#include <linux/string.h>#include <rsbac/aci.h>#include <rsbac/mac.h>#include <rsbac/adf_main.h>#include <rsbac/error.h>#include <rsbac/helpers.h>#include <rsbac/getname.h>#include <rsbac/debug.h>#include <rsbac/rkmem.h>Go to the source code of this file.
|
||||||||||||||||||||
|
Definition at line 1530 of file mac_main.c. References A_mac_categories, A_security_level, and auto_read_attr(). Referenced by rsbac_adf_request_mac(), and rsbac_adf_set_attr_mac(). 01534 {
01535 return auto_read_attr(pid,
01536 target,
01537 tid,
01538 A_security_level,
01539 A_mac_categories,
01540 set_level);
01541 }
|
|
||||||||||||||||||||||||||||
|
Definition at line 928 of file mac_main.c. References A_current_sec_level, A_mac_categories, A_mac_curr_categories, A_mac_file_flags, A_mac_process_flags, A_max_read_categories, A_max_read_open, A_min_write_categories, A_min_write_open, A_none, A_security_level, rsbac_attribute_value_t::current_sec_level, FALSE, get_target_name(), GRANTED, MAC, MAC_auto, rsbac_attribute_value_t::mac_categories, rsbac_attribute_value_t::mac_file_flags, MAC_override, rsbac_attribute_value_t::mac_process_flags, MAC_read_up, MAC_trusted, rsbac_attribute_value_t::max_read_open, NOT_GRANTED, rsbac_target_id_t::process, rsbac_get_attr, rsbac_kfree(), rsbac_kmalloc(), RSBAC_MAXNAMELEN, rsbac_printk(), rsbac_set_attr, rsbac_attribute_value_t::security_level, T_DIR, T_FIFO, T_FILE, T_PROCESS, T_SYMLINK, TRUE, and u64tostrmac(). Referenced by auto_read(), rsbac_adf_request_mac(), and rsbac_adf_set_attr_mac(). 00934 {
00935 rsbac_security_level_t curr_level;
00936 rsbac_mac_category_vector_t curr_categories;
00937 rsbac_security_level_t target_sec_level;
00938 rsbac_mac_category_vector_t target_categories;
00939 union rsbac_target_id_t i_tid;
00940 union rsbac_attribute_value_t attr_val1;
00941 union rsbac_attribute_value_t attr_val2;
00942 rsbac_mac_process_flags_t flags;
00943 rsbac_boolean_t mac_auto_used_level = FALSE;
00944 rsbac_boolean_t mac_auto_used_cat = FALSE;
00945 rsbac_boolean_t set_level_level = FALSE;
00946 rsbac_boolean_t set_level_cat = FALSE;
00947
00948 /* first check for mac_override, which allows everything */
00949 i_tid.process = pid;
00950 if (rsbac_get_attr(MAC,
00951 T_PROCESS,
00952 i_tid,
00953 A_mac_process_flags,
00954 &attr_val1,
00955 FALSE))
00956 { /* failed! */
00957 rsbac_ds_get_error("mac_auto_read", A_none);
00958 return(NOT_GRANTED);
00959 }
00960 flags = attr_val1.mac_process_flags;
00961 if(flags & MAC_override)
00962 return GRANTED;
00963
00964 /* Get current security level */
00965 if (rsbac_get_attr(MAC,
00966 T_PROCESS,
00967 i_tid,
00968 A_current_sec_level,
00969 &attr_val1,
00970 FALSE))
00971 { /* failed! */
00972 rsbac_ds_get_error("mac_auto_read", A_none);
00973 return(NOT_GRANTED);
00974 }
00975 curr_level = attr_val1.security_level;
00976 /* Get current categories */
00977 if (rsbac_get_attr(MAC,
00978 T_PROCESS,
00979 i_tid,
00980 A_mac_curr_categories,
00981 &attr_val1,
00982 FALSE))
00983 { /* failed! */
00984 rsbac_ds_get_error("mac_auto_read", A_none);
00985 return(NOT_GRANTED);
00986 }
00987 curr_categories = attr_val1.mac_categories;
00988 /* Get target security level */
00989 if (rsbac_get_attr(MAC,
00990 target,
00991 tid,
00992 t_level_attr,
00993 &attr_val1,
00994 TRUE))
00995 { /* failed! */
00996 rsbac_ds_get_error("mac_auto_read", A_none);
00997 return(NOT_GRANTED);
00998 }
00999 target_sec_level = attr_val1.security_level;
01000 /* Get target categories */
01001 if (rsbac_get_attr(MAC,
01002 target,
01003 tid,
01004 t_cat_attr,
01005 &attr_val1,
01006 TRUE))
01007 { /* failed! */
01008 rsbac_ds_get_error("mac_auto_read", A_none);
01009 return(NOT_GRANTED);
01010 }
01011 target_categories = attr_val1.mac_categories;
01012
01013 if(target_sec_level > curr_level)
01014 {
01015 if (rsbac_get_attr(MAC,
01016 T_PROCESS,
01017 i_tid,
01018 A_security_level,
01019 &attr_val1,
01020 FALSE))
01021 { /* failed! */
01022 rsbac_ds_get_error("mac_auto_read", A_none);
01023 return(NOT_GRANTED);
01024 }
01025 if(attr_val1.security_level < target_sec_level)
01026 {
01027 #ifdef CONFIG_RSBAC_DEBUG
01028 if(rsbac_debug_adf_mac)
01029 {
01030 rsbac_printk(KERN_DEBUG
01031 "mac_auto_read(): pid %u/%.15s: security_level %u under target_sec_level %u, no override -> NOT_GRANTED!\n",
01032 current->pid, current->comm,
01033 attr_val1.security_level, target_sec_level);
01034 }
01035 #endif
01036 return(NOT_GRANTED);
01037 }
01038 /* curr_level < target_level <= max_level -> need mac_auto, read_up or trusted (with read option) */
01039 if(flags & MAC_auto)
01040 {
01041 /* check min_write boundary */
01042 if (rsbac_get_attr(MAC,
01043 T_PROCESS,
01044 i_tid,
01045 A_min_write_open,
01046 &attr_val1,
01047 FALSE))
01048 { /* failed! */
01049 rsbac_ds_get_error("mac_auto_read", A_none);
01050 return(NOT_GRANTED);
01051 }
01052 if(attr_val1.security_level < target_sec_level)
01053 {
01054 if( !(flags & MAC_read_up)
01055 #ifdef CONFIG_RSBAC_MAC_TRUSTED_READ
01056 && !(flags & MAC_trusted)
01057 #endif
01058 )
01059 {
01060 /* Try mac_file_flags on the target, if FD object */
01061 switch(target)
01062 {
01063 case T_FILE:
01064 case T_DIR:
01065 case T_FIFO:
01066 case T_SYMLINK:
01067 if (rsbac_get_attr(MAC,
01068 target,
01069 tid,
01070 A_mac_file_flags,
01071 &attr_val1,
01072 TRUE))
01073 { /* failed! */
01074 rsbac_ds_get_error("mac_auto_read", A_none);
01075 return(NOT_GRANTED);
01076 }
01077 if( (attr_val1.mac_file_flags & MAC_read_up)
01078 #ifdef CONFIG_RSBAC_MAC_TRUSTED_READ
01079 || (attr_val1.mac_file_flags & MAC_trusted)
01080 #endif
01081 )
01082 {
01083 break;
01084 }
01085 /* fall through */
01086
01087 default:
01088 #ifdef CONFIG_RSBAC_DEBUG
01089 if(rsbac_debug_adf_mac)
01090 {
01091 rsbac_printk(KERN_DEBUG
01092 "mac_auto_read(): pid %u/%.15s: min_write_open %u under target_sec_level %u, no read_up or trusted -> NOT_GRANTED!\n",
01093 current->pid, current->comm,
01094 attr_val1.security_level, target_sec_level);
01095 }
01096 #endif
01097 return(NOT_GRANTED);
01098 }
01099 }
01100 }
01101 else
01102 {
01103 mac_auto_used_level = TRUE;
01104 set_level_level = TRUE;
01105 }
01106 }
01107 else
01108 {
01109 if( !(flags & MAC_read_up)
01110 #ifdef CONFIG_RSBAC_MAC_TRUSTED_READ
01111 && !(flags & MAC_trusted)
01112 #endif
01113 )
01114 {
01115 /* Try mac_file_flags on the target, if FD object */
01116 switch(target)
01117 {
01118 case T_FILE:
01119 case T_DIR:
01120 case T_FIFO:
01121 case T_SYMLINK:
01122 if (rsbac_get_attr(MAC,
01123 target,
01124 tid,
01125 A_mac_file_flags,
01126 &attr_val1,
01127 TRUE))
01128 { /* failed! */
01129 rsbac_ds_get_error("mac_auto_read", A_none);
01130 return(NOT_GRANTED);
01131 }
01132 if( (attr_val1.mac_file_flags & MAC_read_up)
01133 #ifdef CONFIG_RSBAC_MAC_TRUSTED_READ
01134 || (attr_val1.mac_file_flags & MAC_trusted)
01135 #endif
01136 )
01137 {
01138 break;
01139 }
01140 /* fall through */
01141
01142 default:
01143 #ifdef CONFIG_RSBAC_DEBUG
01144 if(rsbac_debug_adf_mac)
01145 {
01146 rsbac_printk(KERN_DEBUG
01147 "mac_auto_read(): pid %u/%.15s: current level %u under target_sec_level %u, no auto, read_up or trusted -> NOT_GRANTED!\n",
01148 current->pid, current->comm,
01149 curr_level, target_sec_level);
01150 }
01151 #endif
01152 return(NOT_GRANTED);
01153 }
01154 }
01155 }
01156 }
01157 else
01158 if(target_sec_level < curr_level)
01159 {
01160 if(flags & MAC_auto)
01161 {
01162 mac_auto_used_level = TRUE;
01163 }
01164 }
01165 if((target_categories & curr_categories) != target_categories)
01166 {
01167 if (rsbac_get_attr(MAC,
01168 T_PROCESS,
01169 i_tid,
01170 A_mac_categories,
01171 &attr_val1,
01172 FALSE))
01173 { /* failed! */
01174 rsbac_ds_get_error("mac_auto_read", A_none);
01175 return(NOT_GRANTED);
01176 }
01177 if((target_categories & attr_val1.mac_categories) != target_categories)
01178 {
01179 #ifdef CONFIG_RSBAC_DEBUG
01180 if(rsbac_debug_adf_mac)
01181 {
01182 char * tmp = rsbac_kmalloc(RSBAC_MAXNAMELEN);
01183
01184 if(tmp)
01185 {
01186 char * tmp2 = rsbac_kmalloc(RSBAC_MAXNAMELEN);
01187
01188 if(tmp2)
01189 {
01190 u64tostrmac(tmp, attr_val1.mac_categories);
01191 u64tostrmac(tmp2, target_categories);
01192 rsbac_printk(KERN_DEBUG
01193 "mac_auto_write(): pid %u/%.15s: max_categories %s under target categories %s, no override -> NOT_GRANTED!\n",
01194 current->pid, current->comm,
01195 tmp,
01196 tmp2);
01197 rsbac_kfree(tmp2);
01198 }
01199 rsbac_kfree(tmp);
01200 }
01201 }
01202 #endif
01203 return(NOT_GRANTED);
01204 }
01205 /* curr_categories < target_categories <= max_categories -> need mac_auto, read_up or trusted */
01206 if(flags & MAC_auto)
01207 {
01208 /* check min_write boundary */
01209 if (rsbac_get_attr(MAC,
01210 T_PROCESS,
01211 i_tid,
01212 A_min_write_categories,
01213 &attr_val1,
01214 FALSE))
01215 { /* failed! */
01216 rsbac_ds_get_error("mac_auto_read", A_none);
01217 return(NOT_GRANTED);
01218 }
01219 if((target_categories & attr_val1.mac_categories) != target_categories)
01220 {
01221 if( !(flags & MAC_read_up)
01222 #ifdef CONFIG_RSBAC_MAC_TRUSTED_READ
01223 && !(flags & MAC_trusted)
01224 #endif
01225 )
01226 {
01227 /* Try mac_file_flags on the target, if FD object */
01228 switch(target)
01229 {
01230 case T_FILE:
01231 case T_DIR:
01232 case T_FIFO:
01233 case T_SYMLINK:
01234 if (rsbac_get_attr(MAC,
01235 target,
01236 tid,
01237 A_mac_file_flags,
01238 &attr_val1,
01239 TRUE))
01240 { /* failed! */
01241 rsbac_ds_get_error("mac_auto_read", A_none);
01242 return(NOT_GRANTED);
01243 }
01244 if( (attr_val1.mac_file_flags & MAC_read_up)
01245 #ifdef CONFIG_RSBAC_MAC_TRUSTED_READ
01246 || (attr_val1.mac_file_flags & MAC_trusted)
01247 #endif
01248 )
01249 {
01250 break;
01251 }
01252 /* fall through */
01253
01254 default:
01255 #ifdef CONFIG_RSBAC_DEBUG
01256 if(rsbac_debug_adf_mac)
01257 {
01258 char * tmp = rsbac_kmalloc(RSBAC_MAXNAMELEN);
01259
01260 if(tmp)
01261 {
01262 char * tmp2 = rsbac_kmalloc(RSBAC_MAXNAMELEN);
01263
01264 if(tmp2)
01265 {
01266 u64tostrmac(tmp, attr_val1.mac_categories);
01267 u64tostrmac(tmp2, target_categories);
01268 rsbac_printk(KERN_DEBUG
01269 "mac_auto_write(): pid %u/%.15s: min_write_categories %s under target categories %s, no read_up or trusted with read option -> NOT_GRANTED!\n",
01270 current->pid, current->comm,
01271 tmp,
01272 tmp2);
01273 rsbac_kfree(tmp2);
01274 }
01275 rsbac_kfree(tmp);
01276 }
01277 }
01278 #endif
01279 return(NOT_GRANTED);
01280 }
01281 }
01282 }
01283 else
01284 {
01285 mac_auto_used_cat = TRUE;
01286 set_level_cat = TRUE;
01287 }
01288 }
01289 else
01290 {
01291 if( !(flags & MAC_read_up)
01292 #ifdef CONFIG_RSBAC_MAC_TRUSTED_READ
01293 && !(flags & MAC_trusted)
01294 #endif
01295 )
01296 {
01297 /* Try mac_file_flags on the target, if FD object */
01298 switch(target)
01299 {
01300 case T_FILE:
01301 case T_DIR:
01302 case T_FIFO:
01303 case T_SYMLINK:
01304 if (rsbac_get_attr(MAC,
01305 target,
01306 tid,
01307 A_mac_file_flags,
01308 &attr_val1,
01309 TRUE))
01310 { /* failed! */
01311 rsbac_ds_get_error("mac_auto_read", A_none);
01312 return(NOT_GRANTED);
01313 }
01314 if( (attr_val1.mac_file_flags & MAC_read_up)
01315 #ifdef CONFIG_RSBAC_MAC_TRUSTED_READ
01316 || (attr_val1.mac_file_flags & MAC_trusted)
01317 #endif
01318 )
01319 {
01320 break;
01321 }
01322 /* fall through */
01323
01324 default:
01325 #ifdef CONFIG_RSBAC_DEBUG
01326 if(rsbac_debug_adf_mac)
01327 {
01328 char * tmp = rsbac_kmalloc(RSBAC_MAXNAMELEN);
01329
01330 if(tmp)
01331 {
01332 char * tmp2 = rsbac_kmalloc(RSBAC_MAXNAMELEN);
01333
01334 if(tmp2)
01335 {
01336 u64tostrmac(tmp, curr_categories);
01337 u64tostrmac(tmp2, target_categories);
01338 rsbac_printk(KERN_DEBUG
01339 "mac_auto_write(): pid %u/%.15s: curr_categories %s under target categories %s, no auto, read_up or trusted with read option -> NOT_GRANTED!\n",
01340 current->pid, current->comm,
01341 tmp,
01342 tmp2);
01343 rsbac_kfree(tmp2);
01344 }
01345 rsbac_kfree(tmp);
01346 }
01347 }
01348 #endif
01349 return(NOT_GRANTED);
01350 }
01351 }
01352 }
01353 }
01354 else
01355 if((target_categories & curr_categories) != curr_categories)
01356 {
01357 if(flags & MAC_auto)
01358 {
01359 mac_auto_used_level = TRUE;
01360 }
01361 }
01362
01363 /* grant area */
01364
01365 /* adjust current_sec_level and max_read_level, */
01366 /* if set_level is true and mac_auto has been used*/
01367 if(set_level && mac_auto_used_level)
01368 {
01369 i_tid.process = pid;
01370 attr_val1.current_sec_level = target_sec_level;
01371 if(set_level_level)
01372 {
01373 #ifdef CONFIG_RSBAC_MAC_LOG_LEVEL_CHANGE
01374 char * target_type_name;
01375 char * target_id_name;
01376
01377 target_type_name = rsbac_kmalloc(RSBAC_MAXNAMELEN);
01378 if(target_type_name)
01379 {
01380 #ifdef CONFIG_RSBAC_LOG_FULL_PATH
01381 target_id_name
01382 = rsbac_kmalloc(CONFIG_RSBAC_MAX_PATH_LEN + RSBAC_MAXNAMELEN);
01383 /* max. path name len + some extra */
01384 #else
01385 target_id_name = rsbac_kmalloc(2 * RSBAC_MAXNAMELEN);
01386 /* max. file name len + some extra */
01387 #endif
01388 if(target_id_name)
01389 {
01390 get_target_name(target_type_name, target, target_id_name, tid);
01391
01392 rsbac_printk(KERN_INFO
01393 "mac_auto_read(): Changing process %u (%.15s, owner %u) current level from %u to %u for %s %s\n",
01394 pid,
01395 current->comm,
01396 current->uid,
01397 curr_level,
01398 target_sec_level,
01399 target_type_name,
01400 target_id_name);
01401 rsbac_kfree(target_id_name);
01402 }
01403 rsbac_kfree(target_type_name);
01404 }
01405 #endif
01406 if(rsbac_set_attr(MAC,
01407 T_PROCESS,
01408 i_tid,
01409 A_current_sec_level,
01410 attr_val1))
01411 { /* failed! */
01412 rsbac_ds_set_error("mac_auto_read", A_none);
01413 return(NOT_GRANTED);
01414 }
01415 }
01416 if (rsbac_get_attr(MAC,
01417 T_PROCESS,
01418 i_tid,
01419 A_max_read_open,
01420 &attr_val2,
01421 TRUE))
01422 { /* failed! */
01423 rsbac_ds_get_error("mac_auto_read", A_none);
01424 return(NOT_GRANTED);
01425 }
01426 if(attr_val1.max_read_open > attr_val2.max_read_open)
01427 {
01428 if (rsbac_set_attr(MAC,
01429 T_PROCESS,
01430 i_tid,
01431 A_max_read_open,
01432 attr_val1))
01433 { /* failed! */
01434 rsbac_ds_set_error("mac_auto_read", A_none);
01435 return(NOT_GRANTED);
01436 }
01437 }
01438 }
01439 /* adjust current_categories and max_read_categories, */
01440 /* if set_level is true and mac_auto has been used*/
01441 if(set_level && mac_auto_used_cat)
01442 {
01443 i_tid.process = pid;
01444 attr_val1.mac_categories = target_categories;
01445 if(set_level_cat)
01446 {
01447 #ifdef CONFIG_RSBAC_MAC_LOG_LEVEL_CHANGE
01448 char * target_type_name = rsbac_kmalloc(RSBAC_MAXNAMELEN);
01449 if(target_type_name)
01450 {
01451 char * target_id_name;
01452
01453 #ifdef CONFIG_RSBAC_LOG_FULL_PATH
01454 target_id_name
01455 = rsbac_kmalloc(CONFIG_RSBAC_MAX_PATH_LEN + RSBAC_MAXNAMELEN);
01456 /* max. path name len + some extra */
01457 #else
01458 target_id_name = rsbac_kmalloc(2 * RSBAC_MAXNAMELEN);
01459 /* max. file name len + some extra */
01460 #endif
01461 if(target_id_name)
01462 {
01463 char * tmp1 = rsbac_kmalloc(RSBAC_MAXNAMELEN);
01464 if(tmp1)
01465 {
01466 char * tmp2 = rsbac_kmalloc(RSBAC_MAXNAMELEN);
01467 if(tmp2)
01468 {
01469 get_target_name(target_type_name, target, target_id_name, tid);
01470
01471 rsbac_printk(KERN_INFO
01472 "mac_auto_read(): Changing process %u (15%s, owner %u) current categories from %s to %s for %s %s\n",
01473 pid,
01474 current->comm,
01475 current->uid,
01476 u64tostrmac(tmp1, curr_categories),
01477 u64tostrmac(tmp2, target_categories),
01478 target_type_name,
01479 target_id_name);
01480 rsbac_kfree(tmp2);
01481 }
01482 rsbac_kfree(tmp1);
01483 }
01484 rsbac_kfree(target_id_name);
01485 }
01486 rsbac_kfree(target_type_name);
01487 }
01488 #endif
01489 if(rsbac_set_attr(MAC,
01490 T_PROCESS,
01491 i_tid,
01492 A_mac_curr_categories,
01493 attr_val1))
01494 { /* failed! */
01495 rsbac_ds_set_error("mac_auto_read", A_none);
01496 return(NOT_GRANTED);
01497 }
01498 }
01499 if (rsbac_get_attr(MAC,
01500 T_PROCESS,
01501 i_tid,
01502 A_max_read_categories,
01503 &attr_val2,
01504 TRUE))
01505 { /* failed! */
01506 rsbac_ds_get_error("mac_auto_read", A_none);
01507 return(NOT_GRANTED);
01508 }
01509 if((attr_val1.mac_categories & attr_val2.mac_categories)
01510 != attr_val1.mac_categories
01511 )
01512 {
01513 if (rsbac_set_attr(MAC,
01514 T_PROCESS,
01515 i_tid,
01516 A_max_read_categories,
01517 attr_val1))
01518 { /* failed! */
01519 rsbac_ds_set_error("mac_auto_read", A_none);
01520 return(NOT_GRANTED);
01521 }
01522 }
01523 }
01524
01525 /* Everything done, so return */
01526 return(GRANTED);
01527 }
|
|
||||||||||||||||||||
|
Definition at line 2581 of file mac_main.c. References A_mac_categories, A_security_level, and auto_read_write_attr(). Referenced by rsbac_adf_request_mac(), and rsbac_adf_set_attr_mac(). 02585 {
02586 return auto_read_write_attr(pid,
02587 target,
02588 tid,
02589 A_security_level,
02590 A_mac_categories,
02591 set_level);
02592 }
|
|
||||||||||||||||||||||||||||
|
Definition at line 1548 of file mac_main.c. References A_current_sec_level, A_mac_categories, A_mac_curr_categories, A_mac_file_flags, A_mac_min_categories, A_mac_process_flags, A_max_read_categories, A_max_read_open, A_min_security_level, A_min_write_categories, A_min_write_open, A_none, A_security_level, rsbac_attribute_value_t::current_sec_level, FALSE, get_target_name(), GRANTED, MAC, MAC_auto, rsbac_attribute_value_t::mac_categories, rsbac_attribute_value_t::mac_file_flags, MAC_override, rsbac_attribute_value_t::mac_process_flags, MAC_read_up, MAC_trusted, MAC_write_down, MAC_write_up, rsbac_attribute_value_t::max_read_open, rsbac_attribute_value_t::min_write_open, NOT_GRANTED, rsbac_target_id_t::process, rsbac_get_attr, rsbac_kfree(), rsbac_kmalloc(), RSBAC_MAXNAMELEN, rsbac_printk(), rsbac_set_attr, rsbac_attribute_value_t::security_level, T_DIR, T_FIFO, T_FILE, T_PROCESS, T_SYMLINK, TRUE, and u64tostrmac(). Referenced by auto_read_write(), rsbac_adf_request_mac(), and rsbac_adf_set_attr_mac(). 01554 {
