#include <linux/config.h>#include <linux/module.h>#include <linux/types.h>#include <linux/kernel.h>#include <linux/string.h>#include <linux/sched.h>#include <linux/smp.h>#include <linux/smp_lock.h>#include <linux/fs.h>#include <asm/uaccess.h>#include <rsbac/types.h>#include <rsbac/reg.h>#include <rsbac/adf.h>#include <rsbac/aci.h>#include <rsbac/aci_data_structures.h>#include <rsbac/getname.h>#include <rsbac/error.h>#include <rsbac/proc_fs.h>Go to the source code of this file.
Defines | |
| #define | FILENAME "regsmp2" |
| #define | FILE_VERSION 1 |
Functions | |
| MODULE_AUTHOR ("Amon Ott") | |
| MODULE_DESCRIPTION ("RSBAC REG sample decision module 2") | |
| MODULE_PARM (name,"s") | |
| MODULE_PARM (syscall_name,"s") | |
| MODULE_PARM (handle,"l") | |
| MODULE_PARM (syscall_registration_handle,"l") | |
| MODULE_PARM (syscall_dispatcher_handle,"l") | |
| static int | read_info (void) |
| static int | write_info (void) |
| static int | request_func (enum rsbac_adf_request_t request, rsbac_pid_t owner_pid, enum rsbac_target_t target, union rsbac_target_id_t tid, enum rsbac_attribute_t attr, union rsbac_attribute_value_t attr_val, rsbac_uid_t owner) |
| static int | set_attr_func (enum rsbac_adf_request_t request, rsbac_pid_t owner_pid, enum rsbac_target_t target, union rsbac_target_id_t tid, enum rsbac_target_t new_target, union rsbac_target_id_t new_tid, enum rsbac_attribute_t attr, union rsbac_attribute_value_t attr_val, rsbac_uid_t owner) |
| static rsbac_boolean_t | need_overwrite_func (struct dentry *dentry_p) |
| static int | write_func (rsbac_boolean_t need_lock) |
| static int | syscall_func (void *arg) |
| int | init_module (void) |
| void | cleanup_module (void) |
Variables | |
| static u_long | nr_request_calls = 0 |
| static u_long | nr_set_attr_calls = 0 |
| static u_long | nr_need_overwrite_calls = 0 |
| static rsbac_boolean_t | no_write = FALSE |
| static u_long | nr_system_calls = 0 |
| static void * | system_call_arg = 0 |
| static char * | name = NULL |
| static char | dummy_buf [70] = "To protect against wrong insmod params" |
| static char * | syscall_name = NULL |
| static char | dummy_buf2 [70] = "To protect against wrong insmod params" |
| static long | handle = 123457 |
| static long | syscall_registration_handle = 754321 |
| static long | syscall_dispatcher_handle = 2 |
|
|
Definition at line 61 of file reg_sample2.c. Referenced by read_info(), and write_info(). |
|
|
Definition at line 58 of file reg_sample2.c. Referenced by init_module(), read_info(), and write_info(). |
|
|
Definition at line 544 of file reg_sample2.c. References handle, proc_rsbac_root_p, rsbac_printk(), rsbac_reg_unregister(), rsbac_reg_unregister_syscall(), syscall_registration_handle, and write_info(). 00545 {
00546 rsbac_printk(KERN_INFO "RSBAC REG decision module sample 2: Unregistering.\n");
00547 #if defined(CONFIG_RSBAC_PROC)
00548 remove_proc_entry(PROC_NAME, proc_rsbac_root_p);
00549 #endif
00550 if(write_info())
00551 {
00552 rsbac_printk(KERN_WARNING
00553 "RSBAC REG decision module sample 2: Could not save info for next session.\n");
