00001
00002
00003
00004
00005
00006
00007
00008
00009
#ifndef __RSBAC_PM_TICKET_H
00010
#define __RSBAC_PM_TICKET_H
00011
00012
#include <linux/types.h>
00013
00014 enum rsbac_pm_tkt_function_type_t {
00015
PTF_add_na,
PTF_delete_na,
PTF_add_task,
00016
PTF_delete_task,
PTF_add_object_class,
00017
PTF_delete_object_class,
00018
PTF_add_authorized_tp,
00019
PTF_delete_authorized_tp,
00020
PTF_add_consent,
PTF_delete_consent,
00021
PTF_add_purpose,
PTF_delete_purpose,
00022
PTF_add_responsible_user,
00023
PTF_delete_responsible_user,
00024
PTF_delete_user_aci,
00025
PTF_set_role,
00026
PTF_set_object_class,
00027
PTF_switch_pm,
00028
PTF_switch_auth,
00029
PTF_set_device_object_type,
00030
PTF_set_auth_may_setuid,
00031
PTF_set_auth_may_set_cap,
00032
00033
PTF_add_authorized_task,
00034
PTF_delete_authorized_task,
00035
00036
PTF_none};
00037
00038 struct rsbac_pm_add_na_t
00039 {
00040 rsbac_pm_task_id_t task;
00041 rsbac_pm_object_class_id_t object_class;
00042 rsbac_pm_tp_id_t tp;
00043 rsbac_pm_accesses_t accesses;
00044 };
00045
00046 struct rsbac_pm_delete_na_t
00047 {
00048 rsbac_pm_task_id_t task;
00049 rsbac_pm_object_class_id_t object_class;
00050 rsbac_pm_tp_id_t tp;
00051 rsbac_pm_accesses_t accesses;
00052 };
00053
00054 struct rsbac_pm_add_task_t
00055 {
00056 rsbac_pm_task_id_t id;
00057 rsbac_pm_purpose_id_t purpose;
00058 };
00059
00060 struct rsbac_pm_delete_task_t
00061 {
00062 rsbac_pm_task_id_t id;
00063 };
00064
00065
#ifdef __KERNEL__
00066
struct rsbac_pm_tkt_add_object_class_t
00067 {
00068
rsbac_pm_object_class_id_t id;
00069
rsbac_pm_pp_set_id_t pp_set;
00070 };
00071
#endif
00072
00073 struct rsbac_pm_add_object_class_t
00074 {
00075 rsbac_pm_object_class_id_t id;
00076 struct rsbac_pm_purpose_list_item_t *
pp_list_p;
00077 };
00078
00079 struct rsbac_pm_delete_object_class_t
00080 {
00081 rsbac_pm_object_class_id_t id;
00082 };
00083
00084 struct rsbac_pm_add_authorized_tp_t
00085 {
00086 rsbac_pm_task_id_t task;
00087 rsbac_pm_tp_id_t tp;
00088 };
00089
00090 struct rsbac_pm_delete_authorized_tp_t
00091 {
00092 rsbac_pm_task_id_t task;
00093 rsbac_pm_tp_id_t tp;
00094 };
00095
00096
#ifdef __KERNEL__
00097
struct rsbac_pm_tkt_add_consent_t
00098 {
00099
struct rsbac_fs_file_t file;
00100
rsbac_pm_purpose_id_t purpose;
00101 };
00102
#endif
00103
00104 struct rsbac_pm_add_consent_t
00105 {
00106 char *
filename;
00107 rsbac_pm_purpose_id_t purpose;
00108 };
00109
00110
#ifdef __KERNEL__
00111
struct rsbac_pm_tkt_delete_consent_t
00112 {
00113
struct rsbac_fs_file_t file;
00114
rsbac_pm_purpose_id_t purpose;
00115 };
00116
#endif
00117
00118 struct rsbac_pm_delete_consent_t
00119 {
00120 char *
filename;
00121 rsbac_pm_purpose_id_t purpose;
00122 };
00123
00124 struct rsbac_pm_add_purpose_t
00125 {
00126 rsbac_pm_purpose_id_t id;
00127 rsbac_pm_object_class_id_t def_class;
00128 };
00129
00130 struct rsbac_pm_delete_purpose_t
00131 {
