#include "dazukoio_xp.h"Go to the source code of this file.
Defines | |
| #define | VERSION "2.0.5" |
| #define | SET_ACCESS_MASK 0 |
| #define | ADD_INCLUDE_PATH 1 |
| #define | ADD_EXCLUDE_PATH 2 |
| #define | REGISTER 3 |
| #define | REMOVE_ALL_PATHS 4 |
| #define | UNREGISTER 5 |
| #define | GET_AN_ACCESS 6 |
| #define | RETURN_AN_ACCESS 7 |
| #define | DAZUKO_FREE 0 |
| #define | DAZUKO_READY 1 |
| #define | DAZUKO_WAITING 2 |
| #define | DAZUKO_WORKING 3 |
| #define | DAZUKO_DONE 4 |
| #define | DAZUKO_BROKEN 5 |
| #define | DAZUKO_NONE 0 |
| #define | DAZUKO_REGULAR 1 |
| #define | DAZUKO_DIRECTORY 2 |
| #define | DAZUKO_LINK 3 |
| #define | DPRINT(fmt) |
Functions | |
| int | xp_init_mutex (struct xp_mutex *mutex) |
| int | xp_down (struct xp_mutex *mutex) |
| int | xp_up (struct xp_mutex *mutex) |
| int | xp_destroy_mutex (struct xp_mutex *mutex) |
| int | xp_init_rwlock (struct xp_rwlock *rwlock) |
| int | xp_write_lock (struct xp_rwlock *rwlock) |
| int | xp_write_unlock (struct xp_rwlock *rwlock) |
| int | xp_read_lock (struct xp_rwlock *rlock) |
| int | xp_read_unlock (struct xp_rwlock *rlock) |
| int | xp_destroy_rwlock (struct xp_rwlock *rwlock) |
| int | xp_init_queue (struct xp_queue *queue) |
| int | xp_wait_until_condition (struct xp_queue *queue, int(*cfunction)(void *), void *cparam, int allow_interrupt) |
| int | xp_notify (struct xp_queue *queue) |
| int | xp_destroy_queue (struct xp_queue *queue) |
| void * | xp_malloc (size_t size) |
| int | xp_free (void *ptr) |
| int | xp_copyin (const void *user_src, void *kernel_dest, size_t size) |
| int | xp_copyout (const void *kernel_src, void *user_dest, size_t size) |
| int | xp_verify_user_writable (const void *user_ptr, size_t size) |
| int | xp_verify_user_readable (const void *user_ptr, size_t size) |
| int | xp_is_absolute_path (const char *path) |
| int | xp_atomic_set (struct xp_atomic *atomic, int value) |
| int | xp_atomic_inc (struct xp_atomic *atomic) |
| int | xp_atomic_dec (struct xp_atomic *atomic) |
| int | xp_atomic_read (struct xp_atomic *atomic) |
| int | xp_copy_file (struct xp_file *dest, struct xp_file *src) |
| int | xp_compare_file (struct xp_file *file1, struct xp_file *file2) |
| int | xp_sys_hook (void) |
| int | xp_sys_unhook (void) |
| int | xp_fill_file_struct (struct dazuko_file_struct *dfs) |
| int | xp_id_compare (struct xp_daemon_id *id1, struct xp_daemon_id *id2) |
| int | xp_id_free (struct xp_daemon_id *id) |
| xp_daemon_id * | xp_id_copy (struct xp_daemon_id *id) |
| int | xp_print (const char *fmt,...) |
| int | dazuko_vsnprintf (char *str, size_t size, const char *format, va_list ap) |
| int | dazuko_snprintf (char *str, size_t size, const char *format,...) |
| int | dazuko_is_our_daemon (struct xp_daemon_id *xp_id) |
| int | dazuko_get_value (const char *key, const char *string, char **value) |
| int | dazuko_unregister_daemon (struct xp_daemon_id *xp_id) |
| int | dazuko_handle_user_request (struct dazuko_request *user_request, struct xp_daemon_id *xp_id) |
| int | dazuko_handle_user_request_compat12 (void *ptr, int cmd, struct xp_daemon_id *xp_id) |
| int | dazuko_get_filename_length (char *filename) |
| void | dazuko_bzero (void *p, int len) |
| int | dazuko_sys_check (unsigned long event, int daemon_is_allowed, struct xp_daemon_id *xp_id) |
| int | dazuko_sys_pre (unsigned long event, struct dazuko_file_struct *kfs, struct xp_file *file, struct event_properties *event_p) |
| int | dazuko_sys_post (unsigned long event, struct dazuko_file_struct *kfs, struct xp_file *file, struct event_properties *event_p) |
| int | dazuko_init (void) |
| int | dazuko_exit (void) |
|
|
Definition at line 45 of file dazuko_xp.h. Referenced by dazuko_handle_request(), and dazuko_set_option(). |
|
|
Definition at line 44 of file dazuko_xp.h. Referenced by dazuko_handle_request(), and dazuko_set_option(). |
|
|
Definition at line 58 of file dazuko_xp.h. Referenced by dazuko_get_an_access(), and dazuko_state_error(). |
|
|
Definition at line 63 of file dazuko_xp.h. |
|
|
Definition at line 57 of file dazuko_xp.h. Referenced by dazuko_return_access(), and dazuko_run_daemon_on_slotlist(). |
|
|
Definition at line 53 of file dazuko_xp.h. Referenced by __dazuko_change_slot_state(), _dazuko_unregister_daemon(), dazuko_register_daemon(), and dazuko_run_daemon_on_slotlist(). |
|
|
Definition at line 64 of file dazuko_xp.h. |
|
|
Definition at line 61 of file dazuko_xp.h. |
|
|
Definition at line 54 of file dazuko_xp.h. Referenced by __dazuko_change_slot_state(), dazuko_get_an_access(), and dazuko_get_and_hold_ready_slot(). |
|
|
Definition at line 62 of file dazuko_xp.h. |
|
|
Definition at line 55 of file dazuko_xp.h. Referenced by dazuko_get_an_access(), dazuko_get_and_hold_ready_slot(), and dazuko_run_daemon_on_slotlist(). |
|
|
