#include <linux/string.h>#include <rsbac/aci.h>#include <rsbac/mac.h>#include <rsbac/adf_main.h>#include <rsbac/error.h>#include <rsbac/helpers.h>#include <rsbac/getname.h>#include <rsbac/debug.h>#include <rsbac/rkmem.h>Go to the source code of this file.
|
||||||||||||||||||||
|
Definition at line 1530 of file mac_main.c. References A_mac_categories, A_security_level, and auto_read_attr(). Referenced by rsbac_adf_request_mac(), and rsbac_adf_set_attr_mac(). 01534 {
01535 return auto_read_attr(pid,
01536 target,
01537 tid,
01538 A_security_level,
01539 A_mac_categories,
01540 set_level);
01541 }
|
|
||||||||||||||||||||||||||||
|
Definition at line 928 of file mac_main.c. References A_current_sec_level, A_mac_categories, A_mac_curr_categories, A_mac_file_flags, A_mac_process_flags, A_max_read_categories, A_max_read_open, A_min_write_categories, A_min_write_open, A_none, A_security_level, rsbac_attribute_value_t::current_sec_level, FALSE, get_target_name(), GRANTED, MAC, MAC_auto, rsbac_attribute_value_t::mac_categories, rsbac_attribute_value_t::mac_file_flags, MAC_override, rsbac_attribute_value_t::mac_process_flags, MAC_read_up, MAC_trusted, rsbac_attribute_value_t::max_read_open, NOT_GRANTED, rsbac_target_id_t::process, rsbac_get_attr, rsbac_kfree(), rsbac_kmalloc(), RSBAC_MAXNAMELEN, rsbac_printk(), rsbac_set_attr, rsbac_attribute_value_t::security_level, T_DIR, T_FIFO, T_FILE, T_PROCESS, T_SYMLINK, TRUE, and u64tostrmac(). Referenced by auto_read(), rsbac_adf_request_mac(), and rsbac_adf_set_attr_mac(). 00934 {
00935 rsbac_security_level_t curr_level;
00936 rsbac_mac_category_vector_t curr_categories;
00937 rsbac_security_level_t target_sec_level;
00938 rsbac_mac_category_vector_t target_categories;
00939 union rsbac_target_id_t i_tid;
00940 union rsbac_attribute_value_t attr_val1;
00941 union rsbac_attribute_value_t attr_val2;
00942 rsbac_mac_process_flags_t flags;
00943 rsbac_boolean_t mac_auto_used_level = FALSE;
00944 rsbac_boolean_t mac_auto_used_cat = FALSE;
00945 rsbac_boolean_t set_level_level = FALSE;
00946 rsbac_boolean_t set_level_cat = FALSE;
00947
00948 /* first check for mac_override, which allows everything */
00949 i_tid.process = pid;
00950 if (rsbac_get_attr(MAC,
00951 T_PROCESS,
00952 i_tid,
00953 A_mac_process_flags,
00954 &attr_val1,
00955 FALSE))
00956 { /* failed! */
00957 rsbac_ds_get_error("mac_auto_read", A_none);
00958 return(NOT_GRANTED);
00959 }
00960 flags = attr_val1.mac_process_flags;
00961 if(flags & MAC_override)
00962 return GRANTED;
00963
00964 /* Get current security level */
00965 if (rsbac_get_attr(MAC,
00966 T_PROCESS,
00967 i_tid,
00968 A_current_sec_level,
00969 &attr_val1,
00970 FALSE))
00971 { /* failed! */
00972 rsbac_ds_get_error("mac_auto_read", A_none);
00973 return(NOT_GRANTED);
00974 }
00975 curr_level = attr_val1.security_level;
00976 /* Get current categories */
00977 if (rsbac_get_attr(MAC,
00978 T_PROCESS,
00979 i_tid,
00980 A_mac_curr_categories,
00981 &attr_val1,
00982 FALSE))
00983 { /* failed! */
00984 rsbac_ds_get_error("mac_auto_read", A_none);
00985 return(NOT_GRANTED);
00986 }
00987 curr_categories = attr_val1.mac_categories;
00988 /* Get target security level */
00989 if (rsbac_get_attr(MAC,
00990 target,
00991 tid,
00992 t_level_attr,
00993 &attr_val1,
00994 TRUE))
00995 { /* failed! */
00996 rsbac_ds_get_error("mac_auto_read", A_none);
00997 return(NOT_GRANTED);
00998 }
00999 target_sec_level = attr_val1.security_level;
01000 /* Get target categories */
01001 if (rsbac_get_attr(MAC,
01002 target,
01003 tid,
01004 t_cat_attr,
01005 &attr_val1,
01006 TRUE))
01007 { /* failed! */
01008 rsbac_ds_get_error("mac_auto_read", A_none);
01009 return(NOT_GRANTED);
01010 }
01011 target_categories = attr_val1.mac_categories;
01012
01013 if(target_sec_level > curr_level)
01014 {
01015 if (rsbac_get_attr(MAC,
01016 T_PROCESS,
01017 i_tid,
01018 A_security_level,
01019 &attr_val1,
01020 FALSE))
01021 { /* failed! */
01022 rsbac_ds_get_error("mac_auto_read", A_none);
01023 return(NOT_GRANTED);
01024 }
01025 if(attr_val1.security_level < target_sec_level)
01026 {
01027 #ifdef CONFIG_RSBAC_DEBUG
01028 if(rsbac_debug_adf_mac)
01029 {
01030 rsbac_printk(KERN_DEBUG
01031 "mac_auto_read(): pid %u/%.15s: security_level %u under target_sec_level %u, no override -> NOT_GRANTED!\n",
01032 current->pid, current->comm,
01033 attr_val1.security_level, target_sec_level);
01034 }
01035 #endif
01036 return(NOT_GRANTED);
01037 }
01038 /* curr_level < target_level <= max_level -> need mac_auto, read_up or trusted (with read option) */
01039 if(flags & MAC_auto)
01040 {
01041 /* check min_write boundary */
01042 if (rsbac_get_attr(MAC,
01043 T_PROCESS,
01044 i_tid,
01045 A_min_write_open,
01046 &attr_val1,
01047 FALSE))
01048 { /* failed! */
01049 rsbac_ds_get_error("mac_auto_read", A_none);
01050 return(NOT_GRANTED);
01051 }
01052 if(attr_val1.security_level < target_sec_level)
01053 {
01054 if( !(flags & MAC_read_up)
01055 #ifdef CONFIG_RSBAC_MAC_TRUSTED_READ
01056 && !(flags & MAC_trusted)
01057 #endif
01058 )
01059 {
01060 /* Try mac_file_flags on the target, if FD object */
01061 switch(target)
01062 {
01063 case T_FILE:
01064 case T_DIR:
01065 case T_FIFO:
01066 case T_SYMLINK:
01067 if (rsbac_get_attr(MAC,
01068 target,
01069 tid,
01070 A_mac_file_flags,
01071 &attr_val1,
01072 TRUE))
01073 { /* failed! */
01074 rsbac_ds_get_error("mac_auto_read", A_none);
01075 return(NOT_GRANTED);
01076 }
01077 if( (attr_val1.mac_file_flags & MAC_read_up)
01078 #ifdef CONFIG_RSBAC_MAC_TRUSTED_READ
01079 || (attr_val1.mac_file_flags & MAC_trusted)
01080 #endif
01081 )
01082 {
01083 break;
01084 }
01085 /* fall through */
01086
01087 default:
01088 #ifdef CONFIG_RSBAC_DEBUG
01089 if(rsbac_debug_adf_mac)
01090 {
01091 rsbac_printk(KERN_DEBUG
01092 "mac_auto_read(): pid %u/%.15s: min_write_open %u under target_sec_level %u, no read_up or trusted -> NOT_GRANTED!\n",
01093 current->pid, current->comm,
01094 attr_val1.security_level, target_sec_level);
01095 }
01096 #endif
01097 return(NOT_GRANTED);
01098 }
01099 }
01100 }
01101 else
01102 {
01103 mac_auto_used_level = TRUE;
01104 set_level_level = TRUE;
01105 }
01106 }
01107 else
01108 {
01109 if( !(flags & MAC_read_up)
01110 #ifdef CONFIG_RSBAC_MAC_TRUSTED_READ
01111 && !(flags & MAC_trusted)
01112 #endif
01113 )
01114 {
01115 /* Try mac_file_flags on the target, if FD object */
01116 switch(target)
01117 {
01118 case T_FILE:
01119 case T_DIR:
01120 case T_FIFO:
01121 case T_SYMLINK:
01122 if (rsbac_get_attr(MAC,
01123 target,
01124 tid,
01125 A_mac_file_flags,
01126 &attr_val1,
01127 TRUE))
01128 { /* failed! */
01129 rsbac_ds_get_error("mac_auto_read", A_none);
01130 return(NOT_GRANTED);
01131 }
01132 if( (attr_val1.mac_file_flags & MAC_read_up)
01133 #ifdef CONFIG_RSBAC_MAC_TRUSTED_READ
01134 || (attr_val1.mac_file_flags & MAC_trusted)
01135 #endif
01136 )
01137 {
01138 break;
01139 }
01140 /* fall through */
01141
01142 default:
01143 #ifdef CONFIG_RSBAC_DEBUG
01144 if(rsbac_debug_adf_mac)
01145 {
01146 rsbac_printk(KERN_DEBUG
01147 "mac_auto_read(): pid %u/%.15s: current level %u under target_sec_level %u, no auto, read_up or trusted -> NOT_GRANTED!\n",
01148 current->pid, current->comm,
01149 curr_level, target_sec_level);
01150 }
01151 #endif
01152 return(NOT_GRANTED);
01153 }
01154 }
01155 }
01156 }
01157 else
01158 if(target_sec_level < curr_level)
01159 {
01160 if(flags & MAC_auto)
01161 {
01162 mac_auto_used_level = TRUE;
01163 }
01164 }
01165 if((target_categories & curr_categories) != target_categories)
01166 {
01167 if (rsbac_get_attr(MAC,
01168 T_PROCESS,
01169 i_tid,
01170 A_mac_categories,
01171 &attr_val1,
01172 FALSE))
01173 { /* failed! */
01174 rsbac_ds_get_error("mac_auto_read", A_none);
01175 return(NOT_GRANTED);
01176 }
01177 if((target_categories & attr_val1.mac_categories) != target_categories)
01178 {
01179 #ifdef CONFIG_RSBAC_DEBUG
01180 if(rsbac_debug_adf_mac)
01181 {
01182 char * tmp = rsbac_kmalloc(RSBAC_MAXNAMELEN);
01183
01184 if(tmp)
01185 {
01186 char * tmp2 = rsbac_kmalloc(RSBAC_MAXNAMELEN);
01187
01188 if(tmp2)
01189 {
01190 u64tostrmac(tmp, attr_val1.mac_categories);
01191 u64tostrmac(tmp2, target_categories);
01192 rsbac_printk(KERN_DEBUG
01193 "mac_auto_write(): pid %u/%.15s: max_categories %s under target categories %s, no override -> NOT_GRANTED!\n",
01194 current->pid, current->comm,
01195 tmp,
01196 tmp2);
01197 rsbac_kfree(tmp2);
01198 }
01199 rsbac_kfree(tmp);
01200 }
01201 }
01202 #endif
01203 return(NOT_GRANTED);
01204 }
01205 /* curr_categories < target_categories <= max_categories -> need mac_auto, read_up or trusted */
01206 if(flags & MAC_auto)
01207 {
01208 /* check min_write boundary */
01209 if (rsbac_get_attr(MAC,
01210 T_PROCESS,
01211 i_tid,
01212 A_min_write_categories,
01213 &attr_val1,
01214 FALSE))
01215 { /* failed! */
01216 rsbac_ds_get_error("mac_auto_read", A_none);
01217 return(NOT_GRANTED);
01218 }
01219 if((target_categories & attr_val1.mac_categories) != target_categories)
01220 {
01221 if( !(flags & MAC_read_up)
01222 #ifdef CONFIG_RSBAC_MAC_TRUSTED_READ
01223 && !(flags & MAC_trusted)
01224 #endif
01225 )
01226 {
01227 /* Try mac_file_flags on the target, if FD object */
01228 switch(target)
01229 {
01230 case T_FILE:
01231 case T_DIR:
01232 case T_FIFO:
01233 case T_SYMLINK:
01234 if (rsbac_get_attr(MAC,
01235 target,
01236 tid,
01237 A_mac_file_flags,
01238 &attr_val1,
01239 TRUE))
01240 { /* failed! */
01241 rsbac_ds_get_error("mac_auto_read", A_none);
01242 return(NOT_GRANTED);
01243 }
01244 if( (attr_val1.mac_file_flags & MAC_read_up)
01245 #ifdef CONFIG_RSBAC_MAC_TRUSTED_READ
01246 || (attr_val1.mac_file_flags & MAC_trusted)
01247 #endif
01248 )
01249 {
01250 break;
01251 }
01252 /* fall through */
01253
01254 default:
01255 #ifdef CONFIG_RSBAC_DEBUG
01256 if(rsbac_debug_adf_mac)
01257 {
01258 char * tmp = rsbac_kmalloc(RSBAC_MAXNAMELEN);
01259
01260 if(tmp)
01261 {
01262 char * tmp2 = rsbac_kmalloc(RSBAC_MAXNAMELEN);
01263
01264 if(tmp2)
01265 {
01266 u64tostrmac(tmp, attr_val1.mac_categories);
01267 u64tostrmac(tmp2, target_categories);
01268 rsbac_printk(KERN_DEBUG
01269 "mac_auto_write(): pid %u/%.15s: min_write_categories %s under target categories %s, no read_up or trusted with read option -> NOT_GRANTED!\n",
01270 current->pid, current->comm,
01271 tmp,
01272 tmp2);
01273 rsbac_kfree(tmp2);
01274 }
01275 rsbac_kfree(tmp);
01276 }
01277 }
01278 #endif
01279 return(NOT_GRANTED);
01280 }
01281 }
01282 }
01283 else
01284 {
01285 mac_auto_used_cat = TRUE;
01286 set_level_cat = TRUE;
01287 }
01288 }
01289 else
01290 {
01291 if( !(flags & MAC_read_up)
01292 #ifdef CONFIG_RSBAC_MAC_TRUSTED_READ
01293 && !(flags & MAC_trusted)
01294 #endif
01295 )
01296 {
01297 /* Try mac_file_flags on the target, if FD object */
01298 switch(target)
01299 {
01300 case T_FILE:
01301 case T_DIR:
01302 case T_FIFO:
01303 case T_SYMLINK:
01304 if (rsbac_get_attr(MAC,
01305 target,
01306 tid,
01307 A_mac_file_flags,
01308 &attr_val1,
01309 TRUE))
01310 { /* failed! */
01311 rsbac_ds_get_error("mac_auto_read", A_none);
01312 return(NOT_GRANTED);
01313 }
01314 if( (attr_val1.mac_file_flags & MAC_read_up)
01315 #ifdef CONFIG_RSBAC_MAC_TRUSTED_READ
01316 || (attr_val1.mac_file_flags & MAC_trusted)
01317 #endif
01318 )
01319 {
01320 break;
01321 }
01322 /* fall through */
01323
01324 default:
01325 #ifdef CONFIG_RSBAC_DEBUG
01326 if(rsbac_debug_adf_mac)
01327 {
01328 char * tmp = rsbac_kmalloc(RSBAC_MAXNAMELEN);
01329
01330 if(tmp)
01331 {
01332 char * tmp2 = rsbac_kmalloc(RSBAC_MAXNAMELEN);
01333
01334 if(tmp2)
01335 {
01336 u64tostrmac(tmp, curr_categories);
01337 u64tostrmac(tmp2, target_categories);
01338 rsbac_printk(KERN_DEBUG
01339 "mac_auto_write(): pid %u/%.15s: curr_categories %s under target categories %s, no auto, read_up or trusted with read option -> NOT_GRANTED!\n",
01340 current->pid, current->comm,
01341 tmp,
01342 tmp2);
01343 rsbac_kfree(tmp2);
01344 }
01345 rsbac_kfree(tmp);
01346 }
01347 }
01348 #endif
01349 return(NOT_GRANTED);
01350 }
01351 }
01352 }
01353 }
01354 else
01355 if((target_categories & curr_categories) != curr_categories)
01356 {
01357 if(flags & MAC_auto)
01358 {
01359 mac_auto_used_level = TRUE;
01360 }
01361 }
01362
01363 /* grant area */
01364
01365 /* adjust current_sec_level and max_read_level, */
01366 /* if set_level is true and mac_auto has been used*/
01367 if(set_level && mac_auto_used_level)
01368 {
01369 i_tid.process = pid;
01370 attr_val1.current_sec_level = target_sec_level;
01371 if(set_level_level)
01372 {
01373 #ifdef CONFIG_RSBAC_MAC_LOG_LEVEL_CHANGE
01374 char * target_type_name;
01375 char * target_id_name;
01376
01377 target_type_name = rsbac_kmalloc(RSBAC_MAXNAMELEN);
01378 if(target_type_name)
01379 {
01380 #ifdef CONFIG_RSBAC_LOG_FULL_PATH
01381 target_id_name
01382 = rsbac_kmalloc(CONFIG_RSBAC_MAX_PATH_LEN + RSBAC_MAXNAMELEN);
01383 /* max. path name len + some extra */
01384 #else
01385 target_id_name = rsbac_kmalloc(2 * RSBAC_MAXNAMELEN);
01386 /* max. file name len + some extra */
01387 #endif
01388 if(target_id_name)
01389 {
01390 get_target_name(target_type_name, target, target_id_name, tid);
01391
01392 rsbac_printk(KERN_INFO
01393 "mac_auto_read(): Changing process %u (%.15s, owner %u) current level from %u to %u for %s %s\n",
01394 pid,
01395 current->comm,
01396 current->uid,
01397 curr_level,
01398 target_sec_level,
01399 target_type_name,
01400 target_id_name);
01401 rsbac_kfree(target_id_name);
01402 }
01403 rsbac_kfree(target_type_name);
01404 }
01405 #endif
01406 if(rsbac_set_attr(MAC,
01407 T_PROCESS,
01408 i_tid,
01409 A_current_sec_level,
01410 attr_val1))
01411 { /* failed! */
01412 rsbac_ds_set_error("mac_auto_read", A_none);
01413 return(NOT_GRANTED);
01414 }
01415 }
01416 if (rsbac_get_attr(MAC,
01417 T_PROCESS,
01418 i_tid,
01419 A_max_read_open,
01420 &attr_val2,
01421 TRUE))
01422 { /* failed! */
01423 rsbac_ds_get_error("mac_auto_read", A_none);
01424 return(NOT_GRANTED);
01425 }
01426 if(attr_val1.max_read_open > attr_val2.max_read_open)
01427 {
01428 if (rsbac_set_attr(MAC,
01429 T_PROCESS,
01430 i_tid,
01431 A_max_read_open,
01432 attr_val1))
01433 { /* failed! */
01434 rsbac_ds_set_error("mac_auto_read", A_none);
01435 return(NOT_GRANTED);
01436 }
01437 }
01438 }
01439 /* adjust current_categories and max_read_categories, */
01440 /* if set_level is true and mac_auto has been used*/
01441 if(set_level && mac_auto_used_cat)
01442 {
01443 i_tid.process = pid;
01444 attr_val1.mac_categories = target_categories;
01445 if(set_level_cat)
01446 {
01447 #ifdef CONFIG_RSBAC_MAC_LOG_LEVEL_CHANGE
01448 char * target_type_name = rsbac_kmalloc(RSBAC_MAXNAMELEN);
01449 if(target_type_name)
01450 {
01451 char * target_id_name;
01452
01453 #ifdef CONFIG_RSBAC_LOG_FULL_PATH
01454 target_id_name
01455 = rsbac_kmalloc(CONFIG_RSBAC_MAX_PATH_LEN + RSBAC_MAXNAMELEN);
01456 /* max. path name len + some extra */
01457 #else
01458 target_id_name = rsbac_kmalloc(2 * RSBAC_MAXNAMELEN);
01459 /* max. file name len + some extra */
01460 #endif
01461 if(target_id_name)
01462 {
01463 char * tmp1 = rsbac_kmalloc(RSBAC_MAXNAMELEN);
01464 if(tmp1)
01465 {
01466 char * tmp2 = rsbac_kmalloc(RSBAC_MAXNAMELEN);
01467 if(tmp2)
01468 {
01469 get_target_name(target_type_name, target, target_id_name, tid);
01470
01471 rsbac_printk(KERN_INFO
01472 "mac_auto_read(): Changing process %u (15%s, owner %u) current categories from %s to %s for %s %s\n",
01473 pid,
01474 current->comm,
01475 current->uid,
01476 u64tostrmac(tmp1, curr_categories),
01477 u64tostrmac(tmp2, target_categories),
01478 target_type_name,
01479 target_id_name);
01480 rsbac_kfree(tmp2);
01481 }
01482 rsbac_kfree(tmp1);
01483 }
01484 rsbac_kfree(target_id_name);
01485 }
01486 rsbac_kfree(target_type_name);
01487 }
01488 #endif
01489 if(rsbac_set_attr(MAC,
01490 T_PROCESS,
01491 i_tid,
01492 A_mac_curr_categories,
01493 attr_val1))
01494 { /* failed! */
01495 rsbac_ds_set_error("mac_auto_read", A_none);
01496 return(NOT_GRANTED);
01497 }
01498 }
01499 if (rsbac_get_attr(MAC,
01500 T_PROCESS,
01501 i_tid,
01502 A_max_read_categories,
01503 &attr_val2,
01504 TRUE))
01505 { /* failed! */
01506 rsbac_ds_get_error("mac_auto_read", A_none);
01507 return(NOT_GRANTED);
01508 }
01509 if((attr_val1.mac_categories & attr_val2.mac_categories)
01510 != attr_val1.mac_categories
01511 )
01512 {
01513 if (rsbac_set_attr(MAC,
01514 T_PROCESS,
01515 i_tid,
01516 A_max_read_categories,
01517 attr_val1))
01518 { /* failed! */
01519 rsbac_ds_set_error("mac_auto_read", A_none);
01520 return(NOT_GRANTED);
01521 }
01522 }
01523 }
01524
01525 /* Everything done, so return */
01526 return(GRANTED);
01527 }
|
|
||||||||||||||||||||
|
Definition at line 2581 of file mac_main.c. References A_mac_categories, A_security_level, and auto_read_write_attr(). Referenced by rsbac_adf_request_mac(), and rsbac_adf_set_attr_mac(). 02585 {
02586 return auto_read_write_attr(pid,
02587 target,
02588 tid,
02589 A_security_level,
02590 A_mac_categories,
02591 set_level);
02592 }
|
|
||||||||||||||||||||||||||||
|
Definition at line 1548 of file mac_main.c. References A_current_sec_level, A_mac_categories, A_mac_curr_categories, A_mac_file_flags, A_mac_min_categories, A_mac_process_flags, A_max_read_categories, A_max_read_open, A_min_security_level, A_min_write_categories, A_min_write_open, A_none, A_security_level, rsbac_attribute_value_t::current_sec_level, FALSE, get_target_name(), GRANTED, MAC, MAC_auto, rsbac_attribute_value_t::mac_categories, rsbac_attribute_value_t::mac_file_flags, MAC_override, rsbac_attribute_value_t::mac_process_flags, MAC_read_up, MAC_trusted, MAC_write_down, MAC_write_up, rsbac_attribute_value_t::max_read_open, rsbac_attribute_value_t::min_write_open, NOT_GRANTED, rsbac_target_id_t::process, rsbac_get_attr, rsbac_kfree(), rsbac_kmalloc(), RSBAC_MAXNAMELEN, rsbac_printk(), rsbac_set_attr, rsbac_attribute_value_t::security_level, T_DIR, T_FIFO, T_FILE, T_PROCESS, T_SYMLINK, TRUE, and u64tostrmac(). Referenced by auto_read_write(), rsbac_adf_request_mac(), and rsbac_adf_set_attr_mac(). 01554 {