00132 rsbac_pm_purpose_id_t id;
00133 };
00134
00135 struct rsbac_pm_add_responsible_user_t
00136 {
00137 rsbac_uid_t user;
00138 rsbac_pm_task_id_t task;
00139 };
00140
00141 struct rsbac_pm_delete_responsible_user_t
00142 {
00143 rsbac_uid_t user;
00144 rsbac_pm_task_id_t task;
00145 };
00146
00147 struct rsbac_pm_delete_user_aci_t
00148 {
00149 rsbac_uid_t id;
00150 };
00151
00152 struct rsbac_pm_set_role_t
00153 {
00154 rsbac_uid_t user;
00155 enum rsbac_pm_role_t role;
00156 };
00157
00158
#ifdef __KERNEL__
00159
struct rsbac_pm_tkt_set_object_class_t
00160 {
00161
struct rsbac_fs_file_t file;
00162
rsbac_pm_object_class_id_t object_class;
00163 };
00164
#endif
00165
00166 struct rsbac_pm_set_object_class_t
00167 {
00168 char *
filename;
00169 rsbac_pm_object_class_id_t object_class;
00170 };
00171
00172 struct rsbac_pm_switch_pm_t
00173 {
00174 boolean value;
00175 };
00176
00177 struct rsbac_pm_switch_auth_t
00178 {
00179 boolean value;
00180 };
00181
00182
#ifdef __KERNEL__
00183
struct rsbac_pm_tkt_set_device_object_type_t
00184 {
00185
struct rsbac_dev_t dev;
00186
enum rsbac_pm_object_type_t object_type;
00187
rsbac_pm_object_class_id_t object_class;
00188 };
00189
#endif
00190
00191 struct rsbac_pm_set_device_object_type_t
00192 {
00193 char *
filename;
00194 enum rsbac_pm_object_type_t object_type;
00195 rsbac_pm_object_class_id_t object_class;
00196 };
00197
00198
#ifdef __KERNEL__
00199
struct rsbac_pm_tkt_set_auth_may_setuid_t
00200 {
00201
struct rsbac_fs_file_t file;
00202
boolean value;
00203 };
00204
#endif
00205
00206 struct rsbac_pm_set_auth_may_setuid_t
00207 {
00208 char *
filename;
00209 boolean value;
00210 };
00211
00212
#ifdef __KERNEL__
00213
struct rsbac_pm_tkt_set_auth_may_set_cap_t
00214 {
00215
struct rsbac_fs_file_t file;
00216
boolean value;
00217 };
00218
#endif
00219
00220 struct rsbac_pm_set_auth_may_set_cap_t
00221 {
00222 char *
filename;
00223 boolean value;
00224 };
00225
00226
00227
00228 struct rsbac_pm_add_authorized_task_t
00229 {
00230 rsbac_uid_t user;
00231 rsbac_pm_task_id_t task;
00232 };
00233
00234 struct rsbac_pm_delete_authorized_task_t
00235 {
00236 rsbac_uid_t user;
00237 rsbac_pm_task_id_t task;
00238 };
00239
00240
00241
00242 struct rsbac_pm_create_tp_t
00243 {
00244 rsbac_pm_tp_id_t id;
00245 };
00246
00247 struct rsbac_pm_delete_tp_t
00248 {
00249 rsbac_pm_tp_id_t id;
00250 };
00251
00252 struct rsbac_pm_set_tp_t
00253 {
00254 char *
filename;
00255 rsbac_pm_tp_id_t tp;
00256 };
00257
00258
00259
00260
#ifdef __KERNEL__
00261
union rsbac_pm_tkt_internal_function_param_t
00262 {
00263
struct rsbac_pm_add_na_t add_na;
00264
struct rsbac_pm_delete_na_t delete_na;
00265
struct rsbac_pm_add_task_t add_task;
00266
struct rsbac_pm_delete_task_t delete_task;
00267
struct rsbac_pm_tkt_add_object_class_t tkt_add_object_class;
00268
struct rsbac_pm_delete_object_class_t delete_object_class;
00269
