00001
00002
00003
00004
00005
00006
00007
#include <linux/config.h>
00008
#include <linux/module.h>
00009
#include <linux/types.h>
00010
#include <linux/kernel.h>
00011
#include <linux/string.h>
00012
#include <linux/fs.h>
00013
#include <rsbac/types.h>
00014
#include <rsbac/reg.h>
00015
#include <rsbac/adf.h>
00016
#include <rsbac/aci.h>
00017
#include <rsbac/getname.h>
00018
#include <rsbac/error.h>
00019
#include <rsbac/proc_fs.h>
00020
#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,0)
00021
#include <linux/namei.h>
00022
#endif
00023
00024
MODULE_AUTHOR(
"Michal Purzynski");
00025
MODULE_DESCRIPTION(
"RSBAC REG modules_off decision module");
00026
MODULE_LICENSE(
"GPL");
00027
00028 static long handle = 9999991;
00029
00030 static rsbac_inode_nr_t inode_nr = 0;
00031 static kdev_t
device_nr = 0;
00032
00033
00034
00035 static int request_func (
enum rsbac_adf_request_t request,
00036
rsbac_pid_t owner_pid,
00037
enum rsbac_target_t target,
00038
union rsbac_target_id_t tid,
00039
enum rsbac_attribute_t attr,
00040
union rsbac_attribute_value_t attr_val,
00041
rsbac_uid_t owner)
00042 {
00043
switch (request) {
00044
case R_ADD_TO_KERNEL:
00045
case R_REMOVE_FROM_KERNEL:
00046
return NOT_GRANTED;
00047
case R_GET_STATUS_DATA:
00048
switch (target) {
00049
case T_FILE:
00050
if (tid.file.device ==
device_nr && tid.file.inode ==
inode_nr)
00051
return NOT_GRANTED;
00052
default:
00053
return DO_NOT_CARE;
00054 }
00055
default:
00056
return DO_NOT_CARE;
00057 }
00058 }
00059
00060
00061
00062 int init_module(
void)
00063 {
00064
00065
struct rsbac_reg_entry_t entry;
00066
struct nameidata nd;
00067
00068 path_lookup(
"/proc/modules", 0, &nd);
00069
device_nr = nd.dentry->d_sb->s_dev;
00070
inode_nr = nd.dentry->d_inode->i_ino;
00071 path_release(&nd);
00072
00073 printk(KERN_INFO
"RSBAC REG decision module modules_off: Initializing.\n");
00074
00075
00076 memset(&entry, 0,
sizeof(entry));
00077
00078 strcpy(entry.name,
"RSBAC REG modules_off ADF module");
00079 printk(KERN_INFO
"RSBAC REG decision module modules_off: REG Version: %u, \
00080
Name: %s, Handle: %li\n",
RSBAC_REG_VERSION, entry.name,
handle);
00081
00082 entry.handle =
handle;
00083 entry.request_func =
request_func;
00084 entry.switch_on =
TRUE;
00085
00086 printk(KERN_INFO
"RSBAC REG decision module modules_off: Registering to ADF.\n");
00087
00088
if(
rsbac_reg_register(
RSBAC_REG_VERSION, entry) < 0)
00089 {
00090 printk(KERN_WARNING
"RSBAC REG decision module sample 1: Registering failed. Unloading.\n");
00091
return -ENOEXEC;
00092 }
00093
00094 printk(KERN_INFO
"RSBAC REG decision module modules_off: Loaded.\n");
00095
00096
return 0;
00097 }
00098
00099 void cleanup_module(
void)
00100 {
00101 printk(KERN_INFO
"RSBAC REG decision module modules_off: Unregistering.\n");
00102
00103
if(
rsbac_reg_unregister(
handle))
00104 {
00105 printk(KERN_ERR
"RSBAC REG decision module modules_off: Unregistering failed \
00106
- beware of possible system failure!\n");
00107 }
00108
00109 printk(KERN_INFO
"RSBAC REG decision module modules_off: Unloaded.\n");
00110 }
00111