01555 rsbac_security_level_t curr_level;
01556 rsbac_mac_category_vector_t curr_categories;
01557 rsbac_security_level_t target_sec_level;
01558 rsbac_mac_category_vector_t target_categories;
01559 union rsbac_target_id_t i_tid;
01560 union rsbac_attribute_value_t attr_val1;
01561 union rsbac_attribute_value_t attr_val2;
01562 rsbac_mac_process_flags_t flags;
01563 rsbac_boolean_t mac_auto_used_level = FALSE;
01564 rsbac_boolean_t mac_auto_used_cat = FALSE;
01565 rsbac_boolean_t raise_object_level = FALSE;
01566 rsbac_boolean_t raise_object_cat = FALSE;
01567
01568 /* first check for mac_override, which allows everything */
01569 i_tid.process = pid;
01570 if (rsbac_get_attr(MAC,
01571 T_PROCESS,
01572 i_tid,
01573 A_mac_process_flags,
01574 &attr_val1,
01575 FALSE))
01576 { /* failed! */
01577 rsbac_ds_get_error("mac_auto_read_write", A_none);
01578 return(NOT_GRANTED);
01579 }
01580 flags = attr_val1.mac_process_flags;
01581 if(flags & MAC_override)
01582 return GRANTED;
01583
01584 /* Get current security level */
01585 if (rsbac_get_attr(MAC,
01586 T_PROCESS,
01587 i_tid,
01588 A_current_sec_level,
01589 &attr_val1,
01590 FALSE))
01591 { /* failed! */
01592 rsbac_ds_get_error("mac_auto_read_write", A_none);
01593 return(NOT_GRANTED);
01594 }
01595 curr_level = attr_val1.security_level;
01596 /* Get current categories */
01597 if (rsbac_get_attr(MAC,
01598 T_PROCESS,
01599 i_tid,
01600 A_mac_curr_categories,
01601 &attr_val1,
01602 FALSE))
01603 { /* failed! */
01604 rsbac_ds_get_error("mac_auto_read_write", A_none);
01605 return(NOT_GRANTED);
01606 }
01607 curr_categories = attr_val1.mac_categories;
01608 /* Get target security level */
01609 if (rsbac_get_attr(MAC,
01610 target,
01611 tid,
01612 t_level_attr,
01613 &attr_val1,
01614 TRUE))
01615 { /* failed! */
01616 rsbac_ds_get_error("mac_auto_read_write", A_none);
01617 return(NOT_GRANTED);
01618 }
01619 target_sec_level = attr_val1.security_level;
01620 /* Get target categories */
01621 if (rsbac_get_attr(MAC,
01622 target,
01623 tid,
01624 t_cat_attr,
01625 &attr_val1,
01626 TRUE))
01627 { /* failed! */
01628 rsbac_ds_get_error("mac_auto_read_write", A_none);
01629 return(NOT_GRANTED);
01630 }
01631 target_categories = attr_val1.mac_categories;
01632
01633 if(target_sec_level > curr_level)
01634 {
01635 if (rsbac_get_attr(MAC,
01636 T_PROCESS,
01637 i_tid,
01638 A_security_level,
01639 &attr_val1,
01640 FALSE))
01641 { /* failed! */
01642 rsbac_ds_get_error("mac_auto_read_write", A_none);
01643 return(NOT_GRANTED);
01644 }
01645 if(attr_val1.security_level < target_sec_level)
01646 {
01647 #ifdef CONFIG_RSBAC_DEBUG
01648 if(rsbac_debug_adf_mac)
01649 {
01650 rsbac_printk(KERN_DEBUG
01651 "mac_auto_read_write(): pid %u/%.15s: security_level %u under target_sec_level %u, no override -> NOT_GRANTED!\n",
01652 current->pid, current->comm,
01653 attr_val1.security_level, target_sec_level);
01654 }
01655 #endif
01656 return(NOT_GRANTED);
01657 }
01658 /* curr_level < target_level <= max_level */
01659 /* -> need mac_auto, (write_up && read_up) or trusted (with read option) */
01660 if(flags & MAC_auto)
01661 {
01662 /* check min_write boundary */
01663 if (rsbac_get_attr(MAC,
01664 T_PROCESS,
01665 i_tid,
01666 A_min_write_open,
01667 &attr_val1,
01668 FALSE))
01669 { /* failed! */
01670 rsbac_ds_get_error("mac_auto_read_write", A_none);
01671 return(NOT_GRANTED);
01672 }
01673 if(attr_val1.security_level < target_sec_level)
01674 {
01675 if( !((flags & MAC_write_up) && (flags & MAC_read_up))
01676 #ifdef CONFIG_RSBAC_MAC_TRUSTED_READ
01677 && !(flags & MAC_trusted)
01678 #endif
01679 )
01680 {
01681 /* Try mac_file_flags on the target, if FD object */
01682 switch(target)
01683 {
01684 case T_FILE:
01685 case T_DIR:
01686 case T_FIFO:
01687 case T_SYMLINK:
01688 if (rsbac_get_attr(MAC,
01689 target,
01690 tid,
01691 A_mac_file_flags,
01692 &attr_val1,
01693 TRUE))
01694 { /* failed! */
01695 rsbac_ds_get_error("mac_auto_read_write", A_none);
01696 return(NOT_GRANTED);
01697 }
01698 if( ( (attr_val1.mac_file_flags & MAC_write_up)
01699 && (attr_val1.mac_file_flags & MAC_read_up)
01700 )
01701 #ifdef CONFIG_RSBAC_MAC_TRUSTED_READ
01702 || (flags & MAC_trusted)
01703 #endif
01704 )
01705 {
01706 break;
01707 }
01708 /* fall through */
01709
01710 default:
01711 #ifdef CONFIG_RSBAC_DEBUG
01712 if(rsbac_debug_adf_mac)
01713 {
01714 rsbac_printk(KERN_DEBUG
01715 "mac_auto_read_write(): pid %u/%.15s: min_write_open %u under target_sec_level %u, no read_up or trusted -> NOT_GRANTED!\n",
01716 current->pid, current->comm,
01717 attr_val1.security_level, target_sec_level);
01718 }
01719 #endif
01720 return(NOT_GRANTED);
01721 }
01722 }
01723 }
01724 else
01725 mac_auto_used_level = TRUE;
01726 }
01727 else
01728 {
01729 if( !((flags & MAC_write_up) && (flags & MAC_read_up))
01730 #ifdef CONFIG_RSBAC_MAC_TRUSTED_READ
01731 && !(flags & MAC_trusted)
01732 #endif
01733 )
01734 {
01735 /* Try mac_file_flags on the target, if FD object */
01736 switch(target)
01737 {
01738 case T_FILE:
01739 case T_DIR:
01740 case T_FIFO:
01741 case T_SYMLINK:
01742 if (rsbac_get_attr(MAC,
01743 target,
01744 tid,
01745 A_mac_file_flags,
01746 &attr_val1,
01747 TRUE))
01748 { /* failed! */
01749 rsbac_ds_get_error("mac_auto_read_write", A_none);
01750 return(NOT_GRANTED);
01751 }
01752 if( ( (attr_val1.mac_file_flags & MAC_write_up)
01753 && (attr_val1.mac_file_flags & MAC_read_up)
01754 )
01755 #ifdef CONFIG_RSBAC_MAC_TRUSTED_READ
01756 || (flags & MAC_trusted)
01757 #endif
01758 )
01759 {
01760 break;
01761 }
01762 /* fall through */
01763
01764 default:
01765 #ifdef CONFIG_RSBAC_DEBUG
01766 if(rsbac_debug_adf_mac)
01767 {
01768 rsbac_printk(KERN_DEBUG
01769 "mac_auto_read_write(): pid %u/%.15s: current level %u under target_sec_level %u, no auto, (write_up && read_up) or trusted -> NOT_GRANTED!\n",
01770 current->pid, current->comm,
01771 curr_level, target_sec_level);
01772 }
01773 #endif
01774 return(NOT_GRANTED);
01775 }
01776 }
01777 }
01778 }
01779 else
01780 if(target_sec_level < curr_level)
01781 {
01782 if (rsbac_get_attr(MAC,
01783 T_PROCESS,
01784 i_tid,
01785 A_min_security_level,
01786 &attr_val1,
01787 FALSE))
01788 { /* failed! */
01789 rsbac_ds_get_error("mac_auto_read_write", A_none);
01790 return(NOT_GRANTED);
01791 }
01792 if(attr_val1.security_level > target_sec_level)
01793 {
01794 #ifdef CONFIG_RSBAC_DEBUG
01795 if(rsbac_debug_adf_mac)
01796 {
01797 rsbac_printk(KERN_DEBUG
01798 "mac_auto_read_write(): pid %u/%.15s: min_security_level %u over target_sec_level %u, no override -> NOT_GRANTED!\n",
01799 current->pid, current->comm,
01800 attr_val1.security_level, target_sec_level);
01801 }
01802 #endif
01803 return(NOT_GRANTED);
01804 }
01805 /* min_level <= target_level < curr_level -> need mac_auto, write_down or trusted */
01806 if(flags & MAC_auto)
01807 {
01808 /* check max_read boundary */
01809 if (rsbac_get_attr(MAC,
01810 T_PROCESS,
01811 i_tid,
01812 A_max_read_open,
01813 &attr_val1,
01814 FALSE))
01815 { /* failed! */
01816 rsbac_ds_get_error("mac_auto_read_write", A_none);
01817 return(NOT_GRANTED);
01818 }
01819 if(attr_val1.security_level > target_sec_level)
01820 {
01821 if( !(flags & MAC_write_down)
01822 && !(flags & MAC_trusted)
01823 )
01824 {
01825 /* Try mac_file_flags on the target, if FD object */
01826 switch(target)
01827 {
01828 case T_FILE:
01829 case T_DIR:
01830 case T_FIFO:
01831 case T_SYMLINK:
01832 if (rsbac_get_attr(MAC,
01833 target,
01834 tid,
01835 A_mac_file_flags,
01836 &attr_val1,
01837 TRUE))
01838 { /* failed! */
01839 rsbac_ds_get_error("mac_auto_read_write", A_none);
01840 return(NOT_GRANTED);
01841 }
01842 if( (attr_val1.mac_file_flags & MAC_write_down)
01843 || (attr_val1.mac_file_flags & MAC_trusted)
01844 )
01845 {
01846 if(attr_val1.mac_file_flags & MAC_auto)
01847 {
01848 raise_object_level = TRUE;
01849 }
01850 break;
01851 }
01852 /* fall through */
01853
01854 default:
01855 #ifdef CONFIG_RSBAC_DEBUG
01856 if(rsbac_debug_adf_mac)
01857 {
01858 rsbac_printk(KERN_DEBUG
01859 "mac_auto_read_write(): pid %u/%.15s: max_read_open %u over target_sec_level %u, no write_down or trusted -> NOT_GRANTED!\n",
01860 current->pid, current->comm,
01861 attr_val1.security_level, target_sec_level);
01862 }
01863 #endif
01864 return(NOT_GRANTED);
01865 }
01866 }
01867 }
01868 else
01869 mac_auto_used_level = TRUE;
01870 }
01871 else
01872 {
01873 if( !(flags & MAC_write_down)
01874 && !(flags & MAC_trusted)
01875 )
01876 {
01877 /* Try mac_file_flags on the target, if FD object */
01878 switch(target)
01879 {
01880 case T_FILE:
01881 case T_DIR:
01882 case T_FIFO:
01883 case T_SYMLINK:
01884 if (rsbac_get_attr(MAC,
01885 target,
01886 tid,
01887 A_mac_file_flags,
01888 &attr_val1,
01889 TRUE))
01890 { /* failed! */
01891 rsbac_ds_get_error("mac_auto_read_write", A_none);
01892 return(NOT_GRANTED);
01893 }
01894 if( (attr_val1.mac_file_flags & MAC_write_down)
01895 || (attr_val1.mac_file_flags & MAC_trusted)
01896 )
01897 {
01898 if(attr_val1.mac_file_flags & MAC_auto)
01899 {
01900 raise_object_level = TRUE;
01901 }
01902 break;
01903 }
01904 /* fall through */
01905
01906 default:
01907 #ifdef CONFIG_RSBAC_DEBUG
01908 if(rsbac_debug_adf_mac)
01909 {
01910 rsbac_printk(KERN_DEBUG
01911 "mac_auto_read_write(): pid %u/%.15s: current security_level %u over target_sec_level %u, no auto, write_down or trusted -> NOT_GRANTED!\n",
01912 current->pid, current->comm,
01913 curr_level, target_sec_level);
01914 }
01915 #endif
01916 return(NOT_GRANTED);
01917 }
01918 }
01919 }
01920 }
01921 if((target_categories & curr_categories) != target_categories)
01922 {
01923 if (rsbac_get_attr(MAC,
01924 T_PROCESS,
01925 i_tid,
01926 A_mac_categories,
01927 &attr_val1,
01928 FALSE))
01929 { /* failed! */
01930 rsbac_ds_get_error("mac_auto_read_write", A_none);
01931 return(NOT_GRANTED);
01932 }
01933 if((target_categories & attr_val1.mac_categories) != target_categories)
01934 {
01935 #ifdef CONFIG_RSBAC_DEBUG
01936 if(rsbac_debug_adf_mac)
01937 {
01938 char * tmp = rsbac_kmalloc(RSBAC_MAXNAMELEN);
01939
01940 if(tmp)
01941 {
01942 char * tmp2 = rsbac_kmalloc(RSBAC_MAXNAMELEN);
01943
01944 if(tmp2)
01945 {
01946 u64tostrmac(tmp, attr_val1.mac_categories);
01947 u64tostrmac(tmp2, target_categories);
01948 rsbac_printk(KERN_DEBUG
01949 "mac_auto_read_write(): pid %u/%.15s: max_categories %s under target categories %s, no override -> NOT_GRANTED!\n",
01950 current->pid, current->comm,
01951 tmp,
01952 tmp2);
01953 rsbac_kfree(tmp2);
01954 }
01955 rsbac_kfree(tmp);
01956 }
01957 }
01958 #endif
01959 return(NOT_GRANTED);
01960 }
01961 /* curr_categories < target_categories <= max_categories */
01962 /* -> need mac_auto, (read_up && write_up) or trusted (with read option) */
01963 if(flags & MAC_auto)
01964 {
01965 /* check min_write boundary */
01966 if (rsbac_get_attr(MAC,
01967 T_PROCESS,
01968 i_tid,
01969 A_min_write_categories,
01970 &attr_val1,
01971 FALSE))
01972 { /* failed! */
01973 rsbac_ds_get_error("mac_auto_read_write", A_none);
01974 return(NOT_GRANTED);
01975 }
01976 if((target_categories & attr_val1.mac_categories) != target_categories)
01977 {
01978 if( !((flags & MAC_write_up) && (flags & MAC_read_up))
01979 #ifdef CONFIG_RSBAC_MAC_TRUSTED_READ
01980 && !(flags & MAC_trusted)
01981 #endif
01982 )
01983 {
01984 /* Try mac_file_flags on the target, if FD object */
01985 switch(target)
01986 {
01987 case T_FILE:
01988 case T_DIR:
01989 case T_FIFO:
01990 case T_SYMLINK:
01991 if (rsbac_get_attr(MAC,
01992 target,
01993 tid,
01994 A_mac_file_flags,
01995 &attr_val1,
01996 TRUE))
01997 { /* failed! */
01998 rsbac_ds_get_error("mac_auto_read_write", A_none);
01999 return(NOT_GRANTED);
02000 }
02001 if( ( (attr_val1.mac_file_flags & MAC_write_up)
02002 && (attr_val1.mac_file_flags & MAC_read_up)
02003 )
02004 #ifdef CONFIG_RSBAC_MAC_TRUSTED_READ
02005 || (flags & MAC_trusted)
02006 #endif
02007 )
02008 {
02009 break;
02010 }
02011 /* fall through */
02012
02013 default:
02014 #ifdef CONFIG_RSBAC_DEBUG
02015 if(rsbac_debug_adf_mac)
02016 {
02017 char * tmp = rsbac_kmalloc(RSBAC_MAXNAMELEN);
02018
02019 if(tmp)
02020 {
02021 char * tmp2 = rsbac_kmalloc(RSBAC_MAXNAMELEN);
02022
02023 if(tmp2)
02024 {
02025 u64tostrmac(tmp, attr_val1.mac_categories);
02026 u64tostrmac(tmp2, target_categories);
02027 rsbac_printk(KERN_DEBUG
02028 "mac_auto_read_write(): pid %u/%.15s: min_write_categories %s under target categories %s, no (read_up and write_up) or trusted with read option -> NOT_GRANTED!\n",
02029 current->pid, current->comm,
02030 tmp,
02031 tmp2);
02032 rsbac_kfree(tmp2);
02033 }
02034 rsbac_kfree(tmp);
02035 }
02036 }
02037 #endif
02038 return(NOT_GRANTED);
02039 }
02040 }
02041 }
02042 else
02043 mac_auto_used_cat = TRUE;
02044 }
02045 else
02046 {
02047 if( !((flags & MAC_write_up) && (flags & MAC_read_up))
02048 #ifdef CONFIG_RSBAC_MAC_TRUSTED_READ
02049 && !(flags & MAC_trusted)
02050 #endif
02051 )
02052 {
02053 /* Try mac_file_flags on the target, if FD object */
02054 switch(target)
02055 {
02056 case T_FILE:
02057 case T_DIR:
02058 case T_FIFO:
02059 case T_SYMLINK:
02060 if (rsbac_get_attr(MAC,
02061 target,
02062 tid,
02063 A_mac_file_flags,
02064 &attr_val1,
02065 TRUE))
02066 { /* failed! */
02067 rsbac_ds_get_error("mac_auto_read_write", A_none);
02068 return(NOT_GRANTED);
02069 }
02070 if( ( (attr_val1.mac_file_flags & MAC_write_up)
02071 && (attr_val1.mac_file_flags & MAC_read_up)
02072 )
02073 #ifdef CONFIG_RSBAC_MAC_TRUSTED_READ
02074 || (flags & MAC_trusted)
02075 #endif
02076 )
02077 {
02078 break;
02079 }
02080 /* fall through */
02081
02082 default:
02083 #ifdef CONFIG_RSBAC_DEBUG
02084 if(rsbac_debug_adf_mac)
02085 {
02086 char * tmp = rsbac_kmalloc(RSBAC_MAXNAMELEN);
02087
02088 if(tmp)
02089 {
02090 char * tmp2 = rsbac_kmalloc(RSBAC_MAXNAMELEN);
02091
02092 if(tmp2)
02093 {
02094 u64tostrmac(tmp, curr_categories);
02095 u64tostrmac(tmp2, target_categories);
02096 rsbac_printk(KERN_DEBUG
02097 "mac_auto_read_write(): pid %u/%.15s: curr_categories %s under target categories %s, no auto, (read_up and write_up) or trusted -> NOT_GRANTED!\n",
02098 current->pid, current->comm,
02099 tmp,
02100 tmp2);
02101 rsbac_kfree(tmp2);
02102 }
02103 rsbac_kfree(tmp);
02104 }
02105 }
02106 #endif
02107 return(NOT_GRANTED);
02108 }
02109 }
02110 }
02111 }
02112 else
02113 if((target_categories & curr_categories) != curr_categories)
02114 {
02115 if (rsbac_get_attr(MAC,
02116 T_PROCESS,
02117 i_tid,
02118 A_mac_min_categories,
02119 &attr_val1,
02120 FALSE))
02121 { /* failed! */
02122 rsbac_ds_get_error("mac_auto_read_write", A_none);
02123 return(NOT_GRANTED);
02124 }
02125 if((target_categories & attr_val1.mac_categories) != attr_val1.mac_categories)
02126 {
02127 #ifdef CONFIG_RSBAC_DEBUG
02128 if(rsbac_debug_adf_mac)
02129 {
02130 char * tmp = rsbac_kmalloc(RSBAC_MAXNAMELEN);
02131
02132 if(tmp)
02133 {
02134 char * tmp2 = rsbac_kmalloc(RSBAC_MAXNAMELEN);
02135
02136 if(tmp2)
02137 {
02138 u64tostrmac(tmp, attr_val1.mac_categories);
02139 u64tostrmac(tmp2, target_categories);
02140 rsbac_printk(KERN_DEBUG
02141 "mac_auto_read_write(): pid %u/%.15s: min_categories %s over target categories %s, no override -> NOT_GRANTED!\n",
02142 current->pid, current->comm,
02143 tmp,
02144 tmp2);
02145 rsbac_kfree(tmp2);
02146 }
02147 rsbac_kfree(tmp);
02148 }
02149 }
02150 #endif
02151 return(NOT_GRANTED);
02152 }
02153 /* min_level <= target_level < curr_level -> need mac_auto, write_down or trusted */
02154 if(flags & MAC_auto)
02155 {
02156 /* check max_read boundary */
02157 if (rsbac_get_attr(MAC,
02158 T_PROCESS,
02159 i_tid,
02160 A_max_read_categories,
02161 &attr_val1,
02162 FALSE))
02163 { /* failed! */
02164 rsbac_ds_get_error("mac_auto_read_write", A_none);
02165 return(NOT_GRANTED);
02166 }
02167 if((target_categories & attr_val1.mac_categories) != attr_val1.mac_categories)
02168 {
02169 if( !(flags & MAC_write_down)
02170 && !(flags & MAC_trusted)
02171 )
02172 {
02173 /* Try mac_file_flags on the target, if FD object */
02174 switch(target)
02175 {
02176 case T_FILE:
02177 case T_DIR:
02178 case T_FIFO:
02179 case T_SYMLINK:
02180 if (rsbac_get_attr(MAC,
02181 target,
02182 tid,
02183 A_mac_file_flags,
02184 &attr_val1,
02185 TRUE))
02186 { /* failed! */
02187 rsbac_ds_get_error("mac_auto_read_write", A_none);
02188 return(NOT_GRANTED);
02189 }
02190 if( (attr_val1.mac_file_flags & MAC_write_down)
02191 || (attr_val1.mac_file_flags & MAC_trusted)
02192 )
02193 {
02194 if(attr_val1.mac_file_flags & MAC_auto)
02195 {
02196 raise_object_cat = TRUE;
02197 }
02198 break;
02199 }
02200 /* fall through */
02201
02202 default:
02203 #ifdef CONFIG_RSBAC_DEBUG
02204 if(rsbac_debug_adf_mac)
02205 {
02206 char * tmp = rsbac_kmalloc(RSBAC_MAXNAMELEN);
02207
02208 if(tmp)
02209 {
02210 char * tmp2 = rsbac_kmalloc(RSBAC_MAXNAMELEN);
02211
02212 if(tmp2)
02213 {
02214 u64tostrmac(tmp, attr_val1.mac_categories);
02215 u64tostrmac(tmp2, target_categories);
02216 rsbac_printk(KERN_DEBUG
02217 "mac_auto_read_write(): pid %u/%.15s: max_read_categories %s over target categories %s, no write_down or trusted -> NOT_GRANTED!\n",
02218 current->pid, current->comm,
02219 tmp,
02220 tmp2);
02221 rsbac_kfree(tmp2);
02222 }
02223 rsbac_kfree(tmp);
02224 }
02225 }
02226 #endif
02227 return(NOT_GRANTED);
02228 }
02229 }
02230 }
02231 else
02232 mac_auto_used_cat = TRUE;
02233 }
02234 else
02235 {
02236 if( !(flags & MAC_write_down)
02237 && !(flags & MAC_trusted)
02238 )
02239 {
02240 /* Try mac_file_flags on the target, if FD object */
