/daten/src/linux-2.4.27-rsbac-v1.2.3/rsbac/adf/res/res_main.c

Go to the documentation of this file.
00001 /**************************************************** */ 00002 /* Rule Set Based Access Control */ 00003 /* Implementation of the Access Control Decision */ 00004 /* Facility (ADF) - System Resources (RES) */ 00005 /* File: rsbac/adf/res/main.c */ 00006 /* */ 00007 /* Author and (c) 2002-2004: Amon Ott <ao@rsbac.org> */ 00008 /* */ 00009 /* Last modified: 11/Mar/2004 */ 00010 /**************************************************** */ 00011 00012 #include <linux/string.h> 00013 #include <rsbac/types.h> 00014 #include <rsbac/aci.h> 00015 #include <rsbac/adf_main.h> 00016 #include <rsbac/error.h> 00017 #include <rsbac/helpers.h> 00018 #include <rsbac/getname.h> 00019 #include <rsbac/debug.h> 00020 00021 /************************************************* */ 00022 /* Global Variables */ 00023 /************************************************* */ 00024 00025 /************************************************* */ 00026 /* Internal Help functions */ 00027 /************************************************* */ 00028 00029 /************************************************* */ 00030 /* Externally visible functions */ 00031 /************************************************* */ 00032 00033 enum rsbac_adf_req_ret_t 00034 rsbac_adf_request_res (enum rsbac_adf_request_t request, 00035 rsbac_pid_t caller_pid, 00036 enum rsbac_target_t target, 00037 union rsbac_target_id_t tid, 00038 enum rsbac_attribute_t attr, 00039 union rsbac_attribute_value_t attr_val, 00040 rsbac_uid_t owner) 00041 { 00042 union rsbac_target_id_t i_tid; 00043 union rsbac_attribute_value_t i_attr_val1; 00044 00045 switch (request) 00046 { 00047 case R_MODIFY_ATTRIBUTE: 00048 switch(attr) 00049 { 00050 case A_system_role: 00051 case A_res_role: 00052 case A_res_min: 00053 case A_res_max: 00054 #ifdef CONFIG_RSBAC_RES_AUTH_PROT 00055 case A_auth_may_setuid: 00056 case A_auth_may_set_cap: 00057 case A_auth_start_uid: 00058 case A_auth_program_file: 00059 case A_auth_learn: 00060 case A_auth_add_f_cap: 00061 case A_auth_remove_f_cap: 00062 #endif 00063 /* All attributes (remove target!) */ 00064 case A_none: 00065 /* Security Officer? */ 00066 i_tid.user = owner; 00067 if (rsbac_get_attr(RES, 00068 T_USER, 00069 i_tid, 00070 A_res_role, 00071 &i_attr_val1, 00072 TRUE)) 00073 { 00074 rsbac_ds_get_error("rsbac_adf_request_res()", A_res_role); 00075 return(NOT_GRANTED); 00076 } 00077 /* if sec_officer, then grant */ 00078 if (i_attr_val1.system_role == SR_security_officer) 00079 return(GRANTED); 00080 else 00081 return(NOT_GRANTED); 00082 00083 default: 00084 return(DO_NOT_CARE); 00085 } 00086 00087 case R_READ_ATTRIBUTE: 00088 switch(attr) 00089 { 00090 case A_system_role: 00091 case A_res_role: 00092 case A_res_min: 00093 case A_res_max: 00094 /* All attributes (remove target!) */ 00095 case A_none: 00096 /* Security Officer or Admin? */ 00097 i_tid.user = owner; 00098 if (rsbac_get_attr(RES, 00099 T_USER, 00100 i_tid, 00101 A_res_role, 00102 &i_attr_val1, 00103 TRUE)) 00104 { 00105 rsbac_ds_get_error("rsbac_adf_request_res()", A_res_role); 00106 return(NOT_GRANTED); 00107 } 00108 /* if sec_officer, then grant */ 00109 if( (i_attr_val1.system_role == SR_security_officer) 00110 || (i_attr_val1.system_role == SR_administrator) 00111 ) 00112 return(GRANTED); 00113 else 00114 return(NOT_GRANTED); 00115 00116 default: 00117 return(DO_NOT_CARE); 00118 } 00119 00120 case R_SWITCH_LOG: 00121 switch(target) 00122 { 00123 case T_NONE: 00124 /* test owner's res_role */ 00125 i_tid.user = owner; 00126 if (rsbac_get_attr(RES, 00127 T_USER, 00128 i_tid, 00129 A_res_role, 00130 &i_attr_val1, 00131 TRUE)) 00132 { 00133 rsbac_ds_get_error("rsbac_adf_request_res()", A_res_role); 00134 return(NOT_GRANTED); 00135 } 00136 /* security officer? -> grant */ 00137 if (i_attr_val1.system_role == SR_security_officer) 00138 return(GRANTED); 00139 else 00140 return(NOT_GRANTED); 00141 00142 /* all other cases are unknown */ 00143 default: return(DO_NOT_CARE); 00144 } 00145 00146 case R_SWITCH_MODULE: 00147 switch(target) 00148 { 00149 case T_NONE: 00150 /* we need the switch_target */ 00151 if(attr != A_switch_target) 00152 return(UNDEFINED); 00153 /* do not care for other modules */ 00154 if( (attr_val.switch_target != RES) 00155 #ifdef CONFIG_RSBAC_RES_AUTH_PROT 00156 && (attr_val.switch_target != AUTH) 00157 #endif 00158 #ifdef CONFIG_RSBAC_SOFTMODE 00159 && (attr_val.switch_target != SOFTMODE) 00160 #endif 00161 ) 00162 return(DO_NOT_CARE); 00163 /* test owner's res_role */ 00164 i_tid.user = owner; 00165 if (rsbac_get_attr(RES, 00166 T_USER, 00167 i_tid, 00168 A_res_role, 00169 &i_attr_val1, 00170 TRUE)) 00171 { 00172 rsbac_ds_get_error("rsbac_adf_request_res()", A_res_role); 00173 return(NOT_GRANTED); 00174 } 00175 /* security officer? -> grant */ 00176 if (i_attr_val1.system_role == SR_security_officer) 00177 return(GRANTED); 00178 else 00179 return(NOT_GRANTED); 00180 00181 /* all other cases are unknown */ 00182 default: return(DO_NOT_CARE); 00183 } 00184 00185 00186 /*********************/ 00187 default: return DO_NOT_CARE; 00188 } 00189 00190 return(DO_NOT_CARE); 00191 }; /* end of rsbac_adf_request_res() */ 00192 00193 00194 /*****************************************************************************/ 00195 /* If the request returned granted and the operation is performed, */ 00196 /* the following function can be called by the AEF to get all aci set */ 00197 /* correctly. For write accesses that are performed fully within the kernel, */ 00198 /* this is usually not done to prevent extra calls, including R_CLOSE for */ 00199 /* cleaning up. */ 00200 /* The second instance of target specification is the new target, if one has */ 00201 /* been created, otherwise its values are ignored. */ 00202 /* On success, 0 is returned, and an error from rsbac/error.h otherwise. */ 00203 00204 int rsbac_adf_set_attr_res( 00205 enum rsbac_adf_request_t request, 00206 rsbac_pid_t caller_pid, 00207 enum rsbac_target_t target, 00208 union rsbac_target_id_t tid, 00209 enum rsbac_target_t new_target, 00210 union rsbac_target_id_t new_tid, 00211 enum rsbac_attribute_t attr, 00212 union rsbac_attribute_value_t attr_val, 00213 rsbac_uid_t owner) 00214 { 00215 union rsbac_target_id_t i_tid; 00216 union rsbac_attribute_value_t i_attr_val1; 00217 00218 switch (request) 00219 { 00220 case R_CHANGE_OWNER: 00221 switch(target) 00222 { 00223 case T_PROCESS: 00224 if(attr != A_owner) 00225 return(-RSBAC_EINVALIDATTR); 00226 /* Adjust Linux resources */ 00227 i_tid.user = attr_val.owner; 00228 #ifdef CONFIG_RSBAC_SOFTMODE 00229 if(!rsbac_softmode) 00230 #endif 00231 { 00232 int maxval = rsbac_min(RLIM_NLIMITS - 1, RSBAC_RES_MAX); 00233 int i; 00234 00235 if (rsbac_get_attr(RES, 00236 T_USER, 00237 i_tid, 00238 A_res_max, 00239 &i_attr_val1, 00240 FALSE)) 00241 { 00242 rsbac_ds_get_error("rsbac_adf_set_attr_res()", A_res_max); 00243 return -RSBAC_EREADFAILED; 00244 } 00245 for(i = 0; i <= maxval ; i++) 00246 { 00247 if(i_attr_val1.res_array[i]) 00248 { 00249 if(current->rlim[i].rlim_max > i_attr_val1.res_array[i]) 00250 current->rlim[i].rlim_max = i_attr_val1.res_array[i]; 00251 if(current->rlim[i].rlim_cur > i_attr_val1.res_array[i]) 00252 current->rlim[i].rlim_cur = i_attr_val1.res_array[i]; 00253 } 00254 } 00255 if (rsbac_get_attr(RES, 00256 T_USER, 00257 i_tid, 00258 A_res_min, 00259 &i_attr_val1, 00260 FALSE)) 00261 { 00262 rsbac_ds_get_error("rsbac_adf_set_attr_res()", A_res_min); 00263 return -RSBAC_EREADFAILED; 00264 } 00265 if(i_attr_val1.res_array[RLIMIT_NOFILE] > NR_OPEN) 00266 i_attr_val1.res_array[RLIMIT_NOFILE] = NR_OPEN; 00267 for(i = 0; i <= maxval ; i++) 00268 { 00269 if(i_attr_val1.res_array[i]) 00270 { 00271 if(current->rlim[i].rlim_max < i_attr_val1.res_array[i]) 00272 current->rlim[i].rlim_max = i_attr_val1.res_array[i]; 00273 if(current->rlim[i].rlim_cur < i_attr_val1.res_array[i]) 00274 current->rlim[i].rlim_cur = i_attr_val1.res_array[i]; 00275 } 00276 } 00277 } 00278 return 0; 00279 00280 /* all other cases are unknown */ 00281 default: 00282 return(0); 00283 } 00284 break; 00285 00286 case R_EXECUTE: 00287 switch(target) 00288 { 00289 case T_FILE: 00290 #ifdef CONFIG_RSBAC_SOFTMODE 00291 if(!rsbac_softmode) 00292 #endif 00293 { 00294 int maxval = rsbac_min(RLIM_NLIMITS - 1, RSBAC_RES_MAX); 00295 int i; 00296 00297 if (rsbac_get_attr(RES, 00298 target, 00299 tid, 00300 A_res_max, 00301 &i_attr_val1, 00302 FALSE)) 00303 { 00304 rsbac_ds_get_error("rsbac_adf_set_attr_res()", A_res_max); 00305 return -RSBAC_EREADFAILED; 00306 } 00307 for(i = 0; i <= maxval ; i++) 00308 { 00309 if(i_attr_val1.res_array[i]) 00310 { 00311 if(current->rlim[i].rlim_max > i_attr_val1.res_array[i]) 00312 current->rlim[i].rlim_max = i_attr_val1.res_array[i]; 00313 if(current->rlim[i].rlim_cur > i_attr_val1.res_array[i]) 00314 current->rlim[i].rlim_cur = i_attr_val1.res_array[i]; 00315 } 00316 } 00317 if (rsbac_get_attr(RES, 00318 target, 00319 tid, 00320 A_res_min, 00321 &i_attr_val1, 00322 FALSE)) 00323 { 00324 rsbac_ds_get_error("rsbac_adf_set_attr_res()", A_res_min); 00325 return -RSBAC_EREADFAILED; 00326 } 00327 for(i = 0; i <= maxval ; i++) 00328 { 00329 if(i_attr_val1.res_array[i]) 00330 { 00331 if(current->rlim[i].rlim_max < i_attr_val1.res_array[i]) 00332 current->rlim[i].rlim_max = i_attr_val1.res_array[i]; 00333 if(current->rlim[i].rlim_cur < i_attr_val1.res_array[i]) 00334 current->rlim[i].rlim_cur = i_attr_val1.res_array[i]; 00335 } 00336 } 00337 } 00338 return 0; 00339 00340 /* all other cases are unknown */ 00341 default: 00342 return(0); 00343 } 00344 break; 00345 00346 /*********************/ 00347 default: return(0); 00348 } 00349 00350 return(0); 00351 }; /* end of rsbac_adf_set_attr_res() */ 00352 00353 /* end of rsbac/adf/res/main.c */

Generated on Tue Aug 31 10:05:24 2004 for RSBAC by doxygen 1.3.8