/daten/src/linux-2.4.27-rsbac-v1.2.3/rsbac/adf/rc/rc_main.c

Go to the documentation of this file.
00001 /*************************************************** */ 00002 /* Rule Set Based Access Control */ 00003 /* Implementation of the Access Control Decision */ 00004 /* Facility (ADF) - Role Compatibility */ 00005 /* File: rsbac/adf/rc/main.c */ 00006 /* */ 00007 /* Author and (c) 1999-2004: Amon Ott <ao@rsbac.org> */ 00008 /* */ 00009 /* Last modified: 11/Mar/2004 */ 00010 /*************************************************** */ 00011 00012 #include <linux/string.h> 00013 #include <rsbac/types.h> 00014 #include <rsbac/aci.h> 00015 #include <rsbac/adf_main.h> 00016 #include <rsbac/rc.h> 00017 #include <rsbac/error.h> 00018 #include <rsbac/debug.h> 00019 #include <rsbac/helpers.h> 00020 #include <rsbac/getname.h> 00021 #include <rsbac/rc_getname.h> 00022 #include <rsbac/rkmem.h> 00023 #include <rsbac/network.h> 00024 00025 /************************************************* */ 00026 /* Declarations */ 00027 /************************************************* */ 00028 00029 /************************************************* */ 00030 /* Internal Help functions */ 00031 /************************************************* */ 00032 00033 static enum rsbac_adf_req_ret_t 00034 check_comp_rc( enum rsbac_target_t target, 00035 union rsbac_target_id_t tid, 00036 enum rsbac_adf_request_t request, 00037 rsbac_pid_t caller_pid) 00038 { 00039 int err; 00040 union rsbac_target_id_t i_tid; 00041 enum rsbac_attribute_t i_attr; 00042 union rsbac_attribute_value_t i_attr_val1; 00043 union rsbac_attribute_value_t i_attr_val2; 00044 00045 union rsbac_rc_target_id_t i_rc_subtid; 00046 enum rsbac_rc_item_t i_rc_item; 00047 00048 /* get rc_role from process */ 00049 i_tid.process = caller_pid; 00050 if ((err=rsbac_get_attr(RC, 00051 T_PROCESS, 00052 i_tid, 00053 A_rc_role, 00054 &i_attr_val1, 00055 FALSE))) 00056 { 00057 rsbac_ds_get_error("check_comp_rc", A_rc_role); 00058 return(NOT_GRANTED); 00059 } 00060 switch(target) 00061 { 00062 case T_FILE: 00063 case T_DIR: 00064 case T_FIFO: 00065 case T_SYMLINK: 00066 i_rc_item = RI_type_comp_fd; 00067 i_attr = A_rc_type_fd; 00068 break; 00069 case T_DEV: 00070 i_rc_item = RI_type_comp_dev; 00071 i_attr = A_rc_type; 00072 break; 00073 case T_USER: 00074 i_rc_item = RI_type_comp_user; 00075 i_attr = A_rc_type; 00076 break; 00077 case T_PROCESS: 00078 i_rc_item = RI_type_comp_process; 00079 i_attr = A_rc_type; 00080 break; 00081 case T_IPC: 00082 i_rc_item = RI_type_comp_ipc; 00083 i_attr = A_rc_type; 00084 break; 00085 #if defined(CONFIG_RSBAC_RC_NET_DEV_PROT) 00086 case T_NETDEV: 00087 i_rc_item = RI_type_comp_netdev; 00088 i_attr = A_rc_type; 00089 break; 00090 #endif 00091 #if defined(CONFIG_RSBAC_RC_NET_OBJ_PROT) 00092 case T_NETTEMP: 00093 i_rc_item = RI_type_comp_nettemp; 00094 i_attr = A_rc_type_nt; 00095 break; 00096 case T_NETOBJ: 00097 i_rc_item = RI_type_comp_netobj; 00098 if(rsbac_net_remote_request(request)) 00099 i_attr = A_remote_rc_type; 00100 else 00101 i_attr = A_local_rc_type; 00102 break; 00103 #endif 00104 default: 00105 #ifdef CONFIG_RSBAC_RMSG 00106 rsbac_printk(KERN_WARNING "check_comp_rc(): invalid target %i!\n",target); 00107 #endif 00108 #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG 00109 if (!rsbac_nosyslog) 00110 #endif 00111 printk(KERN_WARNING "check_comp_rc(): invalid target %i!\n",target); 00112 return(NOT_GRANTED); 00113 } 00114 00115 /* get rc_type[_fd|_nt] from target */ 00116 if ((err=rsbac_get_attr(RC, 00117 target, 00118 tid, 00119 i_attr, 00120 &i_attr_val2, 00121 TRUE))) 00122 { 00123 rsbac_ds_get_error("check_comp_rc", i_attr); 00124 return(NOT_GRANTED); 00125 } 00126 00127 /* get type_comp_xxx of role */ 00128 i_rc_subtid.type = i_attr_val2.rc_type; 00129 if(rsbac_rc_check_comp(i_attr_val1.rc_role, 00130 i_rc_subtid, 00131 i_rc_item, 00132 request)) 00133 return(GRANTED); 00134 else 00135 { 00136 #ifdef CONFIG_RSBAC_DEBUG 00137 if(rsbac_debug_adf_rc) 00138 { 00139 char * tmp = rsbac_kmalloc(RSBAC_MAXNAMELEN); 00140 00141 if(tmp) 00142 { 00143 char * tmp2 = rsbac_kmalloc(RSBAC_MAXNAMELEN); 00144 if(tmp2) 00145 { 00146 #ifdef CONFIG_RSBAC_RMSG 00147 rsbac_printk(KERN_DEBUG "check_comp_rc(): pid %u (%.15s), owner %u, rc_role %i, %s rc_type %i, request %s -> NOT_GRANTED!\n", 00148 caller_pid, current->comm, current->uid, i_attr_val1.rc_role, get_target_name_only(tmp, target), i_attr_val2.rc_type, get_rc_special_right_name(tmp2, request)); 00149 #endif 00150 #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG 00151 if (!rsbac_nosyslog) 00152 #endif 00153 printk(KERN_DEBUG "check_comp_rc(): pid %u (%.15s), owner %u, rc_role %i, %s rc_type %i, request %s -> NOT_GRANTED!\n", 00154 caller_pid, current->comm, current->uid, i_attr_val1.rc_role, get_target_name_only(tmp, target), i_attr_val2.rc_type, get_rc_special_right_name(tmp2, request)); 00155 rsbac_kfree(tmp2); 00156 } 00157 rsbac_kfree(tmp); 00158 } 00159 } 00160 #endif 00161 return(NOT_GRANTED); 00162 } 00163 } 00164 00165 static enum rsbac_adf_req_ret_t 00166 check_comp_rc_scd(enum rsbac_rc_scd_type_t scd_type, 00167 enum rsbac_adf_request_t request, 00168 rsbac_pid_t caller_pid) 00169 { 00170 int err; 00171 union rsbac_target_id_t i_tid; 00172 union rsbac_attribute_value_t i_attr_val1; 00173 00174 union rsbac_rc_target_id_t i_rc_subtid; 00175 00176 /* get rc_role from process */ 00177 i_tid.process = caller_pid; 00178 if ((err=rsbac_get_attr(RC, 00179 T_PROCESS, 00180 i_tid, 00181 A_rc_role, 00182 &i_attr_val1, 00183 FALSE))) 00184 { 00185 rsbac_ds_get_error("check_comp_rc_scd", A_rc_role); 00186 return(NOT_GRANTED); 00187 } 00188 /* get type_comp_scd of role */ 00189 i_rc_subtid.type = scd_type; 00190 if(rsbac_rc_check_comp(i_attr_val1.rc_role, 00191 i_rc_subtid, 00192 RI_type_comp_scd, 00193 request)) 00194 { 00195 return(GRANTED); 00196 } 00197 else 00198 { 00199 #ifdef CONFIG_RSBAC_DEBUG 00200 if(rsbac_debug_adf_rc) 00201 { 00202 char * tmp = rsbac_kmalloc(RSBAC_MAXNAMELEN); 00203 00204 if(tmp) 00205 { 00206 #ifdef CONFIG_RSBAC_RMSG 00207 rsbac_printk(KERN_DEBUG "check_comp_rc_scd(): pid %u (%.15s), owner %u, rc_role %i, scd_type %i, request %s -> NOT_GRANTED!\n", 00208 caller_pid, current->comm, current->uid, i_attr_val1.rc_role, scd_type, get_request_name(tmp,request)); 00209 #endif 00210 #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG 00211 if (!rsbac_nosyslog) 00212 #endif 00213 printk(KERN_DEBUG "check_comp_rc_scd(): pid %u (%.15s), owner %u, rc_role %i, scd_type %i, request %s -> NOT_GRANTED!\n", 00214 caller_pid, current->comm, current->uid, i_attr_val1.rc_role, scd_type, get_request_name(tmp,request)); 00215 rsbac_kfree(tmp); 00216 } 00217 } 00218 #endif 00219 return(NOT_GRANTED); 00220 } 00221 } 00222 00223 /* exported for rc_syscalls.c */ 00224 int rsbac_rc_test_admin_roles(rsbac_rc_role_id_t t_role, boolean modify) 00225 { 00226 int err; 00227 union rsbac_target_id_t i_tid; 00228 union rsbac_attribute_value_t i_attr_val1; 00229 union rsbac_rc_target_id_t i_rc_subtid; 00230 00231 if(t_role > RC_role_max_value) 00232 return -RSBAC_EINVALIDVALUE; 00233 /* get rc_role of process */ 00234 i_tid.process = current->pid; 00235 if ((err=rsbac_get_attr(RC, T_PROCESS, 00236 i_tid, 00237 A_rc_role, 00238 &i_attr_val1, 00239 TRUE))) 00240 { 00241 rsbac_ds_get_error("rsbac_rc_test_admin_roles", A_rc_role); 00242 return -RSBAC_EREADFAILED; 00243 } 00244 00245 i_rc_subtid.role = t_role; 00246 /* read_only? -> assign_roles membership is enough */ 00247 if(!modify) 00248 { 00249 if(rsbac_rc_check_comp(i_attr_val1.rc_role, 00250 i_rc_subtid, 00251 RI_assign_roles, 00252 R_NONE)) 00253 return 0; 00254 /* fall through */ 00255 } 00256 /* check admin_roles of role */ 00257 if(rsbac_rc_check_comp(i_attr_val1.rc_role, 00258 i_rc_subtid, 00259 RI_admin_roles, 00260 R_NONE)) 00261 return 0; 00262 else 00263 return -EPERM; 00264 } 00265 00266 /* exported for rc_syscalls.c */ 00267 int rsbac_rc_test_assign_roles(enum rsbac_target_t target, 00268 union rsbac_target_id_t tid, 00269 enum rsbac_attribute_t attr, 00270 rsbac_rc_role_id_t t_role) 00271 { 00272 int err; 00273 union rsbac_target_id_t i_tid; 00274 union rsbac_attribute_value_t i_attr_val1; 00275 union rsbac_attribute_value_t i_attr_val2; 