#include <linux/string.h>#include <rsbac/types.h>#include <rsbac/aci.h>#include <rsbac/adf_main.h>#include <rsbac/error.h>#include <rsbac/helpers.h>#include <rsbac/getname.h>#include <rsbac/network.h>#include <rsbac/debug.h>Go to the source code of this file.
|
||||||||||||
|
Definition at line 180 of file jail_main.c. References A_jail_role, GRANTED, JAIL, NOT_GRANTED, rsbac_get_attr, rsbac_attribute_value_t::system_role, T_USER, TRUE, and rsbac_target_id_t::user. Referenced by rsbac_adf_request_jail(). 00181 {
00182 union rsbac_target_id_t i_tid;
00183 union rsbac_attribute_value_t i_attr_val1;
00184
00185 i_tid.user = owner;
00186 if (rsbac_get_attr(JAIL,
00187 T_USER,
00188 i_tid,
00189 A_jail_role,
00190 &i_attr_val1,
00191 TRUE))
00192 {
00193 rsbac_ds_get_error("jail_check_sysrole()", A_jail_role);
00194 return(NOT_GRANTED);
00195 }
00196 /* if correct role, then grant */
00197 if (i_attr_val1.system_role == role)
00198 return(GRANTED);
00199 else
00200 return(NOT_GRANTED);
00201 }
|
|
|
Definition at line 30 of file jail_main.c. References D_char, FALSE, rsbac_dev_desc_t::major, TRUE, and rsbac_dev_desc_t::type. Referenced by rsbac_adf_request_jail(). 00031 {
00032 if(dev.type != D_char)
00033 return FALSE;
00034 if( ( (dev.major >= 2)
00035 && (dev.major <= 4)
00036 )
00037 ||( (dev.major >= 128)
00038 && (dev.major <= 143)
00039 )
00040 )
00041 return TRUE;
00042 else
00043 return FALSE;
00044 }
|
|
|
Definition at line 114 of file jail_main.c. References A_jail_flags, JAIL, rsbac_attribute_value_t::jail_flags, rsbac_target_id_t::process, rsbac_get_attr, T_PROCESS, and TRUE. Referenced by rsbac_adf_request_jail(). 00115 {
00116 int err;
00117 union rsbac_target_id_t i_tid;
00118 union rsbac_attribute_value_t i_attr_val1;
00119
00120 i_tid.process = pid;
00121 if ((err=rsbac_get_attr(JAIL,
00122 T_PROCESS,
00123 i_tid,
00124 A_jail_flags,
00125 &i_attr_val1,
00126 TRUE)))
00127 {
00128 rsbac_ds_get_error("jail_get_flags_process()", A_jail_flags);
00129 return 0;
00130 }
00131 else
00132 return i_attr_val1.jail_flags;
00133 }
|
|
||||||||||||
|
Definition at line 47 of file jail_main.c. References A_jail_id, JAIL, rsbac_attribute_value_t::jail_id, rsbac_get_attr, and TRUE. Referenced by rsbac_adf_request_jail(). 00049 {
00050 int err;
00051 union rsbac_attribute_value_t i_attr_val1;
00052
00053 if ((err=rsbac_get_attr(JAIL,
00054 target,
00055 tid,
00056 A_jail_id,
00057 &i_attr_val1,
00058 TRUE)))
00059 {
00060 rsbac_ds_get_error("jail_get_id()", A_jail_id);
00061 return 0;
00062 }
00063 else
00064 return i_attr_val1.jail_id;
00065 }
|
|
|
Definition at line 68 of file jail_main.c. References A_jail_id, JAIL, rsbac_attribute_value_t::jail_id, rsbac_target_id_t::process, rsbac_get_attr, T_PROCESS, and TRUE. Referenced by rsbac_adf_request_jail(). 00069 {
00070 int err;
00071 union rsbac_target_id_t i_tid;
00072 union rsbac_attribute_value_t i_attr_val1;
00073
00074 i_tid.process = pid;
00075 if ((err=rsbac_get_attr(JAIL,
00076 T_PROCESS,
00077 i_tid,
00078 A_jail_id,
00079 &i_attr_val1,
00080 TRUE)))
00081 {
00082 rsbac_ds_get_error("jail_get_id_process()", A_jail_id);
00083 return 0;
00084 }
00085 else
00086 return i_attr_val1.jail_id;
00087 }
|
|
|
Definition at line 136 of file jail_main.c. References A_jail_scd_get, JAIL, rsbac_attribute_value_t::jail_scd_get, rsbac_target_id_t::process, rsbac_get_attr, T_PROCESS, and TRUE. Referenced by rsbac_adf_request_jail(). 00137 {
00138 int err;
00139 union rsbac_target_id_t i_tid;
00140 union rsbac_attribute_value_t i_attr_val1;
00141
00142 i_tid.process = pid;
00143 if ((err=rsbac_get_attr(JAIL,
00144 T_PROCESS,
00145 i_tid,
00146 A_jail_scd_get,
00147 &i_attr_val1,
00148 TRUE)))
00149 {
00150 rsbac_ds_get_error("jail_get_flags_process()", A_jail_scd_get);
00151 return 0;
00152 }
00153 else
00154 return i_attr_val1.jail_scd_get;
00155 }
|
|
|
Definition at line 158 of file jail_main.c. References A_jail_scd_modify, JAIL, rsbac_attribute_value_t::jail_scd_modify, rsbac_target_id_t::process, rsbac_get_attr, T_PROCESS, and TRUE. Referenced by rsbac_adf_request_jail(). 00159 {
00160 int err;
00161 union rsbac_target_id_t i_tid;
00162 union rsbac_attribute_value_t i_attr_val1;
00163