01555 rsbac_security_level_t curr_level;
01556 rsbac_mac_category_vector_t curr_categories;
01557 rsbac_security_level_t target_sec_level;
01558 rsbac_mac_category_vector_t target_categories;
01559 union rsbac_target_id_t i_tid;
01560 union rsbac_attribute_value_t attr_val1;
01561 union rsbac_attribute_value_t attr_val2;
01562 rsbac_mac_process_flags_t flags;
01563 rsbac_boolean_t mac_auto_used_level = FALSE;
01564 rsbac_boolean_t mac_auto_used_cat = FALSE;
01565 rsbac_boolean_t raise_object_level = FALSE;
01566 rsbac_boolean_t raise_object_cat = FALSE;
01567
01568 /* first check for mac_override, which allows everything */
01569 i_tid.process = pid;
01570 if (rsbac_get_attr(MAC,
01571 T_PROCESS,
01572 i_tid,
01573 A_mac_process_flags,
01574 &attr_val1,
01575 FALSE))
01576 { /* failed! */
01577 rsbac_ds_get_error("mac_auto_read_write", A_none);
01578 return(NOT_GRANTED);
01579 }
01580 flags = attr_val1.mac_process_flags;
01581 if(flags & MAC_override)
01582 return GRANTED;
01583
01584 /* Get current security level */
01585 if (rsbac_get_attr(MAC,
01586 T_PROCESS,
01587 i_tid,
01588 A_current_sec_level,
01589 &attr_val1,
01590 FALSE))
01591 { /* failed! */
01592 rsbac_ds_get_error("mac_auto_read_write", A_none);
01593 return(NOT_GRANTED);
01594 }
01595 curr_level = attr_val1.security_level;
01596 /* Get current categories */
01597 if (rsbac_get_attr(MAC,
01598 T_PROCESS,
01599 i_tid,
01600 A_mac_curr_categories,
01601 &attr_val1,
01602 FALSE))
01603 { /* failed! */
01604 rsbac_ds_get_error("mac_auto_read_write", A_none);
01605 return(NOT_GRANTED);
01606 }
01607 curr_categories = attr_val1.mac_categories;
01608 /* Get target security level */
01609 if (rsbac_get_attr(MAC,
01610 target,
01611 tid,
01612 t_level_attr,
01613 &attr_val1,
01614 TRUE))
01615 { /* failed! */
01616 rsbac_ds_get_error("mac_auto_read_write", A_none);
01617 return(NOT_GRANTED);
01618 }
01619 target_sec_level = attr_val1.security_level;
01620 /* Get target categories */
01621 if (rsbac_get_attr(MAC,
01622 target,
01623 tid,
01624 t_cat_attr,
01625 &attr_val1,
01626 TRUE))
01627 { /* failed! */
01628 rsbac_ds_get_error("mac_auto_read_write", A_none);
01629 return(NOT_GRANTED);
01630 }
01631 target_categories = attr_val1.mac_categories;
01632
01633 if(target_sec_level > curr_level)
01634 {
01635 if (rsbac_get_attr(MAC,
01636 T_PROCESS,
01637 i_tid,
01638 A_security_level,
01639 &attr_val1,
01640 FALSE))
01641 { /* failed! */
01642 rsbac_ds_get_error("mac_auto_read_write", A_none);
01643 return(NOT_GRANTED);
01644 }
01645 if(attr_val1.security_level < target_sec_level)
01646 {
01647 #ifdef CONFIG_RSBAC_DEBUG
01648 if(rsbac_debug_adf_mac)
01649 {
01650 rsbac_printk(KERN_DEBUG
01651 "mac_auto_read_write(): pid %u/%.15s: security_level %u under target_sec_level %u, no override -> NOT_GRANTED!\n",
01652 current->pid, current->comm,
01653 attr_val1.security_level, target_sec_level);
01654 }
01655 #endif
01656 return(NOT_GRANTED);
01657 }
01658 /* curr_level < target_level <= max_level */
01659 /* -> need mac_auto, (write_up && read_up) or trusted (with read option) */
01660 if(flags & MAC_auto)
01661 {
01662 /* check min_write boundary */
01663 if (rsbac_get_attr(MAC,
01664 T_PROCESS,
01665 i_tid,
01666 A_min_write_open,
01667 &attr_val1,
01668 FALSE))
01669 { /* failed! */
01670 rsbac_ds_get_error("mac_auto_read_write", A_none);
01671 return(NOT_GRANTED);
01672 }
01673 if(attr_val1.security_level < target_sec_level)
01674 {
01675 if( !((flags & MAC_write_up) && (flags & MAC_read_up))
01676 #ifdef CONFIG_RSBAC_MAC_TRUSTED_READ
01677 && !(flags & MAC_trusted)
01678 #endif
01679 )
01680 {
01681 /* Try mac_file_flags on the target, if FD object */
01682 switch(target)
01683 {
01684 case T_FILE:
01685 case T_DIR:
01686 case T_FIFO:
01687 case T_SYMLINK:
01688 if (rsbac_get_attr(MAC,
01689 target,
01690 tid,
01691 A_mac_file_flags,
01692 &attr_val1,
01693 TRUE))
01694 { /* failed! */
01695 rsbac_ds_get_error("mac_auto_read_write", A_none);
01696 return(NOT_GRANTED);
01697 }
01698 if( ( (attr_val1.mac_file_flags & MAC_write_up)
01699 && (attr_val1.mac_file_flags & MAC_read_up)
01700 )
01701 #ifdef CONFIG_RSBAC_MAC_TRUSTED_READ
01702 || (flags & MAC_trusted)
01703 #endif
01704 )
01705 {
01706 break;
01707 }
01708 /* fall through */
01709
01710 default:
01711 #ifdef CONFIG_RSBAC_DEBUG
01712 if(rsbac_debug_adf_mac)
01713 {
01714 rsbac_printk(KERN_DEBUG
01715 "mac_auto_read_write(): pid %u/%.15s: min_write_open %u under target_sec_level %u, no read_up or trusted -> NOT_GRANTED!\n",
01716 current->pid, current->comm,
01717 attr_val1.security_level, target_sec_level);
01718 }
01719 #endif
01720 return(NOT_GRANTED);
01721 }
01722 }
01723 }
01724 else
01725 mac_auto_used_level = TRUE;
01726 }
01727 else
01728 {
01729 if( !((flags & MAC_write_up) && (flags & MAC_read_up))
01730 #ifdef CONFIG_RSBAC_MAC_TRUSTED_READ
01731 && !(flags & MAC_trusted)
01732 #endif
01733 )
01734 {
01735 /* Try mac_file_flags on the target, if FD object */
01736 switch(target)
01737 {
01738 case T_FILE:
01739 case T_DIR:
01740 case T_FIFO:
01741 case T_SYMLINK:
01742 if (rsbac_get_attr(MAC,
01743 target,
01744 tid,
01745 A_mac_file_flags,
01746 &attr_val1,
01747 TRUE))
01748 { /* failed! */
01749 rsbac_ds_get_error("mac_auto_read_write", A_none);
01750 return(NOT_GRANTED);
01751 }
01752 if( ( (attr_val1.mac_file_flags & MAC_write_up)
01753 && (attr_val1.mac_file_flags & MAC_read_up)
01754 )
01755 #ifdef CONFIG_RSBAC_MAC_TRUSTED_READ
01756 || (flags & MAC_trusted)
01757 #endif
01758 )
01759 {
01760 break;
01761 }
01762 /* fall through */
01763
01764 default:
01765 #ifdef CONFIG_RSBAC_DEBUG
01766 if(rsbac_debug_adf_mac)
01767 {
01768 rsbac_printk(KERN_DEBUG
01769 "mac_auto_read_write(): pid %u/%.15s: current level %u under target_sec_level %u, no auto, (write_up && read_up) or trusted -> NOT_GRANTED!\n",
01770 current->pid, current->comm,
01771 curr_level, target_sec_level);
01772 }
01773 #endif
01774 return(NOT_GRANTED);
01775 }
01776 }
01777 }
01778 }
01779 else
01780 if(target_sec_level < curr_level)
01781 {
01782 if (rsbac_get_attr(MAC,
01783 T_PROCESS,
01784 i_tid,
01785 A_min_security_level,
01786 &attr_val1,
01787 FALSE))
01788 { /* failed! */
01789 rsbac_ds_get_error("mac_auto_read_write", A_none);
01790 return(NOT_GRANTED);
01791 }
01792 if(attr_val1.security_level > target_sec_level)
01793 {
01794 #ifdef CONFIG_RSBAC_DEBUG
01795 if(rsbac_debug_adf_mac)
01796 {
01797 rsbac_printk(KERN_DEBUG
01798 "mac_auto_read_write(): pid %u/%.15s: min_security_level %u over target_sec_level %u, no override -> NOT_GRANTED!\n",
01799 current->pid, current->comm,
01800 attr_val1.security_level, target_sec_level);
01801 }
01802 #endif
01803 return(NOT_GRANTED);
01804 }
01805 /* min_level <= target_level < curr_level -> need mac_auto, write_down or trusted */
01806 if(flags & MAC_auto)
01807 {
01808 /* check max_read boundary */
01809 if (rsbac_get_attr(MAC,
01810 T_PROCESS,
01811 i_tid,
01812 A_max_read_open,
01813 &attr_val1,
01814 FALSE))
01815 { /* failed! */
01816 rsbac_ds_get_error("mac_auto_read_write", A_none);
01817 return(NOT_GRANTED);
01818 }
01819 if(attr_val1.security_level > target_sec_level)
01820 {
01821 if( !(flags & MAC_write_down)
01822 && !(flags & MAC_trusted)
01823 )
01824 {
01825 /* Try mac_file_flags on the target, if FD object */
01826 switch(target)
01827 {
01828 case T_FILE:
01829 case T_DIR:
01830 case T_FIFO:
01831 case T_SYMLINK:
01832 if (rsbac_get_attr(MAC,
01833 target,
01834 tid,
01835 A_mac_file_flags,
01836 &attr_val1,
01837 TRUE))
01838 { /* failed! */
01839 rsbac_ds_get_error("mac_auto_read_write", A_none);
01840 return(NOT_GRANTED);
01841 }
01842 if( (attr_val1.mac_file_flags & MAC_write_down)
01843 || (attr_val1.mac_file_flags & MAC_trusted)
01844 )
01845 {
01846 if(attr_val1.mac_file_flags & MAC_auto)
01847 {
01848 raise_object_level = TRUE;
01849 }
01850 break;
01851 }
01852 /* fall through */
01853
01854 default:
01855 #ifdef CONFIG_RSBAC_DEBUG
01856 if(rsbac_debug_adf_mac)
01857 {
01858 rsbac_printk(KERN_DEBUG
01859 "mac_auto_read_write(): pid %u/%.15s: max_read_open %u over target_sec_level %u, no write_down or trusted -> NOT_GRANTED!\n",
01860 current->pid, current->comm,
01861 attr_val1.security_level, target_sec_level);
01862 }
01863 #endif
01864 return(NOT_GRANTED);
01865 }
01866 }
01867 }
01868 else
01869 mac_auto_used_level = TRUE;
01870 }
01871 else
01872 {
01873 if( !(flags & MAC_write_down)
01874 && !(flags & MAC_trusted)
01875 )
01876 {
01877 /* Try mac_file_flags on the target, if FD object */
01878 switch(target)
01879 {
01880 case T_FILE:
01881 case T_DIR:
01882 case T_FIFO:
01883 case T_SYMLINK:
01884 if (rsbac_get_attr(MAC,
01885 target,
01886 tid,
01887 A_mac_file_flags,
01888 &attr_val1,
01889 TRUE))
01890 { /* failed! */
01891 rsbac_ds_get_error("mac_auto_read_write", A_none);
01892 return(NOT_GRANTED);
01893 }
01894 if( (attr_val1.mac_file_flags & MAC_write_down)
01895 || (attr_val1.mac_file_flags & MAC_trusted)
01896 )
01897 {
01898 if(attr_val1.mac_file_flags & MAC_auto)
01899 {
01900 raise_object_level = TRUE;
01901 }
01902 break;
01903 }
01904 /* fall through */
01905
01906 default:
01907 #ifdef CONFIG_RSBAC_DEBUG
01908 if(rsbac_debug_adf_mac)
01909 {
01910 rsbac_printk(KERN_DEBUG
01911 "mac_auto_read_write(): pid %u/%.15s: current security_level %u over target_sec_level %u, no auto, write_down or trusted -> NOT_GRANTED!\n",
01912 current->pid, current->comm,
01913 curr_level, target_sec_level);
01914 }
01915 #endif
01916 return(NOT_GRANTED);
01917 }
01918 }
01919 }
01920 }
01921 if((target_categories & curr_categories) != target_categories)
01922 {
01923 if (rsbac_get_attr(MAC,
01924 T_PROCESS,
01925 i_tid,
01926 A_mac_categories,
01927 &attr_val1,
01928 FALSE))
01929 { /* failed! */
01930 rsbac_ds_get_error("mac_auto_read_write", A_none);
01931 return(NOT_GRANTED);
01932 }
01933 if((target_categories & attr_val1.mac_categories) != target_categories)
01934 {
01935 #ifdef CONFIG_RSBAC_DEBUG
01936 if(rsbac_debug_adf_mac)
01937 {
01938 char * tmp = rsbac_kmalloc(RSBAC_MAXNAMELEN);
01939
01940 if(tmp)
01941 {
01942 char * tmp2 = rsbac_kmalloc(RSBAC_MAXNAMELEN);
01943
01944 if(tmp2)
01945 {
01946 u64tostrmac(tmp, attr_val1.mac_categories);
01947 u64tostrmac(tmp2, target_categories);
01948 rsbac_printk(KERN_DEBUG
01949 "mac_auto_read_write(): pid %u/%.15s: max_categories %s under target categories %s, no override -> NOT_GRANTED!\n",
01950 current->pid, current->comm,
01951 tmp,
01952 tmp2);
01953 rsbac_kfree(tmp2);
01954 }
01955 rsbac_kfree(tmp);
01956 }
01957 }
01958 #endif
01959 return(NOT_GRANTED);
01960 }
01961 /* curr_categories < target_categories <= max_categories */
01962 /* -> need mac_auto, (read_up && write_up) or trusted (with read option) */
01963 if(flags & MAC_auto)
01964 {
01965 /* check min_write boundary */
01966 if (rsbac_get_attr(MAC,
01967 T_PROCESS,
01968 i_tid,
01969 A_min_write_categories,
01970 &attr_val1,
01971 FALSE))
01972 { /* failed! */
01973 rsbac_ds_get_error("mac_auto_read_write", A_none);
01974 return(NOT_GRANTED);
01975 }
01976 if((target_categories & attr_val1.mac_categories) != target_categories)
01977 {
01978 if( !((flags & MAC_write_up) && (flags & MAC_read_up))
01979 #ifdef CONFIG_RSBAC_MAC_TRUSTED_READ
01980 && !(flags & MAC_trusted)
01981 #endif
01982 )
01983 {
01984 /* Try mac_file_flags on the target, if FD object */
01985 switch(target)
01986 {
01987 case T_FILE:
01988 case T_DIR:
01989 case T_FIFO:
01990 case T_SYMLINK:
01991 if (rsbac_get_attr(MAC,
01992 target,
01993 tid,
01994 A_mac_file_flags,
01995 &attr_val1,
01996 TRUE))
01997 { /* failed! */
01998 rsbac_ds_get_error("mac_auto_read_write", A_none);
01999 return(NOT_GRANTED);
02000 }
02001 if( ( (attr_val1.mac_file_flags & MAC_write_up)
02002 && (attr_val1.mac_file_flags & MAC_read_up)
02003 )
02004 #ifdef CONFIG_RSBAC_MAC_TRUSTED_READ
02005 || (flags & MAC_trusted)
02006 #endif
02007 )
02008 {
02009 break;
02010 }
02011 /* fall through */
02012
02013 default:
02014 #ifdef CONFIG_RSBAC_DEBUG
02015 if(rsbac_debug_adf_mac)
02016 {
02017 char * tmp = rsbac_kmalloc(RSBAC_MAXNAMELEN);
02018
02019 if(tmp)
02020 {
02021 char * tmp2 = rsbac_kmalloc(RSBAC_MAXNAMELEN);
02022
02023 if(tmp2)
02024 {
02025 u64tostrmac(tmp, attr_val1.mac_categories);
02026 u64tostrmac(tmp2, target_categories);
02027 rsbac_printk(KERN_DEBUG
02028 "mac_auto_read_write(): pid %u/%.15s: min_write_categories %s under target categories %s, no (read_up and write_up) or trusted with read option -> NOT_GRANTED!\n",
02029 current->pid, current->comm,
02030 tmp,
02031 tmp2);
02032 rsbac_kfree(tmp2);
02033 }
02034 rsbac_kfree(tmp);
02035 }
02036 }
02037 #endif
02038 return(NOT_GRANTED);
02039 }
02040 }
02041 }
02042 else
02043 mac_auto_used_cat = TRUE;
02044 }
02045 else
02046 {
02047 if( !((flags & MAC_write_up) && (flags & MAC_read_up))
02048 #ifdef CONFIG_RSBAC_MAC_TRUSTED_READ
02049 && !(flags & MAC_trusted)
02050 #endif
02051 )
02052 {
02053 /* Try mac_file_flags on the target, if FD object */
02054 switch(target)
02055 {
02056 case T_FILE:
02057 case T_DIR:
02058 case T_FIFO:
02059 case T_SYMLINK:
02060 if (rsbac_get_attr(MAC,
02061 target,
02062 tid,
02063 A_mac_file_flags,
02064 &attr_val1,
02065 TRUE))
02066 { /* failed! */
02067 rsbac_ds_get_error("mac_auto_read_write", A_none);
02068 return(NOT_GRANTED);
02069 }
02070 if( ( (attr_val1.mac_file_flags & MAC_write_up)
02071 && (attr_val1.mac_file_flags & MAC_read_up)
02072 )
02073 #ifdef CONFIG_RSBAC_MAC_TRUSTED_READ
02074 || (flags & MAC_trusted)
02075 #endif
02076 )
02077 {
02078 break;
02079 }
02080 /* fall through */
02081
02082 default:
02083 #ifdef CONFIG_RSBAC_DEBUG
02084 if(rsbac_debug_adf_mac)
02085 {
02086 char * tmp = rsbac_kmalloc(RSBAC_MAXNAMELEN);
02087
02088 if(tmp)
02089 {
02090 char * tmp2 = rsbac_kmalloc(RSBAC_MAXNAMELEN);
02091
02092 if(tmp2)
02093 {
02094 u64tostrmac(tmp, curr_categories);
02095 u64tostrmac(tmp2, target_categories);
02096 rsbac_printk(KERN_DEBUG
02097 "mac_auto_read_write(): pid %u/%.15s: curr_categories %s under target categories %s, no auto, (read_up and write_up) or trusted -> NOT_GRANTED!\n",
02098 current->pid, current->comm,
02099 tmp,
02100 tmp2);
02101 rsbac_kfree(tmp2);
02102 }
02103 rsbac_kfree(tmp);
02104 }
02105 }
02106 #endif
02107 return(NOT_GRANTED);
02108 }
02109 }
02110 }
02111 }
02112 else
02113 if((target_categories & curr_categories) != curr_categories)
02114 {
02115 if (rsbac_get_attr(MAC,
02116 T_PROCESS,
02117 i_tid,
02118 A_mac_min_categories,
02119 &attr_val1,
02120 FALSE))
02121 { /* failed! */
02122 rsbac_ds_get_error("mac_auto_read_write", A_none);
02123 return(NOT_GRANTED);
02124 }
02125 if((target_categories & attr_val1.mac_categories) != attr_val1.mac_categories)
02126 {
02127 #ifdef CONFIG_RSBAC_DEBUG
02128 if(rsbac_debug_adf_mac)
02129 {
02130 char * tmp = rsbac_kmalloc(RSBAC_MAXNAMELEN);
02131
02132 if(tmp)
02133 {
02134 char * tmp2 = rsbac_kmalloc(RSBAC_MAXNAMELEN);
02135
02136 if(tmp2)
02137 {
02138 u64tostrmac(tmp, attr_val1.mac_categories);
02139 u64tostrmac(tmp2, target_categories);
02140 rsbac_printk(KERN_DEBUG
02141 "mac_auto_read_write(): pid %u/%.15s: min_categories %s over target categories %s, no override -> NOT_GRANTED!\n",
02142 current->pid, current->comm,
02143 tmp,
02144 tmp2);
02145 rsbac_kfree(tmp2);
02146 }
02147 rsbac_kfree(tmp);
02148 }
02149 }
02150 #endif
02151 return(NOT_GRANTED);
02152 }
02153 /* min_level <= target_level < curr_level -> need mac_auto, write_down or trusted */
02154 if(flags & MAC_auto)
02155 {
02156 /* check max_read boundary */
02157 if (rsbac_get_attr(MAC,
02158 T_PROCESS,
02159 i_tid,
02160 A_max_read_categories,
02161 &attr_val1,
02162 FALSE))
02163 { /* failed! */
02164 rsbac_ds_get_error("mac_auto_read_write", A_none);
02165 return(NOT_GRANTED);
02166 }
02167 if((target_categories & attr_val1.mac_categories) != attr_val1.mac_categories)
02168 {
02169 if( !(flags & MAC_write_down)
02170 && !(flags & MAC_trusted)
02171 )
02172 {
02173 /* Try mac_file_flags on the target, if FD object */
02174 switch(target)
02175 {
02176 case T_FILE:
02177 case T_DIR:
02178 case T_FIFO:
02179 case T_SYMLINK:
02180 if (rsbac_get_attr(MAC,
02181 target,
02182 tid,
02183 A_mac_file_flags,
02184 &attr_val1,
02185 TRUE))
02186 { /* failed! */
02187 rsbac_ds_get_error("mac_auto_read_write", A_none);
02188 return(NOT_GRANTED);
02189 }
02190 if( (attr_val1.mac_file_flags & MAC_write_down)
02191 || (attr_val1.mac_file_flags & MAC_trusted)
02192 )
02193 {
02194 if(attr_val1.mac_file_flags & MAC_auto)
02195 {
02196 raise_object_cat = TRUE;
02197 }
02198 break;
02199 }
02200 /* fall through */
02201
02202 default:
02203 #ifdef CONFIG_RSBAC_DEBUG
02204 if(rsbac_debug_adf_mac)
02205 {
02206 char * tmp = rsbac_kmalloc(RSBAC_MAXNAMELEN);
02207
02208 if(tmp)
02209 {
02210 char * tmp2 = rsbac_kmalloc(RSBAC_MAXNAMELEN);
02211
02212 if(tmp2)
02213 {
02214 u64tostrmac(tmp, attr_val1.mac_categories);
02215 u64tostrmac(tmp2, target_categories);
02216 rsbac_printk(KERN_DEBUG
02217 "mac_auto_read_write(): pid %u/%.15s: max_read_categories %s over target categories %s, no write_down or trusted -> NOT_GRANTED!\n",
02218 current->pid, current->comm,
02219 tmp,
02220 tmp2);
02221 rsbac_kfree(tmp2);
02222 }
02223 rsbac_kfree(tmp);
02224 }
02225 }
02226 #endif
02227 return(NOT_GRANTED);
02228 }
02229 }
02230 }
02231 else
02232 mac_auto_used_cat = TRUE;
02233 }
02234 else
02235 {
02236 if( !(flags & MAC_write_down)
02237 && !(flags & MAC_trusted)
02238 )
02239 {
