00001
00002
00003
00004
00005
00006
00007
00008
00009
00010 #ifndef __RSBAC_SYSCALLS_H
00011 #define __RSBAC_SYSCALLS_H
00012
00013 #include <linux/unistd.h>
00014 #include <rsbac/types.h>
00015 #include <rsbac/getname.h>
00016 #include <rsbac/helpers.h>
00017 #include <rsbac/error.h>
00018
00019 enum rsbac_syscall_t
00020 {
00021 RSYS_stats,
00022 RSYS_check,
00023 RSYS_get_attr,
00024 RSYS_get_attr_n,
00025 RSYS_set_attr,
00026 RSYS_set_attr_n,
00027 RSYS_remove_target,
00028 RSYS_remove_target_n,
00029 RSYS_net_list_all_netdev,
00030 RSYS_net_template,
00031 RSYS_net_list_all_template,
00032 RSYS_switch,
00033 RSYS_adf_log_switch,
00034 RSYS_get_adf_log,
00035 RSYS_write,
00036 RSYS_log,
00037 RSYS_mac_set_curr_level,
00038 RSYS_mac_get_curr_level,
00039 RSYS_mac_get_max_level,
00040 RSYS_mac_get_min_level,
00041 RSYS_mac_add_p_tru,
00042 RSYS_mac_remove_p_tru,
00043 RSYS_mac_add_f_tru,
00044 RSYS_mac_remove_f_tru,
00045 RSYS_mac_get_f_trulist,
00046 RSYS_mac_get_p_trulist,
00047 RSYS_stats_pm,
00048 RSYS_pm,
00049 RSYS_pm_change_current_task,
00050 RSYS_pm_create_file,
00051 RSYS_daz_flush_cache,
00052 RSYS_rc_copy_role,
00053 RSYS_rc_copy_type,
00054 RSYS_rc_get_item,
00055 RSYS_rc_set_item,
00056 RSYS_rc_change_role,
00057 RSYS_rc_get_eff_rights_n,
00058 RSYS_rc_get_list,
00059 RSYS_auth_add_p_cap,
00060 RSYS_auth_remove_p_cap,
00061 RSYS_auth_add_f_cap,
00062 RSYS_auth_remove_f_cap,
00063 RSYS_auth_get_f_caplist,
00064 RSYS_auth_get_p_caplist,
00065 RSYS_acl,
00066 RSYS_acl_n,
00067 RSYS_acl_get_rights,
00068 RSYS_acl_get_rights_n,
00069 RSYS_acl_get_tlist,
00070 RSYS_acl_get_tlist_n,
00071 RSYS_acl_get_mask,
00072 RSYS_acl_get_mask_n,
00073 RSYS_acl_group,
00074 RSYS_reg,
00075 RSYS_jail,
00076 RSYS_init,
00077 RSYS_rc_get_current_role,
00078 RSYS_um_auth_name,
00079 RSYS_um_auth_uid,
00080 RSYS_um_add_user,
00081 RSYS_um_add_group,
00082 RSYS_um_add_gm,
00083 RSYS_um_mod_user,
00084 RSYS_um_mod_group,
00085 RSYS_um_get_user_item,
00086 RSYS_um_get_group_item,
00087 RSYS_um_remove_user,
00088 RSYS_um_remove_group,
00089 RSYS_um_remove_gm,
00090 RSYS_um_user_exists,
00091 RSYS_um_group_exists,
00092 RSYS_um_get_next_user,
00093 RSYS_um_get_user_list,
00094 RSYS_um_get_gm_list,
00095 RSYS_um_get_gm_user_list,
00096 RSYS_um_get_group_list,
00097 RSYS_um_get_uid,
00098 RSYS_um_get_gid,
00099 RSYS_um_set_pass,
00100 RSYS_um_set_pass_name,
00101 RSYS_um_set_group_pass,
00102 RSYS_um_check_account,
00103 RSYS_um_check_account_name,
00104 RSYS_list_ta_begin,
00105 RSYS_list_ta_refresh,
00106 RSYS_list_ta_commit,
00107 RSYS_list_ta_forget,
00108 RSYS_list_all_dev,
00109 RSYS_acl_list_all_dev,
00110 RSYS_list_all_user,
00111 RSYS_acl_list_all_user,
00112 RSYS_list_all_group,
00113 RSYS_acl_list_all_group,
00114 RSYS_none
00115 };
00116
00117
00118 struct rsys_check_t
00119 {
00120 int correct;
00121 int check_inode;
00122 };
00123
00124 struct rsys_get_attr_t
00125 {
00126 rsbac_list_ta_number_t ta_number;
00127 rsbac_enum_t module;
00128 rsbac_enum_t target;
00129 union rsbac_target_id_t * tid;
00130 rsbac_enum_t attr;
00131 union rsbac_attribute_value_t * value;
00132 int inherit;
00133 };
00134
00135 struct rsys_get_attr_n_t
00136 {
00137 rsbac_list_ta_number_t ta_number;
00138 rsbac_enum_t module;
00139 rsbac_enum_t target;
00140 char * t_name;
00141 rsbac_enum_t attr;
00142 union rsbac_attribute_value_t * value;
00143 int inherit;
00144 };
00145
00146 struct rsys_set_attr_t
00147 {
00148 rsbac_list_ta_number_t ta_number;
00149 rsbac_enum_t module;
00150 rsbac_enum_t target;
00151 union rsbac_target_id_t * tid;
00152 rsbac_enum_t attr;
00153 union rsbac_attribute_value_t * value;
00154 };
00155
00156 struct rsys_set_attr_n_t
00157 {
00158 rsbac_list_ta_number_t ta_number;
00159 rsbac_enum_t module;
00160 rsbac_enum_t target;
00161 char * t_name;
00162 rsbac_enum_t attr;
00163 union rsbac_attribute_value_t * value;
00164 };
00165
00166 struct rsys_remove_target_t
00167 {
00168 rsbac_list_ta_number_t ta_number;
00169 rsbac_enum_t target;
00170 union rsbac_target_id_t * tid;
00171 };
00172
00173 struct rsys_remove_target_n_t
00174 {
00175 rsbac_list_ta_number_t ta_number;
00176 rsbac_enum_t target;
00177 char * t_name;
00178 };
00179
00180 struct rsys_net_list_all_netdev_t
00181 {
00182 rsbac_list_ta_number_t ta_number;
00183 rsbac_netdev_id_t * id_p;
00184 u_long maxnum;
00185 };
00186
00187 struct rsys_net_template_t
00188 {
00189 rsbac_list_ta_number_t ta_number;
00190 rsbac_enum_t call;
00191 rsbac_net_temp_id_t id;
00192 union rsbac_net_temp_syscall_data_t * data_p;
