00001
00002
00003
00004
00005
00006
00007
00008
00009
00010
00011
00012 #include <linux/string.h>
00013 #include <rsbac/types.h>
00014 #include <rsbac/aci.h>
00015 #include <rsbac/adf_main.h>
00016 #include <rsbac/rc.h>
00017 #include <rsbac/error.h>
00018 #include <rsbac/debug.h>
00019 #include <rsbac/helpers.h>
00020 #include <rsbac/getname.h>
00021 #include <rsbac/rc_getname.h>
00022 #include <rsbac/rkmem.h>
00023 #include <rsbac/network.h>
00024
00025
00026
00027
00028
00029
00030
00031
00032
00033 static enum rsbac_adf_req_ret_t
00034 check_comp_rc( enum rsbac_target_t target,
00035 union rsbac_target_id_t tid,
00036 enum rsbac_adf_request_t request,
00037 rsbac_pid_t caller_pid)
00038 {
00039 int err;
00040 union rsbac_target_id_t i_tid;
00041 enum rsbac_attribute_t i_attr;
00042 union rsbac_attribute_value_t i_attr_val1;
00043 union rsbac_attribute_value_t i_attr_val2;
00044
00045 union rsbac_rc_target_id_t i_rc_subtid;
00046 enum rsbac_rc_item_t i_rc_item;
00047
00048
00049 i_tid.process = caller_pid;
00050 if ((err=rsbac_get_attr(RC,
00051 T_PROCESS,
00052 i_tid,
00053 A_rc_role,
00054 &i_attr_val1,
00055 FALSE)))
00056 {
00057 rsbac_ds_get_error("check_comp_rc", A_rc_role);
00058 return(NOT_GRANTED);
00059 }
00060 switch(target)
00061 {
00062 case T_FILE:
00063 case T_DIR:
00064 case T_FIFO:
00065 case T_SYMLINK:
00066 i_rc_item = RI_type_comp_fd;
00067 i_attr = A_rc_type_fd;
00068 break;
00069 case T_DEV:
00070 i_rc_item = RI_type_comp_dev;
00071 i_attr = A_rc_type;
00072 break;
00073 case T_USER:
00074 i_rc_item = RI_type_comp_user;
00075 i_attr = A_rc_type;
00076 break;
00077 case T_PROCESS:
00078 i_rc_item = RI_type_comp_process;
00079 i_attr = A_rc_type;
00080 break;
00081 case T_IPC:
00082 i_rc_item = RI_type_comp_ipc;
00083 i_attr = A_rc_type;
00084 break;
00085 #if defined(CONFIG_RSBAC_RC_UM_PROT)
00086 case T_GROUP:
00087 i_rc_item = RI_type_comp_group;
00088 i_attr = A_rc_type;
00089 break;
00090 #endif
00091 #if defined(CONFIG_RSBAC_RC_NET_DEV_PROT)
00092 case T_NETDEV:
00093 i_rc_item = RI_type_comp_netdev;
00094 i_attr = A_rc_type;
00095 break;
00096 #endif
00097 #if defined(CONFIG_RSBAC_RC_NET_OBJ_PROT)
00098 case T_NETTEMP:
00099 i_rc_item = RI_type_comp_nettemp;
00100 i_attr = A_rc_type_nt;
00101 break;
00102 case T_NETOBJ:
00103 i_rc_item = RI_type_comp_netobj;
00104 if(rsbac_net_remote_request(request))
00105 i_attr = A_remote_rc_type;
00106 else
00107 i_attr = A_local_rc_type;
00108 break;
00109 #endif
00110 default:
00111 rsbac_printk(KERN_WARNING "check_comp_rc(): invalid target %i!\n",target);
00112 return(NOT_GRANTED);
00113 }
00114
00115
00116 if ((err=rsbac_get_attr(RC,
00117 target,
00118 tid,
00119 i_attr,
00120 &i_attr_val2,
00121 TRUE)))
00122 {
00123 rsbac_ds_get_error("check_comp_rc", i_attr);
00124 return(NOT_GRANTED);
00125 }
00126
00127
00128 i_rc_subtid.type = i_attr_val2.rc_type;
00129 if(rsbac_rc_check_comp(i_attr_val1.rc_role,
00130 i_rc_subtid,
00131 i_rc_item,
00132 request))
00133 return(GRANTED);
00134 else
00135 {
00136 #ifdef CONFIG_RSBAC_DEBUG
00137 if(rsbac_debug_adf_rc)
00138 {
00139 char * tmp = rsbac_kmalloc(RSBAC_MAXNAMELEN);
00140
00141 if(tmp)
00142 {
00143 char * tmp2 = rsbac_kmalloc(RSBAC_MAXNAMELEN);
00144 if(tmp2)
00145 {
00146 rsbac_printk(KERN_DEBUG "check_comp_rc(): pid %u (%.15s), owner %u, rc_role %u, %s rc_type %u, request %s -> NOT_GRANTED!\n",
00147 caller_pid, current->comm, current->uid, i_attr_val1.rc_role, get_target_name_only(tmp, target), i_attr_val2.rc_type, get_rc_special_right_name(tmp2, request));
00148 rsbac_kfree(tmp2);
00149 }
00150 rsbac_kfree(tmp);
00151 }
00152 }
00153 #endif
00154 return(NOT_GRANTED);
00155 }
00156 }
00157
00158 static enum rsbac_adf_req_ret_t
00159 check_comp_rc_scd(enum rsbac_rc_scd_type_t scd_type,
00160 enum rsbac_adf_request_t request,
00161 rsbac_pid_t caller_pid)
00162 {
00163 int err;
00164 union rsbac_target_id_t i_tid;
00165 union rsbac_attribute_value_t i_attr_val1;
00166
00167 union rsbac_rc_target_id_t i_rc_subtid;
00168
00169
00170 i_tid.process = caller_pid;
00171 if ((err=rsbac_get_attr(RC,
00172 T_PROCESS,
00173 i_tid,
00174 A_rc_role,
00175 &i_attr_val1,
00176 FALSE)))
00177 {
00178 rsbac_ds_get_error("check_comp_rc_scd", A_rc_role);
00179 return(NOT_GRANTED);
00180 }
00181
00182 i_rc_subtid.type = scd_type;
00183 if(rsbac_rc_check_comp(i_attr_val1.rc_role,
00184 i_rc_subtid,
00185 RI_type_comp_scd,
00186 request))
00187 {
00188 return(GRANTED);
00189 }
00190 else
00191 {
00192 #ifdef CONFIG_RSBAC_DEBUG
00193 if(rsbac_debug_adf_rc)
00194 {
00195 char * tmp = rsbac_kmalloc(RSBAC_MAXNAMELEN);
00196
00197 if(tmp)
00198 {
00199 rsbac_printk(KERN_DEBUG "check_comp_rc_scd(): pid %u (%.15s), owner %u, rc_role %i, scd_type %i, request %s -> NOT_GRANTED!\n",
00200 caller_pid, current->comm, current->uid, i_attr_val1.rc_role, scd_type, get_request_name(tmp,request));
00201 rsbac_kfree(tmp);
00202 }
00203 }
00204 #endif
00205 return(NOT_GRANTED);
00206 }
00207 }
00208
00209
00210 int rsbac_rc_test_admin_roles(rsbac_rc_role_id_t t_role, rsbac_boolean_t modify)
00211 {
00212 int err;
00213 union rsbac_target_id_t i_tid;
00214 union rsbac_attribute_value_t i_attr_val1;
00215 union rsbac_rc_target_id_t i_rc_subtid;
00216
00217 if(t_role > RC_role_max_value)
00218 return -RSBAC_EINVALIDVALUE;
00219
00220 i_tid.process = current->pid;
00221 if ((err=rsbac_get_attr(RC, T_PROCESS,
00222 i_tid,
00223 A_rc_role,
00224 &i_attr_val1,
00225 TRUE)))
00226 {
00227 rsbac_ds_get_error("rsbac_rc_test_admin_roles", A_rc_role);
00228 return -RSBAC_EREADFAILED;
00229 }
00230
00231 i_rc_subtid.role = t_role;
00232
00233 if(!modify)
00234 {
00235 if(rsbac_rc_check_comp(i_attr_val1.rc_role,
00236 i_rc_subtid,
00237 RI_assign_roles,
00238 R_NONE))
00239 return 0;
00240
00241 }
00242
00243 if(rsbac_rc_check_comp(i_attr_val1.rc_role,
00244 i_rc_subtid,
00245 RI_admin_roles,
00246 R_NONE))
00247 return 0;
00248 else
00249 return -EPERM;
00250 }
00251
00252
00253 int rsbac_rc_test_assign_roles(enum rsbac_target_t target,
00254 union rsbac_target_id_t tid,
00255 enum rsbac_attribute_t attr,
00256 rsbac_rc_role_id_t t_role)
00257 {
00258 int err;
00259 union rsbac_target_id_t i_tid;
00260 union rsbac_attribute_value_t i_attr_val1;
00261 union rsbac_attribute_value_t i_attr_val2;
00262 union rsbac_rc_target_id_t i_rc_subtid;
00263
00264 if( ( (t_role > RC_role_max_value)
00265 && (t_role != RC_role_inherit_user)
00266 )
00267 || (target >= T_NONE)
00268 )
00269 return -RSBAC_EINVALIDVALUE;
00270
00271 i_tid.process = current->pid;
00272 if ((err=rsbac_get_attr(RC, T_PROCESS,
00273 i_tid,
00274 A_rc_role,
00275 &i_attr_val1,
00276 TRUE)))
00277 {
00278 rsbac_ds_get_error("rsbac_rc_test_assign_roles", A_rc_role);
00279 return -RSBAC_EREADFAILED;
00280 }
00281
00282 if ((err=rsbac_get_attr(RC,
00283 target,
00284 tid,
00285 attr,
00286 &i_attr_val2,
00287 TRUE)))
00288 {
00289 rsbac_ds_get_error("rsbac_rc_test_assign_roles", attr);
00290 return -RSBAC_EREADFAILED;
00291 }
00292
00293 i_rc_subtid.role = i_attr_val2.rc_role;
00294 if(!rsbac_rc_check_comp(i_attr_val1.rc_role,
00295 i_rc_subtid,
00296 RI_assign_roles,
00297 R_NONE))
00298 return -EPERM;
00299 if(t_role != RC_role_inherit_user)
00300 {
00301 i_rc_subtid.role = t_role;
00302 if(!rsbac_rc_check_comp(i_attr_val1.rc_role,
00303 i_rc_subtid,
00304 RI_assign_roles,
00305 R_NONE))
00306 return -EPERM;
00307 }
00308 return 0;
00309 }
00310
00311 enum rsbac_adf_req_ret_t
00312 rsbac_rc_check_type_comp(enum rsbac_target_t target,
00313 rsbac_rc_type_id_t type,
00314 enum rsbac_adf_request_t request,
00315 rsbac_pid_t caller_pid)
00316 {
00317 int err;
00318 union rsbac_target_id_t i_tid;
00319 union rsbac_attribute_value_t i_attr_val1;
00320
00321 union rsbac_rc_target_id_t i_rc_subtid;
00322 enum rsbac_rc_item_t i_rc_item;
00323
00324 if(!caller_pid)
00325 caller_pid = current->pid;
00326
00327
00328
00329
00330 if(type > RC_type_max_value)
00331 {
00332 if(request == RCR_ASSIGN)
00333 return GRANTED;
00334 else
00335 return NOT_GRANTED;
00336 }
00337
00338
00339 i_tid.process = caller_pid;
00340 if ((err=rsbac_get_attr(RC,
00341 T_PROCESS,
00342 i_tid,
00343 A_rc_role,
00344 &i_attr_val1,
00345 FALSE)))
00346 {
00347 rsbac_ds_get_error("rsbac_rc_check_type_comp", A_rc_role);
00348 return(NOT_GRANTED);
00349 }
00350 switch(target)
00351 {
00352 case T_FILE:
00353 case T_DIR:
00354 case T_FIFO:
00355 case T_SYMLINK:
00356 case T_FD:
00357 i_rc_item = RI_type_comp_fd;
00358 break;
00359 case T_DEV:
00360 i_rc_item = RI_type_comp_dev;
00361 break;
00362 case T_USER:
00363 i_rc_item = RI_type_comp_user;
00364 break;
00365 case T_PROCESS:
00366 i_rc_item = RI_type_comp_process;
00367 break;
00368 case T_IPC:
00369 i_rc_item = RI_type_comp_ipc;
00370 break;
00371 #if defined(CONFIG_RSBAC_RC_UM_PROT)
00372 case T_GROUP:
00373 i_rc_item = RI_type_comp_group;
00374 break;
00375 #endif
00376 #if defined(CONFIG_RSBAC_RC_NET_DEV_PROT)
00377 case T_NETDEV:
00378 i_rc_item = RI_type_comp_netdev;
00379 break;
00380 #endif
00381 #if defined(CONFIG_RSBAC_RC_NET_OBJ_PROT)
00382 case T_NETTEMP:
00383 i_rc_item = RI_type_comp_nettemp;
00384 break;
00385 case T_NETOBJ:
00386 i_rc_item = RI_type_comp_netobj;
00387 break;
00388 #endif
00389
00390 default:
00391 rsbac_printk(KERN_WARNING "rsbac_rc_check_type_comp(): invalid target %i!\n",target);
00392 return(NOT_GRANTED);
00393 }
00394
00395 i_rc_subtid.type = type;
00396 if(rsbac_rc_check_comp(i_attr_val1.rc_role,
00397 i_rc_subtid,
00398 i_rc_item,
00399 request))
00400 return(GRANTED);
00401 else
00402 {
00403 #ifdef CONFIG_RSBAC_DEBUG
00404 if(rsbac_debug_adf_rc)
00405 {
00406 char * tmp = rsbac_kmalloc(RSBAC_MAXNAMELEN);
00407
00408 if(tmp)
00409 {
00410 rsbac_printk(KERN_DEBUG "rsbac_rc_check_type_comp(): rc_role is %i, rc_type is %i, request is %s -> NOT_GRANTED!\n",
00411 i_attr_val1.rc_role, type, get_rc_special_right_name(tmp, request));
00412 rsbac_kfree(tmp);
00413 }
00414 }
00415 #endif
00416 return(NOT_GRANTED);
00417 }
00418 }
00419
00420
00421 int rsbac_rc_test_role_admin(rsbac_boolean_t modify)
00422 {
00423 int err;
00424 union rsbac_target_id_t i_tid;
00425 union rsbac_attribute_value_t i_attr_val1;
00426 union rsbac_rc_target_id_t i_rc_tid;
00427 union rsbac_rc_item_value_t i_rc_item_val1;
00428
00429
00430 i_tid.process = current->pid;
00431 if ((err=rsbac_get_attr(RC, T_PROCESS,
00432 i_tid,
00433 A_rc_role,
00434 &i_attr_val1,
00435 TRUE)))
00436 {
00437 rsbac_ds_get_error("rsbac_rc_test_role_admin", A_rc_role);
00438 return -RSBAC_EREADFAILED;
00439 }
00440
00441
00442 i_rc_tid.role = i_attr_val1.rc_role;
00443 if ((err=rsbac_rc_get_item(0,
00444 RT_ROLE,
00445 i_rc_tid,
00446 i_rc_tid,
00447 RI_admin_type,
00448 &i_rc_item_val1,
00449 NULL)))
00450 {
00451 rsbac_rc_ds_get_error("rsbac_rc_test_role_admin", RI_admin_type);
00452 return -RSBAC_EREADFAILED;
00453 }
00454
00455
00456 if ( (i_rc_item_val1.admin_type == RC_role_admin)
00457 || ( !modify
00458 && (i_rc_item_val1.admin_type == RC_system_admin)
00459 )
00460 )
00461 return 0;
00462 else
00463 return -EPERM;
00464 }
00465
00466
00467
00468
00469
00470 enum rsbac_adf_req_ret_t
00471 rsbac_adf_request_rc (enum rsbac_adf_request_t request,
00472 rsbac_pid_t caller_pid,
00473 enum rsbac_target_t target,
00474 union rsbac_target_id_t tid,
00475 enum rsbac_attribute_t attr,
00476 union rsbac_attribute_value_t attr_val,
00477 rsbac_uid_t owner)
00478 {
00479 int err;
00480 enum rsbac_adf_req_ret_t result = DO_NOT_CARE;
00481 union rsbac_attribute_value_t i_attr_val1;
00482 union rsbac_rc_target_id_t i_rc_tid;
00483 union rsbac_rc_target_id_t i_rc_subtid;
00484 union rsbac_rc_item_value_t i_rc_item_val1;
00485 union rsbac_target_id_t i_tid;
00486 union rsbac_attribute_value_t i_attr_val2;
00487
00488 switch (request)
00489 {
00490 case R_ADD_TO_KERNEL:
00491 switch(target)
00492 {
00493 case T_NONE:
00494
00495 return(check_comp_rc_scd(ST_other, request, caller_pid));
00496
00497 case T_FILE:
00498 case T_DEV:
00499 return(check_comp_rc(target, tid, request, caller_pid));
00500
00501
00502 default:
00503 return(DO_NOT_CARE);
00504 }
00505
00506
00507 case R_ALTER:
00508
00509 switch(target)
00510 {
00511 case T_IPC:
00512 return(check_comp_rc(target, tid, request, caller_pid));
00513
00514
00515 default: return(DO_NOT_CARE);
00516 }
00517
00518 case R_APPEND_OPEN:
00519 case R_READ_WRITE_OPEN:
00520 switch(target)
00521 {
00522 case T_FILE:
00523 case T_DEV:
00524 case T_FIFO:
00525 case T_IPC:
00526 return(check_comp_rc(target, tid, request, caller_pid));
00527
00528
00529 default: return(DO_NOT_CARE);
00530 }
00531
00532 case R_CHANGE_GROUP:
00533 switch(target)
00534 {
00535 case T_FILE:
00536 case T_DIR:
00537 case T_FIFO:
00538 case T_SYMLINK:
00539 case T_IPC:
00540 #if defined(CONFIG_RSBAC_RC_UM_PROT)
00541 case T_USER:
00542 #endif
00543 return(check_comp_rc(target, tid, request, caller_pid));
00544
00545
00546 default: return(DO_NOT_CARE);
00547 }
00548
00549 case R_CHANGE_OWNER:
00550 switch(target)
00551 {
00552 case T_FILE:
00553 case T_DIR:
00554 case T_FIFO:
00555 case T_SYMLINK:
00556 case T_IPC:
00557 return(check_comp_rc(target, tid, request, caller_pid));
00558
00559 case T_PROCESS:
00560
00561 if ((err=rsbac_get_attr(RC, T_PROCESS,
00562 tid,
00563 A_rc_role,
00564 &i_attr_val1,
00565 FALSE)))
00566 {
00567 rsbac_ds_get_error("rsbac_adf_request_rc", A_rc_role);
00568 return(-RSBAC_EREADFAILED);
00569 }
00570
00571 i_rc_tid.role = i_attr_val1.rc_role;
00572 if ((err=rsbac_rc_get_item(0,
00573 RT_ROLE,
00574 i_rc_tid,
00575 i_rc_tid,
00576 RI_def_process_chown_type,
00577 &i_rc_item_val1,
00578 NULL)))
00579 {
00580 rsbac_rc_ds_get_error("rsbac_adf_request_rc()",
00581 RI_def_process_chown_type);
00582 return(-RSBAC_EREADFAILED);
00583 }
00584 if( (i_rc_item_val1.type_id == RC_type_no_chown)
00585 || (i_rc_item_val1.type_id == RC_type_no_create)
00586 )
00587 return(NOT_GRANTED);
00588 else
00589 return(GRANTED);
00590
00591
00592 default:
00593 return(DO_NOT_CARE);
00594 }
00595
00596 case R_CHDIR:
00597 switch(target)
00598 {
00599 case T_DIR:
00600 return(check_comp_rc(target, tid, request, caller_pid));
00601
00602
00603 default: return(DO_NOT_CARE);
00604 }
00605
00606 case R_CLONE:
00607 if (target == T_PROCESS)
00608 {
00609
00610
00611 i_tid.process = caller_pid;
00612 if ((err=rsbac_get_attr(RC, T_PROCESS,
00613 i_tid,
00614 A_rc_role,
00615 &i_attr_val1,
00616 FALSE)))
00617 {
00618 rsbac_ds_get_error("rsbac_adf_request_rc", A_rc_role);
00619 return(NOT_GRANTED);
00620 }
00621
00622 i_rc_tid.role = i_attr_val1.rc_role;
00623 if ((err=rsbac_rc_get_item(0,
00624 RT_ROLE,
00625 i_rc_tid,
00626 i_rc_tid,
00627 RI_def_process_create_type,
00628 &i_rc_item_val1,
00629 NULL)))
00630 {
00631 rsbac_rc_ds_get_error("rsbac_adf_request_rc()",
00632 RI_def_process_create_type);
00633 return(-RSBAC_EREADFAILED);
00634 }
00635 switch(i_rc_item_val1.type_id)
00636 {
00637 case RC_type_no_create:
00638 #ifdef CONFIG_RSBAC_DEBUG
00639 if(rsbac_debug_adf_rc)
00640 rsbac_printk(KERN_DEBUG "rsbac_adf_request_rc(): pid %u (%.15s), owner %u, rc_role %u, def_process_create_type no_create, request CLONE -> NOT_GRANTED!\n",
00641 caller_pid, current->comm, current->uid, i_attr_val1.rc_role);
00642 #endif
00643 return(NOT_GRANTED);
00644
00645 case RC_type_use_new_role_def_create:
00646
00647 rsbac_printk(KERN_WARNING
00648 "rsbac_adf_request_rc(): invalid type use_new_role_def_create in def_process_create_type of role %i!\n",
00649 i_attr_val1.rc_role);
00650 return(NOT_GRANTED);
00651
00652 case RC_type_inherit_parent:
00653 case RC_type_inherit_process:
00654 return GRANTED;
00655
00656 default:
00657
00658
00659 i_rc_subtid.type = i_rc_item_val1.type_id;
00660 if(rsbac_rc_check_comp(i_attr_val1.rc_role,
00661 i_rc_subtid,
00662 RI_type_comp_process,
00663 R_CREATE))
00664 return(GRANTED);
00665 else
00666 {
00667 rsbac_printk(KERN_WARNING
00668 "rsbac_adf_request_rc(): rc_role %i has no CREATE right on its def_process_create_type %i -> NOT_GRANTED!\n",
00669 i_attr_val1.rc_role, i_rc_item_val1.type_id);
00670 return(NOT_GRANTED);
00671 }
00672 }
00673 }
00674 else
00675 return(DO_NOT_CARE);
00676
00677
00678 case R_CREATE:
00679 switch(target)
00680 {
00681 case T_DIR:
00682
00683 result = check_comp_rc(target, tid, request, caller_pid);
00684 if((result != GRANTED) && (result != DO_NOT_CARE))
00685 return result;
00686
00687
00688
00689 i_tid.process = caller_pid;
00690 if ((err=rsbac_get_attr(RC, T_PROCESS,
00691 i_tid,
00692 A_rc_role,
00693 &i_attr_val1,
00694 FALSE)))
00695 {
00696 rsbac_ds_get_error("rsbac_adf_request_rc", A_rc_role);
00697 return(NOT_GRANTED);
00698 }
00699
00700
00701 if ((err=rsbac_get_attr(RC,