00276 union rsbac_rc_target_id_t i_rc_subtid; 00277 00278 if( ( (t_role > RC_role_max_value) 00279 && (t_role != RC_role_inherit_user) 00280 ) 00281 || (target >= T_NONE) 00282 ) 00283 return -RSBAC_EINVALIDVALUE; 00284 /* get rc_role of process */ 00285 i_tid.process = current->pid; 00286 if ((err=rsbac_get_attr(RC, T_PROCESS, 00287 i_tid, 00288 A_rc_role, 00289 &i_attr_val1, 00290 TRUE))) 00291 { 00292 rsbac_ds_get_error("rsbac_rc_test_assign_roles", A_rc_role); 00293 return -RSBAC_EREADFAILED; 00294 } 00295 /* get old role of target */ 00296 if ((err=rsbac_get_attr(RC, 00297 target, 00298 tid, 00299 attr, 00300 &i_attr_val2, 00301 TRUE))) 00302 { 00303 rsbac_ds_get_error("rsbac_rc_test_assign_roles", attr); 00304 return -RSBAC_EREADFAILED; 00305 } 00306 00307 i_rc_subtid.role = i_attr_val2.rc_role; 00308 if(!rsbac_rc_check_comp(i_attr_val1.rc_role, 00309 i_rc_subtid, 00310 RI_assign_roles, 00311 R_NONE)) 00312 return -EPERM; 00313 if(t_role != RC_role_inherit_user) 00314 { 00315 i_rc_subtid.role = t_role; 00316 if(!rsbac_rc_check_comp(i_attr_val1.rc_role, 00317 i_rc_subtid, 00318 RI_assign_roles, 00319 R_NONE)) 00320 return -EPERM; 00321 } 00322 return 0; 00323 } 00324 00325 enum rsbac_adf_req_ret_t 00326 rsbac_rc_check_type_comp(enum rsbac_target_t target, 00327 rsbac_rc_type_id_t type, 00328 enum rsbac_adf_request_t request, 00329 rsbac_pid_t caller_pid) 00330 { 00331 int err; 00332 union rsbac_target_id_t i_tid; 00333 union rsbac_attribute_value_t i_attr_val1; 00334 00335 union rsbac_rc_target_id_t i_rc_subtid; 00336 enum rsbac_rc_item_t i_rc_item; 00337 00338 if(!caller_pid) 00339 caller_pid = current->pid; 00340 /* 00341 * we don't care about tried assignments of special type values, 00342 * but deny other accesses to those 00343 */ 00344 if(type > RC_type_max_value) 00345 { 00346 if(request == RCR_ASSIGN) 00347 return GRANTED; 00348 else 00349 return NOT_GRANTED; 00350 } 00351 00352 /* get rc_role from process */ 00353 i_tid.process = caller_pid; 00354 if ((err=rsbac_get_attr(RC, 00355 T_PROCESS, 00356 i_tid, 00357 A_rc_role, 00358 &i_attr_val1, 00359 FALSE))) 00360 { 00361 rsbac_ds_get_error("rsbac_rc_check_type_comp", A_rc_role); 00362 return(NOT_GRANTED); 00363 } 00364 switch(target) 00365 { 00366 case T_FILE: 00367 case T_DIR: 00368 case T_FIFO: 00369 case T_SYMLINK: 00370 i_rc_item = RI_type_comp_fd; 00371 break; 00372 case T_DEV: 00373 i_rc_item = RI_type_comp_dev; 00374 break; 00375 case T_USER: 00376 i_rc_item = RI_type_comp_user; 00377 break; 00378 case T_PROCESS: 00379 i_rc_item = RI_type_comp_process; 00380 break; 00381 case T_IPC: 00382 i_rc_item = RI_type_comp_ipc; 00383 break; 00384 #if defined(CONFIG_RSBAC_RC_NET_DEV_PROT) 00385 case T_NETDEV: 00386 i_rc_item = RI_type_comp_netdev; 00387 break; 00388 #endif 00389 #if defined(CONFIG_RSBAC_RC_NET_OBJ_PROT) 00390 case T_NETTEMP: 00391 i_rc_item = RI_type_comp_nettemp; 00392 break; 00393 case T_NETOBJ: 00394 i_rc_item = RI_type_comp_netobj; 00395 break; 00396 #endif 00397 00398 default: 00399 #ifdef CONFIG_RSBAC_RMSG 00400 rsbac_printk(KERN_WARNING "rsbac_rc_check_type_comp(): invalid target %i!\n",target); 00401 #endif 00402 #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG 00403 if (!rsbac_nosyslog) 00404 #endif 00405 printk(KERN_WARNING "rsbac_rc_check_type_comp(): invalid target %i!\n",target); 00406 return(NOT_GRANTED); 00407 } 00408 /* check type_comp_xxx of role */ 00409 i_rc_subtid.type = type; 00410 if(rsbac_rc_check_comp(i_attr_val1.rc_role, 00411 i_rc_subtid, 00412 i_rc_item, 00413 request)) 00414 return(GRANTED); 00415 else 00416 { 00417 #ifdef CONFIG_RSBAC_DEBUG 00418 if(rsbac_debug_adf_rc) 00419 { 00420 char * tmp = rsbac_kmalloc(RSBAC_MAXNAMELEN); 00421 00422 if(tmp) 00423 { 00424 #ifdef CONFIG_RSBAC_RMSG 00425 rsbac_printk(KERN_DEBUG "rsbac_rc_check_type_comp(): rc_role is %i, rc_type is %i, request is %s -> NOT_GRANTED!\n", 00426 i_attr_val1.rc_role, type, get_rc_special_right_name(tmp, request)); 00427 #endif 00428 #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG 00429 if (!rsbac_nosyslog) 00430 #endif 00431 printk(KERN_DEBUG "rsbac_rc_check_type_comp(): rc_role is %i, rc_type is %i, request is %s -> NOT_GRANTED!\n", 00432 i_attr_val1.rc_role, type, get_rc_special_right_name(tmp, request)); 00433 rsbac_kfree(tmp); 00434 } 00435 } 00436 #endif 00437 return(NOT_GRANTED); 00438 } 00439 } 00440 00441 /* exported for rc_syscalls.c */ 00442 int rsbac_rc_test_role_admin(boolean modify) 00443 { 00444 int err; 00445 union rsbac_target_id_t i_tid; 00446 union rsbac_attribute_value_t i_attr_val1; 00447 union rsbac_rc_target_id_t i_rc_tid; 00448 union rsbac_rc_item_value_t i_rc_item_val1; 00449 00450 /* get rc_role of process */ 00451 i_tid.process = current->pid; 00452 if ((err=rsbac_get_attr(RC, T_PROCESS, 00453 i_tid, 00454 A_rc_role, 00455 &i_attr_val1, 00456 TRUE))) 00457 { 00458 rsbac_ds_get_error("rsbac_rc_test_role_admin", A_rc_role); 00459 return -RSBAC_EREADFAILED; 00460 } 00461 00462 /* get admin_type of role */ 00463 i_rc_tid.role = i_attr_val1.rc_role; 00464 if ((err=rsbac_rc_get_item(RT_ROLE, 00465 i_rc_tid, 00466 i_rc_tid, /* dummy */ 00467 RI_admin_type, 00468 &i_rc_item_val1, 00469 NULL))) 00470 { 00471 rsbac_rc_ds_get_error("rsbac_rc_test_role_admin", RI_admin_type); 00472 return -RSBAC_EREADFAILED; 00473 } 00474 00475 /* allow, if RC_role_admin or (read_only and RC_system_admin) */ 00476 if ( (i_rc_item_val1.admin_type == RC_role_admin) 00477 || ( !modify 00478 && (i_rc_item_val1.admin_type == RC_system_admin) 00479 ) 00480 ) 00481 return 0; 00482 else 00483 return -EPERM; 00484 } 00485 00486 /************************************************* */ 00487 /* Externally visible functions */ 00488 /************************************************* */ 00489 00490 enum rsbac_adf_req_ret_t 00491 rsbac_adf_request_rc (enum rsbac_adf_request_t request, 00492 rsbac_pid_t caller_pid, 00493 enum rsbac_target_t target, 00494 union rsbac_target_id_t tid, 00495 enum rsbac_attribute_t attr, 00496 union rsbac_attribute_value_t attr_val, 00497 rsbac_uid_t owner) 00498 { 00499 int err; 00500 enum rsbac_adf_req_ret_t result = DO_NOT_CARE; 00501 union rsbac_attribute_value_t i_attr_val1; 00502 union rsbac_rc_target_id_t i_rc_tid; 00503 union rsbac_rc_target_id_t i_rc_subtid; 00504 union rsbac_rc_item_value_t i_rc_item_val1; 00505 union rsbac_target_id_t i_tid; 00506 #ifdef CONFIG_RSBAC_RC_ROLE_PROT 00507 union rsbac_attribute_value_t i_attr_val2; 00508 #endif 00509 00510 switch (request) 00511 { 00512 case R_ADD_TO_KERNEL: 00513 switch(target) 00514 { 00515 case T_NONE: 00516 /* may add to kernel, if compatible */ 00517 return(check_comp_rc_scd(ST_other, request, caller_pid)); 00518 00519 /* all other cases are unknown */ 00520 default: 00521 return(DO_NOT_CARE); 00522 } 00523 00524 00525 case R_ALTER: 00526 /* only for IPC */ 00527 switch(target) 00528 { 00529 case T_IPC: 00530 return(check_comp_rc(target, tid, request, caller_pid)); 00531 00532 /* all other cases are unknown */ 00533 default: return(DO_NOT_CARE); 00534 } 00535 00536 case R_APPEND_OPEN: 00537 case R_READ_WRITE_OPEN: 00538 switch(target) 00539 { 00540 case T_FILE: 00541 case T_DEV: 00542 case T_FIFO: 00543 case T_IPC: 00544 return(check_comp_rc(target, tid, request, caller_pid)); 00545 00546 /* all other cases are unknown */ 00547 default: return(DO_NOT_CARE); 00548 } 00549 00550 case R_CHANGE_GROUP: 00551 switch(target) 00552 { 00553 case T_FILE: 00554 case T_DIR: 00555 case T_FIFO: 00556 case T_SYMLINK: 00557 case T_IPC: 00558 return(check_comp_rc(target, tid, request, caller_pid)); 00559 00560 case T_PROCESS: 00561 case T_USER: 00562 return(DO_NOT_CARE); 00563 /* all other cases are unknown */ 00564 default: return(DO_NOT_CARE); 00565 } 00566 00567 case R_CHANGE_OWNER: 00568 switch(target) 00569 { 00570 case T_FILE: 00571 case T_DIR: 00572 case T_FIFO: 00573 case T_SYMLINK: 00574 case T_IPC: 00575 return(check_comp_rc(target, tid, request, caller_pid)); 00576 00577 case T_PROCESS: 00578 /* get rc_role from process */ 00579 if ((err=rsbac_get_attr(RC, T_PROCESS, 00580 tid, 00581 A_rc_role, 00582 &i_attr_val1, 00583 FALSE))) 00584 { 00585 rsbac_ds_get_error("rsbac_adf_request_rc", A_rc_role); 00586 return(-RSBAC_EREADFAILED); 00587 } 00588 /* get