00001
00002
00003
00004
00005
00006
00007
00008
00009 #include <rsbac/types.h>
00010 #include <rsbac/getname.h>
00011 #include <rsbac/helpers.h>
00012 #include <rsbac/error.h>
00013 #include <rsbac/pax_getname.h>
00014
00015 #ifdef __KERNEL__
00016 #include <linux/string.h>
00017 #include <linux/module.h>
00018 #include <linux/fs.h>
00019 #include <linux/kernel.h>
00020 #include <linux/netdevice.h>
00021 #include <linux/inetdevice.h>
00022 #include <rsbac/rkmem.h>
00023 #include <rsbac/network.h>
00024 #include <rsbac/net_getname.h>
00025 #else
00026 #include <string.h>
00027 #include <errno.h>
00028 #endif
00029
00030 static char request_list[R_NONE+1][24] = {
00031 "ADD_TO_KERNEL",
00032 "ALTER",
00033 "APPEND_OPEN",
00034 "CHANGE_GROUP",
00035 "CHANGE_OWNER",
00036 "CHDIR",
00037 "CLONE",
00038 "CLOSE",
00039 "CREATE",
00040 "DELETE",
00041 "EXECUTE",
00042 "GET_PERMISSIONS_DATA",
00043 "GET_STATUS_DATA",
00044 "LINK_HARD",
00045 "MODIFY_ACCESS_DATA",
00046 "MODIFY_ATTRIBUTE",
00047 "MODIFY_PERMISSIONS_DATA",
00048 "MODIFY_SYSTEM_DATA",
00049 "MOUNT",
00050 "READ",
00051 "READ_ATTRIBUTE",
00052 "READ_WRITE_OPEN",
00053 "READ_OPEN",
00054 "REMOVE_FROM_KERNEL",
00055 "RENAME",
00056 "SEARCH",
00057 "SEND_SIGNAL",
00058 "SHUTDOWN",
00059 "SWITCH_LOG",
00060 "SWITCH_MODULE",
00061 "TERMINATE",
00062 "TRACE",
00063 "TRUNCATE",
00064 "UMOUNT",
00065 "WRITE",
00066 "WRITE_OPEN",
00067 "MAP_EXEC",
00068 "BIND",
00069 "LISTEN",
00070 "ACCEPT",
00071 "CONNECT",
00072 "SEND",
00073 "RECEIVE",
00074 "NET_SHUTDOWN",
00075 "CHANGE_DAC_EFF_OWNER",
00076 "CHANGE_DAC_FS_OWNER",
00077 "CHANGE_DAC_EFF_GROUP",
00078 "CHANGE_DAC_FS_GROUP",
00079 "IOCTL",
00080 "LOCK",
00081 "NONE" };
00082
00083 static char result_list[UNDEFINED+1][12] = {
00084 "NOT_GRANTED",
00085 "GRANTED",
00086 "DO_NOT_CARE",
00087 "UNDEFINED" };
00088
00089 static rsbac_switch_target_int_t attr_mod_list[A_none+1] = {
00090 GEN,
00091 MAC,
00092 MAC,
00093 MAC,
00094 MAC,
00095 MAC,
00096 MAC,
00097 MAC,
00098 MAC,
00099 MAC,
00100 MAC,
00101 MAC,
00102 MAC,
00103 MAC,
00104 SW_NONE,
00105 MAC,
00106 DAZ,
00107 FF,
00108 AUTH,
00109 CAP,
00110 JAIL,
00111 PAX,
00112 MAC,
00113 MAC,
00114 MAC,
00115 MAC,
00116 MAC,
00117 MAC,
00118 MAC,
00119 MAC,
00120 MAC,
00121 PM,
00122 PM,
00123 PM,
00124 PM,
00125 PM,
00126 PM,
00127 PM,
00128 PM,
00129 PM,
00130 PM,
00131 PM,
00132 PM,
00133 PM,
00134 PM,
00135 PM,
00136 DAZ,
00137 DAZ,
00138 FF,
00139 RC,
00140 RC,
00141 RC,
00142 RC,
00143 RC,
00144 RC,
00145 RC,
00146 RC,
00147 RC,
00148 AUTH,
00149 AUTH,
00150 AUTH,
00151 CAP,
00152 CAP,
00153 CAP,
00154 CAP,
00155 JAIL,
00156 JAIL,
00157 JAIL,
00158 JAIL,
00159 JAIL,
00160 JAIL,
00161 PAX,
00162 RES,
00163 RES,
00164 RES,
00165 GEN,
00166 GEN,
00167 GEN,
00168 GEN,
00169 GEN,
00170 GEN,
00171 GEN,
00172 GEN,
00173 GEN,
00174 GEN,
00175 GEN,
00176 GEN,
00177 GEN,
00178 CAP,
00179 GEN,
00180 GEN,
00181 GEN,
00182 AUTH,
00183 GEN,
00184 #ifdef __KERNEL__
00185
00186 SW_NONE,
00187 SW_NONE,
00188 SW_NONE,
00189 SW_NONE,
00190 SW_NONE,
00191 SW_NONE,
00192 SW_NONE,
00193 SW_NONE,
00194 SW_NONE,
00195 SW_NONE,
00196 SW_NONE,
00197 SW_NONE,
00198 SW_NONE,
00199 SW_NONE,
00200 SW_NONE,
00201 SW_NONE,
00202 SW_NONE,
00203 SW_NONE,
00204 SW_NONE,
00205 SW_NONE,
00206 SW_NONE,
00207 SW_NONE,
00208 SW_NONE,
00209 SW_NONE,
00210 SW_NONE,
00211 SW_NONE,
00212 SW_NONE,
00213 SW_NONE,
00214 SW_NONE,
00215 SW_NONE,
00216 SW_NONE,
00217 #endif
00218 SW_NONE };
00219
00220 static char attribute_list[A_none+1][23] = {
00221 "pseudo",
00222 "security_level",
00223 "initial_security_level",
00224 "local_sec_level",
00225 "remote_sec_level",
00226 "min_security_level",
00227 "mac_categories",
00228 "mac_initial_categories",
00229 "local_mac_categories",
00230 "remote_mac_categories",
00231 "mac_min_categories",
00232 "mac_user_flags",
00233 "mac_process_flags",
00234 "mac_file_flags",
00235 "system_role",
00236 "mac_role",
00237 "daz_role",
00238 "ff_role",
00239 "auth_role",
00240 "cap_role",
00241 "jail_role",
00242 "pax_role",
00243 "current_sec_level",
00244 "mac_curr_categories",
00245 "min_write_open",
00246 "min_write_categories",
00247 "max_read_open",
00248 "max_read_categories",
00249 "mac_auto",
00250 "mac_check",
00251 "mac_prop_trusted",
00252 "pm_role",
00253 "pm_process_type",
00254 "pm_current_task",
00255 "pm_object_class",
00256 "local_pm_object_class",
00257 "remote_pm_object_class",
00258 "pm_ipc_purpose",
00259 "local_pm_ipc_purpose",
00260 "remote_pm_ipc_purpose",
00261 "pm_object_type",
00262 "local_pm_object_type",
00263 "remote_pm_object_type",
00264 "pm_program_type",
00265 "pm_tp",
00266 "pm_task_set",
00267 "daz_scanned",
00268 "daz_scanner",
00269 "ff_flags",
00270 "rc_type",
00271 "local_rc_type",
00272 "remote_rc_type",
00273 "rc_type_fd",