Definition at line 56 of file dazuko_xp.h. Referenced by dazuko_get_an_access(), dazuko_handle_user_request_compat12(), dazuko_return_access(), and dazuko_run_daemon_on_slotlist(). |
|
|
|
Definition at line 49 of file dazuko_xp.h. Referenced by dazuko_handle_request(). |
|
|
Definition at line 46 of file dazuko_xp.h. Referenced by dazuko_handle_request(), dazuko_handle_user_request_compat12(), and dazuko_set_option(). |
|
|
Definition at line 47 of file dazuko_xp.h. Referenced by dazuko_handle_request(), and dazuko_set_option(). |
|
|
Definition at line 50 of file dazuko_xp.h. Referenced by dazuko_handle_request(). |
|
|
Definition at line 43 of file dazuko_xp.h. Referenced by dazuko_handle_request(), and dazuko_set_option(). |
|
|
Definition at line 48 of file dazuko_xp.h. Referenced by dazuko_handle_request(), and dazuko_set_option(). |
|
|
Definition at line 38 of file dazuko_xp.h. Referenced by dazuko_exit(), and dazuko_init(). |
|
||||||||||||
|
Definition at line 273 of file dazuko_xp.c. Referenced by dazuko_clear_replybuffer(), dazuko_init(), dazuko_is_selected(), dazuko_register_daemon(), dazuko_run_daemon_on_slotlist(), linux_dazuko_device_read(), rsbac_adf_request_daz(), and rsbac_adf_set_attr_daz(). 00274 {
00275 /* "zero out" len bytes starting with p */
00276
00277 char *ptr = (char *)p;
00278
00279 while (len--)
00280 *ptr++ = 0;
00281 }
|
|
|
|
Definition at line 2499 of file dazuko_xp.c. Referenced by xp_fill_file_struct(). 02500 {
02501 int len;
02502
02503 for (len=0 ; filename[len] ; len++);
02504
02505 return len;
02506 }
|
|
||||||||||||||||
|
Definition at line 1141 of file dazuko_xp.c. References call_xp_malloc(), dazuko_strlen(), dazuko_strstr(), and NULL. Referenced by dazuko_handle_request(), and linux_dazuko_device_write(). 01142 {
01143 const char *p1;
01144 const char *p2;
01145 int size;
01146
01147 if (value == NULL)
01148 return -1;
01149
01150 *value = NULL;
01151
01152 if (key == NULL || string == NULL)
01153 return -1;
01154
01155 p1 = dazuko_strstr(string, key);
01156 if (p1 == NULL)
01157 return -1;
01158
01159 p1 += dazuko_strlen(key);
01160
01161 for (p2=p1 ; *p2 && *p2!='\n' ; p2++)
01162 continue;
01163
01164 size = (p2 - p1) + 1;
01165 *value = call_xp_malloc(size);
01166 if (*value == NULL)
01167 return -1;
01168
01169 memcpy(*value, p1, size - 1);
01170 (*value)[size - 1] = 0;
01171
01172 return 0;
01173 }
|
|
||||||||||||
|
Definition at line 1653 of file dazuko_xp.c. References dazuko_request::buffer, dazuko_request::buffer_size, call_xp_copyin(), call_xp_copyout(), call_xp_free(), call_xp_malloc(), dazuko_handle_request(), NULL, dazuko_request::reply_buffer, dazuko_request::reply_buffer_size, dazuko_request::reply_buffer_size_used, dazuko_request::type, XP_ERROR_FAULT, and XP_ERROR_PERMISSION. Referenced by linux_dazuko_device_write(). 01654 {
01655 int error = 0;
01656 struct dazuko_request *request;
01657 struct dazuko_request *temp_request;
01658
01659 if (user_request == NULL || xp_id == NULL)
01660 return XP_ERROR_FAULT;
01661
01662 /* allocate kernel request */
01663 request = (struct dazuko_request *)call_xp_malloc(sizeof(struct dazuko_request));
01664 if (request == NULL)
01665 return XP_ERROR_FAULT;
01666
01667 /* use out0 now */
01668
01669 /* allocate temp kernel request */
01670 temp_request = (struct dazuko_request *)call_xp_malloc(sizeof(struct dazuko_request));
01671 if (temp_request == NULL)
01672 {
01673 error = XP_ERROR_FAULT;
01674 goto dazuko_handle_user_request_out0;
01675 }
01676
01677 /* use out1 now */
01678
01679 /* copy in the request */
01680 if (call_xp_copyin(user_request, temp_request, sizeof(struct dazuko_request)) != 0)
01681 {
01682 error = XP_ERROR_FAULT;
01683 goto dazuko_handle_user_request_out1;
01684 }
01685
01686 memcpy(request->type, temp_request->type, sizeof(char[2]));
01687 request->buffer_size = temp_request->buffer_size;
01688
01689 /* sanity check */
01690 if (request->buffer_size < 0 || request->buffer_size > 8192)
01691 {
01692 error = XP_ERROR_FAULT;
01693 goto dazuko_handle_user_request_out1;
01694 }
01695
01696 request->reply_buffer_size = temp_request->reply_buffer_size;
01697
01698 /* sanity check */
01699 if (request->reply_buffer_size < 0 || request->reply_buffer_size > 8192)
01700 {
01701 error = XP_ERROR_PERMISSION;
01702 goto dazuko_handle_user_request_out1;
01703 }
01704
01705 /* allocate buffer */
01706 request->buffer = (char *)call_xp_malloc(request->buffer_size + 1);
01707 if (request->buffer == NULL)
01708 {
01709 error = XP_ERROR_FAULT;
01710 goto dazuko_handle_user_request_out1;
01711 }
01712
01713 /* use out2 now */
01714
01715 if (request->reply_buffer_size > 0)
01716 {
01717 /* allocate reply buffer */
01718 request->reply_buffer = (char *)call_xp_malloc(request->reply_buffer_size + 1);
01719 if (request->reply_buffer == NULL)
01720 {
01721 error = XP_ERROR_FAULT;
01722 goto dazuko_handle_user_request_out2;