def_process_chown_type of role */ 00589 i_rc_tid.role = i_attr_val1.rc_role; 00590 if ((err=rsbac_rc_get_item(RT_ROLE, 00591 i_rc_tid, 00592 i_rc_tid, /* dummy */ 00593 RI_def_process_chown_type, 00594 &i_rc_item_val1, 00595 NULL))) 00596 { 00597 rsbac_rc_ds_get_error("rsbac_adf_request_rc()", 00598 RI_def_process_chown_type); 00599 return(-RSBAC_EREADFAILED); 00600 } 00601 if( (i_rc_item_val1.type_id == RC_type_no_chown) 00602 || (i_rc_item_val1.type_id == RC_type_no_create) 00603 ) 00604 return(NOT_GRANTED); 00605 else 00606 return(GRANTED); 00607 00608 /* all other cases are unknown */ 00609 default: 00610 return(DO_NOT_CARE); 00611 } 00612 00613 case R_CHDIR: 00614 switch(target) 00615 { 00616 case T_DIR: 00617 return(check_comp_rc(target, tid, request, caller_pid)); 00618 00619 /* all other cases are unknown */ 00620 default: return(DO_NOT_CARE); 00621 } 00622 00623 case R_CLONE: 00624 if (target == T_PROCESS) 00625 { 00626 /* check, whether we may create process of def_process_create_type */ 00627 /* get rc_role from process */ 00628 i_tid.process = caller_pid; 00629 if ((err=rsbac_get_attr(RC, T_PROCESS, 00630 i_tid, 00631 A_rc_role, 00632 &i_attr_val1, 00633 FALSE))) 00634 { 00635 rsbac_ds_get_error("rsbac_adf_request_rc", A_rc_role); 00636 return(NOT_GRANTED); 00637 } 00638 /* get def_process_create_type of role */ 00639 i_rc_tid.role = i_attr_val1.rc_role; 00640 if ((err=rsbac_rc_get_item(RT_ROLE, 00641 i_rc_tid, 00642 i_rc_tid, 00643 RI_def_process_create_type, 00644 &i_rc_item_val1, 00645 NULL))) 00646 { 00647 rsbac_rc_ds_get_error("rsbac_adf_request_rc()", 00648 RI_def_process_create_type); 00649 return(-RSBAC_EREADFAILED); 00650 } 00651 switch(i_rc_item_val1.type_id) 00652 { 00653 case RC_type_no_create: 00654 return(NOT_GRANTED); 00655 00656 case RC_type_use_new_role_def_create: 00657 /* error - complain and return error */ 00658 #ifdef CONFIG_RSBAC_RMSG 00659 rsbac_printk(KERN_WARNING 00660 "rsbac_adf_request_rc(): invalid type use_new_role_def_create in def_fd_create_type of role %i!\n", 00661 i_attr_val1.rc_role); 00662 #endif 00663 #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG 00664 if (!rsbac_nosyslog) 00665 #endif 00666 printk(KERN_WARNING 00667 "rsbac_adf_request_rc(): invalid type use_new_role_def_create in def_fd_create_type of role %i!\n", 00668 i_attr_val1.rc_role); 00669 return(NOT_GRANTED); 00670 00671 case RC_type_inherit_process: 00672 case RC_type_inherit_parent: 00673 return GRANTED; 00674 00675 default: 00676 /* check, whether role has CREATE right to new type */ 00677 /* check type_comp_process of role */ 00678 i_rc_subtid.type = i_rc_item_val1.type_id; 00679 if(rsbac_rc_check_comp(i_attr_val1.rc_role, 00680 i_rc_subtid, 00681 RI_type_comp_process, 00682 R_CREATE)) 00683 return(GRANTED); 00684 else 00685 { 00686 #ifdef CONFIG_RSBAC_RMSG 00687 rsbac_printk(KERN_WARNING 00688 "rsbac_adf_request_rc(): rc_role %i has no CREATE right on its def_process_create_type %i -> NOT_GRANTED!\n", 00689 i_attr_val1.rc_role, i_rc_item_val1.type_id); 00690 #endif 00691 #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG 00692 if (!rsbac_nosyslog) 00693 #endif 00694 printk(KERN_WARNING 00695 "rsbac_adf_request_rc(): rc_role %i has no CREATE right on its def_process_create_type %i -> NOT_GRANTED!\n", 00696 i_attr_val1.rc_role, i_rc_item_val1.type_id); 00697 return(NOT_GRANTED); 00698 } 00699 } 00700 } 00701 else 00702 return(DO_NOT_CARE); 00703 00704 /* Creating dir or (pseudo) file IN target dir! */ 00705 case R_CREATE: 00706 switch(target) 00707 { 00708 case T_DIR: 00709 /* check, whether we may create files/dirs in this dir */ 00710 result = check_comp_rc(target, tid, request, caller_pid); 00711 if((result != GRANTED) && (result != DO_NOT_CARE)) 00712 return result; 00713 00714 /* check, whether we may create files/dirs of def_fd_create_type */ 00715 /* get rc_role from process */ 00716 i_tid.process = caller_pid; 00717 if ((err=rsbac_get_attr(RC, T_PROCESS, 00718 i_tid, 00719 A_rc_role, 00720 &i_attr_val1, 00721 FALSE))) 00722 { 00723 rsbac_ds_get_error("rsbac_adf_request_rc", A_rc_role); 00724 return(NOT_GRANTED); 00725 } 00726 /* get def_fd_create_type of role */ 00727 i_rc_tid.role = i_attr_val1.rc_role; 00728 if ((err=rsbac_rc_get_item(RT_ROLE, 00729 i_rc_tid, 00730 i_rc_tid, 00731 RI_def_fd_create_type, 00732 &i_rc_item_val1, 00733 NULL))) 00734 { 00735 rsbac_rc_ds_get_error("rsbac_adf_request_rc()", 00736 RI_def_fd_create_type); 00737 return(-RSBAC_EREADFAILED); 00738 } 00739 switch(i_rc_item_val1.type_id) 00740 { 00741 case RC_type_no_create: 00742 return(NOT_GRANTED); 00743 break; 00744 00745 case RC_type_use_new_role_def_create: 00746 /* error - complain and return error */ 00747 #ifdef CONFIG_RSBAC_RMSG 00748 rsbac_printk(KERN_WARNING 00749 "rsbac_adf_request_rc(): invalid type use_new_role_def_create in def_fd_create_type of role %i!\n", 00750 i_attr_val1.rc_role); 00751 #endif 00752 #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG 00753 if (!rsbac_nosyslog) 00754 #endif 00755 printk(KERN_WARNING 00756 "rsbac_adf_request_rc(): invalid type use_new_role_def_create in def_fd_create_type of role %i!\n", 00757 i_attr_val1.rc_role); 00758 return(NOT_GRANTED); 00759 00760 case RC_type_inherit_process: 00761 case RC_type_inherit_parent: 00762 return GRANTED; 00763 00764 default: 00765 /* check, whether role has CREATE right to new type */ 00766 /* get type_comp_fd of role */ 00767 i_rc_subtid.type = i_rc_item_val1.type_id; 00768 if(rsbac_rc_check_comp(i_attr_val1.rc_role, 00769 i_rc_subtid, 00770 RI_type_comp_fd, 00771 R_CREATE)) 00772 return(GRANTED); 00773 else 00774 { 00775 #ifdef CONFIG_RSBAC_RMSG 00776 rsbac_printk(KERN_WARNING 00777 "rsbac_adf_request_rc(): rc_role %i has no CREATE right on its def_fd_create_type %i -> NOT_GRANTED!\n", 00778 i_attr_val1.rc_role, i_rc_item_val1.type_id); 00779 #endif 00780 #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG 00781 if (!rsbac_nosyslog) 00782 #endif 00783 printk(KERN_WARNING 00784 "rsbac_adf_request_rc(): rc_role %i has no CREATE right on its def_fd_create_type %i -> NOT_GRANTED!\n", 00785 i_attr_val1.rc_role, i_rc_item_val1.type_id); 00786 return(NOT_GRANTED); 00787 } 00788 } 00789 00790 case T_IPC: 00791 /* check, whether we may create IPC of def_ipc_create_type */ 00792 /* get rc_role from process */ 00793 i_tid.process = caller_pid; 00794 if ((err=rsbac_get_attr(RC, T_PROCESS, 00795 i_tid, 00796 A_rc_role, 00797 &i_attr_val1, 00798 FALSE))) 00799 { 00800 rsbac_ds_get_error("rsbac_adf_request_rc", A_rc_role); 00801 return(NOT_GRANTED); 00802 } 00803 /* get def_ipc_create_type of role */ 00804 i_rc_tid.role = i_attr_val1.rc_role; 00805 if ((err=rsbac_rc_get_item(RT_ROLE, 00806 i_rc_tid, 00807 i_rc_tid, 00808 RI_def_ipc_create_type, 00809 &i_rc_item_val1, 00810 NULL))) 00811 { 00812 rsbac_rc_ds_get_error("rsbac_adf_request_rc()", 00813 RI_def_ipc_create_type); 00814 return(-RSBAC_EREADFAILED); 00815 } 00816 switch(i_rc_item_val1.type_id) 00817 { 00818 case RC_type_no_create: 00819 return(NOT_GRANTED); 00820 00821 case RC_type_use_new_role_def_create: 00822 /* error - complain and return error */ 00823 #ifdef CONFIG_RSBAC_RMSG 00824 rsbac_printk(KERN_WARNING 00825 "rsbac_adf_request_rc(): invalid type use_new_role_def_create in def_fd_create_type of role %i!\n", 00826 i_attr_val1.rc_role); 00827 #endif 00828 #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG 00829 if (!rsbac_nosyslog) 00830 #endif 00831 printk(KERN_WARNING 00832 "rsbac_adf_request_rc(): invalid type use_new_role_def_create in def_fd_create_type of role %i!\n", 00833 i_attr_val1.rc_role); 00834 return(NOT_GRANTED); 00835 00836 case RC_type_inherit_process: 00837 case RC_type_inherit_parent: 00838 return GRANTED; 00839 00840 default: 00841 /* check, whether role has CREATE right to new type */ 00842 /* get type_comp_ipc of role */ 00843 i_rc_subtid.type = i_rc_item_val1.type_id; 00844 if(rsbac_rc_check_comp(i_attr_val1.rc_role, 00845 i_rc_subtid, 00846 RI_type_comp_ipc, 00847 R_CREATE)) 00848 return(GRANTED); 00849 else 00850 { 00851 #ifdef CONFIG_RSBAC_RMSG 00852 rsbac_printk(KERN_WARNING 00853 "rsbac_adf_request_rc(): rc_role %i has no CREATE right on its def_ipc_create_type %i -> NOT_GRANTED!