00164 i_tid.process = pid;
00165 if ((err=rsbac_get_attr(JAIL,
00166 T_PROCESS,
00167 i_tid,
00168 A_jail_scd_modify,
00169 &i_attr_val1,
00170 TRUE)))
00171 {
00172 rsbac_ds_get_error("jail_get_flags_process()", A_jail_scd_modify);
00173 return 0;
00174 }
00175 else
00176 return i_attr_val1.jail_scd_modify;
00177 }
|
|
||||||||||||||||||||||||||||||||
|
Definition at line 367 of file jail_main.c. References A_jail_flags, A_jail_id, A_jail_ip, A_jail_max_caps, A_jail_role, A_none, A_system_role, rsbac_target_id_t::dev, DO_NOT_CARE, FREEZE, GRANTED, JAIL, JAIL_allow_all_net_family, JAIL_allow_dev_get_status, JAIL_allow_dev_mod_system, JAIL_allow_dev_read, JAIL_allow_dev_write, JAIL_allow_external_ipc, JAIL_allow_inet_raw, JAIL_allow_tty_open, jail_check_sysrole(), jail_dev_tty(), jail_get_flags_process(), jail_get_id(), jail_get_id_process(), jail_get_scd_get_process(), jail_get_scd_modify_process(), rsbac_target_id_t::netobj, NOT_GRANTED, rsbac_target_id_t::process, R_ACCEPT, R_ADD_TO_KERNEL, R_ALTER, R_APPEND_OPEN, R_BIND, R_CLOSE, R_CONNECT, R_CREATE, R_DELETE, R_GET_PERMISSIONS_DATA, R_GET_STATUS_DATA, R_LISTEN, R_MODIFY_ATTRIBUTE, R_MODIFY_PERMISSIONS_DATA, R_MODIFY_SYSTEM_DATA, R_MOUNT, R_READ, R_READ_ATTRIBUTE, R_READ_OPEN, R_READ_WRITE_OPEN, R_RECEIVE, R_REMOVE_FROM_KERNEL, R_SEND, R_SEND_SIGNAL, R_SHUTDOWN, R_SWITCH_LOG, R_SWITCH_MODULE, R_TRACE, R_UMOUNT, R_WRITE, R_WRITE_OPEN, rsbac_printk(), RSBAC_SCD_VECTOR, rsbac_target_id_t::scd, rsbac_net_obj_desc_t::sock_p, SOFTMODE, SR_administrator, SR_security_officer, T_DEV, T_DIR, T_FIFO, T_FILE, T_IPC, T_NETDEV, T_NETOBJ, T_NETTEMP, T_NONE, T_PROCESS, T_SCD, T_SYMLINK, and UNDEFINED. Referenced by rsbac_adf_request_int(). 00374 {
00375 rsbac_jail_id_t jail_id;
00376 rsbac_jail_flags_t jail_flags;
00377
00378 switch (request)
00379 {
00380 case R_ADD_TO_KERNEL:
00381 case R_REMOVE_FROM_KERNEL:
00382 switch(target)
00383 {
00384 case T_FILE:
00385 case T_DEV:
00386 case T_NONE:
00387 if(jail_get_id_process(caller_pid))
00388 return NOT_GRANTED;
00389 else
00390 return GRANTED;
00391
00392 /* all other cases are unknown */
00393 default:
00394 return(DO_NOT_CARE);
00395 }
00396 case R_SHUTDOWN:
00397 switch(target)
00398 {
00399 case T_NONE:
00400 if(jail_get_id_process(caller_pid))
00401 return NOT_GRANTED;
00402 else
00403 return GRANTED;
00404
00405 /* all other cases are unknown */
00406 default:
00407 return(DO_NOT_CARE);
00408 }
00409 case R_ALTER:
00410 switch(target)
00411 {
00412 case T_IPC:
00413 jail_id = jail_get_id_process(caller_pid);
00414 if( !jail_id
00415 || (jail_id == jail_get_id(target,tid))
00416 || (jail_get_flags_process(caller_pid) & JAIL_allow_external_ipc)
00417 )
00418 return GRANTED;
00419 else
00420 return NOT_GRANTED;
00421
00422 /* all other cases are unknown */
00423 default: return(DO_NOT_CARE);
00424 }
00425
00426 case R_APPEND_OPEN:
00427 case R_WRITE_OPEN:
00428 switch(target)
00429 {
00430 case T_DEV:
00431 if(jail_get_id_process(caller_pid))
00432 {
00433 jail_flags = jail_get_flags_process(caller_pid);
00434 if(!(jail_flags & JAIL_allow_dev_write))
00435 return NOT_GRANTED;
00436 else
00437 if( jail_dev_tty(tid.dev)
00438 && !(jail_flags & JAIL_allow_tty_open)
00439 )
00440 return NOT_GRANTED;
00441 else
00442 return GRANTED;
00443 }
00444 else
00445 return GRANTED;
00446
00447 case T_IPC:
00448 jail_id = jail_get_id_process(caller_pid);
00449 if( !jail_id
00450 || (jail_id == jail_get_id(target,tid))
00451 || (jail_get_flags_process(caller_pid) & JAIL_allow_external_ipc)
00452 )
00453 return GRANTED;
00454 else
00455 return NOT_GRANTED;
00456
00457 /* all other cases are unknown */
00458 default: return(DO_NOT_CARE);
00459 }
00460
00461 case R_MOUNT:
00462 case R_UMOUNT:
00463 switch(target)
00464 {
00465 case T_FILE:
00466 case T_DIR:
00467 case T_DEV:
00468 if(jail_get_id_process(caller_pid))
00469 return NOT_GRANTED;
00470 else
00471 return GRANTED;
00472
00473 /* all other cases are unknown */
00474 default:
00475 return(DO_NOT_CARE);
00476 }
00477 case R_READ_OPEN:
00478 switch(target)
00479 {
00480 case T_DEV:
00481 if(jail_get_id_process(caller_pid))
00482 {
00483 jail_flags = jail_get_flags_process(caller_pid);
00484 if(!(jail_flags & JAIL_allow_dev_read))
