#include <linux/string.h>#include <rsbac/types.h>#include <rsbac/aci.h>#include <rsbac/auth.h>#include <rsbac/adf_main.h>#include <rsbac/error.h>#include <rsbac/helpers.h>#include <rsbac/getname.h>#include <rsbac/debug.h>Go to the source code of this file.
Functions | |
| static int | rsbac_replace_auth_cap (rsbac_pid_t caller_pid, enum rsbac_auth_cap_type_t cap_type, rsbac_uid_t from, rsbac_uid_t to) |
| enum rsbac_adf_req_ret_t | rsbac_adf_request_auth (enum rsbac_adf_request_t request, rsbac_pid_t caller_pid, enum rsbac_target_t target, union rsbac_target_id_t tid, enum rsbac_attribute_t attr, union rsbac_attribute_value_t attr_val, rsbac_uid_t owner) |
| int | rsbac_adf_set_attr_auth (enum rsbac_adf_request_t request, rsbac_pid_t caller_pid, enum rsbac_target_t target, union rsbac_target_id_t tid, enum rsbac_target_t new_target, union rsbac_target_id_t new_tid, enum rsbac_attribute_t attr, union rsbac_attribute_value_t attr_val, rsbac_uid_t owner) |
|
||||||||||||||||||||||||||||||||
|
Definition at line 65 of file auth_main.c. References A_auth_last_auth, A_auth_learn, A_auth_may_set_cap, A_auth_may_setuid, A_auth_role, A_none, A_system_role, ACT_eff, ACT_fs, ACT_group_eff, ACT_group_fs, ACT_group_real, ACT_real, AMS_full, AMS_last_auth_and_gid, AMS_last_auth_only, AMS_off, AUTH, rsbac_attribute_value_t::auth_last_auth, rsbac_attribute_value_t::auth_may_set_cap, rsbac_attribute_value_t::auth_may_setuid, DO_NOT_CARE, FALSE, FREEZE, GRANTED, NOT_GRANTED, rsbac_attribute_value_t::owner, rsbac_target_id_t::process, R_CHANGE_DAC_EFF_GROUP, R_CHANGE_DAC_EFF_OWNER, R_CHANGE_DAC_FS_GROUP, R_CHANGE_DAC_FS_OWNER, R_CHANGE_GROUP, R_CHANGE_OWNER, R_CREATE, R_DELETE, R_GET_PERMISSIONS_DATA, R_GET_STATUS_DATA, R_MODIFY_ATTRIBUTE, R_MODIFY_PERMISSIONS_DATA, R_MODIFY_SYSTEM_DATA, R_RENAME, R_SWITCH_LOG, R_SWITCH_MODULE, R_WRITE, rsbac_auth_p_capset_member(), RSBAC_EREADFAILED, rsbac_get_attr, RSBAC_NO_USER, rsbac_printk(), rsbac_target_id_t::scd, SOFTMODE, SR_administrator, SR_auditor, SR_security_officer, ST_ioports, ST_kmem, ST_rsbac_remote_log, ST_rsbaclog, rsbac_attribute_value_t::system_role, T_GROUP, T_NONE, T_PROCESS, T_SCD, T_USER, TRUE, UNDEFINED, and rsbac_target_id_t::user. Referenced by rsbac_adf_request_int(). 00072 {
00073 enum rsbac_adf_req_ret_t result = DO_NOT_CARE;
00074 union rsbac_attribute_value_t i_attr_val1;
00075 union rsbac_target_id_t i_tid;
00076
00077 switch (request)
00078 {
00079 #if defined(CONFIG_RSBAC_AUTH_UM_PROT) || defined(CONFIG_RSBAC_AUTH_GROUP)
00080 case R_CHANGE_GROUP:
00081 switch(target)
00082 {
00083 #if defined(CONFIG_RSBAC_AUTH_UM_PROT)
00084 case T_USER:
00085 /* Security Officer? */
00086 i_tid.user = owner;
00087 if (rsbac_get_attr(AUTH,
00088 T_USER,
00089 i_tid,
00090 A_auth_role,
00091 &i_attr_val1,
00092 TRUE))
00093 {
00094 rsbac_ds_get_error("rsbac_adf_request_auth()", A_auth_role);
00095 return(NOT_GRANTED);
00096 }
00097 /* if sec_officer, then grant */
00098 if (i_attr_val1.system_role == SR_security_officer)
00099 return(GRANTED);
00100 else
00101 return(NOT_GRANTED);
00102 #endif /* AUTH_UM_PROT */
00103
00104 #if defined(CONFIG_RSBAC_AUTH_GROUP)
00105 case T_PROCESS:
00106 if(attr != A_group)
00107 return(UNDEFINED);
00108 #if defined(CONFIG_RSBAC_AUTH_ALLOW_SAME)
00109 if(attr_val.group == current->gid)
00110 return DO_NOT_CARE;
00111 #endif
00112 /* check auth_may_setuid of process */
00113 if (rsbac_get_attr(AUTH,
00114 T_PROCESS,
00115 tid,
00116 A_auth_may_setuid,
00117 &i_attr_val1,
00118 FALSE))
00119 {
00120 rsbac_ds_get_error("rsbac_adf_request_auth()", A_auth_may_setuid);
00121 return(NOT_GRANTED);
00122 }
00123 /* if auth_may_setuid is full or and_gid, then grant */
00124 if( (i_attr_val1.auth_may_setuid == AMS_full)
00125 || (i_attr_val1.auth_may_setuid == AMS_last_auth_and_gid)
00126 )
00127 return(GRANTED);
00128
00129 /* check, if the target uid is in capset, grant, if yes, deny, if not. */
00130 if(rsbac_auth_p_capset_member(caller_pid, ACT_group_real, attr_val.group))
00131 return(GRANTED);
00132 else
00133 return(NOT_GRANTED);
00134 #endif /* AUTH_GROUP */
00135
00136 /* We do not care about */
00137 /* all other cases */
00138 default:
00139 return(DO_NOT_CARE);
00140 }
00141 #endif /* AUTH_UM_PROT || AUTH_GROUP */
00142
00143 #if defined(CONFIG_RSBAC_AUTH_UM_PROT)
00144 case R_CREATE:
00145 case R_DELETE:
00146 case R_GET_PERMISSIONS_DATA:
00147 case R_RENAME:
00148 case R_WRITE:
00149 switch(target)
00150 {
00151 case T_USER:
00152 case T_GROUP:
00153 /* Security Officer? */
00154 i_tid.user = owner;
00155 if (rsbac_get_attr(AUTH,
00156 T_USER,
00157 i_tid,
00158 A_auth_role,
00159 &i_attr_val1,
00160 TRUE))
00161 {
00162 rsbac_ds_get_error("rsbac_adf_request_auth()", A_auth_role);
00163 return(NOT_GRANTED);
00164 }
00165 /* if sec_officer, then grant */
00166 if (i_attr_val1.system_role == SR_security_officer)
00167 return(GRANTED);
00168 else
00169 return(NOT_GRANTED);
00170 /* We do not care about */
00171 /* all other cases */
00172 default: return(DO_NOT_CARE);
00173 }
00174 #endif
00175
00176 case R_CHANGE_OWNER:
00177 switch(target)
00178 {
00179 case T_PROCESS:
00180 if(attr != A_owner)
00181 return(UNDEFINED);
00182 #if defined(CONFIG_RSBAC_AUTH_ALLOW_SAME)
00183 if(attr_val.owner == owner)
00184 return DO_NOT_CARE;
00185 #endif
00186 /* check auth_may_setuid of process */
00187 if (rsbac_get_attr(AUTH,
00188 T_PROCESS,
00189 tid,
00190 A_auth_may_setuid,
00191 &i_attr_val1,
00192 FALSE))
00193 {
00194 rsbac_ds_get_error("rsbac_adf_request_auth()", A_auth_may_setuid);
00195 return(NOT_GRANTED);
00196 }
00197 switch(i_attr_val1.auth_may_setuid)
00198 {
00199 case AMS_off:
00200 break;
00201 case AMS_full:
00202 return(GRANTED);
00203 case AMS_last_auth_only:
00204 case AMS_last_auth_and_gid:
00205 if(attr_val.owner == RSBAC_NO_USER)
00206 return NOT_GRANTED;
00207 if (rsbac_get_attr(AUTH,
00208 T_PROCESS,
00209 tid,
00210 A_auth_last_auth,
00211 &i_attr_val1,
00212 FALSE))
00213 {
00214 rsbac_ds_get_error("rsbac_adf_request_auth()", A_auth_last_auth);
00215 return(NOT_GRANTED);
00216 }
00217 if(i_attr_val1.auth_last_auth == attr_val.owner)
00218 return GRANTED;
00219 break;
00220
00221 default:
00222 rsbac_printk(KERN_INFO
00223 "rsbac_adf_request_auth(): auth_may_setuid of process %u has an invalid value!\n",
00224 tid.process);
00225 return NOT_GRANTED;
00226 }
00227 /* check, if the target uid is in capset, grant, if yes, deny, if not. */
00228 if(rsbac_auth_p_capset_member(caller_pid, ACT_real, attr_val.owner))
00229 return(GRANTED);
00230 else
00231 return(NOT_GRANTED);
00232
00233 /* all other cases are not checked */
00234 default:
00235 return(DO_NOT_CARE);
00236 }
00237
00238 #ifdef CONFIG_RSBAC_AUTH_DAC_OWNER
00239 case R_CHANGE_DAC_EFF_OWNER:
00240 switch(target)
00241 {
00242 case T_PROCESS:
00243 if(attr != A_owner)
00244 return(UNDEFINED);
00245 if(attr_val.owner == owner)
00246 return DO_NOT_CARE;
00247 #if defined(CONFIG_RSBAC_AUTH_ALLOW_SAME)
00248 if(attr_val.owner == current->euid)
00249 return DO_NOT_CARE;
00250 #endif
00251 /* check auth_may_setuid of process */
00252 if (rsbac_get_attr(AUTH,
00253 T_PROCESS,
00254 tid,
00255 A_auth_may_setuid,
00256 &i_attr_val1,
00257 FALSE))
00258 {
00259 rsbac_ds_get_error("rsbac_adf_request_auth()", A_auth_may_setuid);
00260 return(NOT_GRANTED);
00261 }
00262 switch(i_attr_val1.auth_may_setuid)
00263 {
00264 case AMS_off:
00265 break;
00266 case AMS_full:
00267 return(GRANTED);
00268 case AMS_last_auth_only:
00269 case AMS_last_auth_and_gid:
00270 if(attr_val.owner == RSBAC_NO_USER)
00271 return NOT_GRANTED;
00272 if (rsbac_get_attr(AUTH,
00273 T_PROCESS,
00274 tid,
00275 A_auth_last_auth,
00276 &i_attr_val1,
00277 FALSE))
00278 {
00279 rsbac_ds_get_error("rsbac_adf_request_auth()", A_auth_last_auth);
00280 return(NOT_GRANTED);
00281 }
00282 if(i_attr_val1.auth_last_auth == attr_val.owner)
00283 return GRANTED;
00284 break;
00285
00286 default:
00287 rsbac_printk(KERN_INFO
00288 "rsbac_adf_request_auth(): auth_may_setuid of process %u has an invalid value!\n",
00289 tid.process);
00290 return NOT_GRANTED;
00291 }
00292 /* check, if the target uid is in capset, grant, if yes, deny, if not. */
00293 if(rsbac_auth_p_capset_member(caller_pid, ACT_eff, attr_val.owner))
00294 return(GRANTED);
00295 else
00296 return(NOT_GRANTED);
00297
00298 /* all other cases are not checked */
00299 default:
00300 return(DO_NOT_CARE);
00301 }
00302 case R_CHANGE_DAC_FS_OWNER:
00303 switch(target)
00304 {
00305 case T_PROCESS:
00306 if(attr != A_owner)
00307 return(UNDEFINED);
00308 if(attr_val.owner == owner)
00309 return DO_NOT_CARE;
00310 #if defined(CONFIG_RSBAC_AUTH_ALLOW_SAME)
00311 if(attr_val.owner == current->fsuid)
00312 return DO_NOT_CARE;
00313 #endif
00314 /* check auth_may_setuid of process */
00315 if (rsbac_get_attr(AUTH,
00316 T_PROCESS,
00317 tid,
00318 A_auth_may_setuid,
00319 &i_attr_val1,
00320 FALSE))
00321 {
00322 rsbac_ds_get_error("rsbac_adf_request_auth()", A_auth_may_setuid);
00323 return(NOT_GRANTED);
00324 }
00325 switch(i_attr_val1.auth_may_setuid)
00326 {
00327 case AMS_off:
00328 break;
00329 case AMS_full:
00330 return(GRANTED);
00331 case AMS_last_auth_only:
00332 case AMS_last_auth_and_gid:
00333 if(attr_val.owner == RSBAC_NO_USER)
00334 return NOT_GRANTED;
00335 if (rsbac_get_attr(AUTH,
00336 T_PROCESS,
00337 tid,
00338 A_auth_last_auth,
00339 &i_attr_val1,
00340 FALSE))
00341 {
00342 rsbac_ds_get_error("rsbac_adf_request_auth()", A_auth_last_auth);
00343 return(NOT_GRANTED);
00344 }
00345 if(i_attr_val1.auth_last_auth == attr_val.owner)
00346 return GRANTED;
00347 break;
00348
00349 default:
00350 rsbac_printk(KERN_INFO
00351 "rsbac_adf_request_auth(): auth_may_setuid of process %u has an invalid value!\n",
00352 tid.process);
00353 return NOT_GRANTED;
00354 }
00355 /* check, if the target uid is in capset, grant, if yes, deny, if not. */
00356 if(rsbac_auth_p_capset_member(caller_pid, ACT_fs, attr_val.owner))
00357 return(GRANTED);
00358 else
00359 return(NOT_GRANTED);
00360
00361 /* all other cases are not checked */
00362 default:
00363 return(DO_NOT_CARE);
00364 }
00365 #endif
00366
00367 #ifdef CONFIG_RSBAC_AUTH_GROUP
00368 #ifdef CONFIG_RSBAC_AUTH_DAC_GROUP
00369 case R_CHANGE_DAC_EFF_GROUP:
00370 switch(target)
00371 {
00372 case T_PROCESS:
00373 if(attr != A_group)
00374 return(UNDEFINED);
00375 if(attr_val.group == current->gid)
00376 return DO_NOT_CARE;
00377 #if defined(CONFIG_RSBAC_AUTH_ALLOW_SAME)
00378 if(attr_val.group == current->egid)
00379 return DO_NOT_CARE;
00380 #endif
00381 /* check auth_may_setuid of process */
00382 if (rsbac_get_attr(AUTH,
00383 T_PROCESS,
00384 tid,
00385 A_auth_may_setuid,
00386 &i_attr_val1,
00387 FALSE))
00388 {
00389 rsbac_ds_get_error("rsbac_adf_request_auth()", A_auth_may_setuid);
00390 return(NOT_GRANTED);
00391 }
00392 /* if auth_may_setuid is set, then grant */
00393 if( (i_attr_val1.auth_may_setuid == AMS_full)
00394 || (i_attr_val1.auth_may_setuid == AMS_last_auth_and_gid)
00395 )
00396 return(GRANTED);
00397
00398 /* check, if the target uid is in capset, grant, if yes, deny, if not. */
00399 if(rsbac_auth_p_capset_member(caller_pid, ACT_group_eff, attr_val.group))
00400 return(GRANTED);
00401 else
00402 return(NOT_GRANTED);
00403
00404 /* all other cases are not checked */
00405 default:
00406 return(DO_NOT_CARE);
00407 }
00408 case R_CHANGE_DAC_FS_GROUP:
00409 switch(target)
00410 {
00411 case T_PROCESS:
00412 if(attr != A_group)
00413 return(UNDEFINED);
00414 if(attr_val.group == current->gid)
00415 return DO_NOT_CARE;
00416 #if defined(CONFIG_RSBAC_AUTH_ALLOW_SAME)
00417 if(attr_val.group == current->fsgid)
00418 return DO_NOT_CARE;
00419 #endif
00420 /* check auth_may_setuid of process */
00421 if (rsbac_get_attr(AUTH,
00422 T_PROCESS,
00423 tid,
00424 A_auth_may_setuid,
00425 &i_attr_val1,
00426 FALSE))
00427 {
00428 rsbac_ds_get_error("rsbac_adf_request_auth()", A_auth_may_setuid);
00429 return(NOT_GRANTED);
00430 }
00431 /* if auth_may_setuid is set, then grant */
00432 if( (i_attr_val1.auth_may_setuid == AMS_full)
00433 || (i_attr_val1.auth_may_setuid == AMS_last_auth_and_gid)
00434 )
00435 return(GRANTED);
00436
00437 /* check, if the target uid is in capset, grant, if yes, deny, if not. */
00438 if(rsbac_auth_p_capset_member(caller_pid, ACT_group_fs, attr_val.group))
00439 return(GRANTED);
00440 else
00441 return(NOT_GRANTED);
00442
00443 /* all other cases are not checked */
00444 default:
00445 return(DO_NOT_CARE);
00446 }
00447 #endif
00448 #endif /* AUTH_GROUP */
00449
00450 case R_MODIFY_ATTRIBUTE:
00451 switch(attr)