\n", 00854 i_attr_val1.rc_role, i_rc_item_val1.type_id); 00855 #endif 00856 #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG 00857 if (!rsbac_nosyslog) 00858 #endif 00859 printk(KERN_WARNING 00860 "rsbac_adf_request_rc(): rc_role %i has no CREATE right on its def_ipc_create_type %i -> NOT_GRANTED!\n", 00861 i_attr_val1.rc_role, i_rc_item_val1.type_id); 00862 return(NOT_GRANTED); 00863 } 00864 } 00865 00866 #if defined(CONFIG_RSBAC_RC_NET_OBJ_PROT) 00867 case T_NETTEMP: 00868 /* get rc_role from process */ 00869 i_tid.process = caller_pid; 00870 if ((err=rsbac_get_attr(RC, 00871 T_PROCESS, 00872 i_tid, 00873 A_rc_role, 00874 &i_attr_val1, 00875 FALSE))) 00876 { 00877 rsbac_ds_get_error("rsbac_adf_request_rc", A_rc_role); 00878 return(NOT_GRANTED); 00879 } 00880 /* get type_comp_xxx of role - we always use type GENERAL for CREATE */ 00881 i_rc_subtid.type = RSBAC_RC_GENERAL_TYPE; 00882 if(rsbac_rc_check_comp(i_attr_val1.rc_role, 00883 i_rc_subtid, 00884 RI_type_comp_nettemp, 00885 request)) 00886 return(GRANTED); 00887 else 00888 { 00889 #ifdef CONFIG_RSBAC_DEBUG 00890 if(rsbac_debug_adf_rc) 00891 { 00892 char * tmp = rsbac_kmalloc(RSBAC_MAXNAMELEN); 00893 00894 if(tmp) 00895 { 00896 #ifdef CONFIG_RSBAC_RMSG 00897 rsbac_printk(KERN_DEBUG 00898 "rsbac_adf_request_rc(): rc_role is %i, rc_nettemp_type is %i, request is CREATE -> NOT_GRANTED!\n", 00899 i_attr_val1.rc_role, RSBAC_RC_GENERAL_TYPE); 00900 #endif 00901 #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG 00902 if (!rsbac_nosyslog) 00903 #endif 00904 printk(KERN_DEBUG 00905 "rsbac_adf_request_rc(): rc_role is %i, rc_nettemp_type is %i, request is CREATE -> NOT_GRANTED!\n", 00906 i_attr_val1.rc_role, RSBAC_RC_GENERAL_TYPE); 00907 rsbac_kfree(tmp); 00908 } 00909 } 00910 #endif 00911 return(NOT_GRANTED); 00912 } 00913 00914 case T_NETOBJ: 00915 /* check, whether we may create NETOBJ of this type */ 00916 return(check_comp_rc(target, tid, request, caller_pid)); 00917 #endif 00918 00919 /* all other cases are unknown */ 00920 default: return(DO_NOT_CARE); 00921 } 00922 00923 case R_DELETE: 00924 switch(target) 00925 { 00926 case T_FILE: 00927 case T_DIR: 00928 case T_FIFO: 00929 case T_SYMLINK: 00930 case T_IPC: 00931 #if defined(CONFIG_RSBAC_RC_NET_OBJ_PROT) 00932 case T_NETTEMP: 00933 case T_NETOBJ: 00934 #endif 00935 return(check_comp_rc(target, tid, request, caller_pid)); 00936 00937 /* all other cases are unknown */ 00938 default: return(DO_NOT_CARE); 00939 } 00940 00941 case R_EXECUTE: 00942 switch(target) 00943 { 00944 case T_FILE: 00945 /* get rc_role from process */ 00946 if ((err=rsbac_get_attr(RC, T_PROCESS, 00947 tid, 00948 A_rc_role, 00949 &i_attr_val1, 00950 FALSE))) 00951 { 00952 rsbac_ds_get_error("rsbac_adf_request_rc", A_rc_role); 00953 return(-RSBAC_EREADFAILED); 00954 } 00955 /* get def_process_execute_type of role */ 00956 i_rc_tid.role = i_attr_val1.rc_role; 00957 if ((err=rsbac_rc_get_item(RT_ROLE, 00958 i_rc_tid, 00959 i_rc_tid, 00960 RI_def_process_execute_type, 00961 &i_rc_item_val1, 00962 NULL))) 00963 { 00964 rsbac_rc_ds_get_error("rsbac_adf_request_rc()", 00965 RI_def_process_execute_type); 00966 return(-RSBAC_EREADFAILED); 00967 } 00968 if(i_rc_item_val1.type_id == RC_type_no_execute) 00969 return(NOT_GRANTED); 00970 else 00971 return(check_comp_rc(target, tid, request, caller_pid)); 00972 00973 /* all other cases are unknown */ 00974 default: 00975 return(DO_NOT_CARE); 00976 } 00977 00978 case R_GET_STATUS_DATA: 00979 switch(target) 00980 { 00981 case T_SCD: 00982 return(check_comp_rc_scd(tid.scd, request, caller_pid)); 00983 case T_FILE: 00984 case T_DIR: 00985 case T_FIFO: 00986 case T_SYMLINK: 00987 case T_IPC: 00988 case T_PROCESS: 00989 return(check_comp_rc(target, tid, request, caller_pid)); 00990 00991 #if defined(CONFIG_RSBAC_RC_NET_DEV_PROT) 00992 case T_NETDEV: 00993 return(check_comp_rc(target, tid, request, caller_pid)); 00994 #endif 00995 00996 default: 00997 return(DO_NOT_CARE); 00998 }; 00999 01000 case R_LINK_HARD: 01001 switch(target) 01002 { 01003 case T_FILE: 01004 case T_FIFO: 01005 case T_SYMLINK: 01006 return(check_comp_rc(target, tid, request, caller_pid)); 01007 01008 /* all other cases are unknown */ 01009 default: return(DO_NOT_CARE); 01010 } 01011 01012 case R_MAP_EXEC: 01013 switch(target) 01014 { 01015 case T_FILE: 01016 return(check_comp_rc(target, tid, request, caller_pid)); 01017 01018 /* all other cases are unknown */ 01019 default: 01020 return(DO_NOT_CARE); 01021 } 01022 01023 case R_MODIFY_ACCESS_DATA: 01024 case R_RENAME: 01025 switch(target) 01026 { 01027 case T_FILE: 01028 case T_DIR: 01029 case T_FIFO: 01030 case T_SYMLINK: 01031 return(check_comp_rc(target, tid, request, caller_pid)); 01032 01033 /* all other cases are unknown */ 01034 default: return(DO_NOT_CARE); 01035 } 01036 01037 case R_MODIFY_ATTRIBUTE: 01038 switch(attr) 01039 { /* owner must be changed by other request to prevent inconsistency */ 01040 case A_owner: 01041 return(NOT_GRANTED); 01042 case A_rc_type: 01043 case A_rc_type_fd: 01044 case A_rc_type_nt: 01045 /* Granted on target? */ 01046 result = check_comp_rc(target, tid, request, caller_pid); 01047 if( (result == GRANTED) 01048 || (result == DO_NOT_CARE) 01049 ) 01050 { 01051 /* Granted on type? */ 01052 result = rsbac_rc_check_type_comp(target, attr_val.rc_type, RCR_ASSIGN, caller_pid); 01053 if( (result == GRANTED) 01054 || (result == DO_NOT_CARE) 01055 ) 01056 return result; 01057 } 01058 /* Classical admin_type check */ 01059 if ((err=rsbac_rc_test_role_admin(TRUE))) 01060 return(NOT_GRANTED); 01061 else 01062 return(GRANTED); 01063 01064 case A_rc_force_role: 01065 case A_rc_initial_role: 01066 case A_rc_role: 01067 case A_rc_def_role: 01068 /* Granted on target? */ 01069 result = check_comp_rc(target, tid, request, caller_pid); 01070 if( (result == GRANTED) 01071 || (result == DO_NOT_CARE) 01072 ) 01073 { 01074 /* test assign_roles of process / modify */ 01075 if (!(err=rsbac_rc_test_assign_roles(target, tid, attr, attr_val.rc_role))) 01076 return(GRANTED); 01077 } 01078 /* Classical admin_type check */ 01079 if (rsbac_rc_test_role_admin(TRUE)) 01080 return(NOT_GRANTED); 01081 else 01082 return(GRANTED); 01083 01084 /* you may only change a user's pseudo, if you also may assign her role */ 01085 case A_pseudo: 01086 if(target != T_USER) 01087 return UNDEFINED; 01088 /* test assign_roles of process for user's role only */ 01089 if (rsbac_rc_test_assign_roles(target, tid, A_rc_def_role, RC_role_inherit_user)) 01090 return(NOT_GRANTED); 01091 else 01092 return(GRANTED); 01093 01094 #ifdef CONFIG_RSBAC_RC_GEN_PROT 01095 case A_log_array_low: 01096 case A_log_array_high: 01097 case A_log_program_based: 01098 case A_log_user_based: 01099 case A_symlink_add_uid: 01100 case A_symlink_add_rc_role: 01101 case A_linux_dac_disable: 01102 case A_fake_root_uid: 01103 /* Explicitely granted? */ 01104 result = check_comp_rc(target, tid, request, caller_pid); 01105 if( (result == GRANTED) 01106 || (result == DO_NOT_CARE) 01107 ) 01108 return result; 01109 /* Failed -> Classical admin_type check / modify */ 01110 if (rsbac_rc_test_role_admin(TRUE)) 01111 return(NOT_GRANTED); 01112 else 01113 return(GRANTED); 01114 #endif 01115 01116 /* All attributes (remove target!) */ 01117 case A_none: 01118 switch(target) 01119 { 01120 case T_USER: 01121 /* test assign_roles of process for user's role */ 01122 if ((err=rsbac_rc_test_assign_roles(target, tid, A_rc_def_role, RC_role_inherit_user))) 01123 return(NOT_GRANTED); 01124 else 01125 return(GRANTED); 01126 01127 default: 01128 /* Explicitely granted? */ 01129 return(check_comp_rc(target, tid, request, caller_pid)); 01130 } 01131 01132 #ifdef CONFIG_RSBAC_RC_AUTH_PROT 01133 case A_auth_may_setuid: 01134 case A_auth_may_set_cap: 01135 case A_auth_start_uid: 01136 case A_auth_program_file: 01137 case A_auth_learn: 01138 case A_auth_add_f_cap: 01139 case A_auth_remove_f_cap: 01140 /* may manipulate auth capabilities, if allowed in general... */ 01141 result = check_comp_rc_scd(RST_auth_administration, request, caller_pid); 01142 if( (result == GRANTED) 01143 || (result == DO_NOT_CARE) 01144 ) 01145 { 01146 /* ...and for this target */ 01147 result = check_comp_rc(target, tid, RCR_MODIFY_AUTH, caller_pid); 01148 if( (result == GRANTED) 01149 || (result == DO_NOT_CARE) 