count > 0) 01831 { 01832 for(i=0; i<count ; i++) 01833 rsbac_ta_list_lol_subadd_ttl(ta_number, role_adr_handle, 0, &to_role, &role_array[i], 0); 01834 rsbac_vfree(role_array); 01835 } 01836 rsbac_ta_list_lol_remove(ta_number, role_asr_handle, &to_role); 01837 count = rsbac_ta_list_lol_get_all_subdesc_ttl(ta_number, role_asr_handle, &from_role, (void **) &role_array, NULL); 01838 if(count > 0) 01839 { 01840 for(i=0; i<count ; i++) 01841 rsbac_ta_list_lol_subadd_ttl(ta_number, role_asr_handle, 0, &to_role, &role_array[i], 0); 01842 rsbac_vfree(role_array); 01843 } 01844 rsbac_ta_list_lol_remove(ta_number, role_dfdc_handle, &to_role); 01845 count = rsbac_ta_list_lol_get_all_subitems_ttl(ta_number, role_dfdc_handle, &from_role, (void **) &item_array, NULL); 01846 if(count > 0) 01847 { 01848 char * tmp = item_array; 01849 int size = rsbac_list_lol_get_subitem_size(role_dfdc_handle); 01850 01851 for(i=0; i<count ; i++) 01852 { 01853 rsbac_ta_list_lol_subadd_ttl(ta_number, role_dfdc_handle, 0, &to_role, tmp, tmp + sizeof(rsbac_rc_role_id_t)); 01854 tmp += size; 01855 } 01856 rsbac_vfree(item_array); 01857 } 01858 rsbac_ta_list_lol_remove(ta_number, role_tcfd_handle, &to_role); 01859 count = rsbac_ta_list_lol_get_all_subitems_ttl(ta_number, role_tcfd_handle, &from_role, (void **) &item_array, NULL); 01860 if(count > 0) 01861 { 01862 char * tmp = item_array; 01863 int size = rsbac_list_lol_get_subitem_size(role_tcfd_handle); 01864 01865 for(i=0; i<count ; i++) 01866 { 01867 rsbac_ta_list_lol_subadd_ttl(ta_number, role_tcfd_handle, 0, &to_role, tmp, tmp + sizeof(rsbac_rc_role_id_t)); 01868 tmp += size; 01869 } 01870 rsbac_vfree(item_array); 01871 } 01872 rsbac_ta_list_lol_remove(ta_number, role_tcdv_handle, &to_role); 01873 count = rsbac_ta_list_lol_get_all_subitems_ttl(ta_number, role_tcdv_handle, &from_role, (void **) &item_array, NULL); 01874 if(count > 0) 01875 { 01876 char * tmp = item_array; 01877 int size = rsbac_list_lol_get_subitem_size(role_tcdv_handle); 01878 01879 for(i=0; i<count ; i++) 01880 { 01881 rsbac_ta_list_lol_subadd_ttl(ta_number, role_tcdv_handle, 0, &to_role, tmp, tmp + sizeof(rsbac_rc_role_id_t)); 01882 tmp += size; 01883 } 01884 rsbac_vfree(item_array); 01885 } 01886 rsbac_ta_list_lol_remove(ta_number, role_tcus_handle, &to_role); 01887 count = rsbac_ta_list_lol_get_all_subitems_ttl(ta_number, role_tcus_handle, &from_role, (void **) &item_array, NULL); 01888 if(count > 0) 01889 { 01890 char * tmp = item_array; 01891 int size = rsbac_list_lol_get_subitem_size(role_tcus_handle); 01892 01893 for(i=0; i<count ; i++) 01894 { 01895 rsbac_ta_list_lol_subadd_ttl(ta_number, role_tcus_handle, 0, &to_role, tmp, tmp + sizeof(rsbac_rc_role_id_t)); 01896 tmp += size; 01897 } 01898 rsbac_vfree(item_array); 01899 } 01900 rsbac_ta_list_lol_remove(ta_number,role_tcpr_handle, &to_role); 01901 count = rsbac_ta_list_lol_get_all_subitems_ttl(ta_number, role_tcpr_handle, &from_role, (void **) &item_array, NULL); 01902 if(count > 0) 01903 { 01904 char * tmp = item_array; 01905 int size = rsbac_list_lol_get_subitem_size(role_tcpr_handle); 01906 01907 for(i=0; i<count ; i++) 01908 { 01909 rsbac_ta_list_lol_subadd_ttl(ta_number, role_tcpr_handle, 0, &to_role, tmp, tmp + sizeof(rsbac_rc_role_id_t)); 01910 tmp += size; 01911 } 01912 rsbac_vfree(item_array); 01913 } 01914 rsbac_ta_list_lol_remove(ta_number, role_tcip_handle, &to_role); 01915 count = rsbac_ta_list_lol_get_all_subitems_ttl(ta_number, role_tcip_handle, &from_role, (void **) &item_array, NULL); 01916 if(count > 0) 01917 { 01918 char * tmp = item_array; 01919 int size = rsbac_list_lol_get_subitem_size(role_tcip_handle); 01920 01921 for(i=0; i<count ; i++) 01922 { 01923 rsbac_ta_list_lol_subadd_ttl(ta_number, role_tcip_handle, 0, &to_role, tmp, tmp + sizeof(rsbac_rc_role_id_t)); 01924 tmp += size; 01925 } 01926 rsbac_vfree(item_array); 01927 } 01928 rsbac_ta_list_lol_remove(ta_number, role_tcsc_handle, &to_role); 01929 count = rsbac_ta_list_lol_get_all_subitems_ttl(ta_number, role_tcsc_handle, &from_role, (void **) &item_array, NULL); 01930 if(count > 0) 01931 { 01932 char * tmp = item_array; 01933 int size = rsbac_list_lol_get_subitem_size(role_tcsc_handle); 01934 01935 for(i=0; i<count ; i++) 01936 { 01937 rsbac_ta_list_lol_subadd_ttl(ta_number, role_tcsc_handle, 0, &to_role, tmp, tmp + sizeof(rsbac_rc_role_id_t)); 01938 tmp += size; 01939 } 01940 rsbac_vfree(item_array); 01941 } 01942 rsbac_ta_list_lol_remove(ta_number, role_tcgr_handle, &to_role); 01943 count = rsbac_ta_list_lol_get_all_subitems_ttl(ta_number, role_tcgr_handle, &from_role, (void **) &item_array, NULL); 01944 if(count > 0) 01945 { 01946 char * tmp = item_array; 01947 int size = rsbac_list_lol_get_subitem_size(role_tcgr_handle); 01948 01949 for(i=0; i<count ; i++) 01950 { 01951 rsbac_ta_list_lol_subadd_ttl(ta_number, role_tcgr_handle, 0, &to_role, tmp, tmp + sizeof(rsbac_rc_role_id_t)); 01952 tmp += size; 01953 } 01954 rsbac_vfree(item_array); 01955 } 01956 rsbac_ta_list_lol_remove(ta_number, role_tcnd_handle, &to_role); 01957 count = rsbac_ta_list_lol_get_all_subitems_ttl(ta_number, role_tcnd_handle, &from_role, (void **) &item_array, NULL); 01958 if(count > 0) 01959 { 01960 char * tmp = item_array; 01961 int size = rsbac_list_lol_get_subitem_size(role_tcnd_handle); 01962 01963 for(i=0; i<count ; i++) 01964 { 01965 rsbac_ta_list_lol_subadd_ttl(ta_number, role_tcnd_handle, 0, &to_role, tmp, tmp + sizeof(rsbac_rc_role_id_t)); 01966 tmp += size; 01967 } 01968 rsbac_vfree(item_array); 01969 } 01970 rsbac_ta_list_lol_remove(ta_number, role_tcnt_handle, &to_role); 01971 count = rsbac_ta_list_lol_get_all_subitems_ttl(ta_number, role_tcnt_handle, &from_role, (void **) &item_array, NULL); 01972 if(count > 0) 01973 { 01974 char * tmp = item_array; 01975 int size = rsbac_list_lol_get_subitem_size(role_tcnt_handle); 01976 01977 for(i=0; i<count ; i++) 01978 { 01979 rsbac_ta_list_lol_subadd_ttl(ta_number, role_tcnt_handle, 0, &to_role, tmp, tmp + sizeof(rsbac_rc_role_id_t)); 01980 tmp += size; 01981 } 01982 rsbac_vfree(item_array); 01983 } 01984 rsbac_ta_list_lol_remove(ta_number, role_tcno_handle, &to_role); 01985 count = rsbac_ta_list_lol_get_all_subitems_ttl(ta_number, role_tcno_handle, &from_role, (void **) &item_array, NULL); 01986 if(count > 0) 01987 { 01988 char * tmp = item_array; 01989 int size = rsbac_list_lol_get_subitem_size(role_tcno_handle); 01990 01991 for(i=0; i<count ; i++) 01992 { 01993 rsbac_ta_list_lol_subadd_ttl(ta_number, role_tcno_handle, 0, &to_role, tmp, tmp + sizeof(rsbac_rc_role_id_t)); 01994 tmp += size; 01995 } 01996 rsbac_vfree(item_array); 01997 } 01998 return(0); 01999 }

int rsbac_rc_copy_type ( rsbac_list_ta_number_t ta_number,

enum rsbac_target_t target,

rsbac_rc_type_id_t from_type,

rsbac_rc_type_id_t to_type

)

int rsbac_rc_get_current_role ( rsbac_rc_role_id_t * role_p )

int rsbac_rc_get_eff_rights_n ( rsbac_list_ta_number_t ta_number,

enum rsbac_target_t target,

char * t_name,

rsbac_rc_request_vector_t * request_vector_p,

rsbac_time_t * ttl_p

)

int rsbac_rc_get_item ( rsbac_list_ta_number_t ta_number,

enum rsbac_rc_target_t target,

union rsbac_rc_target_id_t * tid_p,

union rsbac_rc_target_id_t * subtid_p,

enum rsbac_rc_item_t item,

union rsbac_rc_item_value_t * value_p,

rsbac_time_t * ttl_p

)

int rsbac_rc_get_list ( rsbac_list_ta_number_t ta_number,

enum rsbac_rc_target_t target,

union rsbac_rc_target_id_t * tid_p,

enum rsbac_rc_item_t item,

u_int maxnum,

__u32 * array_p,

rsbac_time_t * ttl_array_p

)

int rsbac_rc_set_item ( rsbac_list_ta_number_t ta_number,

enum rsbac_rc_target_t target,

union rsbac_rc_target_id_t * tid_p,

union rsbac_rc_target_id_t * subtid_p,

enum rsbac_rc_item_t item,

union rsbac_rc_item_value_t * value_p,

rsbac_time_t ttl

)

int rsbac_reg ( rsbac_reg_handle_t handle,

void * arg

)

int rsbac_remove_target ( rsbac_list_ta_number_t ta_number,

enum rsbac_target_t target,

union rsbac_target_id_t * tid

)

int rsbac_remove_target_n ( rsbac_list_ta_number_t ta_number,

enum rsbac_target_t target,

char * t_name

)

int rsbac_set_attr ( rsbac_list_ta_number_t ta_number,

enum rsbac_switch_target_t module,

enum rsbac_target_t target,

union rsbac_target_id_t * tid,

enum rsbac_attribute_t attr,

union rsbac_attribute_value_t * value

)

int rsbac_set_attr_n ( rsbac_list_ta_number_t ta_number,

enum rsbac_switch_target_t module,

enum rsbac_target_t target,

char * t_name,

enum rsbac_attribute_t attr,

union rsbac_attribute_value_t * value

)

int rsbac_stats ( void )