00452 {
00453 /* Only protect itself, if asked to by configuration */
00454 #ifdef CONFIG_RSBAC_AUTH_AUTH_PROT
00455 case A_system_role:
00456 case A_auth_role:
00457 case A_auth_may_setuid:
00458 case A_auth_may_set_cap:
00459 case A_auth_start_uid:
00460 case A_auth_start_euid:
00461 case A_auth_start_gid:
00462 case A_auth_start_egid:
00463 case A_auth_learn:
00464 case A_auth_program_file:
00465 case A_auth_add_f_cap:
00466 case A_auth_remove_f_cap:
00467 /* All attributes (remove target!) */
00468 case A_none:
00469 /* Security Officer? */
00470 i_tid.user = owner;
00471 if (rsbac_get_attr(AUTH,
00472 T_USER,
00473 i_tid,
00474 A_auth_role,
00475 &i_attr_val1,
00476 TRUE))
00477 {
00478 rsbac_ds_get_error("rsbac_adf_request_auth()", A_auth_role);
00479 return(NOT_GRANTED);
00480 }
00481 /* if sec_officer, then grant */
00482 if (i_attr_val1.system_role == SR_security_officer)
00483 return(GRANTED);
00484 else
00485 return(NOT_GRANTED);
00486 #endif
00487
00488 case A_auth_last_auth:
00489 if(target != T_PROCESS)
00490 return DO_NOT_CARE;
00491 /* check auth_may_set_cap of calling process */
00492 i_tid.process = current->pid;
00493 if (rsbac_get_attr(AUTH,
00494 T_PROCESS,
00495 i_tid,
00496 A_auth_may_set_cap,
00497 &i_attr_val1,
00498 FALSE))
00499 {
00500 rsbac_ds_get_error("rsbac_adf_request_auth()", A_auth_may_set_cap);
00501 return(-RSBAC_EREADFAILED);
00502 }
00503 /* if auth_may_set_cap is not set, then reject */
00504 if (!i_attr_val1.auth_may_set_cap)
00505 {
00506 rsbac_printk(KERN_INFO
00507 "rsbac_adf_request_auth(): changing auth_last_auth of process %u to %u denied for process %u!\n",
00508 tid.process,
00509 attr_val.auth_last_auth,
00510 current->pid);
00511 return NOT_GRANTED;
00512 }
00513
00514 default:
00515 return(DO_NOT_CARE);
00516 }
00517
00518 /* Only protect itself, if asked to by configuration */
00519 #ifdef CONFIG_RSBAC_AUTH_AUTH_PROT
00520 case R_GET_STATUS_DATA:
00521 switch(target)
00522 {
00523 case T_SCD:
00524 /* target rsbaclog? only for secoff */
00525 if (tid.scd != ST_rsbaclog)
00526 return(GRANTED);
00527 /* Secoff or Auditor? */
00528 i_tid.user = owner;
00529 if ((rsbac_get_attr(AUTH,
00530 T_USER,
00531 i_tid,
00532 A_auth_role,
00533 &i_attr_val1,
00534 TRUE)))
00535 {
00536 rsbac_ds_get_error("rsbac_adf_request_auth()", A_auth_role);
00537 return(NOT_GRANTED);
00538 }
00539 /* grant only for secoff */
00540 if ( (i_attr_val1.system_role == SR_security_officer)
00541 || (i_attr_val1.system_role == SR_auditor)
00542 )
00543 return(GRANTED);
00544 else
00545 return(NOT_GRANTED);
00546
00547 default:
00548 return(DO_NOT_CARE);
00549 };
00550
00551 case R_MODIFY_PERMISSIONS_DATA:
00552 switch(target)
00553 {
00554 case T_SCD:
00555 #ifdef CONFIG_RSBAC_USER_MOD_IOPERM
00556 if(tid.scd == ST_ioports)
00557 return GRANTED;
00558 #endif
00559 /* fall through */
00560 #if defined(CONFIG_RSBAC_AUTH_UM_PROT)
00561 case T_USER:
00562 case T_GROUP:
00563 #endif
00564 /* Security Officer? */
00565 i_tid.user = owner;
00566 if (rsbac_get_attr(AUTH,
00567 T_USER,
00568 i_tid,
00569 A_auth_role,
00570 &i_attr_val1,
00571 TRUE))
00572 {
00573 rsbac_ds_get_error("rsbac_adf_request_auth()", A_auth_role);
00574 return(NOT_GRANTED);
00575 }
00576 /* if sec_officer, then grant */
00577 if (i_attr_val1.system_role == SR_security_officer)
00578 return(GRANTED);
00579 /* For booting: if administrator and ioports, then grant */
00580 if (
00581 #if defined(CONFIG_RSBAC_AUTH_UM_PROT)
00582 (target == T_SCD) &&
00583 #endif
00584 (i_attr_val1.system_role == SR_administrator)
00585 && (tid.scd == ST_ioports) )
00586 return(GRANTED);
00587 else
00588 return(NOT_GRANTED);
00589
00590 #ifdef CONFIG_RSBAC_ALLOW_DAC_DISABLE
00591 /* switching Linux DAC */
00592 case T_NONE:
00593 /* Security Officer? */
00594 i_tid.user = owner;
00595 if (rsbac_get_attr(AUTH,
00596 T_USER,
00597 i_tid,
00598 A_auth_role,
00599 &i_attr_val1,
00600 TRUE))
00601 {
00602 rsbac_ds_get_error("rsbac_adf_request_auth()", A_auth_role);
00603 return(NOT_GRANTED);
00604 }
00605 /* if sec_officer, then grant */
00606 if (i_attr_val1.system_role == SR_security_officer)
00607 return(GRANTED);
00608 else
00609 return(NOT_GRANTED);