struct rsbac_pm_add_authorized_tp_t add_authorized_tp;
00270
struct rsbac_pm_delete_authorized_tp_t delete_authorized_tp;
00271
struct rsbac_pm_tkt_add_consent_t tkt_add_consent;
00272
struct rsbac_pm_tkt_delete_consent_t tkt_delete_consent;
00273
struct rsbac_pm_add_purpose_t add_purpose;
00274
struct rsbac_pm_delete_purpose_t delete_purpose;
00275
struct rsbac_pm_add_responsible_user_t add_responsible_user;
00276
struct rsbac_pm_delete_responsible_user_t delete_responsible_user;
00277
struct rsbac_pm_delete_user_aci_t delete_user_aci;
00278
struct rsbac_pm_set_role_t set_role;
00279
struct rsbac_pm_tkt_set_object_class_t tkt_set_object_class;
00280
struct rsbac_pm_switch_pm_t switch_pm;
00281
struct rsbac_pm_switch_pm_t switch_auth;
00282
struct rsbac_pm_tkt_set_device_object_type_t tkt_set_device_object_type;
00283
struct rsbac_pm_tkt_set_auth_may_setuid_t tkt_set_auth_may_setuid;
00284
struct rsbac_pm_tkt_set_auth_may_set_cap_t tkt_set_auth_may_set_cap;
00285
struct rsbac_pm_add_authorized_task_t add_authorized_task;
00286
struct rsbac_pm_delete_authorized_task_t delete_authorized_task;
00287
int dummy;
00288 };
00289
#endif
00290
00291 union rsbac_pm_tkt_function_param_t
00292 {
00293 struct rsbac_pm_add_na_t add_na;
00294 struct rsbac_pm_delete_na_t delete_na;
00295 struct rsbac_pm_add_task_t add_task;
00296 struct rsbac_pm_delete_task_t delete_task;
00297 struct rsbac_pm_add_object_class_t add_object_class;
00298 struct rsbac_pm_delete_object_class_t delete_object_class;
00299 struct rsbac_pm_add_authorized_tp_t add_authorized_tp;
00300 struct rsbac_pm_delete_authorized_tp_t delete_authorized_tp;
00301 struct rsbac_pm_add_consent_t add_consent;
00302 struct rsbac_pm_delete_consent_t delete_consent;
00303 struct rsbac_pm_add_purpose_t add_purpose;
00304 struct rsbac_pm_delete_purpose_t delete_purpose;
00305 struct rsbac_pm_add_responsible_user_t add_responsible_user;
00306 struct rsbac_pm_delete_responsible_user_t delete_responsible_user;
00307 struct rsbac_pm_delete_user_aci_t delete_user_aci;
00308 struct rsbac_pm_set_role_t set_role;
00309 struct rsbac_pm_set_object_class_t set_object_class;
00310 struct rsbac_pm_switch_pm_t switch_pm;
00311 struct rsbac_pm_switch_pm_t switch_auth;
00312 struct rsbac_pm_set_device_object_type_t set_device_object_type;
00313 struct rsbac_pm_set_auth_may_setuid_t set_auth_may_setuid;
00314 struct rsbac_pm_set_auth_may_set_cap_t set_auth_may_set_cap;
00315 struct rsbac_pm_add_authorized_task_t add_authorized_task;
00316 struct rsbac_pm_delete_authorized_task_t delete_authorized_task;
00317 int dummy;
00318 };
00319
00320
00321
00322 enum rsbac_pm_function_type_t {
00323
00324
PF_add_na,
PF_delete_na,
PF_add_task,
00325
PF_delete_task,
PF_add_object_class,
00326
PF_delete_object_class,
00327
PF_add_authorized_tp,
00328
PF_delete_authorized_tp,
00329
PF_add_consent,
PF_delete_consent,
00330
PF_add_purpose,
PF_delete_purpose,
00331
PF_add_responsible_user,