02241 switch(target)
02242 {
02243 case T_FILE:
02244 case T_DIR:
02245 case T_FIFO:
02246 case T_SYMLINK:
02247 if (rsbac_get_attr(MAC,
02248 target,
02249 tid,
02250 A_mac_file_flags,
02251 &attr_val1,
02252 TRUE))
02253 { /* failed! */
02254 rsbac_ds_get_error("mac_auto_read_write", A_none);
02255 return(NOT_GRANTED);
02256 }
02257 if( (attr_val1.mac_file_flags & MAC_write_down)
02258 || (attr_val1.mac_file_flags & MAC_trusted)
02259 )
02260 {
02261 if(attr_val1.mac_file_flags & MAC_auto)
02262 {
02263 raise_object_cat = TRUE;
02264 }
02265 break;
02266 }
02267 /* fall through */
02268
02269 default:
02270 #ifdef CONFIG_RSBAC_DEBUG
02271 if(rsbac_debug_adf_mac)
02272 {
02273 char * tmp = rsbac_kmalloc(RSBAC_MAXNAMELEN);
02274
02275 if(tmp)
02276 {
02277 char * tmp2 = rsbac_kmalloc(RSBAC_MAXNAMELEN);
02278
02279 if(tmp2)
02280 {
02281 u64tostrmac(tmp, curr_categories);
02282 u64tostrmac(tmp2, target_categories);
02283 rsbac_printk(KERN_DEBUG
02284 "mac_auto_read_write(): pid %u/%.15s: curr_categories %s over target categories %s, no auto, write_down or trusted -> NOT_GRANTED!\n",
02285 current->pid, current->comm,
02286 tmp,
02287 tmp2);
02288 rsbac_kfree(tmp2);
02289 }
02290 rsbac_kfree(tmp);
02291 }
02292 }
02293 #endif
02294 return(NOT_GRANTED);
02295 }
02296 }
02297 }
02298 }
02299
02300 /* grant area */
02301
02302 /* adjust current_sec_level and min_write_level, */
02303 /* if set_level is true and mac_auto has been used*/
02304 if( set_level
02305 && ( mac_auto_used_level
02306 || raise_object_level
02307 )
02308 )
02309 {
02310 #ifdef CONFIG_RSBAC_MAC_LOG_LEVEL_CHANGE
02311 {
02312 char * target_type_name;
02313 char * target_id_name;
02314
02315 target_type_name = rsbac_kmalloc(RSBAC_MAXNAMELEN);
02316 if(target_type_name)
02317 {
02318 #ifdef CONFIG_RSBAC_LOG_FULL_PATH
02319 target_id_name
02320 = rsbac_kmalloc(CONFIG_RSBAC_MAX_PATH_LEN + RSBAC_MAXNAMELEN);
02321 /* max. path name len + some extra */
02322 #else
02323 target_id_name = rsbac_kmalloc(2 * RSBAC_MAXNAMELEN);
02324 /* max. file name len + some extra */
02325 #endif
02326 if(target_id_name)
02327 {
02328 get_target_name(target_type_name, target, target_id_name, tid);
02329
02330 if(mac_auto_used_level)
02331 {
02332 rsbac_printk(KERN_INFO
02333 "mac_auto_read_write(): Changing process %u (%.15s, owner %u) current level from %u to %u for %s %s\n",
02334 pid,
02335 current->comm,
02336 current->uid,
02337 curr_level,
02338 target_sec_level,
02339 target_type_name,
02340 target_id_name);
02341 }
02342 else
02343 {
02344 rsbac_printk(KERN_INFO
02345 "mac_auto_read_write(): Process %u (%.15s, owner %u): Raising object level from %u to %u for %s %s\n",
02346 pid,
02347 current->comm,
02348 current->uid,
02349 target_sec_level,
02350 curr_level,
02351 target_type_name,
02352 target_id_name);
02353 }
02354 rsbac_kfree(target_id_name);
02355 }
02356 rsbac_kfree(target_type_name);
02357 }
02358 }
02359 #endif
02360 if(mac_auto_used_level)
02361 {
02362 i_tid.process = pid;
02363 attr_val1.current_sec_level = target_sec_level;
02364 if (rsbac_get_attr(MAC,
02365 T_PROCESS,
02366 i_tid,
02367 A_min_write_open,
02368 &attr_val2,
02369 TRUE))
02370 { /* failed! */
02371 rsbac_ds_get_error("mac_auto_read_write", A_none);
02372 return(NOT_GRANTED);
02373 }
02374 if(attr_val1.min_write_open < attr_val2.min_write_open)
02375 {
02376 if (rsbac_set_attr(MAC,
02377 T_PROCESS,
02378 i_tid,
02379 A_min_write_open,
02380 attr_val1))
02381 { /* failed! */
02382 rsbac_ds_set_error("mac_auto_read_write", A_none);
02383 return(NOT_GRANTED);
02384 }
02385 }
02386 if (rsbac_get_attr(MAC,
02387 T_PROCESS,
02388 i_tid,
02389 A_max_read_open,
02390 &attr_val2,
02391 TRUE))
02392 { /* failed! */
02393 rsbac_ds_get_error("mac_auto_read_write", A_none);
02394 return(NOT_GRANTED);
02395 }
02396 if(attr_val1.max_read_open > attr_val2.max_read_open)
02397 {
02398 if (rsbac_set_attr(MAC,
02399 T_PROCESS,
02400 i_tid,
02401 A_max_read_open,
02402 attr_val1))
02403 { /* failed! */
02404 rsbac_ds_set_error("mac_auto_read_write", A_none);
02405 return(NOT_GRANTED);
02406 }
02407 }
02408 if (rsbac_set_attr(MAC,
02409 T_PROCESS,
02410 i_tid,
02411 A_current_sec_level,
02412 attr_val1))
02413 { /* failed! */
02414 rsbac_ds_set_error("mac_auto_read_write", A_none);
02415 return(NOT_GRANTED);
02416 }
02417 }
02418 else
02419 {
02420 attr_val1.security_level = curr_level;
02421 if (rsbac_set_attr(MAC,
02422 target,
02423 tid,
02424 A_security_level,
02425 attr_val1))
02426 { /* failed! */
02427 rsbac_ds_set_error("mac_auto_read_write", A_none);
02428 return(NOT_GRANTED);
02429 }
02430 }
02431 }
02432 /* adjust current_categories and min_write_categories, */
02433 /* if set_level is true and mac_auto has been used*/
02434 if( set_level
02435 && ( mac_auto_used_cat
02436 || raise_object_cat
02437 )
02438 )
02439 {
02440 #ifdef CONFIG_RSBAC_MAC_LOG_LEVEL_CHANGE
02441 {
02442 char * target_type_name = rsbac_kmalloc(RSBAC_MAXNAMELEN);
02443 if(target_type_name)
02444 {
02445 char * target_id_name;
02446
02447 #ifdef CONFIG_RSBAC_LOG_FULL_PATH
02448 target_id_name
02449 = rsbac_kmalloc(CONFIG_RSBAC_MAX_PATH_LEN + RSBAC_MAXNAMELEN);
02450 /* max. path name len + some extra */
02451 #else
02452 target_id_name = rsbac_kmalloc(2 * RSBAC_MAXNAMELEN);
02453 /* max. file name len + some extra */
02454 #endif
02455 if(target_id_name)
02456 {
02457 char * tmp1 = rsbac_kmalloc(RSBAC_MAXNAMELEN);
02458 if(tmp1)
02459 {
02460 char * tmp2 = rsbac_kmalloc(RSBAC_MAXNAMELEN);
02461 if(tmp2)
02462 {
02463 get_target_name(target_type_name, target, target_id_name, tid);
02464
02465 if(mac_auto_used_cat)
02466 {
02467 rsbac_printk(KERN_INFO
02468 "mac_auto_read_write(): Changing process %u (%.15s, owner %u) current categories from %s to %s for %s %s\n",
02469 pid,
02470 current->comm,
02471 current->uid,
02472 u64tostrmac(tmp1, curr_categories),
02473 u64tostrmac(tmp2, target_categories),
02474 target_type_name,
02475 target_id_name);
02476 }
02477 else
02478 {
02479 rsbac_printk(KERN_INFO
02480 "mac_auto_read_write(): Process %u (%.15s, owner %u): raising current categories from %s to %s for %s %s\n",
02481 pid,
02482 current->comm,
02483 current->uid,
02484 u64tostrmac(tmp2, target_categories),
02485 u64tostrmac(tmp1, curr_categories),
02486 target_type_name,
02487 target_id_name);
02488 }
02489 rsbac_kfree(tmp2);
02490 }
02491 rsbac_kfree(tmp1);
02492 }
02493 rsbac_kfree(target_id_name);
02494 }
02495 rsbac_kfree(target_type_name);
02496 }
02497 }
02498 #endif
02499 if(mac_auto_used_cat)
02500 {
02501 i_tid.process = pid;
02502 attr_val1.mac_categories = target_categories;
02503 if (rsbac_get_attr(MAC,
02504 T_PROCESS,
02505 i_tid,
02506 A_min_write_categories,
02507 &attr_val2,
02508 TRUE))
02509 { /* failed! */
02510 rsbac_ds_set_error("mac_auto_read_write", A_none);
02511 return(NOT_GRANTED);
02512 }
02513 if((attr_val1.mac_categories & attr_val2.mac_categories)
02514 != attr_val2.mac_categories
02515 )
02516 {
02517 if (rsbac_set_attr(MAC,
02518 T_PROCESS,
02519 i_tid,
02520 A_min_write_categories,
02521 attr_val1))
02522 { /* failed! */
02523 rsbac_ds_set_error("mac_auto_read_write", A_none);
02524 return(NOT_GRANTED);
02525 }
02526 }
02527 if (rsbac_get_attr(MAC,
02528 T_PROCESS,
02529 i_tid,
02530 A_max_read_categories,
02531 &attr_val2,
02532 TRUE))
02533 { /* failed! */
02534 rsbac_ds_get_error("mac_auto_read_write", A_none);
02535 return(NOT_GRANTED);
02536 }
02537 if((attr_val1.mac_categories & attr_val2.mac_categories)
02538 != attr_val1.mac_categories
02539 )
02540 {
02541 if (rsbac_set_attr(MAC,
02542 T_PROCESS,
02543 i_tid,
02544 A_max_read_categories,
02545 attr_val1))
02546 { /* failed! */
02547 rsbac_ds_set_error("mac_auto_read_write", A_none);
02548 return(NOT_GRANTED);
02549 }
02550 }
02551 if (rsbac_set_attr(MAC,
02552 T_PROCESS,
02553 i_tid,
02554 A_mac_curr_categories,
02555 attr_val1))
02556 { /* failed! */
02557 rsbac_ds_set_error("mac_auto_read_write", A_none);
02558 return(NOT_GRANTED);
02559 }
02560 }
02561 else
02562 {
02563 attr_val1.mac_categories = curr_categories;
02564 if (rsbac_set_attr(MAC,
02565 target,
02566 tid,
02567 A_mac_categories,
02568 attr_val1))
02569 { /* failed! */
02570 rsbac_ds_set_error("mac_auto_read_write", A_none);
02571 return(NOT_GRANTED);
02572 }
02573 }
02574 }
02575
02576 /* Everything done, so return */
02577 return(GRANTED);
02578 }
|
|
||||||||||||||||||||
|
Definition at line 911 of file mac_main.c. References A_mac_categories, A_security_level, and auto_write_attr(). Referenced by rsbac_adf_request_mac(), and rsbac_adf_set_attr_mac(). 00915 {
00916 return auto_write_attr(pid,
00917 target,
00918 tid,
00919 A_security_level,
00920 A_mac_categories,
00921 set_level);
00922 }
|
|
||||||||||||||||||||||||||||
|
Definition at line 83 of file mac_main.c. References A_current_sec_level, A_mac_categories, A_mac_curr_categories, A_mac_file_flags, A_mac_min_categories, A_mac_process_flags, A_max_read_categories, A_max_read_open, A_min_security_level, A_min_write_categories, A_min_write_open, A_none, A_security_level, rsbac_attribute_value_t::current_sec_level, FALSE, get_target_name(), GRANTED, MAC, MAC_auto, rsbac_attribute_value_t::mac_categories, rsbac_attribute_value_t::mac_file_flags, MAC_override, rsbac_attribute_value_t::mac_process_flags, MAC_trusted, MAC_write_down, MAC_write_up, rsbac_attribute_value_t::min_write_open, NOT_GRANTED, rsbac_target_id_t::process, rsbac_get_attr, rsbac_kfree(), rsbac_kmalloc(), RSBAC_MAXNAMELEN, rsbac_printk(), rsbac_set_attr, rsbac_attribute_value_t::security_level, T_DIR, T_FIFO, T_FILE, T_PROCESS, T_SYMLINK, TRUE, and u64tostrmac(). Referenced by auto_write(), rsbac_adf_request_mac(), and rsbac_adf_set_attr_mac(). 00089 {
00090 rsbac_security_level_t curr_level;
00091 rsbac_mac_category_vector_t curr_categories;
00092 rsbac_security_level_t target_sec_level;
00093 rsbac_mac_category_vector_t target_categories;
00094 union rsbac_target_id_t i_tid;
00095 union rsbac_attribute_value_t attr_val1;
00096 union rsbac_attribute_value_t attr_val2;
00097 rsbac_mac_process_flags_t flags;
00098 rsbac_boolean_t mac_auto_used_level = FALSE;
00099 rsbac_boolean_t mac_auto_used_cat = FALSE;
00100 rsbac_boolean_t raise_object_level = FALSE;
00101 rsbac_boolean_t raise_object_cat = FALSE;
00102
00103 /* first check for mac_override, which allows everything */
00104 i_tid.process = pid;
00105 if (rsbac_get_attr(MAC,
00106 T_PROCESS,
00107 i_tid,
00108 A_mac_process_flags,
00109 &attr_val1,
00110 FALSE))
00111 { /* failed! */
00112 rsbac_ds_get_error("mac_auto_write", A_none);
00113 return(NOT_GRANTED);
00114 }
00115 flags = attr_val1.mac_process_flags;
00116 if(flags & MAC_override)
00117 return GRANTED;
00118
00119 /* Get current security level */
00120 if (rsbac_get_attr(MAC,
00121 T_PROCESS,
00122 i_tid,
00123 A_current_sec_level,
00124 &attr_val1,
00125 FALSE))
00126 { /* failed! */
00127 rsbac_ds_get_error("mac_auto_write", A_none);
00128 return(NOT_GRANTED);
00129 }
00130 curr_level = attr_val1.security_level;
00131 /* Get current categories */
00132 if (rsbac_get_attr(MAC,
00133 T_PROCESS,
00134 i_tid,
00135 A_mac_curr_categories,
00136 &attr_val1,
00137 FALSE))
00138 { /* failed! */
00139 rsbac_ds_get_error("mac_auto_write", A_none);
00140 return(NOT_GRANTED);
00141 }
00142 curr_categories = attr_val1.mac_categories;
00143 /* Get target security level */
00144 if (rsbac_get_attr(MAC,
00145 target,
00146 tid,
00147 t_level_attr,
00148 &attr_val1,
00149 TRUE))
00150 { /* failed! */
00151 rsbac_ds_get_error("mac_auto_write", A_none);
00152 return(NOT_GRANTED);
00153 }
00154 target_sec_level = attr_val1.security_level;
00155 /* Get target categories */
00156 if (rsbac_get_attr(MAC,
00157 target,
00158 tid,
00159 t_cat_attr,
00160 &attr_val1,
00161 TRUE))
00162 { /* failed! */
00163 rsbac_ds_get_error("mac_auto_write", A_none);
00164 return(NOT_GRANTED);
00165 }
00166 target_categories = attr_val1.mac_categories;
00167
00168 if(target_sec_level > curr_level)
00169 {
00170 if (rsbac_get_attr(MAC,
00171 T_PROCESS,
00172 i_tid,
00173 A_security_level,
00174 &attr_val1,
00175 FALSE))
00176 { /* failed! */
00177 rsbac_ds_get_error("mac_auto_write", A_none);
00178 return(NOT_GRANTED);
00179 }
00180 if(attr_val1.security_level < target_sec_level)
00181 {
00182 #ifdef CONFIG_RSBAC_DEBUG
00183 if(rsbac_debug_adf_mac)
00184 {
00185 rsbac_printk(KERN_DEBUG
00186 "mac_auto_write(): pid %u/%.15s: security_level %u under target_sec_level %u, no override -> NOT_GRANTED!\n",
00187 current->pid, current->comm,
00188 attr_val1.security_level, target_sec_level);
00189 }
00190 #endif
00191 return(NOT_GRANTED);
00192 }
00193 /* curr_level < target_level <= max_level -> need mac_auto, write_up, trusted (at process)
00194 or shared (at object) */
00195 if(flags & MAC_auto)
00196 mac_auto_used_level = TRUE;
00197 else
00198 {
00199 if( !(flags & MAC_write_up)
00200 && !(flags & MAC_trusted)
00201 )
00202 {
00203 /* Try mac_file_flags on the target, if FD object */
00204 switch(target)
00205 {
00206 case T_FILE:
00207 case T_DIR:
00208 case T_FIFO:
00209 case T_SYMLINK:
00210 if (rsbac_get_attr(MAC,
00211 target,
00212 tid,
00213 A_mac_file_flags,
00214 &attr_val1,
00215 TRUE))
00216 { /* failed! */
00217 rsbac_ds_get_error("mac_auto_write", A_none);
00218 return(NOT_GRANTED);
00219 }
00220 if( (attr_val1.mac_file_flags & MAC_write_up)
00221 || (attr_val1.mac_file_flags & MAC_trusted)
00222 )
00223 {
00224 break;
00225 }
00226 /* fall through */
00227
00228 default:
00229 #ifdef CONFIG_RSBAC_DEBUG
00230 if(rsbac_debug_adf_mac)
00231 {
00232 rsbac_printk(KERN_DEBUG
00233 "mac_auto_write(): pid %u/%.15s: current security_level %u under target_sec_level %u, no auto, write_up, trusted -> NOT_GRANTED!\n",
00234 current->pid, current->comm,
00235 curr_level, target_sec_level);
00236 }
00237 #endif
00238 return(NOT_GRANTED);
00239 }
00240 }
00241 }
00242 }
00243 else
00244 if(target_sec_level < curr_level)
00245 {
00246 if (rsbac_get_attr(MAC,
00247 T_PROCESS,
00248 i_tid,
00249 A_min_security_level,
00250 &attr_val1,
00251 FALSE))
00252 { /* failed! */
00253 rsbac_ds_get_error("mac_auto_write", A_none);
00254 return(NOT_GRANTED);
00255 }
00256 if(attr_val1.security_level > target_sec_level)
00257 {
00258 #ifdef CONFIG_RSBAC_DEBUG
00259 if(rsbac_debug_adf_mac)
00260 {
00261 rsbac_printk(KERN_DEBUG
00262 "mac_auto_write(): pid %u/%.15s: min_security_level %u over target_sec_level %u, no override -> NOT_GRANTED!\n",
00263 current->pid, current->comm,
00264 attr_val1.security_level, target_sec_level);
00265 }
00266 #endif
00267 return(NOT_GRANTED);
00268 }
00269 /* min_level <= target_level < curr_level -> need mac_auto, write_down or trusted */
00270 if(flags & MAC_auto)
00271 {
00272 /* check max_read boundary */
00273 if (rsbac_get_attr(MAC,
00274 T_PROCESS,
00275 i_tid,
00276 A_max_read_open,
00277 &attr_val1,
00278 FALSE))
00279 { /* failed! */
00280 rsbac_ds_get_error("mac_auto_write", A_none);
00281 return(NOT_GRANTED);
00282 }
00283 if(attr_val1.security_level > target_sec_level)
00284 {
00285 if( !(flags & MAC_write_down)
00286 && !(flags & MAC_trusted)
00287 )
00288 {
00289 /* Try mac_file_flags on the target, if FD object */
00290 switch(target)
00291 {
00292 case T_FILE:
00293 case T_DIR:
00294 case T_FIFO:
00295 case T_SYMLINK:
00296 if (rsbac_get_attr(MAC,
00297 target,
00298 tid,
00299 A_mac_file_flags,
00300 &attr_val1,
00301 TRUE))
00302 { /* failed! */
00303 rsbac_ds_get_error("mac_auto_write", A_none);
00304 return(NOT_GRANTED);
00305 }
00306 if( (attr_val1.mac_file_flags & MAC_write_down)
00307 || (attr_val1.mac_file_flags & MAC_trusted)
00308 )
00309 {
00310 if(attr_val1.mac_file_flags & MAC_auto)
00311 {
00312 raise_object_level = TRUE;
00313 }
00314 break;
00315 }
00316 /* fall through */
00317
00318 default:
00319 #ifdef CONFIG_RSBAC_DEBUG
00320 if(rsbac_debug_adf_mac)
00321 {
00322 rsbac_printk(KERN_DEBUG
00323 "mac_auto_write(): pid %u/%.15s: max_read_open %u over target_sec_level %u, no write_down or trusted -> NOT_GRANTED!\n",
00324 current->pid, current->comm,
00325 attr_val1.security_level, target_sec_level);
00326 }
00327 #endif
00328 return(NOT_GRANTED);
00329 }
00330 }
00331 }
00332 else
00333 mac_auto_used_level = TRUE;
00334 }
00335 else
00336 {
00337 if( !(flags & MAC_write_down)
00338 && !(flags & MAC_trusted)
00339 )
00340 {
00341 /* Try mac_file_flags on the target, if FD object */
00342 switch(target)
00343 {
00344 case T_FILE:
00345 case T_DIR:
00346 case T_FIFO:
00347 case T_SYMLINK:
00348 if (rsbac_get_attr(MAC,
00349 target,
00350 tid,
00351 A_mac_file_flags,
00352 &attr_val1,
00353 TRUE))
00354 { /* failed! */
00355 rsbac_ds_get_error("mac_auto_write", A_none);
00356 return(NOT_GRANTED);
00357 }
00358 if( (attr_val1.mac_file_flags & MAC_write_down)
00359 || (attr_val1.mac_file_flags & MAC_trusted)
00360 )
00361 {
00362 if(attr_val1.mac_file_flags & MAC_auto)
00363 {
00364 raise_object_level = TRUE;
00365 }
00366 break;
00367 }
00368 /* fall through */
00369
00370 default:
00371 #ifdef CONFIG_RSBAC_DEBUG
00372 if(rsbac_debug_adf_mac)
00373 {
00374 rsbac_printk(KERN_DEBUG
00375 "mac_auto_write(): pid %u/%.15s: current security_level %u over target_sec_level %u, no auto, write_down or trusted -> NOT_GRANTED!\n",
00376 current->pid, current->comm,
00377 curr_level, target_sec_level);
00378 }
00379 #endif
00380 return(NOT_GRANTED);
00381 }
00382 }
00383 }
00384 }
00385
00386 if((target_categories & curr_categories) != target_categories)
00387 {
00388 if (rsbac_get_attr(MAC,
00389 T_PROCESS,
00390 i_tid,
00391 A_mac_categories,
00392 &attr_val1,
00393 FALSE))
00394 { /* failed! */
00395 rsbac_ds_get_error("mac_auto_write", A_none);
00396 return(NOT_GRANTED);
00397 }
00398 if((target_categories & attr_val1.mac_categories) != target_categories)
