00001
00002
00003
00004
00005
00006
00007
00008
00009
00010 #ifndef __RSBAC_ADF_MAIN_H
00011 #define __RSBAC_ADF_MAIN_H
00012
00013 #include <linux/sched.h>
00014 #include <rsbac/types.h>
00015
00016 #if defined(CONFIG_RSBAC_REG) || defined(CONFIG_RSBAC_REG_MAINT)
00017 #include <rsbac/reg.h>
00018 #endif
00019
00020 #ifdef CONFIG_RSBAC_SECDEL
00021 #include <linux/dcache.h>
00022 #endif
00023
00024
00025
00026
00027
00028 extern u_long rsbac_adf_request_count[T_NONE+1];
00029 extern u_long rsbac_adf_set_attr_count[T_NONE+1];
00030 #ifdef CONFIG_RSBAC_XSTATS
00031 extern u_long rsbac_adf_request_xcount[T_NONE+1][R_NONE];
00032 extern u_long rsbac_adf_set_attr_xcount[T_NONE+1][R_NONE];
00033 #endif
00034
00035
00036
00037
00038
00039
00040 extern struct task_struct * find_process_by_pid(pid_t);
00041
00042 #ifdef CONFIG_RSBAC_DEBUG
00043 extern enum rsbac_adf_req_ret_t
00044 rsbac_adf_request_check (enum rsbac_adf_request_t request,
00045 rsbac_pid_t caller_pid,
00046 enum rsbac_target_t target,
00047 union rsbac_target_id_t * tid_p,
00048 enum rsbac_attribute_t attr,
00049 union rsbac_attribute_value_t * attr_val_p,
00050 rsbac_uid_t owner);
00051
00052 extern int rsbac_adf_set_attr_check( enum rsbac_adf_request_t,
00053 rsbac_pid_t,
00054 enum rsbac_target_t,
00055 union rsbac_target_id_t,
00056 enum rsbac_target_t,
00057 union rsbac_target_id_t,
00058 enum rsbac_attribute_t,
00059 union rsbac_attribute_value_t,
00060 rsbac_uid_t);
00061 #endif
00062
00063 extern enum rsbac_adf_req_ret_t
00064 adf_and_plus(enum rsbac_adf_req_ret_t res1,
00065 enum rsbac_adf_req_ret_t res2);
00066
00067
00068
00069
00070
00071 #if !defined(CONFIG_RSBAC_MAINT)
00072
00073
00074
00075 #ifdef CONFIG_RSBAC_MAC
00076 #ifdef CONFIG_RSBAC_SWITCH_MAC
00077 extern rsbac_boolean_t rsbac_switch_mac;
00078 #endif
00079
00080 extern enum rsbac_adf_req_ret_t rsbac_adf_request_mac(
00081 enum rsbac_adf_request_t,
00082 rsbac_pid_t,
00083 enum rsbac_target_t,
00084 union rsbac_target_id_t,
00085 enum rsbac_attribute_t,
00086 union rsbac_attribute_value_t,
00087 rsbac_uid_t);
00088
00089 extern int rsbac_adf_set_attr_mac( enum rsbac_adf_request_t,
00090 rsbac_pid_t,
00091 enum rsbac_target_t,
00092 union rsbac_target_id_t,
00093 enum rsbac_target_t,
00094 union rsbac_target_id_t,
00095 enum rsbac_attribute_t,
00096 union rsbac_attribute_value_t,
00097 rsbac_uid_t);
00098
00099 #endif
00100
00101
00102
00103
00104 #ifdef CONFIG_RSBAC_PM
00105 #ifdef CONFIG_RSBAC_SWITCH_PM
00106 extern rsbac_boolean_t rsbac_switch_pm;
00107 #endif
00108
00109 extern enum rsbac_adf_req_ret_t rsbac_adf_request_pm(
00110 enum rsbac_adf_request_t,
00111 rsbac_pid_t,
00112 enum rsbac_target_t,
00113 union rsbac_target_id_t,
00114 enum rsbac_attribute_t,
00115 union rsbac_attribute_value_t,
00116 rsbac_uid_t);
00117
00118 extern int rsbac_adf_set_attr_pm ( enum rsbac_adf_request_t,
00119 rsbac_pid_t,