02240 /* Try mac_file_flags on the target, if FD object */
02241 switch(target)
02242 {
02243 case T_FILE:
02244 case T_DIR:
02245 case T_FIFO:
02246 case T_SYMLINK:
02247 if (rsbac_get_attr(MAC,
02248 target,
02249 tid,
02250 A_mac_file_flags,
02251 &attr_val1,
02252 TRUE))
02253 { /* failed! */
02254 rsbac_ds_get_error("mac_auto_read_write", A_none);
02255 return(NOT_GRANTED);
02256 }
02257 if( (attr_val1.mac_file_flags & MAC_write_down)
02258 || (attr_val1.mac_file_flags & MAC_trusted)
02259 )
02260 {
02261 if(attr_val1.mac_file_flags & MAC_auto)
02262 {
02263 raise_object_cat = TRUE;
02264 }
02265 break;
02266 }
02267 /* fall through */
02268
02269 default:
02270 #ifdef CONFIG_RSBAC_DEBUG
02271 if(rsbac_debug_adf_mac)
02272 {
02273 char * tmp = rsbac_kmalloc(RSBAC_MAXNAMELEN);
02274
02275 if(tmp)
02276 {
02277 char * tmp2 = rsbac_kmalloc(RSBAC_MAXNAMELEN);
02278
02279 if(tmp2)
02280 {
02281 u64tostrmac(tmp, curr_categories);
02282 u64tostrmac(tmp2, target_categories);
02283 rsbac_printk(KERN_DEBUG
02284 "mac_auto_read_write(): pid %u/%.15s: curr_categories %s over target categories %s, no auto, write_down or trusted -> NOT_GRANTED!\n",
02285 current->pid, current->comm,
02286 tmp,
02287 tmp2);
02288 rsbac_kfree(tmp2);
02289 }
02290 rsbac_kfree(tmp);
02291 }
02292 }
02293 #endif
02294 return(NOT_GRANTED);
02295 }
02296 }
02297 }
02298 }
02299
02300 /* grant area */
02301
02302 /* adjust current_sec_level and min_write_level, */
02303 /* if set_level is true and mac_auto has been used*/
02304 if( set_level
02305 && ( mac_auto_used_level
02306 || raise_object_level
02307 )
02308 )
02309 {
02310 #ifdef CONFIG_RSBAC_MAC_LOG_LEVEL_CHANGE
02311 {
02312 char * target_type_name;
02313 char * target_id_name;
02314
02315 target_type_name = rsbac_kmalloc(RSBAC_MAXNAMELEN);
02316 if(target_type_name)
02317 {
02318 #ifdef CONFIG_RSBAC_LOG_FULL_PATH
02319 target_id_name
02320 = rsbac_kmalloc(CONFIG_RSBAC_MAX_PATH_LEN + RSBAC_MAXNAMELEN);
02321 /* max. path name len + some extra */
02322 #else
02323 target_id_name = rsbac_kmalloc(2 * RSBAC_MAXNAMELEN);
02324 /* max. file name len + some extra */
02325 #endif
02326 if(target_id_name)
02327 {
02328 get_target_name(target_type_name, target, target_id_name, tid);
02329
02330 if(mac_auto_used_level)
02331 {
02332 rsbac_printk(KERN_INFO
02333 "mac_auto_read_write(): Changing process %u (%.15s, owner %u) current level from %u to %u for %s %s\n",
02334 pid,
02335 current->comm,
02336 current->uid,
02337 curr_level,
02338 target_sec_level,
02339 target_type_name,
02340 target_id_name);
02341 }
02342 else
02343 {
02344 rsbac_printk(KERN_INFO
02345 "mac_auto_read_write(): Process %u (%.15s, owner %u): Raising object level from %u to %u for %s %s\n",
02346 pid,
02347 current->comm,
02348 current->uid,
02349 target_sec_level,
02350 curr_level,
02351 target_type_name,
02352 target_id_name);
02353 }
02354 rsbac_kfree(target_id_name);
02355 }
02356 rsbac_kfree(target_type_name);
02357 }
02358 }
02359 #endif
02360 if(mac_auto_used_level)
02361 {
02362 i_tid.process = pid;
02363 attr_val1.current_sec_level = target_sec_level;
02364 if (rsbac_get_attr(MAC,
02365 T_PROCESS,
02366 i_tid,
02367 A_min_write_open,
02368 &attr_val2,
02369 TRUE))
02370 { /* failed! */
02371 rsbac_ds_get_error("mac_auto_read_write", A_none);
02372 return(NOT_GRANTED);
02373 }
02374 if(attr_val1.min_write_open < attr_val2.min_write_open)
02375 {
02376 if (rsbac_set_attr(MAC,
02377 T_PROCESS,
02378 i_tid,
02379 A_min_write_open,
02380 attr_val1))
02381 { /* failed! */
02382 rsbac_ds_set_error("mac_auto_read_write", A_none);
02383 return(NOT_GRANTED);
02384 }
02385 }
02386 if (rsbac_get_attr(MAC,
02387 T_PROCESS,
02388 i_tid,
02389 A_max_read_open,
02390 &attr_val2,
02391 TRUE))
02392 { /* failed! */
02393 rsbac_ds_get_error("mac_auto_read_write", A_none);
02394 return(NOT_GRANTED);
02395 }
02396 if(attr_val1.max_read_open > attr_val2.max_read_open)
02397 {
02398 if (rsbac_set_attr(MAC,
02399 T_PROCESS,
02400 i_tid,
02401 A_max_read_open,
02402 attr_val1))
02403 { /* failed! */
02404 rsbac_ds_set_error("mac_auto_read_write", A_none);
02405 return(NOT_GRANTED);
02406 }
02407 }
02408 if (rsbac_set_attr(MAC,
02409 T_PROCESS,
02410 i_tid,
02411 A_current_sec_level,
02412 attr_val1))
02413 { /* failed! */
02414 rsbac_ds_set_error("mac_auto_read_write", A_none);
02415 return(NOT_GRANTED);
02416 }
02417 }
02418 else
02419 {
02420 attr_val1.security_level = curr_level;
02421 if (rsbac_set_attr(MAC,
02422 target,
02423 tid,
02424 A_security_level,
02425 attr_val1))
02426 { /* failed! */
02427 rsbac_ds_set_error("mac_auto_read_write", A_none);
02428 return(NOT_GRANTED);
02429 }
02430 }
02431 }
02432 /* adjust current_categories and min_write_categories, */
02433 /* if set_level is true and mac_auto has been used*/
02434 if( set_level
02435 && ( mac_auto_used_cat
02436 || raise_object_cat
02437 )
02438 )
02439 {
02440 #ifdef CONFIG_RSBAC_MAC_LOG_LEVEL_CHANGE
02441 {
02442 char * target_type_name = rsbac_kmalloc(RSBAC_MAXNAMELEN);
02443 if(target_type_name)
02444 {
02445 char * target_id_name;
02446
02447 #ifdef CONFIG_RSBAC_LOG_FULL_PATH
02448 target_id_name
02449 = rsbac_kmalloc(CONFIG_RSBAC_MAX_PATH_LEN + RSBAC_MAXNAMELEN);
02450 /* max. path name len + some extra */
02451 #else
02452 target_id_name = rsbac_kmalloc(2 * RSBAC_MAXNAMELEN);
02453 /* max. file name len + some extra */
02454 #endif
02455 if(target_id_name)
02456 {
02457 char * tmp1 = rsbac_kmalloc(RSBAC_MAXNAMELEN);
02458 if(tmp1)
02459 {
02460 char * tmp2 = rsbac_kmalloc(RSBAC_MAXNAMELEN);
02461 if(tmp2)
02462 {
02463 get_target_name(target_type_name, target, target_id_name, tid);
02464
02465 if(mac_auto_used_cat)
02466 {
02467 rsbac_printk(KERN_INFO
02468 "mac_auto_read_write(): Changing process %u (%.15s, owner %u) current categories from %s to %s for %s %s\n",
02469 pid,
02470 current->comm,
02471 current->uid,
02472 u64tostrmac(tmp1, curr_categories),
02473 u64tostrmac(tmp2, target_categories),
02474 target_type_name,
02475 target_id_name);
02476 }
02477 else
02478 {
02479 rsbac_printk(KERN_INFO
02480 "mac_auto_read_write(): Process %u (%.15s, owner %u): raising current categories from %s to %s for %s %s\n",
02481 pid,
02482 current->comm,
02483 current->uid,
02484 u64tostrmac(tmp2, target_categories),
02485 u64tostrmac(tmp1, curr_categories),
02486 target_type_name,
02487 target_id_name);
02488 }
02489 rsbac_kfree(tmp2);
02490 }
02491 rsbac_kfree(tmp1);
02492 }
02493 rsbac_kfree(target_id_name);
02494 }
02495 rsbac_kfree(target_type_name);
02496 }
02497 }
02498 #endif
02499 if(mac_auto_used_cat)
02500 {
02501 i_tid.process = pid;
02502 attr_val1.mac_categories = target_categories;
02503 if (rsbac_get_attr(MAC,
02504 T_PROCESS,
02505 i_tid,
02506 A_min_write_categories,
02507 &attr_val2,
02508 TRUE))
02509 { /* failed! */
02510 rsbac_ds_set_error("mac_auto_read_write", A_none);
02511 return(NOT_GRANTED);
02512 }
02513 if((attr_val1.mac_categories & attr_val2.mac_categories)
02514 != attr_val2.mac_categories
02515 )
02516 {
02517 if (rsbac_set_attr(MAC,
02518 T_PROCESS,
02519 i_tid,
02520 A_min_write_categories,
02521 attr_val1))
02522 { /* failed! */
02523 rsbac_ds_set_error("mac_auto_read_write", A_none);
02524 return(NOT_GRANTED);
02525 }
02526 }
02527 if (rsbac_get_attr(MAC,
02528 T_PROCESS,
02529 i_tid,
02530 A_max_read_categories,
02531 &attr_val2,
02532 TRUE))
02533 { /* failed! */
02534 rsbac_ds_get_error("mac_auto_read_write", A_none);
02535 return(NOT_GRANTED);
02536 }
02537 if((attr_val1.mac_categories & attr_val2.mac_categories)
02538 != attr_val1.mac_categories
02539 )
02540 {
02541 if (rsbac_set_attr(MAC,
02542 T_PROCESS,
02543 i_tid,
02544 A_max_read_categories,
02545 attr_val1))
02546 { /* failed! */
02547 rsbac_ds_set_error("mac_auto_read_write", A_none);
02548 return(NOT_GRANTED);
02549 }
02550 }
02551 if (rsbac_set_attr(MAC,
02552 T_PROCESS,
02553 i_tid,
02554 A_mac_curr_categories,
02555 attr_val1))
02556 { /* failed! */
02557 rsbac_ds_set_error("mac_auto_read_write", A_none);
02558 return(NOT_GRANTED);
02559 }
02560 }
02561 else
02562 {
02563 attr_val1.mac_categories = curr_categories;
02564 if (rsbac_set_attr(MAC,
02565 target,
02566 tid,
02567 A_mac_categories,
02568 attr_val1))
02569 { /* failed! */
02570 rsbac_ds_set_error("mac_auto_read_write", A_none);
02571 return(NOT_GRANTED);
02572 }
02573 }
02574 }
02575
02576 /* Everything done, so return */
02577 return(GRANTED);
02578 }
|
|
||||||||||||||||||||
|
Definition at line 911 of file mac_main.c. References A_mac_categories, A_security_level, and auto_write_attr(). Referenced by rsbac_adf_request_mac(), and rsbac_adf_set_attr_mac(). 00915 {
00916 return auto_write_attr(pid,
00917 target,
00918 tid,
00919 A_security_level,
00920 A_mac_categories,
00921 set_level);
00922 }
|
|
||||||||||||||||||||||||||||
|
Definition at line 83 of file mac_main.c. References A_current_sec_level, A_mac_categories, A_mac_curr_categories, A_mac_file_flags, A_mac_min_categories, A_mac_process_flags, A_max_read_categories, A_max_read_open, A_min_security_level, A_min_write_categories, A_min_write_open, A_none, A_security_level, rsbac_attribute_value_t::current_sec_level, FALSE, get_target_name(), GRANTED, MAC, MAC_auto, rsbac_attribute_value_t::mac_categories, rsbac_attribute_value_t::mac_file_flags, MAC_override, rsbac_attribute_value_t::mac_process_flags, MAC_trusted, MAC_write_down, MAC_write_up, rsbac_attribute_value_t::min_write_open, NOT_GRANTED, rsbac_target_id_t::process, rsbac_get_attr, rsbac_kfree(), rsbac_kmalloc(), RSBAC_MAXNAMELEN, rsbac_printk(), rsbac_set_attr, rsbac_attribute_value_t::security_level, T_DIR, T_FIFO, T_FILE, T_PROCESS, T_SYMLINK, TRUE, and u64tostrmac(). Referenced by auto_write(), rsbac_adf_request_mac(), and rsbac_adf_set_attr_mac(). 00089 {
00090 rsbac_security_level_t curr_level;
00091 rsbac_mac_category_vector_t curr_categories;
00092 rsbac_security_level_t target_sec_level;
00093 rsbac_mac_category_vector_t target_categories;
00094 union rsbac_target_id_t i_tid;
00095 union rsbac_attribute_value_t attr_val1;
00096 union rsbac_attribute_value_t attr_val2;
00097 rsbac_mac_process_flags_t flags;
00098 rsbac_boolean_t mac_auto_used_level = FALSE;
00099 rsbac_boolean_t mac_auto_used_cat = FALSE;
00100 rsbac_boolean_t raise_object_level = FALSE;
00101 rsbac_boolean_t raise_object_cat = FALSE;
00102
00103 /* first check for mac_override, which allows everything */
00104 i_tid.process = pid;
00105 if (rsbac_get_attr(MAC,
00106 T_PROCESS,
00107 i_tid,
00108 A_mac_process_flags,
00109 &attr_val1,
00110 FALSE))
00111 { /* failed! */
00112 rsbac_ds_get_error("mac_auto_write", A_none);
00113 return(NOT_GRANTED);
00114 }
00115 flags = attr_val1.mac_process_flags;
00116 if(flags & MAC_override)
00117 return GRANTED;
00118
00119 /* Get current security level */
00120 if (rsbac_get_attr(MAC,
00121 T_PROCESS,
00122 i_tid,
00123 A_current_sec_level,
00124 &attr_val1,
00125 FALSE))
00126 { /* failed! */
00127 rsbac_ds_get_error("mac_auto_write", A_none);
00128 return(NOT_GRANTED);
00129 }
00130 curr_level = attr_val1.security_level;
00131 /* Get current categories */
00132 if (rsbac_get_attr(MAC,
00133 T_PROCESS,
00134 i_tid,
00135 A_mac_curr_categories,
00136 &attr_val1,
00137 FALSE))
00138 { /* failed! */
00139 rsbac_ds_get_error("mac_auto_write", A_none);
00140 return(NOT_GRANTED);
00141 }
00142 curr_categories = attr_val1.mac_categories;
00143 /* Get target security level */
00144 if (rsbac_get_attr(MAC,
00145 target,
00146 tid,
00147 t_level_attr,
00148 &attr_val1,
00149 TRUE))
00150 { /* failed! */
00151 rsbac_ds_get_error("mac_auto_write", A_none);
00152 return(NOT_GRANTED);
00153 }
00154 target_sec_level = attr_val1.security_level;
00155 /* Get target categories */
00156 if (rsbac_get_attr(MAC,
00157 target,
00158 tid,
00159 t_cat_attr,
00160 &attr_val1,
00161 TRUE))
00162 { /* failed! */
00163 rsbac_ds_get_error("mac_auto_write", A_none);
00164 return(NOT_GRANTED);
00165 }
00166 target_categories = attr_val1.mac_categories;
00167
00168 if(target_sec_level > curr_level)
00169 {
00170 if (rsbac_get_attr(MAC,
00171 T_PROCESS,
00172 i_tid,
00173 A_security_level,
00174 &attr_val1,
00175 FALSE))
00176 { /* failed! */
00177 rsbac_ds_get_error("mac_auto_write", A_none);
00178 return(NOT_GRANTED);
00179 }
00180 if(attr_val1.security_level < target_sec_level)
00181 {
00182 #ifdef CONFIG_RSBAC_DEBUG
00183 if(rsbac_debug_adf_mac)
00184 {
00185 rsbac_printk(KERN_DEBUG
00186 "mac_auto_write(): pid %u/%.15s: security_level %u under target_sec_level %u, no override -> NOT_GRANTED!\n",
00187 current->pid, current->comm,
00188 attr_val1.security_level, target_sec_level);
00189 }
00190 #endif
00191 return(NOT_GRANTED);
00192 }
00193 /* curr_level < target_level <= max_level -> need mac_auto, write_up, trusted (at process)
00194 or shared (at object) */
00195 if(flags & MAC_auto)
00196 mac_auto_used_level = TRUE;
00197 else
00198 {
00199 if( !(flags & MAC_write_up)
00200 && !(flags & MAC_trusted)
00201 )
00202 {
00203 /* Try mac_file_flags on the target, if FD object */
00204 switch(target)
00205 {
00206 case T_FILE:
00207 case T_DIR:
00208 case T_FIFO:
00209 case T_SYMLINK:
00210 if (rsbac_get_attr(MAC,
00211 target,
00212 tid,
00213 A_mac_file_flags,
00214 &attr_val1,
00215 TRUE))
00216 { /* failed! */
00217 rsbac_ds_get_error("mac_auto_write", A_none);
00218 return(NOT_GRANTED);
00219 }
00220 if( (attr_val1.mac_file_flags & MAC_write_up)
00221 || (attr_val1.mac_file_flags & MAC_trusted)
00222 )
00223 {
00224 break;
00225 }
00226 /* fall through */
00227
00228 default:
00229 #ifdef CONFIG_RSBAC_DEBUG
00230 if(rsbac_debug_adf_mac)
00231 {
00232 rsbac_printk(KERN_DEBUG
00233 "mac_auto_write(): pid %u/%.15s: current security_level %u under target_sec_level %u, no auto, write_up, trusted -> NOT_GRANTED!\n",
00234 current->pid, current->comm,
00235 curr_level, target_sec_level);
00236 }
00237 #endif
00238 return(NOT_GRANTED);
00239 }
00240 }
00241 }
00242 }
00243 else
00244 if(target_sec_level < curr_level)
00245 {
00246 if (rsbac_get_attr(MAC,
00247 T_PROCESS,
00248 i_tid,
00249 A_min_security_level,
00250 &attr_val1,
00251 FALSE))
00252 { /* failed! */
00253 rsbac_ds_get_error("mac_auto_write", A_none);
00254 return(NOT_GRANTED);
00255 }
00256 if(attr_val1.security_level > target_sec_level)
00257 {
00258 #ifdef CONFIG_RSBAC_DEBUG
00259 if(rsbac_debug_adf_mac)
00260 {
00261 rsbac_printk(KERN_DEBUG
00262 "mac_auto_write(): pid %u/%.15s: min_security_level %u over target_sec_level %u, no override -> NOT_GRANTED!\n",
00263 current->pid, current->comm,
00264 attr_val1.security_level, target_sec_level);
00265 }
00266 #endif
00267 return(NOT_GRANTED);
00268 }
00269 /* min_level <= target_level < curr_level -> need mac_auto, write_down or trusted */
00270 if(flags & MAC_auto)
00271 {
00272 /* check max_read boundary */
00273 if (rsbac_get_attr(MAC,
00274 T_PROCESS,
00275 i_tid,
00276 A_max_read_open,
00277 &attr_val1,
00278 FALSE))
00279 { /* failed! */
00280 rsbac_ds_get_error("mac_auto_write", A_none);
00281 return(NOT_GRANTED);
00282 }
00283 if(attr_val1.security_level > target_sec_level)
00284 {
00285 if( !(flags & MAC_write_down)
00286 && !(flags & MAC_trusted)
00287 )
00288 {
00289 /* Try mac_file_flags on the target, if FD object */
00290 switch(target)
00291 {
00292 case T_FILE:
00293 case T_DIR:
00294 case T_FIFO:
00295 case T_SYMLINK:
00296 if (rsbac_get_attr(MAC,
00297 target,
00298 tid,
00299 A_mac_file_flags,
00300 &attr_val1,
00301 TRUE))
00302 { /* failed! */
00303 rsbac_ds_get_error("mac_auto_write", A_none);
00304 return(NOT_GRANTED);
00305 }
00306 if( (attr_val1.mac_file_flags & MAC_write_down)
00307 || (attr_val1.mac_file_flags & MAC_trusted)
00308 )
00309 {
00310 if(attr_val1.mac_file_flags & MAC_auto)
00311 {
00312 raise_object_level = TRUE;
00313 }
00314 break;
00315 }
00316 /* fall through */
00317
00318 default:
00319 #ifdef CONFIG_RSBAC_DEBUG
00320 if(rsbac_debug_adf_mac)
00321 {
00322 rsbac_printk(KERN_DEBUG
00323 "mac_auto_write(): pid %u/%.15s: max_read_open %u over target_sec_level %u, no write_down or trusted -> NOT_GRANTED!\n",
00324 current->pid, current->comm,
00325 attr_val1.security_level, target_sec_level);
00326 }
00327 #endif
00328 return(NOT_GRANTED);
00329 }
00330 }
00331 }
00332 else
00333 mac_auto_used_level = TRUE;
00334 }
00335 else
00336 {
00337 if( !(flags & MAC_write_down)
00338 && !(flags & MAC_trusted)
00339 )
00340 {
00341 /* Try mac_file_flags on the target, if FD object */
00342 switch(target)
00343 {
00344 case T_FILE:
00345 case T_DIR:
00346 case T_FIFO:
00347 case T_SYMLINK:
00348 if (rsbac_get_attr(MAC,
00349 target,
00350 tid,
00351 A_mac_file_flags,
00352 &attr_val1,
00353 TRUE))
00354 { /* failed! */
00355 rsbac_ds_get_error("mac_auto_write", A_none);
00356 return(NOT_GRANTED);
00357 }
00358 if( (attr_val1.mac_file_flags & MAC_write_down)
00359 || (attr_val1.mac_file_flags & MAC_trusted)
00360 )
00361 {
00362 if(attr_val1.mac_file_flags & MAC_auto)
00363 {
00364 raise_object_level = TRUE;
00365 }
00366 break;
00367 }
00368 /* fall through */
00369
00370 default:
00371 #ifdef CONFIG_RSBAC_DEBUG
00372 if(rsbac_debug_adf_mac)
00373 {
00374 rsbac_printk(KERN_DEBUG
00375 "mac_auto_write(): pid %u/%.15s: current security_level %u over target_sec_level %u, no auto, write_down or trusted -> NOT_GRANTED!\n",
00376 current->pid, current->comm,
00377 curr_level, target_sec_level);
00378 }
00379 #endif
00380 return(NOT_GRANTED);
00381 }
00382 }
00383 }
00384 }
00385
00386 if((target_categories & curr_categories) != target_categories)
00387 {
00388 if (rsbac_get_attr(MAC,
00389 T_PROCESS,
00390 i_tid,
00391 A_mac_categories,
00392 &attr_val1,
00393 FALSE))
00394 { /* failed! */
00395 rsbac_ds_get_error("mac_auto_write", A_none);
00396 return(NOT_GRANTED);
00397 }
00398 if((target_categories & attr_val1.mac_categories) != target_categories)