01723 }
01724
01725 /* use out3 now */
01726
01727 request->reply_buffer_size_used = 0;
01728 }
01729
01730 /* copy the buffer from userspace to kernelspace */
01731 if (call_xp_copyin(temp_request->buffer, request->buffer, request->buffer_size) != 0)
01732 {
01733 error = XP_ERROR_FAULT;
01734 goto dazuko_handle_user_request_out3;
01735 }
01736
01737 request->buffer[request->buffer_size] = 0;
01738
01739 error = dazuko_handle_request(request, xp_id);
01740
01741 if (error == 0 && request->reply_buffer_size > 0)
01742 {
01743 request->reply_buffer[request->reply_buffer_size] = 0;
01744
01745 temp_request->reply_buffer_size_used = request->reply_buffer_size_used;
01746
01747 if (call_xp_copyout(temp_request, user_request, sizeof(struct dazuko_request)) != 0)
01748 {
01749 error = XP_ERROR_FAULT;
01750 goto dazuko_handle_user_request_out3;
01751 }
01752
01753 if (request->reply_buffer_size_used > 0)
01754 {
01755 if (call_xp_copyout(request->reply_buffer, temp_request->reply_buffer, request->reply_buffer_size_used) != 0)
01756 {
01757 error = XP_ERROR_FAULT;
01758 goto dazuko_handle_user_request_out3;
01759 }
01760 }
01761 }
01762
01763 dazuko_handle_user_request_out3:
01764 if (request->reply_buffer_size > 0)
01765 call_xp_free(request->reply_buffer);
01766 dazuko_handle_user_request_out2:
01767 call_xp_free(request->buffer);
01768 dazuko_handle_user_request_out1:
01769 call_xp_free(temp_request);
01770 dazuko_handle_user_request_out0:
01771 call_xp_free(request);
01772
01773 return error;
01774 }
|
|
||||||||||||||||
|
Definition at line 1776 of file dazuko_xp.c. References call_xp_copyin(), call_xp_copyout(), call_xp_free(), call_xp_id_copy(), call_xp_id_free(), call_xp_malloc(), call_xp_print, call_xp_up(), call_xp_verify_user_readable(), call_xp_verify_user_writable(), DAZUKO_FILENAME_MAX_LENGTH_COMPAT12, dazuko_get_an_access(), dazuko_register_daemon(), dazuko_return_access(), dazuko_set_option(), dazuko_state_error(), DAZUKO_WORKING, access_compat12::deny, slot::event, access_compat12::event, slot::event_p, access_compat12::filename, slot::filename, slot::filenamelength, event_properties::flags, IOCTL_GET_AN_ACCESS, IOCTL_RETURN_ACCESS, IOCTL_SET_OPTION, event_properties::mode, slot::mutex, NULL, access_compat12::o_flags, access_compat12::o_mode, event_properties::pid, access_compat12::pid, REGISTER, event_properties::uid, access_compat12::uid, daemon_id::unique, XP_ERROR_FAULT, XP_ERROR_INTERRUPT, XP_ERROR_INVALID, and daemon_id::xp_id. Referenced by linux_dazuko_device_ioctl(). 01777 {
01778 struct access_compat12 *user_request12;
01779 struct access_compat12 *temp_request12;
01780 int error = 0;
01781 struct slot *s;
01782 char *k_param;
01783 struct daemon_id did;
01784 int temp_length;
01785 int temp_int;
01786
01787 if (ptr == NULL || xp_id == NULL)
01788 return XP_ERROR_FAULT;
01789
01790 did.xp_id = call_xp_id_copy(xp_id);
01791 did.unique = -1;
01792
01793 switch (cmd)
01794 {
01795 case IOCTL_GET_AN_ACCESS:
01796 /* The daemon is requesting a filename of a file
01797 * to scan. This code will wait until a filename
01798 * is available, or until we should be killed.
01799 * (killing is done if any errors occur as well
01800 * as when the user kills us) */
01801
01802 user_request12 = (struct access_compat12 *)ptr;
01803
01804 error = call_xp_verify_user_writable(user_request12, sizeof(struct access_compat12));
01805 if (error)
01806 {
01807 error = XP_ERROR_FAULT;
01808 break;
01809 }
01810
01811 /* DOWN? */
01812 s = dazuko_get_an_access(&did);
01813
01814 if (s == NULL)
01815 {
01816 error = XP_ERROR_INTERRUPT;
01817 break;
01818 }
01819
01820 /* DOWN */
01821
01822 /* Slot IS in WORKING state. Copy all the
01823 * necessary information to userspace structure. */
01824
01825 if (s->filenamelength >= DAZUKO_FILENAME_MAX_LENGTH_COMPAT12)
01826 {
01827 /* filename length overflow :( */
01828
01829 s->filename[DAZUKO_FILENAME_MAX_LENGTH_COMPAT12 - 1] = 0;
01830 temp_length = DAZUKO_FILENAME_MAX_LENGTH_COMPAT12;
01831 }
01832 else
01833 {
01834 temp_length = s->filenamelength + 1;
01835 }
01836
01837 temp_request12 = (struct access_compat12 *)call_xp_malloc(sizeof(struct access_compat12));
01838 if (temp_request12 == NULL)
01839 {
01840 error = XP_ERROR_FAULT;
01841 }
01842 else if (call_xp_copyin(user_request12, temp_request12, sizeof(struct access_compat12)) != 0)
01843 {
01844 error = XP_ERROR_FAULT;
01845 }
01846
01847 if (error == 0)
01848 {
01849 temp_request12->event = s->event;
01850 temp_request12->o_flags = s->event_p.flags;
01851 temp_request12->o_mode = s->event_p.mode;
01852 temp_request12->uid = s->event_p.uid;
01853 temp_request12->pid = s->event_p.pid;
01854 memcpy(temp_request12->filename, s->filename, temp_length);
01855
01856 if (call_xp_copyout(temp_request12, user_request12, sizeof(struct access_compat12)) != 0)
01857 {