00120 enum rsbac_target_t,
00121 union rsbac_target_id_t,
00122 enum rsbac_target_t,
00123 union rsbac_target_id_t,
00124 enum rsbac_attribute_t,
00125 union rsbac_attribute_value_t,
00126 rsbac_uid_t);
00127
00128 #ifdef CONFIG_RSBAC_SECDEL
00129 extern rsbac_boolean_t rsbac_need_overwrite_pm(struct dentry * dentry_p);
00130 #endif
00131
00132 #endif
00133
00134
00135
00136 #ifdef CONFIG_RSBAC_DAZ
00137 #ifdef CONFIG_RSBAC_SWITCH_DAZ
00138 extern rsbac_boolean_t rsbac_switch_daz;
00139 #endif
00140
00141 extern enum rsbac_adf_req_ret_t rsbac_adf_request_daz(
00142 enum rsbac_adf_request_t,
00143 rsbac_pid_t,
00144 enum rsbac_target_t,
00145 union rsbac_target_id_t,
00146 enum rsbac_attribute_t,
00147 union rsbac_attribute_value_t,
00148 rsbac_uid_t);
00149
00150 extern int rsbac_adf_set_attr_daz (enum rsbac_adf_request_t,
00151 rsbac_pid_t,
00152 enum rsbac_target_t,
00153 union rsbac_target_id_t,
00154 enum rsbac_target_t,
00155 union rsbac_target_id_t,
00156 enum rsbac_attribute_t,
00157 union rsbac_attribute_value_t,
00158 rsbac_uid_t);
00159
00160 #endif
00161
00162
00163
00164 #ifdef CONFIG_RSBAC_FF
00165 #ifdef CONFIG_RSBAC_SWITCH_FF
00166 extern rsbac_boolean_t rsbac_switch_ff;
00167 #endif
00168
00169 extern enum rsbac_adf_req_ret_t rsbac_adf_request_ff(
00170 enum rsbac_adf_request_t,
00171 rsbac_pid_t,
00172 enum rsbac_target_t,
00173 union rsbac_target_id_t,
00174 enum rsbac_attribute_t,
00175 union rsbac_attribute_value_t,
00176 rsbac_uid_t);
00177
00178 extern int rsbac_adf_set_attr_ff ( enum rsbac_adf_request_t,
00179 rsbac_pid_t,
00180 enum rsbac_target_t,
00181 union rsbac_target_id_t,
00182 enum rsbac_target_t,
00183 union rsbac_target_id_t,
00184 enum rsbac_attribute_t,
00185 union rsbac_attribute_value_t,
00186 rsbac_uid_t);
00187
00188 #ifdef CONFIG_RSBAC_SECDEL
00189 extern rsbac_boolean_t rsbac_need_overwrite_ff(struct dentry * dentry_p);
00190 #endif
00191
00192 #endif
00193
00194
00195
00196 #ifdef CONFIG_RSBAC_RC
00197 #ifdef CONFIG_RSBAC_SWITCH_RC
00198 extern rsbac_boolean_t rsbac_switch_rc;
00199 #endif
00200
00201 extern enum rsbac_adf_req_ret_t rsbac_adf_request_rc(
00202 enum rsbac_adf_request_t,
00203 rsbac_pid_t,
00204 enum rsbac_target_t,
00205 union rsbac_target_id_t,
00206 enum rsbac_attribute_t,
00207 union rsbac_attribute_value_t,
00208 rsbac_uid_t);
00209
00210 extern int rsbac_adf_set_attr_rc ( enum rsbac_adf_request_t,
00211 rsbac_pid_t,
00212 enum rsbac_target_t,
00213 union rsbac_target_id_t,
00214 enum rsbac_target_t,
00215 union rsbac_target_id_t,
00216 enum rsbac_attribute_t,
00217 union rsbac_attribute_value_t,
00218 rsbac_uid_t);
00219
00220
00221 #ifdef CONFIG_RSBAC_SECDEL
00222 extern rsbac_boolean_t rsbac_need_overwrite_rc(struct dentry * dentry_p);
00223 #endif
00224 #endif
00225
00226
00227
00228 #ifdef CONFIG_RSBAC_AUTH
00229 #ifdef CONFIG_RSBAC_SWITCH_AUTH
00230 extern rsbac_boolean_t rsbac_switch_auth;