00554 }
00555 if(rsbac_reg_unregister_syscall(syscall_registration_handle))
00556 {
00557 rsbac_printk(KERN_ERR "RSBAC REG decision module sample 2: Unregistering syscall failed - beware of possible system failure!\n");
00558 }
00559 if(rsbac_reg_unregister(handle))
00560 {
00561 rsbac_printk(KERN_ERR "RSBAC REG decision module sample 2: Unregistering module failed - beware of possible system failure!\n");
00562 }
00563 rsbac_printk(KERN_INFO "RSBAC REG decision module sample 2: Unloaded.\n");
00564 }
|
|
|
Definition at line 440 of file reg_sample2.c. References dummy_buf, dummy_buf2, handle, name, need_overwrite_func(), proc_rsbac_root_p, read_info(), request_func(), rsbac_printk(), RSBAC_REG_NAME_LEN, rsbac_reg_register(), rsbac_reg_register_syscall(), rsbac_reg_unregister(), rsbac_reg_unregister_syscall(), RSBAC_REG_VERSION, set_attr_func(), syscall_dispatcher_handle, syscall_func(), syscall_name, syscall_registration_handle, TRUE, and write_func(). 00441 {
00442 struct rsbac_reg_entry_t entry;
00443 struct rsbac_reg_syscall_entry_t syscall_entry;
00444
00445 if(!handle)
00446 handle = 123457;
00447 if(!syscall_registration_handle)
00448 syscall_registration_handle = 754321;
00449 if(!syscall_dispatcher_handle)
00450 syscall_dispatcher_handle = 2;
00451
00452 rsbac_printk(KERN_INFO "RSBAC REG decision module sample 2: Initializing.\n");
00453
00454 /* clearing registration entries */
00455 memset(&entry, 0, sizeof(entry));
00456 memset(&syscall_entry, 0, sizeof(syscall_entry));
00457
00458 if((dummy_buf[0] != 'T') || (dummy_buf2[0] != 'T'))
00459 {
00460 rsbac_printk(KERN_WARNING "RSBAC REG decision module sample 2: Not loaded due to invalid param string.\n");
00461 return -ENOEXEC;
00462 }
00463 if(name)
00464 {
00465 strncpy(entry.name, name, RSBAC_REG_NAME_LEN);
00466 entry.name[RSBAC_REG_NAME_LEN] = 0;
00467 }
00468 else
00469 strcpy(entry.name, "RSBAC REG sample 2 ADF module");
00470 rsbac_printk(KERN_INFO "RSBAC REG decision module sample 2: REG Version: %u, Name: %s, Handle: %li\n",
00471 RSBAC_REG_VERSION, entry.name, handle);
00472
00473 entry.handle = handle;
00474 entry.request_func = request_func;
00475 entry.set_attr_func = set_attr_func;
00476 entry.need_overwrite_func = need_overwrite_func;
00477 entry.write_func = write_func;
00478 entry.switch_on = TRUE;
00479
00480 rsbac_printk(KERN_INFO "RSBAC REG decision module sample 2: Registering to ADF.\n");
00481 if(rsbac_reg_register(RSBAC_REG_VERSION, entry) < 0)
00482 {
00483 rsbac_printk(KERN_WARNING "RSBAC REG decision module sample 2: Registering failed. Unloading.\n");
00484 return -ENOEXEC;
00485 }
00486
00487 if(syscall_name)
00488 {
00489 strncpy(syscall_entry.name, syscall_name, RSBAC_REG_NAME_LEN);
00490 syscall_entry.name[RSBAC_REG_NAME_LEN] = 0;
00491 }
00492 else
00493 strcpy(syscall_entry.name, "RSBAC REG sample 2 syscall");
00494 rsbac_printk(KERN_INFO "RSBAC REG decision module sample 2: REG Version: %u, Name: %s, Dispatcher Handle: %li\n",
00495 RSBAC_REG_VERSION, syscall_entry.name, syscall_dispatcher_handle);
