#include <linux/string.h>#include <rsbac/aci.h>#include <linux/sched.h>#include <linux/fs.h>#include <linux/stat.h>#include <linux/smp_lock.h>#include <linux/syscalls.h>#include <rsbac/pm_types.h>#include <rsbac/pm.h>#include <rsbac/pm_getname.h>#include <rsbac/error.h>#include <rsbac/debug.h>#include <rsbac/helpers.h>#include <rsbac/adf.h>#include <rsbac/adf_main.h>#include <linux/namei.h>#include <linux/file.h>#include <linux/mount.h>Go to the source code of this file.
Functions | |
| static int | pm_get_file (const char *name, enum rsbac_target_t *target_p, union rsbac_target_id_t *tid_p) |
| int | rsbac_pm (rsbac_list_ta_number_t ta_number, enum rsbac_pm_function_type_t function, union rsbac_pm_function_param_t param, rsbac_pm_tkt_id_t tkt) |
| int | rsbac_pm_change_current_task (rsbac_pm_task_id_t task) |
| int | rsbac_pm_create_file (const char *filename, int mode, rsbac_pm_object_class_id_t object_class) |
|
||||||||||||||||
|
Definition at line 49 of file pm_syscalls.c. References D_block, D_char, rsbac_target_id_t::dev, rsbac_dev_desc_t::major, rsbac_dev_desc_t::minor, RSBAC_EINVALIDTARGET, T_DEV, T_FIFO, T_FILE, and rsbac_dev_desc_t::type. Referenced by rsbac_pm(). 00052 {
00053 int error = 0;
00054 struct dentry * dentry_p;
00055 struct nameidata nd;
00056
00057 /* get file dentry */
00058 if ((error = user_path_walk(name, &nd)))
00059 {
00060 #ifdef CONFIG_RSBAC_DEBUG
00061 if (rsbac_debug_aef_pm)
00062 printk(KERN_DEBUG "pm_get_file(): call to user_path_walk() returned %i\n", error);
00063 #endif
00064 return(-RSBAC_EINVALIDTARGET);
00065 }
00066 dentry_p = nd.dentry;
00067 if (!dentry_p->d_inode)
00068 {
00069 #ifdef CONFIG_RSBAC_DEBUG
00070 if (rsbac_debug_aef_pm)
00071 printk(KERN_DEBUG
00072 "pm_get_file(): file not found\n");
00073 #endif
00074 return(-RSBAC_EINVALIDTARGET);
00075 }
00076 if(S_ISREG(dentry_p->d_inode->i_mode))
00077 {
00078 /* copy device and inode */
00079 tid_p->file.device = dentry_p->d_sb->s_dev;
00080 tid_p->file.inode = dentry_p->d_inode->i_ino;
00081 tid_p->file.dentry_p = dentry_p;
00082 *target_p = T_FILE;
00083 }
00084 else if(S_ISFIFO(dentry_p->d_inode->i_mode))
00085 {
00086 /* copy device and inode */
00087 tid_p->file.device = dentry_p->d_sb->s_dev;
00088 tid_p->file.inode = dentry_p->d_inode->i_ino;
00089 tid_p->file.dentry_p = dentry_p;
00090 *target_p = T_FIFO;
00091 }
00092 else if(S_ISBLK(dentry_p->d_inode->i_mode))
00093 {
00094 /* copy dev data */
00095 tid_p->dev.type = D_block;
00096 tid_p->dev.major = RSBAC_MAJOR(dentry_p->d_inode->i_rdev);
00097 tid_p->dev.minor = RSBAC_MINOR(dentry_p->d_inode->i_rdev);
00098 *target_p = T_DEV;
00099 }
00100 else if(S_ISCHR(dentry_p->d_inode->i_mode))
00101 {
00102 /* copy dev data */
00103 tid_p->dev.type = D_char;
00104 tid_p->dev.major = RSBAC_MAJOR(dentry_p->d_inode->i_rdev);
00105 tid_p->dev.minor = RSBAC_MINOR(dentry_p->d_inode->i_rdev);
00106 *target_p = T_DEV;
00107 }
00108 else
00109 error = -RSBAC_EINVALIDTARGET;
00110 /* and free inode */
00111 dput(dentry_p);
00112 /* return */
00113 return(error);
00114 }
|
|
||||||||||||||||||||
|
Definition at line 124 of file pm_syscalls.c. References A_auth_may_set_cap, A_auth_may_setuid, A_pm_object_class, A_pm_object_type, A_pm_role, A_pm_task_set, A_pm_tp, rsbac_pm_delete_na_t::accesses, rsbac_pm_add_na_t::accesses, rsbac_pm_function_param_t::add_authorized_task, rsbac_pm_tkt_function_param_t::add_authorized_task, rsbac_pm_function_param_t::add_authorized_tp, rsbac_pm_tkt_function_param_t::add_authorized_tp, rsbac_pm_function_param_t::add_consent, rsbac_pm_tkt_function_param_t::add_consent, rsbac_pm_function_param_t::add_na, rsbac_pm_tkt_function_param_t::add_na, rsbac_pm_function_param_t::add_object_class, rsbac_pm_tkt_function_param_t::add_object_class, rsbac_pm_function_param_t::add_purpose, rsbac_pm_tkt_function_param_t::add_purpose, rsbac_pm_function_param_t::add_responsible_user, rsbac_pm_tkt_function_param_t::add_responsible_user, rsbac_pm_function_param_t::add_task, rsbac_pm_tkt_function_param_t::add_task, AUTH, rsbac_attribute_value_t::auth_may_set_cap, rsbac_attribute_value_t::auth_may_setuid, rsbac_pm_function_param_t::create_ticket, rsbac_pm_function_param_t::create_tp, rsbac_pm_add_purpose_t::def_class, rsbac_pm_function_param_t::delete_authorized_task, rsbac_pm_tkt_function_param_t::delete_authorized_task, rsbac_pm_function_param_t::delete_authorized_tp, rsbac_pm_tkt_function_param_t::delete_authorized_tp, rsbac_pm_function_param_t::delete_consent, rsbac_pm_tkt_function_param_t::delete_consent, rsbac_pm_function_param_t::delete_na, rsbac_pm_tkt_function_param_t::delete_na, rsbac_pm_function_param_t::delete_object_class, rsbac_pm_tkt_function_param_t::delete_object_class, rsbac_pm_function_param_t::delete_purpose, rsbac_pm_tkt_function_param_t::delete_purpose, rsbac_pm_function_param_t::delete_responsible_user, rsbac_pm_tkt_function_param_t::delete_responsible_user, rsbac_pm_function_param_t::delete_task, rsbac_pm_tkt_function_param_t::delete_task, rsbac_pm_function_param_t::delete_tp, rsbac_pm_function_param_t::delete_user_aci, rsbac_pm_tkt_function_param_t::delete_user_aci, rsbac_target_id_t::dev, rsbac_target_id_t::dummy, FALSE, rsbac_pm_set_tp_t::filename, rsbac_pm_set_auth_may_set_cap_t::filename, rsbac_pm_set_auth_may_setuid_t::filename, rsbac_pm_set_device_object_type_t::filename, rsbac_pm_set_object_class_t::filename, rsbac_pm_delete_consent_t::filename, rsbac_pm_add_consent_t::filename, rsbac_pm_create_ticket_t::function_param, rsbac_pm_create_ticket_t::function_type, get_pm_function_type_name(), rsbac_pm_delete_tp_t::id, rsbac_pm_create_tp_t::id, rsbac_pm_delete_purpose_t::id, rsbac_pm_add_purpose_t::id, rsbac_pm_delete_object_class_t::id, rsbac_pm_delete_task_t::id, rsbac_pm_add_task_t::id, rsbac_pm_delete_user_aci_t::id, rsbac_pm_add_object_class_t::id, rsbac_pm_create_ticket_t::id, rsbac_dev_desc_t::major, rsbac_dev_desc_t::minor, rsbac_pm_delete_na_t::object_class, rsbac_pm_add_na_t::object_class, rsbac_pm_set_device_object_type_t::object_class, rsbac_pm_set_object_class_t::object_class, rsbac_pm_set_device_object_type_t::object_type, PF_add_authorized_task, PF_add_authorized_tp, PF_add_consent, PF_add_na, PF_add_object_class, PF_add_purpose, PF_add_responsible_user, PF_add_task, PF_create_ticket, PF_create_tp, PF_delete_authorized_task, PF_delete_authorized_tp, PF_delete_consent, PF_delete_na, PF_delete_object_class, PF_delete_purpose, PF_delete_responsible_user, PF_delete_task, PF_delete_tp, PF_delete_user_aci, PF_set_auth_may_set_cap, PF_set_auth_may_setuid, PF_set_device_object_type, PF_set_object_class, PF_set_role, PF_set_tp, PF_switch_auth, PF_switch_pm, PM, pm_get_file(), rsbac_attribute_value_t::pm_object_class, rsbac_attribute_value_t::pm_object_type, rsbac_attribute_value_t::pm_role, rsbac_attribute_value_t::pm_task_set, rsbac_attribute_value_t::pm_tp, PO_non_personal_data, PO_none, PO_personal_data, PO_TP, rsbac_pm_add_object_class_t::pp_list_p, PR_data_protection_officer, PR_security_officer, PR_tp_manager, PTF_add_authorized_task, PTF_add_authorized_tp, PTF_add_consent, PTF_add_na, PTF_add_object_class, PTF_add_purpose, PTF_add_responsible_user, PTF_add_task, PTF_delete_authorized_task, PTF_delete_authorized_tp, PTF_delete_consent, PTF_delete_na, PTF_delete_object_class, PTF_delete_purpose, PTF_delete_responsible_user, PTF_delete_task, PTF_delete_user_aci, PTF_set_auth_may_set_cap, PTF_set_auth_may_setuid, PTF_set_device_object_type, PTF_set_object_class, PTF_set_role, PTF_switch_auth, PTF_switch_pm, rsbac_pm_add_task_t::purpose, rsbac_pm_delete_consent_t::purpose, rsbac_pm_add_consent_t::purpose, R_MODIFY_ATTRIBUTE, R_SWITCH_MODULE, rsbac_pm_set_role_t::role, rsbac_adf_request_int(), RSBAC_EEXISTS, RSBAC_EINVALIDREQUEST, RSBAC_EINVALIDTARGET, RSBAC_EINVALIDVALUE, RSBAC_ENOTFOUND, RSBAC_ENOTINITIALIZED, RSBAC_EPERM, RSBAC_EREADFAILED, RSBAC_EWRITEFAILED, rsbac_is_initialized(), rsbac_pm_add_target(), rsbac_pm_add_to_set(), rsbac_pm_clear_set(), rsbac_pm_create_set(), RSBAC_PM_DEV_OBJECT_CLASS_ID, rsbac_pm_exists(), rsbac_pm_get_all_data(), rsbac_pm_get_data(), RSBAC_PM_IPC_OBJECT_CLASS_ID, rsbac_pm_remove_from_set(), rsbac_pm_remove_set(), rsbac_pm_remove_target(), RSBAC_PM_ROOT_TASK_SET_ID, rsbac_pm_set_data(), rsbac_pm_set_member(), rsbac_ta_get_attr(), rsbac_ta_remove_target(), rsbac_ta_set_attr(), rsbac_pm_function_param_t::set_auth_may_set_cap, rsbac_pm_tkt_function_param_t::set_auth_may_set_cap, rsbac_pm_function_param_t::set_auth_may_setuid, rsbac_pm_tkt_function_param_t::set_auth_may_setuid, rsbac_pm_function_param_t::set_device_object_type, rsbac_pm_tkt_function_param_t::set_device_object_type, rsbac_pm_function_param_t::set_object_class, rsbac_pm_tkt_function_param_t::set_object_class, rsbac_pm_function_param_t::set_role, rsbac_pm_tkt_function_param_t::set_role, rsbac_pm_function_param_t::set_tp, rsbac_pm_function_param_t::switch_auth, rsbac_pm_tkt_function_param_t::switch_auth, rsbac_pm_function_param_t::switch_pm, rsbac_pm_tkt_function_param_t::switch_pm, T_DEV, T_FIFO, T_FILE, T_NONE, T_USER, rsbac_pm_delete_responsible_user_t::task, rsbac_pm_add_responsible_user_t::task, rsbac_pm_delete_authorized_tp_t::task, rsbac_pm_add_authorized_tp_t::task, rsbac_pm_delete_na_t::task, rsbac_pm_add_na_t::task, rsbac_pm_add_authorized_task_t::task, rsbac_pm_delete_authorized_task_t::task, rsbac_pm_set_tp_t::tp, rsbac_pm_delete_authorized_tp_t::tp, rsbac_pm_add_authorized_tp_t::tp, rsbac_pm_delete_na_t::tp, rsbac_pm_add_na_t::tp, TRUE, rsbac_dev_desc_t::type, rsbac_pm_delete_authorized_task_t::user, rsbac_pm_add_authorized_task_t::user, rsbac_pm_set_role_t::user, rsbac_pm_delete_responsible_user_t::user, rsbac_pm_add_responsible_user_t::user, rsbac_target_id_t::user, rsbac_pm_create_ticket_t::valid_for, rsbac_pm_switch_pm_t::value, rsbac_pm_set_auth_may_set_cap_t::value, and rsbac_pm_set_auth_may_setuid_t::value. Referenced by sys_rsbac_pm(). 00129 {
00130 union rsbac_pm_all_data_value_t all_data;
00131 enum rsbac_target_t target;
00132 union rsbac_target_id_t tid;
00133 union rsbac_attribute_value_t attr_val;
00134 union rsbac_pm_target_id_t pm_tid;
00135 union rsbac_pm_target_id_t pm_tid2;
00136 union rsbac_pm_data_value_t data_val;
00137 int error = 0;
00138 rsbac_uid_t owner;
00139 enum rsbac_pm_role_t role;
00140 struct rsbac_pm_purpose_list_item_t pp_set;
00141 union rsbac_pm_set_id_t pm_set_id;
00142 union rsbac_pm_set_member_t pm_set_member;
00143 union rsbac_pm_tkt_internal_function_param_t tkt_i_function_param;
00144 struct rsbac_fs_file_t file;
00145 struct rsbac_dev_desc_t dev;
00146 char tmp[80];
00147 rsbac_boolean_t class_exists = FALSE;
00148
00149 /* No processing possible before init (called at boot time) */
00150 if (!rsbac_is_initialized())
00151 return(-RSBAC_ENOTINITIALIZED);
00152
00153 get_pm_function_type_name(tmp,function);
00154 #ifdef CONFIG_RSBAC_DEBUG
00155 if(rsbac_debug_ds_pm)
00156 printk(KERN_DEBUG
00157 "rsbac_pm(): called for function %s (No.%i)\n",
00158 tmp,function);
00159 #endif
00160 /* Getting basic information about caller */
00161 /* only useful for real process, not idle or init */
00162 if (current->pid > 1)
00163 owner = current->uid;
00164 else /* caller_pid <= 1 -> kernel or init are always owned by root */
00165 owner = 0;
00166
00167 /* getting owner's pm_role from rsbac system */
00168 tid.user = owner;
00169 error = rsbac_ta_get_attr(ta_number,PM,T_USER,tid,A_pm_role,&attr_val,TRUE);
00170 if (error)
00171 {
00172 printk(KERN_WARNING
00173 "rsbac_pm(): rsbac_get_attr() for pm_role returned error %i",
00174 error);
00175 return(-RSBAC_EREADFAILED); /* something weird happened */
00176 }
00177 role = attr_val.pm_role;
00178
00179 switch(function)
00180 {
00181 case PF_create_ticket:
00182 /* check, whether this ticket id already exists */
00183 pm_tid.tkt = param.create_ticket.id;
00184 if(rsbac_pm_exists(ta_number,
00185 PMT_TKT,
00186 pm_tid))
00187 return(-RSBAC_EEXISTS);
00188
00189 /* Check caller's pm_role, if needed, get file id for filename from */
00190 /* param.x.filename, and copy params to tkt_internal_func_params. */
00191 /* This part depends on the function the ticket shall be for. */
00192 switch(param.create_ticket.function_type)
00193 {
00194 case PTF_add_na:
00195 if(role != PR_data_protection_officer)
00196 return(-RSBAC_EPERM);
00197 tkt_i_function_param.add_na
00198 = param.create_ticket.function_param.add_na;
00199 break;
00200
00201 case PTF_delete_na:
00202 if(role != PR_data_protection_officer)
00203 return(-RSBAC_EPERM);
00204 tkt_i_function_param.delete_na
00205 = param.create_ticket.function_param.delete_na;
00206 break;
00207
00208 case PTF_add_task:
00209 if(role != PR_data_protection_officer)
00210 return(-RSBAC_EPERM);
00211 tkt_i_function_param.add_task
00212 = param.create_ticket.function_param.add_task;
00213 break;
00214
00215 case PTF_delete_task:
00216 if(role != PR_data_protection_officer)
00217 return(-RSBAC_EPERM);
00218 tkt_i_function_param.delete_task
00219 = param.create_ticket.function_param.delete_task;
00220 break;
00221
00222 case PTF_add_object_class:
00223 if(role != PR_data_protection_officer)
00224 return(-RSBAC_EPERM);
00225 /* class-id 0, IPC and DEV are used internally, reject */
00226 if( !param.create_ticket.function_param.add_object_class.id
00227 || (param.create_ticket.function_param.add_object_class.id
00228 == RSBAC_PM_IPC_OBJECT_CLASS_ID)
00229 || (param.create_ticket.function_param.add_object_class.id
00230 == RSBAC_PM_DEV_OBJECT_CLASS_ID))
00231 {
00232 printk(KERN_DEBUG
00233 "rsbac_pm(): add_object_class: reserved class-id 0, %u or %u requested!\n",
00234 RSBAC_PM_IPC_OBJECT_CLASS_ID,
00235 RSBAC_PM_DEV_OBJECT_CLASS_ID);
00236 return(-RSBAC_EINVALIDVALUE);
00237 }
00238 /* copy class-id */
00239 tkt_i_function_param.tkt_add_object_class.id
00240 = param.create_ticket.function_param.add_object_class.id;
00241 /* init pp_set-id for this ticket to 0 */
00242 tkt_i_function_param.tkt_add_object_class.pp_set
00243 = 0;
00244 /* get purposes from user space and add them to set */