Definition at line 8618 of file aci_data_structures.c.
References dev_handles, dev_major_handles, device_list_head, ipc_handles, process_handles, rsbac_adf_request_count, rsbac_adf_set_attr_count, RSBAC_ENOTINITIALIZED, rsbac_initialized, rsbac_list_count(), rsbac_printk(), rsbac_stats_acl(), rsbac_stats_auth(), rsbac_stats_pm(), rsbac_stats_rc(), T_DEV, T_DIR, T_FIFO, T_FILE, T_IPC, T_NETDEV, T_NETOBJ, T_NETTEMP, T_PROCESS, T_SCD, T_SYMLINK, T_USER, and user_handles.
Referenced by sys_rsbac_stats().
08619 { 08620 struct rsbac_device_list_item_t * device_p; 08621 int i; 08622 u_long fd_count = 0, fd_sum = 0; 08623 u_long dev_sum = 0; 08624 u_long ipc_sum = 0; 08625 u_long user_sum = 0; 08626 u_long process_sum = 0; 08627 #if defined(CONFIG_RSBAC_UM) 08628 u_long group_sum = 0; 08629 #endif 08630 #if defined(CONFIG_RSBAC_NET_OBJ) 08631 u_long nettemp_sum = 0; 08632 u_long lnetobj_sum = 0; 08633 u_long rnetobj_sum = 0; 08634 #endif 08635 u_long total_sum = 0; 08636 long tmp_count; 08637 u_long dflags; 08638 08639 if (!rsbac_initialized) 08640 { 08641 rsbac_printk(KERN_WARNING "rsbac_stats(): RSBAC not initialized\n"); 08642 return(-RSBAC_ENOTINITIALIZED); 08643 } 08644 /* wait for read access to device_list_head */ 08645 rsbac_read_lock(&device_list_head.lock, &dflags); 08646 /* OK, go on */ 08647 /* rsbac_printk(KERN_INFO "rsbac_stats(): currently %u processes working on file/dir aci\n", 08648 device_list_head.lock.lock); */ 08649 device_p = device_list_head.head; 08650 while (device_p) 08651 { /* for all sublists */ 08652 fd_count = 0; 08653 for (i=0; i < RSBAC_GEN_NR_FD_LISTS; i++) 08654 { 08655 tmp_count = rsbac_list_count(device_p->handles.gen[i]); 08656 if(tmp_count > 0) 08657 fd_count+=tmp_count; 08658 } 08659 rsbac_printk(KERN_INFO "Device %02u:%02u fd_items: %lu GEN", 08660 RSBAC_MAJOR(device_p->id), RSBAC_MINOR(device_p->id), fd_count); 08661 fd_sum += fd_count; 08662 08663 #if defined(CONFIG_RSBAC_MAC) 08664 fd_count = 0; 08665 for (i=0; i < RSBAC_MAC_NR_FD_LISTS; i++) 08666 { 08667 tmp_count = rsbac_list_count(device_p->handles.mac[i]); 08668 if(tmp_count > 0) 08669 fd_count+=tmp_count; 08670 } 08671 rsbac_printk(", %lu MAC", 08672 fd_count); 08673 fd_sum += fd_count; 08674 #endif 08675 08676 #if defined(CONFIG_RSBAC_PM) 08677 fd_count = 0; 08678 for (i=0; i < RSBAC_PM_NR_FD_LISTS; i++) 08679 { 08680 tmp_count = rsbac_list_count(device_p->handles.pm[i]); 08681 if(tmp_count > 0) 08682 fd_count+=tmp_count; 08683 } 08684 rsbac_printk(", %lu PM", 08685 fd_count); 08686 fd_sum += fd_count; 08687 #endif 08688 08689 #if defined(CONFIG_RSBAC_DAZ) 08690 fd_count = 0; 08691 for (i=0; i < RSBAC_DAZ_NR_FD_LISTS; i++) 08692 { 08693 tmp_count = rsbac_list_count(device_p->handles.daz[i]); 08694 if(tmp_count > 0) 08695 fd_count+=tmp_count; 08696 } 08697 rsbac_printk(", %lu DAZ", 08698 fd_count); 08699 fd_sum += fd_count; 08700 #if defined(CONFIG_RSBAC_DAZ_CACHE) 08701 fd_count = 0; 08702 for (i=0; i < RSBAC_DAZ_SCANNED_NR_FD_LISTS; i++) 08703 { 08704 tmp_count = rsbac_list_count(device_p->handles.dazs[i]); 08705 if(tmp_count > 0) 08706 fd_count+=tmp_count; 08707 } 08708 rsbac_printk(", %lu DAZ_SCANNED", 08709 fd_count); 08710 fd_sum += fd_count; 08711 #endif 08712 #endif 08713 08714 #if defined(CONFIG_RSBAC_FF) 08715 fd_count = 0; 08716 for (i=0; i < RSBAC_FF_NR_FD_LISTS; i++) 08717 { 08718 tmp_count = rsbac_list_count(device_p->handles.ff[i]); 08719 if(tmp_count > 0) 08720 fd_count+=tmp_count; 08721 } 08722 rsbac_printk(", %lu FF", 08723 fd_count); 08724 fd_sum += fd_count; 08725 #endif 08726 08727 #if defined(CONFIG_RSBAC_RC) 08728 fd_count = 0; 08729 for (i=0; i < RSBAC_RC_NR_FD_LISTS; i++) 08730 { 08731 tmp_count = rsbac_list_count(device_p->handles.rc[i]); 08732 if(tmp_count > 0) 08733 fd_count+=tmp_count; 08734 } 08735 rsbac_printk(", %lu RC", 08736 fd_count); 08737 fd_sum += fd_count; 08738 #endif 08739 08740 #if defined(CONFIG_RSBAC_AUTH) 08741 fd_count = 0; 08742 for (i=0; i < RSBAC_AUTH_NR_FD_LISTS; i++) 08743 { 08744 tmp_count = rsbac_list_count(device_p->handles.auth[i]); 08745 if(tmp_count > 0) 08746 fd_count+=tmp_count; 08747 } 08748 rsbac_printk(", %lu AUTH", 08749 fd_count); 08750 fd_sum += fd_count; 08751 #endif 08752 08753 #if defined(CONFIG_RSBAC_CAP) 08754 fd_count = 0; 08755 for (i=0; i < RSBAC_CAP_NR_FD_LISTS; i++) 08756 { 08757 tmp_count = rsbac_list_count(device_p->handles.cap[i]); 08758 if(tmp_count > 0) 08759 fd_count+=tmp_count; 08760 } 08761 rsbac_printk(", %lu CAP", 08762 fd_count); 08763 fd_sum += fd_count; 08764 #endif 08765 #if defined(CONFIG_RSBAC_RES) 08766 fd_count = 0; 08767 for (i=0; i < RSBAC_RES_NR_FD_LISTS; i++) 08768 { 08769 tmp_count = rsbac_list_count(device_p->handles.res[i]); 08770 if(tmp_count > 0) 08771 fd_count+=tmp_count; 08772 } 08773 rsbac_printk(", %lu RES", 08774 fd_count); 08775 fd_sum += fd_count; 08776 #endif 08777 #if defined(CONFIG_RSBAC_PAX) 08778 fd_count = 0; 08779 for (i=0; i < RSBAC_PAX_NR_FD_LISTS; i++) 08780 { 08781 tmp_count = rsbac_list_count(device_p->handles.pax[i]); 08782 if(tmp_count > 0) 08783 fd_count+=tmp_count; 08784 } 08785 rsbac_printk(", %lu PAX", 08786 fd_count); 08787 fd_sum += fd_count; 08788 #endif 08789 08790 rsbac_printk("\n"); 08791 device_p = device_p->next; 08792 } 08793 rsbac_printk(KERN_INFO "rsbac_stats(): Sum of %u Devices with %lu fd-items\n", 08794 device_list_head.count, fd_sum); 08795 /* free access to device_list_head */ 08796 rsbac_read_unlock(&device_list_head.lock, &dflags); 08797 total_sum += fd_sum; 08798 08799 /* dev lists */ 08800 tmp_count = rsbac_list_count(dev_handles.gen); 08801 rsbac_printk(KERN_INFO "DEV items: %lu GEN", 08802 tmp_count); 08803 dev_sum += tmp_count; 08804 #if defined(CONFIG_RSBAC_MAC) 08805 tmp_count = rsbac_list_count(dev_handles.mac); 08806 rsbac_printk(", %lu MAC", 08807 tmp_count); 08808 dev_sum += tmp_count; 08809 #endif 08810 #if defined(CONFIG_RSBAC_PM) 08811 tmp_count = rsbac_list_count(dev_handles.pm); 08812 rsbac_printk(", %lu PM", 08813 tmp_count); 08814 dev_sum += tmp_count; 08815 #endif 08816 #if defined(CONFIG_RSBAC_RC) 08817 tmp_count = rsbac_list_count(dev_major_handles.rc); 08818 rsbac_printk(", %lu major RC", 08819 tmp_count); 08820 dev_sum += tmp_count; 08821 tmp_count = rsbac_list_count(dev_handles.rc); 08822 rsbac_printk(", %lu RC", 08823 tmp_count); 08824 dev_sum += tmp_count; 08825 #endif 08826 rsbac_printk("\n"); 08827 rsbac_printk(KERN_INFO "Sum of %lu DEV items\n", 08828 dev_sum); 08829 total_sum += dev_sum; 08830 08831 /* ipc lists */ 08832 rsbac_printk(KERN_INFO "IPC items: no GEN"); 08833 #if defined(CONFIG_RSBAC_MAC) 08834 tmp_count = rsbac_list_count(ipc_handles.mac); 08835 rsbac_printk(", %lu MAC", 08836 tmp_count); 08837 ipc_sum += tmp_count; 08838 #endif 08839 #if defined(CONFIG_RSBAC_PM) 08840 tmp_count = rsbac_list_count(ipc_handles.pm); 08841 rsbac_printk(", %lu PM", 08842 tmp_count); 08843 ipc_sum += tmp_count; 08844 #endif 08845 #if defined(CONFIG_RSBAC_RC) 08846 tmp_count = rsbac_list_count(ipc_handles.rc); 08847 rsbac_printk(", %lu RC", 08848 tmp_count); 08849 ipc_sum += tmp_count; 08850 #endif 08851 #if defined(CONFIG_RSBAC_JAIL) 08852 tmp_count = rsbac_list_count(ipc_handles.jail); 08853 rsbac_printk(", %lu JAIL", 08854 tmp_count); 08855 ipc_sum += tmp_count; 08856 #endif 08857 rsbac_printk("\n"); 08858 rsbac_printk(KERN_INFO "Sum of %lu IPC items\n", 08859 ipc_sum); 08860 total_sum += ipc_sum; 08861 08862 /* user lists */ 08863 tmp_count = rsbac_list_count(user_handles.gen); 08864 rsbac_printk(KERN_INFO "USER items: %lu GEN", 08865 tmp_count); 08866 user_sum += tmp_count; 08867 #if defined(CONFIG_RSBAC_MAC) 08868 tmp_count = rsbac_list_count(user_handles.mac); 08869 rsbac_printk(", %lu MAC", 08870 tmp_count); 08871 user_sum += tmp_count; 08872 #endif 08873 #if defined(CONFIG_RSBAC_PM) 08874 tmp_count = rsbac_list_count(user_handles.pm); 08875 rsbac_printk(", %lu PM", 08876 tmp_count); 08877 user_sum += tmp_count; 08878 #endif 08879 #if defined(CONFIG_RSBAC_DAZ) 08880 