00274 "rc_type_nt",
00275 "rc_force_role",
00276 "rc_initial_role",
00277 "rc_role",
00278 "rc_def_role",
00279 "auth_may_setuid",
00280 "auth_may_set_cap",
00281 "auth_learn",
00282 "min_caps",
00283 "max_caps",
00284 "max_caps_user",
00285 "max_caps_program",
00286 "jail_id",
00287 "jail_ip",
00288 "jail_flags",
00289 "jail_max_caps",
00290 "jail_scd_get",
00291 "jail_scd_modify",
00292 "pax_flags",
00293 "res_role",
00294 "res_min",
00295 "res_max",
00296 "log_array_low",
00297 "local_log_array_low",
00298 "remote_log_array_low",
00299 "log_array_high",
00300 "local_log_array_high",
00301 "remote_log_array_high",
00302 "log_program_based",
00303 "log_user_based",
00304 "symlink_add_remote_ip",
00305 "symlink_add_uid",
00306 "symlink_add_mac_level",
00307 "symlink_add_rc_role",
00308 "linux_dac_disable",
00309 "cap_process_hiding",
00310 "fake_root_uid",
00311 "audit_uid",
00312 "auid_exempt",
00313 "auth_last_auth",
00314 "remote_ip",
00315 #ifdef __KERNEL__
00316
00317 "owner",
00318 "group",
00319 "signal",
00320 "mode",
00321 "nlink",
00322 "switch_target",
00323 "mod_name",
00324 "request",
00325 "trace_request",
00326 "auth_add_f_cap",
00327 "auth_remove_f_cap",
00328 "auth_get_caplist",
00329 "prot_bits",
00330 "internal",
00331 "create_data",
00332 "new_object",
00333 "rlimit",
00334 "new_dir_dentry_p",
00335 "auth_program_file",
00336 "auth_start_uid",
00337 "auth_start_euid",
00338 "auth_start_gid",
00339 "auth_start_egid",
00340 "acl_learn",
00341 "priority",
00342 "pgid",
00343 "kernel_thread",
00344 "open_flag",
00345 "reboot_cmd",
00346 "setsockopt_level",
00347 "ioctl_cmd",
00348 "f_mode",
00349 #endif
00350 "none" };
00351
00352 static char target_list[T_NONE+1][11] = {
00353 "FILE",
00354 "DIR",
00355 "FIFO",
00356 "SYMLINK",
00357 "DEV",
00358 "IPC",
00359 "SCD",
00360 "USER",
00361 "PROCESS",
00362 "NETDEV",
00363 "NETTEMP",
00364 "NETOBJ",
00365 "NETTEMP_NT",
00366 "GROUP",
00367 "FD",
00368 "NONE" };
00369
00370 static char ipc_target_list[I_none+1][9] = {
00371 "sem",
00372 "msg",
00373 "shm",
00374 "anonpipe",
00375 "mqueue",
00376 "none" };
00377
00378 static char switch_target_list[SW_NONE+1][12] = {
00379 "GEN",
00380 "MAC",
00381 "PM",
00382 "DAZ",
00383 "FF",
00384 "RC",
00385 "AUTH",
00386 "REG",
00387 "ACL",
00388 "CAP",
00389 "JAIL",
00390 "RES",
00391 "PAX",
00392 "SOFTMODE",
00393 "DAC_DISABLE",
00394 "UM",
00395 "FREEZE",
00396 "NONE" };
00397
00398 static char error_list[RSBAC_EMAX][25] = {
00399 "RSBAC_EPERM",
00400 "RSBAC_EACCESS",
00401 "RSBAC_EREADFAILED",
00402 "RSBAC_EWRITEFAILED",
00403 "RSBAC_EINVALIDPOINTER",
00404 "RSBAC_ENOROOTDIR",
00405 "RSBAC_EPATHTOOLONG",
00406 "RSBAC_ENOROOTDEV",
00407 "RSBAC_ENOTFOUND",
00408 "RSBAC_ENOTINITIALIZED",
00409 "RSBAC_EREINIT",
00410 "RSBAC_ECOULDNOTADDDEVICE",
00411 "RSBAC_ECOULDNOTADDITEM",
00412 "RSBAC_ECOULDNOTCREATEPATH",
00413 "RSBAC_EINVALIDATTR",
00414 "RSBAC_EINVALIDDEV",
00415 "RSBAC_EINVALIDTARGET",
00416 "RSBAC_EINVALIDVALUE",
00417 "RSBAC_EEXISTS",
00418 "RSBAC_EINTERNONLY",
00419 "RSBAC_EINVALIDREQUEST",
00420 "RSBAC_ENOTWRITABLE",
00421 "RSBAC_EMALWAREDETECTED",
00422 "RSBAC_ENOMEM",
00423 "RSBAC_EDECISIONMISMATCH",
00424 "RSBAC_EINVALIDVERSION",
00425 "RSBAC_EINVALIDMODULE",
00426 "RSBAC_EEXPIRED",
00427 "RSBAC_EMUSTCHANGE",
00428 "RSBAC_EBUSY",
00429 "RSBAC_EINVALIDTRANSACTION",
00430 "RSBAC_EWEAKPASSWORD"
00431 };
00432
00433 static char scd_type_list[ST_none+1][17] = {
00434 "time_strucs",
00435 "clock",
00436 "host_id",
00437 "net_id",
00438 "ioports",
00439 "rlimit",
00440 "swap",
00441 "syslog",
00442 "rsbac",
00443 "rsbac_log",
00444 "other",
00445 "kmem",
00446 "network",
00447 "firewall",
00448 "priority",
00449 "sysfs",
00450 "rsbac_remote_log",
00451 "quota",
00452 "sysctl",
00453 "nfsd",
00454 "ksyms",
00455 "mlock",
00456 "capability",
00457 "none" };
00458
00459
00460
00461 #ifndef __KERNEL__
00462 static char attribute_param_list[A_none+1][193] = {
00463 "user-pseudo (positive long integer)",
00464 "0 = unclassified, 1 = confidential, 2 = secret,\n\t3 = top secret, 254 = inherit, max. level 252",
00465 "0 = unclassified, 1 = confidential, 2 = secret,\n\t3 = top secret, 254 = inherit, max. level 252",
00466 "0 = unclassified, 1 = confidential, 2 = secret,\n\t3 = top secret, 254 = inherit, max. level 252",
00467 "0 = unclassified, 1 = confidential, 2 = secret,\n\t3 = top secret, 254 = inherit, max. level 252",
00468 "0 = unclassified, 1 = confidential, 2 = secret,\n\t3 = top secret, 254 = inherit, max. level 252",
00469 "Bit Set String of length 64 for all categories",
00470 "Bit Set String of length 64 for all categories",
00471 "Bit Set String of length 64 for all categories",
00472 "Bit Set String of length 64 for all categories",
00473 "Bit Set String of length 64 for all categories",