00193 };
00194
00195 struct rsys_net_list_all_template_t
00196 {
00197 rsbac_list_ta_number_t ta_number;
00198 rsbac_net_temp_id_t * id_p;
00199 u_long maxnum;
00200 };
00201
00202 struct rsys_switch_t
00203 {
00204 rsbac_enum_t target;
00205 int value;
00206 };
00207
00208 struct rsys_adf_log_switch_t
00209 {
00210 rsbac_enum_t request;
00211 rsbac_enum_t target;
00212 u_int value;
00213 };
00214
00215 struct rsys_get_adf_log_t
00216 {
00217 rsbac_enum_t request;
00218 rsbac_enum_t target;
00219 u_int * value_p;
00220 };
00221
00222 struct rsys_log_t
00223 {
00224 int type;
00225 char * buf;
00226 int len;
00227 };
00228
00229 struct rsys_mac_set_curr_level_t
00230 {
00231 rsbac_security_level_t level;
00232 rsbac_mac_category_vector_t * categories_p;
00233 };
00234
00235 struct rsys_mac_get_curr_level_t
00236 {
00237 rsbac_security_level_t * level_p;
00238 rsbac_mac_category_vector_t * categories_p;
00239 };
00240
00241 struct rsys_mac_get_max_level_t
00242 {
00243 rsbac_security_level_t * level_p;
00244 rsbac_mac_category_vector_t * categories_p;
00245 };
00246
00247 struct rsys_mac_get_min_level_t
00248 {
00249 rsbac_security_level_t * level_p;
00250 rsbac_mac_category_vector_t * categories_p;
00251 };
00252
00253 struct rsys_mac_add_p_tru_t
00254 {
00255 rsbac_list_ta_number_t ta_number;
00256 rsbac_pid_t pid;
00257 rsbac_uid_t uid;
00258 rsbac_time_t ttl;
00259 };
00260
00261 struct rsys_mac_remove_p_tru_t
00262 {
00263 rsbac_list_ta_number_t ta_number;
00264 rsbac_pid_t pid;
00265 rsbac_uid_t uid;
00266 };
00267
00268 struct rsys_mac_add_f_tru_t
00269 {
00270 rsbac_list_ta_number_t ta_number;
00271 char * filename;
00272 rsbac_uid_t uid;
00273 rsbac_time_t ttl;
00274 };
00275
00276 struct rsys_mac_remove_f_tru_t
00277 {
00278 rsbac_list_ta_number_t ta_number;
00279 char * filename;
00280 rsbac_uid_t uid;
00281 };
00282
00283 struct rsys_mac_get_f_trulist_t
00284 {
00285 rsbac_list_ta_number_t ta_number;
00286 char * filename;
00287 rsbac_uid_t * trulist;
00288 rsbac_time_t * ttllist;
00289 u_int maxnum;
00290 };
00291
00292 struct rsys_mac_get_p_trulist_t
00293 {
00294 rsbac_list_ta_number_t ta_number;
00295 rsbac_pid_t pid;
00296 rsbac_uid_t * trulist;
00297 rsbac_time_t * ttllist;
00298 u_int maxnum;
00299 };
00300
00301 struct rsys_pm_t
00302 {
00303 rsbac_list_ta_number_t ta_number;
00304 rsbac_enum_t function;
00305 union rsbac_pm_function_param_t * param_p;
00306 rsbac_pm_tkt_id_t ticket;
00307 };
00308
00309 struct rsys_pm_change_current_task_t
00310 {
00311 rsbac_pm_task_id_t task;
00312 };
00313
00314 struct rsys_pm_create_file_t
00315 {
00316 const char * filename;
00317 int mode;
00318 rsbac_pm_object_class_id_t object_class;
00319 };
00320
00321 struct rsys_rc_copy_role_t
00322 {
00323 rsbac_list_ta_number_t ta_number;
00324 rsbac_rc_role_id_t from_role;
00325 rsbac_rc_role_id_t to_role;
00326 };
00327
00328 struct rsys_rc_copy_type_t
00329 {
00330 rsbac_list_ta_number_t ta_number;
00331 rsbac_enum_t target;
00332 rsbac_rc_type_id_t from_type;
00333 rsbac_rc_type_id_t to_type;
00334 };
00335
00336 struct rsys_rc_get_item_t
00337 {
00338 rsbac_list_ta_number_t ta_number;
00339 rsbac_enum_t target;
00340 union rsbac_rc_target_id_t * tid_p;
00341 union rsbac_rc_target_id_t * subtid_p;
00342 rsbac_enum_t item;
00343 union rsbac_rc_item_value_t * value_p;
00344 rsbac_time_t * ttl_p;
00345 };
00346
00347 struct rsys_rc_set_item_t
00348 {
00349 rsbac_list_ta_number_t ta_number;
00350 rsbac_enum_t target;
00351 union rsbac_rc_target_id_t * tid_p;
00352 union rsbac_rc_target_id_t * subtid_p;
00353 rsbac_enum_t item;
00354 union rsbac_rc_item_value_t * value_p;
00355 rsbac_time_t ttl;
00356 };
00357
00358 struct rsys_rc_get_list_t
00359 {
00360 rsbac_list_ta_number_t ta_number;
00361 rsbac_enum_t target;
00362 union rsbac_rc_target_id_t * tid_p;
00363 rsbac_enum_t item;
00364 u_int maxnum;
00365 __u32 * array_p;
00366 rsbac_time_t * ttl_array_p;
00367 };
00368
00369 struct rsys_rc_change_role_t
00370 {
00371 rsbac_rc_role_id_t role;
00372 };
00373
00374 struct rsys_rc_get_eff_rights_n_t
00375 {
00376 rsbac_list_ta_number_t ta_number;
00377 rsbac_enum_t target;
00378 char * t_name;
00379 rsbac_rc_request_vector_t * request_vector_p;
00380 rsbac_time_t * ttl_p;
00381 };
00382
00383 struct rsys_rc_get_current_role_t
00384 {
00385 rsbac_rc_role_id_t * role_p;
00386 };
00387
00388 struct rsys_auth_add_p_cap_t
00389 {
00390 rsbac_list_ta_number_t ta_number;
00391 rsbac_pid_t pid;
00392 rsbac_enum_t cap_type;