00399 {
00400 #ifdef CONFIG_RSBAC_DEBUG
00401 if(rsbac_debug_adf_mac)
00402 {
00403 char * tmp = rsbac_kmalloc(RSBAC_MAXNAMELEN);
00404
00405 if(tmp)
00406 {
00407 char * tmp2 = rsbac_kmalloc(RSBAC_MAXNAMELEN);
00408
00409 if(tmp2)
00410 {
00411 u64tostrmac(tmp, attr_val1.mac_categories);
00412 u64tostrmac(tmp2, target_categories);
00413 rsbac_printk(KERN_DEBUG
00414 "mac_auto_write(): pid %u/%.15s: max_categories %s under target categories %s, no override -> NOT_GRANTED!\n",
00415 current->pid, current->comm,
00416 tmp,
00417 tmp2);
00418 rsbac_kfree(tmp2);
00419 }
00420 rsbac_kfree(tmp);
00421 }
00422 }
00423 #endif
00424 return(NOT_GRANTED);
00425 }
00426 /* curr_categories < target_categories <= max_categories -> need mac_auto, write_up or trusted */
00427 if(flags & MAC_auto)
00428 mac_auto_used_cat = TRUE;
00429 else
00430 {
00431 if( !(flags & MAC_write_up)
00432 && !(flags & MAC_trusted)
00433 )
00434 {
00435 /* Try mac_file_flags on the target, if FD object */
00436 switch(target)
00437 {
00438 case T_FILE:
00439 case T_DIR:
00440 case T_FIFO:
00441 case T_SYMLINK:
00442 if (rsbac_get_attr(MAC,
00443 target,
00444 tid,
00445 A_mac_file_flags,
00446 &attr_val1,
00447 TRUE))
00448 { /* failed! */
00449 rsbac_ds_get_error("mac_auto_write", A_none);
00450 return(NOT_GRANTED);
00451 }
00452 if( (attr_val1.mac_file_flags & MAC_write_up)
00453 || (attr_val1.mac_file_flags & MAC_trusted)
00454 )
00455 break;
00456 /* fall through */
00457
00458 default:
00459 #ifdef CONFIG_RSBAC_DEBUG
00460 if(rsbac_debug_adf_mac)
00461 {
00462 char * tmp = rsbac_kmalloc(RSBAC_MAXNAMELEN);
00463
00464 if(tmp)
00465 {
00466 char * tmp2 = rsbac_kmalloc(RSBAC_MAXNAMELEN);
00467
00468 if(tmp2)
00469 {
00470 u64tostrmac(tmp, curr_categories);
00471 u64tostrmac(tmp2, target_categories);
00472 rsbac_printk(KERN_DEBUG
00473 "mac_auto_write(): pid %u/%.15s: curr_categories %s under target categories %s, no auto, write_up or trusted -> NOT_GRANTED!\n",
00474 current->pid, current->comm,
00475 tmp,
00476 tmp2);
00477 rsbac_kfree(tmp2);
00478 }
00479 rsbac_kfree(tmp);
00480 }
00481 }
00482 #endif
00483 return(NOT_GRANTED);
00484 }
00485 }
00486 }
00487 }
00488 else
00489 if((target_categories & curr_categories) != curr_categories)
00490 {
00491 if (rsbac_get_attr(MAC,
00492 T_PROCESS,
00493 i_tid,
00494 A_mac_min_categories,
00495 &attr_val1,
00496 FALSE))
00497 { /* failed! */
00498 rsbac_ds_get_error("mac_auto_write", A_none);
00499 return(NOT_GRANTED);
00500 }
00501 if((target_categories & attr_val1.mac_categories) != attr_val1.mac_categories)
00502 {
00503 #ifdef CONFIG_RSBAC_DEBUG
00504 if(rsbac_debug_adf_mac)
00505 {
00506 char * tmp = rsbac_kmalloc(RSBAC_MAXNAMELEN);
00507
00508 if(tmp)
00509 {
00510 char * tmp2 = rsbac_kmalloc(RSBAC_MAXNAMELEN);
00511
00512 if(tmp2)
00513 {
00514 u64tostrmac(tmp, attr_val1.mac_categories);
00515 u64tostrmac(tmp2, target_categories);
00516 rsbac_printk(KERN_DEBUG
00517 "mac_auto_write(): pid %u/%.15s: min_categories %s over target categories %s, no override -> NOT_GRANTED!\n",
00518 current->pid, current->comm,
00519 tmp,
00520 tmp2);
00521 rsbac_kfree(tmp2);
00522 }
00523 rsbac_kfree(tmp);
00524 }
00525 }
00526 #endif
00527 return(NOT_GRANTED);
00528 }
00529 /* min_level <= target_level < curr_level -> need mac_auto, write_down or trusted */
00530 if(flags & MAC_auto)
00531 {
00532 /* check max_read boundary */
00533 if (rsbac_get_attr(MAC,
00534 T_PROCESS,
00535 i_tid,
00536 A_max_read_categories,
00537 &attr_val1,
00538 FALSE))
00539 { /* failed! */
00540 rsbac_ds_get_error("mac_auto_write", A_none);
00541 return(NOT_GRANTED);
00542 }
00543 if((target_categories & attr_val1.mac_categories) != attr_val1.mac_categories)
00544 {
00545 if( !(flags & MAC_write_down)
00546 && !(flags & MAC_trusted)
00547 )
00548 {
00549 /* Try mac_file_flags on the target, if FD object */
00550 switch(target)
00551 {
00552 case T_FILE:
00553 case T_DIR:
00554 case T_FIFO:
00555 case T_SYMLINK:
00556 if (rsbac_get_attr(MAC,
00557 target,
00558 tid,
00559 A_mac_file_flags,
00560 &attr_val1,
00561 TRUE))
00562 { /* failed! */
00563 rsbac_ds_get_error("mac_auto_write", A_none);
00564 return(NOT_GRANTED);
00565 }
00566 if( (attr_val1.mac_file_flags & MAC_write_down)
00567 || (attr_val1.mac_file_flags & MAC_trusted)
00568 )
00569 {
00570 if(attr_val1.mac_file_flags & MAC_auto)
00571 {
00572 raise_object_cat = TRUE;
00573 }
00574 break;
00575 }
00576 /* fall through */
00577
00578 default:
00579 #ifdef CONFIG_RSBAC_DEBUG
00580 if(rsbac_debug_adf_mac)
00581 {
00582 char * tmp = rsbac_kmalloc(RSBAC_MAXNAMELEN);
00583
00584 if(tmp)
00585 {
00586 char * tmp2 = rsbac_kmalloc(RSBAC_MAXNAMELEN);
00587
00588 if(tmp2)
00589 {
00590 u64tostrmac(tmp, attr_val1.mac_categories);
00591 u64tostrmac(tmp2, target_categories);
00592 rsbac_printk(KERN_DEBUG
00593 "mac_auto_write(): pid %u/%.15s: max_read_categories %s over target categories %s, no write_down or trusted -> NOT_GRANTED!\n",
00594 current->pid, current->comm,
00595 tmp,
00596 tmp2);
00597 rsbac_kfree(tmp2);
00598 }
00599 rsbac_kfree(tmp);
00600 }
00601 }
00602 #endif
00603 return(NOT_GRANTED);
00604 }
00605 }
00606 }
00607 else
00608 mac_auto_used_cat = TRUE;
00609 }
00610 else
00611 {
00612 if( !(flags & MAC_write_down)
00613 && !(flags & MAC_trusted)
00614 )
00615 {
00616 /* Try mac_file_flags on the target, if FD object */
00617 switch(target)
00618 {
00619 case T_FILE:
00620 case T_DIR:
00621 case T_FIFO:
00622 case T_SYMLINK:
00623 if (rsbac_get_attr(MAC,
00624 target,
00625 tid,
00626 A_mac_file_flags,
00627 &attr_val1,
00628 TRUE))
00629 { /* failed! */
00630 rsbac_ds_get_error("mac_auto_write", A_none);
00631 return(NOT_GRANTED);
00632 }
00633 if( (attr_val1.mac_file_flags & MAC_write_down)
00634 || (attr_val1.mac_file_flags & MAC_trusted)
00635 )
00636 {
00637 if(attr_val1.mac_file_flags & MAC_auto)
00638 {
00639 raise_object_cat = TRUE;
00640 }
00641 break;
00642 }
00643 /* fall through */
00644
00645 default:
00646 #ifdef CONFIG_RSBAC_DEBUG
00647 if(rsbac_debug_adf_mac)
00648 {
00649 char * tmp = rsbac_kmalloc(RSBAC_MAXNAMELEN);
00650
00651 if(tmp)
00652 {
00653 char * tmp2 = rsbac_kmalloc(RSBAC_MAXNAMELEN);
00654
00655 if(tmp2)
00656 {
00657 u64tostrmac(tmp, curr_categories);
00658 u64tostrmac(tmp2, target_categories);
00659 rsbac_printk(KERN_DEBUG
00660 "mac_auto_write(): pid %u/%.15s: curr_categories %s over target categories %s, no auto, write_down or trusted -> NOT_GRANTED!\n",
00661 current->pid, current->comm,
00662 tmp,
00663 tmp2);
00664 rsbac_kfree(tmp2);
00665 }
00666 rsbac_kfree(tmp);
00667 }
00668 }
00669 #endif
00670 return(NOT_GRANTED);
00671 }
00672 }
00673 }
00674 }
00675
00676 /* grant area */
00677
00678 /* adjust current_sec_level and min_write_level, */
00679 /* if set_level is true and mac_auto has been used*/
00680 if( set_level
00681 && ( mac_auto_used_level
00682 || raise_object_level
00683 )
00684 )
00685 {
00686 #ifdef CONFIG_RSBAC_MAC_LOG_LEVEL_CHANGE
00687 {
00688 char * target_type_name;
00689 char * target_id_name;
00690
00691 target_type_name = rsbac_kmalloc(RSBAC_MAXNAMELEN);
00692 if(target_type_name)
00693 {
00694 #ifdef CONFIG_RSBAC_LOG_FULL_PATH
00695 target_id_name
00696 = rsbac_kmalloc(CONFIG_RSBAC_MAX_PATH_LEN + RSBAC_MAXNAMELEN);
00697 /* max. path name len + some extra */
00698 #else
00699 target_id_name = rsbac_kmalloc(2 * RSBAC_MAXNAMELEN);
00700 /* max. file name len + some extra */
00701 #endif
00702 if(target_id_name)
00703 {
00704 get_target_name(target_type_name, target, target_id_name, tid);
00705
00706 if(mac_auto_used_level)
00707 {
00708 rsbac_printk(KERN_INFO
00709 "mac_auto_write(): Changing process %u (%.15s, owner %u) current level from %u to %u for %s %s\n",
00710 pid,
00711 current->comm,
00712 current->uid,
00713 curr_level,
00714 target_sec_level,
00715 target_type_name,
00716 target_id_name);
00717 }
00718 else
00719 {
00720 rsbac_printk(KERN_INFO
00721 "mac_auto_write(): Process %u (%.15s, owner %u): Raising object level from %u to %u for %s %s\n",
00722 pid,
00723 current->comm,
00724 current->uid,
00725 target_sec_level,
00726 curr_level,
00727 target_type_name,
00728 target_id_name);
00729 }
00730 rsbac_kfree(target_id_name);
00731 }
00732 rsbac_kfree(target_type_name);
00733 }
00734 }
00735 #endif
00736 if(mac_auto_used_level)
00737 {
00738 i_tid.process = pid;
00739 attr_val1.current_sec_level = target_sec_level;
00740 if (rsbac_get_attr(MAC,
00741 T_PROCESS,
00742 i_tid,
00743 A_min_write_open,
00744 &attr_val2,
00745 TRUE))
00746 { /* failed! */
00747 rsbac_ds_get_error("mac_auto_write", A_none);
00748 return(NOT_GRANTED);
00749 }
00750 if(attr_val1.min_write_open < attr_val2.min_write_open)
00751 {
00752 if (rsbac_set_attr(MAC,
00753 T_PROCESS,
00754 i_tid,
00755 A_min_write_open,
00756 attr_val1))
00757 { /* failed! */
00758 rsbac_ds_set_error("mac_auto_write", A_none);
00759 return(NOT_GRANTED);
00760 }
00761 }
00762 if (rsbac_set_attr(MAC,
00763 T_PROCESS,
00764 i_tid,
00765 A_current_sec_level,
00766 attr_val1))
00767 { /* failed! */
00768 rsbac_ds_set_error("mac_auto_write", A_none);
00769 return(NOT_GRANTED);
00770 }
00771 }
00772 else
00773 {
00774 attr_val1.security_level = curr_level;
00775 if (rsbac_set_attr(MAC,
00776 target,
00777 tid,
00778 A_security_level,
00779 attr_val1))
00780 { /* failed! */
00781 rsbac_ds_set_error("mac_auto_write", A_none);
00782 return(NOT_GRANTED);
00783 }
00784 }
00785 }
00786 /* adjust current_categories and min_write_categories, */
00787 /* if set_level is true and mac_auto has been used*/
00788 if( set_level
00789 && ( mac_auto_used_cat
00790 || raise_object_cat
00791 )
00792 )
00793 {
00794 #ifdef CONFIG_RSBAC_MAC_LOG_LEVEL_CHANGE
00795 {
00796 char * target_type_name = rsbac_kmalloc(RSBAC_MAXNAMELEN);
00797 if(target_type_name)
00798 {
00799 char * target_id_name;
00800
00801 #ifdef CONFIG_RSBAC_LOG_FULL_PATH
00802 target_id_name
00803 = rsbac_kmalloc(CONFIG_RSBAC_MAX_PATH_LEN + RSBAC_MAXNAMELEN);
00804 /* max. path name len + some extra */
00805 #else
00806 target_id_name = rsbac_kmalloc(2 * RSBAC_MAXNAMELEN);
00807 /* max. file name len + some extra */
00808 #endif
00809 if(target_id_name)
00810 {
00811 char * tmp1 = rsbac_kmalloc(RSBAC_MAXNAMELEN);
00812 if(tmp1)
00813 {
00814 char * tmp2 = rsbac_kmalloc(RSBAC_MAXNAMELEN);
00815 if(tmp2)
00816 {
00817 get_target_name(target_type_name, target, target_id_name, tid);
00818
00819 if(mac_auto_used_cat)
00820 {
00821 rsbac_printk(KERN_INFO
00822 "mac_auto_write(): Changing process %u (%.15s, owner %u) current categories from %s to %s for %s %s\n",
00823 pid,
00824 current->comm,
00825 current->uid,
00826 u64tostrmac(tmp1, curr_categories),
00827 u64tostrmac(tmp2, target_categories),
00828 target_type_name,
00829 target_id_name);
00830 }
00831 else
00832 {
00833 rsbac_printk(KERN_INFO
00834 "mac_auto_write(): Process %u (%.15s, owner %u): raising current categories from %s to %s for %s %s\n",
00835 pid,
00836 current->comm,
00837 current->uid,
00838 u64tostrmac(tmp2, target_categories),
00839 u64tostrmac(tmp1, curr_categories),
00840 target_type_name,
00841 target_id_name);
00842 }
00843 rsbac_kfree(tmp2);
00844 }
00845 rsbac_kfree(tmp1);
00846 }
00847 rsbac_kfree(target_id_name);
00848 }
00849 rsbac_kfree(target_type_name);
00850 }
00851 }
00852 #endif
00853 if(mac_auto_used_cat)
00854 {
00855 i_tid.process = pid;
00856 attr_val1.mac_categories = target_categories;
00857 if (rsbac_get_attr(MAC,
00858 T_PROCESS,
00859 i_tid,
00860 A_min_write_categories,
00861 &attr_val2,
00862 TRUE))
00863 { /* failed! */
00864 rsbac_ds_get_error("mac_auto_write", A_none);
00865 return(NOT_GRANTED);
00866 }
00867 if((attr_val1.mac_categories & attr_val2.mac_categories)
00868 != attr_val2.mac_categories
00869 )
00870 {
00871 if (rsbac_set_attr(MAC,
00872 T_PROCESS,
00873 i_tid,
00874 A_min_write_categories,
00875 attr_val1))
00876 { /* failed! */
00877 rsbac_ds_set_error("mac_auto_write", A_none);
00878 return(NOT_GRANTED);
00879 }
00880 }
00881 if (rsbac_set_attr(MAC,
00882 T_PROCESS,
00883 i_tid,
00884 A_mac_curr_categories,
00885 attr_val1))
00886 { /* failed! */
00887 rsbac_ds_set_error("mac_auto_write", A_none);
00888 return(NOT_GRANTED);
00889 }
00890 }
00891 else
00892 {
00893 attr_val1.mac_categories = curr_categories;
00894 if (rsbac_set_attr(MAC,
00895 target,
00896 tid,
00897 A_mac_categories,
00898 attr_val1))
00899 { /* failed! */
00900 rsbac_ds_set_error("mac_auto_write", A_none);
00901 return(NOT_GRANTED);
00902 }
00903 }
00904 }
00905
00906 /* Everything done, so return */
00907 return(GRANTED);
00908 }
|
|
||||||||||||
|
Definition at line 33 of file mac_main.c. References A_mac_role, GRANTED, MAC, NOT_GRANTED, rsbac_get_attr, rsbac_printk(), rsbac_attribute_value_t::system_role, T_USER, TRUE, and rsbac_target_id_t::user. Referenced by rsbac_adf_request_mac(). 00034 {
00035 union rsbac_target_id_t i_tid;
00036 union rsbac_attribute_value_t i_attr_val1;
00037
00038 i_tid.user = owner;
00039 if (rsbac_get_attr(MAC,
00040 T_USER,
00041 i_tid,
00042 A_mac_role,
00043 &i_attr_val1,
00044 TRUE))
00045 {
00046 rsbac_ds_get_error("mac_check_role", A_mac_role);
00047 return(NOT_GRANTED);
00048 }
00049 /* if correct role, then grant */
00050 if (i_attr_val1.system_role == role)
00051 return(GRANTED);
00052 else
00053 {
00054 #ifdef CONFIG_RSBAC_DEBUG
00055 if(rsbac_debug_adf_mac)
00056 {
00057 rsbac_printk(KERN_DEBUG
00058 "mac_check_role(): pid %u/%.15s: wrong mac_role %u -> NOT_GRANTED!\n",
00059 current->pid, current->comm,
00060 i_attr_val1.system_role);
00061 }
00062 #endif
00063 return(NOT_GRANTED);
00064 }
00065 }
|
|
||||||||||||||||||||||||||||||||
|
Definition at line 2599 of file mac_main.c. References A_audit_uid, A_auid_exempt, A_auth_last_auth, A_auth_learn, A_auth_may_set_cap, A_auth_may_setuid, A_current_sec_level, A_fake_root_uid, A_initial_security_level, A_linux_dac_disable, A_local_log_array_high, A_local_log_array_low, A_local_mac_categories, A_local_sec_level, A_log_array_high, A_log_array_low, A_log_program_based, A_log_user_based, A_mac_auto, A_mac_categories, A_mac_check, A_mac_curr_categories, A_mac_file_flags, A_mac_initial_categories, A_mac_min_categories, A_mac_process_flags, A_mac_prop_trusted, A_mac_role, A_mac_user_flags, A_max_read_categories, A_max_read_open, A_min_security_level, A_min_write_categories, A_min_write_open, A_none, A_pseudo, A_remote_ip, A_remote_log_array_high, A_remote_log_array_low, A_remote_mac_categories, A_remote_sec_level, A_security_level, A_symlink_add_mac_level, A_symlink_add_remote_ip, A_symlink_add_uid, A_system_role, AUTH, auto_read(), auto_read_attr(), auto_read_write(), auto_read_write_attr(), auto_write(), auto_write_attr(), D_block, rsbac_target_id_t::dev, DO_NOT_CARE, FALSE, FREEZE, GRANTED, MAC, rsbac_attribute_value_t::mac_check, mac_check_role(), NOT_GRANTED, R_ACCEPT, R_ADD_TO_KERNEL, R_ALTER, R_APPEND_OPEN, R_BIND, R_CHANGE_GROUP, R_CHANGE_OWNER, R_CHDIR, R_CLONE, R_CONNECT, R_CREATE, R_DELETE, R_EXECUTE, R_GET_PERMISSIONS_DATA, R_GET_STATUS_DATA, R_LINK_HARD, R_LISTEN, R_MAP_EXEC, R_MODIFY_ACCESS_DATA, R_MODIFY_ATTRIBUTE, R_MODIFY_PERMISSIONS_DATA, R_MODIFY_SYSTEM_DATA, R_MOUNT, R_READ, R_READ_ATTRIBUTE, R_READ_OPEN, R_READ_WRITE_OPEN, R_RECEIVE, R_REMOVE_FROM_KERNEL, R_RENAME, R_SEARCH, R_SEND, R_SEND_SIGNAL, R_SHUTDOWN, R_SWITCH_LOG, R_SWITCH_MODULE, R_TERMINATE, R_TRACE, R_TRUNCATE, R_UMOUNT, R_WRITE, R_WRITE_OPEN, rsbac_get_attr, rsbac_set_attr, rsbac_target_id_t::scd, SOFTMODE, SR_administrator, SR_auditor, SR_security_officer, ST_ioports, ST_rlimit, ST_rsbac, ST_rsbac_remote_log, ST_rsbaclog, rsbac_attribute_value_t::system_role, T_DEV, T_DIR, T_FIFO, T_FILE, T_GROUP, T_IPC, T_NETDEV, T_NETOBJ, T_NETTEMP, T_NONE, T_PROCESS, T_SCD, T_SYMLINK, T_USER, TRUE, rsbac_dev_desc_t::type, UNDEFINED, and rsbac_target_id_t::user. Referenced by rsbac_adf_request_int(). 02606 {
02607 enum rsbac_adf_req_ret_t result = DO_NOT_CARE;
02608 union rsbac_target_id_t i_tid;
02609 union rsbac_attribute_value_t i_attr_val1;
02610 #if defined(CONFIG_RSBAC_MAC_NET_OBJ_PROT)
02611 union rsbac_attribute_value_t i_attr_val2;
02612 #endif
02613
02614 switch (request)
02615 {
02616 case R_ADD_TO_KERNEL:
02617 switch(target)
02618 {
02619 case T_FILE:
02620 case T_DEV:
02621 case T_NONE:
02622 /* test owner's mac_role */
02623 return mac_check_role(owner, SR_administrator);
02624
02625 /* all other cases are unknown */
02626 default: return(DO_NOT_CARE);
02627 }
02628
02629 case R_ALTER:
02630 /* only for IPC */
02631 if (target == T_IPC)
02632 {
02633 /* and perform auto-write without setting attributes */
02634 return(auto_write(caller_pid,
02635 target,
02636 tid,
02637 FALSE));
02638 }
02639 else
02640 /* all other targets are unknown */
02641 return (DO_NOT_CARE);
02642 break;
02643
02644 case R_APPEND_OPEN:
02645 switch(target)
02646 {
02647 case T_FILE:
02648 case T_FIFO:
02649 /* and perform auto-write without setting attributes */
02650 return(auto_write(caller_pid,
02651 target,
02652 tid,
02653 FALSE));
02654 break;
02655 case T_IPC:
02656 /* and perform auto-write without setting attributes */
02657 return(auto_write(caller_pid,
02658 target,
02659 tid,
02660 FALSE));
02661 break;
02662 case T_DEV:
02663 /* Only check for devices with mac_check set */
02664 if (rsbac_get_attr(MAC,
02665 T_DEV,
02666 tid,
02667 A_mac_check,
02668 &i_attr_val1,
02669 FALSE))
02670 {
02671 rsbac_ds_get_error("rsbac_adf_request_mac", A_none);
02672 return(NOT_GRANTED);
02673 }
02674 if(!i_attr_val1.mac_check)
02675 return(DO_NOT_CARE);
02676 /* and perform auto-write without setting attributes */
02677 return(auto_write(caller_pid,
02678 target,
02679 tid,
02680 FALSE));
02681 break;
02682 /* all other cases are unknown */
02683 default: return(DO_NOT_CARE);
02684 }
02685
02686 case R_CHANGE_GROUP:
02687 switch(target)
02688 {
02689 case T_FILE:
02690 case T_DIR:
02691 case T_FIFO:
02692 case T_SYMLINK:
02693 /* and perform auto-write without setting attributes */
02694 return(auto_write(caller_pid,
02695 target,
02696 tid,
02697 FALSE));
02698 case T_IPC:
02699 /* and perform auto-write without setting attributes */
02700 return(auto_write(caller_pid,
02701 target,
02702 tid,
02703 FALSE));
02704
02705 #if defined(CONFIG_RSBAC_MAC_UM_PROT)
02706 case T_USER:
02707 /* Security Officer? */
02708 return mac_check_role(owner, SR_security_officer);
02709 #endif
02710 /* We do not care about */
02711 /* all other cases */
02712 default: return(DO_NOT_CARE);
02713 }
02714
02715 case R_CHANGE_OWNER:
02716 switch(target)
02717 {
02718 case T_FILE:
02719 case T_DIR:
02720 case T_FIFO:
02721 case T_SYMLINK:
02722 /* and perform auto-write without setting attributes */
02723 return(auto_write(caller_pid,
02724 target,
02725 tid,
02726 FALSE));
02727
02728 case T_IPC:
02729 return(auto_write(caller_pid,
02730 target,
02731 tid,
02732 FALSE));
02733
02734 /* all other cases are unknown */
02735 default:
02736 return(DO_NOT_CARE);
02737 }
02738
02739 case R_CHDIR:
02740 switch(target)
02741 {
02742 case T_DIR:
02743 /* and perform auto-read without setting attributes */
02744 return(auto_read(caller_pid,
02745 target,
02746 tid,
02747 FALSE));
02748 break;
02749 /* all other cases are unknown */
02750 default: return(DO_NOT_CARE);
02751 }
02752
02753 case R_CLONE:
02754 if (target == T_PROCESS)
02755 return(GRANTED);
02756 else
02757 return(DO_NOT_CARE);
02758
02759 case R_CREATE:
02760 switch(target)
02761 {
02762 /* Creating dir or (pseudo) file IN target dir! */
02763 case T_DIR:
02764 #ifdef CONFIG_RSBAC_MAC_LIGHT
02765 return GRANTED;
02766 #else
02767 /* Mode of created item is ignored! */
02768 /* and perform auto-write without setting attributes */
02769 return(auto_write(caller_pid,
02770 target,
02771 tid,
02772 FALSE));
02773 #endif
02774 break;
02775
02776 #ifdef CONFIG_RSBAC_MAC_NET_OBJ_PROT
02777 case T_NETTEMP:
02778 return mac_check_role(owner, SR_security_officer);
02779
02780 case T_NETOBJ:
02781 /* and perform auto-write without setting attributes */
02782 return(auto_write_attr(caller_pid,
02783 target,
02784 tid,
02785 A_local_sec_level,
02786 A_local_mac_categories,
02787 FALSE));
02788 #endif
02789
02790 #if defined(CONFIG_RSBAC_MAC_UM_PROT)
02791 case T_USER:
02792 case T_GROUP:
02793 /* Security Officer? */
02794 return mac_check_role(owner, SR_security_officer);
02795 #endif
02796 /* all other cases are unknown */
02797 default: return(DO_NOT_CARE);
02798 }
02799
02800 case R_DELETE:
02801 switch(target)
02802 {
02803 case T_FILE:
02804 case T_DIR:
02805 case T_FIFO:
02806 case T_SYMLINK:
02807 /* and perform auto-write without setting attributes */
02808 return(auto_write(caller_pid,
02809 target,
02810 tid,
02811 FALSE));
02812 break;
02813 case T_IPC:
02814 /* and perform auto-write without setting attributes */
02815 return(auto_write(caller_pid,
02816 target,
02817 tid,
02818 FALSE));
02819 break;
02820
02821 #ifdef CONFIG_RSBAC_MAC_NET_OBJ_PROT
02822 case T_NETTEMP:
02823 return mac_check_role(owner, SR_security_officer);
02824 #endif
02825 #if defined(CONFIG_RSBAC_MAC_UM_PROT)
02826 case T_USER:
02827 case T_GROUP:
02828 /* Security Officer? */
02829 return mac_check_role(owner, SR_security_officer);
02830 #endif
02831
02832 /* all other cases are unknown */
02833 default: return(DO_NOT_CARE);
02834 }
02835
02836 case R_EXECUTE:
02837 case R_MAP_EXEC:
02838 switch(target)
02839 {
02840 case T_FILE:
02841 /* and perform auto-read without setting attributes */
02842 return(auto_read(caller_pid,
02843 target,
02844 tid,
02845 FALSE));
02846
02847 /* all other cases are unknown */
02848 default:
02849 return(DO_NOT_CARE);
02850 }
02851
02852 case R_GET_PERMISSIONS_DATA:
02853 switch(target)
02854 {
02855 #if defined(CONFIG_RSBAC_MAC_UM_PROT)
02856 case T_USER:
02857 case T_GROUP:
02858 /* Security Officer? */
02859 return mac_check_role(owner, SR_security_officer);
02860 #endif
02861 #ifdef CONFIG_RSBAC_MAC_NET_OBJ_PROT
02862 case T_NETOBJ:
02863 /* and perform auto-read without setting attributes */
02864 return(auto_read_attr(caller_pid,
02865 target,
02866 tid,
02867 A_local_sec_level,
02868 A_local_mac_categories,
02869 FALSE));
02870 #endif
02871
02872 default:
02873 return(DO_NOT_CARE);
02874 }
02875
02876 case R_GET_STATUS_DATA:
02877 switch(target)
02878 {
02879 case T_SCD:
02880 /* target rsbaclog? only for secoff */
02881 if (tid.scd != ST_rsbaclog)
02882 return(GRANTED);
02883 /* Secoff? */
02884 if(mac_check_role(owner, SR_security_officer) == NOT_GRANTED)
02885 return mac_check_role(owner, SR_auditor);
02886 else
02887 return GRANTED;
02888
02889 case T_PROCESS:
02890 /* perform auto-read without setting attributes */
02891 return(auto_read_attr(caller_pid,
02892 target,
02893 tid,
02894 A_current_sec_level,
02895 A_mac_curr_categories,
02896 FALSE));
02897
02898 #ifdef CONFIG_RSBAC_MAC_NET_OBJ_PROT
02899 case T_NETOBJ:
02900 /* and perform auto-read without setting attributes */
02901 return(auto_read_attr(caller_pid,
02902 target,
02903 tid,
02904 A_local_sec_level,
02905 A_local_mac_categories,
02906 FALSE));
02907 #endif
02908
02909 default:
02910 return(DO_NOT_CARE);
02911 }
02912
02913 case R_LINK_HARD:
02914 switch(target)
02915 {
02916 case T_FILE:
02917 case T_FIFO:
02918 case T_SYMLINK:
02919 /* and perform auto-write without setting attributes */
02920 return(auto_write(caller_pid,
02921 target,
02922 tid,
02923 FALSE));
02924 break;
02925 /* all other cases are unknown */
02926 default: return(DO_NOT_CARE);
02927 }
02928
02929 case R_MODIFY_ACCESS_DATA:
02930 switch(target)
02931 {
02932 case T_FILE:
02933 case T_DIR:
02934 case T_FIFO:
02935 case T_SYMLINK:
02936 /* and perform auto-write without setting attributes */
02937 return(auto_write(caller_pid,
02938 target,
02939 tid,
02940 FALSE));
02941 break;
02942 /* all other cases are unknown */
02943 default: return(DO_NOT_CARE);
02944 }
02945
02946 case R_MODIFY_ATTRIBUTE:
02947 switch(attr)
02948 {
02949 case A_security_level:
02950 case A_initial_security_level:
02951 case A_local_sec_level:
02952 case A_remote_sec_level:
02953 case A_min_security_level:
02954 case A_mac_categories:
02955 case A_mac_initial_categories:
02956 case A_local_mac_categories:
02957 case A_remote_mac_categories:
02958 case A_mac_min_categories:
02959 case A_mac_user_flags:
02960 case A_mac_process_flags:
02961 case A_mac_file_flags:
02962 case A_system_role:
02963 case A_mac_role:
02964 case A_current_sec_level:
02965 case A_mac_curr_categories:
02966 case A_min_write_open:
02967 case A_max_read_open:
02968 case A_min_write_categories:
02969 case A_max_read_categories:
02970 case A_mac_check:
02971 case A_mac_auto:
02972 case A_mac_prop_trusted:
02973 case A_symlink_add_mac_level:
02974 #ifdef CONFIG_RSBAC_MAC_GEN_PROT
02975 case A_pseudo:
02976 case A_log_array_low:
02977 case A_log_array_high:
02978 case A_local_log_array_low:
02979 case A_local_log_array_high:
02980 case A_remote_log_array_low:
02981 case A_remote_log_array_high:
02982 case A_log_program_based:
02983 case A_log_user_based:
02984 case A_symlink_add_remote_ip:
02985 case A_symlink_add_uid:
02986 case A_linux_dac_disable:
02987 case A_fake_root_uid:
02988 case A_audit_uid:
02989 case A_auid_exempt:
02990 case A_remote_ip:
02991 case A_kernel_thread:
02992 #endif
02993 #ifdef CONFIG_RSBAC_MAC_AUTH_PROT
02994 case A_auth_may_setuid:
02995 case A_auth_may_set_cap:
02996 case A_auth_start_uid:
02997 case A_auth_start_euid:
02998 case A_auth_start_gid:
02999 case A_auth_start_egid:
03000 case A_auth_program_file:
03001 case A_auth_learn:
03002 case A_auth_add_f_cap:
03003 case A_auth_remove_f_cap:
03004 case A_auth_last_auth:
03005 #endif
03006 /* All attributes (remove target!) */
03007 case A_none:
03008 /* Security Officer? */
03009 return mac_check_role(owner, SR_security_officer);
03010
03011 default:
03012 return(DO_NOT_CARE);
03013 }
03014
03015 case R_MODIFY_PERMISSIONS_DATA:
03016 switch(target)
03017 {
03018 case T_FILE:
03019 case T_DIR:
03020 case T_FIFO:
03021 case T_SYMLINK:
03022 case T_IPC:
03023 /* and perform auto-write without setting attributes */
03024 return(auto_write(caller_pid,
03025 target,
03026 tid,
03027 FALSE));
03028 break;
03029
03030 case T_SCD:
03031 #ifdef CONFIG_RSBAC_USER_MOD_IOPERM
03032 if(tid.scd == ST_ioports)
03033 return GRANTED;
03034 #endif
03035 /* Security Officer? */
03036 i_tid.user = owner;
03037 if (rsbac_get_attr(MAC,
03038 T_USER,
03039 i_tid,
03040 A_mac_role,
03041 &i_attr_val1,
03042 TRUE))
03043 {
03044 rsbac_ds_get_error("rsbac_adf_request_mac", A_none);
03045 return(NOT_GRANTED);
03046 }
03047 /* if sec_officer, then grant */
03048 if (i_attr_val1.system_role == SR_security_officer)
03049 return(GRANTED);
03050 /* For booting: if administrator and ioports, then grant */
03051 if ( (i_attr_val1.system_role == SR_administrator)
03052 && (tid.scd == ST_ioports) )
03053 return(GRANTED);
03054 else
03055 return(NOT_GRANTED);
03056
03057 #ifdef CONFIG_RSBAC_MAC_NET_OBJ_PROT
03058 case T_NETOBJ:
03059 /* and perform auto-write without setting attributes */
03060 return(auto_write_attr(caller_pid,
03061 target,
03062 tid,
03063 A_local_sec_level,
03064 A_local_mac_categories,
03065 FALSE));
03066 #endif
03067
03068 #if defined(CONFIG_RSBAC_MAC_UM_PROT)
03069 case T_USER:
03070 case T_GROUP:
03071 /* Security Officer? */
03072 return mac_check_role(owner, SR_security_officer);
03073 #endif
03074 #ifdef CONFIG_RSBAC_ALLOW_DAC_DISABLE
03075 /* switching Linux DAC */
03076 case T_NONE:
03077 /* Security Officer? */
03078 i_tid.user = owner;
03079 if (rsbac_get_attr(MAC,
03080 T_USER,
03081 i_tid,
03082 A_mac_role,
03083 &i_attr_val1,
03084 TRUE))
03085 {
03086 rsbac_ds_get_error("rsbac_adf_request_mac", A_none);
03087 return(NOT_GRANTED);
03088 }
03089 /* if sec_officer, then grant */
03090 if (i_attr_val1.system_role == SR_security_officer)
03091 return(GRANTED);
03092 else
03093 return(NOT_GRANTED);
03094 #endif
03095
03096 /* all other cases are unknown */
03097 default: return(DO_NOT_CARE);
03098 }
03099
03100 case R_MODIFY_SYSTEM_DATA:
03101 switch(target)
03102 {
03103 case T_SCD:
03104 /* target rlimit? no problem, but needed -> grant */
03105 if (tid.scd == ST_rlimit)
03106 return(GRANTED);
03107 /* Get role */
03108 i_tid.user = owner;
03109 if (rsbac_get_attr(MAC,
03110 T_USER,
03111 i_tid,
03112 A_mac_role,
03113 &i_attr_val1,
03114 TRUE))
03115 {
03116 rsbac_ds_get_error("rsbac_adf_request_mac", A_none);
03117 return(NOT_GRANTED);
03118 }
03119 /* if rsbaclog: grant only for secoff and auditor */
03120 if(tid.scd == ST_rsbaclog)
03121 {
03122 if ( (i_attr_val1.system_role == SR_security_officer)
03123 || (i_attr_val1.system_role == SR_auditor)
03124 )
03125 return(GRANTED);
03126 else
03127 return(NOT_GRANTED);
03128 }
03129 /* if rsbac_log_remote: grant only for secoff */
03130 if(tid.scd == ST_rsbac_remote_log)
03131 {
03132 if ( (i_attr_val1.system_role == SR_security_officer)
03133 )
03134 return(GRANTED);
03135 else
03136 return(NOT_GRANTED);
03137 }
03138 /* if rsbac: grant for secoff and adminr */
03139 if(tid.scd == ST_rsbac)
03140 {
03141 if ( (i_attr_val1.system_role == SR_security_officer)
03142 || (i_attr_val1.system_role == SR_administrator)
03143 )
03144 return(GRANTED);
03145 else
03146 return(NOT_GRANTED);
03147 }
03148 /* if administrator, then grant */
03149 if (i_attr_val1.system_role == SR_administrator)
03150 return(GRANTED);
03151 else
03152 return(NOT_GRANTED);
03153
03154 case T_DEV:
03155 if(tid.dev.type == D_block)
03156 return mac_check_role(owner, SR_administrator);
03157 else
03158 return DO_NOT_CARE;
03159
03160 case T_PROCESS:
03161 /* and perform auto-write without setting attributes */
03162 return(auto_write_attr(caller_pid,
03163 target,
03164 tid,
03165 A_current_sec_level,
03166 A_mac_curr_categories,
03167 FALSE));
03168
03169 #ifdef CONFIG_RSBAC_MAC_NET_DEV_PROT
03170 case T_NETDEV:
03171 return mac_check_role(owner, SR_administrator);
03172 #endif
03173 #ifdef CONFIG_RSBAC_MAC_NET_OBJ_PROT
03174 case T_NETOBJ:
03175 /* and perform auto-write without setting attributes */
03176 return(auto_write_attr(caller_pid,
03177 target,
03178 tid,
03179 A_local_sec_level,
03180 A_local_mac_categories,
03181 FALSE));
03182 #endif
03183
03184 /* all other cases are unknown */
03185 default: return(DO_NOT_CARE);
03186 }
03187
03188 case R_MOUNT:
03189 switch(target)
03190 {
03191 case T_FILE:
03192 case T_DIR:
03193 case T_DEV:
03194 /* test owner's mac_role: Administrator? */
03195 #ifndef CONFIG_RSBAC_MAC_LIGHT
03196 if(mac_check_role(owner, SR_administrator) == NOT_GRANTED)
03197 return(NOT_GRANTED);
03198 #endif
03199 /* test read-write access to mount dir / dev: */
03200 /* and perform auto-read(-write) without setting of attributes */
03201 if( (target == T_DEV)
03202 && (attr == A_mode)
03203 && (attr_val.mode & MS_RDONLY))
03204 return(auto_read(caller_pid,
03205 target,
03206 tid,
03207 FALSE));
03208 else
03209 return(auto_read_write(caller_pid,
03210 target,
03211 tid,
03212 FALSE));
03213
03214 /* all other cases are unknown */
03215 default: return(DO_NOT_CARE);
03216 }
03217
03218 case R_READ:
03219 switch(target)
03220 {
03221 case T_DIR:
03222 #ifdef CONFIG_RSBAC_RW
03223 case T_IPC:
03224 case T_FILE:
03225 case T_FIFO:
03226 #endif
03227 /* and perform auto-read without setting attributes */
03228 return(auto_read(caller_pid,
03229 target,
03230 tid,
03231 FALSE));
03232 break;
03233
03234 #ifdef CONFIG_RSBAC_RW
03235 case T_DEV:
03236 /* Only check for devices with mac_check set */
03237 if (rsbac_get_attr(MAC,
03238 T_DEV,
03239 tid,
03240 A_mac_check,
03241 &i_attr_val1,
03242 FALSE))
03243 {
03244 rsbac_ds_get_error("rsbac_adf_request_mac", A_none);
03245 return(NOT_GRANTED);
03246 }
03247 if(!i_attr_val1.mac_check)
03248 return(DO_NOT_CARE);
03249 /* and perform auto-read without setting attributes */
03250 return(auto_read(caller_pid,
03251 target,
03252 tid,
03253 FALSE));
03254 break;
03255 #endif
03256
03257 #if defined(CONFIG_RSBAC_MAC_NET_OBJ_PROT)
03258 case T_NETTEMP:
03259 if(mac_check_role(owner, SR_security_officer) == GRANTED)
03260 return GRANTED;
03261 return mac_check_role(owner, SR_administrator);
03262
03263 case T_NETOBJ:
03264 /* and perform auto-read without setting attributes */
03265 return(auto_read_attr(caller_pid,
03266 target,
03267 tid,
03268 A_remote_sec_level,
03269 A_remote_mac_categories,
03270 FALSE));
03271 #endif
03272
03273 #if defined(CONFIG_RSBAC_MAC_UM_PROT)
03274 case T_USER:
03275 case T_GROUP:
03276 /* Security Officer or Admin? */
03277 if(mac_check_role(owner, SR_security_officer) == GRANTED)
03278 return GRANTED;
03279 else
03280 return mac_check_role(owner, SR_administrator);
03281 #endif
03282 /* all other cases are unknown */
03283 default: return(DO_NOT_CARE);
03284 }
03285
03286
03287 case R_READ_ATTRIBUTE:
03288 switch(attr)
03289 {
03290 case A_owner:
03291 case A_security_level:
03292 case A_local_sec_level:
03293 case A_remote_sec_level:
03294 case A_min_security_level:
03295 case A_mac_categories:
03296 case A_local_mac_categories:
03297 case A_remote_mac_categories:
03298 case A_mac_min_categories:
03299 case A_pseudo:
03300 case A_system_role:
03301 case A_mac_role:
03302 case A_current_sec_level:
03303 case A_min_write_open:
03304 case A_max_read_open:
03305 case A_mac_user_flags:
03306 case A_mac_process_flags:
03307 case A_mac_check:
03308 case A_mac_auto:
03309 case A_mac_prop_trusted:
03310 case A_mac_file_flags:
03311 case A_initial_security_level:
03312 case A_mac_initial_categories:
03313 case A_symlink_add_mac_level:
03314 #ifdef CONFIG_RSBAC_MAC_GEN_PROT
03315 case A_log_array_low:
03316 case A_log_array_high:
03317 case A_log_program_based:
03318 case A_log_user_based:
03319 case A_symlink_add_remote_ip:
03320 case A_symlink_add_uid:
03321 case A_fake_root_uid:
03322 case A_audit_uid:
03323 case A_auid_exempt:
03324 case A_remote_ip:
03325 case A_kernel_thread:
03326 #endif
03327 #ifdef CONFIG_RSBAC_MAC_AUTH_PROT
03328 case A_auth_may_setuid:
03329 case A_auth_may_set_cap:
03330 case A_auth_start_uid:
03331 case A_auth_start_euid:
03332 case A_auth_start_gid:
03333 case A_auth_start_egid:
03334 case A_auth_program_file:
03335 case A_auth_learn:
03336 case A_auth_last_auth:
03337 #endif
03338 /* Security Officer ot Admin? */
03339 if(mac_check_role(owner, SR_security_officer) == GRANTED)
03340 return GRANTED;
03341 else
03342 return mac_check_role(owner, SR_administrator);
03343
03344 default:
03345 return(DO_NOT_CARE);
03346 }
03347
03348 case R_READ_OPEN:
03349 switch(target)
03350 {
03351 case T_FILE:
03352 case T_DIR:
03353 case T_FIFO:
03354 case T_IPC:
03355 /* and perform auto-read without setting attributes */
03356 return(auto_read(caller_pid,
03357 target,
03358 tid,
03359 FALSE));
03360 break;
03361 case T_DEV:
03362 /* Only check for devices with mac_check set */
03363 if (rsbac_get_attr(MAC,
03364 T_DEV,
03365 tid,
03366 A_mac_check,
03367 &i_attr_val1,
03368 FALSE))
03369 {
03370 rsbac_ds_get_error("rsbac_adf_request_mac", A_none);
03371 return(NOT_GRANTED);
03372 }
03373 if(!i_attr_val1.mac_check)
03374 return(DO_NOT_CARE);
03375 /* and perform auto-read without setting attributes */
03376 return(auto_read(caller_pid,
03377 target,
03378 tid,
03379 FALSE));
03380 break;
03381 /* all other cases are unknown */
03382 default: return(DO_NOT_CARE);
03383 }
03384
03385 case R_READ_WRITE_OPEN:
03386 switch(target)
03387 {
03388 case T_FILE:
03389 case T_FIFO:
03390 case T_IPC:
03391 /* and perform auto-read-write without setting attributes */
03392 return(auto_read_write(caller_pid,
03393 target,
03394 tid,