00474 "1 = override, 4 = trusted, 8 = write_up, 16 = read_up,\n\t32 = write_down, 64 = allow_mac_auto",
00475 "1 = override, 2 = auto, 4 = trusted, 8 = write_up,\n\t16 = read_up, 32 = write_down, 128 = prop_trusted",
00476 "2 = auto, 4 = trusted, 8 = write_up, 16 = read_up,\n\t32 = write_down",
00477 "0 = user, 1 = security officer, 2 = administrator,\n\t3 = auditor",
00478 "0 = user, 1 = security officer, 2 = administrator,\n\t3 = auditor",
00479 "0 = user, 1 = security officer, 2 = administrator,\n\t3 = auditor",
00480 "0 = user, 1 = security officer, 2 = administrator,\n\t3 = auditor",
00481 "0 = user, 1 = security officer, 2 = administrator,\n\t3 = auditor",
00482 "0 = user, 1 = security officer, 2 = administrator,\n\t3 = auditor",
00483 "0 = user, 1 = security officer, 2 = administrator,\n\t3 = auditor",
00484 "0 = user, 1 = security officer, 2 = administrator,\n\t3 = auditor",
00485 "0 = unclassified, 1 = confidential, 2 = secret,\n\t3 = top secret, max. level 252",
00486 "Bit Set String of length 64 for all categories",
00487 "0 = unclassified, 1 = confidential, 2 = secret,\n\t3 = top secret, max. level 252",
00488 "Bit Set String of length 64 for all categories",
00489 "0 = unclassified, 1 = confidential, 2 = secret,\n\t3 = top secret, max. level 252",
00490 "Bit Set String of length 64 for all categories",
00491 "0 = no, 1 = yes, 2 = inherit (default value)",
00492 "0 = false, 1 = true",
00493 "0 = false, 1 = true",
00494 "0 = user, 1 = security officer, 2 = data protection officer,\n\t3 = TP-manager, 4 = system-admin",
00495 "0 = none, 1 = TP",
00496 "Task-ID (positive integer)",
00497 "Class-ID (positive integer)",
00498 "Class-ID (positive integer)",
00499 "Class-ID (positive integer)",
00500 "Purpose-ID (positive integer)",
00501 "Purpose-ID (positive integer)",
00502 "Purpose-ID (positive integer)",
00503 "0 = none, 1 = TP, 2 = personal data, 3 = non-personal data,\n\t4 = ipc, 5 = dir",
00504 "0 = none, 1 = TP, 2 = personal data, 3 = non-personal data,\n\t4 = ipc, 5 = dir",
00505 "0 = none, 1 = TP, 2 = personal data, 3 = non-personal data,\n\t4 = ipc, 5 = dir",
00506 "0 = none, 1 = TP",
00507 "TP-ID (positive integer)",
00508 "pm-task-list-ID (positive integer)",
00509 "0 = unscanned, 1 = infected, 2 = clean",
00510 "0 = FALSE, 1 = TRUE",
00511 "1 = read_only, 2 = execute_only, 4 = search_only, 8 = write_only,\n\t16 = secure_delete, 32 = no_execute, 64 = no_delete_or_rename,\n\t128 = add_inherited (or'd), 256 = append_only, 512 = no_mount",
00512 "RC-type-id",
00513 "RC-type-id",
00514 "RC-type-id",
00515 "RC-type-id (-2 = inherit from parent)",
00516 "RC-type-id",
00517 "RC-role-id (-1 = inherit_user, -2 = inherit_process (keep),\n\t-3 = inherit_parent (def.),\n\t-4 = inherit_user_on_chown_only (root default)",
00518 "RC-role-id (-3 = inherit_parent (default),\n\t-5 = use_force_role (root default)",
00519 "RC-role-id",
00520 "RC-role-id",
00521 "0 = off, 1 = full, 2 = last_auth_only, 3 = last_auth_and_gid",
00522 "0 = false, 1 = true",
00523 "0 = false, 1 = true",
00524 "Bit-Vector value or name list of desired caps",
00525 "Bit-Vector value or name list of desired caps",
00526 "Bit-Vector value or name list of desired caps",
00527 "Bit-Vector value or name list of desired caps",
00528 "JAIL ID (0 = off)",
00529 "JAIL IP address a.b.c.d",
00530 "JAIL flags (or'd, 1 = allow external IPC, 2 = allow all net families,\n\t4 = allow_rlimit, 8 = allow raw IP, 16 = auto adjust IP,\n\t32 = allow localhost, 64 = allow scd clock)",
00531 "Bit-Vector value or name list of desired caps",
00532 "PAX flags with capital=on, non-capital=off, e.g. PeMRxS",
00533 "0 = user, 1 = security officer, 2 = administrator",
00534 "array of non-negative integer values, all 0 for unset",
00535 "array of non-negative integer values, all 0 for unset",
00536 "Bit-String for all Requests, low bit",
00537 "Bit-String for all Requests, low bit",
00538 "Bit-String for all Requests, low bit",
00539 "Bit-String for all Requests, high bit (l=0,h=0 = none, l=1,h=0 = denied,\n\tl=0,h=1 = full, l=1,h=1 = request based)",
00540 "Bit-String for all Requests, high bit (l=0,h=0 = none, l=1,h=0 = denied,\n\tl=0,h=1 = full, l=1,h=1 = request based)",
00541 "Bit-String for all Requests, high bit (l=0,h=0 = none, l=1,h=0 = denied,\n\tl=0,h=1 = full, l=1,h=1 = request based)",
00542 "Bit-String for all Requests",
00543 "Bit-String for all Requests",
00544 "Number of bytes to add, 0 to turn off",
00545 "0 = false, 1 = true",
00546 "0 = false, 1 = true",
00547 "0 = false, 1 = true",
00548 "0 = false, 1 = true, 2 = inherit (default)",
00549 "0 = off (default), 1 = from other users, 2 = full",
00550 "0 = off (default), 1 = uid_only, 2 = euid_only, 3 = both",
00551 "-3 = unset, uid otherwise",
00552 "-3 = unset, uid otherwise",