00393 struct rsbac_auth_cap_range_t cap_range;
00394 rsbac_time_t ttl;
00395 };
00396
00397 struct rsys_auth_remove_p_cap_t
00398 {
00399 rsbac_list_ta_number_t ta_number;
00400 rsbac_pid_t pid;
00401 rsbac_enum_t cap_type;
00402 struct rsbac_auth_cap_range_t cap_range;
00403 };
00404
00405 struct rsys_auth_add_f_cap_t
00406 {
00407 rsbac_list_ta_number_t ta_number;
00408 char * filename;
00409 rsbac_enum_t cap_type;
00410 struct rsbac_auth_cap_range_t cap_range;
00411 rsbac_time_t ttl;
00412 };
00413
00414 struct rsys_auth_remove_f_cap_t
00415 {
00416 rsbac_list_ta_number_t ta_number;
00417 char * filename;
00418 rsbac_enum_t cap_type;
00419 struct rsbac_auth_cap_range_t cap_range;
00420 };
00421
00422 struct rsys_auth_get_f_caplist_t
00423 {
00424 rsbac_list_ta_number_t ta_number;
00425 char * filename;
00426 rsbac_enum_t cap_type;
00427 struct rsbac_auth_cap_range_t * caplist;
00428 rsbac_time_t * ttllist;
00429 u_int maxnum;
00430 };
00431
00432 struct rsys_auth_get_p_caplist_t
00433 {
00434 rsbac_list_ta_number_t ta_number;
00435 rsbac_pid_t pid;
00436 rsbac_enum_t cap_type;
00437 struct rsbac_auth_cap_range_t * caplist;
00438 rsbac_time_t * ttllist;
00439 u_int maxnum;
00440 };
00441
00442 struct rsys_acl_t
00443 {
00444 rsbac_list_ta_number_t ta_number;
00445 rsbac_enum_t call;
00446 struct rsbac_acl_syscall_arg_t * arg;
00447 };
00448
00449 struct rsys_acl_n_t
00450 {
00451 rsbac_list_ta_number_t ta_number;
00452 rsbac_enum_t call;
00453 struct rsbac_acl_syscall_n_arg_t * arg;
00454 };
00455
00456 struct rsys_acl_get_rights_t
00457 {
00458 rsbac_list_ta_number_t ta_number;
00459 struct rsbac_acl_syscall_arg_t * arg;
00460 rsbac_acl_rights_vector_t * rights_p;
00461 u_int effective;
00462 };
00463
00464 struct rsys_acl_get_rights_n_t
00465 {
00466 rsbac_list_ta_number_t ta_number;
00467 struct rsbac_acl_syscall_n_arg_t * arg;
00468 rsbac_acl_rights_vector_t * rights_p;
00469 u_int effective;
00470 };
00471
00472 struct rsys_acl_get_tlist_t
00473 {
00474 rsbac_list_ta_number_t ta_number;
00475 rsbac_enum_t target;
00476 union rsbac_target_id_t * tid;
00477 struct rsbac_acl_entry_t * entry_array;
00478 rsbac_time_t * ttl_array;
00479 u_int maxnum;
00480 };
00481
00482 struct rsys_acl_get_tlist_n_t
00483 {
00484 rsbac_list_ta_number_t ta_number;
00485 rsbac_enum_t target;
00486 char * t_name;
00487 struct rsbac_acl_entry_t * entry_array;
00488 rsbac_time_t * ttl_array;
00489 u_int maxnum;
00490 };
00491
00492 struct rsys_acl_get_mask_t
00493 {
00494 rsbac_list_ta_number_t ta_number;
00495 rsbac_enum_t target;
00496 union rsbac_target_id_t * tid;
00497 rsbac_acl_rights_vector_t * mask_p;
00498 };
00499
00500 struct rsys_acl_get_mask_n_t
00501 {
00502 rsbac_list_ta_number_t ta_number;
00503 rsbac_enum_t target;
00504 char * t_name;
00505 rsbac_acl_rights_vector_t * mask_p;
00506 };
00507
00508 struct rsys_acl_group_t
00509 {
00510 rsbac_list_ta_number_t ta_number;
00511 rsbac_enum_t call;
00512 union rsbac_acl_group_syscall_arg_t * arg_p;
00513 };
00514
00515 struct rsys_reg_t
00516 {
00517 long handle;
00518 void * arg;
00519 };
00520
00521 struct rsys_jail_t
00522 {
00523 rsbac_version_t version;
00524 char * path;
00525 rsbac_jail_ip_t ip;
00526 rsbac_jail_flags_t flags;
00527 rsbac_cap_vector_t max_caps;
00528 rsbac_jail_scd_vector_t scd_get;
00529 rsbac_jail_scd_vector_t scd_modify;
00530 };
00531
00532 struct rsys_init_t
00533 {
00534 char * root_dev;
00535 };
00536
00537 struct rsys_um_auth_name_t
00538 {
00539 char * name;
00540 char * pass;
00541 };
00542
00543 struct rsys_um_auth_uid_t
00544 {
00545 rsbac_uid_t uid;
00546 char * pass;
00547 };
00548
00549 struct rsys_um_add_user_t
00550 {
00551 rsbac_list_ta_number_t ta_number;
00552 rsbac_uid_t uid;
00553 struct rsbac_um_user_entry_t * entry_p;
00554 char * pass;
00555 rsbac_time_t ttl;
00556 };
00557
00558 struct rsys_um_add_group_t
00559 {
00560 rsbac_list_ta_number_t ta_number;
00561 rsbac_gid_t gid;
00562 struct rsbac_um_group_entry_t * entry_p;
00563 char * pass;
00564 rsbac_time_t ttl;
00565 };
00566
00567 struct rsys_um_add_gm_t
00568 {
00569 rsbac_list_ta_number_t ta_number;
00570 rsbac_uid_t uid;
00571 rsbac_gid_t gid;
00572 rsbac_time_t ttl;
00573 };
00574
00575 struct rsys_um_mod_user_t
00576 {
00577 rsbac_list_ta_number_t ta_number;
00578 rsbac_uid_t uid;
00579 rsbac_enum_t mod;
00580 union rsbac_um_mod_data_t * data_p;
00581 };
00582
00583 struct rsys_um_mod_group_t
00584 {
00585 rsbac_list_ta_number_t ta_number;
00586 rsbac_gid_t gid;
00587 rsbac_enum_t mod;
00588 union rsbac_um_mod_data_t * data_p;