03395 FALSE));
03396
03397 case T_DEV:
03398 /* Only check for devices with mac_check set */
03399 if (rsbac_get_attr(MAC,
03400 T_DEV,
03401 tid,
03402 A_mac_check,
03403 &i_attr_val1,
03404 FALSE))
03405 {
03406 rsbac_ds_get_error("rsbac_adf_request_mac", A_none);
03407 return(NOT_GRANTED);
03408 }
03409 if(!i_attr_val1.mac_check)
03410 return(DO_NOT_CARE);
03411 /* and perform auto-read-write without setting attributes */
03412 return(auto_read_write(caller_pid,
03413 target,
03414 tid,
03415 FALSE));
03416
03417 /* all other cases are unknown */
03418 default: return(DO_NOT_CARE);
03419 }
03420
03421 case R_REMOVE_FROM_KERNEL:
03422 switch(target)
03423 {
03424 case T_FILE:
03425 case T_DEV:
03426 case T_NONE:
03427 /* test owner's mac_role */
03428 return mac_check_role(owner, SR_administrator);
03429
03430 /* all other cases are unknown */
03431 default: return(DO_NOT_CARE);
03432 }
03433
03434 case R_SHUTDOWN:
03435 switch(target)
03436 {
03437 case T_NONE:
03438 /* test owner's mac_role */
03439 return mac_check_role(owner, SR_administrator);
03440
03441 /* all other cases are unknown */
03442 default: return(DO_NOT_CARE);
03443 }
03444
03445 case R_RENAME:
03446 switch(target)
03447 {
03448 case T_FILE:
03449 case T_DIR:
03450 case T_FIFO:
03451 case T_SYMLINK:
03452 /* and perform auto-write without setting attributes */
03453 result = auto_write(caller_pid,
03454 target,
03455 tid,
03456 FALSE);
03457 /* if parent dir might change, convert inherit to explicit level/cat:
03458 get and set effective value */
03459 if( ( (result == GRANTED)
03460 || (result == DO_NOT_CARE)
03461 )
03462 && ( (attr != A_new_dir_dentry_p)
03463 || (attr_val.new_dir_dentry_p != tid.file.dentry_p->d_parent)
03464 )
03465 )
03466 {
03467 if (rsbac_get_attr(MAC,
03468 target,
03469 tid,
03470 A_security_level,
03471 &i_attr_val1,
03472 TRUE))
03473 { /* failed! */
03474 rsbac_ds_get_error("rsbac_adf_request_mac", A_none);
03475 return(NOT_GRANTED);
03476 }
03477 if(rsbac_set_attr(MAC,
03478 target,
03479 tid,
03480 A_security_level,
03481 i_attr_val1))
03482 { /* failed! */
03483 rsbac_ds_set_error("rsbac_adf_request_mac", A_none);
03484 return(NOT_GRANTED);
03485 }
03486 if (rsbac_get_attr(MAC,
03487 target,
03488 tid,
03489 A_mac_categories,
03490 &i_attr_val1,
03491 TRUE))
03492 { /* failed! */
03493 rsbac_ds_get_error("rsbac_adf_request_mac", A_none);
03494 return(NOT_GRANTED);
03495 }
03496 if(rsbac_set_attr(MAC,
03497 target,
03498 tid,
03499 A_mac_categories,
03500 i_attr_val1))
03501 { /* failed! */
03502 rsbac_ds_set_error("rsbac_adf_request_mac", A_none);
03503 return(NOT_GRANTED);
03504 }
03505 }
03506 return result;
03507 break;
03508 #if defined(CONFIG_RSBAC_MAC_UM_PROT)
03509 case T_USER:
03510 case T_GROUP:
03511 /* Security Officer? */
03512 return mac_check_role(owner, SR_security_officer);
03513 #endif
03514 /* all other cases are unknown */
03515 default: return(DO_NOT_CARE);
03516 }
03517
03518
03519 case R_SEARCH:
03520 switch(target)
03521 {
03522 case T_DIR:
03523 case T_SYMLINK:
03524 /* and perform auto-read without setting attributes */
03525 return(auto_read(caller_pid,
03526 target,
03527 tid,
03528 FALSE));
03529 break;
03530 /* all other cases are unknown */
03531 default: return(DO_NOT_CARE);
03532 }
03533
03534 case R_SEND_SIGNAL:
03535 switch(target)
03536 {
03537 case T_PROCESS:
03538 /* and perform auto-write without setting attributes */
03539 return(auto_write_attr(caller_pid,
03540 target,
03541 tid,
03542 A_current_sec_level,
03543 A_mac_curr_categories,
03544 FALSE));
03545
03546 /* all other cases are unknown */
03547 default:
03548 return(DO_NOT_CARE);
03549 }
03550
03551 /* case R_SHUTDOWN: see R_REMOVE_FROM_KERNEL */
03552
03553 case R_SWITCH_LOG:
03554 switch(target)
03555 {
03556 case T_NONE:
03557 /* test owner's mac_role */
03558 return mac_check_role(owner, SR_security_officer);
03559
03560 /* all other cases are unknown */
03561 default: return(DO_NOT_CARE);
03562 }
03563
03564 case R_SWITCH_MODULE:
03565 switch(target)
03566 {
03567 case T_NONE:
03568 /* we need the switch_target */
03569 if(attr != A_switch_target)
03570 return(UNDEFINED);
03571 /* do not care for other modules */
03572 if( (attr_val.switch_target != MAC)
03573 #ifdef CONFIG_RSBAC_MAC_AUTH_PROT
03574 && (attr_val.switch_target != AUTH)
03575 #endif
03576 #ifdef CONFIG_RSBAC_SOFTMODE
03577 && (attr_val.switch_target != SOFTMODE)
03578 #endif
03579 #ifdef CONFIG_RSBAC_FREEZE
03580 && (attr_val.switch_target != FREEZE)
03581 #endif
03582 )
03583 return(DO_NOT_CARE);
03584 /* test owner's mac_role */
03585 return mac_check_role(owner, SR_security_officer);
03586
03587 /* all other cases are unknown */
03588 default: return(DO_NOT_CARE);
03589 }
03590
03591 /* notify only, handled by adf-dispatcher */
03592 case R_TERMINATE:
03593 if (target == T_PROCESS)
03594 return(DO_NOT_CARE);
03595 else
03596 return(DO_NOT_CARE);
03597
03598 case R_TRACE:
03599 switch(target)
03600 {
03601 case T_PROCESS:
03602 /* and perform auto-read-write without setting attributes */
03603 return(auto_read_write_attr(caller_pid,
03604 target,
03605 tid,
03606 A_current_sec_level,
03607 A_mac_curr_categories,
03608 FALSE));
03609
03610 /* all other cases are unknown */
03611 default:
03612 return(DO_NOT_CARE);
03613 }
03614
03615 case R_TRUNCATE:
03616 switch(target)
03617 {
03618 case T_FILE:
03619 /* and perform auto-write without setting attributes */
03620 return(auto_write(caller_pid,
03621 target,
03622 tid,
03623 FALSE));
03624 break;
03625 /* all other cases are unknown */
03626 default: return(DO_NOT_CARE);
03627 }
03628
03629 case R_UMOUNT:
03630 switch(target)
03631 {
03632 case T_FILE:
03633 case T_DIR:
03634 case T_DEV:
03635 #ifdef CONFIG_RSBAC_MAC_LIGHT
03636 return(GRANTED);
03637 #else
03638 return mac_check_role(owner, SR_administrator);
03639 #endif
03640 /* all other cases are unknown */
03641 default: return(DO_NOT_CARE);
03642 }
03643
03644 case R_WRITE:
03645 switch(target)
03646 {
03647 case T_DIR:
03648 case T_IPC:
03649 #ifdef CONFIG_RSBAC_RW
03650 case T_FILE:
03651 case T_FIFO:
03652 #endif
03653 /* Mode of created item is ignored! */
03654 /* and perform auto-write without setting attributes */
03655 return(auto_write(caller_pid,
03656 target,
03657 tid,
03658 FALSE));
03659
03660
03661 #ifdef CONFIG_RSBAC_RW
03662 case T_DEV:
03663 /* Only check for devices with mac_check set */
03664 if (rsbac_get_attr(MAC,
03665 T_DEV,
03666 tid,
03667 A_mac_check,
03668 &i_attr_val1,
03669 FALSE))
03670 {
03671 rsbac_ds_get_error("rsbac_adf_request_mac", A_none);
03672 return(NOT_GRANTED);
03673 }
03674 if(!i_attr_val1.mac_check)
03675 return(DO_NOT_CARE);
03676 /* and perform auto-write without setting attributes */
03677 return(auto_write(caller_pid,
03678 target,
03679 tid,
03680 FALSE));
03681 break;
03682 #endif
03683
03684 #if defined(CONFIG_RSBAC_MAC_NET_OBJ_PROT)
03685 case T_NETTEMP:
03686 return mac_check_role(owner, SR_security_officer);
03687
03688 case T_NETOBJ:
03689 /* test write access to target: get its sec_level */
03690 if (rsbac_get_attr(MAC,
03691 target,
03692 tid,
03693 A_remote_sec_level,
03694 &i_attr_val1,
03695 TRUE))
03696 {
03697 rsbac_ds_get_error("rsbac_adf_request_mac", A_none);
03698 return(NOT_GRANTED);
03699 }
03700 if (rsbac_get_attr(MAC,
03701 target,
03702 tid,
03703 A_remote_mac_categories,
03704 &i_attr_val2,
03705 TRUE))
03706 {
03707 rsbac_ds_get_error("rsbac_adf_request_mac", A_none);
03708 return(NOT_GRANTED);
03709 }
03710 /* and perform auto-write without setting attributes */
03711 return(auto_write_attr(caller_pid,
03712 target,
03713 tid,
03714 A_remote_sec_level,
03715 A_remote_mac_categories,
03716 FALSE));
03717 #endif
03718
03719 #if defined(CONFIG_RSBAC_MAC_UM_PROT)
03720 case T_USER:
03721 case T_GROUP:
03722 /* Security Officer? */
03723 return mac_check_role(owner, SR_security_officer);
03724 #endif
03725 /* all other cases are unknown */
03726 default: return(DO_NOT_CARE);
03727 }
03728
03729 case R_WRITE_OPEN:
03730 switch(target)
03731 {
03732 case T_FILE:
03733 case T_FIFO:
03734 case T_IPC:
03735 /* and perform auto-write without setting attributes */
03736 return(auto_write(caller_pid,
03737 target,
03738 tid,
03739 FALSE));
03740 break;
03741 case T_DEV:
03742 /* Only check for devices with mac_check set */
03743 if (rsbac_get_attr(MAC,
03744 T_DEV,
03745 tid,
03746 A_mac_check,
03747 &i_attr_val1,
03748 FALSE))
03749 {
03750 rsbac_ds_get_error("rsbac_adf_request_mac", A_none);
03751 return(NOT_GRANTED);
03752 }
03753 if(!i_attr_val1.mac_check)
03754 return(DO_NOT_CARE);
03755 /* and perform auto-write without setting attributes */
03756 return(auto_write(caller_pid,
03757 target,
03758 tid,
03759 FALSE));
03760
03761 /* all other cases are unknown */
03762 default: return(DO_NOT_CARE);
03763 }
03764
03765 case R_SEND:
03766 switch(target)
03767 {
03768 case T_DEV:
03769 /* Only check for devices with mac_check set */
03770 if (rsbac_get_attr(MAC,
03771 T_DEV,
03772 tid,
03773 A_mac_check,
03774 &i_attr_val1,
03775 FALSE))
03776 {
03777 rsbac_ds_get_error("rsbac_adf_request_mac", A_none);
03778 return(NOT_GRANTED);
03779 }
03780 if(!i_attr_val1.mac_check)
03781 return(DO_NOT_CARE);
03782 /* and perform auto-write without setting attributes */
03783 return(auto_write(caller_pid,
03784 target,
03785 tid,
03786 FALSE));
03787
03788 #if defined(CONFIG_RSBAC_MAC_NET_OBJ_PROT)
03789 case T_NETOBJ:
03790 /* and perform auto-read-write without setting attributes */
03791 return(auto_read_write_attr(caller_pid,
03792 target,
03793 tid,
03794 A_remote_sec_level,
03795 A_remote_mac_categories,
03796 FALSE));
03797
03798 #endif
03799 /* all other cases are unknown */
03800 default: return(DO_NOT_CARE);
03801 }
03802
03803 #if defined(CONFIG_RSBAC_MAC_NET_OBJ_PROT)
03804 case R_BIND:
03805 case R_LISTEN:
03806 switch(target)
03807 {
03808 case T_NETOBJ:
03809 /* and perform auto-read-write without setting attributes */
03810 return(auto_read_write_attr(caller_pid,
03811 target,
03812 tid,
03813 A_local_sec_level,
03814 A_local_mac_categories,
03815 FALSE));
03816
03817 /* all other cases are unknown */
03818 default: return(DO_NOT_CARE);
03819 }
03820
03821 case R_ACCEPT:
03822 case R_CONNECT:
03823 case R_RECEIVE:
03824 switch(target)
03825 {
03826 case T_NETOBJ:
03827 /* and perform auto-read-write without setting attributes */
03828 return(auto_read_write_attr(caller_pid,
03829 target,
03830 tid,
03831 A_remote_sec_level,
03832 A_remote_mac_categories,
03833 FALSE));
03834
03835 /* all other cases are unknown */
03836 default: return(DO_NOT_CARE);
03837 }
03838 #endif /* NET_OBJ_PROT */
03839
03840 /*********************/
03841 default: return DO_NOT_CARE;
03842 }
03843
03844 return(result);
03845 } /* end of rsbac_adf_request_mac() */
|
|
||||||||||||||||||||||||||||||||||||||||
|
Definition at line 3859 of file mac_main.c. References A_current_sec_level, A_initial_security_level, A_local_mac_categories, A_local_sec_level, A_mac_auto, A_mac_categories, A_mac_check, A_mac_curr_categories, A_mac_initial_categories, A_mac_min_categories, A_mac_process_flags, A_mac_prop_trusted, A_mac_user_flags, A_max_read_categories, A_max_read_open, A_min_security_level, A_min_write_categories, A_min_write_open, A_none, A_remote_mac_categories, A_remote_sec_level, A_security_level, auto_read(), auto_read_attr(), auto_read_write(), auto_read_write_attr(), auto_write(), auto_write_attr(), DO_NOT_CARE, FALSE, GRANTED, MAC, MAC_allow_auto, rsbac_attribute_value_t::mac_auto, MAC_auto, rsbac_attribute_value_t::mac_categories, rsbac_attribute_value_t::mac_check, rsbac_attribute_value_t::mac_process_flags, MAC_program_auto, rsbac_attribute_value_t::mac_prop_trusted, MAC_trusted, rsbac_attribute_value_t::mac_user_flags, rsbac_attribute_value_t::max_read_open, rsbac_attribute_value_t::min_write_open, rsbac_attribute_value_t::owner, rsbac_target_id_t::process, R_ACCEPT, R_APPEND_OPEN, R_BIND, R_CHANGE_OWNER, R_CLONE, R_CONNECT, R_CREATE, R_DELETE, R_EXECUTE, R_LISTEN, R_MOUNT, R_READ, R_READ_OPEN, R_READ_WRITE_OPEN, R_RECEIVE, R_SEARCH, R_SEND, R_TRACE, R_WRITE, R_WRITE_OPEN, RSBAC_EDECISIONMISMATCH, RSBAC_EINVALIDATTR, RSBAC_EREADFAILED, RSBAC_EWRITEFAILED, rsbac_get_attr, rsbac_mac_copy_fp_truset(), rsbac_mac_copy_pp_truset(), RSBAC_MAC_MAX_CAT_VECTOR, RSBAC_MAC_MIN_CAT_VECTOR, RSBAC_MAC_P_FLAGS, rsbac_mac_p_truset_member(), rsbac_printk(), rsbac_set_attr, rsbac_attribute_value_t::security_level, SL_max, SL_min, T_DEV, T_DIR, T_FIFO, T_FILE, T_IPC, T_NETOBJ, T_PROCESS, T_SYMLINK, T_USER, TRUE, and rsbac_target_id_t::user. Referenced by rsbac_adf_set_attr(). 03869 {
03870 enum rsbac_adf_req_ret_t result = DO_NOT_CARE;
03871 union rsbac_target_id_t i_tid;
03872 union rsbac_attribute_value_t i_attr_val1;
03873 union rsbac_attribute_value_t i_attr_val2;
03874 union rsbac_attribute_value_t i_attr_val3;
03875 union rsbac_attribute_value_t i_attr_val4;
03876 union rsbac_attribute_value_t i_attr_val5;
03877 union rsbac_attribute_value_t i_attr_val6;
03878 union rsbac_attribute_value_t i_attr_val7;
03879 union rsbac_attribute_value_t i_attr_val8;
03880 union rsbac_attribute_value_t i_attr_val9;
03881 rsbac_boolean_t inherit;
03882
03883 switch (request)
03884 {
03885 case R_APPEND_OPEN:
03886 switch(target)
03887 {
03888 case T_FILE:
03889 case T_FIFO:
03890 case T_IPC:
03891 /* test write access to target: get its sec_level */
03892 if( (target == T_FILE)
03893 || (target == T_FIFO)
03894 )
03895 inherit = TRUE;
03896 else
03897 inherit = FALSE;
03898 if (rsbac_get_attr(MAC,
03899 target,
03900 tid,
03901 A_security_level,
03902 &i_attr_val1,
03903 inherit))
03904 {
03905 rsbac_ds_get_error("rsbac_adf_set_attr_mac", A_none);
03906 return(-RSBAC_EREADFAILED);
03907 }
03908 if (rsbac_get_attr(MAC,
03909 target,
03910 tid,
03911 A_mac_categories,
03912 &i_attr_val2,
03913 inherit))
03914 {
03915 rsbac_ds_get_error("rsbac_adf_set_attr_mac", A_none);
03916 return(-RSBAC_EREADFAILED);
03917 }
03918 /* and perform auto-write with setting attributes */
03919 result = auto_write(caller_pid,
03920 target,
03921 tid,
03922 TRUE);
03923 if ((result == GRANTED) || (result == DO_NOT_CARE))
03924 return(0);
03925 else
03926 return(-RSBAC_EDECISIONMISMATCH);
03927 break;
03928 case T_DEV:
03929 /* Only check for devices with mac_check set */
03930 if (rsbac_get_attr(MAC,
03931 T_DEV,
03932 tid,
03933 A_mac_check,
03934 &i_attr_val1,
03935 FALSE))
03936 {
03937 rsbac_ds_get_error("rsbac_adf_set_attr_mac", A_none);
03938 return(-RSBAC_EREADFAILED);
03939 }
03940 if(!i_attr_val1.mac_check)
03941 return(0);
03942 /* and perform auto-write with setting attributes */
03943 result = auto_write(caller_pid,
03944 target,
03945 tid,
03946 TRUE);
03947 if ((result == GRANTED) || (result == DO_NOT_CARE))
03948 return(0);
03949 else
03950 return(-RSBAC_EDECISIONMISMATCH);
03951 break;
03952 /* all other cases are unknown */
03953 default: return(0);
03954 }
03955
03956 case R_CHANGE_OWNER:
03957 switch(target)
03958 {
03959 /* Changing process owner affects access decisions, */
03960 /* so attributes have to be adjusted. */
03961 case T_PROCESS:
03962 /* For target process there MUST be a new owner specified */
03963 if (attr != A_owner)
03964 return(-RSBAC_EINVALIDATTR);
03965
03966 /* Get owner-sec-level and mac_categories for new owner */
03967 i_tid.user = attr_val.owner;
03968 if (rsbac_get_attr(MAC,
03969 T_USER,
03970 i_tid,
03971 A_security_level,
03972 &i_attr_val2,
03973 TRUE))
03974 {
03975 rsbac_ds_get_error("rsbac_adf_set_attr_mac", A_none);
03976 return(-RSBAC_EREADFAILED);
03977 }
03978 if (rsbac_get_attr(MAC,
03979 T_USER,
03980 i_tid,
03981 A_mac_categories,
03982 &i_attr_val3,
03983 TRUE))
03984 {
03985 rsbac_ds_get_error("rsbac_adf_set_attr_mac", A_none);
03986 return(-RSBAC_EREADFAILED);
03987 }
03988 /* set owner-sec-level and mac_categories for process to new values */
03989 if (rsbac_set_attr(MAC,
03990 T_PROCESS,
03991 tid,
03992 A_security_level,
03993 i_attr_val2))
03994 {
03995 rsbac_ds_set_error("rsbac_adf_set_attr_mac", A_none);
03996 return(-RSBAC_EWRITEFAILED);
03997 }
03998 if (rsbac_set_attr(MAC,
03999 T_PROCESS,
04000 tid,
04001 A_mac_categories,
04002 i_attr_val3))
04003 {
04004 rsbac_ds_set_error("rsbac_adf_set_attr_mac", A_none);
04005 return(-RSBAC_EWRITEFAILED);
04006 }
04007 /* Get min_write_open and min_write_categories of process */
04008 if (rsbac_get_attr(MAC,
04009 T_PROCESS,
04010 tid,
04011 A_min_write_open,
04012 &i_attr_val4,
04013 TRUE))
04014 {
04015 rsbac_ds_get_error("rsbac_adf_set_attr_mac", A_none);
04016 return(-RSBAC_EREADFAILED);
04017 }
04018 if (rsbac_get_attr(MAC,
04019 T_PROCESS,
04020 tid,
04021 A_min_write_categories,
04022 &i_attr_val5,
04023 TRUE))
04024 {
04025 rsbac_ds_get_error("rsbac_adf_set_attr_mac", A_none);
04026 return(-RSBAC_EREADFAILED);
04027 }
04028 /* adjust min_write_open and min_write_categories, if too high */
04029 if(i_attr_val2.security_level < i_attr_val4.min_write_open)
04030 {
04031 i_attr_val4.min_write_open = i_attr_val2.security_level;
04032 if(rsbac_set_attr(MAC,
04033 T_PROCESS,
04034 tid,
04035 A_min_write_open,
04036 i_attr_val4))
04037 {
04038 rsbac_ds_set_error("rsbac_adf_set_attr_mac", A_none);
04039 return(-RSBAC_EWRITEFAILED);
04040 }
04041 }
04042 /* does process have categories in min_write that the new owner has not? */
04043 /* If yes, throw them out. */
04044 if ((i_attr_val3.mac_categories & i_attr_val5.mac_categories)
04045 != i_attr_val5.mac_categories)
04046 {
04047 i_attr_val5.mac_categories &= i_attr_val3.mac_categories;
04048 if(rsbac_set_attr(MAC,
04049 T_PROCESS,
04050 tid,
04051 A_min_write_categories,
04052 i_attr_val5))
04053 {
04054 rsbac_ds_set_error("rsbac_adf_set_attr_mac", A_none);
04055 return(-RSBAC_EWRITEFAILED);
04056 }