00399 {
00400 #ifdef CONFIG_RSBAC_DEBUG
00401 if(rsbac_debug_adf_mac)
00402 {
00403 char * tmp = rsbac_kmalloc(RSBAC_MAXNAMELEN);
00404
00405 if(tmp)
00406 {
00407 char * tmp2 = rsbac_kmalloc(RSBAC_MAXNAMELEN);
00408
00409 if(tmp2)
00410 {
00411 u64tostrmac(tmp, attr_val1.mac_categories);
00412 u64tostrmac(tmp2, target_categories);
00413 rsbac_printk(KERN_DEBUG
00414 "mac_auto_write(): pid %u/%.15s: max_categories %s under target categories %s, no override -> NOT_GRANTED!\n",
00415 current->pid, current->comm,
00416 tmp,
00417 tmp2);
00418 rsbac_kfree(tmp2);
00419 }
00420 rsbac_kfree(tmp);
00421 }
00422 }
00423 #endif
00424 return(NOT_GRANTED);
00425 }
00426 /* curr_categories < target_categories <= max_categories -> need mac_auto, write_up or trusted */
00427 if(flags & MAC_auto)
00428 mac_auto_used_cat = TRUE;
00429 else
00430 {
00431 if( !(flags & MAC_write_up)
00432 && !(flags & MAC_trusted)
00433 )
00434 {
00435 /* Try mac_file_flags on the target, if FD object */
00436 switch(target)
00437 {
00438 case T_FILE:
00439 case T_DIR:
00440 case T_FIFO:
00441 case T_SYMLINK:
00442 if (rsbac_get_attr(MAC,
00443 target,
00444 tid,
00445 A_mac_file_flags,
00446 &attr_val1,
00447 TRUE))
00448 { /* failed! */
00449 rsbac_ds_get_error("mac_auto_write", A_none);
00450 return(NOT_GRANTED);
00451 }
00452 if( (attr_val1.mac_file_flags & MAC_write_up)
00453 || (attr_val1.mac_file_flags & MAC_trusted)
00454 )
00455 break;
00456 /* fall through */
00457
00458 default:
00459 #ifdef CONFIG_RSBAC_DEBUG
00460 if(rsbac_debug_adf_mac)
00461 {
00462 char * tmp = rsbac_kmalloc(RSBAC_MAXNAMELEN);
00463
00464 if(tmp)
00465 {
00466 char * tmp2 = rsbac_kmalloc(RSBAC_MAXNAMELEN);
00467
00468 if(tmp2)
00469 {
00470 u64tostrmac(tmp, curr_categories);
00471 u64tostrmac(tmp2, target_categories);
00472 rsbac_printk(KERN_DEBUG
00473 "mac_auto_write(): pid %u/%.15s: curr_categories %s under target categories %s, no auto, write_up or trusted -> NOT_GRANTED!\n",
00474 current->pid, current->comm,
00475 tmp,
00476 tmp2);
00477 rsbac_kfree(tmp2);
00478 }
00479 rsbac_kfree(tmp);
00480 }
00481 }
00482 #endif
00483 return(NOT_GRANTED);
00484 }
00485 }
00486 }
00487 }
00488 else
00489 if((target_categories & curr_categories) != curr_categories)
00490 {
00491 if (rsbac_get_attr(MAC,
00492 T_PROCESS,
00493 i_tid,
00494 A_mac_min_categories,
00495 &attr_val1,
00496 FALSE))
00497 { /* failed! */
00498 rsbac_ds_get_error("mac_auto_write", A_none);
00499 return(NOT_GRANTED);
00500 }
00501 if((target_categories & attr_val1.mac_categories) != attr_val1.mac_categories)
00502 {
00503 #ifdef CONFIG_RSBAC_DEBUG
00504 if(rsbac_debug_adf_mac)
00505 {
00506 char * tmp = rsbac_kmalloc(RSBAC_MAXNAMELEN);
00507
00508 if(tmp)
00509 {
00510 char * tmp2 = rsbac_kmalloc(RSBAC_MAXNAMELEN);
00511
00512 if(tmp2)
00513 {
00514 u64tostrmac(tmp, attr_val1.mac_categories);
00515 u64tostrmac(tmp2, target_categories);
00516 rsbac_printk(KERN_DEBUG
00517 "mac_auto_write(): pid %u/%.15s: min_categories %s over target categories %s, no override -> NOT_GRANTED!\n",
00518 current->pid, current->comm,
00519 tmp,
00520 tmp2);
00521 rsbac_kfree(tmp2);
00522 }
00523 rsbac_kfree(tmp);
00524 }
00525 }
00526 #endif
00527 return(NOT_GRANTED);
00528 }
00529 /* min_level <= target_level < curr_level -> need mac_auto, write_down or trusted */
00530 if(flags & MAC_auto)
00531 {
00532 /* check max_read boundary */
00533 if (rsbac_get_attr(MAC,
00534 T_PROCESS,
00535 i_tid,
00536 A_max_read_categories,
00537 &attr_val1,
00538 FALSE))
00539 { /* failed! */
00540 rsbac_ds_get_error("mac_auto_write", A_none);
00541 return(NOT_GRANTED);
00542 }
00543 if((target_categories & attr_val1.mac_categories) != attr_val1.mac_categories)
00544 {
00545 if( !(flags & MAC_write_down)
00546 && !(flags & MAC_trusted)
00547 )
00548 {
00549 /* Try mac_file_flags on the target, if FD object */
00550 switch(target)
00551 {
00552 case T_FILE:
00553 case T_DIR:
00554 case T_FIFO:
00555 case T_SYMLINK:
00556 if (rsbac_get_attr(MAC,
00557 target,
00558 tid,
00559 A_mac_file_flags,
00560 &attr_val1,
00561 TRUE))
00562 { /* failed! */
00563 rsbac_ds_get_error("mac_auto_write", A_none);
00564 return(NOT_GRANTED);
00565 }
00566 if( (attr_val1.mac_file_flags & MAC_write_down)
00567 || (attr_val1.mac_file_flags & MAC_trusted)
00568 )
00569 {
00570 if(attr_val1.mac_file_flags & MAC_auto)
00571 {
00572 raise_object_cat = TRUE;
00573 }
00574 break;
00575 }
00576 /* fall through */
00577
00578 default:
00579 #ifdef CONFIG_RSBAC_DEBUG
00580 if(rsbac_debug_adf_mac)
00581 {
00582 char * tmp = rsbac_kmalloc(RSBAC_MAXNAMELEN);
00583
00584 if(tmp)
00585 {
00586 char * tmp2 = rsbac_kmalloc(RSBAC_MAXNAMELEN);
00587
00588 if(tmp2)
00589 {
00590 u64tostrmac(tmp, attr_val1.mac_categories);
00591 u64tostrmac(tmp2, target_categories);
00592 rsbac_printk(KERN_DEBUG
00593 "mac_auto_write(): pid %u/%.15s: max_read_categories %s over target categories %s, no write_down or trusted -> NOT_GRANTED!\n",
00594 current->pid, current->comm,
00595 tmp,
00596 tmp2);
00597 rsbac_kfree(tmp2);
00598 }
00599 rsbac_kfree(tmp);
00600 }
00601 }
00602 #endif
00603 return(NOT_GRANTED);
00604 }
00605 }
00606 }
00607 else
00608 mac_auto_used_cat = TRUE;
00609 }
00610 else
00611 {
00612 if( !(flags & MAC_write_down)
00613 && !(flags & MAC_trusted)
00614 )
00615 {
00616 /* Try mac_file_flags on the target, if FD object */
00617 switch(target)
00618 {
00619 case T_FILE:
00620 case T_DIR:
00621 case T_FIFO:
00622 case T_SYMLINK:
00623 if (rsbac_get_attr(MAC,
00624 target,
00625 tid,
00626 A_mac_file_flags,
00627 &attr_val1,
00628 TRUE))
00629 { /* failed! */
00630 rsbac_ds_get_error("mac_auto_write", A_none);
00631 return(NOT_GRANTED);
00632 }
00633 if( (attr_val1.mac_file_flags & MAC_write_down)
00634 || (attr_val1.mac_file_flags & MAC_trusted)
00635 )
00636 {
00637 if(attr_val1.mac_file_flags & MAC_auto)
00638 {
00639 raise_object_cat = TRUE;
00640 }
00641 break;
00642 }
00643 /* fall through */
00644
00645 default:
00646 #ifdef CONFIG_RSBAC_DEBUG
00647 if(rsbac_debug_adf_mac)
00648 {
00649 char * tmp = rsbac_kmalloc(RSBAC_MAXNAMELEN);
00650
00651 if(tmp)
00652 {
00653 char * tmp2 = rsbac_kmalloc(RSBAC_MAXNAMELEN);
00654
00655 if(tmp2)
00656 {
00657 u64tostrmac(tmp, curr_categories);
00658 u64tostrmac(tmp2, target_categories);
00659 rsbac_printk(KERN_DEBUG
00660 "mac_auto_write(): pid %u/%.15s: curr_categories %s over target categories %s, no auto, write_down or trusted -> NOT_GRANTED!\n",
00661 current->pid, current->comm,
00662 tmp,
00663 tmp2);
00664 rsbac_kfree(tmp2);
00665 }
00666 rsbac_kfree(tmp);
00667 }
00668 }
00669 #endif
00670 return(NOT_GRANTED);
00671 }
00672 }
00673 }
00674 }
00675
00676 /* grant area */
00677
00678 /* adjust current_sec_level and min_write_level, */
00679 /* if set_level is true and mac_auto has been used*/
00680 if( set_level
00681 && ( mac_auto_used_level
00682 || raise_object_level
00683 )
00684 )
00685 {
00686 #ifdef CONFIG_RSBAC_MAC_LOG_LEVEL_CHANGE
00687 {
00688 char * target_type_name;
00689 char * target_id_name;
00690
00691 target_type_name = rsbac_kmalloc(RSBAC_MAXNAMELEN);
00692 if(target_type_name)
00693 {
00694 #ifdef CONFIG_RSBAC_LOG_FULL_PATH
00695 target_id_name
00696 = rsbac_kmalloc(CONFIG_RSBAC_MAX_PATH_LEN + RSBAC_MAXNAMELEN);
00697 /* max. path name len + some extra */
00698 #else
00699 target_id_name = rsbac_kmalloc(2 * RSBAC_MAXNAMELEN);
00700 /* max. file name len + some extra */
00701 #endif
00702 if(target_id_name)
00703 {
00704 get_target_name(target_type_name, target, target_id_name, tid);
00705
00706 if(mac_auto_used_level)
00707 {
00708 rsbac_printk(KERN_INFO
00709 "mac_auto_write(): Changing process %u (%.15s, owner %u) current level from %u to %u for %s %s\n",
00710 pid,
00711 current->comm,
00712 current->uid,
00713 curr_level,
00714 target_sec_level,
00715 target_type_name,
00716 target_id_name);
00717 }
00718 else
00719 {
00720 rsbac_printk(KERN_INFO
00721 "mac_auto_write(): Process %u (%.15s, owner %u): Raising object level from %u to %u for %s %s\n",
00722 pid,
00723 current->comm,
00724 current->uid,
00725 target_sec_level,
00726 curr_level,
00727 target_type_name,
00728 target_id_name);
00729 }
00730 rsbac_kfree(target_id_name);
00731 }
00732 rsbac_kfree(target_type_name);
00733 }
00734 }
00735 #endif
00736 if(mac_auto_used_level)
00737 {
00738 i_tid.process = pid;
00739 attr_val1.current_sec_level = target_sec_level;
00740 if (rsbac_get_attr(MAC,
00741 T_PROCESS,
00742 i_tid,
00743 A_min_write_open,
00744 &attr_val2,
00745 TRUE))
00746 { /* failed! */
00747 rsbac_ds_get_error("mac_auto_write", A_none);
00748 return(NOT_GRANTED);
00749 }
00750 if(attr_val1.min_write_open < attr_val2.min_write_open)
00751 {
00752 if (rsbac_set_attr(MAC,
00753 T_PROCESS,
00754 i_tid,
00755 A_min_write_open,
00756 attr_val1))
00757 { /* failed! */
00758 rsbac_ds_set_error("mac_auto_write", A_none);
00759 return(NOT_GRANTED);
00760 }
00761 }
00762 if (rsbac_set_attr(MAC,
00763 T_PROCESS,
00764 i_tid,
00765 A_current_sec_level,
00766 attr_val1))
00767 { /* failed! */
00768 rsbac_ds_set_error("mac_auto_write", A_none);
00769 return(NOT_GRANTED);
00770 }
00771 }
00772 else
00773 {
00774 attr_val1.security_level = curr_level;
00775 if (rsbac_set_attr(MAC,
00776 target,
00777 tid,
00778 A_security_level,
00779 attr_val1))
00780 { /* failed! */
00781 rsbac_ds_set_error("mac_auto_write", A_none);
00782 return(NOT_GRANTED);
00783 }
00784 }
00785 }
00786 /* adjust current_categories and min_write_categories, */
00787 /* if set_level is true and mac_auto has been used*/
00788 if( set_level
00789 && ( mac_auto_used_cat
00790 || raise_object_cat
00791 )
00792 )
00793 {
00794 #ifdef CONFIG_RSBAC_MAC_LOG_LEVEL_CHANGE
00795 {
00796 char * target_type_name = rsbac_kmalloc(RSBAC_MAXNAMELEN);
00797 if(target_type_name)
00798 {
00799 char * target_id_name;
00800
00801 #ifdef CONFIG_RSBAC_LOG_FULL_PATH
00802 target_id_name
00803 = rsbac_kmalloc(CONFIG_RSBAC_MAX_PATH_LEN + RSBAC_MAXNAMELEN);
00804 /* max. path name len + some extra */
00805 #else
00806 target_id_name = rsbac_kmalloc(2 * RSBAC_MAXNAMELEN);
00807 /* max. file name len + some extra */
00808 #endif
00809 if(target_id_name)
00810 {
00811 char * tmp1 = rsbac_kmalloc(RSBAC_MAXNAMELEN);
00812 if(tmp1)
00813 {
00814 char * tmp2 = rsbac_kmalloc(RSBAC_MAXNAMELEN);
00815 if(tmp2)
00816 {
00817 get_target_name(target_type_name, target, target_id_name, tid);
00818
00819 if(mac_auto_used_cat)
00820 {
00821 rsbac_printk(KERN_INFO
00822 "mac_auto_write(): Changing process %u (%.15s, owner %u) current categories from %s to %s for %s %s\n",
00823 pid,
00824 current->comm,
00825 current->uid,
00826 u64tostrmac(tmp1, curr_categories),
00827 u64tostrmac(tmp2, target_categories),
00828 target_type_name,
00829 target_id_name);
00830 }
00831 else
00832 {
00833 rsbac_printk(KERN_INFO
00834 "mac_auto_write(): Process %u (%.15s, owner %u): raising current categories from %s to %s for %s %s\n",
00835 pid,
00836 current->comm,
00837 current->uid,
00838 u64tostrmac(tmp2, target_categories),
00839 u64tostrmac(tmp1, curr_categories),
00840 target_type_name,
00841 target_id_name);
00842 }
00843 rsbac_kfree(tmp2);
00844 }
00845 rsbac_kfree(tmp1);
00846 }
00847 rsbac_kfree(target_id_name);
00848 }
00849 rsbac_kfree(target_type_name);
00850 }
00851 }
00852 #endif
00853 if(mac_auto_used_cat)
00854 {
00855 i_tid.process = pid;
00856 attr_val1.mac_categories = target_categories;
00857 if (rsbac_get_attr(MAC,
00858 T_PROCESS,
00859 i_tid,
00860 A_min_write_categories,
00861 &attr_val2,
00862 TRUE))
00863 { /* failed! */
00864 rsbac_ds_get_error("mac_auto_write", A_none);
00865 return(NOT_GRANTED);
00866 }
00867 if((attr_val1.mac_categories & attr_val2.mac_categories)
00868 != attr_val2.mac_categories
00869 )
00870 {
00871 if (rsbac_set_attr(MAC,
00872 T_PROCESS,
00873 i_tid,
00874 A_min_write_categories,
00875 attr_val1))
00876 { /* failed! */
00877 rsbac_ds_set_error("mac_auto_write", A_none);
00878 return(NOT_GRANTED);
00879 }
00880 }
00881 if (rsbac_set_attr(MAC,
00882 T_PROCESS,
00883 i_tid,
00884 A_mac_curr_categories,
00885 attr_val1))
00886 { /* failed! */
00887 rsbac_ds_set_error("mac_auto_write", A_none);
00888 return(NOT_GRANTED);
00889 }
00890 }
00891 else
00892 {
00893 attr_val1.mac_categories = curr_categories;
00894 if (rsbac_set_attr(MAC,
00895 target,
00896 tid,
00897 A_mac_categories,
00898 attr_val1))
00899 { /* failed! */
00900 rsbac_ds_set_error("mac_auto_write", A_none);
00901 return(NOT_GRANTED);
00902 }
00903 }
00904 }
00905
00906 /* Everything done, so return */
00907 return(GRANTED);
00908 }
|
|
||||||||||||
|
Definition at line 33 of file mac_main.c. References A_mac_role, GRANTED, MAC, NOT_GRANTED, rsbac_get_attr, rsbac_printk(), rsbac_attribute_value_t::system_role, T_USER, TRUE, and rsbac_target_id_t::user. Referenced by rsbac_adf_request_mac(). 00034 {
00035 union rsbac_target_id_t i_tid;
00036 union rsbac_attribute_value_t i_attr_val1;
00037
00038 i_tid.user = owner;
00039 if (rsbac_get_attr(MAC,
00040 T_USER,
00041 i_tid,
00042 A_mac_role,
00043 &i_attr_val1,
00044 TRUE))
00045 {
00046 rsbac_ds_get_error("mac_check_role", A_mac_role);
00047 return(NOT_GRANTED);
00048 }
00049 /* if correct role, then grant */
00050 if (i_attr_val1.system_role == role)
00051 return(GRANTED);
00052 else
00053 {
00054 #ifdef CONFIG_RSBAC_DEBUG
00055 if(rsbac_debug_adf_mac)
00056 {
00057 rsbac_printk(KERN_DEBUG
00058 "mac_check_role(): pid %u/%.15s: wrong mac_role %u -> NOT_GRANTED!\n",
00059 current->pid, current->comm,
00060 i_attr_val1.system_role);
00061 }
00062 #endif
00063 return(NOT_GRANTED);
00064 }
00065 }
|
|
||||||||||||||||||||||||||||||||
|
Definition at line 2599 of file mac_main.c. References A_audit_uid, A_auid_exempt, A_auth_last_auth, A_auth_learn, A_auth_may_set_cap, A_auth_may_setuid, A_current_sec_level, A_fake_root_uid, A_initial_security_level, A_linux_dac_disable, A_local_log_array_high, A_local_log_array_low, A_local_mac_categories, A_local_sec_level, A_log_array_high, A_log_array_low, A_log_program_based, A_log_user_based, A_mac_auto, A_mac_categories, A_mac_check, A_mac_curr_categories, A_mac_file_flags, A_mac_initial_categories, A_mac_min_categories, A_mac_process_flags, A_mac_prop_trusted, A_mac_role, A_mac_user_flags, A_max_read_categories, A_max_read_open, A_min_security_level, A_min_write_categories, A_min_write_open, A_none, A_pseudo, A_remote_ip, A_remote_log_array_high, A_remote_log_array_low, A_remote_mac_categories, A_remote_sec_level, A_security_level, A_symlink_add_mac_level, A_symlink_add_remote_ip, A_symlink_add_uid, A_system_role, AUTH, auto_read(), auto_read_attr(), auto_read_write(), auto_read_write_attr(), auto_write(), auto_write_attr(), D_block, rsbac_target_id_t::dev, DO_NOT_CARE, FALSE, FREEZE, GRANTED, MAC, rsbac_attribute_value_t::mac_check, mac_check_role(), NOT_GRANTED, R_ACCEPT, R_ADD_TO_KERNEL, R_ALTER, R_APPEND_OPEN, R_BIND, R_CHANGE_GROUP, R_CHANGE_OWNER, R_CHDIR, R_CLONE, R_CONNECT, R_CREATE, R_DELETE, R_EXECUTE, R_GET_PERMISSIONS_DATA, R_GET_STATUS_DATA, R_LINK_HARD, R_LISTEN, R_MAP_EXEC, R_MODIFY_ACCESS_DATA, R_MODIFY_ATTRIBUTE, R_MODIFY_PERMISSIONS_DATA, R_MODIFY_SYSTEM_DATA, R_MOUNT, R_READ, R_READ_ATTRIBUTE, R_READ_OPEN, R_READ_WRITE_OPEN, R_RECEIVE, R_REMOVE_FROM_KERNEL, R_RENAME, R_SEARCH, R_SEND, R_SEND_SIGNAL, R_SHUTDOWN, R_SWITCH_LOG, R_SWITCH_MODULE, R_TERMINATE, R_TRACE, R_TRUNCATE, R_UMOUNT, R_WRITE, R_WRITE_OPEN, rsbac_get_attr, rsbac_set_attr, rsbac_target_id_t::scd, SOFTMODE, SR_administrator, SR_auditor, SR_security_officer, ST_ioports, ST_rlimit, ST_rsbac, ST_rsbac_remote_log, ST_rsbaclog, rsbac_attribute_value_t::system_role, T_DEV, T_DIR, T_FIFO, T_FILE, T_GROUP, T_IPC, T_NETDEV, T_NETOBJ, T_NETTEMP, T_NONE, T_PROCESS, T_SCD, T_SYMLINK, T_USER, TRUE, rsbac_dev_desc_t::type, UNDEFINED, and rsbac_target_id_t::user. Referenced by rsbac_adf_request_int(). 02606 {
02607 enum rsbac_adf_req_ret_t result = DO_NOT_CARE;
02608 union rsbac_target_id_t i_tid;
02609 union rsbac_attribute_value_t i_attr_val1;
02610 #if defined(CONFIG_RSBAC_MAC_NET_OBJ_PROT)
02611 union rsbac_attribute_value_t i_attr_val2;
02612 #endif
02613
02614 switch (request)
02615 {
02616 case R_ADD_TO_KERNEL:
02617 switch(target)
02618 {
02619 case T_FILE:
02620 case T_DEV:
02621 case T_NONE:
02622 /* test owner's mac_role */
02623 return mac_check_role(owner, SR_administrator);
02624
02625 /* all other cases are unknown */
02626 default: return(DO_NOT_CARE);
02627 }
02628
02629 case R_ALTER:
02630 /* only for IPC */
02631 if (target == T_IPC)
02632 {
02633 /* and perform auto-write without setting attributes */
02634 return(auto_write(caller_pid,
02635 target,
02636 tid,
02637 FALSE));
02638 }
02639 else
02640 /* all other targets are unknown */
02641 return (DO_NOT_CARE);
02642 break;
02643
02644 case R_APPEND_OPEN:
02645 switch(target)
02646 {
02647 case T_FILE:
02648 case T_FIFO:
02649 /* and perform auto-write without setting attributes */
02650 return(auto_write(caller_pid,
02651 target,
02652 tid,
02653 FALSE));
02654 break;
02655 case T_IPC:
02656 /* and perform auto-write without setting attributes */
02657 return(auto_write(caller_pid,
02658 target,
02659 tid,
02660 FALSE));
02661 break;
02662 case T_DEV:
02663 /* Only check for devices with mac_check set */
02664 if (rsbac_get_attr(MAC,
02665 T_DEV,
02666 tid,
02667 A_mac_check,
02668 &i_attr_val1,
02669 FALSE))
02670 {
02671 rsbac_ds_get_error("rsbac_adf_request_mac", A_none);
02672 return(NOT_GRANTED);
02673 }
02674 if(!i_attr_val1.mac_check)
02675 return(DO_NOT_CARE);
02676 /* and perform auto-write without setting attributes */
02677 return(auto_write(caller_pid,
02678 target,
02679 tid,
02680 FALSE));
02681 break;
02682 /* all other cases are unknown */
02683 default: return(DO_NOT_CARE);