00589 };
00590
00591 struct rsys_um_get_user_item_t
00592 {
00593 rsbac_list_ta_number_t ta_number;
00594 rsbac_uid_t uid;
00595 rsbac_enum_t mod;
00596 union rsbac_um_mod_data_t * data_p;
00597 };
00598
00599 struct rsys_um_get_group_item_t
00600 {
00601 rsbac_list_ta_number_t ta_number;
00602 rsbac_gid_t gid;
00603 rsbac_enum_t mod;
00604 union rsbac_um_mod_data_t * data_p;
00605 };
00606
00607 struct rsys_um_remove_user_t
00608 {
00609 rsbac_list_ta_number_t ta_number;
00610 rsbac_uid_t uid;
00611 };
00612
00613 struct rsys_um_remove_group_t
00614 {
00615 rsbac_list_ta_number_t ta_number;
00616 rsbac_gid_t gid;
00617 };
00618
00619 struct rsys_um_remove_gm_t
00620 {
00621 rsbac_list_ta_number_t ta_number;
00622 rsbac_uid_t uid;
00623 rsbac_gid_t gid;
00624 };
00625
00626 struct rsys_um_user_exists_t
00627 {
00628 rsbac_list_ta_number_t ta_number;
00629 rsbac_uid_t uid;
00630 };
00631
00632 struct rsys_um_group_exists_t
00633 {
00634 rsbac_list_ta_number_t ta_number;
00635 rsbac_gid_t gid;
00636 };
00637
00638 struct rsys_um_get_next_user_t
00639 {
00640 rsbac_list_ta_number_t ta_number;
00641 rsbac_uid_t old_user;
00642 rsbac_uid_t * next_user_p;
00643 };
00644
00645 struct rsys_um_get_user_list_t
00646 {
00647 rsbac_list_ta_number_t ta_number;
00648 rsbac_uid_t * user_array;
00649 u_int maxnum;
00650 };
00651
00652 struct rsys_um_get_gm_list_t
00653 {
00654 rsbac_list_ta_number_t ta_number;
00655 rsbac_uid_t user;
00656 rsbac_gid_t * group_array;
00657 u_int maxnum;
00658 };
00659
00660 struct rsys_um_get_gm_user_list_t
00661 {
00662 rsbac_list_ta_number_t ta_number;
00663 rsbac_gid_t group;
00664 rsbac_uid_t * user_array;
00665 u_int maxnum;
00666 };
00667
00668 struct rsys_um_get_group_list_t
00669 {
00670 rsbac_list_ta_number_t ta_number;
00671 rsbac_gid_t * group_array;
00672 u_int maxnum;
00673 };
00674
00675 struct rsys_um_get_uid_t
00676 {
00677 rsbac_list_ta_number_t ta_number;
00678 char * name;
00679 rsbac_uid_t * uid_p;
00680 };
00681
00682 struct rsys_um_get_gid_t
00683 {
00684 rsbac_list_ta_number_t ta_number;
00685 char * name;
00686 rsbac_gid_t * gid_p;
00687 };
00688
00689 struct rsys_um_set_pass_t
00690 {
00691 rsbac_uid_t uid;
00692 char * old_pass;
00693 char * new_pass;
00694 };
00695
00696 struct rsys_um_set_pass_name_t
00697 {
00698 char * name;
00699 char * old_pass;
00700 char * new_pass;
00701 };
00702
00703 struct rsys_um_set_group_pass_t
00704 {
00705 rsbac_gid_t gid;
00706 char * new_pass;
00707 };
00708
00709 struct rsys_um_check_account_t
00710 {
00711 rsbac_uid_t uid;
00712 };
00713
00714 struct rsys_um_check_account_name_t
00715 {
00716 char * name;
00717 };
00718
00719 struct rsys_list_ta_begin_t
00720 {
00721 rsbac_time_t ttl;
00722 rsbac_list_ta_number_t * ta_number_p;
00723 rsbac_uid_t commit_uid;
00724 char * password;
00725 };
00726
00727 struct rsys_list_ta_refresh_t
00728 {
00729 rsbac_time_t ttl;
00730 rsbac_list_ta_number_t ta_number;
00731 char * password;
00732 };
00733
00734 struct rsys_list_ta_commit_t
00735 {
00736 rsbac_list_ta_number_t ta_number;
00737 char * password;
00738 };
00739
00740 struct rsys_list_ta_forget_t
00741 {
00742 rsbac_list_ta_number_t ta_number;
00743 char * password;
00744 };
00745
00746 struct rsys_list_all_dev_t
00747 {
00748 rsbac_list_ta_number_t ta_number;
00749 struct rsbac_dev_desc_t * id_p;
00750 u_long maxnum;
00751 };
00752
00753 struct rsys_acl_list_all_dev_t
00754 {
00755 rsbac_list_ta_number_t ta_number;
00756 struct rsbac_dev_desc_t * id_p;
00757 u_long maxnum;
00758 };
00759
00760 struct rsys_list_all_user_t
00761 {
00762 rsbac_list_ta_number_t ta_number;
00763 rsbac_uid_t * id_p;
00764 u_long maxnum;
00765 };
00766
00767 struct rsys_acl_list_all_user_t
00768 {
00769 rsbac_list_ta_number_t ta_number;
00770 rsbac_uid_t * id_p;
00771 u_long maxnum;
00772 };
00773
00774 struct rsys_list_all_group_t
00775 {
00776 rsbac_list_ta_number_t ta_number;
00777 rsbac_gid_t * id_p;
00778 u_long maxnum;
00779 };
00780
00781 struct rsys_acl_list_all_group_t
00782 {
00783 rsbac_list_ta_number_t ta_number;
00784 rsbac_gid_t * id_p;
00785 u_long maxnum;
00786 };
00787
00788 union rsbac_syscall_arg_t
00789 {
00790 struct rsys_check_t check;
00791 struct rsys_get_attr_t get_attr;
00792 struct rsys_get_attr_n_t get_attr_n;
00793 struct rsys_set_attr_t set_attr;
00794 struct rsys_set_attr_n_t set_attr_n;
00795 struct rsys_remove_target_t remove_target;
00796 struct rsys_remove_target_n_t remove_target_n;
00797 struct rsys_net_list_all_netdev_t net_list_all_netdev;