01150 ) 01151 return result; 01152 } 01153 /* Last chance: classical admin_type check */ 01154 if ((err=rsbac_rc_test_role_admin(TRUE))) 01155 return(NOT_GRANTED); 01156 else 01157 return(GRANTED); 01158 #endif 01159 01160 default: 01161 return(DO_NOT_CARE); 01162 } 01163 01164 case R_MODIFY_PERMISSIONS_DATA: 01165 switch(target) 01166 { 01167 case T_FILE: 01168 case T_DIR: 01169 case T_FIFO: 01170 case T_SYMLINK: 01171 case T_IPC: 01172 return(check_comp_rc(target, tid, request, caller_pid)); 01173 01174 case T_SCD: 01175 return(check_comp_rc_scd(tid.scd, request, caller_pid)); 01176 01177 #ifdef CONFIG_RSBAC_ALLOW_DAC_DISABLE 01178 case T_NONE: 01179 /* may turn off Linux DAC, if compatible */ 01180 return(check_comp_rc_scd(ST_other, request, caller_pid)); 01181 #endif 01182 01183 /* all other cases are unknown */ 01184 default: return(DO_NOT_CARE); 01185 } 01186 01187 case R_MODIFY_SYSTEM_DATA: 01188 switch(target) 01189 { 01190 case T_SCD: 01191 return(check_comp_rc_scd(tid.scd, request, caller_pid)); 01192 01193 #if defined(CONFIG_RSBAC_RC_NET_DEV_PROT) 01194 case T_NETDEV: 01195 return(check_comp_rc(target, tid, request, caller_pid)); 01196 #endif 01197 01198 /* all other cases are unknown */ 01199 default: return(DO_NOT_CARE); 01200 } 01201 01202 case R_MOUNT: 01203 switch(target) 01204 { 01205 case T_FILE: 01206 case T_DIR: 01207 case T_DEV: 01208 return(check_comp_rc(target, tid, request, caller_pid)); 01209 01210 /* all other cases are unknown */ 01211 default: return(DO_NOT_CARE); 01212 } 01213 01214 case R_READ: 01215 case R_WRITE: 01216 switch(target) 01217 { 01218 case T_DIR: 01219 #ifdef CONFIG_RSBAC_RW 01220 case T_FILE: 01221 case T_FIFO: 01222 case T_DEV: 01223 #endif 01224 #if defined(CONFIG_RSBAC_RC_NET_OBJ_PROT) 01225 #if defined(CONFIG_RSBAC_NET_OBJ_RW) 01226 case T_NETTEMP: 01227 case T_NETOBJ: 01228 #endif 01229 #endif 01230 return(check_comp_rc(target, tid, request, caller_pid)); 01231 01232 /* all other cases are unknown */ 01233 default: return(DO_NOT_CARE); 01234 } 01235 01236 case R_READ_ATTRIBUTE: 01237 switch(attr) 01238 { 01239 case A_rc_type: 01240 case A_rc_type_fd: 01241 case A_rc_type_nt: 01242 case A_rc_force_role: 01243 case A_rc_initial_role: 01244 case A_rc_role: 01245 case A_rc_def_role: 01246 case A_pseudo: 01247 #ifdef CONFIG_RSBAC_RC_GEN_PROT 01248 case A_owner: 01249 case A_log_array_low: 01250 case A_log_array_high: 01251 case A_log_program_based: 01252 case A_log_user_based: 01253 case A_symlink_add_uid: 01254 case A_symlink_add_rc_role: 01255 case A_linux_dac_disable: 01256 case A_fake_root_uid: 01257 #endif 01258 /* Explicitely granted? */ 01259 result = check_comp_rc(target, tid, request, caller_pid); 01260 if( (result == GRANTED) 01261 || (result == DO_NOT_CARE) 01262 ) 01263 return result; 01264 /* Failed -> Classical admin_type check / modify */ 01265 if (rsbac_rc_test_role_admin(FALSE)) 01266 return(NOT_GRANTED); 01267 else 01268 return(GRANTED); 01269 01270 #ifdef CONFIG_RSBAC_RC_AUTH_PROT 01271 case A_auth_may_setuid: 01272 case A_auth_may_set_cap: 01273 case A_auth_start_uid: 01274 case A_auth_program_file: 01275 case A_auth_learn: 01276 case A_auth_add_f_cap: 01277 case A_auth_remove_f_cap: 01278 /* may read auth capabilities, if compatible */ 01279 result = check_comp_rc_scd(RST_auth_administration, request, caller_pid); 01280 if( (result == GRANTED) 01281 || (result == DO_NOT_CARE) 01282 ) 01283 return result; 01284 /* Failed -> Classical admin_type check / modify */ 01285 if (rsbac_rc_test_role_admin(FALSE)) 01286 return(NOT_GRANTED); 01287 else 01288 return(GRANTED); 01289 #endif 01290 01291 default: 01292 return(DO_NOT_CARE); 01293 } 01294 01295 case R_READ_OPEN: 01296 switch(target) 01297 { 01298 case T_FILE: 01299 case T_DIR: 01300 case T_FIFO: 01301 case T_DEV: 01302 case T_IPC: 01303 return(check_comp_rc(target, tid, request, caller_pid)); 01304 01305 /* all other cases are unknown */ 01306 default: return(DO_NOT_CARE); 01307 } 01308 01309 case R_REMOVE_FROM_KERNEL: 01310 switch(target) 01311 { 01312 case T_NONE: 01313 return(check_comp_rc_scd(ST_other, request, caller_pid)); 01314 01315 /* all other cases are unknown */ 01316 default: return(DO_NOT_CARE); 01317 } 01318 01319 case R_SEARCH: 01320 switch(target) 01321 { 01322 case T_DIR: 01323 case T_SYMLINK: 01324 return(check_comp_rc(target, tid, request, caller_pid)); 01325 01326 /* all other cases are unknown */ 01327 default: return(DO_NOT_CARE); 01328 } 01329 01330 case R_SEND_SIGNAL: 01331 case R_TRACE: 01332 if (target == T_PROCESS) 01333 return(check_comp_rc(target, tid, request, caller_pid)); 01334 else 01335 return(DO_NOT_CARE); 01336 01337 case R_SHUTDOWN: 01338 switch(target) 01339 { 01340 case T_NONE: 01341 return(check_comp_rc_scd(ST_other, request, caller_pid)); 01342 01343 /* all other cases are unknown */ 01344 default: return(DO_NOT_CARE); 01345 } 01346 01347 case R_SWITCH_LOG: 01348 switch(target) 01349 { 01350 case T_NONE: 01351 return(check_comp_rc_scd(ST_other, request, caller_pid)); 01352 01353 /* all other cases are unknown */ 01354 default: return(DO_NOT_CARE); 01355 } 01356 01357 case R_SWITCH_MODULE: 01358 switch(target) 01359 { 01360 case T_NONE: 01361 /* we need the switch_target */ 01362 if(attr != A_switch_target) 01363 return(UNDEFINED); 01364 /* do not care for other modules */ 01365 if( (attr_val.switch_target != RC) 01366 #ifdef CONFIG_RSBAC_SOFTMODE 01367 && (attr_val.switch_target != SOFTMODE) 01368 #endif 01369 ) 01370 return(DO_NOT_CARE); 01371 return(check_comp_rc_scd(ST_other, request, caller_pid)); 01372 01373 /* all other cases are unknown */ 01374 default: return(DO_NOT_CARE); 01375 } 01376 01377 case R_TERMINATE: 01378 if (target == T_PROCESS) 01379 return(DO_NOT_CARE); 01380 else 01381 return(DO_NOT_CARE); 01382 01383 case R_TRUNCATE: 01384 switch(target) 01385 { 01386 case T_FILE: 01387 return(check_comp_rc(target, tid, request, caller_pid)); 01388 01389 /* all other cases are unknown */ 01390 default: return(DO_NOT_CARE); 01391 } 01392 01393 case R_WRITE_OPEN: 01394 switch(target) 01395 { 01396 case T_FILE: 01397 case T_DEV: 01398 case T_FIFO: 01399 case T_IPC: 01400 return(check_comp_rc(target, tid, request, caller_pid)); 01401 01402 /* all other cases are unknown */ 01403 default: return(DO_NOT_CARE); 01404 } 01405 01406 case R_UMOUNT: 01407 switch(target) 01408 { 01409 case T_FILE: 01410 case T_DIR: 01411 case T_DEV: 01412 return(check_comp_rc(target, tid, request, caller_pid)); 01413 01414 /* all other cases are unknown */ 01415 default: return(DO_NOT_CARE); 01416 } 01417 01418 01419 #if defined(CONFIG_RSBAC_NET) 01420 case R_BIND: 01421 switch(target) 01422 { 01423 #if defined(CONFIG_RSBAC_RC_NET_DEV_PROT) 01424 case T_NETDEV: 01425 return(check_comp_rc(target, tid, request, caller_pid)); 01426 #endif 01427 01428 #if defined(CONFIG_RSBAC_RC_NET_OBJ_PROT) 01429 case T_NETOBJ: 01430 return(check_comp_rc(target, tid, request, caller_pid)); 01431 #endif 01432 01433 /* all other cases are undefined */ 01434 default: return(DO_NOT_CARE); 01435 } 01436 #endif 01437 01438 #if defined(CONFIG_RSBAC_RC_NET_OBJ_PROT) 01439 case R_LISTEN: 01440 case R_ACCEPT: 01441 case R_CONNECT: 01442 case R_SEND: 01443 case R_RECEIVE: 01444 case R_NET_SHUTDOWN: 01445 switch(target) 01446 { 01447 case T_NETOBJ: 01448 return(check_comp_rc(target, tid, request, caller_pid)); 01449 01450 /* all other cases are undefined */ 01451 default: return(DO_NOT_CARE); 01452 } 01453 #endif 01454 01455 /*********************/ 01456 default: return DO_NOT_CARE; 01457 } 01458 01459 return(result); 01460 }; /* end of rsbac_adf_request_rc() */ 01461 01462 01463 /*****************************************************************************/ 01464 /* If the request returned granted and the operation is performed, */ 01465 /* the following function can be called by the AEF to get all aci set */ 01466 /* correctly. For write accesses that are performed fully within the kernel, */ 01467 /* this is usually not done to prevent extra calls, including R_CLOSE for */ 01468 /* cleaning up. Because of this, the write boundary is not adjusted - there */ 01469 /* is no user-level writing anyway... */ 01470 /* The second instance of target specification is the new target, if one has */ 01471 /* been