00610 #endif
00611
00612 /* all other cases are not checked */
00613 default: return(DO_NOT_CARE);
00614 }
00615
00616 case R_MODIFY_SYSTEM_DATA:
00617 switch(target)
00618 {
00619 case T_SCD:
00620 /* target not rsbaclog? no problem -> grant */
00621 switch(tid.scd)
00622 {
00623 case ST_rsbaclog:
00624 case ST_rsbac_remote_log:
00625 break;
00626 case ST_kmem:
00627 return NOT_GRANTED;
00628 default:
00629 return GRANTED;
00630 }
00631 /* Get role */
00632 i_tid.user = owner;
00633 if (rsbac_get_attr(AUTH,
00634 T_USER,
00635 i_tid,
00636 A_auth_role,
00637 &i_attr_val1,
00638 TRUE))
00639 {
00640 rsbac_ds_get_error("rsbac_adf_request_auth()", A_auth_role);
00641 return(NOT_GRANTED);
00642 }
00643 /* grant only for secoff and auditor */
00644 if ( (i_attr_val1.system_role == SR_security_officer)
00645 || (i_attr_val1.system_role == SR_auditor)
00646 )
00647 return(GRANTED);
00648 else
00649 return(NOT_GRANTED);
00650
00651 /* all other cases are not checked */
00652 default: return(DO_NOT_CARE);
00653 }
00654
00655 case R_SWITCH_LOG:
00656 switch(target)
00657 {
00658 case T_NONE:
00659 /* test owner's auth_role */
00660 i_tid.user = owner;
00661 if (rsbac_get_attr(AUTH,
00662 T_USER,
00663 i_tid,
00664 A_auth_role,
00665 &i_attr_val1,
00666 TRUE))
00667 {
00668 rsbac_ds_get_error("rsbac_adf_request_auth()", A_auth_role);
00669 return(NOT_GRANTED);
00670 }
00671 /* security officer? -> grant */
00672 if (i_attr_val1.system_role == SR_security_officer)
00673 return(GRANTED);
00674 else
00675 return(NOT_GRANTED);
00676
00677 /* all other cases are not checked */
00678 default: return(DO_NOT_CARE);
00679 }
00680
00681 case R_SWITCH_MODULE:
00682 switch(target)
00683 {
00684 case T_NONE:
00685 /* we need the switch_target */
00686 if(attr != A_switch_target)
00687 return(UNDEFINED);
00688 #ifndef CONFIG_RSBAC_AUTH_OTHER_PROT
00689 /* do not care for other modules */
00690 if( (attr_val.switch_target != AUTH)
00691 #ifdef CONFIG_RSBAC_SOFTMODE
00692 && (attr_val.switch_target != SOFTMODE)
00693 #endif
00694 #ifdef CONFIG_RSBAC_FREEZE
00695 && (attr_val.switch_target != FREEZE)
00696 #endif
00697 )
00698 return(DO_NOT_CARE);
00699 #endif
00700 /* test owner's auth_role */
00701 i_tid.user = owner;
00702 if (rsbac_get_attr(AUTH,
00703 T_USER,
00704 i_tid,
00705 A_auth_role,
00706 &i_attr_val1,
00707 TRUE))
00708 {
00709 rsbac_ds_get_error("rsbac_adf_request_auth()", A_auth_role);
00710 return(NOT_GRANTED);
00711 }
00712 /* security officer? -> grant */
00713 if (i_attr_val1.system_role == SR_security_officer)
00714 return(GRANTED);
00715 else
00716 return(NOT_GRANTED);
00717
00718 /* all other cases are not checked */
00719 default: return(DO_NOT_CARE);
00720 }
00721 #endif
00722
00723 /*********************/
00724 default: return DO_NOT_CARE;
00725 }
00726
00727 return(result);
00728 }; /* end of rsbac_adf_request_auth() */
|
|
||||||||||||||||||||||||||||||||||||||||
|
Definition at line 741 of file auth_main.c. References A_auth_last_auth, A_auth_learn, A_auth_may_set_cap, A_auth_may_setuid, ACT_eff, ACT_fs, ACT_group_eff, ACT_group_fs, ACT_group_real, ACT_real, AUTH, rsbac_attribute_value_t::auth_last_auth, FALSE, rsbac_target_id_t::process, R_APPEND_OPEN, R_CHANGE_GROUP, R_CLONE, R_DELETE, R_EXECUTE, R_LINK_HARD, R_MODIFY_ACCESS_DATA, R_READ_WRITE_OPEN, R_RENAME, R_TRUNCATE, R_WRITE_OPEN, rsbac_auth_copy_fp_capset(), rsbac_auth_copy_pp_capset(), RSBAC_AUTH_DAC_GROUP_F_CAP, RSBAC_AUTH_DAC_OWNER_F_CAP, RSBAC_AUTH_GROUP_F_CAP, RSBAC_AUTH_OWNER_F_CAP, rsbac_auth_remove_f_capsets(), RSBAC_EREADFAILED, RSBAC_EWRITEFAILED, rsbac_get_attr, RSBAC_NO_USER, rsbac_printk(), rsbac_replace_auth_cap(), rsbac_set_attr, T_FILE, T_PROCESS, and TRUE. Referenced by rsbac_adf_set_attr(). 00751 {
00752 int error;
00753 union rsbac_target_id_t i_tid;
00754 union rsbac_attribute_value_t i_attr_val1;
00755 union rsbac_attribute_value_t i_attr_val2;
00756 #if defined(CONFIG_RSBAC_AUTH_LEARN)
00757 union rsbac_attribute_value_t i_attr_val3;
00758 union rsbac_attribute_value_t i_attr_val4;
00759 union rsbac_attribute_value_t i_attr_val5;
00760 #endif
00761
00762 switch (request)
00763 {
00764 case R_CLONE:
00765 if (target == T_PROCESS)