00245 if(param.create_ticket.function_param.add_object_class.pp_list_p)
00246 {
00247 #ifdef CONFIG_RSBAC_DEBUG
00248 if(rsbac_debug_ds_pm)
00249 printk(KERN_DEBUG
00250 "rsbac_pm(): getting pp_list from user space\n");
00251 #endif
00252 /* set a unique pp_set-id for this ticket (negative tkt-id) */
00253 pm_set_id.pp_set = -param.create_ticket.id;
00254 if((error = rsbac_pm_create_set(ta_number,PS_PP,pm_set_id)))
00255 {
00256 printk(KERN_WARNING
00257 "rsbac_pm(): rsbac_pm_create_set() for PP returned error %i",
00258 error);
00259 return(-RSBAC_EWRITEFAILED);
00260 }
00261 rsbac_get_user((u_char *) &pp_set,
00262 (u_char *) param.create_ticket.function_param.add_object_class.pp_list_p,
00263 sizeof(pp_set));
00264 pm_set_member.pp = pp_set.id;
00265 if((error = rsbac_pm_add_to_set(ta_number,PS_PP,pm_set_id,pm_set_member)))
00266 {
00267 printk(KERN_WARNING
00268 "rsbac_pm(): rsbac_pm_add_to_set() for PP returned error %i",
00269 error);
00270 rsbac_pm_remove_set(ta_number,PS_PP,pm_set_id);
00271 return(-RSBAC_EWRITEFAILED);
00272 }
00273
00274 while(pp_set.next)
00275 {
00276 rsbac_get_user((u_char *) &pp_set,
00277 (u_char *) pp_set.next,
00278 sizeof(pp_set));
00279 pm_set_member.pp = pp_set.id;
00280 if((error = rsbac_pm_add_to_set(ta_number,PS_PP,pm_set_id,pm_set_member)))
00281 {
00282 printk(KERN_WARNING
00283 "rsbac_pm(): rsbac_pm_add_to_set() for PP returned error %i",
00284 error);
00285 rsbac_pm_remove_set(ta_number,PS_PP,pm_set_id);
00286 return(-RSBAC_EWRITEFAILED);
00287 }
00288 }
00289 tkt_i_function_param.tkt_add_object_class.pp_set
00290 = -param.create_ticket.id;
00291 }
00292 break;
00293
00294 case PTF_delete_object_class:
00295 if(role != PR_data_protection_officer)
00296 return(-RSBAC_EPERM);
00297 tkt_i_function_param.delete_object_class
00298 = param.create_ticket.function_param.delete_object_class;
00299 break;
00300
00301 case PTF_add_authorized_tp:
00302 if(role != PR_data_protection_officer)
00303 return(-RSBAC_EPERM);
00304 tkt_i_function_param.add_authorized_tp
00305 = param.create_ticket.function_param.add_authorized_tp;
00306 break;
00307
00308 case PTF_delete_authorized_tp:
00309 if(role != PR_data_protection_officer)
00310 return(-RSBAC_EPERM);
00311 tkt_i_function_param.delete_authorized_tp
00312 = param.create_ticket.function_param.delete_authorized_tp;
00313 break;
00314
00315 case PTF_add_consent:
00316 if(role != PR_data_protection_officer)
00317 return(-RSBAC_EPERM);
00318 /* get file id */
00319 if ((error = pm_get_file(param.create_ticket.function_param.add_consent.filename,
00320 &target,
00321 &tid)))
00322 {
00323 #ifdef CONFIG_RSBAC_DEBUG
00324 if (rsbac_debug_aef_pm)
00325 printk(KERN_DEBUG
00326 "rsbac_pm(): call to pm_get_file() returned error %i\n",
00327 error);
00328 #endif
00329 return(-RSBAC_EINVALIDTARGET);
00330 }
00331 /* target must be file */
00332 if(target != T_FILE)
00333 return(-RSBAC_EINVALIDTARGET);
00334 tkt_i_function_param.tkt_add_consent.file = tid.file;
00335 tkt_i_function_param.tkt_add_consent.purpose
00336 = param.create_ticket.function_param.add_consent.purpose;
00337 break;
00338
00339 case PTF_delete_consent:
00340 if(role != PR_data_protection_officer)
00341 return(-RSBAC_EPERM);
00342 /* get file id */
00343 if ((error = pm_get_file(param.create_ticket.function_param.delete_consent.filename,
00344 &target,
00345 &tid)))
00346 {
00347 #ifdef CONFIG_RSBAC_DEBUG
00348 if (rsbac_debug_aef_pm)
00349 printk(KERN_DEBUG
00350 "rsbac_pm(): call to pm_get_file() returned error %i\n",
00351 error);
00352 #endif
00353 return(-RSBAC_EINVALIDTARGET);
00354 }
00355 /* target must be file */
00356 if(target != T_FILE)
00357 return(-RSBAC_EINVALIDTARGET);
00358 tkt_i_function_param.tkt_delete_consent.file = tid.file;
00359 tkt_i_function_param.tkt_delete_consent.purpose
00360 = param.create_ticket.function_param.delete_consent.purpose;
00361 break;
00362
00363 case PTF_add_purpose:
00364 if(role != PR_data_protection_officer)
00365 return(-RSBAC_EPERM);
00366 tkt_i_function_param.add_purpose
00367 = param.create_ticket.function_param.add_purpose;
00368 break;
00369
00370 case PTF_delete_purpose:
00371 if(role != PR_data_protection_officer)
00372 return(-RSBAC_EPERM);
00373 tkt_i_function_param.delete_purpose
00374 = param.create_ticket.function_param.delete_purpose;
00375 break;
00376
00377 case PTF_add_responsible_user:
00378 if(role != PR_data_protection_officer)
00379 return(-RSBAC_EPERM);
00380 tkt_i_function_param.add_responsible_user
00381 = param.create_ticket.function_param.add_responsible_user;
00382 break;
00383
00384 case PTF_delete_responsible_user:
00385 if(role != PR_data_protection_officer)
00386 return(-RSBAC_EPERM);
00387 tkt_i_function_param.delete_responsible_user
00388 = param.create_ticket.function_param.delete_responsible_user;
00389 break;
00390
00391 case PTF_delete_user_aci:
00392 if(role != PR_data_protection_officer)
00393 return(-RSBAC_EPERM);
00394 tkt_i_function_param.delete_user_aci.id
00395 = param.create_ticket.function_param.delete_user_aci.id;
00396 break;
00397
00398 case PTF_set_role:
00399 if(role != PR_data_protection_officer)
00400 return(-RSBAC_EPERM);
00401 tkt_i_function_param.set_role
00402 = param.create_ticket.function_param.set_role;
00403 break;
00404
00405 case PTF_set_object_class:
00406 if(role != PR_data_protection_officer)
00407 return(-RSBAC_EPERM);
00408 /* get file id */
00409 if ((error = pm_get_file(param.create_ticket.function_param.set_object_class.filename,
00410 &target,
00411 &tid)))
00412 {
00413 #ifdef CONFIG_RSBAC_DEBUG
00414 if (rsbac_debug_aef_pm)
00415 printk(KERN_DEBUG
00416 "rsbac_pm(): call to pm_get_file() returned error %i\n",
00417 error);
00418 #endif
00419 return(-RSBAC_EINVALIDTARGET);
00420 }
00421 /* target must be file */
00422 if( (target != T_FILE)
00423 && (target != T_FIFO)
00424 )
00425 return(-RSBAC_EINVALIDTARGET);
00426 tkt_i_function_param.tkt_set_object_class.file = tid.file;
00427 tkt_i_function_param.tkt_set_object_class.object_class
00428 = param.create_ticket.function_param.set_object_class.object_class;
00429 break;
00430
00431 #ifdef CONFIG_RSBAC_SWITCH_PM
00432 case PTF_switch_pm:
00433 if(role != PR_data_protection_officer)
00434 return(-RSBAC_EPERM);
00435 tkt_i_function_param.switch_pm
00436 = param.create_ticket.function_param.switch_pm;
00437 break;
00438 #endif
00439 #ifdef CONFIG_RSBAC_SWITCH_AUTH
00440 case PTF_switch_auth:
00441 if(role != PR_data_protection_officer)
00442 return(-RSBAC_EPERM);
00443 tkt_i_function_param.switch_auth
00444 = param.create_ticket.function_param.switch_auth;
00445 break;
00446 #endif
00447
00448 case PTF_set_device_object_type:
00449 if(role != PR_data_protection_officer)
00450 return(-RSBAC_EPERM);
00451 /* get file id */
00452 if ((error = pm_get_file(param.create_ticket.function_param.set_device_object_type.filename,
00453 &target,
00454 &tid)))
00455 {
00456 #ifdef CONFIG_RSBAC_DEBUG
00457 if (rsbac_debug_aef_pm)
00458 printk(KERN_DEBUG
00459 "rsbac_pm(): call to pm_get_file() returned error %i\n",
00460 error);
00461 #endif
00462 return(-RSBAC_EINVALIDTARGET);
00463 }
00464 /* target must be dev */
00465 if(target != T_DEV)
00466 return(-RSBAC_EINVALIDTARGET);
00467 tkt_i_function_param.tkt_set_device_object_type.dev = tid.dev;
00468 tkt_i_function_param.tkt_set_device_object_type.object_type
00469 = param.create_ticket.function_param.set_device_object_type.object_type;
00470 tkt_i_function_param.tkt_set_device_object_type.object_class
00471 = param.create_ticket.function_param.set_device_object_type.object_class;
00472 break;
00473
00474 case PTF_set_auth_may_setuid:
00475 if(role != PR_data_protection_officer)
00476 return(-RSBAC_EPERM);
00477 /* get file id */
00478 if ((error = pm_get_file(param.create_ticket.function_param.set_auth_may_setuid.filename,
00479 &target,
00480 &tid)))
00481 {
00482 #ifdef CONFIG_RSBAC_DEBUG
00483 if (rsbac_debug_aef_pm)
00484 printk(KERN_DEBUG
00485 "rsbac_pm(): call to pm_get_file() returned error %i\n",
00486 error);
00487 #endif
00488 return(-RSBAC_EINVALIDTARGET);
00489 }
00490 /* target must be file */
00491 if(target != T_FILE)
00492 return(-RSBAC_EINVALIDTARGET);
00493 tkt_i_function_param.tkt_set_auth_may_setuid.file = tid.file;
00494 tkt_i_function_param.tkt_set_auth_may_setuid.value
00495 = param.create_ticket.function_param.set_auth_may_setuid.value;
00496 break;
00497
00498 case PTF_set_auth_may_set_cap:
00499 if(role != PR_data_protection_officer)
00500 return(-RSBAC_EPERM);
00501 /* get file id */
00502 if ((error = pm_get_file(param.create_ticket.function_param.set_auth_may_set_cap.filename,
00503 &target,
00504 &tid)))
00505 {
00506 #ifdef CONFIG_RSBAC_DEBUG
00507 if (rsbac_debug_aef_pm)
00508 printk(KERN_DEBUG
00509 "rsbac_pm(): call to pm_get_file() returned error %i\n",
00510 error);
00511 #endif
00512 return(-RSBAC_EINVALIDTARGET);
00513 }
00514 /* target must be dev */
00515 if(target != T_FILE)
00516 return(-RSBAC_EINVALIDTARGET);
00517 tkt_i_function_param.tkt_set_auth_may_set_cap.file = tid.file;
00518 tkt_i_function_param.tkt_set_auth_may_set_cap.value
00519 = param.create_ticket.function_param.set_auth_may_set_cap.value;
00520 break;
00521
00522 case PTF_add_authorized_task:
00523 case PTF_delete_authorized_task:
00524 /* copy parameters */
00525 if(param.create_ticket.function_type
00526 == PTF_add_authorized_task)
00527 {
00528 tkt_i_function_param.add_authorized_task
00529 = param.create_ticket.function_param.add_authorized_task;
00530 }
00531 else
00532 {
00533 tkt_i_function_param.delete_authorized_task
00534 = param.create_ticket.function_param.delete_authorized_task;
00535 }
00536 /* DPOs are OK */
00537 if(role == PR_data_protection_officer)
00538 break;
00539 /* if not DPO: */
00540 /* is process owner responsible user for target task? */
00541 /* get ru_set_id for target task */
00542 if(param.create_ticket.function_type
00543 == PTF_add_authorized_task)
00544 {
00545 pm_tid.task
00546 = param.create_ticket.function_param.add_authorized_task.task;
00547 }
00548 else
00549 {
00550 pm_tid.task
00551 = param.create_ticket.function_param.delete_authorized_task.task;
00552 }
00553 if((error = rsbac_pm_get_data(ta_number,
00554 PMT_TASK,
00555 pm_tid,
00556 PD_ru_set,
00557 &data_val)))
00558 return(-RSBAC_EREADFAILED);
00559 /* if ru_set is 0, there is no responsible user -> error */
00560 if(!data_val.ru_set)
00561 return(-RSBAC_EPERM);
00562 /* check, whether owner is responsible user for this task */
00563 pm_set_id.ru_set = data_val.ru_set;
00564 pm_set_member.ru = owner;
00565 if(!rsbac_pm_set_member(ta_number,PS_RU,pm_set_id,pm_set_member))
00566 {
00567 /* illegal issuer -> delete ticket */
00568 rsbac_pm_remove_target(ta_number,PMT_TKT,pm_tid);
00569 return(-RSBAC_EPERM);
00570 }
00571 /* OK, test passed */
00572 break;
00573
00574 default:
00575 /* anything else should never be issued */
00576 return(-RSBAC_EINVALIDVALUE);
00577 }
00578
00579 /* all checks passed -> add ticket */
00580 all_data.tkt.id = param.create_ticket.id;
00581 all_data.tkt.issuer = owner;
00582 all_data.tkt.function_type = param.create_ticket.function_type;
00583 all_data.tkt.function_param = tkt_i_function_param;
00584 #if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,0)
00585 {
00586 struct timespec now = CURRENT_TIME;
00587
00588 all_data.tkt.valid_until = param.create_ticket.valid_for
00589 + now.tv_sec;
00590 }
00591 #else
00592 all_data.tkt.valid_until = param.create_ticket.valid_for
00593 + CURRENT_TIME;
00594 #endif
00595 error = rsbac_pm_add_target(ta_number,
00596 PMT_TKT,
00597 all_data);
00598 if(error && (param.create_ticket.function_type == PTF_add_object_class))
00599 {
00600 rsbac_pm_remove_set(ta_number,PS_PP,pm_set_id);
00601 }
00602 return(error);
00603 /* end of create_ticket */
00604
00605 case PF_add_na:
00606 if(role != PR_security_officer)
00607 return(-RSBAC_EPERM);
00608 /* get ticket data, deny, if not found */
00609 pm_tid.tkt = tkt;
00610 if((error = rsbac_pm_get_all_data(ta_number,
00611 PMT_TKT,
00612 pm_tid,
00613 &all_data)))
00614 { /* returns error -RSBAC_EINVALIDTARGET (old ds) or ENOTFOUND, if not found */
00615 if( (error != -RSBAC_EINVALIDTARGET)
00616 && (error != -RSBAC_ENOTFOUND)
00617 )
00618 printk(KERN_WARNING
00619 "rsbac_pm(): rsbac_pm_get_all_data() for ticket returned error %i",
00620 error);
00621 return(-RSBAC_EPERM); /* execution denied */
00622 }
00623 /* check ticket entries */
00624 if( (all_data.tkt.function_type != PTF_add_na)
00625 || (all_data.tkt.function_param.add_na.task
00626 != param.add_na.task)
00627 || (all_data.tkt.function_param.add_na.object_class
00628 != param.add_na.object_class)
00629 || (all_data.tkt.function_param.add_na.tp
00630 != param.add_na.tp)
00631 || (all_data.tkt.function_param.add_na.accesses
00632 != param.add_na.accesses) )
00633 return(-RSBAC_EPERM);
00634
00635 /* check, whether task exists */
00636 pm_tid2.task = param.add_na.task;
00637 if(!rsbac_pm_exists(ta_number,
00638 PMT_TASK,
00639 pm_tid2))
00640 return(-RSBAC_EINVALIDVALUE);
00641 /* check, whether class exists (not for IPC, DEV and NIL) */
00642 if( param.add_na.object_class
00643 && (param.add_na.object_class != RSBAC_PM_IPC_OBJECT_CLASS_ID)
00644 && (param.add_na.object_class != RSBAC_PM_DEV_OBJECT_CLASS_ID))
00645 {
00646 pm_tid2.object_class = param.add_na.object_class;
00647 if(!rsbac_pm_exists(ta_number,
00648 PMT_CLASS,
00649 pm_tid2))
00650 return(-RSBAC_EINVALIDVALUE);
00651 }
00652 /* check, whether tp exists */
00653 pm_tid2.tp = param.add_na.tp;
00654 if(!rsbac_pm_exists(ta_number,
00655 PMT_TP,
00656 pm_tid2))
00657 return(-RSBAC_EINVALIDVALUE);
00658
00659 /* get ticket issuer role */
00660 tid.user = all_data.tkt.issuer;
00661 if((error = rsbac_ta_get_attr(ta_number,
00662 PM,
00663 T_USER,
00664 tid,
00665 A_pm_role,
00666 &attr_val,
00667 TRUE)))
00668 {
00669 printk(KERN_WARNING
00670 "rsbac_pm(): rsbac_get_attr() for USER/pm_role returned error %i",
00671 error);
00672 return(-RSBAC_EREADFAILED); /* execution denied */
00673 }
00674
00675 if(attr_val.pm_role != PR_data_protection_officer)