tmp_count = rsbac_list_count(user_handles.daz); 08881 rsbac_printk(", %lu DAZ", 08882 tmp_count); 08883 user_sum += tmp_count; 08884 #endif 08885 #if defined(CONFIG_RSBAC_RC) 08886 tmp_count = rsbac_list_count(user_handles.rc); 08887 rsbac_printk(", %lu RC", 08888 tmp_count); 08889 user_sum += tmp_count; 08890 #endif 08891 #if defined(CONFIG_RSBAC_AUTH) 08892 tmp_count = rsbac_list_count(user_handles.auth); 08893 rsbac_printk(", %lu AUTH", 08894 tmp_count); 08895 user_sum += tmp_count; 08896 #endif 08897 #if defined(CONFIG_RSBAC_CAP) 08898 tmp_count = rsbac_list_count(user_handles.cap); 08899 rsbac_printk(", %lu CAP", 08900 tmp_count); 08901 user_sum += tmp_count; 08902 #endif 08903 #if defined(CONFIG_RSBAC_JAIL) 08904 tmp_count = rsbac_list_count(user_handles.jail); 08905 rsbac_printk(", %lu JAIL", 08906 tmp_count); 08907 user_sum += tmp_count; 08908 #endif 08909 #if defined(CONFIG_RSBAC_RES) 08910 tmp_count = rsbac_list_count(user_handles.res); 08911 rsbac_printk(", %lu RES", 08912 tmp_count); 08913 user_sum += tmp_count; 08914 #endif 08915 #if defined(CONFIG_RSBAC_PAX) 08916 tmp_count = rsbac_list_count(user_handles.pax); 08917 rsbac_printk(", %lu PAX", 08918 tmp_count); 08919 user_sum += tmp_count; 08920 #endif 08921 rsbac_printk("\n"); 08922 rsbac_printk(KERN_INFO "Sum of %lu USER items\n", 08923 user_sum); 08924 total_sum += user_sum; 08925 08926 /* process lists */ 08927 tmp_count = 0; 08928 for(i=0; i<CONFIG_RSBAC_GEN_NR_P_LISTS; i++) 08929 tmp_count += rsbac_list_count(process_handles.gen[i]); 08930 rsbac_printk(KERN_INFO "PROCESS items: %lu GEN", 08931 tmp_count); 08932 process_sum += tmp_count; 08933 #if defined(CONFIG_RSBAC_MAC) 08934 tmp_count = 0; 08935 for(i=0; i<CONFIG_RSBAC_MAC_NR_P_LISTS; i++) 08936 tmp_count += rsbac_list_count(process_handles.mac[i]); 08937 rsbac_printk(", %lu MAC", 08938 tmp_count); 08939 process_sum += tmp_count; 08940 #endif 08941 #if defined(CONFIG_RSBAC_PM) 08942 tmp_count = rsbac_list_count(process_handles.pm); 08943 rsbac_printk(", %lu PM", 08944 tmp_count); 08945 process_sum += tmp_count; 08946 #endif 08947 #if defined(CONFIG_RSBAC_DAZ) 08948 tmp_count = rsbac_list_count(process_handles.daz); 08949 rsbac_printk(", %lu DAZ", 08950 tmp_count); 08951 process_sum += tmp_count; 08952 #endif 08953 #if defined(CONFIG_RSBAC_RC) 08954 tmp_count = 0; 08955 for(i=0; i<CONFIG_RSBAC_RC_NR_P_LISTS; i++) 08956 tmp_count += rsbac_list_count(process_handles.rc[i]); 08957 rsbac_printk(", %lu RC", 08958 tmp_count); 08959 process_sum += tmp_count; 08960 #endif 08961 #if defined(CONFIG_RSBAC_AUTH) 08962 tmp_count = rsbac_list_count(process_handles.auth); 08963 rsbac_printk(", %lu AUTH", 08964 tmp_count); 08965 process_sum += tmp_count; 08966 #endif 08967 #if defined(CONFIG_RSBAC_CAP) 08968 tmp_count = rsbac_list_count(process_handles.cap); 08969 rsbac_printk(", %lu CAP", 08970 tmp_count); 08971 process_sum += tmp_count; 08972 #endif 08973 #if defined(CONFIG_RSBAC_JAIL) 08974 tmp_count = 0; 08975 for(i=0; i<CONFIG_RSBAC_JAIL_NR_P_LISTS; i++) 08976 tmp_count += rsbac_list_count(process_handles.jail[i]); 08977 rsbac_printk(", %lu JAIL", 08978 tmp_count); 08979 process_sum += tmp_count; 08980 #endif 08981 rsbac_printk("\n"); 08982 rsbac_printk(KERN_INFO "Sum of %lu PROCESS items\n", 08983 process_sum); 08984 total_sum += process_sum; 08985 08986 #if defined(CONFIG_RSBAC_UM) 08987 /* group lists */ 08988 rsbac_printk(KERN_INFO "GROUP items: "); 08989 #if defined(CONFIG_RSBAC_RC_UM_PROT) 08990 tmp_count = rsbac_list_count(group_handles.rc); 08991 rsbac_printk("%lu RC", 08992 tmp_count); 08993 user_sum += tmp_count; 08994 #endif 08995 rsbac_printk("\n"); 08996 rsbac_printk(KERN_INFO "Sum of %lu GROUP items\n", 08997 group_sum); 08998 total_sum += group_sum; 08999 #endif 09000 09001 #if defined(CONFIG_RSBAC_NET_OBJ) 09002 /* nettemp lists */ 09003 rsbac_printk(KERN_INFO "NETTEMP items: "); 09004 #if defined(CONFIG_RSBAC_MAC) 09005 tmp_count = rsbac_list_count(nettemp_handles.mac); 09006 rsbac_printk("%lu MAC, ", 09007 tmp_count); 09008 nettemp_sum += tmp_count; 09009 #endif 09010 #if defined(CONFIG_RSBAC_PM) 09011 tmp_count = rsbac_list_count(nettemp_handles.pm); 09012 rsbac_printk("%lu PM, ", 09013 tmp_count); 09014 nettemp_sum += tmp_count; 09015 #endif 09016 #if defined(CONFIG_RSBAC_RC) 09017 tmp_count = rsbac_list_count(nettemp_handles.rc); 09018 rsbac_printk("%lu RC, ", 09019 tmp_count); 09020 nettemp_sum += tmp_count; 09021 #endif 09022 rsbac_printk("\n"); 09023 rsbac_printk(KERN_INFO "Sum of %lu NETTEMP items\n", 09024 nettemp_sum); 09025 total_sum += nettemp_sum; 09026 09027 /* local netobj lists */ 09028 rsbac_printk(KERN_INFO "Local NETOBJ items:"); 09029 #if defined(CONFIG_RSBAC_MAC) 09030 tmp_count = rsbac_list_count(lnetobj_handles.mac); 09031 rsbac_printk(" %lu MAC,", 09032 tmp_count); 09033 lnetobj_sum += tmp_count; 09034 #endif 09035 #if defined(CONFIG_RSBAC_PM) 09036 tmp_count = rsbac_list_count(lnetobj_handles.pm); 09037 rsbac_printk(" %lu PM,", 09038 tmp_count); 09039 lnetobj_sum += tmp_count; 09040 #endif 09041 #if defined(CONFIG_RSBAC_RC) 09042 tmp_count = rsbac_list_count(lnetobj_handles.rc); 09043 rsbac_printk(" %lu RC", 09044 tmp_count); 09045 lnetobj_sum += tmp_count; 09046 #endif 09047 rsbac_printk("\n"); 09048 rsbac_printk(KERN_INFO "Sum of %lu Local NETOBJ items\n", 09049 lnetobj_sum); 09050 total_sum += lnetobj_sum; 09051 09052 /* remote netobj lists */ 09053 rsbac_printk(KERN_INFO "Remote NETOBJ items:"); 09054 #if defined(CONFIG_RSBAC_MAC) 09055 tmp_count = rsbac_list_count(rnetobj_handles.mac); 09056 rsbac_printk(" %lu MAC,", 09057 tmp_count); 09058 rnetobj_sum += tmp_count; 09059 #endif 09060 #if defined(CONFIG_RSBAC_PM) 09061 tmp_count = rsbac_list_count(rnetobj_handles.pm); 09062 rsbac_printk(" %lu PM,", 09063 tmp_count); 09064 rnetobj_sum += tmp_count; 09065 #endif 09066 #if defined(CONFIG_RSBAC_RC) 09067 tmp_count = rsbac_list_count(rnetobj_handles.rc); 09068 rsbac_printk(" %lu RC", 09069 tmp_count); 09070 rnetobj_sum += tmp_count; 09071 #endif 09072 rsbac_printk("\n"); 09073 rsbac_printk(KERN_INFO "Sum of %lu Remote NETOBJ items\n", 09074 rnetobj_sum); 09075 total_sum += rnetobj_sum; 09076 #endif /* NET_OBJ */ 09077 09078 rsbac_printk(KERN_INFO 09079 "Total of %lu registered rsbac-items\n", 09080 total_sum); 09081 09082 rsbac_printk(KERN_INFO 09083 "adf_request calls: file: %lu, dir: %lu, fifo: %lu, symlink: %lu, dev: %lu, ipc: %lu, scd: %lu, user: %lu, process: %lu, netdev: %lu, nettemp: %lu, netobj: %lu\n", 09084 rsbac_adf_request_count[T_FILE], 09085 rsbac_adf_request_count[T_DIR], 09086 rsbac_adf_request_count[T_FIFO], 09087 rsbac_adf_request_count[T_SYMLINK], 09088 rsbac_adf_request_count[T_DEV], 09089 rsbac_adf_request_count[T_IPC], 09090 rsbac_adf_request_count[T_SCD], 09091 rsbac_adf_request_count[T_USER], 09092 rsbac_adf_request_count[T_PROCESS], 09093 rsbac_adf_request_count[T_NETDEV], 09094 rsbac_adf_request_count[T_NETTEMP], 09095 rsbac_adf_request_count[T_NETOBJ]); 09096 rsbac_printk(KERN_INFO 09097 "adf_set_attr calls: file: %lu, dir: %lu, fifo: %lu, symlink: %lu, dev: %lu, ipc: %lu, scd: %lu, user: %lu, process: %lu, netdev: %lu, nettemp: %lu, netobj: %lu\n", 09098 rsbac_adf_set_attr_count[T_FILE], 09099 rsbac_adf_set_attr_count[T_DIR], 09100 rsbac_adf_set_attr_count[T_FIFO], 09101 rsbac_adf_set_attr_count[T_SYMLINK], 09102 rsbac_adf_set_attr_count[T_DEV], 09103 rsbac_adf_set_attr_count[T_IPC], 09104 rsbac_adf_set_attr_count[T_SCD], 09105 rsbac_adf_set_attr_count[T_USER], 09106 rsbac_adf_set_attr_count[T_PROCESS], 09107 rsbac_adf_set_attr_count[T_NETDEV], 09108 rsbac_adf_set_attr_count[T_NETTEMP], 09109 rsbac_adf_set_attr_count[T_NETOBJ]); 09110 09111 #if defined(CONFIG_RSBAC_PM) 09112 rsbac_stats_pm(); 09113 #endif 09114 #if defined(CONFIG_RSBAC_RC) 09115 rsbac_stats_rc(); 09116 #endif 09117 #if defined(CONFIG_RSBAC_AUTH) 09118 rsbac_stats_auth(); 09119 #endif 09120 #if defined(CONFIG_RSBAC_ACL) 09121 rsbac_stats_acl(); 09122 #endif 09123 return(0); 09124 }