00766 {
00767 /* Get auth_may_setuid from first process */
00768 if (rsbac_get_attr(AUTH,
00769 T_PROCESS,
00770 tid,
00771 A_auth_may_setuid,
00772 &i_attr_val1,
00773 FALSE))
00774 {
00775 rsbac_ds_get_error("rsbac_adf_set_attr_auth()", A_auth_may_setuid);
00776 return(-RSBAC_EREADFAILED);
00777 }
00778 /* Get auth_may_set_cap from first process */
00779 if (rsbac_get_attr(AUTH,
00780 T_PROCESS,
00781 tid,
00782 A_auth_may_set_cap,
00783 &i_attr_val2,
00784 FALSE))
00785 {
00786 rsbac_ds_get_error("rsbac_adf_set_attr_auth()", A_auth_may_set_cap);
00787 return(-RSBAC_EREADFAILED);
00788 }
00789 #if defined(CONFIG_RSBAC_AUTH_LEARN)
00790 if (rsbac_get_attr(AUTH,
00791 T_PROCESS,
00792 tid,
00793 A_auth_program_file,
00794 &i_attr_val3,
00795 FALSE))
00796 {
00797 rsbac_ds_get_error("rsbac_adf_set_attr_auth()", A_auth_program_file);
00798 return(-RSBAC_EREADFAILED);
00799 }
00800 if (rsbac_get_attr(AUTH,
00801 T_PROCESS,
00802 tid,
00803 A_auth_start_uid,
00804 &i_attr_val4,
00805 FALSE))
00806 {
00807 rsbac_ds_get_error("rsbac_adf_set_attr_auth()", A_auth_start_uid);
00808 return(-RSBAC_EREADFAILED);
00809 }
00810 if (rsbac_get_attr(AUTH,
00811 T_PROCESS,
00812 tid,
00813 A_auth_learn,
00814 &i_attr_val5,
00815 FALSE))
00816 {
00817 rsbac_ds_get_error("rsbac_adf_set_attr_auth()", A_auth_learn);
00818 return(-RSBAC_EREADFAILED);
00819 }
00820 #endif
00821 /* Set auth_may_setuid for new process */
00822 if (rsbac_set_attr(AUTH,
00823 T_PROCESS,
00824 new_tid,
00825 A_auth_may_setuid,
00826 i_attr_val1))
00827 {
00828 rsbac_ds_set_error("rsbac_adf_set_attr_auth()", A_auth_may_setuid);
00829 return(-RSBAC_EWRITEFAILED);
00830 }
00831 /* Set auth_may_set_cap for new process */
00832 if (rsbac_set_attr(AUTH,
00833 T_PROCESS,
00834 new_tid,
00835 A_auth_may_set_cap,
00836 i_attr_val2))
00837 {
00838 rsbac_ds_set_error("rsbac_adf_set_attr_auth()", A_auth_may_set_cap);
00839 return(-RSBAC_EWRITEFAILED);
00840 }
00841 #if defined(CONFIG_RSBAC_AUTH_LEARN)
00842 if (rsbac_set_attr(AUTH,
00843 T_PROCESS,
00844 new_tid,
00845 A_auth_program_file,
00846 i_attr_val3))
00847 {
00848 rsbac_ds_set_error("rsbac_adf_set_attr_auth()", A_auth_program_file);
00849 return(-RSBAC_EWRITEFAILED);
00850 }
00851 if (rsbac_set_attr(AUTH,
00852 T_PROCESS,
00853 new_tid,
00854 A_auth_start_uid,
00855 i_attr_val4))
00856 {
00857 rsbac_ds_set_error("rsbac_adf_set_attr_auth()", A_auth_start_uid);
00858 return(-RSBAC_EWRITEFAILED);
00859 }
00860 if (rsbac_set_attr(AUTH,
00861 T_PROCESS,
00862 new_tid,
00863 A_auth_learn,
00864 i_attr_val5))
00865 {
00866 rsbac_ds_set_error("rsbac_adf_set_attr_auth()", A_auth_learn);
00867 return(-RSBAC_EWRITEFAILED);
00868 }
00869 #ifdef CONFIG_RSBAC_AUTH_DAC_OWNER
00870 if (rsbac_get_attr(AUTH,
00871 T_PROCESS,
00872 tid,
00873 A_auth_start_euid,
00874 &i_attr_val4,
00875 FALSE))
00876 {
00877 rsbac_ds_get_error("rsbac_adf_set_attr_auth()", A_auth_start_uid);
00878 return(-RSBAC_EREADFAILED);
00879 }
00880 if (rsbac_set_attr(AUTH,
00881 T_PROCESS,
00882 new_tid,
00883 A_auth_start_euid,
00884 i_attr_val4))
00885 {
00886 rsbac_ds_set_error("rsbac_adf_set_attr_auth()", A_auth_start_uid);
00887 return(-RSBAC_EWRITEFAILED);
00888 }
00889 #endif
00890 #ifdef CONFIG_RSBAC_AUTH_GROUP
00891 if (rsbac_get_attr(AUTH,
00892 T_PROCESS,
00893 tid,
00894 A_auth_start_gid,
00895 &i_attr_val4,
00896 FALSE))
00897 {
00898 rsbac_ds_get_error("rsbac_adf_set_attr_auth()", A_auth_start_uid);
00899 return(-RSBAC_EREADFAILED);
00900 }
00901 if (rsbac_set_attr(AUTH,
00902 T_PROCESS,
00903 new_tid,
00904 A_auth_start_gid,
00905 i_attr_val4))
00906 {
00907 rsbac_ds_set_error("rsbac_adf_set_attr_auth()", A_auth_start_uid);
00908 return(-RSBAC_EWRITEFAILED);
00909 }
00910 #ifdef CONFIG_RSBAC_AUTH_DAC_GROUP
00911 if (rsbac_get_attr(AUTH,
00912 T_PROCESS,
00913 tid,
00914 A_auth_start_egid,
00915 &i_attr_val4,
00916 FALSE))
00917 {
00918 rsbac_ds_get_error("rsbac_adf_set_attr_auth()", A_auth_start_uid);
00919 return(-RSBAC_EREADFAILED);
00920 }
00921 if (rsbac_set_attr(AUTH,
00922 T_PROCESS,
00923 new_tid,
00924 A_auth_start_egid,
00925 i_attr_val4))
00926 {
00927 rsbac_ds_set_error("rsbac_adf_set_attr_auth()", A_auth_start_uid);
00928 return(-RSBAC_EWRITEFAILED);