00676 {
00677 /* illegal issuer -> remove target */
00678 rsbac_pm_remove_target(ta_number,PMT_TKT,pm_tid);
00679 return(-RSBAC_EPERM);
00680 }
00681
00682 /* OK, all checks done. Now change data. */
00683 /* First remove ticket to prevent repeated calls. */
00684 rsbac_pm_remove_target(ta_number,PMT_TKT,pm_tid);
00685
00686 /* check: lookup NA accesses for this id */
00687 pm_tid.na.task = param.add_na.task;
00688 pm_tid.na.object_class = param.add_na.object_class;
00689 pm_tid.na.tp = param.add_na.tp;
00690 error = rsbac_pm_get_data(ta_number,
00691 PMT_NA,
00692 pm_tid,
00693 PD_accesses,
00694 &data_val);
00695 switch(error)
00696 { /* if 0 -> found -> set accesses to new value */
00697 case 0:
00698 data_val.accesses = param.add_na.accesses;
00699 rsbac_pm_set_data(ta_number,
00700 PMT_NA,
00701 pm_tid,
00702 PD_accesses,
00703 data_val);
00704 return(0);
00705
00706 /* returns error -RSBAC_EINVALIDTARGET (old ds) or ENOTFOUND, if not found -> add */
00707 case -RSBAC_EINVALIDTARGET:
00708 case -RSBAC_ENOTFOUND:
00709 all_data.na.task = param.add_na.task;
00710 all_data.na.object_class = param.add_na.object_class;
00711 all_data.na.tp = param.add_na.tp;
00712 all_data.na.accesses = param.add_na.accesses;
00713 if((error = rsbac_pm_add_target(ta_number,
00714 PMT_NA,
00715 all_data)))
00716 {
00717 printk(KERN_WARNING
00718 "rsbac_pm(): rsbac_pm_add_target() for NA returned error %i",
00719 error);
00720 return(error); /* execution failed */
00721 }
00722 return(0);
00723
00724 default:
00725 printk(KERN_WARNING
00726 "rsbac_pm(): rsbac_pm_get_data() for NA/accesses returned error %i",
00727 error);
00728 return(-RSBAC_EREADFAILED); /* execution failed */
00729 }
00730
00731 case PF_delete_na:
00732 if(role != PR_security_officer)
00733 return(-RSBAC_EPERM);
00734
00735 /* get ticket data, deny, if not found */
00736 pm_tid.tkt = tkt;
00737 if((error = rsbac_pm_get_all_data(ta_number,
00738 PMT_TKT,
00739 pm_tid,
00740 &all_data)))
00741 { /* returns error -RSBAC_EINVALIDTARGET (old ds) or ENOTFOUND, if not found */
00742 if( (error != -RSBAC_EINVALIDTARGET)
00743 && (error != -RSBAC_ENOTFOUND)
00744 )
00745 printk(KERN_WARNING
00746 "rsbac_pm(): rsbac_pm_get_all_data() for ticket returned error %i",
00747 error);
00748 return(-RSBAC_EPERM); /* execution denied */
00749 }
00750 /* check ticket entries */
00751 if( (all_data.tkt.function_type != PTF_delete_na)
00752 || (all_data.tkt.function_param.delete_na.task
00753 != param.delete_na.task)
00754 || (all_data.tkt.function_param.delete_na.object_class
00755 != param.delete_na.object_class)
00756 || (all_data.tkt.function_param.delete_na.tp
00757 != param.delete_na.tp)
00758 || (all_data.tkt.function_param.delete_na.accesses
00759 != param.delete_na.accesses) )
00760 return(-RSBAC_EPERM);
00761
00762 /* get ticket issuer role */
00763 tid.user = all_data.tkt.issuer;
00764 if((error = rsbac_ta_get_attr(ta_number,
00765 PM,
00766 T_USER,
00767 tid,
00768 A_pm_role,
00769 &attr_val,
00770 TRUE)))
00771 {
00772 printk(KERN_WARNING
00773 "rsbac_pm(): rsbac_get_attr() for USER/pm_role returned error %i",
00774 error);
00775 return(-RSBAC_EREADFAILED); /* execution denied */
00776 }
00777
00778 if(attr_val.pm_role != PR_data_protection_officer)
00779 {
00780 /* illegal issuer -> remove target */
00781 rsbac_pm_remove_target(ta_number,PMT_TKT,pm_tid);
00782 return(-RSBAC_EPERM);
00783 }
00784
00785 /* OK, all checks done. Now change data. */
00786 /* First remove ticket to prevent repeated calls. */
00787 rsbac_pm_remove_target(ta_number,PMT_TKT,pm_tid);
00788 /* remove NA */
00789 pm_tid.na.task = param.delete_na.task;
00790 pm_tid.na.object_class = param.delete_na.object_class;
00791 pm_tid.na.tp = param.delete_na.tp;
00792 return(rsbac_pm_remove_target(ta_number,
00793 PMT_NA,
00794 pm_tid));
00795
00796 case PF_add_task:
00797 /* task-id 0 is used internally, reject */
00798 if(!param.add_task.id)
00799 return(-RSBAC_EINVALIDVALUE);
00800 /* purpose-id 0 is invalid, reject */
00801 if(!param.add_task.purpose)
00802 return(-RSBAC_EINVALIDVALUE);
00803
00804 if(role != PR_security_officer)
00805 return(-RSBAC_EPERM);
00806 /* get ticket data, deny, if not found */
00807 pm_tid.tkt = tkt;
00808 if((error = rsbac_pm_get_all_data(ta_number,
00809 PMT_TKT,
00810 pm_tid,
00811 &all_data)))
00812 { /* returns error -RSBAC_EINVALIDTARGET (old ds) or ENOTFOUND, if not found */
00813 if( (error != -RSBAC_EINVALIDTARGET)
00814 && (error != -RSBAC_ENOTFOUND)
00815 )
00816 printk(KERN_WARNING
00817 "rsbac_pm(): rsbac_pm_get_all_data() for ticket returned error %i",
00818 error);
00819 return(-RSBAC_EPERM); /* execution denied */
00820 }
00821 /* check ticket entries */
00822 if( (all_data.tkt.function_type != PTF_add_task)
00823 || (all_data.tkt.function_param.add_task.id
00824 != param.add_task.id)
00825 || (all_data.tkt.function_param.add_task.purpose
00826 != param.add_task.purpose) )
00827 return(-RSBAC_EPERM);
00828
00829 /* check, whether purpose exists */
00830 pm_tid2.pp = param.add_task.purpose;
00831 if(!rsbac_pm_exists(ta_number,
00832 PMT_PP,
00833 pm_tid2))
00834 return(-RSBAC_EINVALIDVALUE);
00835
00836 /* get ticket issuer role */
00837 tid.user = all_data.tkt.issuer;
00838 if((error = rsbac_ta_get_attr(ta_number,
00839 PM,
00840 T_USER,
00841 tid,
00842 A_pm_role,
00843 &attr_val,
00844 TRUE)))
00845 {
00846 printk(KERN_WARNING
00847 "rsbac_pm(): rsbac_get_attr() for USER/pm_role returned error %i",
00848 error);
00849 return(-RSBAC_EREADFAILED); /* execution denied */
00850 }
00851
00852 if(attr_val.pm_role != PR_data_protection_officer)
00853 {
00854 /* illegal issuer -> remove target */
00855 rsbac_pm_remove_target(ta_number,PMT_TKT,pm_tid);
00856 return(-RSBAC_EPERM);
00857 }
00858
00859 /* OK, all checks done. Now change data. */
00860 /* First remove ticket to prevent repeated calls. */
00861 rsbac_pm_remove_target(ta_number,PMT_TKT,pm_tid);
00862
00863 /* try to add task */
00864 all_data.task.id = param.add_task.id;
00865 all_data.task.purpose = param.add_task.purpose;
00866 all_data.task.tp_set = 0;
00867 all_data.task.ru_set = 0;
00868 return(rsbac_pm_add_target(ta_number,
00869 PMT_TASK,
00870 all_data));
00871
00872 case PF_delete_task:
00873 /* task-id 0 is used internally, reject */
00874 if(!param.add_task.id)
00875 return(-RSBAC_EINVALIDVALUE);
00876 if(role != PR_security_officer)
00877 return(-RSBAC_EPERM);
00878 /* get ticket data, deny, if not found */
00879 pm_tid.tkt = tkt;
00880 if((error = rsbac_pm_get_all_data(ta_number,
00881 PMT_TKT,
00882 pm_tid,
00883 &all_data)))
00884 { /* returns error -RSBAC_EINVALIDTARGET (old ds) or ENOTFOUND, if not found */
00885 if( (error != -RSBAC_EINVALIDTARGET)
00886 && (error != -RSBAC_ENOTFOUND)
00887 )
00888 printk(KERN_WARNING
00889 "rsbac_pm(): rsbac_pm_get_all_data() for ticket returned error %i",
00890 error);
00891 return(-RSBAC_EPERM); /* execution denied */
00892 }
00893 /* check ticket entries */
00894 if( (all_data.tkt.function_type != PTF_delete_task)
00895 || (all_data.tkt.function_param.delete_task.id
00896 != param.delete_task.id) )
00897 return(-RSBAC_EPERM);
00898
00899 /* get ticket issuer role */
00900 tid.user = all_data.tkt.issuer;
00901 if((error = rsbac_ta_get_attr(ta_number,
00902 PM,
00903 T_USER,
00904 tid,
00905 A_pm_role,
00906 &attr_val,
00907 TRUE)))
00908 {
00909 printk(KERN_WARNING
00910 "rsbac_pm(): rsbac_get_attr() for USER/pm_role returned error %i",
00911 error);
00912 return(-RSBAC_EREADFAILED); /* execution denied */
00913 }
00914
00915 if(attr_val.pm_role != PR_data_protection_officer)
00916 {
00917 /* illegal issuer -> remove target */
00918 rsbac_pm_remove_target(ta_number,PMT_TKT,pm_tid);
00919 return(-RSBAC_EPERM);
00920 }
00921
00922 /* OK, all checks done. Now change data. */
00923 /* First remove ticket to prevent repeated calls. */
00924 rsbac_pm_remove_target(ta_number,PMT_TKT,pm_tid);
00925
00926 /* try to delete task */
00927 pm_tid.task = param.delete_task.id;
00928 return(rsbac_pm_remove_target(ta_number,
00929 PMT_TASK,
00930 pm_tid));
00931
00932 case PF_add_object_class:
00933 /* class-id 0/NIL, IPC and DEV are used internally, reject */
00934 if( !param.add_object_class.id
00935 || (param.add_object_class.id == RSBAC_PM_IPC_OBJECT_CLASS_ID)
00936 || (param.add_object_class.id == RSBAC_PM_DEV_OBJECT_CLASS_ID))
00937 {
00938 printk(KERN_DEBUG
00939 "rsbac_pm(): add_object_class: reserved class-id 0, %u or %u requested!\n",
00940 RSBAC_PM_IPC_OBJECT_CLASS_ID,
00941 RSBAC_PM_DEV_OBJECT_CLASS_ID);
00942 return(-RSBAC_EINVALIDVALUE);
00943 }
00944 if(role != PR_security_officer)
00945 return(-RSBAC_EPERM);
00946 /* get ticket data, deny, if not found */
00947 pm_tid.tkt = tkt;
00948 if((error = rsbac_pm_get_all_data(ta_number,
00949 PMT_TKT,
00950 pm_tid,
00951 &all_data)))
00952 { /* returns error -RSBAC_EINVALIDTARGET (old ds) or ENOTFOUND, if not found */
00953 if( (error != -RSBAC_EINVALIDTARGET)
00954 && (error != -RSBAC_ENOTFOUND)
00955 )
00956 printk(KERN_WARNING
00957 "rsbac_pm(): rsbac_pm_get_all_data() for ticket returned error %i",
00958 error);
00959 return(-RSBAC_EPERM); /* execution denied */
00960 }
00961 /* check ticket entries */
00962 if( (all_data.tkt.function_type != PTF_add_object_class)
00963 || (all_data.tkt.function_param.tkt_add_object_class.id
00964 != param.add_object_class.id) )
00965 return(-RSBAC_EPERM);
00966 /* get ticket issuer role */
00967 tid.user = all_data.tkt.issuer;
00968 if((error = rsbac_ta_get_attr(ta_number,
00969 PM,
00970 T_USER,
00971 tid,
00972 A_pm_role,
00973 &attr_val,
00974 TRUE)))
00975 {
00976 printk(KERN_WARNING
00977 "rsbac_pm(): rsbac_get_attr() for USER/pm_role returned error %i",
00978 error);
00979 return(-RSBAC_EREADFAILED); /* execution denied */
00980 }
00981
00982 if(attr_val.pm_role != PR_data_protection_officer)
00983 {
00984 /* illegal issuer -> remove target */
00985 rsbac_pm_remove_target(ta_number,PMT_TKT,pm_tid);
00986 return(-RSBAC_EPERM);
00987 }
00988
00989 /* check purposes in ticket against those provided */
00990 if(param.add_object_class.pp_list_p)
00991 {
00992 if(!all_data.tkt.function_param.tkt_add_object_class.pp_set)
00993 {
00994 printk(KERN_DEBUG
00995 "rsbac_pm(): add_object_class: no purpose in tkt\n");
00996 return(-RSBAC_EINVALIDVALUE);
00997 }
00998 pm_set_id.pp_set = all_data.tkt.function_param.tkt_add_object_class.pp_set;
00999 rsbac_get_user((u_char *) &pp_set,
01000 (u_char *) param.add_object_class.pp_list_p,
01001 sizeof(pp_set));
01002 pm_set_member.pp = pp_set.id;
01003 if(!rsbac_pm_set_member(ta_number,PS_PP,pm_set_id,pm_set_member))
01004 {
01005 printk(KERN_DEBUG
01006 "rsbac_pm(): add_object_class: first purpose-id %i not in tkt-set\n",
01007 pp_set.id);
01008 return(-RSBAC_EINVALIDVALUE);
01009 }
01010
01011 while(pp_set.next)
01012 {
01013 rsbac_get_user((u_char *) &pp_set,
01014 (u_char *) pp_set.next,
01015 sizeof(pp_set));
01016 pm_set_member.pp = pp_set.id;
01017 if(!rsbac_pm_set_member(ta_number,PS_PP,pm_set_id,pm_set_member))
01018 {
01019 printk(KERN_DEBUG
01020 "rsbac_pm(): add_object_class: purpose-id %i not in tkt-set\n",
01021 pp_set.id);
01022 return(-RSBAC_EINVALIDVALUE);
01023 }
01024 }
01025 }
01026
01027 /* OK, all checks done. Now change data. */
01028 /* First remove ticket to prevent repeated */
01029 /* calls and memory waste. */
01030 rsbac_pm_remove_target(ta_number,PMT_TKT,pm_tid);
01031
01032 /* check, whether class exists */
01033 pm_tid.object_class = param.add_object_class.id;
01034 class_exists = rsbac_pm_exists(ta_number,PMT_CLASS, pm_tid);
01035 if(!class_exists)
01036 {
01037 /* try to add class */
01038 all_data.object_class.id = param.add_object_class.id;
01039 all_data.object_class.pp_set = 0;
01040 if((error = rsbac_pm_add_target(ta_number,
01041 PMT_CLASS,
01042 all_data)))
01043 return(error);
01044 }
01045
01046 /* get purposes from user space and add them to set */
01047 if(param.add_object_class.pp_list_p)
01048 {
01049 pm_set_id.pp_set = param.add_object_class.id;
01050 if(!class_exists)
01051 {
01052 if(rsbac_pm_create_set(ta_number,PS_PP,pm_set_id))
01053 return(-RSBAC_EWRITEFAILED);
01054 }
01055 else
01056 {
01057 if(rsbac_pm_clear_set(ta_number,PS_PP,pm_set_id))
01058 return(-RSBAC_EWRITEFAILED);
01059 }
01060
01061 rsbac_get_user((u_char *) &pp_set,
01062 (u_char *) param.add_object_class.pp_list_p,
01063 sizeof(pp_set));
01064 pm_set_member.pp = pp_set.id;
01065 if(rsbac_pm_add_to_set(ta_number,PS_PP,pm_set_id,pm_set_member))
01066 {
01067 printk(KERN_DEBUG
01068 "rsbac_pm(): add_object_class: could not add first purpose-id %i to pp_set\n",
01069 pp_set.id);
01070 return(-RSBAC_EWRITEFAILED);
01071 }
01072
01073 while(pp_set.next)
01074 {
01075 rsbac_get_user((u_char *) &pp_set,
01076 (u_char *) pp_set.next,
01077 sizeof(pp_set));
01078 pm_set_member.pp = pp_set.id;
01079 if(rsbac_pm_add_to_set(ta_number,PS_PP,pm_set_id,pm_set_member))
01080 {
01081 printk(KERN_DEBUG
01082 "rsbac_pm(): add_object_class: could not add purpose-id %i to pp_set\n",
01083 pp_set.id);
01084 return(-RSBAC_EWRITEFAILED);
01085 }
01086 }
01087 /* notify class item of its pp_set_id */
01088 pm_tid.object_class = param.add_object_class.id;
01089 data_val.pp_set = param.add_object_class.id;
01090 if((error = rsbac_pm_set_data(ta_number,
01091 PMT_CLASS,
01092 pm_tid,
01093 PD_pp_set,
01094 data_val)))
01095 {
01096 printk(KERN_DEBUG
01097 "rsbac_pm(): add_object_class: could not set pp_set_id for class\n");
01098 return(-RSBAC_EWRITEFAILED);
01099 }
01100 }
01101 /* ready */
01102 return(0);
01103
01104 case PF_delete_object_class:
01105 /* class-id 0/NIL, IPC and DEV are used internally, reject */
01106 if( !param.delete_object_class.id
01107 || (param.delete_object_class.id == RSBAC_PM_IPC_OBJECT_CLASS_ID)
01108 || (param.delete_object_class.id == RSBAC_PM_DEV_OBJECT_CLASS_ID))
01109 return(-RSBAC_EINVALIDVALUE);
01110 if(role != PR_security_officer)
01111 return(-RSBAC_EPERM);
01112 /* get ticket data, deny, if not found */
01113 pm_tid.tkt = tkt;
01114 if((error = rsbac_pm_get_all_data(ta_number,
01115 PMT_TKT,