00553 "-3 = unset, uid otherwise",
00554 "32 Bit value in network byte order",
00555 "INVALID!" };
00556 #endif
00557
00558 static char log_level_list[LL_invalid+1][9] = {
00559 "none",
00560 "denied",
00561 "full",
00562 "request",
00563 "invalid!" };
00564
00565 static char cap_list[RSBAC_CAP_MAX+1][17] = {
00566 "CHOWN",
00567 "DAC_OVERRIDE",
00568 "DAC_READ_SEARCH",
00569 "FOWNER",
00570 "FSETID",
00571 "KILL",
00572 "SETGID",
00573 "SETUID",
00574 "SETPCAP",
00575 "LINUX_IMMUTABLE",
00576 "NET_BIND_SERVICE",
00577 "NET_BROADCAST",
00578 "NET_ADMIN",
00579 "NET_RAW",
00580 "IPC_LOCK",
00581 "IPC_OWNER",
00582 "SYS_MODULE",
00583 "SYS_RAWIO",
00584 "SYS_CHROOT",
00585 "SYS_PTRACE",
00586 "SYS_PACCT",
00587 "SYS_ADMIN",
00588 "SYS_BOOT",
00589 "SYS_NICE",
00590 "SYS_RESOURCE",
00591 "SYS_TIME",
00592 "SYS_TTY_CONFIG",
00593 "MKNOD",
00594 "LEASE",
00595 "NONE" };
00596
00597
00598
00599 #ifdef __KERNEL__
00600 #if defined(CONFIG_RSBAC_REG) || defined(CONFIG_RSBAC_REG_MAINT)
00601 EXPORT_SYMBOL(get_request_name);
00602 #endif
00603 #endif
00604
00605 char * get_request_name(char * request_name,
00606 enum rsbac_adf_request_t request)
00607 {
00608 if(!request_name)
00609 return(NULL);
00610 if(request >= R_NONE)
00611 strcpy(request_name, "ERROR!");
00612 else
00613 strcpy(request_name, request_list[request]);
00614 return(request_name);
00615 }
00616
00617 enum rsbac_adf_request_t get_request_nr(const char * request_name)
00618 {
00619 enum rsbac_adf_request_t i;
00620
00621 if(!request_name)
00622 return(R_NONE);
00623 for (i = 0; i < R_NONE; i++)
00624 {
00625 if (!strcmp(request_name,request_list[i]))
00626 {
00627 return(i);
00628 }
00629 }
00630 return(R_NONE);
00631 }
00632
00633
00634 char * get_result_name(char * res_name,
00635 enum rsbac_adf_req_ret_t res)
00636 {
00637 if(!res_name)
00638 return(NULL);
00639 if(res > UNDEFINED)
00640 strcpy(res_name, "ERROR!");
00641 else
00642 strcpy(res_name, result_list[res]);
00643 return(res_name);
00644 }
00645
00646 enum rsbac_adf_req_ret_t get_result_nr(const char * res_name)
00647 {
00648 enum rsbac_adf_req_ret_t i;
00649
00650 if(!res_name)
00651 return(UNDEFINED);
00652 for (i = 0; i < UNDEFINED; i++)
00653 {
00654 if (!strcmp(res_name,result_list[i]))
00655 {
00656 return(i);
00657 }
00658 }
00659 return(UNDEFINED);
00660 }
00661
00662
00663 enum rsbac_switch_target_t get_attr_module(enum rsbac_attribute_t attr)
00664 {
00665 if(attr > A_none)
00666 return SW_NONE;
00667 else
00668 return attr_mod_list[attr];
00669 }
00670
00671 #ifdef __KERNEL__
00672 #if defined(CONFIG_RSBAC_REG) || defined(CONFIG_RSBAC_REG_MAINT)
00673 EXPORT_SYMBOL(get_attribute_name);
00674 #endif
00675 #endif
00676
00677 char * get_attribute_name( char * attr_name,
00678 enum rsbac_attribute_t attr)
00679 {
00680 if(!attr_name)
00681 return(NULL);
00682 if(attr > A_none)
00683 strcpy(attr_name, "ERROR!");
00684 else
00685 strcpy(attr_name, attribute_list[attr]);
00686 return(attr_name);
00687 }
00688
00689 enum rsbac_attribute_t get_attribute_nr(const char * attr_name)
00690 {
00691 enum rsbac_attribute_t i;
00692
00693 if(!attr_name)
00694 return(A_none);
00695 for (i = 0; i < A_none; i++)
00696 {
00697 if (!strcmp(attr_name,attribute_list[i]))
00698 {
00699 return(i);
00700 }
00701 }
00702 return(A_none);
00703 }
00704
00705 #ifdef __KERNEL__
00706 #if defined(CONFIG_RSBAC_REG) || defined(CONFIG_RSBAC_REG_MAINT)
00707 EXPORT_SYMBOL(get_attribute_value_name);
00708 #endif
00709 #endif
00710
00711 char * get_attribute_value_name( char * attr_val_name,
00712 enum rsbac_attribute_t attr,
00713 union rsbac_attribute_value_t * attr_val_p)
00714 {
00715 if(!attr_val_name)
00716 return(NULL);
00717 if(attr > A_none)
00718 strcpy(attr_val_name, "ERROR!");
00719 else
00720 switch(attr)
00721 {
00722 case A_none:
00723 strcpy(attr_val_name, "none");
00724 break;
00725 #ifdef __KERNEL__
00726 case A_create_data:
00727 {
00728 char * tmp = rsbac_kmalloc(RSBAC_MAXNAMELEN);
00729
00730 if(tmp)
00731 {
00732 if(attr_val_p->create_data.dentry_p)
00733 snprintf(attr_val_name, RSBAC_MAXNAMELEN - 1,
00734 "%s %s, mode %o",
00735 get_target_name_only(tmp, attr_val_p->create_data.target),
00736 attr_val_p->create_data.dentry_p->d_name.name,
00737 attr_val_p->create_data.mode & S_IALLUGO);
00738 else
00739 snprintf(attr_val_name, RSBAC_MAXNAMELEN - 1,
00740 "%s, mode %o",
00741 get_target_name_only(tmp, attr_val_p->create_data.target),
00742 attr_val_p->create_data.mode & S_IALLUGO);
00743 rsbac_kfree(tmp);
00744 }
00745 }
00746 break;
00747 case A_mode:
00748 sprintf(attr_val_name, "%o", attr_val_p->mode);
00749 break;
00750 case A_priority:
00751 sprintf(attr_val_name, "%i", attr_val_p->priority);
00752 break;
00753 case A_mod_name:
00754 if(attr_val_p->mod_name)
