/daten/src/linux-2.4.27-rsbac-v1.2.3/include/rsbac/aci.h File Reference

#include <rsbac/types.h>
#include <linux/init.h>

Go to the source code of this file.

Functions

int rsbac_init (kdev_t root_dev) __init
int rsbac_kthread_notify (rsbac_pid_t pid)
void rsbac_off (void)
boolean rsbac_is_initialized (void)
int rsbac_mount (struct super_block *sb_p, struct dentry *d_covers)
int rsbac_umount (struct super_block *sb_p, struct dentry *d_covers)
int rsbac_free_dat_dentries (void)
int rsbac_stats (void)
int rsbac_check (int correct, int check_inode)
int rsbac_get_parent (enum rsbac_target_t target, union rsbac_target_id_t tid, enum rsbac_target_t *parent_target_p, union rsbac_target_id_t *parent_tid_p)
int rsbac_get_attr (enum rsbac_switch_target_t module, enum rsbac_target_t target, union rsbac_target_id_t, enum rsbac_attribute_t, union rsbac_attribute_value_t *, boolean)
int rsbac_set_attr (enum rsbac_switch_target_t module, enum rsbac_target_t, union rsbac_target_id_t, enum rsbac_attribute_t, union rsbac_attribute_value_t)
int rsbac_remove_target (enum rsbac_target_t, union rsbac_target_id_t)


Function Documentation

int rsbac_check int  correct,
int  check_inode
 

Definition at line 11055 of file aci_data_structures.c.

int rsbac_free_dat_dentries void   ) 
 

Definition at line 10367 of file aci_data_structures.c.

References device_list_head, NULL, RSBAC_ENOTINITIALIZED, and rsbac_initialized.

int rsbac_get_attr enum rsbac_switch_target_t  module,
enum rsbac_target_t  target,
union  rsbac_target_id_t,
enum  rsbac_attribute_t,
union rsbac_attribute_value_t ,
boolean 
 

Definition at line 12168 of file aci_data_structures.c.