01116 pm_tid,
01117 &all_data)))
01118 { /* returns error -RSBAC_EINVALIDTARGET (old ds) or ENOTFOUND, if not found */
01119 if( (error != -RSBAC_EINVALIDTARGET)
01120 && (error != -RSBAC_ENOTFOUND)
01121 )
01122 printk(KERN_WARNING
01123 "rsbac_pm(): rsbac_pm_get_all_data() for ticket returned error %i",
01124 error);
01125 return(-RSBAC_EPERM); /* execution denied */
01126 }
01127 /* check ticket entries */
01128 if( (all_data.tkt.function_type != PTF_delete_object_class)
01129 || (all_data.tkt.function_param.delete_object_class.id
01130 != param.delete_object_class.id) )
01131 return(-RSBAC_EPERM);
01132 /* get ticket issuer role */
01133 tid.user = all_data.tkt.issuer;
01134 if((error = rsbac_ta_get_attr(ta_number,
01135 PM,
01136 T_USER,
01137 tid,
01138 A_pm_role,
01139 &attr_val,
01140 TRUE)))
01141 {
01142 printk(KERN_WARNING
01143 "rsbac_pm(): rsbac_get_attr() for USER/pm_role returned error %i",
01144 error);
01145 return(-RSBAC_EREADFAILED); /* execution denied */
01146 }
01147
01148 if(attr_val.pm_role != PR_data_protection_officer)
01149 {
01150 /* illegal issuer -> remove target */
01151 rsbac_pm_remove_target(ta_number,PMT_TKT,pm_tid);
01152 return(-RSBAC_EPERM);
01153 }
01154
01155 /* OK, all checks done. Now change data. */
01156 /* First remove ticket to prevent repeated calls. */
01157 rsbac_pm_remove_target(ta_number,PMT_TKT,pm_tid);
01158
01159 /* try to delete class */
01160 pm_tid.object_class = param.delete_object_class.id;
01161 return(rsbac_pm_remove_target(ta_number,
01162 PMT_CLASS,
01163 pm_tid));
01164
01165 case PF_add_authorized_tp:
01166 /* task-id 0 and tp-id 0 are used internally, reject */
01167 if(!param.add_authorized_tp.task || !param.add_authorized_tp.tp)
01168 return(-RSBAC_EINVALIDVALUE);
01169 if(role != PR_security_officer)
01170 return(-RSBAC_EPERM);
01171
01172 /* get ticket data, deny, if not found */
01173 pm_tid.tkt = tkt;
01174 if((error = rsbac_pm_get_all_data(ta_number,
01175 PMT_TKT,
01176 pm_tid,
01177 &all_data)))
01178 { /* returns error -RSBAC_EINVALIDTARGET (old ds) or ENOTFOUND, if not found */
01179 if( (error != -RSBAC_EINVALIDTARGET)
01180 && (error != -RSBAC_ENOTFOUND)
01181 )
01182 printk(KERN_WARNING
01183 "rsbac_pm(): rsbac_pm_get_all_data() for ticket returned error %i",
01184 error);
01185 return(-RSBAC_EPERM); /* execution denied */
01186 }
01187 /* check ticket entries */
01188 if( (all_data.tkt.function_type != PTF_add_authorized_tp)
01189 || (all_data.tkt.function_param.add_authorized_tp.task
01190 != param.add_authorized_tp.task)
01191 || (all_data.tkt.function_param.add_authorized_tp.tp
01192 != param.add_authorized_tp.tp) )
01193 return(-RSBAC_EPERM);
01194
01195 /* check, whether task exists */
01196 pm_tid2.task = param.add_authorized_tp.task;
01197 if(!rsbac_pm_exists(ta_number,
01198 PMT_TASK,
01199 pm_tid2))
01200 return(-RSBAC_EINVALIDVALUE);
01201 /* check, whether tp exists */
01202 pm_tid2.tp = param.add_authorized_tp.tp;
01203 if(!rsbac_pm_exists(ta_number,
01204 PMT_TP,
01205 pm_tid2))
01206 return(-RSBAC_EINVALIDVALUE);
01207
01208 /* get ticket issuer role */
01209 tid.user = all_data.tkt.issuer;
01210 if((error = rsbac_ta_get_attr(ta_number,
01211 PM,
01212 T_USER,
01213 tid,
01214 A_pm_role,
01215 &attr_val,
01216 TRUE)))
01217 {
01218 printk(KERN_WARNING
01219 "rsbac_pm(): rsbac_get_attr() for USER/pm_role returned error %i",
01220 error);
01221 return(-RSBAC_EREADFAILED); /* execution denied */
01222 }
01223
01224 if(attr_val.pm_role != PR_data_protection_officer)
01225 {
01226 /* illegal issuer -> remove target */
01227 rsbac_pm_remove_target(ta_number,PMT_TKT,pm_tid);
01228 return(-RSBAC_EPERM);
01229 }
01230
01231 /* OK, all checks done. Now change data. */
01232 /* First remove ticket to prevent repeated calls. */
01233 rsbac_pm_remove_target(ta_number,PMT_TKT,pm_tid);
01234
01235 /* try to add tp to tp_set of task */
01236 /* lookup tp_set_id for this task */
01237 pm_tid.task = param.add_authorized_tp.task;
01238 if((error = rsbac_pm_get_data(ta_number,
01239 PMT_TASK,
01240 pm_tid,
01241 PD_tp_set,
01242 &data_val)))
01243 return(-RSBAC_EREADFAILED);
01244 /* if tp_set is 0, it must be created and notified to task-data */
01245 if(!data_val.tp_set)
01246 {
01247 pm_set_id.tp_set = param.add_authorized_tp.task;
01248 if((error = rsbac_pm_create_set(ta_number,
01249 PS_TP,
01250 pm_set_id)))
01251 return(error);
01252 data_val.tp_set = param.add_authorized_tp.task;
01253 if((error = rsbac_pm_set_data(ta_number,
01254 PMT_TASK,
01255 pm_tid,
01256 PD_tp_set,
01257 data_val)))
01258 return(-RSBAC_EWRITEFAILED);
01259 }
01260
01261 /* now that we know the set exists, try to add tp to it */
01262 pm_set_id.tp_set = data_val.tp_set;
01263 pm_set_member.tp = param.add_authorized_tp.tp;
01264 if(rsbac_pm_add_to_set(ta_number,PS_TP,pm_set_id,pm_set_member))
01265 return(-RSBAC_EWRITEFAILED);
01266 else
01267 /* ready */
01268 return(0);
01269
01270 case PF_delete_authorized_tp:
01271 /* task-id 0 and tp-id 0 are used internally, reject */
01272 if(!param.delete_authorized_tp.task || !param.delete_authorized_tp.tp)
01273 return(-RSBAC_EINVALIDVALUE);
01274 if(role != PR_security_officer)
01275 return(-RSBAC_EPERM);
01276
01277 /* get ticket data, deny, if not found */
01278 pm_tid.tkt = tkt;
01279 if((error = rsbac_pm_get_all_data(ta_number,
01280 PMT_TKT,
01281 pm_tid,
01282 &all_data)))
01283 { /* returns error -RSBAC_EINVALIDTARGET (old ds) or ENOTFOUND, if not found */
01284 if( (error != -RSBAC_EINVALIDTARGET)
01285 && (error != -RSBAC_ENOTFOUND)
01286 )
01287 printk(KERN_WARNING
01288 "rsbac_pm(): rsbac_pm_get_all_data() for ticket returned error %i",
01289 error);
01290 return(-RSBAC_EPERM); /* execution denied */
01291 }
01292 /* check ticket entries */
01293 if( (all_data.tkt.function_type != PTF_delete_authorized_tp)
01294 || (all_data.tkt.function_param.delete_authorized_tp.task
01295 != param.delete_authorized_tp.task)
01296 || (all_data.tkt.function_param.delete_authorized_tp.tp
01297 != param.delete_authorized_tp.tp) )
01298 return(-RSBAC_EPERM);
01299
01300 /* get ticket issuer role */
01301 tid.user = all_data.tkt.issuer;
01302 if((error = rsbac_ta_get_attr(ta_number,
01303 PM,
01304 T_USER,
01305 tid,
01306 A_pm_role,
01307 &attr_val,
01308 TRUE)))
01309 {
01310 printk(KERN_WARNING
01311 "rsbac_pm(): rsbac_get_attr() for USER/pm_role returned error %i",
01312 error);
01313 return(-RSBAC_EREADFAILED); /* execution denied */
01314 }
01315
01316 if(attr_val.pm_role != PR_data_protection_officer)
01317 {
01318 /* illegal issuer -> remove target */
01319 rsbac_pm_remove_target(ta_number,PMT_TKT,pm_tid);
01320 return(-RSBAC_EPERM);
01321 }
01322
01323 /* OK, all checks done. Now change data. */
01324 /* First remove ticket to prevent repeated calls. */
01325 rsbac_pm_remove_target(ta_number,PMT_TKT,pm_tid);
01326
01327 /* try to remove tp from tp_set of task */
01328 /* lookup tp_set_id for this task */
01329 pm_tid.task = param.delete_authorized_tp.task;
01330 if((error = rsbac_pm_get_data(ta_number,
01331 PMT_TASK,
01332 pm_tid,
01333 PD_tp_set,
01334 &data_val)))
01335 return(-RSBAC_EREADFAILED);
01336 /* if tp_set is 0, there are no tps to delete -> return */
01337 if(!data_val.tp_set)
01338 return(-RSBAC_EINVALIDVALUE);
01339
01340 /* now that we know the set exists, try to remove tp from it */
01341 pm_set_id.tp_set = data_val.tp_set;
01342 pm_set_member.tp = param.delete_authorized_tp.tp;
01343 if(rsbac_pm_remove_from_set(ta_number,PS_TP,pm_set_id,pm_set_member))
01344 return(-RSBAC_EWRITEFAILED);
01345 else
01346 /* ready */
01347 return(0);
01348
01349 case PF_add_consent:
01350 /* purpose_id 0 is used internally, reject */
01351 if(!param.add_consent.purpose)
01352 return(-RSBAC_EINVALIDVALUE);
01353 if(role != PR_security_officer)
01354 return(-RSBAC_EPERM);
01355
01356 /* get ticket data, deny, if not found */
01357 pm_tid.tkt = tkt;
01358 if((error = rsbac_pm_get_all_data(ta_number,
01359 PMT_TKT,
01360 pm_tid,
01361 &all_data)))
01362 { /* returns error -RSBAC_EINVALIDTARGET (old ds) or ENOTFOUND, if not found */
01363 if( (error != -RSBAC_EINVALIDTARGET)
01364 && (error != -RSBAC_ENOTFOUND)
01365 )
01366 printk(KERN_WARNING
01367 "rsbac_pm(): rsbac_pm_get_all_data() for ticket returned error %i",
01368 error);
01369 return(-RSBAC_EPERM); /* execution denied */
01370 }
01371 /* get file id */
01372 if ((error = pm_get_file(param.add_consent.filename, &target, &tid)) < 0)
01373 {
01374 #ifdef CONFIG_RSBAC_DEBUG
01375 if (rsbac_debug_aef_pm)
01376 printk(KERN_DEBUG
01377 "rsbac_pm(): call to pm_get_file() returned error %i\n",
01378 error);
01379 #endif
01380 return(-RSBAC_EINVALIDTARGET);
01381 }
01382 /* target must be file */
01383 if(target != T_FILE)
01384 return(-RSBAC_EINVALIDTARGET);
01385 /* check ticket entries */
01386 if( (all_data.tkt.function_type != PTF_add_consent)
01387 || (RSBAC_MAJOR(all_data.tkt.function_param.tkt_add_consent.file.device)
01388 != RSBAC_MAJOR(tid.file.device))
01389 || (RSBAC_MINOR(all_data.tkt.function_param.tkt_add_consent.file.device)
01390 != RSBAC_MINOR(tid.file.device))
01391 || (all_data.tkt.function_param.tkt_add_consent.file.inode
01392 != tid.file.inode)
01393 || (all_data.tkt.function_param.tkt_add_consent.purpose
01394 != param.add_consent.purpose) )
01395 return(-RSBAC_EPERM);
01396 file = tid.file;
01397 /* check, whether purpose exists */
01398 pm_tid2.pp = param.add_consent.purpose;
01399 if(!rsbac_pm_exists(ta_number,
01400 PMT_PP,
01401 pm_tid2))
01402 return(-RSBAC_EINVALIDVALUE);
01403
01404 /* get ticket issuer role */
01405 tid.user = all_data.tkt.issuer;
01406 if((error = rsbac_ta_get_attr(ta_number,
01407 PM,
01408 T_USER,
01409 tid,
01410 A_pm_role,
01411 &attr_val,
01412 TRUE)))
01413 {
01414 printk(KERN_WARNING
01415 "rsbac_pm(): rsbac_get_attr() for USER/pm_role returned error %i",
01416 error);
01417 return(-RSBAC_EREADFAILED); /* execution denied */
01418 }
01419
01420 if(attr_val.pm_role != PR_data_protection_officer)
01421 {
01422 /* illegal issuer -> remove target */
01423 rsbac_pm_remove_target(ta_number,PMT_TKT,pm_tid);
01424 return(-RSBAC_EPERM);
01425 }
01426
01427 /* OK, all checks done. Now change data. */
01428 /* First remove ticket to prevent repeated calls. */
01429 rsbac_pm_remove_target(ta_number,PMT_TKT,pm_tid);
01430
01431 /* check, whether this consent exists */
01432 pm_tid.cs.file = file;
01433 pm_tid.cs.purpose = param.add_consent.purpose;
01434 if(rsbac_pm_exists(ta_number,
01435 PMT_CS,
01436 pm_tid))
01437 return(-RSBAC_EEXISTS);
01438 /* consent does not exist, try to add it */
01439 all_data.cs.file = file;
01440 all_data.cs.purpose = param.add_consent.purpose;
01441 return(rsbac_pm_add_target(ta_number,PMT_CS,all_data));
01442
01443 case PF_delete_consent:
01444 /* purpose_id 0 is used internally, reject */
01445 if(!param.delete_consent.purpose)
01446 return(-RSBAC_EINVALIDVALUE);
01447 if(role != PR_security_officer)
01448 return(-RSBAC_EPERM);
01449
01450 /* get ticket data, deny, if not found */
01451 pm_tid.tkt = tkt;
01452 if((error = rsbac_pm_get_all_data(ta_number,
01453 PMT_TKT,
01454 pm_tid,
01455 &all_data)))
01456 { /* returns error -RSBAC_EINVALIDTARGET (old ds) or ENOTFOUND, if not found */
01457 if( (error != -RSBAC_EINVALIDTARGET)
01458 && (error != -RSBAC_ENOTFOUND)
01459 )
01460 printk(KERN_WARNING
01461 "rsbac_pm(): rsbac_pm_get_all_data() for ticket returned error %i",
01462 error);
01463 return(-RSBAC_EPERM); /* execution denied */
01464 }
01465 /* get file id */
01466 if ((error = pm_get_file(param.add_consent.filename, &target, &tid)) < 0)
01467 {
01468 #ifdef CONFIG_RSBAC_DEBUG
01469 if (rsbac_debug_aef_pm)
01470 printk(KERN_DEBUG
01471 "rsbac_pm(): call to pm_get_file() returned error %i\n",
01472 error);
01473 #endif
01474 return(-RSBAC_EINVALIDTARGET);
01475 }
01476 /* target must be file */
01477 if(target != T_FILE)
01478 return(-RSBAC_EINVALIDTARGET);
01479 file=tid.file;
01480 /* check ticket entries */
01481 if( (all_data.tkt.function_type != PTF_delete_consent)
01482 || (RSBAC_MAJOR(all_data.tkt.function_param.tkt_delete_consent.file.device)
01483 != RSBAC_MAJOR(file.device))
01484 || (RSBAC_MINOR(all_data.tkt.function_param.tkt_delete_consent.file.device)
01485 != RSBAC_MINOR(file.device))
01486 || (all_data.tkt.function_param.tkt_delete_consent.file.inode
01487 != file.inode)
01488 || (all_data.tkt.function_param.tkt_delete_consent.purpose
01489 != param.delete_consent.purpose) )
01490 return(-RSBAC_EPERM);
01491
01492 /* get ticket issuer role */
01493 tid.user = all_data.tkt.issuer;
01494 if((error = rsbac_ta_get_attr(ta_number,
01495 PM,
01496 T_USER,
01497 tid,
01498 A_pm_role,
01499 &attr_val,
01500 TRUE)))
01501 {
01502 printk(KERN_WARNING
01503 "rsbac_pm(): rsbac_get_attr() for USER/pm_role returned error %i",
01504 error);
01505 return(-RSBAC_EREADFAILED); /* execution denied */
01506 }
01507
01508 if(attr_val.pm_role != PR_data_protection_officer)
01509 {
01510 /* illegal issuer -> remove target */
01511 rsbac_pm_remove_target(ta_number,PMT_TKT,pm_tid);
01512 return(-RSBAC_EPERM);
01513 }
01514
01515 /* OK, all checks done. Now change data. */
01516 /* First remove ticket to prevent repeated calls. */
01517 rsbac_pm_remove_target(ta_number,PMT_TKT,pm_tid);
01518
01519 /* try to delete this consent */
01520 pm_tid.cs.file = file;
01521 pm_tid.cs.purpose = param.delete_consent.purpose;
01522 return(rsbac_pm_remove_target(ta_number,
01523 PMT_CS,
01524 pm_tid));
01525
01526 case PF_add_purpose:
01527 /* purpose_id 0, classes 0, IPC and DEV are used internally, reject */
01528 if( !param.add_purpose.id
01529 || !param.add_purpose.def_class
01530 || (param.add_purpose.def_class
01531 == RSBAC_PM_IPC_OBJECT_CLASS_ID)
01532 || (param.add_purpose.def_class
01533 == RSBAC_PM_DEV_OBJECT_CLASS_ID) )
01534 return(-RSBAC_EINVALIDVALUE);
01535 if(role != PR_security_officer)
01536 return(-RSBAC_EPERM);
01537
01538 /* get ticket data, deny, if not found */
01539 pm_tid.tkt = tkt;
01540 if((error = rsbac_pm_get_all_data(ta_number,
01541 PMT_TKT,
01542 pm_tid,