04057 }
04058 /* Get owner-initial-sec-level and mac_initial_categories for new owner */
04059 /* These values will be adjusted by max_read / min_write and then used as */
04060 /* new current level/categories. */
04061 i_tid.user = attr_val.owner;
04062 if (rsbac_get_attr(MAC,
04063 T_USER,
04064 i_tid,
04065 A_initial_security_level,
04066 &i_attr_val6,
04067 TRUE))
04068 {
04069 rsbac_ds_get_error("rsbac_adf_set_attr_mac", A_none);
04070 return(-RSBAC_EREADFAILED);
04071 }
04072 if (rsbac_set_attr(MAC,
04073 T_PROCESS,
04074 tid,
04075 A_initial_security_level,
04076 i_attr_val6))
04077 {
04078 rsbac_ds_set_error("rsbac_adf_set_attr_mac", A_none);
04079 return(-RSBAC_EWRITEFAILED);
04080 }
04081 #if 0
04082 /* restrict current_level to be a maximum of min_write */
04083 if(i_attr_val6.security_level > i_attr_val4.min_write_open)
04084 i_attr_val6.security_level = i_attr_val4.min_write_open;
04085 #endif
04086 if (rsbac_get_attr(MAC,
04087 T_USER,
04088 i_tid,
04089 A_mac_initial_categories,
04090 &i_attr_val7,
04091 TRUE))
04092 {
04093 rsbac_ds_get_error("rsbac_adf_set_attr_mac", A_none);
04094 return(-RSBAC_EREADFAILED);
04095 }
04096 if (rsbac_set_attr(MAC,
04097 T_PROCESS,
04098 tid,
04099 A_mac_initial_categories,
04100 i_attr_val7))
04101 {
04102 rsbac_ds_set_error("rsbac_adf_set_attr_mac", A_none);
04103 return(-RSBAC_EWRITEFAILED);
04104 }
04105 #if 0
04106 /* restrict current_categories to be a maximum of min_write */
04107 if((i_attr_val7.mac_categories & i_attr_val5.mac_categories) != i_attr_val7.mac_categories)
04108 i_attr_val7.mac_categories &= i_attr_val5.mac_categories;
04109 #endif
04110 /* Get owner-min-sec-level and mac_min_categories for new owner */
04111 i_tid.user = attr_val.owner;
04112 if (rsbac_get_attr(MAC,
04113 T_USER,
04114 i_tid,
04115 A_min_security_level,
04116 &i_attr_val8,
04117 TRUE))
04118 {
04119 rsbac_ds_get_error("rsbac_adf_set_attr_mac", A_none);
04120 return(-RSBAC_EREADFAILED);
04121 }
04122 if (rsbac_get_attr(MAC,
04123 T_USER,
04124 i_tid,
04125 A_mac_min_categories,
04126 &i_attr_val9,
04127 TRUE))
04128 {
04129 rsbac_ds_get_error("rsbac_adf_set_attr_mac", A_none);
04130 return(-RSBAC_EREADFAILED);
04131 }
04132 /* set owner-sec-level and mac_categories for process to new values */
04133 /* owner is set by main dispatcher! */
04134 if (rsbac_set_attr(MAC,
04135 T_PROCESS,
04136 tid,
04137 A_min_security_level,
04138 i_attr_val8))
04139 {
04140 rsbac_ds_set_error("rsbac_adf_set_attr_mac", A_none);
04141 return(-RSBAC_EWRITEFAILED);
04142 }
04143 if (rsbac_set_attr(MAC,
04144 T_PROCESS,
04145 tid,
04146 A_mac_min_categories,
04147 i_attr_val9))
04148 {
04149 rsbac_ds_set_error("rsbac_adf_set_attr_mac", A_none);
04150 return(-RSBAC_EWRITEFAILED);
04151 }
04152 /* Get max_read_open and max_read_categories of process */
04153 if (rsbac_get_attr(MAC,
04154 T_PROCESS,
04155 tid,
04156 A_max_read_open,
04157 &i_attr_val4,
04158 TRUE))
04159 {
04160 rsbac_ds_get_error("rsbac_adf_set_attr_mac", A_none);
04161 return(-RSBAC_EREADFAILED);
04162 }
04163 if (rsbac_get_attr(MAC,
04164 T_PROCESS,
04165 tid,
04166 A_max_read_categories,
04167 &i_attr_val5,
04168 TRUE))
04169 {
04170 rsbac_ds_get_error("rsbac_adf_set_attr_mac", A_none);
04171 return(-RSBAC_EREADFAILED);
04172 }
04173 /* adjust max_read_open and max_read_categories, if too low */
04174 if (i_attr_val8.security_level > i_attr_val4.max_read_open)
04175 {
04176 i_attr_val4.max_read_open = i_attr_val8.security_level;
04177 if(rsbac_set_attr(MAC,
04178 T_PROCESS,
04179 tid,
04180 A_max_read_open,
04181 i_attr_val4))
04182 {
04183 rsbac_ds_set_error("rsbac_adf_set_attr_mac", A_none);
04184 return(-RSBAC_EWRITEFAILED);
04185 }
04186 }
04187 #if 0
04188 /* adjust current sec level to a minimum of max_read */
04189 if(i_attr_val6.security_level < i_attr_val4.max_read_open)
04190 i_attr_val6.security_level = i_attr_val4.max_read_open;
04191 #endif
04192 /* but never set it over new max_level or under new min_level */
04193 if(i_attr_val6.security_level > i_attr_val2.security_level)
04194 i_attr_val6.security_level = i_attr_val2.security_level;
04195 else
04196 if(i_attr_val6.security_level < i_attr_val8.security_level)
04197 i_attr_val6.security_level = i_attr_val8.security_level;
04198 if(rsbac_set_attr(MAC,
04199 T_PROCESS,
04200 tid,
04201 A_current_sec_level,
04202 i_attr_val6))
04203 {
04204 rsbac_ds_set_error("rsbac_adf_set_attr_mac", A_none);
04205 return(-RSBAC_EWRITEFAILED);
04206 }
04207
04208 /* does new owner have categories in min_categories that the process max_read
04209 has not? */
04210 /* If yes, add them. */
04211 if ((i_attr_val9.mac_categories & i_attr_val5.mac_categories)
04212 != i_attr_val9.mac_categories)
04213 {
04214 i_attr_val5.mac_categories |= i_attr_val9.mac_categories;
04215 if(rsbac_set_attr(MAC,
04216 T_PROCESS,
04217 tid,
04218 A_max_read_categories,
04219 i_attr_val5))
04220 {
04221 rsbac_ds_set_error("rsbac_adf_set_attr_mac", A_none);
04222 return(-RSBAC_EWRITEFAILED);
04223 }
04224 }
04225 #if 0
04226 /* adjust current categories to include all from max_read (from initial) */
04227 if((i_attr_val7.mac_categories & i_attr_val5.mac_categories) != i_attr_val5.mac_categories)
04228 i_attr_val7.mac_categories |= i_attr_val5.mac_categories;
04229 #endif
04230 /* but never set it over new max_cats or under new min_cats */
04231 if((i_attr_val7.mac_categories & i_attr_val3.mac_categories) != i_attr_val7.mac_categories)
04232 i_attr_val7.mac_categories &= i_attr_val3.mac_categories;
04233 else
04234 if((i_attr_val7.mac_categories & i_attr_val9.mac_categories) != i_attr_val9.mac_categories)
04235 i_attr_val7.mac_categories |= i_attr_val9.mac_categories;
04236 if(rsbac_set_attr(MAC,
04237 T_PROCESS,
04238 tid,
04239 A_mac_curr_categories,
04240 i_attr_val7))
04241 {
04242 rsbac_ds_set_error("rsbac_adf_set_attr_mac", A_none);
04243 return(-RSBAC_EWRITEFAILED);
04244 }
04245
04246 /* Get mac_user_flags from user */
04247 i_tid.user = attr_val.owner;
04248 if (rsbac_get_attr(MAC,
04249 T_USER,
04250 i_tid,
04251 A_mac_user_flags,
04252 &i_attr_val3,
04253 TRUE))
04254 {
04255 rsbac_ds_get_error("rsbac_adf_set_attr_mac", A_none);
04256 return(-RSBAC_EREADFAILED);
04257 }
04258 i_attr_val1.mac_process_flags = i_attr_val3.mac_user_flags;
04259 /* adjust flags - first get old process flags*/
04260 if (rsbac_get_attr(MAC,
04261 T_PROCESS,
04262 tid,
04263 A_mac_process_flags,
04264 &i_attr_val2,
04265 TRUE))
04266 {
04267 rsbac_ds_get_error("rsbac_adf_set_attr_mac", A_none);
04268 return(-RSBAC_EREADFAILED);
04269 }
04270 if( (i_attr_val2.mac_process_flags & MAC_program_auto)
04271 && (i_attr_val3.mac_user_flags & MAC_allow_auto)
04272 )
04273 i_attr_val1.mac_process_flags |= MAC_auto;
04274
04275 i_attr_val1.mac_process_flags &= RSBAC_MAC_P_FLAGS;
04276
04277 if(!(i_attr_val1.mac_process_flags & MAC_trusted))
04278 {
04279 if(rsbac_mac_p_truset_member(caller_pid, attr_val.owner))
04280 i_attr_val1.mac_process_flags |= MAC_trusted;
04281 }
04282 /* Set mac_process_flags on process */
04283 if (rsbac_set_attr(MAC,
04284 T_PROCESS,
04285 tid,
04286 A_mac_process_flags,
04287 i_attr_val1))
04288 {
04289 rsbac_ds_set_error("rsbac_adf_set_attr_mac", A_none);
04290 return(-RSBAC_EWRITEFAILED);
04291 }
04292 /* OK, we are ready */
04293 return(0);
04294
04295 /* We do not care about other cases here */
04296 default:
04297 return(0);
04298 }
04299
04300 case R_CLONE:
04301 if (target == T_PROCESS)
04302 {
04303 /* Get owner from first process (provided on call) */
04304 i_attr_val1.owner = owner;
04305 /* Get owner-sec-level from first process */
04306 if (rsbac_get_attr(MAC,
04307 T_PROCESS,
04308 tid,
04309 A_security_level,
04310 &i_attr_val2,
04311 FALSE))
04312 {
04313 rsbac_ds_get_error("rsbac_adf_set_attr_mac", A_none);
04314 return(-RSBAC_EREADFAILED);
04315 }
04316 /* Get current-sec-level from first process... */
04317 if (rsbac_get_attr(MAC,
04318 T_PROCESS,
04319 tid,
04320 A_current_sec_level,
04321 &i_attr_val3,
04322 FALSE))
04323 {
04324 rsbac_ds_get_error("rsbac_adf_set_attr_mac", A_none);
04325 return(-RSBAC_EREADFAILED);
04326 }
04327 /* Get min_write_open from first process */
04328 if (rsbac_get_attr(MAC,
04329 T_PROCESS,
04330 tid,
04331 A_min_write_open,
04332 &i_attr_val4,
04333 FALSE))
04334 {
04335 rsbac_ds_get_error("rsbac_adf_set_attr_mac", A_none);
04336 return(-RSBAC_EREADFAILED);
04337 }
04338 /* Get max_read_open from first process */
04339 if (rsbac_get_attr(MAC,
04340 T_PROCESS,
04341 tid,
04342 A_max_read_open,
04343 &i_attr_val5,
04344 FALSE))
04345 {
04346 rsbac_ds_get_error("rsbac_adf_set_attr_mac", A_none);
04347 return(-RSBAC_EREADFAILED);
04348 }
04349 /* Get mac_process_flags from first process */
04350 if (rsbac_get_attr(MAC,
04351 T_PROCESS,
04352 tid,
04353 A_mac_process_flags,
04354 &i_attr_val7,
04355 FALSE))
04356 {
04357 rsbac_ds_get_error("rsbac_adf_set_attr_mac", A_none);
04358 return(-RSBAC_EREADFAILED);
04359 }
04360
04361 #ifdef CONFIG_RSBAC_USE_RSBAC_OWNER
04362 /* Set owner for new process */
04363 if (rsbac_set_attr(MAC,
04364 T_PROCESS,
04365 new_tid,
04366 A_owner,
04367 i_attr_val1))
04368 {
04369 rsbac_ds_set_error("rsbac_adf_set_attr_mac", A_none);
04370 return(-RSBAC_EWRITEFAILED);
04371 }
04372 #endif
04373 /* Set owner_sec_level for new process */
04374 if (rsbac_set_attr(MAC,
04375 T_PROCESS,
04376 new_tid,
04377 A_security_level,
04378 i_attr_val2))
04379 {
04380 rsbac_ds_set_error("rsbac_adf_set_attr_mac", A_none);
04381 return(-RSBAC_EWRITEFAILED);
04382 }
04383 /* Set current_sec_level for new process */
04384 if (rsbac_set_attr(MAC,
04385 T_PROCESS,
04386 new_tid,
04387 A_current_sec_level,
04388 i_attr_val3))
04389 {
04390 rsbac_ds_set_error("rsbac_adf_set_attr_mac", A_none);
04391 return(-RSBAC_EWRITEFAILED);
04392 }
04393 /* Set min_write_open for new process */
04394 if (rsbac_set_attr(MAC,
04395 T_PROCESS,
04396 new_tid,
04397 A_min_write_open,
04398 i_attr_val4))
04399 {
04400 rsbac_ds_set_error("rsbac_adf_set_attr_mac", A_none);
04401 return(-RSBAC_EWRITEFAILED);
04402 }
04403 /* Set max_read_open for new process */
04404 if (rsbac_set_attr(MAC,
04405 T_PROCESS,
04406 new_tid,
04407 A_max_read_open,
04408 i_attr_val5))
04409 {
04410 rsbac_ds_set_error("rsbac_adf_set_attr_mac", A_none);
04411 return(-RSBAC_EWRITEFAILED);
04412 }
04413 /* Set mac_process_flags for new process */
04414 if (rsbac_set_attr(MAC,
04415 T_PROCESS,
04416 new_tid,
04417 A_mac_process_flags,
04418 i_attr_val7))
04419 {
04420 rsbac_ds_set_error("rsbac_adf_set_attr_mac", A_none);
04421 return(-RSBAC_EWRITEFAILED);
04422 }
04423
04424 /* Get mac_categories from first process */
04425 if (rsbac_get_attr(MAC,
04426 T_PROCESS,
04427 tid,
04428 A_mac_categories,
04429 &i_attr_val2,
04430 FALSE))
04431 {
04432 rsbac_ds_get_error("rsbac_adf_set_attr_mac", A_none);
04433 return(-RSBAC_EREADFAILED);
04434 }
04435 /* Get mac_curr_categories from first process... */
04436 if (rsbac_get_attr(MAC,
04437 T_PROCESS,
04438 tid,
04439 A_mac_curr_categories,
04440 &i_attr_val3,
04441 FALSE))
04442 {
04443 rsbac_ds_get_error("rsbac_adf_set_attr_mac", A_none);
04444 return(-RSBAC_EREADFAILED);
04445 }
04446 /* Get min_write_categories from first process */
04447 if (rsbac_get_attr(MAC,
04448 T_PROCESS,
04449 tid,
04450 A_min_write_categories,
04451 &i_attr_val4,
04452 FALSE))
04453 {
04454 rsbac_ds_get_error("rsbac_adf_set_attr_mac", A_none);
04455 return(-RSBAC_EREADFAILED);
04456 }
04457 /* Get max_read_categories from first process */
04458 if (rsbac_get_attr(MAC,
04459 T_PROCESS,
04460 tid,
04461 A_max_read_categories,
04462 &i_attr_val5,
04463 FALSE))
04464 {
04465 rsbac_ds_get_error("rsbac_adf_set_attr_mac", A_none);
04466 return(-RSBAC_EREADFAILED);
04467 }
04468 /* Get initial_sec_level from first process */
04469 if (rsbac_get_attr(MAC,
04470 T_PROCESS,
04471 tid,
04472 A_initial_security_level,
04473 &i_attr_val6,
04474 FALSE))
04475 {
04476 rsbac_ds_get_error("rsbac_adf_set_attr_mac", A_none);
04477 return(-RSBAC_EREADFAILED);
04478 }
04479 /* Get initial_categories from first process */
04480 if (rsbac_get_attr(MAC,
04481 T_PROCESS,
04482 tid,
04483 A_mac_initial_categories,
04484 &i_attr_val7,
04485 FALSE))
04486 {
04487 rsbac_ds_get_error("rsbac_adf_set_attr_mac", A_none);
04488 return(-RSBAC_EREADFAILED);
04489 }
04490 /* Set mac_categories for new process */
04491 if (rsbac_set_attr(MAC,
04492 T_PROCESS,
04493 new_tid,
04494 A_mac_categories,
04495 i_attr_val2))
04496 {
04497 rsbac_ds_set_error("rsbac_adf_set_attr_mac", A_none);
04498 return(-RSBAC_EWRITEFAILED);
04499 }
04500 /* Set mac_curr_categories for new process */
04501 if (rsbac_set_attr(MAC,
04502 T_PROCESS,
04503 new_tid,
04504 A_mac_curr_categories,
04505 i_attr_val3))
04506 {
04507 rsbac_ds_set_error("rsbac_adf_set_attr_mac", A_none);
04508 return(-RSBAC_EWRITEFAILED);
04509 }
04510 /* Set min_write_categories for new process */
04511 if (rsbac_set_attr(MAC,
04512 T_PROCESS,
04513 new_tid,
04514 A_min_write_categories,
04515 i_attr_val4))
04516 {
04517 rsbac_ds_set_error("rsbac_adf_set_attr_mac", A_none);
04518 return(-RSBAC_EWRITEFAILED);
04519 }
04520 /* Set max_read_categories for new process */
04521 if (rsbac_set_attr(MAC,
04522 T_PROCESS,
04523 new_tid,
04524 A_max_read_categories,
04525 i_attr_val5))
04526 {
04527 rsbac_ds_set_error("rsbac_adf_set_attr_mac", A_none);
04528 return(-RSBAC_EWRITEFAILED);
04529 }
04530 /* Set initial_security_level for new process */
04531 if (rsbac_set_attr(MAC,
04532 T_PROCESS,
04533 new_tid,
04534 A_initial_security_level,
04535 i_attr_val6))
04536 {
04537 rsbac_ds_set_error("rsbac_adf_set_attr_mac", A_none);
04538 return(-RSBAC_EWRITEFAILED);
04539 }
04540 /* Set initial_categories for new process */
04541 if (rsbac_set_attr(MAC,
04542 T_PROCESS,
04543 new_tid,
04544 A_mac_initial_categories,
04545 i_attr_val7))
04546 {
04547 rsbac_ds_set_error("rsbac_adf_set_attr_mac", A_none);
04548 return(-RSBAC_EWRITEFAILED);
04549 }
04550 /* Get owner-min_sec-level/cat from first process */
04551 if (rsbac_get_attr(MAC,
04552 T_PROCESS,
04553 tid,
04554 A_min_security_level,
04555 &i_attr_val2,
04556 FALSE))
04557 {
04558 rsbac_ds_get_error("rsbac_adf_set_attr_mac", A_none);
04559 return(-RSBAC_EREADFAILED);
04560 }
04561 if (rsbac_get_attr(MAC,
04562 T_PROCESS,
04563 tid,
04564 A_mac_min_categories,
04565 &i_attr_val3,
04566 FALSE))
04567 {
04568 rsbac_ds_get_error("rsbac_adf_set_attr_mac", A_none);
04569 return(-RSBAC_EREADFAILED);
04570 }
04571 /* Set min_security_level for new process */
04572 if (rsbac_set_attr(MAC,
04573 T_PROCESS,
04574 new_tid,
04575 A_min_security_level,
04576 i_attr_val2))
04577 {
04578 rsbac_ds_set_error("rsbac_adf_set_attr_mac", A_none);
04579 return(-RSBAC_EWRITEFAILED);
04580 }
04581 /* Set min_categories for new process */
04582 if (rsbac_set_attr(MAC,
04583 T_PROCESS,
04584 new_tid,
04585 A_mac_min_categories,
04586 i_attr_val3))
04587 {
04588 rsbac_ds_set_error("rsbac_adf_set_attr_mac", A_none);
04589 return(-RSBAC_EWRITEFAILED);
04590 }
04591 if (rsbac_mac_copy_pp_truset(tid.process, new_tid.process))
04592 {
04593 rsbac_printk(KERN_WARNING
04594 "rsbac_adf_set_attr_mac(): rsbac_mac_copy_pp_truset() returned error!\n");
04595 return(-RSBAC_EWRITEFAILED);
04596 }
04597 return(0);
04598 }
04599 else
04600 return(0);
04601
04602 case R_CREATE:
04603 switch(target)
04604 {
04605 /* Creating dir or (pseudo) file IN target dir! */
04606 case T_DIR:
04607 /* Mode of created item is ignored! */
04608 /* and perform auto-write without(!) setting of attributes - no need */
04609 /* -> decision consistency check only */
04610 /* only check, if not MAC_LIGHT */
04611 #ifndef CONFIG_RSBAC_MAC_LIGHT
04612 result = auto_write(caller_pid,
04613 target,
04614 tid,
04615 FALSE);
04616 if ((result != GRANTED) && (result != DO_NOT_CARE))
04617 return(-RSBAC_EDECISIONMISMATCH);
04618 #endif
04619 /* test write access to target: get its sec_level */
04620 if (rsbac_get_attr(MAC,
04621 T_DIR,
04622 tid,
04623 A_security_level,
04624 &i_attr_val1,
04625 TRUE))
04626 {
04627 rsbac_ds_get_error("rsbac_adf_set_attr_mac", A_none);
04628 return(-RSBAC_EREADFAILED);
04629 }
04630 if (rsbac_get_attr(MAC,
04631 T_DIR,
04632 tid,
04633 A_mac_categories,
04634 &i_attr_val2,
04635 TRUE))
04636 {
04637 rsbac_ds_get_error("rsbac_adf_set_attr_mac", A_none);
04638 return(-RSBAC_EREADFAILED);
04639 }
04640 /* Get current_sec_level from process (initialized to owner_sec_level)... */
04641 i_tid.process = caller_pid;
04642 if (rsbac_get_attr(MAC,
04643 T_PROCESS,
04644 i_tid,
04645 A_current_sec_level,
04646 &i_attr_val3,
04647 FALSE))
04648 {
04649 rsbac_ds_get_error("rsbac_adf_set_attr_mac", A_none);
04650 return(-RSBAC_EREADFAILED);
04651 }
04652 #ifdef CONFIG_RSBAC_MAC_SMART_INHERIT
04653 /* Only set, if different than inherited value */
04654 if(i_attr_val3.security_level != i_attr_val1.security_level)
04655 #endif
04656 /* Set security-level for new item */
04657 if (rsbac_set_attr(MAC,
04658 new_target,
04659 new_tid,
04660 A_security_level,
04661 i_attr_val3))
04662 {
04663 rsbac_ds_set_error("rsbac_adf_set_attr_mac", A_none);
04664 return(-RSBAC_EWRITEFAILED);
04665 }
04666 /* Get current_categories from process (initialized to owner_categories)... */
04667 if (rsbac_get_attr(MAC,
04668 T_PROCESS,
04669 i_tid,
04670 A_mac_curr_categories,
04671 &i_attr_val3,
04672 FALSE))
04673 {
04674 rsbac_ds_get_error("rsbac_adf_set_attr_mac", A_none);
04675 return(-RSBAC_EREADFAILED);
04676 }
04677 #ifdef CONFIG_RSBAC_MAC_SMART_INHERIT
04678 /* Only set, if different than inherited value */
04679 if(i_attr_val3.mac_categories != i_attr_val2.mac_categories)
04680 #endif
04681 /* Set mac_categories for new item */
04682 if (rsbac_set_attr(MAC,
04683 new_target,
04684 new_tid,
04685 A_mac_categories,
04686 i_attr_val3))