00496
00497 syscall_entry.registration_handle = syscall_registration_handle;
00498 syscall_entry.dispatcher_handle = syscall_dispatcher_handle;
00499 syscall_entry.syscall_func = syscall_func;
00500
00501 rsbac_printk(KERN_INFO "RSBAC REG decision module sample 2: Registering syscall.\n");
00502 syscall_registration_handle = rsbac_reg_register_syscall(RSBAC_REG_VERSION, syscall_entry);
00503 if(syscall_registration_handle < 0)
00504 {
00505 rsbac_printk(KERN_WARNING "RSBAC REG decision module sample 2: Registering syscall failed. Unloading.\n");
00506 if(rsbac_reg_unregister(handle))
00507 {
00508 rsbac_printk(KERN_ERR "RSBAC REG decision module sample 2: Unregistering failed - beware of possible system failure!\n");
00509 }
00510 return -ENOEXEC;
00511 }
00512
00513 if(read_info())
00514 {
00515 rsbac_printk(KERN_WARNING
00516 "RSBAC REG decision module sample 2: Could not read info from previous session.\n");
00517 }
00518
00519 #if defined(CONFIG_RSBAC_PROC)
00520 proc_reg_sample_p = create_proc_entry(PROC_NAME,
00521 S_IFREG | S_IRUGO,
00522 proc_rsbac_root_p);
00523 if(!proc_reg_sample_p)
00524 {
00525 rsbac_printk(KERN_WARNING "%s: Not loaded due to failed proc entry registering.\n", name);
00526 if(rsbac_reg_unregister_syscall(syscall_registration_handle))
00527 {
00528 rsbac_printk(KERN_ERR "RSBAC REG decision module sample 2: Unregistering syscall failed - beware of possible system failure!\n");
00529 }
00530 if(rsbac_reg_unregister(handle))
00531 {
00532 rsbac_printk(KERN_ERR "RSBAC REG decision module sample 2: Unregistering from ADF failed - beware of possible system failure!\n");
00533 }
00534 return -ENOEXEC;
00535 }
00536 proc_reg_sample_p->get_info = adf_sample_proc_info;
00537 #endif
00538
00539 rsbac_printk(KERN_INFO "RSBAC REG decision module sample 2: Loaded.\n");
00540
00541 return 0;
00542 }
|
|
|
|
|
|
|
|
||||||||||||
|
|
|
||||||||||||
|
|
|
||||||||||||
|
|
|
||||||||||||
|
|
|
||||||||||||
|
|
|
|
Definition at line 409 of file reg_sample2.c. References FALSE, and nr_need_overwrite_calls. 00410 {
00411 nr_need_overwrite_calls++;
00412 return FALSE;
00413 }
|
|
|
Definition at line 170 of file reg_sample2.c. References FILE_VERSION, FILENAME, name, no_write, nr_need_overwrite_calls, nr_request_calls, nr_set_attr_calls, RSBAC_EREADFAILED, RSBAC_MAXNAMELEN, rsbac_printk(), rsbac_read_close(), rsbac_read_open(), rsbac_root_dev, and TRUE. Referenced by init_module(). 00171 {
00172 struct file file;
00173 char name[RSBAC_MAXNAMELEN];
00174 int err = 0;
00175 int tmperr;
00176 mm_segment_t oldfs;
00177 u_int version;
00178 u_long tmpval;
00179
00180 /* copy name from base name */
00181 strcpy(name, FILENAME);
00182
00183 /* open file */
00184 if ((err = rsbac_read_open(name,
00185 &file,
00186 rsbac_root_dev) ))
00187 return(err);
00188
00189 /* OK, now we can start reading */
00190
00191 /* There is a read function for this file, so read data from
00192 * previous module load.
00193 * A positive read return value means a read success,
00194 * 0 end of file and a negative value an error.