01858 error = XP_ERROR_FAULT;
01859 }
01860 }
01861
01862 call_xp_up(&(s->mutex));
01863 /* UP */
01864
01865 if (error)
01866 {
01867 dazuko_state_error(s, DAZUKO_WORKING);
01868 }
01869
01870 if (temp_request12 != NULL)
01871 {
01872 call_xp_free(temp_request12);
01873 }
01874
01875 break;
01876
01877 case IOCTL_RETURN_ACCESS:
01878 /* The daemon has finished scanning a file
01879 * and has the response to give. The daemon's
01880 * slot should be in the WORKING state. */
01881
01882 user_request12 = (struct access_compat12 *)ptr;
01883
01884 error = call_xp_verify_user_readable(user_request12, sizeof(struct access_compat12));
01885 if (error)
01886 {
01887 error = XP_ERROR_FAULT;
01888 break;
01889 }
01890
01891 temp_request12 = (struct access_compat12 *)call_xp_malloc(sizeof(struct access_compat12));
01892 if (temp_request12 == NULL)
01893 {
01894 error = XP_ERROR_FAULT;
01895 break;
01896 }
01897
01898 if (call_xp_copyin(user_request12, temp_request12, sizeof(struct access_compat12)) != 0)
01899 {
01900 error = XP_ERROR_FAULT;
01901 }
01902
01903 temp_int = temp_request12->deny;
01904
01905 call_xp_free(temp_request12);
01906
01907 error = dazuko_return_access(&did, temp_int, NULL);
01908 break;
01909
01910 case IOCTL_SET_OPTION:
01911 /* The daemon wants to set a configuration
01912 * option in the kernel. */
01913
01914 error = call_xp_verify_user_readable(ptr, 2*sizeof(int));
01915 if (error)
01916 {
01917 error = XP_ERROR_FAULT;
01918 break;
01919 }
01920
01921 /* copy option type from userspace */
01922 if (call_xp_copyin(ptr, &temp_int, sizeof(int)) != 0)
01923 {
01924 error = XP_ERROR_FAULT;
01925 break;
01926 }
01927
01928 ptr = ((char *)ptr + sizeof(int));
01929
01930 /* copy path length from userspace */
01931 if (call_xp_copyin(ptr, &temp_length, sizeof(int)) != 0)
01932 {
01933 error = XP_ERROR_FAULT;
01934 break;
01935 }
01936
01937 /* sanity check */
01938 if (temp_length < 0 || temp_length > 4096)
01939 {
01940 error = XP_ERROR_INVALID;
01941 break;
01942 }
01943
01944 ptr = ((char *)ptr + sizeof(int));
01945
01946 error = call_xp_verify_user_readable(ptr, temp_length);
01947 if (error)
01948 {
01949 error = XP_ERROR_FAULT;
01950 break;
01951 }
01952
01953 k_param = (char *)call_xp_malloc(temp_length + 1);
01954 if (k_param == NULL)
01955 {
01956 error = XP_ERROR_FAULT;
01957 break;
01958 }
01959
01960 /* We must copy the param from userspace to kernelspace. */
01961
01962 if (call_xp_copyin(ptr, k_param, temp_length) != 0)
01963 {
01964 call_xp_free(k_param);
01965 error = XP_ERROR_FAULT;
01966 break;
01967 }
01968
01969 k_param[temp_length] = 0;
01970
01971 if (temp_int == REGISTER)
01972 error = dazuko_register_daemon(&did, k_param, temp_length, 1);
01973 else
01974 error = dazuko_set_option(&did, temp_int, k_param, temp_length);
01975
01976 call_xp_free(k_param);
01977
01978 break;
01979
01980 default:
01981 call_xp_print("dazuko: daemon requested unknown device_ioctl %d (possible bug)\n", cmd);
01982
01983 break;
01984 }
01985
01986 call_xp_id_free(did.xp_id);
01987
01988 return error;
01989 }
|
|
|
|
Definition at line 2218 of file dazuko_xp.c. References call_xp_id_copy(), call_xp_id_free(), dazuko_find_slot(), NULL, daemon_id::unique, and daemon_id::xp_id. Referenced by dazuko_sys_check(). 02219 {
02220 /* Check if the current process is one
02221 * of the daemons. */
02222
02223 struct daemon_id did;
02224 int ret;
02225
02226 did.xp_id = call_xp_id_copy(xp_id);
02227 did.unique = -1;
02228
02229 ret = (dazuko_find_slot(&did, 1, NULL) != NULL);
02230
02231 call_xp_id_free(did.xp_id);
02232
02233 return ret;
02234 }
|
|
||||||||||||||||||||
|
Definition at line 261 of file dazuko_xp.c. References dazuko_vsnprintf(). Referenced by dazuko_add_esc_to_replybuffer(), and linux_dazuko_device_read(). 00262 {
00263 va_list ap;
00264 int ret;
00265
00266 va_start(ap, format);
00267 ret = dazuko_vsnprintf(str, size, format, ap);
00268 va_end(ap);
00269
00270 return ret;
00271 }
|
|
||||||||||||||||
|
Definition at line 2563 of file dazuko_xp.c. References access_mask, call_xp_atomic_read(), dazuko_is_our_daemon(), DAZUKO_ON_CLOSE, DAZUKO_ON_OPEN, SCAN_ON_CLOSE, SCAN_ON_CLOSE_MODIFIED, and SCAN_ON_OPEN. Referenced by rsbac_adf_request_daz(), and rsbac_adf_set_attr_daz(). 02564 {
02565 /* is this event in our mask? */
02566 switch (event)
02567 {
02568 case DAZUKO_ON_OPEN:
02569 /* this is a special case because the on_close information needs
02570 * to be saved during the on_open event */
02571
02572 if ((SCAN_ON_OPEN || SCAN_ON_CLOSE || SCAN_ON_CLOSE_MODIFIED) == 0)
02573 return -1;
02574 break;
02575
02576 case DAZUKO_ON_CLOSE:
02577 /* will need to scan if ON_CLOSE_MODIFIED is in the mask too */
02578
02579 if ((SCAN_ON_CLOSE || SCAN_ON_CLOSE_MODIFIED) == 0)
02580 return -1;
02581 break;
02582
02583 default:
02584 if ((access_mask & event) == 0)
