/daten/src/linux-2.4.27-rsbac-v1.2.3/rsbac/help/debug.c

Go to the documentation of this file.
00001 /************************************ */ 00002 /* Rule Set Based Access Control */ 00003 /* */ 00004 /* Author and (c) 1999-2004: */ 00005 /* Amon Ott <ao@rsbac.org> */ 00006 /* */ 00007 /* Debug and logging functions for all parts */ 00008 /* */ 00009 /* Last modified: 16/Jun/2004 */ 00010 /************************************ */ 00011 00012 #include <asm/uaccess.h> 00013 #include <rsbac/types.h> 00014 #include <rsbac/aci.h> 00015 #include <rsbac/aci_data_structures.h> 00016 #include <rsbac/debug.h> 00017 #include <rsbac/error.h> 00018 #include <rsbac/proc_fs.h> 00019 #include <rsbac/getname.h> 00020 #include <rsbac/net_getname.h> 00021 #include <rsbac/adf.h> 00022 #include <rsbac/rkmem.h> 00023 #include <linux/smp_lock.h> 00024 #include <linux/init.h> 00025 #include <linux/config.h> 00026 #include <linux/module.h> 00027 #include <linux/console.h> 00028 #include <linux/in.h> 00029 #if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,0) 00030 #include <linux/moduleparam.h> 00031 #include <linux/syscalls.h> 00032 #endif 00033 00034 /* Boolean debug switch for NO_WRITE (global) */ 00035 int rsbac_debug_no_write = 0; 00036 00037 static boolean debug_initialized = FALSE; 00038 00039 #ifdef CONFIG_RSBAC_DEBUG 00040 /* Boolean debug switch for data structures */ 00041 int rsbac_debug_ds = 0; 00042 00043 /* Boolean debug switch for writing of data structures */ 00044 int rsbac_debug_write = 0; 00045 00046 /* Boolean debug switch for AEF */ 00047 EXPORT_SYMBOL(rsbac_debug_aef); 00048 int rsbac_debug_aef = 0; 00049 00050 /* Boolean debug switch for stack debugging */ 00051 int rsbac_debug_stack = 0; 00052 00053 /* Boolean debug switch for generic lists */ 00054 int rsbac_debug_lists = 0; 00055 00056 #ifdef CONFIG_RSBAC_NET 00057 int rsbac_debug_ds_net = 0; 00058 int rsbac_debug_adf_net = 0; 00059 int rsbac_debug_aef_net = 0; 00060 #endif 00061 00062 #if defined(CONFIG_RSBAC_MAC) 00063 /* Boolean debug switch for MAC data structures */ 00064 int rsbac_debug_ds_mac = 0; 00065 /* Boolean debug switch for MAC syscalls / AEF */ 00066 int rsbac_debug_aef_mac = 0; 00067 /* Boolean debug switch for MAC decisions / ADF */ 00068 int rsbac_debug_adf_mac = 0; 00069 #endif 00070 00071 #if defined(CONFIG_RSBAC_PM) || defined(CONFIG_RSBAC_PM_MAINT) 00072 /* Boolean debug switch for PM data structures */ 00073 int rsbac_debug_ds_pm = 0; 00074 /* Boolean debug switch for PM syscalls / AEF */ 00075 int rsbac_debug_aef_pm = 0; 00076 /* Boolean debug switch for PM decisions / ADF */ 00077 int rsbac_debug_adf_pm = 0; 00078 #endif 00079 00080 #if defined(CONFIG_RSBAC_DAZ) 00081 /* Boolean debug switch for DAZ decisions / ADF */ 00082 int rsbac_debug_adf_daz = 0; 00083 #endif 00084 00085 #if defined(CONFIG_RSBAC_RC) || defined(CONFIG_RSBAC_RC_MAINT) 00086 /* Boolean debug switch for RC data structures */ 00087 int rsbac_debug_ds_rc = 0; 00088 /* Boolean debug switch for RC syscalls / AEF */ 00089 int rsbac_debug_aef_rc = 0; 00090 /* Boolean debug switch for RC decisions / ADF */ 00091 int rsbac_debug_adf_rc = 0; 00092 #endif 00093 00094 #if defined(CONFIG_RSBAC_AUTH) || defined(CONFIG_RSBAC_AUTH_MAINT) 00095 /* Boolean debug switch for AUTH data structures */ 00096 int rsbac_debug_ds_auth = 0; 00097 /* Boolean debug switch for AUTH syscalls / AEF */ 00098 int rsbac_debug_aef_auth = 0; 00099 /* Boolean debug switch for AUTH decisions / ADF */ 00100 int rsbac_debug_adf_auth = 0; 00101 #endif 00102 00103 #if defined(CONFIG_RSBAC_REG) || defined(CONFIG_RSBAC_REG_MAINT) 00104 /* Boolean debug switch for REG */ 00105 int rsbac_debug_reg = 0; 00106 #endif 00107 00108 #if defined(CONFIG_RSBAC_ACL) || defined(CONFIG_RSBAC_ACL_MAINT) 00109 /* Boolean debug switch for ACL data structures */ 00110 int rsbac_debug_ds_acl = 0; 00111 /* Boolean debug switch for ACL syscalls / AEF */ 00112 int rsbac_debug_aef_acl = 0; 00113 /* Boolean debug switch for ACL decisions / ADF */ 00114 int rsbac_debug_adf_acl = 0; 00115 #endif 00116 00117 #if defined(CONFIG_RSBAC_JAIL) 00118 /* Boolean debug switch for JAIL syscalls / AEF */ 00119 int rsbac_debug_aef_jail = 0; 00120 /* Boolean debug switch for JAIL decisions / ADF */ 00121 int rsbac_debug_adf_jail = 0; 00122 #endif 00123 00124 #if defined(CONFIG_RSBAC_PAX) 00125 /* Boolean debug switch for PAX decisions / ADF */ 00126 int rsbac_debug_adf_pax = 0; 00127 #endif 00128 00129 #if defined(CONFIG_RSBAC_AUTO_WRITE) && (CONFIG_RSBAC_AUTO_WRITE > 0) 00130 int rsbac_debug_auto = 0; 00131 #endif /* CONFIG_RSBAC_AUTO_WRITE > 0 */ 00132 00133 #endif /* DEBUG */ 00134 00135 #if defined(CONFIG_RSBAC_AUTH) || defined(CONFIG_RSBAC_AUTH_MAINT) 00136 /* Boolean switch for AUTH init: set may_setuid for /bin/login */ 00137 int rsbac_auth_enable_login = 0; 00138 #if defined(CONFIG_RSBAC_AUTH_LEARN) 00139 int rsbac_auth_learn = 0; 00140 #endif 00141 #endif 00142 00143 #if defined(CONFIG_RSBAC_ACL_LEARN) 00144 int rsbac_acl_learn_fd = 0; 00145 #endif 00146 00147 /* Suppress default list creation for complete restore */ 00148 int rsbac_no_defaults = 0; 00149 00150 static rsbac_list_handle_t log_levels_handle = NULL; 00151 00152 #ifdef CONFIG_RSBAC_SOFTMODE 00153 /* Boolean switch for RSBAC soft mode */ 00154 int rsbac_softmode = 0; 00155 #ifdef CONFIG_RSBAC_SOFTMODE_IND 00156 int rsbac_ind_softmode[SW_NONE] = {0,0,0,0,0,0,0,0,0,0,0,0,0,0}; 00157 #endif 00158 00159 #if defined(CONFIG_RSBAC_REG) || defined(CONFIG_RSBAC_REG_MAINT) 00160 EXPORT_SYMBOL(rsbac_in_softmode); 00161 #endif 00162 int rsbac_in_softmode(void) 00163 { 00164 return rsbac_softmode; 00165 } 00166 #endif 00167 00168 #if defined(CONFIG_RSBAC_CAP_PROC_HIDE) 00169 int rsbac_cap_process_hiding = 0; 00170 #endif 00171 00172 #ifdef CONFIG_RSBAC_ALLOW_DAC_DISABLE_FULL 00173 /* Boolean switch for disabling Linux DAC */ 00174 int rsbac_dac_disable = 0; 00175 00176 #if defined(CONFIG_RSBAC_REG) || defined(CONFIG_RSBAC_REG_MAINT) 00177 EXPORT_SYMBOL(rsbac_dac_is_disabled); 00178 #endif 00179 int rsbac_dac_is_disabled(void) 00180 { 00181 return rsbac_dac_disable; 00182 } 00183 #endif 00184 00185 /* Boolean switch for no syslog option*/ 00186 #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG 00187 int rsbac_nosyslog = 0; 00188 #endif 00189 00190 /* Boolean switch for delayed init option*/ 00191 #ifdef CONFIG_RSBAC_INIT_DELAY 00192 int rsbac_no_delay_init = 0; 00193 kdev_t rsbac_delayed_root = RSBAC_MKDEV(0,0); 00194 #endif 00195 00196 /* Array of Boolean debug switches for ADF */ 00197 int rsbac_debug_adf_default = 1; 00198 rsbac_log_entry_t rsbac_log_levels[R_NONE+1]; 00199 00200 boolean rsbac_debug_adf_dirty = FALSE; 00201 00202 /* variables for rsbac_logging */ 00203 #if defined(CONFIG_RSBAC_RMSG) 00204 #include <linux/poll.h> 00205 #include <linux/smp.h> 00206 #define RLOG_BUF_LEN (1 << 14) 00207 #define RLOG_BUF_MASK (RLOG_BUF_LEN-1) 00208 DECLARE_WAIT_QUEUE_HEAD(rlog_wait); 00209 static unsigned long log_end = 0; /* Index into log_buf: most-recently-written-char + 1 */ 00210 static char rlog_buf[RLOG_BUF_LEN]; 00211 #define RLOG_BUF(idx) (rlog_buf[(idx) & RLOG_BUF_MASK]) 00212 static unsigned long log_start = 0; 00213 static unsigned long logged_chars = 0; 00214 00215 #if defined(CONFIG_RSBAC_LOG_REMOTE) 00216 #define REMOTE_RLOG_BUF_LEN (16384) 00217 #define REMOTE_RLOG_BUF_MASK (REMOTE_RLOG_BUF_LEN-1) 00218 static DECLARE_WAIT_QUEUE_HEAD(rsbaclogd_wait); 00219 #ifndef CONFIG_RSBAC_LOG_REMOTE_SYNC 00220 static struct timer_list rsbac_log_remote_timer; 00221 u_int rsbac_log_remote_interval = CONFIG_RSBAC_LOG_INTERVAL; 00222 #endif 00223 rsbac_pid_t rsbaclogd_pid=0; 00224 #define REMOTE_SEND_BUF_LEN 1024 00225 static unsigned long remote_log_end; 00226 static char remote_rlog_buf[REMOTE_RLOG_BUF_LEN]; 00227 static unsigned long remote_log_start = 0; 00228 static unsigned long remote_logged_chars = 0; 00229 #define REMOTE_RLOG_BUF(idx) (remote_rlog_buf[(idx) & REMOTE_RLOG_BUF_MASK]) 00230 #endif 00231 00232 #endif 00233 00234 void rsbac_adf_log_switch(rsbac_adf_request_int_t request, 00235 enum rsbac_target_t target, 00236 rsbac_enum_t value) 00237 { 00238 if( (request < R_NONE) 00239 && (target <= T_NONE) 00240 && (value <= LL_full) 00241 ) 00242 { 00243 rsbac_log_levels[request][target] = value; 00244 if(log_levels_handle) 00245 rsbac_list_add(log_levels_handle, &request, rsbac_log_levels[request]); 00246 } 00247 }; 00248 00249 int rsbac_get_adf_log(rsbac_adf_request_int_t request, 00250 enum rsbac_target_t target, 00251 u_int * value_p) 00252 { 00253 if( (request < R_NONE) 00254 && (target <= T_NONE) 00255 ) 00256 { 00257 *value_p = rsbac_log_levels[request][target]; 00258 return 0; 00259 } 00260 else 00261 return -RSBAC_EINVALIDVALUE; 00262 } 00263 00264 #if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,0) 00265 inline boolean rsbac_parse_koptions(char * line) 00266 { 00267 /* RSBAC: suppress defaults? */ 00268 if (!strcmp(line,"rsbac_no_defaults")) 00269 { 00270 rsbac_no_defaults = 1; 00271 return(TRUE); 00272 } 00273 #if defined(CONFIG_RSBAC_AUTH) || defined(CONFIG_RSBAC_AUTH_MAINT) 00274 /* RSBAC: AUTH - set auth_may_setuid for /bin/login? */ 00275 if (!strcmp(line,"rsbac_auth_enable_login")) 00276 { 00277 rsbac_auth_enable_login = 1; 00278 return(TRUE); 00279 } 00280 #if defined(CONFIG_RSBAC_AUTH_LEARN) 00281 if (!strcmp(line,"rsbac_auth_learn")) 00282 { 00283 rsbac_auth_learn = 1; 00284 return(TRUE); 00285 } 00286 #endif 00287 #endif 00288 #if defined(CONFIG_RSBAC_ACL_LEARN) 00289 /* Learn for all target types */ 00290 if (!strcmp(line,"rsbac_acl_learn")) 00291 { 00292 rsbac_acl_learn_fd = 1; 00293 return(TRUE); 00294 } 00295 if (!strcmp(line,"rsbac_acl_learn_fd")) 00296 { 00297 rsbac_acl_learn_fd = 1; 00298 return(TRUE); 00299 } 00300 #endif 00301 #if defined(CONFIG_RSBAC_SOFTMODE) 00302 /* RSBAC: softmode on? */ 00303 if (!strcmp(line,"rsbac_softmode")) 00304 { 00305 rsbac_softmode = 1; 00306 return(TRUE); 00307 } 00308 #if defined(CONFIG_RSBAC_SOFTMODE_IND) 00309 /* RSBAC: softmode on for a module? */ 00310 if (!strcmp(line,"rsbac_softmode_mac")) 00311 { 00312 rsbac_ind_softmode[MAC] = 1; 00313 return(TRUE); 00314 } 00315 if (!strcmp(line,"rsbac_softmode_fc")) 00316 { 00317 rsbac_ind_softmode[FC] = 1; 00318 return(TRUE); 00319 } 00320 if (!strcmp(line,"rsbac_softmode_sim")) 00321 { 00322 rsbac_ind_softmode[SIM] = 1; 00323 return(TRUE); 00324 } 00325 if (!strcmp(line,"rsbac_softmode_pm")) 00326 { 00327 rsbac_ind_softmode[PM] = 1; 00328 return(TRUE); 00329 } 00330 if (!strcmp(line,"rsbac_softmode_daz")) 00331 { 00332 rsbac_ind_softmode[DAZ] = 1; 00333 return(TRUE); 00334 } 00335 if (!strcmp(line,"rsbac_softmode_ff")) 00336 { 00337 rsbac_ind_softmode[FF] = 1; 00338 return(TRUE); 00339 } 00340 if (!strcmp(line,"rsbac_softmode_rc")) 00341 { 00342 rsbac_ind_softmode[RC] = 1; 00343 return(TRUE); 00344 } 00345 if (!strcmp(line,"rsbac_softmode_auth")) 00346 { 00347 rsbac_ind_softmode[AUTH] = 1; 00348 return(TRUE); 00349 } 00350 if (!strcmp(line,"rsbac_softmode_reg")) 00351 { 00352 rsbac_ind_softmode[REG] = 1; 00353 return(TRUE); 00354 } 00355 if (!strcmp(line,"rsbac_softmode_acl")) 00356 { 00357 rsbac_ind_softmode[ACL] = 1; 00358 return(TRUE); 00359 } 00360 if (!strcmp(line,"rsbac_softmode_cap")) 00361 { 00362 rsbac_ind_softmode[CAP] = 1; 00363 return(TRUE); 00364 } 00365 if (!strcmp(line,"rsbac_softmode_jail")) 00366 { 00367 rsbac_ind_softmode[JAIL] = 1; 00368 return(TRUE); 00369 } 00370 if (!strcmp(line,"rsbac_softmode_res")) 00371 { 00372 rsbac_ind_softmode[RES] = 1; 00373 return(TRUE); 00374 } 00375 #endif 00376 #endif 00377 #if defined(CONFIG_RSBAC_CAP_PROC_HIDE) 00378 /* RSBAC: hide processes? */ 00379 if (!strcmp(line,"rsbac_cap_process_hiding")) 00380 { 00381 rsbac_cap_process_hiding = 1; 00382 return(TRUE); 00383 } 00384 #endif 00385 #ifdef CONFIG_RSBAC_ALLOW_DAC_DISABLE_FULL 00386 /* RSBAC: disable Linux DAC? */ 00387 if (!strcmp(line,"rsbac_dac_disable")) 00388 { 00389 rsbac_dac_disable = 1; 00390 return(TRUE); 00391 } 00392 #endif 00393 #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG 00394 if ( !strcmp(line,"rsbac_nosyslog") 00395 || !strcmp(line,"rsbac_no_syslog") 00396 ) 00397 { 00398 rsbac_nosyslog = 1; 00399 return(TRUE); 00400 } 00401 #endif 00402 #ifdef CONFIG_RSBAC_INIT_DELAY 00403 if ( !strcmp(line,"rsbac_delay_init") 00404 ) 00405 { 00406 rsbac_no_delay_init = 0; 00407 return(TRUE); 00408 } 00409 if ( !strcmp(line,"rsbac_no_delay_init") 00410 || !strcmp(line,"rsbac_no_init_delay") 00411 ) 00412 { 00413 rsbac_no_delay_init = 1; 00414 return(TRUE); 00415 } 00416 if ( !strncmp(line,"rsbac_delayed_root=",19) 00417 ) 00418 { 00419 char * p = line+19; 00420 u_int major = 0; 00421 u_int minor = 0; 00422 00423 if(*p) 00424 { 00425 major = simple_strtoul(p, NULL, 0); 00426 while((*p != ':') && (*p != '\0')) 00427 p++; 00428 if(*p) 00429 { 00430 p++; 00431 minor = simple_strtoul(p, NULL, 0); 00432 } 00433 rsbac_delayed_root = RSBAC_MKDEV(major,minor); 00434 } 00435 return(TRUE); 00436 } 00437 #endif 00438 00439 #ifdef CONFIG_RSBAC_DEBUG 00440 #ifdef CONFIG_RSBAC_NET 00441 /* RSBAC: debug for all of net? */ 00442 if (!strcmp(line,"rsbac_debug_net")) 00443 { 00444 rsbac_debug_ds_net = 1; 00445 rsbac_debug_aef_net = 1; 00446 rsbac_debug_adf_net = 1; 00447 return(TRUE); 00448 } 00449 /* RSBAC: debug for net data structures? */ 00450 if (!strcmp(line,"rsbac_debug_ds_net")) 00451 { 00452 rsbac_debug_ds_net = 1; 00453 return(TRUE); 00454 } 00455 /* RSBAC: debug for net syscalls/AEF? */ 00456 if (!strcmp(line,"rsbac_debug_aef_net")) 00457 { 00458 rsbac_debug_aef_net = 1; 00459 return(TRUE); 00460 } 00461 /* RSBAC: debug for net decisions/ADF? */ 00462 if (!strcmp(line,"rsbac_debug_adf_net")) 00463 { 00464 rsbac_debug_adf_net = 1; 00465 return(TRUE); 00466 } 00467 #endif 00468 00469 #if defined(CONFIG_RSBAC_MAC) 00470 /* RSBAC: debug for all of mac? */ 00471 if (!strcmp(line,"rsbac_debug_mac")) 00472 { 00473 rsbac_debug_ds_mac = 1; 00474 rsbac_debug_aef_mac = 1; 00475 rsbac_debug_adf_mac = 1; 00476 return(TRUE); 00477 } 00478 /* RSBAC: debug for mac data structures? */ 00479 if (!strcmp(line,"rsbac_debug_ds_mac")) 00480 { 00481 rsbac_debug_ds_mac = 1; 00482 return(TRUE); 00483 } 00484 /* RSBAC: debug for MAC-syscalls/AEF? */ 00485 if (!strcmp(line,"rsbac_debug_aef_mac")) 00486 { 00487 rsbac_debug_aef_mac = 1; 00488 return(TRUE); 00489 } 00490 /* RSBAC: debug for MAC-decisions/ADF? */ 00491 if (!strcmp(line,"rsbac_debug_adf_mac")) 00492 { 00493 rsbac_debug_adf_mac = 1; 00494 return(TRUE); 00495 } 00496 #endif 00497 #if defined(CONFIG_RSBAC_PM) || defined(CONFIG_RSBAC_PM_MAINT) 00498 /* RSBAC: debug for all of pm? */ 00499 if (!strcmp(line,"rsbac_debug_pm")) 00500 { 00501 rsbac_debug_ds_pm = 1; 00502 rsbac_debug_aef_pm = 1; 00503 rsbac_debug_adf_pm = 1; 00504 return(TRUE); 00505 } 00506 /* RSBAC: debug for pm data structures? */ 00507 if (!strcmp(line,"rsbac_debug_ds_pm")) 00508 { 00509 rsbac_debug_ds_pm = 1; 00510 return(TRUE); 00511 } 00512 /* RSBAC: debug for PM-syscalls/AEF? */ 00513 if (!strcmp(line,"rsbac_debug_aef_pm")) 00514 { 00515 rsbac_debug_aef_pm = 1; 00516 return(TRUE); 00517 } 00518 /* RSBAC: debug for PM-decisions/ADF? */ 00519 if (!strcmp(line,"rsbac_debug_adf_pm")) 00520 { 00521 rsbac_debug_adf_pm = 1; 00522 return(TRUE); 00523 } 00524 #endif 00525 #if defined(CONFIG_RSBAC_DAZ) 00526 /* RSBAC: debug for DAZ decisions/ADF? */ 00527 if ( !strcmp(line,"rsbac_debug_adf_daz") 00528 || !strcmp(line,"rsbac_debug_daz") 00529 ) 00530 { 00531 rsbac_debug_adf_daz = 1; 00532 return(TRUE); 00533 } 00534 #endif 00535 #if defined(CONFIG_RSBAC_RC) || defined(CONFIG_RSBAC_RC_MAINT) 00536 /* RSBAC: debug for all of rc? */ 00537 if (!strcmp(line,"rsbac_debug_rc")) 00538 { 00539 rsbac_debug_ds_rc = 1; 00540 rsbac_debug_aef_rc = 1; 00541 rsbac_debug_adf_rc = 1; 00542 return(TRUE); 00543 } 00544 /* RSBAC: debug for rc data structures? */ 00545 if (!strcmp(line,"rsbac_debug_ds_rc")) 00546 { 00547 rsbac_debug_ds_rc = 1; 00548 return(TRUE); 00549 } 00550 /* RSBAC: debug for RC-syscalls/AEF? */ 00551 if (!strcmp(line,"rsbac_debug_aef_rc")) 00552 { 00553 rsbac_debug_aef_rc = 1; 00554 return(TRUE); 00555 } 00556 /* RSBAC: debug for RC-decisions/ADF? */ 00557 if (!strcmp(line,"rsbac_debug_adf_rc")) 00558 { 00559 rsbac_debug_adf_rc = 1; 00560 return(TRUE); 00561 } 00562 #endif 00563 #if defined(CONFIG_RSBAC_AUTH) || defined(CONFIG_RSBAC_AUTH_MAINT) 00564 /* RSBAC: debug for all of auth? */ 00565 if (!strcmp(line,"rsbac_debug_auth")) 00566 { 00567 rsbac_debug_ds_auth = 1; 00568 rsbac_debug_aef_auth = 1; 00569 rsbac_debug_adf_auth = 1; 00570 return(TRUE); 00571 } 00572 /* RSBAC: debug for auth data structures? */ 00573 if (!strcmp(line,"rsbac_debug_ds_auth")) 00574 { 00575 rsbac_debug_ds_auth = 1; 00576 return(TRUE); 00577 } 00578 /* RSBAC: debug for AUTH-syscalls/AEF? */ 00579 if (!strcmp(line,"rsbac_debug_aef_auth")) 00580 { 00581 rsbac_debug_aef_auth = 1; 00582 return(TRUE); 00583 } 00584 /* RSBAC: debug for AUTH-decisions/ADF? */ 00585 if (!strcmp(line,"rsbac_debug_adf_auth")) 00586 { 00587 rsbac_debug_adf_auth = 1; 00588 return(TRUE); 00589 } 00590 #endif 00591 #if defined(CONFIG_RSBAC_REG) || defined(CONFIG_RSBAC_REG_MAINT) 00592 /* RSBAC: debug for all of reg? */ 00593 if (!strcmp(line,"rsbac_debug_reg")) 00594 { 00595 rsbac_debug_reg = 1; 00596 return(TRUE); 00597 } 00598 #endif 00599 #if defined(CONFIG_RSBAC_ACL) || defined(CONFIG_RSBAC_ACL_MAINT) 00600 /* RSBAC: debug for all of acl? */ 00601 if (!strcmp(line,"rsbac_debug_acl")) 00602 { 00603 rsbac_debug_ds_acl = 1; 00604 rsbac_debug_aef_acl = 1; 00605 rsbac_debug_adf_acl = 1; 00606 return(TRUE); 00607 } 00608 /* RSBAC: debug for ACL data structures? */ 00609 if (!strcmp(line,"rsbac_debug_ds_acl")) 00610 { 00611 rsbac_debug_ds_acl = 1; 00612 return(TRUE); 00613 } 00614 /* RSBAC: debug for ACL-syscalls/AEF? */ 00615 if (!strcmp(line,"rsbac_debug_aef_acl")) 00616 { 00617 rsbac_debug_aef_acl = 1; 00618 return(TRUE); 00619 } 00620 /* RSBAC: debug for ACL-decisions/ADF? */ 00621 if (!strcmp(line,"rsbac_debug_adf_acl")) 00622 { 00623 rsbac_debug_adf_acl = 1; 00624 return(TRUE); 00625 } 00626 #endif 00627 #if defined(CONFIG_RSBAC_JAIL) 00628 /* RSBAC: debug for all of jail? */ 00629 if (!strcmp(line,"rsbac_debug_jail")) 00630 { 00631 rsbac_debug_aef_jail = 1; 00632 rsbac_debug_adf_jail = 1; 00633 return(TRUE); 00634 } 00635 /* RSBAC: debug for JAIL-syscalls/AEF? */ 00636 if (!strcmp(line,"rsbac_debug_aef_jail")) 00637 { 00638 rsbac_debug_aef_jail = 1; 00639 return(TRUE); 00640 } 00641 /* RSBAC: debug for JAIL-decisions/ADF? */ 00642 if (!strcmp(line,"rsbac_debug_adf_jail")) 00643 { 00644 rsbac_debug_adf_jail = 1; 00645 return(TRUE); 00646 } 00647 #endif 00648 #if defined(CONFIG_RSBAC_PAX) 00649 /* RSBAC: debug for all of pax? */ 00650 if (!strcmp(line,"rsbac_debug_pax")) 00651 { 00652 rsbac_debug_adf_pax = 1; 00653 return(TRUE); 00654 } 00655 /* RSBAC: debug for PAX-decisions/ADF? */ 00656 if (!strcmp(line,"rsbac_debug_adf_pax")) 00657 { 00658 rsbac_debug_adf_pax = 1; 00659 return(TRUE); 00660 } 00661 #endif 00662 #if defined(CONFIG_RSBAC_AUTO_WRITE) && (CONFIG_RSBAC_AUTO_WRITE > 0) 00663 /* RSBAC: debug for auto-write? */ 00664 if (!strcmp(line,"rsbac_debug_auto")) 00665 { 00666 rsbac_debug_auto = 1; 00667 return(TRUE); 00668 } 00669 #endif 00670 /* RSBAC: debug for all? */ 00671 if (!strcmp(line,"rsbac_debug_all")) 00672 { 00673 rsbac_debug_ds = 1; 00674 rsbac_debug_write = 1; 00675 rsbac_debug_aef = 1; 00676 rsbac_debug_adf_default = 2; 00677 #if defined(CONFIG_RSBAC_MAC) 00678 rsbac_debug_ds_mac = 1; 00679 rsbac_debug_aef_mac = 1; 00680 rsbac_debug_adf_mac = 1; 00681 #endif 00682 #if defined(CONFIG_RSBAC_PM) 00683 rsbac_debug_ds_pm = 1; 00684 rsbac_debug_aef_pm = 1; 00685 rsbac_debug_adf_pm = 1; 00686 #endif 00687 #if defined(CONFIG_RSBAC_DAZ) 00688 rsbac_debug_adf_daz = 1; 00689 #endif 00690 #if defined(CONFIG_RSBAC_RC) 00691 rsbac_debug_ds_rc = 1; 00692 rsbac_debug_aef_rc = 1; 00693 rsbac_debug_adf_rc = 1; 00694 #endif 00695 #if defined(CONFIG_RSBAC_AUTH) 00696 rsbac_debug_ds_auth = 1; 00697 rsbac_debug_aef_auth = 1; 00698 rsbac_debug_adf_auth = 1; 00699 #endif 00700 #if defined(CONFIG_RSBAC_ACL) 00701 rsbac_debug_ds_acl = 1; 00702 rsbac_debug_aef_acl = 1; 00703 rsbac_debug_adf_acl = 1; 00704 #endif 00705 #if defined(CONFIG_RSBAC_JAIL) 00706 rsbac_debug_aef_jail = 1; 00707 rsbac_debug_adf_jail = 1; 00708 #endif 00709 #if defined(CONFIG_RSBAC_PAX) 00710 rsbac_debug_adf_pax = 1; 00711 #endif 00712 #if defined(CONFIG_RSBAC_AUTO_WRITE) && (CONFIG_RSBAC_AUTO_WRITE > 0) 00713 rsbac_debug_auto = 1; 00714 #endif 00715 00716 return(TRUE); 00717 } 00718 /* RSBAC: debug_lists */ 00719 if (!strcmp(line,"rsbac_debug_lists")) 00720 { 00721 rsbac_debug_lists = 1; 00722 return(TRUE); 00723 } 00724 /* RSBAC: debug_stack */ 00725 if (!strcmp(line,"rsbac_debug_stack")) 00726 { 00727 rsbac_debug_stack = 1; 00728 return(TRUE); 00729 } 00730 /* RSBAC: debug for data structures? */ 00731 if (!strcmp(line,"rsbac_debug_ds")) 00732 { 00733 rsbac_debug_ds = 1; 00734 return(TRUE); 00735 } 00736 /* RSBAC: debug for writing of data structures? */ 00737 if (!strcmp(line,"rsbac_debug_write")) 00738 { 00739 rsbac_debug_write = 1; 00740 return(TRUE); 00741 } 00742 /* RSBAC: debug for AEF? */ 00743 if (!strcmp(line,"rsbac_debug_aef")) 00744 { 00745 rsbac_debug_aef = 1; 00746 return(TRUE); 00747 } 00748 /* RSBAC: debug_no_write for ds */ 00749 if (!strcmp(line,"rsbac_debug_no_write")) 00750 { 00751 rsbac_debug_no_write = 1; 00752 return(TRUE); 00753 } 00754 /* RSBAC: debug default 0 for ADF */ 00755 if (!strcmp(line,"rsbac_debug_no_adf")) 00756 { 00757 rsbac_debug_adf_default = 0; 00758 return(TRUE); 00759 } 00760 /* RSBAC: debug default 1 for ADF, log denied requests? (default value) */ 00761 if (!strcmp(line,"rsbac_debug_adf")) 00762 { 00763 rsbac_debug_adf_default = 1; 00764 return(TRUE); 00765 } 00766 /* RSBAC: debug: log all for ADF, even GRANTED and DO_NOT_CARE? */ 00767 if (!strcmp(line,"rsbac_debug_adf_all")) 00768 { 00769 rsbac_debug_adf_default = 2; 00770 return(TRUE); 00771 } 00772 #endif /* DEBUG */ 00773 00774 /* nothing matched */ 00775 return(FALSE); 00776 } 00777 00778 #else /* KERNEL_VERSION >= 2.6.0 */ 00779 00780 // module_param(rsbac_no_defaults, bool, S_IRUGO); 00781 static int R_INIT no_defaults_setup(char *line) 00782 { 00783 rsbac_no_defaults = 1; 00784 return 1; 00785 } 00786 __setup("rsbac_no_defaults", no_defaults_setup); 00787 00788 #if defined(CONFIG_RSBAC_AUTH) || defined(CONFIG_RSBAC_AUTH_MAINT) 00789 /* RSBAC: AUTH - set auth_may_setuid for /bin/login? */ 00790 // module_param(rsbac_auth_enable_login, int, S_IRUGO); 00791 static int R_INIT auth_enable_login_setup(char *line) 00792 { 00793 rsbac_auth_enable_login = 1; 00794 return 1; 00795 } 00796 __setup("rsbac_auth_enable_login", auth_enable_login_setup); 00797 #if defined(CONFIG_RSBAC_AUTH_LEARN) 00798 static int R_INIT auth_learn_setup(char *line) 00799 { 00800 rsbac_auth_learn = 1; 00801 return 1; 00802 } 00803 __setup("rsbac_auth_learn", auth_learn_setup); 00804 #endif 00805 #endif 00806 #if defined(CONFIG_RSBAC_ACL_LEARN) 00807 /* learn all target types */ 00808 static int R_INIT acl_learn_setup(char *line) 00809 { 00810 rsbac_acl_learn_fd = 1; 00811 return 1; 00812 } 00813 __setup("rsbac_acl_learn", acl_learn_setup); 00814 static int R_INIT acl_learn_fd_setup(char *line) 00815 { 00816 rsbac_acl_learn_fd = 1; 00817 return 1; 00818 } 00819 __setup("rsbac_acl_learn_fd", acl_learn_fd_setup); 00820 #endif 00821 00822 #if defined(CONFIG_RSBAC_SOFTMODE) 00823 /* RSBAC: softmode on? */ 00824 // module_param(rsbac_softmode, bool, S_IRUGO); 00825 static int R_INIT softmode_setup(char *line) 00826 { 00827 rsbac_softmode = 1; 00828 return 1; 00829 } 00830 __setup("rsbac_softmode", softmode_setup); 00831 00832 #if defined(CONFIG_RSBAC_SOFTMODE_IND) 00833 /* RSBAC: softmode on for a module? */ 00834 // module_param_named(rsbac_softmode_mac, rsbac_ind_softmode[MAC], bool, S_IRUGO); 00835 static int R_INIT softmode_mac_setup(char *line) 00836 { 00837 rsbac_ind_softmode[MAC] = 1; 00838 return 1; 00839 } 00840 __setup("rsbac_softmode_mac", softmode_mac_setup); 00841 // module_param_named(rsbac_softmode_fc, rsbac_ind_softmode[FC], bool, S_IRUGO); 00842 static int R_INIT softmode_fc_setup(char *line) 00843 { 00844 rsbac_ind_softmode[FC] = 1; 00845 return 1; 00846 } 00847 __setup("rsbac_softmode_fc", softmode_fc_setup); 00848 // module_param_named(rsbac_softmode_sim, rsbac_ind_softmode[SIM], bool, S_IRUGO); 00849 static int R_INIT softmode_sim_setup(char *line) 00850 { 00851 rsbac_ind_softmode[SIM] = 1; 00852 return 1; 00853 } 00854 __setup("rsbac_softmode_sim", softmode_sim_setup); 00855 // module_param_named(rsbac_softmode_pm, rsbac_ind_softmode[PM], bool, S_IRUGO); 00856 static int R_INIT softmode_pm_setup(char *line) 00857 { 00858 rsbac_ind_softmode[PM] = 1; 00859 return 1; 00860 } 00861 __setup("rsbac_softmode_pm", softmode_pm_setup); 00862 // module_param_named(rsbac_softmode_daz, rsbac_ind_softmode[DAZ], bool, S_IRUGO); 00863 static int R_INIT softmode_daz_setup(char *line) 00864 { 00865 rsbac_ind_softmode[DAZ] = 1; 00866 return 1; 00867 } 00868 __setup("rsbac_softmode_daz", softmode_daz_setup); 00869 // module_param_named(rsbac_softmode_ff, rsbac_ind_softmode[FF], bool, S_IRUGO); 00870 static int R_INIT softmode_ff_setup(char *line) 00871 { 00872 rsbac_ind_softmode[FF] = 1; 00873 return 1; 00874 } 00875 __setup("rsbac_softmode_ff", softmode_ff_setup); 00876 // module_param_named(rsbac_softmode_rc, rsbac_ind_softmode[RC], bool, S_IRUGO); 00877 static int R_INIT softmode_rc_setup(char *line) 00878 { 00879 rsbac_ind_softmode[RC] = 1; 00880 return 1; 00881 } 00882 __setup("rsbac_softmode_rc", softmode_rc_setup); 00883 // module_param_named(rsbac_softmode_auth, rsbac_ind_softmode[AUTH], bool, S_IRUGO); 00884 static int R_INIT softmode_auth_setup(char *line) 00885 { 00886 rsbac_ind_softmode[AUTH] = 1; 00887 return 1; 00888 } 00889 __setup("rsbac_softmode_auth", softmode_auth_setup); 00890 // module_param_named(rsbac_softmode_reg, rsbac_ind_softmode[REG], bool, S_IRUGO); 00891 static int R_INIT softmode_reg_setup(char *line) 00892 { 00893 rsbac_ind_softmode[REG] = 1; 00894 return 1; 00895 } 00896 __setup("rsbac_softmode_reg", softmode_reg_setup); 00897 // module_param_named(rsbac_softmode_acl, rsbac_ind_softmode[ACL], bool, S_IRUGO); 00898 static int R_INIT softmode_acl_setup(char *line) 00899 { 00900 rsbac_ind_softmode[ACL] = 1; 00901 return 1; 00902 } 00903 __setup("rsbac_softmode_acl", softmode_acl_setup); 00904 // module_param_named(rsbac_softmode_cap, rsbac_ind_softmode[CAP], bool, S_IRUGO); 00905 static int R_INIT softmode_cap_setup(char *line) 00906 { 00907 rsbac_ind_softmode[CAP] = 1; 00908 return 1; 00909 } 00910 __setup("rsbac_softmode_cap", softmode_cap_setup); 00911 // module_param_named(rsbac_softmode_jail, rsbac_ind_softmode[JAIL], bool, S_IRUGO); 00912 static int R_INIT softmode_jail_setup(char *line) 00913 { 00914 rsbac_ind_softmode[JAIL] = 1; 00915 return 1; 00916 } 00917 __setup("rsbac_softmode_jail", softmode_jail_setup); 00918 // module_param_named(rsbac_softmode_res, rsbac_ind_softmode[RES], bool, S_IRUGO); 00919 static int R_INIT softmode_res_setup(char *line) 00920 { 00921 rsbac_ind_softmode[RES] = 1; 00922 return 1; 00923 } 00924 __setup("rsbac_softmode_res", softmode_res_setup); 00925 #endif 00926 #endif 00927 00928 #if defined(CONFIG_RSBAC_CAP_PROC_HIDE) 00929 /* RSBAC: hide processes? */ 00930 // module_param(rsbac_cap_process_hiding, bool, S_IRUGO); 00931 static int R_INIT cap_process_hiding_setup(char *line) 00932 { 00933 rsbac_cap_process_hiding = 1; 00934 return 1; 00935 } 00936 __setup("rsbac_cap_process_hiding", cap_process_hiding_setup); 00937 #endif 00938 #ifdef CONFIG_RSBAC_ALLOW_DAC_DISABLE_FULL 00939 /* RSBAC: disable Linux DAC? */ 00940 // module_param(rsbac_dac_disable, bool, S_IRUGO); 00941 static int R_INIT dac_disable_setup(char *line) 00942 { 00943 rsbac_dac_disable = 1; 00944 return 1; 00945 } 00946 __setup("rsbac_dac_disable", dac_disable_setup); 00947 #endif 00948 #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG 00949 // module_param(rsbac_nosyslog, bool, S_IRUGO); 00950 static int R_INIT nosyslog_setup(char *line) 00951 { 00952 rsbac_nosyslog = 1; 00953 return 1; 00954 } 00955 __setup("rsbac_nosyslog", nosyslog_setup); 00956 // module_param_named(rsbac_no_syslog, rsbac_nosyslog, bool, S_IRUGO); 00957 static int R_INIT no_syslog_setup(char *line) 00958 { 00959 rsbac_nosyslog = 1; 00960 return 1; 00961 } 00962 __setup("rsbac_no_syslog", no_syslog_setup); 00963 #endif 00964 #ifdef CONFIG_RSBAC_INIT_DELAY 00965 // module_param(rsbac_no_delay_init, bool, S_IRUGO); 00966 static int R_INIT no_delay_init_setup(char *line) 00967 { 00968 rsbac_no_delay_init = 1; 00969 return 1; 00970 } 00971 __setup("rsbac_no_delay_init", no_delay_init_setup); 00972 // module_param_named(rsbac_no_init_delay, rsbac_no_delay_init, bool, S_IRUGO); 00973 static int R_INIT no_init_delay_setup(char *line) 00974 { 00975 rsbac_no_delay_init = 1; 00976 return 1; 00977 } 00978 __setup("rsbac_no_init_delay", no_init_delay_setup); 00979 char rsbac_delayed_root_str[20] = ""; 00980 // module_param_string(rsbac_delayed_root, 00981 // rsbac_delayed_root_str, 00982 // sizeof(rsbac_delayed_root_str), 00983 // S_IRUGO); 00984 static int R_INIT delayed_root_setup(char *line) 00985 { 00986 strncpy(rsbac_delayed_root_str, line, 19); 00987 rsbac_delayed_root_str[19]=0; 00988 return 1; 00989 } 00990 __setup("rsbac_delayed_root=", delayed_root_setup); 00991 #endif 00992 00993 #ifdef CONFIG_RSBAC_DEBUG 00994 #ifdef CONFIG_RSBAC_NET 00995 /* RSBAC: debug for net data structures? */ 00996 // module_param(rsbac_debug_ds_net, bool, S_IRUGO); 00997 static int R_INIT debug_ds_net_setup(char *line) 00998 { 00999 rsbac_debug_ds_net = 1; 01000 return 1; 01001 } 01002 __setup("rsbac_debug_ds_net", debug_ds_net_setup); 01003 /* RSBAC: debug for net syscalls/AEF? */ 01004 // module_param(rsbac_debug_aef_net, bool, S_IRUGO); 01005 static int R_INIT debug_aef_net_setup(char *line) 01006 { 01007 rsbac_debug_aef_net = 1; 01008 return 1; 01009 } 01010 __setup("rsbac_debug_aef_net", debug_aef_net_setup); 01011 /* RSBAC: debug for net decisions/ADF? */ 01012 // module_param(rsbac_debug_adf_net, bool, S_IRUGO); 01013 static int R_INIT debug_adf_net_setup(char *line) 01014 { 01015 rsbac_debug_adf_net = 1; 01016 return 1; 01017 } 01018 __setup("rsbac_debug_adf_net", debug_adf_net_setup); 01019 #endif 01020 01021 #if defined(CONFIG_RSBAC_MAC) 01022 // module_param(rsbac_debug_ds_mac, bool, S_IRUGO); 01023 static int R_INIT debug_ds_mac_setup(char *line) 01024 { 01025 rsbac_debug_ds_mac = 1; 01026 return 1; 01027 } 01028 __setup("rsbac_debug_ds_mac", debug_ds_mac_setup); 01029 // module_param(rsbac_debug_aef_mac, bool, S_IRUGO); 01030 static int R_INIT debug_aef_mac_setup(char *line) 01031 { 01032 rsbac_debug_aef_mac = 1; 01033 return 1; 01034 } 01035 __setup("rsbac_debug_aef_mac", debug_aef_mac_setup); 01036 // module_param(rsbac_debug_adf_mac, bool, S_IRUGO); 01037 static int R_INIT debug_adf_mac_setup(char *line) 01038 { 01039 rsbac_debug_adf_mac = 1; 01040 return 1; 01041 } 01042 __setup("rsbac_debug_adf_mac", debug_adf_mac_setup); 01043 #endif 01044 #if defined(CONFIG_RSBAC_PM) || defined(CONFIG_RSBAC_PM_MAINT) 01045 // module_param(rsbac_debug_ds_pm, bool, S_IRUGO); 01046 static int R_INIT debug_ds_pm_setup(char *line) 01047 { 01048 rsbac_debug_ds_pm = 1; 01049 return 1; 01050 } 01051 __setup("rsbac_debug_ds_pm", debug_ds_pm_setup); 01052 // module_param(rsbac_debug_aef_pm, bool, S_IRUGO); 01053 static int R_INIT debug_aef_pm_setup(char *line) 01054 { 01055 rsbac_debug_aef_pm = 1; 01056 return 1; 01057 } 01058 __setup("rsbac_debug_aef_pm", debug_aef_pm_setup); 01059 // module_param(rsbac_debug_adf_pm, bool, S_IRUGO); 01060 static int R_INIT debug_adf_pm_setup(char *line) 01061 { 01062 rsbac_debug_adf_pm = 1; 01063 return 1; 01064 } 01065 __setup("rsbac_debug_adf_pm", debug_adf_pm_setup); 01066 #endif 01067 #if defined(CONFIG_RSBAC_DAZ) 01068 // module_param(rsbac_debug_adf_daz, bool, S_IRUGO); 01069 static int R_INIT debug_adf_daz_setup(char *line) 01070 { 01071 rsbac_debug_adf_daz = 1; 01072 return 1; 01073 } 01074 __setup("rsbac_debug_adf_daz", debug_adf_daz_setup); 01075 #endif 01076 #if defined(CONFIG_RSBAC_RC) || defined(CONFIG_RSBAC_RC_MAINT) 01077 // module_param(rsbac_debug_ds_rc, bool, S_IRUGO); 01078 static int R_INIT debug_ds_rc_setup(char *line) 01079 { 01080 rsbac_debug_ds_rc = 1; 01081 return 1; 01082 } 01083 __setup("rsbac_debug_ds_rc", debug_ds_rc_setup); 01084 // module_param(rsbac_debug_aef_rc, bool, S_IRUGO); 01085 static int R_INIT debug_aef_rc_setup(char *line) 01086 { 01087 rsbac_debug_aef_rc = 1; 01088 return 1; 01089 } 01090 __setup("rsbac_debug_aef_rc", debug_aef_rc_setup); 01091 // module_param(rsbac_debug_adf_rc, bool, S_IRUGO); 01092 static int R_INIT debug_adf_rc_setup(char *line) 01093 { 01094 rsbac_debug_adf_rc = 1; 01095 return 1; 01096 } 01097 __setup("rsbac_debug_adf_rc", debug_adf_rc_setup); 01098 #endif 01099 #if defined(CONFIG_RSBAC_AUTH) || defined(CONFIG_RSBAC_AUTH_MAINT) 01100 // module_param(rsbac_debug_ds_auth, bool, S_IRUGO); 01101 static int R_INIT debug_ds_auth_setup(char *line) 01102 { 01103 rsbac_debug_ds_auth = 1; 01104 return 1; 01105 } 01106 __setup("rsbac_debug_ds_auth", debug_ds_auth_setup); 01107 // module_param(rsbac_debug_aef_auth, bool, S_IRUGO); 01108 static int R_INIT