00485 return NOT_GRANTED;
00486 else
00487 if( jail_dev_tty(tid.dev)
00488 && !(jail_flags & JAIL_allow_tty_open)
00489 )
00490 return NOT_GRANTED;
00491 else
00492 return GRANTED;
00493 }
00494 else
00495 return GRANTED;
00496
00497 case T_IPC:
00498 jail_id = jail_get_id_process(caller_pid);
00499 if( !jail_id
00500 || (jail_id == jail_get_id(target,tid))
00501 || (jail_get_flags_process(caller_pid) & JAIL_allow_external_ipc)
00502 )
00503 return GRANTED;
00504 else
00505 return NOT_GRANTED;
00506
00507 /* all other cases are unknown */
00508 default: return(DO_NOT_CARE);
00509 }
00510
00511 case R_READ_WRITE_OPEN:
00512 switch(target)
00513 {
00514 case T_DEV:
00515 if(jail_get_id_process(caller_pid))
00516 {
00517 jail_flags = jail_get_flags_process(caller_pid);
00518 if( !(jail_flags & JAIL_allow_dev_read)
00519 || !(jail_flags & JAIL_allow_dev_write)
00520 )
00521 return NOT_GRANTED;
00522 else
00523 if( jail_dev_tty(tid.dev)
00524 && !(jail_flags & JAIL_allow_tty_open)
00525 )
00526 return NOT_GRANTED;
00527 else
00528 return GRANTED;
00529 }
00530 else
00531 return GRANTED;
00532
00533 case T_IPC:
00534 jail_id = jail_get_id_process(caller_pid);
00535 if( !jail_id
00536 || (jail_id == jail_get_id(target,tid))
00537 || (jail_get_flags_process(caller_pid) & JAIL_allow_external_ipc)
00538 )
00539 return GRANTED;
00540 else
00541 return NOT_GRANTED;
00542
00543 /* all other cases are unknown */
00544 default: return(DO_NOT_CARE);
00545 }
00546
00547 case R_CREATE:
00548 switch(target)
00549 {
00550 case T_DIR:
00551 if(!jail_get_id_process(caller_pid))
00552 return GRANTED;
00553 /* no mknod for devices or suid/sgid */
00554 if( (attr == A_create_data)
00555 && ( S_ISCHR(attr_val.create_data.mode)
00556 || S_ISBLK(attr_val.create_data.mode)
00557 || (attr_val.create_data.mode & (S_ISUID | S_ISGID))
00558 )
00559 )
00560 return NOT_GRANTED;
00561 else
00562 return GRANTED;
00563
00564 case T_IPC:
00565 return GRANTED;
00566
00567 #ifdef CONFIG_RSBAC_NET_OBJ
00568 case T_NETTEMP:
00569 if(!jail_get_id_process(caller_pid))
00570 return GRANTED;
00571 else
00572 return NOT_GRANTED;
00573
00574 case T_NETOBJ:
00575 if(!jail_get_id_process(caller_pid))
00576 return GRANTED;
00577 if(!tid.netobj.sock_p)
00578 {
00579 rsbac_printk(KERN_WARNING
00580 "rsbac_adf_request_jail(): NULL sock_p on CREATE!\n");
00581 return NOT_GRANTED;
00582 }
00583 if(!tid.netobj.sock_p->ops)
00584 {
00585 return DO_NOT_CARE;
00586 }
00587 switch(tid.netobj.sock_p->ops->family)
00588 {
00589 case AF_UNIX:
00590 return(GRANTED);
00591
00592 case AF_INET:
00593 switch(tid.netobj.sock_p->type)
00594 {
00595 case SOCK_STREAM:
00596 case SOCK_DGRAM:
00597 case SOCK_RDM:
00598 if( tid.netobj.sock_p->sk
00599 #if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,0)
00600 && (tid.netobj.sock_p->sk->sk_protocol == IPPROTO_RAW)
00601 #else
00602 && (tid.netobj.sock_p->sk->protocol == IPPROTO_RAW)
00603 #endif
00604 )
00605 {
00606 jail_flags = jail_get_flags_process(caller_pid);
00607 if(jail_flags & JAIL_allow_inet_raw)
00608 return(GRANTED);
00609 else
00610 return NOT_GRANTED;
00611 }
00612 else
00613 return GRANTED;
00614
00615 case SOCK_RAW:
00616 jail_flags = jail_get_flags_process(caller_pid);
00617 if(jail_flags & JAIL_allow_inet_raw)
00618 return(GRANTED);
00619 else
00620 return NOT_GRANTED;
00621
00622 default:
00623 return(NOT_GRANTED);
00624 }
00625
00626 default:
00627 jail_flags = jail_get_flags_process(caller_pid);
00628 if(jail_flags & JAIL_allow_all_net_family)
00629 return(GRANTED);
00630 else
00631 return(NOT_GRANTED);
00632 }
00633 #endif
00634
00635 /* all other cases are unknown */
00636 default: return(DO_NOT_CARE);
00637 }
00638
00639 case R_DELETE:
00640 switch(target)
00641 {
00642 case T_IPC:
00643 jail_id = jail_get_id_process(caller_pid);
00644 if( !jail_id
00645 || (jail_id == jail_get_id(target,tid))
00646 || (jail_get_flags_process(caller_pid) & JAIL_allow_external_ipc)
00647 )
00648 return GRANTED;
00649 else
00650 return NOT_GRANTED;
00651
00652 #ifdef CONFIG_RSBAC_NET_OBJ
00653 case T_NETTEMP:
00654 if(!jail_get_id_process(caller_pid))
00655 return GRANTED;
00656 else
00657 return NOT_GRANTED;
00658 #endif