00231 #endif
00232
00233 extern enum rsbac_adf_req_ret_t rsbac_adf_request_auth(
00234 enum rsbac_adf_request_t,
00235 rsbac_pid_t,
00236 enum rsbac_target_t,
00237 union rsbac_target_id_t,
00238 enum rsbac_attribute_t,
00239 union rsbac_attribute_value_t,
00240 rsbac_uid_t);
00241
00242 extern int rsbac_adf_set_attr_auth(enum rsbac_adf_request_t,
00243 rsbac_pid_t,
00244 enum rsbac_target_t,
00245 union rsbac_target_id_t,
00246 enum rsbac_target_t,
00247 union rsbac_target_id_t,
00248 enum rsbac_attribute_t,
00249 union rsbac_attribute_value_t,
00250 rsbac_uid_t);
00251
00252 #endif
00253
00254
00255
00256 #ifdef CONFIG_RSBAC_ACL
00257 #ifdef CONFIG_RSBAC_SWITCH_ACL
00258 extern rsbac_boolean_t rsbac_switch_acl;
00259 #endif
00260
00261 extern enum rsbac_adf_req_ret_t rsbac_adf_request_acl(
00262 enum rsbac_adf_request_t,
00263 rsbac_pid_t,
00264 enum rsbac_target_t,
00265 union rsbac_target_id_t,
00266 enum rsbac_attribute_t,
00267 union rsbac_attribute_value_t,
00268 rsbac_uid_t);
00269
00270 extern int rsbac_adf_set_attr_acl (enum rsbac_adf_request_t,
00271 rsbac_pid_t,
00272 enum rsbac_target_t,
00273 union rsbac_target_id_t,
00274 enum rsbac_target_t,
00275 union rsbac_target_id_t,
00276 enum rsbac_attribute_t,
00277 union rsbac_attribute_value_t,
00278 rsbac_uid_t);
00279
00280 #endif
00281
00282
00283
00284 #ifdef CONFIG_RSBAC_CAP
00285 #ifdef CONFIG_RSBAC_SWITCH_CAP
00286 extern rsbac_boolean_t rsbac_switch_cap;
00287 #endif
00288
00289 extern enum rsbac_adf_req_ret_t rsbac_adf_request_cap(
00290 enum rsbac_adf_request_t,
00291 rsbac_pid_t,
00292 enum rsbac_target_t,
00293 union rsbac_target_id_t,
00294 enum rsbac_attribute_t,
00295 union rsbac_attribute_value_t,
00296 rsbac_uid_t);
00297
00298 extern int rsbac_adf_set_attr_cap (enum rsbac_adf_request_t,
00299 rsbac_pid_t,
00300 enum rsbac_target_t,
00301 union rsbac_target_id_t,
00302 enum rsbac_target_t,
00303 union rsbac_target_id_t,
00304 enum rsbac_attribute_t,
00305 union rsbac_attribute_value_t,
00306 rsbac_uid_t);
00307
00308 #endif
00309
00310
00311
00312 #ifdef CONFIG_RSBAC_JAIL
00313 #ifdef CONFIG_RSBAC_SWITCH_JAIL
00314 extern rsbac_boolean_t rsbac_switch_jail;
00315 #endif
00316
00317 extern enum rsbac_adf_req_ret_t rsbac_adf_request_jail(
00318 enum rsbac_adf_request_t,
00319 rsbac_pid_t,
00320 enum rsbac_target_t,
00321 union rsbac_target_id_t,
00322 enum rsbac_attribute_t,
00323 union rsbac_attribute_value_t,
00324 rsbac_uid_t);
00325
00326 extern int rsbac_adf_set_attr_jail(enum rsbac_adf_request_t,
00327 rsbac_pid_t,
00328 enum rsbac_target_t,
00329 union rsbac_target_id_t,
00330 enum rsbac_target_t,
00331 union rsbac_target_id_t,
00332 enum rsbac_attribute_t,
00333 union rsbac_attribute_value_t,
00334 rsbac_uid_t);
00335
00336 #endif
00337
00338
00339
00340 #ifdef CONFIG_RSBAC_PAX
00341 #ifdef CONFIG_RSBAC_SWITCH_PAX
00342 extern rsbac_boolean_t rsbac_switch_pax;