00755 strncpy(attr_val_name, attr_val_p->mod_name, RSBAC_MAXNAMELEN - 1);
00756 else
00757 strcpy(attr_val_name, "unknown");
00758 attr_val_name[RSBAC_MAXNAMELEN - 1] = 0;
00759 break;
00760 case A_auth_add_f_cap:
00761 case A_auth_remove_f_cap:
00762 sprintf(attr_val_name, "%u:%u",
00763 attr_val_p->auth_cap_range.first,
00764 attr_val_p->auth_cap_range.last);
00765 break;
00766 case A_switch_target:
00767 get_switch_target_name(attr_val_name, attr_val_p->switch_target);
00768 break;
00769 case A_request:
00770 get_request_name(attr_val_name, attr_val_p->request);
00771 break;
00772 #endif
00773 #if defined(CONFIG_RSBAC_PAX) || !defined(__KERNEL__)
00774 case A_pax_flags:
00775 pax_print_flags(attr_val_name, attr_val_p->pax_flags);
00776 break;
00777 #endif
00778 default:
00779 snprintf(attr_val_name, RSBAC_MAXNAMELEN - 1, "%u", attr_val_p->u_dummy);
00780 }
00781 return(attr_val_name);
00782 }
00783
00784
00785 #ifdef __KERNEL__
00786 #if defined(CONFIG_RSBAC_REG) || defined(CONFIG_RSBAC_REG_MAINT)
00787 EXPORT_SYMBOL(get_scd_type_name);
00788 #endif
00789 #endif
00790
00791 char * get_scd_type_name(char * res_name,
00792 enum rsbac_scd_type_t res)
00793 {
00794 if(!res_name)
00795 return(NULL);
00796 if(res > ST_none)
00797 strcpy(res_name, "ERROR!");
00798 else
00799 strcpy(res_name, scd_type_list[res]);
00800 return(res_name);
00801 }
00802
00803 enum rsbac_scd_type_t get_scd_type_nr(const char * res_name)
00804 {
00805 enum rsbac_scd_type_t i;
00806
00807 if(!res_name)
00808 return(ST_none);
00809 for (i = 0; i < ST_none; i++)
00810 {
00811 if (!strcmp(res_name, scd_type_list[i]))
00812 {
00813 return(i);
00814 }
00815 }
00816 return(ST_none);
00817 }
00818
00819
00820 #ifdef __KERNEL__
00821 #if defined(CONFIG_RSBAC_REG) || defined(CONFIG_RSBAC_REG_MAINT)
00822 EXPORT_SYMBOL(get_target_name);
00823 #endif
00824 #endif
00825
00826 char * get_target_name(char * target_type_name,
00827 enum rsbac_target_t target,
00828 char * target_id_name,
00829 union rsbac_target_id_t tid)
00830 {
00831 #ifdef __KERNEL__
00832 char * help_name;
00833 #else
00834 char help_name[RSBAC_MAXNAMELEN+4];
00835 #endif
00836
00837 if(!target_type_name)
00838 return(NULL);
00839
00840 #ifdef __KERNEL__
00841 #ifdef CONFIG_RSBAC_LOG_FULL_PATH
00842 help_name = rsbac_kmalloc(CONFIG_RSBAC_MAX_PATH_LEN + 4);
00843 #else
00844 help_name = rsbac_kmalloc(RSBAC_MAXNAMELEN + 4);
00845 #endif
00846 if(!help_name)
00847 return NULL;
00848 #endif
00849
00850 switch(target)
00851 {
00852 #ifdef __KERNEL__
00853 case T_FD: strcpy (target_type_name, "FD");
00854 if(!target_id_name)
00855 break;
00856 sprintf(target_id_name, "Device %02u:%02u Inode %u",
00857 RSBAC_MAJOR(tid.file.device), RSBAC_MINOR(tid.file.device),
00858 tid.file.inode);
00859 if( tid.file.dentry_p
00860 && tid.file.dentry_p->d_name.name
00861 && tid.file.dentry_p->d_name.len
00862 )
00863 {
00864 #ifdef CONFIG_RSBAC_LOG_FULL_PATH
00865 if(rsbac_get_full_path(tid.file.dentry_p, help_name,
00866 CONFIG_RSBAC_MAX_PATH_LEN) > 0)
00867 {
00868 strcat(target_id_name, " Path ");
00869 strcat(target_id_name, help_name);
00870 }
00871 #else
00872 int namelen = rsbac_min(tid.file.dentry_p->d_name.len, RSBAC_MAXNAMELEN);
00873
00874 strcat(target_id_name, " Name ");
00875 strncpy(help_name, tid.file.dentry_p->d_name.name, namelen);
00876 help_name[namelen]=0;
00877 strcat(target_id_name, help_name);
00878 #endif
00879 }
00880 break;
00881 case T_FILE: strcpy (target_type_name, "FILE");
00882 if(!target_id_name)
00883 break;
00884 sprintf(target_id_name, "Device %02u:%02u Inode %u",
00885 RSBAC_MAJOR(tid.file.device), RSBAC_MINOR(tid.file.device),
00886 tid.file.inode);
00887 if( tid.file.dentry_p
00888 && tid.file.dentry_p->d_name.name
00889 && tid.file.dentry_p->d_name.len
00890 )
00891 {
00892 #ifdef CONFIG_RSBAC_LOG_FULL_PATH
00893 if(rsbac_get_full_path(tid.file.dentry_p, help_name,
00894 CONFIG_RSBAC_MAX_PATH_LEN) > 0)
00895 {
00896 strcat(target_id_name, " Path ");
00897 strcat(target_id_name, help_name);
00898 }
00899 #else
00900 int namelen = rsbac_min(tid.file.dentry_p->d_name.len, RSBAC_MAXNAMELEN);
00901
00902 strcat(target_id_name, " Name ");
00903 strncpy(help_name, tid.file.dentry_p->d_name.name, namelen);
00904 help_name[namelen]=0;
00905 strcat(target_id_name, help_name);
00906 #endif
00907 }
00908 break;
00909 case T_DIR: strcpy (target_type_name, "DIR");
00910 if(!target_id_name)
00911 break;
00912 sprintf(target_id_name, "Device %02u:%02u Inode %u",
00913 RSBAC_MAJOR(tid.file.device), RSBAC_MINOR(tid.file.device),
00914 tid.dir.inode);
00915 if( tid.dir.dentry_p
00916 && tid.dir.dentry_p->d_name.name
00917 && tid.dir.dentry_p->d_name.len
00918 )
00919 {
00920 #ifdef CONFIG_RSBAC_LOG_FULL_PATH
00921 if(rsbac_get_full_path(tid.dir.dentry_p, help_name,