References A_auth_learn, A_auth_may_set_cap, A_auth_may_setuid, A_auth_role, A_cap_process_hiding, A_cap_role, A_current_sec_level, A_data_type, A_daz_role, A_daz_scanned, A_daz_scanner, A_fake_root_uid, A_fc_role, A_ff_flags, A_ff_role, A_initial_security_level, A_jail_flags, A_jail_id, A_jail_ip, A_jail_max_caps, A_jail_role, A_linux_dac_disable, A_local_data_type, A_local_log_array_high, A_local_log_array_low, A_local_mac_categories, A_local_object_category, A_local_pm_ipc_purpose, A_local_pm_object_class, A_local_pm_object_type, A_local_rc_type, A_local_sec_level, A_log_array_high, A_log_array_low, A_log_program_based, A_log_user_based, A_mac_auto, A_mac_categories, A_mac_check, A_mac_curr_categories, A_mac_file_flags, A_mac_initial_categories, A_mac_min_categories, A_mac_process_flags, A_mac_prop_trusted, A_mac_role, A_mac_user_flags, A_max_caps, A_max_read_categories, A_max_read_open, A_min_caps, A_min_security_level, A_min_write_categories, A_min_write_open, A_object_category, A_pax_flags, A_pax_role, A_pm_current_task, A_pm_ipc_purpose, A_pm_object_class, A_pm_object_type, A_pm_process_type, A_pm_role, A_pm_task_set, A_pm_tp, A_pseudo, A_rc_def_role, A_rc_force_role, A_rc_initial_role, A_rc_role, A_rc_type, A_rc_type_fd, A_rc_type_nt, A_remote_data_type, A_remote_log_array_high, A_remote_log_array_low, A_remote_mac_categories, A_remote_object_category, A_remote_pm_ipc_purpose, A_remote_pm_object_class, A_remote_pm_object_type, A_remote_rc_type, A_remote_sec_level, A_res_max, A_res_min, A_res_role, A_security_level, A_sim_role, A_symlink_add_mac_level, A_symlink_add_rc_role, A_symlink_add_uid, A_system_role, AUTH, rsbac_attribute_value_t::auth_learn, rsbac_attribute_value_t::auth_may_set_cap, rsbac_attribute_value_t::auth_may_setuid, CAP, rsbac_attribute_value_t::cap_process_hiding, rsbac_attribute_value_t::current_sec_level, rsbac_attribute_value_t::data_type, DAZ, rsbac_attribute_value_t::daz_scanned, rsbac_attribute_value_t::daz_scanner, def_gen_root_dir_aci, DEFAULT_GEN_DEV_ACI, DEFAULT_GEN_FD_ACI, DEFAULT_GEN_NETDEV_ACI, DEFAULT_GEN_NETOBJ_ACI, DEFAULT_GEN_P_ACI, DEFAULT_GEN_U_ACI, dev_handles, device_list_head, DT_inherit, rsbac_gen_process_aci_t::fake_root_uid, rsbac_gen_fd_aci_t::fake_root_uid, rsbac_attribute_value_t::fake_root_uid, FALSE, FC, FF, FF_add_inherited, rsbac_attribute_value_t::ff_flags, FF_no_delete_or_rename, GEN, gen_fd_hash(), rsbac_target_id_t::ipc, ipc_handles, JAIL, rsbac_attribute_value_t::jail_flags, rsbac_attribute_value_t::jail_id, rsbac_attribute_value_t::jail_ip, rsbac_attribute_value_t::jail_max_caps, LDD_inherit, rsbac_gen_fd_aci_t::linux_dac_disable, rsbac_attribute_value_t::linux_dac_disable, rsbac_gen_netobj_aci_t::log_array_high, rsbac_gen_netdev_aci_t::log_array_high, rsbac_gen_dev_aci_t::log_array_high, rsbac_gen_fd_aci_t::log_array_high, rsbac_attribute_value_t::log_array_high, rsbac_gen_netobj_aci_t::log_array_low, rsbac_gen_netdev_aci_t::log_array_low, rsbac_gen_dev_aci_t::log_array_low, rsbac_gen_fd_aci_t::log_array_low, rsbac_attribute_value_t::log_array_low, rsbac_gen_process_aci_t::log_program_based, rsbac_gen_fd_aci_t::log_program_based, rsbac_attribute_value_t::log_program_based, rsbac_gen_user_aci_t::log_user_based, rsbac_attribute_value_t::log_user_based, lookup_device(), MA_inherit, MAC, MAC_auto, rsbac_attribute_value_t::mac_auto, rsbac_attribute_value_t::mac_categories, rsbac_attribute_value_t::mac_check, rsbac_attribute_value_t::mac_file_flags, rsbac_attribute_value_t::mac_process_flags, rsbac_attribute_value_t::mac_prop_trusted, rsbac_attribute_value_t::mac_user_flags, rsbac_attribute_value_t::max_caps, rsbac_attribute_value_t::max_read_open, rsbac_attribute_value_t::min_caps, rsbac_attribute_value_t::min_write_open, rsbac_target_id_t::netdev, rsbac_target_id_t::netobj, rsbac_target_id_t::nettemp, NULL, rsbac_attribute_value_t::object_category, OC_inherit, PAX, rsbac_attribute_value_t::pax_flags, PM, rsbac_attribute_value_t::pm_current_task, rsbac_attribute_value_t::pm_ipc_purpose, rsbac_attribute_value_t::pm_object_class, rsbac_attribute_value_t::pm_object_type, rsbac_attribute_value_t::pm_process_type, rsbac_attribute_value_t::pm_role, rsbac_attribute_value_t::pm_task_set, rsbac_attribute_value_t::pm_tp, rsbac_target_id_t::process, process_handles, rsbac_gen_user_aci_t::pseudo, rsbac_attribute_value_t::pseudo, RC, rsbac_attribute_value_t::rc_def_role, rsbac_attribute_value_t::rc_force_role, rsbac_attribute_value_t::rc_initial_role, rsbac_attribute_value_t::rc_role, RC_role_inherit_parent, rsbac_attribute_value_t::rc_type, rsbac_attribute_value_t::rc_type_fd, RC_type_inherit_parent, RES, rsbac_attribute_value_t::res_array, RSBAC_ALL_USERS, RSBAC_EINVALIDATTR, RSBAC_EINVALIDDEV, RSBAC_EINVALIDMODULE, RSBAC_EINVALIDPOINTER, RSBAC_EINVALIDTARGET, RSBAC_ENOTINITIALIZED, RSBAC_FC_OC_DEF, RSBAC_FC_OC_ROOT_DEF, rsbac_fc_oc_t, RSBAC_FF_DEF, rsbac_ff_flags_t, rsbac_get_parent(), rsbac_initialized, RSBAC_JAIL_DEF_ID, rsbac_jail_id_t, rsbac_list_exist(), rsbac_list_get_data(), RSBAC_MAC_INHERIT_CAT_VECTOR, rsbac_mount(), rsbac_net_lookup_templates(), rsbac_net_temp_id_t, RSBAC_PAX_ALL_FLAGS, RSBAC_PAX_DEF_FLAGS, RSBAC_RC_GENERAL_TYPE, rsbac_rc_type_id_t, RSBAC_SIM_DT_DEF, RSBAC_SIM_DT_ROOT_DEF, rsbac_sim_dt_t, rsbac_system_role_int_t, rsbac_target_t, rsbac_attribute_value_t::security_level, SIM, SL_inherit, rsbac_net_obj_desc_t::sock_p, SR_user, rsbac_gen_fd_aci_t::symlink_add_mac_level, rsbac_attribute_value_t::symlink_add_mac_level, rsbac_gen_fd_aci_t::symlink_add_rc_role, rsbac_attribute_value_t::symlink_add_rc_role, rsbac_gen_fd_aci_t::symlink_add_uid, rsbac_attribute_value_t::symlink_add_uid, rsbac_attribute_value_t::system_role, T_DEV, T_DIR, T_FIFO, T_FILE, T_IPC, T_NETDEV, T_NETOBJ, T_NETTEMP, T_PROCESS, T_SYMLINK, T_USER, TRUE, rsbac_target_id_t::user, and user_handles.