00659 /* all other cases are unknown */
00660 default: return(DO_NOT_CARE);
00661 }
00662
00663 case R_MODIFY_ATTRIBUTE:
00664 switch(attr)
00665 {
00666 case A_system_role:
00667 case A_jail_role:
00668 case A_jail_id:
00669 case A_jail_ip:
00670 case A_jail_flags:
00671 case A_jail_max_caps:
00672 /* All attributes (remove target!) */
00673 case A_none:
00674 if(jail_get_id_process(caller_pid))
00675 return NOT_GRANTED;
00676
00677 /* Security Officer? */
00678 return jail_check_sysrole(owner, SR_security_officer);
00679
00680 default:
00681 return(DO_NOT_CARE);
00682 }
00683
00684 case R_READ_ATTRIBUTE:
00685 switch(attr)
00686 {
00687 case A_system_role:
00688 case A_jail_role:
00689 case A_jail_id:
00690 case A_jail_ip:
00691 case A_jail_flags:
00692 case A_jail_max_caps:
00693 /* All attributes (remove target!) */
00694 case A_none:
00695 if(jail_get_id_process(caller_pid))
00696 return NOT_GRANTED;
00697
00698 /* Security Officer? */
00699 if(jail_check_sysrole(owner, SR_administrator) == NOT_GRANTED)
00700 return jail_check_sysrole(owner, SR_security_officer);
00701 else
00702 return GRANTED;
00703
00704 default:
00705 return(DO_NOT_CARE);
00706 }
00707
00708 case R_SEND_SIGNAL:
00709 case R_TRACE:
00710 if (target == T_PROCESS)
00711 {
00712 jail_id = jail_get_id_process(caller_pid);
00713 if( !jail_id
00714 || (jail_id == jail_get_id(target,tid))
00715 )
00716 return GRANTED;
00717 else
00718 return NOT_GRANTED;
00719 }
00720 else
00721 return(DO_NOT_CARE);
00722
00723 #if defined(CONFIG_RSBAC_NET_OBJ)
00724 case R_GET_PERMISSIONS_DATA:
00725 switch(target)
00726 {
00727 case T_NETOBJ:
00728 if(!jail_get_id_process(caller_pid))
00729 return GRANTED;
00730 return(jail_check_ip(caller_pid, tid));
00731
00732 /* all other cases are unknown */
00733 default: return(DO_NOT_CARE);
00734 }
00735 #endif
00736
00737 case R_MODIFY_PERMISSIONS_DATA:
00738 switch(target)
00739 {
00740 /* no setting of suid/sgid flags for jailed processes */
00741 case T_FILE:
00742 case T_DIR:
00743 case T_FIFO:
00744 case T_SYMLINK:
00745 if( jail_get_id_process(caller_pid)
00746 && (attr == A_mode)
00747 && (attr_val.mode & (S_ISUID | S_ISGID))
00748 )
00749 return NOT_GRANTED;
00750 else
00751 return GRANTED;
00752
00753 case T_IPC:
00754 jail_id = jail_get_id_process(caller_pid);
00755 if( !jail_id
00756 || (jail_id == jail_get_id(target,tid))
00757 || (jail_get_flags_process(caller_pid) & JAIL_allow_external_ipc)
00758 )
00759 return GRANTED;
00760 else
00761 return NOT_GRANTED;
00762
00763 case T_SCD:
00764 #ifdef CONFIG_RSBAC_ALLOW_DAC_DISABLE
00765 /* switching Linux DAC */
00766 case T_NONE:
00767 #endif
00768 if(jail_get_id_process(caller_pid))
00769 return NOT_GRANTED;
00770 else
00771 return GRANTED;
00772
00773 #if defined(CONFIG_RSBAC_NET_OBJ)
00774 case T_NETOBJ:
00775 if(!jail_get_id_process(caller_pid))
00776 return GRANTED;
00777 return(jail_check_ip(caller_pid, tid));
00778 #endif
00779
00780 /* all other cases are unknown */
00781 default: return(DO_NOT_CARE);
00782 }
00783
00784 case R_GET_STATUS_DATA:
00785 switch(target)
00786 {
00787 case T_PROCESS:
00788 jail_id = jail_get_id_process(caller_pid);
00789 if( !jail_id
00790 || (jail_id == jail_get_id(target,tid))
00791 )
00792 return GRANTED;
00793 else
00794 return NOT_GRANTED;
00795
00796 case T_IPC:
00797 jail_id = jail_get_id_process(caller_pid);
00798 if( !jail_id
00799 || (jail_id == jail_get_id(target,tid))
00800 || (jail_get_flags_process(caller_pid) & JAIL_allow_external_ipc)
00801 )
00802 return GRANTED;
00803 else
00804 return NOT_GRANTED;
00805
00806 case T_SCD:
00807 if(jail_get_id_process(caller_pid))
00808 {
00809 if(jail_get_scd_get_process(caller_pid) & RSBAC_SCD_VECTOR(tid.scd))
00810 return GRANTED;
00811 else
00812 return NOT_GRANTED;
00813 }
00814 else
00815 return GRANTED;
00816
00817 case T_DEV:
00818 if( jail_get_id_process(caller_pid)
00819 && !(jail_get_flags_process(caller_pid) & JAIL_allow_dev_get_status)
00820 )
00821 return NOT_GRANTED;
00822 else
00823 return GRANTED;
00824
00825 #if defined(CONFIG_RSBAC_NET_OBJ)
00826 case T_NETOBJ:
00827 if(!jail_get_id_process(caller_pid))
00828 return GRANTED;
00829 return(jail_check_ip(caller_pid, tid));
00830 #endif
00831