debug_aef_auth_setup(char *line) 01109 { 01110 rsbac_debug_aef_auth = 1; 01111 return 1; 01112 } 01113 __setup("rsbac_debug_aef_auth", debug_aef_auth_setup); 01114 // module_param(rsbac_debug_adf_auth, bool, S_IRUGO); 01115 static int R_INIT debug_adf_auth_setup(char *line) 01116 { 01117 rsbac_debug_adf_auth = 1; 01118 return 1; 01119 } 01120 __setup("rsbac_debug_adf_auth", debug_adf_auth_setup); 01121 #endif 01122 #if defined(CONFIG_RSBAC_REG) || defined(CONFIG_RSBAC_REG_MAINT) 01123 // module_param(rsbac_debug_reg, bool, S_IRUGO); 01124 static int R_INIT debug_reg_setup(char *line) 01125 { 01126 rsbac_debug_reg = 1; 01127 return 1; 01128 } 01129 __setup("rsbac_debug_reg", debug_reg_setup); 01130 #endif 01131 #if defined(CONFIG_RSBAC_ACL) || defined(CONFIG_RSBAC_ACL_MAINT) 01132 // module_param(rsbac_debug_ds_acl, bool, S_IRUGO); 01133 static int R_INIT debug_ds_acl_setup(char *line) 01134 { 01135 rsbac_debug_ds_acl = 1; 01136 return 1; 01137 } 01138 __setup("rsbac_debug_ds_acl", debug_ds_acl_setup); 01139 // module_param(rsbac_debug_aef_acl, bool, S_IRUGO); 01140 static int R_INIT debug_aef_acl_setup(char *line) 01141 { 01142 rsbac_debug_aef_acl = 1; 01143 return 1; 01144 } 01145 __setup("rsbac_debug_aef_acl", debug_aef_acl_setup); 01146 // module_param(rsbac_debug_adf_acl, bool, S_IRUGO); 01147 static int R_INIT debug_adf_acl_setup(char *line) 01148 { 01149 rsbac_debug_adf_acl = 1; 01150 return 1; 01151 } 01152 __setup("rsbac_debug_adf_acl", debug_adf_acl_setup); 01153 #endif 01154 #if defined(CONFIG_RSBAC_JAIL) 01155 // module_param(rsbac_debug_aef_jail, bool, S_IRUGO); 01156 static int R_INIT debug_aef_jail_setup(char *line) 01157 { 01158 rsbac_debug_aef_jail = 1; 01159 return 1; 01160 } 01161 __setup("rsbac_debug_aef_jail", debug_aef_jail_setup); 01162 // module_param(rsbac_debug_adf_jail, bool, S_IRUGO); 01163 static int R_INIT debug_adf_jail_setup(char *line) 01164 { 01165 rsbac_debug_adf_jail = 1; 01166 return 1; 01167 } 01168 __setup("rsbac_debug_adf_jail", debug_adf_jail_setup); 01169 #endif 01170 #if defined(CONFIG_RSBAC_PAX) 01171 // module_param(rsbac_debug_adf_pax, bool, S_IRUGO); 01172 static int R_INIT debug_adf_pax_setup(char *line) 01173 { 01174 rsbac_debug_adf_pax = 1; 01175 return 1; 01176 } 01177 __setup("rsbac_debug_adf_pax", debug_adf_pax_setup); 01178 #endif 01179 #if defined(CONFIG_RSBAC_AUTO_WRITE) && (CONFIG_RSBAC_AUTO_WRITE > 0) 01180 // module_param(rsbac_debug_auto, bool, S_IRUGO); 01181 static int R_INIT debug_auto_setup(char *line) 01182 { 01183 rsbac_debug_auto = 1; 01184 return 1; 01185 } 01186 __setup("rsbac_debug_auto", debug_auto_setup); 01187 #endif 01188 /* RSBAC: debug_lists */ 01189 // module_param(rsbac_debug_lists, bool, S_IRUGO); 01190 static int R_INIT debug_lists_setup(char *line) 01191 { 01192 rsbac_debug_lists = 1; 01193 return 1; 01194 } 01195 __setup("rsbac_debug_lists", debug_lists_setup); 01196 /* RSBAC: debug_stack */ 01197 // module_param(rsbac_debug_stack, bool, S_IRUGO); 01198 static int R_INIT debug_stack_setup(char *line) 01199 { 01200 rsbac_debug_stack = 1; 01201 return 1; 01202 } 01203 __setup("rsbac_debug_stack", debug_stack_setup); 01204 /* RSBAC: debug for data structures? */ 01205 // module_param(rsbac_debug_ds, bool, S_IRUGO); 01206 static int R_INIT debug_ds_setup(char *line) 01207 { 01208 rsbac_debug_ds = 1; 01209 return 1; 01210 } 01211 __setup("rsbac_debug_ds", debug_ds_setup); 01212 /* RSBAC: debug for writing of data structures? */ 01213 // module_param(rsbac_debug_write, bool, S_IRUGO); 01214 static int R_INIT debug_write_setup(char *line) 01215 { 01216 rsbac_debug_write = 1; 01217 return 1; 01218 } 01219 __setup("rsbac_debug_write", debug_write_setup); 01220 /* RSBAC: debug for AEF? */ 01221 // module_param(rsbac_debug_aef, bool, S_IRUGO); 01222 static int R_INIT debug_aef_setup(char *line) 01223 { 01224 rsbac_debug_aef = 1; 01225 return 1; 01226 } 01227 __setup("rsbac_debug_aef", debug_aef_setup); 01228 /* RSBAC: debug_no_write for ds */ 01229 // module_param(rsbac_debug_no_write, bool, S_IRUGO); 01230 static int R_INIT debug_no_write_setup(char *line) 01231 { 01232 rsbac_debug_no_write = 1; 01233 return 1; 01234 } 01235 __setup("rsbac_debug_no_write", debug_no_write_setup); 01236 /* RSBAC: debug default for ADF */ 01237 // module_param(rsbac_debug_adf_default, int, S_IRUGO); 01238 static int R_INIT debug_adf_default_setup(char *line) 01239 { 01240 rsbac_debug_adf_default = 1; 01241 return 1; 01242 } 01243 __setup("rsbac_debug_adf_default", debug_adf_default_setup); 01244 #endif /* DEBUG */ 01245 01246 #endif /* KERNEL_VERSION < or >= 2.6.0 */ 01247 01248 #if defined(CONFIG_RSBAC_RMSG) 01249 01250 static spinlock_t rsbac_log_lock = SPIN_LOCK_UNLOCKED; 01251 01252 #if defined(CONFIG_RSBAC_LOG_REMOTE) 01253 static spinlock_t rsbac_log_remote_lock = SPIN_LOCK_UNLOCKED; 01254 #endif 01255 01256 /* 01257 * Commands to do_syslog: 01258 * 01259 * 0 -- Close the log. Currently a NOP. 01260 * 1 -- Open the log. Currently a NOP. 01261 * 2 -- Read from the log. 01262 * 3 -- Read all messages remaining in the ring buffer. 01263 * 4 -- Read and clear all messages remaining in the ring buffer 01264 * 5 -- Clear ring buffer. 01265 * 9 -- Return number of unread characters in the log buffer 01266 */ 01267 int rsbac_log(int type, char * buf, int len) 01268 { 01269 unsigned long i, j, limit, count; 01270 int do_clear = 0; 01271 char c; 01272 int error = 0; 01273 01274 union rsbac_target_id_t rsbac_target_id; 01275 union rsbac_attribute_value_t rsbac_attribute_value; 01276 01277 /* RSBAC */ 01278 rsbac_target_id.scd = ST_rsbaclog; 01279 rsbac_attribute_value.dummy = 0; 01280 if ((type == 4) || (type == 5)) 01281 { 01282 #ifdef CONFIG_RSBAC_DEBUG 01283 if (rsbac_debug_aef) 01284 { 01285 #ifdef CONFIG_RSBAC_RMSG 01286 rsbac_printk(KERN_DEBUG "rsbac_log(): function %u, calling ADF for MODIFY_SYSTEM_DATA\n", type); 01287 #endif 01288 #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG 01289 if (!rsbac_nosyslog) 01290 #endif 01291 printk(KERN_DEBUG "rsbac_log(): function %u, calling ADF for MODIFY_SYSTEM_DATA\n", type); 01292 } 01293 #endif 01294 if (!rsbac_adf_request(R_MODIFY_SYSTEM_DATA, 01295 current->pid, 01296 T_SCD, 01297 rsbac_target_id, 01298 A_none, 01299 rsbac_attribute_value)) 01300 { 01301 error = -EPERM; 01302 goto out; 01303 } 01304 } 01305 else 01306 if(type >= 1) 01307 { 01308 #ifdef CONFIG_RSBAC_DEBUG 01309 if (rsbac_debug_aef) 01310 { 01311 #ifdef CONFIG_RSBAC_RMSG 01312 rsbac_printk(KERN_DEBUG "rsbac_log(): function %u, calling ADF for GET_STATUS_DATA\n", type); 01313 #endif 01314 #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG 01315 if (!rsbac_nosyslog) 01316 #endif 01317 printk(KERN_DEBUG "rsbac_log(): function %u, calling ADF for GET_STATUS_DATA\n", type); 01318 } 01319 #endif 01320 if (!rsbac_adf_request(R_GET_STATUS_DATA, 01321 current->pid, 01322 T_SCD, 01323 rsbac_target_id, 01324 A_none, 01325 rsbac_attribute_value)) 01326 { 01327 error = -EPERM; 01328 goto out; 01329 } 01330 } 01331 01332 switch (type) { 01333 case 0: /* Close log */ 01334 break; 01335 case 1: /* Open log */ 01336 break; 01337 case 2: /* Read from log */ 01338 error = -EINVAL; 01339 if (!buf || len < 0) 01340 goto out; 01341 error = 0; 01342 if (!len) 01343 goto out; 01344 error = verify_area(VERIFY_WRITE,buf,len); 01345 if (error) 01346 goto out; 01347 error = wait_event_interruptible(rlog_wait, (log_start - log_end)); 01348 if (error) 01349 goto out; 01350 i = 0; 01351 spin_lock_irq(&rsbac_log_lock); 01352 while ((log_start != log_end) && i < len) { 01353 c = RLOG_BUF(log_start); 01354 log_start++; 01355 spin_unlock_irq(&rsbac_log_lock); 01356 __put_user(c,buf); 01357 buf++; 01358 i++; 01359 spin_lock_irq(&rsbac_log_lock); 01360 } 01361 spin_unlock_irq(&rsbac_log_lock); 01362 error = i; 01363 break; 01364 case 4: /* Read/clear last kernel messages */ 01365 do_clear = 1; 01366 /* FALL THRU */ 01367 case 3: /* Read last kernel messages */ 01368 error = -EINVAL; 01369 if (!buf || len < 0) 01370 goto out; 01371 error = 0; 01372 if (!len) 01373 goto out; 01374 error = verify_area(VERIFY_WRITE,buf,len); 01375 if (error) 01376 goto out; 01377 count = len; 01378 if (count > RLOG_BUF_LEN) 01379 count = RLOG_BUF_LEN; 01380 spin_lock_irq(&rsbac_log_lock); 01381 if (count > logged_chars) 01382 count = logged_chars; 01383 if (do_clear) 01384 logged_chars = 0; 01385 limit = log_end; 01386 /* 01387 * __put_user() could sleep, and while we sleep 01388 * printk() could overwrite the messages 01389 * we try to copy to user space. Therefore 01390 * the messages are copied in reverse. <manfreds> 01391 */ 01392 for(i=0;i < count;i++) { 01393 j = limit-1-i; 01394 if (j+RLOG_BUF_LEN < log_end) 01395 break; 01396 c = RLOG_BUF(j); 01397 spin_unlock_irq(&rsbac_log_lock); 01398 __put_user(c,&buf[count-1-i]); 01399 spin_lock_irq(&rsbac_log_lock); 01400 } 01401 spin_unlock_irq(&rsbac_log_lock); 01402 error = i; 01403 if(i != count) { 01404 int offset = count-error; 01405 /* buffer overflow during copy, correct user buffer. */ 01406 for(i=0;i<error;i++) { 01407 __get_user(c,&buf[i+offset]); 01408 __put_user(c,&buf[i]); 01409 } 01410 } 01411 01412 break; 01413 case 5: /* Clear ring buffer */ 01414 spin_lock_irq(&rsbac_log_lock); 01415 logged_chars = 0; 01416 spin_unlock_irq(&rsbac_log_lock); 01417 break; 01418 case 9: /* Number of chars in the log buffer */ 01419 spin_lock_irq(&rsbac_log_lock); 01420 error = log_end - log_start; 01421 spin_unlock_irq(&rsbac_log_lock); 01422 break; 01423 default: 01424 error = -EINVAL; 01425 break; 01426 } 01427 out: 01428 return error; 01429 } 01430 01431 #if defined(CONFIG_RSBAC_REG) || defined(CONFIG_RSBAC_REG_MAINT) 01432 EXPORT_SYMBOL(rsbac_printk); 01433 #endif 01434 01435 static void emit_log_char(char c) 01436 { 01437 RLOG_BUF(log_end) = c; 01438 log_end++; 01439 if (log_end - log_start > RLOG_BUF_LEN) 01440 log_start = log_end - RLOG_BUF_LEN; 01441 if (logged_chars < RLOG_BUF_LEN) 01442 logged_chars++; 01443 } 01444 01445 #if defined(CONFIG_RSBAC_LOG_REMOTE) 01446 static void emit_remote_log_char(char c) 01447 { 01448 REMOTE_RLOG_BUF(remote_log_end) = c; 01449 remote_log_end++; 01450 if (remote_log_end - remote_log_start > REMOTE_RLOG_BUF_LEN) 01451 remote_log_start = remote_log_end - REMOTE_RLOG_BUF_LEN; 01452 if (remote_logged_chars < REMOTE_RLOG_BUF_LEN) 01453 remote_logged_chars++; 01454 } 01455 #endif 01456 01457 int rsbac_printk(const char *fmt, ...) 01458 { 01459 va_list args; 01460 unsigned long flags; 01461 int printed_len; 01462 char *p; 01463 static char buf[2048]; 01464 static int log_level_unknown = 1; 01465 static u_int log_seq = 0; 01466 #if defined(CONFIG_RSBAC_LOG_REMOTE) 01467 static u_int remote_log_seq = 0; 01468 static int remote_log_level_unknown = 1; 01469 #endif 01470 01471 if (oops_in_progress) { 01472 /* If a crash is occurring, make sure we can't deadlock */ 01473 spin_lock_init(&rsbac_log_lock); 01474 } 01475 01476 /* This stops the holder of console_sem just where we want him */ 01477 spin_lock_irqsave(&rsbac_log_lock, flags); 01478 01479 /* Emit the output into the temporary buffer */ 01480 va_start(args, fmt); 01481 printed_len = vsnprintf(buf + 14, sizeof(buf) - 14, fmt, args); 01482 va_end(args); 01483 01484 /* 01485 * Copy the output into log_buf. If the caller didn't provide 01486 * appropriate log level tags, we insert them here 01487 */ 01488 for (p = buf + 14; *p; p++) { 01489 if (log_level_unknown) { 01490 if (p[0] != '<' || p[1] < '0' || p[1] > '7' || p[2] != '>') { 01491 p -= 14; 01492 p[0] = '<'; 01493 p[1] = RSBAC_DEF_MESS_LOGLEVEL + '0'; 01494 p[2] = '>'; 01495 sprintf(p + 3, "%010u", log_seq++); 01496 p[13] = '|'; 01497 } else { 01498 p -= 11; 01499 p[0] = '<'; 01500 p[1] = p[12]; 01501 p[2] = '>'; 01502 sprintf(p + 3, "%010u", log_seq++); 01503 p[13] = '|'; 01504 } 01505 log_level_unknown = 0; 01506 } 01507 emit_log_char(*p); 01508 if (*p == '\n') 01509 log_level_unknown = 1; 01510 } 01511 spin_unlock_irqrestore(&rsbac_log_lock, flags); 01512 wake_up_interruptible(&rlog_wait); 01513 01514 #if defined(CONFIG_RSBAC_LOG_REMOTE) 01515 if (oops_in_progress) { 01516 /* If a crash is occurring, make sure we can't deadlock */ 01517 spin_lock_init(&rsbac_log_remote_lock); 01518 } 01519 01520 /* This stops the holder of console_sem just where we want him */ 01521 spin_lock_irqsave(&rsbac_log_remote_lock, flags); 01522 01523 /* Emit the output into the temporary buffer */ 01524 va_start(args, fmt); 01525 printed_len = vsnprintf(buf + 14, sizeof(buf) - 14, fmt, args); 01526 va_end(args); 01527 01528 /* 01529 * Copy the output into log_buf. If the caller didn't provide 01530 * appropriate log level tags, we insert them here 01531 */ 01532 for (p = buf + 14; *p; p++) { 01533 if (remote_log_level_unknown) { 01534 if (p[0] != '<' || p[1] < '0' || p[1] > '7' || p[2] != '>') { 01535 p -= 14; 01536 p[0] = '<'; 01537 p[1] = RSBAC_DEF_MESS_LOGLEVEL + '0'; 01538 p[2] = '>'; 01539 sprintf(p + 3, "%010u", remote_log_seq++); 01540 p[13] = '|'; 01541 } else { 01542 p -= 11; 01543 p[0] = '<'; 01544 p[1] = p[12]; 01545 p[2] = '>'; 01546 sprintf(p + 3, "%010u", remote_log_seq++); 01547 p[13] = '|'; 01548 } 01549 remote_log_level_unknown = 0; 01550 } 01551 emit_remote_log_char(*p); 01552 if (*p == '\n') 01553 remote_log_level_unknown = 1; 01554 } 01555 spin_unlock_irqrestore(&rsbac_log_remote_lock, flags); 01556 #ifdef CONFIG_RSBAC_LOG_REMOTE_SYNC 01557 wake_up_interruptible(&rsbaclogd_wait); 01558 #endif 01559 #endif 01560 01561 return printed_len; 01562 } 01563 01564 #if defined(CONFIG_RSBAC_PROC) && defined(CONFIG_PROC_FS) 01565 static int rmsg_open(struct inode * inode, struct file * file) 01566 { 01567 return rsbac_log(1,NULL,0); 01568 } 01569 01570 static int rmsg_release(struct inode * inode, struct file * file) 01571 { 01572 (void) rsbac_log(0,NULL,0); 01573 return 0; 01574 } 01575 01576 static ssize_t rmsg_read(struct file * file, char * buf, 01577 size_t count, loff_t *ppos) 01578 { 01579 return rsbac_log(2,buf,count); 01580 } 01581 01582 static unsigned int rmsg_poll(struct file *file, poll_table * wait) 01583 { 01584 poll_wait(file, &rlog_wait, wait); 01585 if (rsbac_log(9, 0, 0)) 01586 return POLLIN | POLLRDNORM; 01587 return 0; 01588 } 01589 01590 static struct file_operations proc_rmsg_operations = { 01591 .read = rmsg_read, 01592 .poll = rmsg_poll, /* rmsg_poll */ 01593 .open = rmsg_open, 01594 .release = rmsg_release 01595 }; 01596 01597 #endif /* PROC */ 01598 #endif /* RMSG */ 01599 01600 #if defined(CONFIG_RSBAC_PROC) && defined(CONFIG_PROC_FS) 01601 #ifndef PROC_BLOCK_SIZE 01602 #define PROC_BLOCK_SIZE (3*1024) /* 4K page size but our output routines use some slack for overruns */ 01603 #endif 01604 01605 static int 01606 log_levels_proc_info(char *buffer, char **start, off_t offset, int length) 01607 { 01608 int len = 0; 01609 int i,j; 01610 off_t pos = 0; 01611 off_t begin = 0; 01612 char * name; 01613 char * name2; 01614 01615 union rsbac_target_id_t rsbac_target_id; 01616 union rsbac_attribute_value_t rsbac_attribute_value; 01617 01618 if (!rsbac_is_initialized()) 01619 return (-ENOSYS); 01620 01621 #ifdef CONFIG_RSBAC_DEBUG 01622 if (rsbac_debug_aef) 01623 { 01624 #ifdef CONFIG_RSBAC_RMSG 01625 rsbac_printk(KERN_DEBUG "log_levels_proc_info(): calling ADF\n"); 01626 #endif 01627 #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG 01628 if (!rsbac_nosyslog) 01629 #endif 01630 printk(KERN_DEBUG "log_levels_proc_info(): calling ADF\n"); 01631 } 01632 #endif 01633 rsbac_target_id.scd = ST_rsbac; 01634 rsbac_attribute_value.dummy = 0; 01635 if (!rsbac_adf_request(R_GET_STATUS_DATA, 01636 current->pid, 01637 T_SCD, 01638 rsbac_target_id, 01639 A_none, 01640 rsbac_attribute_value)) 01641 { 01642 return -EPERM; 01643 } 01644 01645 name = rsbac_kmalloc(RSBAC_MAXNAMELEN); 01646 if(!name) 01647 return -ENOMEM; 01648 name2 = rsbac_kmalloc(RSBAC_MAXNAMELEN); 01649 if(!name2) 01650 { 01651 rsbac_kfree(name); 01652 return -ENOMEM; 01653 } 01654 01655 len += sprintf(buffer, "RSBAC Log Levels\n----------------\n"); 01656 len += sprintf(buffer+len, "Name\t\t\tFILE\tDIR\tFIFO\tSYMLINK\tDEV\tIPC\tSCD\tUSER\tPROCESS\tNETDEV\tNETTEMP\tNETOBJ\tNETT_NT\tNONE\n"); 01657 01658 for (i = 0; i<R_NONE; i++) 01659 { 01660 len += sprintf(buffer + len, "%-23s", 01661 get_request_name(name, i)); 01662 for(j = 0; j<=T_NONE; j++) 01663 { 01664 if(j != T_FD) 01665 len += sprintf(buffer + len, "\t%u", 01666 rsbac_log_levels[i][j]); 01667 } 01668 len += sprintf(buffer + len, "\n"); 01669 pos = begin + len; 01670 if (pos < offset) 01671 { 01672 len = 0; 01673 begin = pos; 01674 } 01675 if (pos > offset+length) 01676 break; 01677 } 01678 01679 *start = buffer + (offset - begin); 01680 len -= (offset - begin); 01681 01682 if (len > length) 01683 len = length; 01684 rsbac_kfree(name); 01685 rsbac_kfree(name2); 01686 01687 return len; 01688 } 01689 01690 static ssize_t log_levels_proc_write(struct file * file, const char * buf, 01691 u_long count, void *ppos) 01692 { 01693 ssize_t err = -EINVAL; 01694 char * k_buf; 01695 char * p; 01696 unsigned int log_level; 01697 char rname[RSBAC_MAXNAMELEN]; 01698 int i,j; 01699 01700 union rsbac_target_id_t rsbac_target_id; 01701 union rsbac_attribute_value_t rsbac_attribute_value; 01702 01703 if(count > PROC_BLOCK_SIZE) { 01704 return(-EOVERFLOW); 01705 } 01706 01707 if (!