RSBAC: /linux-2.6.16-rsbac-1.2.6/rsbac/adf/daz/dazukoio_linux

00001 /* Dazuko Interface. Interace with Dazuko 1.x for file access control.
00002    Written by John Ogness <jogness@antivir.de>
00003 
00004    Copyright (c) 2003, 2004, 2005 H+BEDV Datentechnik GmbH
00005    All rights reserved.
00006 
00007    Redistribution and use in source and binary forms, with or without
00008    modification, are permitted provided that the following conditions
00009    are met:
00010 
00011    1. Redistributions of source code must retain the above copyright notice,
00012    this list of conditions and the following disclaimer.
00013 
00014    2. Redistributions in binary form must reproduce the above copyright notice,
00015    this list of conditions and the following disclaimer in the documentation
00016    and/or other materials provided with the distribution.
00017 
00018    3. Neither the name of Dazuko nor the names of its contributors may be used
00019    to endorse or promote products derived from this software without specific
00020    prior written permission.
00021 
00022    THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
00023    AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
00024    IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
00025    ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
00026    LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
00027    CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
00028    SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
00029    INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
00030    CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
00031    ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
00032    POSSIBILITY OF SUCH DAMAGE.
00033 */
00034 
00035 #include <stdio.h>
00036 #include <stdlib.h>
00037 #include <sys/types.h>
00038 #include <sys/stat.h>
00039 #include <fcntl.h>
00040 #include <string.h>
00041 #include <unistd.h>
00042 #include <sys/ioctl.h>
00043 #include "dazukoio_linux_compat1.h"
00044 
00045 int dazukoRegister_TS_compat1_wrapper(struct dazuko_id **dazuko_id, const char *groupName)
00046 {
00047         int                     ret;
00048         struct dazuko_id        *temp_id;
00049 
00050         if (dazuko_id == NULL)
00051                 return -1;
00052 
00053         temp_id = (struct dazuko_id *)malloc(sizeof(struct dazuko_id));
00054         if (temp_id == NULL)
00055                 return -1;
00056 
00057         memset(temp_id, 0, sizeof(struct dazuko_id));
00058 
00059         temp_id->extra_data = (struct xp_dazukoio_id *)malloc(sizeof(struct xp_dazukoio_id));
00060         if (temp_id->extra_data == NULL)
00061         {
00062                 free(temp_id);
00063                 return -1;
00064         }
00065 
00066         temp_id->extra_data->device = -1;
00067         temp_id->extra_data->dev_major = -1;
00068 
00069         ret = dazukoRegister_TS_compat1(temp_id, groupName);
00070 
00071         if (ret == 0)
00072         {
00073                 *dazuko_id = temp_id;
00074         }
00075         else
00076         {
00077                 free(temp_id->extra_data);
00078                 free(temp_id);
00079         }
00080 
00081         return ret;
00082 }
00083 
00084 int dazukoRegister_TS_compat1(struct dazuko_id *dazuko, const char *groupName)
00085 {
00086         struct option_compat1   *opt;
00087         char                    buffer[10];
00088 
00089         if (dazuko == NULL)
00090                 return -1;
00091 
00092         if (dazuko->extra_data == NULL)
00093                 return -1;
00094 
00095         if (groupName == NULL)
00096                 groupName = "_GENERIC";
00097 
00098         if (dazuko->extra_data->device < 0)
00099         {
00100 
00101                 dazuko->extra_data->device = open("/dev/dazuko", 0);
00102                 if (dazuko->extra_data->device < 0)
00103                         return -1;
00104 
00105                 memset(buffer, 0, sizeof(buffer));
00106                 if (read(dazuko->extra_data->device, buffer, sizeof(buffer)-1) < 1)
00107                 {
00108                         close(dazuko->extra_data->device);
00109                         dazuko->extra_data->device = -1;
00110                         return -1;
00111                 }
00112 
00113                 dazuko->extra_data->dev_major = atoi(buffer);
00114         }
00115 
00116         opt = (struct option_compat1 *)malloc(sizeof(struct option_compat1));
00117         if (opt == NULL)
00118         {
00119                 close(dazuko->extra_data->device);
00120                 dazuko->extra_data->device = -1;
00121                 dazuko->extra_data->dev_major = -1;
00122                 return -1;
00123         }
00124 
00125         memset(opt, 0, sizeof(struct option_compat1));
00126 
00127         opt->command = REGISTER;