00832 /* all other cases are unknown */
00833 default: return(DO_NOT_CARE);
00834 }
00835
00836 case R_MODIFY_SYSTEM_DATA:
00837 switch(target)
00838 {
00839 case T_SCD:
00840 if(jail_get_id_process(caller_pid))
00841 {
00842 if(jail_get_scd_modify_process(caller_pid) & RSBAC_SCD_VECTOR(tid.scd))
00843 return(GRANTED);
00844 else
00845 return NOT_GRANTED;
00846 }
00847 else
00848 return GRANTED;
00849
00850 case T_PROCESS:
00851 jail_id = jail_get_id_process(caller_pid);
00852 if(!jail_id)
00853 return GRANTED;
00854 if( attr == A_kernel_thread
00855 && (attr_val.kernel_thread)
00856 )
00857 return NOT_GRANTED;
00858 if(jail_id != jail_get_id(target,tid))
00859 return NOT_GRANTED;
00860 return GRANTED;
00861
00862 case T_DEV:
00863 if( jail_get_id_process(caller_pid)
00864 && !(jail_get_flags_process(caller_pid) & JAIL_allow_dev_mod_system)
00865 )
00866 return NOT_GRANTED;
00867 else
00868 return GRANTED;
00869
00870 #ifdef CONFIG_RSBAC_JAIL_NET_DEV_PROT
00871 case T_NETDEV:
00872 if(jail_get_id_process(caller_pid))
00873 return NOT_GRANTED;
00874 else
00875 return GRANTED;
00876 #endif
00877
00878 /* all other cases are unknown */
00879 default: return(DO_NOT_CARE);
00880 }
00881
00882 case R_READ:
00883 switch(target)
00884 {
00885 #ifdef CONFIG_RSBAC_RW
00886 case T_IPC:
00887 jail_id = jail_get_id_process(caller_pid);
00888 if( !jail_id
00889 || (jail_id == jail_get_id(target,tid))
00890 || (jail_get_flags_process(caller_pid) & JAIL_allow_external_ipc)
00891 )
00892 return GRANTED;
00893 else
00894 return NOT_GRANTED;
00895 #endif
00896 case T_DEV:
00897 if( jail_get_id_process(caller_pid)
00898 && !(jail_get_flags_process(caller_pid) & JAIL_allow_dev_read)
00899 )
00900 return NOT_GRANTED;
00901 else
00902 return GRANTED;
00903 #if defined(CONFIG_RSBAC_NET_OBJ)
00904 case T_NETTEMP:
00905 if(jail_get_id_process(caller_pid))
00906 return NOT_GRANTED;
00907 if(jail_check_sysrole(owner, SR_security_officer) == GRANTED)
00908 return GRANTED;
00909 return jail_check_sysrole(owner, SR_administrator);
00910
00911 case T_NETOBJ:
00912 if(!jail_get_id_process(caller_pid))
00913 return GRANTED;
00914 return(jail_check_ip(caller_pid, tid));
00915 #endif
00916
00917 /* all other cases */
00918 default: return(DO_NOT_CARE);
00919 }
00920
00921 case R_SWITCH_LOG:
00922 switch(target)
00923 {
00924 case T_NONE:
00925 if(jail_get_id_process(caller_pid))
00926 return NOT_GRANTED;
00927 /* test owner's fc_role */
00928 return jail_check_sysrole(owner, SR_security_officer);
00929
00930 /* all other cases are unknown */
00931 default: return(DO_NOT_CARE);
00932 }
00933
00934 case R_SWITCH_MODULE:
00935 switch(target)
00936 {
00937 case T_NONE:
00938 /* we need the switch_target */
00939 if(attr != A_switch_target)
00940 return(UNDEFINED);
00941 /* do not care for other modules */
00942 if( (attr_val.switch_target != JAIL)
00943 #ifdef CONFIG_RSBAC_SOFTMODE
00944 && (attr_val.switch_target != SOFTMODE)
00945 #endif
00946 #ifdef CONFIG_RSBAC_FREEZE
00947 && (attr_val.switch_target != FREEZE)
00948 #endif
00949 )
00950 return(DO_NOT_CARE);
00951 if(jail_get_id_process(caller_pid))
00952 return NOT_GRANTED;
00953 /* test owner's fc_role */
00954 return jail_check_sysrole(owner, SR_security_officer);
00955
00956 /* all other cases are unknown */
00957 default: return(DO_NOT_CARE);
00958 }
00959
00960 case R_WRITE:
00961 switch(target)
00962 {
00963 #ifdef CONFIG_RSBAC_RW
00964 case T_IPC:
00965 jail_id = jail_get_id_process(caller_pid);
00966 if( !jail_id
00967 || (jail_id == jail_get_id(target,tid))
00968 || (jail_get_flags_process(caller_pid) & JAIL_allow_external_ipc)
00969 )
00970 return GRANTED;
00971 else
00972 return NOT_GRANTED;
00973 #endif
00974 case T_DEV:
00975 if( jail_get_id_process(caller_pid)
00976 && !(jail_get_flags_process(caller_pid) & JAIL_allow_dev_write)
00977 )
00978 return NOT_GRANTED;
00979 else
00980 return GRANTED;
00981 #if defined(CONFIG_RSBAC_NET_OBJ)
00982 case T_NETTEMP:
00983 if(jail_get_id_process(caller_pid))
00984 return NOT_GRANTED;
00985 return DO_NOT_CARE;
00986
00987 case T_NETOBJ:
00988 if(!jail_get_id_process(caller_pid))
00989 return GRANTED;
00990 return(jail_check_ip(caller_pid, tid));
00991 #endif
00992