02684 }
02685
02686 case R_CHANGE_GROUP:
02687 switch(target)
02688 {
02689 case T_FILE:
02690 case T_DIR:
02691 case T_FIFO:
02692 case T_SYMLINK:
02693 /* and perform auto-write without setting attributes */
02694 return(auto_write(caller_pid,
02695 target,
02696 tid,
02697 FALSE));
02698 case T_IPC:
02699 /* and perform auto-write without setting attributes */
02700 return(auto_write(caller_pid,
02701 target,
02702 tid,
02703 FALSE));
02704
02705 #if defined(CONFIG_RSBAC_MAC_UM_PROT)
02706 case T_USER:
02707 /* Security Officer? */
02708 return mac_check_role(owner, SR_security_officer);
02709 #endif
02710 /* We do not care about */
02711 /* all other cases */
02712 default: return(DO_NOT_CARE);
02713 }
02714
02715 case R_CHANGE_OWNER:
02716 switch(target)
02717 {
02718 case T_FILE:
02719 case T_DIR:
02720 case T_FIFO:
02721 case T_SYMLINK:
02722 /* and perform auto-write without setting attributes */
02723 return(auto_write(caller_pid,
02724 target,
02725 tid,
02726 FALSE));
02727
02728 case T_IPC:
02729 return(auto_write(caller_pid,
02730 target,
02731 tid,
02732 FALSE));
02733
02734 /* all other cases are unknown */
02735 default:
02736 return(DO_NOT_CARE);
02737 }
02738
02739 case R_CHDIR:
02740 switch(target)
02741 {
02742 case T_DIR:
02743 /* and perform auto-read without setting attributes */
02744 return(auto_read(caller_pid,
02745 target,
02746 tid,
02747 FALSE));
02748 break;
02749 /* all other cases are unknown */
02750 default: return(DO_NOT_CARE);
02751 }
02752
02753 case R_CLONE:
02754 if (target == T_PROCESS)
02755 return(GRANTED);
02756 else
02757 return(DO_NOT_CARE);
02758
02759 case R_CREATE:
02760 switch(target)
02761 {
02762 /* Creating dir or (pseudo) file IN target dir! */
02763 case T_DIR:
02764 #ifdef CONFIG_RSBAC_MAC_LIGHT
02765 return GRANTED;
02766 #else
02767 /* Mode of created item is ignored! */
02768 /* and perform auto-write without setting attributes */
02769 return(auto_write(caller_pid,
02770 target,
02771 tid,
02772 FALSE));
02773 #endif
02774 break;
02775
02776 #ifdef CONFIG_RSBAC_MAC_NET_OBJ_PROT
02777 case T_NETTEMP:
02778 return mac_check_role(owner, SR_security_officer);
02779
02780 case T_NETOBJ:
02781 /* and perform auto-write without setting attributes */
02782 return(auto_write_attr(caller_pid,
02783 target,
02784 tid,
02785 A_local_sec_level,
02786 A_local_mac_categories,
02787 FALSE));
02788 #endif
02789
02790 #if defined(CONFIG_RSBAC_MAC_UM_PROT)
02791 case T_USER:
02792 case T_GROUP:
02793 /* Security Officer? */
02794 return mac_check_role(owner, SR_security_officer);
02795 #endif
02796 /* all other cases are unknown */
02797 default: return(DO_NOT_CARE);
02798 }
02799
02800 case R_DELETE:
02801 switch(target)
02802 {
02803 case T_FILE:
02804 case T_DIR:
02805 case T_FIFO:
02806 case T_SYMLINK:
02807 /* and perform auto-write without setting attributes */
02808 return(auto_write(caller_pid,
02809 target,
02810 tid,
02811 FALSE));
02812 break;
02813 case T_IPC:
02814 /* and perform auto-write without setting attributes */
02815 return(auto_write(caller_pid,
02816 target,
02817 tid,
02818 FALSE));
02819 break;
02820
02821 #ifdef CONFIG_RSBAC_MAC_NET_OBJ_PROT
02822 case T_NETTEMP:
02823 return mac_check_role(owner, SR_security_officer);
02824 #endif
02825 #if defined(CONFIG_RSBAC_MAC_UM_PROT)
02826 case T_USER:
02827 case T_GROUP:
02828 /* Security Officer? */
02829 return mac_check_role(owner, SR_security_officer);
02830 #endif
02831
02832 /* all other cases are unknown */
02833 default: return(DO_NOT_CARE);
02834 }
02835
02836 case R_EXECUTE:
02837 case R_MAP_EXEC:
02838 switch(target)
02839 {
02840 case T_FILE:
02841 /* and perform auto-read without setting attributes */
02842 return(auto_read(caller_pid,
02843 target,
02844 tid,
02845 FALSE));
02846
02847 /* all other cases are unknown */
02848 default:
02849 return(DO_NOT_CARE);
02850 }
02851
02852 case R_GET_PERMISSIONS_DATA:
02853 switch(target)
02854 {
02855 #if defined(CONFIG_RSBAC_MAC_UM_PROT)
02856 case T_USER:
02857 case T_GROUP:
02858 /* Security Officer? */
02859 return mac_check_role(owner, SR_security_officer);
02860 #endif
02861 #ifdef CONFIG_RSBAC_MAC_NET_OBJ_PROT
02862 case T_NETOBJ:
02863 /* and perform auto-read without setting attributes */
02864 return(auto_read_attr(caller_pid,
02865 target,
02866 tid,
02867 A_local_sec_level,
02868 A_local_mac_categories,
02869 FALSE));
02870 #endif
02871
02872 default:
02873 return(DO_NOT_CARE);
02874 }
02875
02876 case R_GET_STATUS_DATA:
02877 switch(target)
02878 {
02879 case T_SCD:
02880 /* target rsbaclog? only for secoff */
02881 if (tid.scd != ST_rsbaclog)
02882 return(GRANTED);
02883 /* Secoff? */
02884 if(mac_check_role(owner, SR_security_officer) == NOT_GRANTED)
02885 return mac_check_role(owner, SR_auditor);
02886 else
02887 return GRANTED;
02888
02889 case T_PROCESS:
02890 /* perform auto-read without setting attributes */
02891 return(auto_read_attr(caller_pid,
02892 target,
02893 tid,
02894 A_current_sec_level,
02895 A_mac_curr_categories,
02896 FALSE));
02897
02898 #ifdef CONFIG_RSBAC_MAC_NET_OBJ_PROT
02899 case T_NETOBJ:
02900 /* and perform auto-read without setting attributes */
02901 return(auto_read_attr(caller_pid,
02902 target,
02903 tid,
02904 A_local_sec_level,
02905 A_local_mac_categories,
02906 FALSE));
02907 #endif
02908
02909 default:
02910 return(DO_NOT_CARE);
02911 }
02912
02913 case R_LINK_HARD:
02914 switch(target)
02915 {
02916 case T_FILE:
02917 case T_FIFO:
02918 case T_SYMLINK:
02919 /* and perform auto-write without setting attributes */
02920 return(auto_write(caller_pid,
02921 target,
02922 tid,
02923 FALSE));
02924 break;
02925 /* all other cases are unknown */
02926 default: return(DO_NOT_CARE);
02927 }
02928
02929 case R_MODIFY_ACCESS_DATA:
02930 switch(target)
02931 {
02932 case T_FILE:
02933 case T_DIR:
02934 case T_FIFO:
02935 case T_SYMLINK:
02936 /* and perform auto-write without setting attributes */
02937 return(auto_write(caller_pid,
02938 target,
02939 tid,
02940 FALSE));
02941 break;
02942 /* all other cases are unknown */
02943 default: return(DO_NOT_CARE);
02944 }
02945
02946 case R_MODIFY_ATTRIBUTE:
02947 switch(attr)
02948 {
02949 case A_security_level:
02950 case A_initial_security_level:
02951 case A_local_sec_level:
02952 case A_remote_sec_level:
02953 case A_min_security_level:
02954 case A_mac_categories:
02955 case A_mac_initial_categories:
02956 case A_local_mac_categories:
02957 case A_remote_mac_categories:
02958 case A_mac_min_categories:
02959 case A_mac_user_flags:
02960 case A_mac_process_flags:
02961 case A_mac_file_flags:
02962 case A_system_role:
02963 case A_mac_role:
02964 case A_current_sec_level:
02965 case A_mac_curr_categories:
02966 case A_min_write_open:
02967 case A_max_read_open:
02968 case A_min_write_categories:
02969 case A_max_read_categories:
02970 case A_mac_check:
02971 case A_mac_auto:
02972 case A_mac_prop_trusted:
02973 case A_symlink_add_mac_level:
02974 #ifdef CONFIG_RSBAC_MAC_GEN_PROT
02975 case A_pseudo:
02976 case A_log_array_low:
02977 case A_log_array_high:
02978 case A_local_log_array_low:
02979 case A_local_log_array_high:
02980 case A_remote_log_array_low:
02981 case A_remote_log_array_high:
02982 case A_log_program_based:
02983 case A_log_user_based:
02984 case A_symlink_add_remote_ip:
02985 case A_symlink_add_uid:
02986 case A_linux_dac_disable:
02987 case A_fake_root_uid:
02988 case A_audit_uid:
02989 case A_auid_exempt:
02990 case A_remote_ip:
02991 #endif
02992 #ifdef CONFIG_RSBAC_MAC_AUTH_PROT
02993 case A_auth_may_setuid:
02994 case A_auth_may_set_cap:
02995 case A_auth_start_uid:
02996 case A_auth_start_euid:
02997 case A_auth_start_gid:
02998 case A_auth_start_egid:
02999 case A_auth_program_file:
03000 case A_auth_learn:
03001 case A_auth_add_f_cap:
03002 case A_auth_remove_f_cap:
03003 case A_auth_last_auth:
03004 #endif
03005 /* All attributes (remove target!) */
03006 case A_none:
03007 /* Security Officer? */
03008 return mac_check_role(owner, SR_security_officer);
03009
03010 default:
03011 return(DO_NOT_CARE);
03012 }
03013
03014 case R_MODIFY_PERMISSIONS_DATA:
03015 switch(target)
03016 {
03017 case T_FILE:
03018 case T_DIR:
03019 case T_FIFO:
03020 case T_SYMLINK:
03021 case T_IPC:
03022 /* and perform auto-write without setting attributes */
03023 return(auto_write(caller_pid,
03024 target,
03025 tid,
03026 FALSE));
03027 break;
03028
03029 case T_SCD:
03030 #ifdef CONFIG_RSBAC_USER_MOD_IOPERM
03031 if(tid.scd == ST_ioports)
03032 return GRANTED;
03033 #endif
03034 /* Security Officer? */
03035 i_tid.user = owner;
03036 if (rsbac_get_attr(MAC,
03037 T_USER,
03038 i_tid,
03039 A_mac_role,
03040 &i_attr_val1,
03041 TRUE))
03042 {
03043 rsbac_ds_get_error("rsbac_adf_request_mac", A_none);
03044 return(NOT_GRANTED);
03045 }
03046 /* if sec_officer, then grant */
03047 if (i_attr_val1.system_role == SR_security_officer)
03048 return(GRANTED);
03049 /* For booting: if administrator and ioports, then grant */
03050 if ( (i_attr_val1.system_role == SR_administrator)
03051 && (tid.scd == ST_ioports) )
03052 return(GRANTED);
03053 else
03054 return(NOT_GRANTED);
03055
03056 #ifdef CONFIG_RSBAC_MAC_NET_OBJ_PROT
03057 case T_NETOBJ:
03058 /* and perform auto-write without setting attributes */
03059 return(auto_write_attr(caller_pid,
03060 target,
03061 tid,
03062 A_local_sec_level,
03063 A_local_mac_categories,
03064 FALSE));
03065 #endif
03066
03067 #if defined(CONFIG_RSBAC_MAC_UM_PROT)
03068 case T_USER:
03069 case T_GROUP:
03070 /* Security Officer? */
03071 return mac_check_role(owner, SR_security_officer);
03072 #endif
03073 #ifdef CONFIG_RSBAC_ALLOW_DAC_DISABLE
03074 /* switching Linux DAC */
03075 case T_NONE:
03076 /* Security Officer? */
03077 i_tid.user = owner;
03078 if (rsbac_get_attr(MAC,
03079 T_USER,
03080 i_tid,
03081 A_mac_role,
03082 &i_attr_val1,
03083 TRUE))
03084 {
03085 rsbac_ds_get_error("rsbac_adf_request_mac", A_none);
03086 return(NOT_GRANTED);
03087 }
03088 /* if sec_officer, then grant */
03089 if (i_attr_val1.system_role == SR_security_officer)
03090 return(GRANTED);
03091 else
03092 return(NOT_GRANTED);
03093 #endif
03094
03095 /* all other cases are unknown */
03096 default: return(DO_NOT_CARE);
03097 }
03098
03099 case R_MODIFY_SYSTEM_DATA:
03100 switch(target)
03101 {
03102 case T_SCD:
03103 /* target rlimit? no problem, but needed -> grant */
03104 if (tid.scd == ST_rlimit)
03105 return(GRANTED);
03106 /* Get role */
03107 i_tid.user = owner;
03108 if (rsbac_get_attr(MAC,
03109 T_USER,
03110 i_tid,
03111 A_mac_role,
03112 &i_attr_val1,
03113 TRUE))
03114 {
03115 rsbac_ds_get_error("rsbac_adf_request_mac", A_none);
03116 return(NOT_GRANTED);
03117 }
03118 /* if rsbaclog: grant only for secoff and auditor */
03119 if(tid.scd == ST_rsbaclog)
03120 {
03121 if ( (i_attr_val1.system_role == SR_security_officer)
03122 || (i_attr_val1.system_role == SR_auditor)
03123 )
03124 return(GRANTED);
03125 else
03126 return(NOT_GRANTED);
03127 }
03128 /* if rsbac_log_remote: grant only for secoff */
03129 if(tid.scd == ST_rsbac_remote_log)
03130 {
03131 if ( (i_attr_val1.system_role == SR_security_officer)
03132 )
03133 return(GRANTED);
03134 else
03135 return(NOT_GRANTED);
03136 }
03137 /* if rsbac: grant for secoff and adminr */
03138 if(tid.scd == ST_rsbac)
03139 {
03140 if ( (i_attr_val1.system_role == SR_security_officer)
03141 || (i_attr_val1.system_role == SR_administrator)
03142 )
03143 return(GRANTED);
03144 else
03145 return(NOT_GRANTED);
03146 }
03147 /* if administrator, then grant */
03148 if (i_attr_val1.system_role == SR_administrator)
03149 return(GRANTED);
03150 else
03151 return(NOT_GRANTED);
03152
03153 case T_DEV:
03154 if(tid.dev.type == D_block)
03155 return mac_check_role(owner, SR_administrator);
03156 else
03157 return DO_NOT_CARE;
03158
03159 case T_PROCESS:
03160 /* and perform auto-write without setting attributes */
03161 return(auto_write_attr(caller_pid,
03162 target,
03163 tid,
03164 A_current_sec_level,
03165 A_mac_curr_categories,
03166 FALSE));
03167
03168 #ifdef CONFIG_RSBAC_MAC_NET_DEV_PROT
03169 case T_NETDEV:
03170 return mac_check_role(owner, SR_administrator);
03171 #endif
03172 #ifdef CONFIG_RSBAC_MAC_NET_OBJ_PROT
03173 case T_NETOBJ:
03174 /* and perform auto-write without setting attributes */
03175 return(auto_write_attr(caller_pid,
03176 target,
03177 tid,
03178 A_local_sec_level,
03179 A_local_mac_categories,
03180 FALSE));
03181 #endif
03182
03183 /* all other cases are unknown */
03184 default: return(DO_NOT_CARE);
03185 }
03186
03187 case R_MOUNT:
03188 switch(target)
03189 {
03190 case T_FILE:
03191 case T_DIR:
03192 case T_DEV:
03193 /* test owner's mac_role: Administrator? */
03194 #ifndef CONFIG_RSBAC_MAC_LIGHT
03195 if(mac_check_role(owner, SR_administrator) == NOT_GRANTED)
03196 return(NOT_GRANTED);
03197 #endif
03198 /* test read-write access to mount dir / dev: */
03199 /* and perform auto-read(-write) without setting of attributes */
03200 if( (target == T_DEV)
03201 && (attr == A_mode)
03202 && (attr_val.mode & MS_RDONLY))
03203 return(auto_read(caller_pid,
03204 target,
03205 tid,
03206 FALSE));
03207 else
03208 return(auto_read_write(caller_pid,
03209 target,
03210 tid,
03211 FALSE));
03212
03213 /* all other cases are unknown */
03214 default: return(DO_NOT_CARE);
03215 }
03216
03217 case R_READ:
03218 switch(target)
03219 {
03220 case T_DIR:
03221 #ifdef CONFIG_RSBAC_RW
03222 case T_IPC:
03223 case T_FILE:
03224 case T_FIFO:
03225 #endif
03226 /* and perform auto-read without setting attributes */
03227 return(auto_read(caller_pid,
03228 target,
03229 tid,
03230 FALSE));
03231 break;
03232
03233 #ifdef CONFIG_RSBAC_RW
03234 case T_DEV:
03235 /* Only check for devices with mac_check set */
03236 if (rsbac_get_attr(MAC,
03237 T_DEV,
03238 tid,
03239 A_mac_check,
03240 &i_attr_val1,
03241 FALSE))
03242 {
03243 rsbac_ds_get_error("rsbac_adf_request_mac", A_none);
03244 return(NOT_GRANTED);
03245 }
03246 if(!i_attr_val1.mac_check)
03247 return(DO_NOT_CARE);
03248 /* and perform auto-read without setting attributes */
03249 return(auto_read(caller_pid,
03250 target,
03251 tid,
03252 FALSE));
03253 break;
03254 #endif
03255
03256 #if defined(CONFIG_RSBAC_MAC_NET_OBJ_PROT)
03257 case T_NETTEMP:
03258 if(mac_check_role(owner, SR_security_officer) == GRANTED)
03259 return GRANTED;
03260 return mac_check_role(owner, SR_administrator);
03261
03262 case T_NETOBJ:
03263 /* and perform auto-read without setting attributes */
03264 return(auto_read_attr(caller_pid,
03265 target,
03266 tid,
03267 A_remote_sec_level,
03268 A_remote_mac_categories,
03269 FALSE));
03270 #endif
03271
03272 #if defined(CONFIG_RSBAC_MAC_UM_PROT)
03273 case T_USER:
03274 case T_GROUP:
03275 /* Security Officer or Admin? */
03276 if(mac_check_role(owner, SR_security_officer) == GRANTED)
03277 return GRANTED;
03278 else
03279 return mac_check_role(owner, SR_administrator);
03280 #endif
03281 /* all other cases are unknown */
03282 default: return(DO_NOT_CARE);
03283 }
03284
03285
03286 case R_READ_ATTRIBUTE:
03287 switch(attr)
03288 {
03289 case A_owner:
03290 case A_security_level:
03291 case A_local_sec_level:
03292 case A_remote_sec_level:
03293 case A_min_security_level:
03294 case A_mac_categories:
03295 case A_local_mac_categories:
03296 case A_remote_mac_categories:
03297 case A_mac_min_categories:
03298 case A_pseudo:
03299 case A_system_role:
03300 case A_mac_role:
03301 case A_current_sec_level:
03302 case A_min_write_open:
03303 case A_max_read_open:
03304 case A_mac_user_flags:
03305 case A_mac_process_flags:
03306 case A_mac_check:
03307 case A_mac_auto:
03308 case A_mac_prop_trusted:
03309 case A_mac_file_flags:
03310 case A_initial_security_level:
03311 case A_mac_initial_categories:
03312 case A_symlink_add_mac_level:
03313 #ifdef CONFIG_RSBAC_MAC_GEN_PROT
03314 case A_log_array_low:
03315 case A_log_array_high:
03316 case A_log_program_based:
03317 case A_log_user_based:
03318 case A_symlink_add_remote_ip:
03319 case A_symlink_add_uid:
03320 case A_fake_root_uid:
03321 case A_audit_uid:
03322 case A_auid_exempt:
03323 case A_remote_ip:
03324 #endif
03325 #ifdef CONFIG_RSBAC_MAC_AUTH_PROT
03326 case A_auth_may_setuid:
03327 case A_auth_may_set_cap:
03328 case A_auth_start_uid:
03329 case A_auth_start_euid:
03330 case A_auth_start_gid:
03331 case A_auth_start_egid:
03332 case A_auth_program_file:
03333 case A_auth_learn:
03334 case A_auth_last_auth:
03335 #endif
03336 /* Security Officer ot Admin? */
03337 if(mac_check_role(owner, SR_security_officer) == GRANTED)
03338 return GRANTED;
03339 else
03340 return mac_check_role(owner, SR_administrator);
03341
03342 default:
03343 return(DO_NOT_CARE);
03344 }
03345
03346 case R_READ_OPEN:
03347 switch(target)
03348 {
03349 case T_FILE:
03350 case T_DIR:
03351 case T_FIFO:
03352 case T_IPC:
03353 /* and perform auto-read without setting attributes */
03354 return(auto_read(caller_pid,
03355 target,
03356 tid,
03357 FALSE));
03358 break;
03359 case T_DEV:
03360 /* Only check for devices with mac_check set */
03361 if (rsbac_get_attr(MAC,
03362 T_DEV,
03363 tid,
03364 A_mac_check,
03365 &i_attr_val1,
03366 FALSE))
03367 {
03368 rsbac_ds_get_error("rsbac_adf_request_mac", A_none);
03369 return(NOT_GRANTED);
03370 }
03371 if(!i_attr_val1.mac_check)
03372 return(DO_NOT_CARE);
03373 /* and perform auto-read without setting attributes */
03374 return(auto_read(caller_pid,
03375 target,
03376 tid,
03377 FALSE));
03378 break;
03379 /* all other cases are unknown */
03380 default: return(DO_NOT_CARE);
03381 }
03382
03383 case R_READ_WRITE_OPEN:
03384 switch(target)
03385 {
03386 case T_FILE:
03387 case T_FIFO:
03388 case T_IPC:
03389 /* and perform auto-read-write without setting attributes */
03390 return(auto_read_write(caller_pid,
03391 target,
03392 tid,
03393 FALSE));