01543 &all_data)))
01544 { /* returns error -RSBAC_EINVALIDTARGET (old ds) or ENOTFOUND, if not found */
01545 if( (error != -RSBAC_EINVALIDTARGET)
01546 && (error != -RSBAC_ENOTFOUND)
01547 )
01548 printk(KERN_WARNING
01549 "rsbac_pm(): rsbac_pm_get_all_data() for ticket returned error %i",
01550 error);
01551 return(-RSBAC_EPERM); /* execution denied */
01552 }
01553 /* check ticket entries */
01554 if( (all_data.tkt.function_type != PTF_add_purpose)
01555 || (all_data.tkt.function_param.add_purpose.id
01556 != param.add_purpose.id)
01557 || (all_data.tkt.function_param.add_purpose.def_class
01558 != param.add_purpose.def_class) )
01559 return(-RSBAC_EPERM);
01560
01561 /* get ticket issuer role */
01562 tid.user = all_data.tkt.issuer;
01563 if((error = rsbac_ta_get_attr(ta_number,
01564 PM,
01565 T_USER,
01566 tid,
01567 A_pm_role,
01568 &attr_val,
01569 TRUE)))
01570 {
01571 printk(KERN_WARNING
01572 "rsbac_pm(): rsbac_get_attr() for USER/pm_role returned error %i",
01573 error);
01574 return(-RSBAC_EREADFAILED); /* execution denied */
01575 }
01576
01577 if(attr_val.pm_role != PR_data_protection_officer)
01578 {
01579 /* illegal issuer -> remove target */
01580 rsbac_pm_remove_target(ta_number,PMT_TKT,pm_tid);
01581 return(-RSBAC_EPERM);
01582 }
01583
01584 /* OK, all checks done. Now change data. */
01585 /* First remove ticket to prevent repeated calls. */
01586 rsbac_pm_remove_target(ta_number,PMT_TKT,pm_tid);
01587
01588 /* if def_class does not exist, try to create it */
01589 pm_tid.object_class = param.add_purpose.def_class;
01590 if(!rsbac_pm_exists(ta_number,
01591 PMT_CLASS,
01592 pm_tid))
01593 {
01594 /* try to add class */
01595 all_data.object_class.id = param.add_purpose.def_class;
01596 all_data.object_class.pp_set = 0;
01597 if((error = rsbac_pm_add_target(ta_number,
01598 PMT_CLASS,
01599 all_data)))
01600 return(error);
01601 }
01602
01603 /* try to add purpose */
01604 all_data.pp.id = param.add_purpose.id;
01605 all_data.pp.def_class = param.add_purpose.def_class;
01606 if((error = rsbac_pm_add_target(ta_number,
01607 PMT_PP,
01608 all_data)))
01609 return(error);
01610
01611 /* add purpose to purpose-set of class */
01612 /* lookup pp_set_id for this class */
01613 pm_tid.object_class = param.add_purpose.def_class;
01614 if((error = rsbac_pm_get_data(ta_number,
01615 PMT_CLASS,
01616 pm_tid,
01617 PD_pp_set,
01618 &data_val)))
01619 return(-RSBAC_EREADFAILED);
01620 /* if no pp-set: create it and set it in class structure */
01621 if(!data_val.pp_set)
01622 {
01623 pm_set_id.pp_set = param.add_purpose.def_class;
01624 if(rsbac_pm_create_set(ta_number,PS_PP,pm_set_id))
01625 return(-RSBAC_EWRITEFAILED);
01626 data_val.pp_set = param.add_purpose.def_class;
01627 if((error = rsbac_pm_set_data(ta_number,
01628 PMT_CLASS,
01629 pm_tid,
01630 PD_pp_set,
01631 data_val)))
01632 return(-RSBAC_EWRITEFAILED);
01633 }
01634 /* now that we know the set exists, try to add purpose to it */
01635 pm_set_id.pp_set = data_val.pp_set;
01636 pm_set_member.pp = param.add_purpose.id;
01637 if(rsbac_pm_add_to_set(ta_number,PS_PP,pm_set_id,pm_set_member))
01638 return(-RSBAC_EWRITEFAILED);
01639 else
01640 /* ready */
01641 return(0);
01642
01643 case PF_delete_purpose:
01644 /* purpose_id 0 is used internally, reject */
01645 if(!param.delete_purpose.id)
01646 return(-RSBAC_EINVALIDVALUE);
01647 if(role != PR_security_officer)
01648 return(-RSBAC_EPERM);
01649
01650 /* get ticket data, deny, if not found */
01651 pm_tid.tkt = tkt;
01652 if((error = rsbac_pm_get_all_data(ta_number,
01653 PMT_TKT,
01654 pm_tid,
01655 &all_data)))
01656 { /* returns error -RSBAC_EINVALIDTARGET (old ds) or ENOTFOUND, if not found */
01657 if( (error != -RSBAC_EINVALIDTARGET)
01658 && (error != -RSBAC_ENOTFOUND)
01659 )
01660 printk(KERN_WARNING
01661 "rsbac_pm(): rsbac_pm_get_all_data() for ticket returned error %i",
01662 error);
01663 return(-RSBAC_EPERM); /* execution denied */
01664 }
01665 /* check ticket entries */
01666 if( (all_data.tkt.function_type != PTF_delete_purpose)
01667 || (all_data.tkt.function_param.delete_purpose.id
01668 != param.delete_purpose.id) )
01669 return(-RSBAC_EPERM);
01670
01671 /* get ticket issuer role */
01672 tid.user = all_data.tkt.issuer;
01673 if((error = rsbac_ta_get_attr(ta_number,
01674 PM,
01675 T_USER,
01676 tid,
01677 A_pm_role,
01678 &attr_val,
01679 TRUE)))
01680 {
01681 printk(KERN_WARNING
01682 "rsbac_pm(): rsbac_get_attr() for USER/pm_role returned error %i",
01683 error);
01684 return(-RSBAC_EREADFAILED); /* execution denied */
01685 }
01686
01687 if(attr_val.pm_role != PR_data_protection_officer)
01688 {
01689 /* illegal issuer -> delete ticket */
01690 rsbac_pm_remove_target(ta_number,PMT_TKT,pm_tid);
01691 return(-RSBAC_EPERM);
01692 }
01693
01694 /* OK, all checks done. Now change data. */
01695 /* First remove ticket to prevent repeated calls. */
01696 rsbac_pm_remove_target(ta_number,PMT_TKT,pm_tid);
01697
01698 /* try to delete this purpose */
01699 pm_tid.pp = param.delete_purpose.id;
01700 return(rsbac_pm_remove_target(ta_number,
01701 PMT_PP,
01702 pm_tid));
01703
01704 case PF_add_responsible_user:
01705 /* task_id 0 is used internally, reject */
01706 if(!param.add_responsible_user.task)
01707 return(-RSBAC_EINVALIDVALUE);
01708 if(role != PR_security_officer)
01709 return(-RSBAC_EPERM);
01710
01711 /* get ticket data, deny, if not found */
01712 pm_tid.tkt = tkt;
01713 if((error = rsbac_pm_get_all_data(ta_number,
01714 PMT_TKT,
01715 pm_tid,
01716 &all_data)))
01717 { /* returns error -RSBAC_EINVALIDTARGET (old ds) or ENOTFOUND, if not found */
01718 if( (error != -RSBAC_EINVALIDTARGET)
01719 && (error != -RSBAC_ENOTFOUND)
01720 )
01721 printk(KERN_WARNING
01722 "rsbac_pm(): rsbac_pm_get_all_data() for ticket returned error %i",
01723 error);
01724 return(-RSBAC_EPERM); /* execution denied */
01725 }
01726 /* check ticket entries */
01727 if( (all_data.tkt.function_type != PTF_add_responsible_user)
01728 || (all_data.tkt.function_param.add_responsible_user.user
01729 != param.add_responsible_user.user)
01730 || (all_data.tkt.function_param.add_responsible_user.task
01731 != param.add_responsible_user.task) )
01732 return(-RSBAC_EPERM);
01733
01734 /* check, whether task exists */
01735 pm_tid2.task = param.add_responsible_user.task;
01736 if(!rsbac_pm_exists(ta_number,
01737 PMT_TASK,
01738 pm_tid2))
01739 return(-RSBAC_EINVALIDVALUE);
01740
01741 /* get ticket issuer role */
01742 tid.user = all_data.tkt.issuer;
01743 if((error = rsbac_ta_get_attr(ta_number,
01744 PM,
01745 T_USER,
01746 tid,
01747 A_pm_role,
01748 &attr_val,
01749 TRUE)))
01750 {
01751 printk(KERN_WARNING
01752 "rsbac_pm(): rsbac_get_attr() for USER/pm_role returned error %i",
01753 error);
01754 return(-RSBAC_EREADFAILED); /* execution denied */
01755 }
01756
01757 if(attr_val.pm_role != PR_data_protection_officer)
01758 {
01759 /* illegal issuer -> delete ticket */
01760 rsbac_pm_remove_target(ta_number,PMT_TKT,pm_tid);
01761 return(-RSBAC_EPERM);
01762 }
01763
01764 /* OK, all checks done. Now change data. */
01765 /* First remove ticket to prevent repeated calls. */
01766 rsbac_pm_remove_target(ta_number,PMT_TKT,pm_tid);
01767
01768 /* try to add user to ru_set of task */
01769
01770 /* lookup ru_set_id for this task */
01771 pm_tid.task = param.add_responsible_user.task;
01772 if((error = rsbac_pm_get_data(ta_number,
01773 PMT_TASK,
01774 pm_tid,
01775 PD_ru_set,
01776 &data_val)))
01777 return(-RSBAC_EREADFAILED);
01778 /* if ru_set is 0, it must be created and notified to task-data */
01779 if(!data_val.ru_set)
01780 {
01781 pm_set_id.ru_set = param.add_responsible_user.task;
01782 if((error = rsbac_pm_create_set(ta_number,
01783 PS_RU,
01784 pm_set_id)))
01785 return(error);
01786 data_val.ru_set = param.add_responsible_user.task;
01787 if((error = rsbac_pm_set_data(ta_number,
01788 PMT_TASK,
01789 pm_tid,
01790 PD_ru_set,
01791 data_val)))
01792 return(-RSBAC_EWRITEFAILED);
01793 }
01794
01795 /* now that we know the set exists, try to add ru to it */
01796 pm_set_id.ru_set = data_val.ru_set;
01797 pm_set_member.ru = param.add_responsible_user.user;
01798 if(rsbac_pm_add_to_set(ta_number,PS_RU,pm_set_id,pm_set_member))
01799 return(-RSBAC_EWRITEFAILED);
01800 else
01801 /* ready */
01802 return(0);
01803
01804 case PF_delete_responsible_user:
01805 /* task_id 0 is used internally, reject */
01806 if(!param.delete_responsible_user.task)
01807 return(-RSBAC_EINVALIDVALUE);
01808 if(role != PR_security_officer)
01809 return(-RSBAC_EPERM);
01810
01811 /* get ticket data, deny, if not found */
01812 pm_tid.tkt = tkt;
01813 if((error = rsbac_pm_get_all_data(ta_number,
01814 PMT_TKT,
01815 pm_tid,
01816 &all_data)))
01817 { /* returns error -RSBAC_EINVALIDTARGET (old ds) or ENOTFOUND, if not found */
01818 if( (error != -RSBAC_EINVALIDTARGET)
01819 && (error != -RSBAC_ENOTFOUND)
01820 )
01821 printk(KERN_WARNING
01822 "rsbac_pm(): rsbac_pm_get_all_data() for ticket returned error %i",
01823 error);
01824 return(-RSBAC_EPERM); /* execution denied */
01825 }
01826 /* check ticket entries */
01827 if( (all_data.tkt.function_type != PTF_delete_responsible_user)
01828 || (all_data.tkt.function_param.delete_responsible_user.user
01829 != param.delete_responsible_user.user)
01830 || (all_data.tkt.function_param.delete_responsible_user.task
01831 != param.delete_responsible_user.task) )
01832 return(-RSBAC_EPERM);
01833
01834 /* get ticket issuer role */
01835 tid.user = all_data.tkt.issuer;
01836 if((error = rsbac_ta_get_attr(ta_number,
01837 PM,
01838 T_USER,
01839 tid,
01840 A_pm_role,
01841 &attr_val,
01842 TRUE)))
01843 {
01844 printk(KERN_WARNING
01845 "rsbac_pm(): rsbac_get_attr() for USER/pm_role returned error %i",
01846 error);
01847 return(-RSBAC_EREADFAILED); /* execution denied */
01848 }
01849
01850 if(attr_val.pm_role != PR_data_protection_officer)
01851 {
01852 /* illegal issuer -> delete ticket */
01853 rsbac_pm_remove_target(ta_number,PMT_TKT,pm_tid);
01854 return(-RSBAC_EPERM);
01855 }
01856
01857 /* OK, all checks done. Now change data. */
01858 /* First remove ticket to prevent repeated calls. */
01859 rsbac_pm_remove_target(ta_number,PMT_TKT,pm_tid);
01860 /* try to add user to ru_set of task */
01861 /* lookup ru_set_id for this task */
01862 pm_tid.task = param.delete_responsible_user.task;
01863 if((error = rsbac_pm_get_data(ta_number,
01864 PMT_TASK,
01865 pm_tid,
01866 PD_ru_set,
01867 &data_val)))
01868 return(-RSBAC_EREADFAILED);
01869 /* if ru_set is 0, there is nothing to delete */
01870 if(!data_val.ru_set)
01871 return(-RSBAC_EINVALIDVALUE);
01872
01873 /* now that we know the set exists, try to remove ru from it */
01874 pm_set_id.ru_set = data_val.ru_set;
01875 pm_set_member.ru = param.delete_responsible_user.user;
01876 if(rsbac_pm_remove_from_set(ta_number,PS_RU,pm_set_id,pm_set_member))
01877 return(-RSBAC_EWRITEFAILED);
01878 else
01879 /* ready */
01880 return(0);
01881
01882 case PF_delete_user_aci:
01883 if(role != PR_security_officer)
01884 return(-RSBAC_EPERM);
01885
01886 /* get ticket data, deny, if not found */
01887 pm_tid.tkt = tkt;
01888 if((error = rsbac_pm_get_all_data(ta_number,
01889 PMT_TKT,
01890 pm_tid,
01891 &all_data)))
01892 { /* returns error -RSBAC_EINVALIDTARGET (old ds) or ENOTFOUND, if not found */
01893 if( (error != -RSBAC_EINVALIDTARGET)
01894 && (error != -RSBAC_ENOTFOUND)
01895 )
01896 printk(KERN_WARNING
01897 "rsbac_pm(): rsbac_pm_get_all_data() for ticket returned error %i",
01898 error);
01899 return(-RSBAC_EPERM); /* execution denied */
01900 }
01901 /* check ticket entries */
01902 if( (all_data.tkt.function_type != PTF_delete_user_aci)
01903 || (all_data.tkt.function_param.delete_user_aci.id
01904 != param.delete_user_aci.id) )
01905 return(-RSBAC_EPERM);
01906
01907 /* get ticket issuer role */
01908 tid.user = all_data.tkt.issuer;
01909 if((error = rsbac_ta_get_attr(ta_number,
01910 PM,
01911 T_USER,
01912 tid,
01913 A_pm_role,
01914 &attr_val,
01915 TRUE)))
01916 {
01917 printk(KERN_WARNING
01918 "rsbac_pm(): rsbac_get_attr() for USER/pm_role returned error %i",
01919 error);
01920 return(-RSBAC_EREADFAILED); /* execution denied */
01921 }
01922
01923 if(attr_val.pm_role != PR_data_protection_officer)
01924 {
01925 /* illegal issuer -> delete ticket */
01926 rsbac_pm_remove_target(ta_number,PMT_TKT,pm_tid);
01927 return(-RSBAC_EPERM);
01928 }
01929
01930 /* OK, all checks done. Now remove aci. */
01931 /* First remove ticket to prevent repeated calls. */
01932 rsbac_pm_remove_target(ta_number,PMT_TKT,pm_tid);
01933 tid.user = param.delete_user_aci.id;
01934 rsbac_ta_remove_target(ta_number,T_USER,tid);
01935 return(0);
01936
01937 case PF_set_role:
01938 if(role != PR_security_officer)
01939 return(-RSBAC_EPERM);
01940
01941 /* get ticket data, deny, if not found */
01942 pm_tid.tkt = tkt;
01943 if((error = rsbac_pm_get_all_data(ta_number,
01944 PMT_TKT,
01945 pm_tid,
01946 &all_data)))
01947 { /* returns error -RSBAC_EINVALIDTARGET (old ds) or ENOTFOUND, if not found */
01948 if( (error != -RSBAC_EINVALIDTARGET)
01949 && (error != -RSBAC_ENOTFOUND)
01950 )
01951 printk(KERN_WARNING
01952 "rsbac_pm(): rsbac_pm_get_all_data() for ticket returned error %i",
01953 error);
01954 return(-RSBAC_EPERM); /* execution denied */
01955 }
01956 /* check ticket entries */
01957 if( (all_data.tkt.function_type != PTF_set_role)
01958 || (all_data.tkt.function_param.set_role.user
01959 != param.set_role.user)
01960 || (all_data.tkt.function_param.set_role.role
01961 != param.set_role.role) )
01962 return(-RSBAC_EPERM);
01963
01964 /* get ticket issuer role */
01965 tid.user = all_data.tkt.issuer;
01966 if((error = rsbac_ta_get_attr(ta_number,
01967 PM,
01968 T_USER,
01969 tid,
01970 A_pm_role,
01971 &attr_val,
01972 TRUE)))
01973 {
01974 printk(KERN_WARNING
01975 "rsbac_pm(): rsbac_get_attr() for USER/pm_role returned error %i",
01976 error);
01977 return(-RSBAC_EREADFAILED); /* execution denied */
01978 }
01979
01980 if(attr_val.pm_role != PR_data_protection_officer)
01981 {
01982 /* illegal issuer -> delete ticket */