(k_buf = (char *) __get_free_page(GFP_KERNEL))) 01708 return(-ENOMEM); 01709 copy_from_user(k_buf, buf, count); 01710 01711 if(count < 15 || strncmp("log_levels", k_buf, 10)) 01712 { 01713 goto out; 01714 } 01715 if (!rsbac_is_initialized()) 01716 { 01717 err=-ENOSYS; 01718 goto out; 01719 } 01720 01721 /* 01722 * Usage: echo "log_levels request #N" > /proc/rsbac_info/log_levels 01723 * to set log level for request to given value 01724 */ 01725 for(i=0; i<R_NONE; i++) 01726 { 01727 get_request_name(rname,i); 01728 if(!strncmp(rname, k_buf + 11, strlen(rname))) 01729 { 01730 #ifdef CONFIG_RSBAC_DEBUG 01731 if (rsbac_debug_aef) 01732 { 01733 #ifdef CONFIG_RSBAC_RMSG 01734 rsbac_printk(KERN_DEBUG "log_levels_proc_write(): calling ADF\n"); 01735 #endif 01736 #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG 01737 if (!rsbac_nosyslog) 01738 #endif 01739 printk(KERN_DEBUG "log_levels_proc_write(): calling ADF\n"); 01740 } 01741 #endif 01742 rsbac_target_id.dummy = 0; 01743 rsbac_attribute_value.request = i; 01744 if (!rsbac_adf_request(R_SWITCH_LOG, 01745 current->pid, 01746 T_NONE, 01747 rsbac_target_id, 01748 A_request, 01749 rsbac_attribute_value)) 01750 { 01751 err = -EPERM; 01752 goto out; 01753 } 01754 p = k_buf + 11 + strlen(rname)+1; 01755 01756 if( *p == '\0' ) 01757 goto out; 01758 01759 log_level = simple_strtoul(p, NULL, 0); 01760 /* only accept 0 or 1 */ 01761 if( (log_level == LL_none) 01762 || (log_level == LL_denied) 01763 || (log_level == LL_full) 01764 ) 01765 { 01766 #ifdef CONFIG_RSBAC_RMSG 01767 rsbac_printk(KERN_INFO 01768 "log_levels_proc_write(): setting %s log level for all target types to %u\n", 01769 rname, log_level); 01770 #endif 01771 #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG 01772 if (!rsbac_nosyslog) 01773 #endif 01774 printk(KERN_INFO 01775 "log_levels_proc_write(): setting %s log level for all target types to %u\n", 01776 rname, log_level); 01777 for(j = 0; j<=T_NONE; j++) 01778 { 01779 rsbac_log_levels[i][j] = log_level; 01780 } 01781 err = count; 01782 goto out; 01783 } 01784 else 01785 { 01786 #ifdef CONFIG_RSBAC_RMSG 01787 rsbac_printk(KERN_INFO 01788 "log_levels_proc_write(): rejecting invalid log level (should be %u, %u or %u)\n", 01789 LL_none, LL_denied, LL_full); 01790 #endif 01791 #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG 01792 if (!rsbac_nosyslog) 01793 #endif 01794 printk(KERN_INFO 01795 "log_levels_proc_write(): rejecting invalid log level (should be %u, %u or %u)\n", 01796 LL_none, LL_denied, LL_full); 01797 goto out; 01798 } 01799 } 01800 } 01801 01802 out: 01803 free_page((ulong) k_buf); 01804 return(err); 01805 } 01806 01807 01808 static int 01809 debug_proc_info(char *buffer, char **start, off_t offset, int length) 01810 { 01811 int len = 0; 01812 off_t pos = 0; 01813 off_t begin = 0; 01814 01815 union rsbac_target_id_t rsbac_target_id; 01816 union rsbac_attribute_value_t rsbac_attribute_value; 01817 01818 if (!rsbac_is_initialized()) 01819 return (-ENOSYS); 01820 01821 #ifdef CONFIG_RSBAC_DEBUG 01822 if (rsbac_debug_aef) 01823 { 01824 #ifdef CONFIG_RSBAC_RMSG 01825 rsbac_printk(KERN_DEBUG "debug_proc_info(): calling ADF\n"); 01826 #endif 01827 #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG 01828 if (!rsbac_nosyslog) 01829 #endif 01830 printk(KERN_DEBUG "debug_proc_info(): calling ADF\n"); 01831 } 01832 #endif 01833 rsbac_target_id.scd = ST_rsbac; 01834 rsbac_attribute_value.dummy = 0; 01835 if (!rsbac_adf_request(R_GET_STATUS_DATA, 01836 current->pid, 01837 T_SCD, 01838 rsbac_target_id, 01839 A_none, 01840 rsbac_attribute_value)) 01841 { 01842 return -EPERM; 01843 } 01844 len += sprintf(buffer, "RSBAC Debug Settings\n--------------------\n"); 01845 01846 #ifdef CONFIG_RSBAC_SOFTMODE 01847 len += sprintf(buffer + len, "rsbac_softmode is %i\n", 01848 rsbac_softmode); 01849 pos = begin + len; 01850 if (pos < offset) 01851 { 01852 len = 0; 01853 begin = pos; 01854 } 01855 if (pos > offset+length) 01856 goto out; 01857 #ifdef CONFIG_RSBAC_SOFTMODE_IND 01858 #ifdef CONFIG_RSBAC_MAC 01859 len += sprintf(buffer + len, "rsbac_ind_softmode[MAC] is %i\n", 01860 rsbac_ind_softmode[MAC]); 01861 #endif 01862 #ifdef CONFIG_RSBAC_FC 01863 len += sprintf(buffer + len, "rsbac_ind_softmode[FC] is %i\n", 01864 rsbac_ind_softmode[FC]); 01865 #endif 01866 #ifdef CONFIG_RSBAC_SIM 01867 len += sprintf(buffer + len, "rsbac_ind_softmode[SIM] is %i\n", 01868 rsbac_ind_softmode[SIM]); 01869 #endif 01870 #ifdef CONFIG_RSBAC_PM 01871 len += sprintf(buffer + len, "rsbac_ind_softmode[PM] is %i\n", 01872 rsbac_ind_softmode[PM]); 01873 #endif 01874 #ifdef CONFIG_RSBAC_DAZ 01875 len += sprintf(buffer + len, "rsbac_ind_softmode[DAZ] is %i\n", 01876 rsbac_ind_softmode[DAZ]); 01877 #endif 01878 #ifdef CONFIG_RSBAC_FF 01879 len += sprintf(buffer + len, "rsbac_ind_softmode[FF] is %i\n", 01880 rsbac_ind_softmode[FF]); 01881 #endif 01882 #ifdef CONFIG_RSBAC_RC 01883 len += sprintf(buffer + len, "rsbac_ind_softmode[RC] is %i\n", 01884 rsbac_ind_softmode[RC]); 01885 #endif 01886 #ifdef CONFIG_RSBAC_AUTH 01887 len += sprintf(buffer + len, "rsbac_ind_softmode[AUTH] is %i\n", 01888 rsbac_ind_softmode[AUTH]); 01889 #endif 01890 #ifdef CONFIG_RSBAC_REG 01891 len += sprintf(buffer + len, "rsbac_ind_softmode[REG] is %i\n", 01892 rsbac_ind_softmode[REG]); 01893 #endif 01894 #ifdef CONFIG_RSBAC_ACL 01895 len += sprintf(buffer + len, "rsbac_ind_softmode[ACL] is %i\n", 01896 rsbac_ind_softmode[ACL]); 01897 #endif 01898 #ifdef CONFIG_RSBAC_CAP 01899 len += sprintf(buffer + len, "rsbac_ind_softmode[CAP] is %i\n", 01900 rsbac_ind_softmode[CAP]); 01901 #endif 01902 #ifdef CONFIG_RSBAC_JAIL 01903 len += sprintf(buffer + len, "rsbac_ind_softmode[JAIL] is %i\n", 01904 rsbac_ind_softmode[JAIL]); 01905 #endif 01906 #ifdef CONFIG_RSBAC_RES 01907 len += sprintf(buffer + len, "rsbac_ind_softmode[RES] is %i\n", 01908 rsbac_ind_softmode[RES]); 01909 #endif 01910 pos = begin + len; 01911 if (pos < offset) 01912 { 01913 len = 0; 01914 begin = pos; 01915 } 01916 if (pos > offset+length) 01917 goto out; 01918 01919 #endif 01920 #endif 01921 #ifdef CONFIG_RSBAC_CAP_PROC_HIDE 01922 len += sprintf(buffer + len, "rsbac_cap_process_hiding is %i\n", 01923 rsbac_cap_process_hiding); 01924 pos = begin + len; 01925 if (pos < offset) 01926 { 01927 len = 0; 01928 begin = pos; 01929 } 01930 if (pos > offset+length) 01931 goto out; 01932 #endif 01933 01934 #ifdef CONFIG_RSBAC_ALLOW_DAC_DISABLE_FULL 01935 len += sprintf(buffer + len, "rsbac_dac_disable is %i\n", 01936 rsbac_dac_disable); 01937 pos = begin + len; 01938 if (pos < offset) 01939 { 01940 len = 0; 01941 begin = pos; 01942 } 01943 if (pos > offset+length) 01944 goto out; 01945 #endif 01946 01947 #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG 01948 len += sprintf(buffer + len, "rsbac_nosyslog is %i\n", 01949 rsbac_nosyslog); 01950 pos = begin + len; 01951 if (pos < offset) 01952 { 01953 len = 0; 01954 begin = pos; 01955 } 01956 if (pos > offset+length) 01957 goto out; 01958 #endif 01959 01960 #ifdef CONFIG_RSBAC_INIT_DELAY 01961 len += sprintf(buffer + len, "rsbac_no_delay_init is %i\n", 01962 rsbac_no_delay_init); 01963 pos = begin + len; 01964 if (pos < offset) 01965 { 01966 len = 0; 01967 begin = pos; 01968 } 01969 if (pos > offset+length) 01970 goto out; 01971 len += sprintf(buffer + len, "rsbac_delayed_root is %02u:%02u\n", 01972 RSBAC_MAJOR(rsbac_delayed_root), RSBAC_MINOR(rsbac_delayed_root)); 01973 pos = begin + len; 01974 if (pos < offset) 01975 { 01976 len = 0; 01977 begin = pos; 01978 } 01979 if (pos > offset+length) 01980 goto out; 01981 #endif 01982 01983 #if defined(CONFIG_RSBAC_AUTH) 01984 len += sprintf(buffer + len, "rsbac_auth_enable_login is %i\n", 01985 rsbac_auth_enable_login); 01986 pos = begin + len; 01987 if (pos < offset) 01988 { 01989 len = 0; 01990 begin = pos; 01991 } 01992 if (pos > offset+length) 01993 goto out; 01994 01995 #if defined(CONFIG_RSBAC_AUTH_LEARN) 01996 len += sprintf(buffer + len, "rsbac_auth_learn is %i\n", 01997 rsbac_auth_learn); 01998 pos = begin + len; 01999 if (pos < offset) 02000 { 02001 len = 0; 02002 begin = pos; 02003 } 02004 if (pos > offset+length) 02005 goto out; 02006 #endif 02007 #endif 02008 02009 #if defined(CONFIG_RSBAC_ACL_LEARN) 02010 len += sprintf(buffer + len, "rsbac_acl_learn_fd is %i\n", 02011 rsbac_acl_learn_fd); 02012 pos = begin + len; 02013 if (pos < offset) 02014 { 02015 len = 0; 02016 begin = pos; 02017 } 02018 if (pos > offset+length) 02019 goto out; 02020 #endif 02021 02022 len += sprintf(buffer + len, "rsbac_no_defaults is %i\n", 02023 rsbac_no_defaults); 02024 pos = begin + len; 02025 if (pos < offset) 02026 { 02027 len = 0; 02028 begin = pos; 02029 } 02030 if (pos > offset+length) 02031 goto out; 02032 02033 #ifdef CONFIG_RSBAC_DEBUG 02034 len += sprintf(buffer + len, "rsbac_debug_write is %i\n", 02035 rsbac_debug_write); 02036 pos = begin + len; 02037 if (pos < offset) 02038 { 02039 len = 0; 02040 begin = pos; 02041 } 02042 if (pos > offset+length) 02043 goto out; 02044 02045 len += sprintf(buffer + len, "rsbac_debug_stack is %i\n", 02046 rsbac_debug_stack); 02047 pos = begin + len; 02048 if (pos < offset) 02049 { 02050 len = 0; 02051 begin = pos; 02052 } 02053 if (pos > offset+length) 02054 goto out; 02055 02056 len += sprintf(buffer + len, "rsbac_debug_lists is %i\n", 02057 rsbac_debug_lists); 02058 pos = begin + len; 02059 if (pos < offset) 02060 { 02061 len = 0; 02062 begin = pos; 02063 } 02064 if (pos > offset+length) 02065 goto out; 02066 02067 len += sprintf(buffer + len, "rsbac_debug_ds is %i\n", 02068 rsbac_debug_ds); 02069 pos = begin + len; 02070 if (pos < offset) 02071 { 02072 len = 0; 02073 begin = pos; 02074 } 02075 if (pos > offset+length) 02076 goto out; 02077 02078 len += sprintf(buffer + len, "rsbac_debug_aef is %i\n", 02079 rsbac_debug_aef); 02080 pos = begin + len; 02081 if (pos < offset) 02082 { 02083 len = 0; 02084 begin = pos; 02085 } 02086 if (pos > offset+length) 02087 goto out; 02088 02089 len += sprintf(buffer + len, "rsbac_debug_no_write is %i\n", 02090 rsbac_debug_no_write); 02091 pos = begin + len; 02092 if (pos < offset) 02093 { 02094 len = 0; 02095 begin = pos; 02096 } 02097 if (pos > offset+length) 02098 goto out; 02099 02100 #if defined(CONFIG_RSBAC_REG) || defined(CONFIG_RSBAC_REG_MAINT) 02101 /* Boolean debug switch for REG */ 02102 len += sprintf(buffer + len, "rsbac_debug_reg is %i\n", 02103 rsbac_debug_reg); 02104 pos = begin + len; 02105 if (pos < offset) 02106 { 02107 len = 0; 02108 begin = pos; 02109 } 02110 if (pos > offset+length) 02111 goto out; 02112 #endif 02113 02114 #if defined(CONFIG_RSBAC_NET) 02115 /* Boolean debug switch for NET data structures */ 02116 len += sprintf(buffer + len, "rsbac_debug_ds_net is %i\n", 02117 rsbac_debug_ds_net); 02118 pos = begin + len; 02119 if (pos < offset) 02120 { 02121 len = 0; 02122 begin = pos; 02123 } 02124 if (pos > offset+length) 02125 goto out; 02126 02127 /* Boolean debug switch for NET syscalls / AEF */ 02128 len += sprintf(buffer + len, "rsbac_debug_aef_net is %i\n", 02129 rsbac_debug_aef_net); 02130 pos = begin + len; 02131 if (pos < offset) 02132 { 02133 len = 0; 02134 begin = pos; 02135 } 02136 if (pos > offset+length) 02137 goto out; 02138 02139 /* Boolean debug switch for NET decisions / ADF */ 02140 len += sprintf(buffer + len, "rsbac_debug_adf_net is %i\n", 02141 rsbac_debug_adf_net); 02142 pos = begin + len; 02143 if (pos < offset) 02144 { 02145 len = 0; 02146 begin = pos; 02147 } 02148 if (pos > offset+length) 02149 goto out; 02150 #endif 02151 02152 #if defined(CONFIG_RSBAC_MAC) 02153 /* Boolean debug switch for MAC data structures */ 02154 len += sprintf(buffer + len, "rsbac_debug_ds_mac is %i\n", 02155 rsbac_debug_ds_mac); 02156 pos = begin + len; 02157 if (pos < offset) 02158 { 02159 len = 0; 02160 begin = pos; 02161 } 02162 if (pos > offset+length) 02163 goto out; 02164 02165 /* Boolean debug switch for MAC syscalls / AEF */ 02166 len += sprintf(buffer + len, "rsbac_debug_aef_mac is %i\n", 02167 rsbac_debug_aef_mac); 02168 pos = begin + len; 02169 if (pos < offset) 02170 { 02171 len = 0; 02172 begin = pos; 02173 } 02174 if (pos > offset+length) 02175 goto out; 02176 02177 /* Boolean debug switch for MAC decisions / ADF */ 02178 len += sprintf(buffer + len, "rsbac_debug_adf_mac is %i\n", 02179 rsbac_debug_adf_mac); 02180 pos = begin + len; 02181 if (pos < offset) 02182 { 02183 len = 0; 02184 begin = pos; 02185 } 02186 if (pos > offset+length) 02187 goto out; 02188 #endif 02189 02190 #if defined(CONFIG_RSBAC_PM) || defined(CONFIG_RSBAC_PM_MAINT) 02191 /* Boolean debug switch for PM data structures */ 02192 len += sprintf(buffer + len, "rsbac_debug_ds_pm is %i\n", 02193 rsbac_debug_ds_pm); 02194 pos = begin + len; 02195 if (pos < offset) 02196 { 02197 len = 0; 02198 begin = pos; 02199 } 02200 if (pos > offset+length) 02201 goto out; 02202 02203 /* Boolean debug switch for PM syscalls / AEF */ 02204 len += sprintf(buffer + len, "rsbac_debug_aef_pm is %i\n", 02205 rsbac_debug_aef_pm); 02206 pos = begin + len; 02207 if (pos < offset) 02208 { 02209 len = 0; 02210 begin = pos; 02211 } 02212 if (pos > offset+length) 02213 goto out; 02214 02215 /* Boolean debug switch for PM decisions / ADF */ 02216 len += sprintf(buffer + len, "rsbac_debug_adf_pm is %i\n", 02217 rsbac_debug_adf_pm); 02218 pos = begin + len; 02219 if (pos < offset) 02220 { 02221 len = 0; 02222 begin = pos; 02223 } 02224 if (pos > offset+length) 02225 goto out; 02226 #endif 02227 02228 #if defined(CONFIG_RSBAC_DAZ) 02229 /* Boolean debug switch for DAZ decisions / ADF */ 02230 len += sprintf(buffer + len, "rsbac_debug_adf_daz is %i\n", 02231 rsbac_debug_adf_daz); 02232 pos = begin + len; 02233 if (pos < offset) 02234 { 02235 len = 0; 02236 begin = pos; 02237 } 02238 if (pos > offset+length) 02239 goto out; 02240 #endif 02241 02242 #if defined(CONFIG_RSBAC_RC) || defined(CONFIG_RSBAC_RC_MAINT) 02243 /* Boolean debug switch for RC data structures */ 02244 len += sprintf(buffer + len, "rsbac_debug_ds_rc is %i\n", 02245 rsbac_debug_ds_rc); 02246 pos = begin + len; 02247 if (pos < offset) 02248 { 02249 len = 0; 02250 begin = pos; 02251 } 02252 if (pos > offset+length) 02253 goto out; 02254 02255 /* Boolean debug switch for RC syscalls / AEF */ 02256 len += sprintf(buffer + len, "rsbac_debug_aef_rc is %i\n", 02257 rsbac_debug_aef_rc); 02258 pos = begin + len; 02259 if (pos < offset) 02260 { 02261 len = 0; 02262 begin = pos; 02263 } 02264 if (pos > offset+length) 02265 goto out; 02266 02267 /* Boolean debug switch for RC decisions / ADF */ 02268 len += sprintf(buffer + len, "rsbac_debug_adf_rc is %i\n", 02269 rsbac_debug_adf_rc); 02270 pos = begin + len; 02271 if (pos < offset) 02272 { 02273 len = 0; 02274 begin = pos; 02275 } 02276 if (pos > offset+length) 02277 goto out; 02278 #endif 02279 02280 #if defined(CONFIG_RSBAC_AUTH) 02281 /* Boolean debug switch for AUTH data structures */ 02282 len += sprintf(buffer + len, "rsbac_debug_ds_auth is %i\n", 02283 rsbac_debug_ds_auth); 02284 pos = begin + len; 02285 if (pos < offset) 02286 { 02287 len = 0; 02288 begin = pos; 02289 } 02290 if (pos > offset+length) 02291 goto out; 02292 02293 /* Boolean debug switch for AUTH syscalls / AEF */ 02294 len += sprintf(buffer + len, "rsbac_debug_aef_auth is %i\n", 02295 rsbac_debug_aef_auth); 02296 pos = begin + len; 02297 if (pos < offset) 02298 { 02299 len = 0; 02300 begin = pos; 02301 } 02302 if (pos > offset+length) 02303 goto out; 02304 02305 /* Boolean debug switch for AUTH decisions / ADF */ 02306 len += sprintf(buffer + len, "rsbac_debug_adf_auth is %i\n", 02307 rsbac_debug_adf_auth); 02308 pos = begin + len; 02309 if (pos < offset) 02310 { 02311 len = 0; 02312 begin = pos; 02313 } 02314 if (pos > offset+length) 02315 goto out; 02316 #endif 02317 02318 #if defined(CONFIG_RSBAC_ACL) 02319 /* Boolean debug switch for ACL data structures */ 02320 len += sprintf(buffer + len, "rsbac_debug_ds_acl is %i\n", 02321 rsbac_debug_ds_acl); 02322 pos = begin + len; 02323 if (pos < offset) 02324 { 02325 len = 0; 02326 begin = pos; 02327 } 02328 if (pos > offset+length) 02329 goto out; 02330 02331 /* Boolean debug switch for ACL syscalls / AEF */ 02332 len += sprintf(buffer + len, "rsbac_debug_aef_acl