created, otherwise its values are ignored. */ 01472 /* On success, 0 is returned, and an error from rsbac/error.h otherwise. */ 01473 01474 int rsbac_adf_set_attr_rc( 01475 enum rsbac_adf_request_t request, 01476 rsbac_pid_t caller_pid, 01477 enum rsbac_target_t target, 01478 union rsbac_target_id_t tid, 01479 enum rsbac_target_t new_target, 01480 union rsbac_target_id_t new_tid, 01481 enum rsbac_attribute_t attr, 01482 union rsbac_attribute_value_t attr_val, 01483 rsbac_uid_t owner) 01484 { 01485 int err; 01486 union rsbac_target_id_t i_tid; 01487 union rsbac_attribute_value_t i_attr_val1; 01488 union rsbac_attribute_value_t i_attr_val2; 01489 union rsbac_rc_target_id_t i_rc_tid; 01490 union rsbac_rc_item_value_t i_rc_item_val1; 01491 01492 switch (request) 01493 { 01494 case R_CHANGE_OWNER: 01495 switch (target) 01496 { 01497 case T_PROCESS: 01498 /* setting owner for process is done in main dispatcher */ 01499 /* Here we have to adjust the rc_type and set the rc_role */ 01500 /* to the new owner's rc_def_role */ 01501 if(attr != A_owner) 01502 return(-RSBAC_EINVALIDATTR); 01503 01504 /* get old rc_role from process */ 01505 i_tid.process = caller_pid; 01506 if ((err=rsbac_get_attr(RC, T_PROCESS, 01507 i_tid, 01508 A_rc_role, 01509 &i_attr_val1, 01510 TRUE))) 01511 { 01512 rsbac_ds_get_error("rsbac_adf_set_attr_rc", A_rc_role); 01513 return(-RSBAC_EREADFAILED); 01514 } 01515 /* get def_process_chown_type of old role */ 01516 i_rc_tid.role = i_attr_val1.rc_role; 01517 if ((err=rsbac_rc_get_item(RT_ROLE, 01518 i_rc_tid, 01519 i_rc_tid, 01520 RI_def_process_chown_type, 01521 &i_rc_item_val1, 01522 NULL))) 01523 { 01524 rsbac_rc_ds_get_error("rsbac_adf_set_attr_rc()", 01525 RI_def_process_chown_type); 01526 return(-RSBAC_EREADFAILED); 01527 } 01528 01529 /* get rc_force_role from process */ 01530 i_tid.process = caller_pid; 01531 if ((err=rsbac_get_attr(RC, T_PROCESS, 01532 i_tid, 01533 A_rc_force_role, 01534 &i_attr_val1, 01535 TRUE))) 01536 { 01537 rsbac_ds_get_error("rsbac_adf_set_attr_rc", A_rc_force_role); 01538 return(-RSBAC_EREADFAILED); 01539 } 01540 /* only set to user's rc_def_role, if indicated by force_role, otherwise keep */ 01541 if( (i_attr_val1.rc_force_role == RC_role_inherit_user) 01542 || (i_attr_val1.rc_force_role == RC_role_inherit_up_mixed) 01543 ) 01544 { 01545 /* get rc_def_role from new owner */ 01546 i_tid.user = attr_val.owner; 01547 if ((err=rsbac_get_attr(RC, T_USER, 01548 i_tid, 01549 A_rc_def_role, 01550 &i_attr_val1, 01551 TRUE))) 01552 { 01553 rsbac_ds_get_error("rsbac_adf_set_attr_rc", A_rc_def_role); 01554 return(-RSBAC_EREADFAILED); 01555 } 01556 /* check rc_def_role, warn, if unusable */ 01557 if(i_attr_val1.rc_def_role > RC_role_max_value) 01558 { 01559 #ifdef CONFIG_RSBAC_RMSG 01560 rsbac_printk(KERN_WARNING 01561 "rsbac_adf_set_attr_rc(): rc_def_role %u of user %u is higher than MAX_ROLE %u, setting role of process %u to GENERAL_ROLE %u!\n", 01562 i_attr_val1.rc_def_role, attr_val.owner, RC_role_max_value, caller_pid, RSBAC_RC_GENERAL_ROLE); 01563 #endif 01564 #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG 01565 if (!rsbac_nosyslog) 01566 #endif 01567 printk(KERN_WARNING 01568 "rsbac_adf_set_attr_rc(): rc_def_role %u of user %u is higher than MAX_ROLE %u, setting role of process %u to GENERAL_ROLE %u!\n", 01569 i_attr_val1.rc_def_role, attr_val.owner, RC_role_max_value, caller_pid, RSBAC_RC_GENERAL_ROLE); 01570 i_attr_val1.rc_def_role = RSBAC_RC_GENERAL_ROLE; 01571 } 01572 /* set new rc_role for process */ 01573 i_tid.process = caller_pid; 01574 if ((err=rsbac_set_attr(RC, T_PROCESS, 01575 i_tid, 01576 A_rc_role, 01577 i_attr_val1))) 01578 { 01579 rsbac_ds_set_error("rsbac_adf_set_attr_rc", A_rc_role); 01580 return(-RSBAC_EWRITEFAILED); 01581 } 01582 } 01583 else /* set it to the force_role, if real role) */ 01584 if( (i_attr_val1.rc_force_role <= RC_role_max_value) 01585 ) 01586 { 01587 /* set new rc_role for process */ 01588 i_tid.process = caller_pid; 01589 if ((err=rsbac_set_attr(RC, T_PROCESS, 01590 i_tid, 01591 A_rc_role, 01592 i_attr_val1))) 01593 { 01594 rsbac_ds_set_error("rsbac_adf_set_attr_rc", A_rc_role); 01595 return(-RSBAC_EWRITEFAILED); 01596 } 01597 } 01598 01599 /* adjust type: switch on def_process_chown_type of old role */ 01600 switch(i_rc_item_val1.type_id) 01601 { 01602 case RC_type_inherit_process: 01603 case RC_type_inherit_parent: 01604 /* keep old type */ 01605 break; 01606 case RC_type_use_new_role_def_create: 01607 /* get def_process_create_type of new role */ 01608 i_rc_tid.role = i_attr_val1.rc_role; 01609 if ((err=rsbac_rc_get_item(RT_ROLE, 01610 i_rc_tid, 01611 i_rc_tid, 01612 RI_def_process_create_type, 01613 &i_rc_item_val1, 01614 NULL))) 01615 { 01616 rsbac_rc_ds_get_error("rsbac_adf_set_attr_rc()", 01617 RI_def_process_create_type); 01618 return(-RSBAC_EREADFAILED); 01619 } 01620 switch(i_rc_item_val1.type_id) 01621 { 01622 case RC_type_inherit_process: 01623 case RC_type_inherit_parent: 01624 /* keep old type */ 01625 break; 01626 case RC_type_use_new_role_def_create: 01627 /* error - complain, but keep type (inherit) */ 01628 #ifdef CONFIG_RSBAC_RMSG 01629 rsbac_printk(KERN_WARNING 01630 "rsbac_adf_set_attr_rc(): invalid type use_new_role_def_create in def_process_create_type of role %i!\n", 01631 i_attr_val1.rc_role); 01632 #endif 01633 #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG 01634 if (!rsbac_nosyslog) 01635 #endif 01636 printk(KERN_WARNING 01637 "rsbac_adf_set_attr_rc(): invalid type use_new_role_def_create in def_process_create_type of role %i!\n", 01638 i_attr_val1.rc_role); 01639 break; 01640 case RC_type_no_create: 01641 /* set rc_type for process to general */ 01642 i_rc_item_val1.type_id = RSBAC_RC_GENERAL_TYPE; 01643 /* fall through */ 01644 default: 01645 /* set rc_type for process */ 01646 i_attr_val1.rc_type = i_rc_item_val1.type_id; 01647 if ((err=rsbac_set_attr(RC, T_PROCESS, 01648 i_tid, 01649 A_rc_type, 01650 i_attr_val1))) 01651 { 01652 rsbac_ds_set_error("rsbac_adf_set_attr_rc", A_rc_type); 01653 return(-RSBAC_EWRITEFAILED); 01654 } 01655 } 01656 break; 01657 case RC_type_no_create: 01658 case RC_type_no_chown: 01659 /* set rc_type for process to general */ 01660 i_rc_item_val1.type_id = RSBAC_RC_GENERAL_TYPE; 01661 /* fall through */ 01662 default: 01663 /* set rc_type for process */ 01664 i_attr_val1.rc_type = i_rc_item_val1.type_id; 01665 if ((err=rsbac_set_attr(RC, T_PROCESS, 01666 i_tid, 01667 A_rc_type, 01668 i_attr_val1))) 01669 { 01670 rsbac_ds_set_error("rsbac_adf_set_attr_rc", A_rc_type); 01671 return(-RSBAC_EWRITEFAILED); 01672 } 01673 } 01674 01675 return(0); 01676 01677 /* all other cases */ 01678 default: 01679 return(0); 01680 } 01681 01682 case R_CLONE: 01683 if (target == T_PROCESS) 01684 { 01685 /* get rc_role from process */ 01686 if ((err=rsbac_get_attr(RC, T_PROCESS, 01687 tid, 01688 A_rc_role, 01689 &i_attr_val1, 01690 FALSE))) 01691 { 01692 rsbac_ds_get_error("rsbac_adf_set_attr_rc", A_rc_role); 01693 return(-RSBAC_EREADFAILED); 01694 } 01695 01696 /* get rc_force_role from process */ 01697 if ((err=rsbac_get_attr(RC, T_PROCESS, 01698 tid, 01699 A_rc_force_role, 01700 &i_attr_val2, 01701 FALSE))) 01702 { 01703 rsbac_ds_get_error("rsbac_adf_set_attr_rc", A_rc_force_role); 01704 return(-RSBAC_EREADFAILED); 01705 } 01706 01707 /* set rc_role for new process */ 01708 if ((err=rsbac_set_attr(RC, T_PROCESS, 01709 new_tid, 01710 A_rc_role, 01711 i_attr_val1))) 01712 { 01713 rsbac_ds_set_error("rsbac_adf_set_attr_rc", A_rc_role); 01714 return(-RSBAC_EWRITEFAILED); 01715 } 01716 01717 /* set rc_force_role for new process */ 01718 if ((err=rsbac_set_attr(RC, T_PROCESS, 01719 new_tid, 01720 A_rc_force_role, 01721 i_attr_val2))) 01722 { 01723 rsbac_ds_set_error("rsbac_adf_set_attr_rc", A_rc_force_role); 01724 return(-RSBAC_EWRITEFAILED); 01725 } 01726 01727 /* get def_process_create_type of role */ 01728 i_rc_tid.role = i_attr_val1.rc_role; 01729 if ((err=rsbac_rc_get_item(RT_ROLE, 01730 i_rc_tid, 01731 i_rc_tid, 01732 RI_def_process_create_type, 01733 &i_rc_item_val1, 01734 NULL))) 01735 { 01736 rsbac_rc_ds_get_error("rsbac_adf_set_attr_rc()", 01737 RI_def_process_create_type); 01738 return(-RSBAC_EREADFAILED); 01739 } 01740 switch(i_rc_item_val1.type_id) 01741 { 01742 case RC_type_inherit_parent: 01743 case RC_type_inherit_process: 01744 /* copy old type */ 01745 /* get rc_type from old process */ 01746 if ((err=rsbac_get_attr(RC, T_PROCESS, 01747 tid, 01748 A_rc_type, 01749 &i_attr_val1, 01750 FALSE))) 01751 { 01752 rsbac_ds_get_error("rsbac_adf_set_attr_rc", A_rc_type); 01753 return(-RSBAC_EREADFAILED); 01754 } 01755 /* set rc_type for new process */ 01756 if ((err=rsbac_set_attr(RC, T_PROCESS, 01757 new_tid, 01758 A_rc_type, 01759 i_attr_val1))) 01760 { 01761 rsbac_ds_set_error("rsbac_adf_set_attr_rc", A_rc_type); 01762 return(-RSBAC_EWRITEFAILED); 01763 } 01764 break; 01765 case RC_type_no_create: 01766 return(-RSBAC_EDECISIONMISMATCH); 01767 case RC_type_use_new_role_def_create: 01768 /* error - complain, but keep type (inherit) */ 01769 #ifdef CONFIG_RSBAC_RMSG 01770 rsbac_printk(KERN_WARNING 01771 "rsbac_adf_set_attr_rc(): invalid type use_new_role_def_create in def_process_create_type of role %i!