01983 rsbac_pm_remove_target(ta_number,PMT_TKT,pm_tid);
01984 return(-RSBAC_EPERM);
01985 }
01986
01987 /* OK, all checks done. Now change data. */
01988 /* First remove ticket to prevent repeated calls. */
01989 rsbac_pm_remove_target(ta_number,PMT_TKT,pm_tid);
01990
01991 /* try to set role */
01992 tid.user = param.set_role.user;
01993 attr_val.pm_role = param.set_role.role;
01994 return(rsbac_ta_set_attr(ta_number,
01995 PM,
01996 T_USER,
01997 tid,
01998 A_pm_role,
01999 attr_val));
02000
02001 case PF_set_object_class:
02002 if(role != PR_security_officer)
02003 return(-RSBAC_EPERM);
02004
02005 /* get ticket data, deny, if not found */
02006 pm_tid.tkt = tkt;
02007 if((error = rsbac_pm_get_all_data(ta_number,
02008 PMT_TKT,
02009 pm_tid,
02010 &all_data)))
02011 { /* returns error -RSBAC_EINVALIDTARGET (old ds) or ENOTFOUND, if not found */
02012 if( (error != -RSBAC_EINVALIDTARGET)
02013 && (error != -RSBAC_ENOTFOUND)
02014 )
02015 printk(KERN_WARNING
02016 "rsbac_pm(): rsbac_pm_get_all_data() for ticket returned error %i",
02017 error);
02018 return(-RSBAC_EPERM); /* execution denied */
02019 }
02020 /* get file id */
02021 if ((error = pm_get_file(param.set_object_class.filename, &target, &tid)) < 0)
02022 {
02023 #ifdef CONFIG_RSBAC_DEBUG
02024 if (rsbac_debug_aef_pm)
02025 printk(KERN_DEBUG
02026 "rsbac_pm(): call to pm_get_file() returned error %i\n",
02027 error);
02028 #endif
02029 return(-RSBAC_EINVALIDTARGET);
02030 }
02031 /* target must be file */
02032 if( (target != T_FILE)
02033 && (target != T_FIFO)
02034 )
02035 return(-RSBAC_EINVALIDTARGET);
02036 file=tid.file;
02037 /* check ticket entries */
02038 if( (all_data.tkt.function_type != PTF_set_object_class)
02039 || (RSBAC_MAJOR(all_data.tkt.function_param.tkt_set_object_class.file.device)
02040 != RSBAC_MAJOR(file.device))
02041 || (RSBAC_MINOR(all_data.tkt.function_param.tkt_set_object_class.file.device)
02042 != RSBAC_MINOR(file.device))
02043 || (all_data.tkt.function_param.tkt_set_object_class.file.inode
02044 != file.inode)
02045 || (all_data.tkt.function_param.tkt_set_object_class.object_class
02046 != param.set_object_class.object_class) )
02047 return(-RSBAC_EPERM);
02048
02049 /* get ticket issuer role */
02050 tid.user = all_data.tkt.issuer;
02051 if((error = rsbac_ta_get_attr(ta_number,
02052 PM,
02053 T_USER,
02054 tid,
02055 A_pm_role,
02056 &attr_val,
02057 TRUE)))
02058 {
02059 printk(KERN_WARNING
02060 "rsbac_pm(): rsbac_get_attr() for USER/pm_role returned error %i",
02061 error);
02062 return(-RSBAC_EREADFAILED); /* execution denied */
02063 }
02064
02065 if(attr_val.pm_role != PR_data_protection_officer)
02066 {
02067 /* illegal issuer -> delete ticket */
02068 rsbac_pm_remove_target(ta_number,PMT_TKT,pm_tid);
02069 return(-RSBAC_EPERM);
02070 }
02071
02072 /* get old pm_object_type */
02073 tid.file = file;
02074 if((error = rsbac_ta_get_attr(ta_number,
02075 PM,
02076 target,
02077 tid,
02078 A_pm_object_type,
02079 &attr_val,
02080 FALSE)))
02081 {
02082 printk(KERN_WARNING
02083 "rsbac_pm(): rsbac_get_attr() for FILE/FIFO/pm_object_type returned error %i",
02084 error);
02085 return(-RSBAC_EREADFAILED); /* execution denied */
02086 }
02087
02088 switch(attr_val.pm_object_type)
02089 {
02090 case PO_personal_data:
02091 case PO_none:
02092 case PO_non_personal_data:
02093 break;
02094 default:
02095 return(-RSBAC_EPERM);
02096 }
02097
02098 /* OK, all checks done. Now change data. */
02099 /* First remove ticket to prevent repeated calls. */
02100 rsbac_pm_remove_target(ta_number,PMT_TKT,pm_tid);
02101
02102 /* set new pm_object_type */
02103 if(param.set_object_class.object_class)
02104 attr_val.pm_object_type = PO_personal_data;
02105 else
02106 attr_val.pm_object_type = PO_non_personal_data;
02107 if((error = rsbac_ta_set_attr(ta_number,
02108 PM,
02109 target,
02110 tid,
02111 A_pm_object_type,
02112 attr_val)))
02113 {
02114 printk(KERN_WARNING
02115 "rsbac_pm(): rsbac_set_attr() for FILE/pm_object_type returned error %i",
02116 error);
02117 return(-RSBAC_EWRITEFAILED);
02118 }
02119 /* set new pm_object_class */
02120 attr_val.pm_object_class = param.set_object_class.object_class;
02121 if((error = rsbac_ta_set_attr(ta_number,
02122 PM,
02123 target,
02124 tid,
02125 A_pm_object_class,
02126 attr_val)))
02127 {
02128 printk(KERN_WARNING
02129 "rsbac_pm(): rsbac_set_attr() for FILE/pm_object_type returned error %i",
02130 error);
02131 return(-RSBAC_EWRITEFAILED);
02132 }
02133 /* ready */
02134 return(0);
02135
02136 #ifdef CONFIG_RSBAC_SWITCH_PM
02137 case PF_switch_pm:
02138 /* only values 0 and 1 are allowed */
02139 if(param.switch_pm.value && (param.switch_pm.value != 1))
02140 return(-RSBAC_EINVALIDVALUE);
02141 if(role != PR_security_officer)
02142 return(-RSBAC_EPERM);
02143
02144 /* get ticket data, deny, if not found */
02145 pm_tid.tkt = tkt;
02146 if((error = rsbac_pm_get_all_data(ta_number,
02147 PMT_TKT,
02148 pm_tid,
02149 &all_data)))
02150 { /* returns error -RSBAC_EINVALIDTARGET (old ds) or ENOTFOUND, if not found */
02151 if( (error != -RSBAC_EINVALIDTARGET)
02152 && (error != -RSBAC_ENOTFOUND)
02153 )
02154 printk(KERN_WARNING
02155 "rsbac_pm(): rsbac_pm_get_all_data() for ticket returned error %i",
02156 error);
02157 return(-RSBAC_EPERM); /* execution denied */
02158 }
02159 /* check ticket entries */
02160 if( (all_data.tkt.function_type != PTF_switch_pm)
02161 || (all_data.tkt.function_param.switch_pm.value
02162 != param.switch_pm.value))
02163 return(-RSBAC_EPERM);
02164
02165 /* get ticket issuer role */
02166 tid.user = all_data.tkt.issuer;
02167 if((error = rsbac_ta_get_attr(ta_number,
02168 PM,
02169 T_USER,
02170 tid,
02171 A_pm_role,
02172 &attr_val,
02173 TRUE)))
02174 {
02175 printk(KERN_WARNING
02176 "rsbac_pm(): rsbac_get_attr() for USER/pm_role returned error %i",
02177 error);
02178 return(-RSBAC_EREADFAILED); /* execution denied */
02179 }
02180
02181 if(attr_val.pm_role != PR_data_protection_officer)
02182 {
02183 /* illegal issuer -> delete ticket */
02184 rsbac_pm_remove_target(ta_number,PMT_TKT,pm_tid);
02185 return(-RSBAC_EPERM);
02186 }
02187
02188 /* OK, all checks done. Now change data. */
02189 /* First remove ticket to prevent repeated calls. */
02190 rsbac_pm_remove_target(ta_number,PMT_TKT,pm_tid);
02191
02192 /* switch pm-module */
02193 printk(KERN_WARNING "sys_rsbac_switch(): switching RSBAC module PM (No. %i) to %i!\n",
02194 PM, param.switch_pm.value);
02195 rsbac_switch_pm = param.switch_pm.value;
02196 return(0);
02197
02198 #endif
02199 #ifdef CONFIG_RSBAC_SWITCH_AUTH
02200 case PF_switch_auth:
02201 /* only values 0 and 1 are allowed */
02202 if(param.switch_auth.value && (param.switch_auth.value != 1))
02203 return(-RSBAC_EINVALIDVALUE);
02204 if(role != PR_security_officer)
02205 return(-RSBAC_EPERM);
02206
02207 /* get ticket data, deny, if not found */
02208 pm_tid.tkt = tkt;
02209 if((error = rsbac_pm_get_all_data(ta_number,
02210 PMT_TKT,
02211 pm_tid,
02212 &all_data)))
02213 { /* returns error -RSBAC_EINVALIDTARGET (old ds) or ENOTFOUND, if not found */
02214 if( (error != -RSBAC_EINVALIDTARGET)
02215 && (error != -RSBAC_ENOTFOUND)
02216 )
02217 printk(KERN_WARNING
02218 "rsbac_pm(): rsbac_pm_get_all_data() for ticket returned error %i",
02219 error);
02220 return(-RSBAC_EPERM); /* execution denied */
02221 }
02222 /* check ticket entries */
02223 if( (all_data.tkt.function_type != PTF_switch_auth)
02224 || (all_data.tkt.function_param.switch_auth.value
02225 != param.switch_auth.value))
02226 return(-RSBAC_EPERM);
02227
02228 /* get ticket issuer role */
02229 tid.user = all_data.tkt.issuer;
02230 if((error = rsbac_ta_get_attr(ta_number,
02231 PM,
02232 T_USER,
02233 tid,
02234 A_pm_role,
02235 &attr_val,
02236 TRUE)))
02237 {
02238 printk(KERN_WARNING
02239 "rsbac_pm(): rsbac_get_attr() for USER/pm_role returned error %i",
02240 error);
02241 return(-RSBAC_EREADFAILED); /* execution denied */
02242 }
02243
02244 if(attr_val.pm_role != PR_data_protection_officer)
02245 {
02246 /* illegal issuer -> delete ticket */
02247 rsbac_pm_remove_target(ta_number,PMT_TKT,pm_tid);
02248 return(-RSBAC_EPERM);
02249 }
02250
02251 /* OK, all own checks done. Call ADF for other modules. */
02252 #ifdef CONFIG_RSBAC_DEBUG
02253 if (rsbac_debug_aef_pm)
02254 printk(KERN_DEBUG "rsbac_pm(): calling ADF int\n");
02255 #endif
02256 tid.dummy = 0;
02257 attr_val.switch_target = AUTH;
02258 if (!rsbac_adf_request_int(R_SWITCH_MODULE,
02259 current->pid,
02260 T_NONE,
02261 &tid,
02262 A_switch_target,
02263 &attr_val,
02264 PM))
02265 {
02266 return -EPERM;
02267 }
02268
02269 /* First remove ticket to prevent repeated calls. */
02270 rsbac_pm_remove_target(ta_number,PMT_TKT,pm_tid);
02271
02272 /* switch auth module */
02273 printk(KERN_WARNING "sys_rsbac_pm/switch(): switching RSBAC module AUTH (No. %i) to %i!\n",
02274 AUTH, param.switch_auth.value);
02275 rsbac_switch_auth = param.switch_auth.value;
02276 return(0);
02277 #endif /* SWITCH_AUTH */
02278
02279 case PF_set_device_object_type:
02280 if(role != PR_security_officer)
02281 return(-RSBAC_EPERM);
02282
02283 /* get ticket data, deny, if not found */
02284 pm_tid.tkt = tkt;
02285 if((error = rsbac_pm_get_all_data(ta_number,
02286 PMT_TKT,
02287 pm_tid,
02288 &all_data)))
02289 { /* returns error -RSBAC_EINVALIDTARGET (old ds) or ENOTFOUND, if not found */
02290 if( (error != -RSBAC_EINVALIDTARGET)
02291 && (error != -RSBAC_ENOTFOUND)
02292 )
02293 printk(KERN_WARNING
02294 "rsbac_pm(): rsbac_pm_get_all_data() for ticket returned error %i",
02295 error);
02296 return(-RSBAC_EPERM); /* execution denied */
02297 }
02298 /* get file id */
02299 if ((error = pm_get_file(param.set_device_object_type.filename, &target, &tid)) < 0)
02300 {
02301 #ifdef CONFIG_RSBAC_DEBUG
02302 if (rsbac_debug_aef_pm)
02303 printk(KERN_DEBUG
02304 "rsbac_pm(): call to pm_get_file() returned error %i\n",
02305 error);
02306 #endif
02307 return(-RSBAC_EINVALIDTARGET);
02308 }
02309 /* target must be dev */
02310 if(target != T_DEV)
02311 return(-RSBAC_EINVALIDTARGET);
02312 dev=tid.dev;
02313 /* check ticket entries */
02314 if( (all_data.tkt.function_type != PTF_set_device_object_type)
02315 || (all_data.tkt.function_param.tkt_set_device_object_type.dev.type
02316 != dev.type)
02317 || (all_data.tkt.function_param.tkt_set_device_object_type.dev.major
02318 != dev.major)
02319 || (all_data.tkt.function_param.tkt_set_device_object_type.dev.minor
02320 != dev.minor)
02321 || (all_data.tkt.function_param.tkt_set_device_object_type.object_type
02322 != param.set_device_object_type.object_type)
02323 || (all_data.tkt.function_param.tkt_set_device_object_type.object_class
02324 != param.set_device_object_type.object_class) )
02325 return(-RSBAC_EPERM);
02326
02327 /* get ticket issuer role */
02328 tid.user = all_data.tkt.issuer;
02329 if((error = rsbac_ta_get_attr(ta_number,
02330 PM,
02331 T_USER,
02332 tid,
02333 A_pm_role,
02334 &attr_val,
02335 TRUE)))
02336 {
02337 printk(KERN_WARNING
02338 "rsbac_pm(): rsbac_get_attr() for USER/pm_role returned error %i",
02339 error);
02340 return(-RSBAC_EREADFAILED); /* execution denied */
02341 }
02342
02343 if(attr_val.pm_role != PR_data_protection_officer)
02344 {
02345 /* illegal issuer -> delete ticket */
02346 rsbac_pm_remove_target(ta_number,PMT_TKT,pm_tid);
02347 return(-RSBAC_EPERM);
02348 }
02349
02350 switch(param.set_device_object_type.object_type)
02351 {
02352 case PO_personal_data:
02353 case PO_none:
02354 case PO_TP:
02355 case PO_non_personal_data:
02356 break;
02357 default:
02358 return(-RSBAC_EINVALIDVALUE);
02359 }
02360
02361 /* OK, all checks done. Now change data. */
02362 /* First remove ticket to prevent repeated calls. */
02363 rsbac_pm_remove_target(ta_number,PMT_TKT,pm_tid);
02364
02365 /* set new pm_object_type */
02366 tid.dev = dev;
02367 attr_val.pm_object_type = param.set_device_object_type.object_type;
02368 if((error = rsbac_ta_set_attr(ta_number,
02369 PM,
02370 T_DEV,
02371 tid,
02372 A_pm_object_type,
02373 attr_val)))
02374 {
02375 printk(KERN_WARNING
02376 "rsbac_pm(): rsbac_set_attr() for DEV/pm_object_type returned error %i",
02377 error);
02378 return(-RSBAC_EWRITEFAILED);
02379 }
02380 /* set new pm_object_class */
02381 attr_val.pm_object_class = param.set_device_object_type.object_class;
02382 if((error = rsbac_ta_set_attr(ta_number,
02383 PM,
02384 T_DEV,
02385 tid,
02386 A_pm_object_class,
02387 attr_val)))
02388 {
02389 printk(KERN_WARNING
02390 "rsbac_pm(): rsbac_set_attr() for DEV/pm_object_class returned error %i",
02391 error);
02392 return(-RSBAC_EWRITEFAILED);
02393 }
02394 /* ready */
02395 return(0);
02396
02397 case PF_set_auth_may_setuid:
02398 if(role != PR_security_officer)
02399 return(-RSBAC_EPERM);
02400
02401 /* get ticket data, deny, if not found */
02402 pm_tid.tkt = tkt;
02403 if((error = rsbac_pm_get_all_data(ta_number,
02404 PMT_TKT,
02405 pm_tid,
02406 &all_data)))
02407 { /* returns error -RSBAC_EINVALIDTARGET (old ds) or ENOTFOUND, if not found */
02408 if( (error != -RSBAC_EINVALIDTARGET)
02409 && (error != -RSBAC_ENOTFOUND)
02410 )
02411 printk(KERN_WARNING
02412 "rsbac_pm(): rsbac_pm_get_all_data() for ticket returned error %i",
02413 error);
02414 return(-RSBAC_EPERM); /* execution denied */
02415 }
02416 /* get file id */
02417 if ((error = pm_get_file(param.set_auth_may_setuid.filename, &target, &tid)) < 0)
02418 {
02419 #ifdef CONFIG_RSBAC_DEBUG
02420 if (rsbac_debug_aef_pm)
02421 printk(KERN_DEBUG
02422 "rsbac_pm(): call to pm_get_file() returned error %i\n",
02423 error);
02424 #endif
02425 return(-RSBAC_EINVALIDTARGET);
02426 }
02427 /* target must be file */
02428 if( (target != T_FILE)
02429 && (target != T_FIFO)
02430 )
02431 return(-RSBAC_EINVALIDTARGET);
02432 file=tid.file;
02433 /* check ticket entries */
02434 if( (all_data.tkt.function_type != PTF_set_auth_may_setuid)
02435 || (RSBAC_MAJOR(all_data.tkt.function_param.tkt_set_auth_may_setuid.file.device)
02436 != RSBAC_MAJOR(file.device))
02437 || (RSBAC_MINOR(all_data.tkt.function_param.tkt_set_auth_may_setuid.file.device)