00128         strncpy(opt->buffer, groupName, sizeof(opt->buffer) - 1);
00129         opt->buffer_length = strlen(opt->buffer) + 1;
00130 
00131         if (ioctl(dazuko->extra_data->device, _IOW(dazuko->extra_data->dev_major, IOCTL_SET_OPTION, void *), opt) != 0)
00132         {
00133                 /* if this fails, it could be a really old version */
00134 
00135                 /* the original versions registered automatically with open() */
00136         }
00137 
00138         free(opt);
00139 
00140         return 0;
00141 }
00142 
00143 int dazukoSetAccessMask_TS_compat1(struct dazuko_id *dazuko, unsigned long accessMask)
00144 {
00145         struct option_compat1   *opt;
00146         int                     err = 0;
00147 
00148         if (dazuko == NULL)
00149                 return -1;
00150 
00151         if (dazuko->extra_data == NULL)
00152                 return -1;
00153 
00154         if (dazuko->extra_data->device < 0 || dazuko->extra_data->dev_major < 0)
00155                 return -1;
00156 
00157         opt = (struct option_compat1 *)malloc(sizeof(struct option_compat1));
00158         if (opt == NULL)
00159                 return -1;
00160 
00161         memset(opt, 0, sizeof(struct option_compat1));
00162 
00163         opt->command = SET_ACCESS_MASK;
00164         opt->buffer[0] = (char)accessMask;
00165         opt->buffer_length = 1;
00166 
00167         if (ioctl(dazuko->extra_data->device, _IOW(dazuko->extra_data->dev_major, IOCTL_SET_OPTION, void *), opt) != 0)
00168                 err = -1;
00169 
00170         free(opt);
00171 
00172         return err;
00173 }
00174 
00175 int dazuko_set_path_compat1(struct dazuko_id *dazuko, const char *path, int command)
00176 {
00177         struct option_compat1   *opt;
00178         int                     err = 0;
00179 
00180         if (dazuko == NULL)
00181                 return -1;
00182 
00183         if (dazuko->extra_data == NULL)
00184                 return -1;
00185 
00186         if (path == NULL)
00187                 return -1;
00188 
00189         if (dazuko->extra_data->device < 0 || dazuko->extra_data->dev_major < 0)
00190                 return -1;
00191 
00192         opt = (struct option_compat1 *)malloc(sizeof(struct option_compat1));
00193         if (opt == NULL)
00194                 return -1;
00195 
00196         memset(opt, 0, sizeof(struct option_compat1));
00197 
00198         opt->command = command;
00199         strncpy(opt->buffer, path, sizeof(opt->buffer) - 1);
00200         opt->buffer_length = strlen(opt->buffer) + 1;
00201 
00202         if (ioctl(dazuko->extra_data->device, _IOW(dazuko->extra_data->dev_major, IOCTL_SET_OPTION, void *), opt) != 0)
00203                 err = -1;
00204 
00205         free(opt);
00206 
00207         return err;
00208 }
00209 
00210 int dazukoAddIncludePath_TS_compat1(struct dazuko_id *dazuko, const char *path)
00211 {
00212         return dazuko_set_path_compat1(dazuko, path, ADD_INCLUDE_PATH);
00213 }
00214 
00215 int dazukoAddExcludePath_TS_compat1(struct dazuko_id *dazuko, const char *path)
00216 {
00217         return dazuko_set_path_compat1(dazuko, path, ADD_EXCLUDE_PATH);
00218 }
00219 
00220 int dazukoRemoveAllPaths_TS_compat1(struct dazuko_id *dazuko)
00221 {
00222         struct option_compat1   *opt;
00223         int                     err = 0;
00224 
00225         if (dazuko == NULL)
00226                 return -1;
00227 
00228         if (dazuko->extra_data == NULL)
00229                 return -1;
00230 
00231         if (dazuko->extra_data->device < 0 || dazuko->extra_data->dev_major < 0)
00232                 return -1;
00233 
00234         opt = (struct option_compat1 *)malloc(sizeof(struct option_compat1));
00235         if (opt == NULL)
00236                 return -1;
00237 
00238         memset(opt, 0, sizeof(struct option_compat1));
00239 
00240         opt->command = REMOVE_ALL_PATHS;
00241         opt->buffer_length = 0;
00242 
00243         if (ioctl(dazuko->extra_data->device, _IOW(dazuko->extra_data->dev_major, IOCTL_SET_OPTION, void *), opt) != 0)
00244                 err = -1;
00245 
00246         free(opt);
00247 
00248         return err;
00249 }
00250 
00251 int dazukoGetAccess_TS_compat1_wrapper(struct dazuko_id *dazuko, struct dazuko_access **acc)
00252 {
00253         struct access_compat1   acc_compat1;
00254         struct dazuko_access    *temp_acc;
00255         int                     ret;
00256 
00257         if (acc == NULL)
00258                 return -1;
00259 
00260         *acc = NULL;
00261 
00262         temp_acc = (struct dazuko_access *)malloc(sizeof(struct dazuko_access));
00263         if (temp_acc == NULL)
00264                 return -1;
00265 
00266         memset(temp_acc, 0, sizeof(struct dazuko_access));
00267 
00268         ret = dazukoGetAccess_TS_compat1(dazuko, &acc_compat1);
00269 
00270         if (ret == 0)
00271         {