00702 target,
00703 tid,
00704 A_rc_type_fd,
00705 &i_attr_val2,
00706 TRUE)))
00707 {
00708 rsbac_ds_get_error("rsbac_adf_request_rc", A_rc_type_fd);
00709 return(NOT_GRANTED);
00710 }
00711 i_rc_tid.role = i_attr_val1.rc_role;
00712 i_rc_subtid.type = i_attr_val2.rc_type;
00713 if ((err=rsbac_rc_get_item(0,
00714 RT_ROLE,
00715 i_rc_tid,
00716 i_rc_subtid,
00717 RI_def_fd_ind_create_type,
00718 &i_rc_item_val1,
00719 NULL)))
00720 {
00721 if ((err=rsbac_rc_get_item(0,
00722 RT_ROLE,
00723 i_rc_tid,
00724 i_rc_subtid,
00725 RI_def_fd_create_type,
00726 &i_rc_item_val1,
00727 NULL)))
00728 {
00729 rsbac_rc_ds_get_error("rsbac_adf_request_rc()",
00730 RI_def_fd_create_type);
00731 return(NOT_GRANTED);
00732 }
00733 }
00734 switch(i_rc_item_val1.type_id)
00735 {
00736 case RC_type_no_create:
00737 #ifdef CONFIG_RSBAC_DEBUG
00738 if(rsbac_debug_adf_rc)
00739 rsbac_printk(KERN_DEBUG "rsbac_adf_request_rc(): pid %u (%.15s), owner %u, rc_role %u, def_fd_create_type no_create, request CREATE -> NOT_GRANTED!\n",
00740 caller_pid, current->comm, current->uid, i_attr_val1.rc_role);
00741 #endif
00742 return(NOT_GRANTED);
00743 break;
00744
00745 case RC_type_use_new_role_def_create:
00746 case RC_type_inherit_process:
00747
00748 rsbac_printk(KERN_WARNING
00749 "rsbac_adf_request_rc(): invalid type use_new_role_def_create in def_fd_create_type of role %i!\n",
00750 i_attr_val1.rc_role);
00751 return(NOT_GRANTED);
00752
00753 case RC_type_inherit_parent:
00754 return GRANTED;
00755
00756 default:
00757
00758
00759 i_rc_subtid.type = i_rc_item_val1.type_id;
00760 if(rsbac_rc_check_comp(i_attr_val1.rc_role,
00761 i_rc_subtid,
00762 RI_type_comp_fd,
00763 R_CREATE))
00764 return(GRANTED);
00765 else
00766 {
00767 rsbac_printk(KERN_WARNING
00768 "rsbac_adf_request_rc(): rc_role %i has no CREATE right on its def_fd_create_type %i -> NOT_GRANTED!\n",
00769 i_attr_val1.rc_role, i_rc_item_val1.type_id);
00770 return(NOT_GRANTED);
00771 }
00772 }
00773
00774 case T_IPC:
00775
00776
00777 i_tid.process = caller_pid;
00778 if ((err=rsbac_get_attr(RC, T_PROCESS,
00779 i_tid,
00780 A_rc_role,
00781 &i_attr_val1,
00782 FALSE)))
00783 {
00784 rsbac_ds_get_error("rsbac_adf_request_rc", A_rc_role);
00785 return(NOT_GRANTED);
00786 }
00787
00788 i_rc_tid.role = i_attr_val1.rc_role;
00789 if ((err=rsbac_rc_get_item(0,
00790 RT_ROLE,
00791 i_rc_tid,
00792 i_rc_tid,
00793 RI_def_ipc_create_type,
00794 &i_rc_item_val1,
00795 NULL)))
00796 {
00797 rsbac_rc_ds_get_error("rsbac_adf_request_rc()",
00798 RI_def_ipc_create_type);
00799 return(NOT_GRANTED);
00800 }
00801 switch(i_rc_item_val1.type_id)
00802 {
00803 case RC_type_no_create:
00804 #ifdef CONFIG_RSBAC_DEBUG
00805 if(rsbac_debug_adf_rc)
00806 rsbac_printk(KERN_DEBUG "rsbac_adf_request_rc(): pid %u (%.15s), owner %u, rc_role %u, def_ipc_create_type no_create, request CREATE -> NOT_GRANTED!\n",
00807 caller_pid, current->comm, current->uid, i_attr_val1.rc_role);
00808 #endif
00809
00810 return(NOT_GRANTED);
00811
00812 case RC_type_use_new_role_def_create:
00813
00814 rsbac_printk(KERN_WARNING
00815 "rsbac_adf_request_rc(): invalid type use_new_role_def_create in def_ipc_create_type of role %i!\n",
00816 i_attr_val1.rc_role);
00817 return(NOT_GRANTED);
00818
00819 case RC_type_inherit_parent:
00820 case RC_type_inherit_process:
00821
00822 rsbac_printk(KERN_WARNING
00823 "rsbac_adf_request_rc(): invalid type inherit_parent in def_ipc_create_type of role %i!\n",
00824 i_attr_val1.rc_role);
00825 return(NOT_GRANTED);
00826
00827 default:
00828
00829
00830 i_rc_subtid.type = i_rc_item_val1.type_id;
00831 if(rsbac_rc_check_comp(i_attr_val1.rc_role,
00832 i_rc_subtid,
00833 RI_type_comp_ipc,
00834 R_CREATE))
00835 return(GRANTED);
00836 else
00837 {
00838 rsbac_printk(KERN_WARNING
00839 "rsbac_adf_request_rc(): rc_role %i has no CREATE right on its def_ipc_create_type %i -> NOT_GRANTED!\n",
00840 i_attr_val1.rc_role, i_rc_item_val1.type_id);
00841 return(NOT_GRANTED);
00842 }
00843 }
00844
00845 #if defined(CONFIG_RSBAC_RC_UM_PROT)
00846 case T_USER:
00847
00848
00849 i_tid.process = caller_pid;
00850 if ((err=rsbac_get_attr(RC, T_PROCESS,
00851 i_tid,
00852 A_rc_role,
00853 &i_attr_val1,
00854 FALSE)))
00855 {
00856 rsbac_ds_get_error("rsbac_adf_request_rc", A_rc_role);
00857 return(NOT_GRANTED);
00858 }
00859
00860 i_rc_tid.role = i_attr_val1.rc_role;
00861 if ((err=rsbac_rc_get_item(0,
00862 RT_ROLE,
00863 i_rc_tid,
00864 i_rc_tid,
00865 RI_def_user_create_type,
00866 &i_rc_item_val1,
00867 NULL)))
00868 {
00869 rsbac_rc_ds_get_error("rsbac_adf_request_rc()",
00870 RI_def_user_create_type);
00871 return(NOT_GRANTED);
00872 }
00873 switch(i_rc_item_val1.type_id)
00874 {
00875 case RC_type_no_create:
00876 #ifdef CONFIG_RSBAC_DEBUG
00877 if(rsbac_debug_adf_rc)
00878 rsbac_printk(KERN_DEBUG "rsbac_adf_request_rc(): pid %u (%.15s), owner %u, rc_role %u, def_user_create_type no_create, request CREATE -> NOT_GRANTED!\n",
00879 caller_pid, current->comm, current->uid, i_attr_val1.rc_role);
00880 #endif
00881 return(NOT_GRANTED);
00882
00883 case RC_type_use_new_role_def_create:
00884
00885 rsbac_printk(KERN_WARNING
00886 "rsbac_adf_request_rc(): invalid type use_new_role_def_create in def_user_create_type of role %i!\n",
00887 i_attr_val1.rc_role);
00888 return(NOT_GRANTED);
00889
00890 case RC_type_inherit_parent:
00891 case RC_type_inherit_process:
00892
00893 rsbac_printk(KERN_WARNING
00894 "rsbac_adf_request_rc(): invalid type inherit_parent in def_user_create_type of role %i!\n",
00895 i_attr_val1.rc_role);
00896 return(NOT_GRANTED);
00897
00898 default:
00899
00900
00901 i_rc_subtid.type = i_rc_item_val1.type_id;
00902 if(rsbac_rc_check_comp(i_attr_val1.rc_role,
00903 i_rc_subtid,
00904 RI_type_comp_user,
00905 R_CREATE))
00906 return(GRANTED);
00907 else
00908 {
00909 rsbac_printk(KERN_WARNING
00910 "rsbac_adf_request_rc(): rc_role %i has no CREATE right on its def_user_create_type %i -> NOT_GRANTED!\n",
00911 i_attr_val1.rc_role, i_rc_item_val1.type_id);
00912 return(NOT_GRANTED);
00913 }
00914 }
00915
00916 case T_GROUP:
00917
00918
00919 i_tid.process = caller_pid;
00920 if ((err=rsbac_get_attr(RC, T_PROCESS,
00921 i_tid,
00922 A_rc_role,
00923 &i_attr_val1,
00924 FALSE)))
00925 {
00926 rsbac_ds_get_error("rsbac_adf_request_rc", A_rc_role);
00927 return(NOT_GRANTED);
00928 }
00929
00930 i_rc_tid.role = i_attr_val1.rc_role;
00931 if ((err=rsbac_rc_get_item(0,
00932 RT_ROLE,
00933 i_rc_tid,
00934 i_rc_tid,
00935 RI_def_group_create_type,
00936 &i_rc_item_val1,
00937 NULL)))
00938 {
00939 rsbac_rc_ds_get_error("rsbac_adf_request_rc()",
00940 RI_def_group_create_type);
00941 return(NOT_GRANTED);
00942 }
00943 switch(i_rc_item_val1.type_id)
00944 {
00945 case RC_type_no_create:
00946 #ifdef CONFIG_RSBAC_DEBUG
00947 if(rsbac_debug_adf_rc)
00948 rsbac_printk(KERN_DEBUG "rsbac_adf_request_rc(): pid %u (%.15s), owner %u, rc_role %u, def_group_create_type no_create, request CREATE -> NOT_GRANTED!\n",
00949 caller_pid, current->comm, current->uid, i_attr_val1.rc_role);
00950 #endif
00951 return(NOT_GRANTED);
00952
00953 case RC_type_use_new_role_def_create:
00954
00955 rsbac_printk(KERN_WARNING
00956 "rsbac_adf_request_rc(): invalid type use_new_role_def_create in def_group_create_type of role %i!\n",
00957 i_attr_val1.rc_role);
00958 return(NOT_GRANTED);
00959
00960 case RC_type_inherit_parent:
00961 case RC_type_inherit_process:
00962
00963 rsbac_printk(KERN_WARNING
00964 "rsbac_adf_request_rc(): invalid type inherit_parent in def_group_create_type of role %i!\n",
00965 i_attr_val1.rc_role);
00966 return(NOT_GRANTED);
00967
00968 default:
00969
00970
00971 i_rc_subtid.type = i_rc_item_val1.type_id;
00972 if(rsbac_rc_check_comp(i_attr_val1.rc_role,
00973 i_rc_subtid,
00974 RI_type_comp_group,
00975 R_CREATE))
00976 return(GRANTED);
00977 else
00978 {
00979 rsbac_printk(KERN_WARNING
00980 "rsbac_adf_request_rc(): rc_role %i has no CREATE right on its def_group_create_type %i -> NOT_GRANTED!\n",
00981 i_attr_val1.rc_role, i_rc_item_val1.type_id);
00982 return(NOT_GRANTED);
00983 }
00984 }
00985 #endif
00986
00987 #if defined(CONFIG_RSBAC_RC_NET_OBJ_PROT)
00988 case T_NETTEMP:
00989
00990 i_tid.process = caller_pid;
00991 if ((err=rsbac_get_attr(RC,
00992 T_PROCESS,
00993 i_tid,
00994 A_rc_role,
00995 &i_attr_val1,
00996 FALSE)))
00997 {
00998 rsbac_ds_get_error("rsbac_adf_request_rc", A_rc_role);