03394
03395 case T_DEV:
03396 /* Only check for devices with mac_check set */
03397 if (rsbac_get_attr(MAC,
03398 T_DEV,
03399 tid,
03400 A_mac_check,
03401 &i_attr_val1,
03402 FALSE))
03403 {
03404 rsbac_ds_get_error("rsbac_adf_request_mac", A_none);
03405 return(NOT_GRANTED);
03406 }
03407 if(!i_attr_val1.mac_check)
03408 return(DO_NOT_CARE);
03409 /* and perform auto-read-write without setting attributes */
03410 return(auto_read_write(caller_pid,
03411 target,
03412 tid,
03413 FALSE));
03414
03415 /* all other cases are unknown */
03416 default: return(DO_NOT_CARE);
03417 }
03418
03419 case R_REMOVE_FROM_KERNEL:
03420 switch(target)
03421 {
03422 case T_FILE:
03423 case T_DEV:
03424 case T_NONE:
03425 /* test owner's mac_role */
03426 return mac_check_role(owner, SR_administrator);
03427
03428 /* all other cases are unknown */
03429 default: return(DO_NOT_CARE);
03430 }
03431
03432 case R_SHUTDOWN:
03433 switch(target)
03434 {
03435 case T_NONE:
03436 /* test owner's mac_role */
03437 return mac_check_role(owner, SR_administrator);
03438
03439 /* all other cases are unknown */
03440 default: return(DO_NOT_CARE);
03441 }
03442
03443 case R_RENAME:
03444 switch(target)
03445 {
03446 case T_FILE:
03447 case T_DIR:
03448 case T_FIFO:
03449 case T_SYMLINK:
03450 /* and perform auto-write without setting attributes */
03451 result = auto_write(caller_pid,
03452 target,
03453 tid,
03454 FALSE);
03455 /* if parent dir might change, convert inherit to explicit level/cat:
03456 get and set effective value */
03457 if( ( (result == GRANTED)
03458 || (result == DO_NOT_CARE)
03459 )
03460 && ( (attr != A_new_dir_dentry_p)
03461 || (attr_val.new_dir_dentry_p != tid.file.dentry_p->d_parent)
03462 )
03463 )
03464 {
03465 if (rsbac_get_attr(MAC,
03466 target,
03467 tid,
03468 A_security_level,
03469 &i_attr_val1,
03470 TRUE))
03471 { /* failed! */
03472 rsbac_ds_get_error("rsbac_adf_request_mac", A_none);
03473 return(NOT_GRANTED);
03474 }
03475 if(rsbac_set_attr(MAC,
03476 target,
03477 tid,
03478 A_security_level,
03479 i_attr_val1))
03480 { /* failed! */
03481 rsbac_ds_set_error("rsbac_adf_request_mac", A_none);
03482 return(NOT_GRANTED);
03483 }
03484 if (rsbac_get_attr(MAC,
03485 target,
03486 tid,
03487 A_mac_categories,
03488 &i_attr_val1,
03489 TRUE))
03490 { /* failed! */
03491 rsbac_ds_get_error("rsbac_adf_request_mac", A_none);
03492 return(NOT_GRANTED);
03493 }
03494 if(rsbac_set_attr(MAC,
03495 target,
03496 tid,
03497 A_mac_categories,
03498 i_attr_val1))
03499 { /* failed! */
03500 rsbac_ds_set_error("rsbac_adf_request_mac", A_none);
03501 return(NOT_GRANTED);
03502 }
03503 }
03504 return result;
03505 break;
03506 #if defined(CONFIG_RSBAC_MAC_UM_PROT)
03507 case T_USER:
03508 case T_GROUP:
03509 /* Security Officer? */
03510 return mac_check_role(owner, SR_security_officer);
03511 #endif
03512 /* all other cases are unknown */
03513 default: return(DO_NOT_CARE);
03514 }
03515
03516
03517 case R_SEARCH:
03518 switch(target)
03519 {
03520 case T_DIR:
03521 case T_SYMLINK:
03522 /* and perform auto-read without setting attributes */
03523 return(auto_read(caller_pid,
03524 target,
03525 tid,
03526 FALSE));
03527 break;
03528 /* all other cases are unknown */
03529 default: return(DO_NOT_CARE);
03530 }
03531
03532 case R_SEND_SIGNAL:
03533 switch(target)
03534 {
03535 case T_PROCESS:
03536 /* and perform auto-write without setting attributes */
03537 return(auto_write_attr(caller_pid,
03538 target,
03539 tid,
03540 A_current_sec_level,
03541 A_mac_curr_categories,
03542 FALSE));
03543
03544 /* all other cases are unknown */
03545 default:
03546 return(DO_NOT_CARE);
03547 }
03548
03549 /* case R_SHUTDOWN: see R_REMOVE_FROM_KERNEL */
03550
03551 case R_SWITCH_LOG:
03552 switch(target)
03553 {
03554 case T_NONE:
03555 /* test owner's mac_role */
03556 return mac_check_role(owner, SR_security_officer);
03557
03558 /* all other cases are unknown */
03559 default: return(DO_NOT_CARE);
03560 }
03561
03562 case R_SWITCH_MODULE:
03563 switch(target)
03564 {
03565 case T_NONE:
03566 /* we need the switch_target */
03567 if(attr != A_switch_target)
03568 return(UNDEFINED);
03569 /* do not care for other modules */
03570 if( (attr_val.switch_target != MAC)
03571 #ifdef CONFIG_RSBAC_MAC_AUTH_PROT
03572 && (attr_val.switch_target != AUTH)
03573 #endif
03574 #ifdef CONFIG_RSBAC_SOFTMODE
03575 && (attr_val.switch_target != SOFTMODE)
03576 #endif
03577 #ifdef CONFIG_RSBAC_FREEZE
03578 && (attr_val.switch_target != FREEZE)
03579 #endif
03580 )
03581 return(DO_NOT_CARE);
03582 /* test owner's mac_role */
03583 return mac_check_role(owner, SR_security_officer);
03584
03585 /* all other cases are unknown */
03586 default: return(DO_NOT_CARE);
03587 }
03588
03589 /* notify only, handled by adf-dispatcher */
03590 case R_TERMINATE:
03591 if (target == T_PROCESS)
03592 return(DO_NOT_CARE);
03593 else
03594 return(DO_NOT_CARE);
03595
03596 case R_TRACE:
03597 switch(target)
03598 {
03599 case T_PROCESS:
03600 /* and perform auto-read-write without setting attributes */
03601 return(auto_read_write_attr(caller_pid,
03602 target,
03603 tid,
03604 A_current_sec_level,
03605 A_mac_curr_categories,
03606 FALSE));
03607
03608 /* all other cases are unknown */
03609 default:
03610 return(DO_NOT_CARE);
03611 }
03612
03613 case R_TRUNCATE:
03614 switch(target)
03615 {
03616 case T_FILE:
03617 /* and perform auto-write without setting attributes */
03618 return(auto_write(caller_pid,
03619 target,
03620 tid,
03621 FALSE));
03622 break;
03623 /* all other cases are unknown */
03624 default: return(DO_NOT_CARE);
03625 }
03626
03627 case R_UMOUNT:
03628 switch(target)
03629 {
03630 case T_FILE:
03631 case T_DIR:
03632 case T_DEV:
03633 #ifdef CONFIG_RSBAC_MAC_LIGHT
03634 return(GRANTED);
03635 #else
03636 return mac_check_role(owner, SR_administrator);
03637 #endif
03638 /* all other cases are unknown */
03639 default: return(DO_NOT_CARE);
03640 }
03641
03642 case R_WRITE:
03643 switch(target)
03644 {
03645 case T_DIR:
03646 case T_IPC:
03647 #ifdef CONFIG_RSBAC_RW
03648 case T_FILE:
03649 case T_FIFO:
03650 #endif
03651 /* Mode of created item is ignored! */
03652 /* and perform auto-write without setting attributes */
03653 return(auto_write(caller_pid,
03654 target,
03655 tid,
03656 FALSE));
03657
03658
03659 #ifdef CONFIG_RSBAC_RW
03660 case T_DEV:
03661 /* Only check for devices with mac_check set */
03662 if (rsbac_get_attr(MAC,
03663 T_DEV,
03664 tid,
03665 A_mac_check,
03666 &i_attr_val1,
03667 FALSE))
03668 {
03669 rsbac_ds_get_error("rsbac_adf_request_mac", A_none);
03670 return(NOT_GRANTED);
03671 }
03672 if(!i_attr_val1.mac_check)
03673 return(DO_NOT_CARE);
03674 /* and perform auto-write without setting attributes */
03675 return(auto_write(caller_pid,
03676 target,
03677 tid,
03678 FALSE));
03679 break;
03680 #endif
03681
03682 #if defined(CONFIG_RSBAC_MAC_NET_OBJ_PROT)
03683 case T_NETTEMP:
03684 return mac_check_role(owner, SR_security_officer);
03685
03686 case T_NETOBJ:
03687 /* test write access to target: get its sec_level */
03688 if (rsbac_get_attr(MAC,
03689 target,
03690 tid,
03691 A_remote_sec_level,
03692 &i_attr_val1,
03693 TRUE))
03694 {
03695 rsbac_ds_get_error("rsbac_adf_request_mac", A_none);
03696 return(NOT_GRANTED);
03697 }
03698 if (rsbac_get_attr(MAC,
03699 target,
03700 tid,
03701 A_remote_mac_categories,
03702 &i_attr_val2,
03703 TRUE))
03704 {
03705 rsbac_ds_get_error("rsbac_adf_request_mac", A_none);
03706 return(NOT_GRANTED);
03707 }
03708 /* and perform auto-write without setting attributes */
03709 return(auto_write_attr(caller_pid,
03710 target,
03711 tid,
03712 A_remote_sec_level,
03713 A_remote_mac_categories,
03714 FALSE));
03715 #endif
03716
03717 #if defined(CONFIG_RSBAC_MAC_UM_PROT)
03718 case T_USER:
03719 case T_GROUP:
03720 /* Security Officer? */
03721 return mac_check_role(owner, SR_security_officer);
03722 #endif
03723 /* all other cases are unknown */
03724 default: return(DO_NOT_CARE);
03725 }
03726
03727 case R_WRITE_OPEN:
03728 switch(target)
03729 {
03730 case T_FILE:
03731 case T_FIFO:
03732 case T_IPC:
03733 /* and perform auto-write without setting attributes */
03734 return(auto_write(caller_pid,
03735 target,
03736 tid,
03737 FALSE));
03738 break;
03739 case T_DEV:
03740 /* Only check for devices with mac_check set */
03741 if (rsbac_get_attr(MAC,
03742 T_DEV,
03743 tid,
03744 A_mac_check,
03745 &i_attr_val1,
03746 FALSE))
03747 {
03748 rsbac_ds_get_error("rsbac_adf_request_mac", A_none);
03749 return(NOT_GRANTED);
03750 }
03751 if(!i_attr_val1.mac_check)
03752 return(DO_NOT_CARE);
03753 /* and perform auto-write without setting attributes */
03754 return(auto_write(caller_pid,
03755 target,
03756 tid,
03757 FALSE));
03758
03759 /* all other cases are unknown */
03760 default: return(DO_NOT_CARE);
03761 }
03762
03763 case R_SEND:
03764 switch(target)
03765 {
03766 case T_DEV:
03767 /* Only check for devices with mac_check set */
03768 if (rsbac_get_attr(MAC,
03769 T_DEV,
03770 tid,
03771 A_mac_check,
03772 &i_attr_val1,
03773 FALSE))
03774 {
03775 rsbac_ds_get_error("rsbac_adf_request_mac", A_none);
03776 return(NOT_GRANTED);
03777 }
03778 if(!i_attr_val1.mac_check)
03779 return(DO_NOT_CARE);
03780 /* and perform auto-write without setting attributes */
03781 return(auto_write(caller_pid,
03782 target,
03783 tid,
03784 FALSE));
03785
03786 #if defined(CONFIG_RSBAC_MAC_NET_OBJ_PROT)
03787 case T_NETOBJ:
03788 /* and perform auto-read-write without setting attributes */
03789 return(auto_read_write_attr(caller_pid,
03790 target,
03791 tid,
03792 A_remote_sec_level,
03793 A_remote_mac_categories,
03794 FALSE));
03795
03796 #endif
03797 /* all other cases are unknown */
03798 default: return(DO_NOT_CARE);
03799 }
03800
03801 #if defined(CONFIG_RSBAC_MAC_NET_OBJ_PROT)
03802 case R_BIND:
03803 case R_LISTEN:
03804 switch(target)
03805 {
03806 case T_NETOBJ:
03807 /* and perform auto-read-write without setting attributes */
03808 return(auto_read_write_attr(caller_pid,
03809 target,
03810 tid,
03811 A_local_sec_level,
03812 A_local_mac_categories,
03813 FALSE));
03814
03815 /* all other cases are unknown */
03816 default: return(DO_NOT_CARE);
03817 }
03818
03819 case R_ACCEPT:
03820 case R_CONNECT:
03821 case R_RECEIVE:
03822 switch(target)
03823 {
03824 case T_NETOBJ:
03825 /* and perform auto-read-write without setting attributes */
03826 return(auto_read_write_attr(caller_pid,
03827 target,
03828 tid,
03829 A_remote_sec_level,
03830 A_remote_mac_categories,
03831 FALSE));
03832
03833 /* all other cases are unknown */
03834 default: return(DO_NOT_CARE);
03835 }
03836 #endif /* NET_OBJ_PROT */
03837
03838 /*********************/
03839 default: return DO_NOT_CARE;
03840 }
03841
03842 return(result);
03843 } /* end of rsbac_adf_request_mac() */
|
|
||||||||||||||||||||||||||||||||||||||||
|
Definition at line 3857 of file mac_main.c. References A_current_sec_level, A_initial_security_level, A_local_mac_categories, A_local_sec_level, A_mac_auto, A_mac_categories, A_mac_check, A_mac_curr_categories, A_mac_initial_categories, A_mac_min_categories, A_mac_process_flags, A_mac_prop_trusted, A_mac_user_flags, A_max_read_categories, A_max_read_open, A_min_security_level, A_min_write_categories, A_min_write_open, A_none, A_remote_mac_categories, A_remote_sec_level, A_security_level, auto_read(), auto_read_attr(), auto_read_write(), auto_read_write_attr(), auto_write(), auto_write_attr(), DO_NOT_CARE, FALSE, GRANTED, MAC, MAC_allow_auto, rsbac_attribute_value_t::mac_auto, MAC_auto, rsbac_attribute_value_t::mac_categories, rsbac_attribute_value_t::mac_check, rsbac_attribute_value_t::mac_process_flags, MAC_program_auto, rsbac_attribute_value_t::mac_prop_trusted, MAC_trusted, rsbac_attribute_value_t::mac_user_flags, rsbac_attribute_value_t::max_read_open, rsbac_attribute_value_t::min_write_open, rsbac_attribute_value_t::owner, rsbac_target_id_t::process, R_ACCEPT, R_APPEND_OPEN, R_BIND, R_CHANGE_OWNER, R_CLONE, R_CONNECT, R_CREATE, R_DELETE, R_EXECUTE, R_LISTEN, R_MOUNT, R_READ, R_READ_OPEN, R_READ_WRITE_OPEN, R_RECEIVE, R_SEARCH, R_SEND, R_TRACE, R_WRITE, R_WRITE_OPEN, RSBAC_EDECISIONMISMATCH, RSBAC_EINVALIDATTR, RSBAC_EREADFAILED, RSBAC_EWRITEFAILED, rsbac_get_attr, rsbac_mac_copy_fp_truset(), rsbac_mac_copy_pp_truset(), RSBAC_MAC_MAX_CAT_VECTOR, RSBAC_MAC_MIN_CAT_VECTOR, RSBAC_MAC_P_FLAGS, rsbac_mac_p_truset_member(), rsbac_printk(), rsbac_set_attr, rsbac_attribute_value_t::security_level, SL_max, SL_min, T_DEV, T_DIR, T_FIFO, T_FILE, T_IPC, T_NETOBJ, T_PROCESS, T_SYMLINK, T_USER, TRUE, and rsbac_target_id_t::user. Referenced by rsbac_adf_set_attr(). 03867 {
03868 enum rsbac_adf_req_ret_t result = DO_NOT_CARE;
03869 union rsbac_target_id_t i_tid;
03870 union rsbac_attribute_value_t i_attr_val1;
03871 union rsbac_attribute_value_t i_attr_val2;
03872 union rsbac_attribute_value_t i_attr_val3;
03873 union rsbac_attribute_value_t i_attr_val4;
03874 union rsbac_attribute_value_t i_attr_val5;
03875 union rsbac_attribute_value_t i_attr_val6;
03876 union rsbac_attribute_value_t i_attr_val7;
03877 union rsbac_attribute_value_t i_attr_val8;
03878 union rsbac_attribute_value_t i_attr_val9;
03879 rsbac_boolean_t inherit;
03880
03881 switch (request)
03882 {
03883 case R_APPEND_OPEN:
03884 switch(target)
03885 {
03886 case T_FILE:
03887 case T_FIFO:
03888 case T_IPC:
03889 /* test write access to target: get its sec_level */
03890 if( (target == T_FILE)
03891 || (target == T_FIFO)
03892 )
03893 inherit = TRUE;
03894 else
03895 inherit = FALSE;
03896 if (rsbac_get_attr(MAC,
03897 target,
03898 tid,
03899 A_security_level,
03900 &i_attr_val1,
03901 inherit))
03902 {
03903 rsbac_ds_get_error("rsbac_adf_set_attr_mac", A_none);
03904 return(-RSBAC_EREADFAILED);
03905 }
03906 if (rsbac_get_attr(MAC,
03907 target,
03908 tid,
03909 A_mac_categories,
03910 &i_attr_val2,
03911 inherit))
03912 {
03913 rsbac_ds_get_error("rsbac_adf_set_attr_mac", A_none);
03914 return(-RSBAC_EREADFAILED);
03915 }
03916 /* and perform auto-write with setting attributes */
03917 result = auto_write(caller_pid,
03918 target,
03919 tid,
03920 TRUE);
03921 if ((result == GRANTED) || (result == DO_NOT_CARE))
03922 return(0);
03923 else
03924 return(-RSBAC_EDECISIONMISMATCH);
03925 break;
03926 case T_DEV:
03927 /* Only check for devices with mac_check set */
03928 if (rsbac_get_attr(MAC,
03929 T_DEV,
03930 tid,
03931 A_mac_check,
03932 &i_attr_val1,
03933 FALSE))
03934 {
03935 rsbac_ds_get_error("rsbac_adf_set_attr_mac", A_none);
03936 return(-RSBAC_EREADFAILED);
03937 }
03938 if(!i_attr_val1.mac_check)
03939 return(0);
03940 /* and perform auto-write with setting attributes */
03941 result = auto_write(caller_pid,
03942 target,
03943 tid,
03944 TRUE);
03945 if ((result == GRANTED) || (result == DO_NOT_CARE))
03946 return(0);
03947 else
03948 return(-RSBAC_EDECISIONMISMATCH);
03949 break;
03950 /* all other cases are unknown */
03951 default: return(0);
03952 }
03953
03954 case R_CHANGE_OWNER:
03955 switch(target)
03956 {
03957 /* Changing process owner affects access decisions, */
03958 /* so attributes have to be adjusted. */
03959 case T_PROCESS:
03960 /* For target process there MUST be a new owner specified */
03961 if (attr != A_owner)
03962 return(-RSBAC_EINVALIDATTR);
03963
03964 /* Get owner-sec-level and mac_categories for new owner */
03965 i_tid.user = attr_val.owner;
03966 if (rsbac_get_attr(MAC,
03967 T_USER,
03968 i_tid,
03969 A_security_level,
03970 &i_attr_val2,
03971 TRUE))
03972 {
03973 rsbac_ds_get_error("rsbac_adf_set_attr_mac", A_none);
03974 return(-RSBAC_EREADFAILED);
03975 }
03976 if (rsbac_get_attr(MAC,
03977 T_USER,
03978 i_tid,
03979 A_mac_categories,
03980 &i_attr_val3,
03981 TRUE))
03982 {
03983 rsbac_ds_get_error("rsbac_adf_set_attr_mac", A_none);
03984 return(-RSBAC_EREADFAILED);
03985 }
03986 /* set owner-sec-level and mac_categories for process to new values */
03987 if (rsbac_set_attr(MAC,
03988 T_PROCESS,
03989 tid,
03990 A_security_level,
03991 i_attr_val2))
03992 {
03993 rsbac_ds_set_error("rsbac_adf_set_attr_mac", A_none);
03994 return(-RSBAC_EWRITEFAILED);
03995 }
03996 if (rsbac_set_attr(MAC,
03997 T_PROCESS,
03998 tid,
03999 A_mac_categories,
04000 i_attr_val3))
04001 {
04002 rsbac_ds_set_error("rsbac_adf_set_attr_mac", A_none);
04003 return(-RSBAC_EWRITEFAILED);
04004 }
04005 /* Get min_write_open and min_write_categories of process */
04006 if (rsbac_get_attr(MAC,
04007 T_PROCESS,
04008 tid,
04009 A_min_write_open,
04010 &i_attr_val4,
04011 TRUE))
04012 {
04013 rsbac_ds_get_error("rsbac_adf_set_attr_mac", A_none);
04014 return(-RSBAC_EREADFAILED);
04015 }
04016 if (rsbac_get_attr(MAC,
04017 T_PROCESS,
04018 tid,
04019 A_min_write_categories,
04020 &i_attr_val5,
04021 TRUE))
04022 {
04023 rsbac_ds_get_error("rsbac_adf_set_attr_mac", A_none);
04024 return(-RSBAC_EREADFAILED);
04025 }
04026 /* adjust min_write_open and min_write_categories, if too high */
04027 if(i_attr_val2.security_level < i_attr_val4.min_write_open)
04028 {
04029 i_attr_val4.min_write_open = i_attr_val2.security_level;
04030 if(rsbac_set_attr(MAC,
04031 T_PROCESS,
04032 tid,
04033 A_min_write_open,
04034 i_attr_val4))
04035 {
04036 rsbac_ds_set_error("rsbac_adf_set_attr_mac", A_none);
04037 return(-RSBAC_EWRITEFAILED);
04038 }
04039 }
04040 /* does process have categories in min_write that the new owner has not? */
04041 /* If yes, throw them out. */
04042 if ((i_attr_val3.mac_categories & i_attr_val5.mac_categories)
04043 != i_attr_val5.mac_categories)
04044 {
04045 i_attr_val5.mac_categories &= i_attr_val3.mac_categories;
04046 if(rsbac_set_attr(MAC,
04047 T_PROCESS,
04048 tid,
04049 A_min_write_categories,
04050 i_attr_val5))
04051 {
04052 rsbac_ds_set_error("rsbac_adf_set_attr_mac", A_none);
04053 return(-RSBAC_EWRITEFAILED);
04054 }
04055 }