02585 return -1;
02586 break;
02587 }
02588
02589 /* do we have any daemons? */
02590 if (call_xp_atomic_read(&active) <= 0)
02591 return -1;
02592
02593 /* should daemons be allowed this event without a scan? */
02594 if (daemon_is_allowed)
02595 {
02596 if (dazuko_is_our_daemon(xp_id))
02597 {
02598 /* this is one of our daemons, so we will report as
02599 * as if this event was not in the mask */
02600
02601 return -1;
02602 }
02603 }
02604
02605 return 0;
02606 }
|
|
||||||||||||||||||||
|
Definition at line 2726 of file dazuko_xp.c. References call_xp_atomic_read(), call_xp_free(), dazuko_add_hash(), dazuko_get_hash(), dazuko_mark_hash_dirty(), DAZUKO_ON_CLOSE, DAZUKO_ON_CLOSE_MODIFIED, DAZUKO_ON_OPEN, dazuko_run_daemon(), dazuko_should_scan(), hash::dirty, hash::name, hash::namelen, NULL, SCAN_ON_CLOSE, SCAN_ON_CLOSE_MODIFIED, and SCAN_ON_OPEN. Referenced by rsbac_adf_set_attr_daz(). 02727 {
02728 struct hash *h = NULL;
02729
02730 switch (event)
02731 {
02732 case DAZUKO_ON_OPEN: /* kfs,file required */
02733 /* if the file was opened and we are interested
02734 * in scanning on close, add this file to our struct hash list */
02735
02736 if ((call_xp_atomic_read(&active) > 0) && file != NULL && kfs != NULL)
02737 {
02738 if (SCAN_ON_OPEN || SCAN_ON_CLOSE || SCAN_ON_CLOSE_MODIFIED)
02739 {
02740 /* make sure we should scan this file */
02741 if (dazuko_should_scan(kfs))
02742 {
02743 /* hash is added if we were given an xp_file */
02744 if (file != NULL)
02745 dazuko_add_hash(file, kfs->filename, kfs->filename_length);
02746
02747 /* this is a fallback in case we didn't process the event in "sys_pre" */
02748 dazuko_run_daemon(event, kfs->filename, kfs->filename_length, event_p, &(kfs->file_p));
02749 }
02750 }
02751 }
02752 break;
02753
02754 case DAZUKO_ON_CLOSE: /* file,o_flags,o_mode,pid,uid required */
02755 if (file != NULL)
02756 {
02757 /* find hash entry and remove it from list */
02758 h = dazuko_get_hash(file);
02759
02760 /* if we found the file in our list and the file was
02761 * successfully closed, we need to scan it */
02762 if (h != NULL)
02763 {
02764 /* determine if we are scanning on close or close_modified */
02765
02766 /* note that close_modified has priority over just close */
02767
02768 if (SCAN_ON_CLOSE_MODIFIED && h->dirty)
02769 dazuko_run_daemon(DAZUKO_ON_CLOSE_MODIFIED, h->name, h->namelen, event_p, NULL);
02770 else if (SCAN_ON_CLOSE)
02771 dazuko_run_daemon(DAZUKO_ON_CLOSE, h->name, h->namelen, event_p, NULL);
02772
02773 /* clean up the struct hash structure */
02774 call_xp_free(h);
02775 }
02776 }
02777 else
02778 {
02779 if (SCAN_ON_CLOSE)
02780 {
02781 if (dazuko_should_scan(kfs))
02782 {
02783 dazuko_run_daemon(DAZUKO_ON_CLOSE, kfs->filename, kfs->filename_length, event_p, &(kfs->file_p));
02784 }
02785 }
02786 }
02787 break;
02788
02789 case DAZUKO_ON_CLOSE_MODIFIED: /* file required */
02790 if (file != NULL)
02791 {
02792 /* if we actually wrote something and we found the
02793 * file in our list, set it as dirty */
02794
02795 /* Swade 4/24/02: Move to end of clean list */
02796 dazuko_mark_hash_dirty(file);
02797 }
02798 break;
02799
02800 default:
02801 break;
02802 }
02803
02804 return 0;
02805 }
|
|
||||||||||||||||||||
|
Definition at line 2608 of file dazuko_xp.c. References call_xp_compare_file(), call_xp_malloc(), call_xp_print, call_xp_read_lock(), call_xp_read_unlock(), DAZUKO_ON_CLOSE, DAZUKO_ON_CLOSE_MODIFIED, DAZUKO_ON_OPEN, dazuko_run_daemon(), dazuko_should_scan(), dazuko_file_struct::extra_data, hash::file, dazuko_file_struct::filename, dazuko_file_struct::filename_length, hash::name, hash::namelen, hash::next, NULL, SCAN_ON_OPEN, dazuko_file_struct::should_scan, XP_ERROR_INTERRUPT, and XP_ERROR_PERMISSION. Referenced by rsbac_adf_request_daz(). 02609 {
02610 /* return codes:
02611 * >0 -> access should be blocked
02612 * <0 -> access should be blocked (because user interrupted)
02613 * 0 -> access is allowed
02614 */
02615
02616 int error = 0;
02617 struct hash *h = NULL;
02618
02619 switch (event)
02620 {
02621 case DAZUKO_ON_OPEN:
02622 /* special case, because this pre may be called
02623 * in order to record ON_CLOSE events (in post) */
02624
02625 if (!SCAN_ON_OPEN)
02626 return 0;
02627 break;
02628
02629 case DAZUKO_ON_CLOSE:
02630 /* handled in post */
02631
02632 return 0;
02633
02634 case DAZUKO_ON_CLOSE_MODIFIED:
02635 /* (this is really sys_write) always permitted */
02636
02637 return 0;
02638
02639 default:
02640 break;
02641 }
02642
02643 if (kfs == NULL)
02644 {
02645 /* kfs is required */
02646
02647 call_xp_print("dazuko: kfs=NULL (possible bug)\n");
02648
02649 return XP_ERROR_PERMISSION;
02650 }
02651
02652 if (file != NULL)
02653 {
02654 /* we search for the file descriptor first */
02655
02656 /* LOCK */
02657 call_xp_read_lock(&lock_hash);
02658
02659 for (h=hash ; h ; h=h->next)