00999 return(NOT_GRANTED);
01000 }
01001
01002 i_rc_subtid.type = RSBAC_RC_GENERAL_TYPE;
01003 if(rsbac_rc_check_comp(i_attr_val1.rc_role,
01004 i_rc_subtid,
01005 RI_type_comp_nettemp,
01006 request))
01007 return(GRANTED);
01008 else
01009 {
01010 #ifdef CONFIG_RSBAC_DEBUG
01011 if(rsbac_debug_adf_rc)
01012 {
01013 char * tmp = rsbac_kmalloc(RSBAC_MAXNAMELEN);
01014
01015 if(tmp)
01016 {
01017 rsbac_printk(KERN_DEBUG
01018 "rsbac_adf_request_rc(): rc_role is %i, rc_nettemp_type is %i, request is CREATE -> NOT_GRANTED!\n",
01019 i_attr_val1.rc_role, RSBAC_RC_GENERAL_TYPE);
01020 rsbac_kfree(tmp);
01021 }
01022 }
01023 #endif
01024 return(NOT_GRANTED);
01025 }
01026
01027 case T_NETOBJ:
01028
01029 return(check_comp_rc(target, tid, request, caller_pid));
01030 #endif
01031
01032
01033 default: return(DO_NOT_CARE);
01034 }
01035
01036 case R_DELETE:
01037 switch(target)
01038 {
01039 case T_FILE:
01040 case T_DIR:
01041 case T_FIFO:
01042 case T_SYMLINK:
01043 case T_IPC:
01044 #if defined(CONFIG_RSBAC_RC_NET_OBJ_PROT)
01045 case T_NETTEMP:
01046 case T_NETOBJ:
01047 #endif
01048 #if defined(CONFIG_RSBAC_RC_UM_PROT)
01049 case T_USER:
01050 case T_GROUP:
01051 #endif
01052 return(check_comp_rc(target, tid, request, caller_pid));
01053
01054
01055 default: return(DO_NOT_CARE);
01056 }
01057
01058 case R_EXECUTE:
01059 switch(target)
01060 {
01061 case T_FILE:
01062
01063 if ((err=rsbac_get_attr(RC, T_PROCESS,
01064 tid,
01065 A_rc_role,
01066 &i_attr_val1,
01067 FALSE)))
01068 {
01069 rsbac_ds_get_error("rsbac_adf_request_rc", A_rc_role);
01070 return(NOT_GRANTED);
01071 }
01072
01073 i_rc_tid.role = i_attr_val1.rc_role;
01074 if ((err=rsbac_rc_get_item(0,
01075 RT_ROLE,
01076 i_rc_tid,
01077 i_rc_tid,
01078 RI_def_process_execute_type,
01079 &i_rc_item_val1,
01080 NULL)))
01081 {
01082 rsbac_rc_ds_get_error("rsbac_adf_request_rc()",
01083 RI_def_process_execute_type);
01084 return(NOT_GRANTED);
01085 }
01086 if(i_rc_item_val1.type_id == RC_type_no_execute)
01087 return(NOT_GRANTED);
01088 else
01089 return(check_comp_rc(target, tid, request, caller_pid));
01090
01091
01092 default:
01093 return(DO_NOT_CARE);
01094 }
01095
01096 case R_GET_PERMISSIONS_DATA:
01097 switch(target)
01098 {
01099 case T_SCD:
01100 return(check_comp_rc_scd(tid.scd, request, caller_pid));
01101 case T_FILE:
01102 case T_DIR:
01103 case T_FIFO:
01104 case T_SYMLINK:
01105 case T_IPC:
01106 case T_DEV:
01107 #if defined(CONFIG_RSBAC_RC_NET_OBJ_PROT)
01108 case T_NETOBJ:
01109 #endif
01110 #if defined(CONFIG_RSBAC_RC_UM_PROT)
01111 case T_USER:
01112 case T_GROUP:
01113 #endif
01114 return(check_comp_rc(target, tid, request, caller_pid));
01115
01116 default:
01117 return(DO_NOT_CARE);
01118 };
01119
01120 case R_GET_STATUS_DATA:
01121 switch(target)
01122 {
01123 case T_SCD:
01124 return(check_comp_rc_scd(tid.scd, request, caller_pid));
01125 case T_FILE:
01126 case T_DIR:
01127 case T_FIFO:
01128 case T_SYMLINK:
01129 case T_IPC:
01130 case T_PROCESS:
01131 case T_DEV:
01132 #if defined(CONFIG_RSBAC_RC_UM_PROT)
01133 case T_USER:
01134 case T_GROUP:
01135 #endif
01136 return(check_comp_rc(target, tid, request, caller_pid));
01137
01138 #if defined(CONFIG_RSBAC_RC_NET_DEV_PROT)
01139 case T_NETDEV:
01140 return(check_comp_rc(target, tid, request, caller_pid));
01141 #endif
01142 #if defined(CONFIG_RSBAC_RC_NET_OBJ_PROT)
01143 case T_NETOBJ:
01144 return(check_comp_rc(target, tid, request, caller_pid));
01145 #endif
01146
01147 default:
01148 return(DO_NOT_CARE);
01149 }
01150
01151 case R_LINK_HARD:
01152 switch(target)
01153 {
01154 case T_FILE:
01155 case T_FIFO:
01156 case T_SYMLINK:
01157 return(check_comp_rc(target, tid, request, caller_pid));
01158
01159
01160 default: return(DO_NOT_CARE);
01161 }
01162
01163 case R_MAP_EXEC:
01164 switch(target)
01165 {
01166 case T_FILE:
01167 return(check_comp_rc(target, tid, request, caller_pid));
01168
01169
01170 default:
01171 return(DO_NOT_CARE);
01172 }
01173
01174 case R_MODIFY_ACCESS_DATA:
01175 switch(target)
01176 {
01177 case T_FILE:
01178 case T_DIR:
01179 case T_FIFO:
01180 case T_SYMLINK:
01181 return(check_comp_rc(target, tid, request, caller_pid));
01182
01183
01184 default: return(DO_NOT_CARE);
01185 }
01186
01187 case R_MODIFY_ATTRIBUTE:
01188 switch(attr)
01189 {
01190 case A_owner:
01191 return(NOT_GRANTED);
01192 case A_rc_type:
01193 case A_local_rc_type:
01194 case A_remote_rc_type:
01195 case A_rc_type_fd:
01196 case A_rc_type_nt:
01197
01198 result = check_comp_rc(target, tid, request, caller_pid);
01199 if( (result == GRANTED)
01200 || (result == DO_NOT_CARE)
01201 )
01202 {
01203
01204 result = rsbac_rc_check_type_comp(target, attr_val.rc_type, RCR_ASSIGN, caller_pid);
01205 if( (result == GRANTED)
01206 || (result == DO_NOT_CARE)
01207 )
01208 return result;
01209 }
01210
01211 if ((err=rsbac_rc_test_role_admin(TRUE)))
01212 return(NOT_GRANTED);
01213 else
01214 return(GRANTED);
01215
01216 case A_rc_force_role:
01217 case A_rc_initial_role:
01218 case A_rc_role:
01219 case A_rc_def_role:
01220
01221 result = check_comp_rc(target, tid, request, caller_pid);
01222 if( (result == GRANTED)
01223 || (result == DO_NOT_CARE)
01224 )
01225 {
01226
01227 if (!(err=rsbac_rc_test_assign_roles(target, tid, attr, attr_val.rc_role)))
01228 return(GRANTED);
01229 }
01230
01231 if (rsbac_rc_test_role_admin(TRUE))
01232 return(NOT_GRANTED);
01233 else
01234 return(GRANTED);
01235
01236
01237 case A_pseudo:
01238 if(target != T_USER)
01239 return UNDEFINED;
01240
01241 if (rsbac_rc_test_assign_roles(target, tid, A_rc_def_role, RC_role_inherit_user))
01242 return(NOT_GRANTED);
01243 else
01244 return(GRANTED);
01245
01246 #ifdef CONFIG_RSBAC_RC_GEN_PROT
01247 case A_log_array_low:
01248 case A_log_array_high:
01249 case A_log_program_based:
01250 case A_log_user_based:
01251 case A_symlink_add_remote_ip:
01252 case A_symlink_add_uid:
01253 case A_symlink_add_rc_role:
01254 case A_linux_dac_disable:
01255 case A_fake_root_uid:
01256 case A_audit_uid:
01257 case A_auid_exempt:
01258 case A_remote_ip:
01259
01260 result = check_comp_rc(target, tid, request, caller_pid);
01261 if( (result == GRANTED)
01262 || (result == DO_NOT_CARE)
01263 )
01264 return result;
01265
01266 if (rsbac_rc_test_role_admin(TRUE))
01267 return(NOT_GRANTED);
01268 else
01269 return(GRANTED);
01270 #endif
01271
01272
01273 case A_none:
01274 switch(target)
01275 {
01276 case T_USER:
01277
01278 if ((err=rsbac_rc_test_assign_roles(target, tid, A_rc_def_role, RC_role_inherit_user)))
01279 return(NOT_GRANTED);
01280 else
01281 return(GRANTED);
01282
01283 default:
01284
01285 return(check_comp_rc(target, tid, request, caller_pid));
01286 }
01287
01288 #ifdef CONFIG_RSBAC_RC_AUTH_PROT
01289 case A_auth_may_setuid:
01290 case A_auth_may_set_cap:
01291 case A_auth_start_uid:
01292 case A_auth_start_euid:
01293 case A_auth_start_gid:
01294 case A_auth_start_egid:
01295 case A_auth_program_file:
01296 case A_auth_learn:
01297 case A_auth_add_f_cap:
01298 case A_auth_remove_f_cap:
01299 case A_auth_last_auth:
01300
01301 result = check_comp_rc_scd(RST_auth_administration, request, caller_pid);
01302 if( (result == GRANTED)
01303 || (result == DO_NOT_CARE)
01304 )
01305 {
01306
01307 result = check_comp_rc(target, tid, RCR_MODIFY_AUTH, caller_pid);
01308 if( (result == GRANTED)
01309 || (result == DO_NOT_CARE)
01310 )
01311 return result;
01312 }
01313
01314 if ((err=rsbac_rc_test_role_admin(TRUE)))
01315 return(NOT_GRANTED);
01316 else
01317 return(GRANTED);
01318 #endif
01319
01320 default:
01321 return(DO_NOT_CARE);
01322 }
01323
01324 case R_MODIFY_PERMISSIONS_DATA:
01325 switch(target)
01326 {
01327 case T_FILE:
01328 case T_DIR:
01329 case T_FIFO:
01330 case T_SYMLINK:
01331 case T_IPC:
01332 case T_DEV:
01333 #if defined(CONFIG_RSBAC_RC_UM_PROT)
01334 case T_USER:
01335 case T_GROUP:
01336 #endif
01337 #if defined(CONFIG_RSBAC_RC_NET_OBJ_PROT)
01338 case T_NETOBJ:
01339 #endif
01340 return(check_comp_rc(target, tid, request, caller_pid));
01341
01342 case T_SCD:
01343 return(check_comp_rc_scd(tid.scd, request, caller_pid));
01344
01345 #ifdef CONFIG_RSBAC_ALLOW_DAC_DISABLE
01346 case T_NONE:
01347
01348 return(check_comp_rc_scd(ST_other, request, caller_pid));
01349 #endif
01350
01351
01352 default: return(DO_NOT_CARE);
01353 }
01354
01355 case R_MODIFY_SYSTEM_DATA:
01356 switch(target)
01357 {
01358 case T_SCD:
01359 return(check_comp_rc_scd(tid.scd, request, caller_pid));
01360
01361 case T_DEV:
01362 case T_PROCESS:
01363 #if defined(CONFIG_RSBAC_RC_NET_DEV_PROT)
01364 case T_NETDEV:
01365 #endif
01366 #if defined(CONFIG_RSBAC_RC_NET_OBJ_PROT)
01367 case T_NETOBJ:
01368 #endif
01369 return(check_comp_rc(target, tid, request, caller_pid));
01370
01371
01372 default: return(DO_NOT_CARE);
01373 }
01374
01375 case R_MOUNT:
01376 switch(target)
01377 {
01378 case T_FILE:
01379 case T_DIR:
01380 case T_DEV:
01381 return(check_comp_rc(target, tid, request, caller_pid));
01382
01383
01384 default: return(DO_NOT_CARE);
01385 }
01386
01387 case R_READ:
01388 case R_WRITE:
01389 switch(target)
01390 {
01391 case T_DIR:
01392 case T_IPC:
01393 #ifdef CONFIG_RSBAC_RW
01394 case T_FILE:
01395 case T_FIFO:
01396 case T_DEV:
01397 #endif
01398 #if defined(CONFIG_RSBAC_RC_UM_PROT)
01399 case T_USER:
01400 case T_GROUP:
01401 #endif
01402 #if defined(CONFIG_RSBAC_RC_NET_OBJ_PROT)
01403 #if defined(CONFIG_RSBAC_NET_OBJ_RW)
01404 case T_NETTEMP:
01405 #endif
01406 #endif
01407 return(check_comp_rc(target, tid, request, caller_pid));
01408
01409 case T_SCD:
01410 return(check_comp_rc_scd(tid.scd, request, caller_pid));
01411
01412 #if defined(CONFIG_RSBAC_RC_NET_OBJ_PROT)
01413 #if defined(CONFIG_RSBAC_NET_OBJ_RW)
01414 case T_NETOBJ:
01415 #if defined(CONFIG_RSBAC_RC_NET_OBJ_UNIX_PROCESS)
01416 if( tid.netobj.sock_p
01417 && tid.netobj.sock_p->ops
01418 && (tid.netobj.sock_p->ops->family == AF_UNIX)
01419 && tid.netobj.sock_p->sk
01420 #if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,0)
01421 && tid.netobj.sock_p->sk->sk_peercred.pid
01422 #else
01423 && tid.netobj.sock_p->sk->peercred.pid
01424 #endif
01425 )
01426 {
01427 enum rsbac_adf_req_ret_t tmp_result;
01428
01429 #if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,0)
01430 i_tid.process = tid.netobj.sock_p->sk->sk_peercred.pid;
01431 #else
01432 i_tid.process = tid.netobj.sock_p->sk->peercred.pid;
01433 #endif
01434 if(request == R_READ)
01435 tmp_result = check_comp_rc(T_PROCESS, i_tid, R_RECEIVE, caller_pid);
01436 else
01437 tmp_result = check_comp_rc(T_PROCESS, i_tid, R_SEND, caller_pid);
01438 if( (tmp_result == NOT_GRANTED)
01439 || (tmp_result == UNDEFINED)
01440 )
01441 return tmp_result;
01442 }
01443 #endif
01444 return(check_comp_rc(target, tid, request, caller_pid));
01445 #endif
01446 #endif
01447
01448
01449 default: return(DO_NOT_CARE);
01450 }
01451
01452 case R_READ_ATTRIBUTE:
01453 switch(attr)
01454 {
01455 case A_rc_type:
01456 case A_rc_type_fd:
01457 case A_rc_type_nt:
01458 case A_rc_force_role:
01459 case A_rc_initial_role:
01460 case A_rc_role:
01461 case A_rc_def_role:
01462 case A_pseudo:
01463 #ifdef CONFIG_RSBAC_RC_GEN_PROT
01464 case A_owner:
01465 case A_log_array_low:
01466 case A_log_array_high:
01467 case A_log_program_based:
01468 case A_log_user_based:
01469 case A_symlink_add_remote_ip:
01470 case A_symlink_add_uid:
01471 case A_symlink_add_rc_role:
01472 case A_linux_dac_disable:
01473 case A_fake_root_uid:
01474 case A_audit_uid:
01475 case A_auid_exempt:
01476 case A_remote_ip:
01477 #endif
01478
01479 result = check_comp_rc(target, tid, request, caller_pid);
01480 if( (result == GRANTED)
01481 || (result == DO_NOT_CARE)
01482 )
01483 return result;
01484
01485 if (rsbac_rc_test_role_admin(FALSE))
01486 return(NOT_GRANTED);
01487 else
01488 return(GRANTED);
01489
01490 #ifdef CONFIG_RSBAC_RC_AUTH_PROT
01491 case A_auth_may_setuid:
01492 case A_auth_may_set_cap:
01493 case A_auth_start_uid:
01494 case A_auth_start_euid:
01495 case A_auth_start_gid:
01496 case A_auth_start_egid:
01497 case A_auth_program_file:
01498 case A_auth_learn:
01499 case A_auth_add_f_cap:
01500 case A_auth_remove_f_cap:
01501 case A_auth_last_auth:
01502
01503 result = check_comp_rc_scd(RST_auth_administration, request, caller_pid);
01504 if( (result == GRANTED)
01505 || (result == DO_NOT_CARE)
01506 )
01507 return result;
01508
01509 if (rsbac_rc_test_role_admin(FALSE))
01510 return(NOT_GRANTED);
01511 else
01512 return(GRANTED);
01513 #endif
01514
01515 default:
01516 return(DO_NOT_CARE);
01517 }
01518
01519 case R_READ_OPEN:
01520 switch(target)
01521 {
01522 case T_FILE:
01523 case T_FIFO:
01524 case T_DEV:
01525 case T_IPC:
01526 return(check_comp_rc(target, tid, request, caller_pid));
01527
01528
01529 default: return(DO_NOT_CARE);
01530 }
01531
01532 case R_REMOVE_FROM_KERNEL:
01533 switch(target)
01534 {
01535 case T_NONE:
01536 return(check_comp_rc_scd(ST_other, request, caller_pid));
01537
01538 case T_FILE:
01539 case T_DEV:
01540 return(check_comp_rc(target, tid, request, caller_pid));
01541
01542
01543 default: return(DO_NOT_CARE);
01544 }
01545
01546 case R_RENAME:
01547 switch(target)
01548 {
01549 case T_FILE:
01550 case T_DIR:
01551 case T_FIFO:
01552 case T_SYMLINK:
01553 #if defined(CONFIG_RSBAC_RC_UM_PROT)
01554 case T_USER:
01555 case T_GROUP:
01556 #endif
01557 return(check_comp_rc(target, tid, request, caller_pid));
01558
01559
01560 default: return(DO_NOT_CARE);
01561 }
01562
01563 case R_SEARCH:
01564 switch(target)
01565 {
01566 case T_DIR:
01567 case T_SYMLINK:
01568 #if defined(CONFIG_RSBAC_RC_UM_PROT)
01569 case T_USER:
01570 case T_GROUP:
01571 #endif
01572 return(check_comp_rc(target, tid, request, caller_pid));
01573
01574
01575 default: return(DO_NOT_CARE);
01576 }
01577
01578 case R_SEND_SIGNAL:
01579 case R_TRACE:
01580 if (target == T_PROCESS)
01581 return(check_comp_rc(target, tid, request, caller_pid));
01582 else
01583 return(DO_NOT_CARE);
01584
01585 case R_SHUTDOWN:
01586 switch(target)
01587 {
01588 case T_NONE:
01589 return(check_comp_rc_scd(ST_other, request, caller_pid));
01590
01591
01592 default: return(DO_NOT_CARE);
01593 }
01594
01595 case R_SWITCH_LOG:
01596 switch(target)
01597 {
01598 case T_NONE:
01599 return(check_comp_rc_scd(ST_other, request, caller_pid));
01600
01601
01602 default: return(DO_NOT_CARE);
01603 }
01604
01605 case R_SWITCH_MODULE:
01606 switch(target)
01607 {
01608 case T_NONE:
01609
01610 if(attr != A_switch_target)
01611 return(UNDEFINED);
01612
01613 if( (attr_val.switch_target != RC)
01614 #ifdef CONFIG_RSBAC_SOFTMODE
01615 && (attr_val.switch_target != SOFTMODE)
01616 #endif
01617 #ifdef CONFIG_RSBAC_FREEZE
01618 && (attr_val.switch_target != FREEZE)
01619 #endif
01620 #ifdef CONFIG_RSBAC_RC_AUTH_PROT
01621 && (attr_val.switch_target != AUTH)
01622 #endif
01623 )
01624 return(DO_NOT_CARE);
01625 return(check_comp_rc_scd(ST_other, request, caller_pid));
01626
01627
01628 default: return(DO_NOT_CARE);
01629 }
01630
01631 case R_TERMINATE:
01632 if (target == T_PROCESS)
01633 return(DO_NOT_CARE);
01634 else
01635 return(DO_NOT_CARE);
01636
01637 case R_TRUNCATE:
01638 switch(target)
01639 {
01640 case T_FILE:
01641 return(check_comp_rc(target, tid, request, caller_pid));
01642
01643
01644 default: return(DO_NOT_CARE);
01645 }
01646
01647 case R_WRITE_OPEN:
01648 switch(target)
01649 {
01650 case T_FILE:
01651 case T_DEV:
01652 case T_FIFO:
01653 case T_IPC:
01654 return(check_comp_rc(target, tid, request, caller_pid));
01655
01656
01657 default: return(DO_NOT_CARE);
01658 }
01659
01660 case R_UMOUNT:
01661 switch(target)
01662 {
01663 case T_FILE:
01664 case T_DIR:
01665 case T_DEV:
01666 return(check_comp_rc(target, tid, request, caller_pid));
01667
01668
01669 default: return(DO_NOT_CARE);
01670 }
01671
01672
01673 #if defined(CONFIG_RSBAC_NET)
01674 case R_BIND:
01675 switch(target)
01676 {
01677 #if defined(CONFIG_RSBAC_RC_NET_DEV_PROT)
01678 case T_NETDEV:
01679 return(check_comp_rc(target, tid, request, caller_pid));
01680 #endif
01681
01682 #if defined(CONFIG_RSBAC_RC_NET_OBJ_PROT)
01683 case T_NETOBJ:
01684 return(check_comp_rc(target, tid, request, caller_pid));
01685 #endif
01686
01687
01688 default: return(DO_NOT_CARE);
01689 }
01690 #endif
01691
01692 case R_SEND:
01693 switch(target)
01694 {
01695 case T_DEV:
01696 return(check_comp_rc(target, tid, request, caller_pid));
01697
01698 #if defined(CONFIG_RSBAC_RC_NET_OBJ_PROT)
01699 case T_NETOBJ:
01700 #if defined(CONFIG_RSBAC_RC_NET_OBJ_UNIX_PROCESS)
01701 if( tid.netobj.sock_p
01702 && tid.netobj.sock_p->ops
01703 && (tid.netobj.sock_p->ops->family == AF_UNIX)
01704 && tid.netobj.sock_p->sk
01705 #if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,0)