00922 CONFIG_RSBAC_MAX_PATH_LEN) > 0)
00923 {
00924 strcat(target_id_name, " Path ");
00925 strcat(target_id_name, help_name);
00926 }
00927 #else
00928 int namelen = rsbac_min(tid.dir.dentry_p->d_name.len, RSBAC_MAXNAMELEN);
00929
00930 strcat(target_id_name, " Name ");
00931 strncpy(help_name, tid.dir.dentry_p->d_name.name, namelen);
00932 help_name[namelen]=0;
00933 strcat(target_id_name, help_name);
00934 #endif
00935 }
00936 break;
00937 case T_FIFO: strcpy (target_type_name, "FIFO");
00938 if(!target_id_name)
00939 break;
00940 sprintf(target_id_name, "Device %02u:%02u Inode %u",
00941 RSBAC_MAJOR(tid.file.device), RSBAC_MINOR(tid.file.device),
00942 tid.fifo.inode);
00943 if( tid.fifo.dentry_p
00944 && tid.fifo.dentry_p->d_name.name
00945 && tid.fifo.dentry_p->d_name.len
00946 )
00947 {
00948 #ifdef CONFIG_RSBAC_LOG_FULL_PATH
00949 if(rsbac_get_full_path(tid.fifo.dentry_p, help_name,
00950 CONFIG_RSBAC_MAX_PATH_LEN) > 0)
00951 {
00952 strcat(target_id_name, " Path ");
00953 strcat(target_id_name, help_name);
00954 }
00955 #else
00956 int namelen = rsbac_min(tid.fifo.dentry_p->d_name.len, RSBAC_MAXNAMELEN);
00957
00958 strcat(target_id_name, " Name ");
00959 strncpy(help_name, tid.fifo.dentry_p->d_name.name, namelen);
00960 help_name[namelen]=0;
00961 strcat(target_id_name, help_name);
00962 #endif
00963 }
00964 break;
00965 case T_SYMLINK: strcpy (target_type_name, "SYMLINK");
00966 if(!target_id_name)
00967 break;
00968 sprintf(target_id_name, "Device %02u:%02u Inode %u",
00969 RSBAC_MAJOR(tid.file.device), RSBAC_MINOR(tid.file.device),
00970 tid.symlink.inode);
00971 if( tid.symlink.dentry_p
00972 && tid.symlink.dentry_p->d_name.name
00973 && tid.symlink.dentry_p->d_name.len
00974 )
00975 {
00976 #ifdef CONFIG_RSBAC_LOG_FULL_PATH
00977 if(rsbac_get_full_path(tid.symlink.dentry_p, help_name,
00978 CONFIG_RSBAC_MAX_PATH_LEN) > 0)
00979 {
00980 strcat(target_id_name, " Path ");
00981 strcat(target_id_name, help_name);
00982 }
00983 #else
00984 int namelen = rsbac_min(tid.symlink.dentry_p->d_name.len, RSBAC_MAXNAMELEN);
00985
00986 strcat(target_id_name, " Name ");
00987 strncpy(help_name, tid.symlink.dentry_p->d_name.name, namelen);
00988 help_name[namelen]=0;
00989 strcat(target_id_name, help_name);
00990 #endif
00991 }
00992 break;
00993 case T_DEV: strcpy (target_type_name, "DEV");
00994 if(!target_id_name)
00995 break;
00996 switch(tid.dev.type)
00997 {
00998 case D_block:
00999 sprintf(target_id_name, "block %02u:%02u",
01000 tid.dev.major, tid.dev.minor);
01001 break;
01002 case D_char:
01003 sprintf(target_id_name, "char %02u:%02u",
01004 tid.dev.major, tid.dev.minor);
01005 break;
01006 case D_block_major:
01007 sprintf(target_id_name, "block major %02u",
01008 tid.dev.major);
01009 break;
01010 case D_char_major:
01011 sprintf(target_id_name, "char major %02u",
01012 tid.dev.major);
01013 break;
01014 default:
01015 sprintf(target_id_name, "*unknown* %02u:%02u",
01016 tid.dev.major, tid.dev.minor);
01017 }
01018 break;
01019 case T_NETOBJ: strcpy (target_type_name, "NETOBJ");
01020 if(!target_id_name)
01021 break;
01022 #ifdef CONFIG_NET
01023 if( tid.netobj.sock_p
01024 && tid.netobj.sock_p->ops
01025 && tid.netobj.sock_p->sk
01026 )
01027 {
01028 char type_name[RSBAC_MAXNAMELEN];
01029
01030 switch(tid.netobj.sock_p->ops->family)
01031 {
01032 case AF_INET:
01033 {
01034 __u32 saddr;
01035 __u16 sport;
01036 __u32 daddr;
01037 __u16 dport;
01038 struct net_device *dev;
01039 char ldevname[RSBAC_IFNAMSIZ+10];
01040 char rdevname[RSBAC_IFNAMSIZ+10];
01041
01042 if(tid.netobj.local_addr)
01043 {
01044 struct sockaddr_in * addr = tid.netobj.local_addr;
01045
01046 saddr = addr->sin_addr.s_addr;
01047 sport = ntohs(addr->sin_port);
01048 }
01049 else
01050 {
01051 #if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,0)
01052 saddr = inet_sk(tid.netobj.sock_p->sk)->saddr;
01053 sport = inet_sk(tid.netobj.sock_p->sk)->num;
01054 #else
01055 saddr = tid.netobj.sock_p->sk->saddr;
01056 sport = tid.netobj.sock_p->sk->num;
01057 #endif
01058 }
01059 if(tid.netobj.remote_addr)
01060 {
01061 struct sockaddr_in * addr = tid.netobj.remote_addr;
01062
01063 daddr = addr->sin_addr.s_addr;
01064 dport = ntohs(addr->sin_port);
01065 }
01066 else
01067 {
01068 #if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,0)
01069 daddr = inet_sk(tid.netobj.sock_p->sk)->daddr;
01070 dport = ntohs(inet_sk(tid.netobj.sock_p->sk)->dport);
01071 #else
01072 daddr = tid.netobj.sock_p->sk->daddr;
01073 dport = ntohs(tid.netobj.sock_p->sk->dport);
01074 #endif
01075 }
01076 dev = ip_dev_find(saddr);
01077 if(dev)
01078 {
01079 sprintf(ldevname, "%s:", dev->name);
01080 dev_put(dev);
01081 }
01082 else
01083 ldevname[0] = 0;
01084 dev = ip_dev_find(daddr);
01085 if(dev)
01086 {
01087 sprintf(rdevname, "%s:", dev->name);