02660 {
02661 if (call_xp_compare_file(&(h->file), file) == 0)
02662 {
02663 /* we found the file descriptor */
02664
02665 kfs->filename = (char*)call_xp_malloc(h->namelen + 1);
02666 if (kfs->filename != NULL)
02667 {
02668 memcpy(kfs->filename, h->name, h->namelen);
02669 kfs->filename[h->namelen] = 0;
02670 kfs->filename_length = h->namelen;
02671 kfs->should_scan = 1;
02672 }
02673 else
02674 {
02675 /* error allocating, so we get out */
02676 h = NULL;
02677 }
02678 break;
02679 }
02680 }
02681
02682 call_xp_read_unlock(&lock_hash);
02683 /* UNLOCK */
02684
02685 if (h == NULL && kfs->extra_data == NULL)
02686 {
02687 /* we don't know this file descriptor
02688 * and we cannot fallback on name lookups
02689 */
02690
02691 /* we should not scan this file */
02692 kfs->should_scan = 2;
02693
02694 return 0;
02695 }
02696 }
02697
02698 /* make sure we should scan this file */
02699 if (dazuko_should_scan(kfs))
02700 {
02701 error = dazuko_run_daemon(event, kfs->filename, kfs->filename_length, event_p, &(kfs->file_p));
02702 }
02703
02704 if (error > 0)
02705 {
02706 /* access will be blocked */
02707
02708 /* dazuko_sys_post should NOT be called! */
02709
02710 return XP_ERROR_PERMISSION;
02711 }
02712 else if (error < 0)
02713 {
02714 /* user interrupted */
02715
02716 /* dazuko_sys_post should NOT be called! */
02717
02718 return XP_ERROR_INTERRUPT;
02719 }
02720
02721 /* access allowed */
02722
02723 return 0;
02724 }
|
|
|
Definition at line 705 of file dazuko_xp.c. References _dazuko_unregister_daemon(), call_xp_id_copy(), call_xp_id_free(), NULL, daemon_id::unique, and daemon_id::xp_id. Referenced by linux_dazuko_device_release(). 00706 {
00707 struct daemon_id did;
00708 int ret;
00709
00710 if (xp_id == NULL)
00711 return 0;
00712
00713 did.unique = -1;
00714 did.xp_id = call_xp_id_copy(xp_id);
00715
00716 ret = _dazuko_unregister_daemon(&did);
00717
00718 call_xp_id_free(did.xp_id);
00719
00720 return ret;
00721 }
|
|
||||||||||||||||||||
|
Definition at line 149 of file dazuko_xp.c. References DAZUKO_VSNPRINTF_PRINTSTRING, and NULL. Referenced by dazuko_snprintf(), and xp_print(). 00150 {
00151 char *target;
00152 const char *end;
00153 int overflow = 0;
00154 char number_buffer[32]; /* 32 should be enough to hold any number, right? */
00155 const char *s;
00156
00157 if (str == NULL || size < 1 || format == NULL)
00158 return -1;
00159
00160 target = str;
00161 end = (target + size) - 1;
00162
00163 #define DAZUKO_VSNPRINTF_PRINTSTRING \
00164 for ( ; *s ; s++) \
00165 { \
00166 if (target == end) \
00167 { \
00168 overflow = 1; \
00169 goto dazuko_vsnprintf_out; \
00170 } \
00171 *target = *s; \
00172 target++; \
00173 }
00174
00175 for ( ; *format ; format++)
00176 {
00177 if (target == end)
00178 {
00179 overflow = 1;
00180 goto dazuko_vsnprintf_out;
00181 }
00182
00183 if (*format == '%')
00184 {
00185 format++;
00186
00187 switch (*format)
00188 {
00189 case 's': /* %s */
00190 s = va_arg(ap, char *);
00191 if (s == NULL)
00192 s = "(null)";
00193 DAZUKO_VSNPRINTF_PRINTSTRING
00194 break;
00195
00196 case 'd': /* %d */
00197 sprintf(number_buffer, "%d", va_arg(ap, int));
00198 s = number_buffer;
00199 DAZUKO_VSNPRINTF_PRINTSTRING
00200 break;
00201
00202 case 'c': /* %c */
00203 *target = va_arg(ap, int);
00204 target++;
00205 break;
00206
00207 case 'l': /* %lu */
00208 format++;
00209 if (*format != 'u')
00210 {
00211 /* print error message */
00212 goto dazuko_vsnprintf_out;
00213 }
00214 sprintf(number_buffer, "%lu", va_arg(ap, unsigned long));
00215 s = number_buffer;
00216 DAZUKO_VSNPRINTF_PRINTSTRING
00217 break;
00218
00219 case '0': /* %02x */
00220 format++;
00221 if (*format != '2')
00222 {
00223 /* print error message */
00224 goto dazuko_vsnprintf_out;
00225 }
00226 format++;
00227 if (*format != 'x')
00228 {
00229 /* print error message */
00230 goto dazuko_vsnprintf_out;
00231 }
00232 sprintf(number_buffer, "%02x", va_arg(ap, int));
00233 s = number_buffer;
00234 DAZUKO_VSNPRINTF_PRINTSTRING
00235 break;
00236
00237 default:
00238 /* print error message */
00239 goto dazuko_vsnprintf_out;
00240 }
00241 }
00242 else
00243 {
00244 *target = *format;
00245 target++;
00246 }
00247 }
00248
00249 dazuko_vsnprintf_out:
00250
00251 *target = 0;
00252
00253 /* We are returning what we've written. If there was an
00254 * overflow, the returned value will match "size" rather
00255 * than being less than "size"
00256 */
00257
00258 return ((target - str) + overflow);
00259 }
|
|
|
Definition at line 302 of file daz_main.c. References xp_atomic::atomic. 00303 {
00304 #if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,0)
00305 #ifdef MODULE
00306 if (atomic == &active)
00307 MOD_DEC_USE_COUNT;
00308 #endif
00309 #endif
00310
00311 atomic_dec(&(atomic->atomic));
00312 return 0;
00313 }
|
|
|