00332
PF_delete_responsible_user,
00333
PF_delete_user_aci,
00334
PF_set_role,
00335
PF_set_object_class,
00336
PF_switch_pm,
00337
PF_switch_auth,
00338
PF_set_device_object_type,
00339
PF_set_auth_may_setuid,
00340
PF_set_auth_may_set_cap,
00341
00342
00343
PF_add_authorized_task,
00344
PF_delete_authorized_task,
00345
00346
PF_create_tp,
PF_delete_tp,
PF_set_tp,
00347
00348
00349
PF_create_ticket,
00350
00351
PF_none};
00352
00353 struct rsbac_pm_create_ticket_t
00354 {
00355 rsbac_pm_tkt_id_t id;
00356 rsbac_pm_time_stamp_t valid_for;
00357 enum rsbac_pm_tkt_function_type_t function_type;
00358 union rsbac_pm_tkt_function_param_t function_param;
00359 };
00360
00361 union rsbac_pm_function_param_t
00362 {
00363 struct rsbac_pm_add_na_t add_na;
00364 struct rsbac_pm_delete_na_t delete_na;
00365 struct rsbac_pm_add_task_t add_task;
00366 struct rsbac_pm_delete_task_t delete_task;
00367 struct rsbac_pm_add_object_class_t add_object_class;
00368 struct rsbac_pm_delete_object_class_t delete_object_class;
00369 struct rsbac_pm_add_authorized_tp_t add_authorized_tp;
00370 struct rsbac_pm_delete_authorized_tp_t delete_authorized_tp;
00371 struct rsbac_pm_add_consent_t add_consent;
00372 struct rsbac_pm_delete_consent_t delete_consent;
00373 struct rsbac_pm_add_purpose_t add_purpose;
00374 struct rsbac_pm_delete_purpose_t delete_purpose;
00375 struct rsbac_pm_add_responsible_user_t add_responsible_user;
00376 struct rsbac_pm_delete_responsible_user_t delete_responsible_user;
00377 struct rsbac_pm_delete_user_aci_t delete_user_aci;
00378 struct rsbac_pm_set_role_t set_role;
00379 struct rsbac_pm_set_object_class_t set_object_class;
00380 struct rsbac_pm_switch_pm_t switch_pm;
00381 struct rsbac_pm_switch_pm_t switch_auth;
00382 struct rsbac_pm_set_device_object_type_t set_device_object_type;
00383 struct rsbac_pm_set_auth_may_setuid_t set_auth_may_setuid;
00384 struct rsbac_pm_set_auth_may_set_cap_t set_auth_may_set_cap;
00385 struct rsbac_pm_add_authorized_task_t add_authorized_task;
00386 struct rsbac_pm_delete_authorized_task_t delete_authorized_task;
00387 struct rsbac_pm_create_tp_t create_tp;
00388 struct rsbac_pm_delete_tp_t delete_tp;
00389 struct rsbac_pm_set_tp_t set_tp;
00390 struct rsbac_pm_create_ticket_t create_ticket;
00391 int dummy;
00392 };
00393
00394
00395
00396
00397
#ifdef __KERNEL__
00398
struct rsbac_pm_old_tkt_data_t
00399 {
00400
rsbac_pm_tkt_id_t id;
00401
rsbac_old_uid_t issuer;
00402
enum rsbac_pm_tkt_function_type_t function_type;
00403
union rsbac_pm_tkt_internal_function_param_t function_param;
00404
rsbac_pm_time_stamp_t valid_until;
00405 };
00406
00407
struct rsbac_pm_tkt_data_t
00408 {
00409
rsbac_pm_tkt_id_t id;
00410
rsbac_uid_t issuer;
00411
enum rsbac_pm_tkt_function_type_t function_type;
00412
union rsbac_pm_tkt_internal_function_param_t function_param;
00413
rsbac_pm_time_stamp_t valid_until;
00414 };
00415
#endif
00416
00417
#endif