00993 /* all other cases are unknown */
00994 default: return(DO_NOT_CARE);
00995 }
00996
00997 #ifdef CONFIG_RSBAC_NET
00998 case R_BIND:
00999 switch(target)
01000 {
01001 #ifdef CONFIG_RSBAC_JAIL_NET_DEV_PROT
01002 case T_NETDEV:
01003 if(jail_get_id_process(caller_pid))
01004 return NOT_GRANTED;
01005 else
01006 return GRANTED;
01007 #endif
01008 #ifdef CONFIG_RSBAC_NET_OBJ
01009 case T_NETOBJ:
01010 if(!jail_get_id_process(caller_pid))
01011 return GRANTED;
01012 return(jail_check_ip(caller_pid, tid));
01013 #endif
01014 /* all other cases are unknown */
01015 default:
01016 return(DO_NOT_CARE);
01017 }
01018 #endif
01019
01020 case R_SEND:
01021 switch(target)
01022 {
01023 case T_DEV:
01024 if(jail_get_id_process(caller_pid))
01025 return NOT_GRANTED;
01026 else
01027 return GRANTED;
01028
01029 #ifdef CONFIG_RSBAC_NET_OBJ
01030 case T_NETOBJ:
01031 if(!jail_get_id_process(caller_pid))
01032 return GRANTED;
01033 #if defined(CONFIG_RSBAC_NET_OBJ_UNIX)
01034 if( tid.netobj.sock_p
01035 && tid.netobj.sock_p->ops
01036 && (tid.netobj.sock_p->ops->family == AF_UNIX)
01037 && tid.netobj.sock_p->sk
01038 #if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,0)
01039 && tid.netobj.sock_p->sk->sk_peercred.pid
01040 #else
01041 && tid.netobj.sock_p->sk->peercred.pid
01042 #endif
01043 )
01044 {
01045 union rsbac_target_id_t i_tid;
01046
01047 #if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,0)
01048 i_tid.process = tid.netobj.sock_p->sk->sk_peercred.pid;
01049 #else
01050 i_tid.process = tid.netobj.sock_p->sk->peercred.pid;
01051 #endif
01052 jail_id = jail_get_id_process(caller_pid);
01053 if( !jail_id
01054 || (jail_id == jail_get_id(T_PROCESS,i_tid))
01055 )
01056 return GRANTED;
01057 else
01058 if(jail_get_flags_process(caller_pid) & JAIL_allow_external_ipc)
01059 return GRANTED;
01060 else
01061 return NOT_GRANTED;
01062 }
01063 else
01064 #endif
01065 return(jail_check_ip(caller_pid, tid));
01066 #endif /* NET_OBJ */
01067
01068 /* all other cases are unknown */
01069 default:
01070 return(DO_NOT_CARE);
01071 }
01072
01073 #ifdef CONFIG_RSBAC_NET_OBJ
01074 case R_CONNECT:
01075 case R_LISTEN:
01076 case R_ACCEPT:
01077 case R_RECEIVE:
01078 switch(target)
01079 {
01080 case T_NETOBJ:
01081 if(!jail_get_id_process(caller_pid))
01082 return GRANTED;
01083 #if defined(CONFIG_RSBAC_NET_OBJ_UNIX)
01084 if( tid.netobj.sock_p
01085 && tid.netobj.sock_p->ops
01086 && (tid.netobj.sock_p->ops->family == AF_UNIX)
01087 && tid.netobj.sock_p->sk
01088 #if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,0)
01089 && tid.netobj.sock_p->sk->sk_peercred.pid
01090 #else
01091 && tid.netobj.sock_p->sk->peercred.pid
01092 #endif
01093 )
01094 {
01095 union rsbac_target_id_t i_tid;
01096
01097 #if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,0)
01098 i_tid.process = tid.netobj.sock_p->sk->sk_peercred.pid;
01099 #else
01100 i_tid.process = tid.netobj.sock_p->sk->peercred.pid;
01101 #endif
01102 jail_id = jail_get_id_process(caller_pid);
01103 if( !jail_id
01104 || (jail_id == jail_get_id(T_PROCESS,i_tid))
01105 )
01106 return GRANTED;
01107 else
01108 if(jail_get_flags_process(caller_pid) & JAIL_allow_external_ipc)
01109 return GRANTED;
01110 else
01111 return NOT_GRANTED;
01112 }
01113 else
01114 #endif
01115 return(jail_check_ip(caller_pid, tid));
01116
01117 /* all other cases are unknown */
01118 default:
01119 return(DO_NOT_CARE);
01120 }
01121 #endif
01122
01123 case R_CLOSE:
01124 return DO_NOT_CARE;
01125
01126 default:
01127 /* only for IPC */
01128 switch(target)
01129 {
01130 case T_IPC:
01131 jail_id = jail_get_id_process(caller_pid);
01132 if( !jail_id
01133 || (jail_id == jail_get_id(target,tid))
01134 || (jail_get_flags_process(caller_pid) & JAIL_allow_external_ipc)
01135 )
01136 return GRANTED;
01137 else
01138 return NOT_GRANTED;
01139
01140 /* all other cases are unknown */
01141 default: return(DO_NOT_CARE);
01142 }
01143 }
01144 } /* end of rsbac_adf_request_jail() */
|
|
||||||||||||||||||||||||||||||||||||||||
|