00798 struct rsys_net_template_t net_template;
00799 struct rsys_net_list_all_template_t net_list_all_template;
00800 struct rsys_switch_t switch_module;
00801 struct rsys_adf_log_switch_t adf_log_switch;
00802 struct rsys_get_adf_log_t get_adf_log;
00803 struct rsys_log_t log;
00804 struct rsys_mac_set_curr_level_t mac_set_curr_level;
00805 struct rsys_mac_get_curr_level_t mac_get_curr_level;
00806 struct rsys_mac_get_max_level_t mac_get_max_level;
00807 struct rsys_mac_get_min_level_t mac_get_min_level;
00808 struct rsys_mac_add_p_tru_t mac_add_p_tru;
00809 struct rsys_mac_remove_p_tru_t mac_remove_p_tru;
00810 struct rsys_mac_add_f_tru_t mac_add_f_tru;
00811 struct rsys_mac_remove_f_tru_t mac_remove_f_tru;
00812 struct rsys_mac_get_f_trulist_t mac_get_f_trulist;
00813 struct rsys_mac_get_p_trulist_t mac_get_p_trulist;
00814 struct rsys_pm_t pm;
00815 struct rsys_pm_change_current_task_t pm_change_current_task;
00816 struct rsys_pm_create_file_t pm_create_file;
00817 struct rsys_rc_copy_role_t rc_copy_role;
00818 struct rsys_rc_copy_type_t rc_copy_type;
00819 struct rsys_rc_get_item_t rc_get_item;
00820 struct rsys_rc_set_item_t rc_set_item;
00821 struct rsys_rc_get_list_t rc_get_list;
00822 struct rsys_rc_change_role_t rc_change_role;
00823 struct rsys_rc_get_eff_rights_n_t rc_get_eff_rights_n;
00824 struct rsys_rc_get_current_role_t rc_get_current_role;
00825 struct rsys_auth_add_p_cap_t auth_add_p_cap;
00826 struct rsys_auth_remove_p_cap_t auth_remove_p_cap;
00827 struct rsys_auth_add_f_cap_t auth_add_f_cap;
00828 struct rsys_auth_remove_f_cap_t auth_remove_f_cap;
00829 struct rsys_auth_get_f_caplist_t auth_get_f_caplist;
00830 struct rsys_auth_get_p_caplist_t auth_get_p_caplist;
00831 struct rsys_acl_t acl;
00832 struct rsys_acl_n_t acl_n;
00833 struct rsys_acl_get_rights_t acl_get_rights;
00834 struct rsys_acl_get_rights_n_t acl_get_rights_n;
00835 struct rsys_acl_get_tlist_t acl_get_tlist;
00836 struct rsys_acl_get_tlist_n_t acl_get_tlist_n;
00837 struct rsys_acl_get_mask_t acl_get_mask;
00838 struct rsys_acl_get_mask_n_t acl_get_mask_n;
00839 struct rsys_acl_group_t acl_group;
00840 struct rsys_reg_t reg;
00841 struct rsys_jail_t jail;
00842 struct rsys_init_t init;
00843 struct rsys_um_auth_name_t um_auth_name;
00844 struct rsys_um_auth_uid_t um_auth_uid;
00845 struct rsys_um_add_user_t um_add_user;
00846 struct rsys_um_add_group_t um_add_group;
00847 struct rsys_um_add_gm_t um_add_gm;
00848 struct rsys_um_mod_user_t um_mod_user;
00849 struct rsys_um_mod_group_t um_mod_group;
00850 struct rsys_um_get_user_item_t um_get_user_item;
00851 struct rsys_um_get_group_item_t um_get_group_item;
00852 struct rsys_um_remove_user_t um_remove_user;
00853 struct rsys_um_remove_group_t um_remove_group;
00854 struct rsys_um_remove_gm_t um_remove_gm;
00855 struct rsys_um_user_exists_t um_user_exists;
00856 struct rsys_um_group_exists_t um_group_exists;
00857 struct rsys_um_get_next_user_t um_get_next_user;
00858 struct rsys_um_get_user_list_t um_get_user_list;
00859 struct rsys_um_get_gm_list_t um_get_gm_list;
00860 struct rsys_um_get_gm_user_list_t um_get_gm_user_list;
00861 struct rsys_um_get_group_list_t um_get_group_list;
00862 struct rsys_um_get_uid_t um_get_uid;
00863 struct rsys_um_get_gid_t um_get_gid;
00864 struct rsys_um_set_pass_t um_set_pass;
00865 struct rsys_um_set_pass_name_t um_set_pass_name;
00866 struct rsys_um_set_group_pass_t um_set_group_pass;
00867 struct rsys_um_check_account_t um_check_account;
00868 struct rsys_um_check_account_name_t um_check_account_name;
00869 struct rsys_list_ta_begin_t list_ta_begin;
00870 struct rsys_list_ta_refresh_t list_ta_refresh;
00871 struct rsys_list_ta_commit_t list_ta_commit;
00872 struct rsys_list_ta_forget_t list_ta_forget;
00873 struct rsys_list_all_dev_t list_all_dev;
00874 struct rsys_acl_list_all_dev_t acl_list_all_dev;
00875 struct rsys_list_all_user_t list_all_user;
00876 struct rsys_acl_list_all_user_t acl_list_all_user;
00877 struct rsys_list_all_group_t list_all_group;
00878 struct rsys_acl_list_all_group_t acl_list_all_group;
00879 int dummy;
00880 };
00881
00882 #ifndef __KERNEL__
00883
00884 int rsbac_stats(void);
00885
00886 int rsbac_check(int correct, int check_inode);
00887
00888 int rsbac_write(void);
00889
00890 int rsbac_get_attr(
00891 rsbac_list_ta_number_t ta_number,
00892 enum rsbac_switch_target_t module,
00893 enum rsbac_target_t target,
00894 union rsbac_target_id_t * tid,
00895 enum rsbac_attribute_t attr,
00896 union rsbac_attribute_value_t * value,
00897 int inherit);
00898