\n", 01772 i_attr_val1.rc_role); 01773 #endif 01774 #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG 01775 if (!rsbac_nosyslog) 01776 #endif 01777 printk(KERN_WARNING 01778 "rsbac_adf_set_attr_rc(): invalid type use_new_role_def_create in def_process_create_type of role %i!\n", 01779 i_attr_val1.rc_role); 01780 return(-RSBAC_EINVALIDVALUE); 01781 default: 01782 /* set rc_type for new process */ 01783 i_attr_val1.rc_type = i_rc_item_val1.type_id; 01784 if ((err=rsbac_set_attr(RC, T_PROCESS, 01785 new_tid, 01786 A_rc_type, 01787 i_attr_val1))) 01788 { 01789 rsbac_ds_set_error("rsbac_adf_set_attr_rc", A_rc_type); 01790 return(-RSBAC_EWRITEFAILED); 01791 } 01792 } 01793 return(0); 01794 } 01795 else 01796 return(0); 01797 01798 case R_CREATE: 01799 switch(target) 01800 { 01801 /* Creating dir or (pseudo) file IN target dir! */ 01802 case T_DIR: 01803 /* Mode of created item is ignored! */ 01804 /* get rc_role from process */ 01805 i_tid.process = caller_pid; 01806 if ((err=rsbac_get_attr(RC, T_PROCESS, 01807 i_tid, 01808 A_rc_role, 01809 &i_attr_val1, 01810 FALSE))) 01811 { 01812 rsbac_ds_get_error("rsbac_adf_set_attr_rc", A_rc_role); 01813 return(-RSBAC_EREADFAILED); 01814 } 01815 /* get def_fd_create_type of role */ 01816 i_rc_tid.role = i_attr_val1.rc_role; 01817 if ((err=rsbac_rc_get_item(RT_ROLE, 01818 i_rc_tid, 01819 i_rc_tid, 01820 RI_def_fd_create_type, 01821 &i_rc_item_val1, 01822 NULL))) 01823 { 01824 rsbac_rc_ds_get_error("rsbac_adf_set_attr_rc()", 01825 RI_def_fd_create_type); 01826 return(-RSBAC_EREADFAILED); 01827 } 01828 switch(i_rc_item_val1.type_id) 01829 { 01830 case RC_type_no_create: 01831 return(-RSBAC_EDECISIONMISMATCH); 01832 break; 01833 01834 case RC_type_use_new_role_def_create: 01835 /* error - complain and return error */ 01836 #ifdef CONFIG_RSBAC_RMSG 01837 rsbac_printk(KERN_WARNING 01838 "rsbac_adf_set_attr_rc(): invalid type use_new_role_def_create in def_fd_create_type of role %i!\n", 01839 i_attr_val1.rc_role); 01840 #endif 01841 #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG 01842 if (!rsbac_nosyslog) 01843 #endif 01844 printk(KERN_WARNING 01845 "rsbac_adf_set_attr_rc(): invalid type use_new_role_def_create in def_fd_create_type of role %i!\n", 01846 i_attr_val1.rc_role); 01847 return(-RSBAC_EINVALIDVALUE); 01848 01849 case RC_type_inherit_process: 01850 /* get rc_type from process */ 01851 i_tid.process = caller_pid; 01852 if ((err=rsbac_get_attr(RC, T_PROCESS, 01853 i_tid, 01854 A_rc_type, 01855 &i_attr_val1, 01856 FALSE))) 01857 { 01858 rsbac_ds_get_error("rsbac_adf_set_attr_rc", A_rc_type); 01859 return(-RSBAC_EREADFAILED); 01860 } 01861 /* get it from new target */ 01862 if ((err=rsbac_get_attr(RC, new_target, 01863 new_tid, 01864 A_rc_type_fd, 01865 &i_attr_val2, 01866 FALSE))) 01867 { 01868 rsbac_ds_get_error("rsbac_adf_set_attr_rc", A_rc_type_fd); 01869 return(-RSBAC_EREADFAILED); 01870 } 01871 /* set it for new target, if different */ 01872 if(i_attr_val2.rc_type_fd != i_attr_val1.rc_type_fd) 01873 if ((err=rsbac_set_attr(RC, new_target, 01874 new_tid, 01875 A_rc_type_fd, 01876 i_attr_val1))) 01877 { 01878 rsbac_ds_set_error("rsbac_adf_set_attr_rc", A_rc_type_fd); 01879 return(-RSBAC_EWRITEFAILED); 01880 } 01881 break; 01882 01883 case RC_type_inherit_parent: 01884 default: 01885 /* get type from new target */ 01886 if ((err=rsbac_get_attr(RC, new_target, 01887 new_tid, 01888 A_rc_type_fd, 01889 &i_attr_val1, 01890 FALSE))) 01891 { 01892 rsbac_ds_get_error("rsbac_adf_set_attr_rc", A_rc_type_fd); 01893 return(-RSBAC_EREADFAILED); 01894 } 01895 /* set it for new target, if different */ 01896 if(i_attr_val1.rc_type_fd != i_rc_item_val1.type_id) 01897 { 01898 i_attr_val1.rc_type_fd = i_rc_item_val1.type_id; 01899 if ((err=rsbac_set_attr(RC, new_target, 01900 new_tid, 01901 A_rc_type_fd, 01902 i_attr_val1))) 01903 { 01904 rsbac_ds_set_error("rsbac_adf_set_attr_rc", A_rc_type_fd); 01905 return(-RSBAC_EWRITEFAILED); 01906 } 01907 } 01908 } 01909 return(0); 01910 01911 case T_IPC: 01912 /* get rc_role from process */ 01913 i_tid.process = caller_pid; 01914 if ((err=rsbac_get_attr(RC, T_PROCESS, 01915 i_tid, 01916 A_rc_role, 01917 &i_attr_val1, 01918 FALSE))) 01919 { 01920 rsbac_ds_get_error("rsbac_adf_set_attr_rc", A_rc_role); 01921 return(-RSBAC_EREADFAILED); 01922 } 01923 /* get def_ipc_create_type of role */ 01924 i_rc_tid.role = i_attr_val1.rc_role; 01925 if ((err=rsbac_rc_get_item(RT_ROLE, 01926 i_rc_tid, 01927 i_rc_tid, 01928 RI_def_ipc_create_type, 01929 &i_rc_item_val1, 01930 NULL))) 01931 { 01932 rsbac_rc_ds_get_error("rsbac_adf_set_attr_rc()", 01933 RI_def_ipc_create_type); 01934 return(-RSBAC_EREADFAILED); 01935 } 01936 switch(i_rc_item_val1.type_id) 01937 { 01938 case RC_type_no_create: 01939 return(-RSBAC_EDECISIONMISMATCH); 01940 break; 01941 01942 case RC_type_use_new_role_def_create: 01943 /* error - complain and return error */ 01944 #ifdef CONFIG_RSBAC_RMSG 01945 rsbac_printk(KERN_WARNING 01946 "rsbac_adf_set_attr_rc(): invalid type use_new_role_def_create in def_ipc_create_type of role %i!\n", 01947 i_attr_val1.rc_role); 01948 #endif 01949 #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG 01950 if (!rsbac_nosyslog) 01951 #endif 01952 printk(KERN_WARNING 01953 "rsbac_adf_set_attr_rc(): invalid type use_new_role_def_create in def_ipc_create_type of role %i!\n", 01954 i_attr_val1.rc_role); 01955 return(-RSBAC_EINVALIDVALUE); 01956 01957 case RC_type_inherit_parent: 01958 case RC_type_inherit_process: 01959 /* get rc_type from process */ 01960 i_tid.process = caller_pid; 01961 if ((err=rsbac_get_attr(RC, T_PROCESS, 01962 i_tid, 01963 A_rc_type, 01964 &i_attr_val1, 01965 FALSE))) 01966 { 01967 rsbac_ds_get_error("rsbac_adf_set_attr_rc", A_rc_type); 01968 return(-RSBAC_EREADFAILED); 01969 } 01970 /* get type from target */ 01971 if ((err=rsbac_get_attr(RC, 01972 target, 01973 tid, 01974 A_rc_type, 01975 &i_attr_val2, 01976 FALSE))) 01977 { 01978 rsbac_ds_get_error("rsbac_adf_set_attr_rc", A_rc_type); 01979 return(-RSBAC_EREADFAILED); 01980 } 01981 /* set it for new target, if different */ 01982 if(i_attr_val1.rc_type != i_attr_val2.rc_type) 01983 { 01984 if ((err=rsbac_set_attr(RC, target, 01985 tid, 01986 A_rc_type, 01987 i_attr_val1))) 01988 { 01989 rsbac_ds_set_error("rsbac_adf_set_attr_rc", A_rc_type); 01990 return(-RSBAC_EWRITEFAILED); 01991 } 01992 } 01993 break; 01994 01995 default: 01996 /* set rc_type for ipc target */ 01997 i_attr_val1.rc_type = i_rc_item_val1.type_id; 01998 /* get type from target */ 01999 if ((err=rsbac_get_attr(RC, 02000 target, 02001 tid, 02002 A_rc_type, 02003 &i_attr_val2, 02004 FALSE))) 02005 { 02006 rsbac_ds_get_error("rsbac_adf_set_attr_rc", A_rc_type); 02007 return(-RSBAC_EREADFAILED); 02008 } 02009 /* set it for new target, if different */ 02010 if(i_attr_val1.rc_type != i_attr_val2.rc_type) 02011 { 02012 if ((err=rsbac_set_attr(RC, target, 02013 tid, 02014 A_rc_type, 02015 i_attr_val1))) 02016 { 02017 rsbac_ds_set_error("rsbac_adf_set_attr_rc", A_rc_type); 02018 return(-RSBAC_EWRITEFAILED); 02019 } 02020 } 02021 } 02022 return(0); 02023 02024 /* all other cases are unknown */ 02025 default: 02026 return(0); 02027 } 02028 02029 case R_EXECUTE: 02030 switch(target) 02031 { 02032 /* Creating dir or (pseudo) file IN target dir! */ 02033 case T_FILE: 02034 /* Reset type. First get role of process. */ 02035 i_tid.process = caller_pid; 02036 if ((err=rsbac_get_attr(RC, T_PROCESS, 02037 i_tid, 02038 A_rc_role, 02039 &i_attr_val1, 02040 FALSE))) 02041 { 02042 rsbac_ds_get_error("rsbac_adf_set_attr_rc", A_rc_role); 02043 return(-RSBAC_EREADFAILED); 02044 } 02045 /* get def_process_execute_type of role */ 02046 i_rc_tid.role = i_attr_val1.rc_role; 02047 if ((err=rsbac_rc_get_item(RT_ROLE, 02048 i_rc_tid, 02049 i_rc_tid, 02050 RI_def_process_execute_type, 02051 &i_rc_item_val1, 02052 NULL))) 02053 { 02054 rsbac_rc_ds_get_error("rsbac_adf_set_attr_rc()", 02055 RI_def_process_execute_type); 02056 return(-RSBAC_EREADFAILED); 02057 } 02058 switch(i_rc_item_val1.type_id) 02059 { 02060 case RC_type_no_create: 02061 case RC_type_use_new_role_def_create: 02062 /* Cannot reset, because of unusable default -> warn and keep */ 02063 #ifdef CONFIG_RSBAC_RMSG 02064 rsbac_printk(KERN_WARNING 02065 "rsbac_adf_set_attr_rc(): invalid type in def_process_execute_type of role %i!