02438 != RSBAC_MINOR(file.device))
02439 || (all_data.tkt.function_param.tkt_set_auth_may_setuid.file.inode
02440 != file.inode)
02441 || (all_data.tkt.function_param.tkt_set_auth_may_setuid.value
02442 != param.set_auth_may_setuid.value)
02443 )
02444 return(-RSBAC_EPERM);
02445
02446 /* get ticket issuer role */
02447 tid.user = all_data.tkt.issuer;
02448 if((error = rsbac_ta_get_attr(ta_number,
02449 PM,
02450 T_USER,
02451 tid,
02452 A_pm_role,
02453 &attr_val,
02454 TRUE)))
02455 {
02456 printk(KERN_WARNING
02457 "rsbac_pm(): rsbac_get_attr() for USER/pm_role returned error %i",
02458 error);
02459 return(-RSBAC_EREADFAILED); /* execution denied */
02460 }
02461
02462 if(attr_val.pm_role != PR_data_protection_officer)
02463 {
02464 /* illegal issuer -> delete ticket */
02465 rsbac_pm_remove_target(ta_number,PMT_TKT,pm_tid);
02466 return(-RSBAC_EPERM);
02467 }
02468
02469 switch(param.set_auth_may_setuid.value)
02470 {
02471 case FALSE:
02472 case TRUE:
02473 break;
02474 default:
02475 return(-RSBAC_EINVALIDVALUE);
02476 }
02477 /* OK, all own checks done. Call ADF for other modules. */
02478 #ifdef CONFIG_RSBAC_DEBUG
02479 if (rsbac_debug_aef_pm)
02480 printk(KERN_DEBUG "rsbac_pm(): calling ADF int\n");
02481 #endif
02482 tid.file = file;
02483 attr_val.auth_may_setuid = param.set_auth_may_setuid.value;
02484 if (!rsbac_adf_request_int(R_MODIFY_ATTRIBUTE,
02485 current->pid,
02486 T_FILE,
02487 &tid,
02488 A_auth_may_setuid,
02489 &attr_val,
02490 PM))
02491 {
02492 return -EPERM;
02493 }
02494
02495 /* OK, all checks done. Now change data. */
02496 /* First remove ticket to prevent repeated calls. */
02497 rsbac_pm_remove_target(ta_number,PMT_TKT,pm_tid);
02498
02499 /* set new auth_may_setuid */
02500 if((error = rsbac_ta_set_attr(ta_number,
02501 AUTH,
02502 T_FILE,
02503 tid,
02504 A_auth_may_setuid,
02505 attr_val)))
02506 {
02507 printk(KERN_WARNING
02508 "rsbac_pm(): rsbac_set_attr() for FILE/auth_may_setuid returned error %i",
02509 error);
02510 return(-RSBAC_EWRITEFAILED);
02511 }
02512 /* ready */
02513 return(0);
02514
02515 case PF_set_auth_may_set_cap:
02516 if(role != PR_security_officer)
02517 return(-RSBAC_EPERM);
02518
02519 /* get ticket data, deny, if not found */
02520 pm_tid.tkt = tkt;
02521 if((error = rsbac_pm_get_all_data(ta_number,
02522 PMT_TKT,
02523 pm_tid,
02524 &all_data)))
02525 { /* returns error -RSBAC_EINVALIDTARGET (old ds) or ENOTFOUND, if not found */
02526 if( (error != -RSBAC_EINVALIDTARGET)
02527 && (error != -RSBAC_ENOTFOUND)
02528 )
02529 printk(KERN_WARNING
02530 "rsbac_pm(): rsbac_pm_get_all_data() for ticket returned error %i",
02531 error);
02532 return(-RSBAC_EPERM); /* execution denied */
02533 }
02534 /* get file id */
02535 if ((error = pm_get_file(param.set_auth_may_set_cap.filename, &target, &tid)) < 0)
02536 {
02537 #ifdef CONFIG_RSBAC_DEBUG
02538 if (rsbac_debug_aef_pm)
02539 printk(KERN_DEBUG
02540 "rsbac_pm(): call to pm_get_file() returned error %i\n",
02541 error);
02542 #endif
02543 return(-RSBAC_EINVALIDTARGET);
02544 }
02545 /* target must be file */
02546 if(target != T_FILE)
02547 return(-RSBAC_EINVALIDTARGET);
02548 file=tid.file;
02549 /* check ticket entries */
02550 if( (all_data.tkt.function_type != PTF_set_auth_may_set_cap)
02551 || (RSBAC_MAJOR(all_data.tkt.function_param.tkt_set_auth_may_set_cap.file.device)
02552 != RSBAC_MAJOR(file.device))
02553 || (RSBAC_MINOR(all_data.tkt.function_param.tkt_set_auth_may_set_cap.file.device)
02554 != RSBAC_MINOR(file.device))
02555 || (all_data.tkt.function_param.tkt_set_auth_may_set_cap.file.inode
02556 != file.inode)
02557 || (all_data.tkt.function_param.tkt_set_auth_may_set_cap.value
02558 != param.set_auth_may_set_cap.value)
02559 )
02560 return(-RSBAC_EPERM);
02561
02562 /* get ticket issuer role */
02563 tid.user = all_data.tkt.issuer;
02564 if((error = rsbac_ta_get_attr(ta_number,
02565 PM,
02566 T_USER,
02567 tid,
02568 A_pm_role,
02569 &attr_val,
02570 TRUE)))
02571 {
02572 printk(KERN_WARNING
02573 "rsbac_pm(): rsbac_get_attr() for USER/pm_role returned error %i",
02574 error);
02575 return(-RSBAC_EREADFAILED); /* execution denied */
02576 }
02577
02578 if(attr_val.pm_role != PR_data_protection_officer)
02579 {
02580 /* illegal issuer -> delete ticket */
02581 rsbac_pm_remove_target(ta_number,PMT_TKT,pm_tid);
02582 return(-RSBAC_EPERM);
02583 }
02584
02585 switch(param.set_auth_may_set_cap.value)
02586 {
02587 case FALSE:
02588 case TRUE:
02589 break;
02590 default:
02591 return(-RSBAC_EINVALIDVALUE);
02592 }
02593 /* OK, all own checks done. Call ADF for other modules. */
02594 #ifdef CONFIG_RSBAC_DEBUG
02595 if (rsbac_debug_aef_pm)
02596 printk(KERN_DEBUG "rsbac_pm(): calling ADF int\n");
02597 #endif
02598 tid.file = file;
02599 attr_val.auth_may_set_cap = param.set_auth_may_set_cap.value;
02600 if (!rsbac_adf_request_int(R_MODIFY_ATTRIBUTE,
02601 current->pid,
02602 T_FILE,
02603 &tid,
02604 A_auth_may_set_cap,
02605 &attr_val,
02606 PM))
02607 {
02608 return -EPERM;
02609 }
02610
02611 /* OK, all checks done. Now change data. */
02612 /* First remove ticket to prevent repeated calls. */
02613 rsbac_pm_remove_target(ta_number,PMT_TKT,pm_tid);
02614
02615 /* set new auth_may_set_cap */
02616 if((error = rsbac_ta_set_attr(ta_number,
02617 AUTH,
02618 T_FILE,
02619 tid,
02620 A_auth_may_set_cap,
02621 attr_val)))
02622 {
02623 printk(KERN_WARNING
02624 "rsbac_pm(): rsbac_set_attr() for FILE/auth_may_set_cap returned error %i",
02625 error);
02626 return(-RSBAC_EWRITEFAILED);
02627 }
02628 /* ready */
02629 return(0);
02630
02631
02632 /************/
02633
02634 case PF_add_authorized_task:
02635 /* task_id 0 is used internally, reject */
02636 if(!param.add_authorized_task.task)
02637 return(-RSBAC_EINVALIDVALUE);
02638 if(role != PR_security_officer)
02639 {
02640 #ifdef CONFIG_RSBAC_DEBUG
02641 if(rsbac_debug_aef_pm)
02642 printk(KERN_DEBUG
02643 "rsbac_pm(): caller of add_authorized_task is not SO\n");
02644 #endif
02645 return(-RSBAC_EPERM);
02646 }
02647
02648 /* get ticket data, deny, if not found */
02649 pm_tid.tkt = tkt;
02650 if((error = rsbac_pm_get_all_data(ta_number,
02651 PMT_TKT,
02652 pm_tid,
02653 &all_data)))
02654 { /* returns error -RSBAC_EINVALIDTARGET (old ds) or ENOTFOUND, if not found */
02655 if( (error != -RSBAC_EINVALIDTARGET)
02656 && (error != -RSBAC_ENOTFOUND)
02657 )
02658 printk(KERN_WARNING
02659 "rsbac_pm(): rsbac_pm_get_all_data() for ticket returned error %i\n",
02660 error);
02661 return(-RSBAC_EPERM); /* execution denied */
02662 }
02663 /* check ticket entries */
02664 if( (all_data.tkt.function_type != PTF_add_authorized_task)
02665 || (all_data.tkt.function_param.add_authorized_task.user
02666 != param.add_authorized_task.user)
02667 || (all_data.tkt.function_param.add_authorized_task.task
02668 != param.add_authorized_task.task) )
02669 {
02670 #ifdef CONFIG_RSBAC_DEBUG
02671 if(rsbac_debug_aef_pm)
02672 {
02673 printk(KERN_DEBUG
02674 "rsbac_pm(): calling add_authorized_task with invalid ticket\n");
02675 printk(KERN_DEBUG
02676 "rsbac_pm(): tkt-task: %i, tkt-user: %i, call-task: %i, call-user: %i\n",
02677 all_data.tkt.function_param.add_authorized_task.user,
02678 all_data.tkt.function_param.add_authorized_task.task,
02679 param.add_authorized_task.task,
02680 param.add_authorized_task.user);
02681 }
02682 #endif
02683 return(-RSBAC_EPERM);
02684 }
02685
02686 /* check, whether task exists */
02687 pm_tid2.task = param.add_authorized_task.task;
02688 if(!rsbac_pm_exists(ta_number,
02689 PMT_TASK,
02690 pm_tid2))
02691 {
02692 #ifdef CONFIG_RSBAC_DEBUG
02693 if(rsbac_debug_aef_pm)
02694 printk(KERN_DEBUG
02695 "rsbac_pm(): calling add_authorized_task with invalid task id\n");
02696 #endif
02697 return(-RSBAC_EINVALIDVALUE);
02698 }
02699
02700 /* get ticket issuer role */
02701 tid.user = all_data.tkt.issuer;
02702 if((error = rsbac_ta_get_attr(ta_number,
02703 PM,
02704 T_USER,
02705 tid,
02706 A_pm_role,
02707 &attr_val,
02708 TRUE)))
02709 {
02710 printk(KERN_WARNING
02711 "rsbac_pm(): rsbac_get_attr() for USER/pm_role returned error %i\n",
02712 error);
02713 return(-RSBAC_EREADFAILED); /* execution denied */
02714 }
02715
02716 if(attr_val.pm_role != PR_data_protection_officer)
02717 { /* no dpo? -> responsible user? */
02718 /* get ru_set_id for this task */
02719 pm_tid.task = param.add_authorized_task.task;
02720 if((error = rsbac_pm_get_data(ta_number,
02721 PMT_TASK,
02722 pm_tid,
02723 PD_ru_set,
02724 &data_val)))
02725 return(-RSBAC_EREADFAILED);
02726 /* if ru_set is 0, there is no responsible user -> error */
02727 if(!data_val.ru_set)
02728 {
02729 /* illegal issuer -> delete ticket */
02730 rsbac_pm_remove_target(ta_number,PMT_TKT,pm_tid);
02731 #ifdef CONFIG_RSBAC_DEBUG
02732 if(rsbac_debug_aef_pm)
02733 printk(KERN_DEBUG
02734 "rsbac_pm(): calling add_authorized_task with invalid ticket issuer (no set)\n");
02735 #endif
02736 return(-RSBAC_EPERM);
02737 }
02738 /* check, whether issuer is responsible user for this task */
02739 pm_set_id.ru_set = data_val.ru_set;
02740 pm_set_member.ru = all_data.tkt.issuer;
02741 if(!rsbac_pm_set_member(ta_number,PS_RU,pm_set_id,pm_set_member))
02742 {
02743 /* illegal issuer -> delete ticket */
02744 rsbac_pm_remove_target(ta_number,PMT_TKT,pm_tid);
02745 #ifdef CONFIG_RSBAC_DEBUG
02746 if(rsbac_debug_aef_pm)
02747 printk(KERN_DEBUG
02748 "rsbac_pm(): calling add_authorized_task with invalid ticket issuer\n");
02749 #endif
02750 return(-RSBAC_EPERM);
02751 }
02752 }
02753
02754 /* OK, all checks done. Now change data. */
02755 /* First remove ticket to prevent repeated calls. */
02756 rsbac_pm_remove_target(ta_number,PMT_TKT,pm_tid);
02757 /* try to add task to task_set of user */
02758 /* lookup task_set_id for this user */
02759 tid.user = param.add_authorized_task.user;
02760 if((error = rsbac_ta_get_attr(ta_number,
02761 PM,
02762 T_USER,
02763 tid,
02764 A_pm_task_set,
02765 &attr_val,
02766 FALSE)))
02767 return(-RSBAC_EREADFAILED);
02768 /* if pm_task_set is 0, it must be created and notified to task-data */
02769 if(!attr_val.pm_task_set)
02770 { /* set task_set_id to user-id */
02771 pm_set_id.task_set = param.add_authorized_task.user;
02772 /* 0 is reserved -> take another one for root */
02773 if(!pm_set_id.task_set)
02774 pm_set_id.task_set = RSBAC_PM_ROOT_TASK_SET_ID;
02775 if((error = rsbac_pm_create_set(ta_number,
02776 PS_TASK,
02777 pm_set_id)))
02778 return(error);
02779 attr_val.pm_task_set = pm_set_id.task_set;
02780 if((error = rsbac_ta_set_attr(ta_number,
02781 PM,
02782 T_USER,
02783 tid,
02784 A_pm_task_set,
02785 attr_val)))
02786 return(-RSBAC_EWRITEFAILED);
02787 }
02788
02789 /* now that we know the set exists, try to add task to it */
02790 pm_set_id.task_set = attr_val.pm_task_set;
02791 pm_set_member.task = param.add_authorized_task.task;
02792 if(rsbac_pm_add_to_set(ta_number,PS_TASK,pm_set_id,pm_set_member))
02793 return(-RSBAC_EWRITEFAILED);
02794 else
02795 /* ready */
02796 return(0);
02797
02798 case PF_delete_authorized_task:
02799 /* task_id 0 is used internally, reject */
02800 if(!param.delete_authorized_task.task)
02801 return(-RSBAC_EINVALIDVALUE);
02802 if(role != PR_security_officer)
02803 return(-RSBAC_EPERM);
02804
02805 /* get ticket data, deny, if not found */
02806 pm_tid.tkt = tkt;
02807 if((error = rsbac_pm_get_all_data(ta_number,
02808 PMT_TKT,
02809 pm_tid,
02810 &all_data)))
02811 { /* returns error -RSBAC_EINVALIDTARGET (old ds) or ENOTFOUND, if not found */
02812 if( (error != -RSBAC_EINVALIDTARGET)
02813 && (error != -RSBAC_ENOTFOUND)
02814 )
02815 printk(KERN_WARNING
02816 "rsbac_pm(): rsbac_pm_get_all_data() for ticket returned error %i",
02817 error);
02818 return(-RSBAC_EPERM); /* execution denied */
02819 }
02820 /* check ticket entries */
02821 if( (all_data.tkt.function_type != PTF_delete_authorized_task)
02822 || (all_data.tkt.function_param.delete_authorized_task.user
02823 != param.delete_authorized_task.user)
02824 || (all_data.tkt.function_param.delete_authorized_task.task
02825 != param.delete_authorized_task.task) )
02826 return(-RSBAC_EPERM);
02827
02828 /* get ticket issuer role */
02829 tid.user = all_data.tkt.issuer;
02830 if((error = rsbac_ta_get_attr(ta_number,
02831 PM,
02832 T_USER,
02833 tid,
02834 A_pm_role,
02835 &attr_val,
02836 TRUE)))
02837 {
02838 printk(KERN_WARNING
02839 "rsbac_pm(): rsbac_get_attr() for USER/pm_role returned error %i",
02840 error);
02841 return(-RSBAC_EREADFAILED); /* execution denied */
02842 }
02843
02844 if(attr_val.pm_role != PR_data_protection_officer)
02845 {
02846 /* illegal issuer -> delete ticket */
02847 rsbac_pm_remove_target(ta_number,PMT_TKT,pm_tid);
02848 return(-RSBAC_EPERM);
02849 }
02850
02851 /* OK, all checks done. Now change data. */
02852 /* First remove ticket to prevent repeated calls. */
02853 rsbac_pm_remove_target(ta_number,PMT_TKT,pm_tid);
02854 /* try to remove task from task_set of user */
02855 /* lookup task_set_id for this user */
02856 tid.user = param.delete_authorized_task.user;
02857 if((error = rsbac_ta_get_attr(ta_number,
02858 PM,
02859 T_USER,
02860 tid,
02861 A_pm_task_set,
02862 &attr_val,
02863 FALSE)))
02864 return(-RSBAC_EREADFAILED);
02865 /* if pm_task_set is 0, there is no task to be deleted -> error */
02866 if(!attr_val.pm_task_set)
02867 return(-RSBAC_EINVALIDVALUE);
02868
02869 /* now that we know the set exists, try to remove task from it */
02870 pm_set_id.task_set = attr_val.pm_task_set;
02871 pm_set_member.task = param.delete_authorized_tp.task;
02872 if(rsbac_pm_remove_from_set(ta_number,PS_TASK,pm_set_id,pm_set_member))
02873 return(-RSBAC_EWRITEFAILED);
02874 else
02875 /* ready */
02876 return(0);
02877
02878
02879 /************/
02880
02881 case PF_create_tp:
02882 /* tp_id 0 is used internally, reject */
02883 if(!param.create_tp.id)
02884 return(-RSBAC_EINVALIDVALUE);
02885 if(role != PR_tp_manager)
02886 return(-RSBAC_EPERM);
02887
02888 /* OK, all checks done. Now change data. */
02889 /* try to add tp */
02890 all_data.tp.id = param.create_tp.id;
02891 return(rsbac_pm_add_target(ta_number,PMT_TP,all_data));