int rsbac_stats_pm ( void )

Definition at line 1593 of file pm_data_structures.c.
References class_handle, cs_handle, in_pp_set_handle, na_handle, out_pp_set_handle, pp_handle, pp_set_handle, RSBAC_ENOTINITIALIZED, rsbac_is_initialized(), rsbac_list_count(), rsbac_list_lol_all_subcount(), rsbac_list_lol_count(), rsbac_printk(), ru_set_handle, task_handle, task_set_handle, tkt_handle, tp_handle, and tp_set_handle.
Referenced by rsbac_stats(), and sys_rsbac_stats_pm().
01594 { 01595 u_long tmp_count; 01596 u_long tmp_member_count; 01597 u_long all_set_count = 0; 01598 u_long all_member_count = 0; 01599 u_long all_count = 0; 01600 01601 if (!rsbac_is_initialized()) 01602 { 01603 rsbac_printk(KERN_WARNING "rsbac_stats_pm(): RSBAC not initialized\n"); 01604 return(-RSBAC_ENOTINITIALIZED); 01605 } 01606 01607 /****************/ 01608 /* Helper lists */ 01609 /****************/ 01610 01611 tmp_count = rsbac_list_lol_count(task_set_handle); 01612 tmp_member_count = rsbac_list_lol_all_subcount(task_set_handle); 01613 rsbac_printk(KERN_INFO "rsbac_stats_pm(): %lu task-set-items, sum of %lu members\n", 01614 tmp_count, tmp_member_count); 01615 all_set_count += tmp_count; 01616 all_member_count += tmp_member_count; 01617 01618 tmp_count = rsbac_list_lol_count(tp_set_handle); 01619 tmp_member_count = rsbac_list_lol_all_subcount(tp_set_handle); 01620 rsbac_printk(KERN_INFO "rsbac_stats_pm(): %lu tp set items, sum of %lu members\n", 01621 tmp_count, tmp_member_count); 01622 all_set_count += tmp_count; 01623 all_member_count += tmp_member_count; 01624 01625 tmp_count = rsbac_list_lol_count(ru_set_handle); 01626 tmp_member_count = rsbac_list_lol_all_subcount(ru_set_handle); 01627 rsbac_printk(KERN_INFO "rsbac_stats_pm(): %lu ru set items, sum of %lu members\n", 01628 tmp_count, tmp_member_count); 01629 all_set_count += tmp_count; 01630 all_member_count += tmp_member_count; 01631 01632 tmp_count = rsbac_list_lol_count(pp_set_handle); 01633 tmp_member_count = rsbac_list_lol_all_subcount(pp_set_handle); 01634 rsbac_printk(KERN_INFO "rsbac_stats_pm(): %lu pp set items, sum of %lu members\n", 01635 tmp_count, tmp_member_count); 01636 all_set_count += tmp_count; 01637 all_member_count += tmp_member_count; 01638 01639 tmp_count = rsbac_list_lol_count(in_pp_set_handle); 01640 tmp_member_count = rsbac_list_lol_all_subcount(in_pp_set_handle); 01641 rsbac_printk(KERN_INFO "rsbac_stats_pm(): %lu input purpose set items, sum of %lu members\n", 01642 tmp_count, tmp_member_count); 01643 all_set_count += tmp_count; 01644 all_member_count += tmp_member_count; 01645 01646 tmp_count = rsbac_list_lol_count(out_pp_set_handle); 01647 tmp_member_count = rsbac_list_lol_all_subcount(out_pp_set_handle); 01648 rsbac_printk(KERN_INFO "rsbac_stats_pm(): %lu output purpose set items, sum of %lu members\n", 01649 tmp_count, tmp_member_count); 01650 all_set_count += tmp_count; 01651 all_member_count += tmp_member_count; 01652 01653 rsbac_printk(KERN_INFO "rsbac_stats_pm(): Total of %lu registered rsbac-pm-set-items, %lu members\n", 01654 all_set_count, all_member_count); 01655 01656 /**************/ 01657 /* Main lists */ 01658 /**************/ 01659 tmp_count = rsbac_list_count(task_handle); 01660 rsbac_printk(KERN_INFO "rsbac_stats_pm(): %lu task items\n", 01661 tmp_count); 01662 all_count += tmp_count; 01663 01664 tmp_count = rsbac_list_count(class_handle); 01665 rsbac_printk(KERN_INFO "rsbac_stats_pm(): %lu class items\n", 01666 tmp_count); 01667 all_count += tmp_count; 01668 01669 tmp_count = rsbac_list_count(na_handle); 01670 rsbac_printk(KERN_INFO "rsbac_stats_pm(): %lu na items\n", 01671 tmp_count); 01672 all_count += tmp_count; 01673 01674 tmp_count = rsbac_list_count(cs_handle); 01675 rsbac_printk(KERN_INFO "rsbac_stats_pm(): %lu cs items\n", 01676 tmp_count); 01677 all_count += tmp_count; 01678 01679 tmp_count = rsbac_list_count(tp_handle); 01680 rsbac_printk(KERN_INFO "rsbac_stats_pm(): %lu tp items\n", 01681 tmp_count); 01682 all_count += tmp_count; 01683 01684 tmp_count = rsbac_list_count(pp_handle); 01685 rsbac_printk(KERN_INFO "rsbac_stats_pm(): %lu pp items\n", 01686 tmp_count); 01687 all_count += tmp_count; 01688 01689 tmp_count = rsbac_list_count(tkt_handle); 01690 rsbac_printk(KERN_INFO "rsbac_stats_pm(): %lu tkt items\n", 01691 tmp_count); 01692 all_count += tmp_count; 01693 01694 rsbac_printk(KERN_INFO "rsbac_stats_pm(): Total of %lu registered rsbac-pm-items\n", 01695 all_count); 01696 return 0; 01697 }

int rsbac_switch ( enum rsbac_switch_target_t target,

int value

)

int rsbac_um_add_gm ( rsbac_list_ta_number_t ta_number,

rsbac_uid_t uid,

rsbac_gid_t gid,

rsbac_time_t ttl

)