04056 /* Get owner-initial-sec-level and mac_initial_categories for new owner */
04057 /* These values will be adjusted by max_read / min_write and then used as */
04058 /* new current level/categories. */
04059 i_tid.user = attr_val.owner;
04060 if (rsbac_get_attr(MAC,
04061 T_USER,
04062 i_tid,
04063 A_initial_security_level,
04064 &i_attr_val6,
04065 TRUE))
04066 {
04067 rsbac_ds_get_error("rsbac_adf_set_attr_mac", A_none);
04068 return(-RSBAC_EREADFAILED);
04069 }
04070 if (rsbac_set_attr(MAC,
04071 T_PROCESS,
04072 tid,
04073 A_initial_security_level,
04074 i_attr_val6))
04075 {
04076 rsbac_ds_set_error("rsbac_adf_set_attr_mac", A_none);
04077 return(-RSBAC_EWRITEFAILED);
04078 }
04079 #if 0
04080 /* restrict current_level to be a maximum of min_write */
04081 if(i_attr_val6.security_level > i_attr_val4.min_write_open)
04082 i_attr_val6.security_level = i_attr_val4.min_write_open;
04083 #endif
04084 if (rsbac_get_attr(MAC,
04085 T_USER,
04086 i_tid,
04087 A_mac_initial_categories,
04088 &i_attr_val7,
04089 TRUE))
04090 {
04091 rsbac_ds_get_error("rsbac_adf_set_attr_mac", A_none);
04092 return(-RSBAC_EREADFAILED);
04093 }
04094 if (rsbac_set_attr(MAC,
04095 T_PROCESS,
04096 tid,
04097 A_mac_initial_categories,
04098 i_attr_val7))
04099 {
04100 rsbac_ds_set_error("rsbac_adf_set_attr_mac", A_none);
04101 return(-RSBAC_EWRITEFAILED);
04102 }
04103 #if 0
04104 /* restrict current_categories to be a maximum of min_write */
04105 if((i_attr_val7.mac_categories & i_attr_val5.mac_categories) != i_attr_val7.mac_categories)
04106 i_attr_val7.mac_categories &= i_attr_val5.mac_categories;
04107 #endif
04108 /* Get owner-min-sec-level and mac_min_categories for new owner */
04109 i_tid.user = attr_val.owner;
04110 if (rsbac_get_attr(MAC,
04111 T_USER,
04112 i_tid,
04113 A_min_security_level,
04114 &i_attr_val8,
04115 TRUE))
04116 {
04117 rsbac_ds_get_error("rsbac_adf_set_attr_mac", A_none);
04118 return(-RSBAC_EREADFAILED);
04119 }
04120 if (rsbac_get_attr(MAC,
04121 T_USER,
04122 i_tid,
04123 A_mac_min_categories,
04124 &i_attr_val9,
04125 TRUE))
04126 {
04127 rsbac_ds_get_error("rsbac_adf_set_attr_mac", A_none);
04128 return(-RSBAC_EREADFAILED);
04129 }
04130 /* set owner-sec-level and mac_categories for process to new values */
04131 /* owner is set by main dispatcher! */
04132 if (rsbac_set_attr(MAC,
04133 T_PROCESS,
04134 tid,
04135 A_min_security_level,
04136 i_attr_val8))
04137 {
04138 rsbac_ds_set_error("rsbac_adf_set_attr_mac", A_none);
04139 return(-RSBAC_EWRITEFAILED);
04140 }
04141 if (rsbac_set_attr(MAC,
04142 T_PROCESS,
04143 tid,
04144 A_mac_min_categories,
04145 i_attr_val9))
04146 {
04147 rsbac_ds_set_error("rsbac_adf_set_attr_mac", A_none);
04148 return(-RSBAC_EWRITEFAILED);
04149 }
04150 /* Get max_read_open and max_read_categories of process */
04151 if (rsbac_get_attr(MAC,
04152 T_PROCESS,
04153 tid,
04154 A_max_read_open,
04155 &i_attr_val4,
04156 TRUE))
04157 {
04158 rsbac_ds_get_error("rsbac_adf_set_attr_mac", A_none);
04159 return(-RSBAC_EREADFAILED);
04160 }
04161 if (rsbac_get_attr(MAC,
04162 T_PROCESS,
04163 tid,
04164 A_max_read_categories,
04165 &i_attr_val5,
04166 TRUE))
04167 {
04168 rsbac_ds_get_error("rsbac_adf_set_attr_mac", A_none);
04169 return(-RSBAC_EREADFAILED);
04170 }
04171 /* adjust max_read_open and max_read_categories, if too low */
04172 if (i_attr_val8.security_level > i_attr_val4.max_read_open)
04173 {
04174 i_attr_val4.max_read_open = i_attr_val8.security_level;
04175 if(rsbac_set_attr(MAC,
04176 T_PROCESS,
04177 tid,
04178 A_max_read_open,
04179 i_attr_val4))
04180 {
04181 rsbac_ds_set_error("rsbac_adf_set_attr_mac", A_none);
04182 return(-RSBAC_EWRITEFAILED);
04183 }
04184 }
04185 #if 0
04186 /* adjust current sec level to a minimum of max_read */
04187 if(i_attr_val6.security_level < i_attr_val4.max_read_open)
04188 i_attr_val6.security_level = i_attr_val4.max_read_open;
04189 #endif
04190 /* but never set it over new max_level or under new min_level */
04191 if(i_attr_val6.security_level > i_attr_val2.security_level)
04192 i_attr_val6.security_level = i_attr_val2.security_level;
04193 else
04194 if(i_attr_val6.security_level < i_attr_val8.security_level)
04195 i_attr_val6.security_level = i_attr_val8.security_level;
04196 if(rsbac_set_attr(MAC,
04197 T_PROCESS,
04198 tid,
04199 A_current_sec_level,
04200 i_attr_val6))
04201 {
04202 rsbac_ds_set_error("rsbac_adf_set_attr_mac", A_none);
04203 return(-RSBAC_EWRITEFAILED);
04204 }
04205
04206 /* does new owner have categories in min_categories that the process max_read
04207 has not? */
04208 /* If yes, add them. */
04209 if ((i_attr_val9.mac_categories & i_attr_val5.mac_categories)
04210 != i_attr_val9.mac_categories)
04211 {
04212 i_attr_val5.mac_categories |= i_attr_val9.mac_categories;
04213 if(rsbac_set_attr(MAC,
04214 T_PROCESS,
04215 tid,
04216 A_max_read_categories,
04217 i_attr_val5))
04218 {
04219 rsbac_ds_set_error("rsbac_adf_set_attr_mac", A_none);
04220 return(-RSBAC_EWRITEFAILED);
04221 }
04222 }
04223 #if 0
04224 /* adjust current categories to include all from max_read (from initial) */
04225 if((i_attr_val7.mac_categories & i_attr_val5.mac_categories) != i_attr_val5.mac_categories)
04226 i_attr_val7.mac_categories |= i_attr_val5.mac_categories;
04227 #endif
04228 /* but never set it over new max_cats or under new min_cats */
04229 if((i_attr_val7.mac_categories & i_attr_val3.mac_categories) != i_attr_val7.mac_categories)
04230 i_attr_val7.mac_categories &= i_attr_val3.mac_categories;
04231 else
04232 if((i_attr_val7.mac_categories & i_attr_val9.mac_categories) != i_attr_val9.mac_categories)
04233 i_attr_val7.mac_categories |= i_attr_val9.mac_categories;
04234 if(rsbac_set_attr(MAC,
04235 T_PROCESS,
04236 tid,
04237 A_mac_curr_categories,
04238 i_attr_val7))
04239 {
04240 rsbac_ds_set_error("rsbac_adf_set_attr_mac", A_none);
04241 return(-RSBAC_EWRITEFAILED);
04242 }
04243
04244 /* Get mac_user_flags from user */
04245 i_tid.user = attr_val.owner;
04246 if (rsbac_get_attr(MAC,
04247 T_USER,
04248 i_tid,
04249 A_mac_user_flags,
04250 &i_attr_val3,
04251 TRUE))
04252 {
04253 rsbac_ds_get_error("rsbac_adf_set_attr_mac", A_none);
04254 return(-RSBAC_EREADFAILED);
04255 }
04256 i_attr_val1.mac_process_flags = i_attr_val3.mac_user_flags;
04257 /* adjust flags - first get old process flags*/
04258 if (rsbac_get_attr(MAC,
04259 T_PROCESS,
04260 tid,
04261 A_mac_process_flags,
04262 &i_attr_val2,
04263 TRUE))
04264 {
04265 rsbac_ds_get_error("rsbac_adf_set_attr_mac", A_none);
04266 return(-RSBAC_EREADFAILED);
04267 }
04268 if( (i_attr_val2.mac_process_flags & MAC_program_auto)
04269 && (i_attr_val3.mac_user_flags & MAC_allow_auto)
04270 )
04271 i_attr_val1.mac_process_flags |= MAC_auto;
04272
04273 i_attr_val1.mac_process_flags &= RSBAC_MAC_P_FLAGS;
04274
04275 if(!(i_attr_val1.mac_process_flags & MAC_trusted))
04276 {
04277 if(rsbac_mac_p_truset_member(caller_pid, attr_val.owner))
04278 i_attr_val1.mac_process_flags |= MAC_trusted;
04279 }
04280 /* Set mac_process_flags on process */
04281 if (rsbac_set_attr(MAC,
04282 T_PROCESS,
04283 tid,
04284 A_mac_process_flags,
04285 i_attr_val1))
04286 {
04287 rsbac_ds_set_error("rsbac_adf_set_attr_mac", A_none);
04288 return(-RSBAC_EWRITEFAILED);
04289 }
04290 /* OK, we are ready */
04291 return(0);
04292
04293 /* We do not care about other cases here */
04294 default:
04295 return(0);
04296 }
04297
04298 case R_CLONE:
04299 if (target == T_PROCESS)
04300 {
04301 /* Get owner from first process (provided on call) */
04302 i_attr_val1.owner = owner;
04303 /* Get owner-sec-level from first process */
04304 if (rsbac_get_attr(MAC,
04305 T_PROCESS,
04306 tid,
04307 A_security_level,
04308 &i_attr_val2,
04309 FALSE))
04310 {
04311 rsbac_ds_get_error("rsbac_adf_set_attr_mac", A_none);
04312 return(-RSBAC_EREADFAILED);
04313 }
04314 /* Get current-sec-level from first process... */
04315 if (rsbac_get_attr(MAC,
04316 T_PROCESS,
04317 tid,
04318 A_current_sec_level,
04319 &i_attr_val3,
04320 FALSE))
04321 {
04322 rsbac_ds_get_error("rsbac_adf_set_attr_mac", A_none);
04323 return(-RSBAC_EREADFAILED);
04324 }
04325 /* Get min_write_open from first process */
04326 if (rsbac_get_attr(MAC,
04327 T_PROCESS,
04328 tid,
04329 A_min_write_open,
04330 &i_attr_val4,
04331 FALSE))
04332 {
04333 rsbac_ds_get_error("rsbac_adf_set_attr_mac", A_none);
04334 return(-RSBAC_EREADFAILED);
04335 }
04336 /* Get max_read_open from first process */
04337 if (rsbac_get_attr(MAC,
04338 T_PROCESS,
04339 tid,
04340 A_max_read_open,
04341 &i_attr_val5,
04342 FALSE))
04343 {
04344 rsbac_ds_get_error("rsbac_adf_set_attr_mac", A_none);
04345 return(-RSBAC_EREADFAILED);
04346 }
04347 /* Get mac_process_flags from first process */
04348 if (rsbac_get_attr(MAC,
04349 T_PROCESS,
04350 tid,
04351 A_mac_process_flags,
04352 &i_attr_val7,
04353 FALSE))
04354 {
04355 rsbac_ds_get_error("rsbac_adf_set_attr_mac", A_none);
04356 return(-RSBAC_EREADFAILED);
04357 }
04358
04359 #ifdef CONFIG_RSBAC_USE_RSBAC_OWNER
04360 /* Set owner for new process */
04361 if (rsbac_set_attr(MAC,
04362 T_PROCESS,
04363 new_tid,
04364 A_owner,
04365 i_attr_val1))
04366 {
04367 rsbac_ds_set_error("rsbac_adf_set_attr_mac", A_none);
04368 return(-RSBAC_EWRITEFAILED);
04369 }
04370 #endif
04371 /* Set owner_sec_level for new process */
04372 if (rsbac_set_attr(MAC,
04373 T_PROCESS,
04374 new_tid,
04375 A_security_level,
04376 i_attr_val2))
04377 {
04378 rsbac_ds_set_error("rsbac_adf_set_attr_mac", A_none);
04379 return(-RSBAC_EWRITEFAILED);
04380 }
04381 /* Set current_sec_level for new process */
04382 if (rsbac_set_attr(MAC,
04383 T_PROCESS,
04384 new_tid,
04385 A_current_sec_level,
04386 i_attr_val3))
04387 {
04388 rsbac_ds_set_error("rsbac_adf_set_attr_mac", A_none);
04389 return(-RSBAC_EWRITEFAILED);
04390 }
04391 /* Set min_write_open for new process */
04392 if (rsbac_set_attr(MAC,
04393 T_PROCESS,
04394 new_tid,
04395 A_min_write_open,
04396 i_attr_val4))
04397 {
04398 rsbac_ds_set_error("rsbac_adf_set_attr_mac", A_none);
04399 return(-RSBAC_EWRITEFAILED);
04400 }
04401 /* Set max_read_open for new process */
04402 if (rsbac_set_attr(MAC,
04403 T_PROCESS,
04404 new_tid,
04405 A_max_read_open,
04406 i_attr_val5))
04407 {
04408 rsbac_ds_set_error("rsbac_adf_set_attr_mac", A_none);
04409 return(-RSBAC_EWRITEFAILED);
04410 }
04411 /* Set mac_process_flags for new process */
04412 if (rsbac_set_attr(MAC,
04413 T_PROCESS,
04414 new_tid,
04415 A_mac_process_flags,
04416 i_attr_val7))
04417 {
04418 rsbac_ds_set_error("rsbac_adf_set_attr_mac", A_none);
04419 return(-RSBAC_EWRITEFAILED);
04420 }
04421
04422 /* Get mac_categories from first process */
04423 if (rsbac_get_attr(MAC,
04424 T_PROCESS,
04425 tid,
04426 A_mac_categories,
04427 &i_attr_val2,
04428 FALSE))
04429 {
04430 rsbac_ds_get_error("rsbac_adf_set_attr_mac", A_none);
04431 return(-RSBAC_EREADFAILED);
04432 }
04433 /* Get mac_curr_categories from first process... */
04434 if (rsbac_get_attr(MAC,
04435 T_PROCESS,
04436 tid,
04437 A_mac_curr_categories,
04438 &i_attr_val3,
04439 FALSE))
04440 {
04441 rsbac_ds_get_error("rsbac_adf_set_attr_mac", A_none);
04442 return(-RSBAC_EREADFAILED);
04443 }
04444 /* Get min_write_categories from first process */
04445 if (rsbac_get_attr(MAC,
04446 T_PROCESS,
04447 tid,
04448 A_min_write_categories,
04449 &i_attr_val4,
04450 FALSE))
04451 {
04452 rsbac_ds_get_error("rsbac_adf_set_attr_mac", A_none);
04453 return(-RSBAC_EREADFAILED);
04454 }
04455 /* Get max_read_categories from first process */
04456 if (rsbac_get_attr(MAC,
04457 T_PROCESS,
04458 tid,
04459 A_max_read_categories,
04460 &i_attr_val5,
04461 FALSE))
04462 {
04463 rsbac_ds_get_error("rsbac_adf_set_attr_mac", A_none);
04464 return(-RSBAC_EREADFAILED);
04465 }
04466 /* Get initial_sec_level from first process */
04467 if (rsbac_get_attr(MAC,
04468 T_PROCESS,
04469 tid,
04470 A_initial_security_level,
04471 &i_attr_val6,
04472 FALSE))
04473 {
04474 rsbac_ds_get_error("rsbac_adf_set_attr_mac", A_none);
04475 return(-RSBAC_EREADFAILED);
04476 }
04477 /* Get initial_categories from first process */
04478 if (rsbac_get_attr(MAC,
04479 T_PROCESS,
04480 tid,
04481 A_mac_initial_categories,
04482 &i_attr_val7,
04483 FALSE))
04484 {
04485 rsbac_ds_get_error("rsbac_adf_set_attr_mac", A_none);
04486 return(-RSBAC_EREADFAILED);
04487 }
04488 /* Set mac_categories for new process */
04489 if (rsbac_set_attr(MAC,
04490 T_PROCESS,
04491 new_tid,
04492 A_mac_categories,
04493 i_attr_val2))
04494 {
04495 rsbac_ds_set_error("rsbac_adf_set_attr_mac", A_none);
04496 return(-RSBAC_EWRITEFAILED);
04497 }
04498 /* Set mac_curr_categories for new process */
04499 if (rsbac_set_attr(MAC,
04500 T_PROCESS,
04501 new_tid,
04502 A_mac_curr_categories,
04503 i_attr_val3))
04504 {
04505 rsbac_ds_set_error("rsbac_adf_set_attr_mac", A_none);
04506 return(-RSBAC_EWRITEFAILED);
04507 }
04508 /* Set min_write_categories for new process */
04509 if (rsbac_set_attr(MAC,
04510 T_PROCESS,
04511 new_tid,
04512 A_min_write_categories,
04513 i_attr_val4))
04514 {
04515 rsbac_ds_set_error("rsbac_adf_set_attr_mac", A_none);
04516 return(-RSBAC_EWRITEFAILED);
04517 }
04518 /* Set max_read_categories for new process */
04519 if (rsbac_set_attr(MAC,
04520 T_PROCESS,
04521 new_tid,
04522 A_max_read_categories,
04523 i_attr_val5))
04524 {
04525 rsbac_ds_set_error("rsbac_adf_set_attr_mac", A_none);
04526 return(-RSBAC_EWRITEFAILED);
04527 }
04528 /* Set initial_security_level for new process */
04529 if (rsbac_set_attr(MAC,
04530 T_PROCESS,
04531 new_tid,
04532 A_initial_security_level,
04533 i_attr_val6))
04534 {
04535 rsbac_ds_set_error("rsbac_adf_set_attr_mac", A_none);
04536 return(-RSBAC_EWRITEFAILED);
04537 }
04538 /* Set initial_categories for new process */
04539 if (rsbac_set_attr(MAC,
04540 T_PROCESS,
04541 new_tid,
04542 A_mac_initial_categories,
04543 i_attr_val7))
04544 {
04545 rsbac_ds_set_error("rsbac_adf_set_attr_mac", A_none);
04546 return(-RSBAC_EWRITEFAILED);
04547 }
04548 /* Get owner-min_sec-level/cat from first process */
04549 if (rsbac_get_attr(MAC,
04550 T_PROCESS,
04551 tid,
04552 A_min_security_level,
04553 &i_attr_val2,
04554 FALSE))
04555 {
04556 rsbac_ds_get_error("rsbac_adf_set_attr_mac", A_none);
04557 return(-RSBAC_EREADFAILED);
04558 }
04559 if (rsbac_get_attr(MAC,
04560 T_PROCESS,
04561 tid,
04562 A_mac_min_categories,
04563 &i_attr_val3,
04564 FALSE))
04565 {
04566 rsbac_ds_get_error("rsbac_adf_set_attr_mac", A_none);
04567 return(-RSBAC_EREADFAILED);
04568 }
04569 /* Set min_security_level for new process */
04570 if (rsbac_set_attr(MAC,
04571 T_PROCESS,
04572 new_tid,
04573 A_min_security_level,
04574 i_attr_val2))
04575 {
04576 rsbac_ds_set_error("rsbac_adf_set_attr_mac", A_none);
04577 return(-RSBAC_EWRITEFAILED);
04578 }
04579 /* Set min_categories for new process */
04580 if (rsbac_set_attr(MAC,
04581 T_PROCESS,
04582 new_tid,
04583 A_mac_min_categories,
04584 i_attr_val3))
04585 {
04586 rsbac_ds_set_error("rsbac_adf_set_attr_mac", A_none);
04587 return(-RSBAC_EWRITEFAILED);
04588 }
04589 if (rsbac_mac_copy_pp_truset(tid.process, new_tid.process))
04590 {
04591 rsbac_printk(KERN_WARNING
04592 "rsbac_adf_set_attr_mac(): rsbac_mac_copy_pp_truset() returned error!\n");
04593 return(-RSBAC_EWRITEFAILED);
04594 }
04595 return(0);
04596 }
04597 else
04598 return(0);
04599
04600 case R_CREATE:
04601 switch(target)
04602 {
04603 /* Creating dir or (pseudo) file IN target dir! */
04604 case T_DIR:
04605 /* Mode of created item is ignored! */
04606 /* and perform auto-write without(!) setting of attributes - no need */
04607 /* -> decision consistency check only */
04608 /* only check, if not MAC_LIGHT */
04609 #ifndef CONFIG_RSBAC_MAC_LIGHT
04610 result = auto_write(caller_pid,
04611 target,
04612 tid,
04613 FALSE);
04614 if ((result != GRANTED) && (result != DO_NOT_CARE))
04615 return(-RSBAC_EDECISIONMISMATCH);
04616 #endif
04617 /* test write access to target: get its sec_level */
04618 if (rsbac_get_attr(MAC,
04619 T_DIR,
04620 tid,
04621 A_security_level,
04622 &i_attr_val1,
04623 TRUE))
04624 {
04625 rsbac_ds_get_error("rsbac_adf_set_attr_mac", A_none);
04626 return(-RSBAC_EREADFAILED);
04627 }
04628 if (rsbac_get_attr(MAC,
04629 T_DIR,
04630 tid,
04631 A_mac_categories,
04632 &i_attr_val2,
04633 TRUE))
04634 {
04635 rsbac_ds_get_error("rsbac_adf_set_attr_mac", A_none);
04636 return(-RSBAC_EREADFAILED);
04637 }
04638 /* Get current_sec_level from process (initialized to owner_sec_level)... */
04639 i_tid.process = caller_pid;
04640 if (rsbac_get_attr(MAC,
04641 T_PROCESS,
04642 i_tid,
04643 A_current_sec_level,
04644 &i_attr_val3,
04645 FALSE))
04646 {
04647 rsbac_ds_get_error("rsbac_adf_set_attr_mac", A_none);
04648 return(-RSBAC_EREADFAILED);
04649 }
04650 #ifdef CONFIG_RSBAC_MAC_SMART_INHERIT
04651 /* Only set, if different than inherited value */
04652 if(i_attr_val3.security_level != i_attr_val1.security_level)
04653 #endif
04654 /* Set security-level for new item */
04655 if (rsbac_set_attr(MAC,
04656 new_target,
04657 new_tid,
04658 A_security_level,
04659 i_attr_val3))
04660 {
04661 rsbac_ds_set_error("rsbac_adf_set_attr_mac", A_none);
04662 return(-RSBAC_EWRITEFAILED);
04663 }
04664 /* Get current_categories from process (initialized to owner_categories)... */
04665 if (rsbac_get_attr(MAC,
04666 T_PROCESS,
04667 i_tid,
04668 A_mac_curr_categories,
04669 &i_attr_val3,
04670 FALSE))
04671 {
04672 rsbac_ds_get_error("rsbac_adf_set_attr_mac", A_none);
04673 return(-RSBAC_EREADFAILED);
04674 }
04675 #ifdef CONFIG_RSBAC_MAC_SMART_INHERIT
04676 /* Only set, if different than inherited value */
04677 if(i_attr_val3.mac_categories != i_attr_val2.mac_categories)
04678 #endif
04679 /* Set mac_categories for new item */
04680 if (rsbac_set_attr(MAC,
04681 new_target,
04682 new_tid,
04683 A_mac_categories,
04684 i_attr_val3))