00899 int rsbac_get_attr_n(
00900 rsbac_list_ta_number_t ta_number,
00901 enum rsbac_switch_target_t module,
00902 enum rsbac_target_t target,
00903 char * t_name,
00904 enum rsbac_attribute_t attr,
00905 union rsbac_attribute_value_t * value,
00906 int inherit);
00907
00908 int rsbac_set_attr(
00909 rsbac_list_ta_number_t ta_number,
00910 enum rsbac_switch_target_t module,
00911 enum rsbac_target_t target,
00912 union rsbac_target_id_t * tid,
00913 enum rsbac_attribute_t attr,
00914 union rsbac_attribute_value_t * value);
00915
00916
00917 int rsbac_set_attr_n(
00918 rsbac_list_ta_number_t ta_number,
00919 enum rsbac_switch_target_t module,
00920 enum rsbac_target_t target,
00921 char * t_name,
00922 enum rsbac_attribute_t attr,
00923 union rsbac_attribute_value_t * value);
00924
00925 int rsbac_remove_target(
00926 rsbac_list_ta_number_t ta_number,
00927 enum rsbac_target_t target,
00928 union rsbac_target_id_t * tid);
00929
00930 int rsbac_remove_target_n(
00931 rsbac_list_ta_number_t ta_number,
00932 enum rsbac_target_t target,
00933 char * t_name);
00934
00935 int rsbac_net_list_all_netdev(
00936 rsbac_list_ta_number_t ta_number,
00937 rsbac_netdev_id_t * id_p,
00938 u_long maxnum);
00939
00940 int rsbac_net_template(
00941 rsbac_list_ta_number_t ta_number,
00942 enum rsbac_net_temp_syscall_t call,
00943 rsbac_net_temp_id_t id,
00944 union rsbac_net_temp_syscall_data_t * data_p);
00945
00946 int rsbac_net_list_all_template(
00947 rsbac_list_ta_number_t ta_number,
00948 rsbac_net_temp_id_t * id_p,
00949 u_long maxnum);
00950
00951 int rsbac_switch(enum rsbac_switch_target_t target, int value);
00952
00953
00954
00955 int rsbac_mac_set_curr_level(rsbac_security_level_t level,
00956 rsbac_mac_category_vector_t * categories_p);
00957
00958 int rsbac_mac_get_curr_level(rsbac_security_level_t * level_p,
00959 rsbac_mac_category_vector_t * categories_p);
00960
00961 int rsbac_mac_get_max_level(rsbac_security_level_t * level_p,
00962 rsbac_mac_category_vector_t * categories_p);
00963
00964 int rsbac_mac_get_min_level(rsbac_security_level_t * level_p,
00965 rsbac_mac_category_vector_t * categories_p);
00966
00967 int rsbac_mac_add_p_tru(
00968 rsbac_list_ta_number_t ta_number,
00969 rsbac_pid_t pid,
00970 rsbac_uid_t uid,
00971 rsbac_time_t ttl);
00972
00973 int rsbac_mac_remove_p_tru(
00974 rsbac_list_ta_number_t ta_number,
00975 rsbac_pid_t pid,
00976 rsbac_uid_t uid);
00977
00978 int rsbac_mac_add_f_tru(
00979 rsbac_list_ta_number_t ta_number,
00980 char * filename,
00981 rsbac_uid_t uid,
00982 rsbac_time_t ttl);
00983
00984 int rsbac_mac_remove_f_tru(
00985 rsbac_list_ta_number_t ta_number,
00986 char * filename,
00987 rsbac_uid_t uid);
00988
00989
00990 int rsbac_mac_get_f_trulist(
00991 rsbac_list_ta_number_t ta_number,
00992 char * filename,
00993 rsbac_uid_t trulist[],
00994 rsbac_time_t ttllist[],
00995 u_int maxnum);
00996
00997 int rsbac_mac_get_p_trulist(
00998 rsbac_list_ta_number_t ta_number,
00999 rsbac_pid_t pid,
01000 rsbac_uid_t trulist[],
01001 rsbac_time_t ttllist[],
01002 u_int maxnum);
01003
01004
01005
01006 int rsbac_stats_pm(void);
01007
01008 int rsbac_pm(
01009 rsbac_list_ta_number_t ta_number,
01010 enum rsbac_pm_function_type_t function,
01011 union rsbac_pm_function_param_t * param_p,
01012 rsbac_pm_tkt_id_t ticket);
01013
01014 int rsbac_pm_change_current_task(rsbac_pm_task_id_t task);
01015
01016 int rsbac_pm_create_file(const char * filename,
01017 int mode,
01018 rsbac_pm_object_class_id_t object_class);
01019
01020
01021
01022 int rsbac_daz_flush_cache(void);
01023
01024
01025
01026 int rsbac_rc_copy_role(
01027 rsbac_list_ta_number_t ta_number,
01028 rsbac_rc_role_id_t from_role,
01029 rsbac_rc_role_id_t to_role);
01030
01031 int rsbac_rc_copy_type(
01032 rsbac_list_ta_number_t ta_number,
01033 enum rsbac_target_t target,
01034 rsbac_rc_type_id_t from_type,
01035 rsbac_rc_type_id_t to_type);
01036
01037 int rsbac_rc_get_item(
01038 rsbac_list_ta_number_t ta_number,
01039 enum rsbac_rc_target_t target,
01040 union rsbac_rc_target_id_t * tid_p,
01041 union rsbac_rc_target_id_t * subtid_p,
01042 enum rsbac_rc_item_t item,
01043 union rsbac_rc_item_value_t * value_p,
01044 rsbac_time_t * ttl_p);
01045
01046
01047 int rsbac_rc_set_item(
01048 rsbac_list_ta_number_t ta_number,
01049 enum rsbac_rc_target_t target,
01050 union rsbac_rc_target_id_t * tid_p,
01051 union rsbac_rc_target_id_t * subtid_p,
01052 enum rsbac_rc_item_t item,
01053 union rsbac_rc_item_value_t * value_p,
01054 rsbac_time_t ttl);
01055
01056 int rsbac_rc_get_list(