01706 && tid.netobj.sock_p->sk->sk_peercred.pid
01707 #else
01708 && tid.netobj.sock_p->sk->peercred.pid
01709 #endif
01710 )
01711 {
01712 enum rsbac_adf_req_ret_t tmp_result;
01713
01714 #if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,0)
01715 i_tid.process = tid.netobj.sock_p->sk->sk_peercred.pid;
01716 #else
01717 i_tid.process = tid.netobj.sock_p->sk->peercred.pid;
01718 #endif
01719 tmp_result = check_comp_rc(T_PROCESS, i_tid, request, caller_pid);
01720 if( (tmp_result == NOT_GRANTED)
01721 || (tmp_result == UNDEFINED)
01722 )
01723 return tmp_result;
01724 }
01725 #endif
01726
01727 return(check_comp_rc(target, tid, request, caller_pid));
01728 #endif
01729
01730
01731 default: return(DO_NOT_CARE);
01732 }
01733
01734 #if defined(CONFIG_RSBAC_RC_NET_OBJ_PROT)
01735 case R_LISTEN:
01736 case R_NET_SHUTDOWN:
01737 switch(target)
01738 {
01739 case T_NETOBJ:
01740 return(check_comp_rc(target, tid, request, caller_pid));
01741
01742
01743 default: return(DO_NOT_CARE);
01744 }
01745 case R_ACCEPT:
01746 case R_CONNECT:
01747 case R_RECEIVE:
01748 switch(target)
01749 {
01750 case T_NETOBJ:
01751 #if defined(CONFIG_RSBAC_RC_NET_OBJ_UNIX_PROCESS)
01752 if( tid.netobj.sock_p
01753 && tid.netobj.sock_p->ops
01754 && (tid.netobj.sock_p->ops->family == AF_UNIX)
01755 && tid.netobj.sock_p->sk
01756 #if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,0)
01757 && tid.netobj.sock_p->sk->sk_peercred.pid
01758 #else
01759 && tid.netobj.sock_p->sk->peercred.pid
01760 #endif
01761 )
01762 {
01763 enum rsbac_adf_req_ret_t tmp_result;
01764
01765 #if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,0)
01766 i_tid.process = tid.netobj.sock_p->sk->sk_peercred.pid;
01767 #else
01768 i_tid.process = tid.netobj.sock_p->sk->peercred.pid;
01769 #endif
01770 tmp_result = check_comp_rc(T_PROCESS, i_tid, request, caller_pid);
01771 if( (tmp_result == NOT_GRANTED)
01772 || (tmp_result == UNDEFINED)
01773 )
01774 return tmp_result;
01775 }
01776 #endif
01777
01778 return(check_comp_rc(target, tid, request, caller_pid));
01779
01780
01781 default: return(DO_NOT_CARE);
01782 }
01783 #endif
01784
01785 case R_IOCTL:
01786 switch(target)
01787 {
01788 case T_DEV:
01789 #if defined(CONFIG_RSBAC_RC_NET_OBJ_PROT)
01790 case T_NETOBJ:
01791 #endif
01792 return(check_comp_rc(target, tid, request, caller_pid));
01793
01794 default:
01795 return(DO_NOT_CARE);
01796 }
01797
01798 case R_LOCK:
01799 switch(target)
01800 {
01801 case T_FILE:
01802 case T_DIR:
01803 case T_FIFO:
01804 case T_SYMLINK:
01805 return(check_comp_rc(target, tid, request, caller_pid));
01806
01807 default:
01808 return(DO_NOT_CARE);
01809 }
01810
01811
01812 default: return DO_NOT_CARE;
01813 }
01814
01815 return result;
01816 }
01817
01818
01819
01820
01821
01822
01823
01824
01825
01826
01827
01828
01829
01830 int rsbac_adf_set_attr_rc(
01831 enum rsbac_adf_request_t request,
01832 rsbac_pid_t caller_pid,
01833 enum rsbac_target_t target,
01834 union rsbac_target_id_t tid,
01835 enum rsbac_target_t new_target,
01836 union rsbac_target_id_t new_tid,
01837 enum rsbac_attribute_t attr,
01838 union rsbac_attribute_value_t attr_val,
01839 rsbac_uid_t owner)
01840 {
01841 int err;
01842 union rsbac_target_id_t i_tid;
01843 union rsbac_attribute_value_t i_attr_val1;
01844 union rsbac_attribute_value_t i_attr_val2;
01845 union rsbac_rc_target_id_t i_rc_tid;
01846 union rsbac_rc_target_id_t i_rc_subtid;
01847 union rsbac_rc_item_value_t i_rc_item_val1;
01848
01849 switch (request)
01850 {
01851 case R_CHANGE_OWNER:
01852 switch (target)
01853 {
01854 case T_PROCESS:
01855
01856
01857
01858 if(attr != A_owner)
01859 return(-RSBAC_EINVALIDATTR);
01860
01861
01862 i_tid.process = caller_pid;
01863 if ((err=rsbac_get_attr(RC, T_PROCESS,
01864 i_tid,
01865 A_rc_role,
01866 &i_attr_val1,
01867 TRUE)))
01868 {
01869 rsbac_ds_get_error("rsbac_adf_set_attr_rc", A_rc_role);
01870 return(-RSBAC_EREADFAILED);
01871 }
01872
01873 i_rc_tid.role = i_attr_val1.rc_role;
01874 if ((err=rsbac_rc_get_item(0,
01875 RT_ROLE,
01876 i_rc_tid,
01877 i_rc_tid,
01878 RI_def_process_chown_type,
01879 &i_rc_item_val1,
01880 NULL)))
01881 {
01882 rsbac_rc_ds_get_error("rsbac_adf_set_attr_rc()",
01883 RI_def_process_chown_type);
01884 return(-RSBAC_EREADFAILED);
01885 }
01886
01887
01888 i_tid.process = caller_pid;
01889 if ((err=rsbac_get_attr(RC, T_PROCESS,
01890 i_tid,
01891 A_rc_force_role,
01892 &i_attr_val1,
01893 TRUE)))
01894 {
01895 rsbac_ds_get_error("rsbac_adf_set_attr_rc", A_rc_force_role);
01896 return(-RSBAC_EREADFAILED);
01897 }
01898
01899 if( (i_attr_val1.rc_force_role == RC_role_inherit_user)
01900 || (i_attr_val1.rc_force_role == RC_role_inherit_up_mixed)
01901 )
01902 {
01903
01904 i_tid.user = attr_val.owner;
01905 if ((err=rsbac_get_attr(RC, T_USER,
01906 i_tid,
01907 A_rc_def_role,
01908 &i_attr_val1,
01909 TRUE)))
01910 {
01911 rsbac_ds_get_error("rsbac_adf_set_attr_rc", A_rc_def_role);
01912 return(-RSBAC_EREADFAILED);
01913 }
01914
01915 if(i_attr_val1.rc_def_role > RC_role_max_value)
01916 {
01917 rsbac_printk(KERN_WARNING
01918 "rsbac_adf_set_attr_rc(): rc_def_role %u of user %u is higher than MAX_ROLE %u, setting role of process %u to GENERAL_ROLE %u!\n",
01919 i_attr_val1.rc_def_role, attr_val.owner, RC_role_max_value, caller_pid, RSBAC_RC_GENERAL_ROLE);
01920 i_attr_val1.rc_def_role = RSBAC_RC_GENERAL_ROLE;
01921 }
01922
01923 i_tid.process = caller_pid;
01924 if ((err=rsbac_set_attr(RC, T_PROCESS,
01925 i_tid,
01926 A_rc_role,
01927 i_attr_val1)))
01928 {
01929 rsbac_ds_set_error("rsbac_adf_set_attr_rc", A_rc_role);
01930 return(-RSBAC_EWRITEFAILED);
01931 }
01932 }
01933 else
01934 if( (i_attr_val1.rc_force_role <= RC_role_max_value)
01935 )
01936 {
01937
01938 i_tid.process = caller_pid;
01939 if ((err=rsbac_set_attr(RC, T_PROCESS,
01940 i_tid,
01941 A_rc_role,
01942 i_attr_val1)))
01943 {
01944 rsbac_ds_set_error("rsbac_adf_set_attr_rc", A_rc_role);
01945 return(-RSBAC_EWRITEFAILED);
01946 }
01947 }
01948
01949
01950 switch(i_rc_item_val1.type_id)
01951 {
01952 case RC_type_inherit_parent:
01953 case RC_type_inherit_process:
01954
01955 break;
01956 case RC_type_use_new_role_def_create:
01957
01958 if(i_attr_val1.rc_role > RC_role_max_value)
01959 break;
01960
01961 i_rc_tid.role = i_attr_val1.rc_role;
01962 if ((err=rsbac_rc_get_item(0,
01963 RT_ROLE,
01964 i_rc_tid,
01965 i_rc_tid,
01966 RI_def_process_create_type,
01967 &i_rc_item_val1,
01968 NULL)))
01969 {
01970 rsbac_rc_ds_get_error("rsbac_adf_set_attr_rc()",
01971 RI_def_process_create_type);
01972 return(-RSBAC_EREADFAILED);
01973 }
01974 switch(i_rc_item_val1.type_id)
01975 {
01976 case RC_type_inherit_parent:
01977 case RC_type_inherit_process:
01978
01979 break;
01980 case RC_type_use_new_role_def_create:
01981
01982 rsbac_printk(KERN_WARNING
01983 "rsbac_adf_set_attr_rc(): invalid type use_new_role_def_create in def_process_create_type of role %i!\n",
01984 i_attr_val1.rc_role);
01985 break;
01986 case RC_type_no_create:
01987
01988 i_rc_item_val1.type_id = RSBAC_RC_GENERAL_TYPE;
01989
01990 default:
01991
01992 i_attr_val1.rc_type = i_rc_item_val1.type_id;
01993 if ((err=rsbac_set_attr(RC, T_PROCESS,
01994 i_tid,
01995 A_rc_type,
01996 i_attr_val1)))
01997 {
01998 rsbac_ds_set_error("rsbac_adf_set_attr_rc", A_rc_type);
01999 return(-RSBAC_EWRITEFAILED);
02000 }
02001 }
02002 break;
02003 case RC_type_no_create:
02004 case RC_type_no_chown:
02005
02006 i_rc_item_val1.type_id = RSBAC_RC_GENERAL_TYPE;
02007
02008 default:
02009
02010 i_attr_val1.rc_type = i_rc_item_val1.type_id;
02011 if ((err=rsbac_set_attr(RC, T_PROCESS,
02012 i_tid,
02013 A_rc_type,
02014 i_attr_val1)))
02015 {
02016 rsbac_ds_set_error("rsbac_adf_set_attr_rc", A_rc_type);
02017 return(-RSBAC_EWRITEFAILED);
02018 }
02019 }
02020
02021 return 0;
02022
02023
02024 default:
02025 return 0;
02026 }
02027
02028 case R_CLONE:
02029 if (target == T_PROCESS)
02030 {
02031
02032 if ((err=rsbac_get_attr(RC, T_PROCESS,
02033 tid,
02034 A_rc_role,
02035 &i_attr_val1,
02036 FALSE)))
02037 {
02038 rsbac_ds_get_error("rsbac_adf_set_attr_rc", A_rc_role);
02039 return(-RSBAC_EREADFAILED);
02040 }
02041
02042
02043 if ((err=rsbac_get_attr(RC, T_PROCESS,
02044 tid,
02045 A_rc_force_role,
02046 &i_attr_val2,
02047 FALSE)))
02048 {
02049 rsbac_ds_get_error("rsbac_adf_set_attr_rc", A_rc_force_role);
02050 return(-RSBAC_EREADFAILED);