is %i\n", 02333 rsbac_debug_aef_acl); 02334 pos = begin + len; 02335 if (pos < offset) 02336 { 02337 len = 0; 02338 begin = pos; 02339 } 02340 if (pos > offset+length) 02341 goto out; 02342 02343 /* Boolean debug switch for ACL decisions / ADF */ 02344 len += sprintf(buffer + len, "rsbac_debug_adf_acl is %i\n", 02345 rsbac_debug_adf_acl); 02346 pos = begin + len; 02347 if (pos < offset) 02348 { 02349 len = 0; 02350 begin = pos; 02351 } 02352 if (pos > offset+length) 02353 goto out; 02354 #endif 02355 02356 #if defined(CONFIG_RSBAC_JAIL) 02357 /* Boolean debug switch for JAIL syscalls / AEF */ 02358 len += sprintf(buffer + len, "rsbac_debug_aef_jail is %i\n", 02359 rsbac_debug_aef_jail); 02360 pos = begin + len; 02361 if (pos < offset) 02362 { 02363 len = 0; 02364 begin = pos; 02365 } 02366 if (pos > offset+length) 02367 goto out; 02368 02369 /* Boolean debug switch for JAIL decisions / ADF */ 02370 len += sprintf(buffer + len, "rsbac_debug_adf_jail is %i\n", 02371 rsbac_debug_adf_jail); 02372 pos = begin + len; 02373 if (pos < offset) 02374 { 02375 len = 0; 02376 begin = pos; 02377 } 02378 if (pos > offset+length) 02379 goto out; 02380 #endif 02381 02382 #if defined(CONFIG_RSBAC_PAX) 02383 /* Boolean debug switch for PAX decisions / ADF */ 02384 len += sprintf(buffer + len, "rsbac_debug_adf_pax is %i\n", 02385 rsbac_debug_adf_pax); 02386 pos = begin + len; 02387 if (pos < offset) 02388 { 02389 len = 0; 02390 begin = pos; 02391 } 02392 if (pos > offset+length) 02393 goto out; 02394 #endif 02395 02396 #if defined(CONFIG_RSBAC_AUTO_WRITE) && (CONFIG_RSBAC_AUTO_WRITE > 0) 02397 len += sprintf(buffer + len, "rsbac_debug_auto is %i\n", 02398 rsbac_debug_auto); 02399 pos = begin + len; 02400 if (pos < offset) 02401 { 02402 len = 0; 02403 begin = pos; 02404 } 02405 if (pos > offset+length) 02406 goto out; 02407 #endif /* CONFIG_RSBAC_AUTO_WRITE > 0 */ 02408 #endif /* DEBUG */ 02409 02410 out: 02411 *start = buffer + (offset - begin); 02412 len -= (offset - begin); 02413 02414 if (len > length) 02415 len = length; 02416 return len; 02417 } 02418 02419 static ssize_t debug_proc_write(struct file * file, const char * buf, 02420 u_long count, void *ppos) 02421 { 02422 ssize_t err = -EINVAL; 02423 char * k_buf; 02424 char * p; 02425 unsigned int debug_level; 02426 #ifdef CONFIG_RSBAC_SOFTMODE_IND 02427 enum rsbac_switch_target_t sw_target; 02428 #endif 02429 02430 union rsbac_target_id_t rsbac_target_id; 02431 union rsbac_attribute_value_t rsbac_attribute_value; 02432 02433 if(count > PROC_BLOCK_SIZE) { 02434 return(-EOVERFLOW); 02435 } 02436 02437 if (!(k_buf = (char *) __get_free_page(GFP_KERNEL))) 02438 return(-ENOMEM); 02439 copy_from_user(k_buf, buf, count); 02440 02441 if(count < 10) 02442 goto out; 02443 if(!strncmp("debug", k_buf, 5)) 02444 { 02445 p = k_buf + 6; 02446 } 02447 else 02448 if(!strncmp("rsbac_debug", k_buf, 11)) 02449 { 02450 p = k_buf + 12; 02451 } 02452 else 02453 goto out; 02454 02455 if (!rsbac_is_initialized()) 02456 { 02457 err=-ENOSYS; 02458 goto out; 02459 } 02460 02461 02462 #ifdef CONFIG_RSBAC_SOFTMODE 02463 #ifdef CONFIG_RSBAC_SOFTMODE_IND 02464 /* Boolean switch for RSBAC individual soft mode */ 02465 /* 02466 * Usage: echo "debug ind_softmode modname #N" > /proc/rsbac_info/debug 02467 * to set rsbac_ind_softmode[module] to given value 02468 */ 02469 if(!strncmp("ind_softmode", k_buf + 6, 12)) 02470 { 02471 char tmp[20]; 02472 02473 p += 13; 02474 02475 if( *p == '\0' ) 02476 goto out; 02477 02478 sw_target = get_switch_target_nr(p); 02479 if(sw_target == SW_NONE) 02480 goto out; 02481 get_switch_target_name(tmp, sw_target); 02482 p += strlen(tmp)+1; 02483 if( *p == '\0' ) 02484 goto out; 02485 debug_level = simple_strtoul(p, NULL, 0); 02486 /* only accept 0 or 1 */ 02487 if(!debug_level || (debug_level == 1)) 02488 { 02489 #if defined(CONFIG_RSBAC_DEBUG) 02490 if (rsbac_debug_aef) 02491 { 02492 #ifdef CONFIG_RSBAC_RMSG 02493 rsbac_printk(KERN_DEBUG "debug_proc_write(): calling ADF for switching\n"); 02494 #endif 02495 #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG 02496 if (!rsbac_nosyslog) 02497 #endif 02498 printk(KERN_DEBUG "debug_proc_write(): calling ADF for switching\n"); 02499 } 02500 #endif 02501 rsbac_target_id.dummy = 0; 02502 rsbac_attribute_value.switch_target = sw_target; 02503 if (!rsbac_adf_request(R_SWITCH_MODULE, 02504 current->pid, 02505 T_NONE, 02506 rsbac_target_id, 02507 A_switch_target, 02508 rsbac_attribute_value)) 02509 { 02510 err = -EPERM; 02511 goto out; 02512 } 02513 #ifdef CONFIG_RSBAC_RMSG 02514 rsbac_printk(KERN_INFO 02515 "debug_proc_write(): setting rsbac_ind_softmode[%s] to %u\n", 02516 tmp, 02517 debug_level); 02518 #endif 02519 #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG 02520 if (!rsbac_nosyslog) 02521 #endif 02522 printk(KERN_INFO 02523 "debug_proc_write(): setting rsbac_ind_softmode[%s] to %u\n", 02524 tmp, 02525 debug_level); 02526 rsbac_ind_softmode[sw_target] = debug_level; 02527 err = count; 02528 goto out; 02529 } 02530 else 02531 { 02532 #ifdef CONFIG_RSBAC_RMSG 02533 rsbac_printk(KERN_INFO 02534 "debug_proc_write(): rejecting invalid ind_softmode value (should be 0 or 1)\n"); 02535 #endif 02536 #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG 02537 if (!rsbac_nosyslog) 02538 #endif 02539 printk(KERN_INFO 02540 "debug_proc_write(): rejecting invalid ind_softmode value (should be 0 or 1)\n"); 02541 goto out; 02542 } 02543 } 02544 #endif 02545 02546 /* Boolean switch for RSBAC soft mode */ 02547 /* 02548 * Usage: echo "debug softmode #N" > /proc/rsbac_info/debug 02549 * to set rsbac_softmode to given value 02550 */ 02551 if(!strncmp("softmode", k_buf + 6, 8)) 02552 { 02553 p += 9; 02554 02555 if( *p == '\0' ) 02556 goto out; 02557 02558 debug_level = simple_strtoul(p, NULL, 0); 02559 /* only accept 0 or 1 */ 02560 if(!debug_level || (debug_level == 1)) 02561 { 02562 #if defined(CONFIG_RSBAC_DEBUG) 02563 if (rsbac_debug_aef) 02564 { 02565 #ifdef CONFIG_RSBAC_RMSG 02566 rsbac_printk(KERN_DEBUG "debug_proc_write(): calling ADF for softmode\n"); 02567 #endif 02568 #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG 02569 if (!rsbac_nosyslog) 02570 #endif 02571 printk(KERN_DEBUG "debug_proc_write(): calling ADF for softmode\n"); 02572 } 02573 #endif 02574 rsbac_target_id.dummy = 0; 02575 rsbac_attribute_value.switch_target = SOFTMODE; 02576 if (!rsbac_adf_request(R_SWITCH_MODULE, 02577 current->pid, 02578 T_NONE, 02579 rsbac_target_id, 02580 A_switch_target, 02581 rsbac_attribute_value)) 02582 { 02583 err = -EPERM; 02584 goto out; 02585 } 02586 #ifdef CONFIG_RSBAC_RMSG 02587 rsbac_printk(KERN_INFO 02588 "debug_proc_write(): setting rsbac_softmode to %u\n", 02589 debug_level); 02590 #endif 02591 #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG 02592 if (!rsbac_nosyslog) 02593 #endif 02594 printk(KERN_INFO 02595 "debug_proc_write(): setting rsbac_softmode to %u\n", 02596 debug_level); 02597 rsbac_softmode = debug_level; 02598 err = count; 02599 goto out; 02600 } 02601 else 02602 { 02603 #ifdef CONFIG_RSBAC_RMSG 02604 rsbac_printk(KERN_INFO 02605 "debug_proc_write(): rejecting invalid softmode value (should be 0 or 1)\n"); 02606 #endif 02607 #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG 02608 if (!rsbac_nosyslog) 02609 #endif 02610 printk(KERN_INFO 02611 "debug_proc_write(): rejecting invalid softmode value (should be 0 or 1)\n"); 02612 goto out; 02613 } 02614 } 02615 #endif 02616 02617 #ifdef CONFIG_RSBAC_ALLOW_DAC_DISABLE_FULL 02618 /* Boolean switch for disabling Linux DAC */ 02619 /* 02620 * Usage: echo "debug dac_disable #N" > /proc/rsbac_info/debug 02621 * to set rsbac_softmode to given value 02622 */ 02623 if(!strncmp("dac_disable", k_buf + 6, 11)) 02624 { 02625 p += 12; 02626 02627 if( *p == '\0' ) 02628 goto out; 02629 02630 debug_level = simple_strtoul(p, NULL, 0); 02631 /* only accept 0 or 1 */ 02632 if(!debug_level || (debug_level == 1)) 02633 { 02634 #if defined(CONFIG_RSBAC_DEBUG) 02635 if (rsbac_debug_aef) 02636 { 02637 #ifdef CONFIG_RSBAC_RMSG 02638 rsbac_printk(KERN_DEBUG "debug_proc_write(): calling ADF for dac_disable\n"); 02639 #endif 02640 #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG 02641 if (!rsbac_nosyslog) 02642 #endif 02643 printk(KERN_DEBUG "debug_proc_write(): calling ADF for dac_disable\n"); 02644 } 02645 #endif 02646 rsbac_target_id.dummy = 0; 02647 rsbac_attribute_value.dummy = 0; 02648 if (!rsbac_adf_request(R_MODIFY_PERMISSIONS_DATA, 02649 current->pid, 02650 T_NONE, 02651 rsbac_target_id, 02652 A_none, 02653 rsbac_attribute_value)) 02654 { 02655 err = -EPERM; 02656 goto out; 02657 } 02658 #ifdef CONFIG_RSBAC_RMSG 02659 rsbac_printk(KERN_INFO 02660 "debug_proc_write(): setting rsbac_dac_disable to %u\n", 02661 debug_level); 02662 #endif 02663 #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG 02664 if (!rsbac_nosyslog) 02665 #endif 02666 printk(KERN_INFO 02667 "debug_proc_write(): setting rsbac_dac_disable to %u\n", 02668 debug_level); 02669 rsbac_dac_disable = debug_level; 02670 err = count; 02671 goto out; 02672 } 02673 else 02674 { 02675 #ifdef CONFIG_RSBAC_RMSG 02676 rsbac_printk(KERN_INFO 02677 "debug_proc_write(): rejecting invalid dac_disabled value (should be 0 or 1)\n"); 02678 #endif 02679 #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG 02680 if (!rsbac_nosyslog) 02681 #endif 02682 printk(KERN_INFO 02683 "debug_proc_write(): rejecting invalid dac_disabled value (should be 0 or 1)\n"); 02684 goto out; 02685 } 02686 } 02687 #endif 02688 02689 #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG 02690 /* Boolean switch for disabling logging to syslog */ 02691 /* 02692 * Usage: echo "debug nosyslog #N" > /proc/rsbac_info/debug 02693 * to set rsbac_nosyslog to given value 02694 */ 02695 if(!strncmp("nosyslog", k_buf + 6, 8)) 02696 { 02697 p += 9; 02698 02699 if( *p == '\0' ) 02700 goto out; 02701 02702 debug_level = simple_strtoul(p, NULL, 0); 02703 /* only accept 0 or 1 */ 02704 if(!debug_level || (debug_level == 1)) 02705 { 02706 #if defined(CONFIG_RSBAC_DEBUG) 02707 if (rsbac_debug_aef) 02708 { 02709 #ifdef CONFIG_RSBAC_RMSG 02710 rsbac_printk(KERN_DEBUG "debug_proc_write(): calling ADF for nosyslog\n"); 02711 #endif 02712 #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG 02713 if (!rsbac_nosyslog) 02714 #endif 02715 printk(KERN_DEBUG "debug_proc_write(): calling ADF for nosyslog\n"); 02716 } 02717 #endif 02718 rsbac_target_id.dummy = 0; 02719 rsbac_attribute_value.dummy = 0; 02720 if (!rsbac_adf_request(R_SWITCH_LOG, 02721 current->pid, 02722 T_NONE, 02723 rsbac_target_id, 02724 A_none, 02725 rsbac_attribute_value)) 02726 { 02727 err = -EPERM; 02728 goto out; 02729 } 02730 #ifdef CONFIG_RSBAC_RMSG 02731 rsbac_printk(KERN_INFO 02732 "debug_proc_write(): setting rsbac_nosyslog to %u\n", 02733 debug_level); 02734 #endif 02735 #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG 02736 if (!rsbac_nosyslog) 02737 #endif 02738 printk(KERN_INFO 02739 "debug_proc_write(): setting rsbac_nosyslog to %u\n", 02740 debug_level); 02741 rsbac_nosyslog = debug_level; 02742 err = count; 02743 goto out; 02744 } 02745 else 02746 { 02747 #ifdef CONFIG_RSBAC_RMSG 02748 rsbac_printk(KERN_INFO 02749 "debug_proc_write(): rejecting invalid nosyslog value (should be 0 or 1)\n"); 02750 #endif 02751 #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG 02752 if (!rsbac_nosyslog) 02753 #endif 02754 printk(KERN_INFO 02755 "debug_proc_write(): rejecting invalid nosyslog value (should be 0 or 1)\n"); 02756 goto out; 02757 } 02758 } 02759 #endif 02760 02761 #if defined(CONFIG_RSBAC_AUTH_LEARN) 02762 /* Boolean switch for AUTH learning mode */ 02763 /* 02764 * Usage: echo "debug auth_learn #N" > /proc/rsbac_info/debug 02765 * to set rsbac_auth_learn to given value 02766 */ 02767 if(!strncmp("auth_learn", k_buf + 6, 10)) 02768 { 02769 p += 11; 02770 02771 if( *p == '\0' ) 02772 goto out; 02773 02774 debug_level = simple_strtoul(p, NULL, 0); 02775 /* only accept 0 or 1 */ 02776 if(!debug_level || (debug_level == 1)) 02777 { 02778 rsbac_target_id.dummy = 0; 02779 rsbac_attribute_value.auth_learn = debug_level; 02780 if (!rsbac_adf_request(R_MODIFY_ATTRIBUTE, 02781 current->pid, 02782 T_NONE, 02783 rsbac_target_id, 02784 A_auth_learn, 02785 rsbac_attribute_value)) 02786 { 02787 err = -EPERM; 02788 goto out; 02789 } 02790 #ifdef CONFIG_RSBAC_RMSG 02791 rsbac_printk(KERN_INFO 02792 "debug_proc_write(): setting rsbac_auth_learn to %u\n", 02793 debug_level); 02794 #endif 02795 #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG 02796 if (!rsbac_nosyslog) 02797 #endif 02798 printk(KERN_INFO 02799 "debug_proc_write(): setting rsbac_auth_learn to %u\n", 02800 debug_level); 02801 rsbac_auth_learn = debug_level; 02802 err = count; 02803 goto out; 02804 } 02805 else 02806 { 02807 goto out_inv; 02808 } 02809 } 02810 #endif 02811 02812 #if defined(CONFIG_RSBAC_ACL_LEARN) 02813 /* Boolean switch for ACL FD learning mode */ 02814 /* 02815 * Usage: echo "debug acl_learn_fd #N" > /proc/rsbac_info/debug 02816 * to set rsbac_acl_learn_fd to given value 02817 */ 02818 if(!strncmp("acl_learn_fd", k_buf + 6, 12)) 02819 { 02820 p += 13; 02821 02822 if( *p == '\0' ) 02823 goto out; 02824 02825 debug_level = simple_strtoul(p, NULL, 0); 02826 /* only accept 0 or 1 */ 02827 if(!debug_level || (debug_level == 1)) 02828 { 02829 /* use default acls */ 02830 rsbac_target_id.file.device = RSBAC_ZERO_DEV; 02831 rsbac_target_id.file.inode = 0; 02832 rsbac_target_id.file.dentry_p = NULL; 02833 02834 if (!rsbac_adf_request(R_MODIFY_ATTRIBUTE, 02835 current->pid, 02836 T_FILE, 02837 rsbac_target_id, 02838 A_acl_learn, 02839 rsbac_attribute_value)) 02840 { 02841 err = -EPERM; 02842 goto out; 02843 } 02844 #ifdef CONFIG_RSBAC_RMSG 02845 rsbac_printk(KERN_INFO 02846 "debug_proc_write(): setting rsbac_acl_learn_fd to %u\n", 02847 debug_level); 02848 #endif 02849 #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG 02850 if (!rsbac_nosyslog) 02851 #endif 02852 printk(KERN_INFO 02853 "debug_proc_write(): setting rsbac_acl_learn_fd to %u\n", 02854 debug_level); 02855 rsbac_acl_learn_fd = debug_level; 02856 err = count; 02857 goto out; 02858 } 02859 else 02860 { 02861 goto out_inv; 02862 } 02863 } 02864 #endif 02865 02866 #if defined(CONFIG_RSBAC_DEBUG) 02867 if (rsbac_debug_aef) 02868 { 02869 #ifdef CONFIG_RSBAC_RMSG 02870 rsbac_printk(KERN_DEBUG "debug_proc_write(): calling ADF\n"); 02871 #endif 02872 #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG 02873 if (!rsbac_nosyslog) 02874 #endif 02875 printk(KERN_DEBUG "debug_proc_write(): calling ADF\n"); 02876 } 02877 rsbac_target_id.scd = ST_rsbac; 02878 rsbac_attribute_value.dummy = 0; 02879 if (!rsbac_adf_request(R_MODIFY_SYSTEM_DATA, 02880 current->pid, 02881 T_SCD, 02882 rsbac_target_id, 02883 A_none, 02884 rsbac_attribute_value)) 02885 { 02886 err = -EPERM; 02887 goto out; 02888 } 02889 02890 #if defined(CONFIG_RSBAC_NET) 02891 /* Boolean debug switch for NET data structures */ 02892 /* 02893 * Usage: echo "debug ds_net #N" > /proc/rsbac_info/debug 02894 * to set rsbac_debug_ds_net to given value 02895 */ 02896 if(!strncmp("ds_net", k_buf + 6, 6)) 02897 { 02898 p += 7; 02899 02900 if( *p == '\0' ) 02901 goto out; 02902 02903 debug_level = simple_strtoul(p, NULL, 0); 02904 /* only accept 0 or 1 */ 02905 if(!debug_level || (debug_level == 1)) 02906 { 02907 #ifdef CONFIG_RSBAC_RMSG 02908 rsbac_printk(KERN_INFO 02909 "debug_proc_write(): setting rsbac_debug_ds_net to %u\n", 02910 debug_level); 02911 #endif 02912 #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG 02913 if (!rsbac_nosyslog) 02914 #endif 02915 printk(KERN_INFO 02916 "debug_proc_write(): setting rsbac_debug_ds_net to %u\n", 02917 debug_level); 02918 rsbac_debug_ds_net = debug_level; 02919 err = count; 02920 goto out; 02921 } 02922 else 02923 { 02924 goto out_inv; 02925 } 02926 } 02927 /* Boolean debug switch for NET syscalls / AEF */ 02928 /* 02929 * Usage: echo "debug aef_net #N" > /proc/rsbac_info/debug 02930 * to set rsbac_debug_aef_net to given value 02931 */ 02932 if(!strncmp("aef_net", k_buf + 6, 7)) 02933 { 02934 p += 8; 02935 02936 if( *p == '\0' ) 02937 goto out; 02938 02939 debug_level = simple_strtoul(p, NULL, 0); 02940 /* only accept 0 or 1 */ 02941 if(!debug_level || (debug_level == 1)) 02942 { 02943 #ifdef CONFIG_RSBAC_RMSG 02944 rsbac_printk(KERN_INFO 02945 "debug_proc_write(): setting rsbac_debug_aef_net to %u\n", 02946 debug_level); 02947 #endif 02948 #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG 02949 if (!rsbac_nosyslog) 02950 #endif 02951 printk(KERN_INFO 02952 "debug_proc_write(): setting rsbac_debug_aef_net to %u\n", 02953 debug_level); 02954 rsbac_debug_aef_net = debug_level; 02955 err = count; 02956 goto out; 02957 } 02958 else 02959 { 02960 goto out_inv; 