int rsbac_get_parent enum rsbac_target_t  target,
union rsbac_target_id_t  tid,
enum rsbac_target_t parent_target_p,
union rsbac_target_id_t parent_tid_p
 

Definition at line 12046 of file aci_data_structures.c.

References device_list_head, lookup_device(), RSBAC_EINVALIDPOINTER, RSBAC_EINVALIDTARGET, RSBAC_ENOTFOUND, T_DIR, T_FIFO, T_FILE, and T_SYMLINK.

Referenced by copy_fp_cap_set_item(), copy_fp_tru_set_item(), rsbac_acl_get_rights(), rsbac_acl_get_single_right(), and rsbac_get_attr().

int rsbac_init kdev_t  root_dev  ) 
 

Definition at line 9514 of file aci_data_structures.c.

References A_rc_def_role, FALSE, NULL, process_handles, rsbac_do_init(), RSBAC_EINVALIDPOINTER, RSBAC_EREINIT, rsbac_initialized, rsbac_list_add(), rsbac_list_get_data(), RSBAC_MAC_DEF_INIT_P_FLAGS, RSBAC_MAC_P_FLAGS, rsbac_pid_t, RSBAC_RC_GENERAL_ROLE, rsbac_rc_get_boot_role(), rsbac_root_dev, RSBAC_SYSADM_UID, rsbac_uid_t, sys_kill(), user_handles, and wakeup_rsbacd().

boolean rsbac_is_initialized void   )  [inline]
 

Definition at line 9735 of file aci_data_structures.c.

References rsbac_initialized.