Definition at line 289 of file daz_main.c. References xp_atomic::atomic. 00290 {
00291 #if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,0)
00292 #ifdef MODULE
00293 if (atomic == &active)
00294 MOD_INC_USE_COUNT;
00295 #endif
00296 #endif
00297
00298 atomic_inc(&(atomic->atomic));
00299 return 0;
00300 }
|
|
|
Definition at line 315 of file daz_main.c. References xp_atomic::atomic. 00316 {
00317 return atomic_read(&(atomic->atomic));
00318 }
|
|
||||||||||||
|
Definition at line 283 of file daz_main.c. References xp_atomic::atomic. 00284 {
00285 atomic_set(&(atomic->atomic), value);
00286 return 0;
00287 }
|
|
||||||||||||
|
Definition at line 328 of file daz_main.c. 00329 {
00330 return 0;
00331 }
|
|
||||||||||||
|
Definition at line 323 of file daz_main.c. 00324 {
00325 return 0;
00326 }
|
|
||||||||||||||||
|
Definition at line 252 of file daz_main.c. 00253 {
00254 return copy_from_user(kernel_dest, user_src, size);
00255 }
|
|
||||||||||||||||
|
Definition at line 257 of file daz_main.c. 00258 {
00259 return copy_to_user(user_dest, kernel_src, size);
00260 }
|
|
|
Definition at line 159 of file daz_main.c. 00160 {
00161 return 0;
00162 }
|
|
|
Definition at line 233 of file daz_main.c. 00234 {
00235 return 0;
00236 }
|
|
|
Definition at line 197 of file daz_main.c. 00198 {
00199 return 0;
00200 }
|
|
|
Definition at line 147 of file daz_main.c. References xp_mutex::mutex. 00148 {
00149 down(&(mutex->mutex));
00150 return 0;
00151 }
|
|
|
Definition at line 333 of file daz_main.c. References dazuko_get_filename_length(), xp_file_struct::dentry, file_properties::device_type, dazuko_file_struct::extra_data, dazuko_file_struct::file_p, dazuko_file_struct::filename, dazuko_file_struct::filename_length, xp_file_struct::free_full_filename, xp_file_struct::full_filename, xp_file_struct::full_filename_length, file_properties::gid, file_properties::mode, NULL, rsbac_get_full_path(), rsbac_get_full_path_length(), file_properties::set_device_type, file_properties::set_gid, file_properties::set_mode, file_properties::set_size, file_properties::set_uid, file_properties::size, file_properties::uid, and xp_malloc(). 00334 {
00335 int length;
00336
00337 /* make sure we have access to everything */
00338
00339 if (dfs == NULL)
00340 return -1;
00341
00342 if (dfs->extra_data == NULL)
00343 return -1;
00344
00345 if (dfs->extra_data->dentry == NULL)
00346 return -1;
00347
00348 if (dfs->extra_data->dentry->d_inode == NULL)
00349 return -1;
00350
00351 /* ok, we have everything we need */
00352
00353 length = rsbac_get_full_path_length(dfs->extra_data->dentry);
00354 if (length < 1)
00355 return -1;
00356
00357 dfs->extra_data->full_filename = xp_malloc(length + 1);
00358 if (dfs->extra_data->full_filename == NULL)
00359 return -1;
00360
00361 /* the full_filename will need to be deleted later */
00362 dfs->extra_data->free_full_filename = 1;
00363
00364 if (rsbac_get_full_path(dfs->extra_data->dentry, dfs->extra_data->full_filename, length + 1) < 1)
00365 return -1;
00366
00367 /* find the actual value of the length */
00368 dfs->extra_data->full_filename_length = dazuko_get_filename_length(dfs->extra_data->full_filename);
00369
00370 /* reference copy of full path */
00371 dfs->filename = dfs->extra_data->full_filename;
00372
00373 dfs->filename_length = dfs->extra_data->full_filename_length;
00374
00375 dfs->file_p.size = dfs->extra_data->dentry->d_inode->i_size;
00376 dfs->file_p.set_size = 1;
00377 dfs->file_p.uid = dfs->extra_data->dentry->d_inode->i_uid;
00378 dfs->file_p.set_uid = 1;
00379 dfs->file_p.gid = dfs->extra_data->dentry->d_inode->i_gid;
00380 dfs->file_p.set_gid = 1;
00381 dfs->file_p.mode = dfs->extra_data->dentry->d_inode->i_mode;
00382 dfs->file_p.set_mode = 1;
00383 #if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,0)
00384 dfs->file_p.device_type = dfs->extra_data->dentry->d_inode->i_dev;
00385 #else
00386 dfs->file_p.device_type = dfs->extra_data->dentry->d_inode->i_rdev;
00387 #endif
00388 dfs->file_p.set_device_type = 1;
00389
00390 return 0;
00391 }
|
|
|
Definition at line 246 of file daz_main.c. 00247 {
00248 kfree(ptr);
00249 return 0;
00250 }
|
|
||||||||||||
|
Definition at line 419 of file daz_main.c. References xp_daemon_id::file, NULL, and xp_daemon_id::pid. 00420 {
00421 if (id1 == NULL || id2 == NULL)
00422 return -1;
00423
00424 /* if file's are available and they match,
00425 * then we say that the id's match */
00426 if (id1->file != NULL && id1->file == id2->file)
00427 return 0;
00428
00429 if (id1->pid == id2->pid)
00430 return 0;
00431
00432 return 1;
00433 }
|
|
|
Definition at line 442 of file daz_main.c. References xp_daemon_id::file, NULL, xp_daemon_id::pid, and xp_malloc(). 00443 {
00444 struct xp_daemon_id *ptr;
00445
00446 if (id == NULL)
00447 return NULL;
00448
00449 ptr = (struct xp_daemon_id *)xp_malloc(sizeof(struct xp_daemon_id));