02892
02893 case PF_delete_tp:
02894 /* tp_id 0 is used internally, reject */
02895 if(!param.delete_tp.id)
02896 return(-RSBAC_EINVALIDVALUE);
02897 if(role != PR_tp_manager)
02898 return(-RSBAC_EPERM);
02899
02900 /* OK, all checks done. Now change data. */
02901
02902 /* try to delete tp */
02903 pm_tid.tp = param.delete_tp.id;
02904 return(rsbac_pm_remove_target(ta_number,PMT_TP,pm_tid));
02905
02906 case PF_set_tp:
02907 /* tp_id 0 means set to non-tp, do NOT reject here */
02908 if(role != PR_tp_manager)
02909 return(-RSBAC_EPERM);
02910
02911 /* if tp != 0, check, whether it is valid */
02912 if(param.set_tp.tp)
02913 {
02914 pm_tid.tp = param.set_tp.tp;
02915 if(!rsbac_pm_exists(ta_number,PMT_TP,pm_tid))
02916 return(-RSBAC_EINVALIDVALUE);
02917 }
02918
02919 /* get file id */
02920 if ((error = pm_get_file(param.set_tp.filename,
02921 &target,
02922 &tid)))
02923 {
02924 #ifdef CONFIG_RSBAC_DEBUG
02925 if (rsbac_debug_aef_pm)
02926 printk(KERN_DEBUG
02927 "rsbac_pm(): call to pm_get_file() returned error %i\n",
02928 error);
02929 #endif
02930 return(-RSBAC_EINVALIDTARGET);
02931 }
02932 /* target must be file */
02933 if(target != T_FILE)
02934 return(-RSBAC_EINVALIDTARGET);
02935 file=tid.file;
02936 /* get old object_type */
02937 if (rsbac_ta_get_attr(ta_number,
02938 PM,
02939 T_FILE,
02940 tid,
02941 A_pm_object_type,
02942 &attr_val,
02943 FALSE))
02944 {
02945 printk(KERN_WARNING "rsbac_pm(): rsbac_get_attr() returned error!\n");
02946 return(-RSBAC_EREADFAILED);
02947 }
02948 /* if old OT is not to be changed here -> do not allow */
02949 if( (attr_val.pm_object_type != PO_TP)
02950 && (attr_val.pm_object_type != PO_none)
02951 && (attr_val.pm_object_type != PO_non_personal_data))
02952 return(-RSBAC_EINVALIDTARGET);
02953
02954 /* OK, all checks done. Now change data. */
02955 /* try to set OT*/
02956 if(param.set_tp.tp)
02957 attr_val.pm_object_type = PO_TP;
02958 else
02959 attr_val.pm_object_type = PO_none;
02960 if(rsbac_ta_set_attr(ta_number,
02961 PM,
02962 T_FILE,
02963 tid,
02964 A_pm_object_type,
02965 attr_val))
02966 {
02967 printk(KERN_WARNING "rsbac_pm(): rsbac_set_attr() returned error!\n");
02968 return(-RSBAC_EWRITEFAILED);
02969 }
02970 /* try to set tp-id*/
02971 attr_val.pm_tp = param.set_tp.tp;
02972 if (rsbac_ta_set_attr(ta_number,
02973 PM,
02974 T_FILE,
02975 tid,
02976 A_pm_tp,
02977 attr_val))
02978 {
02979 printk(KERN_WARNING "rsbac_pm(): rsbac_set_attr() returned error!\n");
02980 return(-RSBAC_EWRITEFAILED);
02981 }
02982 return(0);
02983
02984 /************/
02985
02986 default:
02987 return(-RSBAC_EINVALIDREQUEST);
02988 }
02989 } /* end of rsbac_pm() */
|
|
|
Definition at line 2993 of file pm_syscalls.c. References A_pm_current_task, A_pm_task_set, A_pm_tp, FALSE, rsbac_attribute_value_t::owner, PM, rsbac_attribute_value_t::pm_current_task, rsbac_attribute_value_t::pm_task_set, rsbac_attribute_value_t::pm_tp, rsbac_target_id_t::process, RSBAC_EINVALIDVALUE, RSBAC_ENOTINITIALIZED, RSBAC_EPERM, RSBAC_EREADFAILED, RSBAC_EWRITEFAILED, rsbac_get_attr, rsbac_is_initialized(), rsbac_pm_set_member(), rsbac_set_attr, T_PROCESS, T_USER, and rsbac_target_id_t::user. Referenced by sys_rsbac_pm_change_current_task(). 02994 {
02995 union rsbac_target_id_t tid;
02996 union rsbac_attribute_value_t attr_val;
02997 int error = 0;
02998 rsbac_uid_t owner;
02999 union rsbac_pm_set_id_t pm_set_id;
03000 union rsbac_pm_set_member_t pm_set_member;
03001
03002 /* No processing possible before init (called at boot time) */
03003 if (!rsbac_is_initialized())
03004 return(-RSBAC_ENOTINITIALIZED);
03005
03006 if(!task)
03007 return(-RSBAC_EINVALIDVALUE);
03008 #ifdef CONFIG_RSBAC_DEBUG
03009 if (rsbac_debug_aef_pm)
03010 printk(KERN_DEBUG
03011 "rsbac_pm_change_current_task(): called for task %i!\n",
03012 task);
03013 #endif
03014 /* getting current_tp of calling process from rsbac system */
03015 tid.process = current->pid;
03016 if((error = rsbac_get_attr(PM,T_PROCESS,
03017 tid,
03018 A_pm_tp,
03019 &attr_val,
03020 FALSE)))
03021 {
03022 printk(KERN_WARNING
03023 "rsbac_pm_change_current_task(): rsbac_get_attr() for pm_tp returned error %i",
03024 error);
03025 return(-RSBAC_EREADFAILED); /* something weird happened */
03026 }
03027 /* changing current_task for a tp is forbidden -> error */
03028 if(attr_val.pm_tp)
03029 {
03030 #ifdef CONFIG_RSBAC_DEBUG
03031 if(rsbac_debug_adf_pm)
03032 printk(KERN_DEBUG
03033 "rsbac_pm_change_current_task(): tried to change current_task for tp-process\n");
03034 #endif
03035 return(-RSBAC_EPERM);
03036 }
03037
03038 /* Getting basic information about caller */
03039 /* only useful for real process, not idle or init */
03040 if (current->pid > 1)
03041 owner = current->uid;
03042 else /* caller_pid <= 1 -> kernel or init are always owned by root */
03043 owner = 0;
03044
03045 /* getting owner's task_set_id (authorized tasks) from rsbac system */
03046 tid.user = owner;
03047 if((error = rsbac_get_attr(PM,T_USER,
03048 tid,
03049 A_pm_task_set,
03050 &attr_val,
03051 FALSE)))
03052 {
03053 printk(KERN_WARNING
03054 "rsbac_pm_change_current_task(): rsbac_get_attr() for pm_task_set returned error %i",
03055 error);
03056 return(-RSBAC_EREADFAILED); /* something weird happened */
03057 }
03058
03059 /* if there is no set of authorized tasks for owner: deny */
03060 if(!attr_val.pm_task_set)
03061 {
03062 #ifdef CONFIG_RSBAC_DEBUG
03063 if(rsbac_debug_adf_pm)
03064 printk(KERN_DEBUG
03065 "rsbac_pm_change_current_task(): process owner has no authorized task\n");
03066 #endif
03067 return(-RSBAC_EPERM);
03068 }
03069
03070 /* check, whether owner is authorized for this task */
03071 pm_set_id.task_set = attr_val.pm_task_set;
03072 pm_set_member.task = task;
03073 if(!rsbac_pm_set_member(0,PS_TASK,pm_set_id,pm_set_member))
03074 {
03075 #ifdef CONFIG_RSBAC_DEBUG
03076 if(rsbac_debug_adf_pm)
03077 printk(KERN_DEBUG
03078 "rsbac_pm_change_current_task(): process owner is not authorized for task\n");
03079 #endif
03080 return(-RSBAC_EPERM);
03081 }
03082
03083 /* OK, checks are passed. Change current_task for process. */
03084 tid.process = current->pid;
03085 attr_val.pm_current_task = task;
03086 if((error = rsbac_set_attr(PM,T_PROCESS,
03087 tid,
03088 A_pm_current_task,
03089 attr_val)))
03090 {
03091 printk(KERN_WARNING
03092 "rsbac_pm_change_current_task(): rsbac_set_attr() for pm_current_task returned error %i",
03093 error);
03094 return(-RSBAC_EWRITEFAILED); /* something weird happened */
03095 }
03096 return(0);
03097 }
|
|
||||||||||||||||
|
Definition at line 3099 of file pm_syscalls.c. References A_pm_current_task, A_pm_object_class, A_pm_tp, FALSE, PM, rsbac_attribute_value_t::pm_current_task, rsbac_attribute_value_t::pm_object_class, rsbac_attribute_value_t::pm_tp, rsbac_target_id_t::process, RSBAC_EINVALIDTARGET, RSBAC_EINVALIDVALUE, RSBAC_ENOTFOUND, RSBAC_EPERM, RSBAC_EREADFAILED, rsbac_get_attr, RSBAC_PM_A_CREATE, RSBAC_PM_DEV_OBJECT_CLASS_ID, rsbac_pm_exists(), rsbac_pm_get_data(), RSBAC_PM_IPC_OBJECT_CLASS_ID, rsbac_pm_set_member(), rsbac_set_attr, T_FILE, and T_PROCESS. Referenced by sys_rsbac_pm_create_file(). 03102 {
03103 union rsbac_target_id_t tid;
03104 union rsbac_attribute_value_t attr_val;
03105 union rsbac_attribute_value_t attr_val2;
03106 union rsbac_pm_target_id_t pm_tid;
03107 union rsbac_pm_data_value_t data_val;
03108 union rsbac_pm_data_value_t data_val2;
03109 int error = 0;
03110 union rsbac_pm_set_id_t pm_set_id;
03111 union rsbac_pm_set_member_t pm_set_member;
03112
03113 #ifdef CONFIG_RSBAC_DEBUG
03114 if (rsbac_debug_aef_pm)
03115 printk(KERN_DEBUG
03116 "sys_rsbac_pm_create_file(): called with class %i, mode %o!\n",
03117 object_class, mode);
03118 #endif
03119 /* do not allow IPC or DEV class */
03120 if( (object_class == RSBAC_PM_IPC_OBJECT_CLASS_ID)
03121 || (object_class == RSBAC_PM_DEV_OBJECT_CLASS_ID))
03122 {
03123 #ifdef CONFIG_RSBAC_DEBUG
03124 if(rsbac_debug_adf_pm)
03125 printk(KERN_DEBUG
03126 "rsbac_pm_create_file(): Class-ID is IPC or DEV\n");
03127 #endif
03128 return(-RSBAC_EINVALIDVALUE);
03129 }
03130
03131 /* is mode for regular file? */
03132 if(mode & ~S_IRWXUGO)
03133 {
03134 #ifdef CONFIG_RSBAC_DEBUG
03135 if(rsbac_debug_adf_pm)
03136 printk(KERN_DEBUG
03137 "rsbac_pm_create_file(): illegal creation mode\n");
03138 #endif
03139 return(-RSBAC_EINVALIDVALUE);
03140 }
03141
03142 /* does class exist (NIL always exists)? */
03143 if(object_class)
03144 {
03145 pm_tid.object_class = object_class;
03146 if(!rsbac_pm_exists(0,
03147 PMT_CLASS,
03148 pm_tid))
03149 {
03150 #ifdef CONFIG_RSBAC_DEBUG
03151 if(rsbac_debug_adf_pm)
03152 printk(KERN_DEBUG
03153 "rsbac_pm_create_file(): non-existent class\n");
03154 #endif
03155 return(-RSBAC_EINVALIDVALUE);
03156 }
03157 }
03158
03159 /* getting current_task of calling process from rsbac system */
03160 tid.process = current->pid;
03161 if((error = rsbac_get_attr(PM,T_PROCESS,
03162 tid,
03163 A_pm_current_task,
03164 &attr_val,
03165 FALSE)))
03166 {
03167 printk(KERN_WARNING
03168 "rsbac_pm_create_file(): rsbac_get_attr() for pm_current_task returned error %i",
03169 error);
03170 return(-RSBAC_EREADFAILED); /* something weird happened */
03171 }
03172
03173 /* getting current_tp of calling process from rsbac system */
03174 if((error = rsbac_get_attr(PM,T_PROCESS,
03175 tid,
03176 A_pm_tp,
03177 &attr_val2,
03178 FALSE)))
03179 {
03180 printk(KERN_WARNING
03181 "rsbac_pm_create_file(): rsbac_get_attr() for pm_tp returned error %i",
03182 error);
03183 return(-RSBAC_EREADFAILED); /* something weird happened */
03184 }
03185
03186 /* getting neccessary accesses for task, class, tp from PM-data */
03187 pm_tid.na.task = attr_val.pm_current_task;
03188 pm_tid.na.object_class = object_class;
03189 pm_tid.na.tp = attr_val2.pm_tp;
03190 if((error = rsbac_pm_get_data(0,
03191 PMT_NA,
03192 pm_tid,
03193 PD_accesses,
03194 &data_val)))
03195 {
03196 if( (error != -RSBAC_EINVALIDTARGET)
03197 && (error != -RSBAC_ENOTFOUND)
03198 )
03199 printk(KERN_WARNING
03200 "rsbac_pm_create_file(): rsbac_pm_get_data() for NA/accesses returned error %i",
03201 error);
03202 #ifdef CONFIG_RSBAC_DEBUG
03203 else if(rsbac_debug_adf_pm)
03204 printk(KERN_DEBUG
03205 "rsbac_pm_create_file(): NA/accesses (%i,%i,%i) not found\n",
03206 pm_tid.na.task, object_class, pm_tid.na.tp);
03207 #endif
03208 return(-RSBAC_EPERM); /* deny */
03209 }
03210
03211 /* is create necessary? if not -> error */
03212 if(!(data_val.accesses & RSBAC_PM_A_CREATE))
03213 {
03214 #ifdef CONFIG_RSBAC_DEBUG
03215 if(rsbac_debug_adf_pm)
03216 printk(KERN_DEBUG
03217 "rsbac_pm_create_file(): create is not necessary\n");
03218 #endif
03219 return(-RSBAC_EPERM);
03220 }
03221
03222 /* get purpose for current_task */
03223 pm_tid.task = attr_val.pm_current_task;
03224 if((error = rsbac_pm_get_data(0,
03225 PMT_TASK,
03226 pm_tid,
03227 PD_purpose,
03228 &data_val)))
03229 {
03230 if( (error != -RSBAC_EINVALIDTARGET)
03231 && (error != -RSBAC_ENOTFOUND)
03232 )
03233 printk(KERN_WARNING
03234 "rsbac_pm_create_file(): rsbac_get_data() for TASK/purpose returned error %i",
03235 error);
03236 return(-RSBAC_EPERM); /* deny */
03237 }
03238
03239 /* further checks only, if there is a purpose defined */
03240 if(data_val.purpose)
03241 {
03242 /* get purpose_set_id for class */
03243 pm_tid.object_class = object_class;
03244 if((error = rsbac_pm_get_data(0,
03245 PMT_CLASS,
03246 pm_tid,
03247 PD_pp_set,
03248 &data_val2)))
03249 {
03250 if( (error == -RSBAC_EINVALIDTARGET)
03251 || (error == -RSBAC_ENOTFOUND)
03252 )
03253 {
03254 #ifdef CONFIG_RSBAC_DEBUG
03255 if(rsbac_debug_adf_pm)
03256 printk(KERN_DEBUG
03257 "rsbac_pm_create_file(): non-existent class\n");
03258 #endif
03259 return(-RSBAC_EINVALIDVALUE);
03260 }
03261 printk(KERN_WARNING
03262 "rsbac_pm_create_file(): rsbac_get_data() for TASK/purpose returned error %i",
03263 error);
03264 return(-RSBAC_EREADFAILED); /* deny */
03265 }
03266 /* if there is no purpose set for this class, deny */
03267 if(!data_val2.pp_set)
03268 {
03269 #ifdef CONFIG_RSBAC_DEBUG
03270 if(rsbac_debug_adf_pm)
03271 printk(KERN_DEBUG
03272 "rsbac_pm_create_file(): current_task has purpose, class not\n");
03273 #endif
03274 return(-RSBAC_EPERM);
03275 }
03276
03277 /* last check: is our task's purpose in the set of purposes for our class? */
03278 pm_set_id.pp_set = data_val2.pp_set;
03279 pm_set_member.pp = data_val.purpose;
03280 if(!rsbac_pm_set_member(0,PS_PP,pm_set_id,pm_set_member))
03281 /* our task's purpose does not match with class purposes -> deny */
03282 {
03283 #ifdef CONFIG_RSBAC_DEBUG
03284 if(rsbac_debug_adf_pm)
03285 printk(KERN_DEBUG
03286 "rsbac_pm_create_file(): purpose of current_task is not in purpose set of class\n");
03287 #endif
03288 return(-RSBAC_EPERM);
03289 }
03290 }
03291
03292 /* try to create object using standard syscalls, leading to general rsbac */
03293 /* checks via ADF-Request */
03294 /* we are not using sys_creat(), because alpha kernels don't know it */
03295 lock_kernel();
03296 error = sys_open(filename, O_CREAT | O_WRONLY | O_TRUNC, mode);
03297 unlock_kernel();
03298 if (error < 0)
03299 return(error);
03300
03301 /* setting class for new object */
03302 #if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,0)
03303 rcu_read_lock();
03304 tid.file.device = current->files->fdt->fd[error]->f_vfsmnt->mnt_sb->s_dev;
03305 tid.file.inode = current->files->fdt->fd[error]->f_dentry->d_inode->i_ino;
03306 tid.file.dentry_p = current->files->fdt->fd[error]->f_dentry;
03307 rcu_read_unlock();
03308 #else
03309 tid.file.device = current->files->fd[error]->f_dentry->d_inode->i_dev;
03310 tid.file.inode = current->files->fd[error]->f_dentry->d_inode->i_ino;
03311 tid.file.dentry_p = current->files->fd[error]->f_dentry;
03312 #endif
03313 attr_val.pm_object_class = object_class;
03314 if(rsbac_set_attr(PM,T_FILE,
03315 tid,
03316 A_pm_object_class,
03317 attr_val))
03318 {
03319 printk(KERN_WARNING
03320 "rsbac_pm_create_file(): rsbac_set_attr() for pm_object_class returned error");
03321 }
03322 return(error);
03323 }
|
1.4.2