02051 }
02052
02053
02054 if ((err=rsbac_set_attr(RC, T_PROCESS,
02055 new_tid,
02056 A_rc_role,
02057 i_attr_val1)))
02058 {
02059 rsbac_ds_set_error("rsbac_adf_set_attr_rc", A_rc_role);
02060 return(-RSBAC_EWRITEFAILED);
02061 }
02062
02063
02064 if ((err=rsbac_set_attr(RC, T_PROCESS,
02065 new_tid,
02066 A_rc_force_role,
02067 i_attr_val2)))
02068 {
02069 rsbac_ds_set_error("rsbac_adf_set_attr_rc", A_rc_force_role);
02070 return(-RSBAC_EWRITEFAILED);
02071 }
02072
02073
02074 i_rc_tid.role = i_attr_val1.rc_role;
02075 if ((err=rsbac_rc_get_item(0,
02076 RT_ROLE,
02077 i_rc_tid,
02078 i_rc_tid,
02079 RI_def_process_create_type,
02080 &i_rc_item_val1,
02081 NULL)))
02082 {
02083 rsbac_rc_ds_get_error("rsbac_adf_set_attr_rc()",
02084 RI_def_process_create_type);
02085 return(-RSBAC_EREADFAILED);
02086 }
02087 switch(i_rc_item_val1.type_id)
02088 {
02089 case RC_type_inherit_parent:
02090 case RC_type_inherit_process:
02091
02092
02093 if ((err=rsbac_get_attr(RC, T_PROCESS,
02094 tid,
02095 A_rc_type,
02096 &i_attr_val1,
02097 FALSE)))
02098 {
02099 rsbac_ds_get_error("rsbac_adf_set_attr_rc", A_rc_type);
02100 return(-RSBAC_EREADFAILED);
02101 }
02102
02103 if ((err=rsbac_set_attr(RC, T_PROCESS,
02104 new_tid,
02105 A_rc_type,
02106 i_attr_val1)))
02107 {
02108 rsbac_ds_set_error("rsbac_adf_set_attr_rc", A_rc_type);
02109 return(-RSBAC_EWRITEFAILED);
02110 }
02111 break;
02112 case RC_type_no_create:
02113 return(-RSBAC_EDECISIONMISMATCH);
02114 case RC_type_use_new_role_def_create:
02115
02116 rsbac_printk(KERN_WARNING
02117 "rsbac_adf_set_attr_rc(): invalid type use_new_role_def_create in def_process_create_type of role %i!\n",
02118 i_attr_val1.rc_role);
02119 return(-RSBAC_EINVALIDVALUE);
02120 default:
02121
02122 i_attr_val1.rc_type = i_rc_item_val1.type_id;
02123 if ((err=rsbac_set_attr(RC, T_PROCESS,
02124 new_tid,
02125 A_rc_type,
02126 i_attr_val1)))
02127 {
02128 rsbac_ds_set_error("rsbac_adf_set_attr_rc", A_rc_type);
02129 return(-RSBAC_EWRITEFAILED);
02130 }
02131 }
02132 return(0);
02133 }
02134 else
02135 return(0);
02136
02137 case R_CREATE:
02138 switch(target)
02139 {
02140
02141 case T_DIR:
02142
02143
02144 i_tid.process = caller_pid;
02145 if ((err=rsbac_get_attr(RC, T_PROCESS,
02146 i_tid,
02147 A_rc_role,
02148 &i_attr_val1,
02149 FALSE)))
02150 {
02151 rsbac_ds_get_error("rsbac_adf_set_attr_rc", A_rc_role);
02152 return(-RSBAC_EREADFAILED);
02153 }
02154
02155
02156 if ((err=rsbac_get_attr(RC,
02157 target,
02158 tid,
02159 A_rc_type_fd,
02160 &i_attr_val2,
02161 TRUE)))
02162 {
02163 rsbac_ds_get_error("rsbac_adf_request_rc", A_rc_type_fd);
02164 return(-RSBAC_EREADFAILED);
02165 }
02166 i_rc_tid.role = i_attr_val1.rc_role;
02167 i_rc_subtid.type = i_attr_val2.rc_type;
02168 if ((err=rsbac_rc_get_item(0,
02169 RT_ROLE,
02170 i_rc_tid,
02171 i_rc_subtid,
02172 RI_def_fd_ind_create_type,
02173 &i_rc_item_val1,
02174 NULL)))
02175 {
02176 if ((err=rsbac_rc_get_item(0,
02177 RT_ROLE,
02178 i_rc_tid,
02179 i_rc_subtid,
02180 RI_def_fd_create_type,
02181 &i_rc_item_val1,
02182 NULL)))
02183 {
02184 rsbac_rc_ds_get_error("rsbac_adf_set_attr_rc()",
02185 RI_def_fd_create_type);
02186 return(-RSBAC_EREADFAILED);
02187 }
02188 }
02189 switch(i_rc_item_val1.type_id)
02190 {
02191 case RC_type_no_create:
02192 return(-RSBAC_EDECISIONMISMATCH);
02193 break;
02194
02195 case RC_type_use_new_role_def_create:
02196 case RC_type_inherit_process:
02197
02198 rsbac_printk(KERN_WARNING
02199 "rsbac_adf_set_attr_rc(): invalid type use_new_role_def_create in def_fd_create_type of role %i!\n",
02200 i_attr_val1.rc_role);
02201 return(-RSBAC_EINVALIDVALUE);
02202
02203 case RC_type_inherit_parent:
02204 default:
02205
02206 if ((err=rsbac_get_attr(RC, new_target,
02207 new_tid,
02208 A_rc_type_fd,
02209 &i_attr_val1,
02210 FALSE)))
02211 {
02212 rsbac_ds_get_error("rsbac_adf_set_attr_rc", A_rc_type_fd);
02213 return(-RSBAC_EREADFAILED);
02214 }
02215
02216 if(i_attr_val1.rc_type_fd != i_rc_item_val1.type_id)
02217 {
02218 i_attr_val1.rc_type_fd = i_rc_item_val1.type_id;
02219 if ((err=rsbac_set_attr(RC, new_target,
02220 new_tid,
02221 A_rc_type_fd,
02222 i_attr_val1)))
02223 {
02224 rsbac_ds_set_error("rsbac_adf_set_attr_rc", A_rc_type_fd);
02225 return(-RSBAC_EWRITEFAILED);
02226 }
02227 }
02228 }
02229 return(0);
02230
02231 case T_IPC:
02232
02233 i_tid.process = caller_pid;
02234 if ((err=rsbac_get_attr(RC, T_PROCESS,
02235 i_tid,
02236 A_rc_role,
02237 &i_attr_val1,
02238 FALSE)))
02239 {
02240 rsbac_ds_get_error("rsbac_adf_set_attr_rc", A_rc_role);
02241 return(-RSBAC_EREADFAILED);
02242 }
02243
02244 i_rc_tid.role = i_attr_val1.rc_role;
02245 if ((err=rsbac_rc_get_item(0,
02246 RT_ROLE,
02247 i_rc_tid,
02248 i_rc_tid,
02249 RI_def_ipc_create_type,
02250 &i_rc_item_val1,
02251 NULL)))
02252 {
02253 rsbac_rc_ds_get_error("rsbac_adf_set_attr_rc()",
02254 RI_def_ipc_create_type);
02255 return(-RSBAC_EREADFAILED);
02256 }
02257 switch(i_rc_item_val1.type_id)
02258 {
02259 case RC_type_no_create:
02260 return(-RSBAC_EDECISIONMISMATCH);
02261 break;
02262
02263 case RC_type_use_new_role_def_create:
02264
02265 rsbac_printk(KERN_WARNING
02266 "rsbac_adf_set_attr_rc(): invalid type use_new_role_def_create in def_ipc_create_type of role %i!\n",
02267 i_attr_val1.rc_role);
02268 return(-RSBAC_EINVALIDVALUE);
02269
02270 case RC_type_inherit_parent:
02271 case RC_type_inherit_process:
02272
02273 rsbac_printk(KERN_WARNING
02274 "rsbac_adf_set_attr_rc(): invalid type inherit_parent in def_ipc_create_type of role %i!\n",
02275 i_attr_val1.rc_role);
02276 return -RSBAC_EINVALIDVALUE;
02277
02278 default:
02279
02280 i_attr_val1.rc_type = i_rc_item_val1.type_id;
02281
02282 if ((err=rsbac_get_attr(RC,
02283 target,
02284 tid,
02285 A_rc_type,
02286 &i_attr_val1,
02287 FALSE)))
02288 {
02289 rsbac_ds_get_error("rsbac_adf_set_attr_rc", A_rc_type);
02290 return(-RSBAC_EREADFAILED);
02291 }
02292
02293 if(i_attr_val1.rc_type != i_attr_val2.rc_type)
02294 {
02295 if ((err=rsbac_set_attr(RC, target,
02296 tid,
02297 A_rc_type,
02298 i_attr_val1)))
02299 {
02300 rsbac_ds_set_error("rsbac_adf_set_attr_rc", A_rc_type);
02301 return(-RSBAC_EWRITEFAILED);
02302 }
02303 }
02304 }
02305 return 0;
02306
02307 case T_USER:
02308
02309 i_tid.process = caller_pid;
02310 if ((err=rsbac_get_attr(RC, T_PROCESS,
02311 i_tid,
02312 A_rc_role,
02313 &i_attr_val1,
02314 FALSE)))
02315 {
02316 rsbac_ds_get_error("rsbac_adf_set_attr_rc", A_rc_role);
02317 return -RSBAC_EREADFAILED;
02318 }
02319
02320 i_rc_tid.role = i_attr_val1.rc_role;
02321 if ((err=rsbac_rc_get_item(0,
02322 RT_ROLE,
02323 i_rc_tid,
02324 i_rc_tid,
02325 RI_def_user_create_type,
02326 &i_rc_item_val1,
02327 NULL)))
02328 {
02329 rsbac_rc_ds_get_error("rsbac_adf_set_attr_rc()",
02330 RI_def_user_create_type);
02331 return -RSBAC_EREADFAILED;
02332 }
02333 switch(i_rc_item_val1.type_id)
02334 {
02335 case RC_type_no_create:
02336 #ifdef CONFIG_RSBAC_DEBUG
02337 if(rsbac_debug_adf_rc)
02338 rsbac_printk(KERN_DEBUG "rsbac_adf_set_attr_rc(): pid %u (%.15s), owner %u, rc_role %u, def_user_create_type no_create, request CREATE -> NOT_GRANTED!\n",
02339 caller_pid, current->comm, current->uid, i_attr_val1.rc_role);
02340 #endif
02341 return -RSBAC_EDECISIONMISMATCH;
02342
02343 case RC_type_use_new_role_def_create:
02344
02345 rsbac_printk(KERN_WARNING
02346 "rsbac_adf_set_attr_rc(): invalid type use_new_role_def_create in def_user_create_type of role %i!\n",
02347 i_attr_val1.rc_role);
02348 return -RSBAC_EINVALIDVALUE;
02349
02350 case RC_type_inherit_parent:
02351 case RC_type_inherit_process:
02352
02353 rsbac_printk(KERN_WARNING
02354 "rsbac_adf_set_attr_rc(): invalid type inherit_parent in def_user_create_type of role %i!\n",
02355 i_attr_val1.rc_role);
02356 return -RSBAC_EINVALIDVALUE;
02357
02358 default:
02359
02360 i_attr_val1.rc_type = i_rc_item_val1.type_id;
02361
02362 if ((err=rsbac_get_attr(RC,
02363 target,
02364 tid,
02365 A_rc_type,
02366 &i_attr_val2,
02367 FALSE)))
02368 {
02369 rsbac_ds_get_error("rsbac_adf_set_attr_rc", A_rc_type);
02370 return(-RSBAC_EREADFAILED);
02371 }
02372
02373 if(i_attr_val1.rc_type != i_attr_val2.rc_type)
02374 {
02375 if ((err=rsbac_set_attr(RC, target,
02376 tid,
02377 A_rc_type,
02378 i_attr_val1)))
02379 {
02380 rsbac_ds_set_error("rsbac_adf_set_attr_rc", A_rc_type);
02381 return(-RSBAC_EWRITEFAILED);