00195 */
00196
00197 /* Set current user space to kernel space, because read() writes */
00198 /* to user space */
00199 oldfs = get_fs();
00200 set_fs(KERNEL_DS);
00201
00202 tmperr = file.f_op->read(&file,
00203 (char *) &version,
00204 sizeof(version),
00205 &file.f_pos);
00206 /* error? */
00207 if (tmperr < sizeof(version))
00208 {
00209 rsbac_printk(KERN_WARNING
00210 "read_info(): read error from file!\n");
00211 err = -RSBAC_EREADFAILED;
00212 goto end_read;
00213 }
00214 /* if wrong version, warn and skip */
00215 if (version != FILE_VERSION)
00216 {
00217 rsbac_printk(KERN_WARNING
00218 "read_info(): wrong version %u, expected %u - skipping file and setting no_write!\n",
00219 version, FILE_VERSION);
00220 no_write = TRUE;
00221 err = -RSBAC_EREADFAILED;
00222 goto end_read;
00223 }
00224
00225 /* read nr_request_calls */
00226 tmperr = file.f_op->read(&file,
00227 (char *) &tmpval,
00228 sizeof(tmpval),
00229 &file.f_pos);
00230 if (tmperr < sizeof(tmpval))
00231 {
00232 rsbac_printk(KERN_WARNING "%s\n",
00233 "read_info(): read error from file!");
00234 err = -RSBAC_EREADFAILED;
00235 goto end_read;
00236 }
00237 nr_request_calls = tmpval;
00238
00239 /* read nr_set_attr_calls */
00240 tmperr = file.f_op->read(&file,
00241 (char *) &tmpval,
00242 sizeof(tmpval),
00243 &file.f_pos);
00244 if (tmperr < sizeof(tmpval))
00245 {
00246 rsbac_printk(KERN_WARNING "%s\n",
00247 "read_info(): read error from file!");
00248 err = -RSBAC_EREADFAILED;
00249 goto end_read;
00250 }
00251 nr_set_attr_calls = tmpval;
00252
00253 /* read nr_need_overwrite_calls */
00254 tmperr = file.f_op->read(&file,
00255 (char *) &tmpval,
00256 sizeof(tmpval),
00257 &file.f_pos);
00258 if (tmperr < sizeof(tmpval))
00259 {
00260 rsbac_printk(KERN_WARNING "%s\n",
00261 "read_info(): read error from file!");
00262 err = -RSBAC_EREADFAILED;
00263 goto end_read;
00264 }
00265 nr_need_overwrite_calls = tmpval;
00266
00267 end_read:
00268 /* Set current user space back to user space, because read() writes */
00269 /* to user space */
00270 set_fs(oldfs);
00271
00272 /* We do not need this file dentry any more */
00273 rsbac_read_close(&file);
00274
00275 /* ready */
00276 return(err);
00277 }; /* end of read_info() */
|
|
||||||||||||||||||||||||||||||||
|
Definition at line 379 of file reg_sample2.c. References GRANTED, nr_request_calls, and R_SEARCH. 00386 {
00387 /* count call, but not for SEARCH request */
00388 if(request != R_SEARCH)
00389 nr_request_calls++;
00390 return GRANTED;
00391 }
|
|
||||||||||||||||||||||||||||||||||||||||
|
Definition at line 393 of file reg_sample2.c. References nr_set_attr_calls, and R_SEARCH. 00402 {
00403 /* count call, but not for SEARCH request */
00404 if(request != R_SEARCH)
00405 nr_set_attr_calls++;
00406 return 0;
00407 }
|
|
|
Definition at line 431 of file reg_sample2.c. References nr_system_calls, and system_call_arg. 00432 {
00433 nr_system_calls++;
00434 system_call_arg = arg;
00435 return nr_system_calls;
00436 }
|
|
|
Definition at line 415 of file reg_sample2.c. References write_info(). Referenced by init_module(). 00416 {
00417 int res=0;
00418
00419 if(need_lock)
00420 lock_kernel();
00421
00422 if(!write_info())
00423 res = 1;
00424
00425 if(need_lock)
00426 unlock_kernel();
00427
00428 return(res);
00429 }
|
|
|
Definition at line 279 of file reg_sample2.c. References FILE_VERSION, FILENAME, name, nr_need_overwrite_calls, nr_request_calls, nr_set_attr_calls, RSBAC_EWRITEFAILED, RSBAC_MAXNAMELEN, rsbac_printk(), rsbac_root_dev, rsbac_write_close(), rsbac_write_open(), and rsbac_write_sem. Referenced by cleanup_module(), and write_func(). 00280 {
00281 struct file file;
00282 char name[RSBAC_MAXNAMELEN];
00283 int err = 0;
00284 int tmperr;
00285 mm_segment_t oldfs;
00286 u_int version = FILE_VERSION;
00287
00288 /* copy name from base name */
00289 strcpy(name, FILENAME);
00290
00291 /* get rsbac write-to-disk semaphore */
00292 down(&rsbac_write_sem);
00293
00294 /* open file */
00295 if ((err = rsbac_write_open(name,
00296 &file,
00297 rsbac_root_dev) ))
00298 {
00299 up(&rsbac_write_sem);
00300 return(err);
00301 }
00302
00303 /* OK, now we can start writing all sample items.