01057 rsbac_list_ta_number_t ta_number,
01058 enum rsbac_rc_target_t target,
01059 union rsbac_rc_target_id_t * tid_p,
01060 enum rsbac_rc_item_t item,
01061 u_int maxnum,
01062 __u32 * array_p,
01063 rsbac_time_t * ttl_array_p);
01064
01065 int rsbac_rc_change_role (rsbac_rc_role_id_t role);
01066
01067 int rsbac_rc_get_eff_rights_n(
01068 rsbac_list_ta_number_t ta_number,
01069 enum rsbac_target_t target,
01070 char * t_name,
01071 rsbac_rc_request_vector_t * request_vector_p,
01072 rsbac_time_t * ttl_p);
01073
01074 int rsbac_rc_get_current_role (rsbac_rc_role_id_t * role_p);
01075
01076
01077
01078
01079
01080 int rsbac_auth_add_p_cap(
01081 rsbac_list_ta_number_t ta_number,
01082 rsbac_pid_t pid,
01083 enum rsbac_auth_cap_type_t cap_type,
01084 struct rsbac_auth_cap_range_t cap_range,
01085 rsbac_time_t ttl);
01086
01087 int rsbac_auth_remove_p_cap(
01088 rsbac_list_ta_number_t ta_number,
01089 rsbac_pid_t pid,
01090 enum rsbac_auth_cap_type_t cap_type,
01091 struct rsbac_auth_cap_range_t cap_range);
01092
01093 int rsbac_auth_add_f_cap(
01094 rsbac_list_ta_number_t ta_number,
01095 char * filename,
01096 enum rsbac_auth_cap_type_t cap_type,
01097 struct rsbac_auth_cap_range_t cap_range,
01098 rsbac_time_t ttl);
01099
01100 int rsbac_auth_remove_f_cap(
01101 rsbac_list_ta_number_t ta_number,
01102 char * filename,
01103 enum rsbac_auth_cap_type_t cap_type,
01104 struct rsbac_auth_cap_range_t cap_range);
01105
01106
01107 int rsbac_auth_get_f_caplist(
01108 rsbac_list_ta_number_t ta_number,
01109 char * filename,
01110 enum rsbac_auth_cap_type_t cap_type,
01111 struct rsbac_auth_cap_range_t caplist[],
01112 rsbac_time_t ttllist[],
01113 u_int maxnum);
01114
01115 int rsbac_auth_get_p_caplist(
01116 rsbac_list_ta_number_t ta_number,
01117 rsbac_pid_t pid,
01118 enum rsbac_auth_cap_type_t cap_type,
01119 struct rsbac_auth_cap_range_t caplist[],
01120 rsbac_time_t ttllist[],
01121 u_int maxnum);
01122
01123
01124
01125
01126 int rsbac_reg(rsbac_reg_handle_t handle,
01127 void * arg);
01128
01129
01130
01131
01132
01133 int rsbac_acl(
01134 rsbac_list_ta_number_t ta_number,
01135 enum rsbac_acl_syscall_type_t call,
01136 struct rsbac_acl_syscall_arg_t * arg);
01137
01138 int rsbac_acl_n(
01139 rsbac_list_ta_number_t ta_number,
01140 enum rsbac_acl_syscall_type_t call,
01141 struct rsbac_acl_syscall_n_arg_t * arg);
01142
01143 int rsbac_acl_get_rights(
01144 rsbac_list_ta_number_t ta_number,
01145 struct rsbac_acl_syscall_arg_t * arg,
01146 rsbac_acl_rights_vector_t * rights_p,
01147 u_int effective);
01148
01149
01150 int rsbac_acl_get_rights_n(
01151 rsbac_list_ta_number_t ta_number,
01152 struct rsbac_acl_syscall_n_arg_t * arg,
01153 rsbac_acl_rights_vector_t * rights_p,
01154 u_int effective);
01155
01156 int rsbac_acl_get_tlist (
01157 rsbac_list_ta_number_t ta_number,
01158 enum rsbac_target_t target,
01159 union rsbac_target_id_t * tid,
01160 struct rsbac_acl_entry_t entry_array[],
01161 rsbac_time_t ttl_array[],
01162 u_int maxnum);
01163
01164 int rsbac_acl_get_tlist_n(
01165 rsbac_list_ta_number_t ta_number,
01166 enum rsbac_target_t target,
01167 char * t_name,
01168 struct rsbac_acl_entry_t entry_array[],
01169 rsbac_time_t ttl_array[],
01170 u_int maxnum);
01171
01172 int rsbac_acl_get_mask (
01173 rsbac_list_ta_number_t ta_number,
01174 enum rsbac_target_t target,
01175 union rsbac_target_id_t * tid,
01176 rsbac_acl_rights_vector_t * mask_p);
01177
01178 int rsbac_acl_get_mask_n(
01179 rsbac_list_ta_number_t ta_number,
01180 enum rsbac_target_t target,
01181 char * t_name,
01182 rsbac_acl_rights_vector_t * mask_p);
01183
01184
01185
01186 int rsbac_acl_group(
01187 rsbac_list_ta_number_t ta_number,
01188 enum rsbac_acl_group_syscall_type_t call,
01189 union rsbac_acl_group_syscall_arg_t * arg_p);
01190
01191
01192
01193
01194
01195 int rsbac_jail(rsbac_version_t version,
01196 char * path,
01197 rsbac_jail_ip_t ip,
01198 rsbac_jail_flags_t flags,
01199 rsbac_cap_vector_t max_caps,
01200 rsbac_jail_scd_vector_t scd_get,
01201 rsbac_jail_scd_vector_t scd_modify
01202 );
01203
01204
01205
01206
01207 int rsbac_um_auth_name(char * name,
01208 char * pass);
01209
01210 int rsbac_um_auth_uid(rsbac_uid_t uid,
01211 char * pass);
01212
01213 int rsbac_um_add_user(
01214 rsbac_list_ta_number_t ta_number,
01215 rsbac_uid_t uid,
01216 struct rsbac_um_user_entry_t * entry_p,
01217 char * pass,
01218 rsbac_time_t ttl);
01219
01220 int rsbac_um_add_group(
01221 rsbac_list_ta_number_t ta_number,
01222 rsbac_gid_t gid,
01223 struct rsbac_um_group_entry_t * entry_p,