04685 {
04686 rsbac_ds_set_error("rsbac_adf_set_attr_mac", A_none);
04687 return(-RSBAC_EWRITEFAILED);
04688 }
04689 return(0);
04690 break;
04691
04692 case T_IPC:
04693 i_tid.process = caller_pid;
04694 /* Get current-sec-level from process... */
04695 if (rsbac_get_attr(MAC,
04696 T_PROCESS,
04697 i_tid,
04698 A_current_sec_level,
04699 &i_attr_val1,
04700 FALSE))
04701 {
04702 rsbac_ds_get_error("rsbac_adf_set_attr_mac", A_none);
04703 return(-RSBAC_EREADFAILED);
04704 }
04705 /* Set security-level for this ipc item */
04706 if (rsbac_set_attr(MAC,
04707 T_IPC,
04708 tid,
04709 A_security_level,
04710 i_attr_val1))
04711 {
04712 rsbac_ds_get_error("rsbac_adf_set_attr_mac", A_none);
04713 return(-RSBAC_EWRITEFAILED);
04714 }
04715 /* Get mac_curr_categories from process... */
04716 if (rsbac_get_attr(MAC,
04717 T_PROCESS,
04718 i_tid,
04719 A_mac_curr_categories,
04720 &i_attr_val1,
04721 FALSE))
04722 {
04723 rsbac_ds_get_error("rsbac_adf_set_attr_mac", A_none);
04724 return(-RSBAC_EREADFAILED);
04725 }
04726 /* Set curr_categories for new item */
04727 if (rsbac_set_attr(MAC,
04728 T_IPC,
04729 tid,
04730 A_mac_categories,
04731 i_attr_val1))
04732 {
04733 rsbac_ds_set_error("rsbac_adf_set_attr_mac", A_none);
04734 return(-RSBAC_EWRITEFAILED);
04735 }
04736 return(0);
04737 break;
04738
04739 #ifdef CONFIG_RSBAC_MAC_NET_OBJ_PROT
04740 case T_NETOBJ:
04741 i_tid.process = caller_pid;
04742 /* Get current-sec-level from process... */
04743 if (rsbac_get_attr(MAC,
04744 T_PROCESS,
04745 i_tid,
04746 A_current_sec_level,
04747 &i_attr_val1,
04748 FALSE))
04749 {
04750 rsbac_ds_get_error("rsbac_adf_set_attr_mac", A_none);
04751 return(-RSBAC_EREADFAILED);
04752 }
04753 /* Set local security-level for this netobj item */
04754 if (rsbac_set_attr(MAC,
04755 target,
04756 tid,
04757 A_local_sec_level,
04758 i_attr_val1))
04759 {
04760 rsbac_ds_set_error("rsbac_adf_set_attr_mac", A_none);
04761 return(-RSBAC_EWRITEFAILED);
04762 }
04763 /* Get mac_curr_categories from process... */
04764 if (rsbac_get_attr(MAC,
04765 T_PROCESS,
04766 i_tid,
04767 A_mac_curr_categories,
04768 &i_attr_val1,
04769 FALSE))
04770 {
04771 rsbac_ds_get_error("rsbac_adf_set_attr_mac", A_none);
04772 return(-RSBAC_EREADFAILED);
04773 }
04774 /* Set local curr_categories for new item */
04775 if (rsbac_set_attr(MAC,
04776 target,
04777 tid,
04778 A_local_mac_categories,
04779 i_attr_val1))
04780 {
04781 rsbac_ds_set_error("rsbac_adf_set_attr_mac", A_none);
04782 return(-RSBAC_EWRITEFAILED);
04783 }
04784 return(0);
04785 break;
04786 #endif
04787
04788 /* all other cases are unknown */
04789 default:
04790 return(0);
04791 }
04792
04793 /* removal of targets is done in main adf dispatcher! */
04794 case R_DELETE:
04795 switch(target)
04796 {
04797 case T_FILE:
04798 case T_DIR:
04799 case T_FIFO:
04800 case T_SYMLINK:
04801 case T_IPC:
04802 /* and perform auto-write without(!) setting of attributes */
04803 /* - no information flow apart from missing file */
04804 /* -> decision consistency check only */
04805 result = auto_write(caller_pid,
04806 target,
04807 tid,
04808 FALSE);
04809 if ((result != GRANTED) && (result != DO_NOT_CARE))
04810 return(-RSBAC_EDECISIONMISMATCH);
04811 else
04812 return(0);
04813 /* all other cases are unknown */
04814 default:
04815 return(0);
04816 }
04817
04818 case R_EXECUTE:
04819 switch(target)
04820 {
04821 case T_FILE:
04822 /* copy trusted user list from file to process */
04823 if (rsbac_mac_copy_fp_truset(tid.file, caller_pid))
04824 {
04825 rsbac_printk(KERN_WARNING
04826 "rsbac_adf_set_attr_mac(): rsbac_mac_copy_fp_truset() returned error!\n");
04827 return(-RSBAC_EWRITEFAILED);
04828 }
04829 /* perform auto-read with setting of attributes */
04830 result = auto_read(caller_pid,
04831 target,
04832 tid,
04833 TRUE);
04834 if ((result != GRANTED) && (result != DO_NOT_CARE))
04835 return(-RSBAC_EDECISIONMISMATCH);
04836
04837 /* reset current_sec_level, mac_auto, min_write_open */
04838 /* and max_read_open for process */
04839 i_tid.process = caller_pid;
04840
04841 #ifdef CONFIG_RSBAC_MAC_RESET_CURR
04842 /* First, set current_sec_level and min_write_open to process owner's initial and seclevel */
04843 if (rsbac_get_attr(MAC,
04844 T_PROCESS,
04845 i_tid,
04846 A_initial_security_level,
04847 &i_attr_val1,
04848 TRUE))
04849 {
04850 rsbac_ds_get_error("rsbac_adf_set_attr_mac", A_none);
04851 return(-RSBAC_EREADFAILED);
04852 }
04853 if (rsbac_get_attr(MAC,
04854 T_PROCESS,
04855 i_tid,
04856 A_mac_initial_categories,
04857 &i_attr_val2,
04858 TRUE))
04859 {
04860 rsbac_ds_get_error("rsbac_adf_set_attr_mac", A_none);
04861 return(-RSBAC_EREADFAILED);
04862 }
04863 if (rsbac_set_attr(MAC,
04864 T_PROCESS,
04865 i_tid,
04866 A_current_sec_level,
04867 i_attr_val1))
04868 {
04869 rsbac_ds_set_error("rsbac_adf_set_attr_mac", A_none);
04870 return(-RSBAC_EWRITEFAILED);
04871 }
04872 if (rsbac_set_attr(MAC,
04873 T_PROCESS,
04874 i_tid,
04875 A_mac_curr_categories,
04876 i_attr_val2))
04877 {
04878 rsbac_ds_set_error("rsbac_adf_set_attr_mac", A_none);
04879 return(-RSBAC_EWRITEFAILED);
04880 }
04881 #endif
04882 #if 0
04883 /* Now, set min_write_open to process owner's seclevel */
04884 if (rsbac_get_attr(MAC,
04885 T_PROCESS,
04886 i_tid,
04887 A_security_level,
04888 &i_attr_val1,
04889 TRUE))
04890 {
04891 rsbac_ds_get_error("rsbac_adf_set_attr_mac", A_none);
04892 return(-RSBAC_EREADFAILED);
04893 }
04894 #endif
04895 i_attr_val1.min_write_open = SL_max;
04896 if (rsbac_set_attr(MAC,
04897 T_PROCESS,
04898 i_tid,
04899 A_min_write_open,
04900 i_attr_val1))
04901 {
04902 rsbac_ds_set_error("rsbac_adf_set_attr_mac", A_none);
04903 return(-RSBAC_EWRITEFAILED);
04904 }
04905 #if 0
04906 /* Next, set min_write_categories to process owner's mac_categories */
04907 if (rsbac_get_attr(MAC,
04908 T_PROCESS,
04909 i_tid,
04910 A_mac_categories,
04911 &i_attr_val2,
04912 TRUE))
04913 {
04914 rsbac_ds_get_error("rsbac_adf_set_attr_mac", A_none);
04915 return(-RSBAC_EREADFAILED);
04916 }
04917 #endif
04918 i_attr_val2.mac_categories = RSBAC_MAC_MAX_CAT_VECTOR;
04919 if (rsbac_set_attr(MAC,
04920 T_PROCESS,
04921 i_tid,
04922 A_min_write_categories,
04923 i_attr_val2))
04924 {
04925 rsbac_ds_set_error("rsbac_adf_set_attr_mac", A_none);
04926 return(-RSBAC_EWRITEFAILED);
04927 }
04928 /* reset max_read boundary */
04929 #if 0
04930 /* Get owner-min-sec-level and mac_min_categories for owner */
04931 if (rsbac_get_attr(MAC,
04932 T_PROCESS,
04933 i_tid,
04934 A_min_security_level,
04935 &i_attr_val1,
04936 TRUE))
04937 {
04938 rsbac_ds_get_error("rsbac_adf_set_attr_mac", A_none);
04939 return(-RSBAC_EREADFAILED);
04940 }
04941 if (rsbac_get_attr(MAC,
04942 T_PROCESS,
04943 i_tid,
04944 A_mac_min_categories,
04945 &i_attr_val2,
04946 TRUE))
04947 {
04948 rsbac_ds_get_error("rsbac_adf_set_attr_mac", A_none);
04949 return(-RSBAC_EREADFAILED);
04950 }
04951 #endif
04952 i_attr_val1.max_read_open = SL_min;
04953 i_attr_val2.mac_categories = RSBAC_MAC_MIN_CAT_VECTOR;
04954 if (rsbac_set_attr(MAC,
04955 T_PROCESS,
04956 i_tid,
04957 A_max_read_open,
04958 i_attr_val1))
04959 {
04960 rsbac_ds_set_error("rsbac_adf_set_attr_mac", A_none);
04961 return(-RSBAC_EWRITEFAILED);
04962 }
04963 /* reset category max_read boundary */
04964 if (rsbac_set_attr(MAC,
04965 T_PROCESS,
04966 i_tid,
04967 A_max_read_categories,
04968 i_attr_val2))
04969 {
04970 rsbac_ds_set_error("rsbac_adf_set_attr_mac", A_none);
04971 return(-RSBAC_EWRITEFAILED);
04972 }
04973 /* set flags */
04974 if (rsbac_get_attr(MAC,
04975 T_PROCESS,
04976 i_tid,
04977 A_mac_process_flags,
04978 &i_attr_val1,
04979 TRUE))
04980 {
04981 rsbac_ds_get_error("rsbac_adf_set_attr_mac", A_none);
04982 return(-RSBAC_EREADFAILED);
04983 }
04984 if (rsbac_get_attr(MAC,
04985 target,
04986 tid,
04987 A_mac_auto,
04988 &i_attr_val2,
04989 TRUE))
04990 {
04991 rsbac_ds_get_error("rsbac_adf_set_attr_mac", A_none);
04992 return(-RSBAC_EREADFAILED);
04993 }
04994 if(i_attr_val2.mac_auto)
04995 {
04996 i_attr_val1.mac_process_flags |= MAC_program_auto;
04997 i_tid.user = owner;
04998 if (rsbac_get_attr(MAC,
04999 T_USER,
05000 i_tid,
05001 A_mac_user_flags,
05002 &i_attr_val2,
05003 TRUE))
05004 {
05005 rsbac_ds_get_error("rsbac_adf_set_attr_mac", A_none);
05006 return(-RSBAC_EREADFAILED);
05007 }
05008 if(i_attr_val2.mac_user_flags & MAC_allow_auto)
05009 i_attr_val1.mac_process_flags |= MAC_auto;
05010 else
05011 i_attr_val1.mac_process_flags &= ~MAC_auto;
05012 i_tid.process = caller_pid;
05013 }
05014 else
05015 {
05016 i_attr_val1.mac_process_flags &= ~MAC_program_auto;
05017 i_attr_val1.mac_process_flags &= ~MAC_auto;
05018 }
05019 if (rsbac_get_attr(MAC,
05020 T_FILE,
05021 tid,
05022 A_mac_prop_trusted,
05023 &i_attr_val3,
05024 TRUE))
05025 {
05026 rsbac_ds_get_error("rsbac_adf_set_attr_mac", A_none);
05027 return(-RSBAC_EREADFAILED);
05028 }
05029 if( !(i_attr_val3.mac_prop_trusted)
05030 || !(i_attr_val1.mac_process_flags & MAC_trusted)
05031 )
05032 {
05033 if(rsbac_mac_p_truset_member(caller_pid, owner))
05034 i_attr_val1.mac_process_flags |= MAC_trusted;
05035 else
05036 {
05037 i_tid.user = owner;
05038 if (rsbac_get_attr(MAC,
05039 T_USER,
05040 i_tid,
05041 A_mac_user_flags,
05042 &i_attr_val2,
05043 TRUE))
05044 {
05045 rsbac_ds_get_error("rsbac_adf_set_attr_mac", A_none);
05046 return(-RSBAC_EREADFAILED);
05047 }
05048 if(i_attr_val2.mac_user_flags & MAC_trusted)
05049 i_attr_val1.mac_process_flags |= MAC_trusted;
05050 else
05051 i_attr_val1.mac_process_flags &= ~MAC_trusted;
05052 i_tid.process = caller_pid;
05053 }
05054 }
05055 if (rsbac_set_attr(MAC,
05056 T_PROCESS,
05057 i_tid,
05058 A_mac_process_flags,
05059 i_attr_val1))
05060 {
05061 rsbac_ds_set_error("rsbac_adf_set_attr_mac", A_none);
05062 return(-RSBAC_EWRITEFAILED);
05063 }
05064 return(0);
05065
05066 /* all other cases */
05067 default:
05068 return(0);
05069 }
05070
05071 case R_MOUNT:
05072 switch(target)
05073 {
05074 case T_DIR:
05075 case T_DEV:
05076 /* and perform auto-read(-write) with setting of attributes */
05077 if( (target == T_DEV)
05078 && (attr == A_mode)
05079 && (attr_val.mode & MS_RDONLY))
05080 result = auto_read(caller_pid,
05081 target,
05082 tid,
05083 TRUE);
05084 else
05085 result = auto_read_write(caller_pid,
05086 target,
05087 tid,
05088 TRUE);
05089 if ((result != GRANTED) && (result != DO_NOT_CARE))
05090 return(-RSBAC_EDECISIONMISMATCH);
05091 else
05092 return(0);
05093
05094 /* all other cases are unknown */
05095 default:
05096 return(0);
05097 }
05098
05099 case R_READ:
05100 switch(target)
05101 {
05102 case T_DIR:
05103 #ifdef CONFIG_RSBAC_RW
05104 case T_FILE:
05105 case T_FIFO:
05106 case T_IPC:
05107 #endif
05108 /* and perform auto-read with setting of attributes */
05109 result = auto_read(caller_pid,
05110 target,
05111 tid,
05112 TRUE);
05113 if ((result != GRANTED) && (result != DO_NOT_CARE))
05114 return(-RSBAC_EDECISIONMISMATCH);
05115 return(0);
05116
05117 #ifdef CONFIG_RSBAC_RW
05118 case T_DEV:
05119 /* Only check for devices with mac_check set */
05120 if (rsbac_get_attr(MAC,
05121 T_DEV,
05122 tid,
05123 A_mac_check,
05124 &i_attr_val1,
05125 FALSE))
05126 {
05127 rsbac_ds_get_error("rsbac_adf_set_attr_mac", A_none);
05128 return(-RSBAC_EREADFAILED);
05129 }
05130 if(!i_attr_val1.mac_check)
05131 return(0);
05132 /* and perform auto-read with setting of attributes */
05133 result = auto_read(caller_pid,
05134 target,
05135 tid,
05136 TRUE);
05137 if ((result != GRANTED) && (result != DO_NOT_CARE))
05138 return(-RSBAC_EDECISIONMISMATCH);
05139 return(0);
05140 #endif
05141
05142 #ifdef CONFIG_RSBAC_MAC_NET_OBJ_PROT
05143 case T_NETOBJ:
05144 /* and perform auto-read with setting of attributes */
05145 result = auto_read_attr(caller_pid,
05146 target,
05147 tid,
05148 A_remote_sec_level,
05149 A_remote_mac_categories,
05150 TRUE);
05151 if ((result != GRANTED) && (result != DO_NOT_CARE))
05152 return(-RSBAC_EDECISIONMISMATCH);
05153 return(0);
05154 #endif
05155
05156 /* all other cases are unknown */
05157 default:
05158 return(0);
05159 }
05160
05161 case R_READ_OPEN:
05162 switch(target)
05163 {
05164 case T_FILE:
05165 case T_DIR:
05166 case T_FIFO:
05167 case T_IPC:
05168 /* and perform auto-read with setting attributes */
05169 result = auto_read(caller_pid,
05170 target,
05171 tid,
05172 TRUE);
05173 if ((result != GRANTED) && (result != DO_NOT_CARE))
05174 return(-RSBAC_EDECISIONMISMATCH);
05175 return(0);
05176
05177 case T_DEV:
05178 /* Only check for devices with mac_check set */
05179 if (rsbac_get_attr(MAC,
05180 T_DEV,
05181 tid,
05182 A_mac_check,
05183 &i_attr_val1,
05184 FALSE))
05185 {
05186 rsbac_ds_get_error("rsbac_adf_set_attr_mac", A_none);
05187 return(-RSBAC_EREADFAILED);
05188 }
05189 if(!i_attr_val1.mac_check)
05190 return(0);
05191 /* and perform auto-read with setting attributes */
05192 result = auto_read(caller_pid,
05193 target,
05194 tid,
05195 TRUE);
05196 if ((result != GRANTED) && (result != DO_NOT_CARE))
05197 return(-RSBAC_EDECISIONMISMATCH);
05198 return(0);
05199
05200 /* all other cases are unknown */
05201 default:
05202 return(0);
05203 }
05204
05205 case R_READ_WRITE_OPEN:
05206 switch(target)
05207 {
05208 case T_FILE:
05209 case T_FIFO:
05210 case T_IPC:
05211 /* and perform auto-read-write without setting attributes */
05212 result = auto_read_write(caller_pid,
05213 target,
05214 tid,
05215 TRUE);
05216 if ((result != GRANTED) && (result != DO_NOT_CARE))
05217 return(-RSBAC_EDECISIONMISMATCH);
05218 return(0);
05219
05220 case T_DEV:
05221 /* Only check for devices with mac_check set */
05222 if (rsbac_get_attr(MAC,
05223 T_DEV,
05224 tid,
05225 A_mac_check,
05226 &i_attr_val1,
05227 FALSE))
05228 {
05229 rsbac_ds_get_error("rsbac_adf_set_attr_mac", A_none);
05230 return(-RSBAC_EREADFAILED);
05231 }
05232 if(!i_attr_val1.mac_check)
05233 return(0);
05234 /* and perform auto-read-write with setting of attributes */
05235 result = auto_read_write(caller_pid,
05236 target,
05237 tid,
05238 TRUE);
05239 if ((result != GRANTED) && (result != DO_NOT_CARE))
05240 return(-RSBAC_EDECISIONMISMATCH);
05241 return(0);
05242 /* all other cases are unknown */
05243 default:
05244 return(0);
05245 }
05246
05247 case R_SEARCH:
05248 switch(target)
05249 {
05250 case T_DIR:
05251 case T_SYMLINK:
05252 /* and perform auto-read with setting of attributes */
05253 result = auto_read(caller_pid,
05254 target,
05255 tid,
05256 TRUE);
05257 if ((result != GRANTED) && (result != DO_NOT_CARE))
05258 return(-RSBAC_EDECISIONMISMATCH);
05259 return(0);
05260 /* all other cases are unknown */
05261 default:
05262 return(0);
05263 }
05264
05265 case R_TRACE:
05266 switch(target)
05267 {
05268 case T_PROCESS:
05269 /* and perform auto-read-write with setting attributes */
05270 result = auto_read_write_attr(caller_pid,
05271 target,
05272 tid,
05273 A_current_sec_level,
05274 A_mac_curr_categories,
05275 TRUE);
05276 if ((result != GRANTED) && (result != DO_NOT_CARE))
05277 return(-RSBAC_EDECISIONMISMATCH);
05278 return(0);
05279
05280 /* all other cases are unknown */
05281 default:
05282 return(0);
05283 }
05284
05285 case R_WRITE:
05286 case R_WRITE_OPEN:
05287 switch(target)
05288 {
05289 case T_FILE:
05290 case T_FIFO:
05291 case T_IPC:
05292 /* and perform auto-write with setting attributes */
05293 result = auto_write(caller_pid,
05294 target,
05295 tid,
05296 TRUE);
05297 if ((result != GRANTED) && (result != DO_NOT_CARE))
05298 return(-RSBAC_EDECISIONMISMATCH);
05299 return(0);
05300
05301 case T_DEV:
05302 /* Only check for devices with mac_check set */
05303 if (rsbac_get_attr(MAC,
05304 T_DEV,
05305 tid,
05306 A_mac_check,
05307 &i_attr_val1,
05308 FALSE))
05309 {
05310 rsbac_ds_get_error("rsbac_adf_set_attr_mac", A_none);
05311 return(-RSBAC_EREADFAILED);
05312 }
05313 if(!i_attr_val1.mac_check)
05314 return(0);
05315 /* and perform auto-write with setting attributes */
05316 result = auto_write(caller_pid,
05317 target,
05318 tid,
05319 TRUE);
05320 if ((result != GRANTED) && (result != DO_NOT_CARE))
05321 return(-RSBAC_EDECISIONMISMATCH);
05322 return(0);
05323
05324 #ifdef CONFIG_RSBAC_MAC_NET_OBJ_PROT
05325 case T_NETOBJ:
05326 /* and perform auto-write with setting attributes */
05327 result = auto_write_attr(caller_pid,
05328 target,
05329 tid,
05330 A_remote_sec_level,
05331 A_remote_mac_categories,
05332 TRUE);
05333 if ((result != GRANTED) && (result != DO_NOT_CARE))
05334 return(-RSBAC_EDECISIONMISMATCH);
05335 return(0);
05336 #endif
05337
05338 /* all other cases are unknown */
05339 default:
05340 return(0);
05341 }
05342
05343 #ifdef CONFIG_RSBAC_MAC_NET_OBJ_PROT
05344 case R_BIND:
05345 case R_LISTEN:
05346 switch(target)
05347 {
05348 case T_NETOBJ:
05349 /* and perform auto-write with setting attributes */
05350 result = auto_write_attr(caller_pid,
05351 target,
05352 tid,
05353 A_local_sec_level,
05354 A_local_mac_categories,
05355 TRUE);
05356 if ((result != GRANTED) && (result != DO_NOT_CARE))
05357 return(-RSBAC_EDECISIONMISMATCH);
05358 return(0);
05359
05360 /* all other cases are unknown */
05361 default:
05362 return(0);
05363 }
05364
05365 case R_ACCEPT:
05366 case R_CONNECT:
05367 case R_SEND:
05368 case R_RECEIVE:
05369 switch(target)
05370 {
05371 case T_NETOBJ:
05372 /* and perform auto-write with setting attributes */
05373 result = auto_write_attr(caller_pid,
05374 target,
05375 tid,
05376 A_remote_sec_level,
05377 A_remote_mac_categories,
05378 TRUE);
05379 if ((result != GRANTED) && (result != DO_NOT_CARE))
05380 return(-RSBAC_EDECISIONMISMATCH);
05381 return(0);
05382
05383 /* all other cases are unknown */
05384 default:
05385 return(0);
05386 }
05387 #endif
05388
05389 /*********************/
05390 default: return(0);
05391 }
05392
05393 return(0);
05394 } /* end of rsbac_adf_set_attr_mac() */
|
1.4.2