00929 }
00930 #endif
00931 #endif
00932 #endif
00933 /* copy capability list */
00934 if(rsbac_auth_copy_pp_capset(tid.process,new_tid.process))
00935 {
00936 rsbac_printk(KERN_WARNING
00937 "rsbac_adf_set_attr_auth(): rsbac_auth_copy_pp_capset() returned error!\n");
00938 return(-RSBAC_EWRITEFAILED);
00939 }
00940 return(0);
00941 }
00942 else
00943 return(0);
00944
00945 case R_EXECUTE:
00946 switch(target)
00947 {
00948 case T_FILE:
00949 /* reset auth_may_setuid and auth_may_set_cap for process */
00950 i_tid.process = caller_pid;
00951 /* First, set auth_may_setuid to program file's auth_may_setuid */
00952 if (rsbac_get_attr(AUTH,
00953 T_FILE,
00954 tid,
00955 A_auth_may_setuid,
00956 &i_attr_val1,
00957 TRUE))
00958 {
00959 rsbac_ds_get_error("rsbac_adf_set_attr_auth()", A_auth_may_setuid);
00960 return(-RSBAC_EREADFAILED);
00961 }
00962 if (rsbac_set_attr(AUTH,
00963 T_PROCESS,
00964 i_tid,
00965 A_auth_may_setuid,
00966 i_attr_val1))
00967 {
00968 rsbac_ds_set_error("rsbac_adf_set_attr_auth()", A_auth_may_setuid);
00969 return(-RSBAC_EWRITEFAILED);
00970 }
00971 /* Next, set auth_may_set_cap to program file's auth_may_set_cap */
00972 if (rsbac_get_attr(AUTH,
00973 T_FILE,
00974 tid,
00975 A_auth_may_set_cap,
00976 &i_attr_val1,
00977 FALSE))
00978 {
00979 rsbac_ds_get_error("rsbac_adf_set_attr_auth()", A_auth_may_set_cap);
00980 return(-RSBAC_EREADFAILED);
00981 }
00982 if (rsbac_set_attr(AUTH,
00983 T_PROCESS,
00984 i_tid,
00985 A_auth_may_set_cap,
00986 i_attr_val1))
00987 {
00988 rsbac_ds_set_error("rsbac_adf_set_attr_auth()", A_auth_may_set_cap);
00989 return(-RSBAC_EWRITEFAILED);
00990 }
00991 /* reset auth_last_auth for process */
00992 i_attr_val1.auth_last_auth = RSBAC_NO_USER;
00993 if (rsbac_set_attr(AUTH,
00994 T_PROCESS,
00995 i_tid,
00996 A_auth_last_auth,
00997 i_attr_val1))
00998 {
00999 rsbac_ds_set_error("rsbac_adf_set_attr_auth()", A_auth_last_auth);
01000 }
01001
01002 /* copy file capability list from file to process */
01003 if (rsbac_auth_copy_fp_capset(tid.file, caller_pid))
01004 {
01005 rsbac_printk(KERN_WARNING
01006 "rsbac_adf_set_attr_auth(): rsbac_auth_copy_fp_capset() returned error!\n");
01007 return(-RSBAC_EWRITEFAILED);
01008 }
01009 /* replace RSBAC_AUTH_OWNER_F_CAP by current owner */
01010 error = rsbac_replace_auth_cap(caller_pid,
01011 ACT_real,
01012 RSBAC_AUTH_OWNER_F_CAP,
01013 owner);
01014 if(error)
01015 return error;
01016 #ifdef CONFIG_RSBAC_AUTH_DAC_OWNER
01017 error = rsbac_replace_auth_cap(caller_pid,
01018 ACT_eff,
01019 RSBAC_AUTH_OWNER_F_CAP,
01020 owner);
01021 if(error)
01022 return error;
01023 error = rsbac_replace_auth_cap(caller_pid,
01024 ACT_eff,
01025 RSBAC_AUTH_DAC_OWNER_F_CAP,
01026 current->euid);
01027 if(error)
01028 return error;
01029 error = rsbac_replace_auth_cap(caller_pid,
01030 ACT_fs,
01031 RSBAC_AUTH_OWNER_F_CAP,
01032 owner);
01033 if(error)
01034 return error;
01035 error = rsbac_replace_auth_cap(caller_pid,
01036 ACT_fs,
01037 RSBAC_AUTH_DAC_OWNER_F_CAP,
01038 current->fsuid);
01039 if(error)
01040 return error;
01041 #endif
01042 #ifdef CONFIG_RSBAC_AUTH_GROUP
01043 error = rsbac_replace_auth_cap(caller_pid,
01044 ACT_group_real,
01045 RSBAC_AUTH_GROUP_F_CAP,
01046 current->gid);
01047 if(error)
01048 return error;
01049 #ifdef CONFIG_RSBAC_AUTH_DAC_GROUP
01050 error = rsbac_replace_auth_cap(caller_pid,
01051 ACT_group_eff,
01052 RSBAC_AUTH_GROUP_F_CAP,
01053 current->gid);
01054 if(error)
01055 return error;
01056 error = rsbac_replace_auth_cap(caller_pid,
01057 ACT_group_eff,
01058 RSBAC_AUTH_DAC_GROUP_F_CAP,
01059 current->egid);
01060 if(error)
01061 return error;
01062 error = rsbac_replace_auth_cap(caller_pid,
01063 ACT_group_fs,
01064 RSBAC_AUTH_GROUP_F_CAP,
01065 current->gid);
01066 if(error)
01067 return error;
01068 error = rsbac_replace_auth_cap(caller_pid,
01069 ACT_group_fs,
01070 RSBAC_AUTH_DAC_GROUP_F_CAP,
01071 current->fsgid);
01072 if(error)
01073 return error;
01074 #endif
01075 #endif
01076
01077 #if defined(CONFIG_RSBAC_AUTH_LEARN)
01078 /* Set auth_learn to program file's auth_learn */
01079 if (rsbac_get_attr(AUTH,
01080 T_FILE,
01081 tid,
01082 A_auth_learn,
01083 &i_attr_val1,
01084 TRUE))