02382 }
02383 }
02384 }
02385 return 0;
02386
02387 case T_GROUP:
02388
02389 i_tid.process = caller_pid;
02390 if ((err=rsbac_get_attr(RC, T_PROCESS,
02391 i_tid,
02392 A_rc_role,
02393 &i_attr_val1,
02394 FALSE)))
02395 {
02396 rsbac_ds_get_error("rsbac_adf_set_attr_rc", A_rc_role);
02397 return -RSBAC_EREADFAILED;
02398 }
02399
02400 i_rc_tid.role = i_attr_val1.rc_role;
02401 if ((err=rsbac_rc_get_item(0,
02402 RT_ROLE,
02403 i_rc_tid,
02404 i_rc_tid,
02405 RI_def_group_create_type,
02406 &i_rc_item_val1,
02407 NULL)))
02408 {
02409 rsbac_rc_ds_get_error("rsbac_adf_set_attr_rc()",
02410 RI_def_group_create_type);
02411 return -RSBAC_EREADFAILED;
02412 }
02413 switch(i_rc_item_val1.type_id)
02414 {
02415 case RC_type_no_create:
02416 #ifdef CONFIG_RSBAC_DEBUG
02417 if(rsbac_debug_adf_rc)
02418 rsbac_printk(KERN_DEBUG "rsbac_adf_set_attr_rc(): pid %u (%.15s), owner %u, rc_role %u, def_group_create_type no_create, request CREATE -> NOT_GRANTED!\n",
02419 caller_pid, current->comm, current->uid, i_attr_val1.rc_role);
02420 #endif
02421 return -RSBAC_EDECISIONMISMATCH;
02422
02423 case RC_type_use_new_role_def_create:
02424
02425 rsbac_printk(KERN_WARNING
02426 "rsbac_adf_set_attr_rc(): invalid type use_new_role_def_create in def_group_create_type of role %i!\n",
02427 i_attr_val1.rc_role);
02428 return -RSBAC_EINVALIDVALUE;
02429
02430 case RC_type_inherit_parent:
02431 case RC_type_inherit_process:
02432
02433 rsbac_printk(KERN_WARNING
02434 "rsbac_adf_set_attr_rc(): invalid type inherit_parent in def_group_create_type of role %i!\n",
02435 i_attr_val1.rc_role);
02436 return -RSBAC_EINVALIDVALUE;
02437
02438 default:
02439
02440 i_attr_val1.rc_type = i_rc_item_val1.type_id;
02441
02442 if ((err=rsbac_get_attr(RC,
02443 target,
02444 tid,
02445 A_rc_type,
02446 &i_attr_val2,
02447 FALSE)))
02448 {
02449 rsbac_ds_get_error("rsbac_adf_set_attr_rc", A_rc_type);
02450 return(-RSBAC_EREADFAILED);
02451 }
02452
02453 if(i_attr_val1.rc_type != i_attr_val2.rc_type)
02454 {
02455 if ((err=rsbac_set_attr(RC, target,
02456 tid,
02457 A_rc_type,
02458 i_attr_val1)))
02459 {
02460 rsbac_ds_set_error("rsbac_adf_set_attr_rc", A_rc_type);
02461 return(-RSBAC_EWRITEFAILED);
02462 }
02463 }
02464 }
02465 return 0;
02466
02467
02468 default:
02469 return 0;
02470 }
02471
02472 case R_EXECUTE:
02473 switch(target)
02474 {
02475 case T_FILE:
02476
02477 if ((err=rsbac_get_attr(RC, T_FILE,
02478 tid,
02479 A_rc_force_role,
02480 &i_attr_val1,
02481 TRUE)))
02482 {
02483 rsbac_ds_get_error("rsbac_adf_set_attr_rc", A_rc_force_role);
02484 return(-RSBAC_EREADFAILED);
02485 }
02486
02487 if( (i_attr_val1.rc_force_role > RC_role_max_value)
02488 && (i_attr_val1.rc_force_role < RC_role_min_special)
02489 )
02490 {
02491 rsbac_printk(KERN_WARNING
02492 "rsbac_adf_set_attr_rc(): rc_force_role %u of file %u on device %02u:%02u is higher than MAX_ROLE %u, setting forced role of process %u to default value %u!\n",
02493 i_attr_val1.rc_force_role, tid.file.inode,
02494 MAJOR(tid.file.device), MINOR(tid.file.device),
02495 RC_role_max_value, caller_pid, RC_default_root_dir_force_role);
02496 i_attr_val1.rc_force_role = RC_default_root_dir_force_role;
02497 }
02498
02499 i_tid.process = caller_pid;
02500 if ((err=rsbac_set_attr(RC, T_PROCESS,
02501 i_tid,
02502 A_rc_force_role,
02503 i_attr_val1)))
02504 {
02505 rsbac_ds_set_error("rsbac_adf_set_attr_rc", A_rc_force_role);
02506 return(-RSBAC_EWRITEFAILED);
02507 }
02508
02509 if ((err=rsbac_get_attr(RC, T_FILE,
02510 tid,
02511 A_rc_initial_role,
02512 &i_attr_val2,
02513 TRUE)))
02514 {
02515 rsbac_ds_get_error("rsbac_adf_set_attr_rc", A_rc_initial_role);
02516 return(-RSBAC_EREADFAILED);
02517 }
02518
02519 if( (i_attr_val2.rc_initial_role > RC_role_max_value)
02520 && (i_attr_val2.rc_initial_role != RC_role_use_force_role)
02521 )
02522 {
02523 rsbac_printk(KERN_WARNING
02524 "rsbac_adf_set_attr_rc(): rc_initial_role %u of file %u on device %02u:%02u is higher than MAX_ROLE %u, setting initial role of process %u to default value %u!\n",
02525 i_attr_val2.rc_initial_role, tid.file.inode,
02526 MAJOR(tid.file.device), MINOR(tid.file.device),
02527 RC_role_max_value, caller_pid, RC_default_root_dir_initial_role);
02528 i_attr_val2.rc_initial_role = RC_default_root_dir_initial_role;
02529 }
02530 if(i_attr_val2.rc_initial_role == RC_role_use_force_role)
02531 {
02532 switch(i_attr_val1.rc_force_role)
02533 {
02534 case RC_role_inherit_user:
02535
02536 i_tid.user = owner;
02537 if ((err=rsbac_get_attr(RC, T_USER,
02538 i_tid,
02539 A_rc_def_role,
02540 &i_attr_val1,
02541 TRUE)))
02542 {
02543 rsbac_ds_get_error("rsbac_adf_set_attr_rc", A_rc_def_role);
02544 return(-RSBAC_EREADFAILED);
02545 }
02546
02547 i_tid.process = caller_pid;
02548 if ((err=rsbac_set_attr(RC, T_PROCESS,
02549 i_tid,
02550 A_rc_role,
02551 i_attr_val1)))
02552 {
02553 rsbac_ds_set_error("rsbac_adf_set_attr_rc", A_rc_role);
02554 return(-RSBAC_EWRITEFAILED);
02555 }
02556 break;
02557
02558 case RC_role_inherit_parent:
02559 case RC_role_inherit_process:
02560 case RC_role_inherit_up_mixed:
02561
02562 break;
02563
02564 default:
02565
02566 i_tid.process = caller_pid;
02567 if ((err=rsbac_set_attr(RC, T_PROCESS,
02568 i_tid,
02569 A_rc_role,
02570 i_attr_val1)))
02571 {
02572 rsbac_ds_set_error("rsbac_adf_set_attr_rc", A_rc_role);
02573 return(-RSBAC_EWRITEFAILED);
02574 }
02575 }
02576 }
02577 else
02578 {
02579
02580 i_tid.process = caller_pid;
02581 if ((err=rsbac_set_attr(RC, T_PROCESS,
02582 i_tid,
02583 A_rc_role,
02584 i_attr_val2)))
02585 {
02586 rsbac_ds_set_error("rsbac_adf_set_attr_rc", A_rc_role);
02587 return(-RSBAC_EWRITEFAILED);
02588 }
02589 }
02590
02591 i_tid.process = caller_pid;
02592 if ((err=rsbac_get_attr(RC, T_PROCESS,
02593 i_tid,
02594 A_rc_role,
02595 &i_attr_val1,
02596 FALSE)))
02597 {
02598 rsbac_ds_get_error("rsbac_adf_set_attr_rc", A_rc_role);
02599 return(-RSBAC_EREADFAILED);
02600 }
02601
02602 i_rc_tid.role = i_attr_val1.rc_role;
02603 if ((err=rsbac_rc_get_item(0,
02604 RT_ROLE,
02605 i_rc_tid,
02606 i_rc_tid,
02607 RI_def_process_execute_type,
02608 &i_rc_item_val1,
02609 NULL)))
02610 {
02611 rsbac_rc_ds_get_error("rsbac_adf_set_attr_rc()",
02612 RI_def_process_execute_type);
02613 return(-RSBAC_EREADFAILED);
02614 }
02615 switch(i_rc_item_val1.type_id)
02616 {
02617 case RC_type_no_create:
02618 case RC_type_use_new_role_def_create:
02619
02620 rsbac_printk(KERN_WARNING
02621 "rsbac_adf_set_attr_rc(): invalid type in def_process_execute_type of role %i!\n",
02622 i_attr_val1.rc_role);
02623 return(-RSBAC_EINVALIDVALUE);
02624 case RC_type_inherit_parent:
02625 case RC_type_inherit_process:
02626 break;
02627 case RC_type_no_execute:
02628 return(-RSBAC_EDECISIONMISMATCH);
02629 default:
02630
02631 i_attr_val1.rc_type = i_rc_item_val1.type_id;
02632 if ((err=rsbac_set_attr(RC, T_PROCESS,
02633 i_tid,
02634 A_rc_type,
02635 i_attr_val1)))
02636 {
02637 rsbac_ds_set_error("rsbac_adf_set_attr_rc", A_rc_type);
02638 return(-RSBAC_EWRITEFAILED);
02639 }
02640 }
02641
02642 return 0;
02643
02644
02645 default:
02646 return 0;
02647 }
02648
02649
02650
02651 default: return 0;
02652 }
02653
02654 return 0;
02655 }
02656
02657
02658 #ifdef CONFIG_RSBAC_SECDEL
02659 rsbac_boolean_t rsbac_need_overwrite_rc(struct dentry * dentry_p)
02660 {
02661 int err = 0;
02662 union rsbac_target_id_t i_tid;
02663 union rsbac_attribute_value_t i_attr_val1;
02664 union rsbac_rc_target_id_t i_rc_tid;
02665 union rsbac_rc_item_value_t i_rc_item_val1;
02666
02667 if( !dentry_p
02668 || !dentry_p->d_inode)
02669 return FALSE;
02670
02671 i_tid.file.device = dentry_p->d_sb->s_dev;
02672 i_tid.file.inode = dentry_p->d_inode->i_ino;
02673 i_tid.file.dentry_p = dentry_p;
02674
02675 if (rsbac_get_attr(RC, T_FILE,
02676 i_tid,
02677 A_rc_type_fd,
02678 &i_attr_val1,
02679 TRUE))
02680 {
02681 rsbac_ds_get_error("rsbac_need_overwrite_rc", A_rc_type_fd);
02682 return FALSE;
02683 }
02684
02685 i_rc_tid.role = i_attr_val1.rc_role;
02686 if ((err=rsbac_rc_get_item(0,
02687 RT_TYPE,
02688 i_rc_tid,
02689 i_rc_tid,
02690 RI_type_fd_need_secdel,
02691 &i_rc_item_val1,
02692 NULL)))
02693 {
02694 rsbac_rc_ds_get_error("rsbac_need_overwrite_rc()",
02695 RI_type_fd_need_secdel);
02696 return(FALSE);
02697 }
02698
02699
02700 return(i_rc_item_val1.need_secdel);
02701 }
02702 #endif
02703
02704