Definition at line 630 of file um_data_structures.c.
00635 { 00636 if (!rsbac_is_initialized()) 00637 { 00638 rsbac_printk(KERN_WARNING "rsbac_um_add_gm(): RSBAC not initialized\n"); 00639 return(-RSBAC_ENOTINITIALIZED); 00640 } 00641 #ifdef CONFIG_RSBAC_UM_EXCL 00642 if(!rsbac_um_no_excl) 00643 { 00644 if(!rsbac_ta_list_exist(ta_number, user_handle[user_hash(user)], &user)) 00645 { 00646 rsbac_printk(KERN_INFO 00647 "rsbac_um_add_gm(): uid %u not known to RSBAC User Management!\n", 00648 user); 00649 return -RSBAC_ENOTFOUND; 00650 } 00651 if(!rsbac_ta_list_exist(ta_number, group_handle[group_hash(group)], &group)) 00652 { 00653 rsbac_printk(KERN_INFO 00654 "rsbac_um_add_gm(): gid %u not known to RSBAC User Management!\n", 00655 group); 00656 return -RSBAC_ENOTFOUND; 00657 } 00658 } 00659 #endif 00660 #ifdef CONFIG_RSBAC_DEBUG 00661 if (rsbac_debug_aef_um) 00662 { 00663 rsbac_printk(KERN_DEBUG "rsbac_um_add_gm(): adding user %u group %u\n", 00664 user, 00665 group); 00666 } 00667 #endif 00668 return rsbac_ta_list_lol_subadd_ttl(ta_number, user_handle[user_hash(user)], 00669 ttl, &user, &group, NULL); 00670 }

int rsbac_um_add_group ( rsbac_list_ta_number_t ta_number,

rsbac_gid_t gid,

struct rsbac_um_group_entry_t * entry_p,

char * pass,

rsbac_time_t ttl

)

int rsbac_um_add_user ( rsbac_list_ta_number_t ta_number,

rsbac_uid_t uid,

struct rsbac_um_user_entry_t * entry_p,

char * pass,

rsbac_time_t ttl

)

int rsbac_um_auth_name ( char * name,

char * pass

)

int rsbac_um_auth_uid ( rsbac_uid_t uid,

char * pass

)

int rsbac_um_check_account ( rsbac_uid_t uid )

Definition at line 1505 of file um_data_structures.c.
01506 { 01507 int err; 01508 struct rsbac_um_user_entry_t * entry_p; 01509 u_long curdays; 01510 01511 entry_p = rsbac_kmalloc(sizeof(*entry_p)); 01512 if(!entry_p) 01513 return -RSBAC_ENOMEM; 01514 err = rsbac_ta_list_lol_get_data_ttl(0, user_handle[user_hash(uid)], 01515 NULL, &uid, entry_p); 01516 if(err) 01517 goto out_free; 01518 01519 #ifdef CONFIG_RSBAC_DEBUG 01520 if (rsbac_debug_aef_um) 01521 rsbac_printk(KERN_DEBUG "rsbac_um_check_account(): checking account for user %u\n", 01522 uid); 01523 #endif 01524 /* check whether account or password has expired */ 01525 curdays = RSBAC_CURRENT_TIME / 86400; 01526 if( *((__u32*) entry_p->pass) 01527 && !entry_p->lastchange 01528 ) 01529 { 01530 err = -RSBAC_EMUSTCHANGE; 01531 #ifdef CONFIG_RSBAC_DEBUG 01532 if (rsbac_debug_aef_um) 01533 rsbac_printk(KERN_DEBUG "rsbac_um_check_account(): user %u must change password, lastchange = 0\n", 01534 uid); 01535 #endif 01536 goto out_free; 01537 } 01538 if( (curdays > entry_p->expire) 01539 && (entry_p->expire != -1) 01540 && (entry_p->expire) 01541 ) 01542 { 01543 err = -RSBAC_EEXPIRED; 01544 #ifdef CONFIG_RSBAC_DEBUG 01545 if (rsbac_debug_aef_um) 01546 { 01547 rsbac_printk(KERN_DEBUG "rsbac_um_check_account(): account for user %u has expired\n", 01548 uid); 01549 } 01550 #endif 01551 goto out_free; 01552 } 01553 if( (curdays > (entry_p->lastchange + entry_p->maxchange + entry_p->inactive)) 01554 && (entry_p->maxchange != -1) 01555 && (entry_p->maxchange) 01556 && (entry_p->inactive != -1) 01557 && (entry_p->inactive) 01558 ) 01559 { 01560 err = -RSBAC_EEXPIRED; 01561 #ifdef CONFIG_RSBAC_DEBUG 01562 if (rsbac_debug_aef_um) 01563 rsbac_printk(KERN_DEBUG "rsbac_um_check_account(): password for user %u has expired\n", 01564 uid); 01565 #endif 01566 goto out_free; 01567 } 01568 if( ((entry_p->lastchange + entry_p->maxchange) < curdays) 01569 && entry_p->maxchange 01570 && (entry_p->maxchange != -1) 01571 ) 01572 { 01573 err = -RSBAC_EMUSTCHANGE; 01574 #ifdef CONFIG_RSBAC_DEBUG 01575 if (rsbac_debug_aef_um) 01576 { 01577 rsbac_printk(KERN_DEBUG "rsbac_um_check_account(): user %u must change password, lastchange too old\n", 01578 uid); 01579 } 01580 #endif 01581 goto out_free; 01582 } 01583 if( (curdays > (entry_p->lastchange + entry_p->maxchange - entry_p->warnchange)) 01584 && (entry_p->maxchange != -1) 01585 && (entry_p->warnchange != -1) 01586 && entry_p->maxchange 01587 && entry_p->warnchange 01588 ) 01589 { 01590 err = (entry_p->lastchange + entry_p->maxchange) - curdays; 01591 } 01592 else 01593 err = 0; 01594 01595 out_free: 01596 rsbac_kfree(entry_p); 01597 return err; 01598 }

int rsbac_um_check_account_name ( char * name )

int rsbac_um_get_gid ( rsbac_list_ta_number_t ta_number,

char * name,

rsbac_gid_t * gid_p

)

Definition at line 494 of file um_data_structures.c.
00498 { 00499 int i; 00500 00501 if(!name || !gid_p) 00502 return -RSBAC_EINVALIDPOINTER; 00503 for(i=0; i<RSBAC_UM_NR_GROUP_LISTS; i++) 00504 { 00505 if(!rsbac_ta_list_get_desc(ta_number, 00506 group_handle[i], 00507 gid_p, 00508 name, 00509 group_name_compare)) 00510 return 0; 00511 } 00512 return -RSBAC_ENOTFOUND; 00513 }

int rsbac_um_get_gm_list ( rsbac_list_ta_number_t ta_number,

rsbac_uid_t user,

rsbac_gid_t group_array[],

u_int maxnum

)

int rsbac_um_get_gm_user_list ( rsbac_list_ta_number_t ta_number,

rsbac_gid_t group,

rsbac_uid_t user_array[],

u_int maxnum

)

int rsbac_um_get_group_item ( rsbac_list_ta_number_t ta_number,

rsbac_gid_t gid,

enum rsbac_um_mod_t mod,

union rsbac_um_mod_data_t * data_p

)

Definition at line 1002 of file um_data_structures.c.
01007 { 01008 int err; 01009 struct rsbac_um_group_entry_t * entry_p; 01010 01011 if (!rsbac_is_initialized()) 01012 { 01013 rsbac_printk(KERN_WARNING "rsbac_um_get_group_item(): RSBAC not initialized\n"); 01014 return(-RSBAC_ENOTINITIALIZED); 01015 } 01016 if(!data_p) 01017 return -RSBAC_EINVALIDPOINTER; 01018 if(!rsbac_ta_list_exist(ta_number, group_handle[group_hash(group)], &group)) 01019 return -RSBAC_ENOTFOUND; 01020 if(mod == UM_ttl) 01021 return rsbac_ta_list_get_data_ttl(ta_number, group_handle[group_hash(group)], &data_p->ttl, &group, NULL); 01022 01023 entry_p = rsbac_kmalloc(sizeof(*entry_p)); 01024 if(!entry_p) 01025 return -RSBAC_ENOMEM; 01026 err = rsbac_ta_list_get_data_ttl(ta_number, group_handle[group_hash(group)], 01027 NULL, &group, entry_p); 01028 if(err) 01029 { 01030 rsbac_kfree(entry_p); 01031 return err; 01032 } 01033 switch(mod) 01034 { 01035 case UM_name: 01036 strcpy(data_p->string, entry_p->name); 01037 break; 01038 01039 case UM_pass: 01040 memcpy(data_p->string, entry_p->pass, RSBAC_UM_PASS_LEN); 01041 break; 01042 01043 default: 01044 rsbac_kfree(entry_p); 01045 return -RSBAC_EINVALIDREQUEST; 01046 } 01047 01048 rsbac_kfree(entry_p); 01049 return 0; 01050 }

int rsbac_um_get_group_list ( rsbac_list_ta_number_t ta_number,

rsbac_gid_t group_array[],

u_int maxnum

)

int rsbac_um_get_next_user ( rsbac_list_ta_number_t ta_number,

rsbac_uid_t old_user,

rsbac_uid_t * next_user_p

)

Definition at line 1118 of file um_data_structures.c.
01122 { 01123 rsbac_uid_t * old_user_p; 01124 int i; 01125 int err; 01126 01127 if(old_user == RSBAC_NO_USER) 01128 old_user_p = NULL; 01129 else 01130 old_user_p = &old_user; 01131 01132 for(i=0; i<RSBAC_UM_NR_USER_LISTS; i++) 01133 { 01134 err = rsbac_ta_list_lol_get_next_desc(ta_number, user_handle[i], old_user_p, next_user_p); 01135 if(err != -RSBAC_ENOTFOUND) 01136 return err; 01137 } 01138 return -RSBAC_ENOTFOUND; 01139 }

int rsbac_um_get_uid ( rsbac_list_ta_number_t ta_number,

char * name,

rsbac_uid_t * uid_p

)

Definition at line 473 of file um_data_structures.c.
00477 { 00478 int i; 00479 00480 if(!name || !uid_p) 00481 return -RSBAC_EINVALIDPOINTER; 00482 for(i=0; i<RSBAC_UM_NR_USER_LISTS; i++) 00483 { 00484 if(!rsbac_ta_list_lol_get_desc(ta_number, 00485 user_handle[i], 00486 uid_p, 00487 name, 00488 name_compare)) 00489 return 0; 00490 } 00491 return -RSBAC_ENOTFOUND; 00492 }

int rsbac_um_get_user_item ( rsbac_list_ta_number_t ta_number,

rsbac_uid_t uid,

enum rsbac_um_mod_t mod,

union rsbac_um_mod_data_t * data_p

)