00272                 temp_acc->deny = acc_compat1.deny;
00273                 temp_acc->event = acc_compat1.event;
00274                 temp_acc->set_event = 1;
00275                 temp_acc->flags = acc_compat1.o_flags;
00276                 temp_acc->set_flags = 1;
00277                 temp_acc->mode = acc_compat1.o_mode;
00278                 temp_acc->set_mode = 1;
00279                 temp_acc->uid = acc_compat1.uid;
00280                 temp_acc->set_uid = 1;
00281                 temp_acc->pid = acc_compat1.pid;
00282                 temp_acc->set_pid = 1;
00283                 temp_acc->filename = strdup(acc_compat1.filename);
00284                 temp_acc->set_filename = 1;
00285 
00286                 *acc = temp_acc;
00287         }
00288         else
00289         {
00290                 free(temp_acc);
00291         }
00292 
00293         return ret;
00294 }
00295 
00296 int dazukoGetAccess_TS_compat1(struct dazuko_id *dazuko, struct access_compat1 *acc)
00297 {
00298         if (dazuko == NULL)
00299                 return -1;
00300 
00301         if (dazuko->extra_data == NULL)
00302                 return -1;
00303 
00304         if (acc == NULL)
00305                 return -1;
00306 
00307         if (dazuko->extra_data->device < 0 || dazuko->extra_data->dev_major < 0)
00308                 return -1;
00309 
00310         memset(acc, 0, sizeof(struct access_compat1));
00311 
00312         if (ioctl(dazuko->extra_data->device, _IOR(dazuko->extra_data->dev_major, IOCTL_GET_AN_ACCESS, struct access_compat1 *), acc) != 0)
00313                 return -1;
00314 
00315         return 0;
00316 }
00317 
00318 int dazukoReturnAccess_TS_compat1_wrapper(struct dazuko_id *dazuko, struct dazuko_access **acc, int return_access, int free_access)
00319 {
00320         struct access_compat1   acc_compat1;
00321         int                     ret = 0;
00322 
00323         if (acc == NULL)
00324                 return -1;
00325 
00326         if (*acc == NULL)
00327                 return -1;
00328 
00329         if (return_access)
00330         {
00331                 memset(&acc_compat1, 0, sizeof(acc_compat1));
00332 
00333                 acc_compat1.deny = (*acc)->deny;
00334                 acc_compat1.event = (*acc)->event;
00335                 acc_compat1.o_flags = (*acc)->flags;
00336                 acc_compat1.o_mode = (*acc)->mode;
00337                 acc_compat1.uid = (*acc)->uid;
00338                 acc_compat1.pid = (*acc)->pid;
00339                 if ((*acc)->filename != NULL)
00340                 {
00341                         strncpy(acc_compat1.filename, (*acc)->filename, sizeof(acc_compat1.filename) - 1);
00342                         acc_compat1.filename[sizeof(acc_compat1.filename) - 1] = 0;
00343                 }
00344 
00345                 ret = dazukoReturnAccess_TS_compat1(dazuko, &acc_compat1);
00346         }
00347 
00348         if (free_access && ret == 0)
00349         {
00350                 if ((*acc)->filename != NULL)
00351                         free((*acc)->filename);
00352                 free(*acc);
00353                 *acc = NULL;
00354         }
00355 
00356         return ret;
00357 }
00358 
00359 int dazukoReturnAccess_TS_compat1(struct dazuko_id *dazuko, struct access_compat1 *acc)
00360 {
00361         if (dazuko == NULL)
00362                 return -1;
00363 
00364         if (dazuko->extra_data == NULL)
00365                 return -1;
00366 
00367         if (acc == NULL)
00368                 return -1;
00369 
00370         if (dazuko->extra_data->device < 0 || dazuko->extra_data->dev_major < 0)
00371                 return -1;
00372 
00373         if (ioctl(dazuko->extra_data->device, _IOW(dazuko->extra_data->dev_major, IOCTL_RETURN_ACCESS, struct access_compat1 *), acc) != 0)
00374                 return -1;
00375 
00376         return 0;
00377 }
00378 
00379 int dazukoUnregister_TS_compat1_wrapper(struct dazuko_id **dazuko_id)
00380 {
00381         int     ret;
00382 
00383         if (dazuko_id == NULL)
00384                 return -1;
00385 
00386         ret = dazukoUnregister_TS_compat1(*dazuko_id);
00387 
00388         if (ret == 0)
00389         {
00390                 free(*dazuko_id);
00391                 *dazuko_id = NULL;
00392         }
00393 
00394         return ret;
00395 }
00396 
00397 int dazukoUnregister_TS_compat1(struct dazuko_id *dazuko)
00398 {
00399         int             error = -1;
00400 
00401         if (dazuko == NULL)
00402                 return -1;
00403 
00404         if (dazuko->extra_data == NULL)
00405                 return -1;
00406 
00407         if (dazuko->extra_data->device >= 0)
00408                 error = close(dazuko->extra_data->device);
00409 
00410         free(dazuko->extra_data);
00411         dazuko->extra_data = NULL;
00412 
00413         return error;
00414 }
dazukoio_linux_compat1.c