01088 dev_put(dev);
01089 }
01090 else
01091 rdevname[0] = 0;
01092 sprintf(target_id_name, "%p INET %s proto %s local %s%u.%u.%u.%u:%u remote %s%u.%u.%u.%u:%u",
01093 tid.netobj.sock_p,
01094 rsbac_get_net_type_name(type_name,
01095 tid.netobj.sock_p->type),
01096 #if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,0)
01097 rsbac_get_net_protocol_name(help_name,
01098 tid.netobj.sock_p->sk->sk_protocol),
01099 #else
01100 rsbac_get_net_protocol_name(help_name,
01101 tid.netobj.sock_p->sk->protocol),
01102 #endif
01103 ldevname,
01104 NIPQUAD(saddr),
01105 sport,
01106 rdevname,
01107 NIPQUAD(daddr),
01108 dport);
01109 }
01110 break;
01111 case AF_UNIX:
01112 #if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,0)
01113 if(unix_sk(tid.netobj.sock_p->sk)->addr)
01114 sprintf(target_id_name, "%p UNIX %s %s",
01115 tid.netobj.sock_p,
01116 rsbac_get_net_type_name(type_name,
01117 tid.netobj.sock_p->type),
01118 unix_sk(tid.netobj.sock_p->sk)->addr->name[0].sun_path);
01119 #else
01120 if(tid.netobj.sock_p->sk->protinfo.af_unix.addr)
01121 sprintf(target_id_name, "%p UNIX %s %s",
01122 tid.netobj.sock_p,
01123 rsbac_get_net_type_name(type_name,
01124 tid.netobj.sock_p->type),
01125 tid.netobj.sock_p->sk->protinfo.af_unix.addr->name[0].sun_path);
01126 #endif
01127 else
01128 if(tid.netobj.local_addr)
01129 {
01130 struct sockaddr_un * addr = tid.netobj.local_addr;
01131
01132 sprintf(target_id_name, "%p UNIX %s %s",
01133 tid.netobj.sock_p,
01134 rsbac_get_net_type_name(type_name,
01135 tid.netobj.sock_p->type),
01136 addr->sun_path);
01137 }
01138 else
01139 sprintf(target_id_name, "%p UNIX %s",
01140 tid.netobj.sock_p,
01141 rsbac_get_net_type_name(type_name,
01142 tid.netobj.sock_p->type));
01143 break;
01144 default:
01145 sprintf(target_id_name, "%p %s %s",
01146 tid.netobj.sock_p,
01147 rsbac_get_net_family_name(help_name,
01148 tid.netobj.sock_p->ops->family),
01149 rsbac_get_net_type_name(type_name,
01150 tid.netobj.sock_p->type));
01151 }
01152 }
01153 else
01154 #endif
01155 {
01156 sprintf(target_id_name, "%p", tid.netobj.sock_p);
01157 }
01158 break;
01159 #endif
01160 case T_IPC: strcpy (target_type_name, "IPC");
01161 if(!target_id_name)
01162 break;
01163 switch (tid.ipc.type)
01164 {
01165 case I_sem: strcpy(target_id_name, "Sem-ID ");
01166 break;
01167 case I_msg: strcpy(target_id_name, "Msg-ID ");
01168 break;
01169 case I_shm: strcpy(target_id_name, "Shm-ID ");
01170 break;
01171 case I_anonpipe: strcpy(target_id_name, "AnonPipe-ID ");
01172 break;
01173 case I_mqueue: strcpy(target_id_name, "Mqueue-ID ");
01174 break;
01175 default: strcpy(target_id_name, "???-ID ");
01176 break;
01177 };
01178 sprintf(help_name, "%lu", tid.ipc.id.id_nr);
01179 strcat(target_id_name, help_name);
01180 break;
01181 case T_SCD: strcpy (target_type_name, "SCD");
01182 if(target_id_name)
01183 get_scd_type_name(target_id_name, tid.scd);
01184 break;
01185 case T_USER: strcpy (target_type_name, "USER");
01186 if(target_id_name)
01187 sprintf(target_id_name, "%u", tid.user);
01188 break;
01189 case T_PROCESS: strcpy (target_type_name, "PROCESS");
01190 if(target_id_name)
01191 sprintf(target_id_name, "%u", tid.process);
01192 break;
01193 case T_GROUP: strcpy (target_type_name, "GROUP");
01194 if(target_id_name)
01195 sprintf(target_id_name, "%u", tid.group);
01196 break;
01197 case T_NETDEV: strcpy (target_type_name, "NETDEV");
01198 if(!target_id_name)
01199 break;
01200 strncpy(target_id_name, tid.netdev, RSBAC_IFNAMSIZ);
01201 target_id_name[RSBAC_IFNAMSIZ] = 0;
01202 break;
01203 case T_NETTEMP: strcpy (target_type_name, "NETTEMP");
01204 if(target_id_name)
01205 sprintf(target_id_name, "%u", tid.nettemp);
01206 break;
01207 case T_NETTEMP_NT: strcpy (target_type_name, "NETTEMP_NT");
01208 if(target_id_name)
01209 sprintf(target_id_name, "%u", tid.nettemp);
01210 break;
01211 case T_NONE: strcpy (target_type_name, "NONE");
01212 if(target_id_name)
01213 strcpy (target_id_name, "NONE");
01214 break;
01215 default: strcpy (target_type_name, "ERROR!!!");
01216 if(target_id_name)
01217 sprintf(target_id_name, "%u", target);
01218 }
01219 #ifdef __KERNEL__
01220 rsbac_kfree(help_name);
01221 #endif
01222 return(target_type_name);
01223 }
01224
01225 char * get_target_name_only(char * target_type_name,
01226 enum rsbac_target_t target)
01227 {
01228 if(!target_type_name)
01229 return(NULL);
01230
01231 switch(target)
01232 {
01233 case T_FILE: strcpy (target_type_name, "FILE");
01234 break;
01235 case T_DIR: strcpy (target_type_name, "DIR");
01236 break;
01237 case T_FIFO: strcpy (target_type_name, "FIFO");
01238 break;
01239 case T_SYMLINK: strcpy (target_type_name, "SYMLINK");
01240 break;
01241 case T_FD: strcpy (target_type_name, "FD");
01242 break;
01243 case T_DEV: strcpy (target_type_name, "DEV");