Definition at line 912 of file um_data_structures.c.
00917 { 00918 int err; 00919 struct rsbac_um_user_entry_t * entry_p; 00920 00921 if (!rsbac_is_initialized()) 00922 { 00923 rsbac_printk(KERN_WARNING "rsbac_um_get_user_item(): RSBAC not initialized\n"); 00924 return(-RSBAC_ENOTINITIALIZED); 00925 } 00926 if(!data_p) 00927 return -RSBAC_EINVALIDPOINTER; 00928 if(!rsbac_ta_list_lol_exist(ta_number, user_handle[user_hash(user)], &user)) 00929 return -RSBAC_ENOTFOUND; 00930 if(mod == UM_ttl) 00931 return rsbac_ta_list_lol_get_data_ttl(ta_number, user_handle[user_hash(user)], &data_p->ttl, &user, NULL); 00932 00933 entry_p = rsbac_kmalloc(sizeof(*entry_p)); 00934 if(!entry_p) 00935 return -RSBAC_ENOMEM; 00936 err = rsbac_ta_list_lol_get_data_ttl(ta_number, user_handle[user_hash(user)], 00937 NULL, &user, entry_p); 00938 if(err) 00939 { 00940 rsbac_kfree(entry_p); 00941 return err; 00942 } 00943 switch(mod) 00944 { 00945 case UM_name: 00946 strcpy(data_p->string, entry_p->name); 00947 break; 00948 00949 case UM_pass: 00950 memcpy(data_p->string, entry_p->pass, RSBAC_UM_PASS_LEN); 00951 break; 00952 00953 case UM_fullname: 00954 strcpy(data_p->string, entry_p->fullname); 00955 break; 00956 00957 case UM_homedir: 00958 strcpy(data_p->string, entry_p->homedir); 00959 break; 00960 00961 case UM_shell: 00962 strcpy(data_p->string, entry_p->shell); 00963 break; 00964 00965 case UM_group: 00966 data_p->group = entry_p->group; 00967 break; 00968 00969 case UM_lastchange: 00970 data_p->days = entry_p->lastchange; 00971 break; 00972 00973 case UM_minchange: 00974 data_p->days = entry_p->minchange; 00975 break; 00976 00977 case UM_maxchange: 00978 data_p->days = entry_p->maxchange; 00979 break; 00980 00981 case UM_warnchange: 00982 data_p->days = entry_p->warnchange; 00983 break; 00984 00985 case UM_inactive: 00986 data_p->days = entry_p->inactive; 00987 break; 00988 00989 case UM_expire: 00990 data_p->days = entry_p->expire; 00991 break; 00992 00993 default: 00994 rsbac_kfree(entry_p); 00995 return -RSBAC_EINVALIDREQUEST; 00996 } 00997 00998 rsbac_kfree(entry_p); 00999 return 0; 01000 }

int rsbac_um_get_user_list ( rsbac_list_ta_number_t ta_number,

rsbac_uid_t user_array[],

u_int maxnum

)

int rsbac_um_group_exists ( rsbac_list_ta_number_t ta_number,

rsbac_gid_t gid

)

Definition at line 1059 of file um_data_structures.c.
01062 { 01063 return rsbac_ta_list_exist(ta_number, group_handle[group_hash(group)], &group); 01064 }

int rsbac_um_mod_group ( rsbac_list_ta_number_t ta_number,

rsbac_gid_t gid,

enum rsbac_um_mod_t mod,

union rsbac_um_mod_data_t * data_p

)

int rsbac_um_mod_user ( rsbac_list_ta_number_t ta_number,

rsbac_uid_t uid,

enum rsbac_um_mod_t mod,

union rsbac_um_mod_data_t * data_p

)

Definition at line 672 of file um_data_structures.c.
00677 { 00678 int err; 00679 struct rsbac_um_user_entry_t * entry_p; 00680 00681 if (!rsbac_is_initialized()) 00682 { 00683 rsbac_printk(KERN_WARNING "rsbac_um_mod_user(): RSBAC not initialized\n"); 00684 return(-RSBAC_ENOTINITIALIZED); 00685 } 00686 if( !data_p 00687 && (mod != UM_pass) 00688 ) 00689 return -RSBAC_EINVALIDPOINTER; 00690 if(!rsbac_ta_list_lol_exist(ta_number, user_handle[user_hash(user)], &user)) 00691 return -RSBAC_ENOTFOUND; 00692 00693 entry_p = rsbac_kmalloc(sizeof(*entry_p)); 00694 if(!entry_p) 00695 return -RSBAC_ENOMEM; 00696 err = rsbac_ta_list_lol_get_data_ttl(ta_number, user_handle[user_hash(user)], 00697 NULL, &user, entry_p); 00698 if(err) 00699 { 00700 rsbac_kfree(entry_p); 00701 return err; 00702 } 00703 #ifdef CONFIG_RSBAC_DEBUG 00704 if (rsbac_debug_aef_um) 00705 { 00706 rsbac_printk(KERN_DEBUG "rsbac_um_mod_user(): modifying user %u\n", 00707 user); 00708 } 00709 #endif 00710 switch(mod) 00711 { 00712 case UM_name: 00713 { 00714 rsbac_uid_t tmp_user; 00715 00716 if( !rsbac_um_get_uid(ta_number, data_p->string, &tmp_user) 00717 && (tmp_user != user) 00718 ) 00719 return -RSBAC_EEXISTS; 00720 strncpy(entry_p->name, data_p->string, RSBAC_UM_NAME_LEN); 00721 entry_p->name[RSBAC_UM_NAME_LEN - 1] = 0; 00722 } 00723 break; 00724 00725 case UM_pass: 00726 if(data_p) 00727 { 00728 __u32 salt; 00729 00730 new_salt(&salt); 00731 err = rsbac_um_hash(data_p->string, salt); 00732 if(err) 00733 { 00734 rsbac_kfree(entry_p); 00735 return err; 00736 } 00737 memcpy(entry_p->pass, &salt, sizeof(salt)); 00738 memcpy(entry_p->pass + sizeof(salt), data_p->string, RSBAC_UM_PASS_LEN - sizeof(salt)); 00739 } 00740 else 00741 memset(entry_p->pass, 0, RSBAC_UM_PASS_LEN); 00742 entry_p->lastchange = RSBAC_CURRENT_TIME / 86400; 00743 break; 00744 00745 case UM_cryptpass: 00746 memcpy(entry_p->pass, data_p->string, RSBAC_UM_PASS_LEN); 00747 break; 00748 00749 case UM_fullname: 00750 strncpy(entry_p->fullname, data_p->string, RSBAC_UM_FULLNAME_LEN); 00751 entry_p->fullname[RSBAC_UM_FULLNAME_LEN - 1] = 0; 00752 break; 00753 00754 case UM_homedir: 00755 strncpy(entry_p->homedir, data_p->string, RSBAC_UM_HOMEDIR_LEN); 00756 entry_p->homedir[RSBAC_UM_HOMEDIR_LEN - 1] = 0; 00757 break; 00758 00759 case UM_shell: 00760 strncpy(entry_p->shell, data_p->string, RSBAC_UM_SHELL_LEN); 00761 entry_p->shell[RSBAC_UM_SHELL_LEN - 1] = 0; 00762 break; 00763 00764 case UM_group: 00765 #ifdef CONFIG_RSBAC_UM_EXCL 00766 if(!rsbac_um_no_excl && !rsbac_ta_list_exist(ta_number, group_handle[group_hash(data_p->group)], &data_p->group)) 00767 { 00768 rsbac_printk(KERN_INFO 00769 "rsbac_um_mod_user(): gid %u not known to RSBAC User Management!\n", 00770 data_p->group); 00771 rsbac_kfree(entry_p); 00772 return -RSBAC_EINVALIDVALUE; 00773 } 00774 #endif 00775 entry_p->group = data_p->group; 00776 break; 00777 00778 case UM_lastchange: 00779 entry_p->lastchange = data_p->days; 00780 break; 00781 00782 case UM_minchange: 00783 entry_p->minchange = data_p->days; 00784 break; 00785 00786 case UM_maxchange: 00787 entry_p->maxchange = data_p->days; 00788 break; 00789 00790 case UM_warnchange: 00791 entry_p->warnchange = data_p->days; 00792 break; 00793 00794 case UM_inactive: 00795 entry_p->inactive = data_p->days; 00796 break; 00797 00798 case UM_expire: 00799 entry_p->expire = data_p->days; 00800 break; 00801 00802 case UM_ttl: 00803 err = rsbac_ta_list_lol_add_ttl(ta_number, user_handle[user_hash(user)], 00804 data_p->ttl, &user, entry_p); 00805 rsbac_kfree(entry_p); 00806 return err; 00807 00808 default: 00809 rsbac_kfree(entry_p); 00810 return -RSBAC_EINVALIDREQUEST; 00811 } 00812 00813 err = rsbac_ta_list_lol_add_ttl(ta_number, user_handle[user_hash(user)], 00814 RSBAC_LIST_TTL_KEEP, &user, entry_p); 00815 rsbac_kfree(entry_p); 00816 return err; 00817 }

int rsbac_um_remove_gm ( rsbac_list_ta_number_t ta_number,

rsbac_uid_t uid,

rsbac_gid_t gid

)

Definition at line 1088 of file um_data_structures.c.
01092 { 01093 if (!rsbac_is_initialized()) 01094 { 01095 rsbac_printk(KERN_WARNING "rsbac_um_remove_gm(): RSBAC not initialized\n"); 01096 return(-RSBAC_ENOTINITIALIZED); 01097 } 01098 #ifdef CONFIG_RSBAC_DEBUG 01099 if (rsbac_debug_aef_um) 01100 { 01101 rsbac_printk(KERN_DEBUG "rsbac_um_remove_gm(): removing user %u group %u\n", 01102 user, 01103 group); 01104 } 01105 #endif 01106 return rsbac_ta_list_lol_subremove(ta_number, user_handle[user_hash(user)], &user, &group); 01107 }

int rsbac_um_remove_group ( rsbac_list_ta_number_t ta_number,

rsbac_gid_t gid

)