Referenced by rsbac_acl_add_to_acl_entry(), rsbac_acl_get_mask(), rsbac_acl_get_rights(), rsbac_acl_get_single_right(), rsbac_acl_get_tlist(), rsbac_acl_remove_acl(), rsbac_acl_remove_acl_entry(), rsbac_acl_remove_from_acl_entry(), rsbac_acl_set_acl_entry(), rsbac_acl_set_mask(), rsbac_adf_request_int(), rsbac_adf_set_attr(), rsbac_auth_add_to_f_capset(), rsbac_auth_add_to_p_capset(), rsbac_auth_clear_f_capset(), rsbac_auth_clear_p_capset(), rsbac_auth_copy_fp_capset(), rsbac_auth_copy_pp_capset(), rsbac_auth_get_f_caplist(), rsbac_auth_get_p_caplist(), rsbac_auth_p_capset_member(), rsbac_auth_remove_from_f_capset(), rsbac_auth_remove_from_p_capset(), rsbac_check_acl(), rsbac_check_auth(), rsbac_check_mac(), rsbac_init_acl(), rsbac_init_auth(), rsbac_init_daz(), rsbac_init_mac(), rsbac_init_pm(), rsbac_init_rc(), rsbac_mac_add_to_f_truset(), rsbac_mac_add_to_p_truset(), rsbac_mac_clear_f_truset(), rsbac_mac_clear_p_truset(), rsbac_mac_copy_fp_truset(), rsbac_mac_copy_pp_truset(), rsbac_mac_get_f_trulist(), rsbac_mac_get_p_trulist(), rsbac_mac_p_truset_member(), rsbac_mac_remove_from_f_truset(), rsbac_mac_remove_from_p_truset(), rsbac_mount_acl(), rsbac_mount_auth(), rsbac_mount_mac(), rsbac_pm(), rsbac_pm_change_current_task(), rsbac_rc_check_comp(), rsbac_rc_copy_role(), rsbac_rc_get_item(), rsbac_rc_get_list(), rsbac_rc_set_item(), rsbac_reg_init(), rsbac_stats_acl(), rsbac_stats_auth(), rsbac_stats_mac(), rsbac_stats_pm(), rsbac_stats_rc(), rsbac_umount_acl(), rsbac_umount_auth(), and rsbac_umount_mac().

int rsbac_kthread_notify rsbac_pid_t  pid  ) 
 

Definition at line 9740 of file aci_data_structures.c.

References process_handles, rsbac_initialized, rsbac_list_add(), and rsbac_pid_t.

int rsbac_mount struct super_block *  sb_p,
struct dentry *  d_covers
 

Definition at line 9762 of file aci_data_structures.c.

References add_device_item(), clear_device_item(), create_device_item(), device_list_head, get_error_name(), lookup_device(), NULL, register_fd_lists(), rsbac_debug_no_write, RSBAC_ECOULDNOTADDDEVICE, RSBAC_EINVALIDPOINTER, RSBAC_ENOTINITIALIZED, rsbac_init(), rsbac_initialized, rsbac_kfree(), rsbac_kmalloc(), rsbac_list_mount(), RSBAC_MAXNAMELEN, rsbac_mount_acl(), rsbac_mount_auth(), rsbac_mount_mac(), rsbac_mount_reg(), rsbac_root_dev, rsbac_write_sem, sysfs_covered_p, SYSFS_MAGIC, sysfs_sb_p, and TRUE.

Referenced by rsbac_aef_sb_post_addmount(), rsbac_aef_sb_umount_busy(), rsbac_do_init(), rsbac_get_attr(), rsbac_get_super_block(), rsbac_remove_target(), and rsbac_set_attr().

void rsbac_off void   ) 
 

int rsbac_remove_target enum  rsbac_target_t,
union  rsbac_target_id_t
 

Definition at line 16440 of file aci_data_structures.c.

References dev_handles, device_list_head, gen_fd_hash(), rsbac_target_id_t::ipc, ipc_handles, lookup_device(), rsbac_target_id_t::netdev, rsbac_target_id_t::netobj, rsbac_target_id_t::nettemp, NULL, rsbac_target_id_t::process, process_handles, rsbac_acl_remove_acl(), rsbac_auth_remove_f_capsets(), rsbac_auth_remove_p_capsets(), RSBAC_EINVALIDDEV, RSBAC_EINVALIDTARGET, RSBAC_ENOTINITIALIZED, rsbac_initialized, rsbac_list_remove(), rsbac_mac_remove_f_trusets(), rsbac_mac_remove_p_trusets(), rsbac_mount(), rsbac_net_obj_desc_t::sock_p, T_DEV, T_DIR, T_FIFO, T_FILE, T_IPC, T_NETDEV, T_NETOBJ, T_NETTEMP, T_NETTEMP_NT, T_PROCESS, T_SYMLINK, T_USER, rsbac_target_id_t::user, and user_handles.

int rsbac_set_attr enum rsbac_switch_target_t  module,
enum  rsbac_target_t,
union  rsbac_target_id_t,
enum  rsbac_attribute_t,
union  rsbac_attribute_value_t
 

Definition at line 14397 of file aci_data_structures.c.