04687 {
04688 rsbac_ds_set_error("rsbac_adf_set_attr_mac", A_none);
04689 return(-RSBAC_EWRITEFAILED);
04690 }
04691 return(0);
04692 break;
04693
04694 case T_IPC:
04695 i_tid.process = caller_pid;
04696 /* Get current-sec-level from process... */
04697 if (rsbac_get_attr(MAC,
04698 T_PROCESS,
04699 i_tid,
04700 A_current_sec_level,
04701 &i_attr_val1,
04702 FALSE))
04703 {
04704 rsbac_ds_get_error("rsbac_adf_set_attr_mac", A_none);
04705 return(-RSBAC_EREADFAILED);
04706 }
04707 /* Set security-level for this ipc item */
04708 if (rsbac_set_attr(MAC,
04709 T_IPC,
04710 tid,
04711 A_security_level,
04712 i_attr_val1))
04713 {
04714 rsbac_ds_get_error("rsbac_adf_set_attr_mac", A_none);
04715 return(-RSBAC_EWRITEFAILED);
04716 }
04717 /* Get mac_curr_categories from process... */
04718 if (rsbac_get_attr(MAC,
04719 T_PROCESS,
04720 i_tid,
04721 A_mac_curr_categories,
04722 &i_attr_val1,
04723 FALSE))
04724 {
04725 rsbac_ds_get_error("rsbac_adf_set_attr_mac", A_none);
04726 return(-RSBAC_EREADFAILED);
04727 }
04728 /* Set curr_categories for new item */
04729 if (rsbac_set_attr(MAC,
04730 T_IPC,
04731 tid,
04732 A_mac_categories,
04733 i_attr_val1))
04734 {
04735 rsbac_ds_set_error("rsbac_adf_set_attr_mac", A_none);
04736 return(-RSBAC_EWRITEFAILED);
04737 }
04738 return(0);
04739 break;
04740
04741 #ifdef CONFIG_RSBAC_MAC_NET_OBJ_PROT
04742 case T_NETOBJ:
04743 i_tid.process = caller_pid;
04744 /* Get current-sec-level from process... */
04745 if (rsbac_get_attr(MAC,
04746 T_PROCESS,
04747 i_tid,
04748 A_current_sec_level,
04749 &i_attr_val1,
04750 FALSE))
04751 {
04752 rsbac_ds_get_error("rsbac_adf_set_attr_mac", A_none);
04753 return(-RSBAC_EREADFAILED);
04754 }
04755 /* Set local security-level for this netobj item */
04756 if (rsbac_set_attr(MAC,
04757 target,
04758 tid,
04759 A_local_sec_level,
04760 i_attr_val1))
04761 {
04762 rsbac_ds_set_error("rsbac_adf_set_attr_mac", A_none);
04763 return(-RSBAC_EWRITEFAILED);
04764 }
04765 /* Get mac_curr_categories from process... */
04766 if (rsbac_get_attr(MAC,
04767 T_PROCESS,
04768 i_tid,
04769 A_mac_curr_categories,
04770 &i_attr_val1,
04771 FALSE))
04772 {
04773 rsbac_ds_get_error("rsbac_adf_set_attr_mac", A_none);
04774 return(-RSBAC_EREADFAILED);
04775 }
04776 /* Set local curr_categories for new item */
04777 if (rsbac_set_attr(MAC,
04778 target,
04779 tid,
04780 A_local_mac_categories,
04781 i_attr_val1))
04782 {
04783 rsbac_ds_set_error("rsbac_adf_set_attr_mac", A_none);
04784 return(-RSBAC_EWRITEFAILED);
04785 }
04786 return(0);
04787 break;
04788 #endif
04789
04790 /* all other cases are unknown */
04791 default:
04792 return(0);
04793 }
04794
04795 /* removal of targets is done in main adf dispatcher! */
04796 case R_DELETE:
04797 switch(target)
04798 {
04799 case T_FILE:
04800 case T_DIR:
04801 case T_FIFO:
04802 case T_SYMLINK:
04803 case T_IPC:
04804 /* and perform auto-write without(!) setting of attributes */
04805 /* - no information flow apart from missing file */
04806 /* -> decision consistency check only */
04807 result = auto_write(caller_pid,
04808 target,
04809 tid,
04810 FALSE);
04811 if ((result != GRANTED) && (result != DO_NOT_CARE))
04812 return(-RSBAC_EDECISIONMISMATCH);
04813 else
04814 return(0);
04815 /* all other cases are unknown */
04816 default:
04817 return(0);
04818 }
04819
04820 case R_EXECUTE:
04821 switch(target)
04822 {
04823 case T_FILE:
04824 /* copy trusted user list from file to process */
04825 if (rsbac_mac_copy_fp_truset(tid.file, caller_pid))
04826 {
04827 rsbac_printk(KERN_WARNING
04828 "rsbac_adf_set_attr_mac(): rsbac_mac_copy_fp_truset() returned error!\n");
04829 return(-RSBAC_EWRITEFAILED);
04830 }
04831 /* perform auto-read with setting of attributes */
04832 result = auto_read(caller_pid,
04833 target,
04834 tid,
04835 TRUE);
04836 if ((result != GRANTED) && (result != DO_NOT_CARE))
04837 return(-RSBAC_EDECISIONMISMATCH);
04838
04839 /* reset current_sec_level, mac_auto, min_write_open */
04840 /* and max_read_open for process */
04841 i_tid.process = caller_pid;
04842
04843 #ifdef CONFIG_RSBAC_MAC_RESET_CURR
04844 /* First, set current_sec_level and min_write_open to process owner's initial and seclevel */
04845 if (rsbac_get_attr(MAC,
04846 T_PROCESS,
04847 i_tid,
04848 A_initial_security_level,
04849 &i_attr_val1,
04850 TRUE))
04851 {
04852 rsbac_ds_get_error("rsbac_adf_set_attr_mac", A_none);
04853 return(-RSBAC_EREADFAILED);
04854 }
04855 if (rsbac_get_attr(MAC,
04856 T_PROCESS,
04857 i_tid,
04858 A_mac_initial_categories,
04859 &i_attr_val2,
04860 TRUE))
04861 {
04862 rsbac_ds_get_error("rsbac_adf_set_attr_mac", A_none);
04863 return(-RSBAC_EREADFAILED);
04864 }
04865 if (rsbac_set_attr(MAC,
04866 T_PROCESS,
04867 i_tid,
04868 A_current_sec_level,
04869 i_attr_val1))
04870 {
04871 rsbac_ds_set_error("rsbac_adf_set_attr_mac", A_none);
04872 return(-RSBAC_EWRITEFAILED);
04873 }
04874 if (rsbac_set_attr(MAC,
04875 T_PROCESS,
04876 i_tid,
04877 A_mac_curr_categories,
04878 i_attr_val2))
04879 {
04880 rsbac_ds_set_error("rsbac_adf_set_attr_mac", A_none);
04881 return(-RSBAC_EWRITEFAILED);
04882 }
04883 #endif
04884 #if 0
04885 /* Now, set min_write_open to process owner's seclevel */
04886 if (rsbac_get_attr(MAC,
04887 T_PROCESS,
04888 i_tid,
04889 A_security_level,
04890 &i_attr_val1,
04891 TRUE))
04892 {
04893 rsbac_ds_get_error("rsbac_adf_set_attr_mac", A_none);
04894 return(-RSBAC_EREADFAILED);
04895 }
04896 #endif
04897 i_attr_val1.min_write_open = SL_max;
04898 if (rsbac_set_attr(MAC,
04899 T_PROCESS,
04900 i_tid,
04901 A_min_write_open,
04902 i_attr_val1))
04903 {
04904 rsbac_ds_set_error("rsbac_adf_set_attr_mac", A_none);
04905 return(-RSBAC_EWRITEFAILED);
04906 }
04907 #if 0
04908 /* Next, set min_write_categories to process owner's mac_categories */
04909 if (rsbac_get_attr(MAC,
04910 T_PROCESS,
04911 i_tid,
04912 A_mac_categories,
04913 &i_attr_val2,
04914 TRUE))
04915 {
04916 rsbac_ds_get_error("rsbac_adf_set_attr_mac", A_none);
04917 return(-RSBAC_EREADFAILED);
04918 }
04919 #endif
04920 i_attr_val2.mac_categories = RSBAC_MAC_MAX_CAT_VECTOR;
04921 if (rsbac_set_attr(MAC,
04922 T_PROCESS,
04923 i_tid,
04924 A_min_write_categories,
04925 i_attr_val2))
04926 {
04927 rsbac_ds_set_error("rsbac_adf_set_attr_mac", A_none);
04928 return(-RSBAC_EWRITEFAILED);
04929 }
04930 /* reset max_read boundary */
04931 #if 0
04932 /* Get owner-min-sec-level and mac_min_categories for owner */
04933 if (rsbac_get_attr(MAC,
04934 T_PROCESS,
04935 i_tid,
04936 A_min_security_level,
04937 &i_attr_val1,
04938 TRUE))
04939 {
04940 rsbac_ds_get_error("rsbac_adf_set_attr_mac", A_none);
04941 return(-RSBAC_EREADFAILED);
04942 }
04943 if (rsbac_get_attr(MAC,
04944 T_PROCESS,
04945 i_tid,
04946 A_mac_min_categories,
04947 &i_attr_val2,
04948 TRUE))
04949 {
04950 rsbac_ds_get_error("rsbac_adf_set_attr_mac", A_none);
04951 return(-RSBAC_EREADFAILED);
04952 }
04953 #endif
04954 i_attr_val1.max_read_open = SL_min;
04955 i_attr_val2.mac_categories = RSBAC_MAC_MIN_CAT_VECTOR;
04956 if (rsbac_set_attr(MAC,
04957 T_PROCESS,
04958 i_tid,
04959 A_max_read_open,
04960 i_attr_val1))
04961 {
04962 rsbac_ds_set_error("rsbac_adf_set_attr_mac", A_none);
04963 return(-RSBAC_EWRITEFAILED);
04964 }
04965 /* reset category max_read boundary */
04966 if (rsbac_set_attr(MAC,
04967 T_PROCESS,
04968 i_tid,
04969 A_max_read_categories,
04970 i_attr_val2))
04971 {
04972 rsbac_ds_set_error("rsbac_adf_set_attr_mac", A_none);
04973 return(-RSBAC_EWRITEFAILED);
04974 }
04975 /* set flags */
04976 if (rsbac_get_attr(MAC,
04977 T_PROCESS,
04978 i_tid,
04979 A_mac_process_flags,
04980 &i_attr_val1,
04981 TRUE))
04982 {
04983 rsbac_ds_get_error("rsbac_adf_set_attr_mac", A_none);
04984 return(-RSBAC_EREADFAILED);
04985 }
04986 if (rsbac_get_attr(MAC,
04987 target,
04988 tid,
04989 A_mac_auto,
04990 &i_attr_val2,
04991 TRUE))
04992 {
04993 rsbac_ds_get_error("rsbac_adf_set_attr_mac", A_none);
04994 return(-RSBAC_EREADFAILED);
04995 }
04996 if(i_attr_val2.mac_auto)
04997 {
04998 i_attr_val1.mac_process_flags |= MAC_program_auto;
04999 i_tid.user = owner;
05000 if (rsbac_get_attr(MAC,
05001 T_USER,
05002 i_tid,
05003 A_mac_user_flags,
05004 &i_attr_val2,
05005 TRUE))
05006 {
05007 rsbac_ds_get_error("rsbac_adf_set_attr_mac", A_none);
05008 return(-RSBAC_EREADFAILED);
05009 }
05010 if(i_attr_val2.mac_user_flags & MAC_allow_auto)
05011 i_attr_val1.mac_process_flags |= MAC_auto;
05012 else
05013 i_attr_val1.mac_process_flags &= ~MAC_auto;
05014 i_tid.process = caller_pid;
05015 }
05016 else
05017 {
05018 i_attr_val1.mac_process_flags &= ~MAC_program_auto;
05019 i_attr_val1.mac_process_flags &= ~MAC_auto;
05020 }
05021 if (rsbac_get_attr(MAC,
05022 T_FILE,
05023 tid,
05024 A_mac_prop_trusted,
05025 &i_attr_val3,
05026 TRUE))
05027 {
05028 rsbac_ds_get_error("rsbac_adf_set_attr_mac", A_none);
05029 return(-RSBAC_EREADFAILED);
05030 }
05031 if( !(i_attr_val3.mac_prop_trusted)
05032 || !(i_attr_val1.mac_process_flags & MAC_trusted)
05033 )
05034 {
05035 if(rsbac_mac_p_truset_member(caller_pid, owner))
05036 i_attr_val1.mac_process_flags |= MAC_trusted;
05037 else
05038 {
05039 i_tid.user = owner;
05040 if (rsbac_get_attr(MAC,
05041 T_USER,
05042 i_tid,
05043 A_mac_user_flags,
05044 &i_attr_val2,
05045 TRUE))
05046 {
05047 rsbac_ds_get_error("rsbac_adf_set_attr_mac", A_none);
05048 return(-RSBAC_EREADFAILED);
05049 }
05050 if(i_attr_val2.mac_user_flags & MAC_trusted)
05051 i_attr_val1.mac_process_flags |= MAC_trusted;
05052 else
05053 i_attr_val1.mac_process_flags &= ~MAC_trusted;
05054 i_tid.process = caller_pid;
05055 }
05056 }
05057 if (rsbac_set_attr(MAC,
05058 T_PROCESS,
05059 i_tid,
05060 A_mac_process_flags,
05061 i_attr_val1))
05062 {
05063 rsbac_ds_set_error("rsbac_adf_set_attr_mac", A_none);
05064 return(-RSBAC_EWRITEFAILED);
05065 }
05066 return(0);
05067
05068 /* all other cases */
05069 default:
05070 return(0);
05071 }
05072
05073 case R_MOUNT:
05074 switch(target)
05075 {
05076 case T_DIR:
05077 case T_DEV:
05078 /* and perform auto-read(-write) with setting of attributes */
05079 if( (target == T_DEV)
05080 && (attr == A_mode)
05081 && (attr_val.mode & MS_RDONLY))
05082 result = auto_read(caller_pid,
05083 target,
05084 tid,
05085 TRUE);
05086 else
05087 result = auto_read_write(caller_pid,
05088 target,
05089 tid,
05090 TRUE);
05091 if ((result != GRANTED) && (result != DO_NOT_CARE))
05092 return(-RSBAC_EDECISIONMISMATCH);
05093 else
05094 return(0);
05095
05096 /* all other cases are unknown */
05097 default:
05098 return(0);
05099 }
05100
05101 case R_READ:
05102 switch(target)
05103 {
05104 case T_DIR:
05105 #ifdef CONFIG_RSBAC_RW
05106 case T_FILE:
05107 case T_FIFO:
05108 case T_IPC:
05109 #endif
05110 /* and perform auto-read with setting of attributes */
05111 result = auto_read(caller_pid,
05112 target,
05113 tid,
05114 TRUE);
05115 if ((result != GRANTED) && (result != DO_NOT_CARE))
05116 return(-RSBAC_EDECISIONMISMATCH);
05117 return(0);
05118
05119 #ifdef CONFIG_RSBAC_RW
05120 case T_DEV:
05121 /* Only check for devices with mac_check set */
05122 if (rsbac_get_attr(MAC,
05123 T_DEV,
05124 tid,
05125 A_mac_check,
05126 &i_attr_val1,
05127 FALSE))
05128 {
05129 rsbac_ds_get_error("rsbac_adf_set_attr_mac", A_none);
05130 return(-RSBAC_EREADFAILED);
05131 }
05132 if(!i_attr_val1.mac_check)
05133 return(0);
05134 /* and perform auto-read with setting of attributes */
05135 result = auto_read(caller_pid,
05136 target,
05137 tid,
05138 TRUE);
05139 if ((result != GRANTED) && (result != DO_NOT_CARE))
05140 return(-RSBAC_EDECISIONMISMATCH);
05141 return(0);
05142 #endif
05143
05144 #ifdef CONFIG_RSBAC_MAC_NET_OBJ_PROT
05145 case T_NETOBJ:
05146 /* and perform auto-read with setting of attributes */
05147 result = auto_read_attr(caller_pid,
05148 target,
05149 tid,
05150 A_remote_sec_level,
05151 A_remote_mac_categories,
05152 TRUE);
05153 if ((result != GRANTED) && (result != DO_NOT_CARE))
05154 return(-RSBAC_EDECISIONMISMATCH);
05155 return(0);
05156 #endif
05157
05158 /* all other cases are unknown */
05159 default:
05160 return(0);
05161 }
05162
05163 case R_READ_OPEN:
05164 switch(target)
05165 {
05166 case T_FILE:
05167 case T_DIR:
05168 case T_FIFO:
05169 case T_IPC:
05170 /* and perform auto-read with setting attributes */
05171 result = auto_read(caller_pid,
05172 target,
05173 tid,
05174 TRUE);
05175 if ((result != GRANTED) && (result != DO_NOT_CARE))
05176 return(-RSBAC_EDECISIONMISMATCH);
05177 return(0);
05178
05179 case T_DEV:
05180 /* Only check for devices with mac_check set */
05181 if (rsbac_get_attr(MAC,
05182 T_DEV,
05183 tid,
05184 A_mac_check,
05185 &i_attr_val1,
05186 FALSE))
05187 {
05188 rsbac_ds_get_error("rsbac_adf_set_attr_mac", A_none);
05189 return(-RSBAC_EREADFAILED);
05190 }
05191 if(!i_attr_val1.mac_check)
05192 return(0);
05193 /* and perform auto-read with setting attributes */
05194 result = auto_read(caller_pid,
05195 target,
05196 tid,
05197 TRUE);
05198 if ((result != GRANTED) && (result != DO_NOT_CARE))
05199 return(-RSBAC_EDECISIONMISMATCH);
05200 return(0);
05201
05202 /* all other cases are unknown */
05203 default:
05204 return(0);
05205 }
05206
05207 case R_READ_WRITE_OPEN:
05208 switch(target)
05209 {
05210 case T_FILE:
05211 case T_FIFO:
05212 case T_IPC:
05213 /* and perform auto-read-write without setting attributes */
05214 result = auto_read_write(caller_pid,
05215 target,
05216 tid,
05217 TRUE);
05218 if ((result != GRANTED) && (result != DO_NOT_CARE))
05219 return(-RSBAC_EDECISIONMISMATCH);
05220 return(0);
05221
05222 case T_DEV:
05223 /* Only check for devices with mac_check set */
05224 if (rsbac_get_attr(MAC,
05225 T_DEV,
05226 tid,
05227 A_mac_check,
05228 &i_attr_val1,
05229 FALSE))
05230 {
05231 rsbac_ds_get_error("rsbac_adf_set_attr_mac", A_none);
05232 return(-RSBAC_EREADFAILED);
05233 }
05234 if(!i_attr_val1.mac_check)
05235 return(0);
05236 /* and perform auto-read-write with setting of attributes */
05237 result = auto_read_write(caller_pid,
05238 target,
05239 tid,
05240 TRUE);
05241 if ((result != GRANTED) && (result != DO_NOT_CARE))
05242 return(-RSBAC_EDECISIONMISMATCH);
05243 return(0);
05244 /* all other cases are unknown */
05245 default:
05246 return(0);
05247 }
05248
05249 case R_SEARCH:
05250 switch(target)
05251 {
05252 case T_DIR:
05253 case T_SYMLINK:
05254 /* and perform auto-read with setting of attributes */
05255 result = auto_read(caller_pid,
05256 target,
05257 tid,
05258 TRUE);
05259 if ((result != GRANTED) && (result != DO_NOT_CARE))
05260 return(-RSBAC_EDECISIONMISMATCH);
05261 return(0);
05262 /* all other cases are unknown */
05263 default:
05264 return(0);
05265 }
05266
05267 case R_TRACE:
05268 switch(target)
05269 {
05270 case T_PROCESS:
05271 /* and perform auto-read-write with setting attributes */
05272 result = auto_read_write_attr(caller_pid,
05273 target,
05274 tid,
05275 A_current_sec_level,
05276 A_mac_curr_categories,
05277 TRUE);
05278 if ((result != GRANTED) && (result != DO_NOT_CARE))
05279 return(-RSBAC_EDECISIONMISMATCH);
05280 return(0);
05281
05282 /* all other cases are unknown */
05283 default:
05284 return(0);
05285 }
05286
05287 case R_WRITE:
05288 case R_WRITE_OPEN:
05289 switch(target)
05290 {
05291 case T_FILE:
05292 case T_FIFO:
05293 case T_IPC:
05294 /* and perform auto-write with setting attributes */
05295 result = auto_write(caller_pid,
05296 target,
05297 tid,
05298 TRUE);
05299 if ((result != GRANTED) && (result != DO_NOT_CARE))
05300 return(-RSBAC_EDECISIONMISMATCH);
05301 return(0);
05302
05303 case T_DEV:
05304 /* Only check for devices with mac_check set */
05305 if (rsbac_get_attr(MAC,
05306 T_DEV,
05307 tid,
05308 A_mac_check,
05309 &i_attr_val1,
05310 FALSE))
05311 {
05312 rsbac_ds_get_error("rsbac_adf_set_attr_mac", A_none);
05313 return(-RSBAC_EREADFAILED);
05314 }
05315 if(!i_attr_val1.mac_check)
05316 return(0);
05317 /* and perform auto-write with setting attributes */
05318 result = auto_write(caller_pid,
05319 target,
05320 tid,
05321 TRUE);
05322 if ((result != GRANTED) && (result != DO_NOT_CARE))
05323 return(-RSBAC_EDECISIONMISMATCH);
05324 return(0);
05325
05326 #ifdef CONFIG_RSBAC_MAC_NET_OBJ_PROT
05327 case T_NETOBJ:
05328 /* and perform auto-write with setting attributes */
05329 result = auto_write_attr(caller_pid,
05330 target,
05331 tid,
05332 A_remote_sec_level,
05333 A_remote_mac_categories,
05334 TRUE);
05335 if ((result != GRANTED) && (result != DO_NOT_CARE))
05336 return(-RSBAC_EDECISIONMISMATCH);
05337 return(0);
05338 #endif
05339
05340 /* all other cases are unknown */
05341 default:
05342 return(0);
05343 }
05344
05345 #ifdef CONFIG_RSBAC_MAC_NET_OBJ_PROT
05346 case R_BIND:
05347 case R_LISTEN:
05348 switch(target)
05349 {
05350 case T_NETOBJ:
05351 /* and perform auto-write with setting attributes */
05352 result = auto_write_attr(caller_pid,
05353 target,
05354 tid,
05355 A_local_sec_level,
05356 A_local_mac_categories,
05357 TRUE);
05358 if ((result != GRANTED) && (result != DO_NOT_CARE))
05359 return(-RSBAC_EDECISIONMISMATCH);
05360 return(0);
05361
05362 /* all other cases are unknown */
05363 default:
05364 return(0);
05365 }
05366
05367 case R_ACCEPT:
05368 case R_CONNECT:
05369 case R_SEND:
05370 case R_RECEIVE:
05371 switch(target)
05372 {
05373 case T_NETOBJ:
05374 /* and perform auto-write with setting attributes */
05375 result = auto_write_attr(caller_pid,
05376 target,
05377 tid,
05378 A_remote_sec_level,
05379 A_remote_mac_categories,
05380 TRUE);
05381 if ((result != GRANTED) && (result != DO_NOT_CARE))
05382 return(-RSBAC_EDECISIONMISMATCH);
05383 return(0);
05384
05385 /* all other cases are unknown */
05386 default:
05387 return(0);
05388 }
05389 #endif
05390
05391 /*********************/
05392 default: return(0);
05393 }
05394
05395 return(0);
05396 } /* end of rsbac_adf_set_attr_mac() */
|
1.4.2