Definition at line 1075 of file um_data_structures.c.
01078 { 01079 int i; 01080 01081 if(!rsbac_ta_list_exist(ta_number, group_handle[group_hash(group)], &group)) 01082 return -RSBAC_ENOTFOUND; 01083 for(i=0; i<RSBAC_UM_NR_USER_LISTS; i++) 01084 rsbac_ta_list_lol_subremove_from_all(ta_number, user_handle[i], &group); 01085 return rsbac_ta_list_remove(ta_number, group_handle[group_hash(group)], &group); 01086 }

int rsbac_um_remove_user ( rsbac_list_ta_number_t ta_number,

rsbac_uid_t uid

)

Definition at line 1066 of file um_data_structures.c.
01069 { 01070 if(!rsbac_ta_list_lol_exist(ta_number,user_handle[user_hash(user)], &user)) 01071 return -RSBAC_ENOTFOUND; 01072 return rsbac_ta_list_lol_remove(ta_number, user_handle[user_hash(user)], &user); 01073 }

int rsbac_um_set_group_pass ( rsbac_gid_t gid,

char * new_pass

)

Definition at line 1465 of file um_data_structures.c.
01467 { 01468 int err; 01469 struct rsbac_um_group_entry_t * entry_p; 01470 __u32 salt; 01471 01472 entry_p = rsbac_kmalloc(sizeof(*entry_p)); 01473 if(!entry_p) 01474 return -RSBAC_ENOMEM; 01475 err = rsbac_ta_list_get_data_ttl(0, group_handle[group_hash(gid)], 01476 NULL, &gid, entry_p); 01477 if(err) 01478 goto out_free; 01479 01480 #ifdef CONFIG_RSBAC_DEBUG 01481 if (rsbac_debug_aef_um) 01482 { 01483 rsbac_printk(KERN_DEBUG "rsbac_um_set_group_pass(): setting password for group %u\n", 01484 gid); 01485 } 01486 #endif 01487 if(pass) 01488 { 01489 new_salt(&salt); 01490 err = rsbac_um_hash(pass, salt); 01491 if(err) 01492 goto out_free; 01493 memcpy(entry_p->pass, &salt, sizeof(salt)); 01494 memcpy(entry_p->pass + sizeof(salt), pass, RSBAC_UM_PASS_LEN - sizeof(salt)); 01495 } 01496 else 01497 memset(entry_p->pass, 0, RSBAC_UM_PASS_LEN); 01498 err = rsbac_ta_list_add_ttl(0, group_handle[group_hash(gid)], 0, &gid, entry_p); 01499 01500 out_free: 01501 rsbac_kfree(entry_p); 01502 return err; 01503 }

int rsbac_um_set_pass ( rsbac_uid_t uid,

char * old_pass,

char * new_pass

)

int rsbac_um_set_pass_name ( char * name,

char * old_pass,

char * new_pass

)

int rsbac_um_user_exists ( rsbac_list_ta_number_t ta_number,

rsbac_uid_t uid

)

Definition at line 1052 of file um_data_structures.c.
01055 { 01056 return rsbac_ta_list_lol_exist(ta_number, user_handle[user_hash(user)], &user); 01057 }

int rsbac_write ( void )

Referenced by rsbac_umount(), and sys_rsbac_write().