00450
00451 if (ptr != NULL)
00452 {
00453 ptr->pid = id->pid;
00454 ptr->file = id->file;
00455 }
00456
00457 return ptr;
00458 }
|
|
|
Definition at line 435 of file daz_main.c. References xp_free(). 00436 {
00437 xp_free(id);
00438
00439 return 0;
00440 }
|
|
|
Definition at line 136 of file daz_main.c. References xp_mutex::mutex. 00137 {
00138 #ifdef init_MUTEX
00139 init_MUTEX(&(mutex->mutex));
00140 #else
00141 sema_init(&(mutex->mutex), 1);
00142 #endif
00143
00144 return 0;
00145 }
|
|
|
Definition at line 205 of file daz_main.c. References xp_queue::queue. 00206 {
00207 init_waitqueue_head(&(queue->queue));
00208 return 0;
00209 }
|
|
|
Definition at line 167 of file daz_main.c. References xp_rwlock::rwlock. 00168 {
00169 rwlock_init(&(rwlock->rwlock));
00170 return 0;
00171 }
|
|
|
Definition at line 275 of file daz_main.c. 00276 {
00277 return (path[0] == '/');
00278 }
|
|
|
Definition at line 241 of file daz_main.c. References rsbac_kmalloc(). 00242 {
00243 return rsbac_kmalloc(size);
00244 }
|
|
|
Definition at line 227 of file daz_main.c. References xp_queue::queue. 00228 {
00229 wake_up(&(queue->queue));
00230 return 0;
00231 }
|
|
||||||||||||
|
Definition at line 522 of file daz_main.c. References dazuko_vsnprintf(), rsbac_printk(), xp_free(), and xp_malloc(). 00523 {
00524 va_list args;
00525 char *p;
00526 size_t size = 1024;
00527
00528 p = (char *)xp_malloc(size);
00529 if (!p)
00530 return -1;
00531
00532 va_start(args, fmt);
00533 dazuko_vsnprintf(p, size-1, fmt, args);
00534 va_end(args);
00535
00536 p[size-1] = 0;
00537
00538 rsbac_printk(p);
00539
00540 xp_free(p);
00541
00542 return 0;
00543 }
|
|
|
Definition at line 185 of file daz_main.c. References xp_rwlock::rwlock. 00186 {
00187 read_lock(&(rlock->rwlock));
00188 return 0;
00189 }
|
|
|
Definition at line 191 of file daz_main.c. References xp_rwlock::rwlock. 00192 {
00193 read_unlock(&(rlock->rwlock));
00194 return 0;
00195 }
|
|
|
Definition at line 463 of file daz_main.c. References dev_major, DEVICE_NAME, fops, NULL, and xp_print(). 00464 {
00465 /* Called insmod when inserting the module. */
00466
00467 /* register the dazuko device */
00468 #if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,0)
00469 dev_major = register_chrdev(CONFIG_RSBAC_DAZ_DEV_MAJOR, DEVICE_NAME, &fops);
00470
00471 devfs_mk_cdev(MKDEV(dev_major, CONFIG_RSBAC_DAZ_DEV_MAJOR), S_IFCHR | S_IRUSR | S_IWUSR, DEVICE_NAME);
00472 #else
00473 #ifdef CONFIG_DEVFS_FS
00474 dev_major = devfs_register_chrdev(CONFIG_RSBAC_DAZ_DEV_MAJOR, DEVICE_NAME, &fops);
00475 devfs_register(NULL, DEVICE_NAME, DEVFS_FL_DEFAULT,
00476 dev_major, 0, S_IFCHR | S_IRUSR | S_IWUSR,
00477 &fops, NULL);
00478 #else
00479 dev_major = register_chrdev(CONFIG_RSBAC_DAZ_DEV_MAJOR, DEVICE_NAME, &fops);
00480 #endif
00481 #endif
00482 if (dev_major < 0)
00483 {
00484 xp_print("dazuko: unable to register device chrdev, err=%d\n", dev_major);
00485 return dev_major;
00486 }
00487
00488 /* initialization complete */
00489
00490 return 0;
00491 }
|
|
|
Definition at line 493 of file daz_main.c. References dev_major, DEVICE_NAME, NULL, and xp_print(). 00494 {
00495 /* Called by rmmod when removing the module. */
00496
00497 int error;
00498
00499 #if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,0)
00500 error = unregister_chrdev(dev_major, DEVICE_NAME);
00501
00502 devfs_remove(DEVICE_NAME);
00503 #else
00504 #ifdef CONFIG_DEVFS_FS
00505 error = devfs_unregister_chrdev(dev_major, DEVICE_NAME);
00506 devfs_unregister(devfs_find_handle(NULL, DEVICE_NAME, dev_major, 0, DEVFS_SPECIAL_CHR, 0));
00507 #else
00508 error = unregister_chrdev(dev_major, DEVICE_NAME);
00509 #endif
00510 #endif
00511 if (error < 0)
00512 {
00513 xp_print("dazuko: error unregistering chrdev, err=%d\n", error);
00514 }
00515
00516 return 0;
00517 }
|
|
|
Definition at line 153 of file daz_main.c. References xp_mutex::mutex. 00154 {
00155 up(&(mutex->mutex));
00156 return 0;
00157 }
|
|
||||||||||||
|
Definition at line 267 of file daz_main.c. 00268 {
00269 return 0;
00270 }
|
|
||||||||||||
|
Definition at line 262 of file daz_main.c. 00263 {
00264 return 0;
00265 }
|
|
||||||||||||||||||||
|
Definition at line 211 of file daz_main.c. References xp_queue::queue. 00212 {
00213 /* wait until cfunction(cparam) != 0 (condition is true) */
00214
00215 if (allow_interrupt)
00216 {
00217 return wait_event_interruptible(queue->queue, cfunction(cparam) != 0);
00218 }
00219 else
00220 {
00221 wait_event(queue->queue, cfunction(cparam) != 0);
00222 }
00223
00224 return 0;
00225 }
|
|
|
Definition at line 173 of file daz_main.c. References xp_rwlock::rwlock. 00174 {
00175 write_lock(&(rwlock->rwlock));
00176 return 0;
00177 }
|
|
|
Definition at line 179 of file daz_main.c. References xp_rwlock::rwlock. 00180 {
00181 write_unlock(&(rwlock->rwlock));
00182 return 0;
00183 }
|
1.4.2