Definition at line 1157 of file jail_main.c. References A_jail_flags, A_jail_id, A_jail_ip, A_jail_max_caps, A_jail_scd_get, A_jail_scd_modify, FALSE, JAIL, JAIL_auto_adjust_inet_any, rsbac_attribute_value_t::jail_flags, rsbac_attribute_value_t::jail_ip, rsbac_attribute_value_t::jail_max_caps, rsbac_target_id_t::netobj, rsbac_target_id_t::process, R_BIND, R_CHANGE_OWNER, R_CLONE, R_CREATE, R_EXECUTE, RSBAC_EINVALIDATTR, RSBAC_EREADFAILED, RSBAC_EWRITEFAILED, rsbac_get_attr, rsbac_printk(), rsbac_set_attr, rsbac_net_obj_desc_t::sock_p, T_FILE, T_IPC, T_NETOBJ, T_PROCESS, and TRUE. Referenced by rsbac_adf_set_attr(). 01167 {
01168 #ifdef CONFIG_RSBAC_JAIL_NET_ADJUST
01169 int err;
01170 #endif
01171 union rsbac_target_id_t i_tid;
01172 union rsbac_attribute_value_t i_attr_val1;
01173 union rsbac_attribute_value_t i_attr_val2;
01174
01175 switch (request)
01176 {
01177 case R_CHANGE_OWNER:
01178 switch(target)
01179 {
01180 case T_PROCESS:
01181 if(attr != A_owner)
01182 return(-RSBAC_EINVALIDATTR);
01183 /* Adjust Linux caps */
01184 i_tid.process = caller_pid;
01185 #ifdef CONFIG_RSBAC_SOFTMODE
01186 if(!rsbac_softmode)
01187 #endif
01188 {
01189 if (rsbac_get_attr(JAIL,
01190 T_PROCESS,
01191 i_tid,
01192 A_jail_max_caps,
01193 &i_attr_val1,
01194 FALSE))
01195 {
01196 rsbac_ds_get_error("rsbac_adf_set_attr_jail()", A_jail_max_caps);
01197 }
01198 else
01199 {
01200 extern spinlock_t task_capability_lock;
01201
01202 /* set caps for process */
01203 spin_lock(&task_capability_lock);
01204 current->cap_permitted &= i_attr_val1.jail_max_caps;
01205 current->cap_effective &= i_attr_val1.jail_max_caps;
01206 current->cap_inheritable &= i_attr_val1.jail_max_caps;
01207 spin_unlock(&task_capability_lock);
01208 }
01209 }
01210 return 0;
01211
01212 /* all other cases are unknown */
01213 default:
01214 return(0);
01215 }
01216
01217 case R_CLONE:
01218 if (target == T_PROCESS)
01219 {
01220 union rsbac_attribute_value_t i_attr_val3;
01221 union rsbac_attribute_value_t i_attr_val4;
01222 union rsbac_attribute_value_t i_attr_val5;
01223 union rsbac_attribute_value_t i_attr_val6;
01224
01225 /* Get jail_id from first process */
01226 if (rsbac_get_attr(JAIL,
01227 T_PROCESS,
01228 tid,
01229 A_jail_id,
01230 &i_attr_val1,
01231 FALSE))
01232 {
01233 rsbac_ds_get_error("rsbac_adf_set_attr_jail()", A_jail_id);
01234 return(-RSBAC_EREADFAILED);
01235 }
01236 /* Get jail_ip from first process */
01237 if (rsbac_get_attr(JAIL,
01238 T_PROCESS,
01239 tid,
01240 A_jail_ip,
01241 &i_attr_val2,
01242 FALSE))
01243 {
01244 rsbac_ds_get_error("rsbac_adf_set_attr_jail()", A_jail_ip);
01245 return(-RSBAC_EREADFAILED);
01246 }
01247 /* Get jail_flags from first process */
01248 if (rsbac_get_attr(JAIL,
01249 T_PROCESS,
01250 tid,
01251 A_jail_flags,
01252 &i_attr_val3,
01253 FALSE))
01254 {
01255 rsbac_ds_get_error("rsbac_adf_set_attr_jail()", A_jail_flags);
01256 return(-RSBAC_EREADFAILED);
01257 }
01258 /* Get jail_max_caps from first process */
01259 if (rsbac_get_attr(JAIL,
01260 T_PROCESS,
01261 tid,
01262 A_jail_max_caps,
01263 &i_attr_val4,
01264 FALSE))
01265 {
01266 rsbac_ds_get_error("rsbac_adf_set_attr_jail()", A_jail_max_caps);
01267 return(-RSBAC_EREADFAILED);
01268 }
01269 /* Get jail_scd_get from first process */
01270 if (rsbac_get_attr(JAIL,
01271 T_PROCESS,
01272 tid,
01273 A_jail_scd_get,
01274 &i_attr_val5,
01275 FALSE))
01276 {
01277 rsbac_ds_get_error("rsbac_adf_set_attr_jail()", A_jail_scd_get);
01278 return(-RSBAC_EREADFAILED);
01279 }
01280 /* Get jail_scd_modify from first process */
01281 if (rsbac_get_attr(JAIL,
01282 T_PROCESS,
01283 tid,
01284 A_jail_scd_modify,
01285 &i_attr_val6,
01286 FALSE))
01287 {
01288 rsbac_ds_get_error("rsbac_adf_set_attr_jail()", A_jail_scd_modify);
01289 return(-RSBAC_EREADFAILED);
01290 }
01291 /* Set jail_id for new process */
01292 if (rsbac_set_attr(JAIL,
01293 T_PROCESS,
01294 new_tid,
01295 A_jail_id,
01296 i_attr_val1))
01297 {
01298 rsbac_ds_set_error("rsbac_adf_set_attr_jail()", A_jail_id);
01299 return(-RSBAC_EWRITEFAILED);
01300 }
01301 /* Set jail_ip for new process */
01302 if (rsbac_set_attr(JAIL,
01303 T_PROCESS,
01304 new_tid,
01305 A_jail_ip,
01306 i_attr_val2))
01307 {
01308 rsbac_ds_set_error("rsbac_adf_set_attr_jail()", A_jail_ip);
01309 return(-RSBAC_EWRITEFAILED);
01310 }
01311 /* Set jail_flags for new process */
01312 if (rsbac_set_attr(JAIL,
01313 T_PROCESS,
01314 new_tid,
01315 A_jail_flags,