Generated on Thu Sep 22 16:42:24 2005 for RSBAC by

1.4.2


Enumerations
enum	rsbac_syscall_t { RSYS_stats, RSYS_check, RSYS_get_attr, RSYS_get_attr_n, RSYS_set_attr, RSYS_set_attr_n, RSYS_remove_target, RSYS_remove_target_n, RSYS_net_list_all_netdev, RSYS_net_template, RSYS_net_list_all_template, RSYS_switch, RSYS_adf_log_switch, RSYS_get_adf_log, RSYS_write, RSYS_log, RSYS_mac_set_curr_level, RSYS_mac_get_curr_level, RSYS_mac_get_max_level, RSYS_mac_get_min_level, RSYS_mac_add_p_tru, RSYS_mac_remove_p_tru, RSYS_mac_add_f_tru, RSYS_mac_remove_f_tru, RSYS_mac_get_f_trulist, RSYS_mac_get_p_trulist, RSYS_stats_pm, RSYS_pm, RSYS_pm_change_current_task, RSYS_pm_create_file, RSYS_daz_flush_cache, RSYS_rc_copy_role, RSYS_rc_copy_type, RSYS_rc_get_item, RSYS_rc_set_item, RSYS_rc_change_role, RSYS_rc_get_eff_rights_n, RSYS_rc_get_list, RSYS_auth_add_p_cap, RSYS_auth_remove_p_cap, RSYS_auth_add_f_cap, RSYS_auth_remove_f_cap, RSYS_auth_get_f_caplist, RSYS_auth_get_p_caplist, RSYS_acl, RSYS_acl_n, RSYS_acl_get_rights, RSYS_acl_get_rights_n, RSYS_acl_get_tlist, RSYS_acl_get_tlist_n, RSYS_acl_get_mask, RSYS_acl_get_mask_n, RSYS_acl_group, RSYS_reg, RSYS_jail, RSYS_init, RSYS_rc_get_current_role, RSYS_um_auth_name, RSYS_um_auth_uid, RSYS_um_add_user, RSYS_um_add_group, RSYS_um_add_gm, RSYS_um_mod_user, RSYS_um_mod_group, RSYS_um_get_user_item, RSYS_um_get_group_item, RSYS_um_remove_user, RSYS_um_remove_group, RSYS_um_remove_gm, RSYS_um_user_exists, RSYS_um_group_exists, RSYS_um_get_next_user, RSYS_um_get_user_list, RSYS_um_get_gm_list, RSYS_um_get_gm_user_list, RSYS_um_get_group_list, RSYS_um_get_uid, RSYS_um_get_gid, RSYS_um_set_pass, RSYS_um_set_pass_name, RSYS_um_set_group_pass, RSYS_um_check_account, RSYS_um_check_account_name, RSYS_list_ta_begin, RSYS_list_ta_refresh, RSYS_list_ta_commit, RSYS_list_ta_forget, RSYS_list_all_dev, RSYS_acl_list_all_dev, RSYS_list_all_user, RSYS_acl_list_all_user, RSYS_list_all_group, RSYS_acl_list_all_group, RSYS_none }
Functions
int	rsbac_stats (void)
int	rsbac_check (int correct, int check_inode)
int	rsbac_write (void)
int	rsbac_get_attr (rsbac_list_ta_number_t ta_number, enum rsbac_switch_target_t module, enum rsbac_target_t target, union rsbac_target_id_t tid, enum rsbac_attribute_t attr, union rsbac_attribute_value_t value, int inherit)
int	rsbac_get_attr_n (rsbac_list_ta_number_t ta_number, enum rsbac_switch_target_t module, enum rsbac_target_t target, char t_name, enum rsbac_attribute_t attr, union rsbac_attribute_value_t value, int inherit)
int	rsbac_set_attr (rsbac_list_ta_number_t ta_number, enum rsbac_switch_target_t module, enum rsbac_target_t target, union rsbac_target_id_t tid, enum rsbac_attribute_t attr, union rsbac_attribute_value_t value)
int	rsbac_set_attr_n (rsbac_list_ta_number_t ta_number, enum rsbac_switch_target_t module, enum rsbac_target_t target, char t_name, enum rsbac_attribute_t attr, union rsbac_attribute_value_t value)
int	rsbac_remove_target (rsbac_list_ta_number_t ta_number, enum rsbac_target_t target, union rsbac_target_id_t *tid)
int	rsbac_remove_target_n (rsbac_list_ta_number_t ta_number, enum rsbac_target_t target, char *t_name)
int	rsbac_net_list_all_netdev (rsbac_list_ta_number_t ta_number, rsbac_netdev_id_t *id_p, u_long maxnum)
int	rsbac_net_template (rsbac_list_ta_number_t ta_number, enum rsbac_net_temp_syscall_t call, rsbac_net_temp_id_t id, union rsbac_net_temp_syscall_data_t *data_p)
int	rsbac_net_list_all_template (rsbac_list_ta_number_t ta_number, rsbac_net_temp_id_t *id_p, u_long maxnum)
int	rsbac_switch (enum rsbac_switch_target_t target, int value)
int	rsbac_mac_set_curr_level (rsbac_security_level_t level, rsbac_mac_category_vector_t *categories_p)
int	rsbac_mac_get_curr_level (rsbac_security_level_t level_p, rsbac_mac_category_vector_t categories_p)
int	rsbac_mac_get_max_level (rsbac_security_level_t level_p, rsbac_mac_category_vector_t categories_p)
int	rsbac_mac_get_min_level (rsbac_security_level_t level_p, rsbac_mac_category_vector_t categories_p)
int	rsbac_mac_add_p_tru (rsbac_list_ta_number_t ta_number, rsbac_pid_t pid, rsbac_uid_t uid, rsbac_time_t ttl)
int	rsbac_mac_remove_p_tru (rsbac_list_ta_number_t ta_number, rsbac_pid_t pid, rsbac_uid_t uid)
int	rsbac_mac_add_f_tru (rsbac_list_ta_number_t ta_number, char *filename, rsbac_uid_t uid, rsbac_time_t ttl)
int	rsbac_mac_remove_f_tru (rsbac_list_ta_number_t ta_number, char *filename, rsbac_uid_t uid)
int	rsbac_mac_get_f_trulist (rsbac_list_ta_number_t ta_number, char *filename, rsbac_uid_t trulist[], rsbac_time_t ttllist[], u_int maxnum)
int	rsbac_mac_get_p_trulist (rsbac_list_ta_number_t ta_number, rsbac_pid_t pid, rsbac_uid_t trulist[], rsbac_time_t ttllist[], u_int maxnum)
int	rsbac_stats_pm (void)
int	rsbac_pm (rsbac_list_ta_number_t ta_number, enum rsbac_pm_function_type_t function, union rsbac_pm_function_param_t *param_p, rsbac_pm_tkt_id_t ticket)
int	rsbac_pm_change_current_task (rsbac_pm_task_id_t task)
int	rsbac_pm_create_file (const char *filename, int mode, rsbac_pm_object_class_id_t object_class)
int	rsbac_daz_flush_cache (void)
int	rsbac_rc_copy_role (rsbac_list_ta_number_t ta_number, rsbac_rc_role_id_t from_role, rsbac_rc_role_id_t to_role)
int	rsbac_rc_copy_type (rsbac_list_ta_number_t ta_number, enum rsbac_target_t target, rsbac_rc_type_id_t from_type, rsbac_rc_type_id_t to_type)
int	rsbac_rc_get_item (rsbac_list_ta_number_t ta_number, enum rsbac_rc_target_t target, union rsbac_rc_target_id_t tid_p, union rsbac_rc_target_id_t subtid_p, enum rsbac_rc_item_t item, union rsbac_rc_item_value_t value_p, rsbac_time_t ttl_p)
int	rsbac_rc_set_item (rsbac_list_ta_number_t ta_number, enum rsbac_rc_target_t target, union rsbac_rc_target_id_t tid_p, union rsbac_rc_target_id_t subtid_p, enum rsbac_rc_item_t item, union rsbac_rc_item_value_t *value_p, rsbac_time_t ttl)
int	rsbac_rc_get_list (rsbac_list_ta_number_t ta_number, enum rsbac_rc_target_t target, union rsbac_rc_target_id_t tid_p, enum rsbac_rc_item_t item, u_int maxnum, __u32 array_p, rsbac_time_t *ttl_array_p)
int	rsbac_rc_change_role (rsbac_rc_role_id_t role)
int	rsbac_rc_get_eff_rights_n (rsbac_list_ta_number_t ta_number, enum rsbac_target_t target, char t_name, rsbac_rc_request_vector_t request_vector_p, rsbac_time_t *ttl_p)
int	rsbac_rc_get_current_role (rsbac_rc_role_id_t *role_p)
int	rsbac_auth_add_p_cap (rsbac_list_ta_number_t ta_number, rsbac_pid_t pid, enum rsbac_auth_cap_type_t cap_type, struct rsbac_auth_cap_range_t cap_range, rsbac_time_t ttl)
int	rsbac_auth_remove_p_cap (rsbac_list_ta_number_t ta_number, rsbac_pid_t pid, enum rsbac_auth_cap_type_t cap_type, struct rsbac_auth_cap_range_t cap_range)
int	rsbac_auth_add_f_cap (rsbac_list_ta_number_t ta_number, char *filename, enum rsbac_auth_cap_type_t cap_type, struct rsbac_auth_cap_range_t cap_range, rsbac_time_t ttl)
int	rsbac_auth_remove_f_cap (rsbac_list_ta_number_t ta_number, char *filename, enum rsbac_auth_cap_type_t cap_type, struct rsbac_auth_cap_range_t cap_range)
int	rsbac_auth_get_f_caplist (rsbac_list_ta_number_t ta_number, char *filename, enum rsbac_auth_cap_type_t cap_type, struct rsbac_auth_cap_range_t caplist[], rsbac_time_t ttllist[], u_int maxnum)
int	rsbac_auth_get_p_caplist (rsbac_list_ta_number_t ta_number, rsbac_pid_t pid, enum rsbac_auth_cap_type_t cap_type, struct rsbac_auth_cap_range_t caplist[], rsbac_time_t ttllist[], u_int maxnum)
int	rsbac_reg (rsbac_reg_handle_t handle, void *arg)
int	rsbac_acl (rsbac_list_ta_number_t ta_number, enum rsbac_acl_syscall_type_t call, struct rsbac_acl_syscall_arg_t *arg)
int	rsbac_acl_n (rsbac_list_ta_number_t ta_number, enum rsbac_acl_syscall_type_t call, struct rsbac_acl_syscall_n_arg_t *arg)
int	rsbac_acl_get_rights (rsbac_list_ta_number_t ta_number, struct rsbac_acl_syscall_arg_t arg, rsbac_acl_rights_vector_t rights_p, u_int effective)
int	rsbac_acl_get_rights_n (rsbac_list_ta_number_t ta_number, struct rsbac_acl_syscall_n_arg_t arg, rsbac_acl_rights_vector_t rights_p, u_int effective)
int	rsbac_acl_get_tlist (rsbac_list_ta_number_t ta_number, enum rsbac_target_t target, union rsbac_target_id_t *tid, struct rsbac_acl_entry_t entry_array[], rsbac_time_t ttl_array[], u_int maxnum)
int	rsbac_acl_get_tlist_n (rsbac_list_ta_number_t ta_number, enum rsbac_target_t target, char *t_name, struct rsbac_acl_entry_t entry_array[], rsbac_time_t ttl_array[], u_int maxnum)
int	rsbac_acl_get_mask (rsbac_list_ta_number_t ta_number, enum rsbac_target_t target, union rsbac_target_id_t tid, rsbac_acl_rights_vector_t mask_p)
int	rsbac_acl_get_mask_n (rsbac_list_ta_number_t ta_number, enum rsbac_target_t target, char t_name, rsbac_acl_rights_vector_t mask_p)
int	rsbac_acl_group (rsbac_list_ta_number_t ta_number, enum rsbac_acl_group_syscall_type_t call, union rsbac_acl_group_syscall_arg_t *arg_p)
int	rsbac_jail (rsbac_version_t version, char *path, rsbac_jail_ip_t ip, rsbac_jail_flags_t flags, rsbac_cap_vector_t max_caps, rsbac_jail_scd_vector_t scd_get, rsbac_jail_scd_vector_t scd_modify)
int	rsbac_um_auth_name (char name, char pass)
int	rsbac_um_auth_uid (rsbac_uid_t uid, char *pass)
int	rsbac_um_add_user (rsbac_list_ta_number_t ta_number, rsbac_uid_t uid, struct rsbac_um_user_entry_t entry_p, char pass, rsbac_time_t ttl)
int	rsbac_um_add_group (rsbac_list_ta_number_t ta_number, rsbac_gid_t gid, struct rsbac_um_group_entry_t entry_p, char pass, rsbac_time_t ttl)
int	rsbac_um_add_gm (rsbac_list_ta_number_t ta_number, rsbac_uid_t uid, rsbac_gid_t gid, rsbac_time_t ttl)
int	rsbac_um_mod_user (rsbac_list_ta_number_t ta_number, rsbac_uid_t uid, enum rsbac_um_mod_t mod, union rsbac_um_mod_data_t *data_p)
int	rsbac_um_mod_group (rsbac_list_ta_number_t ta_number, rsbac_gid_t gid, enum rsbac_um_mod_t mod, union rsbac_um_mod_data_t *data_p)
int	rsbac_um_get_user_item (rsbac_list_ta_number_t ta_number, rsbac_uid_t uid, enum rsbac_um_mod_t mod, union rsbac_um_mod_data_t *data_p)
int	rsbac_um_get_group_item (rsbac_list_ta_number_t ta_number, rsbac_gid_t gid, enum rsbac_um_mod_t mod, union rsbac_um_mod_data_t *data_p)
int	rsbac_um_remove_user (rsbac_list_ta_number_t ta_number, rsbac_uid_t uid)
int	rsbac_um_remove_group (rsbac_list_ta_number_t ta_number, rsbac_gid_t gid)
int	rsbac_um_remove_gm (rsbac_list_ta_number_t ta_number, rsbac_uid_t uid, rsbac_gid_t gid)
int	rsbac_um_user_exists (rsbac_list_ta_number_t ta_number, rsbac_uid_t uid)
int	rsbac_um_group_exists (rsbac_list_ta_number_t ta_number, rsbac_gid_t gid)
int	rsbac_um_get_next_user (rsbac_list_ta_number_t ta_number, rsbac_uid_t old_user, rsbac_uid_t *next_user_p)
int	rsbac_um_get_user_list (rsbac_list_ta_number_t ta_number, rsbac_uid_t user_array[], u_int maxnum)
int	rsbac_um_get_gm_list (rsbac_list_ta_number_t ta_number, rsbac_uid_t user, rsbac_gid_t group_array[], u_int maxnum)
int	rsbac_um_get_gm_user_list (rsbac_list_ta_number_t ta_number, rsbac_gid_t group, rsbac_uid_t user_array[], u_int maxnum)
int	rsbac_um_get_group_list (rsbac_list_ta_number_t ta_number, rsbac_gid_t group_array[], u_int maxnum)
int	rsbac_um_get_uid (rsbac_list_ta_number_t ta_number, char name, rsbac_uid_t uid_p)
int	rsbac_um_get_gid (rsbac_list_ta_number_t ta_number, char name, rsbac_gid_t gid_p)
int	rsbac_um_set_pass (rsbac_uid_t uid, char old_pass, char new_pass)
int	rsbac_um_set_pass_name (char name, char old_pass, char *new_pass)
int	rsbac_um_set_group_pass (rsbac_gid_t gid, char *new_pass)
int	rsbac_um_check_account (rsbac_uid_t uid)
int	rsbac_um_check_account_name (char *name)
int	rsbac_list_ta_begin (rsbac_time_t ttl, rsbac_list_ta_number_t ta_number_p, rsbac_uid_t commit_uid, char password)
int	rsbac_list_ta_refresh (rsbac_time_t ttl, rsbac_list_ta_number_t ta_number, char *password)
int	rsbac_list_ta_commit (rsbac_list_ta_number_t ta_number, char *password)
int	rsbac_list_ta_forget (rsbac_list_ta_number_t ta_number, char *password)
int	rsbac_list_all_dev (rsbac_list_ta_number_t ta_number, struct rsbac_dev_desc_t *id_p, u_long maxnum)
int	rsbac_acl_list_all_dev (rsbac_list_ta_number_t ta_number, struct rsbac_dev_desc_t *id_p, u_long maxnum)
int	rsbac_list_all_user (rsbac_list_ta_number_t ta_number, rsbac_uid_t *id_p, u_long maxnum)
int	rsbac_acl_list_all_user (rsbac_list_ta_number_t ta_number, rsbac_uid_t *id_p, u_long maxnum)
int	rsbac_list_all_group (rsbac_list_ta_number_t ta_number, rsbac_gid_t *id_p, u_long maxnum)
int	rsbac_acl_list_all_group (rsbac_list_ta_number_t ta_number, rsbac_gid_t *id_p, u_long maxnum)
int	rsbac_adf_log_switch (enum rsbac_adf_request_t request, enum rsbac_target_t target, u_int value)
int	rsbac_get_adf_log (enum rsbac_adf_request_t request, enum rsbac_target_t target, u_int *value_p)
int	rsbac_log (int type, char *buf, int len)
int	rsbac_init (char *root_dev)

syscalls.h File Reference

Enumerations

Functions

Enumeration Type Documentation

Function Documentation