01224 char * pass,
01225 rsbac_time_t ttl);
01226
01227 int rsbac_um_add_gm(
01228 rsbac_list_ta_number_t ta_number,
01229 rsbac_uid_t uid,
01230 rsbac_gid_t gid,
01231 rsbac_time_t ttl);
01232
01233 int rsbac_um_mod_user(
01234 rsbac_list_ta_number_t ta_number,
01235 rsbac_uid_t uid,
01236 enum rsbac_um_mod_t mod,
01237 union rsbac_um_mod_data_t * data_p);
01238
01239 int rsbac_um_mod_group(
01240 rsbac_list_ta_number_t ta_number,
01241 rsbac_gid_t gid,
01242 enum rsbac_um_mod_t mod,
01243 union rsbac_um_mod_data_t * data_p);
01244
01245 int rsbac_um_get_user_item(
01246 rsbac_list_ta_number_t ta_number,
01247 rsbac_uid_t uid,
01248 enum rsbac_um_mod_t mod,
01249 union rsbac_um_mod_data_t * data_p);
01250
01251 int rsbac_um_get_group_item(
01252 rsbac_list_ta_number_t ta_number,
01253 rsbac_gid_t gid,
01254 enum rsbac_um_mod_t mod,
01255 union rsbac_um_mod_data_t * data_p);
01256
01257 int rsbac_um_remove_user(
01258 rsbac_list_ta_number_t ta_number,
01259 rsbac_uid_t uid);
01260
01261 int rsbac_um_remove_group(
01262 rsbac_list_ta_number_t ta_number,
01263 rsbac_gid_t gid);
01264
01265 int rsbac_um_remove_gm(
01266 rsbac_list_ta_number_t ta_number,
01267 rsbac_uid_t uid,
01268 rsbac_gid_t gid);
01269
01270 int rsbac_um_user_exists(
01271 rsbac_list_ta_number_t ta_number,
01272 rsbac_uid_t uid);
01273
01274 int rsbac_um_group_exists(
01275 rsbac_list_ta_number_t ta_number,
01276 rsbac_gid_t gid);
01277
01278 int rsbac_um_get_next_user(
01279 rsbac_list_ta_number_t ta_number,
01280 rsbac_uid_t old_user,
01281 rsbac_uid_t * next_user_p);
01282
01283 int rsbac_um_get_user_list(
01284 rsbac_list_ta_number_t ta_number,
01285 rsbac_uid_t user_array[],
01286 u_int maxnum);
01287
01288 int rsbac_um_get_gm_list(
01289 rsbac_list_ta_number_t ta_number,
01290 rsbac_uid_t user,
01291 rsbac_gid_t group_array[],
01292 u_int maxnum);
01293
01294 int rsbac_um_get_gm_user_list(
01295 rsbac_list_ta_number_t ta_number,
01296 rsbac_gid_t group,
01297 rsbac_uid_t user_array[],
01298 u_int maxnum);
01299
01300 int rsbac_um_get_group_list(
01301 rsbac_list_ta_number_t ta_number,
01302 rsbac_gid_t group_array[],
01303 u_int maxnum);
01304
01305 int rsbac_um_get_uid(
01306 rsbac_list_ta_number_t ta_number,
01307 char * name,
01308 rsbac_uid_t * uid_p);
01309
01310 int rsbac_um_get_gid(
01311 rsbac_list_ta_number_t ta_number,
01312 char * name,
01313 rsbac_gid_t * gid_p);
01314
01315 int rsbac_um_set_pass(rsbac_uid_t uid,
01316 char * old_pass,
01317 char * new_pass);
01318
01319 int rsbac_um_set_pass_name(char * name,
01320 char * old_pass,
01321 char * new_pass);
01322
01323 int rsbac_um_set_group_pass(rsbac_gid_t gid,
01324 char * new_pass);
01325
01326 int rsbac_um_check_account(rsbac_uid_t uid);
01327
01328 int rsbac_um_check_account_name(char * name);
01329
01330 int rsbac_list_ta_begin(rsbac_time_t ttl,
01331 rsbac_list_ta_number_t * ta_number_p,
01332 rsbac_uid_t commit_uid,
01333 char * password);
01334
01335 int rsbac_list_ta_refresh(rsbac_time_t ttl,
01336 rsbac_list_ta_number_t ta_number,
01337 char * password);
01338
01339 int rsbac_list_ta_commit(rsbac_list_ta_number_t ta_number,
01340 char * password);
01341
01342 int rsbac_list_ta_forget(rsbac_list_ta_number_t ta_number,
01343 char * password);
01344
01345 int rsbac_list_all_dev(
01346 rsbac_list_ta_number_t ta_number,
01347 struct rsbac_dev_desc_t * id_p,
01348 u_long maxnum);
01349
01350 int rsbac_acl_list_all_dev(
01351 rsbac_list_ta_number_t ta_number,
01352 struct rsbac_dev_desc_t * id_p,
01353 u_long maxnum);
01354
01355 int rsbac_list_all_user(
01356 rsbac_list_ta_number_t ta_number,
01357 rsbac_uid_t * id_p,
01358 u_long maxnum);
01359
01360 int rsbac_acl_list_all_user(
01361 rsbac_list_ta_number_t ta_number,
01362 rsbac_uid_t * id_p,
01363 u_long maxnum);
01364
01365 int rsbac_list_all_group(
01366 rsbac_list_ta_number_t ta_number,
01367 rsbac_gid_t * id_p,
01368 u_long maxnum);
01369
01370 int rsbac_acl_list_all_group(
01371 rsbac_list_ta_number_t ta_number,
01372 rsbac_gid_t * id_p,
01373 u_long maxnum);
01374
01375
01376
01377
01378
01379 int rsbac_adf_log_switch(enum rsbac_adf_request_t request,
01380 enum rsbac_target_t target,
01381 u_int value);
01382
01383 int rsbac_get_adf_log(enum rsbac_adf_request_t request,
01384 enum rsbac_target_t target,
01385 u_int * value_p);
01386
01387
01388
01389
01390
01391
01392
01393
01394
01395
01396
01397 int rsbac_log(int type,
01398 char * buf,
01399 int len);
01400
01401 int rsbac_init(char * root_dev);
01402
01403 #endif
01404
01405 #endif