02961 } 02962 } 02963 02964 /* Boolean debug switch for NET decisions / ADF */ 02965 /* 02966 * Usage: echo "debug adf_net #N" > /proc/rsbac_info/debug 02967 * to set rsbac_debug_adf_net to given value 02968 */ 02969 if(!strncmp("adf_net", k_buf + 6, 7)) 02970 { 02971 p += 8; 02972 02973 if( *p == '\0' ) 02974 goto out; 02975 02976 debug_level = simple_strtoul(p, NULL, 0); 02977 /* only accept 0 or 1 */ 02978 if(!debug_level || (debug_level == 1)) 02979 { 02980 #ifdef CONFIG_RSBAC_RMSG 02981 rsbac_printk(KERN_INFO 02982 "debug_proc_write(): setting rsbac_debug_adf_net to %u\n", 02983 debug_level); 02984 #endif 02985 #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG 02986 if (!rsbac_nosyslog) 02987 #endif 02988 printk(KERN_INFO 02989 "debug_proc_write(): setting rsbac_debug_adf_net to %u\n", 02990 debug_level); 02991 rsbac_debug_adf_net = debug_level; 02992 err = count; 02993 goto out; 02994 } 02995 else 02996 { 02997 goto out_inv; 02998 } 02999 } 03000 #endif 03001 03002 #if defined(CONFIG_RSBAC_MAC) 03003 /* Boolean debug switch for MAC data structures */ 03004 /* 03005 * Usage: echo "debug ds_mac #N" > /proc/rsbac_info/debug 03006 * to set rsbac_debug_ds_mac to given value 03007 */ 03008 if(!strncmp("ds_mac", k_buf + 6, 6)) 03009 { 03010 p += 7; 03011 03012 if( *p == '\0' ) 03013 goto out; 03014 03015 debug_level = simple_strtoul(p, NULL, 0); 03016 /* only accept 0 or 1 */ 03017 if(!debug_level || (debug_level == 1)) 03018 { 03019 #ifdef CONFIG_RSBAC_RMSG 03020 rsbac_printk(KERN_INFO 03021 "debug_proc_write(): setting rsbac_debug_ds_mac to %u\n", 03022 debug_level); 03023 #endif 03024 #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG 03025 if (!rsbac_nosyslog) 03026 #endif 03027 printk(KERN_INFO 03028 "debug_proc_write(): setting rsbac_debug_ds_mac to %u\n", 03029 debug_level); 03030 rsbac_debug_ds_mac = debug_level; 03031 err = count; 03032 goto out; 03033 } 03034 else 03035 { 03036 goto out_inv; 03037 } 03038 } 03039 /* Boolean debug switch for MAC syscalls / AEF */ 03040 /* 03041 * Usage: echo "debug aef_mac #N" > /proc/rsbac_info/debug 03042 * to set rsbac_debug_aef_mac to given value 03043 */ 03044 if(!strncmp("aef_mac", k_buf + 6, 7)) 03045 { 03046 p += 8; 03047 03048 if( *p == '\0' ) 03049 goto out; 03050 03051 debug_level = simple_strtoul(p, NULL, 0); 03052 /* only accept 0 or 1 */ 03053 if(!debug_level || (debug_level == 1)) 03054 { 03055 #ifdef CONFIG_RSBAC_RMSG 03056 rsbac_printk(KERN_INFO 03057 "debug_proc_write(): setting rsbac_debug_aef_mac to %u\n", 03058 debug_level); 03059 #endif 03060 #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG 03061 if (!rsbac_nosyslog) 03062 #endif 03063 printk(KERN_INFO 03064 "debug_proc_write(): setting rsbac_debug_aef_mac to %u\n", 03065 debug_level); 03066 rsbac_debug_aef_mac = debug_level; 03067 err = count; 03068 goto out; 03069 } 03070 else 03071 { 03072 goto out_inv; 03073 } 03074 } 03075 03076 /* Boolean debug switch for MAC decisions / ADF */ 03077 /* 03078 * Usage: echo "debug adf_mac #N" > /proc/rsbac_info/debug 03079 * to set rsbac_debug_adf_mac to given value 03080 */ 03081 if(!strncmp("adf_mac", k_buf + 6, 7)) 03082 { 03083 p += 8; 03084 03085 if( *p == '\0' ) 03086 goto out; 03087 03088 debug_level = simple_strtoul(p, NULL, 0); 03089 /* only accept 0 or 1 */ 03090 if(!debug_level || (debug_level == 1)) 03091 { 03092 #ifdef CONFIG_RSBAC_RMSG 03093 rsbac_printk(KERN_INFO 03094 "debug_proc_write(): setting rsbac_debug_adf_mac to %u\n", 03095 debug_level); 03096 #endif 03097 #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG 03098 if (!rsbac_nosyslog) 03099 #endif 03100 printk(KERN_INFO 03101 "debug_proc_write(): setting rsbac_debug_adf_mac to %u\n", 03102 debug_level); 03103 rsbac_debug_adf_mac = debug_level; 03104 err = count; 03105 goto out; 03106 } 03107 else 03108 { 03109 goto out_inv; 03110 } 03111 } 03112 #endif 03113 03114 #if defined(CONFIG_RSBAC_PM) || defined(CONFIG_RSBAC_PM_MAINT) 03115 /* Boolean debug switch for PM data structures */ 03116 /* 03117 * Usage: echo "debug ds_pm #N" > /proc/rsbac_info/debug 03118 * to set rsbac_debug_ds_pm to given value 03119 */ 03120 if(!strncmp("ds_pm", k_buf + 6, 5)) 03121 { 03122 p += 6; 03123 03124 if( *p == '\0' ) 03125 goto out; 03126 03127 debug_level = simple_strtoul(p, NULL, 0); 03128 /* only accept 0 or 1 */ 03129 if(!debug_level || (debug_level == 1)) 03130 { 03131 #ifdef CONFIG_RSBAC_RMSG 03132 rsbac_printk(KERN_INFO 03133 "debug_proc_write(): setting rsbac_debug_ds_pm to %u\n", 03134 debug_level); 03135 #endif 03136 #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG 03137 if (!rsbac_nosyslog) 03138 #endif 03139 printk(KERN_INFO 03140 "debug_proc_write(): setting rsbac_debug_ds_pm to %u\n", 03141 debug_level); 03142 rsbac_debug_ds_pm = debug_level; 03143 err = count; 03144 goto out; 03145 } 03146 else 03147 { 03148 goto out_inv; 03149 } 03150 } 03151 /* Boolean debug switch for PM syscalls / AEF */ 03152 /* 03153 * Usage: echo "debug aef_pm #N" > /proc/rsbac_info/debug 03154 * to set rsbac_debug_aef_pm to given value 03155 */ 03156 if(!strncmp("aef_pm", k_buf + 6, 6)) 03157 { 03158 p += 7; 03159 03160 if( *p == '\0' ) 03161 goto out; 03162 03163 debug_level = simple_strtoul(p, NULL, 0); 03164 /* only accept 0 or 1 */ 03165 if(!debug_level || (debug_level == 1)) 03166 { 03167 #ifdef CONFIG_RSBAC_RMSG 03168 rsbac_printk(KERN_INFO 03169 "debug_proc_write(): setting rsbac_debug_aef_pm to %u\n", 03170 debug_level); 03171 #endif 03172 #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG 03173 if (!rsbac_nosyslog) 03174 #endif 03175 printk(KERN_INFO 03176 "debug_proc_write(): setting rsbac_debug_aef_pm to %u\n", 03177 debug_level); 03178 rsbac_debug_aef_pm = debug_level; 03179 err = count; 03180 goto out; 03181 } 03182 else 03183 { 03184 goto out_inv; 03185 } 03186 } 03187 03188 /* Boolean debug switch for PM decisions / ADF */ 03189 /* 03190 * Usage: echo "debug adf_pm #N" > /proc/rsbac_info/debug 03191 * to set rsbac_debug_adf_pm to given value 03192 */ 03193 if(!strncmp("adf_pm", k_buf + 6, 6)) 03194 { 03195 p += 7; 03196 03197 if( *p == '\0' ) 03198 goto out; 03199 03200 debug_level = simple_strtoul(p, NULL, 0); 03201 /* only accept 0 or 1 */ 03202 if(!debug_level || (debug_level == 1)) 03203 { 03204 #ifdef CONFIG_RSBAC_RMSG 03205 rsbac_printk(KERN_INFO 03206 "debug_proc_write(): setting rsbac_debug_adf_pm to %u\n", 03207 debug_level); 03208 #endif 03209 #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG 03210 if (!rsbac_nosyslog) 03211 #endif 03212 printk(KERN_INFO 03213 "debug_proc_write(): setting rsbac_debug_adf_pm to %u\n", 03214 debug_level); 03215 rsbac_debug_adf_pm = debug_level; 03216 err = count; 03217 goto out; 03218 } 03219 else 03220 { 03221 goto out_inv; 03222 } 03223 } 03224 #endif 03225 03226 #if defined(CONFIG_RSBAC_DAZ) 03227 /* Boolean debug switch for DAZ decisions / ADF */ 03228 /* 03229 * Usage: echo "debug adf_daz #N" > /proc/rsbac_info/debug 03230 * to set rsbac_debug_adf_daz to given value 03231 */ 03232 if(!strncmp("adf_daz", k_buf + 6, 7)) 03233 { 03234 p += 8; 03235 03236 if( *p == '\0' ) 03237 goto out; 03238 03239 debug_level = simple_strtoul(p, NULL, 0); 03240 /* only accept 0 or 1 */ 03241 if(!debug_level || (debug_level == 1)) 03242 { 03243 #ifdef CONFIG_RSBAC_RMSG 03244 rsbac_printk(KERN_INFO 03245 "debug_proc_write(): setting rsbac_debug_adf_daz to %u\n", 03246 debug_level); 03247 #endif 03248 #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG 03249 if (!rsbac_nosyslog) 03250 #endif 03251 printk(KERN_INFO 03252 "debug_proc_write(): setting rsbac_debug_adf_daz to %u\n", 03253 debug_level); 03254 rsbac_debug_adf_daz = debug_level; 03255 err = count; 03256 goto out; 03257 } 03258 else 03259 { 03260 goto out_inv; 03261 } 03262 } 03263 #endif 03264 03265 #if defined(CONFIG_RSBAC_RC) || defined(CONFIG_RSBAC_RC_MAINT) 03266 /* Boolean debug switch for RC data structures */ 03267 /* 03268 * Usage: echo "debug ds_rc #N" > /proc/rsbac_info/debug 03269 * to set rsbac_debug_ds_rc to given value 03270 */ 03271 if(!strncmp("ds_rc", k_buf + 6, 5)) 03272 { 03273 p += 6; 03274 03275 if( *p == '\0' ) 03276 goto out; 03277 03278 debug_level = simple_strtoul(p, NULL, 0); 03279 /* only accept 0 or 1 */ 03280 if(!debug_level || (debug_level == 1)) 03281 { 03282 #ifdef CONFIG_RSBAC_RMSG 03283 rsbac_printk(KERN_INFO 03284 "debug_proc_write(): setting rsbac_debug_ds_rc to %u\n", 03285 debug_level); 03286 #endif 03287 #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG 03288 if (!rsbac_nosyslog) 03289 #endif 03290 printk(KERN_INFO 03291 "debug_proc_write(): setting rsbac_debug_ds_rc to %u\n", 03292 debug_level); 03293 rsbac_debug_ds_rc = debug_level; 03294 err = count; 03295 goto out; 03296 } 03297 else 03298 { 03299 goto out_inv; 03300 } 03301 } 03302 /* Boolean debug switch for RC syscalls / AEF */ 03303 /* 03304 * Usage: echo "debug aef_rc #N" > /proc/rsbac_info/debug 03305 * to set rsbac_debug_aef_rc to given value 03306 */ 03307 if(!strncmp("aef_rc", k_buf + 6, 6)) 03308 { 03309 p += 7; 03310 03311 if( *p == '\0' ) 03312 goto out; 03313 03314 debug_level = simple_strtoul(p, NULL, 0); 03315 /* only accept 0 or 1 */ 03316 if(!debug_level || (debug_level == 1)) 03317 { 03318 #ifdef CONFIG_RSBAC_RMSG 03319 rsbac_printk(KERN_INFO 03320 "debug_proc_write(): setting rsbac_debug_aef_rc to %u\n", 03321 debug_level); 03322 #endif 03323 #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG 03324 if (!rsbac_nosyslog) 03325 #endif 03326 printk(KERN_INFO 03327 "debug_proc_write(): setting rsbac_debug_aef_rc to %u\n", 03328 debug_level); 03329 rsbac_debug_aef_rc = debug_level; 03330 err = count; 03331 goto out; 03332 } 03333 else 03334 { 03335 goto out_inv; 03336 } 03337 } 03338 03339 /* Boolean debug switch for RC decisions / ADF */ 03340 /* 03341 * Usage: echo "debug adf_rc #N" > /proc/rsbac_info/debug 03342 * to set rsbac_debug_adf_rc to given value 03343 */ 03344 if(!strncmp("adf_rc", k_buf + 6, 6)) 03345 { 03346 p += 7; 03347 03348 if( *p == '\0' ) 03349 goto out; 03350 03351 debug_level = simple_strtoul(p, NULL, 0); 03352 /* only accept 0 or 1 */ 03353 if(!debug_level || (debug_level == 1)) 03354 { 03355 #ifdef CONFIG_RSBAC_RMSG 03356 rsbac_printk(KERN_INFO 03357 "debug_proc_write(): setting rsbac_debug_adf_rc to %u\n", 03358 debug_level); 03359 #endif 03360 #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG 03361 if (!rsbac_nosyslog) 03362 #endif 03363 printk(KERN_INFO 03364 "debug_proc_write(): setting rsbac_debug_adf_rc to %u\n", 03365 debug_level); 03366 rsbac_debug_adf_rc = debug_level; 03367 err = count; 03368 goto out; 03369 } 03370 else 03371 { 03372 goto out_inv; 03373 } 03374 } 03375 #endif 03376 03377 #if defined(CONFIG_RSBAC_AUTH) 03378 /* Boolean debug switch for AUTH data structures */ 03379 /* 03380 * Usage: echo "debug ds_auth #N" > /proc/rsbac_info/debug 03381 * to set rsbac_debug_ds_auth to given value 03382 */ 03383 if(!strncmp("ds_auth", k_buf + 6, 7)) 03384 { 03385 p += 8; 03386 03387 if( *p == '\0' ) 03388 goto out; 03389 03390 debug_level = simple_strtoul(p, NULL, 0); 03391 /* only accept 0 or 1 */ 03392 if(!debug_level || (debug_level == 1)) 03393 { 03394 #ifdef CONFIG_RSBAC_RMSG 03395 rsbac_printk(KERN_INFO 03396 "debug_proc_write(): setting rsbac_debug_ds_auth to %u\n", 03397 debug_level); 03398 #endif 03399 #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG 03400 if (!rsbac_nosyslog) 03401 #endif 03402 printk(KERN_INFO 03403 "debug_proc_write(): setting rsbac_debug_ds_auth to %u\n", 03404 debug_level); 03405 rsbac_debug_ds_auth = debug_level; 03406 err = count; 03407 goto out; 03408 } 03409 else 03410 { 03411 goto out_inv; 03412 } 03413 } 03414 /* Boolean debug switch for AUTH syscalls / AEF */ 03415 /* 03416 * Usage: echo "debug aef_auth #N" > /proc/rsbac_info/debug 03417 * to set rsbac_debug_aef_auth to given value 03418 */ 03419 if(!strncmp("aef_auth", k_buf + 6, 8)) 03420 { 03421 p += 9; 03422 03423 if( *p == '\0' ) 03424 goto out; 03425 03426 debug_level = simple_strtoul(p, NULL, 0); 03427 /* only accept 0 or 1 */ 03428 if(!debug_level || (debug_level == 1)) 03429 { 03430 #ifdef CONFIG_RSBAC_RMSG 03431 rsbac_printk(KERN_INFO 03432 "debug_proc_write(): setting rsbac_debug_aef_auth to %u\n", 03433 debug_level); 03434 #endif 03435 #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG 03436 if (!rsbac_nosyslog) 03437 #endif 03438 printk(KERN_INFO 03439 "debug_proc_write(): setting rsbac_debug_aef_auth to %u\n", 03440 debug_level); 03441 rsbac_debug_aef_auth = debug_level; 03442 err = count; 03443 goto out; 03444 } 03445 else 03446 { 03447 goto out_inv; 03448 } 03449 } 03450 03451 /* Boolean debug switch for AUTH decisions / ADF */ 03452 /* 03453 * Usage: echo "debug adf_auth #N" > /proc/rsbac_info/debug 03454 * to set rsbac_debug_adf_auth to given value 03455 */ 03456 if(!strncmp("adf_auth", k_buf + 6, 8)) 03457 { 03458 p += 9; 03459 03460 if( *p == '\0' ) 03461 goto out; 03462 03463 debug_level = simple_strtoul(p, NULL, 0); 03464 /* only accept 0 or 1 */ 03465 if(!debug_level || (debug_level == 1)) 03466 { 03467 #ifdef CONFIG_RSBAC_RMSG 03468 rsbac_printk(KERN_INFO 03469 "debug_proc_write(): setting rsbac_debug_adf_auth to %u\n", 03470 debug_level); 03471 #endif 03472 #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG 03473 if (!rsbac_nosyslog) 03474 #endif 03475 printk(KERN_INFO 03476 "debug_proc_write(): setting rsbac_debug_adf_auth to %u\n", 03477 debug_level); 03478 rsbac_debug_adf_auth = debug_level; 03479 err = count; 03480 goto out; 03481 } 03482 else 03483 { 03484 goto out_inv; 03485 } 03486 } 03487 03488 #endif 03489 03490 #if defined(CONFIG_RSBAC_REG) || defined(CONFIG_RSBAC_REG_MAINT) 03491 /* Boolean debug switch for REG */ 03492 /* 03493 * Usage: echo "debug reg #N" > /proc/rsbac_info/debug 03494 * to set rsbac_debug_reg to given value 03495 */ 03496 if(!strncmp("reg", k_buf + 6, 3)) 03497 { 03498 p += 3; 03499 03500 if( *p == '\0' ) 03501 goto out; 03502 03503 debug_level = simple_strtoul(p, NULL, 0); 03504 /* only accept 0 or 1 */ 03505 if(!debug_level || (debug_level == 1)) 03506 { 03507 #ifdef CONFIG_RSBAC_RMSG 03508 rsbac_printk(KERN_INFO 03509 "debug_proc_write(): setting rsbac_debug_reg to %u\n", 03510 debug_level); 03511 #endif 03512 #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG 03513 if (!rsbac_nosyslog) 03514 #endif 03515 printk(KERN_INFO 03516 "debug_proc_write(): setting rsbac_debug_reg to %u\n", 03517 debug_level); 03518 rsbac_debug_reg = debug_level; 03519 err = count; 03520 goto out; 03521 } 03522 else 03523 { 03524 goto out_inv; 03525 } 03526 } 03527 #endif 03528 03529 #if defined(CONFIG_RSBAC_ACL) 03530 /* Boolean debug switch for ACL data structures */ 03531 /* 03532 * Usage: echo "debug ds_acl #N" > /proc/rsbac_info/debug 03533 * to set rsbac_debug_ds_acl to given value 03534 */ 03535 if(!strncmp("ds_acl", k_buf + 6, 6)) 03536 { 03537 p += 7; 03538 03539 if( *p == '\0' ) 03540 goto out; 03541 03542 debug_level = simple_strtoul(p, NULL, 0); 03543 /* only accept 0 or 1 */ 03544 if(!debug_level || (debug_level == 1)) 03545 { 03546 #ifdef CONFIG_RSBAC_RMSG 03547 rsbac_printk(KERN_INFO 03548 "debug_proc_write(): setting rsbac_debug_ds_acl to %u\n", 03549 debug_level); 03550 #endif 03551 #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG 03552 if (!rsbac_nosyslog) 03553 #endif 03554 printk(KERN_INFO 03555 "debug_proc_write(): setting rsbac_debug_ds_acl to %u\n", 03556 debug_level); 03557 rsbac_debug_ds_acl = debug_level; 03558 err = count; 03559 goto out; 03560 } 03561 else 03562 { 03563 goto out_inv; 03564 } 03565 } 03566 /* Boolean debug switch for ACL syscalls / AEF */ 03567 /* 03568 * Usage: echo "debug aef_acl #N" > /proc/rsbac_info/debug 03569 * to set rsbac_debug_aef_acl to given value 03570 */ 03571 if(!strncmp("aef_acl", k_buf + 6, 7)) 03572 { 03573 p += 8; 03574 03575 if( *p == '\0' ) 03576 goto out; 03577 03578 debug_level = simple_strtoul(p, NULL, 0); 03579 /* only accept 0 or 1 */ 03580 if(!debug_level || (debug_level == 1)) 03581 { 03582 #ifdef CONFIG_RSBAC_RMSG 03583 rsbac_printk(KERN_INFO 03584 "debug_proc_write(): setting rsbac_debug_aef_acl to %u\n", 03585 debug_level); 03586 #endif 03587 #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG 03588 if (!rsbac_nosyslog) 03589 #endif 03590 printk(KERN_INFO 03591 "debug_proc_write(): setting rsbac_debug_aef_acl to %u\n", 03592 debug_level); 03593 rsbac_debug_aef_acl = debug_level; 03594 err = count; 03595 goto out; 03596 } 03597 else 03598 { 03599 goto out_inv; 03600 } 03601 } 03602 03603 /* Boolean debug switch for ACL decisions / ADF */ 03604 /* 03605 * Usage: echo "debug adf_acl #N" > /proc/rsbac_info/debug 03606 * to set rsbac_debug_adf_acl to given value 03607 */ 03608 if(!strncmp("adf_acl", k_buf + 6, 7)) 