01244 break;
01245 case T_NETOBJ: strcpy (target_type_name, "NETOBJ");
01246 break;
01247 case T_IPC: strcpy (target_type_name, "IPC");
01248 break;
01249 case T_SCD: strcpy (target_type_name, "SCD");
01250 break;
01251 case T_USER: strcpy (target_type_name, "USER");
01252 break;
01253 case T_PROCESS: strcpy (target_type_name, "PROCESS");
01254 break;
01255 case T_GROUP: strcpy (target_type_name, "GROUP");
01256 break;
01257 case T_NETDEV: strcpy (target_type_name, "NETDEV");
01258 break;
01259 case T_NETTEMP: strcpy (target_type_name, "NETTEMP");
01260 break;
01261 case T_NETTEMP_NT: strcpy (target_type_name, "NETTEMP_NT");
01262 break;
01263 case T_NONE: strcpy (target_type_name, "NONE");
01264 break;
01265 default: strcpy (target_type_name, "ERROR!!!");
01266 };
01267 return(target_type_name);
01268 }
01269
01270 enum rsbac_target_t get_target_nr(const char * target_name)
01271 {
01272 enum rsbac_target_t i;
01273
01274 if(!target_name)
01275 return(T_NONE);
01276 for (i = 0; i < T_NONE; i++)
01277 {
01278 if (!strcmp(target_name,target_list[i]))
01279 {
01280 return(i);
01281 }
01282 }
01283 return(T_NONE);
01284 }
01285
01286 char * get_ipc_target_name(char * ipc_name,
01287 enum rsbac_ipc_type_t target)
01288 {
01289 if(!ipc_name)
01290 return(NULL);
01291 if(target > I_none)
01292 strcpy(ipc_name, "ERROR!");
01293 else
01294 strcpy(ipc_name, ipc_target_list[target]);
01295 return(ipc_name);
01296 }
01297
01298 enum rsbac_ipc_type_t get_ipc_target_nr(const char * ipc_name)
01299 {
01300 enum rsbac_ipc_type_t i;
01301
01302 if(!ipc_name)
01303 return(I_none);
01304 for (i = 0; i < I_none; i++)
01305 {
01306 if (!strcmp(ipc_name,ipc_target_list[i]))
01307 {
01308 return(i);
01309 }
01310 }
01311 return(I_none);
01312 }
01313
01314
01315 #ifdef __KERNEL__
01316 #if defined(CONFIG_RSBAC_REG) || defined(CONFIG_RSBAC_REG_MAINT)
01317 EXPORT_SYMBOL(get_switch_target_name);
01318 #endif
01319 #endif
01320
01321 char * get_switch_target_name(char * switch_name,
01322 enum rsbac_switch_target_t target)
01323 {
01324 if(!switch_name)
01325 return(NULL);
01326 if(target > SW_NONE)
01327 strcpy(switch_name, "ERROR!");
01328 else
01329 strcpy(switch_name, switch_target_list[target]);
01330 return(switch_name);
01331 }
01332
01333 enum rsbac_switch_target_t get_switch_target_nr(const char * switch_name)
01334 {
01335 enum rsbac_switch_target_t i;
01336
01337 if(!switch_name)
01338 return(SW_NONE);
01339 for (i = 0; i < SW_NONE; i++)
01340 {
01341 #ifdef __KERNEL__
01342 if (!strncmp(switch_name,switch_target_list[i],strlen(switch_target_list[i])))
01343 #else
01344 if (!strcmp(switch_name,switch_target_list[i]))
01345 #endif
01346 {
01347 return(i);
01348 }
01349 }
01350 return(SW_NONE);
01351 }
01352
01353
01354 #ifdef __KERNEL__
01355 #if defined(CONFIG_RSBAC_REG) || defined(CONFIG_RSBAC_REG_MAINT)
01356 EXPORT_SYMBOL(get_error_name);
01357 #endif
01358 #endif
01359
01360 char * get_error_name(char * error_name,
01361 int error)
01362 {
01363 if(!error_name)
01364 return(NULL);
01365 if(RSBAC_ERROR(error))
01366 strcpy(error_name, error_list[(-error)-RSBAC_EPERM]);
01367 else
01368 #ifdef __KERNEL__
01369 inttostr(error_name, error);
01370 #else
01371 strcpy(error_name, strerror(errno));
01372 #endif
01373 return(error_name);
01374 }
01375
01376 #ifndef __KERNEL__
01377 char * get_attribute_param( char * attr_name,
01378 enum rsbac_attribute_t attr)
01379 {
01380 if(!attr_name)
01381 return(NULL);
01382 if(attr > A_none)
01383 strcpy(attr_name, "ERROR!");
01384 else
01385 strcpy(attr_name, attribute_param_list[attr]);
01386 return(attr_name);
01387 }
01388 #endif
01389
01390 char * get_log_level_name(char * ll_name,
01391 enum rsbac_log_level_t target)
01392 {
01393 if(!ll_name)
01394 return(NULL);
01395 if(target > LL_invalid)
01396 strcpy(ll_name, "ERROR!");
01397 else
01398 strcpy(ll_name, log_level_list[target]);
01399 return(ll_name);
01400 }
01401
01402 enum rsbac_log_level_t get_log_level_nr(const char * ll_name)
01403 {
01404 enum rsbac_log_level_t i;
01405
01406 if(!ll_name)
01407 return(LL_invalid);
01408 for (i = 0; i < LL_invalid; i++)
01409 {
01410 if (!strcmp(ll_name,log_level_list[i]))
01411 {
01412 return(i);
01413 }
01414 }
01415 return(LL_invalid);
01416 }
01417
01418 char * get_cap_name(char * name,
01419 u_int value)
01420 {
01421 if(!name)
01422 return(NULL);
01423 if(value > CAP_NONE)
01424 strcpy(name, "ERROR!");
01425 else
01426 strcpy(name, cap_list[value]);
01427 return(name);
01428 }
01429
01430 int get_cap_nr(const char * name)
01431 {
01432 int i;
01433
01434 if(!name)
01435 return(RT_NONE);
01436 for (i = 0; i < CAP_NONE; i++)
01437 {
01438 if (!strcmp(name, cap_list[i]))
01439 {
01440 return(i);
01441 }
01442 }
01443 return(CAP_NONE);
01444 }