01085 {
01086 rsbac_ds_get_error("rsbac_adf_set_attr_auth()", A_auth_learn);
01087 return(-RSBAC_EREADFAILED);
01088 }
01089 if (rsbac_set_attr(AUTH,
01090 T_PROCESS,
01091 i_tid,
01092 A_auth_learn,
01093 i_attr_val1))
01094 {
01095 rsbac_ds_set_error("rsbac_adf_set_attr_auth()", A_auth_learn);
01096 return(-RSBAC_EWRITEFAILED);
01097 }
01098 /* remember executed file */
01099 i_attr_val1.auth_program_file = tid.file;
01100 if (rsbac_set_attr(AUTH,
01101 T_PROCESS,
01102 i_tid,
01103 A_auth_program_file,
01104 i_attr_val1))
01105 {
01106 rsbac_ds_set_error("rsbac_adf_set_attr_auth()", A_auth_program_file);
01107 return(-RSBAC_EWRITEFAILED);
01108 }
01109 /* remember caller */
01110 i_attr_val1.auth_start_uid = owner;
01111 if (rsbac_set_attr(AUTH,
01112 T_PROCESS,
01113 i_tid,
01114 A_auth_start_uid,
01115 i_attr_val1))
01116 {
01117 rsbac_ds_set_error("rsbac_adf_set_attr_auth()", A_auth_start_uid);
01118 return(-RSBAC_EWRITEFAILED);
01119 }
01120 #ifdef CONFIG_RSBAC_AUTH_DAC_OWNER
01121 i_attr_val1.auth_start_euid = current->euid;
01122 if (rsbac_set_attr(AUTH,
01123 T_PROCESS,
01124 i_tid,
01125 A_auth_start_euid,
01126 i_attr_val1))
01127 {
01128 rsbac_ds_set_error("rsbac_adf_set_attr_auth()", A_auth_start_euid);
01129 return(-RSBAC_EWRITEFAILED);
01130 }
01131 #endif
01132 #ifdef CONFIG_RSBAC_AUTH_GROUP
01133 i_attr_val1.auth_start_gid = current->gid;
01134 if (rsbac_set_attr(AUTH,
01135 T_PROCESS,
01136 i_tid,
01137 A_auth_start_gid,
01138 i_attr_val1))
01139 {
01140 rsbac_ds_set_error("rsbac_adf_set_attr_auth()", A_auth_start_gid);
01141 return(-RSBAC_EWRITEFAILED);
01142 }
01143 #ifdef CONFIG_RSBAC_AUTH_DAC_GROUP
01144 i_attr_val1.auth_start_egid = current->egid;
01145 if (rsbac_set_attr(AUTH,
01146 T_PROCESS,
01147 i_tid,
01148 A_auth_start_egid,
01149 i_attr_val1))
01150 {
01151 rsbac_ds_set_error("rsbac_adf_set_attr_auth()", A_auth_start_egid);
01152 return(-RSBAC_EWRITEFAILED);
01153 }
01154 #endif
01155 #endif
01156 #endif
01157 return 0;
01158
01159 /* all other cases are unknown */
01160 default:
01161 return 0;
01162 }
01163
01164 /* Only protect itself, if asked to by configuration */
01165 #ifdef CONFIG_RSBAC_AUTH_AUTH_PROT
01166 /* remove all file capabilities on all changing requests to files */
01167 case R_APPEND_OPEN:
01168 case R_CHANGE_GROUP:
01169 case R_DELETE:
01170 case R_LINK_HARD:
01171 case R_MODIFY_ACCESS_DATA:
01172 case R_READ_WRITE_OPEN:
01173 case R_RENAME:
01174 case R_TRUNCATE:
01175 case R_WRITE_OPEN:
01176 switch(target)
01177 {
01178 case T_FILE:
01179 /* remove cap set */
01180 if(rsbac_auth_remove_f_capsets(tid.file))
01181 {
01182 rsbac_printk(KERN_WARNING
01183 "rsbac_adf_set_attr_auth(): rsbac_auth_remove_f_capsets() returned error!\n");
01184 return(-RSBAC_EWRITEFAILED);
01185 }
01186 return(0);
01187
01188 /* all other cases are not handled */
01189 default: return(0);
01190 }
01191 #endif
01192
01193 /*********************/
01194 default: return(0);
01195 }
01196
01197 return(0);
01198 } /* end of rsbac_adf_set_attr_auth() */
|
|
||||||||||||||||||||
|
Definition at line 30 of file auth_main.c. References rsbac_auth_cap_range_t::first, rsbac_auth_cap_range_t::last, rsbac_auth_add_to_p_capset(), rsbac_auth_p_capset_member(), rsbac_auth_remove_from_p_capset(), RSBAC_EWRITEFAILED, and rsbac_printk(). Referenced by rsbac_adf_set_attr_auth(). 00034 {
00035 if(rsbac_auth_p_capset_member(caller_pid, cap_type, from))
00036 {
00037 struct rsbac_auth_cap_range_t cap_range;
00038
00039 /* remove it and set cap for 'to' */
00040 cap_range.first = to;
00041 cap_range.last = to;
00042 if (rsbac_auth_add_to_p_capset(0, caller_pid, cap_type, cap_range, 0))
00043 {
00044 rsbac_printk(KERN_WARNING
00045 "rsbac_adf_set_attr_auth(): rsbac_auth_add_to_p_capset() returned error!\n");
00046 return(-RSBAC_EWRITEFAILED);
00047 }
00048 cap_range.first = from;
00049 cap_range.last = from;
00050 if (rsbac_auth_remove_from_p_capset(0, caller_pid, cap_type, cap_range))
00051 {
00052 rsbac_printk(KERN_WARNING
00053 "rsbac_adf_set_attr_auth(): rsbac_auth_remove_from_p_capset() returned error!\n");
00054 return(-RSBAC_EWRITEFAILED);
00055 }
00056 }
00057 return 0; /* success */
00058 }
|
1.4.2