03609 { 03610 p += 8; 03611 03612 if( *p == '\0' ) 03613 goto out; 03614 03615 debug_level = simple_strtoul(p, NULL, 0); 03616 /* only accept 0 or 1 */ 03617 if(!debug_level || (debug_level == 1)) 03618 { 03619 #ifdef CONFIG_RSBAC_RMSG 03620 rsbac_printk(KERN_INFO 03621 "debug_proc_write(): setting rsbac_debug_adf_acl to %u\n", 03622 debug_level); 03623 #endif 03624 #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG 03625 if (!rsbac_nosyslog) 03626 #endif 03627 printk(KERN_INFO 03628 "debug_proc_write(): setting rsbac_debug_adf_acl to %u\n", 03629 debug_level); 03630 rsbac_debug_adf_acl = debug_level; 03631 err = count; 03632 goto out; 03633 } 03634 else 03635 { 03636 goto out_inv; 03637 } 03638 } 03639 #endif 03640 03641 #if defined(CONFIG_RSBAC_JAIL) 03642 /* Boolean debug switch for JAIL syscalls / AEF */ 03643 /* 03644 * Usage: echo "debug aef_jail #N" > /proc/rsbac_info/debug 03645 * to set rsbac_debug_aef_jail to given value 03646 */ 03647 if(!strncmp("aef_jail", k_buf + 6, 8)) 03648 { 03649 p += 9; 03650 03651 if( *p == '\0' ) 03652 goto out; 03653 03654 debug_level = simple_strtoul(p, NULL, 0); 03655 /* only accept 0 or 1 */ 03656 if(!debug_level || (debug_level == 1)) 03657 { 03658 #ifdef CONFIG_RSBAC_RMSG 03659 rsbac_printk(KERN_INFO 03660 "debug_proc_write(): setting rsbac_debug_aef_jail to %u\n", 03661 debug_level); 03662 #endif 03663 #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG 03664 if (!rsbac_nosyslog) 03665 #endif 03666 printk(KERN_INFO 03667 "debug_proc_write(): setting rsbac_debug_aef_jail to %u\n", 03668 debug_level); 03669 rsbac_debug_aef_jail = debug_level; 03670 err = count; 03671 goto out; 03672 } 03673 else 03674 { 03675 goto out_inv; 03676 } 03677 } 03678 03679 /* Boolean debug switch for JAIL decisions / ADF */ 03680 /* 03681 * Usage: echo "debug adf_jail #N" > /proc/rsbac_info/debug 03682 * to set rsbac_debug_adf_jail to given value 03683 */ 03684 if(!strncmp("adf_jail", k_buf + 6, 8)) 03685 { 03686 p += 9; 03687 03688 if( *p == '\0' ) 03689 goto out; 03690 03691 debug_level = simple_strtoul(p, NULL, 0); 03692 /* only accept 0 or 1 */ 03693 if(!debug_level || (debug_level == 1)) 03694 { 03695 #ifdef CONFIG_RSBAC_RMSG 03696 rsbac_printk(KERN_INFO 03697 "debug_proc_write(): setting rsbac_debug_adf_jail to %u\n", 03698 debug_level); 03699 #endif 03700 #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG 03701 if (!rsbac_nosyslog) 03702 #endif 03703 printk(KERN_INFO 03704 "debug_proc_write(): setting rsbac_debug_adf_jail to %u\n", 03705 debug_level); 03706 rsbac_debug_adf_jail = debug_level; 03707 err = count; 03708 goto out; 03709 } 03710 else 03711 { 03712 goto out_inv; 03713 } 03714 } 03715 #endif 03716 03717 #if defined(CONFIG_RSBAC_PAX) 03718 /* Boolean debug switch for PAX decisions / ADF */ 03719 /* 03720 * Usage: echo "debug adf_pax #N" > /proc/rsbac_info/debug 03721 * to set rsbac_debug_adf_pax to given value 03722 */ 03723 if(!strncmp("adf_pax", k_buf + 6, 7)) 03724 { 03725 p += 8; 03726 03727 if( *p == '\0' ) 03728 goto out; 03729 03730 debug_level = simple_strtoul(p, NULL, 0); 03731 /* only accept 0 or 1 */ 03732 if(!debug_level || (debug_level == 1)) 03733 { 03734 #ifdef CONFIG_RSBAC_RMSG 03735 rsbac_printk(KERN_INFO 03736 "debug_proc_write(): setting rsbac_debug_adf_pax to %u\n", 03737 debug_level); 03738 #endif 03739 #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG 03740 if (!rsbac_nosyslog) 03741 #endif 03742 printk(KERN_INFO 03743 "debug_proc_write(): setting rsbac_debug_adf_pax to %u\n", 03744 debug_level); 03745 rsbac_debug_adf_pax = debug_level; 03746 err = count; 03747 goto out; 03748 } 03749 else 03750 { 03751 goto out_inv; 03752 } 03753 } 03754 #endif 03755 03756 /* 03757 * Usage: echo "debug ds #N" > /proc/rsbac_info/debug 03758 * to set rsbac_debug_ds to given value 03759 */ 03760 if(!strncmp("ds", k_buf + 6, 2)) 03761 { 03762 p += 3; 03763 03764 if( *p == '\0' ) 03765 goto out; 03766 03767 debug_level = simple_strtoul(p, NULL, 0); 03768 /* only accept 0 or 1 */ 03769 if(!debug_level || (debug_level == 1)) 03770 { 03771 #ifdef CONFIG_RSBAC_RMSG 03772 rsbac_printk(KERN_INFO 03773 "debug_proc_write(): setting rsbac_debug_ds to %u\n", 03774 debug_level); 03775 #endif 03776 #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG 03777 if (!rsbac_nosyslog) 03778 #endif 03779 printk(KERN_INFO 03780 "debug_proc_write(): setting rsbac_debug_ds to %u\n", 03781 debug_level); 03782 rsbac_debug_ds = debug_level; 03783 err = count; 03784 goto out; 03785 } 03786 else 03787 { 03788 goto out_inv; 03789 } 03790 } 03791 03792 /* 03793 * Usage: echo "debug write #N" > /proc/rsbac_info/debug 03794 * to set rsbac_debug_write to given value 03795 */ 03796 if(!strncmp("write", k_buf + 6, 5)) 03797 { 03798 p += 6; 03799 03800 if( *p == '\0' ) 03801 goto out; 03802 03803 debug_level = simple_strtoul(p, NULL, 0); 03804 /* only accept 0 or 1 */ 03805 if(!debug_level || (debug_level == 1)) 03806 { 03807 #ifdef CONFIG_RSBAC_RMSG 03808 rsbac_printk(KERN_INFO 03809 "debug_proc_write(): setting rsbac_debug_write to %u\n", 03810 debug_level); 03811 #endif 03812 #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG 03813 if (!rsbac_nosyslog) 03814 #endif 03815 printk(KERN_INFO 03816 "debug_proc_write(): setting rsbac_debug_write to %u\n", 03817 debug_level); 03818 rsbac_debug_write = debug_level; 03819 err = count; 03820 goto out; 03821 } 03822 else 03823 { 03824 goto out_inv; 03825 } 03826 } 03827 03828 /* 03829 * Usage: echo "debug stack #N" > /proc/rsbac_info/debug 03830 * to set rsbac_debug_stack to given value 03831 */ 03832 if(!strncmp("stack", k_buf + 6, 5)) 03833 { 03834 p += 6; 03835 03836 if( *p == '\0' ) 03837 goto out; 03838 03839 debug_level = simple_strtoul(p, NULL, 0); 03840 /* only accept 0 or 1 */ 03841 if(!debug_level || (debug_level == 1)) 03842 { 03843 #ifdef CONFIG_RSBAC_RMSG 03844 rsbac_printk(KERN_INFO 03845 "debug_proc_write(): setting rsbac_debug_stack to %u\n", 03846 debug_level); 03847 #endif 03848 #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG 03849 if (!rsbac_nosyslog) 03850 #endif 03851 printk(KERN_INFO 03852 "debug_proc_write(): setting rsbac_debug_stack to %u\n", 03853 debug_level); 03854 rsbac_debug_stack = debug_level; 03855 err = count; 03856 goto out; 03857 } 03858 else 03859 { 03860 goto out_inv; 03861 } 03862 } 03863 03864 /* 03865 * Usage: echo "debug lists #N" > /proc/rsbac_info/debug 03866 * to set rsbac_debug_lists to given value 03867 */ 03868 if(!strncmp("lists", k_buf + 6, 5)) 03869 { 03870 p += 6; 03871 03872 if( *p == '\0' ) 03873 goto out; 03874 03875 debug_level = simple_strtoul(p, NULL, 0); 03876 /* only accept 0 or 1 */ 03877 if(!debug_level || (debug_level == 1)) 03878 { 03879 #ifdef CONFIG_RSBAC_RMSG 03880 rsbac_printk(KERN_INFO 03881 "debug_proc_write(): setting rsbac_debug_lists to %u\n", 03882 debug_level); 03883 #endif 03884 #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG 03885 if (!rsbac_nosyslog) 03886 #endif 03887 printk(KERN_INFO 03888 "debug_proc_write(): setting rsbac_debug_lists to %u\n", 03889 debug_level); 03890 rsbac_debug_lists = debug_level; 03891 err = count; 03892 goto out; 03893 } 03894 else 03895 { 03896 goto out_inv; 03897 } 03898 } 03899 03900 /* Boolean debug switch for AEF */ 03901 /* 03902 * Usage: echo "debug aef #N" > /proc/rsbac_info/debug 03903 * to set rsbac_debug_aef to given value 03904 */ 03905 if(!strncmp("aef", k_buf + 6, 3)) 03906 { 03907 p += 4; 03908 03909 if( *p == '\0' ) 03910 goto out; 03911 03912 debug_level = simple_strtoul(p, NULL, 0); 03913 /* only accept 0 or 1 */ 03914 if(!debug_level || (debug_level == 1)) 03915 { 03916 #ifdef CONFIG_RSBAC_RMSG 03917 rsbac_printk(KERN_INFO 03918 "debug_proc_write(): setting rsbac_debug_aef to %u\n", 03919 debug_level); 03920 #endif 03921 #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG 03922 if (!rsbac_nosyslog) 03923 #endif 03924 printk(KERN_INFO 03925 "debug_proc_write(): setting rsbac_debug_aef to %u\n", 03926 debug_level); 03927 rsbac_debug_aef = debug_level; 03928 err = count; 03929 goto out; 03930 } 03931 else 03932 { 03933 goto out_inv; 03934 } 03935 } 03936 03937 /* Boolean debug switch for NO_WRITE */ 03938 /* 03939 * Usage: echo "debug no_write #N" > /proc/rsbac_info/debug 03940 * to set rsbac_debug_no_write to given value 03941 */ 03942 if(!strncmp("no_write", k_buf + 6, 8)) 03943 { 03944 p += 9; 03945 03946 if( *p == '\0' ) 03947 goto out; 03948 03949 debug_level = simple_strtoul(p, NULL, 0); 03950 /* only accept 0 or 1 */ 03951 if(!debug_level || (debug_level == 1)) 03952 { 03953 #ifdef CONFIG_RSBAC_RMSG 03954 rsbac_printk(KERN_INFO 03955 "debug_proc_write(): setting rsbac_debug_no_write to %u\n", 03956 debug_level); 03957 #endif 03958 #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG 03959 if (!rsbac_nosyslog) 03960 #endif 03961 printk(KERN_INFO 03962 "debug_proc_write(): setting rsbac_debug_no_write to %u\n", 03963 debug_level); 03964 rsbac_debug_no_write = debug_level; 03965 err = count; 03966 goto out; 03967 } 03968 else 03969 { 03970 goto out_inv; 03971 } 03972 } 03973 03974 #if defined(CONFIG_RSBAC_AUTO_WRITE) && (CONFIG_RSBAC_AUTO_WRITE > 0) 03975 /* 03976 * Usage: echo "debug auto #N" > /proc/rsbac_info/debug 03977 * to set rsbac_debug_auto to given value 03978 */ 03979 if(!strncmp("auto", k_buf + 6, 4)) 03980 { 03981 p += 5; 03982 03983 if( *p == '\0' ) 03984 goto out; 03985 03986 debug_level = simple_strtoul(p, NULL, 0); 03987 /* only accept 0 or 1 */ 03988 if(!debug_level || (debug_level == 1)) 03989 { 03990 #ifdef CONFIG_RSBAC_RMSG 03991 rsbac_printk(KERN_INFO 03992 "debug_proc_write(): setting rsbac_debug_auto to %u\n", 03993 debug_level); 03994 #endif 03995 #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG 03996 if (!rsbac_nosyslog) 03997 #endif 03998 printk(KERN_INFO 03999 "debug_proc_write(): setting rsbac_debug_auto to %u\n", 04000 debug_level); 04001 rsbac_debug_auto = debug_level; 04002 err = count; 04003 goto out; 04004 } 04005 else 04006 { 04007 goto out_inv; 04008 } 04009 } 04010 #endif /* CONFIG_RSBAC_AUTO_WRITE > 0 */ 04011 #endif /* DEBUG */ 04012 04013 out: 04014 free_page((ulong) k_buf); 04015 return(err); 04016 04017 out_inv: 04018 #ifdef CONFIG_RSBAC_RMSG 04019 rsbac_printk(KERN_INFO 04020 "debug_proc_write(): rejecting invalid debug level (should be 0 or 1)\n"); 04021 #endif 04022 #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG 04023 if (!rsbac_nosyslog) 04024 #endif 04025 printk(KERN_INFO 04026 "debug_proc_write(): rejecting invalid debug level (should be 0 or 1)\n"); 04027 goto out; 04028 } 04029 #endif /* defined(CONFIG_RSBAC_PROC) && defined(CONFIG_PROC_FS) */ 04030 04031 #if defined(CONFIG_RSBAC_LOG_REMOTE) 04032 /* declare net functions */ 04033 long sys_socket(int family, int type, int protocol); 04034 long sys_bind(int fd, struct sockaddr *umyaddr, int addrlen); 04035 long sys_sendto(int fd, void * buff, size_t len, unsigned flags, 04036 struct sockaddr *addr, int addr_len); 04037 04038 #ifndef CONFIG_RSBAC_LOG_REMOTE_SYNC 04039 /* rsbac kernel timer for auto-write */ 04040 static void wakeup_rsbaclogd(u_long dummy) 04041 { 04042 wake_up(&rsbaclogd_wait); 04043 } 04044 #endif 04045 04046 /* rsbac kernel daemon for remote logging */ 04047 static int rsbaclogd(void * dummy) 04048 { 04049 struct task_struct *tsk = current; 04050 int err; 04051 int i; 04052 char c; 04053 int sock_fd; 04054 struct sockaddr_in addr; 04055 char * tmp = rsbac_kmalloc(RSBAC_MAXNAMELEN); 04056 static char remote_send_buf[REMOTE_SEND_BUF_LEN]; 04057 mm_segment_t oldfs; 04058 04059 #ifdef CONFIG_RSBAC_RMSG 04060 rsbac_printk(KERN_INFO "rsbaclogd(): Initializing.\n"); 04061 #endif 04062 #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG 04063 if (!rsbac_nosyslog) 04064 #endif 04065 printk(KERN_INFO "rsbaclogd(): Initializing.\n"); 04066 #if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,0) 04067 daemonize("rsbaclogd"); 04068 #else 04069 tsk->session = 1; 04070 tsk->pgrp = 1; 04071 strcpy(tsk->comm, "rsbaclogd"); 04072 #endif 04073 /* lock_kernel(); */ 04074 04075 #ifdef CONFIG_RSBAC_DEBUG 04076 #ifdef CONFIG_RSBAC_RMSG 04077 rsbac_printk(KERN_DEBUG "rsbaclogd(): Setting auto timer.\n"); 04078 #endif 04079 #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG 04080 if (!rsbac_nosyslog) 04081 #endif 04082 printk(KERN_DEBUG "rsbaclogd(): Setting auto timer.\n"); 04083 #endif 04084 #ifndef CONFIG_RSBAC_LOG_REMOTE_SYNC 04085 init_timer(&rsbac_log_remote_timer); 04086 rsbac_log_remote_timer.function = wakeup_rsbaclogd; 04087 rsbac_log_remote_timer.data = 0; 04088 rsbac_log_remote_timer.expires = jiffies + rsbac_log_remote_interval; 04089 add_timer(&rsbac_log_remote_timer); 04090 #endif 04091 interruptible_sleep_on(&rsbaclogd_wait); 04092 04093 /* create a socket */ 04094 sock_fd = sys_socket(PF_INET, SOCK_DGRAM, IPPROTO_UDP); 04095 if(sock_fd < 0) 04096 { 04097 #ifdef CONFIG_RSBAC_RMSG 04098 rsbac_printk(KERN_WARNING 04099 "rsbaclogd(): creating local log socket failed with error %s, exiting!\n", 04100 get_error_name(tmp, sock_fd)); 04101 #endif 04102 #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG 04103 if (!rsbac_nosyslog) 04104 #endif 04105 printk(KERN_WARNING 04106 "rsbaclogd(): creating local log socket failed with error %s, exiting!\n", 04107 get_error_name(tmp, sock_fd)); 04108 rsbaclogd_pid = 0; 04109 return -RSBAC_EWRITEFAILED; 04110 } 04111 /* bind local address */ 04112 addr.sin_family = PF_INET; 04113 addr.sin_port = htons(CONFIG_RSBAC_LOG_LOCAL_PORT); 04114 err = rsbac_net_str_to_inet(CONFIG_RSBAC_LOG_LOCAL_ADDR, 04115 &addr.sin_addr.s_addr); 04116 if(err < 0) 04117 { 04118 #ifdef CONFIG_RSBAC_RMSG 04119 rsbac_printk(KERN_WARNING 04120 "rsbaclogd(): converting local socket address %s failed with error %s, exiting!\n", 04121 CONFIG_RSBAC_LOG_LOCAL_ADDR, 04122 get_error_name(tmp, err)); 04123 #endif 04124 #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG 04125 if (!rsbac_nosyslog) 04126 #endif 04127 printk(KERN_WARNING 04128 "rsbaclogd(): converting local socket address %s failed with error %s, exiting!\n", 04129 CONFIG_RSBAC_LOG_LOCAL_ADDR, 04130 get_error_name(tmp, err)); 04131 sys_close(sock_fd); 04132 rsbaclogd_pid = 0; 04133 return -RSBAC_EINVALIDVALUE; 04134 } 04135 /* change data segment - sys_bind reads address from user space */ 04136 oldfs = get_fs(); 04137 set_fs(KERNEL_DS); 04138 err = sys_bind(sock_fd, (struct sockaddr *)&addr, sizeof(addr)); 04139 set_fs(oldfs); 04140 if(err < 0) 04141 { 04142 #ifdef CONFIG_RSBAC_RMSG 04143 rsbac_printk(KERN_WARNING 04144 "rsbaclogd(): binding local socket address %u.%u.%u.%u:%u failed with error %s, exiting!\n", 04145 NIPQUAD(addr.sin_addr.s_addr), 04146 CONFIG_RSBAC_LOG_LOCAL_PORT, 04147 get_error_name(tmp, err)); 04148 #endif 04149 #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG 04150 if (!rsbac_nosyslog) 04151 #endif 04152 printk(KERN_WARNING 04153 "rsbaclogd(): binding local socket address %u.%u.%u.%u:%u failed with error %s, exiting!\n", 04154 NIPQUAD(addr.sin_addr.s_addr), 04155 CONFIG_RSBAC_LOG_LOCAL_PORT, 04156 get_error_name(tmp, err)); 04157 sys_close(sock_fd); 04158 rsbaclogd_pid = 0; 04159 return -RSBAC_EWRITEFAILED; 04160 } 04161 04162 /* convert remote address */ 04163 addr.sin_family = PF_INET; 04164 addr.sin_port = htons(CONFIG_RSBAC_LOG_REMOTE_PORT); 04165 err = rsbac_net_str_to_inet(CONFIG_RSBAC_LOG_REMOTE_ADDR, 04166 &addr.sin_addr.s_addr); 04167 if(err < 0) 04168 { 04169 #ifdef CONFIG_RSBAC_RMSG 04170 rsbac_printk(KERN_WARNING 04171 "rsbaclogd(): converting remote socket address %s failed with error %s, exiting!\n", 04172 CONFIG_RSBAC_LOG_REMOTE_ADDR, 04173 get_error_name(tmp, err)); 04174 #endif 04175 #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG 04176 if (!rsbac_nosyslog) 04177 #endif 04178 printk(KERN_WARNING 04179 "rsbaclogd(): converting remote socket address %s failed with error %s, exiting!\n", 04180 CONFIG_RSBAC_LOG_REMOTE_ADDR, 04181 get_error_name(tmp, err)); 04182 sys_close(sock_fd); 04183 rsbaclogd_pid = 0; 04184 return -RSBAC_EINVALIDVALUE; 04185 } 04186 04187 #ifdef CONFIG_RSBAC_DEBUG 04188 if(rsbac_debug_stack) 04189 { 04190 unsigned long * n = (unsigned long *) (current+1); 04191 04192 while (!