00343 #endif
00344
00345 extern enum rsbac_adf_req_ret_t rsbac_adf_request_pax(
00346 enum rsbac_adf_request_t,
00347 rsbac_pid_t,
00348 enum rsbac_target_t,
00349 union rsbac_target_id_t,
00350 enum rsbac_attribute_t,
00351 union rsbac_attribute_value_t,
00352 rsbac_uid_t);
00353
00354 extern int rsbac_adf_set_attr_pax( enum rsbac_adf_request_t,
00355 rsbac_pid_t,
00356 enum rsbac_target_t,
00357 union rsbac_target_id_t,
00358 enum rsbac_target_t,
00359 union rsbac_target_id_t,
00360 enum rsbac_attribute_t,
00361 union rsbac_attribute_value_t,
00362 rsbac_uid_t);
00363
00364 #endif
00365
00366
00367
00368
00369 #ifdef CONFIG_RSBAC_RES
00370 #ifdef CONFIG_RSBAC_SWITCH_RES
00371 extern rsbac_boolean_t rsbac_switch_res;
00372 #endif
00373
00374 extern enum rsbac_adf_req_ret_t rsbac_adf_request_res(
00375 enum rsbac_adf_request_t,
00376 rsbac_pid_t,
00377 enum rsbac_target_t,
00378 union rsbac_target_id_t,
00379 enum rsbac_attribute_t,
00380 union rsbac_attribute_value_t,
00381 rsbac_uid_t);
00382
00383 extern int rsbac_adf_set_attr_res (enum rsbac_adf_request_t,
00384 rsbac_pid_t,
00385 enum rsbac_target_t,
00386 union rsbac_target_id_t,
00387 enum rsbac_target_t,
00388 union rsbac_target_id_t,
00389 enum rsbac_attribute_t,
00390 union rsbac_attribute_value_t,
00391 rsbac_uid_t);
00392
00393 #ifdef CONFIG_RSBAC_SECDEL
00394 extern inline rsbac_boolean_t rsbac_need_overwrite_res(struct dentry * dentry_p)
00395 {
00396 return FALSE;
00397 }
00398 #endif
00399 #endif
00400
00401
00402
00403 #if defined(CONFIG_RSBAC_REG)
00404 extern enum rsbac_adf_req_ret_t rsbac_adf_request_reg(
00405 enum rsbac_adf_request_t,
00406 rsbac_pid_t,
00407 enum rsbac_target_t,
00408 union rsbac_target_id_t,
00409 enum rsbac_attribute_t,
00410 union rsbac_attribute_value_t,
00411 rsbac_uid_t);
00412
00413 extern int rsbac_adf_set_attr_reg (enum rsbac_adf_request_t,
00414 rsbac_pid_t,
00415 enum rsbac_target_t,
00416 union rsbac_target_id_t,
00417 enum rsbac_target_t,
00418 union rsbac_target_id_t,
00419 enum rsbac_attribute_t,
00420 union rsbac_attribute_value_t,
00421 rsbac_uid_t);
00422
00423 #ifdef CONFIG_RSBAC_SECDEL
00424 extern inline rsbac_boolean_t rsbac_need_overwrite_reg(struct dentry * dentry_p)
00425 {
00426 return FALSE;
00427 }
00428 #endif
00429 #endif
00430
00431 #endif
00432
00433 #if defined(CONFIG_RSBAC_REG) || defined(CONFIG_RSBAC_REG_MAINT)
00434
00435 #ifdef CONFIG_RSBAC_INIT_DELAY
00436 void rsbac_reg_init(void);
00437 #else
00438 void rsbac_reg_init(void) __init;
00439 #endif
00440
00441
00442 extern int rsbac_mount_reg(kdev_t kdev);
00443 extern int rsbac_umount_reg(kdev_t kdev);
00444
00445
00446
00447
00448 #if defined(CONFIG_RSBAC_AUTO_WRITE)
00449 extern int rsbac_write_reg(rsbac_boolean_t);
00450 #endif
00451
00452
00453 extern int rsbac_check_reg(int correct, int check_inode);
00454
00455 #endif
00456
00457 #endif