References A_auth_learn, A_auth_may_set_cap, A_auth_may_setuid, A_auth_role, A_cap_process_hiding, A_cap_role, A_current_sec_level, A_data_type, A_daz_role, A_daz_scanned, A_daz_scanner, A_fake_root_uid, A_fc_role, A_ff_flags, A_ff_role, A_initial_security_level, A_jail_flags, A_jail_id, A_jail_ip, A_jail_max_caps, A_jail_role, A_linux_dac_disable, A_local_data_type, A_local_mac_categories, A_local_object_category, A_local_pm_ipc_purpose, A_local_pm_object_class, A_local_pm_object_type, A_local_rc_type, A_local_sec_level, A_log_array_high, A_log_array_low, A_log_program_based, A_log_user_based, A_mac_auto, A_mac_categories, A_mac_check, A_mac_curr_categories, A_mac_file_flags, A_mac_initial_categories, A_mac_min_categories, A_mac_process_flags, A_mac_prop_trusted, A_mac_role, A_mac_user_flags, A_max_caps, A_max_read_categories, A_max_read_open, A_min_caps, A_min_security_level, A_min_write_categories, A_min_write_open, A_object_category, A_pax_flags, A_pax_role, A_pm_current_task, A_pm_ipc_purpose, A_pm_object_class, A_pm_object_type, A_pm_process_type, A_pm_role, A_pm_task_set, A_pm_tp, A_pseudo, A_rc_def_role, A_rc_force_role, A_rc_initial_role, A_rc_role, A_rc_type, A_rc_type_fd, A_rc_type_nt, A_remote_data_type, A_remote_mac_categories, A_remote_object_category, A_remote_pm_ipc_purpose, A_remote_pm_object_class, A_remote_pm_object_type, A_remote_rc_type, A_remote_sec_level, A_res_max, A_res_min, A_res_role, A_security_level, A_sim_role, A_symlink_add_mac_level, A_symlink_add_rc_role, A_symlink_add_uid, A_system_role, AUTH, rsbac_attribute_value_t::auth_learn, rsbac_attribute_value_t::auth_may_set_cap, rsbac_attribute_value_t::auth_may_setuid, CAP, rsbac_attribute_value_t::cap_process_hiding, rsbac_attribute_value_t::current_sec_level, rsbac_attribute_value_t::data_type, DAZ, rsbac_attribute_value_t::daz_scanned, rsbac_attribute_value_t::daz_scanner, DEFAULT_GEN_DEV_ACI, DEFAULT_GEN_FD_ACI, DEFAULT_GEN_NETDEV_ACI, DEFAULT_GEN_NETOBJ_ACI, DEFAULT_GEN_P_ACI, DEFAULT_GEN_U_ACI, dev_handles, device_list_head, rsbac_gen_process_aci_t::fake_root_uid, rsbac_attribute_value_t::fake_root_uid, rsbac_gen_fd_aci_t::fake_root_uid, FC, FF, rsbac_attribute_value_t::ff_flags, GEN, gen_fd_hash(), rsbac_target_id_t::ipc, ipc_handles, JAIL, rsbac_attribute_value_t::jail_flags, rsbac_attribute_value_t::jail_id, rsbac_attribute_value_t::jail_ip, rsbac_attribute_value_t::jail_max_caps, rsbac_attribute_value_t::linux_dac_disable, rsbac_gen_fd_aci_t::linux_dac_disable, rsbac_gen_netobj_aci_t::log_array_high, rsbac_gen_netdev_aci_t::log_array_high, rsbac_gen_dev_aci_t::log_array_high, rsbac_attribute_value_t::log_array_high, rsbac_gen_fd_aci_t::log_array_high, rsbac_gen_netobj_aci_t::log_array_low, rsbac_gen_netdev_aci_t::log_array_low, rsbac_gen_dev_aci_t::log_array_low, rsbac_attribute_value_t::log_array_low, rsbac_gen_fd_aci_t::log_array_low, rsbac_gen_process_aci_t::log_program_based, rsbac_attribute_value_t::log_program_based, rsbac_gen_fd_aci_t::log_program_based, rsbac_attribute_value_t::log_user_based, rsbac_gen_