01316 i_attr_val3))
01317 {
01318 rsbac_ds_set_error("rsbac_adf_set_attr_jail()", A_jail_flags);
01319 return(-RSBAC_EWRITEFAILED);
01320 }
01321 /* Set jail_max_caps for new process */
01322 if (rsbac_set_attr(JAIL,
01323 T_PROCESS,
01324 new_tid,
01325 A_jail_max_caps,
01326 i_attr_val4))
01327 {
01328 rsbac_ds_set_error("rsbac_adf_set_attr_jail()", A_jail_max_caps);
01329 return(-RSBAC_EWRITEFAILED);
01330 }
01331 /* Set jail_scd_get for new process */
01332 if (rsbac_set_attr(JAIL,
01333 T_PROCESS,
01334 new_tid,
01335 A_jail_scd_get,
01336 i_attr_val5))
01337 {
01338 rsbac_ds_set_error("rsbac_adf_set_attr_jail()", A_jail_scd_get);
01339 return(-RSBAC_EWRITEFAILED);
01340 }
01341 /* Set jail_scd_modify for new process */
01342 if (rsbac_set_attr(JAIL,
01343 T_PROCESS,
01344 new_tid,
01345 A_jail_scd_modify,
01346 i_attr_val6))
01347 {
01348 rsbac_ds_set_error("rsbac_adf_set_attr_jail()", A_jail_scd_modify);
01349 return(-RSBAC_EWRITEFAILED);
01350 }
01351 return(0);
01352 }
01353 else
01354 return(0);
01355
01356 case R_EXECUTE:
01357 switch(target)
01358 {
01359 case T_FILE:
01360 /* Adjust Linux caps */
01361 i_tid.process = caller_pid;
01362 #ifdef CONFIG_RSBAC_SOFTMODE
01363 if(!rsbac_softmode)
01364 #endif
01365 {
01366 if (rsbac_get_attr(JAIL,
01367 T_PROCESS,
01368 i_tid,
01369 A_jail_max_caps,
01370 &i_attr_val1,
01371 FALSE))
01372 {
01373 rsbac_ds_get_error("rsbac_adf_set_attr_jail()", A_jail_max_caps);
01374 }
01375 else
01376 {
01377 extern spinlock_t task_capability_lock;
01378
01379 /* set caps for process */
01380 spin_lock(&task_capability_lock);
01381 current->cap_permitted &= i_attr_val1.jail_max_caps;
01382 current->cap_effective &= i_attr_val1.jail_max_caps;
01383 current->cap_inheritable &= i_attr_val1.jail_max_caps;
01384 spin_unlock(&task_capability_lock);
01385 }
01386 }
01387 return 0;
01388
01389 /* all other cases are unknown */
01390 default:
01391 return(0);
01392 }
01393
01394 case R_CREATE:
01395 if (target == T_IPC)
01396 {
01397 /* Get jail_id from process */
01398 i_tid.process = caller_pid;
01399 if (rsbac_get_attr(JAIL,
01400 T_PROCESS,
01401 i_tid,
01402 A_jail_id,
01403 &i_attr_val1,
01404 FALSE))
01405 {
01406 rsbac_ds_get_error("rsbac_adf_set_attr_jail()", A_jail_id);
01407 return(-RSBAC_EREADFAILED);
01408 }
01409 /* Set jail_id for new IPC */
01410 if (rsbac_set_attr(JAIL,
01411 T_IPC,
01412 tid,
01413 A_jail_id,
01414 i_attr_val1))
01415 {
01416 rsbac_ds_set_error("rsbac_adf_set_attr_jail()", A_jail_id);
01417 return(-RSBAC_EWRITEFAILED);
01418 }
01419 return(0);
01420 }
01421 /* fall through */
01422
01423 #ifdef CONFIG_RSBAC_JAIL_NET_ADJUST
01424 case R_BIND:
01425 if(target != T_NETOBJ)
01426 return 0;
01427 if(!tid.netobj.sock_p)
01428 {
01429 rsbac_printk(KERN_WARNING
01430 "rsbac_adf_set_attr_jail(): NULL sock_p!\n");
01431 return 0;
01432 }
01433 if(!tid.netobj.sock_p->ops)
01434 {
01435 return 0;
01436 }
01437 switch(tid.netobj.sock_p->ops->family)
01438 {
01439 case AF_INET:
01440 i_tid.process = caller_pid;
01441 if ((err=rsbac_get_attr(JAIL,
01442 T_PROCESS,
01443 i_tid,
01444 A_jail_ip,
01445 &i_attr_val1,
01446 TRUE)))
01447 {
01448 rsbac_ds_get_error("rsbac_adf_set_attr_jail()", A_jail_ip);
01449 return -RSBAC_EREADFAILED;
01450 }
01451 if(i_attr_val1.jail_ip == INADDR_ANY)
01452 return 0;
01453 if ((err=rsbac_get_attr(JAIL,
01454 T_PROCESS,
01455 i_tid,
01456 A_jail_flags,
01457 &i_attr_val2,
01458 TRUE)))
01459 {
01460 rsbac_ds_get_error("rsbac_adf_set_attr_jail()", A_jail_flags);
01461 return -RSBAC_EREADFAILED;
01462 }
01463 if(i_attr_val2.jail_flags & JAIL_auto_adjust_inet_any)
01464 {
01465 #if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,0)
01466 inet_sk(tid.netobj.sock_p->sk)->rcv_saddr = i_attr_val1.jail_ip;
01467 inet_sk(tid.netobj.sock_p->sk)->saddr = i_attr_val1.jail_ip;
01468 #else
01469 tid.netobj.sock_p->sk->rcv_saddr = i_attr_val1.jail_ip;
01470 tid.netobj.sock_p->sk->saddr = i_attr_val1.jail_ip;
01471 #endif
01472 }
01473 return 0;
01474
01475 default:
01476 break;
01477 }
01478 #endif
01479 return 0;
01480
01481 /*********************/
01482 default: return 0;
01483 }
01484
01485 return 0;
01486 } /* end of rsbac_adf_set_attr_jail() */
|
1.4.2