\n", 02066 i_attr_val1.rc_role); 02067 #endif 02068 #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG 02069 if (!rsbac_nosyslog) 02070 #endif 02071 printk(KERN_WARNING 02072 "rsbac_adf_set_attr_rc(): invalid type in def_process_execute_type of role %i!\n", 02073 i_attr_val1.rc_role); 02074 return(-RSBAC_EINVALIDVALUE); 02075 case RC_type_inherit_parent: 02076 case RC_type_inherit_process: 02077 break; 02078 case RC_type_no_execute: 02079 return(-RSBAC_EDECISIONMISMATCH); 02080 default: 02081 /* set rc_type for process */ 02082 i_attr_val1.rc_type = i_rc_item_val1.type_id; 02083 if ((err=rsbac_set_attr(RC, T_PROCESS, 02084 i_tid, 02085 A_rc_type, 02086 i_attr_val1))) 02087 { 02088 rsbac_ds_set_error("rsbac_adf_set_attr_rc", A_rc_type); 02089 return(-RSBAC_EWRITEFAILED); 02090 } 02091 } 02092 02093 /* get rc_force_role from target file */ 02094 if ((err=rsbac_get_attr(RC, T_FILE, 02095 tid, 02096 A_rc_force_role, 02097 &i_attr_val1, 02098 TRUE))) 02099 { 02100 rsbac_ds_get_error("rsbac_adf_set_attr_rc", A_rc_force_role); 02101 return(-RSBAC_EREADFAILED); 02102 } 02103 /* check rc_force_role, warn, if unusable */ 02104 if( (i_attr_val1.rc_force_role > RC_role_max_value) 02105 && (i_attr_val1.rc_force_role < RC_role_min_special) 02106 ) 02107 { 02108 #ifdef CONFIG_RSBAC_RMSG 02109 rsbac_printk(KERN_WARNING 02110 "rsbac_adf_set_attr_rc(): rc_force_role %u of file %u on device %02u:%02u is higher than MAX_ROLE %u, setting forced role of process %u to default value %u!\n", 02111 i_attr_val1.rc_force_role, tid.file.inode, 02112 MAJOR(tid.file.device), MINOR(tid.file.device), 02113 RC_role_max_value, caller_pid, RC_default_root_dir_force_role); 02114 #endif 02115 #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG 02116 if (!rsbac_nosyslog) 02117 #endif 02118 printk(KERN_WARNING 02119 "rsbac_adf_set_attr_rc(): rc_force_role %u of file %u on device %02u:%02u is higher than MAX_ROLE %u, setting forced role of process %u to default value %u!\n", 02120 i_attr_val1.rc_force_role, tid.file.inode, 02121 MAJOR(tid.file.device), MINOR(tid.file.device), 02122 RC_role_max_value, caller_pid, RC_default_root_dir_force_role); 02123 i_attr_val1.rc_force_role = RC_default_root_dir_force_role; 02124 } 02125 /* set rc_force_role for this process to keep track of it later */ 02126 i_tid.process = caller_pid; 02127 if ((err=rsbac_set_attr(RC, T_PROCESS, 02128 i_tid, 02129 A_rc_force_role, 02130 i_attr_val1))) 02131 { 02132 rsbac_ds_set_error("rsbac_adf_set_attr_rc", A_rc_force_role); 02133 return(-RSBAC_EWRITEFAILED); 02134 } 02135 /* get rc_initial_role from target file */ 02136 if ((err=rsbac_get_attr(RC, T_FILE, 02137 tid, 02138 A_rc_initial_role, 02139 &i_attr_val2, 02140 TRUE))) 02141 { 02142 rsbac_ds_get_error("rsbac_adf_set_attr_rc", A_rc_initial_role); 02143 return(-RSBAC_EREADFAILED); 02144 } 02145 /* check rc_initial_role, warn, if unusable */ 02146 if( (i_attr_val2.rc_initial_role > RC_role_max_value) 02147 && (i_attr_val2.rc_initial_role != RC_role_use_force_role) 02148 ) 02149 { 02150 #ifdef CONFIG_RSBAC_RMSG 02151 rsbac_printk(KERN_WARNING 02152 "rsbac_adf_set_attr_rc(): rc_initial_role %u of file %u on device %02u:%02u is higher than MAX_ROLE %u, setting initial role of process %u to default value %u!\n", 02153 i_attr_val2.rc_initial_role, tid.file.inode, 02154 MAJOR(tid.file.device), MINOR(tid.file.device), 02155 RC_role_max_value, caller_pid, RC_default_root_dir_initial_role); 02156 #endif 02157 #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG 02158 if (!rsbac_nosyslog) 02159 #endif 02160 printk(KERN_WARNING 02161 "rsbac_adf_set_attr_rc(): rc_initial_role %u of file %u on device %02u:%02u is higher than MAX_ROLE %u, setting initial role of process %u to default value %u!\n", 02162 i_attr_val2.rc_initial_role, tid.file.inode, 02163 MAJOR(tid.file.device), MINOR(tid.file.device), 02164 RC_role_max_value, caller_pid, RC_default_root_dir_initial_role); 02165 i_attr_val2.rc_initial_role = RC_default_root_dir_initial_role; 02166 } 02167 if(i_attr_val2.rc_initial_role == RC_role_use_force_role) 02168 { 02169 switch(i_attr_val1.rc_force_role) 02170 { 02171 case RC_role_inherit_user: 02172 /* get rc_def_role from process owner */ 02173 i_tid.user = owner; 02174 if ((err=rsbac_get_attr(RC, T_USER, 02175 i_tid, 02176 A_rc_def_role, 02177 &i_attr_val1, 02178 TRUE))) 02179 { 02180 rsbac_ds_get_error("rsbac_adf_set_attr_rc", A_rc_def_role); 02181 return(-RSBAC_EREADFAILED); 02182 } 02183 /* set it for this process */ 02184 i_tid.process = caller_pid; 02185 if ((err=rsbac_set_attr(RC, T_PROCESS, 02186 i_tid, 02187 A_rc_role, 02188 i_attr_val1))) 02189 { 02190 rsbac_ds_set_error("rsbac_adf_set_attr_rc", A_rc_role); 02191 return(-RSBAC_EWRITEFAILED); 02192 } 02193 break; 02194 02195 case RC_role_inherit_process: 02196 case RC_role_inherit_parent: 02197 case RC_role_inherit_up_mixed: 02198 /* keep current role */ 02199 break; 02200 02201 default: 02202 /* set forced role for this process */ 02203 i_tid.process = caller_pid; 02204 if ((err=rsbac_set_attr(RC, T_PROCESS, 02205 i_tid, 02206 A_rc_role, 02207 i_attr_val1))) 02208 { 02209 rsbac_ds_set_error("rsbac_adf_set_attr_rc", A_rc_role); 02210 return(-RSBAC_EWRITEFAILED); 02211 } 02212 } 02213 } 02214 else /* use initial_role */ 02215 { 02216 /* set initial role for this process */ 02217 i_tid.process = caller_pid; 02218 if ((err=rsbac_set_attr(RC, T_PROCESS, 02219 i_tid, 02220 A_rc_role, 02221 i_attr_val2))) 02222 { 02223 rsbac_ds_set_error("rsbac_adf_set_attr_rc", A_rc_role); 02224 return(-RSBAC_EWRITEFAILED); 02225 } 02226 } 02227 /* type and role are set - ready. */ 02228 return(0); 02229 02230 /* all other cases are unknown */ 02231 default: 02232 return(0); 02233 } 02234 02235 02236 /*********************/ 02237 default: return(0); 02238 } 02239 02240 return(0); 02241 }; /* end of rsbac_adf_set_attr_rc() */ 02242 02243 /******************************************/ 02244 #ifdef CONFIG_RSBAC_SECDEL 02245 boolean rsbac_need_overwrite_rc(struct dentry * dentry_p) 02246 { 02247 int err = 0; 02248 union rsbac_target_id_t i_tid; 02249 union rsbac_attribute_value_t i_attr_val1; 02250 union rsbac_rc_target_id_t i_rc_tid; 02251 union rsbac_rc_item_value_t i_rc_item_val1; 02252 02253 if( !dentry_p 02254 || !dentry_p->d_inode) 02255 return FALSE; 02256 02257 i_tid.file.device = dentry_p->d_sb->s_dev; 02258 i_tid.file.inode = dentry_p->d_inode->i_ino; 02259 i_tid.file.dentry_p = dentry_p; 02260 /* get target's rc_type_fd */ 02261 if (rsbac_get_attr(RC, T_FILE, 02262 i_tid, 02263 A_rc_type_fd, 02264 &i_attr_val1, 02265 TRUE)) 02266 { 02267 rsbac_ds_get_error("rsbac_need_overwrite_rc", A_rc_type_fd); 02268 return FALSE; 02269 } 02270 /* get type_fd_need_secdel of target's rc_type_fd */ 02271 i_rc_tid.role = i_attr_val1.rc_role; 02272 if ((err=rsbac_rc_get_item(RT_TYPE, 02273 i_rc_tid, 02274 i_rc_tid, 02275 RI_type_fd_need_secdel, 02276 &i_rc_item_val1, 02277 NULL))) 02278 { 02279 rsbac_rc_ds_get_error("rsbac_need_overwrite_rc()", 02280 RI_type_fd_need_secdel); 02281 return(FALSE); 02282 } 02283 02284 /* return need_overwrite */ 02285 return(i_rc_item_val1.need_secdel); 02286 } 02287 #endif 02288 02289 /* end of rsbac/adf/rc/main.c */

Generated on Tue Aug 31 10:05:24 2004 for RSBAC by doxygen 1.3.8