user_aci_t::log_user_based, lookup_device(), MAC, MAC_auto, rsbac_attribute_value_t::mac_auto, rsbac_attribute_value_t::mac_categories, rsbac_attribute_value_t::mac_check, rsbac_attribute_value_t::mac_file_flags, rsbac_attribute_value_t::mac_process_flags, rsbac_attribute_value_t::mac_prop_trusted, rsbac_attribute_value_t::mac_user_flags, rsbac_attribute_value_t::max_caps, rsbac_attribute_value_t::max_read_open, rsbac_attribute_value_t::min_caps, rsbac_attribute_value_t::min_write_open, rsbac_target_id_t::netdev, rsbac_target_id_t::netobj, rsbac_target_id_t::nettemp, NULL, rsbac_attribute_value_t::object_category, PAX, rsbac_attribute_value_t::pax_flags, PM, rsbac_attribute_value_t::pm_current_task, rsbac_attribute_value_t::pm_ipc_purpose, rsbac_attribute_value_t::pm_object_class, rsbac_attribute_value_t::pm_object_type, rsbac_attribute_value_t::pm_process_type, rsbac_attribute_value_t::pm_role, rsbac_attribute_value_t::pm_task_set, rsbac_attribute_value_t::pm_tp, rsbac_target_id_t::process, process_handles, rsbac_attribute_value_t::pseudo, rsbac_gen_user_aci_t::pseudo, RC, rsbac_attribute_value_t::rc_def_role, rsbac_attribute_value_t::rc_force_role, rsbac_attribute_value_t::rc_initial_role, rsbac_attribute_value_t::rc_role, rsbac_attribute_value_t::rc_type, rsbac_attribute_value_t::rc_type_fd, RES, rsbac_attribute_value_t::res_array, RSBAC_ALL_USERS, RSBAC_EINVALIDATTR, RSBAC_EINVALIDDEV, RSBAC_EINVALIDMODULE, RSBAC_EINVALIDTARGET, RSBAC_EINVALIDVALUE, RSBAC_ENOTINITIALIZED, rsbac_fc_oc_t, rsbac_initialized, rsbac_jail_id_t, rsbac_list_add(), rsbac_list_add_ttl(), rsbac_list_exist(), rsbac_list_get_data(), rsbac_list_remove(), RSBAC_MAC_F_FLAGS, RSBAC_MAC_P_FLAGS, RSBAC_MAC_U_FLAGS, rsbac_mount(), rsbac_net_lookup_templates(), rsbac_net_temp_id_t, RSBAC_PAX_ALL_FLAGS, rsbac_rc_type_id_t, rsbac_sim_dt_t, rsbac_system_role_int_t, rsbac_uid_t, rsbac_attribute_value_t::security_level, SIM, rsbac_net_obj_desc_t::sock_p, rsbac_attribute_value_t::symlink_add_mac_level, rsbac_gen_fd_aci_t::symlink_add_mac_level, rsbac_attribute_value_t::symlink_add_rc_role, rsbac_gen_fd_aci_t::symlink_add_rc_role, rsbac_attribute_value_t::symlink_add_uid, rsbac_gen_fd_aci_t::symlink_add_uid, rsbac_attribute_value_t::system_role, T_DEV, T_DIR, T_FIFO, T_FILE, T_IPC, T_NETDEV, T_NETOBJ, T_NETTEMP, T_PROCESS, T_SYMLINK, T_USER, rsbac_target_id_t::user, and user_handles.

int rsbac_stats void   ) 
 

Definition at line 10414 of file aci_data_structures.c.

int rsbac_umount struct super_block *  sb_p,
struct dentry *  d_covers
 

Definition at line 10192 of file aci_data_structures.c.

References device_list_head, lookup_device(), NULL, remove_device_item(), rsbac_debug_no_write, RSBAC_EINVALIDPOINTER, RSBAC_ENOTINITIALIZED, rsbac_initialized, rsbac_list_umount(), rsbac_umount_acl(), rsbac_umount_auth(), rsbac_umount_mac(), rsbac_umount_reg(), rsbac_write(), rsbac_write_sem, sysfs_covered_p, SYSFS_MAGIC, sysfs_sb_p, and TRUE.

Referenced by rsbac_aef_sb_umount().


Generated on Tue Aug 31 10:05:26 2004 for RSBAC by doxygen 1.3.8