00304 * A positive return value means a write success,
00305 * 0 end of file and a negative value an error.
00306 */
00307
00308 /* Set current user space to kernel space, because write() reads
00309 * from user space */
00310 oldfs = get_fs();
00311 set_fs(KERNEL_DS);
00312
00313 tmperr = file.f_op->write(&file,
00314 (char *) &version,
00315 sizeof(version),
00316 &file.f_pos);
00317 if (tmperr < sizeof(version))
00318 {
00319 rsbac_printk(KERN_WARNING
00320 "write_info(): write error %i on file!\n",
00321 tmperr);
00322 err = -RSBAC_EWRITEFAILED;
00323 goto end_write;
00324 }
00325
00326 tmperr = file.f_op->write(&file,
00327 (char *) &nr_request_calls,
00328 sizeof(nr_request_calls),
00329 &file.f_pos);
00330 if (tmperr < sizeof(nr_request_calls))
00331 {
00332 rsbac_printk(KERN_WARNING
00333 "write_info(): write error %i on file!\n",
00334 tmperr);
00335 err = -RSBAC_EWRITEFAILED;
00336 goto end_write;
00337 }
00338
00339 tmperr = file.f_op->write(&file,
00340 (char *) &nr_set_attr_calls,
00341 sizeof(nr_set_attr_calls),
00342 &file.f_pos);
00343 if (tmperr < sizeof(nr_set_attr_calls))
00344 {
00345 rsbac_printk(KERN_WARNING
00346 "write_info(): write error %i on file!\n",
00347 tmperr);
00348 err = -RSBAC_EWRITEFAILED;
00349 goto end_write;
00350 }
00351
00352 tmperr = file.f_op->write(&file,
00353 (char *) &nr_need_overwrite_calls,
00354 sizeof(nr_need_overwrite_calls),
00355 &file.f_pos);
00356 if (tmperr < sizeof(nr_need_overwrite_calls))
00357 {
00358 rsbac_printk(KERN_WARNING
00359 "write_info(): write error %i on file!\n",
00360 tmperr);
00361 err = -RSBAC_EWRITEFAILED;
00362 goto end_write;
00363 }
00364
00365 end_write:
00366 /* Set current user space back to user space, because write() reads */
00367 /* from user space */
00368 set_fs(oldfs);
00369
00370 /* End of write access */
00371 rsbac_write_close(&file);
00372 up(&rsbac_write_sem);
00373 return(err);
00374 }; /* end of write_info() */
|
|
|
Definition at line 43 of file reg_sample2.c. |
|
|
Definition at line 47 of file reg_sample2.c. |
|
|
Definition at line 50 of file reg_sample2.c. |
|
|
Definition at line 42 of file reg_sample2.c. |
|
|
Definition at line 34 of file reg_sample2.c. Referenced by read_info(). |
|
|
Definition at line 33 of file reg_sample2.c. |
|
|
Definition at line 31 of file reg_sample2.c. |
|
|
Definition at line 32 of file reg_sample2.c. |
|
|
Definition at line 35 of file reg_sample2.c. |
|
|
Definition at line 55 of file reg_sample2.c. |
|
|
Definition at line 46 of file reg_sample2.c. |
|
|
Definition at line 53 of file reg_sample2.c. |
|
|
Definition at line 36 of file reg_sample2.c. |
1.4.2