*n) 04193 n++; 04194 #ifdef CONFIG_RSBAC_RMSG 04195 rsbac_printk(KERN_DEBUG "rsbaclogd: free stack: %lu\n", 04196 (unsigned long) n - (unsigned long)(current+1)); 04197 #endif 04198 #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG 04199 if (!rsbac_nosyslog) 04200 #endif 04201 printk(KERN_DEBUG "rsbaclogd: free stack: %lu\n", 04202 (unsigned long) n - (unsigned long)(current+1)); 04203 } 04204 #endif 04205 for(;;) 04206 { 04207 /* wait */ 04208 #if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,0) 04209 /* Unblock all signals. */ 04210 flush_signals(tsk); 04211 spin_lock_irq(&tsk->sighand->siglock); 04212 flush_signal_handlers(tsk, 1); 04213 sigemptyset(&tsk->blocked); 04214 recalc_sigpending(); 04215 spin_unlock_irq(&tsk->sighand->siglock); 04216 #else 04217 spin_lock_irq(&tsk->sigmask_lock); 04218 flush_signals(tsk); 04219 sigfillset(&tsk->blocked); 04220 recalc_sigpending(tsk); 04221 spin_unlock_irq(&tsk->sigmask_lock); 04222 #endif 04223 /* 04224 #ifdef CONFIG_RSBAC_DEBUG 04225 if (rsbac_debug_auto) 04226 { 04227 #ifdef CONFIG_RSBAC_RMSG 04228 rsbac_printk(KERN_DEBUG 04229 "rsbacd(): calling rsbac_write()\n"); 04230 #endif 04231 #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG 04232 if (!rsbac_nosyslog) 04233 #endif 04234 printk(KERN_DEBUG 04235 "rsbacd(): calling rsbac_write()\n"); 04236 } 04237 #endif 04238 */ 04239 04240 while(remote_log_start != remote_log_end) 04241 { 04242 i = 0; 04243 c = 0; 04244 spin_lock_irq(&rsbac_log_remote_lock); 04245 while ( (remote_log_start != remote_log_end) 04246 && (i < sizeof(remote_send_buf)) 04247 && (c != '\n') 04248 ) 04249 { 04250 c = REMOTE_RLOG_BUF(remote_log_start); 04251 remote_log_start++; 04252 remote_logged_chars--; 04253 remote_send_buf[i] = c; 04254 // spin_unlock_irq(&rsbac_log_remote_lock); 04255 i++; 04256 // spin_lock_irq(&rsbac_log_remote_lock); 04257 } 04258 spin_unlock_irq(&rsbac_log_remote_lock); 04259 04260 /* change data segment - sys_sendto reads data and address from user space */ 04261 oldfs = get_fs(); 04262 set_fs(KERNEL_DS); 04263 err = sys_sendto(sock_fd, 04264 remote_send_buf, 04265 i, 04266 MSG_DONTWAIT, 04267 (struct sockaddr *)&addr, 04268 sizeof(addr)); 04269 set_fs(oldfs); 04270 if( (err < 0) 04271 // && (err != -EPERM) 04272 ) 04273 { 04274 #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG 04275 if (!rsbac_nosyslog) 04276 #endif 04277 printk(KERN_WARNING 04278 "rsbaclogd(): sending to remote socket address %u.%u.%u.%u:%u failed with error %i!\n", 04279 NIPQUAD(addr.sin_addr.s_addr), 04280 CONFIG_RSBAC_LOG_REMOTE_PORT, 04281 err); 04282 continue; 04283 } 04284 } 04285 #ifndef CONFIG_RSBAC_LOG_REMOTE_SYNC 04286 /* set new timer (only, if not woken up by rsbac_printk()) */ 04287 mod_timer(&rsbac_log_remote_timer, jiffies + rsbac_log_remote_interval); 04288 #endif 04289 interruptible_sleep_on(&rsbaclogd_wait); 04290 /* sleep */ 04291 } 04292 } 04293 #endif 04294 04295 04296 /********************************/ 04297 /* Init */ 04298 /********************************/ 04299 04300 #ifdef CONFIG_RSBAC_INIT_DELAY 04301 inline void rsbac_init_debug(void) 04302 #else 04303 inline void __init rsbac_init_debug(void) 04304 #endif 04305 { 04306 int i; 04307 #if defined(CONFIG_RSBAC_PROC) && defined(CONFIG_PROC_FS) 04308 struct proc_dir_entry * tmp_entry_p; 04309 #endif 04310 04311 if (!debug_initialized) 04312 { 04313 struct rsbac_list_info_t * info_p; 04314 int tmperr; 04315 rsbac_enum_t * def_data_p; 04316 04317 #ifdef CONFIG_RSBAC_RMSG 04318 rsbac_printk(KERN_INFO "rsbac_init_debug(): Initializing\n"); 04319 #endif 04320 #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG 04321 if (!rsbac_nosyslog) 04322 #endif 04323 printk(KERN_INFO "rsbac_init_debug(): Initializing\n"); 04324 #if 0 && defined(CONFIG_RSBAC_RMSG) 04325 /* init rsbac_log_lock */ 04326 spin_lock_init(&rsbac_log_lock); 04327 #endif 04328 info_p = rsbac_kmalloc(sizeof(*info_p)); 04329 if(!info_p) 04330 { 04331 memset(rsbac_log_levels, LL_denied, sizeof(rsbac_log_levels)); 04332 return; 04333 } 04334 def_data_p = rsbac_kmalloc(sizeof(rsbac_log_entry_t)); 04335 if(!def_data_p) 04336 { 04337 memset(rsbac_log_levels, LL_denied, sizeof(rsbac_log_levels)); 04338 rsbac_kfree(info_p); 04339 return; 04340 } 04341 /* register log_levels list */ 04342 for(i=0; i<=T_NONE; i++) 04343 def_data_p[i] = LL_denied; 04344 info_p->version = RSBAC_LOG_LEVEL_VERSION; 04345 info_p->key = RSBAC_LOG_LEVEL_KEY; 04346 info_p->desc_size = sizeof(rsbac_adf_request_int_t); 04347 info_p->data_size = sizeof(rsbac_log_entry_t); 04348 info_p->max_age = 0; 04349 tmperr = rsbac_list_register(RSBAC_LIST_VERSION, 04350 &log_levels_handle, 04351 info_p, 04352 RSBAC_LIST_PERSIST | RSBAC_LIST_DEF_DATA, 04353 NULL, 04354 NULL, 04355 def_data_p, 04356 RSBAC_LOG_LEVEL_LIST_NAME, 04357 RSBAC_AUTO_DEV); 04358 if(tmperr) 04359 { 04360 char * tmp; 04361 04362 tmp = rsbac_kmalloc(RSBAC_MAXNAMELEN); 04363 if(tmp) 04364 { 04365 printk(KERN_WARNING 04366 "rsbac_init_debug(): registering log levels list ll failed with error %s!\n", 04367 get_error_name(tmp, tmperr)); 04368 rsbac_kfree(tmp); 04369 } 04370 memset(rsbac_log_levels, LL_denied, sizeof(rsbac_log_levels)); 04371 } 04372 else 04373 { 04374 rsbac_adf_request_int_t req; 04375 04376 for(req = 0; req < R_NONE; req++) 04377 rsbac_list_get_data(log_levels_handle, &req, rsbac_log_levels[req]); 04378 } 04379 04380 #if defined(CONFIG_RSBAC_PROC) && defined(CONFIG_PROC_FS) 04381 tmp_entry_p = create_proc_entry("log_levels", 04382 S_IFREG | S_IRUGO | S_IWUGO, 04383 proc_rsbac_root_p); 04384 if(tmp_entry_p) 04385 { 04386 tmp_entry_p->get_info = log_levels_proc_info; 04387 tmp_entry_p->write_proc = log_levels_proc_write; 04388 } 04389 04390 tmp_entry_p = create_proc_entry("debug", 04391 S_IFREG | S_IRUGO | S_IWUGO, 04392 proc_rsbac_root_p); 04393 if(tmp_entry_p) 04394 { 04395 tmp_entry_p->get_info = debug_proc_info; 04396 tmp_entry_p->write_proc = debug_proc_write; 04397 } 04398 04399 #if defined(CONFIG_RSBAC_RMSG) 04400 tmp_entry_p = create_proc_entry("rmsg", 04401 S_IFREG | S_IRUGO | S_IWUGO, 04402 proc_rsbac_root_p); 04403 if(tmp_entry_p) 04404 { 04405 tmp_entry_p->proc_fops = &proc_rmsg_operations; 04406 } 04407 #endif 04408 #endif 04409 04410 #if defined(CONFIG_RSBAC_LOG_REMOTE) 04411 /* init rsbac_console lock */ 04412 // spin_lock_init(&rsbac_log_remote_lock); 04413 /* init the rsbaclogd wait queue head */ 04414 // init_waitqueue_head(&rsbaclogd_wait); 04415 /* Start rsbac logging thread for auto write */ 04416 rsbaclogd_pid = kernel_thread(rsbaclogd, NULL, 0); 04417 #ifdef CONFIG_RSBAC_RMSG 04418 rsbac_printk(KERN_INFO "rsbac_init_debug(): Started rsbaclogd thread with pid %u\n", 04419 rsbaclogd_pid); 04420 #endif 04421 #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG 04422 if (!rsbac_nosyslog) 04423 #endif 04424 printk(KERN_INFO "rsbac_init_debug(): Started rsbaclogd thread with pid %u\n", 04425 rsbaclogd_pid); 04426 #endif 04427 04428 debug_initialized = TRUE; 04429 } 04430 04431 #ifdef CONFIG_RSBAC_RMSG 04432 #ifdef CONFIG_RSBAC_SOFTMODE 04433 if(rsbac_softmode) 04434 rsbac_printk(KERN_DEBUG "rsbac_softmode is set\n"); 04435 #endif 04436 #if defined(CONFIG_RSBAC_AUTH_LEARN) 04437 if(rsbac_auth_learn) 04438 rsbac_printk(KERN_DEBUG "rsbac_auth_learn is set\n"); 04439 #endif 04440 #if defined(CONFIG_RSBAC_ACL_LEARN) 04441 if(rsbac_acl_learn_fd) 04442 rsbac_printk(KERN_DEBUG "rsbac_acl_learn_fd is set\n"); 04443 #endif 04444 #ifdef CONFIG_RSBAC_CAP_PROC_HIDE 04445 if(rsbac_cap_process_hiding) 04446 rsbac_printk(KERN_DEBUG "rsbac_cap_process_hiding is set\n"); 04447 #endif 04448 #ifdef CONFIG_RSBAC_ALLOW_DAC_DISABLE_FULL 04449 if(rsbac_dac_disable) 04450 rsbac_printk(KERN_DEBUG "rsbac_dac_disable is set\n"); 04451 #endif 04452 #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG 04453 if(rsbac_nosyslog) 04454 rsbac_printk(KERN_DEBUG "rsbac_nosyslog is set\n"); 04455 #endif 04456 #ifdef CONFIG_RSBAC_INIT_DELAY 04457 if(rsbac_no_delay_init) 04458 rsbac_printk(KERN_DEBUG "rsbac_no_delay_init is set\n"); 04459 #if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,0) 04460 if(rsbac_delayed_root_str[0]) 04461 rsbac_printk(KERN_DEBUG "rsbac_delayed_root is %s\n", 04462 rsbac_delayed_root_str); 04463 #else 04464 if(rsbac_delayed_root) 04465 rsbac_printk(KERN_DEBUG "rsbac_delayed_root is %02u:%02u\n", 04466 MAJOR(rsbac_delayed_root), MINOR(rsbac_delayed_root)); 04467 #endif 04468 #endif 04469 if(rsbac_no_defaults) 04470 rsbac_printk(KERN_DEBUG "rsbac_no_defaults is set\n"); 04471 04472 #if defined(CONFIG_RSBAC_DEBUG) 04473 if(rsbac_debug_ds) 04474 rsbac_printk(KERN_DEBUG "rsbac_debug_ds is set\n"); 04475 if(rsbac_debug_write) 04476 rsbac_printk(KERN_DEBUG "rsbac_debug_write is set\n"); 04477 if(rsbac_debug_no_write) 04478 rsbac_printk(KERN_DEBUG "rsbac_debug_no_write is set\n"); 04479 if(rsbac_debug_stack) 04480 rsbac_printk(KERN_DEBUG "rsbac_debug_stack is set\n"); 04481 if(rsbac_debug_lists) 04482 rsbac_printk(KERN_DEBUG "rsbac_debug_lists is set\n"); 04483 if(rsbac_debug_aef) 04484 rsbac_printk(KERN_DEBUG "rsbac_debug_aef is set\n"); 04485 if(rsbac_debug_adf_default != 1) 04486 rsbac_printk(KERN_DEBUG "rsbac_debug_adf_default is set to %i\n", 04487 rsbac_debug_adf_default); 04488 04489 #if defined(CONFIG_RSBAC_REG) 04490 if(rsbac_debug_reg) 04491 rsbac_printk(KERN_DEBUG "rsbac_debug_reg is set\n"); 04492 #endif 04493 04494 #if defined(CONFIG_RSBAC_NET) 04495 if(rsbac_debug_ds_net) 04496 rsbac_printk(KERN_DEBUG "rsbac_debug_ds_net is set\n"); 04497 if(rsbac_debug_aef_net) 04498 rsbac_printk(KERN_DEBUG "rsbac_debug_aef_net is set\n"); 04499 if(rsbac_debug_adf_net) 04500 rsbac_printk(KERN_DEBUG "rsbac_debug_adf_net is set\n"); 04501 #endif 04502 04503 #if defined(CONFIG_RSBAC_MAC) 04504 if(rsbac_debug_ds_mac) 04505 rsbac_printk(KERN_DEBUG "rsbac_debug_ds_mac is set\n"); 04506 if(rsbac_debug_aef_mac) 04507 rsbac_printk(KERN_DEBUG "rsbac_debug_aef_mac is set\n"); 04508 if(rsbac_debug_adf_mac) 04509 rsbac_printk(KERN_DEBUG "rsbac_debug_adf_mac is set\n"); 04510 #endif 04511 04512 #if defined(CONFIG_RSBAC_PM) 04513 if(rsbac_debug_ds_pm) 04514 rsbac_printk(KERN_DEBUG "rsbac_debug_ds_pm is set\n"); 04515 if(rsbac_debug_aef_pm) 04516 rsbac_printk(KERN_DEBUG "rsbac_debug_aef_pm is set\n"); 04517 if(rsbac_debug_adf_pm) 04518 rsbac_printk(KERN_DEBUG "rsbac_debug_adf_pm is set\n"); 04519 #endif 04520 04521 #if defined(CONFIG_RSBAC_DAZ) 04522 if(rsbac_debug_adf_daz) 04523 rsbac_printk(KERN_DEBUG "rsbac_debug_adf_daz is set\n"); 04524 #endif 04525 04526 #if defined(CONFIG_RSBAC_RC) 04527 if(rsbac_debug_ds_rc) 04528 rsbac_printk(KERN_DEBUG "rsbac_debug_ds_rc is set\n"); 04529 if(rsbac_debug_aef_rc) 04530 rsbac_printk(KERN_DEBUG "rsbac_debug_aef_rc is set\n"); 04531 if(rsbac_debug_adf_rc) 04532 rsbac_printk(KERN_DEBUG "rsbac_debug_adf_rc is set\n"); 04533 #endif 04534 04535 #if defined(CONFIG_RSBAC_AUTH) 04536 if(rsbac_debug_ds_auth) 04537 rsbac_printk(KERN_DEBUG "rsbac_debug_ds_auth is set\n"); 04538 if(rsbac_debug_aef_auth) 04539 rsbac_printk(KERN_DEBUG "rsbac_debug_aef_auth is set\n"); 04540 if(rsbac_debug_adf_auth) 04541 rsbac_printk(KERN_DEBUG "rsbac_debug_adf_auth is set\n"); 04542 #endif 04543 04544 #if defined(CONFIG_RSBAC_ACL) 04545 if(rsbac_debug_ds_acl) 04546 rsbac_printk(KERN_DEBUG "rsbac_debug_ds_acl is set\n"); 04547 if(rsbac_debug_aef_acl) 04548 rsbac_printk(KERN_DEBUG "rsbac_debug_aef_acl is set\n"); 04549 if(rsbac_debug_adf_acl) 04550 rsbac_printk(KERN_DEBUG "rsbac_debug_adf_acl is set\n"); 04551 #endif 04552 04553 #if defined(CONFIG_RSBAC_JAIL) 04554 if(rsbac_debug_aef_jail) 04555 rsbac_printk(KERN_DEBUG "rsbac_debug_aef_jail is set\n"); 04556 if(rsbac_debug_adf_jail) 04557 rsbac_printk(KERN_DEBUG "rsbac_debug_adf_jail is set\n"); 04558 #endif 04559 04560 #if defined(CONFIG_RSBAC_PAX) 04561 if(rsbac_debug_adf_pax) 04562 rsbac_printk(KERN_DEBUG "rsbac_debug_adf_pax is set\n"); 04563 #endif 04564 04565 #if defined(CONFIG_RSBAC_AUTO_WRITE) && (CONFIG_RSBAC_AUTO_WRITE > 0) 04566 if(rsbac_debug_auto) 04567 rsbac_printk(KERN_DEBUG "rsbac_debug_auto is set\n"); 04568 #endif 04569 #endif /* DEBUG */ 04570 #endif /* RMSG */ 04571 04572 #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG 04573 if (!rsbac_nosyslog) 04574 #endif 04575 { 04576 #ifdef CONFIG_RSBAC_SOFTMODE 04577 if(rsbac_softmode) 04578 printk(KERN_DEBUG "rsbac_softmode is set\n"); 04579 #endif 04580 #if defined(CONFIG_RSBAC_AUTH_LEARN) 04581 if(rsbac_auth_learn) 04582 printk(KERN_DEBUG "rsbac_auth_learn is set\n"); 04583 #endif 04584 #if defined(CONFIG_RSBAC_ACL_LEARN) 04585 if(rsbac_acl_learn_fd) 04586 printk(KERN_DEBUG "rsbac_acl_learn_fd is set\n"); 04587 #endif 04588 #ifdef CONFIG_RSBAC_CAP_PROC_HIDE 04589 if(rsbac_cap_process_hiding) 04590 printk(KERN_DEBUG "rsbac_cap_process_hiding is set\n"); 04591 #endif 04592 #ifdef CONFIG_RSBAC_ALLOW_DAC_DISABLE_FULL 04593 if(rsbac_dac_disable) 04594 printk(KERN_DEBUG "rsbac_dac_disable is set\n"); 04595 #endif 04596 #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG 04597 if(rsbac_nosyslog) 04598 printk(KERN_DEBUG "rsbac_nosyslog is set\n"); 04599 #endif 04600 #ifdef CONFIG_RSBAC_INIT_DELAY 04601 if(rsbac_no_delay_init) 04602 printk(KERN_DEBUG "rsbac_no_delay_init is set\n"); 04603 #if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,0) 04604 if(rsbac_delayed_root_str[0]) 04605 printk(KERN_DEBUG "rsbac_delayed_root is %s\n", 04606 rsbac_delayed_root_str); 04607 #else 04608 if(rsbac_delayed_root) 04609 printk(KERN_DEBUG "rsbac_delayed_root is %02u:%02u\n", 04610 MAJOR(rsbac_delayed_root), MINOR(rsbac_delayed_root)); 04611 #endif 04612 #endif 04613 if(rsbac_no_defaults) 04614 printk(KERN_DEBUG "rsbac_no_defaults is set\n"); 04615 04616 #if defined(CONFIG_RSBAC_DEBUG) 04617 if(rsbac_debug_ds) 04618 printk(KERN_DEBUG "rsbac_debug_ds is set\n"); 04619 if(rsbac_debug_write) 04620 printk(KERN_DEBUG "rsbac_debug_write is set\n"); 04621 if(rsbac_debug_no_write) 04622 printk(KERN_DEBUG "rsbac_debug_no_write is set\n"); 04623 if(rsbac_debug_stack) 04624 printk(KERN_DEBUG "rsbac_debug_stack is set\n"); 04625 if(rsbac_debug_lists) 04626 printk(KERN_DEBUG "rsbac_debug_lists is set\n"); 04627 if(rsbac_debug_aef) 04628 printk(KERN_DEBUG "rsbac_debug_aef is set\n"); 04629 if(rsbac_debug_adf_default != 1) 04630 printk(KERN_DEBUG "rsbac_debug_adf_default is set to %i\n", 04631 rsbac_debug_adf_default); 04632 04633 #if defined(CONFIG_RSBAC_REG) || defined(CONFIG_RSBAC_REG_MAINT) 04634 if(rsbac_debug_reg) 04635 printk(KERN_DEBUG "rsbac_debug_reg is set\n"); 04636 #endif 04637 04638 #if defined(CONFIG_RSBAC_NET) 04639 if(rsbac_debug_ds_net) 04640 printk(KERN_DEBUG "rsbac_debug_ds_net is set\n"); 04641 if(rsbac_debug_aef_net) 04642 printk(KERN_DEBUG "rsbac_debug_aef_net is set\n"); 04643 if(rsbac_debug_adf_net) 04644 printk(KERN_DEBUG "rsbac_debug_adf_net is set\n"); 04645 #endif 04646 04647 #if defined(CONFIG_RSBAC_MAC) 04648 if(rsbac_debug_ds_mac) 04649 printk(KERN_DEBUG "rsbac_debug_ds_mac is set\n"); 04650 if(rsbac_debug_aef_mac) 04651 printk(KERN_DEBUG "rsbac_debug_aef_mac is set\n"); 04652 if(rsbac_debug_adf_mac) 04653 printk(KERN_DEBUG "rsbac_debug_adf_mac is set\n"); 04654 #endif 04655 04656 #if defined(CONFIG_RSBAC_PM) || defined(CONFIG_RSBAC_PM_MAINT) 04657 if(rsbac_debug_ds_pm) 04658 printk(KERN_DEBUG "rsbac_debug_ds_pm is set\n"); 04659 if(rsbac_debug_aef_pm) 04660 printk(KERN_DEBUG "rsbac_debug_aef_pm is set\n"); 04661 if(rsbac_debug_adf_pm) 04662 printk(KERN_DEBUG "rsbac_debug_adf_pm is set\n"); 04663 #endif 04664 04665 #if defined(CONFIG_RSBAC_DAZ) 04666 if(rsbac_debug_adf_daz) 04667 printk(KERN_DEBUG "rsbac_debug_adf_daz is set\n"); 04668 #endif 04669 04670 #if defined(CONFIG_RSBAC_RC) || defined(CONFIG_RSBAC_RC_MAINT) 04671 if(rsbac_debug_ds_rc) 04672 printk(KERN_DEBUG "rsbac_debug_ds_rc is set\n"); 04673 if(rsbac_debug_aef_rc) 04674 printk(KERN_DEBUG "rsbac_debug_aef_rc is set\n"); 04675 if(rsbac_debug_adf_rc) 04676 printk(KERN_DEBUG "rsbac_debug_adf_rc is set\n"); 04677 #endif 04678 04679 #if defined(CONFIG_RSBAC_AUTH) || defined(CONFIG_RSBAC_AUTH_MAINT) 04680 if(rsbac_debug_ds_auth) 04681 printk(KERN_DEBUG "rsbac_debug_ds_auth is set\n"); 04682 if(rsbac_debug_aef_auth) 04683 printk(KERN_DEBUG "rsbac_debug_aef_auth is set\n"); 04684 if(rsbac_debug_adf_auth) 04685 printk(KERN_DEBUG "rsbac_debug_adf_auth is set\n"); 04686 #endif 04687 04688 #if defined(CONFIG_RSBAC_ACL) || defined(CONFIG_RSBAC_ACL_MAINT) 04689 if(rsbac_debug_ds_acl) 04690 printk(KERN_DEBUG "rsbac_debug_ds_acl is set\n"); 04691 if(rsbac_debug_aef_acl) 04692 printk(KERN_DEBUG "rsbac_debug_aef_acl is set\n"); 04693 if(rsbac_debug_adf_acl) 04694 printk(KERN_DEBUG "rsbac_debug_adf_acl is set\n"); 04695 #endif 04696 04697 #if defined(CONFIG_RSBAC_JAIL) 04698 if(rsbac_debug_aef_jail) 04699 printk(KERN_DEBUG "rsbac_debug_aef_jail is set\n"); 04700 if(rsbac_debug_adf_jail) 04701 printk(KERN_DEBUG "rsbac_debug_adf_jail is set\n"); 04702 #endif 04703 04704 #if defined(CONFIG_RSBAC_PAX) 04705 if(rsbac_debug_adf_pax) 04706 printk(KERN_DEBUG "rsbac_debug_adf_pax is set\n"); 04707 #endif 04708 04709 #if defined(CONFIG_RSBAC_AUTO_WRITE) && (CONFIG_RSBAC_AUTO_WRITE > 0) 04710 if(rsbac_debug_auto) 04711 printk(KERN_DEBUG "rsbac_debug_auto is set\n"); 04712 #endif 04713 #endif /* DEBUG */ 04714 } 04715 }; 04716

Generated on Tue Aug 31 10:05:26 2004 for RSBAC by doxygen 1.3.8